npm - @harness-engineering/orchestrator - Versions diffs - 0.4.5 → 0.5.0 - Mend

@harness-engineering/orchestrator 0.4.5 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1870,11 +1870,11 @@ var BackendsMapSchema = z2.record(z2.string(), BackendDefSchema);
 function crossFieldRoutingIssues(backends, routing) {
   const issues = [];
   const names = new Set(Object.keys(backends));
-  const checkRef = (path17, name) => {
+  const checkRef = (path19, name) => {
     if (name !== void 0 && !names.has(name)) {
       issues.push({
-        path: path17,
-        message: `routing.${path17.join(".")} references unknown backend '${name}'. Defined: [${[...names].join(", ")}].`
+        path: path19,
+        message: `routing.${path19.join(".")} references unknown backend '${name}'. Defined: [${[...names].join(", ")}].`
       });
     }
   };
@@ -3635,11 +3635,11 @@ function detectLegacyFields(agent) {
 }
 function buildCase1Warnings(presentLegacy, suppressLocalGroup) {
   const warnings = [];
-  for (const path17 of presentLegacy) {
-    if (CASE1_ALWAYS_SUPPRESS.has(path17)) continue;
-    if (suppressLocalGroup && CASE1_LOCAL_GROUP.has(path17)) continue;
+  for (const path19 of presentLegacy) {
+    if (CASE1_ALWAYS_SUPPRESS.has(path19)) continue;
+    if (suppressLocalGroup && CASE1_LOCAL_GROUP.has(path19)) continue;
     warnings.push(
-      `Ignoring legacy field '${path17}': 'agent.backends' is set and takes precedence. See ${MIGRATION_GUIDE}.`
+      `Ignoring legacy field '${path19}': 'agent.backends' is set and takes precedence. See ${MIGRATION_GUIDE}.`
     );
   }
   return warnings;
@@ -3667,7 +3667,7 @@ function migrateAgentConfig(agent) {
   }
   const { backends, routing } = synthesizeBackendsAndRouting(agent);
   const warnings = presentLegacy.map(
-    (path17) => `Deprecated config field '${path17}' is in use. Migrate to 'agent.backends' / 'agent.routing'. See ${MIGRATION_GUIDE}.`
+    (path19) => `Deprecated config field '${path19}' is in use. Migrate to 'agent.backends' / 'agent.routing'. See ${MIGRATION_GUIDE}.`
   );
   return {
     config: { ...agent, backends, routing },
@@ -3756,6 +3756,10 @@ var BackendRouter = class {
         const intel = this.routing.intelligence;
         return intel?.[useCase.layer] ?? this.routing.default;
       }
+      case "isolation": {
+        const iso = this.routing.isolation;
+        return iso?.[useCase.tier] ?? this.routing.default;
+      }
       case "maintenance":
       case "chat":
         return this.routing.default;
@@ -3779,8 +3783,8 @@ var BackendRouter = class {
   validateReferences() {
     const known = new Set(Object.keys(this.backends));
     const missing = [];
-    const check = (path17, name) => {
-      if (name !== void 0 && !known.has(name)) missing.push({ path: path17, name });
+    const check = (path19, name) => {
+      if (name !== void 0 && !known.has(name)) missing.push({ path: path19, name });
     };
     check("default", this.routing.default);
     check("quick-fix", this.routing["quick-fix"]);
@@ -3789,8 +3793,11 @@ var BackendRouter = class {
     check("diagnostic", this.routing.diagnostic);
     check("intelligence.sel", this.routing.intelligence?.sel);
     check("intelligence.pesl", this.routing.intelligence?.pesl);
+    check("isolation.none", this.routing.isolation?.none);
+    check("isolation.container", this.routing.isolation?.container);
+    check("isolation.remote-sandbox", this.routing.isolation?.["remote-sandbox"]);
     if (missing.length > 0) {
-      const detail = missing.map(({ path: path17, name }) => `routing.${path17} -> '${name}'`).join("; ");
+      const detail = missing.map(({ path: path19, name }) => `routing.${path19} -> '${name}'`).join("; ");
       const known_ = [...known].join(", ") || "(none)";
       throw new Error(
         `BackendRouter: routing references unknown backend(s): ${detail}. Defined backends: [${known_}].`
@@ -4950,6 +4957,547 @@ var PiBackend = class {
   }
 };
+// src/agent/backends/ssh.ts
+import { spawn as spawn3 } from "child_process";
+import {
+  Ok as Ok16,
+  Err as Err13
+} from "@harness-engineering/types";
+var DEFAULT_TIMEOUT_MS2 = 9e4;
+var FORBIDDEN_HOST_CHARS = /[;&|`$()\n\r<>]/;
+var SshBackend = class {
+  name = "ssh";
+  config;
+  spawnImpl;
+  constructor(config) {
+    if (!config.host || typeof config.host !== "string") {
+      throw new Error("SshBackend: `host` is required");
+    }
+    if (FORBIDDEN_HOST_CHARS.test(config.host) || config.host.startsWith("-")) {
+      throw new Error(
+        `SshBackend: invalid host '${config.host}' (contains shell metacharacters or starts with '-')`
+      );
+    }
+    if (!config.remoteCommand || typeof config.remoteCommand !== "string") {
+      throw new Error("SshBackend: `remoteCommand` is required");
+    }
+    if (config.user !== void 0 && /[\s;&|`$]/.test(config.user)) {
+      throw new Error(`SshBackend: invalid user '${config.user}'`);
+    }
+    this.config = {
+      host: config.host,
+      remoteCommand: config.remoteCommand,
+      sshBinary: config.sshBinary ?? "ssh",
+      sshOptions: config.sshOptions ?? [],
+      timeoutMs: config.timeoutMs ?? DEFAULT_TIMEOUT_MS2,
+      ...config.user !== void 0 ? { user: config.user } : {},
+      ...config.port !== void 0 ? { port: config.port } : {},
+      ...config.identityFile !== void 0 ? { identityFile: config.identityFile } : {}
+    };
+    this.spawnImpl = config.spawnImpl ?? spawn3;
+  }
+  /**
+   * Builds the argv passed to the `ssh` binary. Exported as a method on
+   * the class so tests can assert the exact shape without spawning.
+   *
+   * Layout: `[options..., target, '--', remoteCommand]`
+   */
+  buildSshArgs() {
+    const args = [];
+    if (this.config.identityFile) {
+      args.push("-i", this.config.identityFile);
+    }
+    if (this.config.port !== void 0) {
+      args.push("-p", String(this.config.port));
+    }
+    args.push("-o", "BatchMode=yes");
+    for (const opt of this.config.sshOptions) {
+      args.push("-o", opt);
+    }
+    const target = this.config.user ? `${this.config.user}@${this.config.host}` : this.config.host;
+    args.push(target);
+    args.push("--");
+    args.push(this.config.remoteCommand);
+    return args;
+  }
+  async startSession(params) {
+    const session = {
+      sessionId: `ssh-session-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+      workspacePath: params.workspacePath,
+      backendName: this.name,
+      startedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      ...params.systemPrompt !== void 0 && { systemPrompt: params.systemPrompt }
+    };
+    return Ok16(session);
+  }
+  async *runTurn(session, params) {
+    const child = this.spawnImpl(this.config.sshBinary, this.buildSshArgs(), {
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    const payload = JSON.stringify({
+      kind: "turn",
+      prompt: params.prompt,
+      isContinuation: params.isContinuation,
+      systemPrompt: session.systemPrompt
+    });
+    try {
+      child.stdin.write(payload + "\n");
+      child.stdin.end();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "failed to write to ssh stdin";
+      try {
+        child.kill("SIGTERM");
+      } catch {
+      }
+      return errResult(session.sessionId, message);
+    }
+    const timeout = setTimeout(() => {
+      try {
+        child.kill("SIGTERM");
+      } catch {
+      }
+    }, this.config.timeoutMs);
+    let finalUsage = { inputTokens: 0, outputTokens: 0, totalTokens: 0 };
+    let success = true;
+    let lastError;
+    try {
+      for await (const line of readLines(child.stdout)) {
+        let event;
+        try {
+          event = parseEvent(line, session.sessionId);
+        } catch (err) {
+          const message = err instanceof Error ? err.message : "unparseable ssh event";
+          success = false;
+          lastError = message;
+          break;
+        }
+        if (!event) continue;
+        if (event.usage) finalUsage = event.usage;
+        if (event.type === "error" && typeof event.content === "string") {
+          lastError = event.content;
+          success = false;
+        }
+        yield event;
+      }
+      const exitCode = await waitForExit(child);
+      if (exitCode !== 0 && exitCode !== null) {
+        success = false;
+        lastError = lastError ?? `ssh exited with code ${exitCode}`;
+      }
+    } finally {
+      clearTimeout(timeout);
+    }
+    return {
+      success,
+      sessionId: session.sessionId,
+      usage: finalUsage,
+      ...lastError !== void 0 ? { error: lastError } : {}
+    };
+  }
+  async stopSession(_session) {
+    return Ok16(void 0);
+  }
+  async healthCheck() {
+    const args = [...this.buildSshArgs()];
+    args[args.length - 1] = "true";
+    return new Promise((resolve6) => {
+      let child;
+      try {
+        child = this.spawnImpl(this.config.sshBinary, args, {
+          stdio: ["ignore", "ignore", "pipe"]
+        });
