npm - @ouro.bot/cli - Versions diffs - 0.1.0-alpha.34 → 0.1.0-alpha.340 - Mend

@ouro.bot/cli 0.1.0-alpha.34 → 0.1.0-alpha.340

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (314) hide show

package/README.md +188 -187
package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/agent.json +3 -2
package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/SOUL.md +1 -1
package/changelog.json +2031 -0
package/dist/arc/attention-types.js +8 -0
package/dist/arc/cares.js +140 -0
package/dist/arc/episodes.js +117 -0
package/dist/arc/intentions.js +133 -0
package/dist/arc/json-store.js +117 -0
package/dist/arc/obligations.js +237 -0
package/dist/arc/packets.js +193 -0
package/dist/arc/presence.js +185 -0
package/dist/arc/task-lifecycle.js +65 -0
package/dist/heart/active-work.js +832 -0
package/dist/heart/agent-entry.js +37 -2
package/dist/heart/attachments/image-normalize.js +194 -0
package/dist/heart/attachments/materialize.js +97 -0
package/dist/heart/attachments/originals.js +88 -0
package/dist/heart/attachments/render.js +29 -0
package/dist/heart/attachments/sources/adapter.js +2 -0
package/dist/heart/attachments/sources/bluebubbles.js +156 -0
package/dist/heart/attachments/sources/cli-local-file.js +78 -0
package/dist/heart/attachments/sources/index.js +16 -0
package/dist/heart/attachments/store.js +103 -0
package/dist/heart/attachments/types.js +93 -0
package/dist/heart/auth/auth-flow.js +463 -0
package/dist/heart/bridges/manager.js +358 -0
package/dist/heart/bridges/state-machine.js +135 -0
package/dist/heart/bridges/store.js +123 -0
package/dist/heart/bundle-state.js +168 -0
package/dist/heart/commitments.js +111 -0
package/dist/heart/config-registry.js +304 -0
package/dist/heart/config.js +53 -21
package/dist/heart/core.js +695 -195
package/dist/heart/cross-chat-delivery.js +131 -0
package/dist/heart/daemon/agent-config-check.js +292 -0
package/dist/heart/daemon/agent-discovery.js +79 -3
package/dist/heart/daemon/agent-service.js +360 -0
package/dist/heart/daemon/agentic-repair.js +170 -0
package/dist/heart/daemon/bluebubbles-health-diagnostics.js +122 -0
package/dist/heart/daemon/cadence.js +70 -0
package/dist/heart/daemon/cli-defaults.js +591 -0
package/dist/heart/daemon/cli-exec.js +2297 -0
package/dist/heart/daemon/cli-help.js +306 -0
package/dist/heart/daemon/cli-parse.js +824 -0
package/dist/heart/daemon/cli-render-doctor.js +57 -0
package/dist/heart/daemon/cli-render.js +512 -0
package/dist/heart/daemon/cli-types.js +8 -0
package/dist/heart/daemon/daemon-cli.js +30 -1171
package/dist/heart/daemon/daemon-entry.js +358 -3
package/dist/heart/daemon/daemon-health.js +141 -0
package/dist/heart/daemon/daemon-runtime-sync.js +157 -12
package/dist/heart/daemon/daemon-tombstone.js +236 -0
package/dist/heart/daemon/daemon.js +751 -58
package/dist/heart/daemon/doctor-types.js +8 -0
package/dist/heart/daemon/doctor.js +401 -0
package/dist/heart/daemon/health-monitor.js +79 -1
package/dist/heart/daemon/hooks/agent-config-v2.js +33 -0
package/dist/heart/daemon/hooks/bundle-meta.js +115 -1
package/dist/heart/daemon/http-health-probe.js +80 -0
package/dist/heart/daemon/inner-status.js +89 -0
package/dist/heart/daemon/interactive-repair.js +91 -0
package/dist/heart/daemon/launchd.js +46 -9
package/dist/heart/daemon/log-tailer.js +82 -12
package/dist/heart/daemon/logs-prune.js +105 -0
package/dist/heart/daemon/message-router.js +17 -8
package/dist/heart/daemon/os-cron-deps.js +134 -0
package/dist/heart/daemon/ouro-bot-entry.js +1 -1
package/dist/heart/daemon/process-manager.js +201 -0
package/dist/heart/daemon/provider-discovery.js +105 -0
