npm - @cotal-ai/cli - Versions diffs - 0.6.0 → 0.8.0 - Mend

@cotal-ai/cli 0.6.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

package/dist/commands/channels.d.ts +4 -2
package/dist/commands/channels.d.ts.map +1 -1
package/dist/commands/channels.js +17 -18
package/dist/commands/channels.js.map +1 -1
package/dist/commands/console.d.ts.map +1 -1
package/dist/commands/console.js +13 -29
package/dist/commands/console.js.map +1 -1
package/dist/commands/down-manifest.d.ts +6 -0
package/dist/commands/down-manifest.d.ts.map +1 -0
package/dist/commands/down-manifest.js +282 -0
package/dist/commands/down-manifest.js.map +1 -0
package/dist/commands/down.d.ts +5 -3
package/dist/commands/down.d.ts.map +1 -1
package/dist/commands/down.js +30 -3
package/dist/commands/down.js.map +1 -1
package/dist/commands/history.d.ts.map +1 -1
package/dist/commands/history.js +6 -13
package/dist/commands/history.js.map +1 -1
package/dist/commands/join.d.ts.map +1 -1
package/dist/commands/join.js +20 -7
package/dist/commands/join.js.map +1 -1
package/dist/commands/meshes.d.ts +5 -0
package/dist/commands/meshes.d.ts.map +1 -0
package/dist/commands/meshes.js +25 -0
package/dist/commands/meshes.js.map +1 -0
package/dist/commands/mint.d.ts.map +1 -1
package/dist/commands/mint.js +2 -1
package/dist/commands/mint.js.map +1 -1
package/dist/commands/setup.d.ts.map +1 -1
package/dist/commands/setup.js +66 -16
package/dist/commands/setup.js.map +1 -1
package/dist/commands/spawn-manifest.d.ts +10 -0
package/dist/commands/spawn-manifest.d.ts.map +1 -0
package/dist/commands/spawn-manifest.js +197 -0
package/dist/commands/spawn-manifest.js.map +1 -0
package/dist/commands/spawn.d.ts +4 -2
package/dist/commands/spawn.d.ts.map +1 -1
package/dist/commands/spawn.js +84 -25
package/dist/commands/spawn.js.map +1 -1
package/dist/commands/topology.d.ts +10 -0
package/dist/commands/topology.d.ts.map +1 -0
package/dist/commands/topology.js +46 -0
package/dist/commands/topology.js.map +1 -0
package/dist/commands/up.d.ts +4 -0
package/dist/commands/up.d.ts.map +1 -1
package/dist/commands/up.js +223 -6
package/dist/commands/up.js.map +1 -1
package/dist/commands/use.d.ts +7 -0
package/dist/commands/use.d.ts.map +1 -0
package/dist/commands/use.js +27 -0
package/dist/commands/use.js.map +1 -0
package/dist/commands/web.d.ts.map +1 -1
package/dist/commands/web.js +60 -28
package/dist/commands/web.js.map +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +27 -2
package/dist/index.js.map +1 -1
package/dist/lib/connect.d.ts +74 -0
package/dist/lib/connect.d.ts.map +1 -0
package/dist/lib/connect.js +91 -0
package/dist/lib/connect.js.map +1 -0
package/dist/lib/delivery-proc.d.ts.map +1 -1
package/dist/lib/delivery-proc.js +2 -1
package/dist/lib/delivery-proc.js.map +1 -1
package/dist/lib/manager-proc.d.ts +4 -0
package/dist/lib/manager-proc.d.ts.map +1 -1
package/dist/lib/manager-proc.js +17 -0
package/dist/lib/manager-proc.js.map +1 -1
package/dist/lib/manifest/apply.d.ts +29 -0
package/dist/lib/manifest/apply.d.ts.map +1 -0
package/dist/lib/manifest/apply.js +138 -0
package/dist/lib/manifest/apply.js.map +1 -0
package/dist/lib/manifest/errors.d.ts +21 -0
package/dist/lib/manifest/errors.d.ts.map +1 -0
package/dist/lib/manifest/errors.js +19 -0
package/dist/lib/manifest/errors.js.map +1 -0
package/dist/lib/manifest/index.d.ts +13 -0
package/dist/lib/manifest/index.d.ts.map +1 -0
package/dist/lib/manifest/index.js +21 -0
package/dist/lib/manifest/index.js.map +1 -0
package/dist/lib/manifest/ledger.d.ts +81 -0
package/dist/lib/manifest/ledger.d.ts.map +1 -0
package/dist/lib/manifest/ledger.js +213 -0
package/dist/lib/manifest/ledger.js.map +1 -0
package/dist/lib/manifest/live.d.ts +25 -0
package/dist/lib/manifest/live.d.ts.map +1 -0
package/dist/lib/manifest/live.js +61 -0
package/dist/lib/manifest/live.js.map +1 -0
package/dist/lib/manifest/model.d.ts +71 -0
package/dist/lib/manifest/model.d.ts.map +1 -0
package/dist/lib/manifest/model.js +2 -0
package/dist/lib/manifest/model.js.map +1 -0
package/dist/lib/manifest/preflight.d.ts +12 -0
package/dist/lib/manifest/preflight.d.ts.map +1 -0
package/dist/lib/manifest/preflight.js +43 -0
package/dist/lib/manifest/preflight.js.map +1 -0
package/dist/lib/manifest/prepare.d.ts +57 -0
package/dist/lib/manifest/prepare.d.ts.map +1 -0
package/dist/lib/manifest/prepare.js +95 -0
package/dist/lib/manifest/prepare.js.map +1 -0
package/dist/lib/manifest/render.d.ts +41 -0
package/dist/lib/manifest/render.d.ts.map +1 -0
package/dist/lib/manifest/render.js +177 -0
package/dist/lib/manifest/render.js.map +1 -0
package/dist/lib/manifest/resolve.d.ts +5 -0
package/dist/lib/manifest/resolve.d.ts.map +1 -0
package/dist/lib/manifest/resolve.js +185 -0
package/dist/lib/manifest/resolve.js.map +1 -0
package/dist/lib/manifest/schema.d.ts +103 -0
package/dist/lib/manifest/schema.d.ts.map +1 -0
package/dist/lib/manifest/schema.js +77 -0
package/dist/lib/manifest/schema.js.map +1 -0
package/dist/lib/manifest/spawn-plan.d.ts +87 -0
package/dist/lib/manifest/spawn-plan.d.ts.map +1 -0
package/dist/lib/manifest/spawn-plan.js +75 -0
package/dist/lib/manifest/spawn-plan.js.map +1 -0
package/dist/lib/meshes.d.ts +2 -0
package/dist/lib/meshes.d.ts.map +1 -0
package/dist/lib/meshes.js +6 -0
package/dist/lib/meshes.js.map +1 -0
package/dist/lib/onboard.js +6 -6
package/dist/lib/onboard.js.map +1 -1
package/dist/lib/paths.js +1 -1
package/dist/lib/paths.js.map +1 -1
package/dist/lib/status.d.ts.map +1 -1
package/dist/lib/status.js +2 -1
package/dist/lib/status.js.map +1 -1
package/dist/lib/transient.d.ts +7 -6
package/dist/lib/transient.d.ts.map +1 -1
package/dist/lib/transient.js +6 -25
package/dist/lib/transient.js.map +1 -1
package/dist/web/graph.html +207 -0
package/dist/web/graph.js +508 -0
package/dist/web/index.html +6 -0
package/package.json +6 -2

