@cotal-ai/cli 0.7.0 → 0.8.0

package/dist/lib/manifest/prepare.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prepare.js","sourceRoot":"","sources":["../../../src/lib/manifest/prepare.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,OAAO,EAAE,iBAAiB,EAAiB,MAAM,gBAAgB,CAAC;AAgDlE;2EAC2E;AAC3E,MAAM,UAAU,YAAY,CAAC,KAAoB,EAAE,OAA6B,EAAE,QAAqB;IACrG,MAAM,MAAM,GAAoB,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,EAAE,GAAwB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAEvD,6FAA6F;IAC7F,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,OAAO,EAAE,KAAK,CAAC;IAC5C,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,OAAO,EAAE,IAAI,CAAC;IACzC,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,IAAI,OAAO,EAAE,WAAW,CAAC;IAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,YAAY,IAAI,OAAO,EAAE,OAAO,CAAC;IAEpD,qFAAqF;IACrF,IAAI,YAAY,GAAa,EAAE,CAAC;IAChC,IAAI,gBAAgB,GAAsC,MAAM,CAAC;IACjE,IAAI,KAAK,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;QAC/B,YAAY,GAAG,CAAC,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;QACvC,gBAAgB,GAAG,UAAU,CAAC;IAChC,CAAC;SAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,SAAS,IAAI,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;QACnF,YAAY,GAAG,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACzC,gBAAgB,GAAG,SAAS,CAAC;IAC/B,CAAC;IAED,mGAAmG;IACnG,MAAM,MAAM,GAAgB;QAC1B,SAAS,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC;QACtC,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC;QAChD,YAAY,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC;KAC7C,CAAC;IACF,MAAM,SAAS,GAAoB,EAAE,SAAS,EAAE,EAAE,EAAE,cAAc,EAAE,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;IAE7G,IAAI,KAAK,CAAC,kBAAkB,KAAK,SAAS,IAAI,OAAO,EAAE,CAAC;QACtD,MAAM,eAAe,GAAG,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;QAC1E,+FAA+F;QAC/F,oCAAoC;QACpC,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,gBAAgB,EAAE,eAAe,CAAC,EAAE,CAAC,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAU;YAClJ,KAAK,MAAM,EAAE,IAAI,IAAI,IAAI,EAAE;gBACzB,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACxB,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,WAAW,KAAK,KAAK,EAAE,mEAAmE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAErI,+FAA+F;QAC/F,MAAM,UAAU,GAAG,CAAC,IAA0B,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACxH,SAAS,CAAC,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACpD,SAAS,CAAC,cAAc,GAAG,UAAU,CAAC,eAAe,CAAC,CAAC;QACvD,SAAS,CAAC,YAAY,GAAG,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,SAAS,CAAC,YAAY,GAAG,gBAAgB,KAAK,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;QAE5E,MAAM,CAAC,SAAS,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;QACzE,MAAM,CAAC,cAAc,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,cAAc,EAAE,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC;QACxF,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,YAAY,EAAE,GAAG,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;IACpF,CAAC;IAED,uEAAuE;IACvE,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACnF,IAAI,OAAO,CAAC,MAAM;QAChB,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,qBAAqB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IAE3G,8FAA8F;IAC9F,iFAAiF;IACjF,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC;IAC1G,IAAI,QAAQ;QACV,QAAQ,CAAC,IAAI,CAAC;YACZ,KAAK,EAAE,KAAK,CAAC,IAAI;YACjB,IAAI,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC;YAC7B,OAAO,EAAE,YAAY,CAAC,MAAM;gBAC1B,CAAC,CAAC,+BAA+B,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,0EAA0E;gBAClI,CAAC,CAAC,yHAAyH;SAC9H,CAAC,CAAC;IAEL,OAAO;QACL,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK;YACL,IAAI;YACJ,WAAW;YACX,IAAI;YACJ,YAAY;YACZ,gBAAgB;YAChB,MAAM;YACN,SAAS;SACV;QACD,MAAM;QACN,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,MAAM,CAAI,EAAO;IACxB,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAC1B,CAAC"}

package/dist/lib/manifest/render.d.ts

@@ -0,0 +1,41 @@
+import type { PreparedManifest } from "./preflight.js";
+import type { AgentWarning } from "./prepare.js";
+import type { AgentPlan, ChannelPlan, UnmanagedReport } from "./spawn-plan.js";
+/** The full `topology view`: header, channel access, agent access, persona-inherited scopes, warnings. */
+export declare function renderTopology(p: PreparedManifest): string;
+/** The `cotal up -f --dry-run` plan: a fresh mesh creates everything, so the grouping is simply
+ *  "will create" — broker + channels + agents — followed by the full access view. Mutates nothing. */
+export declare function renderUpPlan(p: PreparedManifest, server: string): string;
+/** The loud "persona grants outside manifest channels" section — unmanaged credential scopes that
+ *  an old persona ref drags in under `personaPermissions: include`. Returns "" when there are none. */
+export declare function renderInherited(p: PreparedManifest): string;
+/** Render the non-fatal warnings (empty-ACL agents, loud when they carry capabilities). */
+export declare function renderWarnings(warnings: AgentWarning[]): string;
+/** The `cotal spawn -f` plan / `--dry-run`: deploy onto a RUNNING mesh. Groups channels and agents
+ *  by disposition (create / exists-unmanaged / owned · will-create / already-owned / stale), then the
+ *  SECURITY block + persona-inherited access. Creation-only — an existing unmanaged card is shown
+ *  desired-vs-live, never patched. */
+export declare function renderSpawnPlan(p: PreparedManifest, channels: ChannelPlan, agents: AgentPlan, unmanaged: UnmanagedReport, ctx: {
+    server: string;
+    runId: string;
+    dryRun: boolean;
+}): string;
+/** The SECURITY block: unmanaged actors observed with read access to a manifest-declared channel —
+ *  an isolation conflict on the shared mesh — phrased as an explicit LOWER BOUND (presence + the
+ *  broker membership feed; live-only core subscriptions aren't observable when the feed is absent).
+ *  Returns "" only when there's nothing to say AND the feed was readable. */
+export declare function renderUnmanaged(u: UnmanagedReport): string;
+/** Post-apply summary for `cotal spawn -f`: what was created/launched, what was left untouched, the
+ *  SECURITY block, and the exact ownership-scoped teardown command + ledger path. */
+export declare function renderSpawnSummary(ctx: {
+    space: string;
+    server: string;
+    runId: string;
+    ledgerPath: string;
+    manifestPath: string;
+    created: string[];
+    launched: string[];
+    existsUnmanaged: string[];
+    unmanaged: UnmanagedReport;
+}): string;
+//# sourceMappingURL=render.d.ts.map

