sneakoscope 4.0.13 → 4.0.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +19 -2
- package/config/codex-releases/rust-v0.142.0.json +39 -0
- package/crates/sks-core/Cargo.lock +1 -1
- package/crates/sks-core/Cargo.toml +1 -1
- package/crates/sks-core/src/main.rs +1 -1
- package/dist/bin/sks.js +1 -1
- package/dist/cli/global-mode-router.js +2 -1
- package/dist/commands/codex.js +15 -1
- package/dist/core/codex-adapter.js +7 -12
- package/dist/core/codex-compat/codex-compat-report.js +11 -1
- package/dist/core/codex-compat/codex-release-manifest.js +66 -0
- package/dist/core/codex-compat/codex-version-policy.js +5 -4
- package/dist/core/codex-compat/codex-version.js +5 -2
- package/dist/core/codex-control/codex-0142-capability.js +243 -0
- package/dist/core/codex-control/codex-app-server-v2-client.js +211 -0
- package/dist/core/codex-control/codex-sdk-adapter.js +37 -7
- package/dist/core/codex-control/codex-sdk-capability.js +2 -1
- package/dist/core/codex-control/codex-sdk-config-policy.js +16 -0
- package/dist/core/codex-control/codex-sdk-env-policy.js +29 -5
- package/dist/core/codex-control/codex-thread-registry.js +110 -19
- package/dist/core/codex-runtime/resolve-codex-runtime.js +102 -0
- package/dist/core/commands/mad-sks-command.js +3 -0
- package/dist/core/fsx.js +1 -1
- package/dist/core/providers/glm/bench/glm-bench-model-lock-proof.js +32 -3
- package/dist/core/providers/glm/bench/glm-benchmark-runner.js +29 -5
- package/dist/core/providers/glm/bench/glm-benchmark-types.js +1 -1
- package/dist/core/providers/glm/naruto/glm-naruto-critical-path.js +51 -0
- package/dist/core/providers/glm/naruto/glm-naruto-final-seal.js +9 -2
- package/dist/core/providers/glm/naruto/glm-naruto-orchestrator.js +101 -15
- package/dist/core/providers/glm/naruto/glm-naruto-parallelism-summary.js +55 -0
- package/dist/core/providers/glm/naruto/glm-naruto-requirement-coverage.js +92 -0
- package/dist/core/providers/glm/naruto/glm-naruto-requirement-ledger.js +42 -0
- package/dist/core/providers/glm/naruto/glm-naruto-stage-scheduler.js +85 -0
- package/dist/core/providers/glm/naruto/glm-naruto-task-size-classifier.js +12 -0
- package/dist/core/providers/glm/naruto/glm-naruto-trace.js +4 -0
- package/dist/core/providers/glm/naruto/glm-naruto-verifier-output.js +5 -0
- package/dist/core/providers/glm/naruto/glm-naruto-worker-pool.js +130 -44
- package/dist/core/providers/glm/naruto/glm-naruto-worker-runtime.js +6 -2
- package/dist/core/release/gate-manifest.js +24 -1
- package/dist/core/release/gate-pack-manifest.js +6 -6
- package/dist/core/release/release-gate-affected-selector.js +24 -0
- package/dist/core/routes/model-mode-router.js +44 -0
- package/dist/core/routes.js +1 -1
- package/dist/core/version.js +1 -1
- package/dist/scripts/agent-ast-aware-work-graph-check.js +25 -0
- package/dist/scripts/agent-backfill-replenishment-check.js +13 -0
- package/dist/scripts/agent-backfill-route-blackbox.js +5 -0
- package/dist/scripts/agent-background-terminals-check.js +16 -0
- package/dist/scripts/agent-cleanup-command-ux-check.js +12 -0
- package/dist/scripts/agent-cleanup-executor-check.js +53 -0
- package/dist/scripts/agent-cleanup-executor-v2-check.js +39 -0
- package/dist/scripts/agent-cli-options-to-task-graph-check.js +5 -0
- package/dist/scripts/agent-codex-app-cockpit-check.js +91 -0
- package/dist/scripts/agent-codex-child-overlap-check.js +21 -0
- package/dist/scripts/agent-dynamic-cockpit-check.js +10 -0
- package/dist/scripts/agent-dynamic-pool-check.js +13 -0
- package/dist/scripts/agent-dynamic-pool-route-blackbox.js +5 -0
- package/dist/scripts/agent-fast-mode-default-check.js +79 -0
- package/dist/scripts/agent-fast-mode-worker-propagation-check.js +7 -0
- package/dist/scripts/agent-follow-up-work-schema-check.js +80 -0
- package/dist/scripts/agent-goal-mode-propagation-check.js +9 -0
- package/dist/scripts/agent-intelligent-work-graph-check.js +29 -0
- package/dist/scripts/agent-janitor-check.js +79 -0
- package/dist/scripts/agent-main-no-scout-check.js +11 -0
- package/dist/scripts/agent-message-bus-reader-check.js +19 -0
- package/dist/scripts/agent-model-authored-patch-envelope-check.js +15 -0
- package/dist/scripts/agent-multi-project-isolation-check.js +86 -0
- package/dist/scripts/agent-native-cli-session-proof-check.js +7 -0
- package/dist/scripts/agent-native-cli-session-swarm-10-check.js +7 -0
- package/dist/scripts/agent-native-cli-session-swarm-20-check.js +7 -0
- package/dist/scripts/agent-native-cli-session-swarm-check.js +7 -0
- package/dist/scripts/agent-no-subagent-scaling-check.js +7 -0
- package/dist/scripts/agent-official-subagent-helper-policy-check.js +71 -0
- package/dist/scripts/agent-parallel-write-blackbox.js +56 -0
- package/dist/scripts/agent-parallel-write-kernel-check.js +103 -0
- package/dist/scripts/agent-patch-conflict-rebase-check.js +198 -0
- package/dist/scripts/agent-patch-envelope-extraction-check.js +17 -0
- package/dist/scripts/agent-patch-proof-check.js +41 -0
- package/dist/scripts/agent-patch-proof-runtime-check.js +63 -0
- package/dist/scripts/agent-patch-queue-runtime-check.js +36 -0
- package/dist/scripts/agent-patch-rollback-check.js +38 -0
- package/dist/scripts/agent-patch-rollback-dag-check.js +14 -0
- package/dist/scripts/agent-patch-swarm-route-blackbox.js +10 -0
- package/dist/scripts/agent-patch-swarm-runtime-check.js +10 -0
- package/dist/scripts/agent-patch-swarm-runtime-truth-check.js +76 -0
- package/dist/scripts/agent-patch-transaction-journal-check.js +57 -0
- package/dist/scripts/agent-patch-verification-dag-check.js +14 -0
- package/dist/scripts/agent-proof-contract-reconciled-check.js +5 -0
- package/dist/scripts/agent-real-codex-dynamic-smoke-check.js +166 -0
- package/dist/scripts/agent-real-codex-dynamic-smoke-v2-check.js +14 -0
- package/dist/scripts/agent-real-codex-in-zellij-worker-pane-check.js +227 -0
- package/dist/scripts/agent-real-codex-parallel-workers-10-check.js +5 -0
- package/dist/scripts/agent-real-codex-parallel-workers-20-check.js +5 -0
- package/dist/scripts/agent-real-codex-parallel-workers-5-check.js +5 -0
- package/dist/scripts/agent-real-codex-parallel-workers-check.js +5 -0
- package/dist/scripts/agent-role-config-repair-check.js +33 -0
- package/dist/scripts/agent-rollback-command-check.js +86 -0
- package/dist/scripts/agent-route-truth-backfill-check.js +5 -0
- package/dist/scripts/agent-scheduler-proof-check.js +13 -0
- package/dist/scripts/agent-scheduler-proof-hardening-check.js +22 -0
- package/dist/scripts/agent-session-generation-check.js +21 -0
- package/dist/scripts/agent-slot-pane-binding-proof-check.js +64 -0
- package/dist/scripts/agent-slot-telemetry-wiring-check.js +11 -0
- package/dist/scripts/agent-source-intelligence-propagation-check.js +9 -0
- package/dist/scripts/agent-strategy-to-lease-wiring-check.js +32 -0
- package/dist/scripts/agent-strategy-to-patch-strict-check.js +54 -0
- package/dist/scripts/agent-task-graph-expansion-check.js +14 -0
- package/dist/scripts/agent-terminal-generations-check.js +23 -0
- package/dist/scripts/agent-visual-consistency-check.js +9 -0
- package/dist/scripts/agent-wiki-context-proof-check.js +62 -0
- package/dist/scripts/agent-worker-backend-router-check.js +63 -0
- package/dist/scripts/agent-worker-scout-limited-check.js +17 -0
- package/dist/scripts/agent-zellij-dynamic-backfill-panes-check.js +34 -0
- package/dist/scripts/agent-zellij-runtime-check.js +85 -0
- package/dist/scripts/all-feature-deep-completion-check.js +31 -0
- package/dist/scripts/appshots-capability-check.js +18 -0
- package/dist/scripts/appshots-evidence-check.js +48 -0
- package/dist/scripts/appshots-operator-policy-check.js +25 -0
- package/dist/scripts/appshots-privacy-safety-check.js +48 -0
- package/dist/scripts/appshots-source-intelligence-check.js +53 -0
- package/dist/scripts/appshots-thread-attachment-discovery-check.js +87 -0
- package/dist/scripts/appshots-triwiki-voxel-check.js +46 -0
- package/dist/scripts/architecture-guard-check.js +55 -0
- package/dist/scripts/brand-neutrality-generated-artifacts-check.js +161 -0
- package/dist/scripts/brand-neutrality-rename-map-check.js +4 -0
- package/dist/scripts/brand-neutrality-zero-leakage-blackbox.js +4 -0
- package/dist/scripts/brand-neutrality-zero-leakage-check.js +4 -0
- package/dist/scripts/build-once-runner-blackbox.js +34 -0
- package/dist/scripts/build-once-runner-check.js +8 -0
- package/dist/scripts/certificate-sla-check.js +9 -0
- package/dist/scripts/changelog-check.js +47 -0
- package/dist/scripts/changelog-loop-productionization-check.js +3 -0
- package/dist/scripts/cli-check-tiers-check.js +10 -0
- package/dist/scripts/cli-five-minute-task-check.js +6 -0
- package/dist/scripts/codex-0-133-official-compat-report.js +53 -0
- package/dist/scripts/codex-0-134-official-compat-report.js +110 -0
- package/dist/scripts/codex-0-134-runner-truth-check.js +66 -0
- package/dist/scripts/codex-0-135-compat-check.js +57 -0
- package/dist/scripts/codex-0-136-compat-check.js +30 -0
- package/dist/scripts/codex-0-137-compat-check.js +27 -0
- package/dist/scripts/codex-0138-capability-artifact-check.js +15 -0
- package/dist/scripts/codex-0138-capability-check.js +11 -0
- package/dist/scripts/codex-0138-doctor-check.js +15 -0
- package/dist/scripts/codex-0138-feature-probes-check.js +12 -0
- package/dist/scripts/codex-0139-capability-check.js +26 -0
- package/dist/scripts/codex-0139-code-mode-web-search-check.js +25 -0
- package/dist/scripts/codex-0139-code-mode-web-search-real-check.js +10 -0
- package/dist/scripts/codex-0139-doctor-env-real-check.js +10 -0
- package/dist/scripts/codex-0139-doctor-env-redaction-check.js +18 -0
- package/dist/scripts/codex-0139-feature-probes-check.js +30 -0
- package/dist/scripts/codex-0139-image-path-real-check.js +10 -0
- package/dist/scripts/codex-0139-interrupt-agent-check.js +14 -0
- package/dist/scripts/codex-0139-interrupt-agent-real-check.js +8 -0
- package/dist/scripts/codex-0139-marketplace-source-check.js +13 -0
- package/dist/scripts/codex-0139-plugin-cache-real-check.js +10 -0
- package/dist/scripts/codex-0139-plugin-marketplace-real-check.js +10 -0
- package/dist/scripts/codex-0139-real-probe-summary-check.js +14 -0
- package/dist/scripts/codex-0139-real-probes-check.js +37 -0
- package/dist/scripts/codex-0139-rich-tool-schema-check.js +12 -0
- package/dist/scripts/codex-0139-rich-tool-schema-real-check.js +10 -0
- package/dist/scripts/codex-0139-sandbox-profile-alias-check.js +13 -0
- package/dist/scripts/codex-0139-sandbox-profile-alias-real-check.js +10 -0
- package/dist/scripts/codex-0139-sandbox-proxy-real-check.js +10 -0
- package/dist/scripts/codex-0140-bedrock-managed-auth-check.js +4 -0
- package/dist/scripts/codex-0140-capability-check.js +15 -0
- package/dist/scripts/codex-0140-deep-probes-check.js +40 -0
- package/dist/scripts/codex-0140-feature-probes-check.js +24 -0
- package/dist/scripts/codex-0140-goal-attachment-preservation-check.js +8 -0
- package/dist/scripts/codex-0140-goal-attachment-roundtrip-check.js +9 -0
- package/dist/scripts/codex-0140-import-check.js +4 -0
- package/dist/scripts/codex-0140-integration-blackbox.js +13 -0
- package/dist/scripts/codex-0140-large-repo-performance-check.js +4 -0
- package/dist/scripts/codex-0140-mcp-reliability-check.js +4 -0
- package/dist/scripts/codex-0140-non-tty-interrupt-check.js +4 -0
- package/dist/scripts/codex-0140-real-probes-check.js +9 -0
- package/dist/scripts/codex-0140-session-delete-check.js +4 -0
- package/dist/scripts/codex-0140-sqlite-recovery-check.js +4 -0
- package/dist/scripts/codex-0140-unified-mentions-check.js +4 -0
- package/dist/scripts/codex-0140-usage-check.js +4 -0
- package/dist/scripts/codex-0140-usage-real-parser-check.js +17 -0
- package/dist/scripts/codex-0141-capability-check.js +17 -0
- package/dist/scripts/codex-0142-app-server-v2-check.js +46 -0
- package/dist/scripts/codex-0142-binary-identity-check.js +17 -0
- package/dist/scripts/codex-0142-capability-check.js +21 -0
- package/dist/scripts/codex-0142-manifest-check.js +21 -0
- package/dist/scripts/codex-0142-policy-check.js +32 -0
- package/dist/scripts/codex-0142-thread-store-check.js +54 -0
- package/dist/scripts/codex-account-usage-autodiscovery-check.js +22 -0
