sneakoscope 0.3.0

package/src/core/no-question-guard.mjs

@@ -0,0 +1,53 @@
+export const QUESTION_PATTERNS = [
+  /\?/,
+  /어떻게\s*할까요/i,
+  /확인해\s*주세요/i,
+  /선택해\s*주세요/i,
+  /알려\s*주세요/i,
+  /답변(?:이|을)?\s*필요/i,
+  /사용자.*(?:결정|입력|확인|답변)/i,
+  /진행해도\s*될까요/i,
+  /원하시나요/i,
+  /please\s+confirm/i,
+  /would\s+you\s+like/i,
+  /should\s+i/i,
+  /need\s+your\s+(input|confirmation|decision)/i,
+  /which\s+option\s+do\s+you\s+prefer/i
+];
+
+export function containsUserQuestion(text = '') {
+  if (!text) return false;
+  return QUESTION_PATTERNS.some((p) => p.test(text));
+}
+
+export function noQuestionContinuationReason() {
+  return [
+    'RALPH_NO_QUESTION_LOCK is active.',
+    'Do not ask the user, do not request confirmation, and do not present choices.',
+    'Resolve using decision-contract.json: seed contract → explicit user answers → approved defaults → AGENTS.md → current code/tests → smallest reversible change → defer optional scope.',
+    'If a risky required path has no safe resolution, complete the safe core scope and record limitation in done-gate.json; do not ask the user mid-loop.',
+    'Continue the Ralph loop.'
+  ].join(' ');
+}
+
+export function interactiveCommandReason(command = '') {
+  return `Interactive or approval-seeking command is forbidden during Ralph no-question mode: ${command}`;
+}
+
+export function looksInteractiveCommand(command = '') {
+  const patterns = [
+    /(^|\s)read\s+-?p?\b/i,
+    /(^|\s)select\s+/i,
+    /(^|\s)sudo\b/i,
+    /git\s+rebase\s+-i/i,
+    /(^|\s)(npm|pnpm|yarn)\s+init\b/i,
+    /(^|\s)(npm|pnpm|yarn)\s+create\b/i,
+    /(^|\s)ssh\b/i,
+    /mysql\b.*\s-p(\s|$)/i,
+    /psql\b.*\s-W(\s|$)/i,
+    /(^|\s)rm\s+-i\b/i,
+    /(^|\s)mv\s+-i\b/i,
+    /(^|\s)cp\s+-i\b/i
+  ];
+  return patterns.some((p) => p.test(command));
+}

package/src/core/questions.mjs

@@ -0,0 +1,99 @@
+import path from 'node:path';
+import { writeJsonAtomic, writeTextAtomic } from './fsx.mjs';
+
+export function buildQuestionSchema(prompt) {
+  const lower = prompt.toLowerCase();
+  const domainHints = [];
+  if (/결제|payment|billing|invoice|checkout|order/.test(lower)) domainHints.push('payment');
+  if (/로그인|auth|session|token|인증/.test(lower)) domainHints.push('auth');
+  if (/ui|ux|화면|버튼|modal|모달|디자인/.test(lower)) domainHints.push('uiux');
+  if (/db|database|schema|migration|테이블|마이그레이션|supabase|postgres|sql|mcp/.test(lower)) domainHints.push('db');
+  const slots = [
+    { id: 'GOAL_PRECISE', question: '이번 작업의 최종 목표를 한 문장으로 정확히 정의해주세요.', required: true, type: 'string' },
+    { id: 'ACCEPTANCE_CRITERIA', question: '완료 기준을 항목으로 적어주세요. 최소 2개 이상 권장합니다.', required: true, type: 'array_or_string' },
+    { id: 'NON_GOALS', question: '이번 작업에서 제외할 범위가 있나요? 없으면 빈 배열로 답해주세요.', required: true, type: 'array_or_string' },
+    { id: 'PUBLIC_API_CHANGE_ALLOWED', question: 'public API 또는 외부 계약 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes'] },
+    { id: 'DB_SCHEMA_CHANGE_ALLOWED', question: 'DB schema 또는 migration 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes_with_migration'] },
