sneakoscope 2.0.13 → 2.0.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -3
- package/crates/sks-core/Cargo.lock +1 -1
- package/crates/sks-core/Cargo.toml +1 -1
- package/crates/sks-core/src/main.rs +1 -1
- package/dist/.sks-build-stamp.json +4 -4
- package/dist/bin/sks.js +1 -1
- package/dist/cli/command-registry.js +1 -0
- package/dist/commands/mad-db.js +5 -0
- package/dist/commands/zellij-slot-pane.js +3 -1
- package/dist/core/agents/agent-orchestrator.js +11 -4
- package/dist/core/agents/agent-output-validator.js +1 -1
- package/dist/core/agents/agent-plan.js +3 -2
- package/dist/core/agents/native-cli-session-swarm.js +118 -0
- package/dist/core/agents/native-cli-worker.js +85 -0
- package/dist/core/codex-control/codex-fake-sdk-adapter.js +3 -3
- package/dist/core/codex-control/gpt-final-review-schema.js +61 -14
- package/dist/core/commands/basic-cli.js +1 -1
- package/dist/core/commands/command-suggestions.js +1 -1
- package/dist/core/commands/mad-db-command.js +106 -0
- package/dist/core/commands/mad-sks-command.js +50 -13
- package/dist/core/commands/naruto-command.js +82 -1
- package/dist/core/commands/research-command.js +83 -17
- package/dist/core/commands/team-command.js +25 -1
- package/dist/core/db-safety.js +26 -0
- package/dist/core/fsx.js +1 -1
- package/dist/core/mad-db/mad-db-capability.js +84 -0
- package/dist/core/mad-db/mad-db-ledger.js +17 -0
- package/dist/core/mad-db/mad-db-policy-resolver.js +46 -0
- package/dist/core/naruto/naruto-real-worker-child.js +11 -3
- package/dist/core/naruto/naruto-real-worker-runtime.js +4 -0
- package/dist/core/pipeline/final-gpt-patch-stage.js +20 -3
- package/dist/core/pipeline-internals/runtime-core.js +74 -8
- package/dist/core/pipeline-internals/runtime-gates.js +44 -0
- package/dist/core/proof/route-proof-gate.js +5 -3
- package/dist/core/proof/route-proof-policy.js +9 -1
- package/dist/core/release/release-gate-affected-selector.js +113 -0
- package/dist/core/release/release-gate-batch-runner.js +67 -0
- package/dist/core/release/release-gate-dag.js +22 -3
- package/dist/core/release/release-gate-resource-governor.js +23 -11
- package/dist/core/research/implementation-blueprint-densifier.js +124 -0
- package/dist/core/research/implementation-blueprint-markdown.js +1 -1
- package/dist/core/research/implementation-blueprint.js +68 -7
- package/dist/core/research/research-claim-builder.js +114 -0
- package/dist/core/research/research-cycle-runner.js +115 -11
- package/dist/core/research/research-final-reviewer.js +181 -1
- package/dist/core/research/research-handoff.js +69 -5
- package/dist/core/research/research-realistic-report.js +162 -0
- package/dist/core/research/research-repetition-detector.js +75 -0
- package/dist/core/research/research-report-quality.js +27 -5
- package/dist/core/research/research-source-ledger-merge.js +186 -0
- package/dist/core/research/research-source-shards.js +176 -0
- package/dist/core/research/research-stage-runner.js +537 -11
- package/dist/core/research/research-synthesis-prompt.js +52 -0
- package/dist/core/research/research-synthesis-writer.js +208 -0
- package/dist/core/research/research-work-graph.js +114 -23
- package/dist/core/research.js +72 -48
- package/dist/core/routes.js +23 -19
- package/dist/core/update/update-notice.js +120 -0
- package/dist/core/version.js +1 -1
- package/dist/core/zellij/zellij-dashboard-renderer.js +2 -0
- package/dist/core/zellij/zellij-slot-column-anchor.js +35 -1
- package/dist/core/zellij/zellij-slot-pane-renderer.js +57 -0
- package/dist/core/zellij/zellij-slot-telemetry.js +182 -0
- package/dist/scripts/release-gate-dag-runner.js +5 -0
- package/dist/scripts/release-speed-summary.js +25 -0
- package/package.json +67 -5
- package/schemas/codex/agent-result.schema.json +1 -1
- package/schemas/mad-db/mad-db-capability.schema.json +31 -0
- package/schemas/mad-db/mad-db-ledger.schema.json +14 -0
- package/schemas/research/implementation-blueprint.schema.json +6 -1
- package/schemas/research/research-final-review.schema.json +10 -0
- package/schemas/research/research-source-shard.schema.json +46 -0
- package/schemas/research/research-synthesis-output.schema.json +62 -0
- package/schemas/update/update-notice.schema.json +19 -0
- package/schemas/zellij/zellij-slot-telemetry.schema.json +89 -0
- package/dist/build-manifest.json +0 -1184
- package/dist/scripts/agent-ast-aware-work-graph-check.js +0 -25
- package/dist/scripts/agent-backfill-replenishment-check.js +0 -13
- package/dist/scripts/agent-backfill-route-blackbox.js +0 -5
- package/dist/scripts/agent-background-terminals-check.js +0 -16
- package/dist/scripts/agent-cleanup-command-ux-check.js +0 -12
- package/dist/scripts/agent-cleanup-executor-check.js +0 -53
- package/dist/scripts/agent-cleanup-executor-v2-check.js +0 -39
- package/dist/scripts/agent-cli-options-to-task-graph-check.js +0 -5
- package/dist/scripts/agent-codex-app-cockpit-check.js +0 -91
- package/dist/scripts/agent-codex-child-overlap-check.js +0 -21
- package/dist/scripts/agent-dynamic-cockpit-check.js +0 -10
- package/dist/scripts/agent-dynamic-pool-check.js +0 -13
- package/dist/scripts/agent-dynamic-pool-route-blackbox.js +0 -5
- package/dist/scripts/agent-fast-mode-default-check.js +0 -62
- package/dist/scripts/agent-fast-mode-worker-propagation-check.js +0 -7
- package/dist/scripts/agent-follow-up-work-schema-check.js +0 -80
- package/dist/scripts/agent-goal-mode-propagation-check.js +0 -9
- package/dist/scripts/agent-intelligent-work-graph-check.js +0 -25
- package/dist/scripts/agent-janitor-check.js +0 -76
- package/dist/scripts/agent-main-no-scout-check.js +0 -11
- package/dist/scripts/agent-model-authored-patch-envelope-check.js +0 -15
- package/dist/scripts/agent-multi-project-isolation-check.js +0 -86
- package/dist/scripts/agent-native-cli-session-proof-check.js +0 -7
- package/dist/scripts/agent-native-cli-session-swarm-10-check.js +0 -7
- package/dist/scripts/agent-native-cli-session-swarm-20-check.js +0 -7
- package/dist/scripts/agent-native-cli-session-swarm-check.js +0 -7
- package/dist/scripts/agent-no-subagent-scaling-check.js +0 -7
- package/dist/scripts/agent-parallel-write-blackbox.js +0 -56
- package/dist/scripts/agent-parallel-write-kernel-check.js +0 -103
- package/dist/scripts/agent-patch-conflict-rebase-check.js +0 -198
- package/dist/scripts/agent-patch-envelope-extraction-check.js +0 -17
- package/dist/scripts/agent-patch-proof-check.js +0 -41
- package/dist/scripts/agent-patch-proof-runtime-check.js +0 -63
- package/dist/scripts/agent-patch-queue-runtime-check.js +0 -36
- package/dist/scripts/agent-patch-rollback-check.js +0 -38
- package/dist/scripts/agent-patch-rollback-dag-check.js +0 -14
- package/dist/scripts/agent-patch-swarm-route-blackbox.js +0 -10
- package/dist/scripts/agent-patch-swarm-runtime-check.js +0 -10
- package/dist/scripts/agent-patch-swarm-runtime-truth-check.js +0 -76
- package/dist/scripts/agent-patch-transaction-journal-check.js +0 -57
- package/dist/scripts/agent-patch-verification-dag-check.js +0 -14
- package/dist/scripts/agent-proof-contract-reconciled-check.js +0 -5
- package/dist/scripts/agent-real-codex-dynamic-smoke-check.js +0 -166
- package/dist/scripts/agent-real-codex-dynamic-smoke-v2-check.js +0 -14
- package/dist/scripts/agent-real-codex-in-zellij-worker-pane-check.js +0 -229
- package/dist/scripts/agent-real-codex-parallel-workers-10-check.js +0 -5
- package/dist/scripts/agent-real-codex-parallel-workers-20-check.js +0 -5
- package/dist/scripts/agent-real-codex-parallel-workers-5-check.js +0 -5
- package/dist/scripts/agent-real-codex-parallel-workers-check.js +0 -5
- package/dist/scripts/agent-role-config-repair-check.js +0 -33
- package/dist/scripts/agent-rollback-command-check.js +0 -86
- package/dist/scripts/agent-route-truth-backfill-check.js +0 -5
- package/dist/scripts/agent-scheduler-proof-check.js +0 -13
- package/dist/scripts/agent-scheduler-proof-hardening-check.js +0 -22
- package/dist/scripts/agent-session-generation-check.js +0 -21
- package/dist/scripts/agent-slot-pane-binding-proof-check.js +0 -64
- package/dist/scripts/agent-source-intelligence-propagation-check.js +0 -9
- package/dist/scripts/agent-strategy-to-lease-wiring-check.js +0 -32
- package/dist/scripts/agent-strategy-to-patch-strict-check.js +0 -54
- package/dist/scripts/agent-task-graph-expansion-check.js +0 -14
- package/dist/scripts/agent-terminal-generations-check.js +0 -23
- package/dist/scripts/agent-visual-consistency-check.js +0 -9
- package/dist/scripts/agent-wiki-context-proof-check.js +0 -62
- package/dist/scripts/agent-worker-backend-router-check.js +0 -63
- package/dist/scripts/agent-worker-scout-limited-check.js +0 -17
- package/dist/scripts/agent-zellij-dynamic-backfill-panes-check.js +0 -34
- package/dist/scripts/agent-zellij-runtime-check.js +0 -84
- package/dist/scripts/all-feature-deep-completion-check.js +0 -31
- package/dist/scripts/appshots-capability-check.js +0 -18
- package/dist/scripts/appshots-evidence-check.js +0 -48
- package/dist/scripts/appshots-operator-policy-check.js +0 -25
- package/dist/scripts/appshots-privacy-safety-check.js +0 -48
- package/dist/scripts/appshots-source-intelligence-check.js +0 -53