+      } catch (err) {
+        resolve6(
+          Err13({
+            category: "agent_not_found",
+            message: err instanceof Error ? err.message : "failed to spawn ssh"
+          })
+        );
+        return;
+      }
+      let stderr = "";
+      child.stderr?.on("data", (chunk) => {
+        stderr += chunk.toString();
+      });
+      const timer = setTimeout(() => {
+        try {
+          child.kill("SIGTERM");
+        } catch {
+        }
+      }, this.config.timeoutMs);
+      child.on("close", (code) => {
+        clearTimeout(timer);
+        if (code === 0) {
+          resolve6(Ok16(void 0));
+        } else {
+          resolve6(
+            Err13({
+              category: "agent_not_found",
+              message: `ssh health check failed (exit=${code ?? "null"}): ${stderr.slice(0, 500)}`
+            })
+          );
+        }
+      });
+      child.on("error", (err) => {
+        clearTimeout(timer);
+        resolve6(Err13({ category: "agent_not_found", message: err.message }));
+      });
+    });
+  }
+};
+function errResult(sessionId, message) {
+  return {
+    success: false,
+    sessionId,
+    usage: { inputTokens: 0, outputTokens: 0, totalTokens: 0 },
+    error: message
+  };
+}
+function parseEvent(line, sessionId) {
+  const trimmed = line.trim();
+  if (trimmed.length === 0) return null;
+  const raw = JSON.parse(trimmed);
+  if (typeof raw.type !== "string") {
+    throw new Error(`ssh event missing 'type': ${trimmed.slice(0, 200)}`);
+  }
+  const ev = {
+    type: raw.type,
+    timestamp: typeof raw.timestamp === "string" ? raw.timestamp : (/* @__PURE__ */ new Date()).toISOString(),
+    sessionId
+  };
+  if (typeof raw.subtype === "string") ev.subtype = raw.subtype;
+  if (raw.content !== void 0) ev.content = raw.content;
+  if (isUsage(raw.usage)) ev.usage = raw.usage;
+  return ev;
+}
+function isUsage(u) {
+  if (!u || typeof u !== "object") return false;
+  const o = u;
+  return typeof o.inputTokens === "number" && typeof o.outputTokens === "number" && typeof o.totalTokens === "number";
+}
+async function* readLines(stream) {
+  let buffer = "";
+  for await (const chunk of stream) {
+    buffer += typeof chunk === "string" ? chunk : chunk.toString("utf-8");
+    let idx;
+    while ((idx = buffer.indexOf("\n")) >= 0) {
+      yield buffer.slice(0, idx);
+      buffer = buffer.slice(idx + 1);
+    }
+  }
+  if (buffer.length > 0) yield buffer;
+}
+function waitForExit(child) {
+  return new Promise((resolve6) => {
+    if (child.exitCode !== null) {
+      resolve6(child.exitCode);
+      return;
+    }
+    child.once("close", (code) => resolve6(code));
+    child.once("error", () => resolve6(null));
+  });
+}
+// src/agent/backends/serverless.ts
+import { spawn as spawn4 } from "child_process";
+import {
+  Ok as Ok17,
+  Err as Err14
+} from "@harness-engineering/types";
+var ServerlessBackend = class {
+  handles = /* @__PURE__ */ new Map();
+  async startSession(params) {
+    const start = await this.coldStart(params);
+    if (!start.ok) return start;
+    const session = {
+      sessionId: `${this.name}-session-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+      workspacePath: params.workspacePath,
+      backendName: this.name,
+      startedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.handles.set(session.sessionId, start.value);
+    return Ok17(session);
+  }
+  async *runTurn(session, params) {
+    const handle = this.handles.get(session.sessionId);
+    if (!handle) {
+      return {
+        success: false,
+        sessionId: session.sessionId,
+        usage: { inputTokens: 0, outputTokens: 0, totalTokens: 0 },
+        error: `no serverless handle for session ${session.sessionId}`
+      };
+    }
+    return yield* this.runOnHandle(handle, params, session);
+  }
+  async stopSession(session) {
+    const handle = this.handles.get(session.sessionId);
+    if (!handle) return Ok17(void 0);
+    this.handles.delete(session.sessionId);
+    return this.teardown(handle);
+  }
+};
+var FORBIDDEN_IMAGE_CHARS = /[;&|`$()\n\r<>]/;
+var BLOCKED_DOCKER_FLAGS = [
+  "--privileged",
+  "--cap-add",
+  "--security-opt",
+  "--pid",
+  "--ipc",
+  "--userns"
+];
+var DEFAULT_OCI_TIMEOUT_MS = 9e4;
+var OciServerlessBackend = class extends ServerlessBackend {
+  name = "serverless:oci";
+  config;
+  spawnImpl;
+  envSource;
+  constructor(config) {
+    super();
+    if (!config.image || typeof config.image !== "string") {
+      throw new Error("OciServerlessBackend: `image` is required");
+    }
+    if (FORBIDDEN_IMAGE_CHARS.test(config.image) || config.image.startsWith("-")) {
+      throw new Error(
+        `OciServerlessBackend: invalid image '${config.image}' (contains shell metacharacters or starts with '-')`
+      );
+    }
+    this.config = {
+      image: config.image,
+      pullPolicy: config.pullPolicy ?? "if-not-present",
+      runtime: config.runtime ?? "docker",
+      envPassthrough: config.envPassthrough ?? [],
+      timeoutMs: config.timeoutMs ?? DEFAULT_OCI_TIMEOUT_MS,
+      extraArgs: sanitizeExtraArgs(config.extraArgs),
+      ...config.registry !== void 0 ? { registry: config.registry } : {}
+    };
+    this.spawnImpl = config.spawnImpl ?? spawn4;
+    this.envSource = config.envSource ?? process.env;
+  }
+  /** Builds the argv for `docker run -d ...`. Exposed for tests. */
+  buildRunArgs() {
+    const env = this.collectEnv();
+    const args = ["run", "-d", "--rm"];
+    for (const [k, v] of Object.entries(env)) {
+      args.push("-e", `${k}=${v}`);
+    }
+    for (const ea of this.config.extraArgs) {
+      args.push(ea);
+    }
+    args.push("--");
+    args.push(this.config.image);
+    return args;
+  }
+  /** Builds the argv for `docker exec <id> -- agent`. Exposed for tests. */
+  buildExecArgs(handleId) {
+    return ["exec", "-i", handleId, "/agent"];
+  }
+  async coldStart(_params) {
+    if (this.config.pullPolicy === "always") {
+      const pull = await this.runOneShot(this.config.runtime, ["pull", this.config.image]);
+      if (!pull.ok) return pull;
+    }
+    const result = await this.runOneShot(this.config.runtime, this.buildRunArgs());
+    if (!result.ok) return result;
+    const id = result.value.trim().split(/\s+/)[0] ?? "";
+    if (!id) {
+      return Err14({
+        category: "response_error",
+        message: "OciServerlessBackend: empty container id from runtime"
+      });
+    }
+    return Ok17({ id, adapter: this.name });
+  }
+  async *runOnHandle(handle, params, session) {
+    const child = this.spawnImpl(this.config.runtime, this.buildExecArgs(handle.id), {
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    const payload = JSON.stringify({
+      kind: "turn",
+      prompt: params.prompt,
+      isContinuation: params.isContinuation
+    });
+    try {
+      child.stdin.write(payload + "\n");
+      child.stdin.end();
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "failed to write to docker stdin";
+      return turnFailure(session.sessionId, message);
+    }
+    const timeout = setTimeout(() => {
+      try {
+        child.kill("SIGTERM");
+      } catch {
+      }
+    }, this.config.timeoutMs);
+    let finalUsage = { inputTokens: 0, outputTokens: 0, totalTokens: 0 };
+    let success = true;
+    let lastError;
+    try {
+      for await (const line of readLines2(child.stdout)) {
+        const ev = tryParseEvent(line, session.sessionId);
+        if (!ev) continue;
+        if (ev.usage) finalUsage = ev.usage;
+        if (ev.type === "error" && typeof ev.content === "string") {
+          success = false;
+          lastError = ev.content;
+        }
+        yield ev;
+      }
+      const code = await waitForExit2(child);
+      if (code !== 0 && code !== null) {
+        success = false;
+        lastError = lastError ?? `runtime exec exited with code ${code}`;
+      }
+    } finally {
+      clearTimeout(timeout);
+    }
+    return {
+      success,
+      sessionId: session.sessionId,
+      usage: finalUsage,
+      ...lastError !== void 0 ? { error: lastError } : {}
+    };
+  }
+  async teardown(handle) {
+    if (handle.adapter !== this.name) {
+      return Err14({
+        category: "response_error",
+        message: `handle adapter mismatch: got '${handle.adapter}', expected '${this.name}'`
+      });
+    }
+    const stop = await this.runOneShot(this.config.runtime, ["stop", handle.id]);
+    if (!stop.ok) return stop;
+    return Ok17(void 0);
+  }
+  async healthCheck() {
+    return mapOk(
+      await this.runOneShot(this.config.runtime, ["version", "--format", "{{.Server.Version}}"])
+    );
+  }
+  collectEnv() {
+    const out = {};
+    for (const key of this.config.envPassthrough) {
+      const val = this.envSource[key];
+      if (typeof val === "string") out[key] = val;
+    }
+    return out;
+  }
+  runOneShot(binary, args) {
+    return new Promise((resolve6) => {
+      let child;
+      try {
+        child = this.spawnImpl(binary, args, {