package/dist/lib/manifest/apply.js ADDED Viewed

@@ -0,0 +1,138 @@
+/**
+ * Apply helpers shared by `up -f` / `spawn -f`: turn a {@link PreparedManifest} into the artifacts
+ * the launch needs — the channel-registry seed, the resolved launch spec (written for the manager's
+ * `supervise --launch`), and the connector-availability preflight. No broker lifecycle here (that's
+ * the command), so this stays reusable across both verbs.
+ */
+import { accessSync, constants, renameSync, writeFileSync } from "node:fs";
+import { createHash, randomBytes } from "node:crypto";
+import { join, delimiter } from "node:path";
+import { ensureDirNoSymlink, registry } from "@cotal-ai/core";
+/** A path-safe run id naming the transient `.cotal/run/<runId>/` dir and tying to the ledger. */
+export function genRunId() {
+    return randomBytes(8).toString("hex");
+}
+/** Stable content hash of the resolved launch fields — connector + behavior + ACLs. A change here
+ *  means a re-declared running agent is stale/restart-required (drift detection). */
+export function hashAgent(a) {
+    const stable = JSON.stringify({
+        agent: a.agentType,
+        model: a.model ?? null,
+        role: a.role ?? null,
+        body: a.body ?? null,
+        capabilities: [...a.capabilities].sort(),
+        subscribe: [...a.policy.subscribe].sort(),
+        allowSubscribe: [...a.policy.allowSubscribe].sort(),
+        allowPublish: [...a.policy.allowPublish].sort(),
+    });
+    return createHash("sha256").update(stable).digest("hex").slice(0, 16);
+}
+/** Project a prepared agent into the resolved launch-spec form the manager consumes. */
+function toLaunchAgent(a) {
+    return {
+        name: a.name,
+        agent: a.agentType,
+        role: a.role,
+        model: a.model,
+        description: a.description,
+        body: a.body,
+        capabilities: a.capabilities.length ? a.capabilities : undefined,
+        subscribe: a.policy.subscribe,
+        allowSubscribe: a.policy.allowSubscribe,
+        allowPublish: a.policy.allowPublish,
+        personaPath: a.persona,
+        hash: hashAgent(a),
+    };
+}
+/** Build the launch spec the manager boots from. */
+export function buildLaunchSpec(prepared, runId) {
+    return {
+        apiVersion: "cotal-launch/v1",
+        space: prepared.manifest.space,
+        runId,
+        agents: prepared.agents.map(toLaunchAgent),
+    };
+}
+/** Write the launch spec to `<root>/.cotal/run/<runId>.json` (0600 — it carries persona text +
+ *  policy) and return its path. A fresh run is exclusive-create (`wx`); a `spawn -f` re-apply reuses
+ *  the runId, so `update` rewrites it atomically (temp-then-rename, exclusive temp — never follows a
+ *  pre-planted symlink). Both refuse a symlinked `.cotal`/`run` parent. */
+export function writeLaunchSpec(root, spec, opts = {}) {
+    const dir = ensureDirNoSymlink(root, ".cotal", "run");
+    const path = join(dir, `${spec.runId}.json`);
+    const body = JSON.stringify(spec, null, 2);
+    if (opts.update) {
+        const tmp = join(dir, `.${spec.runId}.${randomBytes(4).toString("hex")}.tmp`);
+        writeFileSync(tmp, body, { mode: 0o600, flag: "wx" });
+        renameSync(tmp, path);
+    }
+    else {
+        writeFileSync(path, body, { mode: 0o600, flag: "wx" });
+    }
+    return path;
+}
+/** A channel's registry card (description/instructions/replay…) in the shape `seedChannelRegistry`
+ *  writes. Oversize description/instructions are rejected at the write path. */
+function cardOf(ch) {
+    return {
+        ...(ch.description !== undefined ? { description: ch.description } : {}),
+        ...(ch.instructions !== undefined ? { instructions: ch.instructions } : {}),
+        ...(ch.replay !== undefined ? { replay: ch.replay } : {}),
+        ...(ch.replayWindow !== undefined ? { replayWindow: ch.replayWindow } : {}),
+        ...(ch.deliveryClass !== undefined ? { deliveryClass: ch.deliveryClass } : {}),
+    };
+}
+/** The channel-registry seed (defaults + every per-channel card) — used by `up -f`, which owns the
+ *  whole space. */
+export function manifestToChannels(prepared) {
+    const channels = {};
+    for (const ch of prepared.manifest.channels)
+        channels[ch.name] = cardOf(ch);
+    return { ...(prepared.manifest.defaults ? { defaults: prepared.manifest.defaults } : {}), channels };
+}
+/** A seed of ONLY the given channels and NO defaults — for `spawn -f`, which seeds the brand-new
+ *  keys it creates onto a shared mesh and must never rewrite the mesh-wide defaults or a pre-existing
+ *  (unmanaged) card. */
+export function channelsSeed(channels) {
+    const out = {};
+    for (const ch of channels)
+        out[ch.name] = cardOf(ch);
+    return { channels: out };
+}
+/** Preflight the connectors: every distinct connector type must be registered and have its required
+ *  binaries on PATH — fail before any mutation (no fallback). Returns an error sentence, or "". */
+export function preflightConnectors(prepared) {
+    const types = [...new Set(prepared.agents.map((a) => a.agentType))];
+    const problems = [];
+    for (const type of types) {
+        let connector;
+        try {
+            connector = registry.resolve("connector", type);
+        }
+        catch {
+            problems.push(`unknown connector "${type}" (no such agent type registered)`);
+            continue;
+        }
+        const missing = (connector.requires ?? []).filter((bin) => !binOnPath(bin));
+        if (missing.length)
+            problems.push(`${type} needs ${missing.join(", ")} on PATH`);
+    }
+    return problems.join("; ");
+}
+/** Is `bin` an executable on PATH (or an executable absolute/relative path)? POSIX-only — mirrors
+ *  the manager's own preflight so `up -f` fails the same way `cotal start` would. */
+function binOnPath(bin) {
+    const check = (p) => {
+        try {
+            accessSync(p, constants.X_OK);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    };
+    if (bin.includes("/"))
+        return check(bin);
+    return (process.env.PATH ?? "").split(delimiter).some((dir) => dir && check(join(dir, bin)));
+}
+//# sourceMappingURL=apply.js.map

