wogiflow 2.29.5 → 2.29.7

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wogiflow",
-  "version": "2.29.5",
+  "version": "2.29.7",
   "description": "AI-powered development workflow management system with multi-model support",
   "main": "lib/index.js",
   "bin": {
@@ -10,7 +10,7 @@
   },
   "scripts": {
     "flow": "./scripts/flow",
-    "test": "NODE_ENV=test node --test tests/auto-compact-prompt.test.js tests/flow-paths.test.js tests/flow-io.test.js tests/flow-config-loader.test.js tests/flow-damage-control.test.js tests/flow-output.test.js tests/flow-constants.test.js tests/flow-session-state.test.js tests/flow-hooks-integration.test.js tests/flow-utils.test.js tests/flow-security.test.js tests/flow-memory-db.test.js tests/flow-durable-session.test.js tests/flow-skill-matcher.test.js tests/flow-bridge.test.js tests/flow-proactive-compact.test.js tests/flow-cascade-completion.test.js tests/flow-capture-gate.test.js tests/flow-correction-detector-hybrid.test.js tests/flow-promote.test.js tests/flow-archive-runs.test.js tests/flow-memory.test.js tests/flow-hooks-pre-tool-helpers.test.js tests/flow-hooks-bugfix-scope-gate.test.js tests/flow-hooks-routing-gate.test.js tests/flow-hooks-phase-read-gate.test.js tests/flow-hooks-commit-log-gate.test.js tests/flow-hooks-deploy-gate.test.js tests/flow-hooks-todowrite-gate.test.js tests/flow-hooks-git-safety-gate.test.js tests/flow-hooks-scope-mutation-gate.test.js tests/flow-hooks-strike-gate.test.js tests/flow-hooks-component-check.test.js tests/flow-hooks-scope-gate.test.js tests/flow-hooks-implementation-gate.test.js tests/flow-hooks-research-gate.test.js tests/flow-hooks-loop-check.test.js tests/flow-hooks-manager-boundary-gate.test.js tests/flow-hooks-phase-gate.test.js tests/flow-hooks-pre-tool-orchestrator.test.js tests/flow-hooks-observation-capture.test.js tests/flow-hooks-task-gate.test.js tests/flow-durable-session-suspension.test.js tests/flow-health-mcp-scopes.test.js tests/flow-lean-config.test.js tests/flow-workspace-autopickup.test.js tests/flow-worker-boundary-gate.test.js tests/flow-worker-question-classifier.test.js tests/flow-completion-truth-gate-contradictions.test.js tests/flow-structure-sensor.test.js tests/flow-workspace-dispatch-tracking.test.js tests/workspace-ipc-sqlite.test.js tests/workspace-ipc-multi-worker.test.js tests/flow-story-gates.test.js tests/flow-workspace-restart-handoff.test.js tests/flow-wogi-claude-wrapper.test.js tests/flow-wave1-integrations.test.js tests/flow-wave2-integrations.test.js tests/flow-wave3-integrations.test.js tests/flow-commit-claims-gate.test.js tests/auto-review.test.js tests/gate-telemetry-surface.test.js tests/agents-md-alias.test.js tests/flow-skill-manage.test.js tests/fuzzy-patch.test.js tests/mode-schema.test.js tests/flow-feature-dossier.test.js tests/flow-autonomous-mode.test.js tests/flow-epic-cascade.test.js tests/flow-workspace-summary.test.js tests/flow-hooks-research-evidence-gate.test.js tests/flow-worker-mcp-strip.test.js tests/flow-orchestrate-corrections.test.js tests/flow-source-fidelity.test.js tests/flow-hooks-long-input-enforcement.test.js tests/workspace-channel-tracking.test.js tests/flow-hooks-deletion-log.test.js && NODE_ENV=test node tests/run-quality-gates.test.js",