package/dist/lib/manifest/render.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"render.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/render.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAU/E,0GAA0G;AAC1G,wBAAgB,cAAc,CAAC,CAAC,EAAE,gBAAgB,GAAG,MAAM,CAwC1D;AAED;sGACsG;AACtG,wBAAgB,YAAY,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAWxE;AAED;uGACuG;AACvG,wBAAgB,eAAe,CAAC,CAAC,EAAE,gBAAgB,GAAG,MAAM,CAqB3D;AAED,2FAA2F;AAC3F,wBAAgB,cAAc,CAAC,QAAQ,EAAE,YAAY,EAAE,GAAG,MAAM,CAG/D;AAED;;;sCAGsC;AACtC,wBAAgB,eAAe,CAC7B,CAAC,EAAE,gBAAgB,EACnB,QAAQ,EAAE,WAAW,EACrB,MAAM,EAAE,SAAS,EACjB,SAAS,EAAE,eAAe,EAC1B,GAAG,EAAE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,OAAO,CAAA;CAAE,GACtD,MAAM,CA+BR;AAED;;;6EAG6E;AAC7E,wBAAgB,eAAe,CAAC,CAAC,EAAE,eAAe,GAAG,MAAM,CAmB1D;AAED;qFACqF;AACrF,wBAAgB,kBAAkB,CAAC,GAAG,EAAE;IACtC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,SAAS,EAAE,eAAe,CAAC;CAC5B,GAAG,MAAM,CAWT"}

