solidity-argus 0.3.7 → 0.5.6

package/src/hooks/event-hook.ts

@@ -1,8 +1,10 @@
 import type { EventSink } from "../features/persistent-state/event-sink"
+import { updateRunStatus } from "../features/persistent-state/global-run-index"
 import type { FinalizationResult } from "../features/persistent-state/run-finalizer"
 import { finalizeRun } from "../features/persistent-state/run-finalizer"
 import { createLogger } from "../shared/logger"
 import { ARGUS_PLUGIN_VERSION } from "../shared/plugin-metadata"
+import { safeEmitToSink } from "../shared/safe-emit"
 import { createAuditState } from "../state/audit-state"
 import type { AuditEvent } from "../state/schemas"
 import { SCHEMA_VERSION } from "../state/schemas"
@@ -18,9 +20,41 @@ export type AuditEventType =
   | "audit.complete"
 
 export type EventHookFn = (input: {
-  event: { type: string; sessionId?: string; properties?: Record<string, unknown> }
+  event: { type: string; properties?: Record<string, unknown> }
 }) => Promise<void>
 
+/**
+ * Extract the OpenCode session ID from an SDK Event object.
+ *
+ * The OpenCode SDK Event union uses different shapes depending on event type:
+ *   - session.created / session.deleted → { properties: { info: { id: string } } }
+ *   - session.idle / session.error      → { properties: { sessionID: string } }
+ *   - Other events may have properties.sessionID or none at all.
+ */
+export function extractSessionId(event: {
+  type: string
+  properties?: Record<string, unknown>
+}): string | undefined {
+  const props = event.properties
+  if (!props) return undefined
+
+  // session.idle, session.error, and many other events use properties.sessionID
+  if (typeof props.sessionID === "string" && props.sessionID.length > 0) {
+    return props.sessionID
+  }
+
+  // session.created and session.deleted wrap a Session object at properties.info
+  const info = props.info
+  if (info && typeof info === "object" && info !== null) {
+    const infoRecord = info as Record<string, unknown>
+    if (typeof infoRecord.id === "string" && infoRecord.id.length > 0) {
+      return infoRecord.id
+    }
+  }
+
+  return undefined
+}
+
 export type EventSubHandler = (event: {
   type: string
   sessionId?: string
@@ -33,78 +67,158 @@ export function createEventHook(
   subHandlers: EventSubHandler[] = [],
 ): {
   hook: EventHookFn
-  getAuditState: () => AuditState | null
-  setAuditState: (state: AuditState | null) => void
-  setEventSink: (sink: EventSink | null) => void
+  getAuditState: (sessionId?: string) => AuditState | null
+  setAuditState: (state: AuditState | null, sessionId?: string) => void
+  setEventSink: (sink: EventSink | null, sessionId?: string) => void
+  getEventSink: (sessionId?: string) => EventSink | null
   getLastFinalizationResult: () => FinalizationResult | null
 } {
   const logger = createLogger()
-  let currentAuditState: AuditState | null = null
-  let eventSink: EventSink | null = null
+  const statesBySessionId = new Map<string, AuditState>()
+  const sinksBySessionId = new Map<string, EventSink>()
+
+  const MAX_SESSION_STATES = 500
+
+  function setSessionState(sessionId: string, state: AuditState): void {
+    if (statesBySessionId.size >= MAX_SESSION_STATES && !statesBySessionId.has(sessionId)) {
+      const oldest = statesBySessionId.keys().next().value
+      if (oldest) statesBySessionId.delete(oldest)
+    }
+    statesBySessionId.set(sessionId, state)
+  }
+
+  function setSessionSink(sessionId: string, sink: EventSink): void {
+    if (sinksBySessionId.size >= MAX_SESSION_STATES && !sinksBySessionId.has(sessionId)) {
+      const oldest = sinksBySessionId.keys().next().value
+      if (oldest) sinksBySessionId.delete(oldest)
+    }
+    sinksBySessionId.set(sessionId, sink)
+  }
+
+  let fallbackAuditState: AuditState | null = null
+  let fallbackEventSink: EventSink | null = null
+  let activeSessionId = ""
   let lastFinalizationResult: FinalizationResult | null = null
 
