@aperdomoll90/ledger-ai 1.3.0 → 1.4.2

package/dist/lib/notes.js

@@ -1,41 +1,75 @@
 import { randomUUID } from 'crypto';
 import { fatal, ExitCode } from './errors.js';
 import { contentHash } from './hash.js';
+import { audit } from './audit.js';
 import { loadConfigFile, saveConfigFile } from './config.js';
-// --- Built-in Type Registry ---
+import { inferDomain as inferDomainFromType, getProtectionDefault, getAutoLoadDefault, resolveV1Type, isV2Type, } from './domains.js';
+// --- Built-in Type Registry (v2: domain-based) ---
 export const BUILTIN_TYPES = {
+    // v2 types mapped to legacy delivery tier for backward compat
+    'personality': 'persona',
+    'behavioral-rule': 'persona',
+    'preference': 'persona',
+    'skill': 'persona',
+    'claude-md': 'persona',
+    'hook': 'persona',
+    'plugin-config': 'persona',
+    'type-registry': 'persona',
+    'sync-rule': 'persona',
+    'dashboard': 'project',
+    'device-registry': 'project',
+    'environment': 'project',
+    'eval-result': 'project',
+    'architecture': 'project',
+    'project-status': 'project',
+    'event': 'project',
+    'error': 'project',
+    'reference': 'knowledge',
+    'knowledge': 'knowledge',
+    'general': 'knowledge',
+    // Legacy v1 names still accepted
     'user-preference': 'persona',
     'persona-rule': 'persona',
     'system-rule': 'persona',
     'code-craft': 'persona',
     'architecture-decision': 'project',
-    'project-status': 'project',
-    'event': 'project',
-    'error': 'project',
-    'reference': 'knowledge',
     'knowledge-guide': 'knowledge',
-    'general': 'knowledge',
-};
-const TYPE_ALIASES = {
-    'feedback': 'general',
+    'skill-reference': 'persona',
 };
 function resolveTypeAlias(type) {
-    return TYPE_ALIASES[type] ?? type;
+    const migration = resolveV1Type(type);
+    if (migration)
+        return migration.type;
+    if (type === 'feedback')
+        return 'general';
+    return type;
 }
 export function getTypeRegistry() {
     const config = loadConfigFile();
     return { ...BUILTIN_TYPES, ...(config.types ?? {}) };
 }
+/** Infer domain from a note type. Handles both v1 and v2 type names. */
+export function inferDomain(noteType) {
+    const v1 = resolveV1Type(noteType);
+    if (v1)
+        return v1.domain;
+    return inferDomainFromType(noteType);
+}
+/** Legacy: infer delivery tier from note type. Use inferDomain for new code. */
 export function inferDelivery(noteType) {
+    const registry = getTypeRegistry();
+    // Check original name first (user overrides may use v1 names)
+    if (noteType in registry)
+        return registry[noteType];
     const resolved = resolveTypeAlias(noteType);
-    return getTypeRegistry()[resolved] ?? 'knowledge';
+    return registry[resolved] ?? 'knowledge';
 }
 export function getRegisteredTypes() {
     return Object.keys(getTypeRegistry());
 }
 export function isRegisteredType(noteType) {
     const resolved = resolveTypeAlias(noteType);
-    return resolved in getTypeRegistry();
+    return isV2Type(resolved) || resolved in getTypeRegistry();
 }
 export function registerType(name, delivery) {
     const config = loadConfigFile();
@@ -61,17 +95,31 @@ export async function fetchPersonaNotes(supabase) {
     const { data, error } = await supabase
         .from('notes')
         .select('id, content, metadata, created_at, updated_at')
-        .eq('metadata->>delivery', 'persona');
+        .eq('metadata->>domain', 'persona');
     if (error) {
         fatal(`Error querying persona notes: ${error.message}`, ExitCode.SUPABASE_ERROR);
     }
     return (data || []);
 }
+/**
+ * Fetch notes that should sync to every machine.