+    "test": "NODE_ENV=test node --test tests/auto-compact-prompt.test.js tests/flow-paths.test.js tests/flow-io.test.js tests/flow-config-loader.test.js tests/flow-damage-control.test.js tests/flow-output.test.js tests/flow-constants.test.js tests/flow-session-state.test.js tests/flow-hooks-integration.test.js tests/flow-utils.test.js tests/flow-security.test.js tests/flow-memory-db.test.js tests/flow-durable-session.test.js tests/flow-skill-matcher.test.js tests/flow-bridge.test.js tests/flow-proactive-compact.test.js tests/flow-cascade-completion.test.js tests/flow-capture-gate.test.js tests/flow-correction-detector-hybrid.test.js tests/flow-promote.test.js tests/flow-archive-runs.test.js tests/flow-memory.test.js tests/flow-hooks-pre-tool-helpers.test.js tests/flow-hooks-bugfix-scope-gate.test.js tests/flow-hooks-routing-gate.test.js tests/flow-hooks-phase-read-gate.test.js tests/flow-hooks-commit-log-gate.test.js tests/flow-hooks-deploy-gate.test.js tests/flow-hooks-todowrite-gate.test.js tests/flow-hooks-git-safety-gate.test.js tests/flow-hooks-scope-mutation-gate.test.js tests/flow-hooks-strike-gate.test.js tests/flow-hooks-component-check.test.js tests/flow-hooks-scope-gate.test.js tests/flow-hooks-implementation-gate.test.js tests/flow-hooks-research-gate.test.js tests/flow-hooks-loop-check.test.js tests/flow-hooks-manager-boundary-gate.test.js tests/flow-hooks-phase-gate.test.js tests/flow-hooks-pre-tool-orchestrator.test.js tests/flow-hooks-observation-capture.test.js tests/flow-hooks-task-gate.test.js tests/flow-durable-session-suspension.test.js tests/flow-health-mcp-scopes.test.js tests/flow-lean-config.test.js tests/flow-workspace-autopickup.test.js tests/flow-worker-boundary-gate.test.js tests/flow-worker-question-classifier.test.js tests/flow-completion-truth-gate-contradictions.test.js tests/flow-structure-sensor.test.js tests/flow-workspace-dispatch-tracking.test.js tests/workspace-ipc-sqlite.test.js tests/workspace-ipc-multi-worker.test.js tests/flow-story-gates.test.js tests/flow-workspace-restart-handoff.test.js tests/flow-wogi-claude-wrapper.test.js tests/flow-wave1-integrations.test.js tests/flow-wave2-integrations.test.js tests/flow-wave3-integrations.test.js tests/flow-commit-claims-gate.test.js tests/auto-review.test.js tests/gate-telemetry-surface.test.js tests/agents-md-alias.test.js tests/flow-skill-manage.test.js tests/fuzzy-patch.test.js tests/mode-schema.test.js tests/flow-feature-dossier.test.js tests/flow-autonomous-mode.test.js tests/flow-epic-cascade.test.js tests/flow-workspace-summary.test.js tests/flow-hooks-research-evidence-gate.test.js tests/flow-worker-mcp-strip.test.js tests/flow-orchestrate-corrections.test.js tests/flow-source-fidelity.test.js tests/flow-hooks-long-input-enforcement.test.js tests/workspace-channel-tracking.test.js tests/flow-hooks-deletion-log.test.js tests/flow-task-boundary-reset.test.js tests/flow-deferral-gate.test.js tests/flow-research-required-gate.test.js && NODE_ENV=test node tests/run-quality-gates.test.js",
     "test:syntax": "find scripts/ lib/ -name '*.js' -not -path '*/node_modules/*' -exec node --check {} +",
     "lint": "eslint scripts/ lib/ tests/",
     "lint:ci": "eslint scripts/ lib/ tests/ --max-warnings 0",

