principles-disciple 1.84.0 → 1.86.0

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "principles-disciple",
   "name": "Principles Disciple",
   "description": "Evolutionary programming agent framework with strategic guardrails and reflection loops.",
-  "version": "1.84.0",
+  "version": "1.86.0",
   "activation": {
     "onCapabilities": [
       "hook"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "principles-disciple",
-  "version": "1.84.0",
+  "version": "1.86.0",
   "description": "Native OpenClaw plugin for Principles Disciple",
   "type": "module",
   "main": "./dist/bundle.js",

package/src/core/event-log.ts

@@ -32,6 +32,7 @@ import type {
 import { createEmptyDailyStats } from '../types/event-types.js';
 import { atomicWriteFileSync } from '../utils/io.js';
 import type { PluginLogger } from '../openclaw-sdk.js';
+import { redactTelemetryString } from '@principles/core/runtime-v2';
 
 const EVENT_LOG_RETENTION_DAYS = 7;
 
@@ -209,6 +210,88 @@ export class EventLog {
     this.record('runtime_v2_prompt_activations_injected', 'injected', data.sessionId, data);
   }
 
+  /**
+   * Redact telemetry-sensitive string values in event data before persistence.
+   * Applies redactTelemetryString to known high-risk fields (filePath, command,
+   * reason, args, new_string, old_string, text, paramsSummary values) and to all
+   * string values in tool_call/rulehost_* data as a safety net.
+   *
+   * ERR-002: never throws; returns data unchanged on error.
+   * ERR-045/046: covers composite command strings, Authorization headers, env vars.
+   */
+  private redactEventData(
+    type: EventType,
+    data: Record<string, unknown>
+  ): Record<string, unknown> {
+    try {
+      // Known high-risk event types — telemetry that carries tool commands / paths
+      const telemetryTypes: Set<EventType> = new Set([
+        'tool_call',
+        'rulehost_evaluated',
+        'rulehost_blocked',
+        'rulehost_requireApproval',
+        'rulehost_auto_correct_proposed',
+        'rulehost_auto_correct_applied',
+        'rule_enforced',
+        'hook_execution',
+        'gate_block',
+        'gate_bypass',
+      ]);
+
+      if (!telemetryTypes.has(type)) return data;
+
+      const redacted: Record<string, unknown> = {};
+      for (const [key, value] of Object.entries(data)) {
+        if (typeof value === 'string') {
+          redacted[key] = redactTelemetryString(value);
+        } else if (Array.isArray(value)) {
+          // Recurse into arrays (e.g. correctedFields with original/applied)
+          redacted[key] = value.map((item: unknown) => {
+            if (typeof item === 'string') {
+              return redactTelemetryString(item);
+            }
+            if (typeof item === 'object' && item !== null) {
+              const nested: Record<string, unknown> = {};
+              for (const [nk, nv] of Object.entries(item as Record<string, unknown>)) {
+                nested[nk] = typeof nv === 'string' ? redactTelemetryString(nv) : nv;
+              }
+              return nested;
+            }
+            return item;
+          });
+        } else if (typeof value === 'object' && value !== null) {
+          // Recurse one level for nested objects (e.g. paramsSummary)
+          const nested: Record<string, unknown> = {};
+          for (const [nk, nv] of Object.entries(value as Record<string, unknown>)) {
+            if (typeof nv === 'string') {
+              nested[nk] = redactTelemetryString(nv);
+            } else {
+              nested[nk] = nv;
+            }
+          }
+          redacted[key] = nested;
+        } else {
+          redacted[key] = value;
+        }
+      }
+      return redacted;
+    } catch (e) {
+      // ERR-002: fail safe — never write raw payload on redaction failure.
+      // Return a masked payload with context so downstream knows what happened.
+      const errStr = e instanceof Error ? e.message.slice(0, 200) : String(e).slice(0, 200);
+      const masked: Record<string, unknown> = {
+        redactionFailure: true,
+        redactionStatus: 'failed',
+        'redaction.status': 'failed',
+        redactionReason: errStr || 'unknown error',
+        redactionDataDropped: true,
+        originalType: type,
+        originalSessionId: data.sessionId ?? null,
+      };
+      return masked;
+    }
+  }
+
   private record(
     type: EventType, 
     category: EventCategory, 
@@ -218,13 +301,15 @@ export class EventLog {
     const now = new Date();
     const date = this.formatDate(now);
     
