v0.8.2: cleanup + prose + structure + decomposition + budget + errors

Phase 1 — dedup + hardening (~9 items): - Remove duplicate *skill-registry* defvar from core-skills - Merge *backend-registry* into *probabilistic-backends*, delete backend-register - Remove inject-stimulus alias, standardize on stimulus-inject - Add pre-eval sandbox (skill-source-scan) blocks restricted symbols before eval - Remove dead plist-get function; remove duplicate json-alist-to-plist export - Fix read-framed-message whitespace DoS (4096-iteration max) - Add *read-eval* nil to dispatcher-approvals-process read-from-string (RCE) - Add test-op to ASDF; update .asd version 0.4.3→0.7.2 Phase 2 — prose + contracts + reorder: - Split ROADMAP: 2623→1089 lines (TODO only), CHANGELOG: 260→1528 lines (full DONE history, 14 versions reverse chron) - Add Contracts + Overview to 6 channel files + embedding-native + programming-standards + symbolic-scope - Reorder 28 .org files: Contract → Test Suite → Implementation (TDD order) - Add 7-phase inline prose to think() in core-reason - Expand USER_MANUAL: 183→461 lines (10 new sections) Phase 3 — decomposition + export organization: - Decompose think() into think-assemble-prompt, think-call-llm, think-parse-response orchestrator - Organize 188 exports into 16 grouped sections by module Phase 4 — budget enforcement + error protocol: - Per-session budget enforcement (SESSION_BUDGET_USD env var, budget-exhausted-p, guard in think-call-llm) - Error condition hierarchy (6 conditions: pipeline-error, llm-error, gate-error, budget-error, protocol-error) - Restarts in loop-process: skip-signal, use-fallback, abort-pipeline
2026-05-10 09:07:44 -04:00
parent 27d203ad67
commit 8fd56dece3
68 changed files with 7014 additions and 6521 deletions
--- a/lisp/core-package.lisp
+++ b/lisp/core-package.lisp
@@ -1,24 +1,38 @@
 (defpackage :passepartout
  (:use :cl)
  (:export
+   ;; ── Core: Transport & Protocol ──
   #:frame-message
   #:read-framed-message
-    #:PROTO-GET
-    #:proto-get
-   #:*VAULT-MEMORY*
+   #:PROTO-GET
+   #:proto-get
   #:make-hello-message
   #:validate-communication-protocol-schema
   #:start-daemon
-   #:log-message
+   #:register-actuator
+   #:actuator-initialize
+   #:action-dispatch
+
+   ;; ── Core: Pipeline ──
   #:main
-    #:diagnostics-run-all
-    #:diagnostics-main
-    #:diagnostics-dependencies-check
-    #:diagnostics-env-check
-    #:register-provider
-    #:provider-openai-request
-    #:provider-config
-   #:run-setup-wizard
+   #:log-message
+   #:process-signal
+   #:loop-process
+   #:perceive-gate
+   #:loop-gate-perceive
+   #:act-gate
+   #:loop-gate-act
+   #:reason-gate
+   #:loop-gate-reason
+   #:cognitive-verify
+   #:backend-cascade-call
+   #:json-alist-to-plist
+   #:stimulus-inject
+   #:register-probabilistic-backend
+   #:*probabilistic-backends*
+   #:*provider-cascade*
+
+   ;; ── Core: Memory ──
   #:ingest-ast
   #:memory-object-get
   #:*memory-store*
@@ -35,6 +49,7 @@
   #:memory-object-content
   #:memory-object-hash
   #:memory-object-scope
+   #:memory-objects-by-attribute
   #:snapshot-memory
   #:rollback-memory
   #:undo-snapshot
@@ -42,10 +57,12 @@
   #:redo
   #:*undo-stack*
   #:*redo-stack*
-    #:context-get-system-logs
-    #:context-assemble-global-awareness
-    #:context-awareness-assemble
-    #:context-query
+
+   ;; ── Core: Context & Awareness ──
+   #:context-get-system-logs
+   #:context-assemble-global-awareness
+   #:context-awareness-assemble
