@caupulican/pi-adaptative 0.80.85 → 0.80.88

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (340) hide show
  1. package/CHANGELOG.md +160 -1
  2. package/dist/core/agent-session.d.ts +394 -1
  3. package/dist/core/agent-session.d.ts.map +1 -1
  4. package/dist/core/agent-session.js +1862 -46
  5. package/dist/core/agent-session.js.map +1 -1
  6. package/dist/core/autonomy/approval-gate.d.ts +4 -0
  7. package/dist/core/autonomy/approval-gate.d.ts.map +1 -0
  8. package/dist/core/autonomy/approval-gate.js +27 -0
  9. package/dist/core/autonomy/approval-gate.js.map +1 -0
  10. package/dist/core/autonomy/bounded-completion.d.ts +27 -0
  11. package/dist/core/autonomy/bounded-completion.d.ts.map +1 -0
  12. package/dist/core/autonomy/bounded-completion.js +44 -0
  13. package/dist/core/autonomy/bounded-completion.js.map +1 -0
  14. package/dist/core/autonomy/contracts.d.ts +129 -0
  15. package/dist/core/autonomy/contracts.d.ts.map +1 -0
  16. package/dist/core/autonomy/contracts.js +2 -0
  17. package/dist/core/autonomy/contracts.js.map +1 -0
  18. package/dist/core/autonomy/gates.d.ts +15 -0
  19. package/dist/core/autonomy/gates.d.ts.map +1 -0
  20. package/dist/core/autonomy/gates.js +205 -0
  21. package/dist/core/autonomy/gates.js.map +1 -0
  22. package/dist/core/autonomy/lane-tracker.d.ts +48 -0
  23. package/dist/core/autonomy/lane-tracker.d.ts.map +1 -0
  24. package/dist/core/autonomy/lane-tracker.js +125 -0
  25. package/dist/core/autonomy/lane-tracker.js.map +1 -0
  26. package/dist/core/autonomy/path-scope.d.ts +9 -0
  27. package/dist/core/autonomy/path-scope.d.ts.map +1 -0
  28. package/dist/core/autonomy/path-scope.js +122 -0
  29. package/dist/core/autonomy/path-scope.js.map +1 -0
  30. package/dist/core/autonomy/risk-assessment.d.ts +3 -0
  31. package/dist/core/autonomy/risk-assessment.d.ts.map +1 -0
  32. package/dist/core/autonomy/risk-assessment.js +122 -0
  33. package/dist/core/autonomy/risk-assessment.js.map +1 -0
  34. package/dist/core/autonomy/session-lane-record.d.ts +10 -0
  35. package/dist/core/autonomy/session-lane-record.d.ts.map +1 -0
  36. package/dist/core/autonomy/session-lane-record.js +36 -0
  37. package/dist/core/autonomy/session-lane-record.js.map +1 -0
  38. package/dist/core/autonomy/status.d.ts +40 -0
  39. package/dist/core/autonomy/status.d.ts.map +1 -0
  40. package/dist/core/autonomy/status.js +107 -0
  41. package/dist/core/autonomy/status.js.map +1 -0
  42. package/dist/core/autonomy/subagent-prompt.d.ts +21 -0
  43. package/dist/core/autonomy/subagent-prompt.d.ts.map +1 -0
  44. package/dist/core/autonomy/subagent-prompt.js +28 -0
  45. package/dist/core/autonomy/subagent-prompt.js.map +1 -0
  46. package/dist/core/autonomy/telemetry-events.d.ts +18 -0
  47. package/dist/core/autonomy/telemetry-events.d.ts.map +1 -0
  48. package/dist/core/autonomy/telemetry-events.js +60 -0
  49. package/dist/core/autonomy/telemetry-events.js.map +1 -0
  50. package/dist/core/context/artifact-retrieval.d.ts +49 -0
  51. package/dist/core/context/artifact-retrieval.d.ts.map +1 -0
  52. package/dist/core/context/artifact-retrieval.js +49 -0
  53. package/dist/core/context/artifact-retrieval.js.map +1 -0
  54. package/dist/core/context/context-artifacts.d.ts +94 -0
  55. package/dist/core/context/context-artifacts.d.ts.map +1 -0
  56. package/dist/core/context/context-artifacts.js +307 -0
  57. package/dist/core/context/context-artifacts.js.map +1 -0
  58. package/dist/core/context/context-audit.d.ts +66 -0
  59. package/dist/core/context/context-audit.d.ts.map +1 -0
  60. package/dist/core/context/context-audit.js +173 -0
  61. package/dist/core/context/context-audit.js.map +1 -0
  62. package/dist/core/context/context-item.d.ts +117 -0
  63. package/dist/core/context/context-item.d.ts.map +1 -0
  64. package/dist/core/context/context-item.js +36 -0
  65. package/dist/core/context/context-item.js.map +1 -0
  66. package/dist/core/context/context-prompt-enforcement.d.ts +73 -0
  67. package/dist/core/context/context-prompt-enforcement.d.ts.map +1 -0
  68. package/dist/core/context/context-prompt-enforcement.js +153 -0
  69. package/dist/core/context/context-prompt-enforcement.js.map +1 -0
  70. package/dist/core/context/context-prompt-policy.d.ts +90 -0
  71. package/dist/core/context/context-prompt-policy.d.ts.map +1 -0
  72. package/dist/core/context/context-prompt-policy.js +73 -0
  73. package/dist/core/context/context-prompt-policy.js.map +1 -0
  74. package/dist/core/context/context-retention.d.ts +36 -0
  75. package/dist/core/context/context-retention.d.ts.map +1 -0
  76. package/dist/core/context/context-retention.js +108 -0
  77. package/dist/core/context/context-retention.js.map +1 -0
  78. package/dist/core/context/context-store.d.ts +37 -0
  79. package/dist/core/context/context-store.d.ts.map +1 -0
  80. package/dist/core/context/context-store.js +45 -0
  81. package/dist/core/context/context-store.js.map +1 -0
  82. package/dist/core/context/memory-diagnostics.d.ts +50 -0
  83. package/dist/core/context/memory-diagnostics.d.ts.map +1 -0
  84. package/dist/core/context/memory-diagnostics.js +43 -0
  85. package/dist/core/context/memory-diagnostics.js.map +1 -0
  86. package/dist/core/context/memory-index-store.d.ts +28 -0
  87. package/dist/core/context/memory-index-store.d.ts.map +1 -0
  88. package/dist/core/context/memory-index-store.js +38 -0
  89. package/dist/core/context/memory-index-store.js.map +1 -0
  90. package/dist/core/context/memory-prompt-block.d.ts +34 -0
  91. package/dist/core/context/memory-prompt-block.d.ts.map +1 -0
  92. package/dist/core/context/memory-prompt-block.js +58 -0
  93. package/dist/core/context/memory-prompt-block.js.map +1 -0
  94. package/dist/core/context/memory-provider-contract.d.ts +114 -0
  95. package/dist/core/context/memory-provider-contract.d.ts.map +1 -0
  96. package/dist/core/context/memory-provider-contract.js +121 -0
  97. package/dist/core/context/memory-provider-contract.js.map +1 -0
  98. package/dist/core/context/memory-retrieval.d.ts +27 -0
  99. package/dist/core/context/memory-retrieval.d.ts.map +1 -0
  100. package/dist/core/context/memory-retrieval.js +91 -0
  101. package/dist/core/context/memory-retrieval.js.map +1 -0
  102. package/dist/core/context/okf-memory-provider.d.ts +26 -0
  103. package/dist/core/context/okf-memory-provider.d.ts.map +1 -0
  104. package/dist/core/context/okf-memory-provider.js +154 -0
  105. package/dist/core/context/okf-memory-provider.js.map +1 -0
  106. package/dist/core/context/okf-memory.d.ts +42 -0
  107. package/dist/core/context/okf-memory.d.ts.map +1 -0
  108. package/dist/core/context/okf-memory.js +175 -0
  109. package/dist/core/context/okf-memory.js.map +1 -0
  110. package/dist/core/context/policy-engine.d.ts +66 -0
  111. package/dist/core/context/policy-engine.d.ts.map +1 -0
  112. package/dist/core/context/policy-engine.js +171 -0
  113. package/dist/core/context/policy-engine.js.map +1 -0
  114. package/dist/core/context/policy-types.d.ts +102 -0
  115. package/dist/core/context/policy-types.d.ts.map +1 -0
  116. package/dist/core/context/policy-types.js +7 -0
  117. package/dist/core/context/policy-types.js.map +1 -0
  118. package/dist/core/context/sqlite-runtime-index.d.ts +19 -0
  119. package/dist/core/context/sqlite-runtime-index.d.ts.map +1 -0
  120. package/dist/core/context/sqlite-runtime-index.js +344 -0
  121. package/dist/core/context/sqlite-runtime-index.js.map +1 -0
  122. package/dist/core/context/storage-authority.d.ts +20 -0
  123. package/dist/core/context/storage-authority.d.ts.map +1 -0
  124. package/dist/core/context/storage-authority.js +51 -0
  125. package/dist/core/context/storage-authority.js.map +1 -0
  126. package/dist/core/context/tool-output-packer.d.ts +75 -0
  127. package/dist/core/context/tool-output-packer.d.ts.map +1 -0
  128. package/dist/core/context/tool-output-packer.js +77 -0
  129. package/dist/core/context/tool-output-packer.js.map +1 -0
  130. package/dist/core/cost/session-usage.d.ts +20 -0
  131. package/dist/core/cost/session-usage.d.ts.map +1 -0
  132. package/dist/core/cost/session-usage.js +164 -0
  133. package/dist/core/cost/session-usage.js.map +1 -0
  134. package/dist/core/delegation/session-worker-result.d.ts +10 -0
  135. package/dist/core/delegation/session-worker-result.d.ts.map +1 -0
  136. package/dist/core/delegation/session-worker-result.js +36 -0
  137. package/dist/core/delegation/session-worker-result.js.map +1 -0
  138. package/dist/core/delegation/worker-result.d.ts +9 -0
  139. package/dist/core/delegation/worker-result.d.ts.map +1 -0
  140. package/dist/core/delegation/worker-result.js +152 -0
  141. package/dist/core/delegation/worker-result.js.map +1 -0
  142. package/dist/core/delegation/worker-runner.d.ts +58 -0
  143. package/dist/core/delegation/worker-runner.d.ts.map +1 -0
  144. package/dist/core/delegation/worker-runner.js +188 -0
  145. package/dist/core/delegation/worker-runner.js.map +1 -0
  146. package/dist/core/extensions/builtin.d.ts +5 -1
  147. package/dist/core/extensions/builtin.d.ts.map +1 -1
  148. package/dist/core/extensions/builtin.js +23 -1
  149. package/dist/core/extensions/builtin.js.map +1 -1
  150. package/dist/core/footer-data-provider.d.ts +5 -1
  151. package/dist/core/footer-data-provider.d.ts.map +1 -1
  152. package/dist/core/footer-data-provider.js +13 -0
  153. package/dist/core/footer-data-provider.js.map +1 -1
  154. package/dist/core/goals/goal-continuation-controller.d.ts +22 -0
  155. package/dist/core/goals/goal-continuation-controller.d.ts.map +1 -0
  156. package/dist/core/goals/goal-continuation-controller.js +88 -0
  157. package/dist/core/goals/goal-continuation-controller.js.map +1 -0
  158. package/dist/core/goals/goal-continuation-defaults.d.ts +10 -0
  159. package/dist/core/goals/goal-continuation-defaults.d.ts.map +1 -0
  160. package/dist/core/goals/goal-continuation-defaults.js +10 -0
  161. package/dist/core/goals/goal-continuation-defaults.js.map +1 -0
  162. package/dist/core/goals/goal-continuation-prompt.d.ts +18 -0
  163. package/dist/core/goals/goal-continuation-prompt.d.ts.map +1 -0
  164. package/dist/core/goals/goal-continuation-prompt.js +141 -0
  165. package/dist/core/goals/goal-continuation-prompt.js.map +1 -0
  166. package/dist/core/goals/goal-runtime-snapshot.d.ts +19 -0
  167. package/dist/core/goals/goal-runtime-snapshot.d.ts.map +1 -0
  168. package/dist/core/goals/goal-runtime-snapshot.js +23 -0
  169. package/dist/core/goals/goal-runtime-snapshot.js.map +1 -0
  170. package/dist/core/goals/goal-state.d.ts +87 -0
  171. package/dist/core/goals/goal-state.d.ts.map +1 -0
  172. package/dist/core/goals/goal-state.js +259 -0
  173. package/dist/core/goals/goal-state.js.map +1 -0