package/dist/lib/manifest/render.js

@@ -0,0 +1,177 @@
+/**
+ * Human-readable rendering of a prepared manifest — the `cotal topology view` output and the shared
+ * pieces of `--dry-run`. The native verbs get humane labels here so the field names aren't the only
+ * explanation (UX): `subscribe (auto-listens at boot)` etc. No mutation, no live state.
+ */
+import { c } from "../../ui.js";
+const LABEL = {
+    subscribe: "subscribe (auto-listens at boot)",
+    allowSubscribe: "allowSubscribe (may read/join)",
+    allowPublish: "allowPublish (may post)",
+};
+const list = (xs) => (xs.length ? xs.join(", ") : c.dim("(none)"));
+/** The full `topology view`: header, channel access, agent access, persona-inherited scopes, warnings. */
+export function renderTopology(p) {
+    const m = p.manifest;
+    const out = [];
+    const broker = m.broker?.servers ?? "fresh local broker";
+    out.push(c.bold(`Mesh "${m.space}"`) +
+        c.dim(`  (broker: ${broker} · runtime ${m.runtime ?? "pty"} · personaPermissions: ${m.personaPermissions})`));
+    // Channels — who subscribes / may read / may post (agent names).
+    out.push("", c.bold(`Channels (${m.channels.length})`));
+    for (const ch of m.channels) {
+        out.push(`  ${c.cyan("#" + ch.name)}${ch.description ? c.dim("  " + ch.description) : ""}`);
+        out.push(`      ${c.dim(LABEL.subscribe + ":")}      ${list(ch.subscribe)}`);
+        out.push(`      ${c.dim(LABEL.allowSubscribe + ":")}    ${list(ch.allowSubscribe)}`);
+        out.push(`      ${c.dim(LABEL.allowPublish + ":")}      ${list(ch.allowPublish)}`);
+        if (ch.instructions)
+            out.push(`      ${c.dim("instructions: " + ch.instructions)}`);
+    }
+    // Agents — effective merged access (manifest + any persona-inherited under `include`).
+    out.push("", c.bold(`Agents (${p.agents.length})`));
+    for (const a of p.agents) {
+        const src = a.persona ? `persona ${a.persona}` : "inline";
+        const meta = [a.agentType, a.model ? `model ${a.model}` : undefined, a.role ? `role ${a.role}` : undefined]
+            .filter(Boolean)
+            .join(" · ");
+        out.push(`  ${c.bold(a.name)}  ${c.dim(meta + " · " + src)}`);
+        out.push(`      ${c.dim(LABEL.subscribe + ":")}      ${list(a.policy.subscribe)}`);
+        out.push(`      ${c.dim(LABEL.allowSubscribe + ":")}    ${list(a.policy.allowSubscribe)}`);
+        out.push(`      ${c.dim(LABEL.allowPublish + ":")}      ${list(a.policy.allowPublish)}`);
+        if (a.capabilities.length)
+            out.push(`      ${c.dim("capabilities:")}      ${a.capabilities.join(", ")}${a.capabilitySource === "persona" ? c.dim(" (persona-inherited)") : ""}`);
+    }
+    const inherited = renderInherited(p);
+    if (inherited)
+        out.push("", inherited);
+    if (p.warnings.length)
+        out.push("", renderWarnings(p.warnings));
+    return out.join("\n");
+}
+/** The `cotal up -f --dry-run` plan: a fresh mesh creates everything, so the grouping is simply
+ *  "will create" — broker + channels + agents — followed by the full access view. Mutates nothing. */
+export function renderUpPlan(p, server) {
+    const m = p.manifest;
+    const head = [
+        c.bold("Plan — cotal up -f (fresh mesh)"),
+        c.bold("Will create:"),
+        `  ${c.green("+")} broker + space ${c.cyan(`"${m.space}"`)} at ${server}`,
+        `  ${c.green("+")} ${m.channels.length} channel(s): ${m.channels.map((ch) => c.cyan("#" + ch.name)).join(", ")}`,
+        `  ${c.green("+")} ${p.agents.length} agent(s): ${p.agents.map((a) => a.name).join(", ")}`,
+        "",
+    ].join("\n");
+    return `${head}${renderTopology(p)}\n\n${c.dim("Dry run — nothing was changed. Re-run without --dry-run to apply.")}`;
+}
+/** The loud "persona grants outside manifest channels" section — unmanaged credential scopes that
+ *  an old persona ref drags in under `personaPermissions: include`. Returns "" when there are none. */
+export function renderInherited(p) {
+    const rows = [];
+    for (const a of p.agents) {
+        const i = a.inherited;
+        const hasAcl = i.subscribe.length || i.allowSubscribe.length || i.allowPublish.length;
+        if (!hasAcl && !i.capabilities.length)
+            continue;
+        // Capabilities first — they are NOT channel-scoped (spawn/tool power), so they're easiest to miss
+        // and most security-significant (security review, round-8).
+        if (i.capabilities.length)
+            rows.push(`  ${c.yellow("‼")} ${c.bold(a.name)} capabilities: ${i.capabilities.join(", ")}  ${c.dim(`(persona ${a.persona} — not channel-scoped)`)}`);
+        if (hasAcl) {
+            const parts = [
+                i.subscribe.length ? `subscribe ${i.subscribe.join(",")}` : "",
+                i.allowSubscribe.length ? `read ${i.allowSubscribe.join(",")}` : "",
+                i.allowPublish.length ? `post ${i.allowPublish.join(",")}` : "",
+            ].filter(Boolean);
+            rows.push(`  ${c.bold(a.name)} → ${parts.join(" · ")}  ${c.dim(`(persona ${a.persona} · unmanaged by manifest, no card)`)}`);
+        }
+    }
+    if (!rows.length)
+        return "";
+    return [c.yellow(c.bold("⚠ Persona-inherited access + capabilities outside manifest channels")), ...rows].join("\n");
+}
+/** Render the non-fatal warnings (empty-ACL agents, loud when they carry capabilities). */
+export function renderWarnings(warnings) {
+    const rows = warnings.map((w) => `  ${w.loud ? c.yellow("‼") : c.dim("•")} ${c.bold(w.agent)}: ${w.message}`);