package/dist/heart/daemon/pulse.js +463 -0
package/dist/heart/daemon/run-hooks.js +2 -0
package/dist/heart/daemon/runtime-logging.js +67 -16
package/dist/heart/daemon/runtime-metadata.js +101 -0
package/dist/heart/daemon/runtime-mode.js +67 -0
package/dist/heart/daemon/safe-mode.js +161 -0
package/dist/heart/daemon/sense-manager.js +72 -3
package/dist/heart/daemon/session-id-resolver.js +131 -0
package/dist/heart/daemon/skill-management-installer.js +94 -0
package/dist/heart/daemon/socket-client.js +307 -0
package/dist/heart/daemon/stale-bundle-prune.js +96 -0
package/dist/heart/daemon/startup-tui.js +237 -0
package/dist/heart/daemon/task-scheduler.js +3 -25
package/dist/heart/daemon/thoughts.js +510 -0
package/dist/heart/daemon/up-progress.js +135 -0
package/dist/heart/delegation.js +62 -0
package/dist/heart/habits/habit-migration.js +181 -0
package/dist/heart/habits/habit-parser.js +140 -0
package/dist/heart/habits/habit-scheduler.js +371 -0
package/dist/heart/{daemon → hatch}/hatch-flow.js +32 -120
package/dist/heart/{daemon → hatch}/hatch-specialist.js +3 -3
package/dist/heart/{daemon → hatch}/specialist-prompt.js +10 -7
package/dist/heart/{daemon → hatch}/specialist-tools.js +49 -3
package/dist/heart/identity.js +154 -59
package/dist/heart/kicks.js +2 -20
package/dist/heart/mcp/mcp-server.js +653 -0
package/dist/heart/migrate-config.js +127 -0
package/dist/heart/model-capabilities.js +59 -0
package/dist/heart/outlook/outlook-http-hooks.js +64 -0
package/dist/heart/outlook/outlook-http-response.js +7 -0
package/dist/heart/outlook/outlook-http-routes.js +232 -0
package/dist/heart/outlook/outlook-http-static.js +99 -0
package/dist/heart/outlook/outlook-http-transport.js +116 -0
package/dist/heart/outlook/outlook-http.js +99 -0
package/dist/heart/outlook/outlook-read.js +28 -0
package/dist/heart/outlook/outlook-types.js +27 -0
package/dist/heart/outlook/outlook-view.js +194 -0
package/dist/heart/outlook/readers/agent-machine.js +355 -0
package/dist/heart/outlook/readers/continuity-readers.js +332 -0
package/dist/heart/outlook/readers/runtime-readers.js +660 -0
package/dist/heart/outlook/readers/sessions.js +231 -0
package/dist/heart/outlook/readers/shared.js +111 -0
package/dist/heart/progress-story.js +42 -0
package/dist/heart/provider-failover.js +135 -0
package/dist/heart/provider-models.js +81 -0
package/dist/heart/provider-ping.js +234 -0
package/dist/heart/providers/anthropic-token.js +163 -0
package/dist/heart/providers/anthropic.js +171 -50
package/dist/heart/providers/azure.js +97 -11
package/dist/heart/providers/error-classification.js +63 -0
package/dist/heart/providers/github-copilot.js +135 -0
package/dist/heart/providers/minimax-vlm.js +189 -0
package/dist/heart/providers/minimax.js +23 -6
package/dist/heart/providers/openai-codex.js +33 -23
package/dist/heart/session-activity.js +190 -0
package/dist/heart/session-events.js +726 -0
package/dist/heart/session-recall.js +162 -0
package/dist/heart/start-of-turn-packet.js +341 -0
package/dist/heart/streaming.js +36 -27
package/dist/heart/sync.js +332 -0
package/dist/heart/target-resolution.js +127 -0
package/dist/heart/tempo.js +93 -0
package/dist/heart/temporal-view.js +41 -0
package/dist/heart/tool-activity-callbacks.js +36 -0
package/dist/heart/tool-description.js +135 -0
package/dist/heart/tool-friction.js +55 -0
package/dist/heart/tool-loop.js +200 -0
package/dist/heart/turn-context.js +358 -0
package/dist/heart/turn-coordinator.js +28 -0
package/dist/heart/{daemon → versioning}/ouro-bot-global-installer.js +1 -1
package/dist/heart/{daemon → versioning}/ouro-bot-wrapper.js +1 -1
