CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-06-10 20:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
41c6d3ebf63ecfb3cfa30e847c8de249ba690664
gstack/test/helpers/carve-guard-checks.ts
T
Garry Tan e722c5bf89 v1.57.0.0 feat: carve-guard system + carve cso/document-release/design-consultation (#1907) 
* test: canonical CARVE_GUARDS registry; derive parity + size-budget from it

Single source of truth for the carved-skill set + per-skill invariants
(EQ1). parity-harness.ts sectioned entries and skill-size-budget.ts
SECTIONS_EXTRACTED now derive from it instead of hand-maintained lists.
Closes a pre-existing drift: plan-devex-review was in SECTIONS_EXTRACTED
but had no sectioned parity invariant; now generated. carve-guards.ts is
a pure leaf data module (import type only) to avoid an import cycle.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: shared carve-guard check fns with injectable root

discoverCarvedSkills/checkOrdering/checkCompleteness take a root param so
the negative tests can point the real guards at a fixture dir.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: E2 data-driven carve static ordering guard (gate)

Per-PR backstop for every carved skill, one test() per skill, driven by
CARVE_GUARDS staticInvariants. Generalizes + retires the ceo-specific
ordering test.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: E1 carve-guard completeness meta-guard (gate)

Asserts filesystem carved set == CARVE_GUARDS set both directions, so a
future carve without a registry entry fails CI.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: ET1 guard-of-guards negative tests (gate)

Temp fixture broken 3 ways proves E1/E2 actually throw, via the injectable
root. Kills the silent-pass-guard failure class.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: T2 data-driven behavioral section-loading guard (periodic)

One file iterating CARVE_GUARDS, one test() per skill with GSTACK_CARVE_SKILL
cost-scoping (D-CODEX A). external carves (ship, plan-ceo) keep bespoke
tests; testNames aligned to their touchfile keys. Registered in touchfiles.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* docs: defer E3 real-session carve canary to TODOS

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* feat: carve document-release into skeleton + on-demand section

Steps 2-9 (per-file audit, auto-updates, risky-change asks, CHANGELOG
voice polish, cross-doc consistency, TODOS cleanup, VERSION bump, commit +
PR body) move to sections/release-body.md, read on demand after the Step
1.5 coverage map. Skeleton 59,256 -> 45,797 B (-23%); union preserved.
Adds the CARVE_GUARDS entry (auto-extends parity + size-budget via EQ1).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* feat: carve design-consultation into skeleton + on-demand section

Phases 3-6 (complete proposal, drill-downs, design preview, writing
DESIGN.md) move to sections/proposal-and-preview.md, read on demand after
product context + research. Skeleton 80,719 -> 59,229 B (-27%); union
preserved. Adds the CARVE_GUARDS entry.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* feat: carve cso into skeleton + on-demand section (security-safe)

Scope-dependent audit Phases 2-11 move to sections/audit-phases.md. Mode
dispatch (## Arguments, ## Mode Resolution), always-run Phases 0/1, and the
Phase 12 false-positive-filtering exceptions stay ALWAYS-LOADED in the
skeleton. Skeleton 79,383 -> 65,117 B (-18%); union preserved.

Adds a cso CARVE_GUARDS entry with an earliest-use invariant (mustPrecedeStop):
mode dispatch must appear before any STOP-Read, so a directive that decides
which sections to read can't be stranded behind the STOP that reads them
(codex outside-voice #6). carve-guard-checks gains the mustPrecedeStop check.
parity moves cso monolith -> generated carved entry. cso-preserved.test.ts
strengthened: phrases checked against the union, plus an always-loaded
contract on the skeleton (dispatch + FP-filtering, codex #5).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* test: make redaction/taxonomy tests union-aware for cso + document-release carves