+ * v2: domain IN (system, persona, workspace).
+ */
+export async function fetchSyncableNotes(supabase) {
+    const { data: domainNotes, error: domainError } = await supabase
+        .from('notes')
+        .select('id, content, metadata, created_at, updated_at')
+        .in('metadata->>domain', ['system', 'persona', 'workspace']);
+    if (!domainError && domainNotes && domainNotes.length > 0) {
+        return domainNotes;
+    }
+    return fetchPersonaNotes(supabase);
+}
 export async function findNoteByFile(supabase, filename) {
     const { data: byFile } = await supabase
         .from('notes')
         .select('id, metadata')
-        .eq('metadata->>local_file', filename)
+        .eq('metadata->>file_path', filename)
         .single();
     if (byFile)
         return byFile;
@@ -120,10 +168,10 @@ export async function searchNotes(supabase, openai, query, threshold = 0.3, maxR
 export async function fetchNoteHashes(supabase) {
     const notes = await fetchPersonaNotes(supabase);
     return notes
-        .filter(n => n.metadata.local_file)
+        .filter(n => n.metadata.file_path)
         .map(n => ({
         id: n.id,
-        localFile: n.metadata.local_file,
+        localFile: n.metadata.file_path,
         contentHash: n.metadata.content_hash || contentHash(n.content),
         content: n.content,
     }));
@@ -198,6 +246,35 @@ function formatNotePreview(id, meta, content, maxLen = 300) {
     const descLine = desc ? `\nDescription: ${desc}` : '';
     return `"${label}" (id: ${id}) | type: ${noteType || '-'} | project: ${project || '-'}${descLine}\n  ${preview}${truncated}`;
 }
+/**
+ * Check if an operation should be blocked or confirmed based on protection level.
+ * Returns null if operation is allowed, or an OperationResult if blocked/needs approval.
+ */
+function checkProtection(noteId, meta, operation, confirmed) {
+    const protection = meta.protection ?? 'open';
+    const uKey = meta.upsert_key;
+    const label = uKey || `id ${noteId}`;
+    const noteType = meta.type;
+    if (protection === 'immutable') {
+        return {
+            status: 'error',
+            message: `BLOCKED — "${label}" (type: ${noteType ?? 'unknown'}) is immutable and cannot be ${operation}d. Immutable notes are system-managed only.`,
+        };
+    }
+    if (protection === 'protected' && !confirmed) {
+        return {
+            status: 'confirm',
+            message: `PROTECTED NOTE — "${label}" (type: ${noteType ?? 'unknown'}) requires explicit user approval to ${operation}.\n\nTo proceed, re-call with confirmed: true.`,
+        };
+    }
+    if (protection === 'guarded' && !confirmed) {
+        return {
+            status: 'confirm',
+            message: `GUARDED NOTE — "${label}" (type: ${noteType ?? 'unknown'}) requires confirmation to ${operation}.\n\nTo proceed, re-call with confirmed: true.`,
+        };
+    }
+    return null;
+}
 // --- Naming Conventions ---
 /** Valid type prefixes for upsert_key naming. */
 const TYPE_PREFIXES = {
@@ -253,8 +330,8 @@ export function validateNaming(upsertKey, type, description) {
     }
     return null;
 }
-/** Derive local_file from upsert_key: feedback-style → feedback_style.md */
-export function deriveLocalFile(upsertKey) {
+/** Derive file_path from upsert_key: feedback-style → feedback_style.md */
+export function deriveFilePath(upsertKey) {
     return upsertKey.replace(/-/g, '_') + '.md';
 }
 /** Check if naming enforcement is enabled in config. */
@@ -281,7 +358,7 @@ export function checkMetadataCompleteness(metadata, type) {
     if (!metadata.upsert_key) {
         missing.push('upsert_key');
     }
-    // Only ask for status on project-scoped types
+    // Only ask for status on project-tier types (those with delivery=project in the type registry)
     if (inferDelivery(type) === 'project' && !metadata.status) {
         missing.push('status');
     }
@@ -300,9 +377,9 @@ export function checkMetadataCompleteness(metadata, type) {