+    { id: 'DEPENDENCY_CHANGE_ALLOWED', question: '새 dependency 추가를 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_already_approved', 'yes'] },
+    { id: 'TEST_SCOPE', question: 'Ralph가 완료 전 실행 또는 정당화해야 할 테스트 범위를 지정해주세요.', required: true, type: 'array_or_string', examples: ['unit', 'integration', 'e2e', 'lint', 'typecheck'] },
+    { id: 'MID_RALPH_UNKNOWN_POLICY', question: 'Ralph 중 새 모호성이 생기면 사용자에게 묻지 않고 어떤 fallback 순서로 해결할까요?', required: true, type: 'array', options: ['preserve_existing_behavior', 'smallest_reversible_change', 'defer_optional_scope', 'block_only_if_no_safe_path'] },
+    { id: 'RISK_BOUNDARY', question: '보안, 결제, 데이터 손상, 권한, 인증 등 절대 넘으면 안 되는 위험 경계를 적어주세요.', required: true, type: 'array_or_string' },
+
+    { id: 'DATABASE_TARGET_ENVIRONMENT', question: 'DB 관련 작업의 대상 환경을 지정해주세요. production write는 Sneakoscope Codex가 허용하지 않습니다.', required: true, type: 'enum', options: ['no_database', 'local_dev', 'preview_branch', 'supabase_branch', 'production_read_only'] },
+    { id: 'DATABASE_WRITE_MODE', question: 'DB 쓰기 정책을 선택해주세요. Supabase/Postgres MCP live write는 기본 차단됩니다.', required: true, type: 'enum', options: ['read_only_only', 'migration_files_only', 'non_destructive_writes_to_local_or_branch_only'] },
+    { id: 'SUPABASE_MCP_POLICY', question: 'Supabase MCP를 사용한다면 어떤 안전 정책을 적용할까요?', required: true, type: 'enum', options: ['not_used', 'read_only_project_scoped_only', 'branch_only_no_live_writes'] },
+    { id: 'DESTRUCTIVE_DB_OPERATIONS_ALLOWED', question: 'DROP/TRUNCATE/DB reset/mass DELETE/branch reset/project delete 같은 파괴적 DB 작업을 허용하나요? Sneakoscope Codex는 never만 허용합니다.', required: true, type: 'enum', options: ['never'] },
+    { id: 'DB_BACKUP_OR_BRANCH_REQUIRED', question: 'DB 쓰기가 필요한 경우 local/preview branch 또는 백업이 있어야만 진행하도록 할까요?', required: true, type: 'enum', options: ['yes_for_any_write'] },
+    { id: 'DB_MAX_BLAST_RADIUS', question: 'DML이 꼭 필요한 경우 허용 가능한 최대 영향 범위를 적어주세요. 기본 권장값은 no_live_dml입니다.', required: true, type: 'string' }
+  ];
+  if (domainHints.includes('payment')) {
+    slots.push(
+      { id: 'PAYMENT_SUCCESS_INVARIANT', question: '이미 성공 처리된 결제에 대해서는 어떤 invariant를 보존해야 하나요?', required: true, type: 'string' },
+      { id: 'PAYMENT_RETRY_POLICY', question: '재시도 횟수, backoff, 실패 최종 상태 정책을 지정해주세요.', required: true, type: 'string' }
+    );
+  }
+  if (domainHints.includes('auth')) {
+    slots.push(
+      { id: 'AUTH_SESSION_EXPIRED_BEHAVIOR', question: '세션/토큰 만료 시 사용자가 보게 될 UX 또는 API 동작을 지정해주세요.', required: true, type: 'string' },
+      { id: 'AUTH_PROTOCOL_CHANGE_ALLOWED', question: '인증 프로토콜 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes'] }
+    );
+  }
+  if (domainHints.includes('uiux')) {
+    slots.push(
+      { id: 'UI_STATE_BEHAVIOR', question: '로딩, 에러, 빈 상태, 재시도 등 UI 상태별 기대 동작을 지정해주세요.', required: true, type: 'string' },
+      { id: 'VISUAL_REGRESSION_REQUIRED', question: '스크린샷/시각 검증이 필요한가요?', required: true, type: 'enum', options: ['no', 'yes_if_available', 'yes'] }
+    );
+  }
+  if (domainHints.includes('db')) {
+    slots.push(
