principles-disciple 1.7.5 → 1.7.8

package/dist/hooks/gfi-gate.d.ts

@@ -0,0 +1,40 @@
+/**
+ * GFI Gate Module
+ *
+ * Handles Fatigue Index (GFI) based tool blocking with TIER 0-3 classification.
+ *
+ * **Responsibilities:**
+ * - Calculate dynamic GFI thresholds based on EP tier and line changes
+ * - Apply tier-based tool blocking:
+ *   - TIER 0: Read-only tools (never blocked)
+ *   - TIER 1: Low-risk writes (blocked when GFI >= low_risk_block threshold)
+ *   - TIER 2: High-risk operations (blocked when GFI >= high_risk_block threshold)
+ *   - TIER 3: Bash commands (content-dependent blocking)
+ * - Prevent subagent spawn at critically high GFI (>=90)
+ *
+ * **Configuration:**
+ * - GFI thresholds from config.gfi_gate
+ * - EP tier multipliers for dynamic threshold calculation
+ * - Large change adjustments
+ *
+ * **Block Persistence:**
+ * - Uses shared `recordGateBlockAndReturn` from gate-block-helper.ts
+ * - Ensures single authoritative block persistence path
+ */
+import type { WorkspaceContext } from '../core/workspace-context.js';
+import type { PluginHookBeforeToolCallEvent, PluginHookBeforeToolCallResult } from '../openclaw-sdk.js';
+export interface GfiGateConfig {
+    enabled?: boolean;
+    thresholds?: {
+        low_risk_block?: number;
+        high_risk_block?: number;
+    };
+    large_change_lines?: number;
+    ep_tier_multipliers?: Record<string, number>;
+    bash_safe_patterns?: string[];
+    bash_dangerous_patterns?: string[];
+}
+export declare function checkGfiGate(event: PluginHookBeforeToolCallEvent, wctx: WorkspaceContext, sessionId: string | undefined, config: GfiGateConfig, logger?: {
+    info?: (message: string) => void;
+    warn?: (message: string) => void;
+}): PluginHookBeforeToolCallResult | undefined;

