sneakoscope 4.0.13 → 4.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. package/README.md +10 -2
  2. package/crates/sks-core/Cargo.lock +1 -1
  3. package/crates/sks-core/Cargo.toml +1 -1
  4. package/crates/sks-core/src/main.rs +1 -1
  5. package/dist/bin/sks.js +1 -1
  6. package/dist/cli/global-mode-router.js +2 -1
  7. package/dist/core/commands/mad-sks-command.js +3 -0
  8. package/dist/core/fsx.js +1 -1
  9. package/dist/core/providers/glm/bench/glm-bench-model-lock-proof.js +32 -3
  10. package/dist/core/providers/glm/bench/glm-benchmark-runner.js +29 -5
  11. package/dist/core/providers/glm/bench/glm-benchmark-types.js +1 -1
  12. package/dist/core/providers/glm/naruto/glm-naruto-critical-path.js +51 -0
  13. package/dist/core/providers/glm/naruto/glm-naruto-final-seal.js +9 -2
  14. package/dist/core/providers/glm/naruto/glm-naruto-orchestrator.js +101 -15
  15. package/dist/core/providers/glm/naruto/glm-naruto-parallelism-summary.js +55 -0
  16. package/dist/core/providers/glm/naruto/glm-naruto-requirement-coverage.js +92 -0
  17. package/dist/core/providers/glm/naruto/glm-naruto-requirement-ledger.js +42 -0
  18. package/dist/core/providers/glm/naruto/glm-naruto-stage-scheduler.js +85 -0
  19. package/dist/core/providers/glm/naruto/glm-naruto-task-size-classifier.js +12 -0
  20. package/dist/core/providers/glm/naruto/glm-naruto-trace.js +4 -0
  21. package/dist/core/providers/glm/naruto/glm-naruto-verifier-output.js +5 -0
  22. package/dist/core/providers/glm/naruto/glm-naruto-worker-pool.js +130 -44
  23. package/dist/core/providers/glm/naruto/glm-naruto-worker-runtime.js +6 -2
  24. package/dist/core/routes/model-mode-router.js +44 -0
  25. package/dist/core/version.js +1 -1
  26. package/package.json +24 -1
  27. package/dist/scripts/agent-dynamic-pool-fixture.js +0 -80
  28. package/dist/scripts/agent-native-release-gate.js +0 -274
  29. package/dist/scripts/agent-patch-swarm-gate-lib.js +0 -113
  30. package/dist/scripts/agent-real-codex-patch-envelope-smoke.js +0 -126
  31. package/dist/scripts/agent-route-blackbox-lib.js +0 -132
  32. package/dist/scripts/blackbox-command-import-smoke.js +0 -143
  33. package/dist/scripts/blackbox-global-shim.js +0 -77
  34. package/dist/scripts/blackbox-matrix.js +0 -70
  35. package/dist/scripts/blackbox-npx-one-shot.js +0 -69
  36. package/dist/scripts/blackbox-pack-install.js +0 -174
  37. package/dist/scripts/build-dist.js +0 -64
  38. package/dist/scripts/check-architecture.js +0 -135
  39. package/dist/scripts/check-cli-entrypoint.js +0 -43
  40. package/dist/scripts/check-command-module-budget.js +0 -25
  41. package/dist/scripts/check-dist-runtime.js +0 -100
  42. package/dist/scripts/check-feature-quality.js +0 -53
  43. package/dist/scripts/check-legacy-free.js +0 -66
  44. package/dist/scripts/check-package-boundary.js +0 -108
  45. package/dist/scripts/check-pipeline-budget.js +0 -69
  46. package/dist/scripts/check-pipeline-runtime.js +0 -25
  47. package/dist/scripts/check-publish-tag.js +0 -30
  48. package/dist/scripts/check-route-modularity.js +0 -82
  49. package/dist/scripts/check-runtime-schemas.js +0 -87
  50. package/dist/scripts/check-source-runtime.js +0 -4
  51. package/dist/scripts/check-ts-contracts.js +0 -69
  52. package/dist/scripts/check-ts-suppressions.js +0 -58
  53. package/dist/scripts/clean-dist.js +0 -8
  54. package/dist/scripts/codex-0140-feature-gate-lib.js +0 -14
  55. package/dist/scripts/codex-config-eperm-fixture.js +0 -32
  56. package/dist/scripts/codex-lb-missing-env-regression.js +0 -40
  57. package/dist/scripts/codex-native-runtime-e2e-fixture.js +0 -75
  58. package/dist/scripts/codex-project-config-policy-merge-regression.js +0 -92
  59. package/dist/scripts/core-skill-legacy-promotion-api-audit.js +0 -54
  60. package/dist/scripts/ensure-bin-executable.js +0 -10
  61. package/dist/scripts/fixtures/fake-codex-config-loader.js +0 -51
  62. package/dist/scripts/github-release-body-helper.js +0 -65
  63. package/dist/scripts/gpt-image-2-real-file-smoke.js +0 -448
  64. package/dist/scripts/hooks-no-unsupported-handlers.js +0 -15
  65. package/dist/scripts/hooks-runtime-replay-warning-zero-v2.js +0 -26
  66. package/dist/scripts/hooks-runtime-replay-warning-zero.js +0 -10
  67. package/dist/scripts/hooks-trust-warning-zero.js +0 -14
  68. package/dist/scripts/lib/codex-sdk-gate-lib.js +0 -92
  69. package/dist/scripts/lib/ensure-dist-fresh.js +0 -142
  70. package/dist/scripts/lib/git-worktree-fixture.js +0 -33
  71. package/dist/scripts/lib/mad-sks-actual-executor-check-lib.js +0 -255
  72. package/dist/scripts/lib/native-cli-session-swarm-check-lib.js +0 -79
  73. package/dist/scripts/lib/real-codex-parallel-gate.js +0 -94
  74. package/dist/scripts/lib/real-codex-parallel-proof-fixture.js +0 -55
  75. package/dist/scripts/lib/valid-png-fixture.js +0 -25
  76. package/dist/scripts/mad-sks-live-protected-core-smoke.js +0 -5
  77. package/dist/scripts/naruto-real-local-gpt-final-smoke.js +0 -25
  78. package/dist/scripts/perf-gate.js +0 -39
