wolverine-ai 6.3.1 → 6.4.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolverine-ai",
-  "version": "6.3.1",
+  "version": "6.4.1",
   "description": "Self-healing Node.js server framework powered by AI. Catches crashes, diagnoses errors, generates fixes, verifies, and restarts — automatically.",
   "main": "src/index.js",
   "bin": {

package/src/claw/setup.js

@@ -565,12 +565,13 @@ function ensureWolverineDep(cwd) {
  */
 function addClawScripts(cwd) {
   const pkgPath = path.join(cwd, "package.json");
-  if (!fs.existsSync(pkgPath)) return { added: 0 };
+  if (!fs.existsSync(pkgPath)) return { added: 0, patched: 0 };
 
   try {
     const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf-8"));
     if (!pkg.scripts) pkg.scripts = {};
 
+    // 1. Add wolverine-claw management scripts
     const toAdd = {
       "claw": "wolverine-claw",
       "claw:direct": "wolverine-claw --direct",
@@ -585,13 +586,44 @@ function addClawScripts(cwd) {
       }
     }
 
-    if (added > 0) {
+    // 2. Patch existing openclaw start scripts to inject --require bootstrap
+    //    This is the key integration: the bootstrap preload auto-initializes
+    //    wolverine for the entire process — no code changes in skills/plugins.
+    const BOOTSTRAP = "--require ./wolverine-claw/bootstrap.js";
+    let patched = 0;
+
+    for (const [name, cmd] of Object.entries(pkg.scripts)) {
+      if (typeof cmd !== "string") continue;
+      // Skip scripts we just added
+      if (name.startsWith("claw")) continue;
+
+      // Find scripts that run openclaw (start, dev, gateway, etc.)
+      const isOpenClawScript = cmd.includes("openclaw") || cmd.includes("open-claw");
+      // Also patch plain node scripts that start a gateway/agent
+      const isNodeScript = cmd.startsWith("node ") && !cmd.includes("wolverine");
+
+      if ((isOpenClawScript || isNodeScript) && !cmd.includes("bootstrap.js")) {
+        // Inject --require before the main script/command
+        if (cmd.startsWith("node ")) {
+          // node index.js → node --require ./wolverine-claw/bootstrap.js index.js
+          pkg.scripts[name] = cmd.replace("node ", `node ${BOOTSTRAP} `);
+          patched++;
+        } else if (cmd.startsWith("openclaw ") || cmd.startsWith("npx openclaw")) {
+          // For CLI commands, use NODE_OPTIONS to inject --require
+          // npm scripts inherit env vars, so this works cross-platform
+          pkg.scripts[name] = `NODE_OPTIONS="${BOOTSTRAP}" ${cmd}`;
+          patched++;
+        }
+      }
+    }
+
+    if (added > 0 || patched > 0) {
       fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + "\n");
     }
 
-    return { added, skipped: added === 0 };
+    return { added, patched, skipped: added === 0 && patched === 0 };
   } catch {
-    return { added: 0 };
+    return { added: 0, patched: 0 };
   }
 }
 
@@ -884,8 +916,13 @@ async function setup(cwd, options = {}) {
   const scriptsResult = addClawScripts(cwd);
   if (scriptsResult.added > 0) {
     log(chalk.green(`  ✅ Added ${scriptsResult.added} npm scripts (claw, claw:info, claw:direct)`));
-  } else if (scriptsResult.skipped) {
-    log(chalk.gray("  ○ npm scripts already present"));
+  }
+  if (scriptsResult.patched > 0) {
+    log(chalk.green(`  ✅ Patched ${scriptsResult.patched} start script(s) with wolverine bootstrap`));
+    log(chalk.gray("     Your existing commands now auto-load wolverine (global.wolverine)"));
+  }
+  if (scriptsResult.added === 0 && (scriptsResult.patched || 0) === 0) {
+    log(chalk.gray("  ○ npm scripts already configured"));
   }
 
   log("");

