npm - @pellux/goodvibes-sdk - Versions diffs - 0.19.6 → 0.19.8 - Mend

@pellux/goodvibes-sdk 0.19.6 → 0.19.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/dist/_internal/platform/auth/ios-keychain-token-store.js ADDED Viewed

@@ -0,0 +1,147 @@
+/**
+ * ios-keychain-token-store.ts
+ *
+ * Token store backed by `react-native-keychain` for bare React Native on iOS.
+ *
+ * Uses `Keychain.setGenericPassword` / `getGenericPassword` /
+ * `resetGenericPassword` to persist tokens in the iOS Keychain.
+ *
+ * `react-native-keychain` is an **optional peer dependency** — this module
+ * does NOT import it at the top level.
+ *
+ * ## Installation
+ *
+ * ```sh
+ * npm install react-native-keychain
+ * npx pod-install   # iOS CocoaPods link
+ * ```
+ *
+ * Wave 6 three-part error messages: [what happened] · [why] · [what to do]
+ */
+import { GoodVibesSdkError } from '../../errors/index.js';
+let _mod = null;
+async function loadKeychain() {
+    if (_mod !== null)
+        return _mod;
+    try {
+        _mod = await import('react-native-keychain');
+        return _mod;
+    }
+    catch {
+        throw new GoodVibesSdkError('react-native-keychain is not installed — the iOS Keychain token store cannot be initialised. ' +
+            'This optional peer dependency is required to persist tokens in the iOS Keychain. ' +
+            'Run `npm install react-native-keychain && npx pod-install` and rebuild your app.', {
+            code: 'RN_KEYCHAIN_NOT_INSTALLED',
+            category: 'config',
+            source: 'config',
+            recoverable: false,
+        });
+    }
+}
+// ---------------------------------------------------------------------------
+// Fixed username slot
+// ---------------------------------------------------------------------------
+const USERNAME_SLOT = 'goodvibes-sdk';
+// ---------------------------------------------------------------------------
+// Factory
+// ---------------------------------------------------------------------------
+/**
+ * Create a `GoodVibesTokenStore` backed by the iOS Keychain via
+ * `react-native-keychain`.
+ *
+ * Suitable for **bare React Native** iOS apps. For Expo-managed workflow, use
+ * `createExpoSecureTokenStore` instead.
+ *
+ * Both the `token` and `expiresAt` values are serialised as a single JSON
+ * blob in the keychain password slot. The username slot is fixed to
+ * `'goodvibes-sdk'`.
+ *
+ * `react-native-keychain` is an **optional peer dependency** — install it with:
+ *
+ * ```sh
+ * npm install react-native-keychain
+ * npx pod-install
+ * ```
+ *
+ * @example
+ * ```ts
+ * import { createIOSKeychainTokenStore, createReactNativeGoodVibesSdk } from '@pellux/goodvibes-sdk/react-native';
+ *
+ * const tokenStore = createIOSKeychainTokenStore({ service: 'com.myapp.gv' });
+ * const sdk = createReactNativeGoodVibesSdk({ baseUrl: 'https://daemon.example.com', tokenStore });
+ * ```
+ */
+export function createIOSKeychainTokenStore(options = {}, __loadModule) {
+    const service = options.service ?? 'com.pellux.goodvibes-sdk';
+    const accessible = options.accessible ?? 'WHEN_UNLOCKED_THIS_DEVICE_ONLY';
+    const accessGroup = options.accessGroup;
+    async function resolveModule() {
+        if (__loadModule !== undefined) {
+            return __loadModule();
+        }
+        return loadKeychain();
+    }
+    function buildOptions(mod) {
+        const opts = { service };
+        const accessibleValue = mod.ACCESSIBLE[accessible];
+        if (accessibleValue !== undefined) {
+            opts['accessible'] = accessibleValue;
+        }
+        else if (options.accessible !== undefined) {
+            console.warn(`[pellux/goodvibes-sdk] react-native-keychain does not expose ACCESSIBLE.${accessible}; falling back to default`);
+        }
+        if (accessGroup !== undefined) {
+            opts['accessGroup'] = accessGroup;
+        }
+        return opts;
+    }
+    async function readPayload() {
+        const mod = await resolveModule();
+        const result = await mod.getGenericPassword(buildOptions(mod));
+        if (result === false)
+            return null;
+        try {
+            return JSON.parse(result.password);
+        }
+        catch {
+            return null;
+        }
+    }
+    async function writePayload(payload) {
+        const mod = await resolveModule();
+        if (payload === null) {
+            await mod.resetGenericPassword(buildOptions(mod));
+            return;
+        }
+        await mod.setGenericPassword(USERNAME_SLOT, JSON.stringify(payload), buildOptions(mod));
+    }
+    return {
+        async getToken() {
+            const payload = await readPayload();
+            return payload?.token ?? null;
+        },
+        async setToken(token) {
+            if (token === null) {
+                await writePayload(null);
+                return;
+            }
+            await writePayload({ token, expiresAt: null });
+        },
+        async clearToken() {
+            await writePayload(null);
+        },
+        async setTokenEntry(token, expiresAt) {
+            if (token === null) {
+                await writePayload(null);
+                return;
+            }
+            await writePayload({ token, expiresAt: expiresAt ?? null });
+        },
+        async getTokenEntry() {
+            const payload = await readPayload();
+            if (payload === null)
+                return { token: null };
+            return { token: payload.token, expiresAt: payload.expiresAt ?? undefined };
+        },
+    };
+}