  79. package/dist/scripts/prepublish-release-check-or-fast.js +0 -121
  80. package/dist/scripts/release-3112-required-gates.js +0 -30
  81. package/dist/scripts/release-3113-required-gates.js +0 -25
  82. package/dist/scripts/release-4000-required-gates.js +0 -36
  83. package/dist/scripts/release-4001-required-gates.js +0 -13
  84. package/dist/scripts/release-4002-required-gates.js +0 -14
  85. package/dist/scripts/release-check-dynamic-execute.js +0 -259
  86. package/dist/scripts/release-check-dynamic.js +0 -107
  87. package/dist/scripts/release-check-stamp.js +0 -261
  88. package/dist/scripts/release-gate-dag-runner.js +0 -56
  89. package/dist/scripts/release-gate-existence-audit.js +0 -111
  90. package/dist/scripts/release-gate-planner.js +0 -34
  91. package/dist/scripts/release-gate-worker.js +0 -10
  92. package/dist/scripts/release-speed-summary.js +0 -67
  93. package/dist/scripts/repo-audit.js +0 -83
  94. package/dist/scripts/rust-smoke.js +0 -5
  95. package/dist/scripts/sizecheck.js +0 -146
  96. package/dist/scripts/sks-1-11-gate-lib.js +0 -78
  97. package/dist/scripts/sks-1-18-gate-lib.js +0 -55
  98. package/dist/scripts/tmux-removal-inventory.js +0 -36
  99. package/dist/scripts/write-build-manifest.js +0 -71
  100. package/dist/scripts/zellij-dashboard-watch.js +0 -41
  101. package/dist/scripts/zellij-right-column-geometry-proof.js +0 -162
@@ -1,54 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fs from 'node:fs';
4
- import path from 'node:path';
5
- import { assertGate, emitGate, root } from './sks-1-18-gate-lib.js';
6
- const offenders = [];
7
- for (const rel of listFiles(path.join(root, 'src')).filter((file) => file.endsWith('.ts')).map(relPath)) {
8
- if (rel === 'src/core/skills/core-skill-deployment.ts')
9
- continue;
10
- const text = fs.readFileSync(path.join(root, rel), 'utf8');
11
- const lines = text.split('\n');
12
- for (let i = 0; i < lines.length; i += 1) {
13
- const line = lines[i];
14
- if (/\bpromoteToDeployed\s*\(/.test(line) && !/\bpromoteToDeployedWithLedger\s*\(/.test(line) && !/\bpromoteToDeployedLegacyForCompatibility\s*\(/.test(line)) {
15
- offenders.push({ file: rel, line: i + 1, snippet: line.trim() });
16
- }
17
- }
18
- }
19
- const report = {
20
- schema: 'sks.core-skill-legacy-promotion-api-audit.v1',
21
- ok: offenders.length === 0,
22
- offenders,
23
- policy: 'runtime/release paths must use promoteToDeployedWithLedger; legacy wrapper is compatibility-only'
24
- };
25
- const out = path.join(root, '.sneakoscope', 'reports', 'core-skill-legacy-promotion-api-audit.json');
26
- fs.mkdirSync(path.dirname(out), { recursive: true });
27
- fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
28
- assertGate(report.ok, 'legacy unledgered promotion API usage found in runtime/release path', report);
29
- emitGate('core-skill:legacy-promotion-api-audit', { offenders: offenders.length });
30
- function listFiles(dir) {
31
- const out = [];
32
- walk(dir, out);
33
- return out;
34
- }
35
- function walk(dir, out) {
36
- let entries = [];
37
- try {
38
- entries = fs.readdirSync(dir, { withFileTypes: true });
39
- }
40
- catch {
41
- return;
42
- }
43
- for (const entry of entries) {
44
- const file = path.join(dir, entry.name);
45
- if (entry.isDirectory())
46
- walk(file, out);
47
- else if (entry.isFile())
48
- out.push(file);
49
- }
50
- }
51
- function relPath(file) {
52
- return path.relative(root, file).split(path.sep).join('/');
53
- }
54
- //# sourceMappingURL=core-skill-legacy-promotion-api-audit.js.map
@@ -1,10 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fsp from 'node:fs/promises';
4
- import path from 'node:path';
5
- import { fileURLToPath } from 'node:url';
6
- const root = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..', '..');
7
- const bin = path.join(root, 'dist', 'bin', 'sks.js');
8
- await fsp.chmod(bin, 0o755);
9
- console.log(`bin executable: ${path.relative(root, bin)}`);
10
- //# sourceMappingURL=ensure-bin-executable.js.map
@@ -1,51 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fs from 'node:fs';
4
- import path from 'node:path';
5
- const args = process.argv.slice(2);
6
- const configPath = path.join(process.cwd(), '.codex', 'config.toml');
7
- const outputLastMessage = readOption('--output-last-message', '');
8
- let configText = '';
9
- try {
10
- configText = fs.readFileSync(configPath, 'utf8');
11
- }
12
- catch (err) {
13
- emitConfigError(`Failed to read project config file ${configPath}: ${err.message}`);
14
- }
15
- if (process.env.SKS_FAKE_CODEX_CONFIG_EPERM === '1') {
16
- emitConfigError(`Failed to read project config file ${configPath}: Operation not permitted (os error 1)`);
17
- }
18
- // Simulate the Codex 0.140 stdio/url merge conflict: when the project config still
19
- // defines Context7 as a local stdio server (a `command`), Codex merges it with the
20
- // remote `url` in the global config and rejects the result. Once the doctor migrates
21
- // Context7 to the remote `url` transport (no `command`), the load succeeds.