The cso carve moved Secrets Archaeology (prefixes, lib/redact-patterns.ts
pointer, git-history scan) into sections/audit-phases.md, and the
document-release carve moved the Step 9 PR-body redaction scan into
sections/release-body.md. Three content-presence tests asserted that content
in the skeleton SKILL.md/.md.tmpl; they now read the skeleton+sections union
(same fix as cso-preserved + parity).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* chore: bump version and changelog (v1.57.0.0)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* fix: address pre-landing review (codex) on the carve

- cso section: add a scope-gate header so '--owasp' (and other scoped modes)
  run only their selected phases, not every phase bundled in the section
  ('execute in full' no longer overrides Mode Resolution).
- carve-guard-checks: gateAfterStop now compares against the LAST STOP, not the
  first, so a gate stranded between two STOPs in a multi-STOP skeleton fails.
- TODOS: behavioral section-loading hermeticity (verifier matches global-install
  path, not the fixture) — pre-existing in auq-sdk-capture.ts, deferred.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-07 19:13:24 -07:00

178 lines
6.7 KiB
TypeScript
Raw Blame History

/**
* Pure carve-guard check functions, with an injectable `root` (codex
* outside-voice #5, refined-plan pass) so the negative tests (T5) can point the
* REAL guards at a broken fixture dir instead of testing a wrapper.
*
* Used by:
* - test/carve-section-ordering.test.ts (E2) → checkOrdering
* - test/carve-guard-completeness.test.ts (E1) → discoverCarvedSkills + checkCompleteness
* - test/carve-guards-negative.test.ts (T5) → both, against a fixture root
*
* Imports only the leaf data module (carve-guards.ts) + node stdlib — no cycle.
*/
import * as fs from 'fs';
import * as path from 'path';
import { CARVE_GUARDS, type CarveGuard } from './carve-guards';
/** Every dir under `root` that owns a sections/manifest.json. Injectable for tests. */
export function discoverCarvedSkills(root: string): string[] {
return fs
.readdirSync(root, { withFileTypes: true })
.filter((d) => d.isDirectory())
.map((d) => d.name)
.filter((name) => fs.existsSync(path.join(root, name, 'sections', 'manifest.json')))
.sort();
}
function readSkeleton(root: string, skill: string): string {
return fs.readFileSync(path.join(root, skill, 'SKILL.md'), 'utf-8');
}
/** Skeleton + every sections/*.md unioned (relocated content still counts). */
function readUnion(root: string, skill: string): string {
let text = readSkeleton(root, skill);
const dir = path.join(root, skill, 'sections');
if (fs.existsSync(dir)) {
for (const f of fs.readdirSync(dir).sort()) {
if (f.endsWith('.md') && !f.endsWith('.md.tmpl')) {
text += '\n' + fs.readFileSync(path.join(dir, f), 'utf-8');
}
}
}
return text;
}
const STOP = '> **STOP.**';
/**
* Static ordering invariants for one carved skill. Returns a list of failure
* strings (empty = pass). Pure: takes `root` so it runs against the real repo or
* a fixture identically.
*/
export function checkOrdering(root: string, guard: CarveGuard): string[] {
const failures: string[] = [];
let skeleton: string;
try {
skeleton = readSkeleton(root, guard.skill);
} catch (err) {
return [`cannot read ${guard.skill}/SKILL.md: ${(err as Error).message}`];
}
const union = readUnion(root, guard.skill);
// 1. The skeleton routes to sections via a Section index + STOP-Read directives.
if (!skeleton.includes('## Section index')) {
failures.push('skeleton is missing the "## Section index" table');
}
if (!skeleton.includes(STOP)) {
failures.push('skeleton has no STOP-Read directive');
}
// 2. Every expected section is referenced by path AND generated (AUTO-GENERATED).
for (const file of guard.expectedSections) {
if (!skeleton.includes(`sections/${file}`)) {
