@germanescobar/anita 0.3.0

package/dist/agent/policies.js

@@ -0,0 +1,177 @@
+const SAFE_COMMAND_PATTERNS = [
+    /^ls\b/,
+    /^cat\b/,
+    /^head\b/,
+    /^tail\b/,
+    /^wc\b/,
+    /^find\b/,
+    /^grep\b/,
+    /^git\s+(status|diff|log|branch|show)\b/,
+    /^pwd$/,
+    /^echo\b/,
+    /^which\b/,
+    /^node\s+--version/,
+    /^npm\s+(list|ls|outdated|view)\b/,
+];
+const DANGEROUS_PATTERNS = [
+    /rm\s+-rf\s+\//,
+    /^sudo\b/,
+    />\s*\/dev\/sd/,
+    /mkfs\b/,
+    /dd\s+if=/,
+];
+const DEFAULT_POLICY_CONTEXT = {
+    defaultDecision: "allow",
+    rules: [
+        {
+            toolName: "read_file",
+            decision: "allow",
+            description: "File reads are allowed.",
+        },
+        {
+            toolName: "write_file",
+            decision: "allow",
+            description: "File writes and overwrites are allowed.",
+        },
+        {
+            toolName: "edit_file",
+            decision: "allow",
+            description: "Exact-match file edits are allowed.",
+        },
+        {
+            toolName: "delete_file",
+            decision: "allow",
+            description: "File deletion is allowed.",
+        },
+        {
+            toolName: "run_command",
+            decision: "deny",
+            description: "Commands matching dangerous patterns such as sudo, disk formatting, raw device writes, or rm -rf / are denied.",
+        },
+        {
+            toolName: "run_command",
+            decision: "allow",
+            description: "Common inspection commands are allowed, including ls, cat, head, tail, wc, find, rg, grep fallback when rg is unavailable, git status/diff/log/branch/show, pwd, echo, which, node --version, and npm list/ls/outdated/view.",
+        },
+        {
+            toolName: "run_command",
+            decision: "ask",
+            description: "Other shell commands require approval unless auto-approval is enabled.",
+        },
+    ],
+};
+export class PolicyEngine {
+    policyContext;
+    rules = [];
+    constructor(policyContext = DEFAULT_POLICY_CONTEXT) {
+        this.policyContext = policyContext;
+    }
+    addRule(rule) {
+        this.rules.push(rule);
+    }
+    evaluate(toolName, input) {
+        for (const rule of this.rules) {
+            if (rule.toolName === toolName) {
+                return rule.decide(input);
+            }
+        }
+        return "allow";
+    }
+    describe() {
+        return this.policyContext;
+    }
+    static withDefaults() {
+        const engine = new PolicyEngine();
+        engine.addRule({
+            toolName: "read_file",
+            decide: () => "allow",
+        });
+        engine.addRule({
+            toolName: "write_file",
+            decide: () => "allow",
+        });
+        engine.addRule({
+            toolName: "edit_file",
+            decide: () => "allow",
+        });
+        engine.addRule({
+            toolName: "run_command",
+            decide: (input) => {
+                const cmd = input.command.trim();
+                for (const pattern of DANGEROUS_PATTERNS) {
+                    if (pattern.test(cmd))
+                        return "deny";
+                }
+                if (isRipgrepCommand(cmd)) {
+                    return usesRipgrepPreprocessor(cmd) ? "ask" : "allow";
+                }
+                for (const pattern of SAFE_COMMAND_PATTERNS) {
+                    if (pattern.test(cmd))
+                        return "allow";
+                }
+                return "ask";
+            },
+        });
+        return engine;
+    }
+}
+function isRipgrepCommand(cmd) {
+    return /^rg\b/.test(cmd);
+}
+function usesRipgrepPreprocessor(cmd) {
+    const tokens = tokenizeShellCommand(cmd);
+    let parsingFlags = true;
+    for (const token of tokens.slice(1)) {
+        if (!parsingFlags)
+            return false;
+        if (token === "--") {
+            parsingFlags = false;
+            continue;
+        }
+        if (token === "--pre" || token.startsWith("--pre=")) {
+            return true;
+        }
+    }
+    return false;
+}
+function tokenizeShellCommand(cmd) {
+    const tokens = [];
+    let current = "";
+    let quote = null;
+    for (let i = 0; i < cmd.length; i += 1) {
+        const char = cmd[i];
+        if (quote) {
+            if (char === quote) {
+                quote = null;
+            }
+            else if (char === "\\" && quote === "\"" && i + 1 < cmd.length) {
+                i += 1;
+                current += cmd[i];
+            }
+            else {
+                current += char;
+            }
+            continue;
+        }
+        if (char === "'" || char === "\"") {
+            quote = char;
+            continue;
+        }
+        if (/\s/.test(char)) {
+            if (current) {
+                tokens.push(current);
+                current = "";
+            }
+            continue;
+        }
+        if (char === "\\" && i + 1 < cmd.length) {
+            i += 1;
+            current += cmd[i];
+            continue;
+        }
+        current += char;
+    }
+    if (current)
+        tokens.push(current);
+    return tokens;
+}