- package/dist/scripts/codex-account-usage-check.js +9 -0
- package/dist/scripts/codex-agent-role-rich-content-check.js +4 -0
- package/dist/scripts/codex-agent-role-sync-check.js +4 -0
- package/dist/scripts/codex-agent-type-blackbox.js +4 -0
- package/dist/scripts/codex-agent-type-probe-check.js +4 -0
- package/dist/scripts/codex-agent-type-routing-check.js +4 -0
- package/dist/scripts/codex-app-execution-profile-check.js +4 -0
- package/dist/scripts/codex-app-fast-ui-preservation-check.js +32 -0
- package/dist/scripts/codex-app-handoff-check.js +25 -0
- package/dist/scripts/codex-app-handoff-launch-check.js +25 -0
- package/dist/scripts/codex-app-harness-blackbox.js +4 -0
- package/dist/scripts/codex-app-harness-matrix-check.js +4 -0
- package/dist/scripts/codex-app-launcher-check.js +17 -0
- package/dist/scripts/codex-app-provider-badge-check.js +37 -0
- package/dist/scripts/codex-app-skill-agent-blackbox.js +4 -0
- package/dist/scripts/codex-app-type-safety-check.js +4 -0
- package/dist/scripts/codex-app-ui-clobber-guard-check.js +22 -0
- package/dist/scripts/codex-app-ui-preservation-check.js +96 -0
- package/dist/scripts/codex-control-all-pipelines-check.js +37 -0
- package/dist/scripts/codex-control-capability-check.js +10 -0
- package/dist/scripts/codex-control-empty-result-retry-check.js +43 -0
- package/dist/scripts/codex-control-event-stream-ledger-check.js +10 -0
- package/dist/scripts/codex-control-keepalive-no-cot-leak-check.js +14 -0
- package/dist/scripts/codex-control-no-legacy-fallback-check.js +31 -0
- package/dist/scripts/codex-control-side-effect-scope-check.js +26 -0
- package/dist/scripts/codex-control-stream-idle-watchdog-check.js +18 -0
- package/dist/scripts/codex-control-structured-output-check.js +11 -0
- package/dist/scripts/codex-control-thread-registry-check.js +11 -0
- package/dist/scripts/codex-control-tool-call-sequence-repair-check.js +14 -0
- package/dist/scripts/codex-effort-auto-discovery-check.js +17 -0
- package/dist/scripts/codex-effort-order-check.js +9 -0
- package/dist/scripts/codex-environment-scoped-approvals-check.js +10 -0
- package/dist/scripts/codex-exec-output-schema-actual-syntax-check.js +33 -0
- package/dist/scripts/codex-fast-mode-profile-propagation-check.js +14 -0
- package/dist/scripts/codex-history-search-check.js +19 -0
- package/dist/scripts/codex-hook-approval-blackbox.js +4 -0
- package/dist/scripts/codex-hook-approval-matrix-check.js +4 -0
- package/dist/scripts/codex-hook-approval-probe-check.js +4 -0
- package/dist/scripts/codex-hook-lifecycle-check.js +4 -0
- package/dist/scripts/codex-hook-semantic-check.js +15 -0
- package/dist/scripts/codex-hook-strict-subset-check.js +61 -0
- package/dist/scripts/codex-init-deep-check.js +4 -0
- package/dist/scripts/codex-init-deep-directory-local-blackbox.js +4 -0
- package/dist/scripts/codex-init-deep-managed-agents-check.js +4 -0
- package/dist/scripts/codex-lb-config-toml-safety-check.js +85 -0
- package/dist/scripts/codex-lb-persistence-truth-check.js +96 -0
- package/dist/scripts/codex-lb-setup-fixture-check.js +91 -0
- package/dist/scripts/codex-lb-setup-truthfulness-check.js +84 -0
- package/dist/scripts/codex-legacy-profile-consumers-removed-check.js +24 -0
- package/dist/scripts/codex-managed-proxy-env-check.js +17 -0
- package/dist/scripts/codex-model-metadata-check.js +10 -0
- package/dist/scripts/codex-native-agent-role-content-check.js +27 -0
- package/dist/scripts/codex-native-broker-read-only-check.js +44 -0
- package/dist/scripts/codex-native-feature-broker-blackbox.js +4 -0
- package/dist/scripts/codex-native-feature-broker-check.js +4 -0
- package/dist/scripts/codex-native-harness-compat-check.js +4 -0
- package/dist/scripts/codex-native-hook-lifecycle-proof-check.js +4 -0
- package/dist/scripts/codex-native-interop-policy-check.js +4 -0
- package/dist/scripts/codex-native-invocation-defaults-check.js +4 -0
- package/dist/scripts/codex-native-invocation-router-check.js +4 -0
- package/dist/scripts/codex-native-pattern-analysis-blackbox.js +4 -0
- package/dist/scripts/codex-native-pattern-analysis-check.js +4 -0
- package/dist/scripts/codex-native-read-repair-split-blackbox.js +55 -0
- package/dist/scripts/codex-native-reference-cache-blackbox.js +41 -0
- package/dist/scripts/codex-native-reference-cache-check.js +23 -0
- package/dist/scripts/codex-native-reference-evidence-check.js +4 -0
- package/dist/scripts/codex-native-repair-transaction-check.js +45 -0
- package/dist/scripts/codex-native-route-map-check.js +4 -0
- package/dist/scripts/codex-native-skill-content-check.js +24 -0
- package/dist/scripts/codex-output-schema-fixture-check.js +25 -0
- package/dist/scripts/codex-permission-profiles-check.js +36 -0
- package/dist/scripts/codex-plugin-app-template-policy-check.js +11 -0
- package/dist/scripts/codex-plugin-cache-check.js +15 -0
- package/dist/scripts/codex-plugin-diff-check.js +16 -0
- package/dist/scripts/codex-plugin-inventory-check.js +15 -0
- package/dist/scripts/codex-plugin-json-check.js +10 -0
- package/dist/scripts/codex-plugin-list-json-check.js +8 -0
- package/dist/scripts/codex-plugin-parallel-detail-fetch-check.js +12 -0
- package/dist/scripts/codex-profile-primary-check.js +13 -0
- package/dist/scripts/codex-project-config-policy-splitter-check.js +51 -0
- package/dist/scripts/codex-resume-cwd-truth-check.js +17 -0
- package/dist/scripts/codex-sdk-all-pipelines-check.js +33 -0
- package/dist/scripts/codex-sdk-backend-router-check.js +65 -0
- package/dist/scripts/codex-sdk-capability-check.js +11 -0
- package/dist/scripts/codex-sdk-core-skill-pipeline-check.js +9 -0
- package/dist/scripts/codex-sdk-dfix-pipeline-check.js +9 -0
- package/dist/scripts/codex-sdk-event-stream-ledger-check.js +9 -0
- package/dist/scripts/codex-sdk-no-legacy-fallback-check.js +33 -0
- package/dist/scripts/codex-sdk-qa-pipeline-check.js +8 -0
- package/dist/scripts/codex-sdk-real-smoke-check.js +39 -0
- package/dist/scripts/codex-sdk-release-review-pipeline-check.js +13 -0
- package/dist/scripts/codex-sdk-research-pipeline-check.js +47 -0
- package/dist/scripts/codex-sdk-sandbox-policy-check.js +21 -0
- package/dist/scripts/codex-sdk-structured-output-check.js +10 -0
- package/dist/scripts/codex-sdk-team-naruto-agent-pipeline-check.js +12 -0
- package/dist/scripts/codex-sdk-thread-registry-check.js +11 -0
- package/dist/scripts/codex-sdk-ux-ppt-review-pipeline-check.js +9 -0
- package/dist/scripts/codex-sdk-version-compat-check.js +10 -0
- package/dist/scripts/codex-sdk-zellij-pane-binding-check.js +13 -0
- package/dist/scripts/codex-skill-rich-content-check.js +4 -0
- package/dist/scripts/codex-skill-sync-check.js +4 -0
- package/dist/scripts/codex-thread-runtime-choice-check.js +10 -0
- package/dist/scripts/codex-web-adapter-check.js +12 -0
- package/dist/scripts/computer-use-live-evidence-check.js +55 -0
- package/dist/scripts/computer-use-live-optional-check.js +32 -0
- package/dist/scripts/computer-use-policy-check.js +69 -0
- package/dist/scripts/computer-use-visual-route-fixture-check.js +37 -0
- package/dist/scripts/config-managed-merge-callsite-coverage-check.js +200 -0
- package/dist/scripts/context7-evidence-dedupe-check.js +54 -0
- package/dist/scripts/core-skill-card-schema-check.js +61 -0
- package/dist/scripts/core-skill-deployment-snapshot-check.js +54 -0
- package/dist/scripts/core-skill-heldout-validation-check.js +49 -0
- package/dist/scripts/core-skill-immutable-sync-check.js +18 -0
- package/dist/scripts/core-skill-integrity-blackbox.js +32 -0
- package/dist/scripts/core-skill-manifest-check.js +15 -0
- package/dist/scripts/core-skill-no-drift-check.js +24 -0
- package/dist/scripts/core-skill-no-inference-optimizer-check.js +75 -0
- package/dist/scripts/core-skill-patch-check.js +79 -0
- package/dist/scripts/core-skill-promotion-side-effect-ledger-check.js +64 -0
- package/dist/scripts/core-skill-rollout-scoring-check.js +72 -0
- package/dist/scripts/core-skill-route-runtime-integration-check.js +49 -0
- package/dist/scripts/core-skill-trainer-check.js +116 -0
- package/dist/scripts/dfix-fast-blackbox-check.js +37 -0
- package/dist/scripts/dfix-fast-kernel-check.js +26 -0
- package/dist/scripts/dfix-fixture-check.js +6 -0
- package/dist/scripts/dfix-parallel-write-blackbox.js +48 -0
- package/dist/scripts/dfix-patch-handoff-check.js +13 -0
- package/dist/scripts/dfix-patch-swarm-route-blackbox.js +10 -0
- package/dist/scripts/dfix-performance-check.js +15 -0
- package/dist/scripts/dfix-verification-check.js +9 -0
- package/dist/scripts/dfix-verification-recommendation-check.js +15 -0
- package/dist/scripts/docs-brand-neutrality-check.js +4 -0
- package/dist/scripts/docs-codex-0139-wording-check.js +21 -0
- package/dist/scripts/docs-loop-productionization-check.js +3 -0
- package/dist/scripts/docs-loop-runtime-check.js +3 -0
- package/dist/scripts/docs-truthfulness-check.js +61 -0
- package/dist/scripts/doctor-codex-0138-fix-check.js +10 -0
- package/dist/scripts/doctor-codex-0139-real-probes-check.js +25 -0
- package/dist/scripts/doctor-codex-app-harness-check.js +4 -0
- package/dist/scripts/doctor-codex-doctor-parity-check.js +17 -0
- package/dist/scripts/doctor-codex-native-readiness-ux-check.js +29 -0
- package/dist/scripts/doctor-codex-native-repair-actions-check.js +24 -0
- package/dist/scripts/doctor-codex-startup-repair-check.js +103 -0
- package/dist/scripts/doctor-context7-mcp-repair-blackbox.js +16 -0
- package/dist/scripts/doctor-context7-mcp-repair-check.js +11 -0
- package/dist/scripts/doctor-context7-repair-check.js +47 -0
- package/dist/scripts/doctor-dirty-plan-check.js +9 -0
- package/dist/scripts/doctor-dirty-repair-blackbox.js +22 -0
- package/dist/scripts/doctor-dirty-repair-check.js +8 -0
- package/dist/scripts/doctor-dirty-semantic-blackbox.js +8 -0
- package/dist/scripts/doctor-dirty-semantic-check.js +7 -0
- package/dist/scripts/doctor-fix-production-blackbox.js +26 -0
- package/dist/scripts/doctor-fix-proves-codex-read-check.js +102 -0
- package/dist/scripts/doctor-fix-recovers-corrupted-config-check.js +122 -0
- package/dist/scripts/doctor-fixes-codex-app-fast-ui-check.js +44 -0
- package/dist/scripts/doctor-native-capability-repair-blackbox.js +39 -0
- package/dist/scripts/doctor-native-capability-repair-check.js +10 -0
- package/dist/scripts/doctor-native-repair-output-check.js +18 -0
- package/dist/scripts/doctor-startup-config-repair-blackbox.js +13 -0
- package/dist/scripts/doctor-startup-config-repair-check.js +10 -0
- package/dist/scripts/doctor-supabase-mcp-repair-blackbox.js +14 -0
- package/dist/scripts/doctor-supabase-mcp-repair-check.js +12 -0
- package/dist/scripts/doctor-transaction-engine-blackbox.js +28 -0
- package/dist/scripts/doctor-transaction-engine-check.js +31 -0
- package/dist/scripts/doctor-zellij-fix-blackbox.js +4 -0
- package/dist/scripts/doctor-zellij-fix-output-check.js +4 -0
- package/dist/scripts/doctor-zellij-no-homebrew-blackbox.js +4 -0
- package/dist/scripts/doctor-zellij-repair-check.js +4 -0
- package/dist/scripts/doctor-zellij-upgrade-blackbox.js +4 -0
- package/dist/scripts/evidence-fixture-check.js +26 -0
- package/dist/scripts/evidence-flagship-coverage-check.js +55 -0
- package/dist/scripts/fake-real-proof-policy-v2-check.js +27 -0
- package/dist/scripts/fake-vs-real-proof-policy-check.js +14 -0
- package/dist/scripts/fast-codex-service-tier-proof-check.js +42 -0
- package/dist/scripts/flagship-proof-graph-v2-check.js +48 -0
- package/dist/scripts/flagship-proof-graph-v3-check.js +67 -0
- package/dist/scripts/flagship-proof-graph-v4-check.js +61 -0
- package/dist/scripts/gate-pack-fixture-cache-check.js +9 -0
- package/dist/scripts/gate-pack-manifest-check.js +9 -0
- package/dist/scripts/gate-pack-runner-blackbox.js +27 -0
- package/dist/scripts/gate-pack-runner-check.js +6 -0
- package/dist/scripts/gate-pack-v2-blackbox.js +18 -0
- package/dist/scripts/git-precommit-fixture-check.js +41 -0
- package/dist/scripts/git-worktree-batch-allocation-check.js +10 -0
- package/dist/scripts/git-worktree-cache-performance-check.js +25 -0
- package/dist/scripts/git-worktree-capability-check.js +27 -0
- package/dist/scripts/git-worktree-checkpoint-check.js +20 -0
- package/dist/scripts/git-worktree-cleanup-check.js +27 -0
- package/dist/scripts/git-worktree-cross-rebase-check.js +41 -0