     return `METADATA NEEDED — ask the user for these fields before saving:\n\n${fields.join('\n')}\n\nIf the user wants to skip, re-call add_note with metadata field \`interactive_skip: true\` to use defaults.`;
 }
 // --- Shared Operations (called by both MCP and CLI) ---
-export async function opSearchNotes(clients, query, threshold, limit, type, project) {
+export async function opSearchNotes(clients, query, threshold, limit, type, project, domain) {
     const embedding = await getEmbedding(clients.openai, query);
-    const fetchLimit = (type || project) ? limit * 3 : limit;
+    const fetchLimit = (type || project || domain) ? limit * 3 : limit;
     const { data, error } = await clients.supabase.rpc('match_notes', {
         q_emb: JSON.stringify(embedding),
         threshold,
@@ -316,6 +393,8 @@ export async function opSearchNotes(clients, query, threshold, limit, type, proj
         results = results.filter(n => n.metadata.type === type);
     if (project)
         results = results.filter(n => n.metadata.project === project);
+    if (domain)
+        results = results.filter(n => n.metadata.domain === domain);
     results = results.slice(0, limit);
     // Fallback: retry at 0.3 when requested threshold returns empty
     if ((!results || results.length === 0) && threshold > 0.3) {
@@ -330,6 +409,8 @@ export async function opSearchNotes(clients, query, threshold, limit, type, proj
                 fallbackResults = fallbackResults.filter(n => n.metadata.type === type);
             if (project)
                 fallbackResults = fallbackResults.filter(n => n.metadata.project === project);
+            if (domain)
+                fallbackResults = fallbackResults.filter(n => n.metadata.domain === domain);
             fallbackResults = fallbackResults.slice(0, limit);
             if (fallbackResults.length > 0) {
                 results = fallbackResults;
@@ -373,7 +454,7 @@ async function reassembleResults(supabase, results) {
     }
     return output.join('\n\n---\n\n');
 }
-export async function opListNotes(clients, limit, type, project) {
+export async function opListNotes(clients, limit, type, project, domain) {
     let query = clients.supabase
         .from('notes')
         .select('id, content, metadata, created_at')
@@ -383,6 +464,8 @@ export async function opListNotes(clients, limit, type, project) {
         query = query.eq('metadata->>type', type);
     if (project)
         query = query.eq('metadata->>project', project);
+    if (domain)
+        query = query.eq('metadata->>domain', domain);
     const { data, error } = await query;
     if (error) {
         return { status: 'error', message: `Error: ${error.message}` };
@@ -418,8 +501,10 @@ export async function opAddNote(clients, content, type, agent, metadata, force,
         const nameError = validateTypeName(resolvedType);
         if (nameError)
             return { status: 'error', message: nameError };
-        const delivery = metadata.delivery || 'knowledge';
-        registerType(resolvedType, delivery);
+        const domainForRegistry = inferDomain(resolvedType);
+        // Map domain to legacy delivery tier for registry compatibility
+        const deliveryForRegistry = domainForRegistry === 'project' ? 'project' : domainForRegistry === 'persona' || domainForRegistry === 'system' ? 'persona' : 'knowledge';
+        registerType(resolvedType, deliveryForRegistry);
     }
     // If type is still unknown after potential registration, prompt
     if (!isRegisteredType(resolvedType)) {
@@ -429,11 +514,32 @@ export async function opAddNote(clients, content, type, agent, metadata, force,
             .join(', ');
         return {
             status: 'confirm',
-            message: `Type "${type}" is not registered.\n\nOptions:\n1. Register with delivery "knowledge" (default) — re-call add_note with register_type: true\n2. Register with specific delivery — re-call add_note with register_type: true AND set metadata.delivery to "persona", "project", or "knowledge"\n3. Use an existing type instead — re-call add_note with one of: ${typeListStr}\n4. Cancel\n\nAsk the user which option they prefer.`,