failures.push(`skeleton does not reference sections/${file}`);
}
const secPath = path.join(root, guard.skill, 'sections', file);
if (!fs.existsSync(secPath)) {
failures.push(`section file missing: sections/${file}`);
} else if (!fs.readFileSync(secPath, 'utf-8').slice(0, 200).includes('AUTO-GENERATED')) {
failures.push(`sections/${file} is hand-edited (no AUTO-GENERATED header)`);
}
}
// 3. Pre-STOP anchors stay in the skeleton.
for (const anchor of guard.staticInvariants.mustStayInSkeleton) {
if (!skeleton.includes(anchor)) {
failures.push(`mustStayInSkeleton anchor missing from skeleton: "${anchor}"`);
}
}
// 3b. Earliest-use: dispatch directives must appear BEFORE the first STOP
// (codex #6 — a directive that governs which sections to read can't sit after
// the STOP that reads them).
const firstStopIdx = skeleton.indexOf(STOP);
for (const anchor of guard.staticInvariants.mustPrecedeStop ?? []) {
const at = skeleton.indexOf(anchor);
if (at < 0) {
failures.push(`mustPrecedeStop anchor missing from skeleton: "${anchor}"`);
} else if (firstStopIdx >= 0 && at > firstStopIdx) {
failures.push(`mustPrecedeStop anchor "${anchor}" appears AFTER the STOP (stranded)`);
}
}
// 4. Heavy body moved out of the skeleton but is preserved in the union.
for (const moved of guard.staticInvariants.mustMoveToSection) {
if (skeleton.includes(moved)) {
failures.push(`mustMoveToSection marker is still in the skeleton: "${moved}"`);
}
if (!union.includes(moved)) {
failures.push(`mustMoveToSection marker absent from the union (lost): "${moved}"`);
}
}
// 5. The post-STOP gate fires after the last STOP (review skills).
const gate = guard.staticInvariants.gateAfterStop;
if (gate) {
// Gate must fire after the LAST STOP (once all section work returns), not just
// the first — for multi-STOP skeletons a gate between two STOPs is stranded.
const lastStop = skeleton.lastIndexOf(STOP);
const lastGate = skeleton.lastIndexOf(gate);
if (lastGate < 0) {
failures.push(`gateAfterStop marker missing from skeleton: "${gate}"`);
} else if (lastStop >= 0 && lastGate < lastStop) {
failures.push(`gateAfterStop "${gate}" appears before the last STOP (stranded above it)`);
}
}
return failures;
}
/**
* Completeness (E1): the filesystem carved set must equal the registry set, both
* directions, and every registry entry must be internally consistent. Pure:
* takes `root`.
*/
export function checkCompleteness(root: string): string[] {
const failures: string[] = [];
const discovered = new Set(discoverCarvedSkills(root));
const registered = new Set(Object.keys(CARVE_GUARDS));
for (const skill of discovered) {
if (!registered.has(skill)) {
failures.push(`carved on disk but NOT in CARVE_GUARDS (unguarded carve): ${skill}`);
}
}
for (const skill of registered) {
if (!discovered.has(skill)) {
failures.push(`in CARVE_GUARDS but not carved on disk (stale registry entry): ${skill}`);
}
}
for (const [skill, g] of Object.entries(CARVE_GUARDS)) {
if (g.expectedSections.length === 0) {
failures.push(`${skill}: expectedSections is empty`);
}
if (g.requiredReads.length === 0) {
failures.push(`${skill}: requiredReads is empty (behavioral guard would be decorative)`);
}
for (const r of g.requiredReads) {
if (!g.expectedSections.includes(r)) {
failures.push(`${skill}: requiredRead "${r}" is not in expectedSections`);
}
}
// Behavioral guard exists: 'plan'/'prompt' are covered structurally by the
// data-driven loop (registry membership IS coverage); 'external' must name a
// dedicated test file that actually exists on disk.
if (g.behavioral === 'external') {
if (!g.externalTest) {
failures.push(`${skill}: behavioral 'external' but no externalTest path`);
} else if (!fs.existsSync(path.join(root, g.externalTest))) {
failures.push(`${skill}: externalTest missing on disk: ${g.externalTest}`);
}
}
}
return failures;
}
Reference in New Issue View Git Blame Copy Permalink