+    return [c.yellow(c.bold(`⚠ Warnings (${warnings.length})`)), ...rows].join("\n");
+}
+/** The `cotal spawn -f` plan / `--dry-run`: deploy onto a RUNNING mesh. Groups channels and agents
+ *  by disposition (create / exists-unmanaged / owned · will-create / already-owned / stale), then the
+ *  SECURITY block + persona-inherited access. Creation-only — an existing unmanaged card is shown
+ *  desired-vs-live, never patched. */
+export function renderSpawnPlan(p, channels, agents, unmanaged, ctx) {
+    const out = [c.bold(`Plan — cotal spawn -f (deploy onto running mesh ${ctx.server})`)];
+    out.push("", c.bold("Channels:"));
+    for (const ch of channels.create)
+        out.push(`  ${c.green("+")} create ${c.cyan("#" + ch.name)} ${c.dim("(seed + own)")}`);
+    for (const { channel, live } of channels.existsUnmanaged) {
+        out.push(`  ${c.yellow("~")} ${c.cyan("#" + channel.name)} ${c.yellow("exists — unmanaged")} ${c.dim("(card left untouched)")}`);
+        if ((channel.description ?? "") !== (live.description ?? ""))
+            out.push(`      ${c.dim(`desired: ${channel.description ?? "(none)"}  ·  live: ${live.description ?? "(none)"}`)}`);
+        if ((channel.instructions ?? "") !== (live.instructions ?? ""))
+            out.push(`      ${c.dim(`desired instructions differ from live — not applied (use a future --patch flag)`)}`);
+    }
+    for (const ch of channels.owned)
+        out.push(`  ${c.dim("=")} ${c.cyan("#" + ch.name)} ${c.dim("(already owned by this run)")}`);
+    if (!channels.create.length && !channels.existsUnmanaged.length && !channels.owned.length)
+        out.push(`  ${c.dim("(none)")}`);
+    out.push("", c.bold("Agents:"));
+    for (const e of agents.willCreate)
+        out.push(`  ${c.green("+")} ${c.bold(e.agent.name)} ${c.dim(`${e.agent.agentType} — will launch`)}`);
+    for (const e of agents.alreadyOwned)
+        out.push(`  ${c.dim("=")} ${c.bold(e.agent.name)} ${c.dim(`(already running as ${e.prior?.name} — no-op)`)}`);
+    for (const e of agents.stale)
+        out.push(`  ${c.yellow("!")} ${c.bold(e.agent.name)} ${c.yellow("stale — restart required")} ` +
+            c.dim(`(${e.prior?.name}: hash ${e.prior?.hash.slice(0, 8)} → ${e.hash.slice(0, 8)}${e.running ? "" : ", not running"})`));
+    if (!agents.entries.length)
+        out.push(`  ${c.dim("(none)")}`);
+    const sec = renderUnmanaged(unmanaged);
+    if (sec)
+        out.push("", sec);
+    const inherited = renderInherited(p);
+    if (inherited)
+        out.push("", inherited);
+    if (ctx.dryRun)
+        out.push("", c.dim(`Dry run — nothing was changed. Run ${ctx.runId} not written. Re-run without --dry-run to apply.`));
+    return out.join("\n");
+}
+/** The SECURITY block: unmanaged actors observed with read access to a manifest-declared channel —
+ *  an isolation conflict on the shared mesh — phrased as an explicit LOWER BOUND (presence + the
+ *  broker membership feed; live-only core subscriptions aren't observable when the feed is absent).
+ *  Returns "" only when there's nothing to say AND the feed was readable. */
+export function renderUnmanaged(u) {
+    const rows = [];
+    for (const ce of u.perChannel) {
+        const who = ce.actors.map((a) => `${a.name ?? a.id.slice(0, 8)} (${a.via})`).join(", ");
+        rows.push(`  ${c.red("‼")} ${c.cyan("#" + ce.channel)}: unmanaged ${who}`);
+    }
+    const caveat = u.feedAvailable
+        ? c.dim(`  detected via presence + membership feed (asOf ${new Date(u.asOf).toISOString()}); live-only core subscriptions are a lower bound`)
+        : c.dim("  membership feed unavailable — detection is PRESENCE-ONLY (a lower bound; channel membership/live subscriptions not observable)");
+    // Show the block when there are conflicts, or when the feed was unavailable (so an empty result is
+    // never mistaken for "provably isolated").
+    if (!rows.length && u.feedAvailable) {
+        return u.presentUnowned.length
+            ? c.dim(`note: ${u.presentUnowned.length} unmanaged peer(s) present on the mesh; none on a declared channel (${caveat.trim()})`)
+            : "";
+    }
+    const head = c.red(c.bold("⚠ SECURITY — unmanaged actors with access to declared channels"));
+    const tail = u.presentUnowned.length ? [c.dim(`  (${u.presentUnowned.length} unmanaged peer(s) present on the mesh in total)`)] : [];
+    return [head, ...rows, caveat, ...tail].join("\n");
+}
+/** Post-apply summary for `cotal spawn -f`: what was created/launched, what was left untouched, the
+ *  SECURITY block, and the exact ownership-scoped teardown command + ledger path. */
+export function renderSpawnSummary(ctx) {
+    const out = [c.green(`✓ deployed onto "${ctx.space}" (${ctx.server})`)];
+    if (ctx.created.length)
+        out.push(`  ${c.green("+")} created ${ctx.created.length} channel(s): ${ctx.created.map((n) => c.cyan("#" + n)).join(", ")}`);
+    if (ctx.launched.length)
+        out.push(`  ${c.green("+")} launched ${ctx.launched.length} agent(s): ${ctx.launched.join(", ")}`);
+    if (ctx.existsUnmanaged.length)
+        out.push(`  ${c.yellow("~")} left ${ctx.existsUnmanaged.length} existing channel(s) untouched: ${ctx.existsUnmanaged.map((n) => c.cyan("#" + n)).join(", ")}`);
+    const sec = renderUnmanaged(ctx.unmanaged);
+    if (sec)
+        out.push("", sec);
+    out.push("", c.dim(`Run ${ctx.runId} · ledger ${ctx.ledgerPath}`));
+    out.push(c.dim(`Tear down ONLY this deploy: `) + `cotal down -f ${ctx.manifestPath} --run ${ctx.runId}`);
+    return out.join("\n");
+}
+//# sourceMappingURL=render.js.map

