@pellux/goodvibes-sdk 0.38.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (559) hide show
  1. package/dist/contracts/artifacts/operator-contract.json +4468 -916
  2. package/dist/daemon.d.ts +2 -0
  3. package/dist/daemon.d.ts.map +1 -1
  4. package/dist/daemon.js +4 -0
  5. package/dist/events/communication.d.ts +1 -1
  6. package/dist/events/surfaces.d.ts +25 -3
  7. package/dist/events/surfaces.d.ts.map +1 -1
  8. package/dist/events/surfaces.js +22 -1
  9. package/dist/events/workflows.d.ts +7 -6
  10. package/dist/events/workflows.d.ts.map +1 -1
  11. package/dist/index.d.ts +1 -1
  12. package/dist/index.d.ts.map +1 -1
  13. package/dist/platform/agents/archetypes.d.ts.map +1 -1
  14. package/dist/platform/agents/archetypes.js +7 -0
  15. package/dist/platform/agents/index.d.ts +1 -0
  16. package/dist/platform/agents/index.d.ts.map +1 -1
  17. package/dist/platform/agents/index.js +1 -0
  18. package/dist/platform/agents/orchestrator-runner.d.ts +16 -3
  19. package/dist/platform/agents/orchestrator-runner.d.ts.map +1 -1
  20. package/dist/platform/agents/orchestrator-runner.js +20 -6
  21. package/dist/platform/agents/orchestrator.d.ts +42 -10
  22. package/dist/platform/agents/orchestrator.d.ts.map +1 -1
  23. package/dist/platform/agents/orchestrator.js +68 -20
  24. package/dist/platform/agents/planner-decomposition-runner.d.ts +38 -0
  25. package/dist/platform/agents/planner-decomposition-runner.d.ts.map +1 -0
  26. package/dist/platform/agents/planner-decomposition-runner.js +113 -0
  27. package/dist/platform/agents/turn-knowledge-injection.d.ts +88 -3
  28. package/dist/platform/agents/turn-knowledge-injection.d.ts.map +1 -1
  29. package/dist/platform/agents/turn-knowledge-injection.js +147 -30
  30. package/dist/platform/agents/worktree.d.ts +126 -8
  31. package/dist/platform/agents/worktree.d.ts.map +1 -1
  32. package/dist/platform/agents/worktree.js +240 -19
  33. package/dist/platform/agents/wrfc-controller.d.ts +24 -1
  34. package/dist/platform/agents/wrfc-controller.d.ts.map +1 -1
  35. package/dist/platform/agents/wrfc-controller.js +161 -35
  36. package/dist/platform/agents/wrfc-gate-runtime.d.ts +9 -0
  37. package/dist/platform/agents/wrfc-gate-runtime.d.ts.map +1 -1
  38. package/dist/platform/agents/wrfc-gate-runtime.js +7 -3
  39. package/dist/platform/agents/wrfc-gates.d.ts +1 -1
  40. package/dist/platform/agents/wrfc-gates.d.ts.map +1 -1
  41. package/dist/platform/agents/wrfc-gates.js +7 -1
  42. package/dist/platform/agents/wrfc-types.d.ts +23 -3
  43. package/dist/platform/agents/wrfc-types.d.ts.map +1 -1
  44. package/dist/platform/automation/types.d.ts +9 -1
  45. package/dist/platform/automation/types.d.ts.map +1 -1
  46. package/dist/platform/calendar/calendar-api-shared.d.ts +25 -0
  47. package/dist/platform/calendar/calendar-api-shared.d.ts.map +1 -0
  48. package/dist/platform/calendar/calendar-api-shared.js +100 -0
  49. package/dist/platform/calendar/calendar-connector.d.ts +79 -0
  50. package/dist/platform/calendar/calendar-connector.d.ts.map +1 -0
  51. package/dist/platform/calendar/calendar-connector.js +155 -0
  52. package/dist/platform/calendar/google-calendar-api.d.ts +25 -0
  53. package/dist/platform/calendar/google-calendar-api.d.ts.map +1 -0
  54. package/dist/platform/calendar/google-calendar-api.js +89 -0
  55. package/dist/platform/calendar/http-fetch-adapter.d.ts +25 -0
  56. package/dist/platform/calendar/http-fetch-adapter.d.ts.map +1 -0
  57. package/dist/platform/calendar/http-fetch-adapter.js +25 -0
  58. package/dist/platform/calendar/ics-parser.d.ts +35 -0
  59. package/dist/platform/calendar/ics-parser.d.ts.map +1 -0
  60. package/dist/platform/calendar/ics-parser.js +236 -0
  61. package/dist/platform/calendar/index.d.ts +41 -0
  62. package/dist/platform/calendar/index.d.ts.map +1 -0
  63. package/dist/platform/calendar/index.js +49 -0
  64. package/dist/platform/calendar/merged-calendar-model.d.ts +67 -0
  65. package/dist/platform/calendar/merged-calendar-model.d.ts.map +1 -0
  66. package/dist/platform/calendar/merged-calendar-model.js +181 -0
  67. package/dist/platform/calendar/microsoft-graph-api.d.ts +25 -0
  68. package/dist/platform/calendar/microsoft-graph-api.d.ts.map +1 -0
  69. package/dist/platform/calendar/microsoft-graph-api.js +95 -0
  70. package/dist/platform/calendar/oauth-flow.d.ts +62 -0
  71. package/dist/platform/calendar/oauth-flow.d.ts.map +1 -0
  72. package/dist/platform/calendar/oauth-flow.js +305 -0
  73. package/dist/platform/calendar/oauth-providers.d.ts +43 -0
  74. package/dist/platform/calendar/oauth-providers.d.ts.map +1 -0
  75. package/dist/platform/calendar/oauth-providers.js +120 -0
  76. package/dist/platform/calendar/oauth-token-store.d.ts +72 -0
  77. package/dist/platform/calendar/oauth-token-store.d.ts.map +1 -0
  78. package/dist/platform/calendar/oauth-token-store.js +189 -0
  79. package/dist/platform/calendar/oauth-types.d.ts +274 -0
  80. package/dist/platform/calendar/oauth-types.d.ts.map +1 -0
  81. package/dist/platform/calendar/oauth-types.js +22 -0
  82. package/dist/platform/calendar/rrule.d.ts +39 -0
  83. package/dist/platform/calendar/rrule.d.ts.map +1 -0
  84. package/dist/platform/calendar/rrule.js +261 -0
  85. package/dist/platform/calendar/subscription-store.d.ts +118 -0
  86. package/dist/platform/calendar/subscription-store.d.ts.map +1 -0
  87. package/dist/platform/calendar/subscription-store.js +293 -0
  88. package/dist/platform/calendar/types.d.ts +170 -0
  89. package/dist/platform/calendar/types.d.ts.map +1 -0
  90. package/dist/platform/calendar/types.js +21 -0
  91. package/dist/platform/companion/companion-chat-attachments.d.ts +29 -0
  92. package/dist/platform/companion/companion-chat-attachments.d.ts.map +1 -0
  93. package/dist/platform/companion/companion-chat-attachments.js +121 -0
  94. package/dist/platform/companion/companion-chat-branching.d.ts +66 -0
  95. package/dist/platform/companion/companion-chat-branching.d.ts.map +1 -0
  96. package/dist/platform/companion/companion-chat-branching.js +142 -0
  97. package/dist/platform/companion/companion-chat-broker-bridge.d.ts +40 -0
  98. package/dist/platform/companion/companion-chat-broker-bridge.d.ts.map +1 -0
  99. package/dist/platform/companion/companion-chat-broker-bridge.js +14 -0
  100. package/dist/platform/companion/companion-chat-broker-sync.d.ts +38 -0
  101. package/dist/platform/companion/companion-chat-broker-sync.d.ts.map +1 -0
  102. package/dist/platform/companion/companion-chat-broker-sync.js +80 -0
  103. package/dist/platform/companion/companion-chat-gc.d.ts +63 -0
  104. package/dist/platform/companion/companion-chat-gc.d.ts.map +1 -0
  105. package/dist/platform/companion/companion-chat-gc.js +38 -0
  106. package/dist/platform/companion/companion-chat-manager.d.ts +91 -23
  107. package/dist/platform/companion/companion-chat-manager.d.ts.map +1 -1
  108. package/dist/platform/companion/companion-chat-manager.js +195 -223
  109. package/dist/platform/companion/companion-chat-persistence.d.ts +9 -1
  110. package/dist/platform/companion/companion-chat-persistence.d.ts.map +1 -1
  111. package/dist/platform/companion/companion-chat-persistence.js +10 -2
  112. package/dist/platform/companion/companion-chat-routes.d.ts +2 -1
  113. package/dist/platform/companion/companion-chat-routes.d.ts.map +1 -1
  114. package/dist/platform/companion/companion-chat-routes.js +113 -4
  115. package/dist/platform/companion/companion-chat-turn-execution.d.ts +61 -0
  116. package/dist/platform/companion/companion-chat-turn-execution.d.ts.map +1 -0
  117. package/dist/platform/companion/companion-chat-turn-execution.js +107 -0
  118. package/dist/platform/companion/companion-chat-types.d.ts +67 -0
  119. package/dist/platform/companion/companion-chat-types.d.ts.map +1 -1
  120. package/dist/platform/config/credential-status.d.ts +28 -0
  121. package/dist/platform/config/credential-status.d.ts.map +1 -0
  122. package/dist/platform/config/credential-status.js +75 -0
  123. package/dist/platform/config/index.d.ts +25 -0
  124. package/dist/platform/config/index.d.ts.map +1 -1
  125. package/dist/platform/config/index.js +18 -0
  126. package/dist/platform/config/manager.d.ts +9 -0
  127. package/dist/platform/config/manager.d.ts.map +1 -1
  128. package/dist/platform/config/manager.js +21 -2
  129. package/dist/platform/config/migrations.d.ts +48 -0
  130. package/dist/platform/config/migrations.d.ts.map +1 -0
  131. package/dist/platform/config/migrations.js +54 -0
  132. package/dist/platform/config/schema-domain-core.d.ts +10 -1
  133. package/dist/platform/config/schema-domain-core.d.ts.map +1 -1
  134. package/dist/platform/config/schema-domain-core.js +46 -3
  135. package/dist/platform/config/schema-domain-runtime.d.ts +8 -0
  136. package/dist/platform/config/schema-domain-runtime.d.ts.map +1 -1
  137. package/dist/platform/config/schema-domain-runtime.js +32 -0