-  const getAuditState = (): AuditState | null => currentAuditState
-  const setAuditState = (state: AuditState | null): void => {
-    currentAuditState = state
+  const getAuditState = (sessionId?: string): AuditState | null => {
+    if (sessionId && sessionId.length > 0) {
+      const sessionState = statesBySessionId.get(sessionId)
+      if (sessionState) {
+        return sessionState
+      }
+      // Fall through to activeSessionId — child sessions (e.g. sentinel)
+      // may not have their own state entry but share the parent's state.
+    }
+
+    if (activeSessionId.length > 0) {
+      return statesBySessionId.get(activeSessionId) ?? fallbackAuditState
+    }
+
+    return fallbackAuditState
   }
-  const setEventSink = (sink: EventSink | null): void => {
-    eventSink = sink
+
+  const setAuditState = (state: AuditState | null, sessionId?: string): void => {
+    if (sessionId && sessionId.length > 0) {
+      if (state) {
+        setSessionState(sessionId, state)
+        activeSessionId = sessionId
+      } else {
+        statesBySessionId.delete(sessionId)
+      }
+      return
+    }
+
+    fallbackAuditState = state
+  }
+
+  const getEventSink = (sessionId?: string): EventSink | null => {
+    if (sessionId && sessionId.length > 0) {
+      const sessionSink = sinksBySessionId.get(sessionId)
+      if (sessionSink) {
+        return sessionSink
+      }
+      return fallbackEventSink
+    }
+
+    if (activeSessionId.length > 0) {
+      return sinksBySessionId.get(activeSessionId) ?? fallbackEventSink
+    }
+
+    return fallbackEventSink
+  }
+
+  const setEventSink = (sink: EventSink | null, sessionId?: string): void => {
+    if (sessionId && sessionId.length > 0) {
+      if (sink) {
+        setSessionSink(sessionId, sink)
+      } else {
+        sinksBySessionId.delete(sessionId)
+      }
+      return
+    }
+
+    fallbackEventSink = sink
   }
 
   async function emitToSink(
+    sink: EventSink | null,
     type: AuditEvent["type"],
     runId: string,
     sessionId: string | undefined,
     payload: unknown,
   ): Promise<void> {
-    if (!eventSink) return
-    try {
-      await eventSink.append({
-        type,
-        run_id: runId,
-        seq: 0, // auto-assigned by sink
-        session_id: sessionId ?? "",
-        source: "event-hook",
-        schema_version: SCHEMA_VERSION,
-        timestamp: Date.now(),
-        payload,
-      })
-    } catch (error) {
-      logger.error(
-        `Failed to emit ${type} event to sink: ${error instanceof Error ? error.message : String(error)}`,
-      )
-    }
+    if (!sink) return
+    await safeEmitToSink(sink, {
+      type,
+      run_id: runId,
+      seq: 0, // auto-assigned by sink
+      session_id: sessionId ?? "",
+      source: "event-hook",
+      schema_version: SCHEMA_VERSION,
+      timestamp: Date.now(),
+      payload,
+    })
   }
 
   const hook: EventHookFn = async (input): Promise<void> => {
-    const { type, sessionId } = input.event
+    const type = input.event.type
+    const sessionId = extractSessionId(input.event)
+    const sessionKey = sessionId && sessionId.length > 0 ? sessionId : activeSessionId
+    let stateForSession = getAuditState(sessionKey)
     let preDeleteState: AuditState | null = null
+    const preDeleteSink = getEventSink(sessionKey)
 
     switch (type) {
       case "session.created": {
         const dir = projectDir ?? process.cwd()
         const { state } = createAuditState(dir)
-        currentAuditState = state
+        if (sessionId && sessionId.length > 0) {
+          setSessionState(sessionId, state)
+          activeSessionId = sessionId
+        } else {
+          fallbackAuditState = state
+        }
+        stateForSession = state
         break
       }
 
       case "session.idle": {
-        if (currentAuditState) {
+        if (stateForSession) {
           logger.debug(
-            `Session idle — phase: ${currentAuditState.currentPhase}, findings: ${currentAuditState.findings.length}`,
+            `Session idle — phase: ${stateForSession.currentPhase}, findings: ${stateForSession.findings.length}`,
           )
         }
         break
       }
 