package/dist/agent/session.d.ts

@@ -0,0 +1,12 @@
+import type { SessionState } from "../types/agent.js";
+import type { SessionStore } from "../storage/session-store.js";
+import type { EventStore } from "../storage/event-store.js";
+export declare class SessionManager {
+    private sessionStore;
+    private eventStore;
+    constructor(sessionStore: SessionStore, eventStore: EventStore);
+    createSession(workingDirectory: string, model: string): Promise<SessionState>;
+    resumeSession(sessionId: string): Promise<SessionState>;
+    listSessions(includeArchived?: boolean): Promise<SessionState[]>;
+    archiveSession(sessionId: string): Promise<void>;
+}

package/dist/agent/session.js

@@ -0,0 +1,42 @@
+import { v4 as uuidv4 } from "uuid";
+export class SessionManager {
+    sessionStore;
+    eventStore;
+    constructor(sessionStore, eventStore) {
+        this.sessionStore = sessionStore;
+        this.eventStore = eventStore;
+    }
+    async createSession(workingDirectory, model) {
+        const session = {
+            id: uuidv4(),
+            workingDirectory,
+            model,
+            conversationItems: [],
+            messages: [],
+            createdAt: new Date().toISOString(),
+            lastActiveAt: new Date().toISOString(),
+            status: "active",
+        };
+        await this.sessionStore.save(session);
+        await this.eventStore.append(session.id, "session_start", {
+            workingDirectory,
+            model,
+        });
+        return session;
+    }
+    async resumeSession(sessionId) {
+        const session = await this.sessionStore.load(sessionId);
+        if (!session) {
+            throw new Error(`Session not found: ${sessionId}`);
+        }
+        session.status = "active";
+        return session;
+    }
+    async listSessions(includeArchived = false) {
+        return this.sessionStore.list(includeArchived);
+    }
+    async archiveSession(sessionId) {
+        await this.sessionStore.archive(sessionId);
+        await this.eventStore.append(sessionId, "session_archived", {});
+    }
+}

package/dist/attachments.d.ts

@@ -0,0 +1,3 @@
+import type { ModelCapabilities } from "./models/resolve.js";
+import type { AttachmentContentBlock } from "./types/messages.js";
+export declare function loadAttachments(inputs: string[], capabilities: ModelCapabilities, cwd: string): Promise<AttachmentContentBlock[]>;

