patchwork-os 0.2.0-alpha.34 → 0.2.0-alpha.36

package/dist/recipes/detectSilentFail.js

@@ -0,0 +1,105 @@
+/**
+ * detectSilentFail — recognize tool-output strings that indicate a tool
+ * silently failed but reported "success" to the runner.
+ *
+ * Background: yamlRunner originally only flagged a step as `error` when
+ * the tool's JSON return had `ok: false`. Tools returning string
+ * placeholders (`(git branches unavailable)`, `[agent step skipped:
+ * ANTHROPIC_API_KEY not set]`) succeeded as far as the runner was
+ * concerned — the failure was silent until a downstream agent
+ * regurgitated "data unavailable" in its output. The post-merge dogfood
+ * (`branch-health` recipe via Playwright) caught two distinct bugs of
+ * this class:
+ *   1. `git.stale_branches` was using an invalid `git branch --since=`
+ *      flag, ALWAYS returning `(git branches unavailable)` (PR #70).
+ *   2. `agentExecutor` returns `[agent step skipped: ANTHROPIC_API_KEY
+ *      not set]` when the API key is absent — the recipe completes
+ *      with `status:ok` and that string written to disk.
+ *
+ * This module gives the runner a way to detect those patterns and flag
+ * the step as `error`. Default-on; recipes can opt out per-step via
+ * `silentFailDetection: false`.
+ */
+/**
+ * Patterns that indicate a tool silently failed.
+ *
+ * The patterns are intentionally narrow — string-typed tool outputs are
+ * a rich surface and we don't want false positives. Each pattern
+ * corresponds to a known antipattern caught in the wild; bare prose is
+ * NOT flagged.
+ */
+const PATTERNS = [
+    // Placeholder strings emitted by `defaultGitLogSince`,
+    // `defaultGitStaleBranches` (pre-PR-70), and similar tools that
+    // catch all errors and return a parens-wrapped "unavailable" string.
+    // Match: anywhere on a single line, parens around a phrase containing
+    // "unavailable" / "not available" / "not configured" / "error" /
+    // "failed" — any of those wrapped in parens at the start of the line
+    // is a strong signal.
+    {
+        regex: /^\s*\(([^()]*?)(unavailable|not available|not configured|no data|error|failed)\)/i,
+        reason: "tool returned a parens-wrapped placeholder",
+    },
+    // Agent-step short-circuit: agentExecutor's own error/skip strings.
+    // Used by `executeAgent` when an API key is missing or the LLM
+    // returns nothing. Not surfaced as JSON, so the runner never saw it.
+    {
+        regex: /^\s*\[agent step (skipped|failed):/i,
+        reason: "agent step skipped or failed (string placeholder)",
+    },
+    // Generic step-skipped marker in case more callers adopt it.
+    {
+        regex: /^\s*\[step (skipped|failed):/i,
+        reason: "step skipped or failed (string placeholder)",
+    },
+];
+/**
+ * Returns a `SilentFailMatch` if `result` looks like a silent-fail
+ * placeholder, else `null`. JSON `{ok:false}` detection stays in the
+ * runner — this module only handles the string + JSON-shape patterns
+ * the runner doesn't already catch.
+ */
+export function detectSilentFail(result) {
+    if (result === null || result === undefined)
+        return null;
+    if (typeof result === "string") {
+        for (const { regex, reason } of PATTERNS) {
+            const m = regex.exec(result);
+            if (m) {
+                // Cap the matched fragment so error messages stay readable.
+                const matched = m[0].slice(0, 120);
+                return { reason, matched };
+            }
+        }
+        // String result that LOOKS like JSON — try parsing and recursing.
+        if (result.startsWith("{") || result.startsWith("[")) {
+            try {
+                return detectSilentFail(JSON.parse(result));
+            }
+            catch {
+                return null;
+            }
+        }
+        return null;
+    }
+    if (typeof result === "object" && !Array.isArray(result)) {
+        const obj = result;
+        // List-tool antipattern: `{count: 0, error: "..."}`. Tools that
+        // catch errors and return an empty list with an `error` field
+        // succeed-with-zero from the runner's view. Specifically targets
+        // `github.listIssues`, `linear.listIssues`, etc. flagged in the
+        // tool audit.
+        if (typeof obj.error === "string" &&
+            obj.error.length > 0 &&
+            (obj.count === 0 ||
+                (Array.isArray(obj.items) && obj.items.length === 0) ||
+                (Array.isArray(obj.results) && obj.results.length === 0))) {
+            return {
+                reason: "list-tool returned empty with error field",
+                matched: obj.error.slice(0, 120),
+            };
+        }
+    }
+    return null;
+}
+//# sourceMappingURL=detectSilentFail.js.map