package/dist/heart/{daemon → versioning}/ouro-path-installer.js +78 -35
package/dist/heart/versioning/ouro-version-manager.js +295 -0
package/dist/heart/{daemon → versioning}/staged-restart.js +40 -8
package/dist/heart/{daemon → versioning}/update-checker.js +12 -2
package/dist/heart/{daemon → versioning}/update-hooks.js +63 -59
package/dist/mind/associative-recall.js +137 -66
package/dist/mind/bundle-manifest.js +7 -1
package/dist/mind/context.js +89 -93
package/dist/mind/diary-integrity.js +60 -0
package/dist/mind/{memory.js → diary.js} +84 -96
package/dist/mind/embedding-provider.js +60 -0
package/dist/mind/file-state.js +179 -0
package/dist/mind/first-impressions.js +14 -1
package/dist/mind/friends/channel.js +56 -0
package/dist/mind/friends/group-context.js +144 -0
package/dist/mind/friends/resolver.js +37 -0
package/dist/mind/friends/store-file.js +58 -3
package/dist/mind/friends/trust-explanation.js +74 -0
package/dist/mind/friends/types.js +8 -0
package/dist/mind/journal-index.js +161 -0
package/dist/mind/obligation-steering.js +221 -0
package/dist/mind/pending.js +74 -7
package/dist/mind/prompt.js +999 -111
package/dist/mind/provenance-trust.js +26 -0
package/dist/mind/scrutiny.js +173 -0
package/dist/mind/token-estimate.js +8 -12
package/dist/nerves/cli-logging.js +7 -1
package/dist/nerves/coverage/audit.js +1 -1
package/dist/nerves/coverage/file-completeness.js +83 -5
package/dist/nerves/coverage/run-artifacts.js +1 -1
package/dist/nerves/event-buffer.js +111 -0
package/dist/nerves/index.js +224 -4
package/dist/nerves/observation.js +20 -0
package/dist/nerves/redact.js +79 -0
package/dist/nerves/runtime.js +5 -1
package/dist/outlook-ui/assets/index-DC7sZefn.js +61 -0
package/dist/outlook-ui/assets/index-LwChZTgL.css +1 -0
package/dist/outlook-ui/index.html +15 -0
package/dist/repertoire/ado-client.js +15 -56
package/dist/repertoire/ado-semantic.js +11 -10
package/dist/repertoire/api-client.js +97 -0
package/dist/repertoire/bitwarden-store.js +319 -0
package/dist/repertoire/bundle-templates.js +72 -0
package/dist/repertoire/bw-installer.js +79 -0
package/dist/repertoire/coding/codex-jsonl.js +64 -0
package/dist/repertoire/coding/context-pack.js +330 -0
package/dist/repertoire/coding/feedback.js +197 -30
package/dist/repertoire/coding/manager.js +158 -9
package/dist/repertoire/coding/spawner.js +55 -9
package/dist/repertoire/coding/tools.js +170 -7
package/dist/repertoire/commerce-errors.js +109 -0
package/dist/repertoire/commerce-self-test.js +156 -0
package/dist/repertoire/credential-access.js +527 -0
package/dist/repertoire/duffel-client.js +185 -0
package/dist/repertoire/github-client.js +14 -55
package/dist/repertoire/graph-client.js +11 -52
package/dist/repertoire/guardrails.js +375 -0
package/dist/repertoire/mcp-client.js +255 -0
package/dist/repertoire/mcp-manager.js +305 -0
package/dist/repertoire/mcp-tools.js +63 -0
package/dist/repertoire/shell-sessions.js +133 -0
package/dist/repertoire/skills.js +14 -23
package/dist/repertoire/stripe-client.js +131 -0
package/dist/repertoire/tasks/board.js +43 -5
package/dist/repertoire/tasks/fix.js +182 -0
package/dist/repertoire/tasks/index.js +28 -10
package/dist/repertoire/tasks/lifecycle.js +2 -2
package/dist/repertoire/tasks/parser.js +3 -2
package/dist/repertoire/tasks/scanner.js +194 -37
package/dist/repertoire/tasks/transitions.js +16 -79
package/dist/repertoire/tool-results.js +29 -0
package/dist/repertoire/tools-attachments.js +316 -0
package/dist/repertoire/tools-base.js +45 -771
package/dist/repertoire/tools-bluebubbles.js +1 -0
package/dist/repertoire/tools-bridge.js +141 -0