- package/dist/scripts/git-worktree-diff-envelope-check.js +17 -0
- package/dist/scripts/git-worktree-diff-export-check.js +43 -0
- package/dist/scripts/git-worktree-dirty-lock-check.js +17 -0
- package/dist/scripts/git-worktree-dirty-main-detection-check.js +14 -0
- package/dist/scripts/git-worktree-integration-primary-check.js +24 -0
- package/dist/scripts/git-worktree-integration-primary-runtime-check.js +20 -0
- package/dist/scripts/git-worktree-manager-check.js +37 -0
- package/dist/scripts/git-worktree-manifest-append-check.js +18 -0
- package/dist/scripts/git-worktree-merge-queue-check.js +31 -0
- package/dist/scripts/git-worktree-pool-performance-check.js +20 -0
- package/dist/scripts/git-worktree-prewarm-runtime-check.js +7 -0
- package/dist/scripts/git-worktree-untracked-diff-check.js +18 -0
- package/dist/scripts/goal-artifact-compat-check.js +3 -0
- package/dist/scripts/goal-legacy-runtime-escape-check.js +3 -0
- package/dist/scripts/goal-loop-compat-check.js +3 -0
- package/dist/scripts/goal-loop-runtime-default-check.js +3 -0
- package/dist/scripts/goal-mode-official-default-check.js +12 -0
- package/dist/scripts/gpt-final-arbiter-check.js +63 -0
- package/dist/scripts/gpt-final-arbiter-performance-check.js +36 -0
- package/dist/scripts/gpt-image-2-request-validator-check.js +35 -0
- package/dist/scripts/hooks-0.134-context-parity-check.js +20 -0
- package/dist/scripts/hooks-actual-parity-check.js +17 -0
- package/dist/scripts/hooks-actual-parity-v2-check.js +21 -0
- package/dist/scripts/hooks-latest-schema-check.js +20 -0
- package/dist/scripts/hooks-managed-install-fixture-check.js +21 -0
- package/dist/scripts/hooks-official-hash-oracle-check.js +35 -0
- package/dist/scripts/hooks-official-hash-parity-check.js +17 -0
- package/dist/scripts/hooks-subagent-events-check.js +17 -0
- package/dist/scripts/hooks-trust-state-check.js +14 -0
- package/dist/scripts/image-artifact-path-contract-check.js +14 -0
- package/dist/scripts/image-artifact-registry-check.js +14 -0
- package/dist/scripts/image-fidelity-fixture-check.js +24 -0
- package/dist/scripts/image-followup-edit-path-check.js +14 -0
- package/dist/scripts/image-generation-path-handoff-check.js +8 -0
- package/dist/scripts/image-global-path-contract-check.js +38 -0
- package/dist/scripts/imagegen-capability-check.js +30 -0
- package/dist/scripts/imagegen-real-smoke-check.js +155 -0
- package/dist/scripts/init-deep-backup-retention-check.js +37 -0
- package/dist/scripts/init-deep-memory-scope-safety-check.js +23 -0
- package/dist/scripts/install-update-preserves-config-check.js +172 -0
- package/dist/scripts/json-schema-recursive-check.js +78 -0
- package/dist/scripts/legacy-gate-inventory-check.js +49 -0
- package/dist/scripts/legacy-gate-purge-check.js +7 -0
- package/dist/scripts/legacy-multiagent-removal-check.js +85 -0
- package/dist/scripts/legacy-purge-final-check.js +5 -0
- package/dist/scripts/legacy-strong-inventory-check.js +43 -0
- package/dist/scripts/legacy-upgrade-matrix-check.js +300 -0
- package/dist/scripts/local-collab-all-pipelines-final-gpt-check.js +21 -0
- package/dist/scripts/local-collab-gpt-final-availability-check.js +58 -0
- package/dist/scripts/local-collab-no-local-only-final-check.js +27 -0
- package/dist/scripts/local-collab-policy-check.js +17 -0
- package/dist/scripts/local-collab-worktree-gpt-final-apply-policy-check.js +63 -0
- package/dist/scripts/local-llm-all-pipelines-check.js +11 -0
- package/dist/scripts/local-llm-cache-performance-check.js +10 -0
- package/dist/scripts/local-llm-capability-check.js +14 -0
- package/dist/scripts/local-llm-smoke-check.js +32 -0
- package/dist/scripts/local-llm-structured-output-check.js +11 -0
- package/dist/scripts/local-llm-throughput-check.js +10 -0
- package/dist/scripts/local-llm-tool-call-repair-check.js +10 -0
- package/dist/scripts/local-llm-warmup-check.js +11 -0
- package/dist/scripts/loop-artifact-paths-check.js +3 -0
- package/dist/scripts/loop-blocker-check.js +15 -0
- package/dist/scripts/loop-cli-check.js +3 -0
- package/dist/scripts/loop-cli-registry-check.js +3 -0
- package/dist/scripts/loop-collision-blackbox.js +3 -0
- package/dist/scripts/loop-concurrency-budget-check.js +3 -0
- package/dist/scripts/loop-concurrency-budget-runtime-check.js +3 -0
- package/dist/scripts/loop-concurrency-oversubscription-blackbox.js +3 -0
- package/dist/scripts/loop-continuation-enforcer-check.js +4 -0
- package/dist/scripts/loop-decomposer-check.js +3 -0
- package/dist/scripts/loop-directive-check-lib.js +388 -0
- package/dist/scripts/loop-execution-profile-routing-check.js +4 -0
- package/dist/scripts/loop-final-arbiter-contract-check.js +3 -0
- package/dist/scripts/loop-fixture-policy-check.js +3 -0
- package/dist/scripts/loop-fixture-production-misuse-blackbox.js +3 -0
- package/dist/scripts/loop-fixture-safety-check.js +3 -0
- package/dist/scripts/loop-gate-fixture-guard-check.js +3 -0
- package/dist/scripts/loop-gate-ladder-check.js +3 -0
- package/dist/scripts/loop-gate-runner-check.js +3 -0
- package/dist/scripts/loop-gate-selector-check.js +3 -0
- package/dist/scripts/loop-gpt-final-contract-crossref-check.js +3 -0
- package/dist/scripts/loop-gpt-final-fixture-guard-check.js +3 -0
- package/dist/scripts/loop-gpt-final-gate-contract-check.js +3 -0
- package/dist/scripts/loop-hardening-check-lib.js +289 -0
- package/dist/scripts/loop-integration-finalizer-check.js +3 -0
- package/dist/scripts/loop-integration-merge-strategy-check.js +3 -0
- package/dist/scripts/loop-interrupt-registry-check.js +3 -0
- package/dist/scripts/loop-kill-interrupt-real-blackbox.js +3 -0
- package/dist/scripts/loop-lease-check.js +3 -0
- package/dist/scripts/loop-merge-strategy-blackbox.js +3 -0
- package/dist/scripts/loop-merge-strategy-check.js +3 -0
- package/dist/scripts/loop-mesh-production-e2e-blackbox.js +3 -0
- package/dist/scripts/loop-mutation-ledger-check.js +3 -0
- package/dist/scripts/loop-observability-check.js +3 -0
- package/dist/scripts/loop-owner-inference-check.js +3 -0
- package/dist/scripts/loop-planner-check.js +3 -0
- package/dist/scripts/loop-planner-project-memory-check.js +4 -0
- package/dist/scripts/loop-planner-project-memory-deep-check.js +4 -0
- package/dist/scripts/loop-proof-check.js +3 -0
- package/dist/scripts/loop-proof-summary-cli-check.js +3 -0
- package/dist/scripts/loop-risk-classifier-check.js +3 -0
- package/dist/scripts/loop-runtime-check.js +3 -0
- package/dist/scripts/loop-scheduler-check.js +3 -0
- package/dist/scripts/loop-schema-check.js +3 -0
- package/dist/scripts/loop-side-effect-blackbox.js +3 -0
- package/dist/scripts/loop-side-effect-final-arbiter-check.js +3 -0
- package/dist/scripts/loop-side-effect-scanner-check.js +3 -0
- package/dist/scripts/loop-state-check.js +3 -0
- package/dist/scripts/loop-status-proof-ux-check.js +3 -0
- package/dist/scripts/loop-worker-fixture-guard-check.js +3 -0
- package/dist/scripts/loop-worker-handle-registration-check.js +3 -0
- package/dist/scripts/loop-worker-interrupt-check.js +3 -0
- package/dist/scripts/loop-worktree-policy-check.js +3 -0
- package/dist/scripts/loop-zellij-ui-check.js +3 -0
- package/dist/scripts/mad-db-capability-check.js +15 -0
- package/dist/scripts/mad-db-command-check.js +13 -0
- package/dist/scripts/mad-db-ledger-check.js +7 -0
- package/dist/scripts/mad-db-lifecycle-hook-decision-check.js +17 -0
- package/dist/scripts/mad-db-mad-command-check.js +100 -0
- package/dist/scripts/mad-db-mcp-result-lifecycle-check.js +30 -0
- package/dist/scripts/mad-db-one-cycle-bounded-check.js +27 -0
- package/dist/scripts/mad-db-one-cycle-consumption-check.js +16 -0
- package/dist/scripts/mad-db-operation-lifecycle-blackbox.js +29 -0
- package/dist/scripts/mad-db-operation-lifecycle-ledger-check.js +17 -0
- package/dist/scripts/mad-db-priority-resolver-check.js +20 -0
- package/dist/scripts/mad-db-safety-conflict-matrix-check.js +22 -0
- package/dist/scripts/mad-preflight-blocks-unreadable-config-check.js +66 -0
- package/dist/scripts/mad-sks-actual-executor-blackbox.js +5 -0
- package/dist/scripts/mad-sks-app-ui-no-mutation-check.js +92 -0
- package/dist/scripts/mad-sks-audit-proof-check.js +34 -0
- package/dist/scripts/mad-sks-db-executor-check.js +5 -0
- package/dist/scripts/mad-sks-executor-proof-graph-check.js +5 -0
- package/dist/scripts/mad-sks-fast-mode-propagation-check.js +24 -0
- package/dist/scripts/mad-sks-file-write-executor-check.js +5 -0
- package/dist/scripts/mad-sks-immutable-harness-check.js +36 -0
- package/dist/scripts/mad-sks-no-harness-modification-check.js +25 -0
- package/dist/scripts/mad-sks-package-executor-check.js +5 -0
- package/dist/scripts/mad-sks-permission-model-check.js +22 -0
- package/dist/scripts/mad-sks-rollback-apply-check.js +5 -0
- package/dist/scripts/mad-sks-service-executor-check.js +5 -0
- package/dist/scripts/mad-sks-shell-executor-check.js +5 -0
- package/dist/scripts/mad-sks-write-guard-check.js +28 -0
- package/dist/scripts/mad-sks-zellij-default-pane-worker-check.js +37 -0
- package/dist/scripts/mad-sks-zellij-launch-check.js +102 -0
- package/dist/scripts/mad-zellij-headless-fallback-blackbox.js +4 -0
- package/dist/scripts/mad-zellij-no-contradictory-output-check.js +4 -0
- package/dist/scripts/mad-zellij-self-heal-blackbox.js +4 -0
- package/dist/scripts/mad-zellij-self-heal-check.js +4 -0
- package/dist/scripts/managed-config-merge-check.js +24 -0
- package/dist/scripts/mcp-0-134-modernization-check.js +55 -0
- package/dist/scripts/mcp-plugin-inventory-check.js +12 -0
- package/dist/scripts/mcp-readonly-concurrency-check.js +17 -0
- package/dist/scripts/mcp-readonly-runtime-scheduler-check.js +20 -0
- package/dist/scripts/mcp-tool-naming-parity-check.js +16 -0
- package/dist/scripts/memory-summary-rebuild-check.js +22 -0
- package/dist/scripts/model-call-concurrency-check.js +15 -0
- package/dist/scripts/mutation-callsite-coverage-check.js +180 -0
- package/dist/scripts/naruto-active-pool-check.js +39 -0
- package/dist/scripts/naruto-actual-worker-control-plane-check.js +56 -0
- package/dist/scripts/naruto-allocation-policy-check.js +33 -0
- package/dist/scripts/naruto-allocation-runtime-wiring-check.js +92 -0
- package/dist/scripts/naruto-concurrency-governor-check.js +53 -0
- package/dist/scripts/naruto-extreme-parallelism-check.js +22 -0
- package/dist/scripts/naruto-extreme-parallelism-real-check.js +43 -0
- package/dist/scripts/naruto-gpt-final-pack-check.js +34 -0
- package/dist/scripts/naruto-loop-maker-checker-check.js +3 -0
- package/dist/scripts/naruto-loop-mesh-blackbox.js +3 -0
- package/dist/scripts/naruto-loop-mesh-check.js +3 -0
- package/dist/scripts/naruto-loop-worker-router-check.js +3 -0
- package/dist/scripts/naruto-orchestrator-runtime-source-check.js +70 -0
- package/dist/scripts/naruto-parallel-gate-consistency-check.js +8 -0
- package/dist/scripts/naruto-parallel-patch-apply-check.js +41 -0
- package/dist/scripts/naruto-parallel-runtime-proof-check.js +9 -0
- package/dist/scripts/naruto-parallelism-mode-check.js +12 -0
- package/dist/scripts/naruto-parallelism-ux-check.js +8 -0
- package/dist/scripts/naruto-proof-message-summary-check.js +9 -0
- package/dist/scripts/naruto-proof-zellij-stacked-summary-check.js +47 -0
- package/dist/scripts/naruto-readonly-routing-check.js +119 -0
- package/dist/scripts/naruto-real-active-pool-check.js +39 -0
- package/dist/scripts/naruto-real-active-pool-runtime-check.js +55 -0
- package/dist/scripts/naruto-real-parallelism-blackbox.js +294 -0
- package/dist/scripts/naruto-rebalance-policy-check.js +41 -0
- package/dist/scripts/naruto-role-distribution-check.js +23 -0
- package/dist/scripts/naruto-shadow-clone-swarm-check.js +164 -0
- package/dist/scripts/naruto-ssot-default-check.js +9 -0
- package/dist/scripts/naruto-ssot-gate-aliases-check.js +10 -0
- package/dist/scripts/naruto-ssot-pipeline-default-check.js +11 -0
- package/dist/scripts/naruto-ssot-route-normalization-check.js +9 -0
- package/dist/scripts/naruto-ssot-routing-check.js +13 -0
- package/dist/scripts/naruto-verification-pool-check.js +36 -0
- package/dist/scripts/naruto-visible-vs-active-workers-check.js +10 -0
- package/dist/scripts/naruto-work-graph-check.js +24 -0
- package/dist/scripts/naruto-worktree-coding-blackbox.js +29 -0