package/dist/recipes/detectSilentFail.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"detectSilentFail.js","sourceRoot":"","sources":["../../src/recipes/detectSilentFail.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAQH;;;;;;;GAOG;AACH,MAAM,QAAQ,GAA6C;IACzD,uDAAuD;IACvD,gEAAgE;IAChE,qEAAqE;IACrE,sEAAsE;IACtE,iEAAiE;IACjE,qEAAqE;IACrE,sBAAsB;IACtB;QACE,KAAK,EACH,mFAAmF;QACrF,MAAM,EAAE,4CAA4C;KACrD;IACD,oEAAoE;IACpE,+DAA+D;IAC/D,qEAAqE;IACrE;QACE,KAAK,EAAE,qCAAqC;QAC5C,MAAM,EAAE,mDAAmD;KAC5D;IACD,6DAA6D;IAC7D;QACE,KAAK,EAAE,+BAA+B;QACtC,MAAM,EAAE,6CAA6C;KACtD;CACF,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAe;IAC9C,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAEzD,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC/B,KAAK,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;YACzC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC7B,IAAI,CAAC,EAAE,CAAC;gBACN,4DAA4D;gBAC5D,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBACnC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YAC7B,CAAC;QACH,CAAC;QACD,kEAAkE;QAClE,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrD,IAAI,CAAC;gBACH,OAAO,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACzD,MAAM,GAAG,GAAG,MAAiC,CAAC;QAC9C,gEAAgE;QAChE,8DAA8D;QAC9D,iEAAiE;QACjE,gEAAgE;QAChE,cAAc;QACd,IACE,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;YAC7B,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC;YACpB,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC;gBACd,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC;gBACpD,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,EAC3D,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,2CAA2C;gBACnD,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aACjC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/recipes/installer.js

@@ -48,10 +48,10 @@ export function installRecipeFromFile(sourcePath, opts) {
         // file doesn't exist — creating
     }
     writeFile(destPath, JSON.stringify(recipe, null, 2));
-    // Write permissions suggestion alongside for user review.
-    const permsPath = `${destPath}.permissions.json`;
+    // Permissions sidecar (`<name>.permissions.json`) was decorative — never read by toolRegistry.
+    // Removed in alpha.36 per recipe-dogfood-2026-05-01/PLAN-MASTER-V2.md A-PR4.
+    // Canonical permissions location: ~/.claude/settings.json.
     const permissionsJson = JSON.stringify({ permissions: compiled.suggestedPermissions }, null, 2);
-    writeFile(permsPath, permissionsJson);
     return {
         compiled,
         installedPath: destPath,