- package/dist/scripts/appshots-thread-attachment-discovery-check.js +0 -87
- package/dist/scripts/appshots-triwiki-voxel-check.js +0 -46
- package/dist/scripts/architecture-guard-check.js +0 -55
- package/dist/scripts/changelog-check.js +0 -47
- package/dist/scripts/codex-0-133-official-compat-report.js +0 -53
- package/dist/scripts/codex-0-134-official-compat-report.js +0 -110
- package/dist/scripts/codex-0-134-runner-truth-check.js +0 -66
- package/dist/scripts/codex-0-135-compat-check.js +0 -57
- package/dist/scripts/codex-0-136-compat-check.js +0 -30
- package/dist/scripts/codex-0-137-compat-check.js +0 -27
- package/dist/scripts/codex-app-fast-ui-preservation-check.js +0 -32
- package/dist/scripts/codex-app-provider-badge-check.js +0 -37
- package/dist/scripts/codex-app-ui-clobber-guard-check.js +0 -22
- package/dist/scripts/codex-app-ui-preservation-check.js +0 -96
- package/dist/scripts/codex-control-all-pipelines-check.js +0 -36
- package/dist/scripts/codex-control-capability-check.js +0 -10
- package/dist/scripts/codex-control-empty-result-retry-check.js +0 -43
- package/dist/scripts/codex-control-event-stream-ledger-check.js +0 -10
- package/dist/scripts/codex-control-keepalive-no-cot-leak-check.js +0 -14
- package/dist/scripts/codex-control-no-legacy-fallback-check.js +0 -31
- package/dist/scripts/codex-control-side-effect-scope-check.js +0 -26
- package/dist/scripts/codex-control-stream-idle-watchdog-check.js +0 -18
- package/dist/scripts/codex-control-structured-output-check.js +0 -11
- package/dist/scripts/codex-control-thread-registry-check.js +0 -11
- package/dist/scripts/codex-control-tool-call-sequence-repair-check.js +0 -14
- package/dist/scripts/codex-environment-scoped-approvals-check.js +0 -10
- package/dist/scripts/codex-exec-output-schema-actual-syntax-check.js +0 -33
- package/dist/scripts/codex-fast-mode-profile-propagation-check.js +0 -12
- package/dist/scripts/codex-history-search-check.js +0 -19
- package/dist/scripts/codex-hook-semantic-check.js +0 -15
- package/dist/scripts/codex-hook-strict-subset-check.js +0 -61
- package/dist/scripts/codex-lb-config-toml-safety-check.js +0 -85
- package/dist/scripts/codex-lb-persistence-truth-check.js +0 -96
- package/dist/scripts/codex-lb-setup-fixture-check.js +0 -91
- package/dist/scripts/codex-lb-setup-truthfulness-check.js +0 -84
- package/dist/scripts/codex-legacy-profile-consumers-removed-check.js +0 -24
- package/dist/scripts/codex-managed-proxy-env-check.js +0 -17
- package/dist/scripts/codex-output-schema-fixture-check.js +0 -25
- package/dist/scripts/codex-permission-profiles-check.js +0 -36
- package/dist/scripts/codex-plugin-list-json-check.js +0 -8
- package/dist/scripts/codex-profile-primary-check.js +0 -13
- package/dist/scripts/codex-project-config-policy-splitter-check.js +0 -51
- package/dist/scripts/codex-resume-cwd-truth-check.js +0 -17
- package/dist/scripts/codex-sdk-all-pipelines-check.js +0 -32
- package/dist/scripts/codex-sdk-backend-router-check.js +0 -65
- package/dist/scripts/codex-sdk-capability-check.js +0 -11
- package/dist/scripts/codex-sdk-core-skill-pipeline-check.js +0 -9
- package/dist/scripts/codex-sdk-dfix-pipeline-check.js +0 -9
- package/dist/scripts/codex-sdk-event-stream-ledger-check.js +0 -9
- package/dist/scripts/codex-sdk-no-legacy-fallback-check.js +0 -33
- package/dist/scripts/codex-sdk-qa-pipeline-check.js +0 -8
- package/dist/scripts/codex-sdk-real-smoke-check.js +0 -39
- package/dist/scripts/codex-sdk-release-review-pipeline-check.js +0 -13
- package/dist/scripts/codex-sdk-research-pipeline-check.js +0 -15
- package/dist/scripts/codex-sdk-sandbox-policy-check.js +0 -21
- package/dist/scripts/codex-sdk-structured-output-check.js +0 -10
- package/dist/scripts/codex-sdk-team-naruto-agent-pipeline-check.js +0 -12
- package/dist/scripts/codex-sdk-thread-registry-check.js +0 -11
- package/dist/scripts/codex-sdk-ux-ppt-review-pipeline-check.js +0 -9
- package/dist/scripts/codex-sdk-zellij-pane-binding-check.js +0 -13
- package/dist/scripts/codex-thread-runtime-choice-check.js +0 -10
- package/dist/scripts/codex-web-adapter-check.js +0 -12
- package/dist/scripts/computer-use-live-evidence-check.js +0 -55
- package/dist/scripts/computer-use-live-optional-check.js +0 -32
- package/dist/scripts/computer-use-policy-check.js +0 -69
- package/dist/scripts/computer-use-visual-route-fixture-check.js +0 -37
- package/dist/scripts/core-skill-card-schema-check.js +0 -61
- package/dist/scripts/core-skill-deployment-snapshot-check.js +0 -54
- package/dist/scripts/core-skill-heldout-validation-check.js +0 -49
- package/dist/scripts/core-skill-no-inference-optimizer-check.js +0 -75
- package/dist/scripts/core-skill-patch-check.js +0 -79
- package/dist/scripts/core-skill-promotion-side-effect-ledger-check.js +0 -64
- package/dist/scripts/core-skill-rollout-scoring-check.js +0 -72
- package/dist/scripts/core-skill-route-runtime-integration-check.js +0 -49
- package/dist/scripts/dfix-fast-blackbox-check.js +0 -37
- package/dist/scripts/dfix-fast-kernel-check.js +0 -26
- package/dist/scripts/dfix-fixture-check.js +0 -6
- package/dist/scripts/dfix-parallel-write-blackbox.js +0 -48
- package/dist/scripts/dfix-patch-handoff-check.js +0 -13
- package/dist/scripts/dfix-patch-swarm-route-blackbox.js +0 -10
- package/dist/scripts/dfix-performance-check.js +0 -15
- package/dist/scripts/dfix-verification-check.js +0 -9
- package/dist/scripts/dfix-verification-recommendation-check.js +0 -15
- package/dist/scripts/docs-truthfulness-check.js +0 -61
- package/dist/scripts/doctor-codex-doctor-parity-check.js +0 -17
- package/dist/scripts/doctor-fix-proves-codex-read-check.js +0 -64
- package/dist/scripts/doctor-fix-recovers-corrupted-config-check.js +0 -122
- package/dist/scripts/doctor-fixes-codex-app-fast-ui-check.js +0 -39
- package/dist/scripts/evidence-fixture-check.js +0 -26
- package/dist/scripts/evidence-flagship-coverage-check.js +0 -55
- package/dist/scripts/fake-real-proof-policy-v2-check.js +0 -27
- package/dist/scripts/fake-vs-real-proof-policy-check.js +0 -14
- package/dist/scripts/fast-codex-service-tier-proof-check.js +0 -42
- package/dist/scripts/flagship-proof-graph-v2-check.js +0 -48
- package/dist/scripts/flagship-proof-graph-v3-check.js +0 -67
- package/dist/scripts/flagship-proof-graph-v4-check.js +0 -61
- package/dist/scripts/git-precommit-fixture-check.js +0 -41
- package/dist/scripts/git-worktree-cache-performance-check.js +0 -25
- package/dist/scripts/git-worktree-capability-check.js +0 -27
- package/dist/scripts/git-worktree-checkpoint-check.js +0 -20
- package/dist/scripts/git-worktree-cleanup-check.js +0 -27
- package/dist/scripts/git-worktree-cross-rebase-check.js +0 -39
- package/dist/scripts/git-worktree-diff-envelope-check.js +0 -17
- package/dist/scripts/git-worktree-diff-export-check.js +0 -43
- package/dist/scripts/git-worktree-dirty-lock-check.js +0 -17
- package/dist/scripts/git-worktree-dirty-main-detection-check.js +0 -14
- package/dist/scripts/git-worktree-integration-primary-check.js +0 -24
- package/dist/scripts/git-worktree-integration-primary-runtime-check.js +0 -20
- package/dist/scripts/git-worktree-manager-check.js +0 -37
- package/dist/scripts/git-worktree-manifest-append-check.js +0 -18
- package/dist/scripts/git-worktree-merge-queue-check.js +0 -31
- package/dist/scripts/git-worktree-pool-performance-check.js +0 -20
- package/dist/scripts/git-worktree-untracked-diff-check.js +0 -18
- package/dist/scripts/goal-mode-official-default-check.js +0 -12
- package/dist/scripts/gpt-final-arbiter-check.js +0 -63
- package/dist/scripts/gpt-final-arbiter-performance-check.js +0 -36
- package/dist/scripts/gpt-image-2-request-validator-check.js +0 -35
- package/dist/scripts/hooks-0.134-context-parity-check.js +0 -20
- package/dist/scripts/hooks-actual-parity-check.js +0 -17
- package/dist/scripts/hooks-actual-parity-v2-check.js +0 -21
- package/dist/scripts/hooks-latest-schema-check.js +0 -20
- package/dist/scripts/hooks-managed-install-fixture-check.js +0 -21
- package/dist/scripts/hooks-official-hash-oracle-check.js +0 -35
- package/dist/scripts/hooks-official-hash-parity-check.js +0 -17
- package/dist/scripts/hooks-subagent-events-check.js +0 -17
- package/dist/scripts/hooks-trust-state-check.js +0 -14
- package/dist/scripts/image-fidelity-fixture-check.js +0 -24
- package/dist/scripts/imagegen-capability-check.js +0 -30
- package/dist/scripts/imagegen-real-smoke-check.js +0 -155
- package/dist/scripts/install-update-preserves-config-check.js +0 -87
- package/dist/scripts/json-schema-recursive-check.js +0 -78
- package/dist/scripts/legacy-multiagent-removal-check.js +0 -85
- package/dist/scripts/legacy-upgrade-matrix-check.js +0 -300
- package/dist/scripts/local-collab-all-pipelines-final-gpt-check.js +0 -21
- package/dist/scripts/local-collab-gpt-final-availability-check.js +0 -58
- package/dist/scripts/local-collab-no-local-only-final-check.js +0 -27
- package/dist/scripts/local-collab-policy-check.js +0 -17
- package/dist/scripts/local-collab-worktree-gpt-final-apply-policy-check.js +0 -63
- package/dist/scripts/local-llm-all-pipelines-check.js +0 -11
- package/dist/scripts/local-llm-cache-performance-check.js +0 -10
- package/dist/scripts/local-llm-capability-check.js +0 -14
