@poncho-ai/harness 0.34.0 → 0.35.0

package/CHANGELOG.md

@@ -1,5 +1,33 @@
 # @poncho-ai/harness
 
+## 0.35.0
+
+### Minor Changes
+
+- [`83d3c5f`](https://github.com/cesr/poncho-ai/commit/83d3c5f841fe84965d1f9fec6dfc5d8832e4489a) Thanks [@cesr](https://github.com/cesr)! - feat: add multi-tenancy with JWT-based tenant scoping
+
+  Deploy one agent, serve many tenants with fully isolated conversations, memory, reminders, and secrets. Tenancy activates automatically when a valid JWT is received — no config changes needed.
+  - **Auth**: `createTenantToken()` in client SDK, `poncho auth create-token` CLI, or any HS256 JWT library.
+  - **Isolation**: conversations, memory, reminders, and todos scoped per tenant.
+  - **Per-tenant secrets**: encrypted secret overrides for MCP auth tokens, manageable via CLI (`poncho secrets`), API, and web UI settings panel.
+  - **MCP**: per-tenant token resolution with deferred discovery for servers without a default env var.
+  - **Web UI**: `?token=` tenant access, settings cog for secret management, dark mode support.
+  - **Backward compatible**: existing single-user deployments work unchanged.
+
+### Patch Changes
+
+- Updated dependencies [[`83d3c5f`](https://github.com/cesr/poncho-ai/commit/83d3c5f841fe84965d1f9fec6dfc5d8832e4489a)]:
+  - @poncho-ai/sdk@1.8.0
+
+## 0.34.1
+
+### Patch Changes
+
+- [`59a88cc`](https://github.com/cesr/poncho-ai/commit/59a88cc52b5c3aa7432b820424bb8067174233e5) Thanks [@cesr](https://github.com/cesr)! - fix: improve token estimation accuracy and handle missing attachments
+  - Use a JSON-specific token ratio for tool definitions to avoid inflating counts with many MCP tools.
+  - Track actual context size from model responses for compaction triggers instead of cumulative input tokens.
+  - Gracefully degrade when file attachments are missing or expired instead of crashing.
+
 ## 0.34.0
 
 ### Minor Changes

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 import { LanguageModel } from 'ai';
 import * as _poncho_ai_sdk from '@poncho-ai/sdk';
-import { Message, ToolDefinition, RunResult, AgentFailure, ToolContext, RunInput, AgentEvent, JsonSchema } from '@poncho-ai/sdk';
+import { Message, ToolContext, ToolDefinition, RunResult, AgentFailure, RunInput, AgentEvent, JsonSchema } from '@poncho-ai/sdk';
 export { ToolDefinition, defineTool } from '@poncho-ai/sdk';
 import { z } from 'zod';
 
@@ -83,6 +83,11 @@ declare const resolveCompactionConfig: (explicit?: Partial<CompactionConfig>) =>
 declare const estimateTokens: (text: string) => number;
 /**
  * Estimate the total token count of a system prompt + messages + tool defs.
+ *
+ * Tool definitions are structured JSON (property names, braces, enum values)
+ * which tokenizes more efficiently than natural language — roughly 5-6
+ * chars/token vs ~4 chars/token for prose.  We estimate them separately to
+ * avoid inflating the count when there are many MCP tools (100+).
  */
 declare const estimateTotalTokens: (systemPrompt: string, messages: Message[], toolDefinitionsJson?: string) => number;
 /**
@@ -201,10 +206,16 @@ interface Conversation {
     updatedAt: number;
 }
 interface ConversationStore {
-    list(ownerId?: string): Promise<Conversation[]>;
-    listSummaries(ownerId?: string): Promise<ConversationSummary[]>;
+    /**
+     * List conversations. tenantId semantics:
+     *   undefined = no filter (builder/admin sees everything)
+     *   null      = legacy single-user only
+     *   string    = tenant-scoped
+     */
+    list(ownerId?: string, tenantId?: string | null): Promise<Conversation[]>;
+    listSummaries(ownerId?: string, tenantId?: string | null): Promise<ConversationSummary[]>;
     get(conversationId: string): Promise<Conversation | undefined>;
-    create(ownerId?: string, title?: string): Promise<Conversation>;
+    create(ownerId?: string, title?: string, tenantId?: string | null): Promise<Conversation>;
     update(conversation: Conversation): Promise<void>;
     rename(conversationId: string, title: string): Promise<Conversation | undefined>;
     delete(conversationId: string): Promise<boolean>;
@@ -240,10 +251,10 @@ declare class InMemoryConversationStore implements ConversationStore {
     constructor(ttlSeconds?: number);
     private isExpired;
     private purgeExpired;
-    list(ownerId?: string): Promise<Conversation[]>;
-    listSummaries(ownerId?: string): Promise<ConversationSummary[]>;
+    list(ownerId?: string, tenantId?: string | null): Promise<Conversation[]>;
+    listSummaries(ownerId?: string, tenantId?: string | null): Promise<ConversationSummary[]>;
     get(conversationId: string): Promise<Conversation | undefined>;
-    create(ownerId?: string, title?: string): Promise<Conversation>;
+    create(ownerId?: string, title?: string, tenantId?: string | null): Promise<Conversation>;
     update(conversation: Conversation): Promise<void>;
     rename(conversationId: string, title: string): Promise<Conversation | undefined>;
     delete(conversationId: string): Promise<boolean>;
@@ -256,6 +267,7 @@ type ConversationSummary = {
     updatedAt: number;
     createdAt?: number;
     ownerId: string;
+    tenantId?: string | null;
     parentConversationId?: string;
     messageCount?: number;
     hasPendingApprovals?: boolean;
@@ -296,8 +308,9 @@ interface MemoryStore {
 }
 declare const createMemoryStore: (agentId: string, config?: MemoryConfig, options?: {
     workingDir?: string;
+    tenantId?: string;
 }) => MemoryStore;
-declare const createMemoryTools: (store: MemoryStore, options?: {
+declare const createMemoryTools: (store: MemoryStore | ((context: ToolContext) => MemoryStore), options?: {
     maxRecallConversations?: number;
 }) => ToolDefinition[];
 