package/scripts/flow-defer-auth.js

@@ -0,0 +1,103 @@
+#!/usr/bin/env node
+
+/**
+ * Wogi Flow — Deferral Authorization CLI (wf-f9912af6)
+ *
+ * Explicit user-authorization helper for the deferral gate. Used when the AI
+ * needs to record that the user picked a defer-style menu option in
+ * /wogi-review (e.g., "Create tasks for all - fix later in batches").
+ *
+ * Usage:
+ *   flow defer-auth grant --scope=all --reason="<verbatim user phrase>"
+ *   flow defer-auth grant --findings=F5,F6,F7 --reason="..."
+ *   flow defer-auth clear
+ *   flow defer-auth status
+ */
+
+const path = require('node:path');
+const gate = require('./hooks/core/deferral-gate');
+
+function parseArgs(argv) {
+  const args = {};
+  for (const a of argv) {
+    if (a.startsWith('--')) {
+      const eq = a.indexOf('=');
+      if (eq === -1) {
+        args[a.slice(2)] = true;
+      } else {
+        args[a.slice(2, eq)] = a.slice(eq + 1);
+      }
+    }
+  }
+  return args;
+}
+
+function cmdGrant(args) {
+  let scope = 'all';
+  if (args.findings) {
+    scope = String(args.findings)
+      .split(',')
+      .map(s => s.trim())
+      .filter(Boolean);
+    if (scope.length === 0) {
+      console.error('grant: --findings must be a non-empty comma-separated list');
+      process.exit(2);
+    }
+  } else if (args.scope === 'all' || args.scope === undefined) {
+    scope = 'all';
+  } else {
+    scope = String(args.scope);
+  }
+  const reason = args.reason ? String(args.reason) : 'cli-grant';
+  const ttlSec = args['ttl-sec'] ? parseInt(args['ttl-sec'], 10) : undefined;
+
+  const payload = gate.writeAuth({
+    scope,
+    source: reason,
+    grantedBy: 'explicit-cli',
+    ttlSec
+  });
+
+  if (!payload) {
+    console.error('grant: failed to write authorization marker');
+    process.exit(1);
+  }
+  console.log(JSON.stringify({ status: 'granted', ...payload }, null, 2));
+}
+
+function cmdClear() {
+  gate.clearAuth();
+  gate.clearNoDeferPin();
+  console.log(JSON.stringify({ status: 'cleared' }, null, 2));
+}
+
+function cmdStatus() {
+  const auth = gate.loadAuth();
+  const pin = gate.loadNoDeferPin();
+  console.log(JSON.stringify({
+    authorization: auth || null,
+    noDeferPin: pin || null,
+    authPath: gate.getAuthPath(),
+    pinPath: gate.getNoDeferPinPath()
+  }, null, 2));
+}
+
+function usage() {
+  console.log('Usage: flow defer-auth <grant|clear|status> [--scope=all|<id>] [--findings=F1,F2] [--reason="..."] [--ttl-sec=600]');
+  process.exit(2);
+}
+
+function main() {
+  const [, , subcommand, ...rest] = process.argv;
+  const args = parseArgs(rest);
+  switch (subcommand) {
+    case 'grant': return cmdGrant(args);
+    case 'clear': return cmdClear();
+    case 'status': return cmdStatus();
+    default: return usage();
+  }
+}
+
+if (require.main === module) main();
+
+module.exports = { parseArgs, cmdGrant, cmdClear, cmdStatus };

package/scripts/flow-utils.js

@@ -336,6 +336,7 @@ function saveReadyData(data) {
   const toSave = { ...data, lastUpdated: new Date().toISOString() };
   const result = writeJson(PATHS.ready, toSave);
   invalidateReadyDataCache(); // Invalidate AFTER write completes to avoid stale cache race
+  maybeArmTaskBoundaryRestart(previousData, toSave);
   return result;
 }
 
@@ -359,10 +360,61 @@ async function saveReadyDataAsync(data) {
     const toSave = { ...data, lastUpdated: new Date().toISOString() };
     const result = writeJson(PATHS.ready, toSave);
     invalidateReadyDataCache(); // Invalidate AFTER write completes
+    maybeArmTaskBoundaryRestart(previousData, toSave);
     return result;
   });
 }
 