+          stdio: ["ignore", "pipe", "pipe"]
+        });
+      } catch (err) {
+        resolve6(
+          Err14({
+            category: "agent_not_found",
+            message: err instanceof Error ? err.message : "failed to spawn runtime"
+          })
+        );
+        return;
+      }
+      let stdout = "";
+      let stderr = "";
+      child.stdout?.on("data", (chunk) => {
+        stdout += typeof chunk === "string" ? chunk : chunk.toString("utf-8");
+      });
+      child.stderr?.on("data", (chunk) => {
+        stderr += typeof chunk === "string" ? chunk : chunk.toString("utf-8");
+      });
+      const timer = setTimeout(() => {
+        try {
+          child.kill("SIGTERM");
+        } catch {
+        }
+      }, this.config.timeoutMs);
+      child.on("close", (code) => {
+        clearTimeout(timer);
+        if (code === 0) {
+          resolve6(Ok17(stdout));
+        } else {
+          resolve6(
+            Err14({
+              category: "response_error",
+              message: `runtime '${binary} ${args.join(" ")}' exited ${code ?? "null"}: ${stderr.slice(0, 500)}`
+            })
+          );
+        }
+      });
+      child.on("error", (err) => {
+        clearTimeout(timer);
+        resolve6(Err14({ category: "agent_not_found", message: err.message }));
+      });
+    });
+  }
+};
+function sanitizeExtraArgs(extraArgs) {
+  if (!extraArgs) return [];
+  return extraArgs.filter((arg) => !BLOCKED_DOCKER_FLAGS.some((flag) => arg.startsWith(flag)));
+}
+function mapOk(r) {
+  return r.ok ? Ok17(void 0) : r;
+}
+function turnFailure(sessionId, message) {
+  return {
+    success: false,
+    sessionId,
+    usage: { inputTokens: 0, outputTokens: 0, totalTokens: 0 },
+    error: message
+  };
+}
+function tryParseEvent(line, sessionId) {
+  const trimmed = line.trim();
+  if (!trimmed) return null;
+  let raw;
+  try {
+    raw = JSON.parse(trimmed);
+  } catch {
+    return null;
+  }
+  if (!raw || typeof raw !== "object") return null;
+  const o = raw;
+  if (typeof o.type !== "string") return null;
+  const ev = {
+    type: o.type,
+    timestamp: typeof o.timestamp === "string" ? o.timestamp : (/* @__PURE__ */ new Date()).toISOString(),
+    sessionId
+  };
+  if (typeof o.subtype === "string") ev.subtype = o.subtype;
+  if (o.content !== void 0) ev.content = o.content;
+  if (isUsage2(o.usage)) ev.usage = o.usage;
+  return ev;
+}
+function isUsage2(u) {
+  if (!u || typeof u !== "object") return false;
+  const o = u;
+  return typeof o.inputTokens === "number" && typeof o.outputTokens === "number" && typeof o.totalTokens === "number";
+}
+async function* readLines2(stream) {
+  let buffer = "";
+  for await (const chunk of stream) {
+    buffer += typeof chunk === "string" ? chunk : chunk.toString("utf-8");
+    let idx;
+    while ((idx = buffer.indexOf("\n")) >= 0) {
+      yield buffer.slice(0, idx);
+      buffer = buffer.slice(idx + 1);
+    }
+  }
+  if (buffer.length > 0) yield buffer;
+}
+function waitForExit2(child) {
+  return new Promise((resolve6) => {
+    if (child.exitCode !== null) {
+      resolve6(child.exitCode);
+      return;
+    }
+    child.once("close", (code) => resolve6(code));
+    child.once("error", () => resolve6(null));
+  });
+}
 // src/agent/backend-factory.ts
 function makeGetModel(model) {
   if (typeof model === "string") return () => model;
@@ -4999,6 +5547,35 @@ function createBackend(def, options = {}) {
         ...def.timeoutMs !== void 0 ? { timeoutMs: def.timeoutMs } : {}
       });
     }
+    case "ssh": {
+      return new SshBackend({
+        host: def.host,
+        remoteCommand: def.remoteCommand,
+        ...def.user !== void 0 ? { user: def.user } : {},
+        ...def.port !== void 0 ? { port: def.port } : {},
+        ...def.identityFile !== void 0 ? { identityFile: def.identityFile } : {},
+        ...def.sshOptions !== void 0 ? { sshOptions: def.sshOptions } : {},
+        ...def.sshBinary !== void 0 ? { sshBinary: def.sshBinary } : {}
+      });
+    }
+    case "serverless": {
+      switch (def.adapter) {
+        case "oci":
+          return new OciServerlessBackend({
+            image: def.image,
+            ...def.registry !== void 0 ? { registry: def.registry } : {},
+            ...def.pullPolicy !== void 0 ? { pullPolicy: def.pullPolicy } : {},
+            ...def.envPassthrough !== void 0 ? { envPassthrough: def.envPassthrough } : {},
+            ...def.runtime !== void 0 ? { runtime: def.runtime } : {}
+          });
+        default: {
+          const exhaustive = def.adapter;
+          throw new Error(
+            `createBackend: unknown serverless adapter ${JSON.stringify(exhaustive)}`
+          );
+        }
+      }
+    }
     default: {
       const exhaustive = def;
       throw new Error(`createBackend: unknown backend type ${JSON.stringify(exhaustive)}`);
@@ -5008,13 +5585,13 @@ function createBackend(def, options = {}) {
 // src/agent/backends/container.ts
 import {
-  Err as Err13
+  Err as Err15
 } from "@harness-engineering/types";
 function toAgentError(message, details) {
   return { category: "response_error", message, details };
 }
 var BLOCKED_FLAGS = ["--privileged", "--cap-add", "--security-opt", "--pid", "--ipc", "--userns"];
-function sanitizeExtraArgs(extraArgs) {
+function sanitizeExtraArgs2(extraArgs) {
   if (!extraArgs) return [];
   return extraArgs.filter((arg) => !BLOCKED_FLAGS.some((flag) => arg.startsWith(flag)));
 }
@@ -5040,7 +5617,7 @@ var ContainerBackend = class {
     }
     const result = await this.secretBackend.resolveSecrets(this.secretKeys);
     if (!result.ok) {
-      return Err13(toAgentError(`Secret resolution failed: ${result.error.message}`, result.error));
+      return Err15(toAgentError(`Secret resolution failed: ${result.error.message}`, result.error));
     }
     return { ok: true, value: result.value };
   }
@@ -5053,7 +5630,7 @@ var ContainerBackend = class {
       network: this.containerConfig.network ?? "none",
       env
     };
-    const sanitized = sanitizeExtraArgs(this.containerConfig.extraArgs);
+    const sanitized = sanitizeExtraArgs2(this.containerConfig.extraArgs);
     if (sanitized.length > 0) {
       opts.extraArgs = sanitized;
     }
@@ -5065,7 +5642,7 @@ var ContainerBackend = class {
     const createOpts = this.buildCreateOpts(params, envResult.value);
     const containerResult = await this.runtime.createContainer(createOpts);
     if (!containerResult.ok) {
-      return Err13(
+      return Err15(
         toAgentError(
           `Container creation failed: ${containerResult.error.message}`,
           containerResult.error
@@ -5090,7 +5667,7 @@ var ContainerBackend = class {
       this.containerHandles.delete(session.sessionId);
       const removeResult = await this.runtime.removeContainer(handle);
       if (!removeResult.ok) {
-        return Err13(
+        return Err15(
           toAgentError(
             `Container removal failed: ${removeResult.error.message}`,
             removeResult.error
@@ -5103,7 +5680,7 @@ var ContainerBackend = class {
   async healthCheck() {
     const runtimeResult = await this.runtime.healthCheck();
     if (!runtimeResult.ok) {
-      return Err13({
+      return Err15({
         category: "agent_not_found",
         message: `Container runtime unhealthy: ${runtimeResult.error.message}`,
         details: runtimeResult.error
@@ -5114,8 +5691,8 @@ var ContainerBackend = class {
 };
 // src/agent/runtime/docker.ts
-import { execFile as execFile3, spawn as spawn3 } from "child_process";
-import { Ok as Ok16, Err as Err14 } from "@harness-engineering/types";
+import { execFile as execFile3, spawn as spawn5 } from "child_process";
+import { Ok as Ok18, Err as Err16 } from "@harness-engineering/types";
 function dockerExec(args) {
   return new Promise((resolve6, reject) => {
     execFile3("docker", args, (error, stdout) => {
@@ -5148,9 +5725,9 @@ var DockerRuntime = class {
       args.push(opts.image);
       args.push("sleep", "infinity");
       const containerId = await dockerExec(args);
-      return Ok16({ containerId, runtime: this.name });
+      return Ok18({ containerId, runtime: this.name });
     } catch (error) {
-      return Err14({
+      return Err16({
         category: "container_create_failed",
         message: `Failed to create container: ${error instanceof Error ? error.message : String(error)}`,
         details: error
@@ -5172,7 +5749,7 @@ var DockerRuntime = class {
       }
     }
     execArgs.push(handle.containerId, ...cmd);
-    const child = spawn3("docker", execArgs);
+    const child = spawn5("docker", execArgs);
     const readline3 = await import("readline");
     const rl = readline3.createInterface({ input: child.stdout, terminal: false });
     try {
@@ -5194,9 +5771,9 @@ var DockerRuntime = class {
   async removeContainer(handle) {
     try {
       await dockerExec(["rm", "-f", handle.containerId]);
-      return Ok16(void 0);
