mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-02 11:45:20 +02:00
Garry Tan
9dbaf906cf
* feat(gbrain-sync): queue primitives + writer shims
Adds bin/gstack-brain-enqueue (atomic append to sync queue) and
bin/gstack-jsonl-merge (git merge driver, ts-sort with SHA-256 fallback).
Wires one backgrounded enqueue call into learnings-log, timeline-log,
review-log, and developer-profile --migrate. question-log and
question-preferences stay local per Codex v2 decision.
gstack-config gains gbrain_sync_mode (off/artifacts-only/full) and
gbrain_sync_mode_prompted keys, plus GSTACK_HOME env alignment so
tests don't leak into real ~/.gstack/config.yaml.
* feat(gbrain-sync): --once drain + secret scan + push
bin/gstack-brain-sync is the core sync binary. Subcommands: --once
(drain queue, allowlist-filter, privacy-class-filter, secret-scan
staged diff, commit with template, push with fetch+merge retry),
--status, --skip-file <path>, --drop-queue --yes, --discover-new
(cursor-based detection of artifact writes that skip the shim).
Secret regex families: AWS keys, GitHub tokens (ghp_/gho_/ghu_/ghs_/
ghr_/github_pat_), OpenAI sk-, PEM blocks, JWTs, bearer-token-in-JSON.
On hit: unstage, preserve queue, print remediation hint (--skip-file
or edit), exit clean. No daemon — invoked by preamble at skill
boundaries.
* feat(gbrain-sync): init, restore, uninstall, consumer registry
bin/gstack-brain-init: idempotent first-run. git init ~/.gstack/,
.gitignore=*, canonical .brain-allowlist + .brain-privacy-map.json,
pre-commit secret-scan hook (defense-in-depth), merge driver registration
via git config, gh repo create --private OR arbitrary --remote <url>,
initial push, ~/.gstack-brain-remote.txt for new-machine discovery,
GBrain consumer registration via HTTP POST.
bin/gstack-brain-restore: safe new-machine bootstrap. Refuses clobber
of existing allowlisted files, clones to staging, rsync-copies tracked
files, re-registers merge drivers (required — not cloned from remote),
rehydrates consumers.json, prompts for per-consumer tokens.
bin/gstack-brain-uninstall: clean off-ramp. Removes .git + .brain-*
files + consumers.json + config keys. Preserves user data (learnings,
plans, retros, profile). Optional --delete-remote for GitHub repos.
bin/gstack-brain-consumer + bin/gstack-brain-reader (symlink alias):
registry management. Internal 'consumer' term; user-facing 'reader'
per DX review decision.
* feat(gbrain-sync): preamble block — privacy gate + boundary sync
scripts/resolvers/preamble/generate-brain-sync-block.ts emits bash that
runs at every skill invocation:
- Detects ~/.gstack-brain-remote.txt on machines without local .git
and surfaces a restore-available hint (does NOT auto-run restore).
- Runs gstack-brain-sync --once at skill start to drain any pending
writes (and at skill end via prose instruction).
- Once-per-day auto-pull (cached via .brain-last-pull) for append-only
JSONL files.
- Emits BRAIN_SYNC: status line every skill run.
Also emits prose for the host LLM to fire the one-time privacy
stop-gate (full / artifacts-only / off) when gbrain is detected and
gbrain_sync_mode_prompted is false. Wired into preamble.ts composition.
* test(gbrain-sync): 27-test consolidated suite
test/brain-sync.test.ts covers:
- Config: validation, defaults, GSTACK_HOME env isolation
- Enqueue: no-op gates, skip list, concurrent atomicity, JSON escape
- JSONL merge driver: 3-way + ts-sort + SHA-256 fallback
- Init + sync: canonical file creation, merge driver registration,
push-reject + fetch+merge retry path
- Init refuses different remote (idempotency)
- Cross-machine restore round-trip (machine A write → machine B sees)
- Secret scan across all 6 regex families (AWS, GH, OpenAI, PEM, JWT,
bearer-JSON). --skip-file unblock remediation
- Uninstall removes sync config, preserves user data
- --discover-new idempotence via mtime+size cursor
Behaviors verified via integration smokes during implementation. Known
follow-up: bun-test 5s default timeout needs 30s wrapper for
spawnSync-heavy tests.
* docs(gbrain-sync): user guide + error lookup + README section
docs/gbrain-sync.md: setup walkthrough, privacy modes, cross-machine
workflow, secret protection, two-machine conflict handling, uninstall,
troubleshooting reference.
docs/gbrain-sync-errors.md: problem/cause/fix index for every
user-visible error. Patterned on Rust's error docs + Stripe's API
error reference.
README.md: 'Cross-machine memory with GBrain sync' section near the
top (discovery moment), plus docs-table entry.
* chore: bump version and changelog (v1.7.0.0)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* chore: regenerate SKILL.md files for gbrain-sync preamble block
Re-runs bun run gen:skill-docs after adding generateBrainSyncBlock
to scripts/resolvers/preamble.ts in a2aa8a07. CI check-freshness
caught the drift. All 36 SKILL.md files regenerated with the new
skill-start bash block + privacy-gate prose + skill-end sync
instructions baked in.