+/**
+ * wf-ee4e343b — Phase 1 chokepoint for task-boundary auto-restart.
+ *
+ * Why this exists: Phase 1 marker writes were previously split across three
+ * disjoint paths (`flow done`, `task-completed.js` hook, Stop-hook fallback
+ * with a 5-min freshness window). The Stop-hook fallback misses real-world
+ * timing (user takes >5min to type next message → fallback rejects) and the
+ * other two paths are not always called. By detecting "new entry in
+ * recentlyCompleted" right here in saveReadyData — the actual chokepoint
+ * every completion goes through — we arm the marker at the moment of
+ * completion regardless of who completed the task.
+ *
+ * Gated on WOGI_WRAPPER_PID so test/CLI/non-wrapper invocations don't
+ * write spurious markers. Lazy-required to avoid circular dependency
+ * (task-boundary-reset.js → flow-utils.js).
+ */
+function maybeArmTaskBoundaryRestart(previousData, savedData) {
+  try {
+    if (!process.env.WOGI_WRAPPER_PID) return;
+    // First-save guard (F2): when ready.json doesn't yet exist, previousData
+    // is null. If savedData arrives pre-populated (fresh install seeded from
+    // backup, init script bootstrapping recentlyCompleted, etc.) we MUST NOT
+    // arm a restart marker — there's no completion event, just an initial
+    // state snapshot. Real completions always have a previousData to diff
+    // against because saveReadyData is the only writer.
+    if (!previousData) return;
+    // F7 fix (wf-ee4e343b cleanup): F2 was asymmetric — readJson returns {}
+    // (truthy) on corrupt JSON or missing top-level keys, so the !previousData
+    // guard would not catch that case. A corrupt ready.json that recovers as
+    // {} followed by a save with populated recentlyCompleted would still
+    // false-positive. Require previousData.recentlyCompleted to be an actual
+    // array for the diff to be meaningful — anything else is "we don't know
+    // the prior state," which is structurally identical to first-save and
+    // must NOT arm.
+    if (!Array.isArray(previousData.recentlyCompleted)) return;
+    const prevTop = previousData.recentlyCompleted[0];
+    const curTop = savedData?.recentlyCompleted?.[0];
+    if (!curTop || !curTop.id) return;
+    if (prevTop && prevTop.id === curTop.id) return; // no new completion
+    const { markRestartPending } = require('./hooks/core/task-boundary-reset');
+    markRestartPending({
+      taskId: curTop.id,
+      taskTitle: curTop.title,
+      source: 'saveReadyData'
+    });
+  } catch (_err) {
+    // Fail-open — never let an observability/marker write break ready.json save
+  }
+}
+
 /**
  * Archive overflow completed tasks to a log file (v3.2)
  * When recentlyCompleted exceeds 10 items, archive the overflow