- package/dist/scripts/naruto-worktree-coding-check.js +44 -0
- package/dist/scripts/naruto-worktree-gpt-final-check.js +45 -0
- package/dist/scripts/naruto-worktree-zellij-ui-check.js +28 -0
- package/dist/scripts/naruto-zellij-dynamic-right-column-check.js +48 -0
- package/dist/scripts/naruto-zellij-massive-ui-check.js +23 -0
- package/dist/scripts/native-app-screenshot-repair-check.js +11 -0
- package/dist/scripts/native-capability-postcheck-check.js +16 -0
- package/dist/scripts/native-capability-repair-check.js +15 -0
- package/dist/scripts/native-capability-repair-matrix-check.js +10 -0
- package/dist/scripts/native-chrome-web-review-repair-check.js +10 -0
- package/dist/scripts/native-computer-use-repair-check.js +10 -0
- package/dist/scripts/native-image-generation-repair-check.js +9 -0
- package/dist/scripts/native-swarm-heartbeat-does-not-serialize-launch-check.js +8 -0
- package/dist/scripts/native-swarm-process-spawn-proof-check.js +7 -0
- package/dist/scripts/native-swarm-zellij-does-not-block-workers-check.js +11 -0
- package/dist/scripts/no-ts-nocheck-core-check.js +4 -0
- package/dist/scripts/no-ts-nocheck-release-scripts-check.js +4 -0
- package/dist/scripts/non-recursive-pipeline-check.js +68 -0
- package/dist/scripts/npm-publish-performance-check.js +65 -0
- package/dist/scripts/official-docs-compat-report.js +304 -0
- package/dist/scripts/orphan-gate-detection-check.js +53 -0
- package/dist/scripts/orphan-purge-final-check.js +5 -0
- package/dist/scripts/orphan-strong-detection-check.js +12 -0
- package/dist/scripts/package-published-contract-check.js +46 -0
- package/dist/scripts/packlist-performance-check.js +83 -0
- package/dist/scripts/parallel-claim-enforcement-check.js +21 -0
- package/dist/scripts/parallel-missing-pid-rejection-check.js +55 -0
- package/dist/scripts/parallel-runtime-proof-check.js +23 -0
- package/dist/scripts/parallel-runtime-proof-events-check.js +13 -0
- package/dist/scripts/parallel-runtime-real-blackbox.js +44 -0
- package/dist/scripts/parallel-strict-pid-proof-check.js +54 -0
- package/dist/scripts/parallel-verification-engine-check.js +85 -0
- package/dist/scripts/pipeline-codex-0140-integration-check.js +30 -0
- package/dist/scripts/pipeline-codex-native-doctor-mad-routing-check.js +4 -0
- package/dist/scripts/pipeline-codex-native-doctor-mad-routing-real-blackbox.js +77 -0
- package/dist/scripts/pipeline-codex-native-e2e-blackbox.js +13 -0
- package/dist/scripts/pipeline-codex-native-image-routing-check.js +4 -0
- package/dist/scripts/pipeline-codex-native-image-routing-real-blackbox.js +50 -0
- package/dist/scripts/pipeline-codex-native-loop-routing-check.js +4 -0
- package/dist/scripts/pipeline-codex-native-loop-routing-real-blackbox.js +74 -0
- package/dist/scripts/pipeline-codex-native-qa-routing-check.js +4 -0
- package/dist/scripts/pipeline-codex-native-qa-routing-real-blackbox.js +51 -0
- package/dist/scripts/pipeline-codex-native-research-routing-check.js +4 -0
- package/dist/scripts/pipeline-codex-native-research-routing-real-blackbox.js +45 -0
- package/dist/scripts/pipeline-execution-profile-routing-blackbox.js +4 -0
- package/dist/scripts/pipeline-five-minute-sla-check.js +7 -0
- package/dist/scripts/postinstall-safe-side-effects-check.js +65 -0
- package/dist/scripts/ppt-full-e2e-artifact-graph-check.js +40 -0
- package/dist/scripts/ppt-full-e2e-blackbox-check.js +109 -0
- package/dist/scripts/ppt-image-voxel-relations-check.js +9 -0
- package/dist/scripts/ppt-imagegen-blackbox-check.js +46 -0
- package/dist/scripts/ppt-imagegen-review-fixture-check.js +6 -0
- package/dist/scripts/ppt-issue-extraction-fixture-check.js +7 -0
- package/dist/scripts/ppt-no-mock-as-real-check.js +8 -0
- package/dist/scripts/ppt-no-text-fallback-check.js +7 -0
- package/dist/scripts/ppt-proof-trust-fixture-check.js +10 -0
- package/dist/scripts/ppt-real-export-adapter-check.js +13 -0
- package/dist/scripts/ppt-real-imagegen-smoke-check.js +42 -0
- package/dist/scripts/ppt-real-imagegen-wiring-check.js +16 -0
- package/dist/scripts/ppt-reexport-rereview-check.js +19 -0
- package/dist/scripts/ppt-slide-export-fixture-check.js +7 -0
- package/dist/scripts/prepublish-fast-check.js +128 -0
- package/dist/scripts/priority-full-closure-check.js +12 -0
- package/dist/scripts/probe-memoization-check.js +11 -0
- package/dist/scripts/product-design-auto-install-check.js +119 -0
- package/dist/scripts/product-design-plugin-routing-check.js +101 -0
- package/dist/scripts/project-skill-dedupe-blackbox.js +36 -0
- package/dist/scripts/project-skill-dedupe-check.js +16 -0
- package/dist/scripts/prompt-placeholder-guard-check.js +33 -0
- package/dist/scripts/proof-root-cause-policy-check.js +70 -0
- package/dist/scripts/provider-badge-context-check.js +26 -0
- package/dist/scripts/provider-context-config-toml-check.js +63 -0
- package/dist/scripts/python-codex-sdk-all-pipelines-check.js +47 -0
- package/dist/scripts/python-codex-sdk-capability-check.js +75 -0
- package/dist/scripts/python-codex-sdk-sandbox-policy-check.js +10 -0
- package/dist/scripts/python-codex-sdk-stream-bridge-check.js +12 -0
- package/dist/scripts/python-tools-smoke-check.js +71 -0
- package/dist/scripts/qa-actual-route-backfill-check.js +5 -0
- package/dist/scripts/qa-backfill-route-blackbox.js +5 -0
- package/dist/scripts/qa-loop-app-handoff-capability-check.js +9 -0
- package/dist/scripts/qa-loop-app-handoff-check.js +9 -0
- package/dist/scripts/qa-loop-app-handoff-cli-check.js +8 -0
- package/dist/scripts/qa-loop-app-handoff-confirmation-check.js +24 -0
- package/dist/scripts/qa-loop-app-handoff-gate-lifecycle-check.js +44 -0
- package/dist/scripts/qa-loop-app-handoff-launch-check.js +7 -0
- package/dist/scripts/qa-loop-app-handoff-status-lifecycle-check.js +7 -0
- package/dist/scripts/qa-loop-budget-policy-check.js +8 -0
- package/dist/scripts/qa-loop-effort-escalation-check.js +9 -0
- package/dist/scripts/qa-loop-execution-profile-routing-check.js +4 -0
- package/dist/scripts/qa-loop-image-path-exposure-check.js +9 -0
- package/dist/scripts/qa-loop-image-path-prompt-injection-check.js +8 -0
- package/dist/scripts/qa-patch-swarm-route-blackbox.js +10 -0
- package/dist/scripts/readme-architecture-imagegen-official-check.js +448 -0
- package/dist/scripts/release-affected-selector-check.js +41 -0
- package/dist/scripts/release-aggressive-resource-governor-check.js +25 -0
- package/dist/scripts/release-batch-runner-check.js +6 -0
- package/dist/scripts/release-cache-bridge-check.js +23 -0
- package/dist/scripts/release-cache-glob-hashing-check.js +42 -0
- package/dist/scripts/release-cache-input-classifier-check.js +13 -0
- package/dist/scripts/release-cache-neutralization-report-check.js +13 -0
- package/dist/scripts/release-cache-version-neutral-fixture-check.js +65 -0
- package/dist/scripts/release-check-stamp.js +2 -1
- package/dist/scripts/release-dag-full-coverage-check.js +428 -0
- package/dist/scripts/release-dist-freshness-check.js +8 -0
- package/dist/scripts/release-dynamic-performance-check.js +110 -0
- package/dist/scripts/release-dynamic-presets-check.js +20 -0
- package/dist/scripts/release-full-parallelism-blackbox.js +41 -0
- package/dist/scripts/release-gate-batch-runner-check.js +43 -0
- package/dist/scripts/release-gate-budget-check.js +36 -0
- package/dist/scripts/release-gate-dag-runner-check.js +107 -0
- package/dist/scripts/release-gate-script-parity-check.js +117 -0
- package/dist/scripts/release-metadata-1-11-check.js +37 -0
- package/dist/scripts/release-metadata-1-12-check.js +48 -0
- package/dist/scripts/release-metadata-1-13-check.js +53 -0
- package/dist/scripts/release-metadata-1-14-check.js +63 -0
- package/dist/scripts/release-metadata-1-16-check.js +81 -0
- package/dist/scripts/release-metadata-1-17-check.js +51 -0
- package/dist/scripts/release-metadata-1-19-check.js +376 -0
- package/dist/scripts/release-metadata-check.js +7 -0
- package/dist/scripts/release-native-agent-fixture-check.js +41 -0
- package/dist/scripts/release-parallel-check.js +375 -0
- package/dist/scripts/release-parallel-full-coverage-check.js +13 -0
- package/dist/scripts/release-parallel-speed-budget-check.js +91 -0
- package/dist/scripts/release-proof-truth-check.js +14 -0
- package/dist/scripts/release-provenance-check.js +143 -0
- package/dist/scripts/release-readiness-report.js +1231 -0
- package/dist/scripts/release-real-check.js +338 -0
- package/dist/scripts/release-registry-check.js +353 -0
- package/dist/scripts/release-runtime-truth-matrix-check.js +47 -0
- package/dist/scripts/release-script-type-safety-check.js +4 -0
- package/dist/scripts/release-speed-summary-check.js +20 -0
- package/dist/scripts/release-stability-report-check.js +99 -0
- package/dist/scripts/release-triwiki-first-runner-blackbox.js +44 -0
- package/dist/scripts/release-triwiki-first-runner-check.js +9 -0
- package/dist/scripts/release-version-truth-check.js +134 -0
- package/dist/scripts/release-wiring-3110-blackbox.js +27 -0
- package/dist/scripts/release-wiring-3112-blackbox.js +17 -0
- package/dist/scripts/release-wiring-3113-blackbox.js +17 -0
- package/dist/scripts/research-actual-route-backfill-check.js +5 -0
- package/dist/scripts/research-backfill-route-blackbox.js +5 -0
- package/dist/scripts/research-blueprint-densifier-check.js +21 -0
- package/dist/scripts/research-claim-builder-check.js +19 -0
- package/dist/scripts/research-complete-package-fixture-check.js +29 -0
- package/dist/scripts/research-execution-profile-routing-check.js +4 -0
- package/dist/scripts/research-final-reviewer-blackbox.js +70 -0
- package/dist/scripts/research-handoff-consumability-check.js +23 -0
- package/dist/scripts/research-parallel-source-shards-check.js +22 -0
- package/dist/scripts/research-quality-gate-check.js +112 -0
- package/dist/scripts/research-real-cycle-no-legacy-final-md-check.js +14 -0
- package/dist/scripts/research-real-synthesis-no-deterministic-renderer-check.js +14 -0
- package/dist/scripts/research-repetition-detector-check.js +19 -0
- package/dist/scripts/research-short-report-rejection-check.js +46 -0
- package/dist/scripts/research-source-ledger-merge-check.js +26 -0
- package/dist/scripts/research-stage-cycle-runtime-blackbox.js +40 -0
- package/dist/scripts/research-synthesis-prompt-contract-check.js +36 -0
- package/dist/scripts/research-synthesis-writer-blackbox.js +24 -0
- package/dist/scripts/research-synthesis-writer-check.js +26 -0
- package/dist/scripts/research-template-report-rejection-check.js +56 -0
- package/dist/scripts/research-ultra-stability-report.js +45 -0
- package/dist/scripts/responses-retry-policy-centralized-check.js +19 -0
- package/dist/scripts/retention-cleanup-safety-check.js +155 -0
- package/dist/scripts/route-blackbox-realism-check.js +21 -0
- package/dist/scripts/route-proof-artifact-structure-check.js +145 -0
- package/dist/scripts/runtime-dist-parity-check.js +78 -0
- package/dist/scripts/runtime-no-mjs-scripts-check.js +45 -0
- package/dist/scripts/runtime-no-src-mjs-check.js +32 -0
- package/dist/scripts/runtime-no-tmux-check.js +114 -0
- package/dist/scripts/runtime-proof-summary-check.js +58 -0
- package/dist/scripts/runtime-proof-summary-cli-check.js +51 -0
- package/dist/scripts/runtime-proof-summary-messages-check.js +37 -0
- package/dist/scripts/runtime-proof-zellij-stacked-summary-check.js +58 -0
- package/dist/scripts/runtime-ts-python-boundary-check.js +59 -0
- package/dist/scripts/runtime-ts-rust-boundary-check.js +74 -0
- package/dist/scripts/runtime-ts-source-of-truth-check.js +55 -0
- package/dist/scripts/safety-check.js +23 -0
- package/dist/scripts/scheduler-batch-dispatch-check.js +17 -0
- package/dist/scripts/scheduler-critical-path-check.js +9 -0
- package/dist/scripts/scheduler-extreme-parallel-check.js +7 -0
- package/dist/scripts/scheduler-no-false-pending-block-check.js +7 -0
- package/dist/scripts/scheduler-parallel-proof-consistency-check.js +65 -0
- package/dist/scripts/scheduler-resource-budget-check.js +7 -0
- package/dist/scripts/scheduler-resource-claim-blackbox.js +24 -0
- package/dist/scripts/scheduler-utilization-integral-check.js +105 -0
- package/dist/scripts/scheduler-utilization-proof-check.js +8 -0
- package/dist/scripts/secret-line-rollback-check.js +35 -0
