d68f003000
CI / Change detection (push) Has been cancelled
CI / Version drift (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Workflow RLM cache (push) Has been cancelled
CI / Test (macos-latest) (push) Has been cancelled
CI / Test (ubuntu-latest) (push) Has been cancelled
CI / Test (windows-latest) (push) Has been cancelled
CI / npm wrapper smoke (push) Has been cancelled
CI / Mobile runtime smoke (push) Has been cancelled
CI / Workflow lint (push) Has been cancelled
CI / Documentation (push) Has been cancelled
Web Frontend / Lint & Type Check (push) Failing after 1s
Auto-close harvested PRs / close (push) Failing after 1s
cargo-deny / cargo-deny (bans licenses sources) (push) Failing after 1s
Security audit / cargo-audit (push) Failing after 1s
Sync to CNB / sync (push) Failing after 1s
cargo-deny / cargo-deny (advisories) (push) Failing after 3s
Web Frontend / Deploy to Cloudflare (push) Has been cancelled
65 lines
2.0 KiB
JavaScript
65 lines
2.0 KiB
JavaScript
/**
|
|
* #4131 WF-A1 — read-only repo audit (dogfood fixture).
|
|
*
|
|
* Expected: scout phase with read-only children, then a synthesizer that
|
|
* produces an operator-facing summary. No write tools required.
|
|
*
|
|
* Run: /workflow run docs/examples/dogfood-automatic/wf_a1_read_only_audit.workflow.js
|
|
*/
|
|
export default async function (args) {
|
|
phase("Scout");
|
|
const [crates, unsafeHits, unwrapHits] = await parallel([
|
|
() =>
|
|
task({
|
|
description:
|
|
"List top-level crates and one-line role for each under crates/.",
|
|
label: "map crates",
|
|
type: "explore",
|
|
prompt:
|
|
"Read Cargo.toml workspace members and crates/*/Cargo.toml. Return a short bullet list of crate names and purposes. Read-only.",
|
|
}),
|
|
() =>
|
|
task({
|
|
description: "Find unsafe blocks in Rust sources.",
|
|
label: "scan unsafe",
|
|
type: "explore",
|
|
prompt:
|
|
"Search for `unsafe` in crates/**/*.rs (exclude target). Summarize count and notable hot paths. Read-only; no edits.",
|
|
}),
|
|
() =>
|
|
task({
|
|
description: "Find unwrap/expect in hot paths.",
|
|
label: "scan unwrap",
|
|
type: "explore",
|
|
prompt:
|
|
"Search for `.unwrap(` and `.expect(` in crates/tui and crates/engine (if present). Note densest files. Read-only.",
|
|
}),
|
|
]);
|
|
|
|
phase("Synthesize");
|
|
const summary = await task({
|
|
description: "Synthesize audit findings for the operator.",
|
|
label: "audit summary",
|
|
type: "general",
|
|
prompt: [
|
|
"Synthesize a concise security/reliability audit from these scout results.",
|
|
"Filter null/failed scouts. Group by severity. No file edits.",
|
|
"",
|
|
"crates:",
|
|
String(crates ?? "(missing)"),
|
|
"",
|
|
"unsafe:",
|
|
String(unsafeHits ?? "(missing)"),
|
|
"",
|
|
"unwrap:",
|
|
String(unwrapHits ?? "(missing)"),
|
|
].join("\n"),
|
|
});
|
|
|
|
return {
|
|
scenario: "WF-A1",
|
|
goal: args?.goal ?? "read-only repo audit",
|
|
summary,
|
|
};
|
|
}
|