  174. package/dist/core/goals/goal-tool-core.d.ts +66 -0
  175. package/dist/core/goals/goal-tool-core.d.ts.map +1 -0
  176. package/dist/core/goals/goal-tool-core.js +146 -0
  177. package/dist/core/goals/goal-tool-core.js.map +1 -0
  178. package/dist/core/goals/session-goal-state.d.ts +10 -0
  179. package/dist/core/goals/session-goal-state.d.ts.map +1 -0
  180. package/dist/core/goals/session-goal-state.js +35 -0
  181. package/dist/core/goals/session-goal-state.js.map +1 -0
  182. package/dist/core/learning/learning-audit.d.ts +45 -0
  183. package/dist/core/learning/learning-audit.d.ts.map +1 -0
  184. package/dist/core/learning/learning-audit.js +139 -0
  185. package/dist/core/learning/learning-audit.js.map +1 -0
  186. package/dist/core/learning/learning-gate.d.ts +29 -0
  187. package/dist/core/learning/learning-gate.d.ts.map +1 -0
  188. package/dist/core/learning/learning-gate.js +150 -0
  189. package/dist/core/learning/learning-gate.js.map +1 -0
  190. package/dist/core/learning/session-learning-decision.d.ts +10 -0
  191. package/dist/core/learning/session-learning-decision.d.ts.map +1 -0
  192. package/dist/core/learning/session-learning-decision.js +36 -0
  193. package/dist/core/learning/session-learning-decision.js.map +1 -0
  194. package/dist/core/model-capability.d.ts +41 -0
  195. package/dist/core/model-capability.d.ts.map +1 -0
  196. package/dist/core/model-capability.js +101 -0
  197. package/dist/core/model-capability.js.map +1 -0
  198. package/dist/core/model-router/config-diagnostics.d.ts.map +1 -1
  199. package/dist/core/model-router/config-diagnostics.js +1 -0
  200. package/dist/core/model-router/config-diagnostics.js.map +1 -1
  201. package/dist/core/model-router/intent-classifier.d.ts +2 -0
  202. package/dist/core/model-router/intent-classifier.d.ts.map +1 -1
  203. package/dist/core/model-router/intent-classifier.js +154 -9
  204. package/dist/core/model-router/intent-classifier.js.map +1 -1
  205. package/dist/core/model-router/route-judge.d.ts +54 -0
  206. package/dist/core/model-router/route-judge.d.ts.map +1 -0
  207. package/dist/core/model-router/route-judge.js +128 -0
  208. package/dist/core/model-router/route-judge.js.map +1 -0
  209. package/dist/core/model-router/status.d.ts +4 -1
  210. package/dist/core/model-router/status.d.ts.map +1 -1
  211. package/dist/core/model-router/status.js +30 -6
  212. package/dist/core/model-router/status.js.map +1 -1
  213. package/dist/core/model-router/tool-escalation.d.ts +4 -6
  214. package/dist/core/model-router/tool-escalation.d.ts.map +1 -1
  215. package/dist/core/model-router/tool-escalation.js +1 -1
  216. package/dist/core/model-router/tool-escalation.js.map +1 -1
  217. package/dist/core/models/fitness-store.d.ts +40 -0
  218. package/dist/core/models/fitness-store.d.ts.map +1 -0
  219. package/dist/core/models/fitness-store.js +61 -0
  220. package/dist/core/models/fitness-store.js.map +1 -0
  221. package/dist/core/profile-registry.d.ts.map +1 -1
  222. package/dist/core/profile-registry.js +1 -1
  223. package/dist/core/profile-registry.js.map +1 -1
  224. package/dist/core/prompt-templates.d.ts +2 -0
  225. package/dist/core/prompt-templates.d.ts.map +1 -1
  226. package/dist/core/prompt-templates.js +12 -4
  227. package/dist/core/prompt-templates.js.map +1 -1
  228. package/dist/core/research/automata-provider.d.ts +5 -0
  229. package/dist/core/research/automata-provider.d.ts.map +1 -0
  230. package/dist/core/research/automata-provider.js +15 -0
  231. package/dist/core/research/automata-provider.js.map +1 -0
  232. package/dist/core/research/evidence-bundle.d.ts +10 -0
  233. package/dist/core/research/evidence-bundle.d.ts.map +1 -0
  234. package/dist/core/research/evidence-bundle.js +116 -0
  235. package/dist/core/research/evidence-bundle.js.map +1 -0
  236. package/dist/core/research/model-fitness.d.ts +79 -0
  237. package/dist/core/research/model-fitness.d.ts.map +1 -0
  238. package/dist/core/research/model-fitness.js +257 -0
  239. package/dist/core/research/model-fitness.js.map +1 -0
  240. package/dist/core/research/research-gate.d.ts +11 -0
  241. package/dist/core/research/research-gate.d.ts.map +1 -0
  242. package/dist/core/research/research-gate.js +82 -0
  243. package/dist/core/research/research-gate.js.map +1 -0
  244. package/dist/core/research/research-runner.d.ts +59 -0
  245. package/dist/core/research/research-runner.d.ts.map +1 -0
  246. package/dist/core/research/research-runner.js +155 -0
  247. package/dist/core/research/research-runner.js.map +1 -0
  248. package/dist/core/research/session-evidence-bundle.d.ts +11 -0
  249. package/dist/core/research/session-evidence-bundle.d.ts.map +1 -0
  250. package/dist/core/research/session-evidence-bundle.js +55 -0
  251. package/dist/core/research/session-evidence-bundle.js.map +1 -0
  252. package/dist/core/resource-loader.d.ts.map +1 -1
  253. package/dist/core/resource-loader.js +7 -1
  254. package/dist/core/resource-loader.js.map +1 -1
  255. package/dist/core/settings-manager.d.ts +147 -4
  256. package/dist/core/settings-manager.d.ts.map +1 -1
  257. package/dist/core/settings-manager.js +285 -9
  258. package/dist/core/settings-manager.js.map +1 -1
  259. package/dist/core/skills.d.ts +4 -0
  260. package/dist/core/skills.d.ts.map +1 -1
  261. package/dist/core/skills.js +18 -6
  262. package/dist/core/skills.js.map +1 -1
  263. package/dist/core/slash-commands.d.ts.map +1 -1
  264. package/dist/core/slash-commands.js +4 -0
  265. package/dist/core/slash-commands.js.map +1 -1
  266. package/dist/core/toolkit/script-registry.d.ts +34 -0
  267. package/dist/core/toolkit/script-registry.d.ts.map +1 -0
  268. package/dist/core/toolkit/script-registry.js +71 -0
  269. package/dist/core/toolkit/script-registry.js.map +1 -0
  270. package/dist/core/toolkit/script-runner.d.ts +28 -0
  271. package/dist/core/toolkit/script-runner.d.ts.map +1 -0
  272. package/dist/core/toolkit/script-runner.js +48 -0
  273. package/dist/core/toolkit/script-runner.js.map +1 -0
  274. package/dist/core/tools/artifact-retrieve.d.ts +23 -0
  275. package/dist/core/tools/artifact-retrieve.d.ts.map +1 -0
  276. package/dist/core/tools/artifact-retrieve.js +110 -0
  277. package/dist/core/tools/artifact-retrieve.js.map +1 -0
  278. package/dist/core/tools/delegate.d.ts +32 -0
  279. package/dist/core/tools/delegate.d.ts.map +1 -0
  280. package/dist/core/tools/delegate.js +60 -0
  281. package/dist/core/tools/delegate.js.map +1 -0
  282. package/dist/core/tools/fff-search-backend.d.ts +103 -0
  283. package/dist/core/tools/fff-search-backend.d.ts.map +1 -0
  284. package/dist/core/tools/fff-search-backend.js +151 -0
  285. package/dist/core/tools/fff-search-backend.js.map +1 -0
  286. package/dist/core/tools/find.d.ts +21 -1
  287. package/dist/core/tools/find.d.ts.map +1 -1
  288. package/dist/core/tools/find.js +183 -10
  289. package/dist/core/tools/find.js.map +1 -1
  290. package/dist/core/tools/goal.d.ts +35 -0
  291. package/dist/core/tools/goal.d.ts.map +1 -0
  292. package/dist/core/tools/goal.js +122 -0
  293. package/dist/core/tools/goal.js.map +1 -0
  294. package/dist/core/tools/grep.d.ts +21 -1
  295. package/dist/core/tools/grep.d.ts.map +1 -1
  296. package/dist/core/tools/grep.js +272 -27
  297. package/dist/core/tools/grep.js.map +1 -1
  298. package/dist/core/tools/index.d.ts +4 -1
  299. package/dist/core/tools/index.d.ts.map +1 -1
  300. package/dist/core/tools/index.js +9 -0
  301. package/dist/core/tools/index.js.map +1 -1
  302. package/dist/core/tools/model-fitness.d.ts +30 -0
  303. package/dist/core/tools/model-fitness.d.ts.map +1 -0
  304. package/dist/core/tools/model-fitness.js +38 -0
  305. package/dist/core/tools/model-fitness.js.map +1 -0
  306. package/dist/core/tools/run-toolkit-script.d.ts +24 -0
  307. package/dist/core/tools/run-toolkit-script.d.ts.map +1 -0
  308. package/dist/core/tools/run-toolkit-script.js +103 -0
  309. package/dist/core/tools/run-toolkit-script.js.map +1 -0
  310. package/dist/core/tools/search-router.d.ts +75 -0
  311. package/dist/core/tools/search-router.d.ts.map +1 -0
  312. package/dist/core/tools/search-router.js +85 -0
  313. package/dist/core/tools/search-router.js.map +1 -0
  314. package/dist/modes/interactive/components/footer.d.ts.map +1 -1
  315. package/dist/modes/interactive/components/footer.js +18 -16
  316. package/dist/modes/interactive/components/footer.js.map +1 -1
  317. package/dist/modes/interactive/components/settings-selector.d.ts +13 -1
  318. package/dist/modes/interactive/components/settings-selector.d.ts.map +1 -1
  319. package/dist/modes/interactive/components/settings-selector.js +471 -11
  320. package/dist/modes/interactive/components/settings-selector.js.map +1 -1
  321. package/dist/modes/interactive/interactive-mode.d.ts +4 -0
  322. package/dist/modes/interactive/interactive-mode.d.ts.map +1 -1
  323. package/dist/modes/interactive/interactive-mode.js +220 -39
  324. package/dist/modes/interactive/interactive-mode.js.map +1 -1
  325. package/dist/modes/print-mode.d.ts.map +1 -1
  326. package/dist/modes/print-mode.js +3 -0
  327. package/dist/modes/print-mode.js.map +1 -1
  328. package/dist/utils/tools-manager.d.ts +2 -0
  329. package/dist/utils/tools-manager.d.ts.map +1 -1
  330. package/dist/utils/tools-manager.js +154 -2
  331. package/dist/utils/tools-manager.js.map +1 -1
  332. package/examples/extensions/custom-provider-anthropic/package-lock.json +2 -2
  333. package/examples/extensions/custom-provider-anthropic/package.json +1 -1
  334. package/examples/extensions/custom-provider-gitlab-duo/package.json +1 -1
  335. package/examples/extensions/sandbox/package-lock.json +2 -2
  336. package/examples/extensions/sandbox/package.json +1 -1
  337. package/examples/extensions/with-deps/package-lock.json +2 -2
  338. package/examples/extensions/with-deps/package.json +1 -1
  339. package/npm-shrinkwrap.json +368 -12
  340. package/package.json +5 -4
@@ -0,0 +1,4 @@
1
+ import type { CapabilityName } from "./contracts.ts";
2
+ export declare function hasCapabilityPolicyForTool(toolName: string): boolean;
3
+ export declare function requiredCapabilitiesForTool(toolName: string, _args?: unknown): readonly CapabilityName[];
4