package/dist/lib/manifest/render.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"render.js","sourceRoot":"","sources":["../../../src/lib/manifest/render.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,aAAa,CAAC;AAKhC,MAAM,KAAK,GAAG;IACZ,SAAS,EAAE,kCAAkC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,YAAY,EAAE,yBAAyB;CACxC,CAAC;AAEF,MAAM,IAAI,GAAG,CAAC,EAAY,EAAU,EAAE,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;AAErF,0GAA0G;AAC1G,MAAM,UAAU,cAAc,CAAC,CAAmB;IAChD,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IACrB,MAAM,GAAG,GAAa,EAAE,CAAC;IAEzB,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,IAAI,oBAAoB,CAAC;IACzD,GAAG,CAAC,IAAI,CACN,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,KAAK,GAAG,CAAC;QACzB,CAAC,CAAC,GAAG,CAAC,cAAc,MAAM,cAAc,CAAC,CAAC,OAAO,IAAI,KAAK,0BAA0B,CAAC,CAAC,kBAAkB,GAAG,CAAC,CAC/G,CAAC;IAEF,iEAAiE;IACjE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACxD,KAAK,MAAM,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5F,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC7E,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;QACrF,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,SAAS,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QACnF,IAAI,EAAE,CAAC,YAAY;YAAE,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,gBAAgB,GAAG,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACtF,CAAC;IAED,uFAAuF;IACvF,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACpD,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;QAC1D,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;aACxG,MAAM,CAAC,OAAO,CAAC;aACf,IAAI,CAAC,KAAK,CAAC,CAAC;QACf,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9D,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACnF,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;QAC3F,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QACzF,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM;YACvB,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,gBAAgB,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1J,CAAC;IAED,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,SAAS;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAEvC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAChE,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AAED;sGACsG;AACtG,MAAM,UAAU,YAAY,CAAC,CAAmB,EAAE,MAAc;IAC9D,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IACrB,MAAM,IAAI,GAAG;QACX,CAAC,CAAC,IAAI,CAAC,iCAAiC,CAAC;QACzC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtB,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,OAAO,MAAM,EAAE;QACzE,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,gBAAgB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAChH,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,cAAc,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC1F,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACb,OAAO,GAAG,IAAI,GAAG,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,mEAAmE,CAAC,EAAE,CAAC;AACxH,CAAC;AAED;uGACuG;AACvG,MAAM,UAAU,eAAe,CAAC,CAAmB;IACjD,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC;QACtB,MAAM,MAAM,GAAG,CAAC,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;QACtF,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM;YAAE,SAAS;QAChD,kGAAkG;QAClG,4DAA4D;QAC5D,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM;YACvB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,OAAO,wBAAwB,CAAC,EAAE,CAAC,CAAC;QACxJ,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,KAAK,GAAG;gBACZ,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;gBAC9D,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;gBACnE,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;aAChE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAClB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,OAAO,oCAAoC,CAAC,EAAE,CAAC,CAAC;QAC/H,CAAC;IACH,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,CAAC;IAC5B,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACvH,CAAC;AAED,2FAA2F;AAC3F,MAAM,UAAU,cAAc,CAAC,QAAwB;IACrD,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IAC9G,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACnF,CAAC;AAED;;;sCAGsC;AACtC,MAAM,UAAU,eAAe,CAC7B,CAAmB,EACnB,QAAqB,EACrB,MAAiB,EACjB,SAA0B,EAC1B,GAAuD;IAEvD,MAAM,GAAG,GAAa,CAAC,CAAC,CAAC,IAAI,CAAC,mDAAmD,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAEjG,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;IAClC,KAAK,MAAM,EAAE,IAAI,QAAQ,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;IACzH,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;QACzD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;QACjI,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC;YAC1D,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,YAAY,OAAO,CAAC,WAAW,IAAI,QAAQ,cAAc,IAAI,CAAC,WAAW,IAAI,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QACtH,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC;YAC5D,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,iFAAiF,CAAC,EAAE,CAAC,CAAC;IAClH,CAAC;IACD,KAAK,MAAM,EAAE,IAAI,QAAQ,CAAC,KAAK;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;IAC9H,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAE5H,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,UAAU;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,SAAS,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACxI,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,YAAY;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IACnJ,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK;QAC1B,GAAG,CAAC,IAAI,CACN,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,0BAA0B,CAAC,GAAG;YACnF,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,IAAI,UAAU,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,GAAG,CAAC,CAC5H,CAAC;IACJ,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAE7D,MAAM,GAAG,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IACvC,IAAI,GAAG;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IAC3B,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,SAAS;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IACvC,IAAI,GAAG,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,sCAAsC,GAAG,CAAC,KAAK,kDAAkD,CAAC,CAAC,CAAC;IACvI,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AAED;;;6EAG6E;AAC7E,MAAM,UAAU,eAAe,CAAC,CAAkB;IAChD,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,EAAE,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxF,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,eAAe,GAAG,EAAE,CAAC,CAAC;IAC7E,CAAC;IACD,MAAM,MAAM,GAAG,CAAC,CAAC,aAAa;QAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,mDAAmD,IAAI,IAAI,CAAC,CAAC,CAAC,IAAc,CAAC,CAAC,WAAW,EAAE,mDAAmD,CAAC;QACvJ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,kIAAkI,CAAC,CAAC;IAC9I,mGAAmG;IACnG,2CAA2C;IAC3C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;QACpC,OAAO,CAAC,CAAC,cAAc,CAAC,MAAM;YAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,MAAM,uEAAuE,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC;YAChI,CAAC,CAAC,EAAE,CAAC;IACT,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC,CAAC;IAC7F,MAAM,IAAI,GAAG,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,MAAM,kDAAkD,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACrI,OAAO,CAAC,IAAI,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED;qFACqF;AACrF,MAAM,UAAU,kBAAkB,CAAC,GAUlC;IACC,MAAM,GAAG,GAAa,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,GAAG,CAAC,KAAK,MAAM,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAClF,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,OAAO,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtJ,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM;QAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,GAAG,CAAC,QAAQ,CAAC,MAAM,cAAc,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5H,IAAI,GAAG,CAAC,eAAe,CAAC,MAAM;QAC5B,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,eAAe,CAAC,MAAM,mCAAmC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjK,MAAM,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC3C,IAAI,GAAG;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IAC3B,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,KAAK,aAAa,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IACnE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,8BAA8B,CAAC,GAAG,iBAAiB,GAAG,CAAC,YAAY,UAAU,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;IACzG,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC"}

