principles-disciple 1.125.0 → 1.126.0

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "principles-disciple",
   "name": "Principles Disciple",
   "description": "Evolutionary programming agent framework with strategic guardrails and reflection loops.",
-  "version": "1.125.0",
+  "version": "1.126.0",
   "activation": {
     "onCapabilities": [
       "hook"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "principles-disciple",
-  "version": "1.125.0",
+  "version": "1.126.0",
   "description": "Native OpenClaw plugin for Principles Disciple",
   "type": "module",
   "main": "./dist/bundle.js",

package/src/core/rule-host.ts

@@ -66,6 +66,7 @@ export class RuleHost {
   private readonly stateDir: string;
   private readonly logger: RuleHostLogger;
   private readonly workspaceDir: string | null;
+  private readonly implementationSources = new Map<string, { activationId: string; artifactId: string; ruleId: string }>();
 
   constructor(stateDir: string, logger: RuleHostLogger = console, options?: RuleHostOptions) {
     this.stateDir = stateDir;
@@ -85,7 +86,23 @@ export class RuleHost {
   evaluate(input: RuleHostInput): RuleHostResult | undefined {
     try {
       const activeImpls = this._loadActiveCodeImplementations();
-      return mergeDecisions(activeImpls, input, this.logger);
+      return mergeDecisions(activeImpls, input, {
+        warn: this.logger.warn,
+        onImplementationUnhealthy: (impl, reason) => {
+          const source = this.implementationSources.get(impl.implId);
+          if (!source) {
+            this.logger.warn?.(`[RuleHost] No source mapping for implId=${impl.implId}, cannot record unhealthy event`);
+            return;
+          }
+          this._recordUnhealthy(
+            source.activationId,
+            source.artifactId,
+            source.ruleId,
+            reason,
+            'Fix the RuleCode runtime error or return shape, then re-activate the rule',
+          );
+        },
+      });
     } catch (hostError: unknown) {
       // Conservative degradation: log and return undefined (D-08)
       this.logger.warn?.(
@@ -136,6 +153,7 @@ export class RuleHost {
    * All data from SQLite is treated as unknown and validated before use.
    */
   private _loadFromActivationsTable(workspaceDir: string): LoadedImplementation[] {
+    this.implementationSources.clear();
     const sqliteConn = new SqliteConnection(workspaceDir);
     try {
       const db = sqliteConn.getDb();
@@ -199,6 +217,19 @@ export class RuleHost {
             `reason=at most one active activation per rule is allowed ` +
             `nextAction=deactivate all but one activation for this target_ref`
           );
+          for (const r of group) {
+            const activationId = typeof r['activation_id'] === 'string' ? r['activation_id'] : '';
+            const artifactId = typeof r['artifact_id'] === 'string' ? r['artifact_id'] : '';
+            if (activationId && artifactId) {
+              this._recordUnhealthy(
+                activationId,
+                artifactId,
+                targetRef,
+                `duplicate active activation for target_ref ${targetRef}`,
+                'Deactivate all but one activation for this target_ref',
+              );
+            }
+          }
         } else {
           validRows.push(group[0]);
         }
@@ -267,6 +298,7 @@ export class RuleHost {
           // callEvaluate runs the invocation INSIDE the vm context with a time
           // boundary, terminating infinite loops and excessive computation.
           const boundedCallEvaluate = moduleExports.callEvaluate;
+          this.implementationSources.set(implId, { activationId, artifactId, ruleId });
 
           loaded.push({
             implId,
@@ -275,9 +307,6 @@ export class RuleHost {
             evaluate: (input: RuleHostInput): RuleHostResult => {
               const frozenHelpers = createRuleHostHelpers(input);
               // PRI-437: Execute inside vm context with timeout boundary.
-              // If the RuleCode infinite-loops or exceeds the time budget,
-              // vm throws an error that is caught by the caller (mergeDecisions
-              // try/catch), resulting in conservative degradation (undefined).
               const rawResult = boundedCallEvaluate(input, frozenHelpers);
               const validation = validateRuleHostResult(rawResult);
               if (!validation.valid) {

package/src/core/rule-implementation-runtime.ts

@@ -1,4 +1,5 @@
 import { nodeVm } from '../utils/node-vm-polyfill.js';
+import { spawnSync } from 'node:child_process';
 
 export interface RuleImplementationModuleExports {
   meta?: unknown;
@@ -22,7 +23,35 @@ export interface RuleImplementationModuleExports {
 const COMPILE_TIMEOUT_MS = 1000;
 