package/dist/recipes/installer.js.map

@@ -1 +1 @@
-{"version":3,"file":"installer.js","sourceRoot":"","sources":["../../src/recipes/installer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACjE,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAE1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AA4B1C,MAAM,UAAU,qBAAqB,CACnC,UAAkB,EAClB,IAAoB;IAEpB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IACnD,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CACb,8BAA8B,GAAG,IAAI,QAAQ,SAAS,UAAU,mCAAmC,CACpG,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1E,MAAM,SAAS,GACb,EAAE,CAAC,SAAS,IAAI,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAE7E,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IAClC,MAAM,GAAG,GACP,GAAG,KAAK,OAAO;QACb,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAa;QAC/B,CAAC,CAAE,SAAS,CAAC,IAAI,CAAa,CAAC;IACnC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAChC,0EAA0E;IAC1E,qEAAqE;IACrE,uEAAuE;IACvE,uDAAuD;IACvD,yEAAyE;IACzE,qEAAqE;IACrE,0EAA0E;IAC1E,oEAAoE;IACpE,MAAM,aAAa,GACjB,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ;QAChC,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,MAAM;QAC9B,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC;IACpC,MAAM,QAAQ,GAAmB,aAAa;QAC5C,CAAC,CAAC;YACE,OAAO,EAAE;gBACP,GAAG,EAAE,UAAU;gBACf,KAAK,EAAE,EAAE;aAC8B;YACzC,oBAAoB,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;SACvD;QACH,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAE9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,IAAI,OAAO,CAAC,CAAC;IACnE,IAAI,MAAM,GAA2B,SAAS,CAAC;IAC/C,IAAI,CAAC;QACH,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACnB,MAAM,GAAG,UAAU,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IACD,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAErD,0DAA0D;IAC1D,MAAM,SAAS,GAAG,GAAG,QAAQ,mBAAmB,CAAC;IACjD,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CACpC,EAAE,WAAW,EAAE,QAAQ,CAAC,oBAAoB,EAAE,EAC9C,IAAI,EACJ,CAAC,CACF,CAAC;IACF,SAAS,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAEtC,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,QAAQ;QACvB,MAAM;QACN,eAAe;KAChB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"installer.js","sourceRoot":"","sources":["../../src/recipes/installer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACjE,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAE1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AA4B1C,MAAM,UAAU,qBAAqB,CACnC,UAAkB,EAClB,IAAoB;IAEpB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IACnD,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACzD,MAAM,IAAI,KAAK,CACb,8BAA8B,GAAG,IAAI,QAAQ,SAAS,UAAU,mCAAmC,CACpG,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1E,MAAM,SAAS,GACb,EAAE,CAAC,SAAS,IAAI,CAAC,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAE7E,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IAClC,MAAM,GAAG,GACP,GAAG,KAAK,OAAO;QACb,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAa;QAC/B,CAAC,CAAE,SAAS,CAAC,IAAI,CAAa,CAAC;IACnC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAChC,0EAA0E;IAC1E,qEAAqE;IACrE,uEAAuE;IACvE,uDAAuD;IACvD,yEAAyE;IACzE,qEAAqE;IACrE,0EAA0E;IAC1E,oEAAoE;IACpE,MAAM,aAAa,GACjB,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ;QAChC,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,MAAM;QAC9B,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC;IACpC,MAAM,QAAQ,GAAmB,aAAa;QAC5C,CAAC,CAAC;YACE,OAAO,EAAE;gBACP,GAAG,EAAE,UAAU;gBACf,KAAK,EAAE,EAAE;aAC8B;YACzC,oBAAoB,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;SACvD;QACH,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAE9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,IAAI,OAAO,CAAC,CAAC;IACnE,IAAI,MAAM,GAA2B,SAAS,CAAC;IAC/C,IAAI,CAAC;QACH,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACnB,MAAM,GAAG,UAAU,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IACD,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAErD,+FAA+F;IAC/F,6EAA6E;IAC7E,2DAA2D;IAC3D,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CACpC,EAAE,WAAW,EAAE,QAAQ,CAAC,oBAAoB,EAAE,EAC9C,IAAI,EACJ,CAAC,CACF,CAAC;IAEF,OAAO;QACL,QAAQ;QACR,aAAa,EAAE,QAAQ;QACvB,MAAM;QACN,eAAe;KAChB,CAAC;AACJ,CAAC"}

package/dist/recipes/manifest.js

@@ -10,8 +10,23 @@ import path from "node:path";
 const NAME_RE = /^(@[a-z0-9-]+\/)?[a-z0-9][a-z0-9\-_.]*$/;
 const VERSION_RE = /^\d+\.\d+\.\d+/;
 const YAML_EXT_RE = /\.ya?ml$/;
-function isYamlFile(filename) {
-    return typeof filename === "string" && YAML_EXT_RE.test(filename);
+/**
+ * Recipe filenames in the manifest must be plain basenames, not paths.
+ * Rejects "../escape.yaml", "subdir/foo.yaml", "/etc/passwd.yaml", control
+ * characters, and so on — anything that could resolve outside the install
+ * directory when the consumer does `path.join(installDir, recipes.main)`.
+ */
+function isSafeRecipeBasename(filename) {
+    if (typeof filename !== "string" || filename.length === 0)
+        return false;
+    if (filename === "." || filename === "..")
+        return false;
+    if (filename.includes("/") || filename.includes("\\"))
+        return false;
+    // biome-ignore lint/suspicious/noControlCharactersInRegex: explicit control-char check
+    if (/[\x00-\x1F\x7F]/.test(filename))
+        return false;
+    return YAML_EXT_RE.test(filename);
 }
 /**
  * Validate an unknown value as a RecipeManifest.
@@ -45,16 +60,16 @@ export function validateManifest(manifest) {
         throw new Error('recipe.json: "recipes" is required and must be an object');
     }
     const recipes = m.recipes;
-    if (!isYamlFile(recipes.main)) {
-        throw new Error(`recipe.json: "recipes.main" must be a .yaml or .yml filename — got "${recipes.main}"`);
+    if (!isSafeRecipeBasename(recipes.main)) {
+        throw new Error(`recipe.json: "recipes.main" must be a .yaml or .yml basename without path separators or control characters — got "${recipes.main}"`);
     }
     if (recipes.children !== undefined) {
         if (!Array.isArray(recipes.children)) {
             throw new Error('recipe.json: "recipes.children" must be an array');
         }
         for (let i = 0; i < recipes.children.length; i++) {
-            if (!isYamlFile(recipes.children[i])) {
-                throw new Error(`recipe.json: "recipes.children[${i}]" must be a .yaml or .yml filename — got "${recipes.children[i]}"`);
+            if (!isSafeRecipeBasename(recipes.children[i])) {
+                throw new Error(`recipe.json: "recipes.children[${i}]" must be a .yaml or .yml basename without path separators or control characters — got "${recipes.children[i]}"`);
             }
         }
     }