       case "session.error": {
-        if (currentAuditState) {
+        if (stateForSession) {
           logger.error(
             `Session error — state snapshot: ${JSON.stringify({
-              sessionId: currentAuditState.sessionId,
-              phase: currentAuditState.currentPhase,
-              findingsCount: currentAuditState.findings.length,
-              contractsReviewed: currentAuditState.contractsReviewed,
+              sessionId: stateForSession.sessionId,
+              phase: stateForSession.currentPhase,
+              findingsCount: stateForSession.findings.length,
+              contractsReviewed: stateForSession.contractsReviewed,
             })}`,
           )
         }
@@ -112,7 +226,7 @@ export function createEventHook(
       }
 
       case "session.deleted": {
-        preDeleteState = currentAuditState
+        preDeleteState = stateForSession
         break
       }
 
@@ -122,11 +236,16 @@ export function createEventHook(
 
     for (const handler of subHandlers) {
       try {
+        const setStateForSession = (state: AuditState | null): void => {
+          setAuditState(state, sessionKey)
+          stateForSession = state
+        }
+
         await handler({
           type,
           sessionId,
-          auditState: currentAuditState,
-          setAuditState,
+          auditState: stateForSession,
+          setAuditState: setStateForSession,
         })
       } catch (error) {
         logger.error(`Sub-handler failed for event ${type}:`, error)
@@ -134,24 +253,32 @@ export function createEventHook(
     }
 
     // Emit canonical events to sink (after sub-handlers, so sink may have been set during session.created)
+    const sinkForSession = getEventSink(sessionKey)
     switch (type) {
       case "session.created": {
-        if (currentAuditState) {
-          await emitToSink("session.created", currentAuditState.sessionId, sessionId, {
-            projectDir: currentAuditState.projectDir,
-            sessionId: currentAuditState.sessionId,
-            plugin_version: ARGUS_PLUGIN_VERSION,
-          })
+        if (stateForSession) {
+          await emitToSink(
+            sinkForSession,
+            "session.created",
+            stateForSession.sessionId,
+            sessionId,
+            {
+              projectDir: stateForSession.projectDir,
+              sessionId: stateForSession.sessionId,
+              plugin_version: ARGUS_PLUGIN_VERSION,
+              scope: stateForSession.scope,
+            },
+          )
         }
         break
       }
 
       case "session.idle": {
-        if (currentAuditState) {
-          await emitToSink("session.idle", currentAuditState.sessionId, sessionId, {
-            findingsCount: currentAuditState.findings.length,
-            toolsExecutedCount: currentAuditState.toolsExecuted.length,
-            phase: currentAuditState.currentPhase,
+        if (stateForSession) {
+          await emitToSink(sinkForSession, "session.idle", stateForSession.sessionId, sessionId, {
+            findingsCount: stateForSession.findings.length,
+            toolsExecutedCount: stateForSession.toolsExecuted.length,
+            phase: stateForSession.currentPhase,
           })
         }
         break
@@ -159,17 +286,29 @@ export function createEventHook(
 
       case "session.deleted": {
         if (preDeleteState) {
-          await emitToSink("session.deleted", preDeleteState.sessionId, sessionId, {
+          await emitToSink(preDeleteSink, "session.deleted", preDeleteState.sessionId, sessionId, {
             archived: true,
             plugin_version: ARGUS_PLUGIN_VERSION,
           })
 
-          if (eventSink) {
+          const hasSiblingSessionForRun =
+            typeof sessionKey === "string" && sessionKey.length > 0
+              ? Array.from(sinksBySessionId.entries()).some(
+                  ([mappedSessionId, mappedSink]) =>
+                    mappedSessionId !== sessionKey && mappedSink.runId === preDeleteState.sessionId,
+                )
+              : false
+
+          if (preDeleteSink && !preDeleteSink.isFinalized && !hasSiblingSessionForRun) {
             try {
               lastFinalizationResult = await finalizeRun(
                 preDeleteState.sessionId,
                 preDeleteState.projectDir,
-                eventSink,
+                preDeleteSink,
+              )
+              void updateRunStatus(
+                preDeleteState.sessionId,
+                lastFinalizationResult.invariantsPassed ? "finalized" : "failed",
               )
             } catch (error) {
               logger.error(
@@ -178,8 +317,18 @@ export function createEventHook(
             }
           }
         }
-        currentAuditState = null
-        eventSink = null
+
+        if (sessionKey && sessionKey.length > 0) {
+          statesBySessionId.delete(sessionKey)
+          sinksBySessionId.delete(sessionKey)
+          if (activeSessionId === sessionKey) {
+            const nextSession = statesBySessionId.keys().next().value
+            activeSessionId = typeof nextSession === "string" ? nextSession : ""
+          }
+        } else {
+          fallbackAuditState = null
+          fallbackEventSink = null
+        }
         break
       }
 