+      { id: 'DB_MIGRATION_APPLY_ALLOWED', question: 'migration 적용이 필요할 경우 어디까지 허용하나요?', required: true, type: 'enum', options: ['no', 'local_only', 'preview_branch_only'] },
+      { id: 'DB_READ_ONLY_QUERY_LIMIT', question: 'MCP/SQL read-only 조회 시 기본 LIMIT를 몇으로 둘까요?', required: true, type: 'string' }
+    );
+  }
+  return {
+    schema_version: 1,
+    description: 'All required slots must be answered before Ralph can run. Ralph never asks the user after the contract is sealed. Database destructive operations are never permitted.',
+    prompt,
+    domain_hints: domainHints,
+    slots
+  };
+}
+
+export function questionsMarkdown(schema) {
+  const lines = [];
+  lines.push('# Sneakoscope Codex Ralph Prepare Questions');
+  lines.push('');
+  lines.push('Ralph는 이 질문들에 모두 답변하고 Decision Contract가 봉인된 뒤에만 실행됩니다.');
+  lines.push('Ralph 실행 중에는 사용자에게 절대 질문하지 않습니다.');
+  lines.push('DB 작업은 특히 안전 게이트가 적용됩니다. 파괴적 DB 작업은 절대 허용되지 않습니다.');
+  lines.push('');
+  for (let i = 0; i < schema.slots.length; i++) {
+    const s = schema.slots[i];
+    lines.push(`## ${i + 1}. ${s.id}`);
+    lines.push('');
+    lines.push(s.question);
+    if (s.options) lines.push(`- options: ${s.options.join(', ')}`);
+    if (s.examples) lines.push(`- examples: ${s.examples.join(', ')}`);
+    lines.push(`- required: ${s.required}`);
+    lines.push(`- type: ${s.type}`);
+    lines.push('');
+  }
+  lines.push('## answers.json template');
+  lines.push('');
+  lines.push('```json');
+  const example = {};
+  for (const s of schema.slots) {
+    if (s.type === 'array' || s.type === 'array_or_string') example[s.id] = s.options ? [s.options[0]] : [];
+    else if (s.options) example[s.id] = s.options[0];
+    else example[s.id] = s.id === 'DB_MAX_BLAST_RADIUS' ? 'no_live_dml' : '';
+  }
+  lines.push(JSON.stringify(example, null, 2));
+  lines.push('```');
+  lines.push('');
+  return `${lines.join('\n')}\n`;
+}
+
+export async function writeQuestions(dir, schema) {
+  await writeJsonAtomic(path.join(dir, 'required-answers.schema.json'), schema);
+  await writeTextAtomic(path.join(dir, 'questions.md'), questionsMarkdown(schema));
+}

package/src/core/retention.mjs

@@ -0,0 +1,140 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { exists, readJson, writeJsonAtomic, ensureDir, dirSize, fileSize, formatBytes, rmrf, nowIso, appendJsonlBounded, listFilesRecursive } from './fsx.mjs';
+
+export const DEFAULT_RETENTION_POLICY = Object.freeze({
+  schema_version: 1,
+  max_missions: 30,
+  max_mission_age_days: 14,
+  max_sneakoscope_bytes: 256 * 1024 * 1024,
+  max_mission_bytes: 64 * 1024 * 1024,
+  max_event_log_bytes: 5 * 1024 * 1024,
+  max_tmp_age_hours: 2,
+  keep_last_cycles_per_mission: 3,
+  run_gc_after_each_cycle: true
+});
+
+export async function ensureRetentionPolicy(root) {
+  const p = path.join(root, '.sneakoscope', 'policy.json');
+  if (!(await exists(p))) await writeJsonAtomic(p, { retention: DEFAULT_RETENTION_POLICY });
+  return p;
+}
+
+export async function loadRetentionPolicy(root) {
+  const p = path.join(root, '.sneakoscope', 'policy.json');
+  const data = await readJson(p, {});