package/src/claw/wolverine-api.js

@@ -0,0 +1,443 @@
+/**
+ * Wolverine API — unified entry point for any OpenClaw process.
+ *
+ * Exposes every wolverine subsystem through a single, lazy-loaded API.
+ * Nothing is imported until first use, so requiring this module is free.
+ *
+ * Usage from any OpenClaw skill, plugin, or agent:
+ *   const wolverine = require("wolverine-ai/src/claw/wolverine-api");
+ *   const api = wolverine.init("/path/to/project");
+ *
+ *   // Security
+ *   api.security.detectInjection("some user input");
+ *   api.security.redact("text with sk-abc123 key");
+ *   api.security.sandbox.resolve("server/index.js");
+ *
+ *   // Brain
+ *   await api.brain.search("how to fix ECONNREFUSED");
+ *   await api.brain.learn("Redis needs REDIS_URL env var", "fix");
+ *
+ *   // AI
+ *   const result = await api.ai.call({ model: "claude-sonnet-4-6", ... });
+ *
+ *   // Errors
+ *   api.errors.parse(stderrText);
+ *   api.errors.classify(errorMessage);
+ *   api.errors.routeTools("ECONNREFUSED");
+ *
+ *   // Backup
+ *   api.backup.create("before risky change");
+ *   api.backup.rollbackLatest();
+ *
+ *   // ... etc
+ */
+
+const path = require("path");
+
+let _projectRoot = null;
+let _initialized = false;
+
+// Lazy singletons — created on first access
+const _cache = {};
+
+function _require(relativePath) {
+  return require(path.join(_projectRoot, relativePath));
+}
+
+function _lazy(key, factory) {
+  if (!_cache[key]) _cache[key] = factory();
+  return _cache[key];
+}
+
+// ── Public API ──────────────────────────────────────────────────
+
+/**
+ * Initialize the Wolverine API for a project.
+ * Call once — returns the API object. Subsequent calls return the same instance.
+ */
+function init(projectRoot) {
+  if (_initialized && _projectRoot === path.resolve(projectRoot)) return api;
+  _projectRoot = path.resolve(projectRoot);
+  _initialized = true;
+
+  // Clear cache if re-initializing with different root
+  for (const key of Object.keys(_cache)) delete _cache[key];
+
+  return api;
+}
+
+const api = {
+  // ── Security ────────────────────────────────────────────────
+
+  get security() {
+    return _lazy("security", () => {
+      const { detectInjection, localScan, INJECTION_PATTERNS } = _require("src/security/injection-detector");
+      const { initRedactor, redact, redactObj, hasSecrets } = _require("src/security/secret-redactor");
+      const { Sandbox } = _require("src/security/sandbox");
+      const { RateLimiter } = _require("src/security/rate-limiter");
+
+      // Initialize redactor for this project
+      const redactor = initRedactor(_projectRoot);
+
+      return {
+        // Prompt injection detection (~50 patterns)
+        detectInjection,
+        localScan,
+        INJECTION_PATTERNS,
+
+        // Secret redaction
+        redact,
+        redactObj,
+        hasSecrets,
+        redactor,
+
+        // File sandbox
+        sandbox: new Sandbox(_projectRoot),
+        Sandbox,
+
+        // Rate limiting
+        createRateLimiter: (opts) => new RateLimiter(opts),
+        RateLimiter,
+      };
+    });
+  },
+
+  // ── Brain (semantic memory) ─────────────────────────────────
+
+  get brain() {
+    return _lazy("brain", () => {
+      const { Brain } = _require("src/brain/brain");
+      const { VectorStore } = _require("src/brain/vector-store");
+      const { embed, embedBatch, compact, compactAndEmbed } = _require("src/brain/embedder");
+      const { scanProject, mapToChunks } = _require("src/brain/function-map");
+      const { route, getRoutePrompt, TOOL_ROUTES } = _require("src/brain/tool-router");
+
+      const brain = new Brain(_projectRoot);
+      let _initPromise = null;
+
+      return {
+        // High-level brain operations
+        async search(query, opts) {
+          if (!_initPromise) _initPromise = brain.init();
+          await _initPromise;
+          return brain.search ? brain.search(query, opts)
+            : brain.recall ? brain.recall(query, opts)
+            : [];
+        },
+        async learn(content, category) {
+          if (!_initPromise) _initPromise = brain.init();
+          await _initPromise;
+          if (brain.addDocument) {
+            return brain.addDocument({ content, namespace: category || "learnings", source: "wolverine-claw", timestamp: Date.now() });
+          }
+          if (brain.remember) return brain.remember(content, { namespace: category });
+        },
+        async getContext(query) {
+          if (!_initPromise) _initPromise = brain.init();
+          await _initPromise;
+          return brain.getContext ? brain.getContext(query) : "";