package/dist/_internal/platform/auth/session-manager.d.ts CHANGED Viewed

@@ -18,6 +18,8 @@ export declare class SessionManager {
     /**
      * Perform a login and, when `persistToken` is not false, automatically
      * persist the returned token into the configured token store.
+     * The `expiresAt` from the login response is also persisted when the store
+     * supports `setTokenEntry`.
      */
     login(input: GoodVibesLoginInput, options?: GoodVibesAuthLoginOptions): Promise<GoodVibesLoginOutput>;
     /**

package/dist/_internal/platform/auth/session-manager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"session-manager.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/session-manager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EACV,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C,qBAAa,cAAc;;gBAIb,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,GAAG,IAAI;IAKhE;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,oBAAoB,CAAC;IAI9C~~;;;OAGG~~;IACG,KAAK,CACT,KAAK,EAAE,mBAAmB,EAC1B,OAAO,GAAE,yBAA8B,GACtC,OAAO,CAAC,oBAAoB,CAAC;~~IAQhC~~;;;OAGG;IACH,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,+EAA+E;IAC/E,IAAI,UAAU,IAAI,UAAU,GAAG,IAAI,CAElC;CACF"}
1	+ {"version":3,"file":"session-manager.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/session-manager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EACV,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C,qBAAa,cAAc;;gBAIb,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,GAAG,IAAI;IAKhE;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,oBAAoB,CAAC;IAI9C;;;;;OAKG;IACG,KAAK,CACT,KAAK,EAAE,mBAAmB,EAC1B,OAAO,GAAE,yBAA8B,GACtC,OAAO,CAAC,oBAAoB,CAAC;IAahC;;;OAGG;IACH,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,+EAA+E;IAC/E,IAAI,UAAU,IAAI,UAAU,GAAG,IAAI,CAElC;CACF"}

package/dist/_internal/platform/auth/session-manager.js CHANGED Viewed

@@ -22,11 +22,19 @@ export class SessionManager {
     /**
      * Perform a login and, when `persistToken` is not false, automatically
      * persist the returned token into the configured token store.
+     * The `expiresAt` from the login response is also persisted when the store
+     * supports `setTokenEntry`.
      */
     async login(input, options = {}) {
         const result = await this.#operator.control.auth.login(input);
         if ((options.persistToken ?? true) && this.#tokenStore) {
-            await this.#tokenStore.setToken(result.token);
+            // Prefer setTokenEntry to persist expiry alongside the token.
+            if (result.expiresAt) {
+                await this.#tokenStore.setTokenEntry(result.token, result.expiresAt);
+            }
+            else {
+                await this.#tokenStore.setToken(result.token);
+            }
         }
         return result;
     }