+    const redactedData = this.redactEventData(type, data as Record<string, unknown>);
+    
     const entry: EventLogEntry = {
       ts: now.toISOString(),
       date,
       type,
       category,
       sessionId,
-      data: data as Record<string, unknown>,
+      data: redactedData,
     };
     
     this.eventBuffer.push(entry);

package/src/hooks/gate.ts

@@ -339,6 +339,9 @@ export function handleBeforeToolCall(
 
 function _extractParamsSummary(params: Record<string, unknown>): Record<string, unknown> {
   const summary: Record<string, unknown> = {};
+  // NOTE: Do NOT redact here — this feeds into RuleHost.evaluate() which
+  // may match against paramsSummary.command. Redaction happens at
+  // EventLog.record() before persistence.
   if (params.file_path) summary.file_path = params.file_path;
   if (params.path) summary.path = params.path;
   if (params.command) summary.command = params.command;

package/tests/core/event-log.test.ts

@@ -315,4 +315,170 @@ describe('EventLog', () => {
       expect(stats.evolution.rulehostAutoCorrectApplied).toBe(0);
     });
   });
+
+  describe('telemetry redaction', () => {
+    it('redacts lin_api_ token from rulehost_evaluated filePath', () => {
+      const sensitivePath = 'curl -s -H "Authorization: lin_api_TEST_REDACT_ME_1234567890ABCDEF" https://api.linear.app';
+      eventLog.recordRuleHostEvaluated({
+        toolName: 'bash',
+        filePath: sensitivePath,
+        matched: true,
+        decision: 'allow',
+        ruleId: 'r1',
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('lin_api_TEST_REDACT_ME');
+      expect(content).toContain('[REDACTED]');
+    });
+
+    it('redacts Authorization header from tool_call data', () => {
+      eventLog.recordToolCall('s1', {
+        toolName: 'bash',
+        command: 'curl -H "Authorization: Bearer sk-TEST_REDACT_ME_1234567890" https://api.example.com',
+        error: undefined,
+        gfi: 0,
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('sk-TEST_REDACT_ME_1234567890');
+      expect(content).not.toContain('Bearer sk-TEST_REDACT_ME');
+      expect(content).toContain('[REDACTED]');
+    });
+
+    it('redacts ghp_ token from tool_call data', () => {
+      eventLog.recordToolCall('s1', {
+        toolName: 'bash',
+        command: 'ghp_TEST_REDACT_ME_1234567890ABCDEFGHIJKLMN',
+        error: undefined,
+        gfi: 0,
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('ghp_TEST_REDACT_ME');
+      expect(content).toContain('[REDACTED]');
+    });
+
+    it('redacts Bearer token in tool_call data', () => {
+      eventLog.recordToolCall('s1', {
+        toolName: 'bash',
+        command: 'curl -H "Authorization: Bearer TEST_REDACT_ME_TOKEN_1234567890"',
+        error: undefined,
+        gfi: 0,
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('TEST_REDACT_ME_TOKEN');
+      expect(content).toContain('[REDACTED]');
+    });
+
+    it('redacts env assignment in tool_call data', () => {
+      eventLog.recordToolCall('s1', {
+        toolName: 'bash',
+        command: 'LINEAR_API_KEY=lin_api_TEST_REDACT_ME_1234567890ABCDEF curl -s https://api.linear.app',
+        error: undefined,
+        gfi: 0,
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('lin_api_TEST_REDACT_ME');
+      expect(content).toContain('[REDACTED]');
+    });
+
+    it('preserves normal file path in rulehost_evaluated', () => {
+      const normalPath = 'src/app.ts';
+      eventLog.recordRuleHostEvaluated({
+        toolName: 'write',
+        filePath: normalPath,
+        matched: true,
+        decision: 'allow',
+        ruleId: 'r1',
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).toContain(normalPath);
+    });
+
+    it('non-telemetry types are not affected', () => {
+      eventLog.recordPainSignal('s1', {
+        source: 'tool_failure',
+        score: 75,
+        reason: 'normal pain signal',
+      });
+      eventLog.flush();
+
+      const eventsFile = path.join(tempDir, 'logs', 'events_' + new Date().toISOString().slice(0, 10) + '.jsonl');
+      const content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).toContain('normal pain signal');
+    });
+
+    it('redaction failure returns masked payload, not raw secrets', () => {
+      // Contract check: the catch block in redactEventData must NOT return raw data.
+      // This is a static regression test for the ERR-002 fail-safe fix.
+      const eventLogSource = fs.readFileSync(
+        path.resolve(__dirname, '../../src/core/event-log.ts'),
+        'utf-8'
+      );
+      // Find the catch block lines (after '} catch')
+      const afterCatch = eventLogSource.match(/\}[\s\n]*catch[\s\n]*\([^)]*\)[\s\n]*\{([\s\S]*?)\}[\s\n]*(?:private|public|\n)/);
+      // If found, verify it doesn't contain 'return data'
+      if (afterCatch) {
+        expect(afterCatch[1]).not.toMatch(/return\s+data/);
+      }
+      // The catch block must produce a masked result with redactionStatus
+      expect(eventLogSource).toContain('redactionStatus');
+      expect(eventLogSource).toContain('redactionDataDropped');
+      expect(eventLogSource).toContain('redactionReason');
+    });
+
+    it('verifies that EventLog persistence path does not store raw secret and stores masked fallback on redaction failure', () => {
+      // 1. Success case: log a sensitive command
+      eventLog.recordToolCall('s1', {
+        toolName: 'bash',
+        command: 'curl -H "Authorization: Bearer sk-TEST_REDACT_ME_999" https://api.openai.com',
+        error: undefined,
+        gfi: 0,
+      });
+      eventLog.flush();
+
+      const todayStr = new Date().toISOString().slice(0, 10);
+      const eventsFile = path.join(tempDir, 'logs', `events_${todayStr}.jsonl`);
+      let content = fs.readFileSync(eventsFile, 'utf-8');
+      expect(content).not.toContain('sk-TEST_REDACT_ME_999');
+      expect(content).toContain('[REDACTED]');
+
+      // 2. Redaction failure case: use a throwing getter to trigger catch block
+      const badData = {
+        toolName: 'bash',
+        get command(): string {
+          throw new Error('Simulated getter crash');
+        },
+        error: undefined,
+        gfi: 0,
+      };
+
+      eventLog.recordToolCall('s1', badData as any);
+      eventLog.flush();
+
+      content = fs.readFileSync(eventsFile, 'utf-8');
+      // The raw data must not be written, and instead the failure marker is present
+      expect(content).toContain('"redactionFailure":true');
+      expect(content).toContain('"redactionStatus":"failed"');
+      expect(content).toContain('"redaction.status":"failed"');
+      expect(content).toContain('Simulated getter crash');
+    });
+  });
 });
+