@@ -190,5 +339,12 @@ export function createEventHook(
 
   const getLastFinalizationResult = (): FinalizationResult | null => lastFinalizationResult
 
-  return { hook, getAuditState, setAuditState, setEventSink, getLastFinalizationResult }
+  return {
+    hook,
+    getAuditState,
+    setAuditState,
+    setEventSink,
+    getEventSink,
+    getLastFinalizationResult,
+  }
 }

package/src/hooks/knowledge-sync-hook.ts

@@ -1,8 +1,7 @@
-import os from "node:os"
-import path from "node:path"
 import type { ArgusConfig } from "../config/types"
 import { ScvdClient } from "../knowledge/scvd-client"
 import { type SyncResult, syncIncremental } from "../knowledge/scvd-sync"
+import { getScvdIndexPath } from "../shared/cache-paths"
 import { createLogger } from "../shared/logger"
 
 export type KnowledgeSyncDependencies = {
@@ -36,7 +35,7 @@ export function createKnowledgeSyncHook(
     }
 
     const apiUrl = argusConfig.knowledge?.scvd?.apiUrl ?? DEFAULT_SCVD_API_URL
-    const indexPath = path.join(os.homedir(), ".cache", "solidity-argus", "scvd-index.json")
+    const indexPath = getScvdIndexPath()
 
     Promise.resolve().then(async () => {
       try {

package/src/hooks/safe-create-hook.ts

@@ -1,6 +1,15 @@
 import { createLogger } from "../shared/logger"
 
-export function safeCreateHook<T>(factory: () => T, hookName: string): T | undefined {
+export interface SafeCreateHookOptions {
+  critical?: boolean
+}
+
+export function safeCreateHook<T>(
+  factory: () => T,
+  hookName: string,
+  options: SafeCreateHookOptions = {},
+): T | undefined {
+  const { critical = false } = options
   try {
     return factory()
   } catch (error) {
@@ -8,6 +17,9 @@ export function safeCreateHook<T>(factory: () => T, hookName: string): T | undef
     logger.error(
       `Failed to create hook "${hookName}": ${error instanceof Error ? error.message : String(error)}`,
     )
+    if (critical) {
+      throw error
+    }
     return undefined
   }
 }

package/src/hooks/system-prompt-hook.ts

@@ -1,29 +1,17 @@
-import type { AuditState, FindingSeverity } from "../state/types"
+import { computeMissingKeyTools, KEY_TOOLS, TOOL_SHORT_NAMES } from "../shared/key-tools"
+import { estimateTokens } from "../shared/token-utils"
+import { countBySeverity } from "../shared/validation-constants"
+import type { AuditState } from "../state/types"
 
-const DEFAULT_TOKEN_BUDGET = 2000
-const TOKENS_PER_CHAR = 4
-
-const TOOL_SHORT_NAMES: Record<string, string> = {
-  argus_slither_analyze: "slither",
-  argus_forge_test: "forge-test",
-  argus_check_patterns: "patterns",
-  argus_solodit_search: "solodit",
-  argus_analyze_contract: "analyzer",
-}
-const KEY_TOOLS = ["slither", "forge-test", "patterns", "solodit", "analyzer"]
+export { estimateTokens }
 
-/** Maps unavailable-tool short names to their KEY_TOOLS counterpart */
-const UNAVAILABLE_TO_KEY_TOOL: Record<string, string> = {
-  slither: "slither",
-  forge: "forge-test",
-  solodit: "solodit",
-}
+const DEFAULT_TOKEN_BUDGET = 2000
 
 export interface SystemPromptHookDeps {
-  getAuditState: () => AuditState | null
+  getAuditState: (sessionId?: string) => AuditState | null
   getAgentForSession: (sessionID: string) => string | undefined
   isArgusAgent: (sessionID: string) => boolean
-  getContextPressure?: (systemText: string) => number
+  getContextPressure?: (systemText: string, sessionId?: string) => number
   getTokenBudget?: (agent: string, contextPressure: number) => number
   getEnforcerReminder?: (state: AuditState) => string | null
   getReconBlock?: () => string | null
@@ -47,26 +35,12 @@ export function buildFallbackDirectives(unavailableTools: string[]): string[] {
   return directives
 }
 