- package/dist/scripts/local-llm-smoke-check.js +0 -23
- package/dist/scripts/local-llm-structured-output-check.js +0 -11
- package/dist/scripts/local-llm-throughput-check.js +0 -10
- package/dist/scripts/local-llm-tool-call-repair-check.js +0 -10
- package/dist/scripts/local-llm-warmup-check.js +0 -11
- package/dist/scripts/loop-blocker-check.js +0 -15
- package/dist/scripts/mad-preflight-blocks-unreadable-config-check.js +0 -35
- package/dist/scripts/mad-sks-actual-executor-blackbox.js +0 -5
- package/dist/scripts/mad-sks-app-ui-no-mutation-check.js +0 -92
- package/dist/scripts/mad-sks-audit-proof-check.js +0 -34
- package/dist/scripts/mad-sks-db-executor-check.js +0 -5
- package/dist/scripts/mad-sks-executor-proof-graph-check.js +0 -5
- package/dist/scripts/mad-sks-fast-mode-propagation-check.js +0 -24
- package/dist/scripts/mad-sks-file-write-executor-check.js +0 -5
- package/dist/scripts/mad-sks-immutable-harness-check.js +0 -36
- package/dist/scripts/mad-sks-no-harness-modification-check.js +0 -25
- package/dist/scripts/mad-sks-package-executor-check.js +0 -5
- package/dist/scripts/mad-sks-permission-model-check.js +0 -22
- package/dist/scripts/mad-sks-rollback-apply-check.js +0 -5
- package/dist/scripts/mad-sks-service-executor-check.js +0 -5
- package/dist/scripts/mad-sks-shell-executor-check.js +0 -5
- package/dist/scripts/mad-sks-write-guard-check.js +0 -28
- package/dist/scripts/mad-sks-zellij-default-pane-worker-check.js +0 -37
- package/dist/scripts/mad-sks-zellij-launch-check.js +0 -102
- package/dist/scripts/mcp-0-134-modernization-check.js +0 -55
- package/dist/scripts/mcp-readonly-concurrency-check.js +0 -17
- package/dist/scripts/mcp-readonly-runtime-scheduler-check.js +0 -20
- package/dist/scripts/mcp-tool-naming-parity-check.js +0 -16
- package/dist/scripts/memory-summary-rebuild-check.js +0 -22
- package/dist/scripts/mutation-callsite-coverage-check.js +0 -180
- package/dist/scripts/naruto-active-pool-check.js +0 -39
- package/dist/scripts/naruto-actual-worker-control-plane-check.js +0 -56
- package/dist/scripts/naruto-allocation-policy-check.js +0 -33
- package/dist/scripts/naruto-allocation-runtime-wiring-check.js +0 -92
- package/dist/scripts/naruto-concurrency-governor-check.js +0 -53
- package/dist/scripts/naruto-extreme-parallelism-check.js +0 -22
- package/dist/scripts/naruto-extreme-parallelism-real-check.js +0 -43
- package/dist/scripts/naruto-gpt-final-pack-check.js +0 -34
- package/dist/scripts/naruto-orchestrator-runtime-source-check.js +0 -70
- package/dist/scripts/naruto-parallel-patch-apply-check.js +0 -41
- package/dist/scripts/naruto-readonly-routing-check.js +0 -116
- package/dist/scripts/naruto-real-active-pool-check.js +0 -39
- package/dist/scripts/naruto-real-active-pool-runtime-check.js +0 -55
- package/dist/scripts/naruto-rebalance-policy-check.js +0 -41
- package/dist/scripts/naruto-role-distribution-check.js +0 -23
- package/dist/scripts/naruto-shadow-clone-swarm-check.js +0 -153
- package/dist/scripts/naruto-verification-pool-check.js +0 -36
- package/dist/scripts/naruto-work-graph-check.js +0 -24
- package/dist/scripts/naruto-worktree-coding-blackbox.js +0 -29
- package/dist/scripts/naruto-worktree-coding-check.js +0 -44
- package/dist/scripts/naruto-worktree-gpt-final-check.js +0 -45
- package/dist/scripts/naruto-worktree-zellij-ui-check.js +0 -28
- package/dist/scripts/naruto-zellij-dynamic-right-column-check.js +0 -48
- package/dist/scripts/naruto-zellij-massive-ui-check.js +0 -23
- package/dist/scripts/non-recursive-pipeline-check.js +0 -68
- package/dist/scripts/npm-publish-performance-check.js +0 -65
- package/dist/scripts/official-docs-compat-report.js +0 -304
- package/dist/scripts/packlist-performance-check.js +0 -83
- package/dist/scripts/parallel-verification-engine-check.js +0 -85
- package/dist/scripts/postinstall-safe-side-effects-check.js +0 -65
- package/dist/scripts/ppt-full-e2e-artifact-graph-check.js +0 -40
- package/dist/scripts/ppt-full-e2e-blackbox-check.js +0 -109
- package/dist/scripts/ppt-image-voxel-relations-check.js +0 -9
- package/dist/scripts/ppt-imagegen-blackbox-check.js +0 -46
- package/dist/scripts/ppt-imagegen-review-fixture-check.js +0 -6
- package/dist/scripts/ppt-issue-extraction-fixture-check.js +0 -7
- package/dist/scripts/ppt-no-mock-as-real-check.js +0 -8
- package/dist/scripts/ppt-no-text-fallback-check.js +0 -7
- package/dist/scripts/ppt-proof-trust-fixture-check.js +0 -10
- package/dist/scripts/ppt-real-export-adapter-check.js +0 -13
- package/dist/scripts/ppt-real-imagegen-smoke-check.js +0 -42
- package/dist/scripts/ppt-real-imagegen-wiring-check.js +0 -16
- package/dist/scripts/ppt-reexport-rereview-check.js +0 -19
- package/dist/scripts/ppt-slide-export-fixture-check.js +0 -7
- package/dist/scripts/prepublish-fast-check.js +0 -128
- package/dist/scripts/priority-full-closure-check.js +0 -12
- package/dist/scripts/product-design-auto-install-check.js +0 -119
- package/dist/scripts/product-design-plugin-routing-check.js +0 -101
- package/dist/scripts/prompt-placeholder-guard-check.js +0 -33
- package/dist/scripts/provider-badge-context-check.js +0 -26
- package/dist/scripts/provider-context-config-toml-check.js +0 -63
- package/dist/scripts/python-codex-sdk-all-pipelines-check.js +0 -47
- package/dist/scripts/python-codex-sdk-capability-check.js +0 -75
- package/dist/scripts/python-codex-sdk-sandbox-policy-check.js +0 -10
- package/dist/scripts/python-codex-sdk-stream-bridge-check.js +0 -12
- package/dist/scripts/python-tools-smoke-check.js +0 -71
- package/dist/scripts/qa-actual-route-backfill-check.js +0 -5
- package/dist/scripts/qa-backfill-route-blackbox.js +0 -5
- package/dist/scripts/qa-patch-swarm-route-blackbox.js +0 -10
- package/dist/scripts/readme-architecture-imagegen-official-check.js +0 -448
- package/dist/scripts/release-cache-glob-hashing-check.js +0 -42
- package/dist/scripts/release-dag-full-coverage-check.js +0 -53
- package/dist/scripts/release-dist-freshness-check.js +0 -8
- package/dist/scripts/release-dynamic-performance-check.js +0 -103
- package/dist/scripts/release-gate-budget-check.js +0 -36
- package/dist/scripts/release-gate-dag-runner-check.js +0 -17
- package/dist/scripts/release-metadata-1-11-check.js +0 -37
- package/dist/scripts/release-metadata-1-12-check.js +0 -48
- package/dist/scripts/release-metadata-1-13-check.js +0 -53
- package/dist/scripts/release-metadata-1-14-check.js +0 -63
- package/dist/scripts/release-metadata-1-16-check.js +0 -81
- package/dist/scripts/release-metadata-1-17-check.js +0 -51
- package/dist/scripts/release-metadata-1-19-check.js +0 -371
- package/dist/scripts/release-metadata-check.js +0 -7
- package/dist/scripts/release-native-agent-fixture-check.js +0 -41
- package/dist/scripts/release-parallel-check.js +0 -374
- package/dist/scripts/release-parallel-full-coverage-check.js +0 -13
- package/dist/scripts/release-parallel-speed-budget-check.js +0 -79
- package/dist/scripts/release-provenance-check.js +0 -150
- package/dist/scripts/release-readiness-report.js +0 -1146
- package/dist/scripts/release-real-check.js +0 -330
- package/dist/scripts/release-registry-check.js +0 -344
- package/dist/scripts/release-runtime-truth-matrix-check.js +0 -47
- package/dist/scripts/release-stability-report-check.js +0 -99
- package/dist/scripts/release-version-truth-check.js +0 -134
- package/dist/scripts/research-actual-route-backfill-check.js +0 -5
- package/dist/scripts/research-backfill-route-blackbox.js +0 -5
- package/dist/scripts/research-quality-gate-check.js +0 -86
- package/dist/scripts/responses-retry-policy-centralized-check.js +0 -19
- package/dist/scripts/retention-cleanup-safety-check.js +0 -155
- package/dist/scripts/route-blackbox-realism-check.js +0 -21
- package/dist/scripts/route-proof-artifact-structure-check.js +0 -145
- package/dist/scripts/runtime-dist-parity-check.js +0 -78
- package/dist/scripts/runtime-no-mjs-scripts-check.js +0 -45
- package/dist/scripts/runtime-no-src-mjs-check.js +0 -32
- package/dist/scripts/runtime-no-tmux-check.js +0 -113
- package/dist/scripts/runtime-ts-python-boundary-check.js +0 -59
- package/dist/scripts/runtime-ts-rust-boundary-check.js +0 -74
- package/dist/scripts/runtime-ts-source-of-truth-check.js +0 -55
- package/dist/scripts/safety-check.js +0 -23
- package/dist/scripts/shared-memory-fixture-check.js +0 -27
- package/dist/scripts/side-effect-runtime-report-check.js +0 -19
- package/dist/scripts/side-effect-zero-gate-check.js +0 -226
- package/dist/scripts/sks-1-11-fixture-check.js +0 -130
- package/dist/scripts/source-intelligence-all-modes-check.js +0 -32
- package/dist/scripts/source-intelligence-policy-check.js +0 -13
- package/dist/scripts/strategy-adhd-orchestrating-gate-check.js +0 -22
- package/dist/scripts/strategy-file-ownership-plan-check.js +0 -18
- package/dist/scripts/strategy-parallel-modification-plan-check.js +0 -19
- package/dist/scripts/strategy-verification-rollback-dag-check.js +0 -19
- package/dist/scripts/team-actual-route-backfill-check.js +0 -5
- package/dist/scripts/team-backfill-route-blackbox.js +0 -5
- package/dist/scripts/team-parallel-write-blackbox.js +0 -55
- package/dist/scripts/team-patch-swarm-route-blackbox.js +0 -10