package/dist/recipes/manifest.js.map

@@ -1 +1 @@
-{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../../src/recipes/manifest.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,IAAI,MAAM,WAAW,CAAC;AA0B7B,MAAM,OAAO,GAAG,yCAAyC,CAAC;AAC1D,MAAM,UAAU,GAAG,gBAAgB,CAAC;AACpC,MAAM,WAAW,GAAG,UAAU,CAAC;AAE/B,SAAS,UAAU,CAAC,QAAiB;IACnC,OAAO,OAAO,QAAQ,KAAK,QAAQ,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAiB;IAChD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,CAAC,GAAG,QAAmC,CAAC;IAE9C,OAAO;IACP,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CACb,iFAAiF,CAAC,CAAC,IAAI,GAAG,CAC3F,CAAC;IACJ,CAAC;IAED,UAAU;IACV,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,qEAAqE,CAAC,CAAC,OAAO,GAAG,CAClF,CAAC;IACJ,CAAC;IAED,cAAc;IACd,IAAI,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,UAAU;IACV,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,CAAC,OAAkC,CAAC;IAErD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,uEAAuE,OAAO,CAAC,IAAI,GAAG,CACvF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACjD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CACb,kCAAkC,CAAC,8CAA8C,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CACxG,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,KAAK,MAAM,KAAK,IAAI;QAClB,QAAQ;QACR,SAAS;QACT,UAAU;QACV,YAAY;KACJ,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,oBAAoB,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,KAAK,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,YAAY,CAAU,EAAE,CAAC;QACpD,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,+BAA+B,CAAC,CAAC;YACzE,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAI,CAAC,CAAC,KAAK,CAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACxD,IAAI,OAAQ,CAAC,CAAC,KAAK,CAAe,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACnD,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,IAAI,CAAC,qBAAqB,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,CAAC,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QAC9B,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;YAC5D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAChE,CAAC;QACD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CACrC,CAAC,CAAC,SAAoC,CACvC,EAAE,CAAC;YACF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;gBAC5C,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,gDAAgD,CAC/E,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,GAAG,GAA8B,CAAC;YACzC,IAAI,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,0DAA0D,CACzF,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAChE,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,8BAA8B,CAC7D,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,CAAC,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC7D,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,4BAA4B,CAC3D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAA8B,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,+BAA+B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IACnD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAChD,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAAwB;IAC7D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC;AACvE,CAAC"}
+{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../../src/recipes/manifest.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,IAAI,MAAM,WAAW,CAAC;AA0B7B,MAAM,OAAO,GAAG,yCAAyC,CAAC;AAC1D,MAAM,UAAU,GAAG,gBAAgB,CAAC;AACpC,MAAM,WAAW,GAAG,UAAU,CAAC;AAE/B;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,QAAiB;IAC7C,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACxE,IAAI,QAAQ,KAAK,GAAG,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IACxD,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACpE,uFAAuF;IACvF,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,OAAO,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACpC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAiB;IAChD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,CAAC,GAAG,QAAmC,CAAC;IAE9C,OAAO;IACP,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CACb,iFAAiF,CAAC,CAAC,IAAI,GAAG,CAC3F,CAAC;IACJ,CAAC;IAED,UAAU;IACV,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,qEAAqE,CAAC,CAAC,OAAO,GAAG,CAClF,CAAC;IACJ,CAAC;IAED,cAAc;IACd,IAAI,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,UAAU;IACV,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,CAAC,OAAkC,CAAC;IAErD,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CACb,qHAAqH,OAAO,CAAC,IAAI,GAAG,CACrI,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACjD,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CACb,kCAAkC,CAAC,4FAA4F,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CACtJ,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,KAAK,MAAM,KAAK,IAAI;QAClB,QAAQ;QACR,SAAS;QACT,UAAU;QACV,YAAY;KACJ,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,oBAAoB,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,KAAK,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,YAAY,CAAU,EAAE,CAAC;QACpD,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,+BAA+B,CAAC,CAAC;YACzE,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAI,CAAC,CAAC,KAAK,CAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACxD,IAAI,OAAQ,CAAC,CAAC,KAAK,CAAe,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACnD,MAAM,IAAI,KAAK,CAAC,iBAAiB,KAAK,IAAI,CAAC,qBAAqB,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,CAAC,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QAC9B,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;YAC5D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAChE,CAAC;QACD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CACrC,CAAC,CAAC,SAAoC,CACvC,EAAE,CAAC;YACF,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;gBAC5C,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,gDAAgD,CAC/E,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,GAAG,GAA8B,CAAC;YACzC,IAAI,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,0DAA0D,CACzF,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAChE,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,8BAA8B,CAC7D,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,CAAC,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC7D,MAAM,IAAI,KAAK,CACb,2BAA2B,GAAG,4BAA4B,CAC3D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAA8B,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,+BAA+B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IACnD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAChD,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAAwB;IAC7D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC;AACvE,CAAC"}