package/dist/attachments.js

@@ -0,0 +1,73 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+const IMAGE_MEDIA_TYPES = new Map([
+    [".gif", "image/gif"],
+    [".jpeg", "image/jpeg"],
+    [".jpg", "image/jpeg"],
+    [".png", "image/png"],
+    [".webp", "image/webp"],
+]);
+const PDF_MEDIA_TYPE = "application/pdf";
+export async function loadAttachments(inputs, capabilities, cwd) {
+    if (inputs.length === 0)
+        return [];
+    const attachmentCapabilities = capabilities.attachments;
+    if (!attachmentCapabilities) {
+        throw new Error("The selected model does not support attachments.");
+    }
+    const attachments = [];
+    for (const input of inputs) {
+        const attachment = await loadAttachment(input, cwd);
+        if (attachment.type === "image" && !attachmentCapabilities.images) {
+            throw new Error(`The selected model does not support image attachments: ${input}`);
+        }
+        if (attachment.type === "file" && !attachmentCapabilities.files) {
+            throw new Error(`The selected model does not support file attachments: ${input}`);
+        }
+        attachments.push(attachment);
+    }
+    return attachments;
+}
+async function loadAttachment(input, cwd) {
+    const name = path.basename(input);
+    const mediaType = mediaTypeFromPath(input);
+    if (!mediaType) {
+        throw new Error(`Unsupported attachment type: ${input}. Supported: png, jpg, jpeg, webp, gif, pdf.`);
+    }
+    const source = isHttpUrl(input)
+        ? urlSource(input)
+        : await dataSource(path.resolve(cwd, input), mediaType);
+    if (mediaType === PDF_MEDIA_TYPE) {
+        return { type: "file", name, mediaType, source };
+    }
+    return { type: "image", name, source };
+}
+function mediaTypeFromPath(input) {
+    const extension = path.extname(urlPathname(input)).toLowerCase();
+    return IMAGE_MEDIA_TYPES.get(extension) ?? (extension === ".pdf" ? PDF_MEDIA_TYPE : undefined);
+}
+function urlPathname(input) {
+    if (!isHttpUrl(input))
+        return input;
+    return new URL(input).pathname;
+}
+function isHttpUrl(input) {
+    try {
+        const url = new URL(input);
+        return url.protocol === "http:" || url.protocol === "https:";
+    }
+    catch {
+        return false;
+    }
+}
+function urlSource(url) {
+    return { type: "url", url };
+}
+async function dataSource(filePath, mediaType) {
+    const bytes = await fs.readFile(filePath);
+    return {
+        type: "data",
+        mediaType,
+        data: bytes.toString("base64"),
+    };
+}

package/dist/cli/index.d.ts

@@ -0,0 +1,5 @@
+import { Command } from "commander";
+import { type ModelOption, type ModelOptionsResult } from "../models/resolve.js";
+export declare function formatModelOptions(options?: readonly ModelOption[]): string;
+export declare function formatModelOptionsJson(result: ModelOptionsResult): string;
+export declare function createCLI(): Command;

