@a-company/paradigm 5.8.2 → 5.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/chunk-NQKQG45G.js +688 -0
  2. package/dist/mcp.js +142 -641
  3. package/dist/symphony-loader-UZGON56V.js +90 -0
  4. package/package.json +1 -1
package/dist/chunk-NQKQG45G.js ADDED
@@ -0,0 +1,688 @@
1
+ #!/usr/bin/env node
2
+
3
+ // ../paradigm-mcp/src/utils/symphony-loader.ts
4
+ import * as fs from "fs";
5
+ import * as path from "path";
6
+ import * as os from "os";
7
+ import * as crypto from "crypto";
8
+ var SCORE_DIR = path.join(os.homedir(), ".paradigm", "score");
9
+ var LEGACY_MAIL_DIR = path.join(os.homedir(), ".paradigm", "mail");
10
+ var AGENTS_DIR = path.join(SCORE_DIR, "agents");
11
+ var THREADS_DIR = path.join(SCORE_DIR, "threads");
12
+ var FILE_REQUESTS_DIR = path.join(SCORE_DIR, "file-requests");
13
+ var TRUST_CONFIG_PATH = path.join(SCORE_DIR, "trust.yaml");
14
+ var FILE_REQUEST_TTL_MS = 60 * 60 * 1e3;
15
+ var DEFAULT_TRUST = {
16
+ users: {},
17
+ defaults: {
18
+ level: "restricted",
19
+ autoApprove: [],
20
+ neverApprove: [
21
+ ".env*",
22
+ "**/*.key",
23
+ "**/*.pem",
24
+ "**/credentials*",
25
+ "**/secrets/**"
26
+ ]
27
+ }
28
+ };
29
+ function migrateFromLegacyMail() {
30
+ if (fs.existsSync(LEGACY_MAIL_DIR) && !fs.existsSync(SCORE_DIR)) {
31
+ try {
32
+ fs.renameSync(LEGACY_MAIL_DIR, SCORE_DIR);
33
+ } catch {
34
+ }
35
+ }
36
+ }
37
+ function ensureScoreDirs() {
38
+ migrateFromLegacyMail();
39
+ for (const dir of [AGENTS_DIR, THREADS_DIR, FILE_REQUESTS_DIR]) {
40
+ if (!fs.existsSync(dir)) {
41
+ fs.mkdirSync(dir, { recursive: true });
42
+ }
43
+ }
44
+ }
45
+ var ensureMailDirs = ensureScoreDirs;
46
+ function getAgentDir(agentId) {
47
+ return path.join(AGENTS_DIR, agentId);
48
+ }
49
+ function ensureAgentDir(agentId) {
50
+ const dir = getAgentDir(agentId);
51
+ if (!fs.existsSync(dir)) {
52
+ fs.mkdirSync(dir, { recursive: true });
53
+ }
54
+ return dir;
55
+ }
56
+ function readJsonlFile(filePath) {
57
+ if (!fs.existsSync(filePath)) return [];
58
+ const content = fs.readFileSync(filePath, "utf-8");
59
+ const lines = content.split("\n").filter((line) => line.trim().length > 0);
60
+ const items = [];
61
+ for (const line of lines) {
62
+ try {
63
+ items.push(JSON.parse(line));
64
+ } catch {
65
+ }
66
+ }
67
+ return items;
68
+ }
69
+ function appendJsonlLine(filePath, item) {
70
+ const dir = path.dirname(filePath);
71
+ if (!fs.existsSync(dir)) {
72
+ fs.mkdirSync(dir, { recursive: true });
73
+ }
74
+ fs.appendFileSync(filePath, JSON.stringify(item) + "\n", "utf-8");
75
+ }
76
+ function sanitizeId(name) {
77
+ return name.toLowerCase().replace(/[^a-z0-9-]/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "").slice(0, 40) || "unknown";
78
+ }
79
+ function resolveProjectName(projectDir) {
80
+ try {
81
+ const configPath = path.join(projectDir, ".paradigm", "config.yaml");
82
+ if (fs.existsSync(configPath)) {
83
+ const content = fs.readFileSync(configPath, "utf-8");
84
+ const match = content.match(/^project:\s*(.+)$/m);
85
+ if (match) return sanitizeId(match[1].trim().replace(/["']/g, ""));
86
+ }
87
+ } catch {
88
+ }
89
+ return sanitizeId(path.basename(projectDir));
90
+ }
91
+ function resolveAgentIdentity(projectDir, role) {
92
+ const project = resolveProjectName(projectDir);
93
+ const agentRole = role || "core";
94
+ return `${project}/${agentRole}`;
95
+ }
96
+ function registerAgent(projectDir, role, label) {