 /** Timeout (ms) for executing evaluate(input, helpers) inside the vm. */
-const EVALUATE_TIMEOUT_MS = 1000;
+const EVALUATE_PROCESS_TIMEOUT_MS = 3000;
+const EVALUATE_PROCESS_OUTPUT_BYTES = 1024 * 1024;
+
+const EVALUATION_PROCESS_SOURCE = String.raw`
+const vm = require('node:vm');
+try {
+  const workerData = JSON.parse(require('node:fs').readFileSync(0, 'utf8'));
+  const context = vm.createContext(Object.create(null));
+  new vm.Script(workerData.source, { filename: workerData.filename }).runInContext(context, { timeout: 1000 });
+  const input = workerData.input;
+  const helpers = Object.freeze({
+    isRiskPath: () => input.workspace.isRiskPath,
+    getToolName: () => input.action.toolName,
+    getEstimatedLineChanges: () => input.derived.estimatedLineChanges,
+    getBashRisk: () => input.derived.bashRisk,
+    hasPlanFile: () => input.workspace.hasPlanFile,
+    getPlanStatus: () => input.workspace.planStatus,
+    getEpTier: () => input.evolution.epTier,
+  });
+  context.__pdCallInput = input;
+  context.__pdCallHelpers = helpers;
+  const result = new vm.Script('__pdRuleModule.evaluate(__pdCallInput, __pdCallHelpers)', { filename: workerData.filename + '.call' })
+    .runInContext(context, { timeout: 1000 });
+  process.stdout.write(JSON.stringify({ ok: true, result }));
+} catch (error) {
+  process.stdout.write(JSON.stringify({ ok: false, error: String(error) }));
+  process.exitCode = 1;
+}
+`;
 
 function normalizeImplementationSource(sourceCode: string): string {
   const withoutExports = sourceCode
@@ -36,6 +65,10 @@ globalThis.__pdRuleModule = {
 };`;
 }
 
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === 'object' && value !== null && !Array.isArray(value);
+}
+
 export function loadRuleImplementationModule(
   sourceCode: string,
   filename: string,
@@ -73,23 +106,35 @@ export function loadRuleImplementationModule(
   //   3. Runs it in the context with EVALUATE_TIMEOUT_MS
   //   4. Cleans up globals
   //   5. Returns the raw result (validation happens in the caller)
-  const callScript = new nodeVm.Script(
-    '__pdRuleModule.evaluate(__pdCallInput, __pdCallHelpers)',
-    { filename: `${filename}.call` },
-  );
-
-  const callEvaluate = (input: unknown, helpers: unknown): unknown => {
-    (context as { __pdCallInput?: unknown }).__pdCallInput = input;
-    (context as { __pdCallHelpers?: unknown }).__pdCallHelpers = helpers;
+  const normalizedSource = normalizeImplementationSource(sourceCode);
+  const callEvaluate = (input: unknown, _helpers: unknown): unknown => {
+    const child = spawnSync(process.execPath, [
+      '--max-old-space-size=32',
+      '-e',
+      EVALUATION_PROCESS_SOURCE,
+    ], {
+      input: JSON.stringify({ source: normalizedSource, filename, input }),
+      encoding: 'utf8',
+      timeout: EVALUATE_PROCESS_TIMEOUT_MS,
+      maxBuffer: EVALUATE_PROCESS_OUTPUT_BYTES,
+      windowsHide: true,
+    });
+    if (child.error) {
+      throw new Error(`RuleCode process failed: ${child.error.message}`);
+    }
+    let parsed: unknown;
     try {
-      return callScript.runInContext(context, {
-        timeout: EVALUATE_TIMEOUT_MS,
-        displayErrors: true,
-      });
-    } finally {
-      try { delete (context as { __pdCallInput?: unknown }).__pdCallInput; } catch { /* noop */ }
-      try { delete (context as { __pdCallHelpers?: unknown }).__pdCallHelpers; } catch { /* noop */ }
+      parsed = JSON.parse(child.stdout);
+    } catch {
+      const stderr = child.stderr.trim().slice(0, 500);
+      throw new Error(`RuleCode process exited without a valid result${stderr ? `: ${stderr}` : ''}`);
+    }
+    if (!isRecord(parsed) || !Object.hasOwn(parsed, 'ok') || parsed['ok'] !== true || !Object.hasOwn(parsed, 'result')) {
+      const reason = isRecord(parsed) && Object.hasOwn(parsed, 'error') && typeof parsed['error'] === 'string'
+        ? parsed['error'] : 'RuleCode process failed';
+      throw new Error(reason);
     }
+    return parsed['result'];
   };
 
   return {

package/src/utils/io.ts

@@ -66,16 +66,34 @@ export function normalizePath(filePath: string, projectDir: string): string {
     }
   }
 