- package/dist/scripts/secret-preservation-check.js +11 -0
- package/dist/scripts/secret-preservation-guard-check.js +37 -0
- package/dist/scripts/shared-memory-fixture-check.js +27 -0
- package/dist/scripts/side-effect-runtime-report-check.js +19 -0
- package/dist/scripts/side-effect-zero-gate-check.js +226 -0
- package/dist/scripts/skill-name-canonicalizer-check.js +9 -0
- package/dist/scripts/skill-registry-ledger-check.js +14 -0
- package/dist/scripts/skill-sync-atomic-check.js +35 -0
- package/dist/scripts/sks-1-11-fixture-check.js +130 -0
- package/dist/scripts/sks-1-12-real-execution-check-lib.js +27 -0
- package/dist/scripts/sks-3-1-4-directive-check-lib.js +212 -0
- package/dist/scripts/sks-3-1-5-directive-check-lib.js +318 -0
- package/dist/scripts/sks-3-1-6-directive-check-lib.js +522 -0
- package/dist/scripts/sks-3-1-7-directive-check-lib.js +58 -0
- package/dist/scripts/sks-3-1-8-check-lib.js +30 -0
- package/dist/scripts/sks-3110-all-feature-regression-blackbox.js +116 -0
- package/dist/scripts/sks-3112-all-feature-regression-blackbox.js +29 -0
- package/dist/scripts/sks-3113-all-feature-regression-blackbox.js +17 -0
- package/dist/scripts/sks-400-all-feature-regression-blackbox.js +21 -0
- package/dist/scripts/sks-400-extreme-parallel-blackbox.js +8 -0
- package/dist/scripts/sks-400-five-minute-blackbox.js +9 -0
- package/dist/scripts/sks-400-legacy-purge-blackbox.js +8 -0
- package/dist/scripts/sks-401-all-feature-regression-blackbox.js +46 -0
- package/dist/scripts/sks-401-five-minute-actual-blackbox.js +23 -0
- package/dist/scripts/sks-402-all-feature-regression-blackbox.js +9 -0
- package/dist/scripts/sks-402-five-minute-real-blackbox.js +22 -0
- package/dist/scripts/sksd-daemon-check.js +9 -0
- package/dist/scripts/sksd-warm-cache-blackbox.js +12 -0
- package/dist/scripts/source-intelligence-all-modes-check.js +32 -0
- package/dist/scripts/source-intelligence-policy-check.js +13 -0
- package/dist/scripts/strategy-adhd-orchestrating-gate-check.js +22 -0
- package/dist/scripts/strategy-file-ownership-plan-check.js +18 -0
- package/dist/scripts/strategy-parallel-modification-plan-check.js +19 -0
- package/dist/scripts/strategy-verification-rollback-dag-check.js +19 -0
- package/dist/scripts/supabase-secret-preservation-blackbox.js +29 -0
- package/dist/scripts/team-actual-route-backfill-check.js +5 -0
- package/dist/scripts/team-alias-to-naruto-check.js +7 -0
- package/dist/scripts/team-backfill-route-blackbox.js +5 -0
- package/dist/scripts/team-legacy-create-removed-check.js +12 -0
- package/dist/scripts/team-parallel-write-blackbox.js +55 -0
- package/dist/scripts/team-patch-swarm-route-blackbox.js +10 -0
- package/dist/scripts/terminal-keyboard-enhancement-safety-check.js +12 -0
- package/dist/scripts/terminal-tui-output-stability-check.js +35 -0
- package/dist/scripts/test-no-orphan-dist-imports-check.js +73 -0
- package/dist/scripts/triwiki-affected-graph-blackbox.js +28 -0
- package/dist/scripts/triwiki-affected-graph-check.js +10 -0
- package/dist/scripts/triwiki-cache-key-check.js +9 -0
- package/dist/scripts/triwiki-gate-impact-map-check.js +8 -0
- package/dist/scripts/triwiki-module-card-check.js +7 -0
- package/dist/scripts/triwiki-proof-bank-blackbox.js +30 -0
- package/dist/scripts/triwiki-proof-bank-check.js +7 -0
- package/dist/scripts/triwiki-proof-bank-lock-blackbox.js +7 -0
- package/dist/scripts/triwiki-proof-card-check.js +23 -0
- package/dist/scripts/triwiki-stale-proof-rejection-check.js +25 -0
- package/dist/scripts/trust-fixture-check.js +33 -0
- package/dist/scripts/type-surface-codex-app-check.js +4 -0
- package/dist/scripts/typescript-migration-report.js +78 -0
- package/dist/scripts/ultra-router-auto-router-check.js +33 -0
- package/dist/scripts/ultra-router-classification-check.js +28 -0
- package/dist/scripts/update-gate-removed-check.js +9 -0
- package/dist/scripts/update-mad-zellij-notice-check.js +9 -0
- package/dist/scripts/update-notice-check.js +10 -0
- package/dist/scripts/update-preserves-supabase-keys-blackbox.js +27 -0
- package/dist/scripts/update-secret-migration-journal-check.js +8 -0
- package/dist/scripts/update-secret-preservation-guard-check.js +10 -0
- package/dist/scripts/ux-patch-swarm-route-blackbox.js +10 -0
- package/dist/scripts/ux-ppt-structured-extraction-check.js +21 -0
- package/dist/scripts/ux-review-extract-real-callouts-fixture-check.js +8 -0
- package/dist/scripts/ux-review-extract-wires-real-extractor-check.js +15 -0
- package/dist/scripts/ux-review-generate-callouts-fixture-check.js +9 -0
- package/dist/scripts/ux-review-image-voxel-relations-check.js +31 -0
- package/dist/scripts/ux-review-imagegen-blackbox-check.js +67 -0
- package/dist/scripts/ux-review-no-fake-callouts-check.js +8 -0
- package/dist/scripts/ux-review-no-text-fallback-check.js +25 -0
- package/dist/scripts/ux-review-patch-diff-recheck-check.js +20 -0
- package/dist/scripts/ux-review-patch-handoff-fixture-check.js +8 -0
- package/dist/scripts/ux-review-real-imagegen-smoke-check.js +31 -0
- package/dist/scripts/ux-review-real-loop-fixture-check.js +24 -0
- package/dist/scripts/ux-review-recapture-recheck-fixture-check.js +8 -0
- package/dist/scripts/ux-review-run-wires-imagegen-check.js +11 -0
- package/dist/scripts/worker-pane-communication-contract-check.js +54 -0
- package/dist/scripts/wrongness-fixture-check.js +65 -0
- package/dist/scripts/xai-mcp-capability-check.js +14 -0
- package/dist/scripts/zellij-capability-check.js +15 -0
- package/dist/scripts/zellij-dashboard-pane-check.js +70 -0
- package/dist/scripts/zellij-developer-controls-check.js +20 -0
- package/dist/scripts/zellij-doctor-readiness-check.js +63 -0
- package/dist/scripts/zellij-dynamic-pane-lifecycle-check.js +21 -0
- package/dist/scripts/zellij-fake-adapter-check.js +33 -0
- package/dist/scripts/zellij-first-slot-down-stack-check.js +21 -0
- package/dist/scripts/zellij-first-slot-down-stack-real-check.js +349 -0
- package/dist/scripts/zellij-homebrew-policy-check.js +4 -0
- package/dist/scripts/zellij-initial-main-only-blackbox.js +28 -0
- package/dist/scripts/zellij-lane-renderer-check.js +80 -0
- package/dist/scripts/zellij-launch-command-truth-check.js +75 -0
- package/dist/scripts/zellij-layout-valid-check.js +90 -0
- package/dist/scripts/zellij-pane-creation-lock-metrics-check.js +12 -0
- package/dist/scripts/zellij-pane-lock-concurrency-blackbox.js +80 -0
- package/dist/scripts/zellij-pane-lock-does-not-block-worker-check.js +14 -0
- package/dist/scripts/zellij-pane-lock-open-worker-integration-blackbox.js +137 -0
- package/dist/scripts/zellij-pane-proof-check.js +59 -0
- package/dist/scripts/zellij-qa-app-handoff-status-check.js +9 -0
- package/dist/scripts/zellij-real-session-cleanup-check.js +21 -0
- package/dist/scripts/zellij-real-session-heartbeat-check.js +49 -0
- package/dist/scripts/zellij-real-session-launch-check.js +57 -0
- package/dist/scripts/zellij-right-column-headless-overflow-check.js +22 -0
- package/dist/scripts/zellij-right-column-manager-check.js +27 -0
- package/dist/scripts/zellij-screen-proof-check.js +45 -0
- package/dist/scripts/zellij-self-heal-check.js +4 -0
- package/dist/scripts/zellij-self-heal-dry-run-check.js +4 -0
- package/dist/scripts/zellij-self-heal-status-contract-check.js +4 -0
- package/dist/scripts/zellij-self-heal-typed-blackbox.js +4 -0
- package/dist/scripts/zellij-slot-column-anchor-check.js +66 -0
- package/dist/scripts/zellij-slot-column-anchor-telemetry-check.js +9 -0
- package/dist/scripts/zellij-slot-only-ui-check.js +31 -0
- package/dist/scripts/zellij-slot-pane-renderer-check.js +150 -0
- package/dist/scripts/zellij-slot-pane-stale-detection-check.js +74 -0
- package/dist/scripts/zellij-slot-pane-telemetry-renderer-check.js +11 -0
- package/dist/scripts/zellij-slot-renderer-proof-semantics-check.js +59 -0
- package/dist/scripts/zellij-slot-telemetry-check.js +39 -0
- package/dist/scripts/zellij-slot-telemetry-incremental-check.js +48 -0
- package/dist/scripts/zellij-slot-telemetry-live-flush-check.js +57 -0
- package/dist/scripts/zellij-slot-telemetry-performance-check.js +34 -0
- package/dist/scripts/zellij-slot-telemetry-real-blackbox.js +20 -0
- package/dist/scripts/zellij-slot-telemetry-renderer-check.js +10 -0
- package/dist/scripts/zellij-slot-telemetry-runtime-check.js +23 -0
- package/dist/scripts/zellij-spawn-on-demand-layout-check.js +40 -0
- package/dist/scripts/zellij-stacked-capability-routing-check.js +11 -0
- package/dist/scripts/zellij-stacked-fallback-integration-blackbox.js +81 -0
- package/dist/scripts/zellij-stacked-version-matrix-check.js +31 -0
- package/dist/scripts/zellij-stacked-version-parser-check.js +21 -0
- package/dist/scripts/zellij-ui-design-check.js +105 -0
- package/dist/scripts/zellij-update-missing-self-heal-check.js +4 -0
- package/dist/scripts/zellij-update-prompt-matrix-check.js +18 -0
- package/dist/scripts/zellij-update-prompt-mode-check.js +20 -0
- package/dist/scripts/zellij-update-prompt-safety-check.js +10 -0
- package/dist/scripts/zellij-worker-pane-manager-check.js +109 -0
- package/dist/scripts/zellij-worker-pane-manager-single-owner-check.js +47 -0
- package/dist/scripts/zellij-worker-pane-real-ui-blackbox.js +202 -0
- package/dist/scripts/zellij-worker-pane-spawn-order-check.js +35 -0
- package/package.json +17 -7
- package/schemas/codex/app-server-0.142/codex_app_server_protocol.v2.schemas.json +18447 -0
- package/schemas/codex-release-manifest.schema.json +44 -0
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs/promises';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
import { pathToFileURL } from 'node:url';
|
|
6
|
+
import { ensureDistFresh, root } from './lib/ensure-dist-fresh.js';
|
|
7
|
+
const freshness = ensureDistFresh({ rebuild: true });
|
|
8
|
+
if (!freshness.ok)
|
|
9
|
+
fail('dist_not_fresh', { freshness });
|
|
10
|
+
const mod = await import(pathToFileURL(path.join(root, 'dist', 'core', 'zellij', 'zellij-launcher.js')).href);
|
|
11
|
+
const report = await mod.launchMadZellijUi(['--workspace', 'sks-mad-check'], {
|
|
12
|
+
root,
|
|
13
|
+
missionId: 'M-zellij-launch-check',
|
|
14
|
+
ledgerRoot: path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'agents'),
|
|
15
|
+
dryRun: true,
|
|
16
|
+
codexArgs: ['--profile', 'sks-mad-high', '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast', '-c', 'model_provider="codex-lb"'],
|
|
17
|
+
launchEnv: { SKS_MAD_SKS_TARGET_ROOT: root, SKS_PROTECTED_CORE_POLICY: path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'mad-sks-protected-core-policy.json') }
|
|
18
|
+
});
|
|
19
|
+
const paneProofExists = await fs.access(path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'zellij-pane-proof.json')).then(() => true).catch(() => false);
|
|
20
|
+
const layoutText = await fs.readFile(report.layout_path, 'utf8');
|
|
21
|
+
const installHelpers = await fs.readFile(path.join(root, 'src', 'cli', 'install-helpers.ts'), 'utf8');
|
|
22
|
+
const madCommand = await fs.readFile(path.join(root, 'src', 'core', 'commands', 'mad-sks-command.ts'), 'utf8');
|
|
23
|
+
const installSafetyOk = !installHelpers.includes("--from-postinstall', '--install-scope', 'global', '--force', '--yes")
|
|
24
|
+
&& installHelpers.includes('SKS_POSTINSTALL_AUTO_INSTALL_CLI_TOOLS')
|
|
25
|
+
&& installHelpers.includes('(zellijRepair as any).error || zellij.blockers[0]')
|
|
26
|
+
&& installHelpers.includes('Codex CLI is missing. Install latest Codex CLI');
|
|
27
|
+
const consoleDetailOk = madCommand.includes("['stderr_tail'")
|
|
28
|
+
&& madCommand.includes("['stdout_tail'")
|
|
29
|
+
&& madCommand.includes('report: ${launch.report_path}');
|
|
30
|
+
const autoAttachOk = madCommand.includes('shouldAutoAttachZellij(args)')
|
|
31
|
+
&& madCommand.includes('attachZellijSessionInteractive(launch.session_name')
|
|
32
|
+
&& madCommand.includes("list.includes('--no-attach')")
|
|
33
|
+
&& madCommand.includes("list.includes('--json')")
|
|
34
|
+
&& madCommand.includes('process.env.ZELLIJ')
|
|
35
|
+
&& madCommand.includes("list.includes('--attach')")
|
|
36
|
+
&& madCommand.includes('process.stdout.isTTY && process.stdin.isTTY');
|
|
37
|
+
const nativeSwarmOk = madCommand.includes('startMadNativeSwarm(')
|
|
38
|
+
&& madCommand.includes('stripMadLaunchOnlyArgs(args, { includeGlmFlags: glmMadLaunch })')