+        },
+        async init() {
+          if (!_initPromise) _initPromise = brain.init();
+          return _initPromise;
+        },
+
+        // Low-level access
+        instance: brain,
+        VectorStore,
+        embed,
+        embedBatch,
+        compact,
+        compactAndEmbed,
+        scanProject,
+        mapToChunks,
+
+        // Tool router — maps error types to tool chains
+        routeTools: route,
+        getRoutePrompt,
+        TOOL_ROUTES,
+      };
+    });
+  },
+
+  // ── AI Client ───────────────────────────────────────────────
+
+  get ai() {
+    return _lazy("ai", () => {
+      const client = _require("src/core/ai-client");
+      const { getModel, getEmbeddingModel, getModelConfig, detectProvider, MODEL_ROLES } = _require("src/core/models");
+
+      return {
+        // Make AI calls (auto-detects provider from model name)
+        call: client.aiCall,
+        callWithHistory: client.aiCallWithHistory,
+
+        // Embeddings
+        embed: async (text) => {
+          const { embed } = _require("src/brain/embedder");
+          return embed(text);
+        },
+
+        // Model utilities
+        getModel,
+        getEmbeddingModel,
+        getModelConfig,
+        detectProvider,
+        MODEL_ROLES,
+
+        // Token tracking
+        setTokenTracker: client.setTokenTracker,
+        getTrackerSnapshot: client.getTrackerSnapshot,
+      };
+    });
+  },
+
+  // ── Error Handling ──────────────────────────────────────────
+
+  get errors() {
+    return _lazy("errors", () => {
+      const { parseError, classifyError } = _require("src/core/error-parser");
+      const { route, getRoutePrompt } = _require("src/brain/tool-router");
+      const { Notifier, HUMAN_REQUIRED_PATTERNS } = _require("src/notifications/notifier");
+      const { LoopGuard } = _require("src/skills/loop-guard");
+
+      return {
+        // Parse error text → structured {file, line, message, errorType}
+        parse: parseError,
+        // Classify error → type (missing_module, syntax, runtime, etc.)
+        classify: classifyError,
+        // Map error type → recommended tool chain
+        routeTools: route,
+        getRoutePrompt,
+
+        // Detect if error needs human vs can be auto-fixed
+        HUMAN_REQUIRED_PATTERNS,
+        createNotifier: (opts) => new Notifier(opts),
+
+        // Loop detection — prevent infinite fix attempts
+        createLoopGuard: (opts) => new LoopGuard(_projectRoot, opts),
+      };
+    });
+  },
+
+  // ── Backup & Recovery ───────────────────────────────────────
+
+  get backup() {
+    return _lazy("backup", () => {
+      const { BackupManager } = _require("src/backup/backup-manager");
+      const manager = new BackupManager(_projectRoot);
+
+      return {
+        create: (reason) => manager.createBackup(reason),
+        rollback: (id) => manager.rollbackTo(id),
+        rollbackLatest: () => manager.rollbackLatest(),
+        undoRollback: () => manager.undoRollback(),
+        list: () => manager.list(),
+        getStats: () => manager.getStats(),
+        promote: (id) => manager.promote(id),
+        prune: () => manager.prune(),
+        instance: manager,
+      };
+    });
+  },
+
+  // ── Skills ──────────────────────────────────────────────────
+
+  get skills() {
+    return _lazy("skills", () => {
+      const { SkillRegistry } = _require("src/skills/skill-registry");
+      const registry = new SkillRegistry();
+      registry.load();
+
+      return {
+        // Skill registry
+        match: (query) => registry.match(query),
+        list: () => registry.getAll(),
+        registry,
+
+        // SQL injection protection
+        get sql() {
+          const { scanForInjection, deepScan, sqlGuard } = _require("src/skills/sql");
+          return { scanForInjection, deepScan, sqlGuard };
+        },
+
+        // Dependency analysis
+        get deps() {
+          const deps = _require("src/skills/deps");
+          return {
+            diagnose: deps.diagnose,
+            healthReport: deps.healthReport,
+            getMigration: deps.getMigration,
+          };
+        },
+
+        // Backup (alias)
+        get backup() {
+          const b = _require("src/skills/backup");
+          return { backup: b.backup, rollback: b.rollback, rollbackLatest: b.rollbackLatest, undoRollback: b.undoRollback, listBackups: b.listBackups };
+        },
+      };
+    });
+  },
+
+  // ── Monitoring ──────────────────────────────────────────────
+
+  get monitor() {
+    return _lazy("monitor", () => {
+      const { ErrorMonitor } = _require("src/monitor/error-monitor");
