UNPKG

@blundergoat/goat-flow

Version:

AI coding agent harness and local dashboard for Claude Code, OpenAI Codex, Google Antigravity, and GitHub Copilot - setup audits, guardrails, structured skills, deny hooks, and persistent learning loops.

github.com/blundergoat/goat-flow

blundergoat/goat-flow

220 lines 9.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
/** * Shared evidence envelope for local runtime producers. * * The envelope adapts the existing CheckEvidence provenance contract instead * of inventing a parallel event schema. Producers add the small runtime field * set needed to answer "what happened locally?" while payloads stay redacted by * default and writes remain non-fatal. */ import { appendFileSync, existsSync, mkdirSync, readFileSync, readdirSync, } from "node:fs"; import { join } from "node:path"; import { validateProvenance } from "../audit/provenance-types.js"; import { isRedactedEvidenceValue, } from "./redaction.js"; const EVENTS_LOG_RELATIVE_DIR = ".goat-flow/logs/events"; const ENVELOPE_FRAMEWORK_EVIDENCE = "src/cli/evidence/envelope.ts"; // Cap tails at 500 entries so dashboard reads stay bounded even when daily JSONL logs grow. const MAX_TAIL_LIMIT = 500; const SENSITIVE_PAYLOAD_KEY = /^(?:prompt|output|terminal_output|terminal_scrollback|scrollback|upload_content|upload_data|screenshot|raw_json|raw_html|raw_tool_output|tool_output|bucket_body)$/iu; const VALID_ACTORS = new Set(["dashboard", "cli", "server"]); /** Resolve the gitignored event-log directory under the selected project root. */ function eventsLogDir(projectRoot) { return join(projectRoot, EVENTS_LOG_RELATIVE_DIR); } /** Normalize optional caller timestamps while defaulting local events to current time. */ function timestampString(timestamp) { if (timestamp instanceof Date) return timestamp.toISOString(); return timestamp ?? new Date().toISOString(); } /** Check the timestamp format expected by envelope filenames and provenance dates. */ function isIsoTimestamp(timestamp) { return (/^\d{4}-\d{2}-\d{2}T/u.test(timestamp) && !Number.isNaN(Date.parse(timestamp))); } /** Narrow parsed JSON and payload values to object records before key inspection. */ function isRecord(candidate) { return (typeof candidate === "object" && candidate !== null && !Array.isArray(candidate)); } /** Recursively require redaction markers for sensitive payload keys. */ function validatePayloadValue(key, value, path) { if (isRedactedEvidenceValue(value)) return []; if (SENSITIVE_PAYLOAD_KEY.test(key)) { return [`${path} must be a redacted evidence value`]; } if (value === null || typeof value === "string" || typeof value === "number" || typeof value === "boolean") { return []; } if (Array.isArray(value)) { return value.flatMap((item, index) => validatePayloadValue(key, item, `${path}[${index}]`)); } return Object.entries(value).flatMap(([childKey, childValue]) => validatePayloadValue(childKey, childValue, `${path}.${childKey}`)); } /** Validate the optional payload without rejecting the envelope when no payload exists. */ function validatePayload(payload) { if (payload === undefined) return []; if (!isRecord(payload)) return ["payload must be an object"]; return Object.entries(payload).flatMap(([key, value]) => validatePayloadValue(key, value, `payload.${key}`)); } function applyEnvelopeOptionalFields(envelope, input) { if (input.provenance?.evidence_paths) { envelope.evidence_paths = input.provenance.evidence_paths; } if (input.provenance?.target_evidence_paths) { envelope.target_evidence_paths = input.provenance.target_evidence_paths; } if (input.provenance?.reason) { envelope.reason = input.provenance.reason; } if (input.payload) { envelope.payload = input.payload; } } /** * Build a validated envelope shape from one local runtime event. * * @param input - Runtime event details and optional provenance override. * @returns Evidence envelope ready for validation or append. */ export function createEvidenceEnvelope(input) { const timestamp = timestampString(input.timestamp); const envelope = { source_type: "spec", source_urls: input.provenance?.source_urls ?? [], verified_on: timestamp.slice(0, 10), normative_level: "BEST_PRACTICE", framework_evidence_paths: input.provenance?.framework_evidence_paths ?? [ ENVELOPE_FRAMEWORK_EVIDENCE, ], producer: input.producer ?? "goat-flow", event_kind: input.eventType, actor: input.actor, timestamp, project_path: input.projectRoot, }; applyEnvelopeOptionalFields(envelope, input); return envelope; } /** * Validate runtime envelope fields while delegating provenance rules. * * @param envelope - Envelope to validate. * @param pathExists - Optional path-existence predicate for provenance checks. * @returns Human-readable validation errors; an empty array means valid. */ export function validateEvidenceEnvelope(envelope, pathExists) { const errors = validateProvenance(envelope, pathExists); if (!envelope.producer.trim()) errors.push("producer must be non-empty"); if (!VALID_ACTORS.has(envelope.actor)) { errors.push(`actor must be one of: ${Array.from(VALID_ACTORS).join(", ")}`); } if (!envelope.event_kind.trim()) errors.push("event_kind must be non-empty"); if (!isIsoTimestamp(envelope.timestamp)) { errors.push(`timestamp must be an ISO-8601 timestamp, got ${envelope.timestamp}`); } if (envelope.verified_on !== envelope.timestamp.slice(0, 10)) { errors.push("verified_on must match the timestamp date"); } if (!envelope.project_path.trim()) { errors.push("project_path must be non-empty"); } errors.push(...validatePayload(envelope.payload)); return errors; } function warn(options, message) { if (options?.onWarning) { options.onWarning(message); return; } console.warn(message); } /** * Append one envelope to the local gitignored JSONL event log. Never throws. * * @param projectRoot - Project root that owns `.goat-flow/logs/events`. * @param envelope - Validated or caller-created envelope to append. * @param options - Optional warning callback for non-fatal validation or filesystem failures. * @returns Append outcome with a path on success and an error string on failure. */ export function appendEvidenceEnvelope(projectRoot, envelope, options) { try { const errors = validateEvidenceEnvelope(envelope); if (errors.length > 0) { const error = `invalid evidence envelope: ${errors.join("; ")}`; warn(options, `[evidence] ${error}`); return { ok: false, path: null, error }; } const dir = eventsLogDir(projectRoot); mkdirSync(dir, { recursive: true }); const path = join(dir, `${envelope.timestamp.slice(0, 10)}.jsonl`); appendFileSync(path, `${JSON.stringify(envelope)}\n`, "utf-8"); return { ok: true, path }; } catch (error) { const message = error instanceof Error ? error.message : String(error); warn(options, `[evidence] failed to append event: ${message}`); return { ok: false, path: null, error: message }; } } /** * Convenience producer helper for common dashboard/server event emission. * * @param input - Runtime event details to envelope and append. * @param options - Optional warning callback for append failures. * @returns Append outcome from the underlying non-throwing writer. */ export function recordEvidenceEvent(input, options) { return appendEvidenceEnvelope(input.projectRoot, createEvidenceEnvelope(input), options); } /** Return sorted daily JSONL event logs; invariant: filenames must preserve chronology. */ function eventLogFiles(projectRoot) { const dir = eventsLogDir(projectRoot); if (!existsSync(dir)) return []; return readdirSync(dir) .filter((name) => /^\d{4}-\d{2}-\d{2}\.jsonl$/u.test(name)) .sort() .map((name) => join(dir, name)); } /** Parse one JSONL entry; swallows malformed JSON or invalid envelopes as unreadable history. */ function parseEnvelopeLine(line) { if (!line.trim()) return null; try { const parsed = JSON.parse(line); if (!isRecord(parsed)) return null; const candidate = parsed; return validateEvidenceEnvelope(candidate).length === 0 ? candidate : null; } catch { return null; } } /** * Read the newest local event envelopes, preserving chronological order. * * @param projectRoot - Project root whose gitignored event logs should be tailed. * @param limit - Requested maximum number of newest envelopes; capped for bounded reads. * @returns Valid envelopes from the newest tail window. */ export function tailEvidenceEvents(projectRoot, limit = 20) { const boundedLimit = Math.max(1, Math.min(limit, MAX_TAIL_LIMIT)); const entries = eventLogFiles(projectRoot).flatMap((path) => readFileSync(path, "utf-8") .split(/\r?\n/u) .flatMap((line) => { const envelope = parseEnvelopeLine(line); return envelope ? [envelope] : []; })); return entries.slice(-boundedLimit); } //# sourceMappingURL=envelope.js.map