|
|
39
|
+
&& madCommand.includes('function madLaunchValueFlags(includeGlmFlags = false)')
|
|
40
|
+
&& madCommand.includes("route: '$MAD-SKS'")
|
|
41
|
+
&& madCommand.includes("route_command: 'sks --mad native swarm'")
|
|
42
|
+
&& madCommand.includes("same_mission_ledger: true")
|
|
43
|
+
&& madCommand.includes('slotCount: 0')
|
|
44
|
+
&& madCommand.includes('zellijSessionName: launch.session_name')
|
|
45
|
+
&& madCommand.includes('mad_sks.native_swarm_started');
|
|
46
|
+
const codexPaneChecks = {
|
|
47
|
+
main_pane_kind: report.main_pane_kind === 'codex_interactive',
|
|
48
|
+
report_enabled: report.codex_pane?.enabled === true,
|
|
49
|
+
report_no_alt_screen_arg: report.codex_pane.args.includes('--no-alt-screen'),
|
|
50
|
+
report_profile_arg: report.codex_pane.args.includes('--profile') && report.codex_pane.args.includes('sks-mad-high'),
|
|
51
|
+
report_sandbox_arg: report.codex_pane.args.includes('--sandbox') && report.codex_pane.args.includes('danger-full-access'),
|
|
52
|
+
report_approval_arg: report.codex_pane.args.includes('--ask-for-approval') && report.codex_pane.args.includes('never'),
|
|
53
|
+
report_service_tier_arg: report.codex_pane.args.includes('service_tier=fast'),
|
|
54
|
+
report_provider_arg: report.codex_pane.args.some((arg) => /model_provider=.*codex-lb/.test(arg)),
|
|
55
|
+
report_target_env: report.codex_pane.launch_env_keys.includes('SKS_MAD_SKS_TARGET_ROOT'),
|
|
56
|
+
report_policy_env: report.codex_pane.launch_env_keys.includes('SKS_PROTECTED_CORE_POLICY'),
|
|
57
|
+
layout_orchestrator_pane: layoutText.includes('pane name="orchestrator" command="sh"'),
|
|
58
|
+
layout_codex_exec: /exec\s+'?codex'?/.test(layoutText),
|
|
59
|
+
layout_no_alt_screen_arg: layoutText.includes('--no-alt-screen'),
|
|
60
|
+
layout_profile_arg: layoutText.includes('--profile') && layoutText.includes('sks-mad-high'),
|
|
61
|
+
layout_sandbox_arg: layoutText.includes('--sandbox') && layoutText.includes('danger-full-access'),
|
|
62
|
+
layout_approval_arg: layoutText.includes('--ask-for-approval') && layoutText.includes('never'),
|
|
63
|
+
layout_service_tier_arg: layoutText.includes('service_tier=fast'),
|
|
64
|
+
layout_provider_arg: /model_provider=.*codex-lb/.test(layoutText),
|
|
65
|
+
layout_not_status_shell: !layoutText.includes('sks status --json || true; exec')
|
|
66
|
+
};
|
|
67
|
+
const codexPaneOk = Object.values(codexPaneChecks).every(Boolean);
|
|
68
|
+
const clipboardCliOk = report.launch_command.includes('--copy-command')
|
|
69
|
+
&& report.launch_command.includes('pbcopy')
|
|
70
|
+
&& report.launch_command.includes('--copy-on-select')
|
|
71
|
+
&& report.launch_command.includes('true')
|
|
72
|
+
&& report.launch_command.includes('--mouse-mode')
|
|
73
|
+
&& report.launch_command[report.launch_command.indexOf('--mouse-mode') + 1] === 'true'
|
|
74
|
+
&& report.clipboard_mouse_mode === true
|
|
75
|
+
&& !report.launch_command.includes('--copy-clipboard');
|
|
76
|
+
const ok = report.kind === 'mad'
|
|
77
|
+
&& report.layout_artifact
|
|
78
|
+
&& report.layout_path
|
|
79
|
+
&& report.pane_proof_path
|
|
80
|
+
&& paneProofExists
|
|
81
|
+
&& Array.isArray(report.launch_command)
|
|
82
|
+
&& report.launch_command.join(' ').includes('attach --create-background')
|
|
83
|
+
&& report.launch_command.includes('--default-layout')
|
|
84
|
+
&& !report.launch_command.includes('--layout')
|
|
85
|
+
&& !JSON.stringify(report).includes('tmux attach')
|
|
86
|
+
&& installSafetyOk
|
|
87
|
+
&& consoleDetailOk
|
|
88
|
+
&& autoAttachOk
|
|
89
|
+
&& nativeSwarmOk
|
|
90
|
+
&& clipboardCliOk
|
|
91
|
+
&& codexPaneOk;
|
|
92
|
+
const gate = { schema: 'sks.mad-sks-zellij-launch-check.v1', ok, install_safety_ok: installSafetyOk, console_detail_ok: consoleDetailOk, auto_attach_ok: autoAttachOk, native_swarm_ok: nativeSwarmOk, clipboard_cli_ok: clipboardCliOk, codex_pane_ok: codexPaneOk, codex_pane_checks: codexPaneChecks, report };
|
|
93
|
+
await writeMadZellijLaunchGate(gate);
|
|
94
|
+
emit(gate);
|
|
95
|
+
async function writeMadZellijLaunchGate(gate) {
|
|
96
|
+
await fs.mkdir(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
|
|
97
|
+
await fs.writeFile(path.join(root, '.sneakoscope', 'reports', 'mad-sks-zellij-launch.json'), `${JSON.stringify(gate, null, 2)}\n`);
|
|
98
|
+
}
|
|
99
|
+
function emit(report) { console.log(JSON.stringify(report, null, 2)); if (!report.ok)
|
|
100
|
+
process.exitCode = 1; }
|
|
101
|
+
function fail(blocker, detail) { emit({ schema: 'sks.mad-sks-zellij-launch-check.v1', ok: false, blockers: [blocker], detail }); process.exit(1); }
|
|
102
|
+
//# sourceMappingURL=mad-sks-zellij-launch-check.js.map
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import fs from 'node:fs/promises';
|
|
3
|
+
import path from 'node:path';
|
|
4
|
+
import { assertGate, emitGate, makeTempRoot, writeText } from './sks-3-1-8-check-lib.js';
|
|
5
|
+
import { writeManagedEnvConfig, writeManagedJsonConfig, writeManagedTomlConfig } from '../core/config/managed-config-merge.js';
|
|
6
|
+
const root = await makeTempRoot('sks-managed-merge-');
|
|
7
|
+
const envFile = path.join(root, '.env.local');
|
|
8
|
+
await writeText(envFile, 'NEXT_PUBLIC_SUPABASE_ANON_KEY=keep-me\n');
|
|
9
|
+
await writeManagedEnvConfig(envFile, await fs.readFile(envFile, 'utf8'), ['SKS_MANAGED=1', 'NEXT_PUBLIC_SUPABASE_ANON_KEY=replace-me']);
|
|
10
|
+
const envText = await fs.readFile(envFile, 'utf8');
|
|
11
|
+
const tomlFile = path.join(root, '.codex', 'config.toml');
|
|
12
|
+
const toml = await writeManagedTomlConfig(tomlFile, '[mcp.supabase]\n# keep this comment\ntoken = "keep-token"\nunknown = "keep-unknown"\n', ['[mcp.supabase]\nurl = "https://example.supabase.co"']);
|
|
13
|
+
const tomlAgain = await writeManagedTomlConfig(tomlFile, await fs.readFile(tomlFile, 'utf8'), ['[mcp.supabase]\nurl = "https://example.supabase.co"']);
|
|
14
|
+
const jsonFile = path.join(root, '.sneakoscope', 'config.json');
|
|
15
|
+
const json = await writeManagedJsonConfig(jsonFile, { supabase: { anon_key: 'keep-json', service_role_key: 'keep-service' }, mcp: { supabase: { token: 'keep-token-json' } } }, { supabase: { anon_key: 'replace-json', service_role_key: 'replace-service', url: 'x' }, mcp: { supabase: { token: 'replace-token-json', url: 'y' } } });
|
|
16
|
+
const jsonText = await fs.readFile(jsonFile, 'utf8');
|
|
17
|
+
const tomlText = await fs.readFile(tomlFile, 'utf8');
|
|
18
|
+
assertGate(envText.includes('keep-me') && !envText.includes('replace-me'), 'env merge must preserve protected secret line', envText);
|
|
19
|
+
assertGate(tomlText.includes('# keep this comment') && tomlText.includes('unknown = "keep-unknown"') && tomlText.includes('token = "keep-token"'), 'toml merge must preserve comments, unknown keys, and secret-bearing lines', tomlText);
|
|
20
|
+
assertGate(jsonText.includes('keep-json') && jsonText.includes('keep-service') && jsonText.includes('keep-token-json') && !jsonText.includes('replace-json') && !jsonText.includes('replace-service') && !jsonText.includes('replace-token-json'), 'json merge must preserve nested protected secret values', jsonText);
|
|
21
|
+
assertGate(toml.preserved_secret_lines_sha256.length > 0 && tomlAgain.changed === false, 'toml merge must report secret line hashes and be idempotent', { toml, tomlAgain });
|
|
22
|
+
assertGate(toml.ok && json.ok, 'managed config merge results must be ok', { toml, json });
|
|
23
|
+
emitGate('config:managed-merge');
|
|
24
|
+
//# sourceMappingURL=managed-config-merge-check.js.map
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
|
|
6
|
+
const mod = await importDist('core/mcp/mcp-0-134-policy.js');
|
|
7
|
+
const policy = mod.detectMcp0134PolicyFromConfig([
|
|
8
|
+
{
|
|
9
|
+
path: 'fixture.json',
|
|
10
|
+
text: JSON.stringify({
|
|
11
|
+
mcp_servers: {
|
|
12
|
+
docs: {
|
|
13
|
+
transport: 'streamable_http',
|
|
14
|
+
env: { DOCS_TOKEN: 'x' },
|
|
15
|
+
oauth: { client_id: 'fixture' }
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
})
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
path: 'fixture.toml',
|
|
22
|
+
text: '[mcp_servers.docs_toml]\ntransport = "streamable_http"\n[mcp_servers.docs_toml.env]\nDOCS_TOKEN = "x"\n[mcp_servers.docs_toml.oauth]\nclient_id = "fixture"\n'
|
|
23
|
+
}
|
|
24
|
+
]);
|
|
25
|
+
const readOnly = mod.classifyMcpToolForConcurrency({ name: 'docs_search', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
26
|
+
const destructive = mod.classifyMcpToolForConcurrency({ name: 'docs_delete', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
27
|
+
const camelCaseDestructive = mod.classifyMcpToolForConcurrency({ name: 'writeFile', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
28
|
+
const namespacedDestructive = mod.classifyMcpToolForConcurrency({ name: 'filesystem.writeFile', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
29
|
+
const compacted = mod.compactMcpToolSchema({ type: 'object', properties: { item: { $ref: '#/$defs/Item' } }, $defs: { Item: { type: 'string' } }, description: 'x'.repeat(10000) }, 512);
|
|
30
|
+
const compactedDefinitions = mod.compactMcpToolSchema({ type: 'object', properties: { item: { $ref: '#/definitions/Item' } }, definitions: { Item: { type: 'string' } }, description: 'x'.repeat(10000) }, 512);
|
|
31
|
+
const report = {
|
|
32
|
+
schema: 'sks.mcp-0.134-modernization-check.v1',
|
|
33
|
+
ok: true,
|
|
34
|
+
policy,
|
|
35
|
+
readOnly,
|
|
36
|
+
destructive,
|
|
37
|
+
camelCaseDestructive,
|
|
38
|
+
namespacedDestructive,
|
|
39
|
+
compacted,
|
|
40
|
+
compactedDefinitions
|
|
41
|
+
};
|
|
42
|
+
assertGate(policy.per_server_environment_supported === true, 'MCP 0.134 policy must detect per-server env targeting', report);
|
|
43
|
+
assertGate(policy.streamable_http_oauth_supported === true, 'MCP 0.134 policy must detect streamable HTTP OAuth', report);
|
|
44
|
+
assertGate(policy.servers.some((server) => server.name === 'docs_toml' && server.environment_keys.includes('DOCS_TOKEN')), 'MCP 0.134 policy must detect nested TOML per-server env tables', report);
|
|
45
|
+
assertGate(readOnly.concurrency === 'candidate_parallel_readonly', 'readOnlyHint safe tool should be candidate parallel readonly', report);
|
|
46
|
+
assertGate(destructive.concurrency === 'serial_required', 'destructive readOnlyHint tool must remain serial', report);
|
|
47
|
+
assertGate(camelCaseDestructive.concurrency === 'serial_required', 'camelCase destructive readOnlyHint tool must remain serial', report);
|
|
48
|
+
assertGate(namespacedDestructive.concurrency === 'serial_required', 'namespaced destructive readOnlyHint tool must remain serial', report);
|
|
49
|
+
assertGate(compacted.preserved_ref_defs === true, 'schema compaction must preserve $ref/$defs evidence', report);
|
|
50
|
+
assertGate(compactedDefinitions.schema.definitions?.Item?.type === 'string', 'schema compaction must preserve definitions refs without moving them to $defs', report);
|
|
51
|
+
const out = path.join(root, '.sneakoscope', 'reports', 'mcp-0-134-modernization.json');
|
|
52
|
+
fs.mkdirSync(path.dirname(out), { recursive: true });
|
|
53
|
+
fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
|
|
54
|
+
emitGate('mcp:0.134-modernization', { servers: policy.servers.length });
|
|
55
|
+
//# sourceMappingURL=mcp-0-134-modernization-check.js.map
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
|
|
4
|
+
process.env.SKS_CODEX_0138_FAKE = '1';
|
|
5
|
+
process.env.SKS_CODEX_PLUGIN_JSON_FAKE = '1';
|
|
6
|
+
const pluginMod = await importDist('core/codex-plugins/codex-plugin-json.js');
|
|
7
|
+
const mcpMod = await importDist('core/mcp/mcp-plugin-inventory.js');
|
|
8
|
+
const inventory = await pluginMod.buildCodexPluginInventory();
|
|
9
|
+
const candidates = mcpMod.buildMcpPluginServerCandidates(inventory);
|
|
10
|
+
assertGate(candidates.candidate_only === true && candidates.candidates.every((candidate) => candidate.auto_enable === false && candidate.destructive_tools_auto_enabled === false), 'remote MCP plugin inventory must be candidate-only and non-destructive by default', candidates);
|
|
11
|
+
emitGate('mcp:plugin-inventory', { candidates: candidates.candidates.length });