+      const { PerfMonitor } = _require("src/monitor/perf-monitor");
+      const { ProcessMonitor } = _require("src/monitor/process-monitor");
+      const { AdaptiveLimiter } = _require("src/monitor/adaptive-limiter");
+
+      return {
+        ErrorMonitor,
+        PerfMonitor,
+        ProcessMonitor,
+        AdaptiveLimiter,
+      };
+    });
+  },
+
+  // ── Logging & Metrics ───────────────────────────────────────
+
+  get logger() {
+    return _lazy("logger", () => {
+      const { EventLogger, EVENT_TYPES, SEVERITY } = _require("src/logger/event-logger");
+      const { TokenTracker } = _require("src/logger/token-tracker");
+      const { RepairHistory } = _require("src/logger/repair-history");
+
+      return {
+        createEventLogger: () => new EventLogger(_projectRoot),
+        createTokenTracker: () => new TokenTracker(_projectRoot),
+        createRepairHistory: () => new RepairHistory(_projectRoot),
+        EVENT_TYPES,
+        SEVERITY,
+      };
+    });
+  },
+
+  // ── Config ──────────────────────────────────────────────────
+
+  get config() {
+    return _lazy("config", () => {
+      const { loadConfig, getConfig } = _require("src/core/config");
+      return { load: loadConfig, get: getConfig };
+    });
+  },
+
+  // ── Agent Engine ────────────────────────────────────────────
+
+  get agent() {
+    return _lazy("agent", () => {
+      const { AgentEngine, TOOL_DEFINITIONS, BLOCKED_COMMANDS } = _require("src/agent/agent-engine");
+      const { Sandbox } = _require("src/security/sandbox");
+
+      return {
+        // Create a sandboxed agent engine
+        create: (opts = {}) => new AgentEngine({
+          cwd: opts.cwd || _projectRoot,
+          sandbox: opts.sandbox || new Sandbox(opts.cwd || _projectRoot),
+          maxTurns: opts.maxTurns || 25,
+          maxTokens: opts.maxTokens || 100000,
+          logger: opts.logger,
+          mcp: opts.mcp,
+        }),
+        TOOL_DEFINITIONS,
+        BLOCKED_COMMANDS,
+        AgentEngine,
+      };
+    });
+  },
+
+  // ── Server Context ──────────────────────────────────────────
+
+  get context() {
+    return _lazy("context", () => {
+      const { scan, load, getSummary } = _require("src/core/server-context");
+      return {
+        scan: () => scan(_projectRoot),
+        load: () => load(_projectRoot),
+        getSummary: () => getSummary(_projectRoot),
+      };
+    });
+  },
+
+  // ── Verification ────────────────────────────────────────────
+
+  get verify() {
+    return _lazy("verify", () => {
+      const { verifyFix, syntaxCheck, bootProbe } = _require("src/core/verifier");
+      return { verifyFix, syntaxCheck, bootProbe };
+    });
+  },
+
+  // ── MCP (Model Context Protocol) ───────────────────────────
+
+  get mcp() {
+    return _lazy("mcp", () => {
+      const { McpRegistry } = _require("src/mcp/mcp-registry");
+      return {
+        create: (opts = {}) => new McpRegistry({
+          projectRoot: _projectRoot,
+          ...opts,
+        }),
+        McpRegistry,
+      };
+    });
+  },
+
+  // ── Convenience: all-in-one scan ───────────────────────────
+
+  /**
+   * Run a fast security scan on text (regex injection + secrets). Sync, no AI call.
+   * For deep AI-powered injection scan, use api.security.detectInjection() (async).
+   * Returns { safe, injection, secrets, redacted }.
+   */
+  scanText(text) {
+    const sec = this.security;
+    const injectionResult = sec.localScan(text);
+    const hasSecretContent = sec.hasSecrets(text);
+    const redacted = sec.redact(text);
+
+    return {
+      safe: injectionResult.safe !== false && !hasSecretContent,
+      injection: injectionResult,
+      secrets: hasSecretContent,
+      redacted,
+    };
+  },
+
+  /**
+   * Diagnose an error: parse, classify, route tools, check if human-needed.
+   * Returns { parsed, type, tools, humanRequired }.
+   */
+  diagnoseError(errorText) {
+    const err = this.errors;
+    const parsed = err.parse(errorText);
+    const toolRoute = err.routeTools(parsed.errorType || "unknown");
+
+    // Check if human required
+    let humanRequired = false;
+    for (const pattern of err.HUMAN_REQUIRED_PATTERNS) {
+      if (pattern.test ? pattern.test(errorText) : errorText.includes(pattern)) {
+        humanRequired = true;
+        break;
+      }
+    }
+
+    return {
+      parsed,
+      type: parsed.errorType,
+      tools: toolRoute,
+      humanRequired,
+    };
+  },
+
+  /** Get the project root. */
+  get projectRoot() { return _projectRoot; },
+
+  /** Check if initialized. */
+  get initialized() { return _initialized; },
+};
+
+module.exports = { init, api };