package/dist/lib/manifest/apply.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"apply.js","sourceRoot":"","sources":["../../../src/lib/manifest/apply.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC3E,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAA2G,MAAM,gBAAgB,CAAC;AAKvK,iGAAiG;AACjG,MAAM,UAAU,QAAQ;IACtB,OAAO,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC;AAED;qFACqF;AACrF,MAAM,UAAU,SAAS,CAAC,CAAgB;IACxC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC;QAC5B,KAAK,EAAE,CAAC,CAAC,SAAS;QAClB,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI;QACtB,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,IAAI;QACpB,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,IAAI;QACpB,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,CAAC,IAAI,EAAE;QACxC,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE;QACzC,cAAc,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,EAAE;QACnD,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,EAAE;KAChD,CAAC,CAAC;IACH,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,wFAAwF;AACxF,SAAS,aAAa,CAAC,CAAgB;IACrC,OAAO;QACL,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,SAAS;QAClB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,YAAY,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;QAChE,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS;QAC7B,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,cAAc;QACvC,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY;QACnC,WAAW,EAAE,CAAC,CAAC,OAAO;QACtB,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;KACnB,CAAC;AACJ,CAAC;AAED,oDAAoD;AACpD,MAAM,UAAU,eAAe,CAAC,QAA0B,EAAE,KAAa;IACvE,OAAO;QACL,UAAU,EAAE,iBAAiB;QAC7B,KAAK,EAAE,QAAQ,CAAC,QAAQ,CAAC,KAAK;QAC9B,KAAK;QACL,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC;KAC3C,CAAC;AACJ,CAAC;AAED;;;2EAG2E;AAC3E,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,IAAoB,EAAE,OAA6B,EAAE;IACjG,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IACtD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC3C,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,KAAK,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC9E,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACtD,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;gFACgF;AAChF,SAAS,MAAM,CAAC,EAAmB;IACjC,OAAO;QACL,GAAG,CAAC,EAAE,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,GAAG,CAAC,EAAE,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,EAAE,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3E,GAAG,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,GAAG,CAAC,EAAE,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,EAAE,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3E,GAAG,CAAC,EAAE,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,EAAE,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC/E,CAAC;AACJ,CAAC;AAED;mBACmB;AACnB,MAAM,UAAU,kBAAkB,CAAC,QAA0B;IAC3D,MAAM,QAAQ,GAAkC,EAAE,CAAC;IACnD,KAAK,MAAM,EAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ;QAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5E,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC;AACvG,CAAC;AAED;;wBAEwB;AACxB,MAAM,UAAU,YAAY,CAAC,QAA2B;IACtD,MAAM,GAAG,GAAkC,EAAE,CAAC;IAC9C,KAAK,MAAM,EAAE,IAAI,QAAQ;QAAE,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IACrD,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;AAC3B,CAAC;AAED;mGACmG;AACnG,MAAM,UAAU,mBAAmB,CAAC,QAA0B;IAC5D,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACpE,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,SAAoB,CAAC;QACzB,IAAI,CAAC;YACH,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAY,WAAW,EAAE,IAAI,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,IAAI,CAAC,sBAAsB,IAAI,mCAAmC,CAAC,CAAC;YAC7E,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,SAAS,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5E,IAAI,OAAO,CAAC,MAAM;YAAE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,UAAU,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACnF,CAAC;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED;qFACqF;AACrF,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,KAAK,GAAG,CAAC,CAAS,EAAW,EAAE;QACnC,IAAI,CAAC;YACH,UAAU,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC;IACF,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAC/F,CAAC"}