22
- if (process.env.SKS_FAKE_CODEX_CONFIG_CONTEXT7_STDIO_CONFLICT === '1') {
23
- const context7 = configText.match(/\[mcp_servers\.context7\][^[]*/)?.[0] || '';
24
- if (/^\s*command\s*=/m.test(context7) || /@upstash\/context7-mcp/.test(context7)) {
25
- emitConfigError('url is not supported for stdio\nin `mcp_servers.context7`');
26
- }
27
- }
28
- if (process.env.SKS_FAKE_CODEX_CONFIG_TOML_ERROR === '1') {
29
- emitConfigError(`TOML parse error in project config file ${configPath}: invalid string`);
30
- }
31
- if (process.env.SKS_FAKE_CODEX_CONFIG_IGNORED_PROJECT_KEY === '1') {
32
- process.stderr.write(`warning: Ignored unsupported project-local config keys in ${configPath}: model_provider, model_providers, profiles. If you want these settings to apply, manually set them in your user-level config.toml.\n`);
33
- }
34
- if (outputLastMessage) {
35
- fs.mkdirSync(path.dirname(outputLastMessage), { recursive: true });
36
- fs.writeFileSync(outputLastMessage, `${JSON.stringify({
37
- ok: true,
38
- source: 'fake-codex-config-loader',
39
- message: 'SKS_CONFIG_LOAD_PROBE_OK'
40
- })}\n`);
41
- }
42
- process.stdout.write('SKS_CONFIG_LOAD_PROBE_OK\n');
43
- function emitConfigError(message) {
44
- process.stderr.write(`Error loading config.toml:\n${message}\n`);
45
- process.exit(1);
46
- }
47
- function readOption(name, fallback) {
48
- const index = args.indexOf(name);
49
- return index >= 0 && args[index + 1] ? args[index + 1] : fallback;
50
- }
51
- //# sourceMappingURL=fake-codex-config-loader.js.map
@@ -1,65 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fs from 'node:fs';
4
- import path from 'node:path';
5
- import { assertGate, root } from './sks-1-18-gate-lib.js';
6
- const args = process.argv.slice(2);
7
- const pkg = JSON.parse(fs.readFileSync(path.join(root, 'package.json'), 'utf8'));
8
- const truth = readJson('.sneakoscope/release-proof-truth.json') || readJson('dist/release-proof-truth.json');
9
- const codex0139 = readJson('.sneakoscope/codex-0139-capability.json');
10
- const codex0139Real = readJson('.sneakoscope/codex-0139-real-probe-summary.json');
11
- const zellij = readJson('.sneakoscope/reports/zellij-worker-pane-summary.json');
12
- const changelog = fs.readFileSync(path.join(root, 'CHANGELOG.md'), 'utf8');
13
- const latest = latestChangelogSection(changelog);
14
- const sdkVersion = readCodexSdkPackageVersion();
15
- const warnings = [
16
- ...(truth?.package_version && truth.package_version !== latest.version ? [`package version ${truth.package_version} does not match changelog latest ${latest.version}`] : []),
17
- ...(pkg.version !== latest.version ? [`package.json version ${pkg.version} does not match changelog latest ${latest.version}`] : []),
18
- ...(!truth ? ['release proof truth missing'] : []),
19
- ...(truth?.git_status_clean === false ? ['git working tree dirty when proof truth was generated'] : [])
20
- ];
21
- const body = [
22
- `Version: ${pkg.version}`,
23
- `Commit: ${truth?.git_commit_sha || 'unknown'}`,
24
- `Dirty: ${truth?.git_status_clean === false ? 'yes' : truth?.git_status_clean === true ? 'no' : 'unknown'}`,
25
- `Release proof truth: ${truth ? '.sneakoscope/release-proof-truth.json' : 'missing'}`,
26
- `Codex SDK package: ${sdkVersion || 'unknown'}`,
27
- `External Codex CLI 0.139 capability: ${codex0139 ? `${codex0139.ok ? 'ok' : 'blocked'}${codex0139.parsed_version ? ` (${codex0139.parsed_version})` : ''}` : 'not recorded'}`,
28
- `Codex 0.139 real probes: ${codex0139Real ? `${codex0139Real.ok ? 'ok' : 'blocked'} (${codex0139Real.actual_cli_probe_count || 0} actual CLI, ${codex0139Real.skipped_count || 0} skipped, ${codex0139Real.failed_count || 0} failed)` : 'not run in this release environment. Hermetic fixture gates: passed.'}`,
29
- `Zellij stacked panes: ${zellij ? `${zellij.stacked_applied_count || 0}/${zellij.stacked_requested_count || 0} applied, fallback ${zellij.stacked_fallback_count || 0}, SLOTS anchors ${zellij.duplicate_slot_anchor_count || 0}` : 'not recorded'}`,
30
- `Packlist: ${truth?.npm_packlist_count ?? 'unknown'} files / ${truth?.npm_packlist_bytes ?? 'unknown'} bytes`,