  138. package/dist/platform/config/schema-types.d.ts +21 -7
  139. package/dist/platform/config/schema-types.d.ts.map +1 -1
  140. package/dist/platform/config/schema.d.ts.map +1 -1
  141. package/dist/platform/config/schema.js +2 -0
  142. package/dist/platform/control-plane/approval-broker.d.ts +11 -0
  143. package/dist/platform/control-plane/approval-broker.d.ts.map +1 -1
  144. package/dist/platform/control-plane/approval-broker.js +17 -1
  145. package/dist/platform/control-plane/approval-hunk-apply.d.ts +77 -0
  146. package/dist/platform/control-plane/approval-hunk-apply.d.ts.map +1 -0
  147. package/dist/platform/control-plane/approval-hunk-apply.js +80 -0
  148. package/dist/platform/control-plane/gateway-disabled-response.d.ts +20 -0
  149. package/dist/platform/control-plane/gateway-disabled-response.d.ts.map +1 -0
  150. package/dist/platform/control-plane/gateway-disabled-response.js +24 -0
  151. package/dist/platform/control-plane/gateway-scope-enforcement.d.ts +68 -0
  152. package/dist/platform/control-plane/gateway-scope-enforcement.d.ts.map +1 -0
  153. package/dist/platform/control-plane/gateway-scope-enforcement.js +91 -0
  154. package/dist/platform/control-plane/gateway-utils.d.ts +17 -0
  155. package/dist/platform/control-plane/gateway-utils.d.ts.map +1 -1
  156. package/dist/platform/control-plane/gateway-utils.js +30 -0
  157. package/dist/platform/control-plane/gateway.d.ts +12 -2
  158. package/dist/platform/control-plane/gateway.d.ts.map +1 -1
  159. package/dist/platform/control-plane/gateway.js +27 -31
  160. package/dist/platform/control-plane/index.d.ts +8 -1
  161. package/dist/platform/control-plane/index.d.ts.map +1 -1
  162. package/dist/platform/control-plane/index.js +8 -0
  163. package/dist/platform/control-plane/invoke-input-validation.d.ts +56 -0
  164. package/dist/platform/control-plane/invoke-input-validation.d.ts.map +1 -0
  165. package/dist/platform/control-plane/invoke-input-validation.js +163 -0
  166. package/dist/platform/control-plane/method-catalog-admin.d.ts.map +1 -1
  167. package/dist/platform/control-plane/method-catalog-admin.js +12 -1
  168. package/dist/platform/control-plane/method-catalog-calendar.d.ts +16 -0
  169. package/dist/platform/control-plane/method-catalog-calendar.d.ts.map +1 -1
  170. package/dist/platform/control-plane/method-catalog-calendar.js +21 -0
  171. package/dist/platform/control-plane/method-catalog-channels.d.ts.map +1 -1
  172. package/dist/platform/control-plane/method-catalog-channels.js +32 -3
  173. package/dist/platform/control-plane/method-catalog-control-automation.d.ts.map +1 -1
  174. package/dist/platform/control-plane/method-catalog-control-automation.js +19 -34
  175. package/dist/platform/control-plane/method-catalog-control-companion.d.ts +15 -0
  176. package/dist/platform/control-plane/method-catalog-control-companion.d.ts.map +1 -0
  177. package/dist/platform/control-plane/method-catalog-control-companion.js +176 -0
  178. package/dist/platform/control-plane/method-catalog-control-core.d.ts.map +1 -1
  179. package/dist/platform/control-plane/method-catalog-control-core.js +104 -122
  180. package/dist/platform/control-plane/method-catalog-control.d.ts.map +1 -1
  181. package/dist/platform/control-plane/method-catalog-control.js +4 -0
  182. package/dist/platform/control-plane/method-catalog-email.d.ts +17 -0
  183. package/dist/platform/control-plane/method-catalog-email.d.ts.map +1 -1
  184. package/dist/platform/control-plane/method-catalog-email.js +21 -0
  185. package/dist/platform/control-plane/method-catalog-events.d.ts +28 -0
  186. package/dist/platform/control-plane/method-catalog-events.d.ts.map +1 -1
  187. package/dist/platform/control-plane/method-catalog-events.js +74 -1
  188. package/dist/platform/control-plane/method-catalog-fleet.d.ts +24 -0
  189. package/dist/platform/control-plane/method-catalog-fleet.d.ts.map +1 -0
  190. package/dist/platform/control-plane/method-catalog-fleet.js +65 -0
  191. package/dist/platform/control-plane/method-catalog-push.d.ts +30 -0
  192. package/dist/platform/control-plane/method-catalog-push.d.ts.map +1 -0
  193. package/dist/platform/control-plane/method-catalog-push.js +80 -0
  194. package/dist/platform/control-plane/method-catalog-route-reconcile.d.ts +84 -0
  195. package/dist/platform/control-plane/method-catalog-route-reconcile.d.ts.map +1 -0
  196. package/dist/platform/control-plane/method-catalog-route-reconcile.js +103 -0
  197. package/dist/platform/control-plane/method-catalog-runtime.d.ts.map +1 -1
  198. package/dist/platform/control-plane/method-catalog-runtime.js +83 -1
  199. package/dist/platform/control-plane/method-catalog-shared.d.ts +29 -0
  200. package/dist/platform/control-plane/method-catalog-shared.d.ts.map +1 -1
  201. package/dist/platform/control-plane/method-catalog.d.ts +9 -0
  202. package/dist/platform/control-plane/method-catalog.d.ts.map +1 -1
  203. package/dist/platform/control-plane/method-catalog.js +34 -3
  204. package/dist/platform/control-plane/operator-contract-schemas-admin.d.ts +8 -0
  205. package/dist/platform/control-plane/operator-contract-schemas-admin.d.ts.map +1 -1
  206. package/dist/platform/control-plane/operator-contract-schemas-admin.js +22 -1
  207. package/dist/platform/control-plane/operator-contract-schemas-fleet.d.ts +18 -0
  208. package/dist/platform/control-plane/operator-contract-schemas-fleet.d.ts.map +1 -0
  209. package/dist/platform/control-plane/operator-contract-schemas-fleet.js +182 -0
  210. package/dist/platform/control-plane/operator-contract-schemas-permissions.d.ts.map +1 -1
  211. package/dist/platform/control-plane/operator-contract-schemas-permissions.js +5 -0
  212. package/dist/platform/control-plane/operator-contract-schemas-runtime.d.ts +37 -0
  213. package/dist/platform/control-plane/operator-contract-schemas-runtime.d.ts.map +1 -1
  214. package/dist/platform/control-plane/operator-contract-schemas-runtime.js +100 -3
  215. package/dist/platform/control-plane/operator-contract-schemas.d.ts +1 -0
  216. package/dist/platform/control-plane/operator-contract-schemas.d.ts.map +1 -1
  217. package/dist/platform/control-plane/operator-contract-schemas.js +1 -0
  218. package/dist/platform/control-plane/operator-contract.d.ts.map +1 -1
  219. package/dist/platform/control-plane/operator-contract.js +8 -0
  220. package/dist/platform/control-plane/routes/checkpoints.d.ts +39 -0
  221. package/dist/platform/control-plane/routes/checkpoints.d.ts.map +1 -0
  222. package/dist/platform/control-plane/routes/checkpoints.js +166 -0
  223. package/dist/platform/control-plane/routes/fleet.d.ts +53 -0
  224. package/dist/platform/control-plane/routes/fleet.d.ts.map +1 -0
  225. package/dist/platform/control-plane/routes/fleet.js +153 -0
  226. package/dist/platform/control-plane/routes/gateway-verb-error.d.ts +30 -0
  227. package/dist/platform/control-plane/routes/gateway-verb-error.d.ts.map +1 -0
  228. package/dist/platform/control-plane/routes/gateway-verb-error.js +36 -0
  229. package/dist/platform/control-plane/routes/index.d.ts +0 -6
  230. package/dist/platform/control-plane/routes/index.d.ts.map +1 -1
  231. package/dist/platform/control-plane/routes/index.js +5 -5
  232. package/dist/platform/control-plane/routes/invocation-params.d.ts +23 -0
  233. package/dist/platform/control-plane/routes/invocation-params.d.ts.map +1 -0
  234. package/dist/platform/control-plane/routes/invocation-params.js +9 -0
  235. package/dist/platform/control-plane/routes/push.d.ts +26 -0
  236. package/dist/platform/control-plane/routes/push.d.ts.map +1 -0
  237. package/dist/platform/control-plane/routes/push.js +104 -0
  238. package/dist/platform/control-plane/routes/register-gateway-verb-groups.d.ts +31 -0
  239. package/dist/platform/control-plane/routes/register-gateway-verb-groups.d.ts.map +1 -0
  240. package/dist/platform/control-plane/routes/register-gateway-verb-groups.js +16 -0
  241. package/dist/platform/control-plane/routes/register-w3-s2.d.ts +26 -0
  242. package/dist/platform/control-plane/routes/register-w3-s2.d.ts.map +1 -0
  243. package/dist/platform/control-plane/routes/register-w3-s2.js +8 -0
  244. package/dist/platform/control-plane/routes/session-search.d.ts +37 -0
  245. package/dist/platform/control-plane/routes/session-search.d.ts.map +1 -0
  246. package/dist/platform/control-plane/routes/session-search.js +113 -0
  247. package/dist/platform/control-plane/session-broker-gc.d.ts +16 -0
  248. package/dist/platform/control-plane/session-broker-gc.d.ts.map +1 -1
  249. package/dist/platform/control-plane/session-broker-gc.js +23 -6
  250. package/dist/platform/control-plane/session-broker-helpers.d.ts +3 -3
  251. package/dist/platform/control-plane/session-broker-helpers.d.ts.map +1 -1
  252. package/dist/platform/control-plane/session-broker-inputs.d.ts +18 -0
