~j7 dZddlmZddlZddlZddlmZd6dZd6dZd7dZ d8dZ ejd ejd ejejzejd ejd ejd ejejzejdejdejdejejzgZejdZ d9dZejdejdejdejdejejzejdejdejdejejzejdejejzgZ d9dZejdejdejejdejejdejejd ejejd!ejejd"ejejd#ejgZejd$ejZhd%Z d9d&Zejd'Zejd(Zejd)Z d9d*Zejd+ejd,ejd-ejd.ejd/ejd0ejd1gZ d9d2Zejd3Zejd4ejZ d:d5ZeeeeeegZ y);uv3.6 Runtime Harness — 6 rule functions. chair_authorization_id=CHAIR-AUTH-TASK-2703-V36-HARNESS-MVP-260528 Each rule: (tool_name, tool_input, context) -> Optional[tuple[decision, matched_rule, reason]] - Returns (decision, rule_id, reason) if matched; None otherwise. - decision: "DENY" | "HOLD_FOR_CHAIR" - ALL_RULES is the ordered list; guard.evaluate applies first match. Whitelist-first principle: safe commands bypass expensive pattern checks. All patterns use substring or regex to stay fast (≤200ms goal). ) annotationsN)Optionalcx|jdvr(|jdxs|jdxsdSy)z0Extract the command string for Bash/shell tools.bashshellterminalcommandcmdNlowerget tool_name tool_inputs 0/home/jay/workspace/scripts/harness/v36/rules.py _get_commandrs799~~i(GJNN5,AGRG c|jdvr;|jdxs(|jdxs|jdxsdSy)z%Extract content for Write/Edit tools.writeedit notebookeditcontent new_stringsourcer Nr rs r_get_write_contentrsT== NN9 % ~~l+ ~~h'   rc|jdvr;|jdxs(|jdxs|jdxsdSy)z'Extract file path for Write/Edit tools.r file_pathpath notebook_pathr r rs r_get_write_pathr#+sT== NN; ' ~~f% ~~o.   rcBtjj|dS)z!Safe environment variable getter.r )osenvironr)keys r_envr(7s ::>>#r ""rz tail\s+-f\bzwhile\b.*\.done.*\bdo\b.*sleepz!while\s*\[\s*!\s*-[fe]\s+.*\.donez#python3\s+.*task-timer\.py\s+statuszwhile\s+true.*sleep.*\.donezinotifywait.*\.donezwatch\s+-n\s+\d+.*\.donezuntil\b.*\.done.*\bsleep\bz+tail\s+-f\s+/dev/(null|stdin|stdout|stderr)c|}t||}|ytj|rytD](}|j|sddd|jdfcSy)z,Block session-bound direct polling patterns.NDENYz$pattern.session_bound_direct_pollingu세션 바인딩 직접 폴링 감지: ANU 본체가 .done 파일/타이머를 직접 폴링하는 것은 금지됨. callback/collector 위임 방식을 사용하십시오. (matched: ))r _R1_WHITELISTsearch _R1_PATTERNSpatternrr_context_r pats rrule_1_session_bound_pollingr4Nsx A y* -C {C  ::c?6UUXU`U`Tccdf  rzgh\s+run\s+watch\bzgh\s+pr\s+checks\s+--watch\bzgh\s+pr\s+checks.*--watch\bz.while\b.*\bgh\s+(run|pr|workflow)\b.*\bsleep\bzgh\s+workflow\s+run.*--watch\bzwatch\s+-n\s+\d+.*\bgh\s+zwhile\b.*gemini.*\bsleep\bzwhile\b.*\bci\b.*\bsleep\bc|}t||}|ytD](}|j|sddd|jdfcSy)z(Block ANU direct CI/Gemini long-waiting.Nr*z!pattern.anu_direct_ci_gemini_waituANU 직접 CI/Gemini 장시간 대기 감지: ANU 본체가 CI/Gemini를 직접 감시하는 것은 금지됨. handoff 또는 callback 방식을 사용하십시오. (matched: r+)r _R2_PATTERNSr-r/r0s rrule_2_direct_ci_waitr7ssg A y* -C { ::c?3SSVS^S^Raabd  rz \bmtime\bu 추정\s*(완료|됨|함|적용)zlikely\s+completezcompleted?\s+\(mtime\)u mtime.*완료u수정\s*시각.*완료u추측.*사실u"파일.*수정.*완료로\s*간주z4\.done$|events/.*task.*\.json|closeout.*marker|\.md$>rrrc|}|jtvryt||xsdt||xsd}t fdt D}|syt j|syy)zBBlock speculation/mtime stated as fact in reports/closeout writes.Nr c3@K|]}|jyw)N)r-).0r3rs r z+rule_3_mtime_speculation..sJccjj)Js)HOLD_FOR_CHAIRz!pattern.mtime_speculation_as_factu추측/mtime 단서를 fact로 단정하는 보고서/closeout marker 작성 감지. 회장 승인 없이 mtime/추정 완료 표현을 근거로 상태를 확정할 수 없음.)r_R3_REPORT_TOOLSrr#any_R3_CONTENT_PATTERNS_R3_REPORT_PATHr-)rrr1r2r! content_hitrs @rrule_3_mtime_speculationrBsn A 00 J7=2G 9j 1 7RDJ5IJJK   ! !