Overview
The validation module executes safety checks before committing evolution changes. It runs Gene-declared validation commands, enforces command whitelisting, and generates standardized ValidationReports.
Location: src/gep/validationReport.js
Functions
buildValidationReport()
Build a standardized ValidationReport.
Location: src/gep/validationReport.js:9
function buildValidationReport({ geneId, commands, results, envFp, startedAt, finishedAt })
Gene ID that triggered validation
Array of validation commands
Array of command execution results
Environment fingerprint (platform, arch, node version)
Validation start timestamp (ms)
Validation end timestamp (ms)
Validation report ID (e.g., vr_1678901234567)
Gene ID that triggered validation
Compact environment key (e.g., linux_x64_v18.0.0)
Array of command objects with command, ok, stdout, stderr
Whether all commands succeeded
Total validation duration in milliseconds
ISO timestamp of report creation
Content-addressable asset ID
{
"type": "ValidationReport",
"schema_version": 3,
"id": "vr_1678901234567",
"gene_id": "gene_gep_repair_from_errors",
"env_fingerprint": {
"platform": "linux",
"arch": "x64",
"node_version": "v18.0.0"
},
"env_fingerprint_key": "linux_x64_v18.0.0",
"commands": [
{
"command": "node scripts/validate-modules.js ./src/evolve ./src/gep/solidify",
"ok": true,
"stdout": "Validation passed: 2 modules OK\n",
"stderr": ""
}
],
"overall_ok": true,
"duration_ms": 1234,
"created_at": "2026-03-09T12:34:56.789Z",
"asset_id": "sha256:abc123..."
}
isValidValidationReport()
Validate that an object is a well-formed ValidationReport.
Location: src/gep/validationReport.js:43
function isValidValidationReport(obj)
Whether the object is a valid ValidationReport
Validation Command Safety
Location: src/gep/solidify.js:569
Command Whitelist
const VALIDATION_ALLOWED_PREFIXES = ['node ', 'npm ', 'npx '];
function isValidationCommandAllowed(cmd) {
const c = String(cmd || '').trim();
if (!c) return false;
// Must start with whitelisted prefix
if (!VALIDATION_ALLOWED_PREFIXES.some(p => c.startsWith(p))) return false;
// Block shell operators
if (/`|\$\(/.test(c)) return false;
// Strip quoted strings and check for shell operators
const stripped = c.replace(/"[^"]*"/g, '').replace(/'[^']*'/g, '');
if (/[;&|><]/.test(stripped)) return false;
// Block dangerous node flags
if (/^node\s+(-e|--eval|--print|-p)\b/.test(c)) return false;
return true;
}
node - Node.js scriptsnpm - npm commandsnpx - npx commands
Blocked Patterns:
- Backticks:
`
- Command substitution:
$()
- Shell operators:
;, &, |, >, <
- Eval flags:
-e, --eval, -p, --print
Validation Execution
Location: src/gep/solidify.js:583
function runValidations(gene, opts = {}) {
const repoRoot = opts.repoRoot || getRepoRoot();
const timeoutMs = opts.timeoutMs || 180000; // 3 minutes
const validation = Array.isArray(gene.validation) ? gene.validation : [];
const results = [];
const startedAt = Date.now();
for (const cmd of validation) {
const c = String(cmd || '').trim();
if (!c) continue;
// Safety check
if (!isValidationCommandAllowed(c)) {
results.push({
cmd: c,
ok: false,
out: '',
err: 'BLOCKED: validation command rejected by safety check'
});
return { ok: false, results, startedAt, finishedAt: Date.now() };
}
// Execute
const r = tryRunCmd(c, { cwd: repoRoot, timeoutMs });
results.push({ cmd: c, ok: r.ok, out: r.out, err: r.err });
// Fail fast
if (!r.ok) {
return { ok: false, results, startedAt, finishedAt: Date.now() };
}
}
return { ok: true, results, startedAt, finishedAt: Date.now() };
}
Integration with Solidify
Location: src/gep/solidify.js:1093
// Run validation commands
let validation = { ok: true, results: [], startedAt: null, finishedAt: null };
if (geneUsed) {
validation = runValidations(geneUsed, { repoRoot, timeoutMs: 180000 });
}
// Build standardized ValidationReport
const validationReport = buildValidationReport({
geneId: geneUsed && geneUsed.id,
commands: validation.results.map(r => r.cmd),
results: validation.results,
envFp: envFp,
startedAt: validation.startedAt,
finishedAt: validation.finishedAt,
});
// Include in EvolutionEvent
const event = {
type: 'EvolutionEvent',
// ...
validation_report_id: validationReport.id,
meta: {
validation_ok: validation.ok,
validation: validation.results.map(r => ({ cmd: r.cmd, ok: r.ok })),
validation_report: validationReport,
},
};
Validation Command Examples
Module Validation
const gene = {
id: 'gene_gep_repair',
validation: [
'node scripts/validate-modules.js ./src/evolve ./src/gep/solidify',
'node scripts/validate-modules.js ./src/gep/selector ./src/gep/memoryGraph',
],
};
Unit Tests
const gene = {
id: 'gene_custom',
validation: [
'npm test -- --testPathPattern=src/gep',
'npm run lint',
],
};
Type Checking
const gene = {
id: 'gene_typescript',
validation: [
'npx tsc --noEmit',
],
};
Complete Example
const { buildValidationReport } = require('./gep/validationReport');
const { runValidations } = require('./gep/solidify');
const gene = {
id: 'gene_custom',
validation: [
'node scripts/validate-modules.js ./src/custom',
'npm test -- --testPathPattern=custom',
],
};
// Execute validations
const validation = runValidations(gene, {
repoRoot: '/path/to/repo',
timeoutMs: 180000,
});
// Build report
const report = buildValidationReport({
geneId: gene.id,
commands: validation.results.map(r => r.cmd),
results: validation.results,
envFp: { platform: 'linux', arch: 'x64', node_version: 'v18.0.0' },
startedAt: validation.startedAt,
finishedAt: validation.finishedAt,
});
console.log('Validation report:', report.id);
console.log('Overall result:', report.overall_ok ? 'PASSED' : 'FAILED');
console.log('Duration:', report.duration_ms, 'ms');
for (const cmd of report.commands) {
if (!cmd.ok) {
console.error('Failed command:', cmd.command);
console.error('stderr:', cmd.stderr);
}
}