* fix(test): session-awareness reads AskUserQuestion Format from a Tier 2+ SKILL.md
The test was reading ROOT/SKILL.md (browse skill, Tier 1) which never
contained '## AskUserQuestion Format' — that section is only emitted
for Tier 2+ skills by scripts/resolvers/preamble.ts. As a result the
agent was prompted with an empty format guide and only emitted
'RECOMMENDATION' intermittently, making the test flaky.
Pre-existing on main (same ROOT/SKILL.md shape there) — surfaced now
because the agent run didn't hit the RECOMMENDATION/recommend/option a
fallback strings in this particular attempt.
Fix: read from office-hours/SKILL.md (Tier 3, always has the section)
with a fallback that scans for the first top-level skill dir whose
SKILL.md contains the header. Future template moves won't break this
test again.
* chore: bump to v1.9.0.0 for gbrain-sync landing
Changes just the VERSION + package.json + CHANGELOG header (1.7.0.0 → 1.9.0.0
and date 2026-04-22 → 2026-04-23). No code changes. User call: land gbrain-sync
as a bigger-signal release above main's 1.6.4.0, skipping 1.8.0.0.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
172 lines
6.4 KiB
Bash
Executable File
172 lines
6.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# gstack-question-log — append an AskUserQuestion event to the project log.
|
|
#
|
|
# Usage:
|
|
# gstack-question-log '{"skill":"ship","question_id":"ship-test-failure-triage",\
|
|
# "question_summary":"Tests failed","options_count":3,"user_choice":"fix-now",\
|
|
# "recommended":"fix-now","session_id":"ppid"}'
|
|
#
|
|
# v1: log-only. Consumed by /plan-tune inspection and (in v2) by the
|
|
# inferred-dimension derivation pipeline.
|
|
#
|
|
# Schema (all fields validated):
|
|
# skill — skill name (kebab-case)
|
|
# question_id — either a registered id (preferred) or ad-hoc `{skill}-{slug}`
|
|
# question_summary — short one-liner of what was asked (<= 200 chars)
|
|
# category — approval | clarification | routing | cherry-pick | feedback-loop
|
|
# (optional — looked up from registry if omitted)
|
|
# door_type — one-way | two-way
|
|
# (optional — looked up from registry if omitted)
|
|
# options_count — number of options presented (positive integer)
|
|
# user_choice — key user selected (free string; registry-options preferred)
|
|
# recommended — option key the agent recommended (optional)
|
|
# followed_recommendation — bool (optional — computed if both present)
|
|
# session_id — stable session identifier
|
|
# ts — ISO 8601 timestamp (auto-injected if missing)
|
|
#
|
|
# Append-only JSONL. Dedup is at read time in gstack-question-sensitivity --read-log.
|
|
set -euo pipefail
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
eval "$("$SCRIPT_DIR/gstack-slug" 2>/dev/null)"
|
|
GSTACK_HOME="${GSTACK_HOME:-$HOME/.gstack}"
|
|
mkdir -p "$GSTACK_HOME/projects/$SLUG"
|
|
|
|
INPUT="$1"
|
|
|
|
# Validate and enrich from registry.
|
|
TMPERR=$(mktemp)
|
|
trap 'rm -f "$TMPERR"' EXIT
|
|
set +e
|
|
VALIDATED=$(printf '%s' "$INPUT" | bun -e "
|
|
const path = require('path');
|
|
const raw = await Bun.stdin.text();
|
|
let j;
|
|
try { j = JSON.parse(raw); } catch { process.stderr.write('gstack-question-log: invalid JSON\n'); process.exit(1); }
|
|
|
|
// Required: skill (kebab-case)
|
|
if (!j.skill || !/^[a-z0-9-]+\$/.test(j.skill)) {
|
|
process.stderr.write('gstack-question-log: invalid skill, must be kebab-case\n');
|
|
process.exit(1);
|
|
}
|
|
|
|
// Required: question_id (kebab-case, <=64 chars)
|
|
if (!j.question_id || !/^[a-z0-9-]+\$/.test(j.question_id) || j.question_id.length > 64) {
|
|
process.stderr.write('gstack-question-log: invalid question_id, must be kebab-case <=64 chars\n');
|
|
process.exit(1);
|
|
}
|
|
|
|
// Required: question_summary (non-empty, <=200 chars, no newlines)
|
|
if (typeof j.question_summary !== 'string' || !j.question_summary.length) {
|
|
process.stderr.write('gstack-question-log: question_summary required\n');
|
|
process.exit(1);
|
|
}
|
|
if (j.question_summary.length > 200) {
|
|
j.question_summary = j.question_summary.slice(0, 200);
|
|
}
|
|
if (j.question_summary.includes('\n')) {
|
|
j.question_summary = j.question_summary.replace(/\n+/g, ' ');
|
|
}
|
|
|
|
// Injection defense on the summary — same patterns as learnings-log.