+      return Ok18(void 0);
     } catch (error) {
-      return Err14({
+      return Err16({
         category: "container_remove_failed",
         message: `Failed to remove container: ${error instanceof Error ? error.message : String(error)}`,
         details: error
@@ -5206,9 +5783,9 @@ var DockerRuntime = class {
   async healthCheck() {
     try {
       await dockerExec(["info", "--format", "{{.ServerVersion}}"]);
-      return Ok16(void 0);
+      return Ok18(void 0);
     } catch (error) {
-      return Err14({
+      return Err16({
         category: "runtime_not_found",
         message: `Docker is not available: ${error instanceof Error ? error.message : String(error)}`,
         details: error
@@ -5218,7 +5795,7 @@ var DockerRuntime = class {
 };
 // src/agent/secrets/env.ts
-import { Ok as Ok17, Err as Err15 } from "@harness-engineering/types";
+import { Ok as Ok19, Err as Err17 } from "@harness-engineering/types";
 var EnvSecretBackend = class {
   name = "env";
   async resolveSecrets(keys) {
@@ -5226,7 +5803,7 @@ var EnvSecretBackend = class {
     for (const key of keys) {
       const value = process.env[key];
       if (value === void 0) {
-        return Err15({
+        return Err17({
           category: "secret_not_found",
           message: `Environment variable '${key}' is not set`,
           key
@@ -5234,16 +5811,16 @@ var EnvSecretBackend = class {
       }
       secrets[key] = value;
     }
-    return Ok17(secrets);
+    return Ok19(secrets);
   }
   async healthCheck() {
-    return Ok17(void 0);
+    return Ok19(void 0);
   }
 };
 // src/agent/secrets/onepassword.ts
 import { execFile as execFile4 } from "child_process";
-import { Ok as Ok18, Err as Err16 } from "@harness-engineering/types";
+import { Ok as Ok20, Err as Err18 } from "@harness-engineering/types";
 function opExec(args) {
   return new Promise((resolve6, reject) => {
     execFile4("op", args, (error, stdout) => {
@@ -5268,21 +5845,21 @@ var OnePasswordSecretBackend = class {
         const value = await opExec(["read", `op://${this.vault}/${key}/password`]);
         secrets[key] = value;
       } catch (error) {
-        return Err16({
+        return Err18({
           category: "access_denied",
           message: `Failed to read secret '${key}' from 1Password: ${error instanceof Error ? error.message : String(error)}`,
           key
         });
       }
     }
-    return Ok18(secrets);
+    return Ok20(secrets);
   }
   async healthCheck() {
     try {
       await opExec(["--version"]);
-      return Ok18(void 0);
+      return Ok20(void 0);
     } catch (error) {
-      return Err16({
+      return Err18({
         category: "provider_unavailable",
         message: `1Password CLI is not available: ${error instanceof Error ? error.message : String(error)}`
       });
@@ -5292,7 +5869,7 @@ var OnePasswordSecretBackend = class {
 // src/agent/secrets/vault.ts
 import { execFile as execFile5 } from "child_process";
-import { Ok as Ok19, Err as Err17 } from "@harness-engineering/types";
+import { Ok as Ok21, Err as Err19 } from "@harness-engineering/types";
 function vaultExec(args, env) {
   return new Promise((resolve6, reject) => {
     execFile5("vault", args, { env: { ...process.env, ...env } }, (error, stdout) => {
@@ -5323,11 +5900,11 @@ var VaultSecretBackend = class {
     } catch (error) {
       const msg = error instanceof Error ? error.message : String(error);
       const category = error instanceof SyntaxError ? "access_denied" : "access_denied";
-      return Err17({ category, message: `Failed to read from Vault: ${msg}` });
+      return Err19({ category, message: `Failed to read from Vault: ${msg}` });
     }
     const missing = keys.find((k) => !(k in data));
     if (missing) {
-      return Err17({
+      return Err19({
         category: "secret_not_found",
         message: `Secret key '${missing}' not found in Vault path '${this.path}'`,
         key: missing
@@ -5335,14 +5912,14 @@ var VaultSecretBackend = class {
     }
     const secrets = {};
     for (const key of keys) secrets[key] = data[key];
-    return Ok19(secrets);
+    return Ok21(secrets);
   }
   async healthCheck() {
     try {
       await vaultExec(["version"]);
-      return Ok19(void 0);
+      return Ok21(void 0);
     } catch (error) {
-      return Err17({
+      return Err19({
         category: "provider_unavailable",
         message: `Vault CLI is not available: ${error instanceof Error ? error.message : String(error)}`
       });
@@ -5488,6 +6065,8 @@ function buildAnalysisProvider(args) {
       return buildClaudeCliProvider(def, args, layerModel);
     case "mock":
     case "gemini":
+    case "ssh":
+    case "serverless":
       logger.warn(
         `Intelligence pipeline disabled for layer '${layer}': routed backend '${backendName}' has type '${def.type}' which has no AnalysisProvider implementation.`
       );
@@ -5911,7 +6490,7 @@ function handlePlansRoute(req, res, plansDir) {
 }
 // src/server/routes/chat-proxy.ts
-import { spawn as spawn4 } from "child_process";
+import { spawn as spawn6 } from "child_process";
 import { randomUUID as randomUUID4 } from "crypto";
 import * as readline2 from "readline";
 import { z as z6 } from "zod";
@@ -5997,7 +6576,7 @@ async function handleChatRequest(req, res, command) {
     });
     emit(res, { type: "session", sessionId });
     const args = buildArgs(parsed.prompt, sessionId, isFirstTurn, parsed.system);
-    child = spawn4(command, args, { env: buildChildEnv(), stdio: "pipe" });
+    child = spawn6(command, args, { env: buildChildEnv(), stdio: "pipe" });
     child.stdin?.end();
     let clientDisconnected = false;
     res.on("close", () => {
@@ -7362,8 +7941,8 @@ function parseToken(raw) {
   return { id: raw.slice(0, dot), secret: raw.slice(dot + 1) };
 }
 var TokenStore = class {
-  constructor(path17) {
-    this.path = path17;
+  constructor(path19) {
+    this.path = path19;
   }
   path;
   cache = null;
@@ -7470,8 +8049,8 @@ import { appendFile, mkdir as mkdir8 } from "fs/promises";
 import { dirname as dirname5 } from "path";
 import { AuthAuditEntrySchema } from "@harness-engineering/types";
 var AuditLogger = class {
-  constructor(path17, opts = {}) {
-    this.path = path17;
+  constructor(path19, opts = {}) {
+    this.path = path19;
     this.opts = opts;
   }
   path;
@@ -7566,9 +8145,9 @@ var V1_BRIDGE_ROUTES = [
 function isV1Bridge(method, url) {
   return V1_BRIDGE_ROUTES.some((r) => r.method === method && r.pattern.test(url));
 }
-function requiredBridgeScope(method, path17) {
+function requiredBridgeScope(method, path19) {
   for (const r of V1_BRIDGE_ROUTES) {
-    if (r.method === method && r.pattern.test(path17)) return r.scope;
+    if (r.method === method && r.pattern.test(path19)) return r.scope;
   }
   return null;
 }
@@ -7578,24 +8157,24 @@ function hasScope(held, required) {
   if (held.includes("admin")) return true;
   return held.includes(required);
 }
-function requiredScopeForRoute(method, path17) {
-  const bridgeScope = requiredBridgeScope(method, path17);
+function requiredScopeForRoute(method, path19) {
+  const bridgeScope = requiredBridgeScope(method, path19);
   if (bridgeScope) return bridgeScope;
-  if (path17 === "/api/v1/auth/token" && method === "POST") return "admin";
-  if (path17 === "/api/v1/auth/tokens" && method === "GET") return "admin";
-  if (/^\/api\/v1\/auth\/tokens\/[^/]+$/.test(path17) && method === "DELETE") return "admin";
-  if ((path17 === "/api/state" || path17 === "/api/v1/state") && method === "GET") return "read-status";
-  if (path17.startsWith("/api/interactions")) return "resolve-interaction";
-  if (path17.startsWith("/api/plans")) return "read-status";
-  if (path17.startsWith("/api/analyze") || path17.startsWith("/api/analyses")) return "read-status";
-  if (path17.startsWith("/api/roadmap-actions")) return "modify-roadmap";
-  if (path17.startsWith("/api/dispatch-actions")) return "trigger-job";
-  if (path17.startsWith("/api/local-model") || path17.startsWith("/api/local-models"))
+  if (path19 === "/api/v1/auth/token" && method === "POST") return "admin";
+  if (path19 === "/api/v1/auth/tokens" && method === "GET") return "admin";
+  if (/^\/api\/v1\/auth\/tokens\/[^/]+$/.test(path19) && method === "DELETE") return "admin";
+  if ((path19 === "/api/state" || path19 === "/api/v1/state") && method === "GET") return "read-status";
+  if (path19.startsWith("/api/interactions")) return "resolve-interaction";
+  if (path19.startsWith("/api/plans")) return "read-status";
+  if (path19.startsWith("/api/analyze") || path19.startsWith("/api/analyses")) return "read-status";
+  if (path19.startsWith("/api/roadmap-actions")) return "modify-roadmap";
+  if (path19.startsWith("/api/dispatch-actions")) return "trigger-job";
+  if (path19.startsWith("/api/local-model") || path19.startsWith("/api/local-models"))
     return "read-status";
-  if (path17.startsWith("/api/maintenance")) return "trigger-job";