+ //# sourceMappingURL=approval-gate.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"approval-gate.d.ts","sourceRoot":"","sources":["../../../src/core/autonomy/approval-gate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAuBrD,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAEpE;AAED,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,GAAG,SAAS,cAAc,EAAE,CAExG","sourcesContent":["import type { CapabilityName } from \"./contracts.ts\";\n\nconst TOOL_CAPABILITY_REQUIREMENTS = new Map<string, readonly CapabilityName[]>([\n\t[\"read\", [\"read_files\"]],\n\t[\"ls\", [\"read_files\"]],\n\t[\"grep\", [\"read_files\"]],\n\t[\"find\", [\"read_files\"]],\n\t[\"write\", [\"write_files\"]],\n\t[\"edit\", [\"write_files\"]],\n\t[\"edit-diff\", [\"write_files\"]],\n\t[\"bash\", [\"run_shell\"]],\n\t[\"shell\", [\"run_shell\"]],\n\t[\"fetch\", [\"network\"]],\n\t[\"web_search\", [\"network\"]],\n\t[\"skill_audit\", [\"skill_read\"]],\n\t[\"skillify\", [\"skill_write\"]],\n\t[\"extensionify\", [\"source_write\"]],\n\t[\"goal\", [\"memory_write\"]],\n\t[\"delegate\", [\"delegate\"]],\n\t[\"model_fitness\", [\"research\"]],\n\t[\"run_toolkit_script\", [\"run_shell\"]],\n]);\n\nexport function hasCapabilityPolicyForTool(toolName: string): boolean {\n\treturn TOOL_CAPABILITY_REQUIREMENTS.has(toolName);\n}\n\nexport function requiredCapabilitiesForTool(toolName: string, _args?: unknown): readonly CapabilityName[] {\n\treturn TOOL_CAPABILITY_REQUIREMENTS.get(toolName) ?? [];\n}\n"]}
@@ -0,0 +1,27 @@
1
+ const TOOL_CAPABILITY_REQUIREMENTS = new Map([
2
+ ["read", ["read_files"]],
3
+ ["ls", ["read_files"]],
4
+ ["grep", ["read_files"]],
5
+ ["find", ["read_files"]],
6
+ ["write", ["write_files"]],
7
+ ["edit", ["write_files"]],
8
+ ["edit-diff", ["write_files"]],
9
+ ["bash", ["run_shell"]],
10
+ ["shell", ["run_shell"]],
11
+ ["fetch", ["network"]],
12
+ ["web_search", ["network"]],
13
+ ["skill_audit", ["skill_read"]],
14
+ ["skillify", ["skill_write"]],
15
+ ["extensionify", ["source_write"]],
16
+ ["goal", ["memory_write"]],
17
+ ["delegate", ["delegate"]],
18
+ ["model_fitness", ["research"]],
19
+ ["run_toolkit_script", ["run_shell"]],
20
+ ]);
21
+ export function hasCapabilityPolicyForTool(toolName) {
22
+ return TOOL_CAPABILITY_REQUIREMENTS.has(toolName);
23
+ }
24
+ export function requiredCapabilitiesForTool(toolName, _args) {
25
+ return TOOL_CAPABILITY_REQUIREMENTS.get(toolName) ?? [];
26
+ }
27
+ //# sourceMappingURL=approval-gate.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"approval-gate.js","sourceRoot":"","sources":["../../../src/core/autonomy/approval-gate.ts"],"names":[],"mappings":"AAEA,MAAM,4BAA4B,GAAG,IAAI,GAAG,CAAoC;IAC/E,CAAC,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC;IACxB,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,CAAC;IACtB,CAAC,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC;IACxB,CAAC,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC;IACxB,CAAC,OAAO,EAAE,CAAC,aAAa,CAAC,CAAC;IAC1B,CAAC,MAAM,EAAE,CAAC,aAAa,CAAC,CAAC;IACzB,CAAC,WAAW,EAAE,CAAC,aAAa,CAAC,CAAC;IAC9B,CAAC,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC;IACvB,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC;IACxB,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,CAAC;IACtB,CAAC,YAAY,EAAE,CAAC,SAAS,CAAC,CAAC;IAC3B,CAAC,aAAa,EAAE,CAAC,YAAY,CAAC,CAAC;IAC/B,CAAC,UAAU,EAAE,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC,cAAc,EAAE,CAAC,cAAc,CAAC,CAAC;IAClC,CAAC,MAAM,EAAE,CAAC,cAAc,CAAC,CAAC;IAC1B,CAAC,UAAU,EAAE,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,CAAC;IAC/B,CAAC,oBAAoB,EAAE,CAAC,WAAW,CAAC,CAAC;CACrC,CAAC,CAAC;AAEH,MAAM,UAAU,0BAA0B,CAAC,QAAgB,EAAW;IACrE,OAAO,4BAA4B,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAAA,CAClD;AAED,MAAM,UAAU,2BAA2B,CAAC,QAAgB,EAAE,KAAe,EAA6B;IACzG,OAAO,4BAA4B,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;AAAA,CACxD","sourcesContent":["import type { CapabilityName } from \"./contracts.ts\";\n\nconst TOOL_CAPABILITY_REQUIREMENTS = new Map<string, readonly CapabilityName[]>([\n\t[\"read\", [\"read_files\"]],\n\t[\"ls\", [\"read_files\"]],\n\t[\"grep\", [\"read_files\"]],\n\t[\"find\", [\"read_files\"]],\n\t[\"write\", [\"write_files\"]],\n\t[\"edit\", [\"write_files\"]],\n\t[\"edit-diff\", [\"write_files\"]],\n\t[\"bash\", [\"run_shell\"]],\n\t[\"shell\", [\"run_shell\"]],\n\t[\"fetch\", [\"network\"]],\n\t[\"web_search\", [\"network\"]],\n\t[\"skill_audit\", [\"skill_read\"]],\n\t[\"skillify\", [\"skill_write\"]],\n\t[\"extensionify\", [\"source_write\"]],\n\t[\"goal\", [\"memory_write\"]],\n\t[\"delegate\", [\"delegate\"]],\n\t[\"model_fitness\", [\"research\"]],\n\t[\"run_toolkit_script\", [\"run_shell\"]],\n]);\n\nexport function hasCapabilityPolicyForTool(toolName: string): boolean {\n\treturn TOOL_CAPABILITY_REQUIREMENTS.has(toolName);\n}\n\nexport function requiredCapabilitiesForTool(toolName: string, _args?: unknown): readonly CapabilityName[] {\n\treturn TOOL_CAPABILITY_REQUIREMENTS.get(toolName) ?? [];\n}\n"]}
@@ -0,0 +1,27 @@
1
+ /**
2
+ * Shared wall-clock/cancellation envelope for one-shot lane completions (research, scout workers).
3
+ * Composes an optional external abort signal with an internal wall-clock timeout, executes the
4
+ * injected completion, and maps every failure to a stable status/reasonCode pair. Never throws.
5
+ */
6
+ export interface BoundedCompletion {
7
+ text: string;
8
+ costUsd: number;
9
+ stopReason: string;
10
+ }
11
+ export type BoundedCompletionFailureStatus = "canceled" | "timeout" | "failed";
12
+ export interface BoundedCompletionOutcome {
13
+ /** Present when the executor settled; may coexist with `failure` when an abort raced the result. */
14
+ completion?: BoundedCompletion;
15
+ failure?: {
16
+ status: BoundedCompletionFailureStatus;
17
+ reasonCode: string;
18
+ };
19
+ }
20
+ export declare function runBoundedCompletion(args: {
21
+ /** Wall-clock budget in milliseconds; 0 disables. */
22
+ maxWallClockMs: number;
23
+ /** External cancellation (e.g. session disposal). */
24
+ signal?: AbortSignal;
25
+ execute: (signal: AbortSignal) => Promise<BoundedCompletion>;
26
+ }): Promise<BoundedCompletionOutcome>;
27
+ //# sourceMappingURL=bounded-completion.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"bounded-completion.d.ts","sourceRoot":"","sources":["../../../src/core/autonomy/bounded-completion.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,iBAAiB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,8BAA8B,GAAG,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;AAE/E,MAAM,WAAW,wBAAwB;IACxC,oGAAoG;IACpG,UAAU,CAAC,EAAE,iBAAiB,CAAC;IAC/B,OAAO,CAAC,EAAE;QAAE,MAAM,EAAE,8BAA8B,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;CACzE;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAChD,qDAAqD;IACrD,cAAc,EAAE,MAAM,CAAC;IACvB,qDAAqD;IACrD,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,OAAO,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAC;CAC7D,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAoCpC","sourcesContent":["/**\n * Shared wall-clock/cancellation envelope for one-shot lane completions (research, scout workers).\n * Composes an optional external abort signal with an internal wall-clock timeout, executes the\n * injected completion, and maps every failure to a stable status/reasonCode pair. Never throws.\n */\n\nexport interface BoundedCompletion {\n\ttext: string;\n\tcostUsd: number;\n\tstopReason: string;\n}\n\nexport type BoundedCompletionFailureStatus = \"canceled\" | \"timeout\" | \"failed\";\n\nexport interface BoundedCompletionOutcome {\n\t/** Present when the executor settled; may coexist with `failure` when an abort raced the result. */\n\tcompletion?: BoundedCompletion;\n\tfailure?: { status: BoundedCompletionFailureStatus; reasonCode: string };\n}\n\nexport async function runBoundedCompletion(args: {\n\t/** Wall-clock budget in milliseconds; 0 disables. */\n\tmaxWallClockMs: number;\n\t/** External cancellation (e.g. session disposal). */\n\tsignal?: AbortSignal;\n\texecute: (signal: AbortSignal) => Promise<BoundedCompletion>;\n}): Promise<BoundedCompletionOutcome> {\n\tconst timeoutController = new AbortController();\n\tconst timeoutTimer =\n\t\targs.maxWallClockMs > 0 ? setTimeout(() => timeoutController.abort(), args.maxWallClockMs) : undefined;\n\tif (timeoutTimer && typeof timeoutTimer === \"object\" && \"unref\" in timeoutTimer) {\n\t\tconst { unref } = timeoutTimer as { unref?: () => void };\n\t\tunref?.call(timeoutTimer);\n\t}\n\tconst signals: AbortSignal[] = [timeoutController.signal];\n\tif (args.signal) signals.push(args.signal);\n\tconst signal = AbortSignal.any(signals);\n\n\tlet completion: BoundedCompletion;\n\ttry {\n\t\tcompletion = await args.execute(signal);\n\t} catch {\n\t\tif (args.signal?.aborted) {\n\t\t\treturn { failure: { status: \"canceled\", reasonCode: \"external_abort\" } };\n\t\t}\n\t\tif (timeoutController.signal.aborted) {\n\t\t\treturn { failure: { status: \"timeout\", reasonCode: \"wall_clock_exceeded\" } };\n\t\t}\n\t\treturn { failure: { status: \"failed\", reasonCode: \"completion_error\" } };\n\t} finally {\n\t\tif (timeoutTimer !== undefined) clearTimeout(timeoutTimer);\n\t}\n\n\t// An abort can race a completion that settled without throwing; the abort still wins, but the\n\t// settled completion is passed through so callers can account its spend.\n\tif (args.signal?.aborted) {\n\t\treturn { completion, failure: { status: \"canceled\", reasonCode: \"external_abort\" } };\n\t}\n\tif (timeoutController.signal.aborted) {\n\t\treturn { completion, failure: { status: \"timeout\", reasonCode: \"wall_clock_exceeded\" } };\n\t}\n\treturn { completion };\n}\n"]}
@@ -0,0 +1,44 @@
1
+ /**
2
+ * Shared wall-clock/cancellation envelope for one-shot lane completions (research, scout workers).
3
+ * Composes an optional external abort signal with an internal wall-clock timeout, executes the
4
+ * injected completion, and maps every failure to a stable status/reasonCode pair. Never throws.
5
+ */
6
+ export async function runBoundedCompletion(args) {
7
+ const timeoutController = new AbortController();
8
+ const timeoutTimer = args.maxWallClockMs > 0 ? setTimeout(() => timeoutController.abort(), args.maxWallClockMs) : undefined;
9
+ if (timeoutTimer && typeof timeoutTimer === "object" && "unref" in timeoutTimer) {
10
+ const { unref } = timeoutTimer;
11
+ unref?.call(timeoutTimer);
12
+ }
13
+ const signals = [timeoutController.signal];
14
+ if (args.signal)
15
+ signals.push(args.signal);
16
+ const signal = AbortSignal.any(signals);
17
+ let completion;
18
+ try {
19
+ completion = await args.execute(signal);
20
+ }
21
+ catch {
22
+ if (args.signal?.aborted) {
23
+ return { failure: { status: "canceled", reasonCode: "external_abort" } };
24
+ }
25
+ if (timeoutController.signal.aborted) {
26
+ return { failure: { status: "timeout", reasonCode: "wall_clock_exceeded" } };
27
+ }
28
+ return { failure: { status: "failed", reasonCode: "completion_error" } };
29
+ }
30
+ finally {
31
+ if (timeoutTimer !== undefined)
32
+ clearTimeout(timeoutTimer);
33
+ }
34
+ // An abort can race a completion that settled without throwing; the abort still wins, but the
35
+ // settled completion is passed through so callers can account its spend.