+   #:context-query
   #:push-context
   #:pop-context
   #:current-context
@@ -57,91 +74,25 @@
   #:focus-session
   #:focus-memex
   #:unfocus
-   #:process-signal
-   #:loop-process
-    #:perceive-gate
-    #:loop-gate-perceive
-    #:act-gate
-    #:loop-gate-act
-    #:reason-gate
-    #:loop-gate-reason
-    #:cognitive-verify
-    #:backend-cascade-call
-    #:json-alist-to-plist
-    #:json-alist-to-plist
-    #:inject-stimulus
-    #:stimulus-inject
-    #:hitl-create
-    #:hitl-approve
-    #:hitl-deny
-    #:hitl-handle-message
-   #:dispatcher-check-secret-path
-   #:dispatcher-check-shell-safety
-   #:dispatcher-check-privacy-tags
-   #:dispatcher-check-network-exfil
-   #:dispatcher-check
-    #:dispatcher-gate
-    #:wildcard-match
-    #:actuator-initialize
-   #:action-dispatch
-   #:register-actuator
-   #:load-skill-from-org
-    #:skill-initialize-all
-    #:lisp-syntax-validate
-    #:defskill
-       #:*skill-registry*
-       #:*scope-resolver*
-       #:*embedding-backend*
-       #:*embedding-queue*
-       #:*embedding-provider*
-       #:embed-queue-object
-       #:embed-object
-       #:embed-all-pending
-       #:embedding-backend-hashing
-       #:embedding-backend-native
-       #:embedding-native-load-model
-       #:embedding-native-unload
-       #:embedding-native-ensure-loaded
-       #:embedding-native-get-dim
-       #:embeddings-compute
-       #:mark-vector-stale
-     #:skill
+   #:*scope-resolver*
+
+   ;; ── Core: Skills Engine ──
+   #:skill
   #:skill-name
   #:skill-priority
   #:skill-dependencies
   #:skill-trigger-fn
   #:skill-probabilistic-prompt
   #:skill-deterministic-fn
+   #:defskill
+   #:*skill-registry*
+   #:skill-initialize-all
+   #:load-skill-from-org
+   #:lisp-syntax-validate
+
+   ;; ── Core: Cognitive Tools ──
   #:def-cognitive-tool
   #:*cognitive-tool-registry*
-    #:org-read-file
-    #:org-write-file
-    #:org-headline-add
-    #:org-headline-find-by-id
-    #:literate-tangle-sync-check
-    #:archivist-create-note
-    #:gateway-start
-    #:org-property-set
-    #:org-todo-set
-    #:org-id-generate
-    #:org-id-format
-    #:org-modify
-    #:lisp-validate
-    #:lisp-structural-check
-    #:lisp-syntactic-check
-    #:lisp-semantic-check
-    #:lisp-eval
-    #:lisp-format
-    #:lisp-list-definitions
-    #:lisp-extract
-    #:lisp-inject
-    #:lisp-slurp
-   #:get-oc-config-dir
-    #:get-tool-permission
-    #:set-tool-permission
-    #:check-tool-permission-gate
-    #:permission-get
-    #:permission-set
   #:cognitive-tool
   #:cognitive-tool-name
   #:cognitive-tool-description
@@ -149,53 +100,128 @@
   #:cognitive-tool-guard
   #:cognitive-tool-body
   #:tool-read-only-p
-   #:register-probabilistic-backend
-   #:*probabilistic-backends*
-   #:*provider-cascade*
-    #:vault-get
-    #:vault-set
-    #:vault-get-secret
-    #:vault-set-secret
-    #:memory-objects-by-attribute
-    #:channel-cli-input
-    #:repl-eval
-    #:repl-inspect
-    #:repl-list-vars
-    #:policy-compliance-check
-    #:validator-protocol-check
-    #:archivist-extract-headlines
-    #:archivist-headline-to-filename
-    #:literate-extract-lisp-blocks
-    #:literate-block-balance-check
-    #:gateway-registry-initialize
-    #:messaging-link
-    #:messaging-unlink
-    #:gateway-configured-p
-    #:count-tokens
-    #:model-token-ratio
-    #:token-cost
-    #:provider-token-cost
-    #:cost-track-call
-    #:cost-session-total