package/dist/repertoire/tools-bundle.js +984 -0
package/dist/repertoire/tools-config.js +185 -0
package/dist/repertoire/tools-continuity.js +248 -0
package/dist/repertoire/tools-credential.js +182 -0
package/dist/repertoire/tools-files.js +342 -0
package/dist/repertoire/tools-flight.js +224 -0
package/dist/repertoire/tools-flow.js +105 -0
package/dist/repertoire/tools-github.js +1 -7
package/dist/repertoire/tools-memory.js +376 -0
package/dist/repertoire/tools-session.js +739 -0
package/dist/repertoire/tools-shell.js +120 -0
package/dist/repertoire/tools-stripe.js +180 -0
package/dist/repertoire/tools-surface.js +243 -0
package/dist/repertoire/tools-teams.js +12 -62
package/dist/repertoire/tools-travel.js +125 -0
package/dist/repertoire/tools-user-profile.js +144 -0
package/dist/repertoire/tools-vault.js +110 -0
package/dist/repertoire/tools.js +144 -138
package/dist/repertoire/travel-api-client.js +360 -0
package/dist/repertoire/user-profile.js +118 -0
package/dist/repertoire/vault-setup.js +241 -0
package/dist/scripts/claude-code-hook.js +41 -0
package/dist/scripts/claude-code-stop-hook.js +47 -0
package/dist/senses/attention-queue.js +116 -0
package/dist/senses/bluebubbles/attachment-cache.js +53 -0
package/dist/senses/bluebubbles/attachment-download.js +137 -0
package/dist/senses/{bluebubbles-client.js → bluebubbles/client.js} +225 -9
package/dist/senses/bluebubbles/entry.js +13 -0
package/dist/senses/bluebubbles/inbound-log.js +113 -0
package/dist/senses/bluebubbles/index.js +1590 -0
package/dist/senses/{bluebubbles-media.js → bluebubbles/media.js} +121 -70
package/dist/senses/{bluebubbles-model.js → bluebubbles/model.js} +43 -12
package/dist/senses/{bluebubbles-mutation-log.js → bluebubbles/mutation-log.js} +46 -6
package/dist/senses/bluebubbles/replay.js +129 -0
package/dist/senses/bluebubbles/runtime-state.js +109 -0
package/dist/senses/{bluebubbles-session-cleanup.js → bluebubbles/session-cleanup.js} +1 -1
package/dist/senses/cli/bracketed-paste.js +82 -0
package/dist/senses/cli/image-paste.js +287 -0
package/dist/senses/cli/image-ref-navigation.js +75 -0
package/dist/senses/cli/ink-app.js +156 -0
package/dist/senses/cli/inline-diff.js +64 -0
package/dist/senses/cli/input-keys.js +174 -0
package/dist/senses/cli/kill-ring.js +86 -0
package/dist/senses/cli/message-list.js +51 -0
package/dist/senses/cli/ouro-tui.js +605 -0
package/dist/senses/cli/spinner-imperative.js +135 -0
package/dist/senses/cli/spinner.js +101 -0
package/dist/senses/cli/status-line.js +60 -0
package/dist/senses/cli/streaming-markdown.js +526 -0
package/dist/senses/cli/tool-display.js +83 -0
package/dist/senses/cli/tool-render.js +85 -0
package/dist/senses/cli/tui-store.js +240 -0
package/dist/senses/cli/virtual-list.js +35 -0
package/dist/senses/cli-entry.js +1 -1
package/dist/senses/cli-layout.js +187 -0
package/dist/senses/cli.js +595 -246
package/dist/senses/commands.js +65 -1
package/dist/senses/continuity.js +94 -0
package/dist/senses/habit-turn-message.js +108 -0
package/dist/senses/inner-dialog-worker.js +112 -19
package/dist/senses/inner-dialog.js +633 -86
package/dist/senses/pipeline.js +567 -0
package/dist/senses/shared-turn.js +199 -0
package/dist/senses/surface-tool.js +68 -0
package/dist/senses/teams.js +665 -160
package/dist/senses/trust-gate.js +112 -2
package/package.json +29 -7
package/skills/agent-commerce.md +106 -0
package/skills/browser-navigation.md +110 -0
package/skills/commerce-setup-guide.md +116 -0
package/skills/commerce-setup.md +84 -0
package/skills/configure-dev-tools.md +81 -0
package/skills/travel-planning.md +138 -0
