sentinelayer-cli 0.8.10 → 0.8.12

package/src/review/report.js

@@ -62,6 +62,53 @@ function formatConfidence(value) {
   return Math.max(0, Math.min(1, normalized));
 }
 
+function normalizeConfidenceFloor(value) {
+  const normalized = Number(value);
+  if (!Number.isFinite(normalized)) {
+    return 0.7;
+  }
+  return Math.max(0, Math.min(1, normalized));
+}
+
+function confidenceFloorForFinding(finding = {}, {
+  source = "ai",
+  confidenceFloors = {},
+  defaultConfidenceFloor = 0.7,
+} = {}) {
+  const persona = normalizeString(finding.persona || finding.personaId || finding.agentId);
+  const layer = normalizeString(finding.layer);
+  const identity = sourceIdentityForFinding(finding, source);
+  const floor =
+    finding.confidenceFloor ??
+    finding.personaConfidenceFloor ??
+    confidenceFloors[identity] ??
+    confidenceFloors[persona] ??
+    confidenceFloors[layer] ??
+    confidenceFloors[source] ??
+    defaultConfidenceFloor;
+  return normalizeConfidenceFloor(floor);
+}
+
+function sourceIdentityForFinding(finding = {}, source = "ai") {
+  if (source === "deterministic") {
+    return "deterministic";
+  }
+  const persona = normalizeString(
+    finding.persona || finding.personaId || finding.agentId || finding.layer
+  );
+  return `ai:${persona || "generic"}`;
+}
+
+function hasMultiSourceConfirmation(finding = {}) {
+  const confirmationSources = Array.isArray(finding.confirmationSources)
+    ? finding.confirmationSources
+    : [];
+  const sourceIdentities = confirmationSources.length > 0
+    ? confirmationSources
+    : (Array.isArray(finding.sources) ? finding.sources : []);
+  return new Set(sourceIdentities.filter(Boolean)).size >= 2;
+}
+
 function dedupeKeyForFinding(finding = {}) {
   const file = toPosixPath(normalizeString(finding.file) || "unknown");
   const line = Number(finding.line || 1);
@@ -104,13 +151,57 @@ function summarizeFindings(findings = []) {
   };
 }
 
+export function dropBelowConfidence(findings = [], { threshold = 0.7 } = {}) {
+  const defaultThreshold = normalizeConfidenceFloor(threshold);
+  const kept = [];
+  const dropped = [];
+
+  for (const finding of findings || []) {
+    const confidence = formatConfidence(finding.confidence);
+    const confidenceFloor = normalizeConfidenceFloor(
+      finding.confidenceFloor ?? finding.personaConfidenceFloor ?? defaultThreshold
+    );
+    if (!hasMultiSourceConfirmation(finding) && confidence < confidenceFloor) {
+      dropped.push({
+        ...finding,
+        confidence,
+        confidenceFloor,
+        droppedReason: "below_confidence_floor_single_source",
+      });
+      continue;
+    }
+    kept.push({
+      ...finding,
+      confidence,
+      confidenceFloor,
+    });
+  }
+
+  return {
+    findings: kept,
+    dropped,
+    droppedCount: dropped.length,
+    threshold: defaultThreshold,
+  };
+}
+
 export function reconcileReviewFindings({
   deterministicFindings = [],
   aiFindings = [],
+  confidenceFloor = 0.7,
+  defaultConfidenceFloor = confidenceFloor,
+  confidenceFloors = {},
 } = {}) {
   const merged = new Map();
+  const normalizedDefaultConfidenceFloor = normalizeConfidenceFloor(defaultConfidenceFloor);
 