- package/dist/scripts/terminal-keyboard-enhancement-safety-check.js +0 -12
- package/dist/scripts/terminal-tui-output-stability-check.js +0 -35
- package/dist/scripts/test-no-orphan-dist-imports-check.js +0 -73
- package/dist/scripts/trust-fixture-check.js +0 -33
- package/dist/scripts/typescript-migration-report.js +0 -78
- package/dist/scripts/ultra-router-auto-router-check.js +0 -33
- package/dist/scripts/ultra-router-classification-check.js +0 -28
- package/dist/scripts/ux-patch-swarm-route-blackbox.js +0 -10
- package/dist/scripts/ux-ppt-structured-extraction-check.js +0 -21
- package/dist/scripts/ux-review-extract-real-callouts-fixture-check.js +0 -8
- package/dist/scripts/ux-review-extract-wires-real-extractor-check.js +0 -15
- package/dist/scripts/ux-review-generate-callouts-fixture-check.js +0 -9
- package/dist/scripts/ux-review-image-voxel-relations-check.js +0 -31
- package/dist/scripts/ux-review-imagegen-blackbox-check.js +0 -67
- package/dist/scripts/ux-review-no-fake-callouts-check.js +0 -8
- package/dist/scripts/ux-review-no-text-fallback-check.js +0 -25
- package/dist/scripts/ux-review-patch-diff-recheck-check.js +0 -20
- package/dist/scripts/ux-review-patch-handoff-fixture-check.js +0 -8
- package/dist/scripts/ux-review-real-imagegen-smoke-check.js +0 -31
- package/dist/scripts/ux-review-real-loop-fixture-check.js +0 -24
- package/dist/scripts/ux-review-recapture-recheck-fixture-check.js +0 -8
- package/dist/scripts/ux-review-run-wires-imagegen-check.js +0 -11
- package/dist/scripts/worker-pane-communication-contract-check.js +0 -54
- package/dist/scripts/wrongness-fixture-check.js +0 -65
- package/dist/scripts/xai-mcp-capability-check.js +0 -14
- package/dist/scripts/zellij-capability-check.js +0 -15
- package/dist/scripts/zellij-dashboard-pane-check.js +0 -70
- package/dist/scripts/zellij-developer-controls-check.js +0 -20
- package/dist/scripts/zellij-doctor-readiness-check.js +0 -63
- package/dist/scripts/zellij-dynamic-pane-lifecycle-check.js +0 -21
- package/dist/scripts/zellij-first-slot-down-stack-check.js +0 -20
- package/dist/scripts/zellij-first-slot-down-stack-real-check.js +0 -356
- package/dist/scripts/zellij-initial-main-only-blackbox.js +0 -28
- package/dist/scripts/zellij-lane-renderer-check.js +0 -65
- package/dist/scripts/zellij-launch-command-truth-check.js +0 -75
- package/dist/scripts/zellij-layout-valid-check.js +0 -90
- package/dist/scripts/zellij-pane-proof-check.js +0 -59
- package/dist/scripts/zellij-real-session-cleanup-check.js +0 -21
- package/dist/scripts/zellij-real-session-heartbeat-check.js +0 -49
- package/dist/scripts/zellij-real-session-launch-check.js +0 -57
- package/dist/scripts/zellij-right-column-headless-overflow-check.js +0 -22
- package/dist/scripts/zellij-right-column-manager-check.js +0 -27
- package/dist/scripts/zellij-screen-proof-check.js +0 -45
- package/dist/scripts/zellij-slot-column-anchor-check.js +0 -66
- package/dist/scripts/zellij-slot-only-ui-check.js +0 -26
- package/dist/scripts/zellij-slot-pane-renderer-check.js +0 -106
- package/dist/scripts/zellij-slot-renderer-proof-semantics-check.js +0 -59
- package/dist/scripts/zellij-spawn-on-demand-layout-check.js +0 -40
- package/dist/scripts/zellij-ui-design-check.js +0 -105
- package/dist/scripts/zellij-worker-pane-manager-check.js +0 -109
- package/dist/scripts/zellij-worker-pane-manager-single-owner-check.js +0 -47
- package/dist/scripts/zellij-worker-pane-real-ui-blackbox.js +0 -202
- package/dist/scripts/zellij-worker-pane-spawn-order-check.js +0 -35
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/permission-request.command.input.schema.json +0 -61
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/permission-request.command.output.schema.json +0 -103
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/post-compact.command.input.schema.json +0 -52
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/post-compact.command.output.schema.json +0 -24
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/post-tool-use.command.input.schema.json +0 -67
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/post-tool-use.command.output.schema.json +0 -84
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/pre-compact.command.input.schema.json +0 -52
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/pre-compact.command.output.schema.json +0 -24
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/pre-tool-use.command.input.schema.json +0 -65
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/pre-tool-use.command.output.schema.json +0 -105
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/session-start.command.input.schema.json +0 -59
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/session-start.command.output.schema.json +0 -63
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/snapshot-metadata.json +0 -31
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/stop.command.input.schema.json +0 -63
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/stop.command.output.schema.json +0 -45
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/user-prompt-submit.command.input.schema.json +0 -59
- package/dist/vendor/openai-codex/rust-v0.131.0/hooks/user-prompt-submit.command.output.schema.json +0 -81
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import fs from 'node:fs';
|
|
4
|
-
import path from 'node:path';
|
|
5
|
-
import { assertGate, emitGate, readText, root } from './sks-1-18-gate-lib.js';
|
|
6
|
-
const runtimeFiles = [
|
|
7
|
-
'src/core/agents/agent-orchestrator.ts',
|
|
8
|
-
'src/core/agents/native-worker-backend-router.ts',
|
|
9
|
-
'src/core/agents/agent-command-surface.ts',
|
|
10
|
-
'src/core/commands/team-command.ts',
|
|
11
|
-
'src/core/commands/qa-loop-command.ts',
|
|
12
|
-
'src/core/commands/research-command.ts',
|
|
13
|
-
'src/core/commands/naruto-command.ts',
|
|
14
|
-
'src/core/commands/mad-sks-command.ts'
|
|
15
|
-
];
|
|
16
|
-
const violations = [];
|
|
17
|
-
for (const file of runtimeFiles) {
|
|
18
|
-
const text = readText(file);
|
|
19
|
-
const allowedLegacyBlocker = file.includes('agent-orchestrator') || file.includes('native-worker-backend-router');
|
|
20
|
-
if (text.includes("runCodexExecAgent"))
|
|
21
|
-
violations.push(`${file}:runCodexExecAgent`);
|
|
22
|
-
if (text.includes("codex-exec'") && !allowedLegacyBlocker && !file.includes('naruto-command'))
|
|
23
|
-
violations.push(`${file}:codex-exec-default-or-usage`);
|
|
24
|
-
if (text.includes('codex-exec|fake'))
|
|
25
|
-
violations.push(`${file}:legacy-help`);
|
|
26
|
-
if (text.includes("mock ? 'fake' : 'codex-exec'"))
|
|
27
|
-
violations.push(`${file}:legacy-default`);
|
|
28
|
-
}
|
|
29
|
-
const allSource = fs.readdirSync(path.join(root, 'src', 'core', 'codex-control'));
|
|
30
|
-
assertGate(allSource.includes('codex-sdk-adapter.ts'), 'Codex SDK adapter source missing');
|
|
31
|
-
assertGate(violations.length === 0, 'legacy Codex exec fallback still reachable', { violations });
|
|
32
|
-
emitGate('codex-sdk:no-legacy-fallback', { checked_files: runtimeFiles.length });
|
|
33
|
-
//# sourceMappingURL=codex-sdk-no-legacy-fallback-check.js.map
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const source = readText('src/core/commands/qa-loop-command.ts');
|
|
5
|
-
assertGate(source.includes("backend: mock ? 'fake' : 'codex-sdk'"), 'QA pipeline must default native agents to codex-sdk');
|
|
6
|
-
assertGate(source.includes('runNativeAgentOrchestrator'), 'QA pipeline must use native agent orchestrator');
|
|
7
|
-
emitGate('codex-sdk:qa-pipeline', { route: '$QA-LOOP' });
|
|
8
|
-
//# sourceMappingURL=codex-sdk-qa-pipeline-check.js.map
|
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, importDist, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const requireReal = process.env.SKS_CODEX_SDK_REQUIRE_REAL === '1'
|
|
5
|
-
|| process.env.SKS_REQUIRE_CODEX_SDK === '1'
|
|
6
|
-
|| process.argv.includes('--require-real');
|
|
7
|
-
if (!requireReal) {
|
|
8
|
-
const fixture = await runFakeCodexSdkTaskFixture('real-smoke-fixture');
|
|
9
|
-
assertGate(fixture.result.ok === true, 'fixture SDK smoke must pass', fixture.result);
|
|
10
|
-
emitGate('codex-sdk:real-smoke', { status: 'integration_optional', fixture_thread_id: fixture.result.sdkThreadId });
|
|
11
|
-
}
|
|
12
|
-
else {
|
|
13
|
-
const mod = await importDist('core/codex-control/codex-control-plane.js');
|
|
14
|
-
const schema = await importDist('core/codex-control/schemas/agent-worker-result.schema.js');
|
|
15
|
-
const result = await mod.runCodexTask({
|
|
16
|
-
route: '$Agent',
|
|
17
|
-
missionId: 'M-codex-sdk-real-smoke',
|
|
18
|
-
workItemId: 'real-smoke',
|
|
19
|
-
slotId: 'slot-real',
|
|
20
|
-
generationIndex: 1,
|
|
21
|
-
sessionId: 'real-smoke-session',
|
|
22
|
-
cwd: process.cwd(),
|
|
23
|
-
prompt: [
|
|
24
|
-
'Read-only real Codex SDK smoke. Do not edit files.',
|
|
25
|
-
'Return only JSON matching sks.agent-worker-result.v1.',
|
|
26
|
-
'Use status "done", a short summary, findings as string array, changed_files as [], patch_envelopes as [], verification as { "status": "passed", "checks": ["real-codex-sdk-smoke"] }, rollback_notes as [], and blockers as [].'
