@matheuskrumenauer/tanya 0.5.0-beta.0 → 0.7.0-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +52 -3
- package/dist/cli.js +2119 -473
- package/dist/cli.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -114,6 +114,43 @@ The workspace state directory remains `.tania/` for historical compatibility.
|
|
|
114
114
|
Existing run logs, context files, artifact materialization, and memory files are
|
|
115
115
|
not moved or renamed.
|
|
116
116
|
|
|
117
|
+
## Permissions
|
|
118
|
+
|
|
119
|
+
Tanya has an opt-in pre-execution permission layer for native tools and
|
|
120
|
+
project-local slash commands. The default mode in v0.x is `bypass` so existing
|
|
121
|
+
automation keeps full access until a workspace opts in.
|
|
122
|
+
|
|
123
|
+
Modes:
|
|
124
|
+
|
|
125
|
+
- `bypass` skips gating and logs decisions for audit.
|
|
126
|
+
- `default` applies configured rules; unmatched calls are allowed.
|
|
127
|
+
- `ask` applies configured rules; unmatched calls prompt the host.
|
|
128
|
+
- `plan` denies all tool execution so the model must respond with text only.
|
|
129
|
+
|
|
130
|
+
Rules live in `~/.tanya/permissions.json` for user scope and
|
|
131
|
+
`.tania/permissions.json` for project scope. Project rules merge over user
|
|
132
|
+
rules. A minimal deny rule:
|
|
133
|
+
|
|
134
|
+
```json
|
|
135
|
+
{
|
|
136
|
+
"version": 1,
|
|
137
|
+
"mode": "default",
|
|
138
|
+
"alwaysDeny": ["run_shell:.*rm -rf.*"]
|
|
139
|
+
}
|
|
140
|
+
```
|
|
141
|
+
|
|
142
|
+
Generate a starter config from recent runs:
|
|
143
|
+
|
|
144
|
+
```bash
|
|
145
|
+
tanya permissions migrate --cwd . > .tania/permissions.suggested.json
|
|
146
|
+
```
|
|
147
|
+
|
|
148
|
+
Spend rules can gate projected token or USD budgets before a tool runs. For
|
|
149
|
+
example, `/cost --enforce --max-usd 0.50` writes a session-scoped rule.
|
|
150
|
+
|
|
151
|
+
See [docs/permissions.md](./docs/permissions.md) for the full schema,
|
|
152
|
+
precedence, audit log, and worked examples.
|
|
153
|
+
|
|
117
154
|
## Commands
|
|
118
155
|
|
|
119
156
|
```bash
|
|
@@ -158,8 +195,8 @@ Project-local commands live in `.tania/commands/*.{js,ts,sh}` and appear in
|
|
|
158
195
|
run directly; JavaScript and TypeScript commands export a default
|
|
159
196
|
`CommandDefinition`.
|
|
160
197
|
|
|
161
|
-
Project-local commands are arbitrary code execution
|
|
162
|
-
|
|
198
|
+
Project-local commands are arbitrary code execution and are gated by the same
|
|
199
|
+
permission engine as native tools.
|
|
163
200
|
|
|
164
201
|
`--verify` adds required verification commands to the run context. Tanya must run and report each exact command before finishing the coding task.
|
|
165
202
|
|
|
@@ -208,12 +245,24 @@ Tanya handles context pressure as a cascade instead of truncating abruptly:
|
|
|
208
245
|
1. Microcompact folds empty/no-op tool-call pairs in place.
|
|
209
246
|
2. Snip removes low-signal history such as duplicate file reads and empty read-only tool results.
|
|
210
247
|
3. Auto-compact reacts to provider `413` / context-window errors by summarizing older turns into a `[compaction summary: ...]` system message and retrying once normally, then once more aggressively.
|
|
211
|
-
4. Archive writes compacted messages to `.
|
|
248
|
+
4. Archive writes compacted messages to `.tania/runs/<runId>/archive.jsonl` before they leave live history, so verifier scans and future memory tools can still inspect them.
|
|
212
249
|
|
|
213
250
|
Runs are capped at three total auto-compactions. If the provider still rejects the context, Tanya raises `CompactionExhaustedError` and asks the user to narrow the task, clear the session, or split the work.
|
|
214
251
|
|
|
215
252
|
See [docs/long-sessions.md](./docs/long-sessions.md) for details.
|
|
216
253
|
|
|
254
|
+
## Token economy
|
|
255
|
+
|
|
256
|
+
Tanya trims model-visible tokens while keeping state reversible and auditable.
|
|
257
|
+
|
|
258
|
+
- Lite prompts can be enabled with `TANYA_LITE_PROMPT=1` for cheap-provider exploration turns. The legacy `TANIA_LITE_PROMPT` alias is still accepted.
|
|
259
|
+
- System prompts are automatically capped to the active provider context window. Tune the default 25% cap with `TANYA_PROMPT_BUDGET_RATIO`.
|
|
260
|
+
- Large shell/tool outputs are shortened for the model with a visible `<truncated ...>` marker. Use `expand_result` with the marker's `tool_call_id` to fetch the full output or a byte range.
|
|
261
|
+
- Repeated unchanged `read_file` calls return a reference marker instead of resending the same content. Pass `force: true` when the agent genuinely needs the full file again.
|
|
262
|
+
- `/budget` reports token usage, cost estimates, expensive turns, and one deterministic optimization suggestion. `/budget --enforce --max-usd <amount>` persists a session spend rule through the permission engine.
|
|
263
|
+
|
|
264
|
+
See [docs/token-economy.md](./docs/token-economy.md) for the full model, cache locations, and tool-definition knobs.
|
|
265
|
+
|
|
217
266
|
Context files are generic JSON envelopes for caller-supplied task metadata, artifacts, instructions, and verification commands.
|
|
218
267
|
|
|
219
268
|
## Current Tools
|