31
- ...(warnings.length ? [`Warnings: ${warnings.join('; ')}`] : ['Warnings: none']),
32
- 'Release gates: passed',
33
- '',
34
- latest.body.trim()
35
- ].join('\n');
36
- if (args.includes('--check')) {
37
- assertGate(Boolean(truth && truth.schema === 'sks.release-proof-truth.v1'), 'release proof truth missing; run npm run release:proof-truth first');
38
- assertGate(latest.version === pkg.version, 'latest changelog section must match package version', { latest: latest.version, package: pkg.version });
39
- assertGate(body.includes(`Version: ${pkg.version}`) && body.includes('Commit:') && body.includes('Dirty:') && body.includes('Release proof truth:') && body.includes('Codex SDK package:') && body.includes('External Codex CLI 0.139 capability:') && body.includes('Codex 0.139 real probes:') && body.includes('Zellij stacked panes:') && body.includes('Packlist:'), 'github release body helper missing source truth fields', { body });
40
- assertGate(!warnings.some((warning) => warning.includes('package version') || warning.includes('changelog latest') || warning.includes('release proof truth missing')), 'github release body helper source truth warnings must not include version/proof mismatch', { warnings, body });
41
- }
42
- console.log(body);
43
- function readJson(rel) {
44
- try {
45
- return JSON.parse(fs.readFileSync(path.join(root, rel), 'utf8'));
46
- }
47
- catch {
48
- return null;
49
- }
50
- }
51
- function latestChangelogSection(text) {
52
- const matches = [...text.matchAll(/^## \[([^\]]+)\][^\n]*\n/gm)];
53
- const first = matches.find((match) => /^[0-9]+\.[0-9]+\.[0-9]+$/.test(match[1]));
54
- if (!first)
55
- return { version: null, body: '' };
56
- const second = matches.find((match) => (match.index || 0) > (first.index || 0));
57
- const start = (first.index || 0) + first[0].length;
58
- const end = second?.index || text.length;
59
- return { version: first[1], body: text.slice(start, end) };
60
- }
61
- function readCodexSdkPackageVersion() {
62
- const lock = readJson('package-lock.json');
63
- return lock?.packages?.['node_modules/@openai/codex-sdk']?.version || pkg.dependencies?.['@openai/codex-sdk'] || null;
64
- }
65
- //# sourceMappingURL=github-release-body-helper.js.map
@@ -1,448 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fs from 'node:fs';
4
- import os from 'node:os';
5
- import path from 'node:path';
6
- import crypto from 'node:crypto';
7
- import { spawnSync } from 'node:child_process';
8
- const root = process.cwd();
9
- const enabled = process.env.SKS_TEST_REAL_IMAGEGEN === '1'
10
- || process.env.SKS_REAL_IMAGEGEN === '1'
11
- || process.env.SKS_GPT_IMAGE_2_REAL_FILE_SMOKE === '1';
12
- const reportDir = path.join(root, '.sneakoscope', 'reports');
13
- const imageDir = path.join(reportDir, 'generated-images');
14
- const reportPath = path.join(reportDir, 'gpt-image-2-real-file-smoke.json');
15
- fs.mkdirSync(imageDir, { recursive: true });
16
- function writeReport(report) {
17
- fs.writeFileSync(reportPath, `${JSON.stringify(report, null, 2)}\n`);
18
- console.log(JSON.stringify({ ...report, report_path: reportPath }, null, 2));
19
- }
20
- function verifyImageFile(file) {
21
- const bytes = fs.readFileSync(file);
22
- const dimensions = pngDimensions(bytes);
23
- const ok = bytes.length > 0 && dimensions.format !== 'unknown';
24
- return {
25
- ok,
26
- output_image_path: file,
27
- output_image_sha256: crypto.createHash('sha256').update(bytes).digest('hex'),
28
- output_image_bytes: bytes.length,
29
- dimensions
30
- };
31
- }
32
- function redact(text) {
33
- return String(text || '')
34
- .replace(/sk-[A-Za-z0-9_-]{12,}/g, '[REDACTED_KEY]')
35
- .replace(/Bearer\s+[A-Za-z0-9._-]+/g, 'Bearer [REDACTED]');
36
- }
37
- function parseShellEnvValue(text, key) {
38
- const re = new RegExp(`(?:^|\\n)\\s*(?:export\\s+)?${escapeRegExp(key)}\\s*=\\s*([^\\n#]+)`);
39
- const raw = String(text || '').match(re)?.[1]?.trim();
40
- if (!raw)
41
- return '';
42
- if ((raw.startsWith("'") && raw.endsWith("'")) || (raw.startsWith('"') && raw.endsWith('"')))
43
- return raw.slice(1, -1);
44
- return raw;
45
- }
46