36
+ if (args.signal?.aborted) {
37
+ return { completion, failure: { status: "canceled", reasonCode: "external_abort" } };
38
+ }
39
+ if (timeoutController.signal.aborted) {
40
+ return { completion, failure: { status: "timeout", reasonCode: "wall_clock_exceeded" } };
41
+ }
42
+ return { completion };
43
+ }
44
+ //# sourceMappingURL=bounded-completion.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"bounded-completion.js","sourceRoot":"","sources":["../../../src/core/autonomy/bounded-completion.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAM1C,EAAqC;IACrC,MAAM,iBAAiB,GAAG,IAAI,eAAe,EAAE,CAAC;IAChD,MAAM,YAAY,GACjB,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,iBAAiB,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACxG,IAAI,YAAY,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,OAAO,IAAI,YAAY,EAAE,CAAC;QACjF,MAAM,EAAE,KAAK,EAAE,GAAG,YAAsC,CAAC;QACzD,KAAK,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IAC3B,CAAC;IACD,MAAM,OAAO,GAAkB,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC1D,IAAI,IAAI,CAAC,MAAM;QAAE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAExC,IAAI,UAA6B,CAAC;IAClC,IAAI,CAAC;QACJ,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACR,IAAI,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC;YAC1B,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,gBAAgB,EAAE,EAAE,CAAC;QAC1E,CAAC;QACD,IAAI,iBAAiB,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACtC,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,qBAAqB,EAAE,EAAE,CAAC;QAC9E,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,kBAAkB,EAAE,EAAE,CAAC;IAC1E,CAAC;YAAS,CAAC;QACV,IAAI,YAAY,KAAK,SAAS;YAAE,YAAY,CAAC,YAAY,CAAC,CAAC;IAC5D,CAAC;IAED,8FAA8F;IAC9F,yEAAyE;IACzE,IAAI,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC;QAC1B,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,gBAAgB,EAAE,EAAE,CAAC;IACtF,CAAC;IACD,IAAI,iBAAiB,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACtC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,qBAAqB,EAAE,EAAE,CAAC;IAC1F,CAAC;IACD,OAAO,EAAE,UAAU,EAAE,CAAC;AAAA,CACtB","sourcesContent":["/**\n * Shared wall-clock/cancellation envelope for one-shot lane completions (research, scout workers).\n * Composes an optional external abort signal with an internal wall-clock timeout, executes the\n * injected completion, and maps every failure to a stable status/reasonCode pair. Never throws.\n */\n\nexport interface BoundedCompletion {\n\ttext: string;\n\tcostUsd: number;\n\tstopReason: string;\n}\n\nexport type BoundedCompletionFailureStatus = \"canceled\" | \"timeout\" | \"failed\";\n\nexport interface BoundedCompletionOutcome {\n\t/** Present when the executor settled; may coexist with `failure` when an abort raced the result. */\n\tcompletion?: BoundedCompletion;\n\tfailure?: { status: BoundedCompletionFailureStatus; reasonCode: string };\n}\n\nexport async function runBoundedCompletion(args: {\n\t/** Wall-clock budget in milliseconds; 0 disables. */\n\tmaxWallClockMs: number;\n\t/** External cancellation (e.g. session disposal). */\n\tsignal?: AbortSignal;\n\texecute: (signal: AbortSignal) => Promise<BoundedCompletion>;\n}): Promise<BoundedCompletionOutcome> {\n\tconst timeoutController = new AbortController();\n\tconst timeoutTimer =\n\t\targs.maxWallClockMs > 0 ? setTimeout(() => timeoutController.abort(), args.maxWallClockMs) : undefined;\n\tif (timeoutTimer && typeof timeoutTimer === \"object\" && \"unref\" in timeoutTimer) {\n\t\tconst { unref } = timeoutTimer as { unref?: () => void };\n\t\tunref?.call(timeoutTimer);\n\t}\n\tconst signals: AbortSignal[] = [timeoutController.signal];\n\tif (args.signal) signals.push(args.signal);\n\tconst signal = AbortSignal.any(signals);\n\n\tlet completion: BoundedCompletion;\n\ttry {\n\t\tcompletion = await args.execute(signal);\n\t} catch {\n\t\tif (args.signal?.aborted) {\n\t\t\treturn { failure: { status: \"canceled\", reasonCode: \"external_abort\" } };\n\t\t}\n\t\tif (timeoutController.signal.aborted) {\n\t\t\treturn { failure: { status: \"timeout\", reasonCode: \"wall_clock_exceeded\" } };\n\t\t}\n\t\treturn { failure: { status: \"failed\", reasonCode: \"completion_error\" } };\n\t} finally {\n\t\tif (timeoutTimer !== undefined) clearTimeout(timeoutTimer);\n\t}\n\n\t// An abort can race a completion that settled without throwing; the abort still wins, but the\n\t// settled completion is passed through so callers can account its spend.\n\tif (args.signal?.aborted) {\n\t\treturn { completion, failure: { status: \"canceled\", reasonCode: \"external_abort\" } };\n\t}\n\tif (timeoutController.signal.aborted) {\n\t\treturn { completion, failure: { status: \"timeout\", reasonCode: \"wall_clock_exceeded\" } };\n\t}\n\treturn { completion };\n}\n"]}
@@ -0,0 +1,129 @@
1
+ export type JsonPrimitive = string | number | boolean | null;
2
+ export type JsonValue = JsonPrimitive | JsonValue[] | {
3
+ [key: string]: JsonValue;
4
+ };
5
+ export interface JsonObject {
6
+ [key: string]: JsonValue;
7
+ }
8
+ export type ModelTier = "cheap" | "medium" | "expensive" | "learning";
9
+ export type RouteRisk = "read-only" | "scoped-write" | "high-impact" | "approval-required";
10
+ export type OperationRisk = "read-only" | "scoped-write" | "high-impact" | "approval-required";
11
+ export interface RiskAssessmentInput {
12
+ operation: string;
13
+ toolName?: string;
14
+ command?: string;
15
+ paths?: readonly string[];
16
+ capabilities?: readonly CapabilityName[];
17
+ }
18
+ export interface RiskAssessment {
19
+ risk: OperationRisk;
20
+ reasonCode: string;
21
+ reasons: readonly string[];
22
+ requiresApproval: boolean;
23
+ }
24
+ export type PathScopeDecisionKind = "inside" | "outside" | "denied" | "missing";
25
+ export interface PathScope {
26
+ root: string;
27
+ allowedPaths?: readonly string[];
28
+ deniedPaths?: readonly string[];
29
+ followSymlinks?: boolean;
30
+ }
31
+ export interface PathScopeDecision {
32
+ kind: PathScopeDecisionKind;
33
+ path: string;
34
+ resolvedPath?: string;
35
+ matchedRule?: string;
36
+ reasonCode: string;
37
+ }
38
+ export interface RouteDecision {
39
+ tier: ModelTier;
40
+ model?: string;
41
+ risk: RouteRisk;
42
+ confidence: number;
43
+ reasonCode: string;
44
+ reasons: readonly string[];
45
+ fallbackFrom?: ModelTier;
46
+ createdAt?: string;
47
+ }
48
+ export type CapabilityName = "read_files" | "write_files" | "run_shell" | "network" | "memory_read" | "memory_write" | "settings_read" | "settings_write" | "skill_read" | "skill_write" | "source_read" | "source_write" | "research" | "delegate" | "publish" | "auth_change";
49
+ export interface CapabilityEnvelope {
50
+ id: string;
51
+ profileId?: string;
52
+ capabilities: readonly CapabilityName[];
53
+ allowedTools?: readonly string[];
54
+ deniedTools?: readonly string[];
55
+ allowedPaths?: readonly string[];
56
+ deniedPaths?: readonly string[];
57
+ maxEstimatedUsd?: number;
58
+ createdAt?: string;
59
+ }
60
+ export type GateOutcomeKind = "allow" | "downgrade" | "escalate" | "ask-user" | "block";
61
+ export interface GateOutcome {
62
+ outcome: GateOutcomeKind;
63
+ gate: string;
64
+ reasonCode: string;
65
+ message?: string;
66
+ reversible?: boolean;
67
+ details?: JsonObject;
68
+ }
69
+ export interface ApprovalRequest {
70
+ id: string;
71
+ operation: string;
72
+ target: string;
73
+ reversible: boolean;
74
+ capabilities: readonly CapabilityName[];
75
+ reasonCode: string;
76
+ createdAt?: string;
77
+ }
78
+ export type EvidenceSourceKind = "workspace" | "transcript" | "automata" | "web" | "user" | "tool";
79
+ export interface EvidenceRef {
80
+ id: string;
81
+ kind: EvidenceSourceKind;
82
+ title?: string;
83
+ uri?: string;
84
+ trusted: boolean;
85
+ excerpt?: string;
86
+ metadata?: JsonObject;
87
+ }
88
+ export interface Finding {
89
+ id: string;
90
+ summary: string;
91
+ evidenceIds: readonly string[];
92
+ confidence?: number;
93
+ }
94
+ export interface EvidenceBundle {
95
+ query: string;
96
+ sources: readonly EvidenceRef[];
97
+ findings: readonly Finding[];
98
+ createdAt?: string;
99
+ }
100
+ export interface WorkerRequest {
101
+ id: string;
102
+ instructions: string;
103
+ route: RouteDecision;
104
+ envelope: CapabilityEnvelope;
105
+ evidence?: EvidenceBundle;
106
+ maxEstimatedUsd?: number;
107
+ createdAt?: string;
108
+ }
109
+ export type WorkerResultStatus = "completed" | "blocked" | "failed" | "cancelled";
110
+ export interface WorkerResult {
111
+ requestId: string;
112
+ status: WorkerResultStatus;
113
+ summary: string;
114
+ evidence?: EvidenceBundle;
115
+ changedFiles: readonly string[];
116
+ blockers?: readonly string[];
117
+ usageReportId?: string;
118
+ createdAt?: string;
119
+ }
120
+ export type LearningDecisionKind = "no-op" | "proposal" | "apply";
121
+ export interface LearningDecision {
122
+ kind: LearningDecisionKind;
123
+ reasonCode: string;
124
+ confidence: number;
125
+ summary: string;
126
+ requiresApproval: boolean;
127
+ createdAt?: string;
128
+ }
129
+ //# sourceMappingURL=contracts.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"contracts.d.ts","sourceRoot":"","sources":["../../../src/core/autonomy/contracts.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC;AAC7D,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,SAAS,EAAE,GAAG;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,CAAA;CAAE,CAAC;AACnF,MAAM,WAAW,UAAU;IAC1B,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,CAAC;CACzB;AAED,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,QAAQ,GAAG,WAAW,GAAG,UAAU,CAAC;AAEtE,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,cAAc,GAAG,aAAa,GAAG,mBAAmB,CAAC;AAE3F,MAAM,MAAM,aAAa,GAAG,WAAW,GAAG,cAAc,GAAG,aAAa,GAAG,mBAAmB,CAAC;AAE/F,MAAM,WAAW,mBAAmB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1B,YAAY,CAAC,EAAE,SAAS,cAAc,EAAE,CAAC;CACzC;AAED,MAAM,WAAW,cAAc;IAC9B,IAAI,EAAE,aAAa,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,gBAAgB,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,MAAM,qBAAqB,GAAG,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEhF,MAAM,WAAW,SAAS;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,WAAW,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAChC,cAAc,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,iBAAiB;IACjC,IAAI,EAAE,qBAAqB,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC7B,IAAI,EAAE,SAAS,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,SAAS,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,YAAY,CAAC,EAAE,SAAS,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,cAAc,GACvB,YAAY,GACZ,aAAa,GACb,WAAW,GACX,SAAS,GACT,aAAa,GACb,cAAc,GACd,eAAe,GACf,gBAAgB,GAChB,YAAY,GACZ,aAAa,GACb,aAAa,GACb,cAAc,GACd,UAAU,GACV,UAAU,GACV,SAAS,GACT,aAAa,CAAC;AAEjB,MAAM,WAAW,kBAAkB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,SAAS,cAAc,EAAE,CAAC;IACxC,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,WAAW,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAChC,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,WAAW,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAChC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,eAAe,GAAG,OAAO,GAAG,WAAW,GAAG,UAAU,GAAG,UAAU,GAAG,OAAO,CAAC;AAExF,MAAM,WAAW,WAAW;IAC3B,OAAO,EAAE,eAAe,CAAC;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,OAAO,CAAC,EAAE,UAAU,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,OAAO,CAAC;IACpB,YAAY,EAAE,SAAS,cAAc,EAAE,CAAC;IACxC,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,kBAAkB,GAAG,WAAW,GAAG,YAAY,GAAG,UAAU,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;AAEnG,MAAM,WAAW,WAAW;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,kBAAkB,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,UAAU,CAAC;CACtB;AAED,MAAM,WAAW,OAAO;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,SAAS,WAAW,EAAE,CAAC;IAChC,QAAQ,EAAE,SAAS,OAAO,EAAE,CAAC;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,aAAa,CAAC;IACrB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,kBAAkB,GAAG,WAAW,GAAG,SAAS,GAAG,QAAQ,GAAG,WAAW,CAAC;AAElF,MAAM,WAAW,YAAY;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,kBAAkB,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IAChC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,oBAAoB,GAAG,OAAO,GAAG,UAAU,GAAG,OAAO,CAAC;AAElE,MAAM,WAAW,gBAAgB;IAChC,IAAI,EAAE,oBAAoB,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB","sourcesContent":["export