+            message: `Type "${type}" is not registered.\n\nOptions:\n1. Register with domain auto-inferred from type — re-call add_note with register_type: true\n2. Register with specific domain — re-call add_note with register_type: true AND set metadata.domain to "system", "persona", "workspace", or "project"\n3. Use an existing type instead — re-call add_note with one of: ${typeListStr}\n4. Cancel\n\nAsk the user which option they prefer.`,
         };
     }
     // Use resolved type for the rest of the flow
     type = resolvedType;
+    // --- Auto-set v2 metadata from type ---
+    if (!metadata.domain) {
+        metadata.domain = inferDomain(type);
+    }
+    if (!metadata.protection) {
+        metadata.protection = getProtectionDefault(type);
+    }
+    if (metadata.auto_load === undefined) {
+        metadata.auto_load = getAutoLoadDefault(metadata.domain, type);
+    }
+    if (!metadata.owner_type) {
+        metadata.owner_type = 'user';
+        metadata.owner_id = null;
+    }
+    if (!metadata.schema_version) {
+        metadata.schema_version = 1;
+    }
+    if (!metadata.embedding_model) {
+        metadata.embedding_model = 'openai/text-embedding-3-small';
+        metadata.embedding_dimensions = 1536;
+    }
     // Naming enforcement (opt-in via config)
     if (isNamingEnforced()) {
         const namingError = validateNaming(upsertKey || '', type, description);
@@ -441,11 +547,11 @@ export async function opAddNote(clients, content, type, agent, metadata, force,
             return { status: 'error', message: `Naming violation: ${namingError}` };
         }
     }
-    // Auto-derive local_file from upsert_key for persona notes
-    if (upsertKey && !metadata.local_file) {
-        const delivery = metadata.delivery || inferDelivery(type);
-        if (delivery === 'persona') {
-            metadata.local_file = deriveLocalFile(upsertKey);
+    // Auto-derive file_path from upsert_key for persona/system domain notes with auto_load
+    if (upsertKey && !metadata.file_path) {
+        const noteDomain = metadata.domain || inferDomain(type);
+        if (noteDomain === 'persona' || noteDomain === 'system') {
+            metadata.file_path = deriveFilePath(upsertKey);
         }
     }
     const fullMetadata = { ...metadata, type, agent, content_hash: contentHash(content) };
@@ -507,6 +613,7 @@ async function upsertExistingNote(clients, existing, content, fullMetadata) {
             .single();
         if (error)
             return { status: 'error', message: `Error: ${error.message}` };
+        await audit(clients, data.id, fullMetadata, 'update', { content_hash: existing.metadata.content_hash, metadata: existing.metadata });
         const preview = content.length > 100 ? content.slice(0, 100) + '...' : content;
         return { status: 'ok', message: `Updated "${upsertKey}" (id: ${data.id}, ${content.length} chars)\nPreview: ${preview}` };
     }
@@ -527,6 +634,7 @@ async function upsertExistingNote(clients, existing, content, fullMetadata) {
             .single();
         if (error)
             return { status: 'error', message: `Error: ${error.message}` };
+        await audit(clients, data.id, fullMetadata, 'update', { content_hash: existing.metadata.content_hash, metadata: existing.metadata });
         const preview = content.length > 100 ? content.slice(0, 100) + '...' : content;
         return { status: 'ok', message: `Updated "${upsertKey}" (id: ${data.id}, ${content.length} chars)\nPreview: ${preview}` };
     }
@@ -544,6 +652,7 @@ async function upsertExistingNote(clients, existing, content, fullMetadata) {
             return { status: 'error', message: `Error saving chunk ${i + 1}/${newChunks.length}: ${error.message}` };
         ids.push(data.id);
     }
+    await audit(clients, ids[0], fullMetadata, 'update', { content_hash: existing.metadata.content_hash, metadata: existing.metadata });
