#"j#UdZddlmZddlmZmZddlmZmZm Z ddl m Z m Z m Z mZmZmZmZmZdZdZdZd Zd Zd Zd Zd ZdZded<eGddZddZe ee dd ddZ gdZ!y)u3dispatch.spawn_callback_contract_validator — pre-spawn contract validator. task-2640 Track A 신규 helper (회장 verbatim unfork #1/#2). 봇 spawn 직전 호출되어 callback contract 가 ANU-owned 정합 상태인지 fail-closed 검증한다. SELF_COLLECTOR / SENDFILE_ONLY / NOT_REGISTERED 변종을 dispatch 진입 시점에 차단하여 prompt 텍스트만으로 callback 정책 전달되는 구조적 결함을 봉쇄. 검증 5축 (task md ANCHOR-3 verbatim): 1. executor_key 비공란 + ≠ anu_key (self-key 차단) 2. anu_key 가 DEFAULT_ANU_KEYS 에 포함 (independent ANU 정합) 3. prompt_text 에 anu_key 텍스트 포함 (코드 contract 와 prompt 일치) 4. prompt_text 에 collector_role=ANU doctrine 포함 5. prompt_text 에 SELF_COLLECTOR / SENDFILE_ONLY / NOT_REGISTERED 차단 verbatim block 포함 이 모듈은 Layer A / NO-CRON: subprocess / cokacdir / merge / cron register 0. 순수 데이터 검증만 수행하고 verdict 를 반환한다. 실패 시 호출자가 spawn 진입 자체를 차단해야 한다 (fail-closed). ) annotations) dataclassfield)ListOptionalSequence) ANU_KEY_2553COLLECTOR_ROLE_ANUDEFAULT_ANU_KEYSFAILHOLDPASSSELF_COLLECTOR_FORBIDDEN is_anu_keyz-dispatch.spawn_callback_contract_validator.v1NO_OP_SPAWN_CONTRACT_FAILEDPROMPT_DOCTRINE_MISSINGPROMPT_ANU_KEY_MISSINGPROMPT_COLLECTOR_ROLE_MISSINGEXECUTOR_KEY_MISSINGANU_KEY_NOT_INDEPENDENTTASK_ID_MISSING)SELF_COLLECTOR SENDFILE_ONLYNOT_REGISTEREDtupleREQUIRED_DOCTRINE_TOKENSceZdZUded<ded<ded<ded<ded<ded<d ed <d ed <d ed <ee Zded<eddZeddZ ddZ y)ContractValidationResultstrschemaverdictz List[str]classificationstask_id executor_keyanu_keyboolprompt_has_anu_keyprompt_has_collector_roleprompt_has_required_doctrine)default_factoryreasonsc(|jtk(SN)r!rselfs ]/home/jay/workspace/.worktrees/task-2729+4-dev4/dispatch/spawn_callback_contract_validator.pyokzContractValidationResult.okDs||t##c<|jr|jdSdS)Nr)r"r.s r0primary_classificationz/ContractValidationResult.primary_classificationHs *.*>*>t##A&HDHr2c |j|jt|j|j|j |j |j|j|j|jt|jd S)N) r r!r"r4r#r$r%r'r(r)r+) r r!listr"r4r#r$r%r'r(r)r+r.s r0to_jsonz ContractValidationResult.to_jsonLsokk||#D$8$89&*&A&A|| --||"&"9"9)-)G)G11DLL)  r2N)returnr&)r8z Optional[str])r8dict) __name__ __module__ __qualname____annotations__rr6r+propertyr1r4r7r2r0rr7sp K L L L##"&&t4GY4 $$II r2rc:sytfdtDS)NFc3&K|]}|v ywr-r?).0t prompt_texts r0 z2_prompt_has_all_doctrine_tokens..asBAqKBs)allr)rDs`r0_prompt_has_all_doctrine_tokensrG^s  B)AB BBr2T)r%anu_keysanu_keys_resolvablec g}g}|r||s*tttg|xsd|xsd|xsdddddg S|s&|jt|jd|s&|jt |jd|r1|r/||k(r*|jt |jd|dt||s*|jt|jd |d t|xrt|xr||v}|s&|jt|jd t|xrt|vxsd |v} | s&|jt|jd t|} | s.|jt|jdtdt!} g} |D])} | | vs| j#| | j| +| st$nt&}|t$k(r|jdn?t | vr7| dt k7r+| j)t | j+dt tt|| |xsd|xsd|xsd|| | | S)u봇 spawn 직전 호출되는 fail-closed contract validator. 검증 실패 시 verdict=FAIL · 호출자(dispatch.core.dispatch_to_bot)는 subprocess(cokacdir --cron) 발사를 차단해야 함. Args: task_id: spawn 대상 task id (non-empty 필수) executor_key: spawn 대상 봇의 self key (ANU key 와 달라야 함) anu_key: independent ANU collector key (DEFAULT_ANU_KEYS 포함 필수) prompt_text: build_prompt 산출 prompt 본문 anu_keys: 허용 ANU key 집합 (override 가능) anu_keys_resolvable: ANU key 집합 resolution 가능 여부 (HOLD 경로) Returns: ContractValidationResult — verdict 와 classification list, reasons. FuANU key set unresolvable — spawn contract validation cannot fail-closed enforce owner pin in this environment (HOLD_FOR_CHAIR). NO silent pass.) r r!r"r#r$r%r'r(r)r+u7task_id empty — spawn contract requires non-empty id.u>executor_key empty — spawn contract cannot verify owner pin.zexecutor_key == anu_key (ul) — SELF_COLLECTOR_FORBIDDEN; the executor bot must NEVER be its own callback collector (회장 §2/§10).zanu_key ug not in configured DEFAULT_ANU_KEYS — the collector key must be an independent ANU key (회장 §10).uprompt body does NOT contain the ANU key text — code contract (spawn validator) and prompt text are out-of-sync; SELF_COLLECTOR 변종 재발 차단을 위해 텍스트+코드 이중 단언 필요.zcollector_role=ANUumprompt body does NOT mention collector_role=ANU — collector role doctrine must be explicit at prompt-level.z9prompt body missing one or more required doctrine tokens uE — verbatim doctrine block 자동 주입 누락 (task md ANCHOR-4).uspawn callback contract PASS — executor_key != anu_key, anu_key is an independent ANU key, prompt contains anu_key + collector_role=ANU + SELF_COLLECTOR/SENDFILE_ONLY/NOT_REGISTERED doctrine tokens. dispatch subprocess gated through.r)rVALIDATOR_SCHEMAr appendrrrrrr&rr rrGrrsetaddrr removeinsert)r#r$r%rDrHrIclsr+r'r(r)seenorderedcr!s r0 validate_spawn_callback_contractrVds2CG ("2('#Mr%+Mr$&+).4  "  ?#PQ  '( L LG$; +,' '78+ + gx ( *+wk"N N k*WtG}WKAW  )* T !%[ 1!k)P-A[-P % 01 > $C;#O ' *+ G'*+0 0 DG  D= HHQK NN1  "dtG$ B  $w .71:AY3Y NN3 4 NN16 7 # 2!'R 2-";%A  r2) rLrrrrrrrrrrVN)rDrr8r&)r#rr$rr%rrDrrHz Sequence[str]rIr&r8r)"__doc__ __future__r dataclassesrrtypingrrr dispatch.callback_owner_enforcerr r r r r rrrrLrrrrrrrrr=rrGrrV__all__r?r2r0r]s(#(++   C;31 ?-3##% # #  # LC #$45 $D DD D  D  DDDN r2