+  return { ...DEFAULT_RETENTION_POLICY, ...(data.retention || data || {}) };
+}
+
+export async function storageReport(root) {
+  const sks = path.join(root, '.sneakoscope');
+  const report = { root, exists: await exists(sks), generated_at: nowIso(), sections: {}, total_bytes: 0 };
+  if (!report.exists) return report;
+  for (const name of ['missions', 'memory', 'gx', 'hproof', 'tmp', 'arenas', 'state', 'model', 'genome', 'trajectories', 'locks', 'reports']) {
+    const p = path.join(sks, name);
+    const bytes = await dirSize(p).catch(() => 0);
+    report.sections[name] = { bytes, human: formatBytes(bytes) };
+    report.total_bytes += bytes;
+  }
+  report.total_human = formatBytes(report.total_bytes);
+  return report;
+}
+
+async function listMissionDirs(root) {
+  const base = path.join(root, '.sneakoscope', 'missions');
+  if (!(await exists(base))) return [];
+  const entries = await fs.readdir(base, { withFileTypes: true });
+  const out = [];
+  for (const e of entries) {
+    if (!e.isDirectory() || !e.name.startsWith('M-')) continue;
+    const p = path.join(base, e.name);
+    const st = await fs.stat(p).catch(() => null);
+    if (st) out.push({ id: e.name, path: p, mtimeMs: st.mtimeMs, size: await dirSize(p).catch(() => 0) });
+  }
+  return out.sort((a, b) => b.mtimeMs - a.mtimeMs);
+}
+
+async function pruneTmp(root, policy, dryRun, actions) {
+  const tmp = path.join(root, '.sneakoscope', 'tmp');
+  if (!(await exists(tmp))) return;
+  const now = Date.now();
+  const maxAge = policy.max_tmp_age_hours * 60 * 60 * 1000;
+  const entries = await fs.readdir(tmp, { withFileTypes: true }).catch(() => []);
+  for (const e of entries) {
+    const p = path.join(tmp, e.name);
+    const st = await fs.stat(p).catch(() => null);
+    if (!st) continue;
+    if (now - st.mtimeMs > maxAge) {
+      actions.push({ action: 'remove_tmp', path: p, bytes: e.isDirectory() ? await dirSize(p).catch(() => 0) : st.size });
+      if (!dryRun) await rmrf(p);
+    }
+  }
+}
+
+async function pruneOldMissions(root, policy, dryRun, actions) {
+  const missions = await listMissionDirs(root);
+  const now = Date.now();
+  const maxAge = policy.max_mission_age_days * 24 * 60 * 60 * 1000;
+  for (let i = 0; i < missions.length; i++) {
+    const m = missions[i];
+    const tooMany = i >= policy.max_missions;
+    const tooOld = now - m.mtimeMs > maxAge;
+    if (tooMany || tooOld) {
+      actions.push({ action: 'remove_mission', mission: m.id, path: m.path, bytes: m.size, reason: tooMany ? 'max_missions' : 'max_age' });
+      if (!dryRun) await rmrf(m.path);
+    }
+  }
+}
+
+async function compactMission(mission, policy, dryRun, actions) {
+  if (mission.size <= policy.max_mission_bytes) return;
+  const ralph = path.join(mission.path, 'ralph');
+  if (await exists(ralph)) {
+    const entries = await fs.readdir(ralph, { withFileTypes: true }).catch(() => []);
+    const dirs = [];
+    for (const e of entries) {
+      if (!e.isDirectory() || !/^cycle-\d+$/.test(e.name)) continue;