package/dist/recipes/migrationWarnings.d.ts

@@ -0,0 +1,12 @@
+export interface PermissionsSidecarWarningResult {
+    count: number;
+    warned: boolean;
+}
+/**
+ * Scans `recipesDir` for legacy permissions sidecar files. Emits a single
+ * `console.warn` if any are found (skipped in test env). Returns the count
+ * for caller observability + tests.
+ */
+export declare function warnAboutLegacyPermissionsSidecars(recipesDir: string, options?: {
+    warn?: (msg: string) => void;
+}): PermissionsSidecarWarningResult;

package/dist/recipes/migrationWarnings.js

@@ -0,0 +1,44 @@
+import { readdirSync } from "node:fs";
+/**
+ * Boot-time scan for legacy `<name>.permissions.json` sidecars left over from
+ * pre-alpha.36 installs. The sidecar files were decorative — never read by
+ * toolRegistry — so they're safe to ignore on disk. Emits a single warning
+ * pointing users at the canonical permission location (~/.claude/settings.json).
+ *
+ * Per recipe-dogfood-2026-05-01/PLAN-MASTER-V2.md A-PR4 §6 (R2 L-2):
+ * - Fires ONCE per boot, not per recipe.
+ * - Skipped under NODE_ENV=test so vitest output stays clean.
+ * - Migration script for users who want to archive:
+ *     find ~/.patchwork/recipes -name '*.permissions.json' \
+ *       -exec mv {} ~/.patchwork/recipes/.permissions-archive/ \;
+ */
+const DOC_URL = "https://github.com/Oolab-labs/patchwork-os/blob/main/docs/dogfood/recipe-dogfood-2026-05-01/PLAN-MASTER-V2.md";
+/**
+ * Scans `recipesDir` for legacy permissions sidecar files. Emits a single
+ * `console.warn` if any are found (skipped in test env). Returns the count
+ * for caller observability + tests.
+ */
+export function warnAboutLegacyPermissionsSidecars(recipesDir, options = {}) {
+    let entries;
+    try {
+        entries = readdirSync(recipesDir);
+    }
+    catch {
+        return { count: 0, warned: false };
+    }
+    const sidecars = entries.filter((f) => f.endsWith(".permissions.json"));
+    const count = sidecars.length;
+    if (count === 0) {
+        return { count: 0, warned: false };
+    }
+    if (process.env.NODE_ENV === "test" && !options.warn) {
+        return { count, warned: false };
+    }
+    const warn = options.warn ?? ((msg) => console.warn(msg));
+    warn(`[patchwork] Found ${count} legacy <name>.permissions.json sidecar file${count === 1 ? "" : "s"} in ${recipesDir}. ` +
+        `These are decorative and no longer generated (alpha.36+). ` +
+        `Configure tool gating in ~/.claude/settings.json. ` +
+        `Migration guide: ${DOC_URL}`);
+    return { count, warned: true };
+}
+//# sourceMappingURL=migrationWarnings.js.map