package/dist/lib/manifest/errors.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Located manifest errors. Every validation failure carries the offending file, the YAML path,
+ * and (where the node is locatable) a line/column — so the CLI prints `cotal.yaml:12:5: …` instead
+ * of a stack trace. All problems found in one pass are collected and thrown together.
+ */
+export interface ManifestIssue {
+    message: string;
+    /** YAML path to the offending node, e.g. ["channels", "review", "allowPublish"]. */
+    path?: (string | number)[];
+    line?: number;
+    col?: number;
+}
+/** Render one issue as `file:line:col: message (at a.b.c)`. */
+export declare function formatIssue(file: string, i: ManifestIssue): string;
+/** One or more located problems in a manifest. The message lists each on its own line. */
+export declare class ManifestError extends Error {
+    readonly file: string;
+    readonly issues: ManifestIssue[];
+    constructor(file: string, issues: ManifestIssue[]);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/lib/manifest/errors.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/errors.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,oFAAoF;IACpF,IAAI,CAAC,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,+DAA+D;AAC/D,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC,EAAE,aAAa,GAAG,MAAM,CAIlE;AAED,0FAA0F;AAC1F,qBAAa,aAAc,SAAQ,KAAK;IACtC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,aAAa,EAAE,CAAC;gBACrB,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE;CAOlD"}

package/dist/lib/manifest/errors.js ADDED Viewed

@@ -0,0 +1,19 @@
+/** Render one issue as `file:line:col: message (at a.b.c)`. */
+export function formatIssue(file, i) {
+    const loc = i.line ? `${file}:${i.line}${i.col ? `:${i.col}` : ""}` : file;
+    const at = i.path?.length ? ` (at ${i.path.join(".")})` : "";
+    return `${loc}: ${i.message}${at}`;
+}
+/** One or more located problems in a manifest. The message lists each on its own line. */
+export class ManifestError extends Error {
+    file;
+    issues;
+    constructor(file, issues) {
+        const body = issues.map((i) => `  • ${formatIssue(file, i)}`).join("\n");
+        super(`${issues.length} problem(s) in ${file}:\n${body}`);
+        this.name = "ManifestError";
+        this.file = file;
+        this.issues = issues;
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/lib/manifest/errors.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/lib/manifest/errors.ts"],"names":[],"mappings":"AAaA,+DAA+D;AAC/D,MAAM,UAAU,WAAW,CAAC,IAAY,EAAE,CAAgB;IACxD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3E,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7D,OAAO,GAAG,GAAG,KAAK,CAAC,CAAC,OAAO,GAAG,EAAE,EAAE,CAAC;AACrC,CAAC;AAED,0FAA0F;AAC1F,MAAM,OAAO,aAAc,SAAQ,KAAK;IAC7B,IAAI,CAAS;IACb,MAAM,CAAkB;IACjC,YAAY,IAAY,EAAE,MAAuB;QAC/C,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzE,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,kBAAkB,IAAI,MAAM,IAAI,EAAE,CAAC,CAAC;QAC1D,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;QAC5B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF"}

package/dist/lib/manifest/index.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { type PreparedManifest } from "./preflight.js";
+export type { ResolvedManifest, ResolvedAgent, ResolvedChannel, AgentPolicy, PersonaPermissions } from "./model.js";
+export type { PreparedManifest } from "./preflight.js";
+export type { PreparedAgent, AgentWarning, InheritedScopes } from "./prepare.js";
+export { resolveManifest } from "./resolve.js";
+export { preparePersonas } from "./preflight.js";
+export { prepareAgent } from "./prepare.js";
+export { renderTopology, renderWarnings, renderInherited } from "./render.js";
+export { ManifestError, formatIssue, type ManifestIssue } from "./errors.js";
+/** Read + fully resolve a manifest file (absolute path recommended). Throws {@link ManifestError}
+ *  with located problems, or a filesystem error if the file is missing. */
+export declare function loadManifest(path: string): PreparedManifest;
+//# sourceMappingURL=index.d.ts.map

package/dist/lib/manifest/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/index.ts"],"names":[],"mappings":"AAQA,OAAO,EAAmB,KAAK,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAExE,YAAY,EAAE,gBAAgB,EAAE,aAAa,EAAE,eAAe,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AACpH,YAAY,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,YAAY,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACjF,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9E,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAE7E;2EAC2E;AAC3E,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,gBAAgB,CAG3D"}

package/dist/lib/manifest/index.js ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * The mesh-manifest library: load a `cotal.yaml` (kind: Mesh) into a launch-ready, validated model.
+ * Pipeline: read → {@link resolveManifest} (parse/schema/normalize/invert/semantic) →
+ * {@link preparePersonas} (persona reads + merge). Consumed by `topology view`, `up -f`, `spawn -f`.
+ */
+import { readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { resolveManifest } from "./resolve.js";
+import { preparePersonas } from "./preflight.js";
+export { resolveManifest } from "./resolve.js";
+export { preparePersonas } from "./preflight.js";
+export { prepareAgent } from "./prepare.js";
+export { renderTopology, renderWarnings, renderInherited } from "./render.js";
+export { ManifestError, formatIssue } from "./errors.js";
+/** Read + fully resolve a manifest file (absolute path recommended). Throws {@link ManifestError}
+ *  with located problems, or a filesystem error if the file is missing. */
+export function loadManifest(path) {
+    const abs = resolve(path);
+    return preparePersonas(resolveManifest(readFileSync(abs, "utf8"), abs));
+}
+//# sourceMappingURL=index.js.map

package/dist/lib/manifest/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/lib/manifest/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAyB,MAAM,gBAAgB,CAAC;AAKxE,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9E,OAAO,EAAE,aAAa,EAAE,WAAW,EAAsB,MAAM,aAAa,CAAC;AAE7E;2EAC2E;AAC3E,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1B,OAAO,eAAe,CAAC,eAAe,CAAC,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AAC1E,CAAC"}