package/dist/_internal/platform/auth/token-store.d.ts CHANGED Viewed

@@ -13,6 +13,19 @@ export declare class TokenStore {
     getToken(): Promise<string | null>;
     /** Persist a new token, or clear storage when null. */
     setToken(token: string | null): Promise<void>;
+    /**
+     * Persist a new token alongside its expiry timestamp (unix ms).
+     * Falls back to `setToken` when the store does not implement `setTokenEntry`.
+     */
+    setTokenEntry(token: string | null, expiresAt?: number): Promise<void>;
+    /**
+     * Return the current token entry, including optional expiry.
+     * Falls back to token-only when the store does not implement `getTokenEntry`.
+     */
+    getTokenEntry(): Promise<{
+        token: string | null;
+        expiresAt?: number;
+    }>;
     /** Clear the stored token. */
     clearToken(): Promise<void>;
     /** Return true when a non-empty token is currently stored. */

package/dist/_internal/platform/auth/token-store.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/token-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAE5D,qBAAa,UAAU;;gBAGT,KAAK,EAAE,mBAAmB;IAItC,2DAA2D;IACrD,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIxC,uDAAuD;IACjD,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAInD,8BAA8B;IACxB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAIjC,8DAA8D;IACxD,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAKlC,uEAAuE;IACvE,IAAI,KAAK,IAAI,mBAAmB,CAE/B;CACF"}
1	+ {"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/auth/token-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAE5D,qBAAa,UAAU;;gBAGT,KAAK,EAAE,mBAAmB;IAItC,2DAA2D;IACrD,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIxC,uDAAuD;IACjD,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAInD;;;OAGG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU5E;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAW5E,8BAA8B;IACxB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAIjC,8DAA8D;IACxD,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAKlC,uEAAuE;IACvE,IAAI,KAAK,IAAI,mBAAmB,CAE/B;CACF"}

package/dist/_internal/platform/auth/token-store.js CHANGED Viewed

@@ -18,6 +18,29 @@ export class TokenStore {
     async setToken(token) {
         return this.#store.setToken(token);
     }
+    /**
+     * Persist a new token alongside its expiry timestamp (unix ms).
+     * Falls back to `setToken` when the store does not implement `setTokenEntry`.
+     */
+    async setTokenEntry(token, expiresAt) {
+        const store = this.#store;
+        if (typeof store.setTokenEntry === 'function') {
+            return store.setTokenEntry(token, expiresAt);
+        }
+        return this.#store.setToken(token);
+    }
+    /**
+     * Return the current token entry, including optional expiry.
+     * Falls back to token-only when the store does not implement `getTokenEntry`.
+     */
+    async getTokenEntry() {
+        const store = this.#store;
+        if (typeof store.getTokenEntry === 'function') {
+            return store.getTokenEntry();
+        }
+        const token = await this.#store.getToken();
+        return { token };
+    }
     /** Clear the stored token. */
     async clearToken() {
         return this.#store.clearToken();

package/dist/_internal/platform/companion/companion-chat-manager.d.ts CHANGED Viewed