- function tomlString(text, key) {
47
- const re = new RegExp(`(?:^|\\n)\\s*${escapeRegExp(key)}\\s*=\\s*"([^"]*)"`);
48
- return String(text || '').match(re)?.[1] || '';
49
- }
50
- function tomlBoolean(text, key) {
51
- const re = new RegExp(`(?:^|\\n)\\s*${escapeRegExp(key)}\\s*=\\s*(true|false)\\b`);
52
- const value = String(text || '').match(re)?.[1];
53
- return value === 'true' ? true : value === 'false' ? false : null;
54
- }
55
- function tomlTableBlock(text, table) {
56
- const re = new RegExp(`(^|\\n)\\[${escapeRegExp(table)}\\]([\\s\\S]*?)(?=\\n\\[[^\\]]+\\]|\\s*$)`);
57
- return String(text || '').match(re)?.[2] || '';
58
- }
59
- function escapeRegExp(value) {
60
- return String(value).replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
61
- }
62
- function readCodexLbAuth() {
63
- const home = process.env.HOME || os.homedir();
64
- const configPath = path.join(home, '.codex', 'config.toml');
65
- const envPath = path.join(home, '.codex', 'sks-codex-lb.env');
66
- const configText = fs.existsSync(configPath) ? fs.readFileSync(configPath, 'utf8') : '';
67
- const envText = fs.existsSync(envPath) ? fs.readFileSync(envPath, 'utf8') : '';
68
- const block = tomlTableBlock(configText, 'model_providers.codex-lb');
69
- const selected = tomlString(configText.split(/\n\s*\[/)[0] || '', 'model_provider') === 'codex-lb';
70
- const envKey = tomlString(block, 'env_key') || 'CODEX_LB_API_KEY';
71
- const baseUrl = process.env.CODEX_LB_BASE_URL || tomlString(block, 'base_url');
72
- const key = process.env[envKey] || parseShellEnvValue(envText, envKey);
73
- return {
74
- selected,
75
- provider_configured: Boolean(block),
76
- requires_openai_auth: tomlBoolean(block, 'requires_openai_auth'),
77
- env_key: envKey,
78
- base_url: baseUrl,
79
- env_path: envPath,
80
- key
81
- };
82
- }
83
- function authState() {
84
- const openAiKey = String(process.env.OPENAI_API_KEY || '').trim();
85
- if (openAiKey) {
86
- return {
87
- ok: true,
88
- provider: 'openai_images_api',
89
- auth_source: 'OPENAI_API_KEY',
90
- key: openAiKey,
91
- endpoint: `${String(process.env.OPENAI_BASE_URL || 'https://api.openai.com/v1').replace(/\/+$/, '')}/images/generations`
92
- };
93
- }
94
- const codexLb = readCodexLbAuth();
95
- if (codexLb.selected && codexLb.provider_configured && codexLb.requires_openai_auth === false && codexLb.key && codexLb.base_url) {
96
- return {
97
- ok: true,
98
- provider: 'openai_responses_image_generation',
99
- auth_source: codexLb.env_key,
100
- key: String(codexLb.key).trim(),
101
- endpoint: `${String(codexLb.base_url).replace(/\/+$/, '')}/responses`,
102
- codex_lb: {
103
- selected: true,
104
- provider_configured: true,
105
- requires_openai_auth: false,
106
- base_url: codexLb.base_url,
107
- env_key: codexLb.env_key,
108
- env_path: codexLb.env_path,
109
- api_key_present: true
110
- }
111
- };
112
- }
113
- return {
114
- ok: false,
115
- provider: null,
116
- blocker: openAiKey ? null : 'openai_api_key_missing_and_codex_lb_unavailable',
117
- codex_lb: {
118
- selected: codexLb.selected,
119
- provider_configured: codexLb.provider_configured,
120
- requires_openai_auth: codexLb.requires_openai_auth,
121
- base_url_present: Boolean(codexLb.base_url),
122
- env_key: codexLb.env_key,
123
- api_key_present: Boolean(codexLb.key)
124
- }
125
- };
126
- }
127
- async function fetchJson(url, init, timeoutMs) {
128
- const controller = new AbortController();
129
- const timeout = setTimeout(() => controller.abort(new Error(`gpt_image_2_smoke_timeout_${timeoutMs}ms`)), timeoutMs);
130
- try {
131
- const response = await fetch(url, { ...init, signal: controller.signal });
132
- const text = await response.text();
133
- const payload = parsePayload(text);
134
- return { response, payload, text };
135
- }
136
- finally {
137
- clearTimeout(timeout);
138
- }
139
- }
140
- function parsePayload(text) {
141
- const raw = String(text || '').trim();
142
- if (!raw)
143
- return null;
144
- try {
145
- return JSON.parse(raw);
146
- }
147
- catch { }
148
- const events = [];
149
- for (const line of raw.split(/\r?\n/)) {
150
- const trimmed = line.trim();