package/dist/lib/manifest/ledger.d.ts ADDED Viewed

@@ -0,0 +1,81 @@
+import { z } from "zod";
+export declare const LEDGER_VERSION = "cotal-ledger/v1";
+declare const LedgerAgentSchema: z.ZodObject<{
+    requested: z.ZodString;
+    name: z.ZodString;
+    id: z.ZodString;
+    hash: z.ZodString;
+}, z.core.$strict>;
+declare const LedgerSchema: z.ZodObject<{
+    apiVersion: z.ZodLiteral<"cotal-ledger/v1">;
+    kind: z.ZodLiteral<"MeshLedger">;
+    runId: z.ZodString;
+    space: z.ZodString;
+    server: z.ZodString;
+    manifestHash: z.ZodString;
+    manifestPath: z.ZodString;
+    teardownMode: z.ZodLiteral<"ledger-scoped">;
+    created: z.ZodObject<{
+        channels: z.ZodArray<z.ZodString>;
+        agents: z.ZodArray<z.ZodObject<{
+            requested: z.ZodString;
+            name: z.ZodString;
+            id: z.ZodString;
+            hash: z.ZodString;
+        }, z.core.$strict>>;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+export type MeshLedger = z.infer<typeof LedgerSchema>;
+export type LedgerAgent = z.infer<typeof LedgerAgentSchema>;
+/** Assemble a ledger from a `spawn -f` apply result. `agents` carry the manager-reply SPAWNED name
+ *  (cred-keying) + manifest `requested` key + nkey id + resolved hash; `channels` are the brand-new
+ *  registry keys this run created. */
+export declare function buildLedger(opts: {
+    runId: string;
+    space: string;
+    server: string;
+    manifestHash: string;
+    manifestPath: string;
+    channels: string[];
+    agents: LedgerAgent[];
+}): MeshLedger;
+/** Stable index hash of the manifest source text — ties a `down -f cotal.yaml` back to its ledger
+ *  (an edited file no longer matches, so `down -f` fails rather than guessing; `--run` is the
+ *  escape hatch). NOT an integrity check and NOT ownership authority — only a lookup key. */
+export declare function hashManifestSource(src: string): string;
+/** Write the ledger to `<root>/.cotal/manifests/<runId>.json`, `0600`, atomically and refusing a
+ *  symlinked parent. A brand-new ledger is `wx` (exclusive create); an additive update (re-apply)
+ *  goes temp-then-rename so `down -f` never reads a half-written file. */
+export declare function writeLedger(root: string, ledger: MeshLedger, opts?: {
+    update?: boolean;
+}): string;
+/** Parse + strictly validate a ledger file as **untrusted input** — schema, unknown-key rejection,
+ *  token-safe run id / agent names, concrete channel keys, and duplicate detection — so the WHOLE
+ *  ledger is proven before the caller deletes anything (no partial "validated the class I'm about to
+ *  delete" flow). Throws on any deviation. */
+export declare function loadLedger(path: string): MeshLedger;
+/** Every valid ledger under `<root>/.cotal/manifests/`. Unparseable/foreign files are skipped (a
+ *  targeted `down -f --run <id>` names one directly); used to resolve a `down -f cotal.yaml` to its
+ *  run by `manifestHash`. */
+export declare function listLedgers(root: string): Array<{
+    path: string;
+    ledger: MeshLedger;
+}>;
+/** Resolve a `down -f cotal.yaml` to its ledger by the manifest's content hash. Fails (never
+ *  guesses) when nothing matches (edited file) or more than one does — `--run <id>` is the escape. */
+export declare function findLedgerByHash(root: string, manifestHash: string): {
+    path: string;
+    ledger: MeshLedger;
+};
+/** Resolve a ledger by explicit run id (the `--run <id>` path). Validates the id is a safe token
+ *  before deriving the path. */
+export declare function findLedgerByRun(root: string, runId: string): {
+    path: string;
+    ledger: MeshLedger;
+};
+/** Derive an owned agent's cred path under the known auth root — `<root>/.cotal/auth/creds/<name>.creds`
+ *  — from the SPAWNED name, rejecting any name that escapes the creds dir. The ledger never stores a
+ *  cred path; teardown derives it here and the caller deletes it no-follow ({@link unlinkFileNoFollow}). */
+export declare function ownedCredPath(root: string, spawnedName: string): string;
+export {};
+//# sourceMappingURL=ledger.d.ts.map

package/dist/lib/manifest/ledger.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ledger.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/ledger.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,eAAO,MAAM,cAAc,oBAAoB,CAAC;AAOhD,QAAA,MAAM,iBAAiB;;;;;kBAWrB,CAAC;AAEH,QAAA,MAAM,YAAY;;;;;;;;;;;;;;;;;;kBAgBhB,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AACtD,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAE5D;;sCAEsC;AACtC,wBAAgB,WAAW,CAAC,IAAI,EAAE;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,EAAE,WAAW,EAAE,CAAC;CACvB,GAAG,UAAU,CAYb;AAED;;6FAE6F;AAC7F,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEtD;AAED;;0EAE0E;AAC1E,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,GAAE;IAAE,MAAM,CAAC,EAAE,OAAO,CAAA;CAAO,GAAG,MAAM,CAcrG;AAED;;;8CAG8C;AAC9C,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,CAmCnD;AAED;;6BAE6B;AAC7B,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,CAAC,CAwBrF;AAED;sGACsG;AACtG,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,CAOzG;AAED;gCACgC;AAChC,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,UAAU,CAAA;CAAE,CAUjG;AAED;;4GAE4G;AAC5G,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,CAMvE"}

