opencode-swarm 7.74.3 → 7.76.0

package/dist/hooks/auto-review.d.ts

@@ -0,0 +1,82 @@
+/**
+ * Auto-review hook (auto-review machinery, piece B) — opt-in.
+ *
+ * When `auto_review.enabled` is true, completing a task
+ * (`update_task_status` → status 'completed') and/or a phase
+ * (`phase_complete`) automatically dispatches the registered reviewer agent
+ * over a fresh ephemeral session to review the current execution diff —
+ * the same "second model reviews the work in a clean context" pattern used
+ * by Claude Code's auto-review and Codex's review model. The reviewer agent
+ * carries its own configured model (`agents.reviewer.model`), so the review
+ * model is independently configurable from the coder/architect models.
+ *
+ * The pass is ADVISORY and fully fail-open:
+ *   - fire-and-forget from `tool.execute.after` (never blocks the tool)
+ *   - verdicts are persisted as durable review receipts
+ *     (`.swarm/review-receipts/`, scope-fingerprinted over the diff) and an
+ *     `auto_review` event is appended to `.swarm/events.jsonl`
+ *   - a REJECTED or unparseable verdict injects a `[AUTO-REVIEW]` advisory
+ *     into the architect's next prompt; APPROVED stays silent
+ *
+ * Bounds (AGENTS.md invariants 3 and 8): the diff subprocess uses execFile
+ * with cwd/timeout/maxBuffer and ignored stdin; dispatches are guarded by a
+ * per-session in-flight set plus a 60s cooldown in a bounded FIFO map.
+ */
+import { type AutoReviewConfig } from '../config/schema.js';
+/** Test-only: clear module-level dispatch tracking. */
+export declare function resetAutoReviewTracking(): void;
+export type ExecutionDiffResult = {
+    status: 'ok';
+    diff: string;
+} | {
+    status: 'clean';
+} | {
+    status: 'error';
+    reason: string;
+};
+/**
+ * Collect the execution diff for review: `git diff HEAD` (tracked changes)
+ * plus a porcelain summary of untracked files. Distinguishes a clean working
+ * tree from collection failures (git missing, timeout, diff exceeding the
+ * 2× maxBuffer cap) so events report honestly. Output is truncated to
+ * `maxBytes`.
+ */
+declare function computeExecutionDiff(directory: string, maxBytes: number): Promise<ExecutionDiffResult>;
+declare function dispatchReviewer(directory: string, prompt: string, agentName: string, timeoutMs: number): Promise<string>;
+export interface AutoReviewRunInput {
+    directory: string;
+    sessionID: string;
+    trigger: 'task_completion' | 'phase_boundary';
+    taskId?: string;
+    phase?: number;
+    config: Required<Pick<AutoReviewConfig, 'timeout_ms' | 'max_diff_kb'>>;
+    injectAdvisory: (sessionId: string, message: string) => void;
+}
+/**
+ * Execute one auto-review pass: collect diff → dispatch reviewer over an
+ * ephemeral session → persist receipt + event → advisory on REJECTED or
+ * unparseable output. Fully fail-open; never throws.
+ */
+export declare function runAutoReview(input: AutoReviewRunInput): Promise<void>;
+export interface AutoReviewHookOptions {
+    config: AutoReviewConfig;
+    directory: string;
+    injectAdvisory: (sessionId: string, message: string) => void;
+}
+export declare function createAutoReviewHook(options: AutoReviewHookOptions): {
+    toolAfter: (input: {
+        tool: string;
+        sessionID: string;
+        callID?: string;
+    }, output: {
+        args?: unknown;
+        output?: unknown;
+    }) => Promise<void>;
+};
+export declare const _internals: {
+    computeExecutionDiff: typeof computeExecutionDiff;
+    dispatchReviewer: typeof dispatchReviewer;
+    runAutoReview: typeof runAutoReview;
+    now: () => number;
+};
+export {};

package/dist/hooks/repo-graph-injection.d.ts

@@ -15,7 +15,7 @@
  * avoid re-reading the JSON on every system prompt construction. The
  * cache is bypassed if the file's mtime advances.
  */
-import { type RepoGraph } from '../graph';
+import { type RepoGraph } from '../tools/repo-graph';
 /**
  * Load the repo graph for `directory`, using a per-directory cache that
  * invalidates on file mtime change. Returns null if no graph exists.