package/dist/hooks/gfi-gate.js

@@ -0,0 +1,113 @@
+/**
+ * GFI Gate Module
+ *
+ * Handles Fatigue Index (GFI) based tool blocking with TIER 0-3 classification.
+ *
+ * **Responsibilities:**
+ * - Calculate dynamic GFI thresholds based on EP tier and line changes
+ * - Apply tier-based tool blocking:
+ *   - TIER 0: Read-only tools (never blocked)
+ *   - TIER 1: Low-risk writes (blocked when GFI >= low_risk_block threshold)
+ *   - TIER 2: High-risk operations (blocked when GFI >= high_risk_block threshold)
+ *   - TIER 3: Bash commands (content-dependent blocking)
+ * - Prevent subagent spawn at critically high GFI (>=90)
+ *
+ * **Configuration:**
+ * - GFI thresholds from config.gfi_gate
+ * - EP tier multipliers for dynamic threshold calculation
+ * - Large change adjustments
+ *
+ * **Block Persistence:**
+ * - Uses shared `recordGateBlockAndReturn` from gate-block-helper.ts
+ * - Ensures single authoritative block persistence path
+ */
+import { getSession } from '../core/session-tracker.js';
+import { estimateLineChanges } from '../core/risk-calculator.js';
+import { analyzeBashCommand, calculateDynamicThreshold } from './bash-risk.js';
+import { BASH_TOOLS_SET, HIGH_RISK_TOOLS, LOW_RISK_WRITE_TOOLS, AGENT_TOOLS } from '../constants/tools.js';
+import { AGENT_SPAWN_GFI_THRESHOLD } from '../config/index.js';
+import { recordGateBlockAndReturn } from './gate-block-helper.js';
+import { getEvolutionEngine } from '../core/evolution-engine.js';
+/**
+ * Internal helper to call the shared block helper with gfi-gate source tag.
+ */
+function block(wctx, filePath, reason, toolName, sessionId, logger) {
+    return recordGateBlockAndReturn(wctx, {
+        filePath,
+        reason,
+        toolName,
+        sessionId,
+        blockSource: 'gfi-gate',
+    }, logger || { warn: () => { }, error: () => { } });
+}
+export function checkGfiGate(event, wctx, sessionId, config, logger) {
+    if (!config || config.enabled === false || !sessionId) {
+        return undefined;
+    }
+    const session = getSession(sessionId);
+    const currentGfi = session?.currentGfi || 0;
+    const getEpTier = () => {
+        return getEvolutionEngine(wctx.workspaceDir).getTier();
+    };
+    // TIER 3: Bash commands
+    if (BASH_TOOLS_SET.has(event.toolName)) {
+        const command = String(event.params.command || event.params.args || '');
+        const bashRisk = analyzeBashCommand(command, config.bash_safe_patterns || [], config.bash_dangerous_patterns || [], logger);
+        if (bashRisk === 'dangerous') {
+            logger?.warn?.(`[PD:GFI_GATE] Dangerous bash command blocked: ${command.substring(0, 50)}...`);
+            return block(wctx, command.substring(0, 100), `危险命令被拦截。检测到危险命令模式，需要确认执行意图。`, event.toolName, sessionId, logger);
+        }
+        if (bashRisk === 'safe') {
+            return undefined;
+        }
+        // normal bash - check GFI threshold
+        const tier = getEpTier();
+        const baseThreshold = config.thresholds?.low_risk_block || 70;
+        const dynamicThreshold = calculateDynamicThreshold(baseThreshold, tier, 0, {
+            large_change_lines: config.large_change_lines || 50,
+            ep_tier_multipliers: config.ep_tier_multipliers || { '1': 0.5, '2': 0.75, '3': 1.0, '4': 1.5, '5': 2.0 },
+        });
+        if (currentGfi >= dynamicThreshold) {
+            logger?.warn?.(`[PD:GFI_GATE] Bash blocked by GFI: ${currentGfi} >= ${dynamicThreshold}`);
+            return block(wctx, command.substring(0, 100), `疲劳指数过高 (GFI: ${currentGfi}/${dynamicThreshold})。系统进入保护模式。`, event.toolName, sessionId, logger);
+        }
+        return undefined;
+    }
+    // TIER 2: High-risk tools
+    if (HIGH_RISK_TOOLS.has(event.toolName)) {
+        const tier = getEpTier();
+        const baseThreshold = config.thresholds?.high_risk_block || 40;
+        const dynamicThreshold = calculateDynamicThreshold(baseThreshold, tier, 0, {
+            large_change_lines: config.large_change_lines || 50,
+            ep_tier_multipliers: config.ep_tier_multipliers || { '1': 0.5, '2': 0.75, '3': 1.0, '4': 1.5, '5': 2.0 },
+        });
+        if (currentGfi >= dynamicThreshold) {
+            const filePath = event.params.file_path || event.params.path || event.params.file || event.params.target || 'unknown';
+            logger?.warn?.(`[PD:GFI_GATE] High-risk tool "${event.toolName}" blocked by GFI: ${currentGfi} >= ${dynamicThreshold}`);
+            return block(wctx, filePath, `高风险操作被拦截。GFI: ${currentGfi}/${dynamicThreshold}。高风险工具需要更低的阈值。`, event.toolName, sessionId, logger);
+        }
+    }
+    // TIER 1: Low-risk write tools
+    if (LOW_RISK_WRITE_TOOLS.has(event.toolName)) {
+        const tier = getEpTier();
+        const lineChanges = estimateLineChanges({ toolName: event.toolName, params: event.params });
+        const baseThreshold = config.thresholds?.low_risk_block || 70;
+        const dynamicThreshold = calculateDynamicThreshold(baseThreshold, tier, lineChanges, {
+            large_change_lines: config.large_change_lines || 50,
+            ep_tier_multipliers: config.ep_tier_multipliers || { '1': 0.5, '2': 0.75, '3': 1.0, '4': 1.5, '5': 2.0 },
+        });
+        if (currentGfi >= dynamicThreshold) {
+            const filePath = event.params.file_path || event.params.path || event.params.file || event.params.target || 'unknown';
+            logger?.warn?.(`[PD:GFI_GATE] Low-risk tool "${event.toolName}" blocked by GFI: ${currentGfi} >= ${dynamicThreshold}`);
+            return block(wctx, filePath, `疲劳指数过高 (GFI: ${currentGfi}/${dynamicThreshold})。系统进入保护模式。`, event.toolName, sessionId, logger);
+        }
+    }
+    // AGENT_TOOLS: Block subagent spawn when GFI is critically high
+    if (AGENT_TOOLS.has(event.toolName)) {
+        if (currentGfi >= AGENT_SPAWN_GFI_THRESHOLD) {
+            logger?.warn?.(`[PD:GFI_GATE] Agent tool "${event.toolName}" blocked by GFI: ${currentGfi} >= ${AGENT_SPAWN_GFI_THRESHOLD}`);
+            return block(wctx, 'subagent-spawn', `疲劳指数过高，禁止派生子智能体。GFI: ${currentGfi}/${AGENT_SPAWN_GFI_THRESHOLD}`, event.toolName, sessionId, logger);
+        }
+    }
+    return undefined;
+}