package/dist/heart/daemon/subagent-installer.js +0 -134
package/dist/senses/bluebubbles-entry.js +0 -11
package/dist/senses/bluebubbles.js +0 -547
package/dist/senses/debug-activity.js +0 -124
package/subagents/README.md +0 -73
package/subagents/work-doer.md +0 -235
package/subagents/work-merger.md +0 -618
package/subagents/work-planner.md +0 -382
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/basilisk.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/jafar.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/jormungandr.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/kaa.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/medusa.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/monty.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/nagini.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/ouroboros.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/python.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/quetzalcoatl.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/sir-hiss.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/the-serpent.md +0 -0
/package/{AdoptionSpecialist.ouro → SerpentGuide.ouro}/psyche/identities/the-snake.md +0 -0
/package/dist/heart/{daemon → hatch}/hatch-animation.js +0 -0
/package/dist/heart/{daemon → hatch}/specialist-orchestrator.js +0 -0
/package/dist/heart/{daemon → versioning}/ouro-uti.js +0 -0
/package/dist/heart/{daemon → versioning}/wrapper-publish-guard.js +0 -0

package/dist/heart/provider-ping.js ADDED Viewed

@@ -0,0 +1,234 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sanitizeErrorMessage = sanitizeErrorMessage;
+exports.pingGithubCopilotModel = pingGithubCopilotModel;
+exports.pingProvider = pingProvider;
+exports.runHealthInventory = runHealthInventory;
+const identity_1 = require("./identity");
+const anthropic_1 = require("./providers/anthropic");
+const azure_1 = require("./providers/azure");
+const minimax_1 = require("./providers/minimax");
+const openai_codex_1 = require("./providers/openai-codex");
+const github_copilot_1 = require("./providers/github-copilot");
+const auth_flow_1 = require("./auth/auth-flow");
+const provider_models_1 = require("./provider-models");
+const runtime_1 = require("../nerves/runtime");
+const PING_TIMEOUT_MS = 10_000;
+const PING_PROMPT = "ping";
+const CHAT_PING_MAX_TOKENS = 1;
+const RESPONSE_PING_MAX_OUTPUT_TOKENS = 16;
+const ANTHROPIC_SETUP_PING_MODEL = "claude-haiku-4-5-20251001";
+const DEFAULT_AZURE_API_VERSION = "2025-04-01-preview";
+const PING_CALLBACKS = {
+    onModelStart() { },
+    onModelStreamStart() { },
+    onTextChunk() { },
+    onReasoningChunk() { },
+    onToolStart() { },
+    onToolEnd() { },
+    onError() { },
+};
+function createPingMessages() {
+    return [{ role: "user", content: PING_PROMPT }];
+}
+function createChatPingRequest(model) {
+    return { model, max_tokens: CHAT_PING_MAX_TOKENS, messages: createPingMessages() };
+}
+function createResponsePingRequest(model) {
+    return { model, input: PING_PROMPT, max_output_tokens: RESPONSE_PING_MAX_OUTPUT_TOKENS };
+}
+/**
+ * Strip raw JSON/HTML API response bodies from error messages.
+ * SDK errors often include the full response: "400 {"type":"error",...}" or "403 <html>...".
+ * Extract just the HTTP status and a short human-readable summary.
+ */
+function sanitizeErrorMessage(message) {
+    const statusMatch = message.match(/^(\d{3})\s/);
+    if (!statusMatch)
+        return message;
+    const status = statusMatch[1];
+    const body = message.slice(status.length).trim();
+    // HTML response (Cloudflare challenge, error pages, etc.)