  253. package/dist/platform/control-plane/session-broker-inputs.d.ts.map +1 -1
  254. package/dist/platform/control-plane/session-broker-inputs.js +34 -0
  255. package/dist/platform/control-plane/session-broker-sessions.d.ts +102 -3
  256. package/dist/platform/control-plane/session-broker-sessions.d.ts.map +1 -1
  257. package/dist/platform/control-plane/session-broker-sessions.js +179 -5
  258. package/dist/platform/control-plane/session-broker-state.d.ts +20 -1
  259. package/dist/platform/control-plane/session-broker-state.d.ts.map +1 -1
  260. package/dist/platform/control-plane/session-broker-state.js +67 -5
  261. package/dist/platform/control-plane/session-broker.d.ts +51 -38
  262. package/dist/platform/control-plane/session-broker.d.ts.map +1 -1
  263. package/dist/platform/control-plane/session-broker.js +183 -75
  264. package/dist/platform/control-plane/session-store-importer.d.ts +57 -0
  265. package/dist/platform/control-plane/session-store-importer.d.ts.map +1 -0
  266. package/dist/platform/control-plane/session-store-importer.js +227 -0
  267. package/dist/platform/control-plane/session-types.d.ts +142 -7
  268. package/dist/platform/control-plane/session-types.d.ts.map +1 -1
  269. package/dist/platform/core/execution-plan.d.ts +43 -1
  270. package/dist/platform/core/execution-plan.d.ts.map +1 -1
  271. package/dist/platform/core/execution-plan.js +46 -10
  272. package/dist/platform/core/index.d.ts +1 -0
  273. package/dist/platform/core/index.d.ts.map +1 -1
  274. package/dist/platform/core/index.js +1 -0
  275. package/dist/platform/core/orchestrator-runtime.d.ts +23 -3
  276. package/dist/platform/core/orchestrator-runtime.d.ts.map +1 -1
  277. package/dist/platform/core/orchestrator-tool-runtime.d.ts +7 -0
  278. package/dist/platform/core/orchestrator-tool-runtime.d.ts.map +1 -1
  279. package/dist/platform/core/orchestrator-tool-runtime.js +10 -0
  280. package/dist/platform/core/orchestrator-turn-loop.d.ts +13 -6
  281. package/dist/platform/core/orchestrator-turn-loop.d.ts.map +1 -1
  282. package/dist/platform/core/orchestrator-turn-loop.js +29 -22
  283. package/dist/platform/core/orchestrator.d.ts +16 -10
  284. package/dist/platform/core/orchestrator.d.ts.map +1 -1
  285. package/dist/platform/core/orchestrator.js +23 -8
  286. package/dist/platform/core/plan-decomposition.d.ts +196 -0
  287. package/dist/platform/core/plan-decomposition.d.ts.map +1 -0
  288. package/dist/platform/core/plan-decomposition.js +417 -0
  289. package/dist/platform/core/plan-proposal.d.ts +39 -0
  290. package/dist/platform/core/plan-proposal.d.ts.map +1 -1
  291. package/dist/platform/core/wrfc-routing.d.ts +1 -0
  292. package/dist/platform/core/wrfc-routing.d.ts.map +1 -1
  293. package/dist/platform/core/wrfc-routing.js +51 -1
  294. package/dist/platform/daemon/boot.d.ts +69 -0
  295. package/dist/platform/daemon/boot.d.ts.map +1 -0
  296. package/dist/platform/daemon/boot.js +61 -0
  297. package/dist/platform/daemon/cli.js +2 -1
  298. package/dist/platform/daemon/control-plane.d.ts.map +1 -1
  299. package/dist/platform/daemon/control-plane.js +50 -1
  300. package/dist/platform/daemon/facade-composition.d.ts.map +1 -1
  301. package/dist/platform/daemon/facade-composition.js +6 -0
  302. package/dist/platform/daemon/facade.d.ts +15 -6
  303. package/dist/platform/daemon/facade.d.ts.map +1 -1
  304. package/dist/platform/daemon/facade.js +48 -43
  305. package/dist/platform/daemon/http/router-route-contexts.d.ts +1 -0
  306. package/dist/platform/daemon/http/router-route-contexts.d.ts.map +1 -1
  307. package/dist/platform/daemon/http/router-route-contexts.js +1 -0
  308. package/dist/platform/daemon/http/router-session-broker-adapter.d.ts +13 -0
  309. package/dist/platform/daemon/http/router-session-broker-adapter.d.ts.map +1 -0
  310. package/dist/platform/daemon/http/router-session-broker-adapter.js +27 -0
  311. package/dist/platform/daemon/http/router.d.ts +2 -1
  312. package/dist/platform/daemon/http/router.d.ts.map +1 -1
  313. package/dist/platform/daemon/http/router.js +42 -40
  314. package/dist/platform/daemon/http/runtime-route-types.d.ts +42 -4
  315. package/dist/platform/daemon/http/runtime-route-types.d.ts.map +1 -1
  316. package/dist/platform/daemon/http/webui-serving.d.ts +68 -0
  317. package/dist/platform/daemon/http/webui-serving.d.ts.map +1 -0
  318. package/dist/platform/daemon/http/webui-serving.js +230 -0
  319. package/dist/platform/daemon/index.d.ts +2 -0
  320. package/dist/platform/daemon/index.d.ts.map +1 -1
  321. package/dist/platform/daemon/index.js +1 -0
  322. package/dist/platform/daemon/service-manager.d.ts +16 -0
  323. package/dist/platform/daemon/service-manager.d.ts.map +1 -1
  324. package/dist/platform/daemon/service-manager.js +79 -15
  325. package/dist/platform/intelligence/tree-sitter/service.d.ts.map +1 -1
  326. package/dist/platform/intelligence/tree-sitter/service.js +16 -2
  327. package/dist/platform/knowledge/browser-history/readers.d.ts.map +1 -1
  328. package/dist/platform/knowledge/browser-history/readers.js +15 -5
  329. package/dist/platform/knowledge/knowledge-api.d.ts +1 -1
  330. package/dist/platform/knowledge/project-planning/service.d.ts +14 -1
  331. package/dist/platform/knowledge/project-planning/service.d.ts.map +1 -1
  332. package/dist/platform/knowledge/project-planning/service.js +77 -0
  333. package/dist/platform/knowledge/project-planning/types.d.ts +32 -0
  334. package/dist/platform/knowledge/project-planning/types.d.ts.map +1 -1
  335. package/dist/platform/orchestration/bookkeeping.d.ts +12 -0
  336. package/dist/platform/orchestration/bookkeeping.d.ts.map +1 -0
  337. package/dist/platform/orchestration/bookkeeping.js +91 -0
  338. package/dist/platform/orchestration/budget.d.ts +2 -2
  339. package/dist/platform/orchestration/cancellation.d.ts +2 -2
  340. package/dist/platform/orchestration/controller-compat.d.ts +16 -3
  341. package/dist/platform/orchestration/controller-compat.d.ts.map +1 -1
  342. package/dist/platform/orchestration/controller-compat.js +18 -4
  343. package/dist/platform/orchestration/dirty-guard.js +1 -1
  344. package/dist/platform/orchestration/engine.d.ts +26 -1
  345. package/dist/platform/orchestration/engine.d.ts.map +1 -1
  346. package/dist/platform/orchestration/engine.js +229 -25
  347. package/dist/platform/orchestration/index.d.ts +6 -4
  348. package/dist/platform/orchestration/index.d.ts.map +1 -1
  349. package/dist/platform/orchestration/index.js +3 -2
  350. package/dist/platform/orchestration/persistence.d.ts.map +1 -1
  351. package/dist/platform/orchestration/persistence.js +6 -3
  352. package/dist/platform/orchestration/phase-runner.d.ts +33 -6
  353. package/dist/platform/orchestration/phase-runner.d.ts.map +1 -1
  354. package/dist/platform/orchestration/phase-runner.js +98 -25
  355. package/dist/platform/orchestration/proposal-workstream.d.ts +56 -0
  356. package/dist/platform/orchestration/proposal-workstream.d.ts.map +1 -0
  357. package/dist/platform/orchestration/proposal-workstream.js +76 -0
  358. package/dist/platform/orchestration/scheduler.d.ts +20 -1
  359. package/dist/platform/orchestration/scheduler.d.ts.map +1 -1
  360. package/dist/platform/orchestration/scheduler.js +16 -0
  361. package/dist/platform/orchestration/types.d.ts +289 -4
  362. package/dist/platform/orchestration/types.d.ts.map +1 -1
  363. package/dist/platform/orchestration/types.js +32 -0
  364. package/dist/platform/orchestration/worktree-isolation.d.ts +33 -0
  365. package/dist/platform/orchestration/worktree-isolation.d.ts.map +1 -0
  366. package/dist/platform/orchestration/worktree-isolation.js +248 -0
  367. package/dist/platform/presentation/glyphs.d.ts +91 -0
  368. package/dist/platform/presentation/glyphs.d.ts.map +1 -0
  369. package/dist/platform/presentation/glyphs.js +93 -0
  370. package/dist/platform/presentation/index.d.ts +28 -0
  371. package/dist/platform/presentation/index.d.ts.map +1 -0
  372. package/dist/platform/presentation/index.js +27 -0
  373. package/dist/platform/presentation/thinking-phrases.d.ts +12 -0
  374. package/dist/platform/presentation/thinking-phrases.d.ts.map +1 -0
  375. package/dist/platform/presentation/thinking-phrases.js +32 -0
  376. package/dist/platform/presentation/tones.d.ts +121 -0
  377. package/dist/platform/presentation/tones.d.ts.map +1 -0
  378. package/dist/platform/presentation/tones.js +145 -0
  379. package/dist/platform/presentation/waiting-wording.d.ts +54 -0
  380. package/dist/platform/presentation/waiting-wording.d.ts.map +1 -0
  381. package/dist/platform/presentation/waiting-wording.js +51 -0
  382. package/dist/platform/providers/runtime-snapshot.d.ts.map +1 -1
  383. package/dist/platform/providers/runtime-snapshot.js +12 -2
  384. package/dist/platform/push/delivery.d.ts +48 -0
  385. package/dist/platform/push/delivery.d.ts.map +1 -0