@@ -323,10 +336,24 @@ declare class LocalMcpBridge {
     private readonly toolCatalog;
     private readonly unavailableServers;
     private readonly authFailedServers;
+    private envResolver?;
+    /**
+     * Set a resolver for per-tenant env vars (e.g. MCP auth tokens).
+     * Called by the harness after creating the secrets store.
+     */
+    setEnvResolver(resolver: (tenantId: string | undefined, envName: string) => Promise<string | undefined>): void;
     constructor(config: McpConfig | undefined);
     private getServerName;
     private log;
+    /** Set of servers where discovery was deferred (no default token, has env resolver). */
+    private readonly deferredDiscoveryServers;
     discoverTools(): Promise<void>;
+    /**
+     * Run deferred discovery and return ToolDefinitions for all newly discovered tools.
+     * Call this during run() so the tools are available to the model immediately.
+     */
+    discoverAndLoadDeferred(tenantId: string): Promise<ToolDefinition[]>;
+    private tryDeferredDiscovery;
     startLocalServers(): Promise<void>;
     stopLocalServers(): Promise<void>;
     listServers(): RemoteMcpServerConfig[];
@@ -339,6 +366,11 @@ declare class LocalMcpBridge {
     toSerializableConfig(): McpConfig;
     getLocalServers(): never[];
     listDiscoveredTools(serverName?: string): string[];
+    hasDeferredServers(): boolean;
+    /**
+     * Return ToolDefinitions for catalog tools not already registered in the dispatcher.
+     */
+    getUnregisteredTools(registeredNames: Set<string>): ToolDefinition[];
     loadTools(requestedPatterns: string[]): Promise<ToolDefinition[]>;
     private toToolDefinitions;
 }
@@ -462,6 +494,12 @@ interface PonchoConfig extends McpConfig {
         /** Cron expression controlling how often the reminder poll runs (local and serverless). Default: every 10 minutes. */
         pollSchedule?: string;
     };
+    /**
+     * Declare env var names that tenants can self-manage via the web UI or API.
+     * Key = env var name, value = human-readable label shown in the settings panel.
+     * Example: { LINEAR_API_KEY: "Linear API Key", STRIPE_KEY: "Stripe Secret Key" }
+     */
+    tenantSecrets?: Record<string, string>;
     /** Set to `false` to disable the built-in web UI (headless / API-only mode). */
     webUi?: false;
     /** Enable browser automation tools. Set `true` for defaults, or provide config. */
@@ -562,6 +600,7 @@ interface Reminder {
     createdAt: number;
     conversationId: string;
     ownerId?: string;
+    tenantId?: string | null;
 }
 interface ReminderStore {
     list(): Promise<Reminder[]>;
@@ -571,6 +610,7 @@ interface ReminderStore {
         timezone?: string;
         conversationId: string;
         ownerId?: string;
+        tenantId?: string | null;
     }): Promise<Reminder>;
     cancel(id: string): Promise<Reminder>;
     delete(id: string): Promise<void>;
@@ -579,6 +619,20 @@ declare const createReminderStore: (agentId: string, config?: StateConfig, optio
     workingDir?: string;
 }) => ReminderStore;
 