-  if (path17.startsWith("/api/streams")) return "read-status";
-  if (path17.startsWith("/api/sessions")) return "read-status";
-  if (path17.startsWith("/api/chat-proxy")) return "trigger-job";
+  if (path19.startsWith("/api/maintenance")) return "trigger-job";
+  if (path19.startsWith("/api/streams")) return "read-status";
+  if (path19.startsWith("/api/sessions")) return "read-status";
+  if (path19.startsWith("/api/chat-proxy")) return "trigger-job";
   return null;
 }
@@ -7999,8 +8578,8 @@ function genSecret2() {
   return randomBytes4(32).toString("base64url");
 }
 var WebhookStore = class {
-  constructor(path17) {
-    this.path = path17;
+  constructor(path19) {
+    this.path = path19;
   }
   path;
   cache = null;
@@ -8586,6 +9165,335 @@ function wireTelemetryFanout(params) {
   };
 }
+// src/notifications/slack-sink.ts
+var SEVERITY_PREFIX = {
+  info: ":information_source:",
+  success: ":white_check_mark:",
+  warning: ":warning:",
+  error: ":x:"
+};
+var SlackSink = class {
+  kind = "slack";
+  id;
+  webhookUrl;
+  fetchImpl;
+  timeoutMs;
+  constructor(opts) {
+    this.id = opts.id;
+    this.webhookUrl = opts.webhookUrl;
+    this.fetchImpl = opts.fetchImpl ?? fetch;
+    this.timeoutMs = opts.timeoutMs ?? 5e3;
+  }
+  async deliver(input) {
+    const body = input.wrapped ? this.renderEnvelope(input.payload) : this.renderRawEvent(input.payload);
+    const ctrl = new AbortController();
+    const timer = setTimeout(() => ctrl.abort(), this.timeoutMs);
+    try {
+      const res = await this.fetchImpl(this.webhookUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(body),
+        signal: ctrl.signal
+      });
+      if (res.ok) {
+        return { ok: true, deliveredAt: Date.now() };
+      }
+      return { ok: false, error: `HTTP ${res.status}`, httpStatus: res.status };
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      return { ok: false, error: ctrl.signal.aborted ? "timeout" : msg };
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  renderEnvelope(env) {
+    const prefix = SEVERITY_PREFIX[env.severity] ?? "";
+    const headline = `${prefix} ${env.title}`.trim();
+    const blocks = [
+      { type: "section", text: { type: "mrkdwn", text: `*${headline}*
+${env.summary}` } }
+    ];
+    if (env.actions && env.actions.length > 0) {
+      blocks.push({
+        type: "actions",
+        elements: env.actions.map((a) => ({
+          type: "button",
+          text: { type: "plain_text", text: a.label },
+          url: a.url
+        }))
+      });
+    }
+    if (env.permalink) {
+      blocks.push({
+        type: "section",
+        text: { type: "mrkdwn", text: `<${env.permalink}|View details>` }
+      });
+    }
+    return { text: headline, blocks };
+  }
+  renderRawEvent(event) {
+    const dump = (() => {
+      try {
+        return JSON.stringify(event.data, null, 2);
+      } catch {
+        return String(event.data);
+      }
+    })();
+    const text = `harness event: \`${event.type}\``;
+    return {
+      text,
+      blocks: [
+        { type: "section", text: { type: "mrkdwn", text: `*${text}*
+\`\`\`
+${dump}
+\`\`\`` } }
+      ]
+    };
+  }
+};
+// src/notifications/registry.ts
+var SinkConfigError = class extends Error {
+  constructor(sinkId, message) {
+    super(`[sink:${sinkId}] ${message}`);
+    this.sinkId = sinkId;
+    this.name = "SinkConfigError";
+  }
+  sinkId;
+};
+var SinkRegistry = class _SinkRegistry {
+  entries;
+  constructor(entries) {
+    this.entries = entries;
+  }
+  static fromConfig(config, options) {
+    const entries = [];
+    for (const sinkConfig of config.sinks) {
+      entries.push({
+        config: sinkConfig,
+        adapter: buildSink(sinkConfig, options)
+      });
+    }
+    return new _SinkRegistry(entries);
+  }
+  list() {
+    return this.entries;
+  }
+  get(id) {
+    return this.entries.find((e) => e.config.id === id) ?? null;
+  }
+  ids() {
+    return this.entries.map((e) => e.config.id);
+  }
+  async dispose() {
+    for (const entry of this.entries) {
+      if (entry.adapter.dispose) {
+        await entry.adapter.dispose();
+      }
+    }
+  }
+};
+function buildSink(config, options) {
+  const kind = config.kind;
+  switch (kind) {
+    case "slack":
+      return buildSlackSink(config, options);
+    default: {
+      const _exhaustive = kind;
+      throw new SinkConfigError(config.id, `unknown sink kind '${String(_exhaustive)}'`);
+    }
+  }
+}
+function buildSlackSink(config, options) {
+  const rawConfig = config.config;
+  const envKey = typeof rawConfig.webhookUrlEnv === "string" ? rawConfig.webhookUrlEnv : null;
+  const inlineUrl = typeof rawConfig.webhookUrl === "string" ? rawConfig.webhookUrl : null;
+  let url;
+  if (envKey) {
+    const v = options.env[envKey];
+    if (!v) {
+      throw new SinkConfigError(
+        config.id,
+        `Slack webhook env var '${envKey}' is not set in the environment`
+      );
+    }
+    url = v;
+  } else if (inlineUrl) {
+    url = inlineUrl;
+  } else {
+    throw new SinkConfigError(
+      config.id,
+      `Slack sink requires 'config.webhookUrlEnv' (preferred) or 'config.webhookUrl'`
+    );
+  }
+  if (!/^https:\/\/hooks\.slack\.com\//.test(url)) {
+    throw new SinkConfigError(
+      config.id,
+      `Slack webhook URL must be an https://hooks.slack.com/ URL`
+    );
+  }
+  const sinkOpts = {
+    id: config.id,
+    webhookUrl: url
+  };
+  if (options.fetchImpl) sinkOpts.fetchImpl = options.fetchImpl;
+  return new SlackSink(sinkOpts);
+}
+// src/notifications/events.ts
+import { randomBytes as randomBytes8 } from "crypto";
+// src/notifications/envelope.ts
+function asObj(data) {
+  return typeof data === "object" && data !== null ? data : {};
+}
+var ENVELOPE_DERIVERS = {
+  "maintenance.started": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: `Maintenance started: ${data.taskId ?? "(unknown task)"}`,
+      summary: `Task \`${data.taskId ?? "(unknown)"}\` is running.`,
+      severity: "info"
+    };
+  },
+  "maintenance.completed": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: `Maintenance done: ${data.taskId ?? "(unknown task)"}`,
+      summary: `Task \`${data.taskId ?? "(unknown)"}\` completed successfully.`,
+      severity: "success"
+    };
+  },
+  "maintenance.error": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: `Maintenance failed: ${data.taskId ?? "(unknown task)"}`,
+      summary: data.error ?? "No error message provided.",
+      severity: "error"
+    };
+  },
+  "interaction.created": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: `Action required: ${truncate(data.question ?? "pending interaction", 80)}`,
+      summary: data.question ?? "(no question text)",
+      severity: "warning"
+    };
+  },
+  "interaction.resolved": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: `Interaction resolved`,
+      summary: data.resolution ?? "(no resolution text)",
+      severity: "info"
+    };
+  },
+  "notification.test": (event) => {
+    const data = asObj(event.data);
+    return {
+      title: "Test notification from harness",
+      summary: data.message ?? "If you see this, your notification sink is working.",
+      severity: "info"
+    };
+  }
+};
+function truncate(s, max) {
+  return s.length <= max ? s : `${s.slice(0, max - 1)}\u2026`;
+}
+function fallbackTitle(event) {
+  return event.type;
+}
+function fallbackSummary(event) {
+  try {
+    return "```\n" + JSON.stringify(event.data, null, 2) + "\n```";
+  } catch {
+    return String(event.data);
+  }
+}
+function severityFromType(type) {
+  if (type.endsWith(".error") || type.endsWith(".failed")) return "error";
+  if (type.endsWith(".completed") || type.endsWith(".resolved")) return "success";
+  if (type.endsWith(".created") || type.startsWith("interaction.")) return "warning";
+  return "info";
+}
+function backfillEnvelope(event, partial) {
+  return {
+    title: truncate(partial.title ?? fallbackTitle(event), 280),
+    summary: partial.summary ?? fallbackSummary(event),
+    severity: partial.severity ?? severityFromType(event.type)
+  };
+}
+function wrapAsEnvelope(event) {
+  const deriver = ENVELOPE_DERIVERS[event.type];
+  const partial = deriver ? deriver(event) : {};
+  const envelope = backfillEnvelope(event, partial);
+  if (partial.actions) envelope.actions = partial.actions;
+  if (partial.permalink) envelope.permalink = partial.permalink;
+  if (event.correlationId) envelope.correlationId = event.correlationId;
+  return envelope;
+}
+// src/notifications/events.ts
+var NOTIFICATION_TOPICS = [
+  "interaction.created",
+  "interaction.resolved",
+  "maintenance:started",
+  "maintenance:completed",
+  "maintenance:error"
+];
+function newEventId4() {
+  return `evt_${randomBytes8(8).toString("hex")}`;
+}
+function dispatchToEntry(bus, entry, event) {
+  const eventType = event.type;
+  const matches = entry.config.events.some((p) => eventMatches(p, eventType));
+  if (!matches) return;