|
|
27
|
-
].join('\n'),
|
|
28
|
-
inputFiles: [],
|
|
29
|
-
inputImages: [],
|
|
30
|
-
outputSchemaId: schema.CODEX_AGENT_WORKER_RESULT_SCHEMA_ID,
|
|
31
|
-
outputSchema: schema.codexAgentWorkerResultSchema,
|
|
32
|
-
sandboxPolicy: 'read-only',
|
|
33
|
-
requestedScopeContract: { id: 'real-smoke', read_only: true, allowed_paths: [], write_paths: [] },
|
|
34
|
-
mutationLedgerRoot: '.sneakoscope/reports/codex-sdk-real-smoke'
|
|
35
|
-
});
|
|
36
|
-
assertGate(result.ok === true, 'real Codex SDK smoke failed', result);
|
|
37
|
-
emitGate('codex-sdk:real-smoke', { status: 'proven', sdk_thread_id: result.sdkThreadId, stream_event_count: result.streamEventCount });
|
|
38
|
-
}
|
|
39
|
-
//# sourceMappingURL=codex-sdk-real-smoke-check.js.map
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, packageScripts, readText, releaseGateIds } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const scripts = packageScripts();
|
|
5
|
-
const releaseRealCheck = String(scripts['release:real-check'] || '');
|
|
6
|
-
const releaseRealCheckSource = readText('src/scripts/release-real-check.ts');
|
|
7
|
-
const releaseGates = releaseGateIds();
|
|
8
|
-
assertGate(releaseGates.has('codex-sdk:capability'), 'release gate DAG must include Codex SDK capability gate');
|
|
9
|
-
assertGate(releaseGates.has('codex-sdk:all-pipelines'), 'release gate DAG must include Codex SDK all-pipelines gate');
|
|
10
|
-
assertGate(releaseRealCheck.includes('codex-sdk:real-smoke') || releaseRealCheckSource.includes('codex-sdk:real-smoke'), 'release:real-check must include Codex SDK real smoke');
|
|
11
|
-
assertGate(readText('src/core/agents/agent-orchestrator.ts').includes('legacy_codex_exec_runtime_removed'), 'orchestrator must block legacy codex-exec requests');
|
|
12
|
-
emitGate('codex-sdk:release-review-pipeline', { release_gate_dag_contains_sdk: true });
|
|
13
|
-
//# sourceMappingURL=codex-sdk-release-review-pipeline-check.js.map
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const source = readText('src/core/commands/research-command.ts');
|
|
5
|
-
assertGate(source.includes("backend: mock ? 'fake' : 'codex-sdk'"), 'Research pipeline must default native agents to codex-sdk');
|
|
6
|
-
assertGate(source.includes("flag(args, '--autoresearch') ? '$AutoResearch' : '$Research'"), 'Research/AutoResearch route selection missing');
|
|
7
|
-
assertGate(source.includes('narutoWorkGraph: researchWorkGraph'), 'Research pipeline must pass the stage-aware Naruto work graph');
|
|
8
|
-
assertGate(source.includes('readonly: true'), 'Research pipeline must force read-only native orchestration');
|
|
9
|
-
assertGate(source.includes('quality_metrics'), 'Research pipeline JSON output must include quality metrics');
|
|
10
|
-
const researchCore = readText('src/core/research.ts');
|
|
11
|
-
assertGate(researchCore.includes('readResearchQualityContract'), 'Research gate must read research-quality-contract.json');
|
|
12
|
-
assertGate(researchCore.includes('claim_evidence_matrix_missing'), 'Research gate must require claim-evidence-matrix.json');
|
|
13
|
-
assertGate(researchCore.includes('research_final_review_not_approved'), 'Research gate must require final reviewer approval');
|
|
14
|
-
emitGate('codex-sdk:research-pipeline', { route: '$Research' });
|
|
15
|
-
//# sourceMappingURL=codex-sdk-research-pipeline-check.js.map
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
|
|
4
|
-
const mod = await importDist('core/codex-control/codex-sdk-sandbox-policy.js');
|
|
5
|
-
const base = {
|
|
6
|
-
route: '$Agent',
|
|
7
|
-
missionId: 'M-sandbox',
|
|
8
|
-
cwd: process.cwd(),
|
|
9
|
-
prompt: 'sandbox fixture',
|
|
10
|
-
outputSchemaId: 'sks.agent-worker-result.v1',
|
|
11
|
-
outputSchema: {},
|
|
12
|
-
mutationLedgerRoot: process.cwd()
|
|
13
|
-
};
|
|
14
|
-
const readOnly = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'read-only', requestedScopeContract: { read_only: true } });
|
|
15
|
-
const workspace = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'workspace-write', requestedScopeContract: { read_only: false, allowed_paths: ['tmp'], write_paths: ['tmp'] } });
|
|
16
|
-
const fullBlocked = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'full-access', requestedScopeContract: { read_only: false } });
|
|
17
|
-
assertGate(readOnly.ok && readOnly.sandboxMode === 'read-only', 'read-only sandbox mapping failed', readOnly);
|
|
18
|
-
assertGate(workspace.ok && workspace.sandboxMode === 'workspace-write', 'workspace-write sandbox mapping failed', workspace);
|
|
19
|
-
assertGate(!fullBlocked.ok && fullBlocked.blockers.includes('codex_sdk_full_access_requires_explicit_mad_scope'), 'full-access must require explicit authorization', fullBlocked);
|
|
20
|
-
emitGate('codex-sdk:sandbox-policy', { read_only: readOnly.sandboxMode, workspace: workspace.sandboxMode, full_blockers: fullBlocked.blockers });
|
|
21
|
-
//# sourceMappingURL=codex-sdk-sandbox-policy-check.js.map
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const fixture = await runFakeCodexSdkTaskFixture('structured-output');
|
|
5
|
-
assertGate(fixture.result.ok === true, 'Codex SDK fake run must pass', fixture.result);
|
|
6
|
-
assertGate(fixture.result.structuredOutputValid === true, 'structured output must validate', fixture.result);
|
|
7
|
-
assertGate(fixture.worker.backend === 'codex-sdk', 'worker backend must be codex-sdk', fixture.worker);
|
|
8
|
-
assertGate(fixture.worker.verification?.checks?.includes('sks.agent-worker-result.v1'), 'worker verification must reference output schema', fixture.worker);
|
|
9
|
-
emitGate('codex-sdk:structured-output', { output_schema_id: fixture.proof.output_schema_id, structured_output_valid: fixture.result.structuredOutputValid });
|
|
10
|
-
//# sourceMappingURL=codex-sdk-structured-output-check.js.map
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const team = readText('src/core/commands/team-command.ts');
|
|
5
|
-
const naruto = readText('src/core/commands/naruto-command.ts');
|
|
6
|
-
const agent = readText('src/core/agents/agent-command-surface.ts');
|
|
7
|
-
assertGate(team.includes("backend: mock ? 'fake' : 'codex-sdk'"), 'Team must default to codex-sdk');
|
|
8
|
-
assertGate(naruto.includes("backend: 'codex-sdk'"), 'Naruto help/defaults must expose codex-sdk');
|
|
9
|
-
assertGate(agent.includes("useOllama && !noOllama ? 'ollama' : 'codex-sdk'"), 'Agent command surface must default to codex-sdk unless local model is explicit');
|
|
10
|
-
assertGate(agent.includes('backendExplicit'), 'Agent command surface must preserve explicit backend/local-model intent');
|
|
11
|
-
emitGate('codex-sdk:team-naruto-agent-pipeline', { routes: ['$Team', '$Naruto', '$Agent'] });
|
|
12
|
-
//# sourceMappingURL=codex-sdk-team-naruto-agent-pipeline-check.js.map
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const fixture = await runFakeCodexSdkTaskFixture('thread-registry', { zellijPaneId: 'pane-42' });
|
|
5
|
-
const thread = fixture.registry.threads[0] || {};
|
|
6
|
-
assertGate(fixture.registry.thread_count === 1, 'thread registry must record one thread', fixture.registry);
|
|
7
|
-
assertGate(thread.sdk_thread_id === fixture.result.sdkThreadId, 'thread registry sdk_thread_id mismatch', { thread, result: fixture.result });
|
|
8
|
-
assertGate(thread.zellij_pane_id === 'pane-42', 'thread registry must link zellij pane id when present', thread);
|
|
9
|
-
assertGate(thread.output_schema_id === 'sks.agent-worker-result.v1', 'thread registry output schema mismatch', thread);
|
|
10
|
-
emitGate('codex-sdk:thread-registry', { thread_count: fixture.registry.thread_count, sdk_thread_id: thread.sdk_thread_id });
|
|
11
|
-
//# sourceMappingURL=codex-sdk-thread-registry-check.js.map
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, packageScripts } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const scripts = packageScripts();
|
|
5
|
-
assertGate(Boolean(scripts['ux-review:imagegen-blackbox']), 'UX review imagegen blackbox gate missing');
|
|
6
|
-
assertGate(Boolean(scripts['ppt:imagegen-blackbox']), 'PPT imagegen blackbox gate missing');
|
|
7
|
-
assertGate(Boolean(scripts['ux-ppt:structured-extraction']), 'UX/PPT structured extraction gate missing');
|
|
8
|
-
emitGate('codex-sdk:ux-ppt-review-pipeline', { gates: ['ux-review:imagegen-blackbox', 'ppt:imagegen-blackbox', 'ux-ppt:structured-extraction'] });
|
|
9
|
-
//# sourceMappingURL=codex-sdk-ux-ppt-review-pipeline-check.js.map
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, readText, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const fixture = await runFakeCodexSdkTaskFixture('zellij-binding', { zellijPaneId: 'pane-999' });
|
|
5
|
-
const swarmSource = readText('src/core/agents/native-cli-session-swarm.ts');
|
|
6
|
-
const proofSource = readText('src/core/agents/agent-slot-pane-binding-proof.ts');
|
|
7
|
-
const managerSource = readText('src/core/zellij/zellij-worker-pane-manager.ts');
|
|
8
|
-