package/dist/lib/manifest/resolve.d.ts

@@ -0,0 +1,5 @@
+import type { ResolvedManifest } from "./model.js";
+/** Parse + validate a manifest source into the resolved model. `sourcePath` anchors relative
+ *  persona refs and locates errors. */
+export declare function resolveManifest(src: string, sourcePath: string): ResolvedManifest;
+//# sourceMappingURL=resolve.d.ts.map

package/dist/lib/manifest/resolve.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/resolve.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAmE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAGpH;uCACuC;AACvC,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,gBAAgB,CA4EjF"}

package/dist/lib/manifest/resolve.js

@@ -0,0 +1,185 @@
+/**
+ * The pure manifest pipeline (no network, no persona-file reads — those are preflight):
+ *
+ *   parse (YAML, keep line/col) → schema (strict Zod) → normalize + invert (channel-centric →
+ *   per-agent ACLs) → semantic checks (names resolve, allowSubscribe ⊇ subscribe, concrete tokens).
+ *
+ * Returns a {@link ResolvedManifest}; throws {@link ManifestError} with every problem located by
+ * file + line. Stages 1–4 of the plan — deterministic and unit-testable.
+ */
+import { isAbsolute, resolve as resolvePath, dirname } from "node:path";
+import { parseDocument, LineCounter } from "yaml";
+import { assertValidChannel, assertValidName, isConcreteChannel } from "@cotal-ai/core";
+import { MeshManifestSchema } from "./schema.js";
+import { ManifestError } from "./errors.js";
+/** Parse + validate a manifest source into the resolved model. `sourcePath` anchors relative
+ *  persona refs and locates errors. */
+export function resolveManifest(src, sourcePath) {
+    const lc = new LineCounter();
+    const doc = parseDocument(src, { lineCounter: lc });
+    // Best-effort location: try the exact node, then walk up the path (union/object-level errors
+    // often have no node of their own), finally the document root. Diagnostics only — never on the
+    // resolved model (engineer, round-6).
+    const locate = (path) => {
+        if (!path)
+            return {};
+        const p = [...path];
+        for (;;) {
+            const node = doc.getIn(p, true);
+            if (node?.range) {
+                const { line, col } = lc.linePos(node.range[0]);
+                return { line, col };
+            }
+            if (p.length === 0)
+                return {};
+            p.pop();
+        }
+    };
+    // 1. Parse. Syntax errors + duplicate map keys (yaml enforces unique keys) surface here.
+    if (doc.errors.length)
+        throw new ManifestError(sourcePath, doc.errors.map((e) => ({ message: e.message.split("\n")[0], line: e.linePos?.[0]?.line, col: e.linePos?.[0]?.col })));
+    // Targeted message for the single-space deferral before the strict schema rejects it generically.
+    if (doc.has("spaces"))
+        throw new ManifestError(sourcePath, [
+            { message: "`spaces:` is not supported in v1 (single-space) — use a scalar `space:`", path: ["spaces"], ...locate(["spaces"]) },
+        ]);
+    // 2. Schema (strict): shape + unknown-key rejection. Map every Zod issue back to a located line.
+    const parsed = MeshManifestSchema.safeParse(doc.toJS());
+    if (!parsed.success)
+        throw new ManifestError(sourcePath, parsed.error.issues.map((iss) => {
+            const path = iss.path.filter((p) => typeof p !== "symbol");
+            // Point the line at the offending unknown key, not just its containing object.
+            const keys = iss.keys;
+            const locPath = iss.code === "unrecognized_keys" && keys?.length ? [...path, keys[0]] : path;
+            return { message: iss.message, path, ...locate(locPath) };
+        }));
+    const raw = parsed.data;
+    // 3 + 4. Normalize/invert and run pure semantic checks, collecting every problem in one pass.
+    const issues = [];
+    const add = (message, path) => issues.push({ message, path, ...locate(path) });
+    const agentNames = new Set(Object.keys(raw.agents ?? {}));
+    for (const name of agentNames)
+        try {
+            assertValidName(name);
+        }
+        catch (e) {
+            add(e.message, ["agents", name]);
+        }
+    if (raw.broker)
+        validateBroker(raw.broker, add);
+    const channels = normalizeChannels(raw, agentNames, add);
+    const agents = resolveAgents(raw, channels, sourcePath, add);
+    if (issues.length)
+        throw new ManifestError(sourcePath, issues);
+    return {
+        space: raw.space,
+        broker: raw.broker,
+        runtime: raw.runtime,
+        personaPermissions: raw.personaPermissions ?? "reject",
+        defaults: raw.defaults,
+        agents,
+        channels,
+        sourcePath,
+    };
+}
+/** Normalize each channel (default `allowSubscribe` ⇐ `subscribe`, dedup) and run the channel-level
+ *  semantic checks: concrete token, every referenced name resolves, `allowSubscribe ⊇ subscribe`. */
+function normalizeChannels(raw, agentNames, add) {
+    const out = [];
+    for (const [name, entry] of Object.entries(raw.channels)) {
+        try {
+            assertValidChannel(name);
+            if (!isConcreteChannel(name))
+                throw new Error(`channel "${name}" must be concrete — wildcard channels are not supported in v1`);
+        }
+        catch (e) {
+            add(e.message, ["channels", name]);
+        }
+        const subscribe = dedupe(entry.subscribe ?? []);
+        const allowSubscribe = entry.allowSubscribe ? dedupe(entry.allowSubscribe) : [...subscribe];
+        const allowPublish = dedupe(entry.allowPublish ?? []);
+        // Every name listed under a channel must resolve to an `agents:` entry (no silent default).
+        for (const [field, names] of [["subscribe", subscribe], ["allowSubscribe", allowSubscribe], ["allowPublish", allowPublish]])
+            for (const n of names)
+                if (!agentNames.has(n))
+                    add(`"${n}" is not declared in agents:`, ["channels", name, field]);
+        // An explicit allowSubscribe must be a superset of subscribe (the read-ACL invariant).
+        const missing = subscribe.filter((n) => !allowSubscribe.includes(n));
+        if (missing.length)
+            add(`subscribe [${missing.join(", ")}] not in allowSubscribe — a subscriber must be allowed to read`, ["channels", name, "allowSubscribe"]);
+        out.push({
+            name,
+            description: entry.description,
+            instructions: entry.instructions,
+            subscribe,
+            allowSubscribe,
+            allowPublish,
+            replay: entry.replay,
+            replayWindow: entry.replayWindow,
+            deliveryClass: entry.deliveryClass,
+        });
+    }
+    return out;
+}
+/** Build each agent's resolved form: its persona source (file/inline) + the per-agent ACLs inverted
+ *  from channel membership. Behavior overrides are carried verbatim; the persona default is filled
+ *  in during preflight (which reads the file). */
+function resolveAgents(raw, channels, sourcePath, add) {
+    const topPolicy = raw.personaPermissions ?? "reject";
+    const dir = dirname(sourcePath);
+    const personaPath = (ref) => (isAbsolute(ref) ? ref : resolvePath(dir, ref));
+    // No silent default connector (matches roster.yaml): an agent needs its own `agent:` or the
+    // top-level default. Fail loud rather than guessing claude/opencode.
+    const connector = (name, own) => {
+        const t = own ?? raw.agent;
+        if (!t)
+            add(`no connector for "${name}" — set \`agent:\` on it or a top-level \`agent:\` default`, ["agents", name]);
+        return t ?? "";
+    };
+    // After schema preprocessing every entry is the object form (a bare string was normalized to
+    // `{ persona }`), so there's a single shape to read here.
+    return Object.entries(raw.agents ?? {}).map(([name, entry]) => ({
+        name,
+        agentType: connector(name, entry.agent),
+        persona: entry.persona ? personaPath(entry.persona) : undefined,
+        model: entry.model,
+        role: entry.role,
+        description: entry.description,
+        instructions: entry.instructions,
+        capabilities: entry.capabilities,
+        personaPermissions: entry.personaPermissions ?? topPolicy,
+        policy: invertPolicy(name, channels),
+    }));
+}
+/** Invert channel-centric membership into one agent's per-channel ACLs (the channels it appears in). */
+function invertPolicy(name, channels) {
+    return {
+        subscribe: channels.filter((c) => c.subscribe.includes(name)).map((c) => c.name),
+        allowSubscribe: channels.filter((c) => c.allowSubscribe.includes(name)).map((c) => c.name),
+        allowPublish: channels.filter((c) => c.allowPublish.includes(name)).map((c) => c.name),
+    };
+}
+/** Reject inline credentials in the broker config: a `nats://user:pass@host` URL must use the
+ *  auth creds/profile path, not embedded secrets (critic, round-6); `host` is a bind address, not
+ *  a URL. Each server entry must parse as a URL (no silent fallback). */
+function validateBroker(broker, add) {
+    if (broker.host?.includes("://"))
+        add(`broker.host is a bind address (e.g. 127.0.0.1), not a URL — drop the scheme`, ["broker", "host"]);
+    if (broker.servers)
+        for (const s of broker.servers.split(",").map((x) => x.trim()).filter(Boolean)) {
+            let u;
+            try {
+                u = new URL(s);
+            }
+            catch {
+                add(`broker.servers entry "${s}" is not a valid URL (e.g. nats://127.0.0.1:4222)`, ["broker", "servers"]);
+                continue;
+            }
+            if (u.username || u.password)
+                add(`broker.servers must not embed credentials ("${u.username}:***@…") — use auth creds/profile, not inline secrets`, ["broker", "servers"]);
+        }
+}
+function dedupe(xs) {
+    return [...new Set(xs)];
+}
+//# sourceMappingURL=resolve.js.map