package/dist/lib/manifest/ledger.js ADDED Viewed

@@ -0,0 +1,213 @@
+/**
+ * The `spawn -f` ownership ledger (`cotal-ledger/v1`, one file per run at
+ * `.cotal/manifests/<runId>.json`): the durable, creation-only record of exactly what a `spawn -f`
+ * deploy added to a shared mesh — the registry keys it created and the agents it spawned (by the
+ * manager-reply **spawned** name + nkey id). `down -f` reads it to tear down *only* those resources.
+ *
+ * Two hard rules, because a tampered ledger could otherwise become arbitrary process/credential/file
+ * deletion (the round-8/9 security review):
+ *   1. **Store IDs, never arbitrary paths.** Cred paths are *derived* from the known auth root at
+ *      teardown ({@link ownedCredPath}); the run dir is `.cotal/run/<runId>`. The ledger never names
+ *      a path to delete.
+ *   2. **Treat the file as untrusted on read.** {@link loadLedger} strictly validates the whole
+ *      ledger (schema, token-safe ids/names, concrete channels, duplicate detection) BEFORE the
+ *      caller takes any destructive action — fail closed, globally.
+ */
+import { createHash, randomBytes } from "node:crypto";
+import { readFileSync, writeFileSync, readdirSync, renameSync, lstatSync } from "node:fs";
+import { join, resolve, dirname } from "node:path";
+import { z } from "zod";
+import { assertValidChannel, assertValidName, ensureDirNoSymlink, isConcreteChannel, realDirNoSymlink } from "@cotal-ai/core";
+import { authDir } from "@cotal-ai/workspace";
+export const LEDGER_VERSION = "cotal-ledger/v1";
+// Path-/route-safe token (run id, agent name) and an alphanumeric content hash — same shapes the
+// launch spec uses, so the ledger can't smuggle a traversal/injection string into a derived path.
+const TOKEN = /^[A-Za-z0-9_-]+$/;
+const HASH = /^[A-Za-z0-9]+$/;
+const LedgerAgentSchema = z.strictObject({
+    /** The manifest agent key (`agents:` name) — display + the stable key a re-apply matches a declared
+     *  agent against (the spawned name may collision-number, so it can't be that key). */
+    requested: z.string().regex(TOKEN, "requested name must be a path-safe token ([A-Za-z0-9_-])"),
+    /** The manager-reply SPAWNED name (collision-numbered, e.g. `socrates-2`) — what creds are filed
+     *  under; the cred path derives from THIS, never the manifest key. */
+    name: z.string().regex(TOKEN, "agent name must be a path-safe token ([A-Za-z0-9_-])"),
+    /** The spawned agent's nkey id — the immutable identity `down -f` matches before stopping. */
+    id: z.string().min(1),
+    /** The resolved hash at spawn (drift/stale detection on re-apply). */
+    hash: z.string().regex(HASH, "hash must be alphanumeric"),
+});
+const LedgerSchema = z.strictObject({
+    apiVersion: z.literal(LEDGER_VERSION),
+    kind: z.literal("MeshLedger"),
+    runId: z.string().regex(TOKEN, "runId must be a path-safe token ([A-Za-z0-9_-])"),
+    space: z.string().min(1),
+    server: z.string().min(1),
+    /** Content hash of the source manifest — an INDEX for `down -f cotal.yaml` only, never authority. */
+    manifestHash: z.string().regex(HASH, "manifestHash must be alphanumeric"),
+    /** The source manifest path — operator/display context only; never derived from or deleted. */
+    manifestPath: z.string().min(1),
+    teardownMode: z.literal("ledger-scoped"),
+    created: z.strictObject({
+        /** Registry keys this run CREATED (brand-new only — never adopted/pre-existing). */
+        channels: z.array(z.string()),
+        agents: z.array(LedgerAgentSchema),
+    }),
+});
+/** Assemble a ledger from a `spawn -f` apply result. `agents` carry the manager-reply SPAWNED name
+ *  (cred-keying) + manifest `requested` key + nkey id + resolved hash; `channels` are the brand-new
+ *  registry keys this run created. */
+export function buildLedger(opts) {
+    return {
+        apiVersion: LEDGER_VERSION,
+        kind: "MeshLedger",
+        runId: opts.runId,
+        space: opts.space,
+        server: opts.server,
+        manifestHash: opts.manifestHash,
+        manifestPath: opts.manifestPath,
+        teardownMode: "ledger-scoped",
+        created: { channels: opts.channels, agents: opts.agents },
+    };
+}
+/** Stable index hash of the manifest source text — ties a `down -f cotal.yaml` back to its ledger
+ *  (an edited file no longer matches, so `down -f` fails rather than guessing; `--run` is the
+ *  escape hatch). NOT an integrity check and NOT ownership authority — only a lookup key. */
+export function hashManifestSource(src) {
+    return createHash("sha256").update(src).digest("hex").slice(0, 16);
+}
+/** Write the ledger to `<root>/.cotal/manifests/<runId>.json`, `0600`, atomically and refusing a
+ *  symlinked parent. A brand-new ledger is `wx` (exclusive create); an additive update (re-apply)
+ *  goes temp-then-rename so `down -f` never reads a half-written file. */
+export function writeLedger(root, ledger, opts = {}) {
+    const dir = ensureDirNoSymlink(root, ".cotal", "manifests");
+    const path = join(dir, `${ledger.runId}.json`);
+    const body = JSON.stringify(ledger, null, 2);
+    if (opts.update) {
+        // Atomic replace: write a fresh temp (exclusive — never follow a pre-planted symlink), then
+        // rename over the target. `rename` replaces the destination name itself, not a symlink target.
+        const tmp = join(dir, `.${ledger.runId}.${randomBytes(4).toString("hex")}.tmp`);
+        writeFileSync(tmp, body, { mode: 0o600, flag: "wx" });
+        renameSync(tmp, path);
+    }
+    else {
+        writeFileSync(path, body, { mode: 0o600, flag: "wx" });
+    }
+    return path;
+}
