@ijfw/memory-server 1.4.1 → 1.4.4

package/src/server.js

@@ -55,6 +55,168 @@ import {
   logPermissionEvent,
   toolNameToActionTarget,
 } from './runtime-mediator.js';
+// B16/SEC-M-03 — quota tracker. The combined permission+quota gate lives
+// here in server.js (NOT runtime-mediator.js, which is primitives-only).
+import { checkAndIncrement as quotaCheckAndIncrement } from './extension-quota-tracker.js';
+import { findInstalledManifest } from './active-extension-writer.js';
+
+/**
+ * Combined permission + quota gate (SEC-M-03).
+ *
+ * Single enforcement site for the MCP tool dispatch. Replaces the inline
+ * `checkPermission` block. Exported so `test-server-quota-integration.js` can
+ * exercise the gate directly without spinning a full MCP server.
+ *
+ * Back-compat: when `activeExt === null` (no active extension), returns
+ * `{ allowed: true }` immediately — preserves bundled-IJFW behavior.
+ *
+ * Per-tool quota dimension mapping:
+ *   - ijfw_memory_store → bytes_written (sum of stored payload string lengths)
+ *   - ijfw_run with tool:write|edit|bash → files_written + bytes_written
+ *   - wall_clock_ms: checked-not-incremented on every tool call
+ *
+ * @returns {Promise<{ allowed: boolean, response?: object, dimension?: string, current?: number, limit?: number, reason?: string }>}
+ */
+export async function gatePermissionAndQuota({ toolName, args, activeExt, home, manifestQuotas }) {
+  if (activeExt === null || activeExt === undefined) {
+    return { allowed: true };
+  }
+  const mapping = toolNameToActionTarget(toolName, args || {});
+  if (!mapping) {
+    return { allowed: true };
+  }
+  const permCheck = checkPermission(mapping.action, mapping.target, activeExt);
+  if (!permCheck.allowed) {
+    // Log permission deny — preserves the v1.4.1 audit-trail behavior.
+    await logPermissionEvent({
+      tool: toolName,
+      extension: activeExt && activeExt.name ? activeExt.name : null,
+      action: mapping.action,
+      target: mapping.target,
+      allowed: false,
+      reason: permCheck.reason,
+      ts: new Date().toISOString(),
+    }).catch(() => {});
+    return {
+      allowed: false,
+      reason: permCheck.reason,
+      response: {
+        content: [{ type: 'text', text: `extension permission denied: ${permCheck.reason}` }],
+        isError: true,
+      },
+    };
+  }
+
+  // Quota enforcement only kicks in when the active extension declared quotas.
+  // Manifest quotas are passed in by the caller (resolved from the installed
+  // extension manifest). When manifestQuotas is missing/empty, this short-
+  // circuits — back-compat path.
+  const quotas = manifestQuotas && typeof manifestQuotas === 'object' ? manifestQuotas : {};
+  const limits = {
+    files_written: typeof quotas.max_files_written === 'number' ? quotas.max_files_written : null,
+    bytes_written: typeof quotas.max_bytes_written === 'number' ? quotas.max_bytes_written : null,
+    wall_clock_ms: typeof quotas.max_wall_clock_ms === 'number' ? quotas.max_wall_clock_ms : null,
+  };
+
+  // wall_clock_ms — always checked (no-op if limit is null).
+  if (limits.wall_clock_ms !== null) {
+    const wc = await quotaCheckAndIncrement(activeExt.name, 'wall_clock_ms', 0, limits.wall_clock_ms, { homeDir: home });
+    if (!wc.allowed) {
+      const reason = `quota:wall_clock_ms ${wc.current}/${wc.limit}`;
+      await logPermissionEvent({
+        tool: toolName, extension: activeExt.name, action: mapping.action, target: mapping.target,
+        allowed: false, reason, ts: new Date().toISOString(),
+      }).catch(() => {});
+      return {
+        allowed: false, dimension: 'wall_clock_ms', current: wc.current, limit: wc.limit, reason,
+        response: {
+          content: [{ type: 'text', text: `extension "${activeExt.name}" exceeded quota wall_clock_ms (${wc.current}/${wc.limit})` }],
+          isError: true,
+        },
+      };
+    }
+  }
+
+  // Per-tool counter mapping.
+  let inc = null;
+  if (toolName === 'ijfw_memory_store') {
+    let payloadBytes = 0;
+    try {
+      if (args && typeof args.content === 'string') payloadBytes += args.content.length;
+      if (args && typeof args.context === 'string') payloadBytes += args.context.length;
+    } catch { /* defensive */ }
+    inc = { dim: 'bytes_written', count: payloadBytes, limit: limits.bytes_written, path: null };
+  } else if (toolName === 'ijfw_run') {
+    // Only run-with-write-tools consume files/bytes quota. We sniff the
+    // command for a `tool:write|edit|bash|notebookedit` leading token and
+    // an inline path arg (best-effort; absolute path is used for dedupe).
+    const cmd = args && typeof args.command === 'string' ? args.command : '';
+    const m = cmd.match(/^\s*tool:(write|edit|bash|notebookedit)\b/i);
+    if (m) {
+      // Pull first absolute-looking path arg, if any.
+      const pm = cmd.match(/\b(\/[^\s'"]+|[A-Za-z]:\\[^\s'"]+)/);
+      const absPath = pm ? pm[1] : null;
+      const sizeArg = args && typeof args.input === 'string' ? args.input.length : 0;
+      inc = { dim: 'files_written', count: 1, limit: limits.files_written, path: absPath, bytesCount: sizeArg, bytesLimit: limits.bytes_written };
+    }
+  }
+
+  if (inc !== null) {
+    if (inc.limit !== null) {
+      const r = await quotaCheckAndIncrement(activeExt.name, inc.dim, inc.count, inc.limit, { homeDir: home, path: inc.path });
+      if (!r.allowed) {
+        const reason = `quota:${inc.dim} ${r.current + inc.count}/${r.limit}`;
+        await logPermissionEvent({
+          tool: toolName, extension: activeExt.name, action: mapping.action, target: mapping.target,
+          allowed: false, reason, ts: new Date().toISOString(),
+        }).catch(() => {});
+        return {
+          allowed: false, dimension: inc.dim, current: r.current, limit: r.limit, reason,
+          response: {
+            content: [{ type: 'text', text: `extension "${activeExt.name}" exceeded quota ${inc.dim} (${r.current + inc.count}/${r.limit})` }],
+            isError: true,
+          },
+        };
+      }
+    }
+    // Bytes side-counter (paired with files_written for ijfw_run write tools).
+    if (inc.bytesLimit !== null && typeof inc.bytesCount === 'number' && inc.bytesCount > 0) {
+      const r2 = await quotaCheckAndIncrement(activeExt.name, 'bytes_written', inc.bytesCount, inc.bytesLimit, { homeDir: home });
+      if (!r2.allowed) {
+        const reason = `quota:bytes_written ${r2.current + inc.bytesCount}/${r2.limit}`;
+        await logPermissionEvent({
+          tool: toolName, extension: activeExt.name, action: mapping.action, target: mapping.target,
+          allowed: false, reason, ts: new Date().toISOString(),
+        }).catch(() => {});
+        return {
+          allowed: false, dimension: 'bytes_written', current: r2.current, limit: r2.limit, reason,
+          response: {
+            content: [{ type: 'text', text: `extension "${activeExt.name}" exceeded quota bytes_written (${r2.current + inc.bytesCount}/${r2.limit})` }],
+            isError: true,
+          },
+        };
+      }
+    }
+  }
+
+  return { allowed: true };
+}
+
+/**
+ * Resolve `manifest.quotas` for the currently active extension by reading the
+ * installed manifest. Best-effort: returns {} if the installed manifest can't
+ * be found.
+ */
+async function resolveActiveManifestQuotas(activeExt, projectRoot, home) {
+  if (!activeExt || !activeExt.name) return {};
+  try {
+    const r = await findInstalledManifest(activeExt.name, projectRoot, { homeDir: home });
+    if (r && r.ok && r.manifest && r.manifest.quotas && typeof r.manifest.quotas === 'object') {
+      return r.manifest.quotas;
+    }
+  } catch { /* best-effort */ }
+  return {};
+}
 const SANDBOX_DIR = join(process.env.HOME || homedir(), '.ijfw', 'session-sandbox');
 
