@flowdot.ai/daemon 1.0.0

package/dist/goals/PermissionBridge.js

@@ -0,0 +1,326 @@
+import { EventEmitter } from 'node:events';
+import { GoalError } from './errors.js';
+const noopLogger = {
+    debug: () => { },
+    info: () => { },
+    warn: () => { },
+    error: () => { },
+};
+const DEFAULT_CACHE_TTL_MS = 5 * 60 * 1000;
+const DEFAULT_MAX_CACHE_ENTRIES = 1000;
+const DEFAULT_MAX_AUDIT_ENTRIES = 10000;
+const CATEGORY_AUTO_APPROVE = new Set([
+    'file-read',
+    'web-search',
+]);
+const ALWAYS_REQUIRE_APPROVAL = new Set([
+    'command-execute',
+]);
+const DANGEROUS_PATTERNS = [
+    /\.env/i,
+    /\.ssh/i,
+    /\.git\/config/i,
+    /credentials/i,
+    /secret/i,
+    /\.pem$/i,
+    /\.key$/i,
+    /rm\s+-rf/i,
+    /sudo/i,
+    /git\s+push/i,
+    /npm\s+publish/i,
+    /chmod\s+777/i,
+    /mkfs/i,
+    /dd\s+if=/i,
+];
+export class PermissionBridgeError extends GoalError {
+    constructor(message, cause) {
+        super('PERMISSION_ERROR', message, cause ? { cause } : {});
+    }
+}
+export class PermissionBridge extends EventEmitter {
+    logger;
+    defaultApprovalMode;
+    cacheTtlMs;
+    maxCacheEntries;
+    enableAudit;
+    maxAuditEntries;
+    permissionsProvider;
+    cache = new Map();
+    auditLog = [];
+    sessionPermissions = new Map();
+    constructor(options = {}) {
+        super();
+        this.logger = options.logger ?? noopLogger;
+        this.defaultApprovalMode = options.defaultApprovalMode ?? 'full';
+        this.cacheTtlMs = options.cacheTtlMs ?? DEFAULT_CACHE_TTL_MS;
+        this.maxCacheEntries = options.maxCacheEntries ?? DEFAULT_MAX_CACHE_ENTRIES;
+        this.enableAudit = options.enableAudit ?? true;
+        this.maxAuditEntries = options.maxAuditEntries ?? DEFAULT_MAX_AUDIT_ENTRIES;
+        this.permissionsProvider = options.permissionsProvider;
+    }
+    async checkPermission(category, context, options = {}) {
+        try {
+            if (this.isDangerous(category, options)) {
+                const result = this.createResult(false, true, category, context.goal.approvalMode, 'Action matches dangerous pattern');
+                this.emit('permission-checked', result, context);
+                this.emit('approval-required', context);
+                return result;
+            }
+            const restrictionResult = this.checkGoalRestrictions(context.goal.restrictions, category, options);
+            if (!restrictionResult.allowed) {
+                const result = this.createResult(false, false, category, context.goal.approvalMode, restrictionResult.reason);
+                this.emit('permission-checked', result, context);
+                this.emit('permission-denied', result, context);
+                return result;
+            }
+            if (options.useCache !== false) {
+                const cached = this.checkCache(category, options);
+                if (cached !== null) {
+                    this.emit('cache-hit', { category, decision: cached });
+                    const result = this.createResultFromCached(cached, category, context.goal.approvalMode);
+                    this.emit('permission-checked', result, context);
+                    return result;
+                }
+                this.emit('cache-miss', { category });
+            }
+            const storedDecision = await this.checkStoredPermissions(category, options);
+            if (storedDecision !== null) {
+                this.cacheDecision(category, storedDecision, options);
+                const result = this.createResultFromCached(storedDecision, category, context.goal.approvalMode);
+                this.emit('permission-checked', result, context);
+                return result;
+            }
+            const sessionDecision = this.checkSessionPermissions(category, options);
+            if (sessionDecision !== null) {
+                const result = this.createResultFromCached(sessionDecision, category, context.goal.approvalMode);
+                this.emit('permission-checked', result, context);
+                return result;
+            }
+            const result = this.applyApprovalMode(category, context.goal.approvalMode);
+            this.emit('permission-checked', result, context);
+            if (result.requiresApproval) {