-    #:cost-session-calls
-    #:cost-by-provider
-    #:cost-session-reset
-    #:cost-format-budget-status
-    #:cost-track-backend-call
-    #:prompt-prefix-cached
-    #:context-assemble-cached
-    #:enforce-token-budget
-    #:token-economics-initialize))
+
+   ;; ── Security: Dispatcher ──
+   #:dispatcher-check-secret-path
+   #:dispatcher-check-shell-safety
+   #:dispatcher-check-privacy-tags
+   #:dispatcher-check-network-exfil
+   #:dispatcher-check
+   #:dispatcher-gate
+   #:wildcard-match
+
+   ;; ── Security: HITL ──
+   #:hitl-create
+   #:hitl-approve
+   #:hitl-deny
+   #:hitl-handle-message
+
+   ;; ── Security: Vault & Permissions ──
+   #:*VAULT-MEMORY*
+   #:vault-get
+   #:vault-set
+   #:vault-get-secret
+   #:vault-set-secret
+   #:get-tool-permission
+   #:set-tool-permission
+   #:check-tool-permission-gate
+   #:permission-get
+   #:permission-set
+   #:policy-compliance-check
+   #:validator-protocol-check
+
+   ;; ── Embedding ──
+   #:*embedding-backend*
+   #:*embedding-queue*
+   #:*embedding-provider*
+   #:embed-queue-object
+   #:embed-object
+   #:embed-all-pending
+   #:embedding-backend-hashing
+   #:embedding-backend-native
+   #:embedding-native-load-model
+   #:embedding-native-unload
+   #:embedding-native-ensure-loaded
+   #:embedding-native-get-dim
+   #:embeddings-compute
+   #:mark-vector-stale
+
+   ;; ── Channels ──
+   #:channel-cli-input
+   #:gateway-start
+   #:gateway-registry-initialize
+   #:messaging-link
+   #:messaging-unlink
+   #:gateway-configured-p
+
+   ;; ── Programming: Lisp ──
+   #:lisp-validate
+   #:lisp-structural-check
+   #:lisp-syntactic-check
+   #:lisp-semantic-check
+   #:lisp-eval
+   #:lisp-format
+   #:lisp-list-definitions
+   #:lisp-extract
+   #:lisp-inject
+   #:lisp-slurp
+
+   ;; ── Programming: Org ──
+   #:org-read-file
+   #:org-write-file
+   #:org-headline-add
+   #:org-headline-find-by-id
+   #:org-property-set
+   #:org-todo-set
+   #:org-id-generate
+   #:org-id-format
+   #:org-modify
+
+   ;; ── Programming: Literate & REPL ──
+   #:literate-tangle-sync-check
+   #:literate-extract-lisp-blocks
+   #:literate-block-balance-check
+   #:repl-eval
+   #:repl-inspect
+   #:repl-list-vars
+
+   ;; ── Symbolic ──
+   #:archivist-create-note
+   #:archivist-extract-headlines
+   #:archivist-headline-to-filename
+
+   ;; ── Diagnostics & Config ──
+   #:diagnostics-run-all
+   #:diagnostics-main
+   #:diagnostics-dependencies-check
+   #:diagnostics-env-check
+   #:get-oc-config-dir
+   #:run-setup-wizard
+
+   ;; ── Providers ──
+   #:register-provider
+   #:provider-openai-request
+   #:provider-config
+
+   ;; ── Token Economics ──
+   #:count-tokens
+   #:model-token-ratio
+   #:token-cost
+   #:provider-token-cost
+   #:cost-track-call
+   #:cost-session-total
+   #:cost-session-calls
+   #:cost-by-provider
+   #:cost-session-reset
+   #:cost-format-budget-status
+   #:cost-track-backend-call
+   #:prompt-prefix-cached
+   #:context-assemble-cached
+   #:enforce-token-budget
+   #:token-economics-initialize))

 (in-package :passepartout)

-(defun plist-get (plist key)
-  "Robust plist accessor — checks both :KEY and :key variants."
-  (let* ((s (string key))
-         (up (intern (string-upcase s) :keyword))
-         (dn (intern (string-downcase s) :keyword)))
-    (or (getf plist up) (getf plist dn))))
-
 (defvar *log-buffer* nil)
 (defvar *log-lock* (bordeaux-threads:make-lock "log-messages-lock"))
 (defvar *log-limit* 100)