package/dist/hooks/pain.js

@@ -7,6 +7,7 @@ import { denoiseError, computeHash } from '../utils/hashing.js';
 import { SystemLogger } from '../core/system-logger.js';
 import { WorkspaceContext } from '../core/workspace-context.js';
 import { getEvolutionLogger, createTraceId } from '../core/evolution-logger.js';
+import { recordEvolutionSuccess, recordEvolutionFailure } from '../core/evolution-engine.js';
 const WRITE_TOOLS = ['write', 'edit', 'apply_patch', 'write_file', 'edit_file', 'replace'];
 function shouldAttributePrincipleToTool(principle, toolName) {
     return principle.contextTags.includes(toolName) || principle.trigger.includes(toolName);
@@ -30,7 +31,6 @@ export function handleAfterToolCall(event, ctx, api) {
     const wctx = WorkspaceContext.fromHookContext({ ...ctx, workspaceDir: effectiveWorkspaceDir });
     const config = wctx.config;
     const eventLog = wctx.eventLog;
-    const trust = wctx.trust;
     const sessionId = ctx.sessionId || 'unknown';
     const sessionState = ctx.sessionId ? getSession(ctx.sessionId) : undefined;
     const gfiBefore = sessionState?.currentGfi ?? 0;
@@ -106,11 +106,10 @@ export function handleAfterToolCall(event, ctx, api) {
             }
         }
         const isRisk = isRisky(relPath, profile.risk_paths);
-        trust.recordFailure(isRisk ? 'risky' : 'tool', {
+        recordEvolutionFailure(effectiveWorkspaceDir, event.toolName, {
+            filePath: relPath,
+            reason: isRisk ? 'risky' : 'tool',
             sessionId,
-            api,
-            toolName: event.toolName,
-            error: event.error // Pass error for timeout detection
         });
         // Record tool call failure event
         eventLog.recordToolCall(sessionId, {
@@ -147,11 +146,9 @@ export function handleAfterToolCall(event, ctx, api) {
     else {
         // ── SUCCESS BRANCH ──
         const resetState = resetFriction(sessionId, effectiveWorkspaceDir);
-        // 👈 Record success to reset failure streak and earn minor trust (if constructive)
-        trust.recordSuccess('tool_success', {
+        recordEvolutionSuccess(effectiveWorkspaceDir, event.toolName, {
             sessionId,
-            api,
-            toolName: event.toolName // 👈 NEW: Pass toolName for classification
+            reason: 'tool_success',
         });
         const injectedProbationIds = getInjectedProbationIds(sessionId, effectiveWorkspaceDir);
         for (const id of injectedProbationIds) {