+                this.emit('approval-required', context);
+            }
+            else if (result.allowed) {
+                this.emit('permission-granted', result, context);
+            }
+            else {
+                this.emit('permission-denied', result, context);
+            }
+            return result;
+        }
+        catch (error) {
+            const err = error instanceof Error ? error : new Error(String(error));
+            this.logger.error('PERMISSION_BRIDGE', 'Permission check failed', {
+                error: err.message,
+            });
+            this.emit('error', err);
+            return this.createResult(false, false, category, context.goal.approvalMode, 'Permission check failed');
+        }
+    }
+    recordDecision(category, decision, options = {}) {
+        const key = this.getCacheKey(category, options);
+        if (options.scope === 'session' || !options.scope) {
+            this.sessionPermissions.set(key, decision);
+        }
+        this.cacheDecision(category, decision, options);
+        this.logger.debug('PERMISSION_BRIDGE', 'Decision recorded', {
+            category,
+            decision,
+            scope: options.scope ?? 'session',
+        });
+    }
+    logAudit(context, category, decision, approvalRequested, approvalGranted, target) {
+        if (!this.enableAudit)
+            return;
+        const entry = {
+            timestamp: new Date(),
+            goalHash: context.goal.hash,
+            taskId: context.task.id,
+            category,
+            decision,
+            approvalRequested,
+            approvalGranted,
+            target,
+        };
+        this.auditLog.push(entry);
+        this.emit('audit-logged', entry);
+        while (this.auditLog.length > this.maxAuditEntries) {
+            this.auditLog.shift();
+        }
+    }
+    checkGoalRestrictions(restrictions, category, _options) {
+        if (!restrictions) {
+            return { allowed: true };
+        }
+        if (restrictions.blockedActions?.includes(category)) {
+            return { allowed: false, reason: `Category ${category} is blocked by goal restrictions` };
+        }
+        if (restrictions.allowedCategories &&
+            !restrictions.allowedCategories.includes(category)) {
+            return { allowed: false, reason: `Category ${category} is not in allowed list` };
+        }
+        return { allowed: true };
+    }
+    isDangerous(category, options) {
+        const target = options.path ?? options.command ?? options.domain ?? '';
+        for (const pattern of DANGEROUS_PATTERNS) {
+            if (pattern.test(target)) {
+                this.logger.warn('PERMISSION_BRIDGE', 'Dangerous pattern detected', {
+                    pattern: pattern.toString(),
+                    target,
+                });
+                return true;
+            }
+        }
+        return false;
+    }
+    applyApprovalMode(category, approvalMode) {
+        switch (approvalMode) {
+            case 'full':
+                return this.createResult(false, true, category, approvalMode);
+            case 'category':
+                if (CATEGORY_AUTO_APPROVE.has(category)) {
+                    return this.createResult(true, false, category, approvalMode);
+                }
+                return this.createResult(false, true, category, approvalMode);
+            case 'trusted':
+                if (ALWAYS_REQUIRE_APPROVAL.has(category)) {
+                    return this.createResult(false, true, category, approvalMode);
+                }
+                return this.createResult(true, false, category, approvalMode);
+            default:
+                return this.createResult(false, true, category, approvalMode);
+        }
+    }
+    checkCache(category, options) {
+        const key = this.getCacheKey(category, options);
+        const entry = this.cache.get(key);
+        if (!entry)
+            return null;
+        if (Date.now() > entry.expiresAt) {
+            this.cache.delete(key);
+            return null;
+        }
+        return entry.decision;
+    }
+    cacheDecision(category, decision, options) {
+        const key = this.getCacheKey(category, options);
+        if (this.cache.size >= this.maxCacheEntries) {