+      const n = Number(e.name.replace('cycle-', ''));
+      const p = path.join(ralph, e.name);
+      dirs.push({ n, path: p, bytes: await dirSize(p).catch(() => 0) });
+    }
+    dirs.sort((a, b) => b.n - a.n);
+    for (const d of dirs.slice(policy.keep_last_cycles_per_mission)) {
+      actions.push({ action: 'remove_old_cycle_dir', mission: mission.id, path: d.path, bytes: d.bytes });
+      if (!dryRun) await rmrf(d.path);
+    }
+  }
+  const arena = path.join(mission.path, 'arenas');
+  if (await exists(arena)) {
+    const bytes = await dirSize(arena).catch(() => 0);
+    if (bytes > 0) {
+      actions.push({ action: 'remove_mission_arenas', mission: mission.id, path: arena, bytes });
+      if (!dryRun) await rmrf(arena);
+    }
+  }
+}
+
+async function rotateLargeJsonl(root, policy, dryRun, actions) {
+  const files = await listFilesRecursive(path.join(root, '.sneakoscope'), { maxFiles: 100000 }).catch(() => []);
+  for (const f of files) {
+    if (!f.endsWith('.jsonl')) continue;
+    const size = await fileSize(f);
+    if (size <= policy.max_event_log_bytes) continue;
+    actions.push({ action: 'rotate_jsonl', path: f, bytes: size, keep_bytes: Math.floor(policy.max_event_log_bytes / 2) });
+    if (!dryRun) await appendJsonlBounded(f, { ts: nowIso(), type: 'gc.rotate_requested' }, policy.max_event_log_bytes);
+  }
+}
+
+export async function enforceRetention(root, opts = {}) {
+  const policy = { ...(await loadRetentionPolicy(root)), ...(opts.policy || {}) };
+  const dryRun = Boolean(opts.dryRun);
+  const actions = [];
+  await ensureDir(path.join(root, '.sneakoscope', 'reports'));
+  await pruneTmp(root, policy, dryRun, actions);
+  await pruneOldMissions(root, policy, dryRun, actions);
+  for (const m of await listMissionDirs(root)) await compactMission(m, policy, dryRun, actions);
+  await rotateLargeJsonl(root, policy, dryRun, actions);
+  const report = await storageReport(root);
+  if (!dryRun) await writeJsonAtomic(path.join(root, '.sneakoscope', 'reports', 'storage.json'), report);
+  return { dryRun, policy, actions, report };
+}

package/src/core/rust-accelerator.mjs

@@ -0,0 +1,19 @@
+import path from 'node:path';
+import { exists, packageRoot, runProcess, which } from './fsx.mjs';
+
+export async function findRustAccelerator() {
+  const env = process.env.SKS_RS_BIN || process.env.DCODEX_RS_BIN;
+  if (env && await exists(env)) return env;
+  const global = await which(process.platform === 'win32' ? 'sks-rs.exe' : 'sks-rs');
+  if (global) return global;
+  const candidate = path.join(packageRoot(), 'crates', 'sks-core', 'target', 'release', process.platform === 'win32' ? 'sks-rs.exe' : 'sks-rs');
+  if (await exists(candidate)) return candidate;
+  return null;
+}
+
+export async function rustInfo() {
+  const bin = await findRustAccelerator();
+  if (!bin) return { available: false };
+  const result = await runProcess(bin, ['--version'], { timeoutMs: 3000, maxOutputBytes: 20_000 });
+  return { available: result.code === 0, bin, version: `${result.stdout}${result.stderr}`.trim() };
+}

package/src/core/triwiki-attention.mjs