package/dist/cli/index.js

@@ -0,0 +1,327 @@
+import readline from "node:readline";
+import fs from "node:fs/promises";
+import { existsSync } from "node:fs";
+import path from "node:path";
+import chalk from "chalk";
+import { Command } from "commander";
+import { EventStore } from "../storage/event-store.js";
+import { SessionStore } from "../storage/session-store.js";
+import { ToolRegistry } from "../tools/registry.js";
+import { readFileTool } from "../tools/read-file.js";
+import { writeFileTool } from "../tools/write-file.js";
+import { editFileTool } from "../tools/edit-file.js";
+import { runCommandTool } from "../tools/run-command.js";
+import { deleteFileTool } from "../tools/delete-file.js";
+import { PolicyEngine } from "../agent/policies.js";
+import { ContextBuilder } from "../agent/context-builder.js";
+import { getGlobalAgentsPath, getRepositoryAgentsPath, } from "../agent/agents.js";
+import { Executor } from "../agent/executor.js";
+import { AgentLoop, } from "../agent/loop.js";
+import { SessionManager } from "../agent/session.js";
+import { loadAttachments } from "../attachments.js";
+import { createProvider, getModelCapabilities, getModelOptions, groupModelOptions, MODEL_OPTIONS, } from "../models/resolve.js";
+import { loadSkills } from "../skills/skills.js";
+const DEFAULT_MODEL = "ollama/glm-4.7-flash:latest";
+const AGENTS_TEMPLATE = `# AGENTS.md
+
+Describe the coding guidelines, project conventions, and operational constraints Anita should follow.
+`;
+function getStoragePaths(cwd) {
+    const base = resolveStorageBase(cwd);
+    return {
+        events: path.join(base, "events"),
+        sessions: path.join(base, "sessions"),
+    };
+}
+/*
+ * Resolve the session-storage directory, preferring the canonical `.anita`
+ * location. Because `.anita` may already exist for skills, presence of a
+ * `sessions/` subdirectory is used to detect real storage: fall back to the
+ * legacy `.coding-agent` directory only when it holds existing sessions.
+ */
+function resolveStorageBase(cwd) {
+    const primary = path.join(cwd, ".anita");
+    if (existsSync(path.join(primary, "sessions")))
+        return primary;
+    const legacy = path.join(cwd, ".coding-agent");
+    if (existsSync(path.join(legacy, "sessions")))
+        return legacy;
+    return primary;
+}
+export function formatModelOptions(options = MODEL_OPTIONS) {
+    return groupModelOptions(options)
+        .map((group) => {
+        const lines = group.options.map((option) => `  ${option.value.padEnd(38)} ${option.label}${formatCapabilities(option)}`);
+        return [group.group, ...lines].join("\n");
+    })
+        .join("\n\n");
+}
+export function formatModelOptionsJson(result) {
+    return JSON.stringify({
+        models: result.options,
+        ollamaDiscoveryFailed: result.ollamaDiscoveryFailed,
+    }, null, 2);
+}
+function formatCapabilities(option) {
+    const attachments = option.capabilities?.attachments;
+    if (!attachments)
+        return "";
+    const supported = [
+        attachments.images ? "images" : undefined,
+        attachments.files ? "files" : undefined,
+    ].filter((item) => item !== undefined);
+    return supported.length > 0 ? ` [${supported.join(", ")}]` : "";
+}
+async function createAgentsFile(filePath, force) {
+    await fs.mkdir(path.dirname(filePath), { recursive: true });
+    try {
+        await fs.writeFile(filePath, AGENTS_TEMPLATE, {
+            encoding: "utf-8",
+            flag: force ? "w" : "wx",
+        });
+    }
+    catch (err) {
+        if (isAlreadyExistsError(err)) {
+            throw new Error(`AGENTS.md already exists at ${filePath}. Use --force to overwrite it.`);
+        }
+        throw err;
+    }
+}
+function isAlreadyExistsError(err) {
+    return err instanceof Error && "code" in err && err.code === "EEXIST";
+}
+async function askApproval(toolName, input) {
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    const summary = toolName === "run_command" ? input.command : JSON.stringify(input);
+    const answer = await new Promise((resolve) => {
+        rl.question(chalk.yellow(`Allow ${toolName}: ${summary}? [y/n] `), resolve);
+    });
+    rl.close();
+    return answer.toLowerCase().startsWith("y");
+}
+export function createCLI() {
+    const program = new Command();
+    program
+        .name("anita")
+        .description("An AI coding agent")
+        .version("0.3.0")
+        .option("--model <model>", "Model to use (provider/model)", DEFAULT_MODEL)
+        .option("--system-prompt <prompt>", "Additional system prompt instructions")
+        .option("--stream-json", "Emit structured JSON events to stdout")
+        .option("--auto-approve", "Auto-approve tool calls (dangerous commands are still denied)");
+    program
+        .command("models")
+        .description("List supported model choices")
+        .option("--json", "Emit machine-readable JSON")
+        .action(async (options) => {
+        const result = await getModelOptions();
+        if (options.json) {
+            console.log(formatModelOptionsJson(result));