+interface SecretsStore {
+    get(tenantId: string): Promise<Record<string, string>>;
+    set(tenantId: string, key: string, value: string): Promise<void>;
+    delete(tenantId: string, key: string): Promise<void>;
+    list(tenantId: string): Promise<string[]>;
+}
+declare const createSecretsStore: (agentId: string, signingKey: string, config?: StateConfig, options?: {
+    workingDir?: string;
+}) => SecretsStore;
+/**
+ * Resolve an env var name: check tenant secrets first, then process.env.
+ */
+declare function resolveEnv(secretsStore: SecretsStore | undefined, tenantId: string | null | undefined, envName: string): Promise<string | undefined>;
+
 declare const OPENAI_CODEX_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
 interface OpenAICodexAuthConfig {
     refreshTokenEnv?: string;
@@ -655,6 +709,7 @@ interface SubagentManager {
         task: string;
         parentConversationId: string;
         ownerId: string;
+        tenantId?: string | null;
     }): Promise<SubagentSpawnResult>;
     sendMessage(subagentId: string, message: string): Promise<SubagentSpawnResult>;
     stop(subagentId: string): Promise<void>;
@@ -715,8 +770,11 @@ declare class AgentHarness {
     readonly uploadStore?: UploadStore;
     private skillContextWindow;
     private memoryStore?;
+    private readonly tenantMemoryStores;
+    private memoryConfig?;
     private todoStore?;
     reminderStore?: ReminderStore;
+    secretsStore?: SecretsStore;
     private loadedConfig?;
     private loadedSkills;
     private skillFingerprint;
@@ -754,6 +812,11 @@ declare class AgentHarness {
     private truncateHistoricalToolResults;
     private shouldPreserveSkillToolResult;
     getTodos(conversationId: string): Promise<TodoItem[]>;
+    /**
+     * Get a memory store, optionally scoped to a tenant.
+     * Returns the default (agent-wide) store when tenantId is null/undefined.
+     */
+    private getMemoryStore;
     private listActiveSkills;
     private getAgentMcpIntent;
     private getAgentScriptIntent;
@@ -916,6 +979,16 @@ declare class TelemetryEmitter {
     private sendOtlp;
 }
 
+interface TenantTokenPayload {
+    tenantId: string;
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Verify a tenant JWT (HS256) signed with the given key.
+ * Returns the decoded payload on success, or undefined on any failure.
+ */
+declare function verifyTenantToken(signingKey: string, token: string): Promise<TenantTokenPayload | undefined>;
+
 declare const createSubagentTools: (manager: SubagentManager) => ToolDefinition[];
 