97
+ ensureScoreDirs();
98
+ const agentId = resolveAgentIdentity(projectDir, role);
99
+ const agentDir = ensureAgentDir(agentId);
100
+ const project = resolveProjectName(projectDir);
101
+ const identity = {
102
+ id: agentId,
103
+ name: label || `${project} (${role || "core"})`,
104
+ type: "agent",
105
+ project,
106
+ role: role || "core",
107
+ pid: process.pid,
108
+ startedAt: (/* @__PURE__ */ new Date()).toISOString(),
109
+ label
110
+ };
111
+ fs.writeFileSync(
112
+ path.join(agentDir, "identity.json"),
113
+ JSON.stringify(identity, null, 2),
114
+ "utf-8"
115
+ );
116
+ return identity;
117
+ }
118
+ function unregisterAgent(agentId) {
119
+ const agentDir = getAgentDir(agentId);
120
+ if (!fs.existsSync(agentDir)) return false;
121
+ try {
122
+ fs.rmSync(agentDir, { recursive: true, force: true });
123
+ return true;
124
+ } catch {
125
+ return false;
126
+ }
127
+ }
128
+ function listAgents() {
129
+ ensureScoreDirs();
130
+ if (!fs.existsSync(AGENTS_DIR)) return [];
131
+ const agents = [];
132
+ const projectDirs = fs.readdirSync(AGENTS_DIR, { withFileTypes: true }).filter((d) => d.isDirectory());
133
+ for (const projectDir of projectDirs) {
134
+ const projectPath = path.join(AGENTS_DIR, projectDir.name);
135
+ const roleDirs = fs.readdirSync(projectPath, { withFileTypes: true }).filter((d) => d.isDirectory());
136
+ for (const roleDir of roleDirs) {
137
+ const identityPath = path.join(projectPath, roleDir.name, "identity.json");
138
+ if (!fs.existsSync(identityPath)) continue;
139
+ try {
140
+ const content = fs.readFileSync(identityPath, "utf-8");
141
+ const identity = JSON.parse(content);
142
+ agents.push(identity);
143
+ } catch {
144
+ }
145
+ }
146
+ }
147
+ return agents;
148
+ }
149
+ function cleanStaleAgents() {
150
+ const agents = listAgents();
151
+ let cleaned = 0;
152
+ for (const agent of agents) {
153
+ if (!isProcessAlive(agent.pid)) {
154
+ unregisterAgent(agent.id);
155
+ cleaned++;
156
+ }
157
+ }
158
+ return cleaned;
159
+ }
160
+ function getMyIdentity(projectDir) {
161
+ const agentId = resolveAgentIdentity(projectDir);
162
+ const identityPath = path.join(getAgentDir(agentId), "identity.json");
163
+ if (!fs.existsSync(identityPath)) return null;
164
+ try {
165
+ return JSON.parse(fs.readFileSync(identityPath, "utf-8"));
166
+ } catch {
167
+ return null;
168
+ }
169
+ }
170
+ function markAgentPollTime(agentId, statusBlurb) {
171
+ const identityPath = path.join(getAgentDir(agentId), "identity.json");
172
+ if (!fs.existsSync(identityPath)) return;
173
+ try {
174
+ const identity = JSON.parse(fs.readFileSync(identityPath, "utf-8"));
175
+ identity.lastPoll = (/* @__PURE__ */ new Date()).toISOString();
176
+ if (statusBlurb !== void 0) {
177
+ identity.statusBlurb = statusBlurb || void 0;
178
+ }
179
+ fs.writeFileSync(identityPath, JSON.stringify(identity, null, 2), "utf-8");
180
+ } catch {
181
+ }
182
+ }
183
+ function updateAgentStatus(agentId, statusBlurb) {
184
+ const identityPath = path.join(getAgentDir(agentId), "identity.json");
185
+ if (!fs.existsSync(identityPath)) return;
186
+ try {
187
+ const identity = JSON.parse(fs.readFileSync(identityPath, "utf-8"));
188
+ identity.statusBlurb = statusBlurb || void 0;
189
+ fs.writeFileSync(identityPath, JSON.stringify(identity, null, 2), "utf-8");
190
+ } catch {
191
+ }
192
+ }
193
+ function isAgentAsleep(identity, thresholdMs = 6e4) {