@@ -1,26 +1,27 @@
 /**
  * companion-chat-manager.ts
  *
- * In-memory manager for companion-app chat-mode sessions.
+ * Disk-backed manager for companion-app chat-mode sessions.
  *
  * Design:
  * - Each session owns a ConversationManager (isolated message history).
+ * - Sessions survive daemon restart via CompanionChatPersistence (atomic JSON files).
+ * - Inbound messages are rate-limited per session and per client via
+ *   CompanionChatRateLimiter (token-bucket, 30 msgs/min per client,
+ *   10 msgs/min per session by default, configurable).
  * - When a user message is posted, the manager appends it to the conversation
  *   and runs a lightweight LLM turn using the provider registry.
+ * - Tool calls emitted by the LLM are executed via the injected ToolRegistry
+ *   (if provided); results are fed back into the stream and published as
+ *   turn.tool_result events.
  * - Streaming chunks are fanned out via ControlPlaneGateway.publishEvent
  *   with a per-session clientId filter, so they only reach the subscriber
  *   for that specific session — never the global TUI event feed.
  * - A GC sweep closes sessions that have been idle beyond the TTL.
- *
- * TODO (follow-up): persist sessions across daemon restart.
- * TODO (follow-up): rate-limiting per session / per client.
- * TODO (follow-up): tool-call execution requires ToolRegistry injection;
- *   currently tools are passed through the Orchestrator which needs the
- *   full TUI context. For v1, we provide a no-op tool registry so tool
- *   calls degrade gracefully. Proper tool support requires the daemon to
- *   inject its ToolRegistry into CompanionChatManager.
  */
 import type { CompanionChatMessage, CompanionChatSession, CreateCompanionChatSessionInput } from './companion-chat-types.js';
+import type { CompanionChatRateLimiterOptions } from './companion-chat-rate-limiter.js';
+import type { ToolRegistry } from '../tools/registry.js';
 export interface CompanionProviderMessage {
     readonly role: 'user' | 'assistant';
     readonly content: string;
@@ -52,6 +53,24 @@ export interface CompanionChatEventPublisher {
 export interface CompanionChatManagerConfig {
     readonly provider: CompanionLLMProvider;
     readonly eventPublisher: CompanionChatEventPublisher;
+    /**
+     * ToolRegistry to use for executing tool calls emitted by the LLM.
+     * When omitted, tool_call chunks are published as events but not executed;
+     * the LLM receives no tool result and must degrade gracefully.
+     */
+    readonly toolRegistry?: ToolRegistry;
+    /**
+     * Directory under which session JSON files are persisted.
+     * Default: ~/.goodvibes/companion-chat/sessions/
+     */
+    readonly sessionsDir?: string;
+    /**
+     * Pass `false` to disable disk persistence entirely (useful in tests).
+     * Default: true
+     */
+    readonly persist?: boolean;
+    /** Rate-limiting options. Defaults: 30 msgs/min per client, 10/min per session. */
+    readonly rateLimiter?: CompanionChatRateLimiterOptions | false;
     /** Override for tests */
     readonly idleActiveMs?: number;
     /** Override for tests */
@@ -63,10 +82,27 @@ export declare class CompanionChatManager {
     private readonly sessions;
     private readonly provider;
     private readonly eventPublisher;
+    private readonly toolRegistry;
+    private readonly persistence;
+    private readonly rateLimiter;
     private readonly idleActiveMs;
     private readonly idleEmptyMs;
     private gcTimer;
+    /** Tracks whether the async init() has completed. */
+    private initCompleted;
+    /**
+     * Serializes persistence writes per session to prevent write-after-write
+     * races where two concurrent saves could result in an older snapshot
+     * overwriting a newer one.
+     */
+    private readonly _pendingSaves;
     constructor(config: CompanionChatManagerConfig);
+    /**
+     * Load sessions persisted from a previous daemon run.
+     * Should be called once after construction before accepting requests.
+     * Safe to call multiple times (idempotent after first call).
+     */
+    init(): Promise<void>;
     createSession(input?: CreateCompanionChatSessionInput): CompanionChatSession;
     getSession(sessionId: string): CompanionChatSession | null;
     getMessages(sessionId: string): CompanionChatMessage[];
@@ -83,12 +119,29 @@ export declare class CompanionChatManager {
     closeSession(sessionId: string): CompanionChatSession | null;
     /**
      * Post a user message and start an async LLM turn. Returns the messageId.
-     * Throws if the session is closed.
+     *
+     * Rate-limited per session and per client (throws GoodVibesSdkError{kind:'rate-limit'}
+     * if limits are exceeded).
+     *
+     * Throws if the session is closed or not found.
+     *
+     * @param sessionId - The session to post to.
+     * @param content   - The message text.
+     * @param clientId  - The SSE/HTTP client identity for per-client rate limiting.
+     *                    Pass '' to skip client-level rate limiting.
      */
-    postMessage(sessionId: string, content: string): Promise<string>;
+    postMessage(sessionId: string, content: string, clientId?: string): Promise<string>;
     dispose(): void;
     private _runTurn;
     _gcSweep(): void;
     private _updateMeta;
+    /**
+     * Schedule a persistence save for the given session.
+     * Saves are serialized per-session: each new save waits for the prior one to
+     * complete before writing. The save always reads the CURRENT session state,
+     * so rapid create→update→close sequences correctly persist the final state.
+     */
+    private _persist;
+    private _doSave;
 }
 //# sourceMappingURL=companion-chat-manager.d.ts.map