+  const payload = entry.config.wrap_response ? wrapAsEnvelope(event) : event;
+  const summaryBase = {
+    sinkId: entry.adapter.id,
+    kind: entry.adapter.kind,
+    eventType,
+    eventId: event.id
+  };
+  void entry.adapter.deliver({ payload, wrapped: entry.config.wrap_response }).then((result) => {
+    bus.emit("notification.delivery.attempted", { ...summaryBase, ok: result.ok });
+    if (!result.ok) {
+      bus.emit("notification.delivery.failed", {
+        ...summaryBase,
+        ok: false,
+        error: result.error
+      });
+    }
+  }).catch((err) => {
+    const msg = err instanceof Error ? err.message : String(err);
+    bus.emit("notification.delivery.failed", { ...summaryBase, ok: false, error: msg });
+  });
+}
+function wireNotificationSinks({ bus, registry }) {
+  const handlers = [];
+  for (const topic of NOTIFICATION_TOPICS) {
+    const eventType = topic.replace(":", ".");
+    const fn = (data) => {
+      const entries = registry.list();
+      if (entries.length === 0) return;
+      const event = {
+        id: newEventId4(),
+        type: eventType,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data
+      };
+      for (const entry of entries) {
+        dispatchToEntry(bus, entry, event);
+      }
+    };
+    bus.on(topic, fn);
+    handlers.push({ topic, fn });
+  }
+  return () => {
+    for (const { topic, fn } of handlers) bus.removeListener(topic, fn);
+  };
+}
 // src/orchestrator.ts
 import { CacheMetricsRecorder, OTLPExporter } from "@harness-engineering/core";
@@ -9142,10 +10050,10 @@ var MaintenanceScheduler = class {
 };
 // src/maintenance/leader-elector.ts
-import { Ok as Ok20 } from "@harness-engineering/types";
+import { Ok as Ok22 } from "@harness-engineering/types";
 var SingleProcessLeaderElector = class {
   async electLeader() {
-    return Ok20("claimed");
+    return Ok22("claimed");
   }
 };
@@ -9625,6 +10533,13 @@ var Orchestrator = class extends EventEmitter {
   cacheMetrics;
   otlpExporter;
   telemetryFanoutOff;
+  // Hermes Phase 3: in-process notification sinks subscribe to the same
+  // event bus (`this`) that webhook fanout uses, applying envelope
+  // formatting before delivering to Slack/etc. The registry + unwire
+  // handle are kept on the instance so stop() can detach listeners and
+  // call adapter dispose() in deterministic order.
+  notificationsRegistry;
+  notificationFanoutOff;
   orchestratorIdPromise;
   recorder;
   intelligenceRunner;
@@ -9780,6 +10695,7 @@ var Orchestrator = class extends EventEmitter {
         delivery: webhookDelivery
       });
       webhookDelivery.start();
+      this.setupNotifications(config.notifications);
       const otlpCfg = config.telemetry?.export?.otlp;
       if (otlpCfg) {
         this.otlpExporter = new OTLPExporter({
@@ -10615,6 +11531,31 @@ var Orchestrator = class extends EventEmitter {
     );
     this.emit("state_change", this.getSnapshot());
   }
+  /**
+   * Hermes Phase 3: wire in-process notification sinks against the
+   * orchestrator's event bus (`this`). A misconfigured sink (unknown kind,
+   * missing env var) logs + skips rather than breaking startup — the
+   * hardened doctor (`harness doctor`) surfaces the gap. Sinks subscribe
+   * to the same topics as `wireWebhookFanout`; a slow Slack call cannot
+   * block webhook delivery because the two paths fan out independently.
+   */
+  setupNotifications(notifConfig) {
+    if (!notifConfig || !notifConfig.sinks || notifConfig.sinks.length === 0) return;
+    try {
+      this.notificationsRegistry = SinkRegistry.fromConfig(notifConfig, {
+        env: process.env
+      });
+      this.notificationFanoutOff = wireNotificationSinks({
+        bus: this,
+        registry: this.notificationsRegistry
+      });
+    } catch (err) {
+      this.logger.warn(
+        `notifications sink registry failed: ${err instanceof Error ? err.message : String(err)}; sinks disabled`
+      );
+      delete this.notificationsRegistry;
+    }
+  }
   /**
    * Stops execution for a specific issue.
    *
@@ -10782,6 +11723,14 @@ var Orchestrator = class extends EventEmitter {
       this.webhookFanoutOff();
       delete this.webhookFanoutOff;
     }
+    if (this.notificationFanoutOff) {
+      this.notificationFanoutOff();
+      delete this.notificationFanoutOff;
+    }
+    if (this.notificationsRegistry) {
+      await this.notificationsRegistry.dispose();
+      delete this.notificationsRegistry;
+    }
     if (this.telemetryFanoutOff) {
       this.telemetryFanoutOff();
       delete this.telemetryFanoutOff;
@@ -11072,7 +12021,7 @@ function launchTUI(orchestrator) {
 // src/maintenance/sync-main.ts
 import { execFile as nodeExecFile } from "child_process";
 import { promisify as promisify3 } from "util";
-var DEFAULT_TIMEOUT_MS2 = 6e4;
+var DEFAULT_TIMEOUT_MS3 = 6e4;
 async function git(execFileFn, args, cwd, timeoutMs) {
   const exec = promisify3(execFileFn);
   const { stdout, stderr } = await exec("git", args, { cwd, timeout: timeoutMs });
@@ -11137,7 +12086,7 @@ async function isAncestor(execFileFn, a, b, cwd, timeoutMs) {
 }
 async function syncMain(repoRoot, opts = {}) {
   const execFileFn = opts.execFileFn ?? nodeExecFile;
-  const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS2;
+  const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS3;
   try {
     const originRef = await resolveOriginDefault(execFileFn, repoRoot, timeoutMs);
     if (!originRef) {
@@ -11212,6 +12161,465 @@ async function syncMain(repoRoot, opts = {}) {
     };
   }
 }
+// src/sessions/search-index.ts
+import * as fs15 from "fs";
+import * as path17 from "path";
+import Database2 from "better-sqlite3";
+import { INDEXED_FILE_KINDS } from "@harness-engineering/types";
+var SEARCH_INDEX_FILE = "search-index.sqlite";
+var SCHEMA_SQL2 = `
+  CREATE TABLE IF NOT EXISTS session_docs (
+    id           INTEGER PRIMARY KEY AUTOINCREMENT,
+    session_id   TEXT NOT NULL,
+    archived     INTEGER NOT NULL,
+    file_kind    TEXT NOT NULL,
+    path         TEXT NOT NULL,
+    mtime_ms     INTEGER NOT NULL,
+    body         TEXT NOT NULL,
+    UNIQUE (session_id, archived, file_kind)
+  );
+  CREATE VIRTUAL TABLE IF NOT EXISTS session_docs_fts USING fts5 (
+    body,
+    content='session_docs',
+    content_rowid='id',
+    tokenize='unicode61 remove_diacritics 2'
+  );
+  CREATE TRIGGER IF NOT EXISTS session_docs_ai
+    AFTER INSERT ON session_docs
+    BEGIN INSERT INTO session_docs_fts(rowid, body) VALUES (new.id, new.body); END;
+  CREATE TRIGGER IF NOT EXISTS session_docs_ad
+    AFTER DELETE ON session_docs
+    BEGIN INSERT INTO session_docs_fts(session_docs_fts, rowid, body) VALUES('delete', old.id, old.body); END;
+  CREATE TRIGGER IF NOT EXISTS session_docs_au
+    AFTER UPDATE ON session_docs
+    BEGIN
+      INSERT INTO session_docs_fts(session_docs_fts, rowid, body) VALUES('delete', old.id, old.body);
+      INSERT INTO session_docs_fts(rowid, body) VALUES (new.id, new.body);
+    END;
+`;
+var DEFAULT_LIMIT = 20;
+function normalizeFts5Query(query) {
+  const advancedSyntax = /["()*^+]|\bAND\b|\bOR\b|\bNOT\b|[A-Za-z_]+:/;
+  if (advancedSyntax.test(query)) return query;
+  return query.split(/\s+/).filter((tok) => tok.length > 0).map((tok) => `"${tok.replace(/"/g, '""')}"`).join(" ");
+}
+function searchIndexPath(projectPath) {
+  return path17.join(projectPath, ".harness", SEARCH_INDEX_FILE);
+}
+var FILE_KIND_TO_FILENAME = {
+  summary: "summary.md",
+  learnings: "learnings.md",
+  failures: "failures.md",
+  sections: "session-sections.md",
+  llm_summary: "llm-summary.md"
+};
+var SqliteSearchIndex = class {
+  db;
+  upsertStmt;
+  removeSessionStmt;
+  totalStmt;
+  constructor(dbPath) {
+    fs15.mkdirSync(path17.dirname(dbPath), { recursive: true });
+    this.db = new Database2(dbPath);
+    this.db.pragma("journal_mode = WAL");
+    this.db.pragma("synchronous = NORMAL");
+    this.db.exec(SCHEMA_SQL2);
+    this.upsertStmt = this.db.prepare(
+      `INSERT INTO session_docs (session_id, archived, file_kind, path, mtime_ms, body)
+       VALUES (@sessionId, @archived, @fileKind, @path, @mtimeMs, @body)
+       ON CONFLICT(session_id, archived, file_kind) DO UPDATE SET
+         path = excluded.path,
+         mtime_ms = excluded.mtime_ms,
+         body = excluded.body`
+    );
+    this.removeSessionStmt = this.db.prepare(`DELETE FROM session_docs WHERE session_id = ?`);
+    this.totalStmt = this.db.prepare(`SELECT COUNT(*) AS n FROM session_docs`);
+  }
+  upsertSessionDoc(doc) {
+    this.upsertStmt.run({
+      sessionId: doc.sessionId,
+      archived: doc.archived ? 1 : 0,
+      fileKind: doc.fileKind,
+      path: doc.path,
+      mtimeMs: Math.floor(doc.mtimeMs),
+      body: doc.body
+    });
+  }
+  removeSession(sessionId) {
+    const info = this.removeSessionStmt.run(sessionId);
+    return info.changes;
+  }
+  /**
+   * Drop all `archived=1` rows. Used by `reindexFromArchive` before a full
+   * re-walk. Live (archived=0) rows are preserved.