package/wolverine-claw/bootstrap.js

@@ -0,0 +1,201 @@
+/**
+ * Wolverine Bootstrap — auto-preload for OpenClaw processes.
+ *
+ * Loaded via: node --require ./wolverine-claw/bootstrap.js <openclaw-cmd>
+ *
+ * This file is injected into the OpenClaw process BEFORE any user code runs.
+ * It makes the full wolverine API available globally without any imports:
+ *
+ *   // In any OpenClaw skill, plugin, or gateway code:
+ *   const scan = wolverine.scanText(userInput);
+ *   if (!scan.safe) throw new Error("Injection detected");
+ *
+ *   const results = await wolverine.brain.search("how to fix ECONNREFUSED");
+ *   wolverine.backup.create("before risky change");
+ *
+ * Also patches:
+ * - process.on("uncaughtException") → reports to wolverine heal pipeline
+ * - process.on("unhandledRejection") → same
+ * - Intercepts require("openclaw") → auto-registers wolverine plugin
+ */
+
+const path = require("path");
+const Module = require("module");
+
+// ── Initialize wolverine API ────────────────────────────────────
+
+const projectRoot = process.cwd();
+let api;
+
+try {
+  // Try loading from node_modules first (installed as dep)
+  let initFn;
+  try {
+    initFn = require("wolverine-ai/src/claw/wolverine-api").init;
+  } catch {
+    // Fallback: relative path (running from wolverine repo)
+    initFn = require(path.join(projectRoot, "src", "claw", "wolverine-api")).init;
+  }
+
+  api = initFn(projectRoot);
+
+  // Make wolverine globally accessible — no imports needed anywhere
+  global.wolverine = api;
+
+  // Also set on process for structured access
+  process.wolverine = api;
+
+  console.log("[wolverine] Bootstrap loaded — global.wolverine available");
+} catch (err) {
+  console.warn(`[wolverine] Bootstrap warning: ${err.message}`);
+  // Non-fatal — OpenClaw can still run without wolverine features
+}
+
+// ── Error handlers → wolverine heal pipeline ────────────────────
+
+if (api) {
+  // Catch uncaught exceptions and report to wolverine
+  process.on("uncaughtException", (err) => {
+    console.error(`[wolverine] Uncaught: ${err.message}`);
+    _reportError(err, "uncaughtException");
+    // Don't exit — let OpenClaw's own handler decide
+  });
+
+  process.on("unhandledRejection", (reason) => {
+    const err = reason instanceof Error ? reason : new Error(String(reason));
+    console.error(`[wolverine] Unhandled rejection: ${err.message}`);
+    _reportError(err, "unhandledRejection");
+  });
+}
+
+// ── Auto-register wolverine plugin into OpenClaw ────────────────
+
+const _originalLoad = Module._load;
+let _openclawPatched = false;
+
+Module._load = function (request, parent, isMain) {
+  const result = _originalLoad.apply(this, arguments);
+
+  // Hook into openclaw when it's first loaded
+  if (request === "openclaw" && !_openclawPatched && api) {
+    _openclawPatched = true;
+    _patchOpenClaw(result);
+  }
+
+  return result;
+};
+
+function _patchOpenClaw(openclaw) {
+  // Wrap gateway creation to auto-register wolverine plugin
+  const factories = ["createGateway", "Gateway", "start"];
+
+  for (const method of factories) {
+    if (typeof openclaw[method] !== "function") continue;
+
+    const original = openclaw[method];
+
+    if (method === "Gateway") {
+      // Constructor — wrap with class