+            const toRemove = Math.floor(this.maxCacheEntries * 0.1);
+            const keys = Array.from(this.cache.keys());
+            for (let i = 0; i < toRemove; i++) {
+                this.cache.delete(keys[i]);
+            }
+        }
+        this.cache.set(key, {
+            decision,
+            expiresAt: Date.now() + this.cacheTtlMs,
+        });
+    }
+    getCacheKey(category, options) {
+        const pattern = options.path ?? options.command ?? options.domain ?? '*';
+        return `${category}:${pattern}`;
+    }
+    clearCache() {
+        this.cache.clear();
+        this.logger.debug('PERMISSION_BRIDGE', 'Cache cleared');
+    }
+    async checkStoredPermissions(category, options) {
+        if (!this.permissionsProvider)
+            return null;
+        try {
+            const permissions = await this.permissionsProvider();
+            const pattern = options.path ?? options.command ?? options.domain;
+            for (const perm of permissions) {
+                if (perm.category !== category)
+                    continue;
+                if (perm.expiresAt && new Date(perm.expiresAt) < new Date()) {
+                    continue;
+                }
+                if (perm.pattern && pattern) {
+                    if (!this.matchesPattern(pattern, perm.pattern)) {
+                        continue;
+                    }
+                }
+                return perm.decision;
+            }
+            return null;
+        }
+        catch (error) {
+            this.logger.warn('PERMISSION_BRIDGE', 'Failed to load stored permissions', {
+                error: error instanceof Error ? error.message : String(error),
+            });
+            return null;
+        }
+    }
+    checkSessionPermissions(category, options) {
+        const key = this.getCacheKey(category, options);
+        return this.sessionPermissions.get(key) ?? null;
+    }
+    matchesPattern(value, pattern) {
+        const regex = new RegExp('^' +
+            pattern
+                .replace(/[.+^${}()|[\]\\]/g, '\\$&')
+                .replace(/\*/g, '.*')
+                .replace(/\?/g, '.') +
+            '$', 'i');
+        return regex.test(value);
+    }
+    createResult(allowed, requiresApproval, category, approvalMode, reason) {
+        return {
+            allowed,
+            requiresApproval,
+            reason,
+            approvalMode,
+            category,
+        };
+    }
+    createResultFromCached(decision, category, approvalMode) {
+        switch (decision) {
+            case 'allow':
+                return this.createResult(true, false, category, approvalMode);
+            case 'deny':
+                return this.createResult(false, false, category, approvalMode, 'Previously denied');
+            case 'ask':
+                return this.createResult(false, true, category, approvalMode);
+        }
+    }
+    getAuditLog(filters) {
+        let entries = this.auditLog;
+        if (filters?.goalHash) {
+            entries = entries.filter((e) => e.goalHash === filters.goalHash);
+        }
+        if (filters?.taskId) {
+            entries = entries.filter((e) => e.taskId === filters.taskId);
+        }
+        if (filters?.category) {
+            entries = entries.filter((e) => e.category === filters.category);
+        }
+        if (filters?.since) {
+            entries = entries.filter((e) => e.timestamp >= filters.since);
+        }
+        if (filters?.limit) {
+            entries = entries.slice(-filters.limit);
+        }
+        return entries;
+    }
+    clearAuditLog() {
+        this.auditLog.length = 0;
+        this.logger.debug('PERMISSION_BRIDGE', 'Audit log cleared');
+    }
+    clearSessionPermissions() {
+        this.sessionPermissions.clear();
+        this.logger.debug('PERMISSION_BRIDGE', 'Session permissions cleared');
+    }
+    getCacheStats() {
+        return {
+            cacheSize: this.cache.size,
+            sessionPermissions: this.sessionPermissions.size,
+            auditEntries: this.auditLog.length,
+        };
+    }
+}
+export function createPermissionBridge(options = {}) {
+    return new PermissionBridge(options);
+}

package/dist/goals/ProgressTracker.d.ts

@@ -0,0 +1,113 @@
+import { EventEmitter } from 'events';