assertGate(fixture.proof.zellij_pane_id === 'pane-999', 'control proof must link zellij pane id', fixture.proof);
|
|
9
|
-
assertGate(swarmSource.includes('codex_sdk_thread_started'), 'swarm must emit SDK thread event');
|
|
10
|
-
assertGate(proofSource.includes('worker_codex_sdk') && proofSource.includes('slot_status_renderer'), 'slot-pane proof must accept worker command panes and compact slot renderer panes');
|
|
11
|
-
assertGate(managerSource.includes('slot_status_renderer') && managerSource.includes('worker_codex_sdk'), 'worker pane manager must distinguish slot renderer and worker command pane kinds');
|
|
12
|
-
emitGate('codex-sdk:zellij-pane-binding', { zellij_pane_id: fixture.proof.zellij_pane_id, sdk_thread_id: fixture.proof.sdk_thread_id });
|
|
13
|
-
//# sourceMappingURL=codex-sdk-zellij-pane-binding-check.js.map
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
|
|
4
|
-
const runner = readText('src/core/codex-control/codex-task-runner.ts');
|
|
5
|
-
const registry = readText('src/core/codex-control/codex-thread-registry.ts');
|
|
6
|
-
assertGate(runner.includes('backendPreference'), 'Codex task runner must carry backend/runtime preference');
|
|
7
|
-
assertGate(runner.includes('backend_family'), 'Codex task runner must persist backend family');
|
|
8
|
-
assertGate(registry.includes('recordCodexThread'), 'Codex thread registry missing');
|
|
9
|
-
emitGate('codex:thread-runtime-choice', { runtime_choice: 'backendPreference/backend_family' });
|
|
10
|
-
//# sourceMappingURL=codex-thread-runtime-choice-check.js.map
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
|
|
4
|
-
const mod = await importDist('core/codex/codex-web-search-adapter.js');
|
|
5
|
-
const available = mod.detectCodexWebSearchCapability({ env: { SKS_CODEX_WEB_SEARCH_AVAILABLE: '1' } });
|
|
6
|
-
const offline = mod.detectCodexWebSearchCapability({ offline: true });
|
|
7
|
-
const evidence = await mod.runCodexWebSearch('fixture', { search: async () => [{ title: 'result', url: 'https://example.com' }], env: { SKS_CODEX_WEB_SEARCH_AVAILABLE: '1' } });
|
|
8
|
-
assertGate(available.available === true, 'Codex Web capability env detector must pass');
|
|
9
|
-
assertGate(offline.status === 'disabled_offline', 'offline mode must disable web search with reason');
|
|
10
|
-
assertGate(evidence.ok === true && evidence.normalized_results.length === 1, 'Codex Web adapter must normalize results');
|
|
11
|
-
emitGate('codex-web:adapter', { status: evidence.status, results: evidence.normalized_results.length });
|
|
12
|
-
//# sourceMappingURL=codex-web-adapter-check.js.map
|
|
@@ -1,55 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { runProcess } from '../core/fsx.js';
|
|
4
|
-
const entry = './dist/bin/sks.js';
|
|
5
|
-
const probe = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--json'], {
|
|
6
|
-
env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
|
|
7
|
-
timeoutMs: 20_000,
|
|
8
|
-
maxOutputBytes: 256 * 1024
|
|
9
|
-
});
|
|
10
|
-
const real = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--real', '--capture-screenshot', '--json'], {
|
|
11
|
-
env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
|
|
12
|
-
timeoutMs: 20_000,
|
|
13
|
-
maxOutputBytes: 256 * 1024
|
|
14
|
-
});
|
|
15
|
-
const probeJson = parseJson(probe.stdout);
|
|
16
|
-
const realJson = parseJson(real.stdout);
|
|
17
|
-
const text = `${probe.stdout}\n${probe.stderr}\n${real.stdout}\n${real.stderr}`;
|
|
18
|
-
const forbidden = /mock.*live|fabricated|Computer Use blocked by safety policy|MAD-SKS disabled Computer Use/i.test(text);
|
|
19
|
-
const ok = probe.code === 0
|
|
20
|
-
&& probeJson.schema === 'sks.computer-use-live-smoke.v2'
|
|
21
|
-
&& probeJson.evidence_mode === 'probe_only'
|
|
22
|
-
&& probeJson.mock === false
|
|
23
|
-
&& realJson.schema === 'sks.computer-use-live-smoke.v2'
|
|
24
|
-
&& ['probe_only', 'live_capture_attempted', 'live_capture_success', 'live_capture_blocked'].includes(realJson.evidence_mode)
|
|
25
|
-
&& realJson.mock === false
|
|
26
|
-
&& Boolean(realJson.live_evidence_path)
|
|
27
|
-
&& forbidden === false;
|
|
28
|
-
console.log(JSON.stringify({
|
|
29
|
-
schema: 'sks.computer-use-live-evidence-check.v1',
|
|
30
|
-
ok,
|
|
31
|
-
probe: {
|
|
32
|
-
code: probe.code,
|
|
33
|
-
status: probeJson.status || null,
|
|
34
|
-
evidence_mode: probeJson.evidence_mode || null
|
|
35
|
-
},
|
|
36
|
-
real: {
|
|
37
|
-
code: real.code,
|
|
38
|
-
status: realJson.status || null,
|
|
39
|
-
evidence_mode: realJson.evidence_mode || null,
|
|
40
|
-
live_evidence_path: realJson.live_evidence_path || null,
|
|
41
|
-
image_voxel_linked: realJson.image_voxel_linked === true
|
|
42
|
-
},
|
|
43
|
-
forbidden_wording: forbidden
|
|
44
|
-
}, null, 2));
|
|
45
|
-
if (!ok)
|
|
46
|
-
process.exitCode = 1;
|
|
47
|
-
function parseJson(text) {
|
|
48
|
-
try {
|
|
49
|
-
return JSON.parse(text);
|
|
50
|
-
}
|
|
51
|
-
catch {
|
|
52
|
-
return {};
|
|
53
|
-
}
|
|
54
|
-
}
|
|
55
|
-
//# sourceMappingURL=computer-use-live-evidence-check.js.map
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { runProcess } from '../core/fsx.js';
|
|
4
|
-
const entry = './dist/bin/sks.js';
|
|
5
|
-
const result = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--json'], {
|
|
6
|
-
env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
|
|
7
|
-
timeoutMs: 20_000,
|
|
8
|
-
maxOutputBytes: 256 * 1024
|
|
9
|
-
});
|
|
10
|
-
const text = `${result.stdout}\n${result.stderr}`;
|
|
11
|
-
let parsed = {};
|
|
12
|
-
try {
|
|
13
|
-
parsed = JSON.parse(result.stdout);
|
|
14
|
-
}
|
|
15
|
-
catch { }
|
|
16
|
-
const structuredStatus = ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown'].includes(parsed.status);
|
|
17
|
-
const ok = result.code === 0
|
|
18
|
-
&& parsed.schema === 'sks.computer-use-live-smoke.v2'
|
|
19
|
-
&& parsed.ok === true
|
|
20
|
-
&& structuredStatus
|
|
21
|
-
&& parsed.mock === false
|
|
22
|
-
&& !/Computer Use blocked by safety policy|MAD-SKS disabled Computer Use|Computer Use access is unsafe/i.test(text);
|
|
23
|
-
console.log(JSON.stringify({
|
|
24
|
-
schema: 'sks.computer-use-live-optional-check.v1',
|
|
25
|
-
ok,
|
|
26
|
-
status: parsed.status || null,
|
|
27
|
-
mode: parsed.evidence_mode || parsed.mode || null,
|
|
28
|
-
structured_status: structuredStatus
|
|
29
|
-
}, null, 2));
|
|
30
|
-
if (!ok)
|
|
31
|
-
process.exitCode = 1;
|
|
32
|
-
//# sourceMappingURL=computer-use-live-optional-check.js.map
|
|
@@ -1,69 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { runProcess } from '../core/fsx.js';
|
|
4
|
-
const entry = './dist/bin/sks.js';
|
|
5
|
-
const status = await runProcess(process.execPath, [entry, 'computer-use', 'status', '--json'], {
|
|
6
|
-
env: { ...process.env, CI: 'true' },
|
|
7
|
-
timeoutMs: 20_000,
|
|
8
|
-
maxOutputBytes: 256 * 1024
|
|
9
|
-
});
|
|
10
|
-
const text = `${status.stdout}\n${status.stderr}`;
|
|
11
|
-
const forbidden = [
|
|
12
|
-
/Computer Use blocked by safety policy/i,
|
|
13
|
-
/Computer Use access is unsafe/i,
|
|
14
|
-
/MAD-SKS disabled Computer Use/i,
|
|
15
|
-
/Computer Use 접근이 안전 정책상 차단/i
|
|
16
|
-
].filter((pattern) => pattern.test(text)).map(String);
|
|
17
|
-
let parsed = {};
|
|
18
|
-
try {
|
|
19
|
-
parsed = JSON.parse(status.stdout);
|
|
20
|
-
}
|
|
21
|
-
catch { }
|
|
22
|
-
const allowedStatus = ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown'];
|
|
23
|
-
const ok = status.code === 0
|
|
24
|
-
&& parsed.schema === 'sks.computer-use-status.v1'
|
|
25
|
-
&& allowedStatus.includes(parsed.status)
|
|
26
|
-
&& parsed.mad_sks_independent === true
|
|
27
|
-
&& forbidden.length === 0;
|
|
28
|
-
console.log(JSON.stringify({
|
|
29
|
-
schema: 'sks.computer-use-policy-check.v1',
|
|
30
|
-
ok,
|
|
31
|
-
status_code: status.code,
|
|
32
|
-
computer_use_status: parsed.status || null,
|
|
33
|
-
forbidden
|
|
34
|
-
}, null, 2));
|
|
35
|
-
if (!ok && forbidden.length)
|
|
36
|
-
await recordComputerUseWrongness(forbidden);
|
|
37
|
-
if (!ok)
|
|
38
|
-
process.exitCode = 1;
|
|
39
|
-
async function recordComputerUseWrongness(forbidden) {
|
|
40
|
-
const { addWrongnessRecord } = await import('../core/triwiki-wrongness/wrongness-ledger.js');
|
|
41
|
-
await addWrongnessRecord(process.cwd(), {
|
|
42
|
-
route: '$Computer-Use',
|
|
43
|
-
wrongness_kind: 'computer_use_policy_misclassification',
|
|
44
|
-
severity: 'high',
|
|
45
|
-
claim: { text: `Computer Use was described with forbidden safety/MAD-SKS block wording: ${forbidden.join(', ')}` },
|
|
46
|
-
detected_by: {
|
|
47
|
-
source: 'computer_use_policy_check',
|
|
48
|
-
command: 'npm run computer-use:policy-check',
|
|
49
|
-
artifact: 'dist/scripts/computer-use-policy-check.js',
|
|
50
|
-
detail: forbidden.join(', ')
|
|
51
|
-
},
|
|
52
|
-
root_cause: {
|
|
53
|
-
category: 'route_policy_gap',
|
|
54
|
-
explanation: 'Computer Use is a Codex App/macOS capability check, not a MAD-SKS or generic SKS safety block.'