+   */
+  resetArchived() {
+    this.db.prepare(`DELETE FROM session_docs WHERE archived = 1`).run();
+  }
+  /** Total rows currently indexed (across both live and archived). */
+  totalIndexed() {
+    const row = this.totalStmt.get();
+    return row.n;
+  }
+  /**
+   * Ranked FTS5 query. Returns BM25-sorted matches. The `query` is passed to
+   * FTS5 as-is; FTS5 syntax (phrases with quotes, AND/OR/NOT, `column:term`)
+   * is therefore the user-facing language. Errors from malformed queries
+   * surface as thrown `SqliteError` so the CLI can catch + render them.
+   */
+  search(query, opts = {}) {
+    const limit = opts.limit ?? DEFAULT_LIMIT;
+    const filters = [];
+    const params = { q: normalizeFts5Query(query), limit };
+    if (opts.archivedOnly) {
+      filters.push("d.archived = 1");
+    }
+    const fileKinds = opts.fileKinds && opts.fileKinds.length > 0 ? opts.fileKinds : null;
+    if (fileKinds) {
+      const placeholders = fileKinds.map((_, i) => `@fk${i}`).join(", ");
+      filters.push(`d.file_kind IN (${placeholders})`);
+      fileKinds.forEach((k, i) => {
+        params[`fk${i}`] = k;
+      });
+    }
+    const whereClause = filters.length > 0 ? `AND ${filters.join(" AND ")}` : "";
+    const sql = `
+      SELECT
+        d.session_id   AS sessionId,
+        d.archived     AS archived,
+        d.file_kind    AS fileKind,
+        d.path         AS path,
+        bm25(session_docs_fts) AS bm25,
+        snippet(session_docs_fts, 0, '\u2026', '\u2026', '\u2026', 16) AS snippet
+      FROM session_docs_fts
+      JOIN session_docs d ON d.id = session_docs_fts.rowid
+      WHERE session_docs_fts MATCH @q
+        ${whereClause}
+      ORDER BY bm25 ASC
+      LIMIT @limit
+    `;
+    const start = Date.now();
+    const rows = this.db.prepare(sql).all(params);
+    const durationMs = Date.now() - start;
+    const matches = rows.map((r) => ({
+      sessionId: r.sessionId,
+      archived: r.archived === 1,
+      fileKind: r.fileKind,
+      path: r.path,
+      bm25: r.bm25,
+      snippet: r.snippet
+    }));
+    return { matches, durationMs, totalIndexed: this.totalIndexed() };
+  }
+  close() {
+    this.db.close();
+  }
+};
+function openSearchIndex(projectPath) {
+  return new SqliteSearchIndex(searchIndexPath(projectPath));
+}
+function indexSessionDirectory(idx, args) {
+  const kinds = args.fileKinds ?? [...INDEXED_FILE_KINDS];
+  const cap = args.maxBytesPerBody ?? 256 * 1024;
+  let docsWritten = 0;
+  for (const kind of kinds) {
+    const fileName = FILE_KIND_TO_FILENAME[kind];
+    const filePath = path17.join(args.sessionDir, fileName);
+    if (!fs15.existsSync(filePath)) continue;
+    let body = fs15.readFileSync(filePath, "utf8");
+    if (Buffer.byteLength(body, "utf8") > cap) {
+      body = body.slice(0, cap) + "\n\n[TRUNCATED]";
+    }
+    const stat = fs15.statSync(filePath);
+    const relPath = path17.relative(args.projectPath, filePath).replaceAll("\\", "/");
+    idx.upsertSessionDoc({
+      sessionId: args.sessionId,
+      archived: args.archived,
+      fileKind: kind,
+      path: relPath,
+      mtimeMs: stat.mtimeMs,
+      body
+    });
+    docsWritten++;
+  }
+  return { docsWritten };
+}
+function reindexFromArchive(projectPath, opts = {}) {
+  const start = Date.now();
+  const archiveBase = path17.join(projectPath, ".harness", "archive", "sessions");
+  const idx = openSearchIndex(projectPath);
+  try {
+    idx.resetArchived();
+    let sessionsIndexed = 0;
+    let docsWritten = 0;
+    if (fs15.existsSync(archiveBase)) {
+      const entries = fs15.readdirSync(archiveBase, { withFileTypes: true });
+      for (const entry of entries) {
+        if (!entry.isDirectory()) continue;
+        const sessionDir = path17.join(archiveBase, entry.name);
+        const result = indexSessionDirectory(idx, {
+          sessionId: entry.name,
+          sessionDir,
+          archived: true,
+          projectPath,
+          ...opts.fileKinds && { fileKinds: opts.fileKinds },
+          ...opts.maxBytesPerBody !== void 0 && { maxBytesPerBody: opts.maxBytesPerBody }
+        });
+        if (result.docsWritten > 0) sessionsIndexed++;
+        docsWritten += result.docsWritten;
+      }
+    }
+    return { sessionsIndexed, docsWritten, durationMs: Date.now() - start };
+  } finally {
+    idx.close();
+  }
+}
+// src/sessions/summarize.ts
+import * as fs16 from "fs";
+import * as path18 from "path";
+import {
+  SessionSummarySchema
+} from "@harness-engineering/types";
+import { Ok as Ok23, Err as Err20 } from "@harness-engineering/types";
+var LLM_SUMMARY_FILE = "llm-summary.md";
+var SUMMARY_INPUT_FILES = [
+  { filename: "summary.md", kind: "summary" },
+  { filename: "learnings.md", kind: "learnings" },
+  { filename: "failures.md", kind: "failures" },
+  { filename: "session-sections.md", kind: "sections" }
+];
+var DEFAULT_INPUT_BUDGET_TOKENS = 16e3;
+var DEFAULT_TIMEOUT_MS4 = 6e4;
+var CHARS_PER_TOKEN = 4;
+var SYSTEM_PROMPT = `You produce concise, structured retrospectives of completed harness-engineering sessions.