package/tests/service/correction-observer-service.test.ts

@@ -65,7 +65,7 @@ vi.mock('@principles/core/runtime-v2', () => {
   };
 });
 
-import { CorrectionObserverService, runCorrectionObserverCycle } from '../../src/service/correction-observer-service.js';
+import { CorrectionObserverService, runCorrectionObserverCycle, resolveCorrectionObserver } from '../../src/service/correction-observer-service.js';
 import { safeRmDir } from '../test-utils.js';
 
 describe('CorrectionObserverService — Independent Service (PRI-293)', () => {
@@ -329,3 +329,51 @@ describe('runCorrectionObserverCycle — Independent Execution', () => {
     }
   });
 });
+
+describe('resolveCorrectionObserver — Configuration Resolution', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it('returns observer when API key env is set with mocked policy', async () => {
+    const workspaceDir = fs.mkdtempSync(path.join(os.tmpdir(), 'pd-corr-resolve-'));
+    const stateDir = path.join(workspaceDir, '.state');
+    fs.mkdirSync(stateDir, { recursive: true });
+
+    process.env.ANTHROPIC_API_KEY = 'test-key';
+
+    const logger = { info: vi.fn(), warn: vi.fn(), error: vi.fn(), debug: vi.fn() };
+
+    try {
+      const wctx = WorkspaceContext.fromHookContext({ workspaceDir });
+      const result = resolveCorrectionObserver(wctx, logger as any);
+
+      // With mocked WorkflowFunnelLoader returning valid policy, should return observer
+      expect(result).not.toBeNull();
+    } finally {
+      delete process.env.ANTHROPIC_API_KEY;
+      safeRmDir(workspaceDir);
+    }
+  });
+
+  it('returns observer when workflows.yaml provides valid policy', async () => {
+    const workspaceDir = fs.mkdtempSync(path.join(os.tmpdir(), 'pd-corr-policy-'));
+    const stateDir = path.join(workspaceDir, '.state');
+    fs.mkdirSync(stateDir, { recursive: true });
+
+    process.env.ANTHROPIC_API_KEY = 'test-key';
+
+    const logger = { info: vi.fn(), warn: vi.fn(), error: vi.fn(), debug: vi.fn() };
+
+    try {
+      const wctx = WorkspaceContext.fromHookContext({ workspaceDir });
+      const result = resolveCorrectionObserver(wctx, logger as any);
+
+      // With mocked WorkflowFunnelLoader returning valid policy, should return observer
+      expect(result).not.toBeNull();
+    } finally {
+      delete process.env.ANTHROPIC_API_KEY;
+      safeRmDir(workspaceDir);
+    }
+  });
+});