type JsonPrimitive = string | number | boolean | null;\nexport type JsonValue = JsonPrimitive | JsonValue[] | { [key: string]: JsonValue };\nexport interface JsonObject {\n\t[key: string]: JsonValue;\n}\n\nexport type ModelTier = \"cheap\" | \"medium\" | \"expensive\" | \"learning\";\n\nexport type RouteRisk = \"read-only\" | \"scoped-write\" | \"high-impact\" | \"approval-required\";\n\nexport type OperationRisk = \"read-only\" | \"scoped-write\" | \"high-impact\" | \"approval-required\";\n\nexport interface RiskAssessmentInput {\n\toperation: string;\n\ttoolName?: string;\n\tcommand?: string;\n\tpaths?: readonly string[];\n\tcapabilities?: readonly CapabilityName[];\n}\n\nexport interface RiskAssessment {\n\trisk: OperationRisk;\n\treasonCode: string;\n\treasons: readonly string[];\n\trequiresApproval: boolean;\n}\n\nexport type PathScopeDecisionKind = \"inside\" | \"outside\" | \"denied\" | \"missing\";\n\nexport interface PathScope {\n\troot: string;\n\tallowedPaths?: readonly string[];\n\tdeniedPaths?: readonly string[];\n\tfollowSymlinks?: boolean;\n}\n\nexport interface PathScopeDecision {\n\tkind: PathScopeDecisionKind;\n\tpath: string;\n\tresolvedPath?: string;\n\tmatchedRule?: string;\n\treasonCode: string;\n}\n\nexport interface RouteDecision {\n\ttier: ModelTier;\n\tmodel?: string;\n\trisk: RouteRisk;\n\tconfidence: number;\n\treasonCode: string;\n\treasons: readonly string[];\n\tfallbackFrom?: ModelTier;\n\tcreatedAt?: string;\n}\n\nexport type CapabilityName =\n\t| \"read_files\"\n\t| \"write_files\"\n\t| \"run_shell\"\n\t| \"network\"\n\t| \"memory_read\"\n\t| \"memory_write\"\n\t| \"settings_read\"\n\t| \"settings_write\"\n\t| \"skill_read\"\n\t| \"skill_write\"\n\t| \"source_read\"\n\t| \"source_write\"\n\t| \"research\"\n\t| \"delegate\"\n\t| \"publish\"\n\t| \"auth_change\";\n\nexport interface CapabilityEnvelope {\n\tid: string;\n\tprofileId?: string;\n\tcapabilities: readonly CapabilityName[];\n\tallowedTools?: readonly string[];\n\tdeniedTools?: readonly string[];\n\tallowedPaths?: readonly string[];\n\tdeniedPaths?: readonly string[];\n\tmaxEstimatedUsd?: number;\n\tcreatedAt?: string;\n}\n\nexport type GateOutcomeKind = \"allow\" | \"downgrade\" | \"escalate\" | \"ask-user\" | \"block\";\n\nexport interface GateOutcome {\n\toutcome: GateOutcomeKind;\n\tgate: string;\n\treasonCode: string;\n\tmessage?: string;\n\treversible?: boolean;\n\tdetails?: JsonObject;\n}\n\nexport interface ApprovalRequest {\n\tid: string;\n\toperation: string;\n\ttarget: string;\n\treversible: boolean;\n\tcapabilities: readonly CapabilityName[];\n\treasonCode: string;\n\tcreatedAt?: string;\n}\n\nexport type EvidenceSourceKind = \"workspace\" | \"transcript\" | \"automata\" | \"web\" | \"user\" | \"tool\";\n\nexport interface EvidenceRef {\n\tid: string;\n\tkind: EvidenceSourceKind;\n\ttitle?: string;\n\turi?: string;\n\ttrusted: boolean;\n\texcerpt?: string;\n\tmetadata?: JsonObject;\n}\n\nexport interface Finding {\n\tid: string;\n\tsummary: string;\n\tevidenceIds: readonly string[];\n\tconfidence?: number;\n}\n\nexport interface EvidenceBundle {\n\tquery: string;\n\tsources: readonly EvidenceRef[];\n\tfindings: readonly Finding[];\n\tcreatedAt?: string;\n}\n\nexport interface WorkerRequest {\n\tid: string;\n\tinstructions: string;\n\troute: RouteDecision;\n\tenvelope: CapabilityEnvelope;\n\tevidence?: EvidenceBundle;\n\tmaxEstimatedUsd?: number;\n\tcreatedAt?: string;\n}\n\nexport type WorkerResultStatus = \"completed\" | \"blocked\" | \"failed\" | \"cancelled\";\n\nexport interface WorkerResult {\n\trequestId: string;\n\tstatus: WorkerResultStatus;\n\tsummary: string;\n\tevidence?: EvidenceBundle;\n\tchangedFiles: readonly string[];\n\tblockers?: readonly string[];\n\tusageReportId?: string;\n\tcreatedAt?: string;\n}\n\nexport type LearningDecisionKind = \"no-op\" | \"proposal\" | \"apply\";\n\nexport interface LearningDecision {\n\tkind: LearningDecisionKind;\n\treasonCode: string;\n\tconfidence: number;\n\tsummary: string;\n\trequiresApproval: boolean;\n\tcreatedAt?: string;\n}\n"]}
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=contracts.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../../src/core/autonomy/contracts.ts"],"names":[],"mappings":"","sourcesContent":["export type JsonPrimitive = string | number | boolean | null;\nexport type JsonValue = JsonPrimitive | JsonValue[] | { [key: string]: JsonValue };\nexport interface JsonObject {\n\t[key: string]: JsonValue;\n}\n\nexport type ModelTier = \"cheap\" | \"medium\" | \"expensive\" | \"learning\";\n\nexport type RouteRisk = \"read-only\" | \"scoped-write\" | \"high-impact\" | \"approval-required\";\n\nexport type OperationRisk = \"read-only\" | \"scoped-write\" | \"high-impact\" | \"approval-required\";\n\nexport interface RiskAssessmentInput {\n\toperation: string;\n\ttoolName?: string;\n\tcommand?: string;\n\tpaths?: readonly string[];\n\tcapabilities?: readonly CapabilityName[];\n}\n\nexport interface RiskAssessment {\n\trisk: OperationRisk;\n\treasonCode: string;\n\treasons: readonly string[];\n\trequiresApproval: boolean;\n}\n\nexport type PathScopeDecisionKind = \"inside\" | \"outside\" | \"denied\" | \"missing\";\n\nexport interface PathScope {\n\troot: string;\n\tallowedPaths?: readonly string[];\n\tdeniedPaths?: readonly string[];\n\tfollowSymlinks?: boolean;\n}\n\nexport interface PathScopeDecision {\n\tkind: PathScopeDecisionKind;\n\tpath: string;\n\tresolvedPath?: string;\n\tmatchedRule?: string;\n\treasonCode: string;\n}\n\nexport interface RouteDecision {\n\ttier: ModelTier;\n\tmodel?: string;\n\trisk: RouteRisk;\n\tconfidence: number;\n\treasonCode: string;\n\treasons: readonly string[];\n\tfallbackFrom?: ModelTier;\n\tcreatedAt?: string;\n}\n\nexport type CapabilityName =\n\t| \"read_files\"\n\t| \"write_files\"\n\t| \"run_shell\"\n\t| \"network\"\n\t| \"memory_read\"\n\t| \"memory_write\"\n\t| \"settings_read\"\n\t| \"settings_write\"\n\t| \"skill_read\"\n\t| \"skill_write\"\n\t| \"source_read\"\n\t| \"source_write\"\n\t| \"research\"\n\t| \"delegate\"\n\t| \"publish\"\n\t| \"auth_change\";\n\nexport interface CapabilityEnvelope {\n\tid: string;\n\tprofileId?: string;\n\tcapabilities: readonly CapabilityName[];\n\tallowedTools?: readonly string[];\n\tdeniedTools?: readonly string[];\n\tallowedPaths?: readonly string[];\n\tdeniedPaths?: readonly string[];\n\tmaxEstimatedUsd?: number;\n\tcreatedAt?: string;\n}\n\nexport type GateOutcomeKind = \"allow\" | \"downgrade\" | \"escalate\" | \"ask-user\" | \"block\";\n\nexport interface GateOutcome {\n\toutcome: GateOutcomeKind;\n\tgate: string;\n\treasonCode: string;\n\tmessage?: string;\n\treversible?: boolean;\n\tdetails?: JsonObject;\n}\n\nexport interface ApprovalRequest {\n\tid: string;\n\toperation: string;\n\ttarget: string;\n\treversible: boolean;\n\tcapabilities: readonly CapabilityName[];\n\treasonCode: string;\n\tcreatedAt?: string;\n}\n\nexport type EvidenceSourceKind = \"workspace\" | \"transcript\" | \"automata\" | \"web\" | \"user\" | \"tool\";\n\nexport interface EvidenceRef {\n\tid: string;\n\tkind: EvidenceSourceKind;\n\ttitle?: string;\n\turi?: string;\n\ttrusted: boolean;\n\texcerpt?: string;\n\tmetadata?: JsonObject;\n}\n\nexport interface Finding {\n\tid: string;\n\tsummary: string;\n\tevidenceIds: readonly string[];\n\tconfidence?: number;\n}\n\nexport interface EvidenceBundle {\n\tquery: string;\n\tsources: readonly EvidenceRef[];\n\tfindings: readonly Finding[];\n\tcreatedAt?: string;\n}\n\nexport interface WorkerRequest {\n\tid: string;\n\tinstructions: string;\n\troute: RouteDecision;\n\tenvelope: CapabilityEnvelope;\n\tevidence?: EvidenceBundle;\n\tmaxEstimatedUsd?: number;\n\tcreatedAt?: string;\n}\n\nexport type WorkerResultStatus = \"completed\" | \"blocked\" | \"failed\" | \"cancelled\";\n\nexport interface WorkerResult {\n\trequestId: string;\n\tstatus: WorkerResultStatus;\n\tsummary: string;\n\tevidence?: EvidenceBundle;\n\tchangedFiles: readonly string[];\n\tblockers?: readonly string[];\n\tusageReportId?: string;\n\tcreatedAt?: string;\n}\n\nexport type LearningDecisionKind = \"no-op\" | \"proposal\" | \"apply\";\n\nexport interface LearningDecision {\n\tkind: LearningDecisionKind;\n\treasonCode: string;\n\tconfidence: number;\n\tsummary: string;\n\trequiresApproval: boolean;\n\tcreatedAt?: string;\n}\n"]}
@@ -0,0 +1,15 @@
1
+ import type { CapabilityEnvelope, GateOutcome } from "./contracts.ts";
2
+ export declare function combineGateOutcomes(outcomes: readonly GateOutcome[]): GateOutcome;
3
+ export declare function fallbackGateOutcome(args: {
4
+ gate: string;
5
+ reversible: boolean;
6
+ reasonCode: string;
7
+ }): GateOutcome;
8
+ export declare function extractCandidatePaths(toolName: string, args: unknown): string[];
9
+ export declare function evaluateToolGate(input: {
10
+ toolName: string;
11
+ args?: unknown;
12
+ cwd: string;
13
+ envelope?: CapabilityEnvelope;
14
+ }): GateOutcome;
15