-export function estimateTokens(text: string): number {
-  return Math.ceil(text.length / TOKENS_PER_CHAR)
-}
-
 export function buildDynamicContext(
   auditState: AuditState,
   agent: string,
   tokenBudget: number = DEFAULT_TOKEN_BUDGET,
 ): string {
-  const severityCounts: Record<FindingSeverity, number> = {
-    Critical: 0,
-    High: 0,
-    Medium: 0,
-    Low: 0,
-    Informational: 0,
-  }
-
-  for (const finding of auditState.findings) {
-    severityCounts[finding.severity]++
-  }
+  const severityCounts = countBySeverity(auditState.findings)
 
   const executedToolNames = new Set(
     auditState.toolsExecuted.map((t) => TOOL_SHORT_NAMES[t.tool] ?? t.tool),
@@ -76,14 +50,14 @@ export function buildDynamicContext(
     (t) => `${t}=${executedToolNames.has(t) ? "done" : "pending"}`,
   ).join(" ")
   const unavailable = auditState.unavailableTools ?? []
-  const excusedTools = new Set(unavailable.map((t) => UNAVAILABLE_TO_KEY_TOOL[t]).filter(Boolean))
-  const pendingKeyTools = KEY_TOOLS.filter((t) => !executedToolNames.has(t) && !excusedTools.has(t))
+  const pendingKeyTools = computeMissingKeyTools(auditState.toolsExecuted, unavailable)
   const gateStatus =
     pendingKeyTools.length > 0
       ? `REPORTING GATE: BLOCKED \u2014 key tools pending: ${pendingKeyTools.join(", ")}`
       : "REPORTING GATE: ALLOWED"
   const lines: string[] = [
     `<argus-context agent="${agent}">`,
+    ...(auditState.sessionId ? [`run_id: ${auditState.sessionId}`] : []),
     gateStatus,
     `Phase: ${auditState.currentPhase}`,
     `Contracts: ${auditState.contractsReviewed.length} reviewed`,
@@ -97,6 +71,12 @@ export function buildDynamicContext(
     lines.push(...buildFallbackDirectives(unavailable))
   }
 
+  if (auditState.currentPhase === "reporting" && !auditState.reportGenerated) {
+    lines.push(
+      "REPORT GENERATION: INCOMPLETE — Scribe was dispatched but argus_generate_report was not called. Re-dispatch Scribe or call argus_generate_report directly.",
+    )
+  }
+
   lines.push("</argus-context>")
 
   let summary = lines.join("\n")
@@ -105,6 +85,7 @@ export function buildDynamicContext(
     const doneCount = KEY_TOOLS.filter((t) => executedToolNames.has(t)).length
     summary = [
       `<argus-context agent="${agent}">`,
+      ...(auditState.sessionId ? [`run_id: ${auditState.sessionId}`] : []),
       gateStatus,
       `Phase: ${auditState.currentPhase} | Findings: ${auditState.findings.length} | Contracts: ${auditState.contractsReviewed.length} | Tasks: ${doneCount}/${KEY_TOOLS.length} done`,
       "</argus-context>",
@@ -127,7 +108,7 @@ export function createSystemPromptHook(deps: SystemPromptHookDeps) {
       return
     }
 
-    const auditState = deps.getAuditState()
+    const auditState = deps.getAuditState(input.sessionID)
     if (!auditState) {
       return
     }
@@ -138,7 +119,7 @@ export function createSystemPromptHook(deps: SystemPromptHookDeps) {
     }
 
     const currentSystem = output.system.join("\n")
-    const pressure = deps.getContextPressure?.(currentSystem) ?? 0
+    const pressure = deps.getContextPressure?.(currentSystem, input.sessionID) ?? 0
     const budget = deps.getTokenBudget?.(agent, pressure) ?? DEFAULT_TOKEN_BUDGET
 
     output.system.push(buildDynamicContext(auditState, agent, budget))