npm - @krimto-labs/krimto - Versions diffs - 0.2.21 → 0.2.26 - Mend

@krimto-labs/krimto 0.2.21 → 0.2.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/bin/krimto.mjs +93 -3
package/package.json +1 -1
package/src/cli/cliRuntime.ts +1 -0
package/src/cli/connect.ts +36 -5
package/src/cli/deleteFact.ts +1 -0
package/src/cli/help.ts +4 -0
package/src/cli/init.ts +45 -16
package/src/cli/inspectRuntime.ts +146 -0
package/src/cli/reindex.ts +1 -0
package/src/cli/reset.ts +68 -14
package/src/cli/service.ts +100 -3
package/src/cli/setIdentity.ts +232 -0
package/src/cli/status.ts +12 -25
package/src/cli/usage.ts +3 -1
package/src/cli/verifyConnection.ts +21 -5
package/src/cli/whoami.ts +172 -0
package/src/cli/wizard.ts +4 -1
package/src/server/connect.ts +2 -1
package/src/server/index.ts +20 -1
package/src/server/lock.ts +11 -1
package/src/server/tools.ts +40 -1

package/src/cli/wizard.ts CHANGED Viewed

@@ -388,7 +388,10 @@ function printApplyResult(res: ApplyResult, io: WizardIO): void {
     }
   }
-  io.out("Restart your editor once so it picks up the new rule.\n");
+  io.out(
+    "Restart your editor once so it loads the new MCP server (the krimto_*\n" +
+      "tools won't appear in chat until you do) and picks up the standing rule.\n",
+  );
 }
 function printRefreshSummary(res: ApplyResult, io: WizardIO): void {

package/src/server/connect.ts CHANGED Viewed

@@ -74,13 +74,14 @@ export function cursorDeeplink(host: string): string {
   return `cursor://anysphere.cursor-deeplink/mcp/install?name=krimto&config=${config}`;
 }
-/** The five MCP tools Krimto exposes (kept in lockstep with src/server/index.ts registrations). */
+/** The six MCP tools Krimto exposes (kept in lockstep with src/server/index.ts registrations). */
 export const MCP_TOOL_NAMES = [
   "krimto_write",
   "krimto_recall",
   "krimto_read",
   "krimto_supersede",
   "krimto_list_scopes",
+  "krimto_whoami",
 ] as const;
 /** The transport-level contract for wiring up any MCP client we haven't shipped a verified snippet for. */

package/src/server/index.ts CHANGED Viewed

@@ -41,6 +41,7 @@ import {
   krimtoRead,
   krimtoRecall,
   krimtoSupersede,
+  krimtoWhoami,
   krimtoWrite,
   type ToolContext,
 } from "./tools";
@@ -48,7 +49,7 @@ import { type Requester } from "../access/scope";
 export type RequesterResolver = (extra: { authInfo?: AuthInfo }) => Requester;
-export const KRIMTO_VERSION = "0.2.21";
+export const KRIMTO_VERSION = "0.2.26";
 export function resolveDataDir(): string {
   return process.env.KRIMTO_DATA ?? path.join(homedir(), ".krimto");
@@ -192,6 +193,24 @@ export function buildServer(ctx: ToolContext, resolveRequester?: RequesterResolv
     },
   );
+  server.registerTool(
+    "krimto_whoami",
+    {
+      description:
+        "Report the caller's identity plus the scopes they can read and write. Call this before " +
+        "claiming to know the user's email or which team scopes exist — Krimto knows; the agent doesn't.",
+      inputSchema: {},
+    },
+    async (_args, extra) => {
+      try {
+        const requester = resolveRequester ? resolveRequester(extra) : ctx.requester;
+        return ok(await krimtoWhoami({ ...ctx, requester }));
+      } catch (e) {
+        return fail(e);
+      }
+    },
+  );
   return server;
 }