+            return;
+        }
+        console.log(formatModelOptions(result.options));
+        if (result.ollamaDiscoveryFailed) {
+            console.error(chalk.gray("Note: Local Ollama discovery unavailable; showing built-in local models."));
+        }
+    });
+    program
+        .command("agents")
+        .description("Manage AGENTS.md instruction files")
+        .command("init")
+        .description("Create an AGENTS.md instruction file")
+        .option("--global", "Create ~/.anita/AGENTS.md instead of repository AGENTS.md")
+        .option("--force", "Overwrite an existing AGENTS.md")
+        .action(async (options) => {
+        const filePath = options.global
+            ? getGlobalAgentsPath()
+            : getRepositoryAgentsPath(process.cwd());
+        try {
+            await createAgentsFile(filePath, options.force ?? false);
+            console.log(chalk.green(`Created ${filePath}`));
+        }
+        catch (err) {
+            console.error(chalk.red(err.message));
+            process.exit(1);
+        }
+    });
+    program
+        .command("chat")
+        .argument("<message>", "Message to send to the agent")
+        .option("--resume <sessionId>", "Resume a previous session")
+        .option("--model <model>", "Model to use (provider/model)")
+        .option("--system-prompt <prompt>", "Additional system prompt instructions")
+        .option("--stream-json", "Emit structured JSON events to stdout")
+        .option("--auto-approve", "Auto-approve tool calls (dangerous commands are still denied)")
+        .option("--attach <path-or-url>", "Attach an image or PDF to the user message (repeatable)", (val, prev) => prev.concat(val), [])
+        .option("--skill <path>", "Load a skill from a file or directory (repeatable)", (val, prev) => prev.concat(val), [])
+        .option("--no-skills", "Disable automatic skill discovery (explicit --skill paths still load)")
+        .action(async (message, options) => {
+        const parentOpts = program.opts();
+        const model = options.model ?? parentOpts.model;
+        const autoApprove = options.autoApprove ?? parentOpts.autoApprove;
+        const streamJson = options.streamJson ?? parentOpts.streamJson ?? false;
+        const systemPrompt = options.systemPrompt ?? parentOpts.systemPrompt;
+        const cwd = process.cwd();
+        const paths = getStoragePaths(cwd);
+        const eventStore = new EventStore(paths.events);
+        const sessionStore = new SessionStore(paths.sessions);
+        const sessionManager = new SessionManager(sessionStore, eventStore);
+        // Create or resume session
+        const session = options.resume
+            ? await sessionManager.resumeSession(options.resume)
+            : await sessionManager.createSession(cwd, model);
+        const explicitModel = options.model ?? (program.getOptionValueSource("model") === "cli" ? parentOpts.model : undefined);
+        const modelString = options.resume ? (explicitModel ?? session.model) : model;
+        const provider = createProvider(modelString);
+        const attachments = await loadAttachments(options.attach ?? [], getModelCapabilities(modelString), cwd);
+        // Set up tools
+        const registry = new ToolRegistry();
+        registry.register(readFileTool);
+        registry.register(writeFileTool);
+        registry.register(editFileTool);
+        registry.register(runCommandTool);
+        registry.register(deleteFileTool);
+        const policyEngine = PolicyEngine.withDefaults();
+        // Load skills
+        const skillPaths = options.skill ?? [];
+        const includeDefaults = options.skills !== false;
+        const { skills, diagnostics } = loadSkills({ cwd, skillPaths, includeDefaults });
+        // Log diagnostics for skill loading issues
+        for (const diag of diagnostics) {
+            if (diag.type === "error" || diag.type === "collision") {
+                console.error(chalk.yellow(`Skill warning: ${diag.message} (${diag.path})`));
+            }
+        }
+        // Log skills_loaded event
+        if (skills.length > 0) {
+            await eventStore.append(session.id, "skills_loaded", {
+                skills: skills.map((s) => ({
+                    name: s.name,
+                    description: s.description,
+                    filePath: s.filePath,
+                })),
+            });
+            if (!streamJson) {
+                console.log(chalk.gray(`Skills: ${skills.map((s) => s.name).join(", ")}`));
+            }
+        }
+        const contextBuilder = new ContextBuilder(cwd, {
+            approvalMode: autoApprove ? "auto" : "prompt",
+            networkAccess: "unknown",
+            shell: process.env.SHELL,
+            writeScope: "Prefer the working directory and its descendants unless the user explicitly asks for another path.",
+            policyContext: policyEngine.describe(),
+            skills,
+            systemPrompt,
+        });
+        const approvalFn = autoApprove ? async () => true : askApproval;