   const addFinding = (finding, source) => {
+    const persona = normalizeString(finding.persona || finding.personaId || finding.agentId);
+    const confidenceFloorForSource = confidenceFloorForFinding(finding, {
+      source,
+      confidenceFloors,
+      defaultConfidenceFloor: normalizedDefaultConfidenceFloor,
+    });
     const normalized = {
       findingId: "",
       severity: normalizeSeverity(finding.severity),
@@ -120,9 +211,12 @@ export function reconcileReviewFindings({
       excerpt: normalizeString(finding.excerpt),
       ruleId: normalizeString(finding.ruleId),
       suggestedFix: normalizeString(finding.suggestedFix),
+      persona,
       layer: normalizeString(finding.layer),
       confidence: source === "deterministic" ? 1 : formatConfidence(finding.confidence),
+      confidenceFloor: confidenceFloorForSource,
       sources: [source],
+      confirmationSources: [sourceIdentityForFinding(finding, source)],
       adjudication: {
         verdict: "pending",
         note: "",
@@ -138,8 +232,25 @@ export function reconcileReviewFindings({
     }
 
     const nextSources = new Set([...(existing.sources || []), source]);
+    const nextConfirmationSources = new Set([
+      ...(existing.confirmationSources || []),
+      ...(normalized.confirmationSources || []),
+    ]);
     const preferred = compareFindingPriority(existing, normalized) <= 0 ? existing : normalized;
     preferred.sources = [...nextSources].sort((left, right) => left.localeCompare(right));
+    preferred.confirmationSources = [...nextConfirmationSources].sort((left, right) =>
+      left.localeCompare(right)
+    );
+    preferred.confidenceFloor = Math.max(
+      normalizeConfidenceFloor(existing.confidenceFloor),
+      normalizeConfidenceFloor(normalized.confidenceFloor)
+    );
+    if (!preferred.persona) {
+      preferred.persona = existing.persona || normalized.persona;
+    }
+    if (!preferred.layer) {
+      preferred.layer = existing.layer || normalized.layer;
+    }
     if (!preferred.excerpt) {
       preferred.excerpt = existing.excerpt || normalized.excerpt;
     }
@@ -159,7 +270,10 @@ export function reconcileReviewFindings({
     addFinding(finding, "ai");
   }
 
-  const findings = [...merged.values()].sort((left, right) => {
+  const confidenceFilter = dropBelowConfidence([...merged.values()], {
+    threshold: normalizedDefaultConfidenceFloor,
+  });
+  const findings = confidenceFilter.findings.sort((left, right) => {
     const severityDelta = SEVERITY_RANK[left.severity] - SEVERITY_RANK[right.severity];
     if (severityDelta !== 0) {
       return severityDelta;
@@ -177,7 +291,13 @@ export function reconcileReviewFindings({
 
   return {
     findings,
-    summary: summarizeFindings(findings),
+    droppedFindings: confidenceFilter.dropped,
+    summary: {
+      ...summarizeFindings(findings),
+      confidenceFloor: confidenceFilter.threshold,
+      droppedBelowConfidence: confidenceFilter.droppedCount,
+      droppedBelowConfidenceSingleSource: confidenceFilter.droppedCount,
+    },
   };
 }
 
@@ -250,6 +370,7 @@ function composeReportMarkdown(report = {}) {
     `- Findings: P0=${report.summary.P0} P1=${report.summary.P1} P2=${report.summary.P2} P3=${report.summary.P3}`,
     `- Blocking: ${report.summary.blocking ? "yes" : "no"}`,
     `- Total findings: ${report.findings.length}`,
+    `- Dropped below confidence floor (single-source): ${report.summary.droppedBelowConfidence || 0}`,
     "",
     "Metadata:",
     `- commit_sha: ${report.metadata.git.commitSha || "unknown"}`,
@@ -280,6 +401,8 @@ export async function buildUnifiedReviewReport({
   deterministic,
   aiLayer = null,
   specFile = "",
+  defaultConfidenceFloor = 0.7,
+  confidenceFloors = {},
 } = {}) {
   const normalizedTargetPath = path.resolve(String(targetPath || "."));
   const normalizedMode = normalizeString(mode) || "full";
@@ -289,6 +412,8 @@ export async function buildUnifiedReviewReport({
   const reconciliation = reconcileReviewFindings({
     deterministicFindings: deterministic?.findings || [],
     aiFindings: aiLayer?.findings || [],
+    defaultConfidenceFloor,
+    confidenceFloors,
   });
   const spec = await resolveSpecMetadata(normalizedTargetPath, specFile);
   const commitSha = runGit(normalizedTargetPath, ["rev-parse", "HEAD"]);
@@ -303,6 +428,7 @@ export async function buildUnifiedReviewReport({
     mode: normalizedMode,
     summary: reconciliation.summary,
     findings: reconciliation.findings,
+    droppedFindings: reconciliation.droppedFindings,
     severityMatrix: buildSeverityMatrix(),
     metadata: {
       git: {