+Read the session's archived markdown files and emit a JSON object that conforms exactly to the provided schema. Be specific and grounded \u2014 quote artefacts (file names, skill names, error messages) verbatim when relevant. Do not invent. If a field has no content, return an empty array.`;
+var USER_PROMPT_PREAMBLE = `Below are the archived files for a single harness-engineering session. Produce a structured summary capturing:
+- headline: one-sentence retrospective (\u2264 120 chars)
+- keyOutcomes: concrete things that shipped / decisions made (\u2264 20 strings)
+- openQuestions: items still open (\u2264 20 strings)
+- relatedSessions: other session slugs referenced (may be empty)
+---
+`;
+function readInputCorpus(archiveDir) {
+  const parts = [];
+  for (const { filename, kind } of SUMMARY_INPUT_FILES) {
+    const p = path18.join(archiveDir, filename);
+    if (!fs16.existsSync(p)) continue;
+    try {
+      const content = fs16.readFileSync(p, "utf8");
+      if (content.trim().length === 0) continue;
+      parts.push(`## FILE: ${kind}
+${content.trim()}`);
+    } catch {
+    }
+  }
+  return parts.join("\n\n");
+}
+function truncateForBudget(text, inputBudgetTokens) {
+  const cap = Math.max(0, inputBudgetTokens * CHARS_PER_TOKEN);
+  if (text.length <= cap) return text;
+  return text.slice(0, cap) + "\n\n[TRUNCATED \u2014 input exceeded token budget]";
+}
+function renderLlmSummaryMarkdown(summary, meta) {
+  const lines = [
+    "---",
+    `generatedAt: ${meta.generatedAt}`,
+    `model: ${meta.model}`,
+    `inputTokens: ${meta.inputTokens}`,
+    `outputTokens: ${meta.outputTokens}`,
+    `schemaVersion: ${meta.schemaVersion}`,
+    "---",
+    "",
+    "## Headline",
+    summary.headline,
+    "",
+    "## Key outcomes"
+  ];
+  if (summary.keyOutcomes.length === 0) {
+    lines.push("_(none)_");
+  } else {
+    for (const item of summary.keyOutcomes) lines.push(`- ${item}`);
+  }
+  lines.push("", "## Open questions");
+  if (summary.openQuestions.length === 0) {
+    lines.push("_(none)_");
+  } else {
+    for (const item of summary.openQuestions) lines.push(`- ${item}`);
+  }
+  lines.push("", "## Related sessions");
+  if (summary.relatedSessions.length === 0) {
+    lines.push("_(none)_");
+  } else {
+    for (const item of summary.relatedSessions) lines.push(`- ${item}`);
+  }
+  lines.push("");
+  return lines.join("\n");
+}
+function writeStubMarkdown(archiveDir, reason) {
+  const filePath = path18.join(archiveDir, LLM_SUMMARY_FILE);
+  const body = `---
+generatedAt: ${(/* @__PURE__ */ new Date()).toISOString()}
+schemaVersion: 1
+status: failed
+---
+## Summary unavailable
+- reason: ${reason}
+`;
+  fs16.writeFileSync(filePath, body, "utf8");
+  return filePath;
+}
+async function summarizeArchivedSession(ctx) {
+  const writeStubOnError = ctx.writeStubOnError ?? true;
+  if (!fs16.existsSync(ctx.archiveDir)) {
+    return Err20(new Error(`archive directory not found: ${ctx.archiveDir}`));
+  }
+  const corpus = readInputCorpus(ctx.archiveDir);
+  if (corpus.trim().length === 0) {
+    return Err20(new Error(`no summary input files found in ${ctx.archiveDir}`));
+  }
+  const inputBudgetTokens = ctx.config?.inputBudgetTokens ?? DEFAULT_INPUT_BUDGET_TOKENS;
+  const truncated = truncateForBudget(corpus, inputBudgetTokens);
+  const prompt = USER_PROMPT_PREAMBLE + truncated;
+  const timeoutMs = ctx.config?.timeoutMs ?? DEFAULT_TIMEOUT_MS4;
+  const analyzeOpts = {
+    prompt,
+    systemPrompt: SYSTEM_PROMPT,
+    responseSchema: SessionSummarySchema,
+    ...ctx.config?.model && { model: ctx.config.model }
+  };
+  let response;
+  try {
+    response = await Promise.race([
+      ctx.provider.analyze(analyzeOpts),
+      new Promise(
+        (_, reject) => setTimeout(
+          () => reject(new Error(`provider call timed out after ${timeoutMs}ms`)),
+          timeoutMs
+        )
+      )
+    ]);
+  } catch (e) {
+    const reason = e instanceof Error ? e.message : String(e);
+    ctx.logger?.warn?.("session summary: provider call failed", { reason });
+    let stubPath;
+    if (writeStubOnError) {
+      try {
+        stubPath = writeStubMarkdown(ctx.archiveDir, reason);
+      } catch {
+      }
+    }
+    return Err20(
+      new Error(`session summary failed: ${reason}` + (stubPath ? ` (stub: ${stubPath})` : ""))
+    );
+  }
+  const parsed = SessionSummarySchema.safeParse(response.result);
+  if (!parsed.success) {
+    const reason = `schema validation failed: ${parsed.error.message}`;
+    ctx.logger?.warn?.("session summary: invalid provider payload", { reason });
+    if (writeStubOnError) {
+      try {
+        writeStubMarkdown(ctx.archiveDir, reason);
+      } catch {
+      }
+    }
+    return Err20(new Error(reason));
+  }
+  const meta = {
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    model: response.model,
+    inputTokens: response.tokenUsage.inputTokens,
+    outputTokens: response.tokenUsage.outputTokens,
+    schemaVersion: 1
+  };
+  const filePath = path18.join(ctx.archiveDir, LLM_SUMMARY_FILE);
+  const body = renderLlmSummaryMarkdown(parsed.data, meta);
+  fs16.writeFileSync(filePath, body, "utf8");
+  return Ok23({ summary: parsed.data, meta, filePath });
+}
+function isSummaryEnabled(config) {
+  if (!config) return false;
+  if (config.enabled === false) return false;
+  return true;
+}
+// src/sessions/archive-hooks.ts
+var defaultLogger = {
+  warn: (msg, meta) => console.warn(`[sessions] ${msg}`, meta)
+};
+async function runSummaryStep(opts, logger, sessionId, archiveDir) {
+  const enabled = isSummaryEnabled(opts.config?.summary) && opts.provider != null;
+  if (!enabled || !opts.provider) return;
+  const ctx = {
+    archiveDir,
+    provider: opts.provider,
+    ...opts.config?.summary && { config: opts.config.summary },
+    ...logger && { logger }
+  };
+  try {
+    const result = await summarizeArchivedSession(ctx);
+    if (!result.ok) {
+      logger.warn?.("session summary: failed", {
+        sessionId,
+        error: result.error.message
+      });
+    }
+  } catch (e) {
+    logger.warn?.("session summary: threw", {
+      sessionId,
+      error: e instanceof Error ? e.message : String(e)
+    });
+  }
+}
+function runIndexStep(opts, logger, sessionId, archiveDir) {
+  try {
+    const idx = openSearchIndex(opts.projectPath);
+    try {
+      const result = indexSessionDirectory(idx, {
+        sessionId,
+        sessionDir: archiveDir,
+        archived: true,
+        projectPath: opts.projectPath,
+        ...opts.config?.search?.indexedFileKinds && {
+          fileKinds: opts.config.search.indexedFileKinds
+        },
+        ...opts.config?.search?.maxIndexBytesPerFile !== void 0 && {
+          maxBytesPerBody: opts.config.search.maxIndexBytesPerFile
+        }
+      });
+      if (result.docsWritten === 0) {
+        logger.warn?.("session index: no docs written", { sessionId, archiveDir });
+      }
+    } finally {
+      idx.close();
+    }
+  } catch (e) {
+    logger.warn?.("session index: failed", {
+      sessionId,
+      error: e instanceof Error ? e.message : String(e)
+    });
+  }
+}
+function buildArchiveHooks(opts) {
+  const logger = opts.logger ?? defaultLogger;
+  return {
+    async onArchived({ sessionId, archiveDir }) {
+      await runSummaryStep(opts, logger, sessionId, archiveDir);
+      runIndexStep(opts, logger, sessionId, archiveDir);
+    }
+  };
+}
 export {
   AnalysisArchive,
   BackendRouter,
@@ -11227,6 +12635,10 @@ export {
   PromptRenderer,
   RETRY_DELAYS_MS,
   RoadmapTrackerAdapter,
+  SinkConfigError,
+  SinkRegistry,
+  SlackSink,
+  SqliteSearchIndex,
   StreamRecorder,
   TokenStore,
   WebhookQueue,
@@ -11235,6 +12647,7 @@ export {
   WorkspaceManager,
   applyEvent,
   artifactPresenceFromIssue,
+  buildArchiveHooks,
   calculateRetryDelay,
   canDispatch,
   computeRateLimitDelay,
@@ -11246,20 +12659,31 @@ export {
   getAvailableSlots,
   getDefaultConfig,
   getPerStateCount,
+  indexSessionDirectory,
   isEligible,
+  isSummaryEnabled,
   launchTUI,
   loadPublishedIndex,
   migrateAgentConfig,
+  normalizeFts5Query,
+  openSearchIndex,
   reconcile,
+  reindexFromArchive,
   renderAnalysisComment,
+  renderLlmSummaryMarkdown,
   renderPRComment,
   resolveEscalationConfig,
   resolveOrchestratorId,
   routeIssue,
   savePublishedIndex,
+  searchIndexPath,
   selectCandidates,
   sortCandidates,
+  summarizeArchivedSession,
   syncMain,
   triageIssue,
-  validateWorkflowConfig
+  truncateForBudget,
+  validateWorkflowConfig,
+  wireNotificationSinks,
+  wrapAsEnvelope
 };