package/src/server/lock.ts CHANGED Viewed

@@ -16,11 +16,19 @@ import { promises as fs } from "node:fs";
 import * as path from "node:path";
 export type LockMode = "stdio" | "http";
+/**
+ * How this Krimto process was launched. "service" = via launchd / systemd / schtasks (the
+ * always-running setup); "ad-hoc" = direct invocation (`krimto serve`, editor-spawned stdio,
+ * tests). The service installers inject KRIMTO_LAUNCHED_BY=service into the unit env, so this
+ * field is just `process.env.KRIMTO_LAUNCHED_BY` at acquire time with a safe default.
+ */
+export type LaunchedBy = "service" | "ad-hoc";
 export interface LockInfo {
   pid: number;
   started: string;
   mode: LockMode;
+  launchedBy: LaunchedBy;
 }
 export interface LockHandle {
@@ -73,6 +81,7 @@ export async function acquireLock(dataDir: string, mode: LockMode): Promise<Lock
           pid: existing.pid,
           started: typeof existing.started === "string" ? existing.started : "unknown",
           mode: (existing.mode as LockMode) ?? "stdio",
+          launchedBy: existing.launchedBy === "service" ? "service" : "ad-hoc",
         },
         file,
       );
@@ -83,7 +92,8 @@ export async function acquireLock(dataDir: string, mode: LockMode): Promise<Lock
     // File missing / unreadable / malformed — treat as no lock and continue.
   }
-  const info: LockInfo = { pid: process.pid, started: new Date().toISOString(), mode };
+  const launchedBy: LaunchedBy = process.env.KRIMTO_LAUNCHED_BY === "service" ? "service" : "ad-hoc";
+  const info: LockInfo = { pid: process.pid, started: new Date().toISOString(), mode, launchedBy };
   await fs.writeFile(file, JSON.stringify(info, null, 2), "utf8");
   return {

package/src/server/tools.ts CHANGED Viewed

@@ -109,6 +109,20 @@ export interface SupersedeResult {
 export interface ListScopesResult {
   scopes: { path: string; fact_count: number; last_updated: string | null }[];
+  /** Present only when `scopes` is empty — tells the calling agent how to make a scope appear. */
+  hint?: string;
+}
+/**
+ * v0.2.25 — Gap 3. The smoke-6 transcript showed an agent in chat inventing a wrong identity
+ * (`lpd.themes@gmail.com` instead of `lpdthemes@gmail.com`) because it had no MCP-side way to
+ * ask "who am I writing as?". `krimto_whoami` returns the resolved identity plus the scopes
+ * the caller can read and write, so the agent never has to guess.
+ */
+export interface WhoamiResult {
+  identity: string;
+  readable_scopes: string[];
+  writable_scopes: string[];
 }
 function clock(ctx: ToolContext): Date {
@@ -329,17 +343,42 @@ export async function krimtoSupersede(
   });
 }
+/**
+ * Return the caller's identity plus the scopes they can read and write. The agent in chat uses
+ * this to avoid hallucinating identity (Gap 3 from the smoke-6 transcript audit).
+ */
+export async function krimtoWhoami(ctx: ToolContext): Promise<WhoamiResult> {
+  const readable = readableScopesFor(ctx);
+  const writable = writableScopesFor(ctx);
+  if (ctx.activity) await ctx.activity.record("krimto_whoami", ctx.requester.identity, ctx.requester.identity);
+  return {
+    identity: ctx.requester.identity,
+    readable_scopes: readable,
+    writable_scopes: writable,
+  };
+}
 /** Discover the scopes that exist and what they contain. */
 export async function krimtoListScopes(ctx: ToolContext): Promise<ListScopesResult> {
   const scopes = ctx.index.listScopes(readableScopesFor(ctx));
   if (ctx.activity) await ctx.activity.record("krimto_list_scopes", ctx.requester.identity, `${scopes.length} scope(s)`);
-  return {
+  const result: ListScopesResult = {
     scopes: scopes.map((s) => ({
       path: s.path,
       fact_count: s.factCount,
       last_updated: s.lastUpdated,
     })),
   };
+  // v0.2.24 — empty result is the #1 first-impression confuser ("Krimto must be broken").
+  // Surface the next step in the response itself, so an agent in chat can relay it verbatim
+  // instead of inventing a hallucinated explanation about "scopes aren't configured".
+  if (result.scopes.length === 0) {
+    result.hint =
+      `No scopes exist yet for ${ctx.requester.identity}. Scopes are created on the first ` +
+      `write — try krimto_write with a small fact (e.g. "we use pnpm in this repo") and ` +
+      `your user/<email> scope will appear here.`;
+  }
+  return result;
 }
 /** Build a Requester from a validated bearer token's AuthInfo (its `extra` carries identity+teams). */