194
+ if (!identity.lastPoll) return true;
195
+ const lastPoll = new Date(identity.lastPoll).getTime();
196
+ return Date.now() - lastPoll > thresholdMs;
197
+ }
198
+ function discoverClaudeCodeSessions() {
199
+ const agents = listAgents();
200
+ const alive = agents.filter((a) => isProcessAlive(a.pid));
201
+ try {
202
+ const conductorSessionsDir = path.join(os.homedir(), ".conductor", "sessions");
203
+ if (fs.existsSync(conductorSessionsDir)) {
204
+ const files = fs.readdirSync(conductorSessionsDir).filter((f) => f.endsWith(".json"));
205
+ for (const file of files) {
206
+ try {
207
+ const content = fs.readFileSync(path.join(conductorSessionsDir, file), "utf-8");
208
+ const session = JSON.parse(content);
209
+ const pid = parseInt(path.basename(file, ".json"), 10);
210
+ if (!alive.some((a) => a.pid === pid) && isProcessAlive(pid)) {
211
+ alive.push({
212
+ id: `conductor/${pid}`,
213
+ name: session.label || `Session ${pid}`,
214
+ type: "agent",
215
+ project: session.projectDir ? path.basename(session.projectDir) : "unknown",
216
+ role: "conductor",
217
+ pid,
218
+ startedAt: session.registeredAt || (/* @__PURE__ */ new Date()).toISOString()
219
+ });
220
+ }
221
+ } catch {
222
+ }
223
+ }
224
+ }
225
+ } catch {
226
+ }
227
+ return alive;
228
+ }
229
+ function inboxPath(agentId) {
230
+ return path.join(getAgentDir(agentId), "inbox.jsonl");
231
+ }
232
+ function outboxPath(agentId) {
233
+ return path.join(getAgentDir(agentId), "outbox.jsonl");
234
+ }
235
+ function ackPath(agentId) {
236
+ return path.join(getAgentDir(agentId), "ack.json");
237
+ }
238
+ function peekInbox(agentId) {
239
+ const filePath = inboxPath(agentId);
240
+ if (!fs.existsSync(filePath)) return { hasNew: false, inboxSize: 0 };
241
+ const stat = fs.statSync(filePath);
242
+ const inboxSize = stat.size;
243
+ const ack = readAck(agentId);
244
+ if (!ack) {
245
+ return { hasNew: inboxSize > 0, inboxSize };
246
+ }
247
+ const ackSizePath = path.join(getAgentDir(agentId), "ack-size.json");
248
+ if (fs.existsSync(ackSizePath)) {
249
+ try {
250
+ const ackSize = JSON.parse(fs.readFileSync(ackSizePath, "utf-8"));
251
+ return { hasNew: inboxSize > (ackSize.size || 0), inboxSize };
252
+ } catch {
253
+ }
254
+ }
255
+ return { hasNew: inboxSize > 0, inboxSize };
256
+ }
257
+ function recordAckSize(agentId) {
258
+ const filePath = inboxPath(agentId);
259
+ const ackSizePath = path.join(getAgentDir(agentId), "ack-size.json");
260
+ try {
261
+ const size = fs.existsSync(filePath) ? fs.statSync(filePath).size : 0;
262
+ ensureAgentDir(agentId);
263
+ fs.writeFileSync(ackSizePath, JSON.stringify({ size }), "utf-8");
264
+ } catch {
265
+ }
266
+ }
267
+ function appendToInbox(agentId, message) {
268
+ ensureAgentDir(agentId);
269
+ appendJsonlLine(inboxPath(agentId), message);
270
+ }
271
+ function readInbox(agentId, afterAck) {
272
+ const messages = readJsonlFile(inboxPath(agentId));
273
+ if (!afterAck) {
274
+ const ack = readAck(agentId);
275
+ if (ack) {
276
+ const ackIndex2 = messages.findIndex((m) => m.id === ack);
277
+ if (ackIndex2 >= 0) return messages.slice(ackIndex2 + 1);
278
+ }
279
+ return messages;
280
+ }
281
+ const ackIndex = messages.findIndex((m) => m.id === afterAck);
282
+ if (ackIndex >= 0) return messages.slice(ackIndex + 1);
283
+ return messages;
284
+ }
285
+ function appendToOutbox(agentId, message) {
286