package/dist/recipes/migrationWarnings.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"migrationWarnings.js","sourceRoot":"","sources":["../../src/recipes/migrationWarnings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC;;;;;;;;;;;;GAYG;AAEH,MAAM,OAAO,GACX,+GAA+G,CAAC;AAOlH;;;;GAIG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAAkB,EAClB,UAA4C,EAAE;IAE9C,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACxE,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;IAE9B,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;QAChB,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACrD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAClC,CAAC;IAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAClE,IAAI,CACF,qBAAqB,KAAK,+CACxB,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GACrB,OAAO,UAAU,IAAI;QACnB,4DAA4D;QAC5D,oDAAoD;QACpD,oBAAoB,OAAO,EAAE,CAChC,CAAC;IACF,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC"}

package/dist/recipes/replayRun.d.ts

@@ -0,0 +1,62 @@
+/**
+ * replayRun — VD-4 mocked replay entrypoint.
+ *
+ * Given an original `RecipeRun` (looked up from `RecipeRunLog`), build a
+ * `mockedOutputs` map from each step's captured `output` (VD-2) and
+ * re-run the recipe through `runChainedRecipe` with all tool/agent
+ * execution short-circuited to those captured values.
+ *
+ * Pure mocked-only: no external network calls, no write side effects.
+ * The new run is logged with `triggerSource: "replay:<originalSeq>"`
+ * so the audit trail is clear.
+ *
+ * Real-mode replay (write tools really fire) is deliberately NOT in
+ * this module. It needs a confirmation UX, a kill-switch interaction,
+ * and possibly a connector-level read/write split. Ship separately
+ * after explicit user approval.
+ */
+import type { ActivityLog } from "../activityLog.js";
+import type { RecipeRun, RecipeRunLog } from "../runLog.js";
+import type { ChainedRecipe, ChainedRunResult } from "./chainedRunner.js";
+import type { RunnerDeps } from "./yamlRunner.js";
+export interface ReplayDeps {
+    /** Long-lived run log so the new run shows up live in the dashboard. */
+    runLog: RecipeRunLog;
+    /** Activity log for live-tail SSE on the new run. Optional. */
+    activityLog?: ActivityLog;
+    /** Workdir + claudeCodeFn etc., reused from the orchestrator. */
+    runnerDeps: RunnerDeps;
+}
+export interface ReplayResult {
+    ok: boolean;
+    /** New run's seq if the replay started successfully. */
+    newSeq?: number;
+    /** Underlying recipe-run result for callers that want full detail. */
+    result?: ChainedRunResult;
+    error?: string;
+    /** Steps that lacked captured outputs and were dropped from the
+     *  mocked map. The replay still runs but those steps fall through to
+     *  REAL execution — callers may want to surface this as a warning. */
+    unmockedSteps?: string[];
+}
+/**
+ * Build the `mockedOutputs` map. Truncated captures (>8 KB envelope from
+ * VD-2's `captureForRunlog`) are excluded — replaying with a `[truncated]`
+ * preview would be misleading. Steps without captures are excluded too.
+ */
+export declare function buildMockedOutputs(originalRun: RecipeRun): {
+    outputs: Map<string, unknown>;
+    unmocked: string[];
+};
+/**
+ * Fire a mocked replay of `originalRun` against `recipe`. The recipe
+ * argument is supplied by the caller (typically loaded fresh from disk
+ * by name) so an EDITED recipe can be replayed against captured
+ * outputs — that's the debugging value of replay.
+ */
+export declare function replayMockedRun(opts: {
+    originalRun: RecipeRun;
+    recipe: ChainedRecipe;
+    sourcePath?: string;
+    deps: ReplayDeps;
+}): Promise<ReplayResult>;