package/scripts/hooks/core/deferral-classifier.js

@@ -0,0 +1,129 @@
+#!/usr/bin/env node
+
+/**
+ * Wogi Flow — Deferral Intent Classifier (wf-f9912af6)
+ *
+ * Regex-based detector for explicit user deferral intent in UserPromptSubmit
+ * messages. Cheap (no Haiku call), deterministic, runs every prompt.
+ *
+ * NEGATIVE intent takes precedence over POSITIVE — if the user says both
+ * "fix everything" and "skip Y" in the same message, we assume they want
+ * everything fixed (the defer-everything pattern is the dangerous one this
+ * gate exists to stop).
+ *
+ * Negative match → write `no-defer-pin.json` (HARD block, overrides any auth)
+ * Positive match → write `deferral-authorization.json` (allows specific scope)
+ * Neither → no-op
+ *
+ * Fail-open: any error in classification falls through silently.
+ */
+
+// Negative phrases (HIGH PRIORITY — clear auth, write no-defer pin)
+const NEGATIVE_PATTERNS = [
+  /\bfix\s+(everything|all\s+of\s+(them|it)|all\s+findings?)\b/i,
+  /\bno\s+deferr?als?\b/i,
+  /\b(don'?t|do\s+not)\s+defer\b/i,
+  /\bi\s+don'?t\s+(want|like)\s+(tech\s*-?\s*debt|technical\s*-?\s*debt|deferr?al)/i,
+  /\bnever\s+defer\b/i,
+  /\balways\s+fix\s+(what'?s\s+broken|what\s+needs?\s+fixing)/i,
+  /\bnothing\s+(should\s+be|gets)\s+deferr?ed\b/i,
+];
+
+// Positive phrases (MEDIUM PRIORITY — write auth marker)
+// We're conservative: require defer/skip phrasing to be coupled with finding
+// context (this/that/those/it/option N/F\d+/severity word) to avoid catching
+// unrelated mentions like "let's defer the meeting".
+const POSITIVE_PATTERNS = [
+  // "defer X" / "skip X" with a referent
+  /\b(defer|skip|ignore|drop)\s+(this|that|those|it|them|f\d+|finding\s+\w+)\b/i,
+  /\bleave\s+(this|that|those|f\d+|.*?)\s+(for\s+)?later\b/i,
+
+  // /wogi-review menu options that mean defer
+  /\boption\s*[24]\b/i, // option 2 = "fix critical only"; option 4 = "create tasks for all (defer)"
+  /\bcreate\s+tasks?\s+for\s+(all|the\s+rest|remaining)\b/i,
+
+  // Severity-scoped deferrals
+  /\bfix\s+(only\s+)?(critical|high)\s*(\s*\/\s*high)?\s+only\b/i,
+  /\bfix\s+(critical|high)\s+(only|first)\b/i,
+  /\bskip\s+(low|medium|low\s*\/\s*medium)\b/i,
+
+  // Ship-as-is style
+  /\bship\s+(it\s+)?as\s*-?\s*is\b/i,
+  /\bgood\s+enough\s+(as\s*-?\s*is|for\s+now)\b/i,
+  /\bcall\s+it\s+(done|good)\b/i,
+];
+
+/**
+ * Classify a user prompt for deferral intent.
+ *
+ * @param {string} prompt - the user's UserPromptSubmit text
+ * @returns {{ intent: 'negative'|'positive'|'none', match?: string, scope?: string|string[] }}
+ */
+function classifyDeferralIntent(prompt) {
+  if (!prompt || typeof prompt !== 'string') return { intent: 'none' };
+
+  // Negative first — overrides positive
+  for (const rx of NEGATIVE_PATTERNS) {
+    const m = prompt.match(rx);
+    if (m) return { intent: 'negative', match: m[0] };
+  }
+
+  // Positive
+  for (const rx of POSITIVE_PATTERNS) {
+    const m = prompt.match(rx);
+    if (m) {
+      // Try to extract scope — look for F\d+ ids in the prompt
+      const findingIds = Array.from(prompt.matchAll(/\bF\d+\b/g)).map(x => x[0]);
+      return {
+        intent: 'positive',
+        match: m[0],
+        scope: findingIds.length > 0 ? findingIds : 'all'
+      };
+    }
+  }
+
+  return { intent: 'none' };
+}
+
+/**
+ * Apply classification result to the gate's state files. Wired into
+ * UserPromptSubmit. Fail-open throughout.
+ */
+function applyClassification(prompt, config) {
+  try {
+    if (config?.deferralGate?.classifyUserPrompts === false) return { applied: false, reason: 'classifier-disabled' };
+
+    const result = classifyDeferralIntent(prompt);
+    if (result.intent === 'none') return { applied: false, reason: 'no-match' };
+
+    // Lazy-require to avoid load-order coupling
+    const gate = require('./deferral-gate');
+
+    if (result.intent === 'negative') {
+      gate.writeNoDeferPin({ source: result.match });
+      return { applied: true, intent: 'negative', match: result.match };
+    }
+
+    if (result.intent === 'positive') {
+      gate.writeAuth({
+        scope: result.scope,
+        source: result.match,
+        grantedBy: 'user-prompt',
+        config
+      });
+      return { applied: true, intent: 'positive', match: result.match, scope: result.scope };
+    }
+
+    return { applied: false, reason: 'unhandled-intent' };
+  } catch (err) {
+    if (process.env.DEBUG) console.error(`[deferral-classifier] applyClassification error (fail-open): ${err.message}`);
+    return { applied: false, reason: `error: ${err.message}` };
+  }
+}
+
+module.exports = {
+  classifyDeferralIntent,
+  applyClassification,
+  NEGATIVE_PATTERNS,
+  POSITIVE_PATTERNS
+};