+ ensureAgentDir(agentId);
287
+ appendJsonlLine(outboxPath(agentId), message);
288
+ }
289
+ function readOutbox(agentId) {
290
+ return readJsonlFile(outboxPath(agentId));
291
+ }
292
+ function acknowledgeMessages(agentId, lastMessageId) {
293
+ const filePath = ackPath(agentId);
294
+ ensureAgentDir(agentId);
295
+ fs.writeFileSync(filePath, JSON.stringify({ lastAck: lastMessageId }), "utf-8");
296
+ }
297
+ function readAck(agentId) {
298
+ const filePath = ackPath(agentId);
299
+ if (!fs.existsSync(filePath)) return null;
300
+ try {
301
+ const content = JSON.parse(fs.readFileSync(filePath, "utf-8"));
302
+ return content.lastAck || null;
303
+ } catch {
304
+ return null;
305
+ }
306
+ }
307
+ function garbageCollect(agentId) {
308
+ const ack = readAck(agentId);
309
+ if (!ack) return 0;
310
+ const filePath = inboxPath(agentId);
311
+ const messages = readJsonlFile(filePath);
312
+ const ackIndex = messages.findIndex((m) => m.id === ack);
313
+ if (ackIndex < 0) return 0;
314
+ const kept = messages.slice(ackIndex + 1);
315
+ const removed = messages.length - kept.length;
316
+ if (kept.length === 0) {
317
+ if (fs.existsSync(filePath)) fs.writeFileSync(filePath, "", "utf-8");
318
+ } else {
319
+ fs.writeFileSync(filePath, kept.map((m) => JSON.stringify(m)).join("\n") + "\n", "utf-8");
320
+ }
321
+ return removed;
322
+ }
323
+ function threadPath(threadId) {
324
+ return path.join(THREADS_DIR, `${threadId}.json`);
325
+ }
326
+ function createThread(topic, initiator) {
327
+ ensureScoreDirs();
328
+ const id = "thr-" + crypto.randomBytes(4).toString("hex");
329
+ const now = (/* @__PURE__ */ new Date()).toISOString();
330
+ const thread = {
331
+ id,
332
+ topic,
333
+ initiator,
334
+ participants: [initiator],
335
+ status: "active",
336
+ createdAt: now,
337
+ lastActivity: now,
338
+ messageCount: 0
339
+ };
340
+ fs.writeFileSync(threadPath(id), JSON.stringify(thread, null, 2), "utf-8");
341
+ return thread;
342
+ }
343
+ function loadThread(threadId) {
344
+ const filePath = threadPath(threadId);
345
+ if (!fs.existsSync(filePath)) return null;
346
+ try {
347
+ return JSON.parse(fs.readFileSync(filePath, "utf-8"));
348
+ } catch {
349
+ return null;
350
+ }
351
+ }
352
+ function listThreads(status) {
353
+ ensureScoreDirs();
354
+ if (!fs.existsSync(THREADS_DIR)) return [];
355
+ const files = fs.readdirSync(THREADS_DIR).filter((f) => f.endsWith(".json"));
356
+ const threads = [];
357
+ for (const file of files) {
358
+ try {
359
+ const content = fs.readFileSync(path.join(THREADS_DIR, file), "utf-8");
360
+ const thread = JSON.parse(content);
361
+ if (!status || thread.status === status) {
362
+ threads.push(thread);
363
+ }
364
+ } catch {
365
+ }
366
+ }
367
+ return threads.sort((a, b) => b.lastActivity.localeCompare(a.lastActivity));
368
+ }
369
+ function updateThread(threadId, partial) {
370
+ const thread = loadThread(threadId);
371
+ if (!thread) return false;
372
+ const updated = { ...thread, ...partial };
373
+ fs.writeFileSync(threadPath(threadId), JSON.stringify(updated, null, 2), "utf-8");
374
+ return true;
375
+ }
376
+ function resolveThread(threadId, decision) {
377
+ return updateThread(threadId, {
378
+ status: "resolved",
379
+ resolvedAt: (/* @__PURE__ */ new Date()).toISOString(),
380
+ decision
381
+ });
382
+ }
383
+ function getThreadMessages(threadId) {
384
+ const agents = listAgents();
385