+        const executor = new Executor(registry, policyEngine, eventStore, approvalFn);
+        const loop = new AgentLoop(provider, executor, contextBuilder, registry, eventStore, sessionStore, streamJson);
+        if (!streamJson) {
+            console.log(chalk.gray(`Session: ${session.id}`));
+            if (session.title) {
+                console.log(chalk.gray(`Title: ${session.title}`));
+            }
+            console.log(chalk.gray(`Model: ${modelString}`));
+            console.log();
+        }
+        const abortController = new AbortController();
+        let interrupted = false;
+        const onSigint = () => {
+            if (interrupted) {
+                // A second Ctrl-C forces an immediate exit if cancellation hangs.
+                process.exit(130);
+            }
+            interrupted = true;
+            abortController.abort();
+            if (!streamJson) {
+                console.log(chalk.yellow("\nCancelling run… (press Ctrl-C again to force quit)"));
+            }
+        };
+        process.on("SIGINT", onSigint);
+        try {
+            await loop.run(session, message, attachments, abortController.signal);
+        }
+        catch (err) {
+            const errorMessage = err.message;
+            if (streamJson) {
+                console.log(JSON.stringify({
+                    type: "run.failed",
+                    sessionId: session.id,
+                    error: errorMessage,
+                    timestamp: new Date().toISOString(),
+                }));
+            }
+            else {
+                console.error(chalk.red(`Error: ${errorMessage}`));
+            }
+            process.exit(1);
+        }
+        finally {
+            process.off("SIGINT", onSigint);
+        }
+        if (interrupted) {
+            process.exit(130);
+        }
+    });
+    program
+        .command("sessions")
+        .description("List past sessions")
+        .option("--archived", "Include archived sessions")
+        .action(async (options) => {
+        const cwd = process.cwd();
+        const paths = getStoragePaths(cwd);
+        const sessionStore = new SessionStore(paths.sessions);
+        const sessions = await sessionStore.list(options.archived ?? false);
+        if (sessions.length === 0) {
+            console.log("No sessions found.");
+            return;
+        }
+        for (const s of sessions) {
+            const msgCount = s.messages.length;
+            const title = s.title ?? '(untitled)';
+            const archived = s.status === "archived" ? chalk.yellow(" [archived]") : "";
+            console.log(`${chalk.cyan(s.id.slice(0, 8))}  ${chalk.white.bold(title)}${archived}  ${chalk.gray(`${s.model}  ${msgCount} msgs  ${s.lastActiveAt}`)}`);
+        }
+    });
+    program
+        .command("archive")
+        .argument("<sessionId>", "Session ID to archive")
+        .description("Archive a session")
+        .action(async (sessionId) => {
+        const cwd = process.cwd();
+        const paths = getStoragePaths(cwd);
+        const eventStore = new EventStore(paths.events);
+        const sessionStore = new SessionStore(paths.sessions);
+        const sessionManager = new SessionManager(sessionStore, eventStore);
+        try {
+            await sessionManager.archiveSession(sessionId);
+            console.log(chalk.green(`Session ${sessionId.slice(0, 8)} archived.`));
+        }
+        catch (err) {
+            console.error(chalk.red(err.message));
+            process.exit(1);
+        }
+    });
+    program
+        .command("events")
+        .argument("<sessionId>", "Session ID to view events for")
+        .description("View event log for a session")
+        .action(async (sessionId) => {
+        const cwd = process.cwd();
+        const paths = getStoragePaths(cwd);
+        const eventStore = new EventStore(paths.events);
+        const events = await eventStore.getEvents(sessionId);
+        if (events.length === 0) {
+            console.log("No events found.");
+            return;
+        }
+        for (const e of events) {
+            console.log(`${chalk.gray(e.timestamp)}  ${chalk.yellow(e.type)}  ${JSON.stringify(e.data).slice(0, 120)}`);
+        }
+    });
+    return program;
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/index.js

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+import { createCLI } from "./cli/index.js";
+const program = createCLI();
+program.parse();

package/dist/models/anthropic.d.ts

@@ -0,0 +1,15 @@
+import type { ChatParams, ModelProvider, ModelStreamEvent } from "./provider.js";
+import type { ModelResponse } from "../types/agent.js";
+export declare class AnthropicProvider implements ModelProvider {
+    private client;
+    private model;
+    constructor(model: string);
+    chat(params: ChatParams): Promise<ModelResponse>;
+    streamChat(params: ChatParams): AsyncIterable<ModelStreamEvent>;
+    private toAnthropicMessage;
+    private toAnthropicTool;
+    private fromAnthropicBlock;
+    private mapStopReason;
+    private parseToolInput;
+    private isRecord;
+}