package/dist/_internal/platform/companion/companion-chat-manager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"companion-chat-manager.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/companion/companion-chat-manager.ts"],"names":[],"mappings":"AAAA~~;;;;;;;;;;;;;;;;;;;;;GAqBG~~;AAIH,OAAO,KAAK,EACV,oBAAoB,EACpB,oBAAoB,~~EAIpB~~,+BAA+B,EAChC,MAAM,2BAA2B,CAAC;AAMnC,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,WAAW,GAAG,aAAa,GAAG,MAAM,GAAG,OAAO,CAAC;IAC7E,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC;IAC7B,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,wDAAwD;IACxD,UAAU,CACR,QAAQ,EAAE,wBAAwB,EAAE,EACpC,OAAO,EAAE;QACP,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACtC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,WAAW,CAAC;KACpC,GACA,aAAa,CAAC,sBAAsB,CAAC,CAAC;CAC1C;AAMD,MAAM,WAAW,2BAA2B;IAC1C,YAAY,CACV,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAC7B,IAAI,CAAC;CACT;AAgCD,MAAM,WAAW,0BAA0B;IACzC,QAAQ,CAAC,QAAQ,EAAE,oBAAoB,CAAC;IACxC,QAAQ,CAAC,cAAc,EAAE,2BAA2B,CAAC;IACrD,yBAAyB;IACzB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,yBAAyB;IACzB,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,yBAAyB;IACzB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAED,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAsC;IAC/D,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAuB;IAChD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA8B;IAC7D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,OAAO,CAA+C;~~gBAElD~~,MAAM,EAAE,0BAA0B;~~IAgB9C~~,aAAa,CAAC,KAAK,GAAE,+BAAoC,GAAG,oBAAoB;~~IA+BhF~~,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAI1D,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,EAAE;IAItD;;;;OAIG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IAQ7D;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;~~IAW5D;;;OAGG~~;IACG,WAAW,CACf,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,~~GACd~~,OAAO,CAAC,MAAM,CAAC;~~IAkClB~~,OAAO,IAAI,IAAI;YAgBD,QAAQ;~~IA0HtB~~,QAAQ,IAAI,IAAI;~~IA2BhB~~,OAAO,CAAC,WAAW;~~CAQpB~~"}
1	+ {"version":3,"file":"companion-chat-manager.d.ts","sourceRoot":"","sources":["../../../../src/_internal/platform/companion/companion-chat-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAIH,OAAO,KAAK,EACV,oBAAoB,EACpB,oBAAoB,EAGpB,+BAA+B,EAChC,MAAM,2BAA2B,CAAC;AAMnC,OAAO,KAAK,EAAE,+BAA+B,EAAE,MAAM,kCAAkC,CAAC;AACxF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAMzD,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,WAAW,GAAG,aAAa,GAAG,MAAM,GAAG,OAAO,CAAC;IAC7E,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC;IAC7B,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,wDAAwD;IACxD,UAAU,CACR,QAAQ,EAAE,wBAAwB,EAAE,EACpC,OAAO,EAAE;QACP,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACtC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,WAAW,CAAC;KACpC,GACA,aAAa,CAAC,sBAAsB,CAAC,CAAC;CAC1C;AAMD,MAAM,WAAW,2BAA2B;IAC1C,YAAY,CACV,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAC7B,IAAI,CAAC;CACT;AAgCD,MAAM,WAAW,0BAA0B;IACzC,QAAQ,CAAC,QAAQ,EAAE,oBAAoB,CAAC;IACxC,QAAQ,CAAC,cAAc,EAAE,2BAA2B,CAAC;IACrD;;;;OAIG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IACrC;;;OAGG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B;;;OAGG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,mFAAmF;IACnF,QAAQ,CAAC,WAAW,CAAC,EAAE,+BAA+B,GAAG,KAAK,CAAC;IAC/D,yBAAyB;IACzB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,yBAAyB;IACzB,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,yBAAyB;IACzB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAED,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAsC;IAC/D,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAuB;IAChD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA8B;IAC7D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAsB;IACnD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAkC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAkC;IAC9D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,OAAO,CAA+C;IAC9D,qDAAqD;IACrD,OAAO,CAAC,aAAa,CAAS;IAC9B;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAoC;gBAEtD,MAAM,EAAE,0BAA0B;IAmC9C;;;;OAIG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuC3B,aAAa,CAAC,KAAK,GAAE,+BAAoC,GAAG,oBAAoB;IAkChF,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAI1D,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,EAAE;IAItD;;;;OAIG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IAQ7D;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAe5D;;;;;;;;;;;;OAYG;IACG,WAAW,CACf,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,QAAQ,SAAK,GACZ,OAAO,CAAC,MAAM,CAAC;IAwClB,OAAO,IAAI,IAAI;YAgBD,QAAQ;IA4JtB,QAAQ,IAAI,IAAI;IA6BhB,OAAO,CAAC,WAAW;IASnB;;;;;OAKG;IACH,OAAO,CAAC,QAAQ;YAeF,OAAO;CAMtB"}