|
|
12
|
+
//# sourceMappingURL=mcp-plugin-inventory-check.js.map
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
|
|
6
|
+
const mod = await importDist('core/mcp/mcp-0-134-policy.js');
|
|
7
|
+
const readOnly = mod.classifyMcpToolForConcurrency({ name: 'search_docs', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
8
|
+
const destructive = mod.classifyMcpToolForConcurrency({ name: 'delete_docs', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
|
|
9
|
+
const report = { schema: 'sks.mcp-readonly-concurrency-check.v1', ok: readOnly.concurrency === 'candidate_parallel_readonly' && destructive.concurrency === 'serial_required', readOnly, destructive };
|
|
10
|
+
const out = path.join(root, '.sneakoscope', 'reports', 'mcp-readonly-concurrency.json');
|
|
11
|
+
fs.mkdirSync(path.dirname(out), { recursive: true });
|
|
12
|
+
fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
|
|
13
|
+
assertGate(readOnly.concurrency === 'candidate_parallel_readonly', 'readOnlyHint non-destructive tools may be parallel candidates', report);
|
|
14
|
+
assertGate(destructive.concurrency === 'serial_required', 'destructive tools remain serial even with readOnlyHint', report);
|
|
15
|
+
assertGate(readOnly.advisory_only === true, 'readOnlyHint must remain advisory only', report);
|
|
16
|
+
emitGate('mcp:readonly-concurrency', { read_only: readOnly.concurrency, destructive: destructive.concurrency });
|
|
17
|
+
//# sourceMappingURL=mcp-readonly-concurrency-check.js.map
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
|
|
6
|
+
const mod = await importDist('core/mcp/mcp-0-134-policy.js');
|
|
7
|
+
const proof = await mod.proveMcpReadOnlyRuntimeScheduler();
|
|
8
|
+
const report = { schema: 'sks.mcp-readonly-runtime-scheduler-check.v1', ok: proof.ok, proof };
|
|
9
|
+
const out = path.join(root, '.sneakoscope', 'reports', 'mcp-readonly-runtime-scheduler.json');
|
|
10
|
+
fs.mkdirSync(path.dirname(out), { recursive: true });
|
|
11
|
+
fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
|
|
12
|
+
assertGate(proof.read_only_parallel === true, 'readOnlyHint fixtures must overlap at runtime', report);
|
|
13
|
+
assertGate(proof.write_serial === true, 'write-capable MCP fixtures must be serialized', report);
|
|
14
|
+
assertGate(proof.destructive_false_positive_blocked === true, 'destructive readOnlyHint false positive must be blocked', report);
|
|
15
|
+
assertGate(proof.tools.every((row) => Number.isFinite(row.started_at_ms) && Number.isFinite(row.ended_at_ms)), 'MCP scheduler proof must include timestamps', report);
|
|
16
|
+
assertGate(proof.ok === true, 'MCP runtime scheduler proof must be blocker-free', report);
|
|
17
|
+
assertGate(proof.overlap_evidence.length >= 1, 'MCP scheduler proof must include actual overlap evidence rows', report);
|
|
18
|
+
assertGate(proof.tools.filter((row) => row.scheduled_mode === 'parallel_readonly_batch').length >= 3, 'MCP scheduler proof must use at least three read-only tools', report);
|
|
19
|
+
emitGate('mcp:readonly-runtime-scheduler', { overlaps: proof.overlap_evidence.length });
|
|
20
|
+
//# sourceMappingURL=mcp-readonly-runtime-scheduler-check.js.map
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import path from 'node:path';
|
|
4
|
+
import { pathToFileURL } from 'node:url';
|
|
5
|
+
import { ensureDistFresh, root } from './lib/ensure-dist-fresh.js';
|
|
6
|
+
const freshness = ensureDistFresh({ rebuild: true });
|
|
7
|
+
if (!freshness.ok)
|
|
8
|
+
fail('dist_not_fresh', { freshness });
|
|
9
|
+
const mod = await import(pathToFileURL(path.join(root, 'dist', 'core', 'mcp', 'mcp-tool-name-normalizer.js')).href);
|
|
10
|
+
const report = mod.normalizeMcpToolInventory([{ server: 'github', name: 'search issues' }, { server: 'github', name: 'search_issues' }]);
|
|
11
|
+
const ok = report.ok && report.collision_count === 1 && report.normalized.every((row) => row.normalized_name.includes('github'));
|
|
12
|
+
emit({ schema: 'sks.mcp-tool-naming-parity-check.v1', ok, report });
|
|
13
|
+
function emit(report) { console.log(JSON.stringify(report, null, 2)); if (!report.ok)
|
|
14
|
+
process.exitCode = 1; }
|
|
15
|
+
function fail(blocker, detail) { emit({ schema: 'sks.mcp-tool-naming-parity-check.v1', ok: false, blockers: [blocker], detail }); process.exit(1); }
|
|
16
|
+
//# sourceMappingURL=mcp-tool-naming-parity-check.js.map
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import assert from 'node:assert/strict';
|
|
4
|
+
import fs from 'node:fs/promises';
|
|
5
|
+
import { spawnSync } from 'node:child_process';
|
|
6
|
+
import path from 'node:path';
|
|
7
|
+
const root = process.cwd();
|
|
8
|
+
const wiki = spawnSync(process.execPath, [path.join(root, 'dist/bin/sks.js'), 'wiki', 'rebuild-summary', '--json'], {
|
|
9
|
+
cwd: root,
|
|
10
|
+
encoding: 'utf8',
|
|
11
|
+
env: { ...process.env, SKS_SKIP_NPM_FRESHNESS_CHECK: '1', CI: 'true' },
|
|
12
|
+
timeout: 60_000
|
|
13
|
+
});
|
|
14
|
+
assert.equal(wiki.status, 0, wiki.stderr || wiki.stdout);
|
|
15
|
+
const summary = JSON.parse(wiki.stdout);
|
|
16
|
+
assert.equal(summary.schema, 'sks.memory-summary.v2');
|
|
17
|
+
assert.equal(summary.summaries.triwiki.schema_version, 2);
|
|
18
|
+
assert.equal(summary.summaries.wrongness.schema_version, 2);
|
|
19
|
+
await fs.rm(path.join(root, '.sneakoscope/wiki/memory-summary.json'), { force: true });
|
|
20
|
+
await fs.rm(path.join(root, '.sneakoscope/wiki/memory-summary.md'), { force: true });
|
|
21
|
+
console.log(JSON.stringify({ schema: 'sks.memory-summary-rebuild-check.v1', ok: true, summary: summary.summaries }, null, 2));
|
|
22
|
+
//# sourceMappingURL=memory-summary-rebuild-check.js.map
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs/promises';
|
|
4
|
+
import os from 'node:os';
|
|
5
|
+
import path from 'node:path';
|
|
6
|
+
import { withModelCallSlot } from '../core/codex-control/model-call-concurrency.js';
|
|
7
|
+
import { writeParallelRuntimeProof } from '../core/agents/parallel-runtime-proof.js';
|
|
8
|
+
import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
|
|
9
|
+
const missionId = 'M-model-call-concurrency';
|
|
10
|
+
const ledgerRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'sks-model-call-'));
|
|
11
|
+
await Promise.all(Array.from({ length: 8 }, (_, i) => withModelCallSlot({ root: ledgerRoot, missionId, provider: 'codex-sdk', budget: 3, slotId: `slot-${i}`, generationIndex: 1, sessionId: `s-${i}`, backend: 'codex-sdk' }, () => new Promise((resolve) => setTimeout(resolve, 80)))));
|
|
12
|
+
const proof = await writeParallelRuntimeProof(ledgerRoot, missionId, { requestedWorkers: 1, targetActiveSlots: 1, minActiveWorkers: 0, minSpeedupRatio: 0 });
|
|
13
|
+
assertGate(proof.max_observed_model_calls <= 3 && proof.unique_model_call_ids === 8, 'model-call semaphore did not enforce/record concurrency', proof);
|
|
14
|
+
emitGate('model-call:concurrency', proof);
|
|
15
|
+
//# sourceMappingURL=model-call-concurrency-check.js.map
|
|
@@ -0,0 +1,180 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
// Repo-wide risky mutation callsite gate. Every raw mutation must be either a
|
|
4
|
+
// guarded call or an external allowlist entry with a concrete function/symbol and
|
|
5
|
+
// reason. The allowlist is intentionally data, not code, so unused/stale entries
|
|
6
|
+
// fail the release gate.
|
|
7
|
+
import fs from 'node:fs';
|
|
8
|
+
import path from 'node:path';
|
|
9
|
+
import { assertGate, emitGate, root } from './sks-1-18-gate-lib.js';
|
|
10
|
+
const allowlistPath = path.join(root, 'safety-mutation-allowlist.json');
|
|
11
|
+
const allowlist = readAllowlist();
|
|
12
|
+
const allowlistHits = new Set();
|
|
13
|
+
const scanFiles = listScanFiles();
|
|
14
|
+
const covered = [];
|
|
15
|
+
const allowlisted = [];
|
|
16
|
+
const uncovered = [];
|
|
17
|
+
const GUARD_CALL = /\bguarded(WriteFile|Rm|Rename|Chmod|Xattr|Chflags|GlobalCodexConfigWrite|ProcessKill|PackageInstall|SkillSnapshotPromotion|Apply)\(/;
|
|
18
|
+
const RISKY = [
|
|
19
|
+
{ kind: 'write_file', token: 'fs.writeFile', re: /\bfs\.writeFile\(/ },
|
|
20
|
+
{ kind: 'write_file', token: 'fs.promises.writeFile', re: /\bfs\.promises\.writeFile\(/ },
|
|
21
|
+
{ kind: 'write_file', token: 'fsp.writeFile', re: /\bfsp\.writeFile\(/ },
|
|
22
|
+
{ kind: 'write_file', token: 'writeFileSync', re: /\b(?:fs\.)?writeFileSync\(/ },
|
|
23
|
+
{ kind: 'rm', token: 'fs.rm', re: /\bfs\.rm\(/ },
|
|
24
|
+
{ kind: 'rm', token: 'fsp.rm', re: /\bfsp\.rm\(/ },
|
|
25
|
+
{ kind: 'rm', token: 'rmSync', re: /\b(?:fs\.)?rmSync\(/ },
|
|
26
|
+
{ kind: 'unlink', token: 'unlink', re: /\b(?:fs\.|fsp\.)?unlink\(/ },
|
|
27
|
+
{ kind: 'unlink', token: 'unlinkSync', re: /\b(?:fs\.)?unlinkSync\(/ },
|
|
28
|
+
{ kind: 'rename', token: 'rename', re: /\b(?:fs\.|fsp\.)?rename\(/ },
|
|
29
|
+
{ kind: 'rename', token: 'renameSync', re: /\b(?:fs\.)?renameSync\(/ },
|
|
30
|
+
{ kind: 'chmod', token: 'chmod', re: /\b(?:fs\.|fsp\.)?chmod\(/ },
|
|
31
|
+
{ kind: 'chmod', token: 'chmodSync', re: /\b(?:fs\.)?chmodSync\(/ },
|
|
32
|
+
{ kind: 'process_kill', token: 'process.kill', re: /\bprocess\.kill\(/ },
|
|
33
|
+
{ kind: 'package_install', token: 'runProcess(npm/brew)', re: /runProcess\(\s*(?:npmBin|['"](?:npm|brew)['"])/ },
|
|
34
|
+
{ kind: 'package_install', token: 'spawn(npm install)', re: /\bspawn(?:Sync)?\(\s*['"]npm['"][\s\S]{0,80}(?:install|i)\b/ },
|
|
35
|
+
{ kind: 'xattr', token: 'xattr', re: /runProcess\(\s*['"]xattr['"]/ },
|
|
36
|
+
{ kind: 'chflags', token: 'chflags', re: /runProcess\(\s*['"]chflags['"]/ },
|
|
37
|
+
{ kind: 'codex_home_write', token: 'codex config write', re: /(?:~\/\.codex|CODEX_HOME|auth\.json|config\.toml)/ }
|
|
38
|
+
];
|
|
39
|
+
for (const rel of scanFiles) {
|
|
40
|
+
const text = fs.readFileSync(path.join(root, rel), 'utf8');
|
|
41
|
+
const lines = text.split('\n');
|
|
42
|
+
let currentSymbol = 'module';
|
|
43
|
+
for (let i = 0; i < lines.length; i += 1) {
|
|
44
|
+
const line = lines[i];
|
|
45
|
+
currentSymbol = symbolFromLine(line) || currentSymbol;
|
|
46
|
+
if (isIgnoredLine(line))
|
|
47
|
+
continue;
|
|
48
|
+
if (GUARD_CALL.test(line)) {
|
|
49
|
+
covered.push({ file: rel, line: i + 1, symbol: currentSymbol, kind: 'guarded_call', snippet: snippet(line) });
|
|
50
|
+
}
|
|
51
|
+
for (const risky of RISKY) {
|
|
52
|
+
if (!risky.re.test(line))
|
|
53
|
+
continue;
|
|
54
|
+
if (risky.kind === 'package_install' && !packageMutationOnLine(line))
|
|
55
|
+
continue;
|
|
56
|
+
if (risky.kind === 'codex_home_write' && !codexHomeMutationOnLine(line))
|
|
57
|
+
continue;
|
|
58
|
+
if (risky.kind === 'process_kill' && processKillIsLivenessProbe(line))
|
|
59
|
+
continue;
|
|
60
|
+
const entry = { file: rel, line: i + 1, symbol: currentSymbol, kind: risky.kind, token: risky.token, snippet: snippet(line) };
|
|
61
|
+
const allow = findAllow(entry);
|
|
62
|
+
if (allow) {
|
|
63
|
+
allowlistHits.add(allow.id);
|
|
64
|
+
allowlisted.push({ ...entry, reason: allow.reason });
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
uncovered.push(entry);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
const unused_allowlist = allowlist.filter((entry) => !allowlistHits.has(entry.id)).map(({ id, file, symbol, token, reason }) => ({ id, file, symbol, token, reason }));
|
|
73
|
+
const blanket_allowlist = allowlist.filter((entry) => !entry.symbol || entry.symbol === '*' || !entry.token || entry.token === '*');
|
|
74
|
+
const ok = uncovered.length === 0 && unused_allowlist.length === 0 && blanket_allowlist.length === 0;
|
|
75
|
+
const report = {
|
|
76
|
+
schema: 'sks.mutation-callsite-coverage.v2',
|
|
77
|
+
ok,
|
|
78
|
+
repo_wide: true,
|
|
79
|
+
allowlist_path: 'safety-mutation-allowlist.json',
|
|
80
|
+
scanned_file_count: scanFiles.length,
|
|
81
|
+
covered,
|
|
82
|
+
allowlisted,
|
|
83
|
+
uncovered,
|
|
84
|
+
unused_allowlist,
|
|
85
|
+
blanket_allowlist
|
|
86
|
+
};
|
|
87
|
+
const reportDir = path.join(root, '.sneakoscope', 'reports');
|
|
88
|
+
fs.mkdirSync(reportDir, { recursive: true });
|
|
89
|
+
fs.writeFileSync(path.join(reportDir, 'mutation-callsite-coverage.json'), `${JSON.stringify(report, null, 2)}\n`);
|
|
90
|
+