-   
-   
+  // POSIX absolute paths (e.g., /etc/passwd) are NOT recognized as absolute
+  // by path.isAbsolute() on Windows. When both the project dir and the file
+  // path are POSIX paths, use path.posix for relative computation.
+  const isPosixAbsolute = normalizedFilePath.startsWith('/') && !fileIsWin;
+  const projectIsPosix = !projectIsWin;
+
   let rel: string;
   if (projectIsWin) {
     const projectAbs = path.resolve(projectDir);
-    const fileAbs = path.isAbsolute(normalizedFilePath) ? normalizedFilePath : path.join(projectAbs, normalizedFilePath);
-    rel = path.relative(projectAbs, fileAbs);
+    if (isPosixAbsolute) {
+      // POSIX absolute path on Windows project: cannot resolve relative to project,
+      // return as-is (path is outside the project directory).
+      rel = normalizedFilePath;
+    } else {
+      const fileAbs = path.isAbsolute(normalizedFilePath)
+        ? normalizedFilePath
+        : path.join(projectAbs, normalizedFilePath);
+      rel = path.relative(projectAbs, fileAbs);
+    }
+  } else if (projectIsPosix && isPosixAbsolute) {
+    // Both project and file are POSIX → use path.posix
+    const projectPosix = projectDir.replace(/\\/g, '/');
+    rel = path.posix.relative(projectPosix, normalizedFilePath);
   } else {
     const projectPosix = projectDir.replace(/\\/g, '/');
-    const filePosix = path.isAbsolute(normalizedFilePath) ? normalizedFilePath : path.posix.join(projectPosix, normalizedFilePath.replace(/\\/g, '/'));
+    const filePosix = path.isAbsolute(normalizedFilePath)
+      ? normalizedFilePath
+      : path.posix.join(projectPosix, normalizedFilePath.replace(/\\/g, '/'));
     rel = path.posix.relative(projectPosix, filePosix);
   }
 

package/tests/core/rule-host-unhealthy-visibility.test.ts

@@ -231,4 +231,31 @@ var meta = { name: 'valid-rule', version: '1', ruleId: '${RULE_ID_BROKEN}', cove
     const eventsContent = readTodayEvents(tempStateDir);
     expect(eventsContent).not.toContain('rulehost_unhealthy');
   });
+
+  it('runtime-invalid result is persisted as rulehost_unhealthy and never executes', async () => {
+    const invalidResultCode = `
+function evaluate() {
+  return { decision: 'block', matched: 'yes', reason: 'invalid matched type' };
+}
+var meta = { name: 'invalid-result-rule', version: '1', ruleId: '${RULE_ID_BROKEN}', coversCondition: 'all' };
+`;
+    const now = new Date().toISOString();
+    sqliteConn.getDb().prepare(`
+      INSERT INTO pi_artifacts (artifact_id, artifact_kind, source_task_id, source_principle_id, source_rule_id, lineage_artifact_ids, validation_status, content_json, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(
+      ARTIFACT_ID_BROKEN, 'rule', 'task-invalid-result', 'P_TEST_INVALID_RESULT', RULE_ID_BROKEN,
+      '[]', 'validated', JSON.stringify({ ruleId: RULE_ID_BROKEN, implementationCode: invalidResultCode }), now, now,
+    );
+    await insertActivation();
+
+    const ruleHost = new RuleHost(tempStateDir, { warn: () => {} }, { workspaceDir: tempWorkspaceDir });
+    expect(ruleHost.evaluate(makeInput())).toBeUndefined();
+    EventLogService.get(tempStateDir).flush();
+
+    const events = readTodayEvents(tempStateDir);
+    expect(events).toContain('rulehost_unhealthy');
+    expect(events).toContain('invalid RuleHostResult');
+    expect(events).toContain(ACTIVATION_ID_BROKEN);
+  });
 });

package/tests/core/rule-implementation-runtime.test.ts

@@ -34,4 +34,16 @@ describe('rule-implementation-runtime', () => {
 
     expect((globalThis as Record<string, unknown>).__pdRuleHostLeak).toBeUndefined();
   });
+
+  it('contains memory-exhausting evaluation in a resource-limited worker', () => {
+    const moduleExports = loadRuleImplementationModule(
+      `export function evaluate() {
+        const memoryBomb = new Array(100_000_000).fill('x');
+        return { decision: 'allow', matched: false, reason: String(memoryBomb.length) };
+      }`,
+      'rule-memory-limit.js',
+    );
+
+    expect(() => moduleExports.callEvaluate?.({}, {})).toThrow(/worker|memory|heap|timed out|exited without a valid result/i);
+  });
 });