package/dist/hooks/progressive-trust-gate.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Progressive Gate Module (EP-Only Version)
+ *
+ * EP (Evolution Points) 是唯一的门控机制。
+ *
+ * **EP 门控逻辑:**
+ * - Seed (0分): 只读 + 基础文档
+ * - Sprout (50分): 单文件编辑
+ * - Sapling (200分): 多文件 + 测试 + 子智能体
+ * - Tree (500分): 重构 + 风险路径
+ * - Forest (1000分): 完全自主
+ *
+ * **风险路径控制:**
+ * - 低等级不能修改风险路径
+ * - 高等级解锁风险路径权限
+ *
+ * **不再有:**
+ * - Trust Score (30-100) 系统
+ * - Stage 1-4 分级
+ * - Plan Approval 白名单机制
+ * - 基于行数的限制
+ */
+import type { PluginHookBeforeToolCallEvent, PluginHookBeforeToolCallResult } from '../openclaw-sdk.js';
+import type { WorkspaceContext } from '../core/workspace-context.js';
+/**
+ * Build EP gate rejection reason
+ */
+export declare function buildEvolutionGateReason(tier: number, tierName: string, reason: string): string;
+/**
+ * Check EP-based gate
+ *
+ * @param event - The tool call event
+ * @param wctx - Workspace context
+ * @param relPath - Relative path to target file
+ * @param risky - Whether the path is a risk path
+ * @param lineChanges - Estimated line changes (kept for interface compatibility, not used for gating)
+ * @param logger - Logger instance
+ * @param ctx - Hook context
+ * @param profile - Gate profile containing risk_paths config
+ * @returns PluginHookBeforeToolCallResult to block, or undefined to allow
+ */
+export declare function checkProgressiveTrustGate(event: PluginHookBeforeToolCallEvent, wctx: WorkspaceContext, relPath: string, risky: boolean, lineChanges: number, logger: {
+    warn?: (message: string) => void;
+    error?: (message: string) => void;
+    info?: (message: string) => void;
+}, ctx: {
+    workspaceDir?: string;
+    sessionId?: string;
+}, profile?: {
+    risk_paths: string[];
+}): PluginHookBeforeToolCallResult | void;

package/dist/hooks/progressive-trust-gate.js

@@ -0,0 +1,89 @@
+/**
+ * Progressive Gate Module (EP-Only Version)
+ *
+ * EP (Evolution Points) 是唯一的门控机制。
+ *
+ * **EP 门控逻辑:**
+ * - Seed (0分): 只读 + 基础文档
+ * - Sprout (50分): 单文件编辑
+ * - Sapling (200分): 多文件 + 测试 + 子智能体
+ * - Tree (500分): 重构 + 风险路径
+ * - Forest (1000分): 完全自主
+ *
+ * **风险路径控制:**
+ * - 低等级不能修改风险路径
+ * - 高等级解锁风险路径权限
+ *
+ * **不再有:**
+ * - Trust Score (30-100) 系统
+ * - Stage 1-4 分级
+ * - Plan Approval 白名单机制
+ * - 基于行数的限制
+ */
+import { checkEvolutionGate } from '../core/evolution-engine.js';
+import { recordGateBlockAndReturn } from './gate-block-helper.js';
+/**
+ * Build EP gate rejection reason
+ */
+export function buildEvolutionGateReason(tier, tierName, reason) {
+    return `[EP Gate] Tier ${tier} (${tierName}): ${reason}`;
+}
+/**
+ * Internal helper to call the shared block helper with progressive-trust-gate source tag.
+ */
+function block(filePath, reason, wctx, toolName, logger, sessionId) {
+    return recordGateBlockAndReturn(wctx, {
+        filePath,
+        reason,
+        toolName,
+        sessionId,
+        blockSource: 'progressive-trust-gate',
+    }, logger);
+}
+/**
+ * Check EP-based gate
+ *
+ * @param event - The tool call event
+ * @param wctx - Workspace context
+ * @param relPath - Relative path to target file
+ * @param risky - Whether the path is a risk path
+ * @param lineChanges - Estimated line changes (kept for interface compatibility, not used for gating)
+ * @param logger - Logger instance
+ * @param ctx - Hook context
+ * @param profile - Gate profile containing risk_paths config
+ * @returns PluginHookBeforeToolCallResult to block, or undefined to allow
+ */
+export function checkProgressiveTrustGate(event, wctx, relPath, risky, lineChanges, logger, ctx, profile) {
+    // EP is the only gate now - use actual gate decision
+    if (!ctx.workspaceDir) {
+        logger.warn?.('[PD_GATE] No workspaceDir, skipping EP gate check');
+        return;
+    }
+    // Call EP gate - this is the actual gate, not simulation
+    const epDecision = checkEvolutionGate(ctx.workspaceDir, {
+        toolName: event.toolName,
+        isRiskPath: risky,
+    });
+    const currentTier = epDecision.currentTier ?? 1;
+    const tierName = getTierName(currentTier);
+    logger.info?.(`[PD_GATE] EP Gate: Tier ${currentTier} (${tierName}), Tool: ${event.toolName}, Risk: ${risky}, Allowed: ${epDecision.allowed}`);
+    if (!epDecision.allowed) {
+        const reason = buildEvolutionGateReason(currentTier, tierName, epDecision.reason ?? 'Unknown restriction');
+        return block(relPath, reason, wctx, event.toolName, logger, ctx.sessionId);
+    }
+    // Gate passed - allow
+    return;
+}
+/**
+ * Get tier name from tier number
+ */
+function getTierName(tier) {
+    const names = {
+        1: 'Seed',
+        2: 'Sprout',
+        3: 'Sapling',
+        4: 'Tree',
+        5: 'Forest',
+    };
+    return names[tier] ?? 'Unknown';
+}