151
- if (!trimmed.startsWith('data:'))
152
- continue;
153
- const data = trimmed.slice(5).trim();
154
- if (!data || data === '[DONE]')
155
- continue;
156
- try {
157
- events.push(JSON.parse(data));
158
- }
159
- catch { }
160
- }
161
- return events.length ? events[events.length - 1] : { raw_text: raw.slice(0, 2000) };
162
- }
163
- function findImageBase64(payload) {
164
- const direct = payload?.data?.[0]?.b64_json || payload?.data?.[0]?.b64;
165
- if (typeof direct === 'string')
166
- return { b64: direct, output_id: payload?.data?.[0]?.id || payload?.id || null };
167
- const outputs = Array.isArray(payload?.output) ? payload.output : [];
168
- for (const output of outputs) {
169
- if (output?.type === 'image_generation_call') {
170
- if (typeof output.result === 'string')
171
- return { b64: output.result, output_id: output.id || payload?.id || null };
172
- if (typeof output.result?.b64_json === 'string')
173
- return { b64: output.result.b64_json, output_id: output.id || payload?.id || null };
174
- if (typeof output.b64_json === 'string')
175
- return { b64: output.b64_json, output_id: output.id || payload?.id || null };
176
- }
177
- }
178
- return { b64: null, output_id: null };
179
- }
180
- function pngDimensions(buffer) {
181
- if (buffer.length >= 24
182
- && buffer[0] === 0x89
183
- && buffer[1] === 0x50
184
- && buffer[2] === 0x4e
185
- && buffer[3] === 0x47) {
186
- return { width: buffer.readUInt32BE(16), height: buffer.readUInt32BE(20), format: 'png' };
187
- }
188
- if (buffer.length >= 3 && buffer[0] === 0xff && buffer[1] === 0xd8) {
189
- return { width: null, height: null, format: 'jpeg' };
190
- }
191
- return { width: null, height: null, format: 'unknown' };
192
- }
193
- function summarizePayload(payload) {
194
- const outputs = Array.isArray(payload?.output) ? payload.output : [];
195
- return {
196
- id: payload?.id || null,
197
- object: payload?.object || null,
198
- status: payload?.status || null,
199
- model: payload?.model || null,
200
- error_type: payload?.error?.type || null,
201
- error_code: payload?.error?.code || null,
202
- error_message: payload?.error?.message ? redact(payload.error.message).slice(0, 1000) : null,
203
- data_count: Array.isArray(payload?.data) ? payload.data.length : null,
204
- output_count: outputs.length,
205
- output: outputs.slice(0, 8).map((output) => ({
206
- id: output?.id || null,
207
- type: output?.type || null,
208
- status: output?.status || null,
209
- result_present: typeof output?.result === 'string' || Boolean(output?.result?.b64_json || output?.b64_json),
210
- result_chars: typeof output?.result === 'string' ? output.result.length : null
211
- }))
212
- };
213
- }
214
- function generatedImagesDir() {
215
- return path.join(process.env.CODEX_HOME || process.env.HOME && path.join(process.env.HOME, '.codex') || path.join(os.homedir(), '.codex'), 'generated_images');
216
- }
217
- function newestGeneratedImageSince(sinceMs) {
218
- const dir = generatedImagesDir();
219
- const found = [];
220
- function walk(current) {
221
- let entries;
222
- try {
223
- entries = fs.readdirSync(current, { withFileTypes: true });
224
- }
225
- catch {
226
- return;
227
- }
228
- for (const entry of entries) {
229
- const full = path.join(current, entry.name);
230
- if (entry.isDirectory()) {
231
- walk(full);
232
- continue;
233
- }
234
- if (!/^ig_.*\.(png|jpe?g|webp)$/i.test(entry.name))
235
- continue;
236
- const stat = fs.statSync(full);
237
- if (!stat.isFile() || stat.size <= 0 || stat.mtimeMs < sinceMs - 2000)
238
- continue;
239
- found.push({ path: full, size: stat.size, mtime_ms: stat.mtimeMs });
240
- }
241
- }
242
- walk(dir);
243
- found.sort((a, b) => b.mtime_ms - a.mtime_ms);
244
- return found[0] || null;
245
- }
246
- function runCodexBuiltinImagegen({ prompt, started }) {
247
- const codexPrompt = [
248
- 'Use ChatGPT Images 2.0 / GPT Image 2.0 with gpt-image-2.',
249
- prompt,
250
- 'Use Codex built-in image generation. Do not write SVG, HTML, CSS, or a manually generated placeholder.',
251
- 'Reply only with the generated image file path if available.'