+ //# sourceMappingURL=gates.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"gates.d.ts","sourceRoot":"","sources":["../../../src/core/autonomy/gates.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAmB,MAAM,gBAAgB,CAAC;AAmBvF,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,SAAS,WAAW,EAAE,GAAG,WAAW,CA+BjF;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,OAAO,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAAG,WAAW,CAWhH;AAED,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,MAAM,EAAE,CAmB/E;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,CAAC,EAAE,kBAAkB,CAAC;CAC9B,GAAG,WAAW,CAgJd","sourcesContent":["import path from \"node:path\";\nimport { hasCapabilityPolicyForTool, requiredCapabilitiesForTool } from \"./approval-gate.ts\";\nimport type { CapabilityEnvelope, GateOutcome, GateOutcomeKind } from \"./contracts.ts\";\nimport { checkPathScope } from \"./path-scope.ts\";\nimport { assessOperationRisk } from \"./risk-assessment.ts\";\n\nfunction isGateOutcomeKind(value: unknown): value is GateOutcomeKind {\n\treturn (\n\t\tvalue === \"allow\" || value === \"downgrade\" || value === \"escalate\" || value === \"ask-user\" || value === \"block\"\n\t);\n}\n\nfunction getPrecedence(kind: unknown): number {\n\tif (kind === \"allow\") return 0;\n\tif (kind === \"downgrade\") return 1;\n\tif (kind === \"escalate\") return 2;\n\tif (kind === \"ask-user\") return 3;\n\tif (kind === \"block\") return 4;\n\treturn 4; // Malformed/unknown outcome kind defaults to most restrictive (block)\n}\n\nexport function combineGateOutcomes(outcomes: readonly GateOutcome[]): GateOutcome {\n\tif (outcomes.length === 0) {\n\t\treturn {\n\t\t\toutcome: \"ask-user\",\n\t\t\tgate: \"gate-combiner\",\n\t\t\treasonCode: \"no_gate_outcomes\",\n\t\t\tmessage: \"No gate outcomes to combine\",\n\t\t};\n\t}\n\n\tlet winner = outcomes[0];\n\tlet maxPrecedence = getPrecedence(winner.outcome);\n\n\tfor (let i = 1; i < outcomes.length; i++) {\n\t\tconst current = outcomes[i];\n\t\tconst currentPrecedence = getPrecedence(current.outcome);\n\t\tif (currentPrecedence > maxPrecedence) {\n\t\t\twinner = current;\n\t\t\tmaxPrecedence = currentPrecedence;\n\t\t}\n\t}\n\n\tif (!isGateOutcomeKind(winner.outcome)) {\n\t\treturn {\n\t\t\t...winner,\n\t\t\toutcome: \"block\",\n\t\t\tmessage: winner.message || \"Malformed outcome kind coerced to block\",\n\t\t};\n\t}\n\n\treturn winner;\n}\n\nexport function fallbackGateOutcome(args: { gate: string; reversible: boolean; reasonCode: string }): GateOutcome {\n\tconst gate = (args.gate || \"\").trim() || \"unknown_gate\";\n\tconst reasonCode = (args.reasonCode || \"\").trim() || \"unknown_reason\";\n\tconst outcome: GateOutcomeKind = args.reversible ? \"ask-user\" : \"block\";\n\n\treturn {\n\t\toutcome,\n\t\tgate,\n\t\treasonCode,\n\t\tmessage: `Fallback gate outcome: ${outcome} for gate ${gate} (${reasonCode})`,\n\t};\n}\n\nexport function extractCandidatePaths(toolName: string, args: unknown): string[] {\n\tif (!args || typeof args !== \"object\") return [];\n\tconst obj = args as Record<string, unknown>;\n\tconst paths: string[] = [];\n\n\tif (\n\t\ttoolName === \"read\" ||\n\t\ttoolName === \"write\" ||\n\t\ttoolName === \"edit\" ||\n\t\ttoolName === \"ls\" ||\n\t\ttoolName === \"grep\" ||\n\t\ttoolName === \"find\"\n\t) {\n\t\tif (typeof obj.path === \"string\" && obj.path.trim()) {\n\t\t\tpaths.push(obj.path.trim());\n\t\t}\n\t}\n\n\treturn paths;\n}\n\nexport function evaluateToolGate(input: {\n\ttoolName: string;\n\targs?: unknown;\n\tcwd: string;\n\tenvelope?: CapabilityEnvelope;\n}): GateOutcome {\n\tif (!input.envelope) {\n\t\treturn {\n\t\t\toutcome: \"allow\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"no_envelope\",\n\t\t\tmessage: \"No envelope active, preserving existing session behavior.\",\n\t\t};\n\t}\n\n\tconst envelope = input.envelope;\n\n\t// 1. Tool allow/deny list overrides\n\tif (envelope.deniedTools?.includes(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"tool_denied\",\n\t\t\tmessage: `Tool '${input.toolName}' is explicitly denied.`,\n\t\t};\n\t}\n\n\tif (envelope.allowedTools && !envelope.allowedTools.includes(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"tool_not_allowed\",\n\t\t\tmessage: `Tool '${input.toolName}' is not in the allowed tools list.`,\n\t\t};\n\t}\n\n\t// 2. Path scope containment for file tools\n\tconst paths = extractCandidatePaths(input.toolName, input.args);\n\tif (paths.length > 0 && envelope.allowedPaths) {\n\t\t// If envelope has allowedPaths, we must check them\n\t\tfor (const targetPath of paths) {\n\t\t\tconst scopedTargetPath = path.isAbsolute(targetPath) ? targetPath : path.resolve(input.cwd, targetPath);\n\t\t\tlet isInsideAny = false;\n\t\t\tlet isDenied = false;\n\t\t\tlet denyRule = \"\";\n\n\t\t\tfor (const allowedRoot of envelope.allowedPaths) {\n\t\t\t\tconst decision = checkPathScope(\n\t\t\t\t\t{\n\t\t\t\t\t\troot: allowedRoot,\n\t\t\t\t\t\tallowedPaths: envelope.allowedPaths,\n\t\t\t\t\t\tdeniedPaths: envelope.deniedPaths,\n\t\t\t\t\t},\n\t\t\t\t\tscopedTargetPath,\n\t\t\t\t);\n\n\t\t\t\tif (decision.kind === \"denied\") {\n\t\t\t\t\tisDenied = true;\n\t\t\t\t\tdenyRule = decision.matchedRule || \"\";\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tif (decision.kind === \"inside\") {\n\t\t\t\t\tisInsideAny = true;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (isDenied) {\n\t\t\t\treturn {\n\t\t\t\t\toutcome: \"block\",\n\t\t\t\t\tgate: \"path_scope\",\n\t\t\t\t\treasonCode: \"path_denied\",\n\t\t\t\t\tmessage: `Path '${targetPath}' is explicitly denied by rule '${denyRule}'.`,\n\t\t\t\t};\n\t\t\t}\n\n\t\t\tif (!isInsideAny) {\n\t\t\t\t// Block only if the tool is mutating. Wait, read path outside allowed root -> block.\n\t\t\t\t// \"read path inside allowed root -> allow. write/edit path outside allowed root -> block. denied path inside allowed root -> block.\"\n\t\t\t\treturn {\n\t\t\t\t\toutcome: \"block\",\n\t\t\t\t\tgate: \"path_scope\",\n\t\t\t\t\treasonCode: \"path_outside_allowed_roots\",\n\t\t\t\t\tmessage: `Path '${targetPath}' is outside all allowed roots.`,\n\t\t\t\t};\n\t\t\t}\n\t\t}\n\t}\n\n\t// 2.5. Capability checks\n\tif (!hasCapabilityPolicyForTool(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"unknown_tool_capability\",\n\t\t\tmessage: `Tool '${input.toolName}' has no capability policy in the active envelope.`,\n\t\t};\n\t}\n\n\tconst requiredCaps = requiredCapabilitiesForTool(input.toolName, input.args);\n\tfor (const reqCap of requiredCaps) {\n\t\tif (!envelope.capabilities.includes(reqCap)) {\n\t\t\treturn {\n\t\t\t\toutcome: \"block\",\n\t\t\t\tgate: \"tool_gate\",\n\t\t\t\treasonCode: \"missing_capability\",\n\t\t\t\tmessage: `Tool '${input.toolName}' requires capability '${reqCap}', which is missing from the active envelope.`,\n\t\t\t};\n\t\t}\n\t}\n\tlet command = \"\";\n\tif (input.toolName === \"bash\" || input.toolName === \"shell\") {\n\t\tconst argsObj = input.args as Record<string, unknown>;\n\t\tif (argsObj && typeof argsObj.command === \"string\") {\n\t\t\tcommand = argsObj.command;\n\t\t}\n\t}\n\n\tconst riskResult = assessOperationRisk({\n\t\toperation: `Tool ${input.toolName}`,\n\t\ttoolName: input.toolName,\n\t\tcommand,\n\t\tpaths,\n\t\tcapabilities: envelope.capabilities,\n\t});\n\n\tif (riskResult.requiresApproval) {\n\t\treturn {\n\t\t\toutcome: \"ask-user\", // or block, prompt says: ask-user/block\n\t\t\tgate: \"risk_assessment\",\n\t\t\treasonCode: riskResult.reasonCode,\n\t\t\tmessage: `Operation requires approval: ${riskResult.reasons.join(\", \")}`,\n\t\t};\n\t}\n\n\tif (riskResult.risk === \"high-impact\") {\n\t\treturn {\n\t\t\toutcome: \"ask-user\",\n\t\t\tgate: \"risk_assessment\",\n\t\t\treasonCode: riskResult.reasonCode,\n\t\t\tmessage: `High-impact operation requires review: ${riskResult.reasons.join(\", \")}`,\n\t\t};\n\t}\n\n\treturn {\n\t\toutcome: \"allow\",\n\t\tgate: \"tool_gate\",\n\t\treasonCode: \"allowed_by_envelope\",\n\t\tmessage: \"Operation allowed by current capability envelope.\",\n\t};\n}\n"]}
@@ -0,0 +1,205 @@
1
+ import path from "node:path";
2
+ import { hasCapabilityPolicyForTool, requiredCapabilitiesForTool } from "./approval-gate.js";
3
+ import { checkPathScope } from "./path-scope.js";
4
+ import { assessOperationRisk } from "./risk-assessment.js";
5
+ function isGateOutcomeKind(value) {
6
+ return (value === "allow" || value === "downgrade" || value === "escalate" || value === "ask-user" || value === "block");
7
+ }
8
+ function getPrecedence(kind) {
9
+ if (kind === "allow")
10
+ return 0;
11
+ if (kind === "downgrade")
12
+ return 1;
13
+ if (kind === "escalate")
14
+ return 2;
15
+ if (kind === "ask-user")
16
+ return 3;
17
+ if (kind === "block")
18
+ return 4;
19
+ return 4; // Malformed/unknown outcome kind defaults to most restrictive (block)
20
+ }
21
+ export function combineGateOutcomes(outcomes) {
22
+ if (outcomes.length === 0) {
23
+ return {
24
+ outcome: "ask-user",
25
+ gate: "gate-combiner",
26
+ reasonCode: "no_gate_outcomes",
27
+ message: "No gate outcomes to combine",
28
+ };
29
+ }
30
+ let winner = outcomes[0];
31
+ let maxPrecedence = getPrecedence(winner.outcome);
32
+ for (let i = 1; i < outcomes.length; i++) {
33
+ const current = outcomes[i];
34
+ const currentPrecedence = getPrecedence(current.outcome);
35
+ if (currentPrecedence > maxPrecedence) {
36
+ winner = current;
37
+ maxPrecedence = currentPrecedence;
38
+ }
39
+ }
40
+ if (!isGateOutcomeKind(winner.outcome)) {
41
+ return {
42
+ ...winner,
43
+ outcome: "block",
44
+ message: winner.message || "Malformed outcome kind coerced to block",
45
+ };
46
+ }
47
+ return winner;
48
+ }
49
+ export function fallbackGateOutcome(args) {
50
+ const gate = (args.gate || "").trim() || "unknown_gate";
51
+ const reasonCode = (args.reasonCode || "").trim() || "unknown_reason";
52
+ const outcome = args.reversible ? "ask-user" : "block";
53
+ return {
54
+ outcome,
55
+ gate,
56
+ reasonCode,
57
+ message: `Fallback gate outcome: ${outcome} for gate ${gate} (${reasonCode})`,
58
+ };
59
+ }
60
+ export function extractCandidatePaths(toolName, args) {
61
+ if (!args || typeof args !== "object")
62
+ return [];
63
+ const obj = args;
64
+ const paths = [];
65
+ if (toolName === "read" ||
66
+ toolName === "write" ||
67
+ toolName === "edit" ||
68
+ toolName === "ls" ||
69
+ toolName === "grep" ||
70
+ toolName === "find") {
71
+ if (typeof obj.path === "string" && obj.path.trim()) {
72
+ paths.push(obj.path.trim());
73
+ }
74
+ }
75
+ return paths;
76
+ }
77
+ export function evaluateToolGate(input) {
78
+ if (!input.envelope) {
79
+ return {
80
+ outcome: "allow",
81
+ gate: "tool_gate",
82
+ reasonCode: "no_envelope",
83
+ message: "No envelope active, preserving existing session behavior.",
84
+ };
85
+ }
86
+ const envelope = input.envelope;
87
+ // 1. Tool allow/deny list overrides
88
+ if (envelope.deniedTools?.includes(input.toolName)) {
89
+ return {
90
+ outcome: "block",
91
+ gate: "tool_gate",
92
+ reasonCode: "tool_denied",
93
+ message: `Tool '${input.toolName}' is explicitly denied.`,
94
+ };
95
+ }
96
+ if (envelope.allowedTools && !envelope.allowedTools.includes(input.toolName)) {
97
+ return {
98
+ outcome: "block",
99
+ gate: "tool_gate",
100
+ reasonCode: "tool_not_allowed",
101
+ message: `Tool '${input.toolName}' is not in the allowed tools list.`,
102
+ };
103
+ }
104
+ // 2. Path scope containment for file tools
105
+ const paths = extractCandidatePaths(input.toolName, input.args);
106
+ if (paths.length > 0 && envelope.allowedPaths) {
107
+ // If envelope has allowedPaths, we must check them
108
+ for (const targetPath of paths) {
109
+ const scopedTargetPath = path.isAbsolute(targetPath) ? targetPath : path.resolve(input.cwd, targetPath);
110
+ let isInsideAny = false;
111
+ let isDenied = false;
112
+ let denyRule = "";
113
+ for (const allowedRoot of envelope.allowedPaths) {
114
+ const decision = checkPathScope({
115
+ root: allowedRoot,
116
+ allowedPaths: envelope.allowedPaths,
117
+ deniedPaths: envelope.deniedPaths,
118
+ }, scopedTargetPath);
119
+ if (decision.kind === "denied") {
120
+ isDenied = true;
121
+ denyRule = decision.matchedRule || "";
122
+ break;
123
+ }
124
+ if (decision.kind === "inside") {
125
+ isInsideAny = true;
126
+ }
127
+ }
128
+ if (isDenied) {
129
+ return {
130
+ outcome: "block",
131
+ gate: "path_scope",
132
+ reasonCode: "path_denied",
133
+ message: `Path '${targetPath}' is explicitly denied by rule '${denyRule}'.`,
134
+ };
135
+ }
136
+ if (!isInsideAny) {
137
+ // Block only if the tool is mutating. Wait, read path outside allowed root -> block.