+    if (body.startsWith("<") || body.includes("<!DOCTYPE") || body.includes("<html")) {
+        return `HTTP ${status}`;
+    }
+    // JSON response
+    if (body.startsWith("{")) {
+        try {
+            const json = JSON.parse(body);
+            const inner = json?.error?.message;
+            if (typeof inner === "string" && inner && inner !== "Error") {
+                return `${status} ${inner}`;
+            }
+        }
+        catch { /* not valid JSON */ }
+        return `HTTP ${status}`;
+    }
+    // Already clean (e.g., "401 Provided authentication token is expired.")
+    return message;
+}
+async function pingGithubCopilotModel(baseUrl, token, model, fetchImpl = fetch) {
+    const base = baseUrl.replace(/\/+$/, "");
+    const isClaude = model.startsWith("claude");
+    const url = isClaude ? `${base}/chat/completions` : `${base}/responses`;
+    const body = isClaude
+        ? JSON.stringify(createChatPingRequest(model))
+        : JSON.stringify(createResponsePingRequest(model));
+    try {
+        const response = await fetchImpl(url, {
+            method: "POST",
+            headers: {
+                Authorization: `Bearer ${token}`,
+                "Content-Type": "application/json",
+            },
+            body,
+        });
+        if (response.ok)
+            return { ok: true };
+        let detail = `HTTP ${response.status}`;
+        try {
+            const json = await response.json();
+            /* v8 ignore start -- error format parsing: all branches tested via config-models.test.ts @preserve */
+            if (typeof json.error === "string")
+                detail = json.error;
+            else if (typeof json.error === "object" && json.error !== null) {
+                const errObj = json.error;
+                if (typeof errObj.message === "string")
+                    detail = errObj.message;
+            }
+            else if (typeof json.message === "string")
+                detail = json.message;
+            /* v8 ignore stop */
+        }
+        catch {
+            // response body not JSON — keep HTTP status
+        }
+        return { ok: false, error: detail };
+    }
+    catch (err) {
+        /* v8 ignore next -- defensive: fetch errors are always Error instances @preserve */
+        return { ok: false, error: err instanceof Error ? err.message : String(err) };
+    }
+}
+function hasEmptyCredentials(provider, config) {
+    const record = config;
+    if (provider === "azure") {
+        const hasManagedIdentity = typeof record.endpoint === "string" && record.endpoint.length > 0 &&
+            typeof record.deployment === "string" && record.deployment.length > 0 &&
+            typeof record.managedIdentityClientId === "string" && record.managedIdentityClientId.length > 0;
+        if (hasManagedIdentity)
+            return false;
+    }
+    return identity_1.PROVIDER_CREDENTIALS[provider].required.some((key) => !record[key]);
+}
+function createRuntimeForPing(provider, config) {
+    // Use the same provider defaults as auth switch and hatch so verification
+    // cannot drift to stale provider/model pairings, and pass the checked
+    // credentials directly so daemon-side pings do not depend on --agent globals.
+    const model = (0, provider_models_1.getDefaultModelForProvider)(provider);
+    switch (provider) {
+        case "anthropic":
+            return (0, anthropic_1.createAnthropicProviderRuntime)(model, config);
+        case "azure":
+            return (0, azure_1.createAzureProviderRuntime)(model, {
+                ...config,
+                apiVersion: config.apiVersion ?? DEFAULT_AZURE_API_VERSION,
+            });
+        case "minimax":
+            return (0, minimax_1.createMinimaxProviderRuntime)(model, config);
+        case "openai-codex":
+            return (0, openai_codex_1.createOpenAICodexProviderRuntime)(model, config);
+        case "github-copilot":
+            return (0, github_copilot_1.createGithubCopilotProviderRuntime)(model, config);
+        /* v8 ignore next 2 -- exhaustive: all providers handled above @preserve */
+        default:
+            throw new Error(`unsupported provider for ping: ${provider}`);
+    }
+}
+async function pingProvider(provider, config) {
+    if (hasEmptyCredentials(provider, config)) {
+        return { ok: false, classification: "auth-failure", message: "no credentials configured" };
+    }
+    let runtime;
+    try {
+        runtime = createRuntimeForPing(provider, config);
+        /* v8 ignore start -- factory creation failure: tested via individual provider init tests @preserve */
+    }
+    catch (error) {
+        return {
+            ok: false,
+            classification: "auth-failure",
+            message: error instanceof Error ? error.message : String(error),
+        };
+    }
+    /* v8 ignore stop */
+    try {
+        const controller = new AbortController();
+        /* v8 ignore next -- timeout callback: only fires after 10s, tests resolve faster @preserve */
+        const timeout = setTimeout(() => controller.abort(), PING_TIMEOUT_MS);
+        try {
+            // Minimal API call — no thinking, no reasoning, no tools.