package/dist/hooks/review-receipt-collector.d.ts

@@ -0,0 +1,58 @@
+/**
+ * Reviewer receipt collector (auto-review machinery, piece A).
+ *
+ * Parses the mandated reviewer OUTPUT FORMAT (`VERDICT:` / `RISK:` /
+ * `ISSUES:` / `FIXES:`) from a returning reviewer Task delegation and
+ * persists it as a durable review receipt under `.swarm/review-receipts/`
+ * via the existing receipt store (scope-fingerprinted over the delegation
+ * prompt, which defines the reviewed scope).
+ *
+ * Before this collector, reviewer verdicts existed only as free text inside
+ * the architect's context — re-reviews and drift verification had no durable
+ * machine-readable record of what the reviewer decided. Knowledge-directive
+ * lines (`DIRECTIVE_COMPLIANCE`) are handled separately by
+ * `reviewer-verdict-parser.ts`; this module covers the main verdict block.
+ *
+ * Fail-open: parsing or persistence failures never block tool execution.
+ */
+export type ParsedReviewSeverity = 'critical' | 'high' | 'medium';
+export interface ParsedReviewIssue {
+    /** Raw issue line (trimmed, bullet stripped) */
+    text: string;
+    /** Severity inferred from a CRITICAL/HIGH/MEDIUM/LOW/INFO tag, default medium */
+    severity: ParsedReviewSeverity;
+    /** `path:line` reference when one appears in the line */
+    location?: string;
+}
+export interface ParsedReviewerOutput {
+    verdict: 'approved' | 'rejected';
+    /** RISK: LOW | MEDIUM | HIGH | CRITICAL (uppercased), when present */
+    risk?: string;
+    /** Blocking/non-blocking issue lines from the ISSUES section */
+    issues: ParsedReviewIssue[];
+    /** Required-change lines from the FIXES section */
+    fixes: string[];
+}
+/**
+ * Parse the reviewer agent's mandated output block. Returns null when no
+ * unambiguous line-anchored `VERDICT: APPROVED|REJECTED` is present —
+ * including when multiple anchored verdict lines DISAGREE (ambiguous output
+ * fails toward "no machine-readable verdict", never toward approval).
+ */
+export declare function parseReviewerOutput(text: string): ParsedReviewerOutput | null;
+export interface ReviewerReceiptInput {
+    tool: unknown;
+    args?: unknown;
+    sessionID?: unknown;
+}
+export interface ReviewerReceiptOutput {
+    output?: unknown;
+}
+/**
+ * `tool.execute.after` collector. When a reviewer Task returns, parse its
+ * verdict block and persist a durable review receipt. No-op for non-reviewer
+ * delegations, missing prompts/outputs, or unparseable verdicts. Never throws.
+ *
+ * Returns the persisted receipt path (for tests/telemetry) or null.
+ */
+export declare function collectReviewerReceiptAfter(directory: string, input: ReviewerReceiptInput, output: ReviewerReceiptOutput): Promise<string | null>;

package/dist/hooks/review-receipt.d.ts

@@ -20,6 +20,13 @@
  *
  * Critic drift verification can consume prior receipts as supporting context
  * but MUST NOT blindly trust them — staleness check is mandatory.
+ *
+ * Scope-description heterogeneity: receipts in one index may be fingerprinted
+ * over different canonical contents (e.g. 'reviewer-task-prompt' hashes the
+ * delegation prompt; 'auto-review-*-diff' hashes the reviewed diff). A prompt
+ * fingerprint does NOT change when the worktree changes, so consumers MUST
+ * filter by `scope_fingerprint.scope_description` (or compare like-for-like
+ * content) before treating an approved receipt as fresh via isScopeStale().
  */
 export type ReceiptVerdict = 'rejected' | 'approved';
 /** Identity of the reviewer/curator that produced the receipt. */