|
|
55
|
-
},
|
|
56
|
-
corrective_action: {
|
|
57
|
-
summary: 'Separate Computer Use availability from safety policy wording and rerun the policy fixture.',
|
|
58
|
-
required_evidence: ['npm run computer-use:policy-check'],
|
|
59
|
-
patch_status: 'pending'
|
|
60
|
-
},
|
|
61
|
-
avoidance_rule: {
|
|
62
|
-
text: 'Do not classify macOS Computer Use as MAD-SKS or generic SKS safety block.',
|
|
63
|
-
applies_to: ['computer-use', '$Computer-Use', '$QA-LOOP', '$Image-UX-Review'],
|
|
64
|
-
severity: 'high'
|
|
65
|
-
},
|
|
66
|
-
links: { tests: ['npm run computer-use:policy-check'], files: ['dist/scripts/computer-use-policy-check.js'] }
|
|
67
|
-
});
|
|
68
|
-
}
|
|
69
|
-
//# sourceMappingURL=computer-use-policy-check.js.map
|
|
@@ -1,37 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
import { runProcess } from '../core/fsx.js';
|
|
4
|
-
const entry = './dist/bin/sks.js';
|
|
5
|
-
const routes = ['$Image-UX-Review', '$QA-LOOP', '$PPT', '$Computer-Use', '$From-Chat-IMG'];
|
|
6
|
-
const results = [];
|
|
7
|
-
for (const route of routes) {
|
|
8
|
-
const result = await runProcess(process.execPath, [entry, 'computer-use', 'require', '--route', route, '--json'], {
|
|
9
|
-
env: { ...process.env, CI: 'true' },
|
|
10
|
-
timeoutMs: 20_000,
|
|
11
|
-
maxOutputBytes: 256 * 1024
|
|
12
|
-
});
|
|
13
|
-
const text = `${result.stdout}\n${result.stderr}`;
|
|
14
|
-
let parsed = {};
|
|
15
|
-
try {
|
|
16
|
-
parsed = JSON.parse(result.stdout);
|
|
17
|
-
}
|
|
18
|
-
catch { }
|
|
19
|
-
results.push({
|
|
20
|
-
route,
|
|
21
|
-
code: result.code,
|
|
22
|
-
schema: parsed.schema || null,
|
|
23
|
-
status: parsed.status || null,
|
|
24
|
-
ok_or_structured_blocker: parsed.ok === true || ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown', 'web_verification_uses_chrome_extension'].includes(parsed.status),
|
|
25
|
-
no_forbidden_wording: !/Computer Use blocked by safety policy|MAD-SKS disabled Computer Use|Computer Use access is unsafe/i.test(text),
|
|
26
|
-
evidence_status: parsed.evidence?.status || null
|
|
27
|
-
});
|
|
28
|
-
}
|
|
29
|
-
const ok = results.every((row) => row.schema === 'sks.computer-use-require.v1' && row.ok_or_structured_blocker && row.no_forbidden_wording);
|
|
30
|
-
console.log(JSON.stringify({
|
|
31
|
-
schema: 'sks.computer-use-visual-route-fixture-check.v1',
|
|
32
|
-
ok,
|
|
33
|
-
results
|
|
34
|
-
}, null, 2));
|
|
35
|
-
if (!ok)
|
|
36
|
-
process.exitCode = 1;
|
|
37
|
-
//# sourceMappingURL=computer-use-visual-route-fixture-check.js.map
|
|
@@ -1,61 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
// GATE: core-skill:card-schema
|
|
4
|
-
// Proves the Core Skill Card is read-only external state, that the checked-in
|
|
5
|
-
// schema matches the runtime contract, and that an optimizer candidate can never
|
|
6
|
-
// overwrite a deployed snapshot in place.
|
|
7
|
-
import fs from 'node:fs';
|
|
8
|
-
import os from 'node:os';
|
|
9
|
-
import path from 'node:path';
|
|
10
|
-
import { assertGate, emitGate, importDist, root, readJson } from './sks-1-18-gate-lib.js';
|
|
11
|
-
const cardMod = await importDist('core/skills/core-skill-card.js');
|
|
12
|
-
const typesMod = await importDist('core/skills/core-skill-types.js');
|
|
13
|
-
const deployMod = await importDist('core/skills/core-skill-deployment.js');
|
|
14
|
-
const { createRequestedScopeContract } = await importDist('core/safety/requested-scope-contract.js');
|
|
15
|
-
const BODY = '## Goal\nDo the task.\n\n## Verification\nCheck output.\n\n## Rollback\nRevert on failure.\n';
|
|
16
|
-
const tempRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-card-schema-'));
|
|
17
|
-
const promotionContract = createRequestedScopeContract({
|
|
18
|
-
route: 'core-skill-card-schema',
|
|
19
|
-
userRequest: 'release gate fixture skill promotion',
|
|
20
|
-
projectRoot: tempRoot,
|
|
21
|
-
overrides: { skill_snapshot_promotion: true }
|
|
22
|
-
});
|
|
23
|
-
// 1) A fresh candidate is structurally valid and read-only.
|
|
24
|
-
const candidate = cardMod.createCandidateCard({ skillId: 'demo-skill', route: 'DFix', baseVersion: 0, body: BODY });
|
|
25
|
-
const shape = cardMod.validateCardShape(candidate);
|
|
26
|
-
assertGate(shape.ok, 'candidate card must pass validateCardShape', shape);
|
|
27
|
-
assertGate(candidate.status === 'candidate', 'fresh card status must be candidate', { status: candidate.status });
|
|
28
|
-
assertGate(candidate.deployment_snapshot === false, 'candidate must not be a deployment snapshot', candidate);
|
|
29
|
-
assertGate(candidate.side_effect_scope.read_only === true, 'candidate card must be read_only', candidate.side_effect_scope);
|
|
30
|
-
assertGate(candidate.side_effect_scope.allowed_mutations.length === 0, 'candidate card must grant zero mutations', candidate.side_effect_scope);
|
|
31
|
-
// 2) The checked-in schema parses and its const matches the runtime schema id.
|
|
32
|
-
const cardSchema = readJson('schemas/skills/core-skill-card.schema.json');
|
|
33
|
-
assertGate(cardSchema.properties?.schema?.const === typesMod.CORE_SKILL_CARD_SCHEMA, 'card schema const must match CORE_SKILL_CARD_SCHEMA', { const: cardSchema.properties?.schema?.const, expected: typesMod.CORE_SKILL_CARD_SCHEMA });
|
|
34
|
-
// 3) Negative invariants.
|
|
35
|
-
const notReadOnly = { ...candidate, side_effect_scope: { allowed_mutations: [], read_only: false } };
|
|
36
|
-
const notReadOnlyShape = cardMod.validateCardShape(notReadOnly);
|
|
37
|
-
assertGate(notReadOnlyShape.ok === false && notReadOnlyShape.blockers.includes('card_not_read_only'), 'read_only=false card must be blocked by card_not_read_only', notReadOnlyShape);
|
|
38
|
-
const grantsMutations = { ...candidate, side_effect_scope: { allowed_mutations: ['x'], read_only: true } };
|
|
39
|
-
const grantsShape = cardMod.validateCardShape(grantsMutations);
|
|
40
|
-
assertGate(grantsShape.ok === false && grantsShape.blockers.includes('card_grants_mutations'), 'allowed_mutations card must be blocked by card_grants_mutations', grantsShape);
|
|
41
|
-
const badDeployed = { ...candidate, status: 'deployed', deployment_snapshot: false };
|
|
42
|
-
const badDeployedShape = cardMod.validateCardShape(badDeployed);
|
|
43
|
-
assertGate(badDeployedShape.ok === false && badDeployedShape.blockers.includes('deployed_card_not_snapshot'), 'deployed card without snapshot flag must be blocked', badDeployedShape);
|
|
44
|
-
// 4) A deployed snapshot cannot be overwritten by an optimizer candidate.
|
|
45
|
-
// The deployed snapshot lives in deployed.json; a candidate is a SEPARATE file.
|
|
46
|
-
const accepted = { ...candidate, status: 'accepted' };
|
|
47
|
-
const promotion = await deployMod.promoteToDeployedWithLedger(tempRoot, accepted, { contract: promotionContract, context: 'release' });
|
|
48
|
-
assertGate(promotion.ok === true, 'ledger promotion must succeed for an accepted card', promotion);
|
|
49
|
-
const deployedBefore = await cardMod.loadDeployedSnapshot(tempRoot, 'DFix', 'demo-skill');
|
|
50
|
-
assertGate(deployedBefore && deployedBefore.status === 'deployed' && deployedBefore.deployment_snapshot === true, 'loadDeployedSnapshot must return a deployed snapshot', deployedBefore);
|
|
51
|
-
// Saving a candidate with the same skill_id must NOT touch deployed.json.
|
|
52
|
-
const sneakyCandidate = cardMod.createCandidateCard({ skillId: 'demo-skill', route: 'DFix', baseVersion: 9, body: '## Goal\nOverwrite me.\n' });
|
|
53
|
-
await cardMod.saveCard(tempRoot, sneakyCandidate);
|
|
54
|
-
const deployedAfter = await cardMod.loadDeployedSnapshot(tempRoot, 'DFix', 'demo-skill');
|
|
55
|
-
assertGate(deployedAfter && deployedAfter.status === 'deployed' && deployedAfter.deployment_snapshot === true, 'deployed snapshot must remain deployed after saving a candidate', deployedAfter);
|
|
56
|
-
assertGate(deployedAfter.body === deployedBefore.body, 'deployed snapshot body must be unchanged by candidate save', { before: deployedBefore.body, after: deployedAfter.body });
|
|
57
|
-
fs.mkdirSync(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
|
|
58
|
-
fs.writeFileSync(path.join(root, '.sneakoscope', 'reports', 'core-skill-card-schema-check.json'), `${JSON.stringify({ gate: 'core-skill:card-schema', candidate_ok: shape.ok, schema_const: cardSchema.properties?.schema?.const, deployed_protected: deployedAfter.body === deployedBefore.body }, null, 2)}\n`);
|
|
59
|
-
fs.rmSync(tempRoot, { recursive: true, force: true });
|
|
60
|
-
emitGate('core-skill:card-schema', { candidate_read_only: true, schema_const: cardSchema.properties?.schema?.const, deployed_snapshot_immutable: true });
|
|
61
|
-
//# sourceMappingURL=core-skill-card-schema-check.js.map
|
|
@@ -1,54 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
// GATE: core-skill:deployment-snapshot
|
|
4
|
-
// Proves deployed snapshots are immutable (a changed body needs a higher version),
|
|
5
|
-
// the previous snapshot is archived for rollback, rollback restores it, and only an
|
|
6
|
-
// accepted card may be promoted.