package/dist/_internal/platform/companion/companion-chat-manager.js CHANGED Viewed

@@ -1,27 +1,28 @@
 /**
  * companion-chat-manager.ts
  *
- * In-memory manager for companion-app chat-mode sessions.
+ * Disk-backed manager for companion-app chat-mode sessions.
  *
  * Design:
  * - Each session owns a ConversationManager (isolated message history).
+ * - Sessions survive daemon restart via CompanionChatPersistence (atomic JSON files).
+ * - Inbound messages are rate-limited per session and per client via
+ *   CompanionChatRateLimiter (token-bucket, 30 msgs/min per client,
+ *   10 msgs/min per session by default, configurable).
  * - When a user message is posted, the manager appends it to the conversation
  *   and runs a lightweight LLM turn using the provider registry.
+ * - Tool calls emitted by the LLM are executed via the injected ToolRegistry
+ *   (if provided); results are fed back into the stream and published as
+ *   turn.tool_result events.
  * - Streaming chunks are fanned out via ControlPlaneGateway.publishEvent
  *   with a per-session clientId filter, so they only reach the subscriber
  *   for that specific session — never the global TUI event feed.
  * - A GC sweep closes sessions that have been idle beyond the TTL.
- *
- * TODO (follow-up): persist sessions across daemon restart.
- * TODO (follow-up): rate-limiting per session / per client.
- * TODO (follow-up): tool-call execution requires ToolRegistry injection;
- *   currently tools are passed through the Orchestrator which needs the
- *   full TUI context. For v1, we provide a no-op tool registry so tool
- *   calls degrade gracefully. Proper tool support requires the daemon to
- *   inject its ToolRegistry into CompanionChatManager.
  */
 import { randomUUID } from 'node:crypto';
 import { ConversationManager } from '../core/conversation.js';
+import { CompanionChatPersistence, defaultSessionsDir, } from './companion-chat-persistence.js';
+import { CompanionChatRateLimiter } from './companion-chat-rate-limiter.js';
 // ---------------------------------------------------------------------------
 // Idle GC constants (customisable for tests)
 // ---------------------------------------------------------------------------
@@ -32,20 +33,88 @@ export class CompanionChatManager {
     sessions = new Map();
     provider;
     eventPublisher;
+    toolRegistry;
+    persistence;
+    rateLimiter;
     idleActiveMs;
     idleEmptyMs;
     gcTimer = null;
+    /** Tracks whether the async init() has completed. */
+    initCompleted = false;
+    /**
+     * Serializes persistence writes per session to prevent write-after-write
+     * races where two concurrent saves could result in an older snapshot
+     * overwriting a newer one.
+     */
+    _pendingSaves = new Map();
     constructor(config) {
         this.provider = config.provider;
         this.eventPublisher = config.eventPublisher;
+        this.toolRegistry = config.toolRegistry ?? null;
         this.idleActiveMs = config.idleActiveMs ?? DEFAULT_IDLE_ACTIVE_MS;
         this.idleEmptyMs = config.idleEmptyMs ?? DEFAULT_IDLE_EMPTY_MS;
+        // Persistence
+        // Default is false — most callers (tests, downstream consumers) get the
+        // safe no-write default. The daemon opts into persistence explicitly via
+        // persist: true in facade-composition.
+        const persist = config.persist === true;
+        this.persistence = persist
+            ? new CompanionChatPersistence(config.sessionsDir ?? defaultSessionsDir())
+            : null;
+        // Rate limiter
+        this.rateLimiter =
+            config.rateLimiter === false
+                ? null
+                : new CompanionChatRateLimiter(config.rateLimiter ?? {});
         const gcIntervalMs = config.gcIntervalMs ?? GC_INTERVAL_MS;
-        this.gcTimer = setInterval(() => this._gcSweep(), gcIntervalMs);
+        this.gcTimer = setInterval(() => {
+            this._gcSweep();
+            this.rateLimiter?.cleanup();
+        }, gcIntervalMs);
         // Don't block node process on this timer
         this.gcTimer.unref?.();
     }
     // ---------------------------------------------------------------------------
+    // Async initialisation — load persisted sessions from disk