 // --- Constants ---
@@ -1285,24 +1447,22 @@ function handleMessage(msg) {
           activeExt = { __malformed: true };
         }
         if (activeExt !== null) {
-          const mapping = toolNameToActionTarget(name, args || {});
-          if (mapping) {
-            const check = checkPermission(mapping.action, mapping.target, activeExt);
-            if (!check.allowed) {
-              await logPermissionEvent({
-                tool: name,
-                extension: activeExt && activeExt.name ? activeExt.name : null,
-                action: mapping.action,
-                target: mapping.target,
-                allowed: false,
-                reason: check.reason,
-                ts: new Date().toISOString(),
-              }).catch(() => {});
-              return createResponse(id, {
-                content: [{ type: 'text', text: `extension permission denied: ${check.reason}` }],
-                isError: true,
-              });
-            }
+          // B16/SEC-M-03: combined permission + quota gate via exported helper.
+          const home = process.env.HOME || process.env.USERPROFILE || homedir();
+          const manifestQuotas = await resolveActiveManifestQuotas(
+            activeExt,
+            (args && typeof args.projectRoot === 'string') ? args.projectRoot : undefined,
+            home,
+          );
+          const gate = await gatePermissionAndQuota({
+            toolName: name,
+            args: args || {},
+            activeExt,
+            home,
+            manifestQuotas,
+          });
+          if (!gate.allowed && gate.response) {
+            return createResponse(id, gate.response);
           }
         }
         switch (name) {
@@ -1503,4 +1663,6 @@ process.on('unhandledRejection', (err) => {
 });
 