package/src/session/agent-registry.js

@@ -180,6 +180,62 @@ export function generateAgentId(modelName) {
   return `${prefix}-${suffix}`;
 }
 
+// In-process registry of agents registered by *this* CLI process. The
+// dashboard treats any participant without a terminal agent_leave /
+// agent_killed / session_killed event as "active". When a CLI exits via
+// SIGINT/SIGTERM/crash without explicitly leaving, the dashboard shows
+// "Last activity: 15h ago — active" indefinitely. This registry lets a
+// single process-wide exit hook flush leave events for every agent it
+// owns so the participant roster stays honest.
+const _localAgents = new Map(); // key: `${sessionId}::${agentId}` -> { sessionId, agentId, targetPath }
+let _exitHooksInstalled = false;
+
+function _agentKey(sessionId, agentId) {
+  return `${sessionId}::${agentId}`;
+}
+
+function _trackLocalAgent(sessionId, agentId, targetPath) {
+  _localAgents.set(_agentKey(sessionId, agentId), { sessionId, agentId, targetPath });
+  _ensureExitHooksInstalled();
+}
+
+function _untrackLocalAgent(sessionId, agentId) {
+  _localAgents.delete(_agentKey(sessionId, agentId));
+}
+
+async function _emitLeaveForAllLocalAgents(reason) {
+  const entries = [..._localAgents.values()];
+  _localAgents.clear();
+  for (const entry of entries) {
+    try {
+      await emitAgentEvent(
+        entry.sessionId,
+        "agent_leave",
+        { agentId: entry.agentId, reason, model: "unknown", role: "participant" },
+        { targetPath: entry.targetPath },
+      );
+    } catch {
+      // Best-effort: a stuck filesystem or network shouldn't block exit.
+    }
+  }
+}
+
+function _ensureExitHooksInstalled() {
+  if (_exitHooksInstalled) return;
+  _exitHooksInstalled = true;
+  const onSignal = (signal) => {
+    void _emitLeaveForAllLocalAgents("manual").finally(() => {
+      process.removeListener(signal, onSignal);
+      process.kill(process.pid, signal);
+    });
+  };
+  process.on("SIGINT", onSignal);
+  process.on("SIGTERM", onSignal);
+  process.on("beforeExit", () => {
+    void _emitLeaveForAllLocalAgents("manual");
+  });
+}
+
 export async function registerAgent(
   sessionId,
   { agentId = "", model = "", role = "observer", targetPath = process.cwd() } = {}
@@ -234,6 +290,7 @@ export async function registerAgent(
     role: snapshot.role,
     status: snapshot.status,
   }, { targetPath });
+  _trackLocalAgent(paths.sessionId, snapshot.agentId, targetPath);
 
   if (renamedFrom) {
     const welcome = buildSentiWelcome({
@@ -347,6 +404,8 @@ export async function unregisterAgent(
     role: snapshot.role,
     model: snapshot.model,
   }, { targetPath });
+  // Already left explicitly — don't double-emit on process exit.
+  _untrackLocalAgent(paths.sessionId, snapshot.agentId);
 
   return {
     ...snapshot,

package/src/session/senti-naming.js

@@ -129,6 +129,42 @@ export function isAnonymousAgent(agent = {}) {
   return idAnonymous || modelAnonymous;
 }
 