+    // ---------------------------------------------------------------------------
+    /**
+     * Load sessions persisted from a previous daemon run.
+     * Should be called once after construction before accepting requests.
+     * Safe to call multiple times (idempotent after first call).
+     */
+    async init() {
+        if (this.initCompleted || !this.persistence) {
+            this.initCompleted = true;
+            return;
+        }
+        const stored = await this.persistence.loadAll();
+        for (const { meta, messages } of stored) {
+            // Skip sessions that were already closed before the restart — they are
+            // in a terminal state and don't need to be in memory.
+            if (meta.status === 'closed')
+                continue;
+            const conversation = new ConversationManager();
+            // Replay messages into the conversation to restore LLM context
+            for (const msg of messages) {
+                if (msg.role === 'user') {
+                    conversation.addUserMessage(msg.content);
+                }
+                else {
+                    conversation.addAssistantMessage(msg.content);
+                }
+            }
+            this.sessions.set(meta.id, {
+                meta,
+                conversation,
+                messages: [...messages],
+                abortController: new AbortController(),
+                lastActivityAt: meta.updatedAt,
+                subscriberClientId: null,
+            });
+        }
+        this.initCompleted = true;
+    }
+    // ---------------------------------------------------------------------------
     // Session lifecycle
     // ---------------------------------------------------------------------------
     createSession(input = {}) {
@@ -73,6 +142,8 @@ export class CompanionChatManager {
             lastActivityAt: now,
             subscriberClientId: null,
         });
+        // Persist async (non-blocking)
+        void this._persist(id);
         return meta;
     }
     getSession(sessionId) {
@@ -106,13 +177,24 @@ export class CompanionChatManager {
         session.abortController.abort();
         const now = Date.now();
         const updated = this._updateMeta(session, { status: 'closed', closedAt: now, updatedAt: now });
+        // Persist the closed state async (non-blocking)
+        void this._persist(sessionId);
         return updated;
     }
     /**
      * Post a user message and start an async LLM turn. Returns the messageId.
-     * Throws if the session is closed.
+     *
+     * Rate-limited per session and per client (throws GoodVibesSdkError{kind:'rate-limit'}
+     * if limits are exceeded).
+     *
+     * Throws if the session is closed or not found.
+     *
+     * @param sessionId - The session to post to.
+     * @param content   - The message text.
+     * @param clientId  - The SSE/HTTP client identity for per-client rate limiting.
+     *                    Pass '' to skip client-level rate limiting.
      */
-    async postMessage(sessionId, content) {
+    async postMessage(sessionId, content, clientId = '') {
         const session = this.sessions.get(sessionId);
         if (!session) {
             throw Object.assign(new Error(`Session not found: ${sessionId}`), { code: 'SESSION_NOT_FOUND', status: 404 });
@@ -120,6 +202,8 @@ export class CompanionChatManager {
         if (session.meta.status === 'closed') {
             throw Object.assign(new Error(`Session is closed: ${sessionId}`), { code: 'SESSION_CLOSED', status: 409 });
         }
+        // Rate-limit check (throws GoodVibesSdkError on violation)
+        this.rateLimiter?.check(sessionId, clientId);
         const messageId = randomUUID();
         const now = Date.now();
         const userMsg = {
@@ -136,6 +220,8 @@ export class CompanionChatManager {
             messageCount: session.messages.length,
             updatedAt: now,
         });
+        // Persist async (non-blocking)
+        void this._persist(sessionId);
         // Fire-and-forget: run the turn without blocking the HTTP response
         void this._runTurn(session, messageId);
         return messageId;
@@ -205,6 +291,36 @@ export class CompanionChatManager {