252
- ].join(' ');
253
- const run = spawnSync('codex', [
254
- 'exec',
255
- '--ignore-user-config',
256
- '--skip-git-repo-check',
257
- '--sandbox',
258
- 'read-only',
259
- '--enable',
260
- 'image_generation',
261
- '-C',
262
- root,
263
- codexPrompt
264
- ], {
265
- cwd: root,
266
- env: process.env,
267
- encoding: 'utf8',
268
- timeout: Number(process.env.SKS_GPT_IMAGE_2_CODEX_EXEC_TIMEOUT_MS || 240000),
269
- maxBuffer: 8 * 1024 * 1024
270
- });
271
- const selected = newestGeneratedImageSince(started);
272
- if (!selected) {
273
- return {
274
- ok: false,
275
- status: 'blocked',
276
- blocker: run.error?.message ? 'codex_builtin_imagegen_exec_failed' : 'codex_builtin_imagegen_output_missing',
277
- provider: 'codex_builtin_imagegen',
278
- process_status: run.status,
279
- process_signal: run.signal,
280
- process_error: run.error?.message || null,
281
- stdout_tail: String(run.stdout || '').slice(-3000),
282
- stderr_tail: String(run.stderr || '').slice(-3000),
283
- generated_images_dir: generatedImagesDir()
284
- };
285
- }
286
- const dest = path.join(imageDir, `gpt-image-2-codex-built-in-smoke-${new Date().toISOString().replace(/[:.]/g, '-')}${path.extname(selected.path) || '.png'}`);
287
- fs.copyFileSync(selected.path, dest);
288
- const image = verifyImageFile(dest);
289
- return {
290
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
291
- ok: image.ok,
292
- status: image.ok ? 'passed' : 'blocked',
293
- blocker: image.ok ? null : 'generated_file_invalid',
294
- live_generation_attempted: true,
295
- real_generated_output_verified: image.ok,
296
- provider: 'codex_builtin_imagegen',
297
- auth_source: 'Codex App built-in image_gen',
298
- request: { model: 'gpt-image-2', prompt_chars: prompt.length, output_format: path.extname(dest).replace(/^\./, '') || 'png' },
299
- discovered_from: selected.path,
300
- output_image_path: dest,
301
- output_image_sha256: image.output_image_sha256,
302
- output_image_bytes: image.output_image_bytes,
303
- dimensions: image.dimensions,
304
- latency_ms: Date.now() - started,
305
- local_only: true,
306
- fake_adapter: false,
307
- mock: false,
308
- process_status: run.status,
309
- process_signal: run.signal,
310
- stdout_tail: String(run.stdout || '').slice(-3000),
311
- stderr_tail: String(run.stderr || '').slice(-3000)
312
- };
313
- }
314
- async function run() {
315
- if (!enabled) {
316
- return writeReport({
317
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
318
- ok: true,
319
- status: 'skipped',
320
- reason: 'Set SKS_GPT_IMAGE_2_REAL_FILE_SMOKE=1 or SKS_TEST_REAL_IMAGEGEN=1 to run a live gpt-image-2 file generation smoke.',
321
- live_generation_attempted: false
322
- });
323
- }
324
- const auth = authState();
325
- const started = Date.now();
326
- const prompt = process.env.SKS_GPT_IMAGE_2_SMOKE_PROMPT || 'Generate a tiny clean product-style PNG icon: a blue square with the text OK centered, white background.';
327
- const surface = String(process.env.SKS_GPT_IMAGE_2_SMOKE_SURFACE || 'codex_builtin').trim();
328
- const size = process.env.SKS_GPT_IMAGE_2_SMOKE_SIZE || '512x512';
329
- const quality = process.env.SKS_GPT_IMAGE_2_SMOKE_QUALITY || 'low';
330
- const timeoutMs = Number(process.env.SKS_GPT_IMAGE_2_REAL_SMOKE_TIMEOUT_MS || 360000);
331
- if (surface !== 'api' && surface !== 'openai_api' && surface !== 'responses') {
332
- const codexBuiltin = runCodexBuiltinImagegen({ prompt, started });
333
- writeReport(codexBuiltin);
334
- if (codexBuiltin.ok || surface === 'codex_builtin')
335
- return;
336
- }
337
- if (!auth.ok) {
338
- return writeReport({
339
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
340
- ok: false,
341
- status: 'blocked',
342
- blocker: auth.blocker,
343
- live_generation_attempted: false,
344
- auth: auth.codex_lb
345
- });
346
- }
347
- const request = auth.provider === 'openai_images_api'
348
- ? {
349
- model: 'gpt-image-2',
350
- prompt,
351
- size,
352
- quality,
353
- output_format: 'png',
354
- n: 1
355
- }
356
- : {
357
- model: process.env.SKS_IMAGEGEN_RESPONSES_MODEL || process.env.OPENAI_MODEL || 'gpt-5.5',
358
- input: prompt,
359
- tools: [{
360
- type: 'image_generation',
361
- action: 'generate',
362
- size,
363
- quality,
364
- output_format: 'png'
365
- }],
366
- tool_choice: { type: 'image_generation' }
367
- };
368
- let response;
369
- let payload;
370
- let text;
371
- try {
372
- const fetched = await fetchJson(auth.endpoint, {
373
- method: 'POST',
374
- headers: {
375
- authorization: `Bearer ${auth.key}`,
376
- 'content-type': 'application/json'
377
- },
378
- body: JSON.stringify(request)
379
- }, timeoutMs);
380
- response = fetched.response;
381
- payload = fetched.payload;
382
- text = fetched.text;
383
- }
384
- catch (err) {
385
- return writeReport({
386
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