  386. package/dist/platform/push/delivery.js +117 -0
  387. package/dist/platform/push/encryption.d.ts +41 -0
  388. package/dist/platform/push/encryption.d.ts.map +1 -0
  389. package/dist/platform/push/encryption.js +82 -0
  390. package/dist/platform/push/index.d.ts +17 -0
  391. package/dist/platform/push/index.d.ts.map +1 -0
  392. package/dist/platform/push/index.js +10 -0
  393. package/dist/platform/push/service.d.ts +75 -0
  394. package/dist/platform/push/service.d.ts.map +1 -0
  395. package/dist/platform/push/service.js +95 -0
  396. package/dist/platform/push/subscription-store.d.ts +50 -0
  397. package/dist/platform/push/subscription-store.d.ts.map +1 -0
  398. package/dist/platform/push/subscription-store.js +123 -0
  399. package/dist/platform/push/types.d.ts +68 -0
  400. package/dist/platform/push/types.d.ts.map +1 -0
  401. package/dist/platform/push/types.js +13 -0
  402. package/dist/platform/push/vapid.d.ts +54 -0
  403. package/dist/platform/push/vapid.d.ts.map +1 -0
  404. package/dist/platform/push/vapid.js +113 -0
  405. package/dist/platform/runtime/bootstrap-services.d.ts +62 -2
  406. package/dist/platform/runtime/bootstrap-services.d.ts.map +1 -1
  407. package/dist/platform/runtime/bootstrap-services.js +217 -50
  408. package/dist/platform/runtime/daemon-version-compat.d.ts +39 -0
  409. package/dist/platform/runtime/daemon-version-compat.d.ts.map +1 -0
  410. package/dist/platform/runtime/daemon-version-compat.js +75 -0
  411. package/dist/platform/runtime/detached-daemon-runtime.d.ts +26 -0
  412. package/dist/platform/runtime/detached-daemon-runtime.d.ts.map +1 -0
  413. package/dist/platform/runtime/detached-daemon-runtime.js +49 -0
  414. package/dist/platform/runtime/emitters/workflows.d.ts +1 -1
  415. package/dist/platform/runtime/emitters/workflows.d.ts.map +1 -1
  416. package/dist/platform/runtime/events/index.d.ts +13 -0
  417. package/dist/platform/runtime/events/index.d.ts.map +1 -1
  418. package/dist/platform/runtime/events/index.js +13 -0
  419. package/dist/platform/runtime/feature-flags/flags.d.ts.map +1 -1
  420. package/dist/platform/runtime/feature-flags/flags.js +39 -1
  421. package/dist/platform/runtime/fleet/adapters/agent.d.ts +2 -2
  422. package/dist/platform/runtime/fleet/adapters/agent.d.ts.map +1 -1
  423. package/dist/platform/runtime/fleet/adapters/agent.js +4 -4
  424. package/dist/platform/runtime/fleet/adapters/automation.d.ts +1 -1
  425. package/dist/platform/runtime/fleet/adapters/automation.js +1 -1
  426. package/dist/platform/runtime/fleet/adapters/code-index.d.ts +1 -1
  427. package/dist/platform/runtime/fleet/adapters/code-index.js +1 -1
  428. package/dist/platform/runtime/fleet/adapters/orchestration.d.ts +40 -18
  429. package/dist/platform/runtime/fleet/adapters/orchestration.d.ts.map +1 -1
  430. package/dist/platform/runtime/fleet/adapters/orchestration.js +138 -34
  431. package/dist/platform/runtime/fleet/adapters/schedule.d.ts +4 -4
  432. package/dist/platform/runtime/fleet/adapters/schedule.js +4 -4
  433. package/dist/platform/runtime/fleet/adapters/trigger.d.ts +3 -4
  434. package/dist/platform/runtime/fleet/adapters/trigger.d.ts.map +1 -1
  435. package/dist/platform/runtime/fleet/adapters/trigger.js +3 -4
  436. package/dist/platform/runtime/fleet/adapters/wrfc.d.ts +13 -0
  437. package/dist/platform/runtime/fleet/adapters/wrfc.d.ts.map +1 -1
  438. package/dist/platform/runtime/fleet/adapters/wrfc.js +49 -2
  439. package/dist/platform/runtime/fleet/registry.d.ts +7 -7
  440. package/dist/platform/runtime/fleet/registry.d.ts.map +1 -1
  441. package/dist/platform/runtime/fleet/registry.js +41 -7
  442. package/dist/platform/runtime/fleet/types.d.ts +9 -9
  443. package/dist/platform/runtime/fleet/types.d.ts.map +1 -1
  444. package/dist/platform/runtime/memory-spine/client.d.ts +127 -0
  445. package/dist/platform/runtime/memory-spine/client.d.ts.map +1 -0
  446. package/dist/platform/runtime/memory-spine/client.js +113 -0
  447. package/dist/platform/runtime/memory-spine/index.d.ts +11 -0
  448. package/dist/platform/runtime/memory-spine/index.d.ts.map +1 -0
  449. package/dist/platform/runtime/memory-spine/index.js +10 -0
  450. package/dist/platform/runtime/operator-client.d.ts +20 -2
  451. package/dist/platform/runtime/operator-client.d.ts.map +1 -1
  452. package/dist/platform/runtime/operator-client.js +11 -1
  453. package/dist/platform/runtime/provider-accounts/registry.d.ts.map +1 -1
  454. package/dist/platform/runtime/provider-accounts/registry.js +11 -1
  455. package/dist/platform/runtime/services.d.ts +11 -9
  456. package/dist/platform/runtime/services.d.ts.map +1 -1
  457. package/dist/platform/runtime/services.js +24 -9
  458. package/dist/platform/runtime/session-spine/client.d.ts +234 -0
  459. package/dist/platform/runtime/session-spine/client.d.ts.map +1 -0
  460. package/dist/platform/runtime/session-spine/client.js +449 -0
  461. package/dist/platform/runtime/session-spine/index.d.ts +12 -0
  462. package/dist/platform/runtime/session-spine/index.d.ts.map +1 -0
  463. package/dist/platform/runtime/session-spine/index.js +11 -0
  464. package/dist/platform/runtime/session-spine/union-cache.d.ts +225 -0
  465. package/dist/platform/runtime/session-spine/union-cache.d.ts.map +1 -0
  466. package/dist/platform/runtime/session-spine/union-cache.js +333 -0
  467. package/dist/platform/runtime/shell-command-ops.d.ts +3 -1
  468. package/dist/platform/runtime/shell-command-ops.d.ts.map +1 -1
  469. package/dist/platform/runtime/transports/daemon-http-client-validators.d.ts.map +1 -1
  470. package/dist/platform/runtime/transports/daemon-http-client-validators.js +22 -0
  471. package/dist/platform/runtime/transports/daemon-http-client.d.ts.map +1 -1
  472. package/dist/platform/runtime/transports/daemon-http-client.js +25 -2
  473. package/dist/platform/runtime/transports/http-types.d.ts +9 -2
  474. package/dist/platform/runtime/transports/http-types.d.ts.map +1 -1
  475. package/dist/platform/state/canonical-memory.d.ts +95 -0
  476. package/dist/platform/state/canonical-memory.d.ts.map +1 -0
  477. package/dist/platform/state/canonical-memory.js +155 -0
  478. package/dist/platform/state/code-index-chunking.js +1 -1
  479. package/dist/platform/state/code-index-db.d.ts +1 -1
  480. package/dist/platform/state/code-index-reindex.d.ts +73 -0
  481. package/dist/platform/state/code-index-reindex.d.ts.map +1 -0
  482. package/dist/platform/state/code-index-reindex.js +156 -0
  483. package/dist/platform/state/code-index-store.d.ts.map +1 -1
  484. package/dist/platform/state/code-index-store.js +11 -3
  485. package/dist/platform/state/index.d.ts +8 -0
  486. package/dist/platform/state/index.d.ts.map +1 -1
  487. package/dist/platform/state/index.js +4 -0
  488. package/dist/platform/state/memory-recall-contract.d.ts +118 -0
  489. package/dist/platform/state/memory-recall-contract.d.ts.map +1 -0
  490. package/dist/platform/state/memory-recall-contract.js +170 -0
  491. package/dist/platform/state/memory-registry.d.ts +8 -0
  492. package/dist/platform/state/memory-registry.d.ts.map +1 -1
  493. package/dist/platform/state/memory-registry.js +10 -0
  494. package/dist/platform/state/memory-store.d.ts +2 -0
  495. package/dist/platform/state/memory-store.d.ts.map +1 -1
  496. package/dist/platform/state/memory-store.js +4 -0
  497. package/dist/platform/state/memory-vector-store.d.ts.map +1 -1
  498. package/dist/platform/state/memory-vector-store.js +14 -3
  499. package/dist/platform/state/sqlite-store.d.ts +2 -0
  500. package/dist/platform/state/sqlite-store.d.ts.map +1 -1
  501. package/dist/platform/state/sqlite-store.js +4 -0
  502. package/dist/platform/state/sqlite-vec-loader.d.ts +1 -1
  503. package/dist/platform/state/sqlite-vec-loader.js +1 -1
  504. package/dist/platform/state/vibe-projection.d.ts +67 -0
  505. package/dist/platform/state/vibe-projection.d.ts.map +1 -0
  506. package/dist/platform/state/vibe-projection.js +115 -0
  507. package/dist/platform/tools/agent/index.d.ts.map +1 -1
  508. package/dist/platform/tools/agent/index.js +8 -0
  509. package/dist/platform/tools/agent/manager.d.ts +22 -10
  510. package/dist/platform/tools/agent/manager.d.ts.map +1 -1
  511. package/dist/platform/tools/agent/manager.js +13 -7
  512. package/dist/platform/tools/agent/schema.d.ts +26 -0
  513. package/dist/platform/tools/agent/schema.d.ts.map +1 -1
  514. package/dist/platform/tools/agent/schema.js +2 -2
  515. package/dist/platform/tools/agent/wrfc-batch-policy.d.ts +13 -0
  516. package/dist/platform/tools/agent/wrfc-batch-policy.d.ts.map +1 -1
  517. package/dist/platform/tools/agent/wrfc-batch-policy.js +60 -0
  518. package/dist/platform/tools/exec/runtime.d.ts +10 -0
  519. package/dist/platform/tools/exec/runtime.d.ts.map +1 -1
  520. package/dist/platform/tools/exec/runtime.js +27 -10
  521. package/dist/platform/tools/exec/schema.d.ts +2 -2