+            if (provider === "anthropic") {
+                // Use haiku for the ping — setup tokens may not have access to newer
+                // models, but if haiku works, the credentials are valid.
+                // Override the beta header to exclude thinking (which requires a
+                // thinking param in the request body).
+                const client = runtime.client;
+                await client.messages.create(createChatPingRequest(ANTHROPIC_SETUP_PING_MODEL), { signal: controller.signal, headers: { "anthropic-beta": "claude-code-20250219,oauth-2025-04-20" } });
+            }
+            else if (provider === "openai-codex") {
+                await runtime.streamTurn({
+                    messages: createPingMessages(),
+                    activeTools: [],
+                    callbacks: PING_CALLBACKS,
+                    signal: controller.signal,
+                    toolChoiceRequired: false,
+                });
+            }
+            else {
+                // OpenAI-compatible providers (azure, minimax, github-copilot)
+                const client = runtime.client;
+                await client.chat.completions.create(createChatPingRequest(runtime.model), { signal: controller.signal });
+            }
+            return { ok: true };
+        }
+        finally {
+            clearTimeout(timeout);
+        }
+    }
+    catch (error) {
+        const err = error instanceof Error ? error : /* v8 ignore next -- defensive @preserve */ new Error(String(error));
+        let classification;
+        try {
+            classification = runtime.classifyError(err);
+        }
+        catch {
+            /* v8 ignore next -- defensive: classifyError should not throw @preserve */
+            classification = "unknown";
+        }
+        (0, runtime_1.emitNervesEvent)({
+            component: "engine",
+            event: "engine.provider_ping_fail",
+            message: `provider ping failed: ${provider}`,
+            meta: { provider, classification, error: err.message },
+        });
+        return { ok: false, classification, message: sanitizeErrorMessage(err.message) };
+    }
+}
+const PINGABLE_PROVIDERS = ["anthropic", "openai-codex", "azure", "minimax", "github-copilot"];
+async function runHealthInventory(agentName, currentProvider, deps = {}) {
+    /* v8 ignore next -- default: tests inject ping dep @preserve */
+    const ping = deps.ping ?? pingProvider;
+    const { secrets } = (0, auth_flow_1.loadAgentSecrets)(agentName);
+    const providers = PINGABLE_PROVIDERS.filter((p) => p !== currentProvider);
+    const results = await Promise.all(providers.map(async (provider) => {
+        const config = secrets.providers[provider];
+        const result = await ping(provider, config);
+        return [provider, result];
+    }));
+    const inventory = {};
+    for (const [provider, result] of results) {
+        inventory[provider] = result;
+    }
+    return inventory;
+}

package/dist/heart/providers/anthropic-token.js ADDED Viewed

@@ -0,0 +1,163 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.needsRefresh = needsRefresh;
+exports.refreshAnthropicToken = refreshAnthropicToken;
+exports.persistTokenState = persistTokenState;
+exports.ensureFreshToken = ensureFreshToken;
+/* v8 ignore start -- OAuth token lifecycle: requires live API calls, tested via integration @preserve */
+const fs = __importStar(require("fs"));
+const runtime_1 = require("../../nerves/runtime");
+const identity_1 = require("../identity");
+const OAUTH_TOKEN_ENDPOINT = "https://console.anthropic.com/v1/oauth/token";
+const OAUTH_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+const REFRESH_MARGIN_MS = 5 * 60 * 1000; // refresh 5 minutes before expiry
+/**
+ * Check if the Anthropic OAuth token needs refreshing.
+ * Returns true if no expiresAt is set (legacy token) or if within 5 min of expiry.