+/** Parse + strictly validate a ledger file as **untrusted input** — schema, unknown-key rejection,
+ *  token-safe run id / agent names, concrete channel keys, and duplicate detection — so the WHOLE
+ *  ledger is proven before the caller deletes anything (no partial "validated the class I'm about to
+ *  delete" flow). Throws on any deviation. */
+export function loadLedger(path) {
+    // No-follow: the ledger drives destructive teardown, so refuse a symlinked ledger file (a symlink
+    // could redirect `down -f` to attacker-chosen content). Callers also prove the parent dir chain.
+    let st;
+    try {
+        st = lstatSync(path);
+    }
+    catch (e) {
+        throw new Error(`ledger ${path}: ${e.message}`);
+    }
+    if (st.isSymbolicLink())
+        throw new Error(`refusing to read ledger "${path}": it is a symlink`);
+    if (!st.isFile())
+        throw new Error(`refusing to read ledger "${path}": not a regular file`);
+    let json;
+    try {
+        json = JSON.parse(readFileSync(path, "utf8"));
+    }
+    catch (e) {
+        throw new Error(`ledger ${path}: ${e.message}`);
+    }
+    const r = LedgerSchema.safeParse(json);
+    if (!r.success)
+        throw new Error(`ledger ${path}: ${r.error.issues.map((i) => `${i.path.join(".") || "<root>"}: ${i.message}`).join("; ")}`);
+    const led = r.data;
+    const agents = new Set();
+    for (const a of led.created.agents) {
+        assertValidName(a.name); // belt-and-suspenders past the regex — it names a derived cred path
+        if (agents.has(a.name))
+            throw new Error(`ledger ${path}: duplicate owned agent "${a.name}"`);
+        agents.add(a.name);
+    }
+    const channels = new Set();
+    for (const ch of led.created.channels) {
+        assertValidChannel(ch);
+        if (!isConcreteChannel(ch))
+            throw new Error(`ledger ${path}: owned channel "${ch}" is not concrete`);
+        if (channels.has(ch))
+            throw new Error(`ledger ${path}: duplicate owned channel "${ch}"`);
+        channels.add(ch);
+    }
+    return led;
+}
+/** Every valid ledger under `<root>/.cotal/manifests/`. Unparseable/foreign files are skipped (a
+ *  targeted `down -f --run <id>` names one directly); used to resolve a `down -f cotal.yaml` to its
+ *  run by `manifestHash`. */
+export function listLedgers(root) {
+    // Prove `.cotal/manifests` is a real (non-symlink) directory chain before reading under it — a
+    // symlinked parent could redirect `down -f` to attacker-chosen ledgers.
+    const dir = realDirNoSymlink(root, ".cotal", "manifests");
+    if (!dir)
+        return [];
+    let names;
+    try {
+        names = readdirSync(dir);
+    }
+    catch {
+        return [];
+    }
+    const out = [];
+    for (const n of names) {
+        if (!n.endsWith(".json") || n.startsWith("."))
+            continue;
+        const p = join(dir, n);
+        try {
+            const ledger = loadLedger(p);
+            if (`${ledger.runId}.json` !== n)
+                continue; // filename must match the declared runId (no spoofed authority)
+            out.push({ path: p, ledger });
+        }
+        catch {
+            /* skip — a foreign/corrupt file isn't this run's ledger; `--run` targets a known one */
+        }
+    }
+    return out;
+}
+/** Resolve a `down -f cotal.yaml` to its ledger by the manifest's content hash. Fails (never
+ *  guesses) when nothing matches (edited file) or more than one does — `--run <id>` is the escape. */
+export function findLedgerByHash(root, manifestHash) {
+    const matches = listLedgers(root).filter((l) => l.ledger.manifestHash === manifestHash);
+    if (matches.length === 0)
+        throw new Error(`no ledger matches this manifest's current contents (was it edited since \`spawn -f\`?) — tear down by run id: \`cotal down -f <file> --run <id>\``);
+    if (matches.length > 1)
+        throw new Error(`${matches.length} runs share this manifest — name one: ${matches.map((m) => m.ledger.runId).join(", ")} (\`--run <id>\`)`);
+    return matches[0];
+}
+/** Resolve a ledger by explicit run id (the `--run <id>` path). Validates the id is a safe token
+ *  before deriving the path. */
+export function findLedgerByRun(root, runId) {
+    assertValidName(runId);
+    const dir = realDirNoSymlink(root, ".cotal", "manifests"); // refuse a symlinked manifests parent
+    if (!dir)
+        throw new Error(`no ledger for run ${runId} (.cotal/manifests is absent)`);
+    const path = join(dir, `${runId}.json`);
+    const ledger = loadLedger(path); // loadLedger refuses a symlinked ledger file
+    // Bind the filename to the contents: a tampered `<runId>.json` whose body declares a DIFFERENT
+    // runId must not redirect teardown to that other run's derived run dir / resources.
+    if (ledger.runId !== runId)
+        throw new Error(`ledger ${path}: declares runId "${ledger.runId}", not "${runId}" — refusing`);
+    return { path, ledger };
+}
+/** Derive an owned agent's cred path under the known auth root — `<root>/.cotal/auth/creds/<name>.creds`
+ *  — from the SPAWNED name, rejecting any name that escapes the creds dir. The ledger never stores a
+ *  cred path; teardown derives it here and the caller deletes it no-follow ({@link unlinkFileNoFollow}). */
+export function ownedCredPath(root, spawnedName) {
+    assertValidName(spawnedName);
+    const dir = resolve(authDir(root), "creds");
+    const path = resolve(dir, `${spawnedName}.creds`);
+    if (dirname(path) !== dir)
+        throw new Error(`unsafe owned agent name "${spawnedName}" — cred path escapes ${dir}`);
+    return path;
+}
+//# sourceMappingURL=ledger.js.map