assertGate(ok, 'repo-wide risky mutation call sites must be guarded or allowlisted-with-reason', {
|
|
91
|
+
scanned_file_count: scanFiles.length,
|
|
92
|
+
uncovered,
|
|
93
|
+
unused_allowlist,
|
|
94
|
+
blanket_allowlist
|
|
95
|
+
});
|
|
96
|
+
emitGate('safety:mutation-callsite-coverage', {
|
|
97
|
+
scanned_file_count: scanFiles.length,
|
|
98
|
+
covered: covered.length,
|
|
99
|
+
allowlisted: allowlisted.length,
|
|
100
|
+
uncovered: uncovered.length
|
|
101
|
+
});
|
|
102
|
+
function readAllowlist() {
|
|
103
|
+
const raw = JSON.parse(fs.readFileSync(allowlistPath, 'utf8'));
|
|
104
|
+
assertGate(raw.schema === 'sks.safety-mutation-allowlist.v1', 'mutation allowlist schema mismatch', raw);
|
|
105
|
+
assertGate(Array.isArray(raw.entries), 'mutation allowlist entries must be an array', raw);
|
|
106
|
+
return raw.entries.map((entry, index) => {
|
|
107
|
+
for (const key of ['file', 'symbol', 'token', 'reason']) {
|
|
108
|
+
assertGate(typeof entry[key] === 'string' && entry[key].trim().length > 0, `allowlist entry missing ${key}`, { index, entry });
|
|
109
|
+
}
|
|
110
|
+
assertGate(entry.reason.length >= 12, 'allowlist reason must be concrete', { index, entry });
|
|
111
|
+
return { ...entry, id: `${entry.file}:${entry.symbol}:${entry.token}:${index}` };
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
function listScanFiles() {
|
|
115
|
+
const files = [];
|
|
116
|
+
walk(path.join(root, 'src'), (file) => {
|
|
117
|
+
const relative = rel(file);
|
|
118
|
+
if (relative.startsWith('src/scripts/'))
|
|
119
|
+
return;
|
|
120
|
+
if (file.endsWith('.ts'))
|
|
121
|
+
files.push(relative);
|
|
122
|
+
});
|
|
123
|
+
walk(path.join(root, 'src', 'scripts'), (file) => {
|
|
124
|
+
if (!file.endsWith('.ts'))
|
|
125
|
+
return;
|
|
126
|
+
const base = path.basename(file);
|
|
127
|
+
if (/(install|publish|release|doctor|codex|zellij|migration)/i.test(base))
|
|
128
|
+
files.push(rel(file));
|
|
129
|
+
});
|
|
130
|
+
return files.sort();
|
|
131
|
+
}
|
|
132
|
+
function walk(dir, visit) {
|
|
133
|
+
let entries = [];
|
|
134
|
+
try {
|
|
135
|
+
entries = fs.readdirSync(dir, { withFileTypes: true });
|
|
136
|
+
}
|
|
137
|
+
catch {
|
|
138
|
+
return;
|
|
139
|
+
}
|
|
140
|
+
for (const entry of entries) {
|
|
141
|
+
const file = path.join(dir, entry.name);
|
|
142
|
+
if (entry.isDirectory()) {
|
|
143
|
+
if (!['node_modules', 'dist', 'target'].includes(entry.name))
|
|
144
|
+
walk(file, visit);
|
|
145
|
+
}
|
|
146
|
+
else if (entry.isFile()) {
|
|
147
|
+
visit(file);
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
function findAllow(entry) {
|
|
152
|
+
return allowlist.find((allow) => entry.file === allow.file && entry.symbol === allow.symbol && entry.token === allow.token);
|
|
153
|
+
}
|
|
154
|
+
function symbolFromLine(line) {
|
|
155
|
+
const match = line.match(/(?:export\s+)?(?:async\s+)?function\s+([A-Za-z0-9_$]+)/)
|
|
156
|
+
|| line.match(/(?:const|let|var)\s+([A-Za-z0-9_$]+)\s*=\s*(?:async\s*)?\(/)
|
|
157
|
+
|| line.match(/class\s+([A-Za-z0-9_$]+)/);
|
|
158
|
+
return match?.[1] || null;
|
|
159
|
+
}
|
|
160
|
+
function isIgnoredLine(line) {
|
|
161
|
+
const trimmed = line.trim();
|
|
162
|
+
return !trimmed || trimmed.startsWith('//') || trimmed.startsWith('*') || trimmed.startsWith('/*');
|
|
163
|
+
}
|
|
164
|
+
function packageMutationOnLine(line) {
|
|
165
|
+
return /\b(?:install|i|add|uninstall|remove|publish)\b/.test(line);
|
|
166
|
+
}
|
|
167
|
+
function processKillIsLivenessProbe(line) {
|
|
168
|
+
return /\bprocess\.kill\([^,\n]+,\s*0\s*\)/.test(line);
|
|
169
|
+
}
|
|
170
|
+
function codexHomeMutationOnLine(line) {
|
|
171
|
+
return /\b(?:writeTextAtomic|writeJsonAtomic|writeFileSync|fs\.writeFile|fs\.promises\.writeFile|fsp\.writeFile|fs\.rm|fsp\.rm|fs\.rename|fsp\.rename|fs\.chmod|fsp\.chmod|copyFile|open)\b/.test(line)
|
|
172
|
+
&& /(?:~\/\.codex|CODEX_HOME|codexHome|codexLbHome|auth\.json|config\.toml)/.test(line);
|
|
173
|
+
}
|
|
174
|
+
function snippet(line) {
|
|
175
|
+
return line.trim().slice(0, 160);
|
|
176
|
+
}
|
|
177
|
+
function rel(file) {
|
|
178
|
+
return path.relative(root, file).split(path.sep).join('/');
|
|
179
|
+
}
|
|
180
|
+
//# sourceMappingURL=mutation-callsite-coverage-check.js.map
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
|
|
4
|
+
const workGraph = await importDist('core/naruto/naruto-work-graph.js');
|
|
5
|
+
const governorMod = await importDist('core/naruto/naruto-concurrency-governor.js');
|
|
6
|
+
const activePool = await importDist('core/naruto/naruto-active-pool.js');
|
|
7
|
+
const graph = workGraph.buildNarutoWorkGraph({ requestedClones: 20, totalWorkItems: 20, writeCapable: true, maxActiveWorkers: 5 });
|
|
8
|
+
const governor = governorMod.decideNarutoConcurrency({
|
|
9
|
+
requestedClones: 20,
|
|
10
|
+
totalWorkItems: 20,
|
|
11
|
+
pendingWorkQueueSize: 20,
|
|
12
|
+
backend: 'fake',
|
|
13
|
+
hardware: { remoteApiRateLimitBudget: 5, fileDescriptorLimit: 4096, freeMemoryBytes: 8 * 1024 * 1024 * 1024, totalMemoryBytes: 16 * 1024 * 1024 * 1024 }
|
|
14
|
+
});
|
|
15
|
+
const report = activePool.simulateNarutoActivePool({ graph, governor: { ...governor, safe_active_workers: 5 } });
|
|
16
|
+
assertGate(report.ok === true, 'active pool must drain cleanly', report);
|
|
17
|
+
assertGate(report.max_observed_active_workers <= 5, 'active pool must never exceed safe cap', report);
|
|
18
|
+
assertGate(report.max_observed_write_lease_conflicts === 0, 'active pool must never run overlapping write leases concurrently', report);
|
|
19
|
+
assertGate(report.completed_count >= graph.total_work_items, 'active pool must complete all base work items', report);
|
|
20
|
+
assertGate(report.refill_events >= 5, 'active pool must refill slots as work drains', report);
|
|
21
|
+
assertGate(report.duplicate_execution_count === 0, 'active pool must not duplicate work without retry', report);
|
|
22
|
+
const sameLeaseGraph = workGraph.buildNarutoWorkGraph({
|
|
23
|
+
requestedClones: 10,
|
|
24
|
+
totalWorkItems: 10,
|
|
25
|
+
writeCapable: true,
|
|
26
|
+
targetPaths: ['src/shared-fixture.ts'],
|
|
27
|
+
maxActiveWorkers: 5
|
|
28
|
+
});
|
|
29
|
+
const sameLeaseReport = activePool.simulateNarutoActivePool({ graph: sameLeaseGraph, governor: { ...governor, safe_active_workers: 5 } });
|
|
30
|
+
assertGate(sameLeaseReport.ok === true, 'same-file work graph must drain without overlapping write leases', sameLeaseReport);
|
|
31
|
+
assertGate(sameLeaseReport.max_observed_write_lease_conflicts === 0, 'same-file write items must be serialized or interleaved with read-only work only', sameLeaseReport);
|
|
32
|
+
emitGate('naruto:active-pool', {
|
|
33
|
+
safe_active_workers: report.safe_active_workers,
|
|
34
|
+
completed_count: report.completed_count,
|
|
35
|
+
refill_events: report.refill_events,
|
|
36
|
+
max_observed_active_workers: report.max_observed_active_workers,
|
|
37
|
+
same_lease_max_write_conflicts: sameLeaseReport.max_observed_write_lease_conflicts
|
|
38
|
+
});
|
|
39
|
+
//# sourceMappingURL=naruto-active-pool-check.js.map
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
// @ts-nocheck
|
|
3
|
+
import fs from 'node:fs';
|
|
4
|
+
import os from 'node:os';
|
|
5
|
+
import path from 'node:path';
|
|
6
|
+
import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
|
|
7
|
+
import { buildNarutoWorkGraph } from '../core/naruto/naruto-work-graph.js';
|
|
8
|
+
import { collectActualNarutoWorker, spawnActualNarutoWorker } from '../core/naruto/naruto-real-worker-runtime.js';
|
|
9
|
+
import { narutoCommand } from '../core/commands/naruto-command.js';
|
|
10
|
+
process.env.SKS_CODEX_SDK_FAKE = '1';
|
|
11
|
+
const root = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-naruto-actual-worker-'));
|
|
12
|
+
const graph = buildNarutoWorkGraph({ requestedClones: 1, totalWorkItems: 1, readonly: true, writeCapable: false });
|
|
13
|
+
const item = graph.work_items[0];
|
|
14
|
+
const handle = await spawnActualNarutoWorker({
|
|
15
|
+
root,
|
|
16
|
+
missionId: `M-naruto-actual-worker-${process.pid}`,
|
|
17
|
+
item,
|
|
18
|
+
placement: { placement: 'headless', visible_index: null, reason: 'check' },
|
|
19
|
+
backend: 'fake',
|
|
20
|
+
visiblePaneCap: 0
|
|
21
|
+
});
|
|
22
|
+
const collected = await collectActualNarutoWorker(handle);
|
|
23
|
+
const result = JSON.parse(fs.readFileSync(path.join(handle.worker_artifact_dir, 'worker-result.json'), 'utf8'));
|
|
24
|
+
const fullRoute = await narutoCommand([
|
|
25
|
+
'run',
|
|
26
|
+
'Naruto actual worker full command control plane check',
|
|
27
|
+
'--json',
|
|
28
|
+
'--backend',
|
|
29
|
+
'fake',
|
|
30
|
+
'--backend-explicit',
|
|
31
|
+
'--clones',
|
|
32
|
+
'2',
|
|
33
|
+
'--work-items',
|
|
34
|
+
'2',
|
|
35
|
+
'--readonly',
|
|
36
|
+
'--no-open-zellij',
|
|
37
|
+
'--smoke'
|
|
38
|
+
]);
|
|
39
|
+
const missionRoot = path.join(process.cwd(), '.sneakoscope', 'missions', fullRoute.mission_id || '', 'agents', 'naruto-real-workers');
|
|
40
|
+
const fullWorkerResults = fs.existsSync(missionRoot)
|
|
41
|
+
? fs.readdirSync(missionRoot).map((name) => {
|
|
42
|
+
const file = path.join(missionRoot, name, 'worker-result.json');
|
|
43
|
+
return fs.existsSync(file) ? JSON.parse(fs.readFileSync(file, 'utf8')) : null;
|
|
44
|
+
}).filter(Boolean)
|
|
45
|
+
: [];
|
|
46
|
+
const ok = collected.ok === true
|
|
47
|
+
&& result.ok === true
|
|
48
|
+
&& result.control_plane_result?.worker_result_path
|
|
49
|
+
&& result.control_plane_result?.structured_output_valid === true
|
|
50
|
+
&& fullRoute.active_pool?.real_runtime?.runtime_source_of_truth === 'pre_run_smoke_only'
|
|
51
|
+
&& fullRoute.runtime_source_of_truth === 'agent-orchestrator-scheduler'
|
|
52
|
+
&& fullWorkerResults.length >= 1
|
|
53
|
+
&& fullWorkerResults.every((row) => row.control_plane_result?.structured_output_valid === true);
|
|
54
|
+
assertGate(ok, 'Naruto actual worker must call Codex Control Plane directly and through the explicit full-route smoke path', { collected, result, fullRoute, fullWorkerResults });
|
|
55
|
+
emitGate('naruto:actual-worker-control-plane', { collected, result, full_route_mission_id: fullRoute.mission_id, full_worker_result_count: fullWorkerResults.length });
|
|
56
|
+
//# sourceMappingURL=naruto-actual-worker-control-plane-check.js.map
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
|
|
3
|
+
import { allocateNarutoTasksToWorkers, chooseNarutoTaskOwner } from '../core/naruto/naruto-allocation-policy.js';
|
|
4
|
+
const base = {
|
|
5
|
+
kind: 'implementation',
|
|
6
|
+
title: 'impl',
|
|
7
|
+
target_paths: ['src/core/naruto/runtime.ts'],
|
|
8
|
+
readonly_paths: [],
|
|
9
|
+
write_paths: ['src/core/naruto/runtime.ts'],
|
|
10
|
+
required_role: 'implementer',
|
|
11
|
+
write_allowed: true,
|
|
12
|
+
verification_required: true,
|
|
13
|
+
dependencies: [],
|
|
14
|
+
can_run_in_parallel_with: [],
|
|
15
|
+
conflicts_with: [],
|
|
16
|
+
estimated_cost: { tokens: 1, latency_ms: 1, cpu_weight: 1, memory_mb: 1, gpu_weight: 0 },
|
|
17
|
+
lease_requirements: [{ path: 'src/core/naruto/runtime.ts', kind: 'write' }],
|
|
18
|
+
acceptance: { requires_patch_envelope: true, requires_verification: true, requires_gpt_final: true }
|
|
19
|
+
};
|
|
20
|
+
const workers = [
|
|
21
|
+
{ id: 'w1', role: 'implementer', lane: 'src/core' },
|
|
22
|
+
{ id: 'w2', role: 'verifier', lane: 'src/scripts' }
|
|
23
|
+
];
|
|
24
|
+
const decision = chooseNarutoTaskOwner({ ...base, id: 'T1' }, workers);
|
|
25
|
+
const blocked = chooseNarutoTaskOwner({ ...base, id: 'T2', dependencies: ['T0'] }, workers);
|
|
26
|
+
const assignments = allocateNarutoTasksToWorkers([{ ...base, id: 'T1' }, { ...base, id: 'T2', required_role: 'verifier' }], workers);
|
|
27
|
+
const ok = decision.owner === 'w1'
|
|
28
|
+
&& decision.score >= 24
|
|
29
|
+
&& blocked.score === Number.NEGATIVE_INFINITY
|
|
30
|
+
&& assignments.length === 2;
|
|
31
|
+
assertGate(ok, 'Naruto allocation policy must score role/lane overlap and block incomplete dependencies with -Infinity', { decision, blocked, assignments });
|
|
32
|
+
emitGate('naruto:allocation-policy', { decision, blocked, assignments });
|
|
33
|
+
//# sourceMappingURL=naruto-allocation-policy-check.js.map
|