package/dist/lib/manifest/resolve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve.js","sourceRoot":"","sources":["../../../src/lib/manifest/resolve.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,EAAE,UAAU,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxF,OAAO,EAAE,kBAAkB,EAAoB,MAAM,aAAa,CAAC;AAEnE,OAAO,EAAE,aAAa,EAAsB,MAAM,aAAa,CAAC;AAEhE;uCACuC;AACvC,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,UAAkB;IAC7D,MAAM,EAAE,GAAG,IAAI,WAAW,EAAE,CAAC;IAC7B,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;IACpD,6FAA6F;IAC7F,+FAA+F;IAC/F,sCAAsC;IACtC,MAAM,MAAM,GAAG,CAAC,IAA0B,EAAmC,EAAE;QAC7E,IAAI,CAAC,IAAI;YAAE,OAAO,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QACpB,SAAS,CAAC;YACR,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAqD,CAAC;YACpF,IAAI,IAAI,EAAE,KAAK,EAAE,CAAC;gBAChB,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAChD,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,EAAE,CAAC;YAC9B,CAAC,CAAC,GAAG,EAAE,CAAC;QACV,CAAC;IACH,CAAC,CAAC;IAEF,yFAAyF;IACzF,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM;QACnB,MAAM,IAAI,aAAa,CACrB,UAAU,EACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CACrH,CAAC;IAEJ,kGAAkG;IAClG,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC;QACnB,MAAM,IAAI,aAAa,CAAC,UAAU,EAAE;YAClC,EAAE,OAAO,EAAE,yEAAyE,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE;SAChI,CAAC,CAAC;IAEL,iGAAiG;IACjG,MAAM,MAAM,GAAG,kBAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACxD,IAAI,CAAC,MAAM,CAAC,OAAO;QACjB,MAAM,IAAI,aAAa,CACrB,UAAU,EACV,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAwB,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YACjF,+EAA+E;YAC/E,MAAM,IAAI,GAAI,GAA2B,CAAC,IAAI,CAAC;YAC/C,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,KAAK,mBAAmB,IAAI,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7F,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,CAAC,CAAC,CACH,CAAC;IACJ,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC;IAExB,8FAA8F;IAC9F,MAAM,MAAM,GAAoB,EAAE,CAAC;IACnC,MAAM,GAAG,GAAG,CAAC,OAAe,EAAE,IAA0B,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE7G,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;IAC1D,KAAK,MAAM,IAAI,IAAI,UAAU;QAC3B,IAAI,CAAC;YACH,eAAe,CAAC,IAAI,CAAC,CAAC;QACxB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAE,CAAW,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;QAC9C,CAAC;IAEH,IAAI,GAAG,CAAC,MAAM;QAAE,cAAc,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAE7D,IAAI,MAAM,CAAC,MAAM;QAAE,MAAM,IAAI,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAE/D,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,kBAAkB,EAAE,GAAG,CAAC,kBAAkB,IAAI,QAAQ;QACtD,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,MAAM;QACN,QAAQ;QACR,UAAU;KACX,CAAC;AACJ,CAAC;AAED;qGACqG;AACrG,SAAS,iBAAiB,CACxB,GAAgB,EAChB,UAAuB,EACvB,GAA0D;IAE1D,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,kBAAkB,CAAC,IAAI,CAAC,CAAC;YACzB,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,gEAAgE,CAAC,CAAC;QAClI,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAE,CAAW,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;QAChD,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC;QAC5F,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAEtD,4FAA4F;QAC5F,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,SAAS,CAAC,EAAE,CAAC,gBAAgB,EAAE,cAAc,CAAC,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC,CAAU;YAClI,KAAK,MAAM,CAAC,IAAI,KAAK;gBACnB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;oBAAE,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;QAEhG,uFAAuF;QACvF,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,OAAO,CAAC,MAAM;YAChB,GAAG,CAAC,cAAc,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,gEAAgE,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAE9I,GAAG,CAAC,IAAI,CAAC;YACP,IAAI;YACJ,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,SAAS;YACT,cAAc;YACd,YAAY;YACZ,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,aAAa,EAAE,KAAK,CAAC,aAAa;SACnC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;kDAEkD;AAClD,SAAS,aAAa,CACpB,GAAgB,EAChB,QAA2B,EAC3B,UAAkB,EAClB,GAA0D;IAE1D,MAAM,SAAS,GAAuB,GAAG,CAAC,kBAAkB,IAAI,QAAQ,CAAC;IACzE,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAChC,MAAM,WAAW,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IACrF,4FAA4F;IAC5F,qEAAqE;IACrE,MAAM,SAAS,GAAG,CAAC,IAAY,EAAE,GAAY,EAAU,EAAE;QACvD,MAAM,CAAC,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,CAAC;YAAE,GAAG,CAAC,qBAAqB,IAAI,4DAA4D,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;QACrH,OAAO,CAAC,IAAI,EAAE,CAAC;IACjB,CAAC,CAAC;IAEF,6FAA6F;IAC7F,0DAA0D;IAC1D,OAAO,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,IAAI;QACJ,SAAS,EAAE,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC;QACvC,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/D,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAS;QACzD,MAAM,EAAE,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC;KACrC,CAAC,CAAC,CAAC;AACN,CAAC;AAED,wGAAwG;AACxG,SAAS,YAAY,CAAC,IAAY,EAAE,QAA2B;IAC7D,OAAO;QACL,SAAS,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAChF,cAAc,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC1F,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;KACvF,CAAC;AACJ,CAAC;AAED;;yEAEyE;AACzE,SAAS,cAAc,CAAC,MAA0C,EAAE,GAAiD;IACnH,IAAI,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC;QAC9B,GAAG,CAAC,6EAA6E,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;IACzG,IAAI,MAAM,CAAC,OAAO;QAChB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/E,IAAI,CAAM,CAAC;YACX,IAAI,CAAC;gBACH,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;YAAC,MAAM,CAAC;gBACP,GAAG,CAAC,yBAAyB,CAAC,mDAAmD,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;gBAC1G,SAAS;YACX,CAAC;YACD,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;gBAC1B,GAAG,CAAC,+CAA+C,CAAC,CAAC,QAAQ,uDAAuD,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;QACjJ,CAAC;AACL,CAAC;AAED,SAAS,MAAM,CAAI,EAAO;IACxB,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAC1B,CAAC"}