138
+ // "read path inside allowed root -> allow. write/edit path outside allowed root -> block. denied path inside allowed root -> block."
139
+ return {
140
+ outcome: "block",
141
+ gate: "path_scope",
142
+ reasonCode: "path_outside_allowed_roots",
143
+ message: `Path '${targetPath}' is outside all allowed roots.`,
144
+ };
145
+ }
146
+ }
147
+ }
148
+ // 2.5. Capability checks
149
+ if (!hasCapabilityPolicyForTool(input.toolName)) {
150
+ return {
151
+ outcome: "block",
152
+ gate: "tool_gate",
153
+ reasonCode: "unknown_tool_capability",
154
+ message: `Tool '${input.toolName}' has no capability policy in the active envelope.`,
155
+ };
156
+ }
157
+ const requiredCaps = requiredCapabilitiesForTool(input.toolName, input.args);
158
+ for (const reqCap of requiredCaps) {
159
+ if (!envelope.capabilities.includes(reqCap)) {
160
+ return {
161
+ outcome: "block",
162
+ gate: "tool_gate",
163
+ reasonCode: "missing_capability",
164
+ message: `Tool '${input.toolName}' requires capability '${reqCap}', which is missing from the active envelope.`,
165
+ };
166
+ }
167
+ }
168
+ let command = "";
169
+ if (input.toolName === "bash" || input.toolName === "shell") {
170
+ const argsObj = input.args;
171
+ if (argsObj && typeof argsObj.command === "string") {
172
+ command = argsObj.command;
173
+ }
174
+ }
175
+ const riskResult = assessOperationRisk({
176
+ operation: `Tool ${input.toolName}`,
177
+ toolName: input.toolName,
178
+ command,
179
+ paths,
180
+ capabilities: envelope.capabilities,
181
+ });
182
+ if (riskResult.requiresApproval) {
183
+ return {
184
+ outcome: "ask-user", // or block, prompt says: ask-user/block
185
+ gate: "risk_assessment",
186
+ reasonCode: riskResult.reasonCode,
187
+ message: `Operation requires approval: ${riskResult.reasons.join(", ")}`,
188
+ };
189
+ }
190
+ if (riskResult.risk === "high-impact") {
191
+ return {
192
+ outcome: "ask-user",
193
+ gate: "risk_assessment",
194
+ reasonCode: riskResult.reasonCode,
195
+ message: `High-impact operation requires review: ${riskResult.reasons.join(", ")}`,
196
+ };
197
+ }
198
+ return {
199
+ outcome: "allow",
200
+ gate: "tool_gate",
201
+ reasonCode: "allowed_by_envelope",
202
+ message: "Operation allowed by current capability envelope.",
203
+ };
204
+ }
205
+ //# sourceMappingURL=gates.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"gates.js","sourceRoot":"","sources":["../../../src/core/autonomy/gates.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,0BAA0B,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AAE7F,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D,SAAS,iBAAiB,CAAC,KAAc,EAA4B;IACpE,OAAO,CACN,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,WAAW,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,OAAO,CAC/G,CAAC;AAAA,CACF;AAED,SAAS,aAAa,CAAC,IAAa,EAAU;IAC7C,IAAI,IAAI,KAAK,OAAO;QAAE,OAAO,CAAC,CAAC;IAC/B,IAAI,IAAI,KAAK,WAAW;QAAE,OAAO,CAAC,CAAC;IACnC,IAAI,IAAI,KAAK,UAAU;QAAE,OAAO,CAAC,CAAC;IAClC,IAAI,IAAI,KAAK,UAAU;QAAE,OAAO,CAAC,CAAC;IAClC,IAAI,IAAI,KAAK,OAAO;QAAE,OAAO,CAAC,CAAC;IAC/B,OAAO,CAAC,CAAC,CAAC,sEAAsE;AAAvE,CACT;AAED,MAAM,UAAU,mBAAmB,CAAC,QAAgC,EAAe;IAClF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO;YACN,OAAO,EAAE,UAAU;YACnB,IAAI,EAAE,eAAe;YACrB,UAAU,EAAE,kBAAkB;YAC9B,OAAO,EAAE,6BAA6B;SACtC,CAAC;IACH,CAAC;IAED,IAAI,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,IAAI,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAElD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,iBAAiB,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,iBAAiB,GAAG,aAAa,EAAE,CAAC;YACvC,MAAM,GAAG,OAAO,CAAC;YACjB,aAAa,GAAG,iBAAiB,CAAC;QACnC,CAAC;IACF,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QACxC,OAAO;YACN,GAAG,MAAM;YACT,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,yCAAyC;SACpE,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAAA,CACd;AAED,MAAM,UAAU,mBAAmB,CAAC,IAA+D,EAAe;IACjH,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,cAAc,CAAC;IACxD,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,gBAAgB,CAAC;IACtE,MAAM,OAAO,GAAoB,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC;IAExE,OAAO;QACN,OAAO;QACP,IAAI;QACJ,UAAU;QACV,OAAO,EAAE,0BAA0B,OAAO,aAAa,IAAI,KAAK,UAAU,GAAG;KAC7E,CAAC;AAAA,CACF;AAED,MAAM,UAAU,qBAAqB,CAAC,QAAgB,EAAE,IAAa,EAAY;IAChF,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACjD,MAAM,GAAG,GAAG,IAA+B,CAAC;IAC5C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,IACC,QAAQ,KAAK,MAAM;QACnB,QAAQ,KAAK,OAAO;QACpB,QAAQ,KAAK,MAAM;QACnB,QAAQ,KAAK,IAAI;QACjB,QAAQ,KAAK,MAAM;QACnB,QAAQ,KAAK,MAAM,EAClB,CAAC;QACF,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;YACrD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACF,CAAC;IAED,OAAO,KAAK,CAAC;AAAA,CACb;AAED,MAAM,UAAU,gBAAgB,CAAC,KAKhC,EAAe;IACf,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO;YACN,OAAO,EAAE,OAAO;YAChB,IAAI,EAAE,WAAW;YACjB,UAAU,EAAE,aAAa;YACzB,OAAO,EAAE,2DAA2D;SACpE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAEhC,oCAAoC;IACpC,IAAI,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,OAAO;YACN,OAAO,EAAE,OAAO;YAChB,IAAI,EAAE,WAAW;YACjB,UAAU,EAAE,aAAa;YACzB,OAAO,EAAE,SAAS,KAAK,CAAC,QAAQ,yBAAyB;SACzD,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,YAAY,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9E,OAAO;YACN,OAAO,EAAE,OAAO;YAChB,IAAI,EAAE,WAAW;YACjB,UAAU,EAAE,kBAAkB;YAC9B,OAAO,EAAE,SAAS,KAAK,CAAC,QAAQ,qCAAqC;SACrE,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,MAAM,KAAK,GAAG,qBAAqB,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAChE,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC/C,mDAAmD;QACnD,KAAK,MAAM,UAAU,IAAI,KAAK,EAAE,CAAC;YAChC,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;YACxG,IAAI,WAAW,GAAG,KAAK,CAAC;YACxB,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,IAAI,QAAQ,GAAG,EAAE,CAAC;YAElB,KAAK,MAAM,WAAW,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;gBACjD,MAAM,QAAQ,GAAG,cAAc,CAC9B;oBACC,IAAI,EAAE,WAAW;oBACjB,YAAY,EAAE,QAAQ,CAAC,YAAY;oBACnC,WAAW,EAAE,QAAQ,CAAC,WAAW;iBACjC,EACD,gBAAgB,CAChB,CAAC;gBAEF,IAAI,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAChC,QAAQ,GAAG,IAAI,CAAC;oBAChB,QAAQ,GAAG,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC;oBACtC,MAAM;gBACP,CAAC;gBACD,IAAI,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAChC,WAAW,GAAG,IAAI,CAAC;gBACpB,CAAC;YACF,CAAC;YAED,IAAI,QAAQ,EAAE,CAAC;gBACd,OAAO;oBACN,OAAO,EAAE,OAAO;oBAChB,IAAI,EAAE,YAAY;oBAClB,UAAU,EAAE,aAAa;oBACzB,OAAO,EAAE,SAAS,UAAU,mCAAmC,QAAQ,IAAI;iBAC3E,CAAC;YACH,CAAC;YAED,IAAI,CAAC,WAAW,EAAE,CAAC;gBAClB,qFAAqF;gBACrF,qIAAqI;gBACrI,OAAO;oBACN,OAAO,EAAE,OAAO;oBAChB,IAAI,EAAE,YAAY;oBAClB,UAAU,EAAE,4BAA4B;oBACxC,OAAO,EAAE,SAAS,UAAU,iCAAiC;iBAC7D,CAAC;YACH,CAAC;QACF,CAAC;IACF,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,0BAA0B,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,OAAO;YACN,OAAO,EAAE,OAAO;YAChB,IAAI,EAAE,WAAW;YACjB,UAAU,EAAE,yBAAyB;YACrC,OAAO,EAAE,SAAS,KAAK,CAAC,QAAQ,oDAAoD;SACpF,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAG,2BAA2B,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7E,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;QACnC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7C,OAAO;gBACN,OAAO,EAAE,OAAO;gBAChB,IAAI,EAAE,WAAW;gBACjB,UAAU,EAAE,oBAAoB;gBAChC,OAAO,EAAE,SAAS,KAAK,CAAC,QAAQ,0BAA0B,MAAM,+CAA+C;aAC/G,CAAC;QACH,CAAC;IACF,CAAC;IACD,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,KAAK,CAAC,QAAQ,KAAK,MAAM,IAAI,KAAK,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAC7D,MAAM,OAAO,GAAG,KAAK,CAAC,IAA+B,CAAC;QACtD,IAAI,OAAO,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACpD,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAC3B,CAAC;IACF,CAAC;IAED,MAAM,UAAU,GAAG,mBAAmB,CAAC;QACtC,SAAS,EAAE,QAAQ,KAAK,CAAC,QAAQ,EAAE;QACnC,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,OAAO;QACP,KAAK;QACL,YAAY,EAAE,QAAQ,CAAC,YAAY;KACnC,CAAC,CAAC;IAEH,IAAI,UAAU,CAAC,gBAAgB,EAAE,CAAC;QACjC,OAAO;YACN,OAAO,EAAE,UAAU,EAAE,wCAAwC;YAC7D,IAAI,EAAE,iBAAiB;YACvB,UAAU,EAAE,UAAU,CAAC,UAAU;YACjC,OAAO,EAAE,gCAAgC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;SACxE,CAAC;IACH,CAAC;IAED,IAAI,UAAU,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACvC,OAAO;YACN,OAAO,EAAE,UAAU;YACnB,IAAI,EAAE,iBAAiB;YACvB,UAAU,EAAE,UAAU,CAAC,UAAU;YACjC,OAAO,EAAE,0CAA0C,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;SAClF,CAAC;IACH,CAAC;IAED,OAAO;QACN,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,WAAW;QACjB,UAAU,EAAE,qBAAqB;QACjC,OAAO,EAAE,mDAAmD;KAC5D,CAAC;AAAA,CACF","sourcesContent":["import path from \"node:path\";\nimport { hasCapabilityPolicyForTool, requiredCapabilitiesForTool } from \"./approval-gate.ts\";\nimport type { CapabilityEnvelope, GateOutcome, GateOutcomeKind } from \"./contracts.ts\";\nimport { checkPathScope } from \"./path-scope.ts\";\nimport { assessOperationRisk } from \"./risk-assessment.ts\";\n\nfunction isGateOutcomeKind(value: unknown): value is GateOutcomeKind {\n\treturn (\n\t\tvalue === \"allow\" || value === \"downgrade\" || value === \"escalate\" || value === \"ask-user\" || value === \"block\"\n\t);\n}\n\nfunction getPrecedence(kind: unknown): number {\n\tif (kind === \"allow\") return 0;\n\tif (kind === \"downgrade\") return 1;\n\tif (kind === \"escalate\") return 2;\n\tif (kind === \"ask-user\") return 3;\n\tif (kind === \"block\") return 4;\n\treturn 4; // Malformed/unknown outcome kind defaults to most restrictive (block)\n}\n\nexport function combineGateOutcomes(outcomes: readonly GateOutcome[]): GateOutcome {\n\tif (outcomes.length === 0) {\n\t\treturn {\n\t\t\toutcome: \"ask-user\",\n\t\t\tgate: \"gate-combiner\",\n\t\t\treasonCode: \"no_gate_outcomes\",\n\t\t\tmessage: \"No gate outcomes to combine\",\n\t\t};\n\t}\n\n\tlet winner = outcomes[0];\n\tlet maxPrecedence = getPrecedence(winner.outcome);\n\n\tfor (let i = 1; i < outcomes.length; i++) {\n\t\tconst current = outcomes[i];\n\t\tconst currentPrecedence = getPrecedence(current.outcome);\n\t\tif (currentPrecedence > maxPrecedence) {\n\t\t\twinner = current;\n\t\t\tmaxPrecedence = currentPrecedence;\n\t\t}\n\t}\n\n\tif (!isGateOutcomeKind(winner.outcome)) {\n\t\treturn {\n\t\t\t...winner,\n\t\t\toutcome: \"block\",\n\t\t\tmessage: winner.message || \"Malformed outcome kind coerced to block\",\n\t\t};\n\t}\n\n\treturn winner;\n}\n\nexport function fallbackGateOutcome(args: { gate: string; reversible: boolean; reasonCode: string }): GateOutcome {\n\tconst gate = (args.gate || \"\").trim() || \"unknown_gate\";\n\tconst reasonCode = (args.reasonCode || \"\").trim() || \"unknown_reason\";\n\tconst outcome: GateOutcomeKind = args.reversible ? \"ask-user\" : \"block\";\n\n\treturn {\n\t\toutcome,\n\t\tgate,\n\t\treasonCode,\n\t\tmessage: `Fallback gate outcome: ${outcome} for gate ${gate} (${reasonCode})`,\n\t};\n}\n\nexport function extractCandidatePaths(toolName: string, args: unknown): string[] {\n\tif (!args || typeof args !== \"object\") return [];\n\tconst obj = args as Record<string, unknown>;\n\tconst paths: string[] = [];\n\n\tif (\n\t\ttoolName === \"read\" ||\n\t\ttoolName === \"write\" ||\n\t\ttoolName === \"edit\" ||\n\t\ttoolName === \"ls\" ||\n\t\ttoolName === \"grep\" ||\n\t\ttoolName === \"find\"\n\t) {\n\t\tif (typeof obj.path === \"string\" && obj.path.trim()) {\n\t\t\tpaths.push(obj.path.trim());\n\t\t}\n\t}\n\n\treturn paths;\n}\n\nexport function evaluateToolGate(input: {\n\ttoolName: string;\n\targs?: unknown;\n\tcwd: string;\n\tenvelope?: CapabilityEnvelope;\n}): GateOutcome {\n\tif (!input.envelope) {\n\t\treturn {\n\t\t\toutcome: \"allow\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"no_envelope\",\n\t\t\tmessage: \"No envelope active, preserving existing session behavior.\",\n\t\t};\n\t}\n\n\tconst envelope = input.envelope;\n\n\t// 1. Tool allow/deny list overrides\n\tif (envelope.deniedTools?.includes(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"tool_denied\",\n\t\t\tmessage: `Tool '${input.toolName}' is explicitly denied.`,\n\t\t};\n\t}\n\n\tif (envelope.allowedTools && !envelope.allowedTools.includes(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"tool_not_allowed\",\n\t\t\tmessage: `Tool '${input.toolName}' is not in the allowed tools list.`,\n\t\t};\n\t}\n\n\t// 2. Path scope containment for file tools\n\tconst paths = extractCandidatePaths(input.toolName, input.args);\n\tif (paths.length > 0 && envelope.allowedPaths) {\n\t\t// If envelope has allowedPaths, we must check them\n\t\tfor (const targetPath of paths) {\n\t\t\tconst scopedTargetPath = path.isAbsolute(targetPath) ? targetPath : path.resolve(input.cwd, targetPath);\n\t\t\tlet isInsideAny = false;\n\t\t\tlet isDenied = false;\n\t\t\tlet denyRule = \"\";\n\n\t\t\tfor (const allowedRoot of envelope.allowedPaths) {\n\t\t\t\tconst decision = checkPathScope(\n\t\t\t\t\t{\n\t\t\t\t\t\troot: allowedRoot,\n\t\t\t\t\t\tallowedPaths: envelope.allowedPaths,\n\t\t\t\t\t\tdeniedPaths: envelope.deniedPaths,\n\t\t\t\t\t},\n\t\t\t\t\tscopedTargetPath,\n\t\t\t\t);\n\n\t\t\t\tif (decision.kind === \"denied\") {\n\t\t\t\t\tisDenied = true;\n\t\t\t\t\tdenyRule = decision.matchedRule || \"\";\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tif (decision.kind === \"inside\") {\n\t\t\t\t\tisInsideAny = true;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (isDenied) {\n\t\t\t\treturn {\n\t\t\t\t\toutcome: \"block\",\n\t\t\t\t\tgate: \"path_scope\",\n\t\t\t\t\treasonCode: \"path_denied\",\n\t\t\t\t\tmessage: `Path '${targetPath}' is explicitly denied by rule '${denyRule}'.`,\n\t\t\t\t};\n\t\t\t}\n\n\t\t\tif (!isInsideAny) {\n\t\t\t\t// Block only if the tool is mutating. Wait, read path outside allowed root -> block.\n\t\t\t\t// \"read path inside allowed root -> allow. write/edit path outside allowed root -> block. denied path inside allowed root -> block.\"\n\t\t\t\treturn {\n\t\t\t\t\toutcome: \"block\",\n\t\t\t\t\tgate: \"path_scope\",\n\t\t\t\t\treasonCode: \"path_outside_allowed_roots\",\n\t\t\t\t\tmessage: `Path '${targetPath}' is outside all allowed roots.`,\n\t\t\t\t};\n\t\t\t}\n\t\t}\n\t}\n\n\t// 2.5. Capability checks\n\tif (!hasCapabilityPolicyForTool(input.toolName)) {\n\t\treturn {\n\t\t\toutcome: \"block\",\n\t\t\tgate: \"tool_gate\",\n\t\t\treasonCode: \"unknown_tool_capability\",\n\t\t\tmessage: `Tool '${input.toolName}' has no capability policy in the active envelope.`,\n\t\t};\n\t}\n\n\tconst requiredCaps = requiredCapabilitiesForTool(input.toolName, input.args);\n\tfor (const reqCap of requiredCaps) {\n\t\tif (!envelope.capabilities.includes(reqCap)) {\n\t\t\treturn {\n\t\t\t\toutcome: \"block\",\n\t\t\t\tgate: \"tool_gate\",\n\t\t\t\treasonCode: \"missing_capability\",\n\t\t\t\tmessage: `Tool '${input.toolName}' requires capability '${reqCap}', which is missing from the active envelope.`,\n\t\t\t};\n\t\t}\n\t}\n\tlet command = \"\";\n\tif (input.toolName === \"bash\" || input.toolName === \"shell\") {\n\t\tconst argsObj = input.args as Record<string, unknown>;\n\t\tif (argsObj && typeof argsObj.command === \"string\") {\n\t\t\tcommand = argsObj.command;\n\t\t}\n\t}\n\n\tconst riskResult = assessOperationRisk({\n\t\toperation: `Tool ${input.toolName}`,\n\t\ttoolName: input.toolName,\n\t\tcommand,\n\t\tpaths,\n\t\tcapabilities: envelope.capabilities,\n\t});\n\n\tif (riskResult.requiresApproval) {\n\t\treturn {\n\t\t\toutcome: \"ask-user\", // or block, prompt says: ask-user/block\n\t\t\tgate: \"risk_assessment\",\n\t\t\treasonCode: riskResult.reasonCode,\n\t\t\tmessage: `Operation requires approval: ${riskResult.reasons.join(\", \")}`,\n\t\t};\n\t}\n\n\tif (riskResult.risk === \"high-impact\") {\n\t\treturn {\n\t\t\toutcome: \"ask-user\",\n\t\t\tgate: \"risk_assessment\",\n\t\t\treasonCode: riskResult.reasonCode,\n\t\t\tmessage: `High-impact operation requires review: ${riskResult.reasons.join(\", \")}`,\n\t\t};\n\t}\n\n\treturn {\n\t\toutcome: \"allow\",\n\t\tgate: \"tool_gate\",\n\t\treasonCode: \"allowed_by_envelope\",\n\t\tmessage: \"Operation allowed by current capability envelope.\",\n\t};\n}\n"]}
@@ -0,0 +1,48 @@
1
+ /**
2
+ * Live lane registry for autonomous background work (research/worker/learning lanes).
3
+ *
4
+ * This is the first real concurrency tracker behind `AutonomyStatusSnapshot.activeLaneCount`:
5
+ * counts reflect lanes actually running in THIS process, never inferred/faked from historical
6
+ * snapshots. Terminal lane records are persisted separately via `session-lane-record.ts`.
7
+ */
8
+ export type LaneType = "research" | "worker" | "learning";
9
+ export type LaneTerminalStatus = "succeeded" | "failed" | "canceled" | "timeout" | "budget_exhausted";
10
+ export type LaneStatus = "queued" | "running" | LaneTerminalStatus;
11
+ export interface LaneRecord {
12
+ laneId: string;
13
+ type: LaneType;
14
+ status: LaneStatus;
15
+ reasonCode?: string;
16
+ startedAt?: string;
17
+ completedAt?: string;
18
+ costUsd?: number;
19
+ goalId?: string;
20
+ evidenceEntryId?: string;
21
+ }
22
+ export declare function isLaneTerminalStatus(value: unknown): value is LaneTerminalStatus;
23
+ export declare function isLaneRecord(value: unknown): value is LaneRecord;
24
+ export declare function cloneLaneRecordForStorage(record: LaneRecord): LaneRecord;
25
+ export declare class LaneTracker {
26
+ private readonly _lanes;
27
+ private _nextLaneNumber;
28
+ private readonly _now;
29
+ constructor(options?: {
30
+ now?: () => string;
31
+ });
32
+ /** Seed the id counter (e.g. from persisted lane records) so resumed sessions don't reuse ids. */
33
+ ensureCounterAtLeast(next: number): void;
34
+ private _evictOldTerminal;
35
+ start(args: {
36
+ type: LaneType;
37
+ goalId?: string;
38
+ }): LaneRecord;
39
+ complete(laneId: string, args: {
40
+ status: LaneTerminalStatus;
41
+ reasonCode?: string;
42
+ costUsd?: number;
43
+ evidenceEntryId?: string;
44
+ }): LaneRecord | undefined;
45
+ getActiveCount(type?: LaneType): number;
46
+ getRecords(): LaneRecord[];
47
+ }
48
+ //# sourceMappingURL=lane-tracker.d.ts.map