package/dist/lib/manifest/ledger.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ledger.js","sourceRoot":"","sources":["../../../src/lib/manifest/ledger.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC1F,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC9H,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,MAAM,CAAC,MAAM,cAAc,GAAG,iBAAiB,CAAC;AAEhD,iGAAiG;AACjG,kGAAkG;AAClG,MAAM,KAAK,GAAG,kBAAkB,CAAC;AACjC,MAAM,IAAI,GAAG,gBAAgB,CAAC;AAE9B,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,CAAC;IACvC;0FACsF;IACtF,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,0DAA0D,CAAC;IAC9F;0EACsE;IACtE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,sDAAsD,CAAC;IACrF,8FAA8F;IAC9F,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrB,sEAAsE;IACtE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,2BAA2B,CAAC;CAC1D,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,CAAC,CAAC,YAAY,CAAC;IAClC,UAAU,EAAE,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC;IACrC,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC;IAC7B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,iDAAiD,CAAC;IACjF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACxB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACzB,qGAAqG;IACrG,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,mCAAmC,CAAC;IACzE,+FAA+F;IAC/F,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/B,YAAY,EAAE,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC;IACxC,OAAO,EAAE,CAAC,CAAC,YAAY,CAAC;QACtB,oFAAoF;QACpF,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QAC7B,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC;KACnC,CAAC;CACH,CAAC,CAAC;AAKH;;sCAEsC;AACtC,MAAM,UAAU,WAAW,CAAC,IAQ3B;IACC,OAAO;QACL,UAAU,EAAE,cAAc;QAC1B,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,YAAY,EAAE,eAAe;QAC7B,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE;KAC1D,CAAC;AACJ,CAAC;AAED;;6FAE6F;AAC7F,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACrE,CAAC;AAED;;0EAE0E;AAC1E,MAAM,UAAU,WAAW,CAAC,IAAY,EAAE,MAAkB,EAAE,OAA6B,EAAE;IAC3F,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,KAAK,OAAO,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7C,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,4FAA4F;QAC5F,+FAA+F;QAC/F,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,KAAK,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAChF,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACtD,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;8CAG8C;AAC9C,MAAM,UAAU,UAAU,CAAC,IAAY;IACrC,kGAAkG;IAClG,iGAAiG;IACjG,IAAI,EAAE,CAAC;IACP,IAAI,CAAC;QACH,EAAE,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,KAAM,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,EAAE,CAAC,cAAc,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,IAAI,oBAAoB,CAAC,CAAC;IAC/F,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,IAAI,uBAAuB,CAAC,CAAC;IAC3F,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAChD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,KAAM,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,CAAC,GAAG,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACvC,IAAI,CAAC,CAAC,CAAC,OAAO;QACZ,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,QAAQ,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9H,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC;IACnB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IACjC,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACnC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,oEAAoE;QAC7F,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,4BAA4B,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;QAC7F,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IACnC,KAAK,MAAM,EAAE,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACvB,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,oBAAoB,EAAE,mBAAmB,CAAC,CAAC;QACrG,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,8BAA8B,EAAE,GAAG,CAAC,CAAC;QACzF,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACnB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;6BAE6B;AAC7B,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,+FAA+F;IAC/F,wEAAwE;IACxE,MAAM,GAAG,GAAG,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC1D,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAAgD,EAAE,CAAC;IAC5D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QACxD,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7B,IAAI,GAAG,MAAM,CAAC,KAAK,OAAO,KAAK,CAAC;gBAAE,SAAS,CAAC,gEAAgE;YAC5G,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,wFAAwF;QAC1F,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;sGACsG;AACtG,MAAM,UAAU,gBAAgB,CAAC,IAAY,EAAE,YAAoB;IACjE,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,KAAK,YAAY,CAAC,CAAC;IACxF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,mJAAmJ,CAAC,CAAC;IACvK,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,CAAC,MAAM,yCAAyC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAC9I,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC;AAED;gCACgC;AAChC,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,KAAa;IACzD,eAAe,CAAC,KAAK,CAAC,CAAC;IACvB,MAAM,GAAG,GAAG,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,sCAAsC;IACjG,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,KAAK,+BAA+B,CAAC,CAAC;IACrF,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,OAAO,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,6CAA6C;IAC9E,+FAA+F;IAC/F,oFAAoF;IACpF,IAAI,MAAM,CAAC,KAAK,KAAK,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,qBAAqB,MAAM,CAAC,KAAK,WAAW,KAAK,cAAc,CAAC,CAAC;IAC3H,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;AAC1B,CAAC;AAED;;4GAE4G;AAC5G,MAAM,UAAU,aAAa,CAAC,IAAY,EAAE,WAAmB;IAC7D,eAAe,CAAC,WAAW,CAAC,CAAC;IAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,WAAW,QAAQ,CAAC,CAAC;IAClD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,WAAW,yBAAyB,GAAG,EAAE,CAAC,CAAC;IAClH,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/lib/manifest/live.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+/**
+ * Live-mesh helpers for `cotal spawn -f` — the network half: a transient, invisible probe endpoint
+ * for reading the roster + membership feed, and the admin-tier control calls that drive the running
+ * manager's `launch` op. (Channel-registry reads use `readChannelRegistry`, which connects itself.)
+ */
+import { CotalEndpoint, type ControlReply, type Presence } from "@cotal-ai/core";
+export interface MeshConn {
+    space: string;
+    server: string;
+    creds?: string;
+}
+/** Connect a transient, presence-invisible endpoint (it watches the roster but doesn't register
+ *  itself) used to read live state + drive control. The caller stops it. */
+export declare function connectProbe(conn: MeshConn): Promise<CotalEndpoint>;
+/** Let the presence KV replay settle (roster count steady across two polls, ≤1s), then snapshot the
+ *  live peers — mirrors the dedup probe in `cotal spawn`. */
+export declare function settleRoster(ep: CotalEndpoint): Promise<Presence[]>;
+/** Poll the manager's control plane until it answers `ps` — it may have just been started detached,
+ *  so it needs a moment to connect + come up. Returns false on timeout. */
+export declare function waitManagerReady(ep: CotalEndpoint, timeoutMs?: number): Promise<boolean>;
+/** Ask the running manager to launch one resolved agent from the run spec, on the ADMIN tier (the
+ *  `launch` op is operator-only — a spawn-capable agent must not reach it). The manager derives
+ *  `.cotal/run/<runId>.json` itself; we pass the runId, never a path. */
+export declare function launchAgent(ep: CotalEndpoint, runId: string, name: string): Promise<ControlReply>;
+//# sourceMappingURL=live.d.ts.map

package/dist/lib/manifest/live.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"live.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/live.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,aAAa,EAAiB,KAAK,YAAY,EAAE,KAAK,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAEhG,MAAM,WAAW,QAAQ;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID;4EAC4E;AAC5E,wBAAsB,YAAY,CAAC,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,CAczE;AAED;6DAC6D;AAC7D,wBAAsB,YAAY,CAAC,EAAE,EAAE,aAAa,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,CASzE;AAED;2EAC2E;AAC3E,wBAAsB,gBAAgB,CAAC,EAAE,EAAE,aAAa,EAAE,SAAS,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,CAY9F;AAED;;yEAEyE;AACzE,wBAAsB,WAAW,CAAC,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAEvG"}