package/dist/hooks/prompt.d.ts

@@ -2,7 +2,7 @@ import type { PluginHookBeforePromptBuildEvent, PluginHookAgentContext, PluginHo
 import { ContextInjectionConfig } from '../types.js';
 import { type EmpathyObserverApi } from '../service/empathy-observer-manager.js';
 /**
- * 濞寸媴绲块幃濠冾渶濡鍚囬梺鏉跨Ф閻?
+ * Default model configuration for OpenClaw agents
  */
 interface AgentsDefaultsConfig {
     model?: unknown;
@@ -23,22 +23,22 @@ interface PromptHookApi {
     logger: PluginLogger;
 }
 /**
- * 濞?OpenClaw 闂佹澘绉堕悿鍡樼▔椤撯寬鎺楀几閹邦劷渚€宕圭€ｎ喒鍋撴径瀣仴
- * 闁衡偓椤栨稑鐦?string 闁?{ primary, fallbacks } 闁哄秶鍘х槐?
- * @internal 閻庣數鍘ч崵顓熺閸涱剛杩旀繛鏉戭儓閻︻垱鎷呯捄銊︽殢
+ * Resolves model configuration for OpenClaw agents, supporting string and object formats
+ * @param modelConfig - Model config: string (e.g. "provider/model") or { primary, fallbacks } object
+ * @internal Helper for model configuration resolution
  */
 export declare function resolveModelFromConfig(modelConfig: unknown, logger?: PluginLogger): string | null;
 /**
- * 闁告梻濮惧ù鍥ㄧ▔婵犱胶鐟撻柡鍌氭处閺佺偤宕楅妷鈺佸赋缂?
- * 濞?PROFILE.json 閻犲洩顕цぐ?contextInjection 闂佹澘绉堕悿鍡涙晬鐏炵瓔娲ら柡瀣矆缁楀鈧稒锚濠€顏堝礆濞嗘帞绠查柛銉у仱缁垳鎷嬮妶澶婂赋缂?
- * @internal 閻庣數鍘ч崵顓熺瑹濞戞ê寰撳ù鐘崇墬鑶╅柛褎銇炴繛鍥偨?
+ * Loads context injection config from .principles/PROFILE.json
+ * Parses contextInjection configuration from PROFILE.json for context injection
+ * @internal Used by evolution engine for context settings
  */
 export declare function loadContextInjectionConfig(workspaceDir: string): ContextInjectionConfig;
 /**
- * 闁兼儳鍢茶ぐ鍥╂嫚婵犲啯鐒介悗娑欏姈濞呫倝鎳楅幋鎺旂Ъ閹煎瓨鏌ф繛鍥偨閵娧勭暠婵☆垪鈧磭鈧?
- * 濞村吋锚閸樻稓鐥缁辩殜ubagents.model > 濞戞挾绮啯闁?
- * 濠碘€冲€归悘澶愭焾閼恒儳姊鹃柡鍫濐樀閸樸倗绱旈鍡欑闁硅埖绋戦崵顓㈡煥濞嗘帩鍤?
- * @internal 閻庣數鍘ч崵顓熺閸涱剛杩旀繛鏉戭儓閻︻垱鎷呯捄銊︽殢
+ * Gets the diagnostician model - the model used for AI self-diagnosis and reflection
+ * Priority: subagents.model > subagents.model > env.OPENCLAW_MODEL
+ * Falls back to main model if no diagnostician model is configured
+ * @internal Helper for model configuration resolution
  */
 export declare function getDiagnosticianModel(api: PromptHookApi | null, logger?: PluginLogger): string;
 export declare function handleBeforePromptBuild(event: PluginHookBeforePromptBuildEvent, ctx: PluginHookAgentContext & {