package/tests/utils/hook-workspace-resolver.test.ts

@@ -7,6 +7,10 @@ import {
   resolveCanonicalWorkspaceDir,
   resolveHookWorkspaceDir,
   resolveToolHookWorkspaceDirSafe,
+  resolveCommandWorkspaceDir,
+  resolvePluginCommandWorkspaceDir,
+  resolveWorkspaceDirForRuntimeV2,
+  WorkspaceResolutionError,
 } from '../../src/utils/workspace-resolver.js';
 import type { CanonicalWorkspaceResult, HookWorkspaceResolutionResult } from '../../src/utils/workspace-resolver.js';
 
@@ -345,3 +349,176 @@ describe('resolveToolHookWorkspaceDirSafe (backward compat)', () => {
     expect(fullWarn).toContain('principles-disciple.json');
   });
 });
+
+describe('resolveCommandWorkspaceDir — Command Resolution', () => {
+  const originalEnv = { ...process.env };
+  const logger = {
+    error: vi.fn(),
+    warn: vi.fn(),
+    info: vi.fn(),
+    debug: vi.fn(),
+  };
+
+  const api = {
+    runtime: {
+      agent: {
+        resolveAgentWorkspaceDir: vi.fn(),
+      },
+    },
+    config: {},
+    logger,
+  };
+
+  beforeEach(() => {
+    process.env = { ...originalEnv };
+    delete process.env.PD_WORKSPACE_DIR;
+    delete process.env.OPENCLAW_WORKSPACE;
+    vi.clearAllMocks();
+    ensureDir(validWorkspace);
+  });
+
+  afterEach(() => {
+    process.env = { ...originalEnv };
+  });
+
+  it('returns ctx.workspaceDir when valid', () => {
+    const result = resolveCommandWorkspaceDir(api as any, { workspaceDir: validWorkspace });
+    expect(result).toBe(validWorkspace);
+  });
+
+  it('throws when ctx.workspaceDir is home directory', () => {
+    expect(() => resolveCommandWorkspaceDir(api as any, { workspaceDir: homeDir }))
+      .toThrow(/is invalid/);
+    expect(logger.error).toHaveBeenCalledWith(expect.stringContaining('is invalid'));
+  });
+
+  it('throws when ctx.workspaceDir is empty string', () => {
+    expect(() => resolveCommandWorkspaceDir(api as any, { workspaceDir: '' }))
+      .toThrow(/Cannot resolve workspace directory/);
+  });
+
+  it('falls back to API resolution when ctx.workspaceDir is undefined', () => {
+    api.runtime.agent.resolveAgentWorkspaceDir.mockReturnValue(validWorkspace);
+    process.env.OPENCLAW_WORKSPACE = validWorkspace;
+    const result = resolveCommandWorkspaceDir(api as any, {});
+    expect(result).toBe(path.resolve(validWorkspace));
+  });
+
+  it('falls back to PathResolver default when API throws', () => {
+    api.runtime.agent.resolveAgentWorkspaceDir.mockImplementation(() => {
+      throw new Error('API unavailable');
+    });
+    // PathResolver provides default ~/.openclaw/workspace fallback
+    const result = resolveCommandWorkspaceDir(api as any, {});
+    expect(result).toBeDefined();
+    expect(result).toContain('.openclaw');
+  });
+});
+
+describe('resolvePluginCommandWorkspaceDir — Plugin Command Resolution', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    ensureDir(validWorkspace);
+  });
+
+  it('returns ctx.workspaceDir when valid', () => {
+    const ctx = { workspaceDir: validWorkspace, config: {} };
+    const result = resolvePluginCommandWorkspaceDir(ctx as any, 'test-source');
+    expect(result).toBe(validWorkspace);
+  });
+
+  it('throws when ctx.workspaceDir is home directory', () => {
+    const ctx = { workspaceDir: homeDir, config: {} };
+    expect(() => resolvePluginCommandWorkspaceDir(ctx as any, 'test-source'))
+      .toThrow(/is invalid/);