|
|
7
|
-
import fs from 'node:fs';
|
|
8
|
-
import os from 'node:os';
|
|
9
|
-
import path from 'node:path';
|
|
10
|
-
import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
|
|
11
|
-
const cardMod = await importDist('core/skills/core-skill-card.js');
|
|
12
|
-
const deployMod = await importDist('core/skills/core-skill-deployment.js');
|
|
13
|
-
const { createRequestedScopeContract } = await importDist('core/safety/requested-scope-contract.js');
|
|
14
|
-
const ROUTE = 'DFix';
|
|
15
|
-
const SKILL = 'demo-skill';
|
|
16
|
-
const BODY_V1 = '## Goal\nDo the task.\n\n## Verification\nCheck output.\n\n## Rollback\nRevert on failure.\n';
|
|
17
|
-
const BODY_V2 = '## Goal\nDo the task carefully.\n\n## Verification\nCheck output twice.\n\n## Rollback\nRevert on failure.\n';
|
|
18
|
-
const tempRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-deploy-'));
|
|
19
|
-
const promotionContract = createRequestedScopeContract({
|
|
20
|
-
route: 'core-skill-deployment-snapshot',
|
|
21
|
-
userRequest: 'release gate fixture skill promotion',
|
|
22
|
-
projectRoot: tempRoot,
|
|
23
|
-
overrides: { skill_snapshot_promotion: true }
|
|
24
|
-
});
|
|
25
|
-
// 1) Promote an accepted card to a deployed snapshot.
|
|
26
|
-
const acceptedV1 = { ...cardMod.createCandidateCard({ skillId: SKILL, route: ROUTE, baseVersion: 0, body: BODY_V1 }), status: 'accepted' };
|
|
27
|
-
const promoteV1 = await deployMod.promoteToDeployedWithLedger(tempRoot, acceptedV1, { contract: promotionContract, context: 'release' });
|
|
28
|
-
assertGate(promoteV1.ok === true, 'promoting an accepted card must succeed', promoteV1);
|
|
29
|
-
assertGate(promoteV1.snapshot && promoteV1.snapshot.status === 'deployed' && promoteV1.snapshot.deployment_snapshot === true, 'snapshot must be deployed + flagged', promoteV1.snapshot);
|
|
30
|
-
// 2) Immutability: a changed body at version <= existing must be rejected.
|
|
31
|
-
const changedSameVersion = { ...cardMod.createCandidateCard({ skillId: SKILL, route: ROUTE, baseVersion: 0, body: BODY_V2 }), status: 'accepted' };
|
|
32
|
-
assertGate(changedSameVersion.version === acceptedV1.version, 'changed-body card must share the existing version for this check', { changed: changedSameVersion.version, existing: acceptedV1.version });
|
|
33
|
-
const promoteSame = await deployMod.promoteToDeployedWithLedger(tempRoot, changedSameVersion, { contract: promotionContract, context: 'release' });
|
|
34
|
-
assertGate(promoteSame.ok === false && promoteSame.blockers.includes('snapshot_changed_without_version_increment'), 'changed body without version bump must be rejected', promoteSame);
|
|
35
|
-
// 3) A changed body at a HIGHER version succeeds, archives the previous snapshot.
|
|
36
|
-
const acceptedV2 = { ...cardMod.createCandidateCard({ skillId: SKILL, route: ROUTE, baseVersion: 1, body: BODY_V2 }), status: 'accepted' };
|
|
37
|
-
assertGate(acceptedV2.version > acceptedV1.version, 'v2 must have a higher version than v1', { v2: acceptedV2.version, v1: acceptedV1.version });
|
|
38
|
-
const promoteV2 = await deployMod.promoteToDeployedWithLedger(tempRoot, acceptedV2, { contract: promotionContract, context: 'release' });
|
|
39
|
-
assertGate(promoteV2.ok === true, 'higher-version changed snapshot must promote', promoteV2);
|
|
40
|
-
assertGate(typeof promoteV2.archived_path === 'string' && promoteV2.archived_path.length > 0, 'previous snapshot must be archived', promoteV2);
|
|
41
|
-
const hasRollback = await deployMod.hasRollbackSnapshot(tempRoot, ROUTE, SKILL);
|
|
42
|
-
assertGate(hasRollback === true, 'a rollback snapshot must exist after a version bump', { hasRollback });
|
|
43
|
-
// 4) Rollback restores the previous (v1) snapshot.
|
|
44
|
-
const rolled = await deployMod.rollbackDeployment(tempRoot, ROUTE, SKILL);
|
|
45
|
-
assertGate(rolled.ok === true && rolled.restored_version === acceptedV1.version, 'rollback must restore the previous version', rolled);
|
|
46
|
-
// 5) Promotion requires accepted status.
|
|
47
|
-
const candidate = cardMod.createCandidateCard({ skillId: 'other-skill', route: ROUTE, baseVersion: 0, body: BODY_V1 });
|
|
48
|
-
const promoteCandidate = await deployMod.promoteToDeployedWithLedger(tempRoot, candidate, { contract: promotionContract, context: 'release' });
|
|
49
|
-
assertGate(promoteCandidate.ok === false && promoteCandidate.blockers.includes('promote_requires_accepted_status'), 'a candidate card must not be promotable', promoteCandidate);
|
|
50
|
-
fs.mkdirSync(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
|
|
51
|
-
fs.writeFileSync(path.join(root, '.sneakoscope', 'reports', 'core-skill-deployment-snapshot-check.json'), `${JSON.stringify({ gate: 'core-skill:deployment-snapshot', restored_version: rolled.restored_version, archived_path: Boolean(promoteV2.archived_path) }, null, 2)}\n`);
|
|
52
|
-
fs.rmSync(tempRoot, { recursive: true, force: true });
|
|
53
|
-
emitGate('core-skill:deployment-snapshot', { immutable_without_version_bump: true, archived_on_bump: true, rollback_restores_previous: rolled.restored_version === acceptedV1.version, promote_requires_accepted: true });
|
|
54
|
-
//# sourceMappingURL=core-skill-deployment-snapshot-check.js.map
|
|
@@ -1,49 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
// @ts-nocheck
|
|
3
|
-
// GATE: core-skill:heldout-validation
|
|
4
|
-
// Proves strict held-out acceptance: a candidate is accepted ONLY on strict
|
|
5
|
-
// held-out improvement with no safety regression, train-only gains are rejected,
|
|
6
|
-
// and rejected patches are buffered so the same failed edit is not retried.
|
|
7
|
-
import fs from 'node:fs';
|
|
8
|
-
import os from 'node:os';
|
|
9
|
-
import path from 'node:path';
|
|
10
|
-
import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
|
|
11
|
-
const validationMod = await importDist('core/skills/core-skill-validation.js');
|
|
12
|
-
const bufferMod = await importDist('core/skills/rejected-skill-patch-buffer.js');
|
|
13
|
-
const baseInput = {
|
|
14
|
-
baselineHeldout: 0.76,
|
|
15
|
-
candidateHeldout: 0.82,
|
|
16
|
-
sideEffectZero: true,
|
|
17
|
-
requestedScopeCompliant: true,
|
|
18
|
-
proofCompletenessBaseline: 1,
|
|
19
|
-
proofCompletenessCandidate: 1,
|
|
20
|
-
rollbackReadyBaseline: 1,
|
|
21
|
-
rollbackReadyCandidate: 1,
|
|
22
|
-
latencyBaselineMs: 1000,
|
|
23
|
-
latencyCandidateMs: 1100
|
|
24
|
-
};
|
|
25
|
-
// 1) Accept on strict improvement with no regression.
|
|
26
|
-
const acceptRes = validationMod.validateHeldout(baseInput);
|
|
27
|
-
assertGate(acceptRes.accept === true && acceptRes.reason === 'strict_improvement', 'strict improvement must be accepted', acceptRes);
|
|
28
|
-
// 2) Held-out not improved -> reject.
|
|
29
|
-
const notImproved = validationMod.validateHeldout({ ...baseInput, candidateHeldout: 0.74 });
|
|
30
|
-
assertGate(notImproved.accept === false && notImproved.reason === 'heldout_not_improved', 'non-improving held-out must be rejected', notImproved);
|
|
31
|
-
// 3) Train-improves-but-held-out-worse maps to heldout_not_improved.
|
|
32
|
-
// (Held-out is the only acceptance signal; a worse held-out is rejected regardless of train gains.)
|
|
33
|
-
const trainGainHeldoutWorse = validationMod.validateHeldout({ ...baseInput, candidateHeldout: 0.70 });
|
|
34
|
-
assertGate(trainGainHeldoutWorse.accept === false && trainGainHeldoutWorse.reason === 'heldout_not_improved', 'train-gain/held-out-worse must reject as heldout_not_improved', trainGainHeldoutWorse);
|
|
35
|
-
// 4) Side-effect violation with improved held-out -> reject.
|
|
36
|
-
const sideEffect = validationMod.validateHeldout({ ...baseInput, sideEffectZero: false });
|
|
37
|
-
assertGate(sideEffect.accept === false && sideEffect.reason === 'side_effect_zero_failed', 'side-effect failure must reject as side_effect_zero_failed', sideEffect);
|
|
38
|
-
// 5) Rejected-patch buffer dedupes by hash.
|
|
39
|
-
const tempRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-heldout-'));
|
|
40
|
-
await bufferMod.recordRejectedPatch(tempRoot, { skill_id: 's', base_version: 3, patch_hash: 'abc', reason: 'heldout_not_improved', score_delta: -0.03 });
|
|
41
|
-
const knownRejected = await bufferMod.isPatchRejected(tempRoot, 'abc');
|
|
42
|
-
const unknownRejected = await bufferMod.isPatchRejected(tempRoot, 'zzz');
|
|
43
|
-
assertGate(knownRejected === true, 'recorded patch hash must be reported as rejected', { knownRejected });
|
|
44
|
-
assertGate(unknownRejected === false, 'unknown patch hash must not be reported as rejected', { unknownRejected });
|
|
45
|
-
fs.mkdirSync(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
|
|
46
|
-
fs.writeFileSync(path.join(root, '.sneakoscope', 'reports', 'core-skill-heldout-validation-check.json'), `${JSON.stringify({ gate: 'core-skill:heldout-validation', accept_delta: acceptRes.score_delta, reject_reasons: [notImproved.reason, trainGainHeldoutWorse.reason, sideEffect.reason] }, null, 2)}\n`);
|
|
47
|
-
fs.rmSync(tempRoot, { recursive: true, force: true });
|
|
48
|
-
emitGate('core-skill:heldout-validation', { accept_strict_improvement: true, heldout_not_improved_rejected: true, side_effect_rejected: true, rejected_buffer_dedupes: knownRejected && !unknownRejected });
|
|
49
|
-
//# sourceMappingURL=core-skill-heldout-validation-check.js.map
|