package/dist/recipes/replayRun.js

@@ -0,0 +1,97 @@
+/**
+ * replayRun — VD-4 mocked replay entrypoint.
+ *
+ * Given an original `RecipeRun` (looked up from `RecipeRunLog`), build a
+ * `mockedOutputs` map from each step's captured `output` (VD-2) and
+ * re-run the recipe through `runChainedRecipe` with all tool/agent
+ * execution short-circuited to those captured values.
+ *
+ * Pure mocked-only: no external network calls, no write side effects.
+ * The new run is logged with `triggerSource: "replay:<originalSeq>"`
+ * so the audit trail is clear.
+ *
+ * Real-mode replay (write tools really fire) is deliberately NOT in
+ * this module. It needs a confirmation UX, a kill-switch interaction,
+ * and possibly a connector-level read/write split. Ship separately
+ * after explicit user approval.
+ */
+import { runChainedRecipe } from "./chainedRunner.js";
+import { buildChainedDeps } from "./yamlRunner.js";
+/**
+ * Build the `mockedOutputs` map. Truncated captures (>8 KB envelope from
+ * VD-2's `captureForRunlog`) are excluded — replaying with a `[truncated]`
+ * preview would be misleading. Steps without captures are excluded too.
+ */
+export function buildMockedOutputs(originalRun) {
+    const outputs = new Map();
+    const unmocked = [];
+    for (const step of originalRun.stepResults ?? []) {
+        if (step.status === "skipped")
+            continue;
+        const out = step.output;
+        if (out === undefined) {
+            unmocked.push(step.id);
+            continue;
+        }
+        // Skip the truncation envelope — replaying with a preview slice
+        // would be misleading.
+        if (out !== null &&
+            typeof out === "object" &&
+            out["[truncated]"] === true) {
+            unmocked.push(step.id);
+            continue;
+        }
+        outputs.set(step.id, out);
+    }
+    return { outputs, unmocked };
+}
+/**
+ * Fire a mocked replay of `originalRun` against `recipe`. The recipe
+ * argument is supplied by the caller (typically loaded fresh from disk
+ * by name) so an EDITED recipe can be replayed against captured
+ * outputs — that's the debugging value of replay.
+ */
+export async function replayMockedRun(opts) {
+    const { originalRun, recipe, sourcePath, deps } = opts;
+    const { outputs, unmocked } = buildMockedOutputs(originalRun);
+    const chainedDeps = buildChainedDeps(deps.runnerDeps, deps.runnerDeps.claudeCodeFn ??
+        (async () => {
+            return "";
+        }));
+    const runOptions = {
+        env: { ...process.env },
+        maxConcurrency: recipe.maxConcurrency ?? 4,
+        maxDepth: recipe.maxDepth ?? 3,
+        dryRun: false,
+        ...(sourcePath !== undefined && { sourcePath }),
+        runLog: deps.runLog,
+        ...(deps.activityLog !== undefined && { activityLog: deps.activityLog }),
+        mockedOutputs: outputs,
+        // BUG-4 fix: tag the new run's taskId so it's distinguishable from a
+        // fresh run. Searchable as `taskId LIKE 'replay:<seq>:%'`.
+        taskIdPrefix: `replay:${originalRun.seq}`,
+    };
+    try {
+        const result = await runChainedRecipe(recipe, runOptions, chainedDeps);
+        // The runner's completeRun path will have already written the new
+        // run to the log. Find its seq — most-recent matching recipeName,
+        // started after originalRun.doneAt.
+        const recent = deps.runLog.query({ recipe: recipe.name, limit: 5 });
+        const newRun = recent.find((r) => r.createdAt > originalRun.doneAt);
+        return {
+            ok: result.success,
+            ...(newRun?.seq !== undefined && { newSeq: newRun.seq }),
+            result,
+            ...(result.errorMessage !== undefined && { error: result.errorMessage }),
+            ...(unmocked.length > 0 && { unmockedSteps: unmocked }),
+        };
+    }
+    catch (err) {
+        return {
+            ok: false,
+            error: err instanceof Error ? err.message : String(err),
+            ...(unmocked.length > 0 && { unmockedSteps: unmocked }),
+        };
+    }
+}
+//# sourceMappingURL=replayRun.js.map

package/dist/recipes/replayRun.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"replayRun.js","sourceRoot":"","sources":["../../src/recipes/replayRun.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAUH,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAwBnD;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,WAAsB;IAIvD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC3C,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,WAAW,CAAC,WAAW,IAAI,EAAE,EAAE,CAAC;QACjD,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;YAAE,SAAS;QACxC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QACxB,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QACD,gEAAgE;QAChE,uBAAuB;QACvB,IACE,GAAG,KAAK,IAAI;YACZ,OAAO,GAAG,KAAK,QAAQ;YACtB,GAA+B,CAAC,aAAa,CAAC,KAAK,IAAI,EACxD,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IAC5B,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAKrC;IACC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;IACvD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;IAE9D,MAAM,WAAW,GAAkB,gBAAgB,CACjD,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,UAAU,CAAC,YAAY;QAC1B,CAAC,KAAK,IAAI,EAAE;YACV,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CACL,CAAC;IAEF,MAAM,UAAU,GAAe;QAC7B,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAwC;QAC7D,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,CAAC;QAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,CAAC;QAC9B,MAAM,EAAE,KAAK;QACb,GAAG,CAAC,UAAU,KAAK,SAAS,IAAI,EAAE,UAAU,EAAE,CAAC;QAC/C,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,CAAC,IAAI,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC;QACxE,aAAa,EAAE,OAAO;QACtB,qEAAqE;QACrE,2DAA2D;QAC3D,YAAY,EAAE,UAAU,WAAW,CAAC,GAAG,EAAE;KAC1C,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;QACvE,kEAAkE;QAClE,kEAAkE;QAClE,oCAAoC;QACpC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;QACpE,OAAO;YACL,EAAE,EAAE,MAAM,CAAC,OAAO;YAClB,GAAG,CAAC,MAAM,EAAE,GAAG,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC;YACxD,MAAM;YACN,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;YACxE,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;SACxD,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACvD,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;SACxD,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/recipes/resolveRecipePath.d.ts