-export { type AgentFrontmatter, AgentHarness, type AgentIdentity, type AgentLimitsConfig, type AgentModelConfig, type ArchivedToolResult$1 as ArchivedToolResult, type BuiltInToolToggles, type CompactMessagesOptions, type CompactResult, type CompactionConfig, type Conversation, type ConversationState, type ConversationStore, type ConversationSummary, type CronJobConfig, type HarnessOptions, type HarnessRunOutput, InMemoryConversationStore, InMemoryStateStore, LocalMcpBridge, LocalUploadStore, type MainMemory, type McpConfig, type MemoryConfig, type MemoryStore, type MessagingChannelConfig, type ModelProviderFactory, OPENAI_CODEX_CLIENT_ID, type OpenAICodexAuthConfig, type OpenAICodexDeviceAuthRequest, type OpenAICodexSession, type OtlpConfig, type OtlpOption, PONCHO_UPLOAD_SCHEME, type ParsedAgent, type PendingSubagentResult, type PonchoConfig, type ProviderConfig, type Reminder, type ReminderStatus, type ReminderStore, type RemoteMcpServerConfig, type RuntimeRenderContext, S3UploadStore, STORAGE_SCHEMA_VERSION, type SkillContextEntry, type SkillMetadata, type StateConfig, type StateProviderName, type StateStore, type StorageConfig, type SubagentManager, type SubagentResult, type SubagentSpawnResult, type SubagentSummary, type TelemetryConfig, TelemetryEmitter, type ToolAccess, type ToolCall, ToolDispatcher, type ToolExecutionResult, type UploadStore, type UploadsConfig, VercelBlobUploadStore, buildAgentDirectoryName, buildSkillContextWindow, compactMessages, completeOpenAICodexDeviceAuth, createConversationStore, createDefaultTools, createDeleteDirectoryTool, createDeleteTool, createEditTool, createMemoryStore, createMemoryTools, createModelProvider, createReminderStore, createReminderTools, createSearchTools, createSkillTools, createStateStore, createSubagentTools, createUploadStore, createWriteTool, deleteOpenAICodexSession, deriveUploadKey, ensureAgentIdentity, estimateTokens, estimateTotalTokens, findSafeSplitPoint, generateAgentId, getAgentStoreDirectory, getModelContextWindow, getOpenAICodexAccessToken, getOpenAICodexAuthFilePath, getOpenAICodexRequiredScopes, getPonchoStoreRoot, jsonSchemaToZod, loadPonchoConfig, loadSkillContext, loadSkillInstructions, loadSkillMetadata, normalizeOtlp, normalizeScriptPolicyPath, parseAgentFile, parseAgentMarkdown, ponchoDocsTool, readOpenAICodexSession, readSkillResource, renderAgentPrompt, resolveAgentIdentity, resolveCompactionConfig, resolveMemoryConfig, resolveSkillDirs, resolveStateConfig, slugifyStorageComponent, startOpenAICodexDeviceAuth, writeOpenAICodexSession };
+export { type AgentFrontmatter, AgentHarness, type AgentIdentity, type AgentLimitsConfig, type AgentModelConfig, type ArchivedToolResult$1 as ArchivedToolResult, type BuiltInToolToggles, type CompactMessagesOptions, type CompactResult, type CompactionConfig, type Conversation, type ConversationState, type ConversationStore, type ConversationSummary, type CronJobConfig, type HarnessOptions, type HarnessRunOutput, InMemoryConversationStore, InMemoryStateStore, LocalMcpBridge, LocalUploadStore, type MainMemory, type McpConfig, type MemoryConfig, type MemoryStore, type MessagingChannelConfig, type ModelProviderFactory, OPENAI_CODEX_CLIENT_ID, type OpenAICodexAuthConfig, type OpenAICodexDeviceAuthRequest, type OpenAICodexSession, type OtlpConfig, type OtlpOption, PONCHO_UPLOAD_SCHEME, type ParsedAgent, type PendingSubagentResult, type PonchoConfig, type ProviderConfig, type Reminder, type ReminderStatus, type ReminderStore, type RemoteMcpServerConfig, type RuntimeRenderContext, S3UploadStore, STORAGE_SCHEMA_VERSION, type SecretsStore, type SkillContextEntry, type SkillMetadata, type StateConfig, type StateProviderName, type StateStore, type StorageConfig, type SubagentManager, type SubagentResult, type SubagentSpawnResult, type SubagentSummary, type TelemetryConfig, TelemetryEmitter, type TenantTokenPayload, type ToolAccess, type ToolCall, ToolDispatcher, type ToolExecutionResult, type UploadStore, type UploadsConfig, VercelBlobUploadStore, buildAgentDirectoryName, buildSkillContextWindow, compactMessages, completeOpenAICodexDeviceAuth, createConversationStore, createDefaultTools, createDeleteDirectoryTool, createDeleteTool, createEditTool, createMemoryStore, createMemoryTools, createModelProvider, createReminderStore, createReminderTools, createSearchTools, createSecretsStore, createSkillTools, createStateStore, createSubagentTools, createUploadStore, createWriteTool, deleteOpenAICodexSession, deriveUploadKey, ensureAgentIdentity, estimateTokens, estimateTotalTokens, findSafeSplitPoint, generateAgentId, getAgentStoreDirectory, getModelContextWindow, getOpenAICodexAccessToken, getOpenAICodexAuthFilePath, getOpenAICodexRequiredScopes, getPonchoStoreRoot, jsonSchemaToZod, loadPonchoConfig, loadSkillContext, loadSkillInstructions, loadSkillMetadata, normalizeOtlp, normalizeScriptPolicyPath, parseAgentFile, parseAgentMarkdown, ponchoDocsTool, readOpenAICodexSession, readSkillResource, renderAgentPrompt, resolveAgentIdentity, resolveCompactionConfig, resolveEnv, resolveMemoryConfig, resolveSkillDirs, resolveStateConfig, slugifyStorageComponent, startOpenAICodexDeviceAuth, verifyTenantToken, writeOpenAICodexSession };