+ const messages = [];
386
+ for (const agent of agents) {
387
+ const inbox = readJsonlFile(inboxPath(agent.id));
388
+ const outbox = readJsonlFile(outboxPath(agent.id));
389
+ for (const msg of [...inbox, ...outbox]) {
390
+ if (msg.threadRoot === threadId || msg.id === threadId) {
391
+ if (!messages.some((m) => m.id === msg.id)) {
392
+ messages.push(msg);
393
+ }
394
+ }
395
+ }
396
+ }
397
+ return messages.sort((a, b) => a.timestamp.localeCompare(b.timestamp));
398
+ }
399
+ function buildMessage(params) {
400
+ return {
401
+ id: crypto.randomUUID(),
402
+ parentId: params.parentId,
403
+ threadRoot: params.threadRoot,
404
+ timestamp: (/* @__PURE__ */ new Date()).toISOString(),
405
+ sender: params.sender,
406
+ recipients: params.recipients,
407
+ intent: params.intent,
408
+ content: {
409
+ text: params.text,
410
+ diff: params.diff,
411
+ decision: params.decision
412
+ },
413
+ symbols: params.symbols || [],
414
+ attachments: params.attachments,
415
+ metadata: params.metadata
416
+ };
417
+ }
418
+ function routeMessage(message) {
419
+ ensureScoreDirs();
420
+ appendToOutbox(message.sender.id, message);
421
+ let deliveryCount = 0;
422
+ if (message.recipients && message.recipients.length > 0) {
423
+ for (const recipient of message.recipients) {
424
+ appendToInbox(recipient.id, message);
425
+ deliveryCount++;
426
+ }
427
+ } else {
428
+ const agents = listAgents();
429
+ for (const agent of agents) {
430
+ if (agent.id !== message.sender.id) {
431
+ appendToInbox(agent.id, message);
432
+ deliveryCount++;
433
+ }
434
+ }
435
+ }
436
+ if (message.threadRoot) {
437
+ const thread = loadThread(message.threadRoot);
438
+ if (thread) {
439
+ const isParticipant = thread.participants.some((p) => p.id === message.sender.id);
440
+ const updatedParticipants = isParticipant ? thread.participants : [...thread.participants, message.sender];
441
+ updateThread(message.threadRoot, {
442
+ participants: updatedParticipants,
443
+ lastActivity: message.timestamp,
444
+ messageCount: thread.messageCount + 1
445
+ });
446
+ }
447
+ }
448
+ return deliveryCount;
449
+ }
450
+ function fileRequestPath(requestId) {
451
+ return path.join(FILE_REQUESTS_DIR, `${requestId}.json`);
452
+ }
453
+ function loadTrustConfig() {
454
+ if (!fs.existsSync(TRUST_CONFIG_PATH)) return DEFAULT_TRUST;
455
+ try {
456
+ const content = fs.readFileSync(TRUST_CONFIG_PATH, "utf-8");
457
+ try {
458
+ return JSON.parse(content);
459
+ } catch {
460
+ return DEFAULT_TRUST;
461
+ }
462
+ } catch {
463
+ return DEFAULT_TRUST;
464
+ }
465
+ }
466
+ function createFileRequest(params) {
467
+ ensureScoreDirs();
468
+ const requestId = "freq-" + crypto.randomBytes(4).toString("hex");
469
+ const record = {
470
+ request: {
471
+ requestId,
472
+ filePath: params.filePath,
473
+ reason: params.reason,
474
+ requester: params.requester,
475
+ urgency: params.urgency || "normal",
476
+ snippet: params.snippet,
477
+ threadRoot: params.threadRoot
478
+ },
479
+ status: "pending",
480
+ createdAt: (/* @__PURE__ */ new Date()).toISOString()
481
+ };
482
+ fs.writeFileSync(fileRequestPath(requestId), JSON.stringify(record, null, 2), "utf-8");
483
+ return record;
484
+ }
485
+ function loadFileRequest(requestId) {
486
+ const filePath = fileRequestPath(requestId);
487
+ if (!fs.existsSync(filePath)) return null;
488
+ try {
489
+ return JSON.parse(fs.readFileSync(filePath, "utf-8"));
490