@@ -0,0 +1,69 @@
+/**
+ * resolveRecipePath — recipe-runner path jail.
+ *
+ * Closes G-security F-01 (CRITICAL — `file.read/write/append` accept any
+ * absolute path), F-02 (CRITICAL — template-substituted vars escape via
+ * `..`), and the R2 C-1 chained-runner third-substitution-site gap.
+ *
+ * Mirrors the symlink-walking strategy from `src/tools/utils.ts:104-200`
+ * (`resolveFilePath`) but operates against an allowlist of recipe-roots
+ * rather than a single workspace root:
+ *
+ *   - `~/.patchwork/`               (always allowed — recipe install dir)
+ *   - the bridge / CLI workspace    (always allowed — passed in via `opts.workspace`)
+ *   - `os.tmpdir()`                 (OFF by default; opt-in via the
+ *                                    `CLAUDE_IDE_BRIDGE_RECIPE_TMP_JAIL=1`
+ *                                    env var, per R2 C-2 maintainer decision)
+ *
+ * On any escape (null byte, segment outside all roots, symlink target
+ * outside roots, hardlink on a write target) the helper throws an `Error`
+ * with `err.code = "recipe_path_jail_escape"`. Callers and tests must
+ * assert on `err.code`, never on message text (R2 M-4).
+ *
+ * Defense-in-depth — apply at every layer:
+ *   - `src/recipes/tools/file.ts`            (per-tool execute())
+ *   - `src/recipes/yamlRunner.ts:976-994`    (default StepDeps file ops)
+ *   - `src/recipes/yamlRunner.ts:642`        (post-render path snapshot)
+ *   - `src/recipes/yamlRunner.ts:1252-1262`  (chained-runner executeTool)
+ *   - `src/recipes/chainedRunner.ts:194-205` (template-substitution site)
+ *   - `src/recipeRoutes.ts:131-138 :172-181` (HTTP vars validator)
+ *   - `src/commands/recipe.ts:1080-1102`     (CLI warn on out-of-jail recipe ref)
+ */
+export type RecipePathJailError = Error & {
+    code: "recipe_path_jail_escape";
+};
+export interface ResolveRecipePathOptions {
+    /** True when the caller will write/append/mkdir at the resolved path (enables hardlink check). */
+    write?: boolean;
+    /** Optional workspace allowlist root. Defaults to `process.cwd()`. */
+    workspace?: string;
+    /**
+     * Override the tmp-jail opt-in. Used by tests to assert the env-var
+     * behavior without polluting `process.env` across the suite. Production
+     * callers should leave this undefined and rely on
+     * `CLAUDE_IDE_BRIDGE_RECIPE_TMP_JAIL=1`.
+     */
+    allowTmp?: boolean;
+    /**
+     * Override the home dir. Used by tests to assert behavior without
+     * touching the real `~`. Production callers leave undefined.
+     */
+    homeDir?: string;
+}
+/**
+ * Resolve a recipe-supplied path, expanding `~/`, normalising, and asserting
+ * the result lives inside one of the jail roots after symlink resolution.
+ *
+ * Throws `RecipePathJailError` (code `"recipe_path_jail_escape"`) on any
+ * containment violation. Callers should propagate the error unchanged so
+ * tests can assert on `err.code`.
+ */
+export declare function resolveRecipePath(rawPath: string, opts?: ResolveRecipePathOptions): string;
+/**
+ * Side-effect-free predicate variant — returns `null` on jail escape rather
+ * than throwing. Used by the CLI `recipe run` warn path (F-10), which wants
+ * to write a stderr notice when a recipe **file** lives outside the jail
+ * but still loads it (the YAML loader is a separate trust boundary from the
+ * tool dispatch jail).
+ */
+export declare function tryResolveRecipePath(rawPath: string, opts?: ResolveRecipePathOptions): string | null;