     return { status: 'ok', message: `Updated "${upsertKey}" as ${newChunks.length} chunks (ids: ${ids.join(', ')}, ${content.length} chars total)` };
 }
 async function createNewNote(clients, content, fullMetadata) {
@@ -558,6 +667,7 @@ async function createNewNote(clients, content, fullMetadata) {
             .single();
         if (error)
             return { status: 'error', message: `Error: ${error.message}` };
+        await audit(clients, data.id, fullMetadata, 'create', null);
         const label = upsertKey || `id ${data.id}`;
         const preview = content.length > 100 ? content.slice(0, 100) + '...' : content;
         return { status: 'ok', message: `Saved "${label}" (id: ${data.id}, type: ${fullMetadata.type}, ${content.length} chars)\nPreview: ${preview}` };
@@ -572,6 +682,7 @@ async function createNewNote(clients, content, fullMetadata) {
             return { status: 'error', message: `Error saving chunk ${i + 1}/${chunks.length}: ${error.message}` };
         ids.push(data.id);
     }
+    await audit(clients, ids[0], fullMetadata, 'create', null);
     return { status: 'ok', message: `Saved "${upsertKey || 'chunked'}" as ${chunks.length} chunks (ids: ${ids.join(', ')}, ${content.length} chars total)` };
 }
 export async function opUpdateNote(clients, id, content, metadata, confirmed = false) {
@@ -583,16 +694,9 @@ export async function opUpdateNote(clients, id, content, metadata, confirmed = f
     if (fetchError || !existing) {
         return { status: 'error', message: `Error: note ${id} not found.` };
     }
-    // Protected delivery gate — skill-reference and other protected notes require explicit confirmation
-    const existingDelivery = existing.metadata.delivery;
-    if (existingDelivery === 'protected' && !confirmed) {
-        const existingType = existing.metadata.type;
-        const uKey = existing.metadata.upsert_key;
-        return {
-            status: 'confirm',
-            message: `⚠️ PROTECTED NOTE — "${uKey || `id ${id}`}" (type: ${existingType || 'unknown'}) has protected delivery.\n\nThis is a skill-reference note. Are you sure you want to update it? Skill reference documents are protected to prevent accidental overwrites.\n\nTo proceed, call update_note again with confirmed: true.`,
-        };
-    }
+    const protectionCheck = checkProtection(id, existing.metadata, 'update', confirmed);
+    if (protectionCheck)
+        return protectionCheck;
     // Confirmation gate
     if (!confirmed) {
         const currentPreview = formatNotePreview(existing.id, existing.metadata, existing.content);
@@ -619,6 +723,7 @@ export async function opUpdateNote(clients, id, content, metadata, confirmed = f
             .single();
         if (error)
             return { status: 'error', message: `Error: ${error.message}` };
+        await audit(clients, data.id, existingMeta, 'update', { content: existing.content, metadata: existingMeta });
         const uKey = baseMeta.upsert_key;
         const label = uKey || `id ${data.id}`;
         const preview = content.length > 100 ? content.slice(0, 100) + '...' : content;
@@ -643,6 +748,7 @@ export async function opUpdateNote(clients, id, content, metadata, confirmed = f
             .single();
         if (error)
             return { status: 'error', message: `Error: ${error.message}` };
+        await audit(clients, data.id, existingMeta, 'update', { content: existing.content, metadata: existingMeta });
         const uKey = baseMeta.upsert_key;
         const label = uKey || `id ${data.id}`;
         const preview = content.length > 100 ? content.slice(0, 100) + '...' : content;
@@ -662,6 +768,7 @@ export async function opUpdateNote(clients, id, content, metadata, confirmed = f
             return { status: 'error', message: `Error updating chunk ${i + 1}/${chunks.length}: ${error.message}` };
         ids.push(data.id);
     }
+    await audit(clients, ids[0], existingMeta, 'update', { content: existing.content, metadata: existingMeta });