+ } catch {
491
+ return null;
492
+ }
493
+ }
494
+ function listFileRequests(status) {
495
+ ensureScoreDirs();
496
+ if (!fs.existsSync(FILE_REQUESTS_DIR)) return [];
497
+ const files = fs.readdirSync(FILE_REQUESTS_DIR).filter((f) => f.endsWith(".json"));
498
+ const requests = [];
499
+ for (const file of files) {
500
+ try {
501
+ const content = fs.readFileSync(path.join(FILE_REQUESTS_DIR, file), "utf-8");
502
+ const record = JSON.parse(content);
503
+ if (!status || record.status === status) {
504
+ requests.push(record);
505
+ }
506
+ } catch {
507
+ }
508
+ }
509
+ return requests.sort((a, b) => b.createdAt.localeCompare(a.createdAt));
510
+ }
511
+ function approveFileRequest(requestId, projectDir, redact) {
512
+ const record = loadFileRequest(requestId);
513
+ if (!record) return { success: false, error: `File request not found: ${requestId}` };
514
+ if (record.status !== "pending") return { success: false, error: `Request already ${record.status}` };
515
+ const absolutePath = path.resolve(projectDir, record.request.filePath);
516
+ if (!absolutePath.startsWith(path.resolve(projectDir))) {
517
+ return { success: false, error: "File path escapes project directory" };
518
+ }
519
+ if (!fs.existsSync(absolutePath)) {
520
+ return { success: false, error: `File not found: ${record.request.filePath}` };
521
+ }
522
+ try {
523
+ let content = fs.readFileSync(absolutePath, "utf-8");
524
+ let encoding = "utf8";
525
+ if (redact) {
526
+ const secretPatterns = [
527
+ /(?:api[_-]?key|secret|token|password|credential|auth)\s*[:=]/i,
528
+ /(?:^|\s)(?:export\s+)?[A-Z_]+(?:KEY|SECRET|TOKEN|PASSWORD|CREDENTIAL)\s*=/,
529
+ /-----BEGIN (?:RSA |EC )?PRIVATE KEY-----/
530
+ ];
531
+ content = content.split("\n").map((line) => {
532
+ for (const pattern of secretPatterns) {
533
+ if (pattern.test(line)) return "[REDACTED]";
534
+ }
535
+ return line;
536
+ }).join("\n");
537
+ }
538
+ const hash = crypto.createHash("sha256").update(content).digest("hex");
539
+ const delivery = {
540
+ requestId,
541
+ filePath: record.request.filePath,
542
+ content,
543
+ encoding,
544
+ size: Buffer.byteLength(content),
545
+ hash
546
+ };
547
+ record.status = "approved";
548
+ record.resolvedAt = (/* @__PURE__ */ new Date()).toISOString();
549
+ record.delivery = delivery;
550
+ fs.writeFileSync(fileRequestPath(requestId), JSON.stringify(record, null, 2), "utf-8");
551
+ const deliveryMessage = buildMessage({
552
+ sender: { id: "system", name: "File Transfer", type: "human" },
553
+ recipients: [record.request.requester],
554
+ intent: "fileDelivery",
555
+ text: `File delivered: ${record.request.filePath} (${delivery.size} bytes, SHA-256: ${hash.slice(0, 12)}...)`,
556
+ threadRoot: record.request.threadRoot,
557
+ symbols: []
558
+ });
559
+ deliveryMessage.attachments = [{
560
+ name: path.basename(record.request.filePath),
561
+ type: "file",
562
+ content: delivery.content,
563
+ encoding: delivery.encoding
564
+ }];
565
+ routeMessage(deliveryMessage);
566
+ return { success: true, delivery };
567
+ } catch (err) {
568
+ return { success: false, error: `Failed to read file: ${err.message}` };
569
+ }
570
+ }
571
+ function denyFileRequest(requestId, reason) {
572
+ const record = loadFileRequest(requestId);
573
+ if (!record || record.status !== "pending") return false;
574
+ record.status = "denied";
575
+ record.resolvedAt = (/* @__PURE__ */ new Date()).toISOString();