+  });
+
+  it('falls back to ctx.config.workspaceDir when ctx.workspaceDir is undefined', () => {
+    const ctx = { workspaceDir: undefined, config: { workspaceDir: validWorkspace } };
+    const result = resolvePluginCommandWorkspaceDir(ctx as any, 'test-source');
+    expect(result).toBe(validWorkspace);
+  });
+
+  it('throws when both ctx.workspaceDir and ctx.config.workspaceDir are invalid', () => {
+    const ctx = { workspaceDir: homeDir, config: { workspaceDir: homeDir } };
+    expect(() => resolvePluginCommandWorkspaceDir(ctx as any, 'test-source'))
+      .toThrow(/is invalid/);
+  });
+
+  it('throws critical error when no workspaceDir available', () => {
+    const ctx = { workspaceDir: undefined, config: {} };
+    expect(() => resolvePluginCommandWorkspaceDir(ctx as any, 'test-source'))
+      .toThrow(/CRITICAL: workspaceDir is not set/);
+  });
+});
+
+describe('resolveWorkspaceDirForRuntimeV2 — Runtime V2 Resolution', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    ensureDir(validWorkspace);
+  });
+
+  it('returns normalized workspaceDir when valid', () => {
+    const result = resolveWorkspaceDirForRuntimeV2(
+      { workspaceDir: validWorkspace },
+      undefined,
+      'runtime-v2-test',
+    );
+    expect(result).toBe(path.resolve(validWorkspace));
+  });
+
+  it('throws WorkspaceResolutionError when workspaceDir is empty', () => {
+    expect(() => resolveWorkspaceDirForRuntimeV2({ workspaceDir: '' }, undefined, 'test'))
+      .toThrow(WorkspaceResolutionError);
+    
+    try {
+      resolveWorkspaceDirForRuntimeV2({ workspaceDir: '' }, undefined, 'test');
+    } catch (e) {
+      expect((e as WorkspaceResolutionError).reason).toBe('workspace_dir_missing');
+      expect((e as WorkspaceResolutionError).nextAction).toContain('PD_WORKSPACE_DIR');
+    }
+  });
+
+  it('throws WorkspaceResolutionError when workspaceDir is undefined', () => {
+    expect(() => resolveWorkspaceDirForRuntimeV2({}, undefined, 'test'))
+      .toThrow(WorkspaceResolutionError);
+  });
+
+  it('throws WorkspaceResolutionError when workspaceDir is home directory', () => {
+    expect(() => resolveWorkspaceDirForRuntimeV2({ workspaceDir: homeDir }, undefined, 'test'))
+      .toThrow(WorkspaceResolutionError);
+    
+    try {
+      resolveWorkspaceDirForRuntimeV2({ workspaceDir: homeDir }, undefined, 'test');
+    } catch (e) {
+      expect((e as WorkspaceResolutionError).reason).toBe('workspace_dir_invalid');
+    }
+  });
+});
+
+describe('WorkspaceResolutionError — Error Structure', () => {
+  it('has correct name and properties', () => {
+    const error = new WorkspaceResolutionError(
+      'Test message',
+      'test_reason',
+      'Test next action',
+    );
+    expect(error.name).toBe('WorkspaceResolutionError');
+    expect(error.message).toBe('Test message');
+    expect(error.reason).toBe('test_reason');
+    expect(error.nextAction).toBe('Test next action');
+  });
+
+  it('toJSON returns structured failure object', () => {
+    const error = new WorkspaceResolutionError(
+      'Test message',
+      'test_reason',
+      'Test next action',
+    );
+    const json = error.toJSON();
+    expect(json.ok).toBe(false);
+    expect(json.reason).toBe('test_reason');
+    expect(json.message).toBe('Test message');
+    expect(json.nextAction).toBe('Test next action');
+  });
+});