package/dist/lib/manifest/schema.d.ts

@@ -0,0 +1,103 @@
+/**
+ * The mesh-manifest schema (`cotal.yaml`, `kind: Mesh`) — the strict Zod shape the parser
+ * validates before any normalization. Strict objects reject unknown keys (no silent ignore —
+ * matches the repo's "no fallbacks" rule); the resolved/inverted model lives in {@link ./model.js}.
+ *
+ * This is shape-only: cross-field rules (names resolve to an agent, `allowSubscribe ⊇ subscribe`,
+ * concrete channel tokens) are pure semantic checks in {@link ./resolve.js}, where they can report
+ * the offending file + line.
+ */
+import { z } from "zod";
+/** An `agents:` value is a string (bare persona path) OR the object above. A plain `z.union`
+ *  collapses an object with a bad key to a useless "Invalid input", so normalize the string form to
+ *  `{ persona }` first and validate the one strict object — its real errors (unrecognized key, …)
+ *  then surface with their path. */
+declare const AgentEntry: z.ZodPreprocess<z.ZodObject<{
+    persona: z.ZodOptional<z.ZodString>;
+    agent: z.ZodOptional<z.ZodString>;
+    model: z.ZodOptional<z.ZodString>;
+    role: z.ZodOptional<z.ZodString>;
+    description: z.ZodOptional<z.ZodString>;
+    instructions: z.ZodOptional<z.ZodString>;
+    capabilities: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    personaPermissions: z.ZodOptional<z.ZodEnum<{
+        reject: "reject";
+        include: "include";
+    }>>;
+}, z.core.$strict>>;
+/** A channel carries its registry card (description/instructions + replay knobs — the existing
+ *  ChannelConfig fields) plus the three native access verbs listed per-channel (agents under it). */
+declare const ChannelEntry: z.ZodObject<{
+    description: z.ZodOptional<z.ZodString>;
+    instructions: z.ZodOptional<z.ZodString>;
+    subscribe: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    allowSubscribe: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    allowPublish: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    replay: z.ZodOptional<z.ZodBoolean>;
+    replayWindow: z.ZodOptional<z.ZodString>;
+    deliveryClass: z.ZodOptional<z.ZodEnum<{
+        live: "live";
+        durable: "durable";
+    }>>;
+}, z.core.$strict>;
+/** The whole manifest. `apiVersion`/`kind` are literals so a foreign YAML doc is rejected up front;
+ *  `agents` and `channels` are required maps. */
+export declare const MeshManifestSchema: z.ZodObject<{
+    apiVersion: z.ZodLiteral<"cotal/v1">;
+    kind: z.ZodLiteral<"Mesh">;
+    space: z.ZodString;
+    broker: z.ZodOptional<z.ZodObject<{
+        servers: z.ZodOptional<z.ZodString>;
+        host: z.ZodOptional<z.ZodString>;
+        auth: z.ZodOptional<z.ZodBoolean>;
+    }, z.core.$strict>>;
+    runtime: z.ZodOptional<z.ZodEnum<{
+        pty: "pty";
+        tmux: "tmux";
+        cmux: "cmux";
+    }>>;
+    agent: z.ZodOptional<z.ZodString>;
+    personaPermissions: z.ZodOptional<z.ZodEnum<{
+        reject: "reject";
+        include: "include";
+    }>>;
+    agents: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodPreprocess<z.ZodObject<{
+        persona: z.ZodOptional<z.ZodString>;
+        agent: z.ZodOptional<z.ZodString>;
+        model: z.ZodOptional<z.ZodString>;
+        role: z.ZodOptional<z.ZodString>;
+        description: z.ZodOptional<z.ZodString>;
+        instructions: z.ZodOptional<z.ZodString>;
+        capabilities: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        personaPermissions: z.ZodOptional<z.ZodEnum<{
+            reject: "reject";
+            include: "include";
+        }>>;
+    }, z.core.$strict>>>>;
+    defaults: z.ZodOptional<z.ZodObject<{
+        replay: z.ZodOptional<z.ZodBoolean>;
+        replayWindow: z.ZodOptional<z.ZodString>;
+        deliveryClass: z.ZodOptional<z.ZodEnum<{
+            live: "live";
+            durable: "durable";
+        }>>;
+    }, z.core.$strict>>;
+    channels: z.ZodRecord<z.ZodString, z.ZodObject<{
+        description: z.ZodOptional<z.ZodString>;
+        instructions: z.ZodOptional<z.ZodString>;
+        subscribe: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        allowSubscribe: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        allowPublish: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        replay: z.ZodOptional<z.ZodBoolean>;
+        replayWindow: z.ZodOptional<z.ZodString>;
+        deliveryClass: z.ZodOptional<z.ZodEnum<{
+            live: "live";
+            durable: "durable";
+        }>>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+export type RawManifest = z.infer<typeof MeshManifestSchema>;
+export type RawAgentEntry = z.infer<typeof AgentEntry>;
+export type RawChannelEntry = z.infer<typeof ChannelEntry>;
+export {};
+//# sourceMappingURL=schema.d.ts.map

package/dist/lib/manifest/schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/lib/manifest/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA2BxB;;;oCAGoC;AACpC,QAAA,MAAM,UAAU;;;;;;;;;;;;mBAAsF,CAAC;AAEvG;qGACqG;AACrG,QAAA,MAAM,YAAY;;;;;;;;;;;;kBAShB,CAAC;AAcH;iDACiD;AACjD,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAc7B,CAAC;AAEH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAC7D,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,UAAU,CAAC,CAAC;AACvD,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC"}