  522. package/dist/platform/tools/exec/schema.d.ts.map +1 -1
  523. package/dist/platform/tools/exec/schema.js +2 -1
  524. package/dist/platform/tools/fetch/runtime.d.ts +1 -1
  525. package/dist/platform/tools/index.d.ts +2 -0
  526. package/dist/platform/tools/index.d.ts.map +1 -1
  527. package/dist/platform/tools/index.js +2 -0
  528. package/dist/platform/tools/registry.d.ts +1 -1
  529. package/dist/platform/tools/registry.js +1 -1
  530. package/dist/platform/tools/state/index.d.ts +9 -0
  531. package/dist/platform/tools/state/index.d.ts.map +1 -1
  532. package/dist/platform/tools/state/index.js +60 -3
  533. package/dist/platform/types/foundation-contract.d.ts +1 -1
  534. package/dist/platform/types/foundation-contract.d.ts.map +1 -1
  535. package/dist/platform/types/index.d.ts +1 -1
  536. package/dist/platform/types/index.d.ts.map +1 -1
  537. package/dist/platform/types/tools.d.ts +1 -1
  538. package/dist/platform/utils/request-body.d.ts.map +1 -1
  539. package/dist/platform/utils/request-body.js +50 -5
  540. package/dist/platform/version.js +1 -1
  541. package/package.json +25 -9
  542. package/dist/platform/control-plane/routes/automation.d.ts +0 -3
  543. package/dist/platform/control-plane/routes/automation.d.ts.map +0 -1
  544. package/dist/platform/control-plane/routes/automation.js +0 -63
  545. package/dist/platform/control-plane/routes/context.d.ts +0 -2
  546. package/dist/platform/control-plane/routes/context.d.ts.map +0 -1
  547. package/dist/platform/control-plane/routes/context.js +0 -1
  548. package/dist/platform/control-plane/routes/operator.d.ts +0 -8
  549. package/dist/platform/control-plane/routes/operator.d.ts.map +0 -1
  550. package/dist/platform/control-plane/routes/operator.js +0 -415
  551. package/dist/platform/control-plane/routes/remote.d.ts +0 -3
  552. package/dist/platform/control-plane/routes/remote.d.ts.map +0 -1
  553. package/dist/platform/control-plane/routes/remote.js +0 -35
  554. package/dist/platform/control-plane/routes/sessions.d.ts +0 -3
  555. package/dist/platform/control-plane/routes/sessions.d.ts.map +0 -1
  556. package/dist/platform/control-plane/routes/sessions.js +0 -43
  557. package/dist/platform/control-plane/routes/tasks.d.ts +0 -3
  558. package/dist/platform/control-plane/routes/tasks.d.ts.map +0 -1
  559. package/dist/platform/control-plane/routes/tasks.js +0 -22
@@ -0,0 +1,72 @@
1
+ /**
2
+ * oauth-token-store.ts — token persistence + honest lifecycle over the injected
3
+ * secret store. Tokens (access + refresh) live ONLY in the secret store, never in
4
+ * plain config and never echoed. The store computes an honest connection state from
5
+ * the stored set + the clock, auto-refreshes when the access token is due, and — when
6
+ * a refresh fails — records a durable `reconnect-needed` marker so every later read is
7
+ * honest about the account being broken until the user reconnects.
8
+ */
9
+ import type { CalendarProviderId, Clock, ConnectedAccount, ConnectionState, HttpFetch, ResolvedClientConfig, SecretStoreSlice, StoredTokenSet } from './oauth-types.js';
10
+ export interface CalendarTokenStoreOptions {
11
+ readonly secrets: SecretStoreSlice;
12
+ readonly clock?: Clock;
13
+ /** How long before expiry a token counts as due for refresh. */
14
+ readonly refreshLeewayMs?: number;
15
+ }
16
+ /** A refresh failure the caller turns into a "reconnect needed" surface. */
17
+ export declare class TokenRefreshError extends Error {
18
+ readonly provider: CalendarProviderId;
19
+ constructor(provider: CalendarProviderId, message: string);
20
+ }
21
+ export declare class CalendarTokenStore {
22
+ private readonly secrets;
23
+ private readonly clock;
24
+ private readonly leewayMs;
25
+ /**
26
+ * In-instance single-flight dedup for concurrent refreshes of the same provider.
27
+ * Providers that rotate refresh tokens (Microsoft) invalidate the prior refresh
28
+ * token the moment one refresh succeeds — a second concurrent call that still
29
+ * holds the OLD refresh token would otherwise lose the race with invalid_grant
30
+ * and stamp reconnect-needed over a perfectly working account. Every concurrent
31
+ * caller for a given provider instead awaits the SAME in-flight refresh.
32
+ */
33
+ private readonly inflightRefresh;
34
+ constructor(options: CalendarTokenStoreOptions);
35
+ /** Persist a fresh token set + account metadata; clears any reconnect marker. */
36
+ save(provider: CalendarProviderId, tokens: StoredTokenSet, account: ConnectedAccount): Promise<void>;
37
+ /** Read the stored token set for a provider, or null when disconnected. */
38
+ load(provider: CalendarProviderId): Promise<StoredTokenSet | null>;
39
+ /** Read the account metadata for a provider, or null. */
40
+ loadAccount(provider: CalendarProviderId): Promise<ConnectedAccount | null>;
41
+ /** List every connected account across providers. */
42
+ listAccounts(): Promise<ConnectedAccount[]>;
43
+ /** The honest connection state, from the marker + stored set + clock. */
44
+ connectionState(provider: CalendarProviderId): Promise<ConnectionState>;
45
+ /**
46
+ * Return a usable access token, refreshing first when it is due. On a refresh
47
+ * failure this records a durable reconnect-needed marker and throws
48
+ * TokenRefreshError — never returns a stale/invalid token as if it were good.
49
+ */
50
+ getFreshAccessToken(provider: CalendarProviderId, config: ResolvedClientConfig, fetchImpl: HttpFetch): Promise<string>;
51
+ private performRefresh;
52
+ /**
53
+ * Disconnect a provider: revoke the token at the provider when possible, then
54
+ * delete every stored key. Returns whether the provider-side revocation succeeded
55
+ * (false for providers without a revocation endpoint — disconnect is still local).
56
+ */
57
+ disconnect(provider: CalendarProviderId, config: ResolvedClientConfig, fetchImpl: HttpFetch): Promise<{
58
+ readonly revokedRemotely: boolean;
59
+ }>;
60
+ /**
61
+ * Stamp the durable reconnect-needed marker — UNLESS a valid (non-expired) token
62
+ * set already exists. A refresh can fail here while a concurrent winner (this
63
+ * instance's own single-flight already prevents an in-process race, but a
64
+ * separate process/instance sharing the same secret store is not covered by
65
+ * that) has already stored a fresh, working token set for the same provider.
66
+ * Re-reading state immediately before writing the marker means a genuinely
67
+ * working account is never overwritten with a false "reconnect needed".
68
+ */
69
+ private markReconnectNeeded;
70
+ private syntheticAccount;
71
+ }
72
+ //# sourceMappingURL=oauth-token-store.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-token-store.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/oauth-token-store.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EACV,kBAAkB,EAClB,KAAK,EACL,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACf,MAAM,kBAAkB,CAAC;AAgB1B,MAAM,WAAW,yBAAyB;IACxC,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,QAAQ,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC;IACvB,gEAAgE;IAChE,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;CACnC;AAED,4EAA4E;AAC5E,qBAAa,iBAAkB,SAAQ,KAAK;IAC1C,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;gBAC1B,QAAQ,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM;CAK1D;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAmB;IAC3C,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAQ;IAC9B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC;;;;;;;OAOG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkD;gBAEtE,OAAO,EAAE,yBAAyB;IAM9C,iFAAiF;IAC3E,IAAI,CAAC,QAAQ,EAAE,kBAAkB,EAAE,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1G,2EAA2E;IACrE,IAAI,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAUxE,yDAAyD;IACnD,WAAW,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAUjF,qDAAqD;IAC/C,YAAY,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;IASjD,yEAAyE;IACnE,eAAe,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,eAAe,CAAC;IAS7E;;;;OAIG;IACG,mBAAmB,CACvB,QAAQ,EAAE,kBAAkB,EAC5B,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC,MAAM,CAAC;YAuBJ,cAAc;IAmB5B;;;;OAIG;IACG,UAAU,CACd,QAAQ,EAAE,kBAAkB,EAC5B,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC;QAAE,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAA;KAAE,CAAC;IAYjD;;;;;;;;OAQG;YACW,mBAAmB;IASjC,OAAO,CAAC,gBAAgB;CASzB"}
@@ -0,0 +1,189 @@
1
+ /**
2
+ * oauth-token-store.ts — token persistence + honest lifecycle over the injected
3
+ * secret store. Tokens (access + refresh) live ONLY in the secret store, never in
4
+ * plain config and never echoed. The store computes an honest connection state from
5
+ * the stored set + the clock, auto-refreshes when the access token is due, and — when
6
+ * a refresh fails — records a durable `reconnect-needed` marker so every later read is
7
+ * honest about the account being broken until the user reconnects.