                             toolName: chunk.toolName ?? '',
                             toolInput: chunk.toolInput ?? null,
                         });
+                        // Execute via ToolRegistry if available
+                        if (this.toolRegistry && chunk.toolName && chunk.toolCallId) {
+                            const toolCallId = chunk.toolCallId;
+                            const toolName = chunk.toolName;
+                            const toolInput = (chunk.toolInput ?? {});
+                            try {
+                                const toolResult = await this.toolRegistry.execute(toolCallId, toolName, toolInput);
+                                publish({
+                                    type: 'turn.tool_result',
+                                    sessionId,
+                                    turnId,
+                                    toolCallId,
+                                    toolName,
+                                    result: toolResult.output ?? null,
+                                    isError: !toolResult.success,
+                                });
+                            }
+                            catch (toolErr) {
+                                const errMsg = toolErr instanceof Error ? toolErr.message : String(toolErr);
+                                publish({
+                                    type: 'turn.tool_result',
+                                    sessionId,
+                                    turnId,
+                                    toolCallId,
+                                    toolName,
+                                    result: errMsg,
+                                    isError: true,
+                                });
+                            }
+                        }
                         break;
                     }
                     case 'tool_result': {
@@ -241,6 +357,8 @@ export class CompanionChatManager {
             session.messages.push(assistantMsg);
             session.lastActivityAt = now;
             this._updateMeta(session, { messageCount: session.messages.length, updatedAt: now });
+            // Persist assistant reply
+            void this._persist(sessionId);
             const completedEnvelope = {
                 sessionId,
                 messageId: assistantMessageId,
@@ -266,6 +384,7 @@ export class CompanionChatManager {
             if (session.meta.status === 'closed') {
                 // Remove already-closed sessions after a short grace period (5 min)
                 if (now - (session.meta.closedAt ?? now) > 5 * 60_000) {
+                    void this.persistence?.delete(id);
                     this.sessions.delete(id);
                 }
                 continue;
@@ -277,6 +396,7 @@ export class CompanionChatManager {
                 // Close via GC
                 session.abortController.abort();
                 this._updateMeta(session, { status: 'closed', closedAt: now, updatedAt: now });
+                void this._persist(id);
             }
         }
     }
@@ -288,4 +408,30 @@ export class CompanionChatManager {
         session.meta = updated;
         return updated;
     }
+    /**
+     * Schedule a persistence save for the given session.
+     * Saves are serialized per-session: each new save waits for the prior one to
+     * complete before writing. The save always reads the CURRENT session state,
+     * so rapid create→update→close sequences correctly persist the final state.
+     */
+    _persist(sessionId) {
+        if (!this.persistence)
+            return;
+        const prior = this._pendingSaves.get(sessionId) ?? Promise.resolve();
+        const next = prior.then(() => this._doSave(sessionId));
+        this._pendingSaves.set(sessionId, next.finally(() => {
+            // Clean up the slot once this save is the settled head.
+            if (this._pendingSaves.get(sessionId) === next) {
+                this._pendingSaves.delete(sessionId);
+            }
+        }));
+    }
+    async _doSave(sessionId) {
+        if (!this.persistence)
+            return;
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return;
+        await this.persistence.save({ meta: session.meta, messages: session.messages });
+    }
 }