|
|
const INJECTION_PATTERNS = [
|
|
/ignore\s+(all\s+)?previous\s+(instructions|context|rules)/i,
|
|
/you\s+are\s+now\s+/i,
|
|
/always\s+output\s+no\s+findings/i,
|
|
/skip\s+(all\s+)?(security|review|checks)/i,
|
|
/override[:\s]/i,
|
|
/\bsystem\s*:/i,
|
|
/\bassistant\s*:/i,
|
|
/\buser\s*:/i,
|
|
/do\s+not\s+(report|flag|mention)/i,
|
|
];
|
|
for (const pat of INJECTION_PATTERNS) {
|
|
if (pat.test(j.question_summary)) {
|
|
process.stderr.write('gstack-question-log: question_summary contains suspicious instruction-like content, rejected\n');
|
|
process.exit(1);
|
|
}
|
|
}
|
|
|
|
// Registry lookup for category + door_type enrichment.
|
|
// Registry file is at \$GSTACK_ROOT/scripts/question-registry.ts, but we don't import
|
|
// TypeScript at runtime here — we pass through what was provided and fill in defaults.
|
|
// The caller (the preamble resolver) is expected to pass category+door_type from
|
|
// the registry when it knows them; for ad-hoc ids both can be omitted.
|
|
|
|
const ALLOWED_CATEGORIES = ['approval', 'clarification', 'routing', 'cherry-pick', 'feedback-loop'];
|
|
if (j.category !== undefined) {
|
|
if (!ALLOWED_CATEGORIES.includes(j.category)) {
|
|
process.stderr.write('gstack-question-log: invalid category, must be one of: ' + ALLOWED_CATEGORIES.join(', ') + '\n');
|
|
process.exit(1);
|
|
}
|
|
}
|
|
|
|
const ALLOWED_DOORS = ['one-way', 'two-way'];
|
|
if (j.door_type !== undefined) {
|
|
if (!ALLOWED_DOORS.includes(j.door_type)) {
|
|
process.stderr.write('gstack-question-log: invalid door_type, must be one-way or two-way\n');
|
|
process.exit(1);
|
|
}
|
|
}
|
|
|
|
// options_count — positive integer if present
|
|
if (j.options_count !== undefined) {
|
|
const n = Number(j.options_count);
|
|
if (!Number.isInteger(n) || n < 1 || n > 26) {
|
|
process.stderr.write('gstack-question-log: options_count must be integer in [1, 26]\n');
|
|
process.exit(1);
|
|
}
|
|
j.options_count = n;
|
|
}
|
|
|
|
// user_choice — required; <= 64 chars; single-line; no injection patterns
|
|
if (typeof j.user_choice !== 'string' || !j.user_choice.length) {
|
|
process.stderr.write('gstack-question-log: user_choice required\n');
|
|
process.exit(1);
|
|
}
|
|
if (j.user_choice.length > 64) j.user_choice = j.user_choice.slice(0, 64);
|
|
j.user_choice = j.user_choice.replace(/\n+/g, ' ');
|
|
|
|
// recommended — optional, same constraints as user_choice
|
|
if (j.recommended !== undefined) {
|
|
if (typeof j.recommended !== 'string') {
|
|
process.stderr.write('gstack-question-log: recommended must be string\n');
|
|
process.exit(1);
|
|
}
|
|
if (j.recommended.length > 64) j.recommended = j.recommended.slice(0, 64);
|
|
}
|
|
|
|
// followed_recommendation — compute if both sides present.
|
|
if (j.recommended !== undefined && j.user_choice !== undefined) {
|
|
j.followed_recommendation = j.user_choice === j.recommended;
|
|
}
|
|
|
|
// session_id — kebab-friendly; <=64 chars
|
|
if (j.session_id !== undefined) {
|
|
if (typeof j.session_id !== 'string') {
|
|
process.stderr.write('gstack-question-log: session_id must be string\n');
|
|
process.exit(1);
|
|
}
|
|
if (j.session_id.length > 64) j.session_id = j.session_id.slice(0, 64);
|
|
}
|
|
|
|
// Inject timestamp if not present.
|
|
if (!j.ts) j.ts = new Date().toISOString();
|
|
|
|
console.log(JSON.stringify(j));
|
|
" 2>"$TMPERR")
|
|
VALIDATE_RC=$?
|
|
set -e
|
|
|
|
if [ $VALIDATE_RC -ne 0 ] || [ -z "$VALIDATED" ]; then
|
|
if [ -s "$TMPERR" ]; then
|
|
cat "$TMPERR" >&2
|
|
fi
|
|
exit 1
|
|
fi
|
|
|
|
echo "$VALIDATED" >> "$GSTACK_HOME/projects/$SLUG/question-log.jsonl"
|
|
|
|
# NOTE: question-log.jsonl is deliberately NOT enqueued for gbrain-sync.
|
|
# Per Codex v2 review, audit/derivation data stays local alongside the
|
|
# question-preferences.json it annotates.
|