+import type { Goal, GoalHash, Milestone, MilestoneId, Task, Logger } from './types.js';
+export interface GoalProgress {
+    readonly goalHash: GoalHash;
+    readonly title: string;
+    readonly status: string;
+    readonly overallProgress: number;
+    readonly milestoneProgress: MilestoneProgress[];
+    readonly taskStats: TaskStats;
+    readonly velocity: VelocityMetrics;
+    readonly estimatedCompletion: Date | null;
+    readonly lastUpdated: Date;
+}
+export interface MilestoneProgress {
+    readonly milestoneId: MilestoneId;
+    readonly title: string;
+    readonly progress: number;
+    readonly tasksTotal: number;
+    readonly tasksCompleted: number;
+    readonly tasksPending: number;
+    readonly tasksFailed: number;
+    readonly estimatedCompletion: Date | null;
+}
+export interface TaskStats {
+    readonly total: number;
+    readonly pending: number;
+    readonly inProgress: number;
+    readonly completed: number;
+    readonly failed: number;
+    readonly skipped: number;
+    readonly blocked: number;
+    readonly expired: number;
+}
+export interface VelocityMetrics {
+    readonly tasksPerDay: number;
+    readonly averageTaskDuration: number;
+    readonly completionRate: number;
+    readonly recentTrend: 'improving' | 'stable' | 'declining';
+    readonly dataPoints: number;
+}
+export interface ProgressSnapshot {
+    readonly id: string;
+    readonly goalHash: GoalHash;
+    readonly timestamp: Date;
+    readonly progress: number;
+    readonly taskStats: TaskStats;
+    readonly velocity: VelocityMetrics;
+}
+export interface TaskCompletionRecord {
+    readonly taskId: number;
+    readonly goalHash: GoalHash;
+    readonly completedAt: Date;
+    readonly durationMs: number;
+    readonly wasSuccessful: boolean;
+}
+export interface ProgressTrackerOptions {
+    readonly logger?: Logger;
+    readonly snapshotInterval?: number;
+    readonly velocityWindow?: number;
+    readonly maxSnapshots?: number;
+    readonly enableAutoSnapshots?: boolean;
+}
+export interface ProgressTrackerEvents {
+    'progress:updated': [goalHash: GoalHash, progress: GoalProgress];
+    'milestone:completed': [goalHash: GoalHash, milestoneId: MilestoneId];
+    'goal:completed': [goalHash: GoalHash];
+    'velocity:changed': [goalHash: GoalHash, velocity: VelocityMetrics];
+    'snapshot:created': [snapshot: ProgressSnapshot];
+    'estimate:updated': [goalHash: GoalHash, estimate: Date | null];
+    error: [error: Error];
+}
+export declare class ProgressTracker extends EventEmitter<ProgressTrackerEvents> {
+    private readonly logger;
+    private readonly snapshotInterval;
+    private readonly velocityWindow;
+    private readonly maxSnapshots;
+    private readonly enableAutoSnapshots;
+    private readonly completionRecords;
+    private readonly snapshots;
+    private readonly progressCache;
+    private snapshotTimer;
+    private snapshotCounter;
+    constructor(options?: ProgressTrackerOptions);
+    calculateProgress(goal: Goal, milestones: Milestone[], tasks: Task[]): GoalProgress;
+    recordTaskCompletion(taskId: number, goalHash: GoalHash, durationMs: number, wasSuccessful: boolean): void;
+    createSnapshot(goalHash: GoalHash): ProgressSnapshot | null;
+    getSnapshots(goalHash: GoalHash): ProgressSnapshot[];
+    getCachedProgress(goalHash: GoalHash): GoalProgress | undefined;
+    getProgressSummary(goalHashes: GoalHash[]): Map<GoalHash, GoalProgress>;
+    getAggregateStats(): {
+        totalGoals: number;
+        averageProgress: number;
+        totalTasks: number;
+        completedTasks: number;
+        averageVelocity: number;
+    };
+    calculateProgressTrend(goalHash: GoalHash, days?: number): {
+        date: Date;
+        progress: number;
+    }[];
+    getCompletionRate(goalHash: GoalHash): number;
+    clearGoalData(goalHash: GoalHash): void;
+    stop(): void;
+    private calculateTaskStats;
+    private calculateMilestoneProgress;
+    private calculateOverallProgress;
+    private calculateVelocity;
+    private determineTrend;
+    private estimateCompletion;
+    private hasVelocityChanged;
+    private startAutoSnapshots;
+}
+export declare function createProgressTracker(options?: ProgressTrackerOptions): ProgressTracker;