8
+ */
9
+ import { OAuthFlowError, refreshAccessToken, revokeToken } from './oauth-flow.js';
10
+ const DEFAULT_REFRESH_LEEWAY_MS = 60_000;
11
+ function tokenKey(provider) {
12
+ return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_TOKENS`;
13
+ }
14
+ function accountKey(provider) {
15
+ return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_ACCOUNT`;
16
+ }
17
+ function statusKey(provider) {
18
+ return `GOODVIBES_CALENDAR_${provider.toUpperCase()}_STATUS`;
19
+ }
20
+ const ALL_PROVIDERS = ['google', 'microsoft'];
21
+ /** A refresh failure the caller turns into a "reconnect needed" surface. */
22
+ export class TokenRefreshError extends Error {
23
+ provider;
24
+ constructor(provider, message) {
25
+ super(message);
26
+ this.name = 'TokenRefreshError';
27
+ this.provider = provider;
28
+ }
29
+ }
30
+ export class CalendarTokenStore {
31
+ secrets;
32
+ clock;
33
+ leewayMs;
34
+ /**
35
+ * In-instance single-flight dedup for concurrent refreshes of the same provider.
36
+ * Providers that rotate refresh tokens (Microsoft) invalidate the prior refresh
37
+ * token the moment one refresh succeeds — a second concurrent call that still
38
+ * holds the OLD refresh token would otherwise lose the race with invalid_grant
39
+ * and stamp reconnect-needed over a perfectly working account. Every concurrent
40
+ * caller for a given provider instead awaits the SAME in-flight refresh.
41
+ */
42
+ inflightRefresh = new Map();
43
+ constructor(options) {
44
+ this.secrets = options.secrets;
45
+ this.clock = options.clock ?? (() => Date.now());
46
+ this.leewayMs = options.refreshLeewayMs ?? DEFAULT_REFRESH_LEEWAY_MS;
47
+ }
48
+ /** Persist a fresh token set + account metadata; clears any reconnect marker. */
49
+ async save(provider, tokens, account) {
50
+ await this.secrets.set(tokenKey(provider), JSON.stringify(tokens));
51
+ await this.secrets.set(accountKey(provider), JSON.stringify(account));
52
+ await this.secrets.delete(statusKey(provider));
53
+ }
54
+ /** Read the stored token set for a provider, or null when disconnected. */
55
+ async load(provider) {
56
+ const raw = await this.secrets.get(tokenKey(provider));
57
+ if (!raw)
58
+ return null;
59
+ try {
60
+ return JSON.parse(raw);
61
+ }
62
+ catch {
63
+ return null;
64
+ }
65
+ }
66
+ /** Read the account metadata for a provider, or null. */
67
+ async loadAccount(provider) {
68
+ const raw = await this.secrets.get(accountKey(provider));
69
+ if (!raw)
70
+ return null;
71
+ try {
72
+ return JSON.parse(raw);
73
+ }
74
+ catch {
75
+ return null;
76
+ }
77
+ }
78
+ /** List every connected account across providers. */
79
+ async listAccounts() {
80
+ const out = [];
81
+ for (const provider of ALL_PROVIDERS) {
82
+ const account = await this.loadAccount(provider);
83
+ if (account)
84
+ out.push(account);
85
+ }
86
+ return out;
87
+ }
88
+ /** The honest connection state, from the marker + stored set + clock. */
89
+ async connectionState(provider) {
90
+ if (await this.secrets.get(statusKey(provider)))
91
+ return 'reconnect-needed';
92
+ const tokens = await this.load(provider);
93
+ if (!tokens)
94
+ return 'disconnected';
95
+ if (typeof tokens.expiresAt !== 'number')
96
+ return 'connected';
97
+ if (this.clock() < tokens.expiresAt - this.leewayMs)
98
+ return 'connected';
99
+ return tokens.refreshToken ? 'refresh-due' : 'reconnect-needed';
100
+ }
101
+ /**
102
+ * Return a usable access token, refreshing first when it is due. On a refresh
103
+ * failure this records a durable reconnect-needed marker and throws
104
+ * TokenRefreshError — never returns a stale/invalid token as if it were good.
105
+ */
106
+ async getFreshAccessToken(provider, config, fetchImpl) {
107
+ const tokens = await this.load(provider);
108
+ if (!tokens)
109
+ throw new TokenRefreshError(provider, `No ${provider} account is connected.`);
110
+ const due = typeof tokens.expiresAt === 'number' && this.clock() >= tokens.expiresAt - this.leewayMs;
111
+ if (!due)
112
+ return tokens.accessToken;
113
+ if (!tokens.refreshToken) {
114
+ await this.markReconnectNeeded(provider);
115
+ throw new TokenRefreshError(provider, `The ${provider} access token expired and no refresh token is stored.`);
116
+ }
117
+ // Single-flight: a refresh already in progress for this provider serves every
118
+ // concurrent caller instead of each racing the provider with the same (possibly
119
+ // about-to-be-rotated) refresh token.
120
+ const existing = this.inflightRefresh.get(provider);
121
+ if (existing)
122
+ return existing;
123
+ const refreshToken = tokens.refreshToken;
124
+ const inFlight = this.performRefresh(provider, config, fetchImpl, refreshToken)
125
+ .finally(() => {
126
+ if (this.inflightRefresh.get(provider) === inFlight)
127
+ this.inflightRefresh.delete(provider);
128
+ });
129
+ this.inflightRefresh.set(provider, inFlight);
130
+ return inFlight;
131
+ }
132
+ async performRefresh(provider, config, fetchImpl, refreshToken) {
133
+ let refreshed;
134
+ try {
135
+ refreshed = await refreshAccessToken(config, fetchImpl, refreshToken, this.clock());
136
+ }
137
+ catch (error) {
138
+ await this.markReconnectNeeded(provider);
139
+ const detail = error instanceof OAuthFlowError ? error.message : String(error);
140
+ throw new TokenRefreshError(provider, `Refreshing the ${provider} token failed: ${detail}`);
141
+ }
142
+ const account = (await this.loadAccount(provider)) ?? this.syntheticAccount(provider, refreshed);
143
+ await this.save(provider, refreshed, account);
144
+ return refreshed.accessToken;
145
+ }
146
+ /**
147
+ * Disconnect a provider: revoke the token at the provider when possible, then
148
+ * delete every stored key. Returns whether the provider-side revocation succeeded
149
+ * (false for providers without a revocation endpoint — disconnect is still local).
150
+ */
151
+ async disconnect(provider, config, fetchImpl) {
152
+ const tokens = await this.load(provider);
153
+ let revokedRemotely = false;
154
+ if (tokens) {
155
+ revokedRemotely = await revokeToken(config, fetchImpl, tokens.refreshToken ?? tokens.accessToken);
156
+ }
157
+ await this.secrets.delete(tokenKey(provider));
158
+ await this.secrets.delete(accountKey(provider));
159
+ await this.secrets.delete(statusKey(provider));
160
+ return { revokedRemotely };
161
+ }
162
+ /**
163
+ * Stamp the durable reconnect-needed marker — UNLESS a valid (non-expired) token
164
+ * set already exists. A refresh can fail here while a concurrent winner (this
165
+ * instance's own single-flight already prevents an in-process race, but a
166
+ * separate process/instance sharing the same secret store is not covered by
167
+ * that) has already stored a fresh, working token set for the same provider.
168
+ * Re-reading state immediately before writing the marker means a genuinely
169
+ * working account is never overwritten with a false "reconnect needed".
170
+ */
171
+ async markReconnectNeeded(provider) {
172
+ const current = await this.load(provider);
173
+ if (current) {
174
+ const stillValid = typeof current.expiresAt !== 'number' || this.clock() < current.expiresAt - this.leewayMs;
175
+ if (stillValid)
176
+ return;
177
+ }
178
+ await this.secrets.set(statusKey(provider), 'reconnect-needed');
179
+ }
180
+ syntheticAccount(provider, tokens) {
181
+ return {
182
+ provider,
183
+ accountId: provider,
184
+ label: provider === 'google' ? 'Google Calendar' : 'Microsoft Outlook',
185
+ scopes: tokens.scopes ?? [],
186
+ connectedAt: tokens.obtainedAt,
187
+ };
188
+ }
189
+ }
@@ -0,0 +1,274 @@
1
+ /**
2
+ * oauth-types.ts — the shared type surface for the calendar OAuth + API connector
3
+ * layer (see CHANGELOG 1.0.0, A10). Sits alongside A9's .ics reader/subscription
4
+ * store in the same module: A9 owns file/feed reading; this half owns authenticated
5
+ * provider connectivity (Google Calendar API v3, Microsoft Graph) over OAuth 2.0.
6
+ *
7
+ * Pure data shapes only — no fs, no network, no process globals. The network is an
8
+ * INJECTED boundary (HttpFetch); the loopback redirect capture is an INJECTED
9
+ * boundary (LoopbackWaiter); token persistence is an INJECTED secret store slice.
10
+ * Tests supply fakes for all three, so nothing here ever reaches a real network,
11
+ * a real port, or a real keychain.
12
+ *
13
+ * Honesty contract (see docs/decisions/2026-07-06-calendar-oauth-connector-sdk.md):
14
+ * - a token whose refresh fails is NEVER silently treated as valid; it surfaces as
15
+ * `connection-state: 'reconnect-needed'` naming the reason.
16
+ * - a 403 that names a missing scope surfaces as `insufficient-scope` naming the
17
+ * exact scope, not a generic failure.
18
+ * - the bundled project client id is an honest placeholder until Mike registers the
19
+ * project apps; a flow attempted against the placeholder reports
20
+ * `client-not-configured`, never a fake success.
21
+ */
22
+ import type { CalendarEvent, EventDateTime } from './types.js';
23
+ export type { Clock } from './types.js';
24
+ /** Which authenticated calendar provider a connection speaks to. */
25
+ export type CalendarProviderId = 'google' | 'microsoft';
26
+ /** The label recorded on every event so a merged view can say where it came from. */
27
+ export type CalendarSource = 'google-api' | 'microsoft-graph' | 'ics-feed' | 'local';
28
+ /**
29
+ * A provider profile: the fixed OAuth + API endpoints and defaults for one provider.