@@ -0,0 +1,68 @@
+const TAU = 2 * Math.PI;
+
+export function clamp01(x) { return Math.max(0, Math.min(1, Number.isFinite(x) ? x : 0)); }
+export function wave(theta, phi) { return 0.5 + 0.5 * Math.cos(theta - phi); }
+
+export function trigScore(missionCoord = {}, claimCoord = {}) {
+  const domainDelta = (missionCoord.domainAngle || 0) - (claimCoord.domainAngle || 0);
+  const layerDelta = (missionCoord.layerRadius || 0) - (claimCoord.layerRadius || 0);
+  const phaseDelta = (missionCoord.phase || 0) - (claimCoord.phase || 0);
+  return (
+    0.45 * wave(domainDelta, 0) +
+    0.25 * wave(layerDelta * 0.7, 0) +
+    0.30 * wave(phaseDelta, 0)
+  );
+}
+
+export function claimScore(mission, claim) {
+  const support = { supported: 1, weak: 0.55, unknown: 0.2, unsupported: -1, conflicted: -2, stale: 0.05 }[claim.status || 'unknown'] ?? 0;
+  const authority = { code: 1, test: 0.95, contract: 0.9, vgraph: 0.8, beta: 0.7, wiki: 0.55, visual_parse: 0.45, model: -0.5 }[claim.authority || 'wiki'] ?? 0.5;
+  const risk = { low: 0.1, medium: 0.35, high: 0.75, critical: 1 }[claim.risk || 'medium'] ?? 0.35;
+  const freshness = { fresh: 1, unknown: 0.35, stale: -0.6 }[claim.freshness || 'unknown'] ?? 0.35;
+  const tokenCost = Math.max(1, claim.tokenCost || String(claim.text || '').length / 4);
+  const r = Number.isFinite(claim.concentration) ? claim.concentration : 0.75;
+  const normCompensation = (1 - clamp01(r)) * Math.log1p(claim.evidence_count || 0) * 0.12;
+  return trigScore(mission.coord, claim.coord) + support + authority + 0.3 * risk + 0.4 * freshness + normCompensation - 0.01 * tokenCost;
+}
+
+function topKByScore(items, k) {
+  if (k <= 0) return [];
+  const top = [];
+  for (const item of items) {
+    if (top.length < k) {
+      top.push(item);
+      if (top.length === k) top.sort((a, b) => a.score - b.score);
+      continue;
+    }
+    if (item.score > top[0].score) {
+      top[0] = item;
+      top.sort((a, b) => a.score - b.score);
+    }
+  }
+  return top.sort((a, b) => b.score - a.score);
+}
+
+export function selectClaims(mission, claims, budget = {}) {
+  const maxClaims = Math.max(0, budget.maxClaims ?? 12);
+  const scored = (claims || []).map((claim) => ({ claim, score: claimScore(mission, claim) }));
+  return topKByScore(scored, maxClaims).map((x) => ({ ...x.claim, triwiki_score: Number(x.score.toFixed(4)) }));
+}
+
+export function geometricOffsets(max = 65536) {
+  const out = [];
+  for (let x = 1; x <= max; x *= 2) out.push(x);
+  return out;
+}
+
+export function contextCapsule({ mission, role = 'worker', contractHash = null, claims = [], q4 = {}, q3 = [] }) {
+  const selected = selectClaims(mission, claims, { maxClaims: role.includes('verifier') ? 16 : 10 });
+  return {
+    mission: mission.id,
+    role,
+    contract_hash: contractHash,
+    token_policy: 'Q4_Q3_DEFAULT_Q2_ON_DEMAND_Q1_FOR_VERIFICATION_ONLY',
+    q4,
+    q3,
+    claims: selected.map((c) => ({ id: c.id, text: c.text, status: c.status, risk: c.risk, source: c.source, score: c.triwiki_score }))
+  };
+}