+ */
+function needsRefresh(expiresAt) {
+    if (!expiresAt)
+        return true; // legacy token with no expiry — always try refresh
+    return Date.now() > expiresAt - REFRESH_MARGIN_MS;
+}
+/**
+ * Refresh an Anthropic OAuth access token using the refresh token.
+ * Returns the new token state or null if refresh fails.
+ */
+async function refreshAnthropicToken(refreshToken, fetchImpl = fetch) {
+    try {
+        const response = await fetchImpl(OAUTH_TOKEN_ENDPOINT, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({
+                grant_type: "refresh_token",
+                refresh_token: refreshToken,
+                client_id: OAUTH_CLIENT_ID,
+            }),
+        });
+        if (!response.ok) {
+            (0, runtime_1.emitNervesEvent)({
+                level: "warn",
+                component: "engine",
+                event: "engine.anthropic_token_refresh_failed",
+                message: `token refresh failed: ${response.status}`,
+                meta: { status: response.status },
+            });
+            return null;
+        }
+        const json = await response.json();
+        if (!json.access_token) {
+            (0, runtime_1.emitNervesEvent)({
+                level: "warn",
+                component: "engine",
+                event: "engine.anthropic_token_refresh_failed",
+                message: "token refresh returned no access_token",
+                meta: {},
+            });
+            return null;
+        }
+        const state = {
+            accessToken: json.access_token,
+            refreshToken: json.refresh_token ?? refreshToken, // keep old if not returned
+            expiresAt: Date.now() + (json.expires_in ?? 28800) * 1000, // default 8h
+        };
+        (0, runtime_1.emitNervesEvent)({
+            component: "engine",
+            event: "engine.anthropic_token_refreshed",
+            message: "anthropic OAuth token refreshed",
+            meta: { expiresAt: new Date(state.expiresAt).toISOString() },
+        });
+        return state;
+    }
+    catch (error) {
+        (0, runtime_1.emitNervesEvent)({
+            level: "warn",
+            component: "engine",
+            event: "engine.anthropic_token_refresh_error",
+            message: "token refresh threw",
+            meta: { error: error instanceof Error ? error.message : String(error) },
+        });
+        return null;
+    }
+}
+/**
+ * Persist refreshed token state back to secrets.json.
+ */
+function persistTokenState(agentName, state) {
+    try {
+        const secretsPath = (0, identity_1.getAgentSecretsPath)(agentName);
+        const raw = fs.readFileSync(secretsPath, "utf-8");
+        const secrets = JSON.parse(raw);
+        secrets.providers = secrets.providers ?? {};
+        secrets.providers.anthropic = secrets.providers.anthropic ?? {};
+        secrets.providers.anthropic.setupToken = state.accessToken;
+        secrets.providers.anthropic.refreshToken = state.refreshToken;
+        secrets.providers.anthropic.expiresAt = state.expiresAt;
+        fs.writeFileSync(secretsPath, JSON.stringify(secrets, null, 2) + "\n", "utf-8");
+        /* v8 ignore start -- defensive: persistence failure must not crash the provider @preserve */
+    }
+    catch (error) {
+        (0, runtime_1.emitNervesEvent)({
+            level: "warn",
+            component: "engine",
+            event: "engine.anthropic_token_persist_error",
+            message: "failed to persist refreshed token",
+            meta: { error: error instanceof Error ? error.message : String(error) },
+        });
+    }
+    /* v8 ignore stop */
+}
+/**
+ * Ensure the Anthropic token is fresh. If expired, refresh and persist.
+ * Returns the current valid access token, or null if refresh failed and
+ * the existing token is expired.
+ */
+async function ensureFreshToken(currentToken, refreshToken, expiresAt, agentName, fetchImpl) {
+    if (!needsRefresh(expiresAt)) {
+        return currentToken; // still fresh
+    }
+    if (!refreshToken) {
+        // No refresh token — use the current token as-is (may be expired)
+        return currentToken;
+    }
+    const newState = await refreshAnthropicToken(refreshToken, fetchImpl);
+    if (!newState) {
+        return currentToken; // refresh failed — try the old token
+    }
+    persistTokenState(agentName, newState);
+    return newState.accessToken;
+}
+/* v8 ignore stop */