 // Export for tests (Node ESM allows this -- only consumed when imported, not on stdio run)
+// gatePermissionAndQuota is exported inline at its declaration above (B16/SEC-M-03)
+// so test-server-quota-integration.js can drive it without spinning a server.
 export { sanitizeContent, atomicWrite, readMarkdownFile, PROJECT_HASH };

package/src/swarm-config.js

@@ -12,6 +12,9 @@ import { join } from 'node:path';
 export const SCHEMA = {
   project_type: 'string',
   specialists: [{ id: 'string', role: 'string', agent_type: 'string' }],
+  // v1.4.4 N10: auditor roster for phase-e-auto
+  auditors: ['string'],       // roster IDs to use for Cross-Audit Phase; default ['codex','gemini','claude']
+  auditor_count: 'number',    // number of lenses; default 3
 };
 
 const BASE = [
@@ -22,13 +25,20 @@ const BASE = [
 const TESTS_SPECIALIST = { id: 'tests', role: 'Test coverage', agent_type: 'pr-test-analyzer' };
 const TYPES_SPECIALIST = { id: 'types', role: 'Type invariants', agent_type: 'type-design-analyzer' };
 
+// v1.4.4 N6 — 5 specialist agents addressing v1.4.3 build pain points
+const DOC_VERIFIER     = { id: 'doc-verifier',       role: 'Doc accuracy',       agent_type: 'ijfw-doc-verifier' };
+const PATTERN_MAPPER   = { id: 'pattern-mapper',     role: 'Onboarding patterns', agent_type: 'ijfw-pattern-mapper' };
+const SECURITY_AUDITOR = { id: 'security-auditor',   role: 'Security mitigations', agent_type: 'ijfw-security-auditor' };
+const INTEGRATION_CHECKER = { id: 'integration-checker', role: 'E2E flow verification', agent_type: 'ijfw-integration-checker' };
+const NYQUIST_AUDITOR  = { id: 'nyquist-auditor',    role: 'Coverage gaps',      agent_type: 'ijfw-nyquist-auditor' };
+
 export const DEFAULT_SPECIALISTS = {
-  node:   [...BASE, TESTS_SPECIALIST],
-  python: [...BASE, TESTS_SPECIALIST],
-  typed:  [...BASE, TESTS_SPECIALIST, TYPES_SPECIALIST],
-  go:     [...BASE],
-  rust:   [...BASE],
-  other:  [...BASE],
+  node:   [...BASE, TESTS_SPECIALIST, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
+  python: [...BASE, TESTS_SPECIALIST, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
+  typed:  [...BASE, TESTS_SPECIALIST, TYPES_SPECIALIST, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
+  go:     [...BASE, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
+  rust:   [...BASE, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
+  other:  [...BASE, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR],
 };
 
 // Detects project type from filesystem signals in projectDir.
@@ -51,10 +61,22 @@ export function detectProjectType(projectDir) {
   return 'other';
 }
 
+// Default auditor IDs for Cross-Audit Phase (N10).
+export const DEFAULT_AUDITORS = ['codex', 'gemini', 'claude'];
+export const DEFAULT_AUDITOR_COUNT = 3;
+
+// Merge v1.4.4 N10 defaults into a raw config object (non-destructive).
+function applySwarmDefaults(config) {
+  const out = { ...config };
+  if (!Array.isArray(out.auditors)) out.auditors = [...DEFAULT_AUDITORS];
+  if (typeof out.auditor_count !== 'number' || out.auditor_count < 1) out.auditor_count = DEFAULT_AUDITOR_COUNT;
+  return out;
+}
+
 // Returns a fresh default config object for the given project type.
 function buildDefault(projectType) {
   const specialists = DEFAULT_SPECIALISTS[projectType] ?? DEFAULT_SPECIALISTS.other;
-  return { project_type: projectType, specialists: specialists.map(s => ({ ...s })) };
+  return applySwarmDefaults({ project_type: projectType, specialists: specialists.map(s => ({ ...s })) });
 }
 
 // Reads .ijfw/swarm.json if present, otherwise detects type, generates
@@ -63,7 +85,9 @@ export function loadSwarmConfig(projectDir) {
   const swarmPath = join(projectDir, '.ijfw', 'swarm.json');
 
   if (existsSync(swarmPath)) {
-    return JSON.parse(readFileSync(swarmPath, 'utf8'));
+    const raw = JSON.parse(readFileSync(swarmPath, 'utf8'));
+    // Merge defaults for v1.4.4 N10 fields so older swarm.json files work.
+    return applySwarmDefaults(raw);
   }
 
   const projectType = detectProjectType(projectDir);