+      openclaw[method] = class extends original {
+        constructor(...args) {
+          super(...args);
+          _autoRegisterPlugin(this);
+        }
+      };
+    } else {
+      // Factory function — wrap return value
+      openclaw[method] = async function (...args) {
+        const gateway = await original.apply(this, args);
+        if (gateway) _autoRegisterPlugin(gateway);
+        return gateway;
+      };
+    }
+  }
+
+  console.log("[wolverine] OpenClaw patched — plugin auto-registers on gateway start");
+}
+
+function _autoRegisterPlugin(gateway) {
+  try {
+    // Load and register the wolverine integration plugin
+    let pluginPath;
+    try {
+      pluginPath = require.resolve("wolverine-ai/wolverine-claw/plugins/wolverine-integration.js");
+    } catch {
+      pluginPath = path.join(projectRoot, "wolverine-claw", "plugins", "wolverine-integration.js");
+    }
+
+    const plugin = require(pluginPath);
+    const fs = require("fs");
+    const configPath = path.join(projectRoot, "wolverine-claw", "config", "settings.json");
+    let config = {};
+    try { config = JSON.parse(fs.readFileSync(configPath, "utf-8")); } catch {}
+
+    plugin.register(gateway, config);
+    console.log("[wolverine] Plugin auto-registered into OpenClaw gateway");
+  } catch (err) {
+    console.warn(`[wolverine] Plugin auto-register warning: ${err.message}`);
+  }
+}
+
+// ── Scan incoming text for injection (available as middleware) ───
+
+/**
+ * Express/Fastify middleware that scans all request bodies for injection.
+ * Usage: app.use(wolverine.middleware.injectionGuard);
+ */
+if (api) {
+  api.middleware = {
+    injectionGuard: (req, res, next) => {
+      // Fastify-style (req.body is already parsed)
+      const body = typeof req.body === "string" ? req.body : JSON.stringify(req.body || "");
+      if (body.length > 10) {
+        const scan = api.scanText(body);
+        if (!scan.safe) {
+          const code = scan.injection?.safe === false ? 403 : 400;
+          const msg = scan.injection?.safe === false ? "Blocked: injection detected" : "Blocked: contains secrets";
+          if (res.code) {
+            // Fastify
+            res.code(code).send({ error: msg });
+          } else {
+            // Express
+            res.status(code).json({ error: msg });
+          }
+          return;
+        }
+      }
+      if (next) next();
+    },
+  };
+}
+
+// ── IPC error reporting ─────────────────────────────────────────
+
+function _reportError(err, source) {
+  if (typeof process.send !== "function") return;
+
+  try {
+    let file = null, line = null;
+    if (err.stack) {
+      const frames = err.stack.split("\n");
+      for (const frame of frames) {
+        const m = frame.match(/\(([^)]+):(\d+):(\d+)\)/) || frame.match(/at\s+([^\s(]+):(\d+):(\d+)/);
+        if (m && !m[1].includes("node_modules") && !m[1].includes("node:")) {
+          file = m[1]; line = parseInt(m[2], 10); break;
+        }
+      }
+    }
+
+    process.send({
+      type: "route_error",
+      path: `claw://${source}`,
+      method: "INTERNAL",
+      statusCode: 500,
+      message: err.message?.slice(0, 500),
+      stack: err.stack?.slice(0, 2000),
+      file,
+      line,
+      timestamp: Date.now(),
+    });
+  } catch {}
+}