Skip to content

feat: harness session-export — join transcript JSONL with evidence ledger#67

Merged
LanNguyenSi merged 1 commit intomasterfrom
feat/session-export
May 6, 2026
Merged

feat: harness session-export — join transcript JSONL with evidence ledger#67
LanNguyenSi merged 1 commit intomasterfrom
feat/session-export

Conversation

@LanNguyenSi
Copy link
Copy Markdown
Owner

@LanNguyenSi LanNguyenSi commented May 6, 2026

Summary

  • New CLI verb harness session-export <sessionId> reads the on-disk Claude Code transcript at ~/.claude/projects/<projectDir>/<sessionId>.jsonl, joins it with evidence-ledger rows for the same session, and emits a single chronologically-ordered audit artifact. Each event carries an explicit source: "transcript" | "ledger" marker.
  • --format json (default) and --format jsonl ship in v1; -o/--out <file> writes to disk.
  • Default-on regex denylist redacts the four obvious key/secret patterns (token / secret / password / api_key) before any output is written.
  • New optional audit.redact[] manifest block extends the denylist with custom regex: rules or env_var: entries that resolve to the actual env value at export time. Manifests without audit: parse unchanged.
  • Empty-both case (no transcript and no ledger entries) exits 1 with a one-line stderr message. Partial sources (transcript only or ledger only) still run.

Why

Closes the audit gap: today, "what happened in session X" requires grepping three disjoint sources. This collapses transcript JSONL + evidence-ledger into one chronological artifact suitable for incident forensics, contributor onboarding, and dogfooding.

Refs agent-tasks 7e6753a2.

Scope cut

  • Post-hoc parser only, no live tool-call instrumentation, no new hooks.
  • No new ledger entry kinds; existing policy_decision rows + transcript tool_use blocks cover v1.
  • No schema v2 bump.
  • No remote shipping; local CLI artifact only.
  • No HTML format yet (json + jsonl land first).

Test plan

  • npm run typecheck clean
  • npx vitest run 711 / 711 green (added 25 cases across redact / transcript / session-export)
  • Dogfood: ran session-export against a real 1040-event transcript; default regex fired 26 times, no leak of AGENT_TASKS_TOKEN (verified via grep -F "$AGENT_TASKS_TOKEN" /tmp/export.json)
  • Empty-both path: harness session-export nonexistent-session-id → stderr message + exit 1
  • Reviewed by subagent against rigorous checklist, 14/14 acceptance criteria satisfied, no blockers

@nguyen-si-pp @claude
feat: harness session-export — join transcript JSONL with evidence le…
cb1447d 
…dger

Adds a new CLI verb that reads the on-disk Claude Code transcript at
~/.claude/projects/<projectDir>/<sessionId>.jsonl, joins it with
evidence-ledger rows for the same sessionId, and emits a single
chronologically-ordered audit artifact (--format json default,
--format jsonl streaming, -o <file> to disk). Each event carries a
source: transcript | ledger marker so the export is traceable.

Default-on regex redaction catches the four obvious key/secret
patterns out of the box. The new optional audit.redact[] manifest
block extends the denylist with custom regexes or env_var entries
that resolve at export time. Manifests without audit: parse
unchanged.

Empty-result case (no transcript and no ledger entries) exits 1 with
a one-line stderr message. Partial sources (transcript present but
ledger empty, or vice versa) still run and note the gap in the
header.

Refs agent-tasks 7e6753a2.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@LanNguyenSi LanNguyenSi merged commit 02f042f into master May 6, 2026
1 check passed
@LanNguyenSi LanNguyenSi mentioned this pull request May 6, 2026
Merged
10 tasks
LanNguyenSi added a commit that referenced this pull request May 6, 2026
@LanNguyenSi @nguyen-si-pp @claude
release: cut v0.7.0 (#70)
fe5f662 
Bump package.json 0.6.0 -> 0.7.0. Roll up CHANGELOG [Unreleased]
into [0.7.0] - 2026-05-06 with a one-paragraph headline plus
operator note. PR refs (#65, #66, #67, #68, #69) added to each
entry. README now references v0.7.0 in the prose and gains a
status checklist row for the workflows-as-data + session-export +
docs-split set. Two version-pinned tests bumped to match the new
binary header.

Theme: workflows-as-data and full-session audit forensics. No
schema bump (still version: 1); all new manifest fields are
additive and parse identically against 0.6.0 manifests.

Refs agent-tasks 1fe55885.

Co-authored-by: Lan Nguyen Si <nguyen-si@publicplan.de>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LanNguyenSi @nguyen-si-pp