30
+ * Everything a user does NOT supply (endpoints, default scopes, the bundled project
31
+ * client id) lives here; what the user CAN supply (their own client id/secret,
32
+ * scope overrides) arrives as OAuthClientOverrides and is merged in at resolve time.
33
+ */
34
+ export interface OAuthProviderProfile {
35
+ readonly provider: CalendarProviderId;
36
+ /** Human label, e.g. 'Google Calendar' / 'Microsoft Outlook'. */
37
+ readonly displayName: string;
38
+ readonly authorizationEndpoint: string;
39
+ readonly tokenEndpoint: string;
40
+ /** Device-authorization endpoint; both providers support the device-code grant. */
41
+ readonly deviceAuthorizationEndpoint: string;
42
+ /** Token-revocation endpoint, when the provider offers one (Google does; MS does not). */
43
+ readonly revocationEndpoint?: string;
44
+ /** The API base the calendar client talks to after auth. */
45
+ readonly apiBaseUrl: string;
46
+ /** Default scopes when the user does not override them. */
47
+ readonly defaultScopes: readonly string[];
48
+ /**
49
+ * The project-level ("bundled") client id shipped in config defaults — the
50
+ * rclone/gh pattern. Native-app client ids are not secrets (RFC 8252); paired
51
+ * with PKCE no client secret is needed for the installed-app / public-client
52
+ * profile. Ships as an honest PLACEHOLDER until Mike registers the project apps.
53
+ */
54
+ readonly bundledClientId: string;
55
+ /**
56
+ * The literal placeholder value bundledClientId holds before real registration.
57
+ * When the resolved client id still equals this, the flow reports
58
+ * `client-not-configured` instead of attempting a doomed round-trip.
59
+ */
60
+ readonly placeholderClientId: string;
61
+ /** Extra fixed authorization-request params (e.g. Google's access_type=offline). */
62
+ readonly extraAuthParams?: Readonly<Record<string, string>>;
63
+ }
64
+ /** What a user MAY override — never required; surfaced only under "advanced". */
65
+ export interface OAuthClientOverrides {
66
+ /** A user's own registered client id (confidential- or public-client). */
67
+ readonly clientId?: string;
68
+ /**
69
+ * A user's own client secret, for a confidential-client registration. Absent for
70
+ * the default public native-app profile (PKCE, no secret). Secret-stored, never
71
+ * echoed.
72
+ */
73
+ readonly clientSecret?: string;
74
+ /** Scope override; when absent the profile's defaultScopes are used. */
75
+ readonly scopes?: readonly string[];
76
+ /** Loopback redirect host/port override for the auth-code flow. */
77
+ readonly redirectHost?: string;
78
+ readonly redirectPort?: number;
79
+ }
80
+ /** The fully-resolved client config a flow actually runs with. */
81
+ export interface ResolvedClientConfig {
82
+ readonly provider: CalendarProviderId;
83
+ readonly clientId: string;
84
+ readonly clientSecret?: string;
85
+ readonly scopes: readonly string[];
86
+ readonly authorizationEndpoint: string;
87
+ readonly tokenEndpoint: string;
88
+ readonly deviceAuthorizationEndpoint: string;
89
+ readonly revocationEndpoint?: string;
90
+ readonly apiBaseUrl: string;
91
+ readonly extraAuthParams?: Readonly<Record<string, string>>;
92
+ readonly redirectHost?: string;
93
+ readonly redirectPort?: number;
94
+ /** True when clientId came from the bundled project default, not a user override. */
95
+ readonly usingBundledDefault: boolean;
96
+ /**
97
+ * True when the resolved clientId is still the honest placeholder — i.e. neither
98
+ * Mike's project registration nor a user override supplied a real id. A flow must
99
+ * refuse with `client-not-configured` in this state.
100
+ */
101
+ readonly isPlaceholder: boolean;
102
+ }
103
+ /** A minimal HTTP response shape the connector reads. */
104
+ export interface HttpResponse {
105
+ readonly status: number;
106
+ readonly ok: boolean;
107
+ /** Response header lookup, case-insensitive by the fetch impl's contract. */
108
+ header(name: string): string | null;
109
+ json(): Promise<unknown>;
110
+ text(): Promise<string>;
111
+ }
112
+ /** A single outbound HTTP request the connector issues. */
113
+ export interface HttpRequest {
114
+ readonly url: string;
115
+ readonly method: 'GET' | 'POST' | 'DELETE' | 'PATCH';
116
+ readonly headers?: Readonly<Record<string, string>>;
117
+ readonly body?: string;
118
+ }
119
+ /** Injected network boundary. Tests supply a fake server behind this. */
120
+ export type HttpFetch = (req: HttpRequest) => Promise<HttpResponse>;
121
+ /**
122
+ * Injected loopback-redirect capture for the authorization-code flow. The real
123
+ * implementation binds 127.0.0.1 and waits for the browser callback; tests supply a
124
+ * fake that returns a canned code/state without any port.
125
+ */
126
+ export interface LoopbackWaiter {
127
+ /** The redirect_uri the listener is bound to (http://127.0.0.1:<port>/<path>). */
128
+ readonly redirectUri: string;
129
+ /** Resolves with the authorization code once the browser hits the redirect. */
130
+ waitForCode(): Promise<{
131
+ readonly code: string;
132
+ readonly state: string;
133
+ }>;
134
+ close(): void;
135
+ }
136
+ /** Factory for a LoopbackWaiter bound to an expected state. Injected. */
137
+ export type LoopbackListenerFactory = (input: {
138
+ readonly expectedState: string;
139
+ readonly host?: string;
140
+ readonly port?: number;
141
+ readonly timeoutMs?: number;
142
+ }) => Promise<LoopbackWaiter>;
143
+ /**
144
+ * The narrow secret-store slice the token store needs. Matches the SDK
145
+ * SecretsManager surface (`Pick<SecretsManager, 'get' | 'set' | 'delete'>`), so a
146
+ * caller passes the real manager and tests pass a Map-backed fake.
147
+ */
148
+ export interface SecretStoreSlice {
149
+ get(key: string): Promise<string | null>;
150
+ set(key: string, value: string): Promise<void>;
151
+ delete(key: string): Promise<void>;
152
+ }
153
+ /** A stored token set for one connected account. Persisted via the secret store. */
154
+ export interface StoredTokenSet {
155
+ readonly accessToken: string;
156
+ readonly refreshToken?: string;
157
+ readonly tokenType: string;
158
+ /**
159
+ * Epoch ms the access token expires. `parseTokenResponse` (oauth-flow.ts) always
160
+ * sets this — coercing a numeric-string `expires_in`, or falling back to a
161
+ * conservative default when the provider omits it or sends something unparsable —
162
+ * so a token set produced by this build's flows never reads as "never expires".
163
+ * Still optional at the type level for token sets constructed directly (e.g. tests,
164
+ * or a caller building one by hand) rather than through `parseTokenResponse`.
165
+ */
166
+ readonly expiresAt?: number;
167
+ /** The scopes actually granted (from the token response), when stated. */
168
+ readonly scopes?: readonly string[];
169
+ /** Epoch ms this set was last written. */
170
+ readonly obtainedAt: number;
171
+ }
172
+ /** The honest live state of a connection, computed from its stored token set. */
173
+ export type ConnectionState =
174
+ /** Access token present and not past expiry (minus leeway). */
175
+ 'connected'
176
+ /** Access token expired but a refresh token is present — a refresh will be tried. */
177
+ | 'refresh-due'
178
+ /** Refresh was attempted and failed; the user must reconnect. */
179
+ | 'reconnect-needed'
180
+ /** No token stored for this account. */
181
+ | 'disconnected';
182
+ /** Why a flow could not even start or complete, named honestly. */
183
+ export type FlowFailureReason =
184
+ /** The resolved client id is still the placeholder (project app not registered
185
+ * and no user override). */
186
+ 'client-not-configured'
187
+ /** The provider rejected the token request (bad code, expired device code, etc.). */
188
+ | 'token-request-rejected'
189
+ /** The loopback redirect timed out waiting for the browser. */
190
+ | 'redirect-timeout'
191
+ /** The device-code authorization was declined or expired before approval. */
192
+ | 'device-code-expired'
193
+ /** A network-layer failure reaching the provider. */
194
+ | 'network-error';
195
+ /** The outcome of beginning an authorization-code flow. */
196
+ export interface AuthCodeFlowStart {
197
+ readonly authorizationUrl: string;
198
+ readonly state: string;
199
+ readonly verifier: string;
200
+ readonly redirectUri: string;
201
+ }
202
+ /** A device-code flow's user-facing step: show these, then poll. */
203
+ export interface DeviceCodeFlowStart {
204
+ readonly deviceCode: string;
205
+ readonly userCode: string;
206
+ readonly verificationUri: string;
207
+ /** Present when the provider returns a pre-filled verification URL. */
208
+ readonly verificationUriComplete?: string;
209
+ readonly expiresAt: number;
210
+ readonly intervalMs: number;
211
+ }
212
+ /** A degraded API state, each variant naming exactly what went wrong. */
213
+ export type ApiDegradedState = {
214
+ readonly kind: 'reconnect-needed';
215
+ readonly detail: string;
216
+ } | {
217
+ readonly kind: 'insufficient-scope';
218
+ readonly missingScope: string;
219
+ readonly detail: string;
220
+ } | {
221
+ readonly kind: 'rate-limited';
222
+ readonly retryAfterMs: number;
223
+ readonly detail: string;
224
+ } | {
225
+ readonly kind: 'network-error';
226
+ readonly detail: string;
227
+ } | {
228
+ readonly kind: 'provider-error';
229
+ readonly status: number;
230
+ readonly detail: string;
231
+ };
232
+ /**
233
+ * The one merged event model every source normalizes into. It is A9's CalendarEvent
234
+ * plus provenance: a source label and the provider ids needed to write back or
235
+ * de-duplicate. ICS/local events set source and omit the api-only ids.