387
- ok: false,
388
- status: 'blocked',
389
- blocker: /timeout|abort/i.test(String(err?.message || err)) ? 'imagegen_remote_timeout' : 'imagegen_request_failed',
390
- live_generation_attempted: true,
391
- provider: auth.provider,
392
- auth_source: auth.auth_source,
393
- endpoint: auth.endpoint,
394
- request: { model: request.model, image_model: 'gpt-image-2', size, quality, output_format: 'png' },
395
- latency_ms: Date.now() - started,
396
- redacted_error: redact(err?.message || err)
397
- });
398
- }
399
- const { b64, output_id } = findImageBase64(payload);
400
- if (!response.ok || !b64) {
401
- return writeReport({
402
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
403
- ok: false,
404
- status: 'blocked',
405
- blocker: !response.ok ? `http_${response.status}` : 'missing_b64_image_output',
406
- live_generation_attempted: true,
407
- provider: auth.provider,
408
- auth_source: auth.auth_source,
409
- endpoint: auth.endpoint,
410
- request: { model: request.model, image_model: 'gpt-image-2', size, quality, output_format: 'png' },
411
- latency_ms: Date.now() - started,
412
- response_status: response.status,
413
- payload_summary: summarizePayload(payload),
414
- response_text_tail: redact(text).slice(-2000)
415
- });
416
- }
417
- const bytes = Buffer.from(String(b64), 'base64');
418
- const dims = pngDimensions(bytes);
419
- const filename = `gpt-image-2-real-file-smoke-${new Date().toISOString().replace(/[:.]/g, '-')}.${dims.format === 'jpeg' ? 'jpg' : 'png'}`;
420
- const outputPath = path.join(imageDir, filename);
421
- fs.writeFileSync(outputPath, bytes);
422
- const sha256 = crypto.createHash('sha256').update(bytes).digest('hex');
423
- const ok = fs.existsSync(outputPath) && bytes.length > 0 && dims.format !== 'unknown';
424
- return writeReport({
425
- schema: 'sks.gpt-image-2-real-file-smoke.v1',
426
- ok,
427
- status: ok ? 'passed' : 'blocked',
428
- blocker: ok ? null : 'generated_file_invalid',
429
- live_generation_attempted: true,
430
- real_generated_output_verified: ok,
431
- provider: auth.provider,
432
- auth_source: auth.auth_source,
433
- endpoint: auth.endpoint,
434
- request: { model: request.model, image_model: 'gpt-image-2', size, quality, output_format: 'png' },
435
- output_image_path: outputPath,
436
- output_image_sha256: sha256,
437
- output_image_bytes: bytes.length,
438
- output_id,
439
- dimensions: dims,
440
- latency_ms: Date.now() - started,
441
- payload_summary: summarizePayload(payload),
442
- local_only: true,
443
- fake_adapter: false,
444
- mock: false
445
- });
446
- }
447
- await run();
448
- //# sourceMappingURL=gpt-image-2-real-file-smoke.js.map
@@ -1,15 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import { validateCodexHookConfigFiles } from '../core/codex-compat/codex-config-policy.js';
4
- const report = await validateCodexHookConfigFiles(process.cwd());
5
- const unsupported = report.issues.filter((issue) => /unsupported_hook_handler|async_hook_not_supported|empty_hook_command|invalid_matcher|hooks_json_and_config_toml_hooks_both_present/.test(issue));
6
- const ok = unsupported.length === 0;
7
- console.log(JSON.stringify({
8
- schema: 'sks.hooks-no-unsupported-handlers.v1',
9
- ok,
10
- unsupported,
11
- issues: report.issues
12
- }, null, 2));
13
- if (!ok)
14
- process.exitCode = 1;
15
- //# sourceMappingURL=hooks-no-unsupported-handlers.js.map
@@ -1,26 +0,0 @@
1
- #!/usr/bin/env node
2
- // @ts-nocheck
3
- import fs from 'node:fs';
4
- import path from 'node:path';
5
- import { codexHookWarningCheck } from '../core/codex-compat/codex-hook-warning-detector.js';
6
- const report = await codexHookWarningCheck(process.cwd());
7
- const events = new Set((report.events || []).map((row) => row.event));
8
- const bad = /trust|trusu|untrusted|modified|unsupported|skipping prompt|skipping agent|skipping async/i;
9
- const warningText = JSON.stringify([report.warnings || [], report.issues || []]);
10
- const result = {
11
- schema: 'sks.hooks-runtime-warning-zero-v2.v1',
12
- ok: report.ok && report.warnings_count === 0 && events.size >= 10 && !bad.test(warningText),
13
- events: Array.from(events).sort(),
14
- warnings_count: report.warnings_count,
15
- official_schema_validation: report.ok,
16
- semantic_validation: report.ok,
17
- negative_warning_detection_policy: 'modified_untrusted_fixtures_must_emit_warning',
18
- report
19
- };
20
- const out = path.join(process.cwd(), '.sneakoscope', 'reports', 'hooks-runtime-warning-zero-1.14.1.json');
21
- fs.mkdirSync(path.dirname(out), { recursive: true });
22
- fs.writeFileSync(out, `${JSON.stringify(result, null, 2)}\n`);
23
- console.log(JSON.stringify(result, null, 2));
24
- if (!result.ok)
25
- process.exitCode = 1;
26
- //# sourceMappingURL=hooks-runtime-replay-warning-zero-v2.js.map