     return { status: 'ok', message: `Note updated as ${chunks.length} chunks (ids: ${ids.join(', ')}, group: ${newGroupId})` };
 }
 export async function opUpdateMetadata(clients, id, metadata, confirmed = false) {
@@ -673,23 +780,35 @@ export async function opUpdateMetadata(clients, id, metadata, confirmed = false)
     if (fetchError || !existing) {
         return { status: 'error', message: `Error: note ${id} not found.` };
     }
-    // Protected delivery gate
-    const existingDelivery = existing.metadata.delivery;
-    if (existingDelivery === 'protected' && !confirmed) {
-        const existingType = existing.metadata.type;
-        const uKey = existing.metadata.upsert_key;
-        return {
-            status: 'confirm',
-            message: `⚠️ PROTECTED NOTE — "${uKey || `id ${id}`}" (type: ${existingType || 'unknown'}) has protected delivery.\n\nThis is a skill-reference note. Are you sure you want to update its metadata?\n\nTo proceed, call update_metadata again with confirmed: true.`,
-        };
-    }
+    const protectionCheck = checkProtection(id, existing.metadata, 'update', confirmed);
+    if (protectionCheck)
+        return protectionCheck;
     const merged = { ...existing.metadata, ...metadata };
+    // Type change cascading — auto-update domain when type changes
+    const oldType = existing.metadata.type;
+    const newType = metadata.type;
+    if (newType && oldType && newType !== oldType) {
+        const oldExpectedDomain = inferDomain(oldType);
+        const currentDomain = existing.metadata.domain;
+        // Only auto-update if domain wasn't manually overridden
+        if (!currentDomain || currentDomain === oldExpectedDomain) {
+            merged.domain = inferDomain(newType);
+        }
+        // If domain was manually set to something different, leave it alone
+    }
     const { error } = await clients.supabase
         .from('notes')
         .update({ metadata: merged })
         .eq('id', id);
     if (error)
         return { status: 'error', message: `Error: ${error.message}` };
+    const changedFields = {};
+    for (const key of Object.keys(metadata)) {
+        const oldVal = existing.metadata[key];
+        if (oldVal !== metadata[key])
+            changedFields[key] = oldVal;
+    }
+    await audit(clients, id, merged, 'update_metadata', { metadata: changedFields });
     const uKey = merged.upsert_key;
     return { status: 'ok', message: `Updated metadata for "${uKey || `id ${id}`}"` };
 }
@@ -704,15 +823,9 @@ export async function opDeleteNote(clients, id, confirmed = false) {
     }
     const meta = existing.metadata;
     const groupId = meta.chunk_group;
-    // Protected delivery gate
-    if (meta.delivery === 'protected' && !confirmed) {
-        const uKey = meta.upsert_key;
-        const existingType = meta.type;
-        return {
-            status: 'confirm',
-            message: `⚠️ PROTECTED NOTE — "${uKey || `id ${id}`}" (type: ${existingType || 'unknown'}) has protected delivery.\n\nThis is a skill-reference note. Are you sure you want to delete it? This action cannot be undone.\n\nTo proceed, call delete_note again with confirmed: true.`,
-        };
-    }
+    const protectionCheck = checkProtection(id, meta, 'delete', confirmed);
+    if (protectionCheck)
+        return protectionCheck;
     // Confirmation gate
     if (!confirmed) {
         const chunkInfo = groupId ? ` (chunked, all chunks will be deleted)` : '';
@@ -722,6 +835,7 @@ export async function opDeleteNote(clients, id, confirmed = false) {
             message: `CONFIRM DELETE — This note will be permanently removed${chunkInfo}:\n\n${preview}\n\nTo proceed, call delete_note again with confirmed: true.`,
         };
     }
+    await audit(clients, id, meta, 'delete', { content: existing.content, metadata: meta });
     if (groupId) {
         const { error } = await clients.supabase.from('notes').delete().eq('metadata->>chunk_group', groupId);
         if (error)