236
+ */
237
+ export interface MergedCalendarEvent extends CalendarEvent {
238
+ readonly source: CalendarSource;
239
+ /** The provider's own event id (Google eventId / Graph id), when from an API. */
240
+ readonly sourceEventId?: string;
241
+ /** The provider calendar this event belongs to, when from an API. */
242
+ readonly calendarId?: string;
243
+ /** A display label for the owning calendar/account, for source-labeled views. */
244
+ readonly calendarLabel?: string;
245
+ }
246
+ /** One connected calendar as listed from a provider (calendarList / me/calendars). */
247
+ export interface ProviderCalendar {
248
+ readonly id: string;
249
+ readonly name: string;
250
+ readonly provider: CalendarProviderId;
251
+ /** True for the account's primary calendar, when the provider marks one. */
252
+ readonly primary?: boolean;
253
+ /** True when the connected scopes allow creating events on this calendar. */
254
+ readonly canWrite: boolean;
255
+ }
256
+ /** A new event to create through a provider, in the shared shape. */
257
+ export interface NewCalendarEvent {
258
+ readonly summary: string;
259
+ readonly start: EventDateTime;
260
+ readonly end?: EventDateTime;
261
+ readonly location?: string;
262
+ readonly description?: string;
263
+ }
264
+ /** A connected account record (metadata; tokens live in the secret store). */
265
+ export interface ConnectedAccount {
266
+ readonly provider: CalendarProviderId;
267
+ /** A stable local id for this account (provider + a discriminator). */
268
+ readonly accountId: string;
269
+ /** A human label (the account email/UPN when known, else the provider name). */
270
+ readonly label: string;
271
+ readonly scopes: readonly string[];
272
+ readonly connectedAt: number;
273
+ }
274
+ //# sourceMappingURL=oauth-types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-types.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/oauth-types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAI/D,YAAY,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAMxC,oEAAoE;AACpE,MAAM,MAAM,kBAAkB,GAAG,QAAQ,GAAG,WAAW,CAAC;AAExD,qFAAqF;AACrF,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,iBAAiB,GAAG,UAAU,GAAG,OAAO,CAAC;AAErF;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,iEAAiE;IACjE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,mFAAmF;IACnF,QAAQ,CAAC,2BAA2B,EAAE,MAAM,CAAC;IAC7C,0FAA0F;IAC1F,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,4DAA4D;IAC5D,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,2DAA2D;IAC3D,QAAQ,CAAC,aAAa,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C;;;;;OAKG;IACH,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC;;;;OAIG;IACH,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,oFAAoF;IACpF,QAAQ,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAC7D;AAED,iFAAiF;AACjF,MAAM,WAAW,oBAAoB;IACnC,0EAA0E;IAC1E,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,wEAAwE;IACxE,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,mEAAmE;IACnE,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAED,kEAAkE;AAClE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,2BAA2B,EAAE,MAAM,CAAC;IAC7C,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,qFAAqF;IACrF,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC;;;;OAIG;IACH,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;CACjC;AAMD,yDAAyD;AACzD,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,6EAA6E;IAC7E,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACpC,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IACzB,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACzB;AAED,2DAA2D;AAC3D,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;IACrD,QAAQ,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,yEAAyE;AACzE,MAAM,MAAM,SAAS,GAAG,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;AAEpE;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,kFAAkF;IAClF,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,+EAA+E;IAC/E,WAAW,IAAI,OAAO,CAAC;QAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC1E,KAAK,IAAI,IAAI,CAAC;CACf;AAED,yEAAyE;AACzE,MAAM,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE;IAC5C,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;AAE9B;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAMD,oFAAoF;AACpF,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B;;;;;;;OAOG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,0EAA0E;IAC1E,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,0CAA0C;IAC1C,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,iFAAiF;AACjF,MAAM,MAAM,eAAe;AACzB,+DAA+D;AAC7D,WAAW;AACb,qFAAqF;GACnF,aAAa;AACf,iEAAiE;GAC/D,kBAAkB;AACpB,wCAAwC;GACtC,cAAc,CAAC;AAMnB,mEAAmE;AACnE,MAAM,MAAM,iBAAiB;AAC3B;6BAC6B;AAC3B,uBAAuB;AACzB,qFAAqF;GACnF,wBAAwB;AAC1B,+DAA+D;GAC7D,kBAAkB;AACpB,6EAA6E;GAC3E,qBAAqB;AACvB,qDAAqD;GACnD,eAAe,CAAC;AAEpB,2DAA2D;AAC3D,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B;AAED,oEAAoE;AACpE,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,uEAAuE;IACvE,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IAC1C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,yEAAyE;AACzE,MAAM,MAAM,gBAAgB,GACxB;IAAE,QAAQ,CAAC,IAAI,EAAE,kBAAkB,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC9D;IAAE,QAAQ,CAAC,IAAI,EAAE,oBAAoB,CAAC;IAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC/F;IAAE,QAAQ,CAAC,IAAI,EAAE,cAAc,CAAC;IAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GACzF;IAAE,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,GAC3D;IAAE,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAM1F;;;;GAIG;AACH,MAAM,WAAW,mBAAoB,SAAQ,aAAa;IACxD,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,iFAAiF;IACjF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,qEAAqE;IACrE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,iFAAiF;IACjF,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,sFAAsF;AACtF,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,4EAA4E;IAC5E,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,6EAA6E;IAC7E,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC5B;AAED,qEAAqE;AACrE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC;IAC9B,QAAQ,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC;IAC7B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,8EAA8E;AAC9E,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;IACtC,uEAAuE;IACvE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,gFAAgF;IAChF,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B"}
@@ -0,0 +1,22 @@
1
+ /**
2
+ * oauth-types.ts — the shared type surface for the calendar OAuth + API connector
3
+ * layer (see CHANGELOG 1.0.0, A10). Sits alongside A9's .ics reader/subscription
4
+ * store in the same module: A9 owns file/feed reading; this half owns authenticated
5
+ * provider connectivity (Google Calendar API v3, Microsoft Graph) over OAuth 2.0.
6
+ *
7
+ * Pure data shapes only — no fs, no network, no process globals. The network is an
8
+ * INJECTED boundary (HttpFetch); the loopback redirect capture is an INJECTED
9
+ * boundary (LoopbackWaiter); token persistence is an INJECTED secret store slice.
10
+ * Tests supply fakes for all three, so nothing here ever reaches a real network,
11
+ * a real port, or a real keychain.
12
+ *
13
+ * Honesty contract (see docs/decisions/2026-07-06-calendar-oauth-connector-sdk.md):
14
+ * - a token whose refresh fails is NEVER silently treated as valid; it surfaces as
15
+ * `connection-state: 'reconnect-needed'` naming the reason.
16
+ * - a 403 that names a missing scope surfaces as `insufficient-scope` naming the
17
+ * exact scope, not a generic failure.
18
+ * - the bundled project client id is an honest placeholder until Mike registers the
19
+ * project apps; a flow attempted against the placeholder reports
20
+ * `client-not-configured`, never a fake success.
21
+ */
22
+ export {};
@@ -0,0 +1,39 @@
1
+ /**
2
+ * rrule.ts — a pure RRULE reader for an honest, deliberately-bounded subset.
3
+ *
4
+ * The honesty rule (see the decision record): an event's recurrence is either
5
+ * FULLY and correctly expanded, or NOT expanded at all with an explicit reason.
6
+ * We never emit occurrences from a rule we do not completely honor — a half-honored
7
+ * BYMONTHDAY would put events on wrong dates, which is worse than not expanding.
8
+ *
9
+ * Fully supported (expanded to real occurrences):
10
+ * - FREQ = DAILY | WEEKLY | MONTHLY | YEARLY
11
+ * - INTERVAL (default 1)
12
+ * - COUNT (occurrence cap)
13
+ * - UNTIL (inclusive end bound; DATE or date-time, 'Z' or floating)
14
+ * - BYDAY — ONLY for FREQ=WEEKLY with INTERVAL=1 and weekday-only tokens
15
+ * (MO,TU,WE,TH,FR,SA,SU with no leading ordinal). Under those
16
+ * conditions WKST does not change the matched set, so it is ignored
17
+ * safely. Any BYDAY outside that condition is treated as unsupported.
18
+ *
19
+ * Everything else present in the RRULE (BYMONTHDAY, BYMONTH, BYSETPOS, BYHOUR,
20
+ * BYWEEKNO, BYYEARDAY, ordinal BYDAY, BYDAY on non-weekly, INTERVAL>1 with BYDAY,
21
+ * or an unknown FREQ) marks the rule `unsupported` and names the offending part.
22
+ *
23
+ * PURE: no fs, no network, no process globals.
24
+ */
25
+ import type { CalendarEvent, DateWindow, EventOccurrence, RecurrenceInfo } from './types.js';
26
+ /**
27
+ * Classify a raw RRULE into an honest RecurrenceInfo. Called by the parser at read
28
+ * time so the event carries its expansion verdict before any window is known.
29
+ */
30
+ export declare function describeRecurrence(rule: string): RecurrenceInfo;
31
+ /**
32
+ * Expand a (possibly recurring) event into concrete occurrences inside [window.from,
33
+ * window.to] inclusive. A non-recurring event yields at most its single seed. An
34
+ * event whose recurrence is `unsupported` yields ONLY its seed (if in-window),
35
+ * flagged `isSeed`, never a fabricated series — the caller reads
36
+ * `event.recurrence.expansion` to label it "recurrence not fully expanded".
37
+ */
38
+ export declare function expandEvent(event: CalendarEvent, window: DateWindow): EventOccurrence[];
39
+ //# sourceMappingURL=rrule.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rrule.d.ts","sourceRoot":"","sources":["../../../src/platform/calendar/rrule.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EACV,aAAa,EACb,UAAU,EACV,eAAe,EACf,cAAc,EACf,MAAM,YAAY,CAAC;AA0BpB;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,CAoB/D;AAiED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,GAAG,eAAe,EAAE,CAqEvF"}