576
+ record.denyReason = reason;
577
+ fs.writeFileSync(fileRequestPath(requestId), JSON.stringify(record, null, 2), "utf-8");
578
+ const denialMessage = buildMessage({
579
+ sender: { id: "system", name: "File Transfer", type: "human" },
580
+ recipients: [record.request.requester],
581
+ intent: "fileDenied",
582
+ text: `File request denied: ${record.request.filePath}${reason ? ` \u2014 ${reason}` : ""}`,
583
+ threadRoot: record.request.threadRoot,
584
+ symbols: []
585
+ });
586
+ routeMessage(denialMessage);
587
+ return true;
588
+ }
589
+ function matchesGlob(filePath, pattern) {
590
+ let regex = pattern.replace(/\./g, "\\.").replace(/\*\*/g, "{{GLOBSTAR}}").replace(/\*/g, "[^/]*").replace(/\?/g, "[^/]").replace(/\{\{GLOBSTAR\}\}/g, ".*");
591
+ return new RegExp(`^${regex}$`).test(filePath);
592
+ }
593
+ function isPathDenied(filePath, config, user) {
594
+ const trust = config || loadTrustConfig();
595
+ if (user && trust.users[user]) {
596
+ for (const pattern of trust.users[user].neverApprove) {
597
+ if (matchesGlob(filePath, pattern)) return true;
598
+ }
599
+ }
600
+ for (const pattern of trust.defaults.neverApprove) {
601
+ if (matchesGlob(filePath, pattern)) return true;
602
+ }
603
+ return false;
604
+ }
605
+ function isPathAutoApproved(filePath, config, user) {
606
+ const trust = config || loadTrustConfig();
607
+ if (isPathDenied(filePath, trust, user)) return false;
608
+ if (user && trust.users[user]) {
609
+ for (const pattern of trust.users[user].autoApprove) {
610
+ if (matchesGlob(filePath, pattern)) return true;
611
+ }
612
+ }
613
+ for (const pattern of trust.defaults.autoApprove) {
614
+ if (matchesGlob(filePath, pattern)) return true;
615
+ }
616
+ return false;
617
+ }
618
+ function expireOldRequests() {
619
+ const requests = listFileRequests("pending");
620
+ let expired = 0;
621
+ for (const record of requests) {
622
+ const age = Date.now() - new Date(record.createdAt).getTime();
623
+ if (age > FILE_REQUEST_TTL_MS) {
624
+ record.status = "expired";
625
+ record.resolvedAt = (/* @__PURE__ */ new Date()).toISOString();
626
+ fs.writeFileSync(
627
+ fileRequestPath(record.request.requestId),
628
+ JSON.stringify(record, null, 2),
629
+ "utf-8"
630
+ );
631
+ expired++;
632
+ }
633
+ }
634
+ return expired;
635
+ }
636
+ function isProcessAlive(pid) {
637
+ try {
638
+ process.kill(pid, 0);
639
+ return true;
640
+ } catch {
641
+ return false;
642
+ }
643
+ }
644
+
645
+ export {
646
+ SCORE_DIR,
647
+ ensureScoreDirs,
648
+ ensureMailDirs,
649
+ getAgentDir,
650
+ readJsonlFile,
651
+ appendJsonlLine,
652
+ resolveAgentIdentity,
653
+ registerAgent,
654
+ unregisterAgent,
655
+ listAgents,
656
+ cleanStaleAgents,
657
+ getMyIdentity,
658
+ markAgentPollTime,
659
+ updateAgentStatus,
660
+ isAgentAsleep,
661
+ discoverClaudeCodeSessions,
662
+ peekInbox,
663
+ recordAckSize,
664
+ appendToInbox,
665
+ readInbox,
666
+ appendToOutbox,
667
+ readOutbox,
668
+ acknowledgeMessages,
669
+ readAck,
670
+ garbageCollect,
671
+ createThread,
672
+ loadThread,
673
+ listThreads,
674
+ updateThread,
675
+ resolveThread,
676
+ getThreadMessages,
677
+ buildMessage,
678
+ routeMessage,
679
+ loadTrustConfig,
680
+ createFileRequest,
681
+ loadFileRequest,
682
+ listFileRequests,
683
+ approveFileRequest,
684
+ denyFileRequest,
685
+ isPathDenied,
686
+ isPathAutoApproved,
687
+ expireOldRequests
688
+ };