+/**
+ * Derive a deterministic session title from a workspace path + clock.
+ *
+ * Carter's complaint: every CLI invocation minted an unnamed session, so the
+ * web sidebar filled with hundreds of "<null>" rows that all looked like the
+ * same chat re-created. The fix: when the caller doesn't pass `--title`, give
+ * the session a stable label based on the codebase basename + today's date in
+ * UTC, e.g. `create-sentinelayer-2026-04-28`.
+ *
+ * - Basename only (we never leak the absolute path).
+ * - Sanitized to `[a-z0-9-]` so the title is URL-safe + dashboard-friendly.
+ * - Date is UTC ISO short form (YYYY-MM-DD) for reproducibility regardless of
+ *   the host timezone.
+ * - Falls back to `session-<date>` if the path has no usable basename.
+ *
+ * @param {string} targetPath
+ * @param {{now?: Date}} [options]
+ * @returns {string}
+ */
+export function deriveSessionTitle(targetPath, { now = new Date() } = {}) {
+  const raw = String(targetPath || "").trim();
+  // Use forward slashes consistently — Windows paths come through with
+  // backslashes from path.resolve. We don't import the `path` module here
+  // to keep this function pure + cheap to test.
+  const last = raw.split(/[/\\]+/).filter(Boolean).pop() || "";
+  const slug = last
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, "-")
+    .replace(/^-+|-+$/g, "")
+    .slice(0, 60);
+  const stamp = (now instanceof Date && !Number.isNaN(now.getTime()) ? now : new Date())
+    .toISOString()
+    .slice(0, 10);
+  return slug ? `${slug}-${stamp}` : `session-${stamp}`;
+}
+
 /**
  * Build the payload Senti emits as `agent_identified` when it has
  * stepped in to name a participant. Consumers (CLI / web) render it

package/src/session/sync.js

@@ -407,6 +407,17 @@ export async function syncSessionEventToApi(
     return { synced: false, reason: "invalid_input" };
   }
 
+  // Test-fixture leak guard. Tests in this repo (and downstream consumers)
+  // create + tear down sessions using a temp workspace; on a developer
+  // machine those calls inherit the user's stored auth and silently posted
+  // hundreds of orphan rooms to prod (Carter saw ~200 "<null>" sessions).
+  // Honoring SENTINELAYER_SKIP_REMOTE_SYNC=1 keeps everything local while
+  // still exercising the appendToStream + agent_join code paths the tests
+  // care about. Local NDJSON durability is unaffected.
+  if (String(process.env.SENTINELAYER_SKIP_REMOTE_SYNC || "").trim() === "1") {
+    return { synced: false, reason: "remote_sync_disabled_env" };
+  }
+
   const normalizedNowMs = Number(nowMs()) || Date.now();
   if (isCircuitOpen(outboundCircuit, normalizedNowMs)) {
     return { synced: false, reason: "circuit_breaker_open" };
@@ -501,6 +512,13 @@ async function syncSessionAuxPayload(
     return { synced: false, reason: "invalid_input" };
   }
 
+  // Same test-fixture leak guard as syncSessionEventToApi — keep parity
+  // so neither the event channel nor the metadata/error channels can
+  // exfiltrate a test session into prod when the env flag is set.
+  if (String(process.env.SENTINELAYER_SKIP_REMOTE_SYNC || "").trim() === "1") {
+    return { synced: false, reason: "remote_sync_disabled_env" };
+  }
+
   const normalizedNowMs = Number(nowMs()) || Date.now();
   if (isCircuitOpen(outboundCircuit, normalizedNowMs)) {
     return { synced: false, reason: "circuit_breaker_open" };
@@ -1034,6 +1052,11 @@ export function resetSessionSyncStateForTests() {
   inboundCircuit.openedAtMs = 0;
   sessionIngestWindowBySessionId.clear();
   humanRelayWindowBySessionId.clear();
+  // Tests that exercise the network path explicitly need the
+  // SENTINELAYER_SKIP_REMOTE_SYNC guard off — otherwise the function
+  // short-circuits before the mocked fetchImpl is ever called. Tests that
+  // want the guard on can re-set the env after resetting.
+  delete process.env.SENTINELAYER_SKIP_REMOTE_SYNC;
 }
 
 export {