$ ' rz.\btouch\b.*(memory|events|workspace).*\.done\bzecho\s+.*>\s*.*\.done\bz /memory/events/.*\.done$|\.done$cP|}tddk(}|jdvrE|jdxsd}tj |r|syt j |r|sy|jdk(r,t ||}tj |r |s d d d |d fSy )zDBlock self-confirmation of done status without authorized collector.ANU_CALLBACK_COLLECTOR_RUNNING1rr r )r*(pattern.self_status_confirm_no_collectorucallback/collector/authorized watcher 없이 .done 파일 직접 생성 시도 감지. ANU 본체 self-key로 완료 상태를 자체 확정하는 것은 금지됨.)r*rFuxecho redirect로 .done 파일 직접 생성 시도 감지. callback/collector 없이 완료 상태 자체 확정 금지.rr*rFu8Write tool로 .done 파일 직접 생성 시도 감지: uH. authorized watcher callback 없이 완료 상태 자체 확정 금지.N)r(rr_R4_TOUCH_DONEr- _R4_ECHO_DONEr#_R4_WRITE_DONE_PATH)rrr1r2collector_runningr r!s rrule_4_self_status_confirmrKs A=>#E99nnY'-2   %.?    $->G#y*5  % %d +4E:J4(SYY  r\bgit\s+push\bz\bgit\s+reset\s+--hard\bz\bgh\s+pr\s+create\bz\bgh\s+pr\s+merge\bz!\bgh\s+pr\s+review\b.*--approve\bz7\brm\s+-rf\s+(/home/jay/workspace|/home/jay/\.claude)\bz%\bgit\s+branch\s+-D\s+(main|master)\bcd|}t||}|ytD]}|j|stjd|jrHtjd|stjd|rddd|ddd fcSddd |ddd fcSddd |ddd |jdfcSy)z9Block explicitly forbidden tool calls and shell commands.NrLz --force|-f\bz\b(main|master)\br*zpattern.forbidden_tool_or_shellu5금지된 shell 명령 감지 (git push force/main): xu-. v3.6 harness 절대 금지 명령입니다.u*금지된 shell 명령 감지 (git push): u_. v3.6 harness 절대 금지 명령입니다. PR 생성/머지는 허가된 workflow만 사용.u$금지된 tool/shell 명령 감지: uB. 이 명령은 v3.6 harness에서 절대 금지됩니다. (rule: r+)r _R5_FORBIDDENr-rer/r0s rrule_5_forbidden_toolrQs A y* -C { ::c?yy*CKK899_c2bii@TVY6Z9OPSTXUXPY}]FF5@Tc Ntt16s4CymDSSVS^S^Raabd '4 rz"finish[_-]task\.sh|finish_task\.shz\.md$ct||}|rbtj|rM|jdd}|jdd}|||dk(r |dk\rddd|d fS|jd ry |j d k(rRt ||}t j|r1|jdd}|dk(r|jd r ddd|dfSy)aaBlock finish-task.sh execution when only .md files written (no code artifacts). Detection logic: - Bash: finish-task.sh call AND context.new_code_files == 0 AND context.new_md_files >= 1 - Bash: finish-task.sh call AND context.doctrine_only_flag set - Write: .md path AND context.new_code_files == 0 AND context.finish_task_pending new_code_filesN new_md_filesrr<pattern.doctrine_only_no_codeuW문서/메모리 박제만으로 재발 방지 완료 판정 시도 감지. 신규 .md ug건, py/sh/json/test 0건. 실질 코드 artifact 없이 finish-task.sh 실행은 회장 승인 필요.doctrine_only_flag)r<rVuXfinish-task.sh 실행 시도 감지. doctrine_only_flag 설정됨. 회장 승인 필요.rfinish_task_pendinguJ코드 artifact 0건 상태에서 .md 박제 + finish-task 패턴 감지: u. 회장 승인 필요.)r_R6_FINISH_TASKr-rrr# _R6_MD_PATH)rrcontextr new_codenew_mdr!s rrule_6_doctrine_onlyr^%s  y* -C %%c*;;/6^T2  F$61}1$3""(*cc[[- .G#y*5   d #{{#3Q7H1}-B!C$3`ae`hi,, r)rstrrdictreturnz Optional[str])rr_rr`rar_)r'r_rar_)rr_rr`r1r`raOptional[tuple])rr_rr`r[r`rarb)!__doc__ __future__rr%rPtypingrrrr#r(compileDOTALL IGNORECASEr.r,r4r6r7r?r@r=rBrGrHrIrKrOrQrYrZr^ ALL_RULESrrrks< #   #BJJ~BJJ0"))bmm2KLBJJ34BJJ56BJJ-ryy2==/HIBJJ%&BJJ*+BJJ,bii"--.GH   IJ  $044BJJ$%BJJ./BJJ-.BJJ@"))bmmB[\BJJ01BJJ+,BJJ,bii"--.GHBJJ,bii"--.GH   $040BJJ|BJJ2BMMBBJJ#R]]3BJJ("--8BJJ/BJJ)2==9BJJ "--0BJJ4bmmD "**TVXVcVcd4 $04>5  !bjj!DE## $#04##XBJJ !BJJ*+BJJ&'BJJ%&BJJ34BJJIJBJJ78  ## $#04##T"**BCbjj2==1 -- $-/3--h!   r