@poncho-ai/harness 0.35.0 → 0.36.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +6 -5
- package/.turbo/turbo-test.log +15169 -0
- package/CHANGELOG.md +18 -0
- package/dist/chunk-MCKGQKYU.js +15 -0
- package/dist/dist-3KMQR4IO.js +27092 -0
- package/dist/index.d.ts +485 -29
- package/dist/index.js +2839 -2114
- package/dist/isolate-5MISBSUK.js +733 -0
- package/dist/isolate-5R6762YA.js +605 -0
- package/dist/isolate-KUZ5NOPG.js +727 -0
- package/dist/isolate-LOL3T7RA.js +729 -0
- package/dist/isolate-N22X4TCE.js +740 -0
- package/dist/isolate-T7WXM7IL.js +1490 -0
- package/dist/isolate-TCWTUVG4.js +1532 -0
- package/dist/isolate-WFOLANOB.js +768 -0
- package/package.json +22 -3
- package/scripts/migrate-to-engine.mjs +556 -0
- package/src/config.ts +106 -1
- package/src/harness.ts +226 -91
- package/src/index.ts +5 -0
- package/src/isolate/bindings.ts +206 -0
- package/src/isolate/bundler.ts +179 -0
- package/src/isolate/index.ts +10 -0
- package/src/isolate/polyfills.ts +796 -0
- package/src/isolate/run-code-tool.ts +220 -0
- package/src/isolate/runtime.ts +286 -0
- package/src/isolate/type-stubs.ts +196 -0
- package/src/memory.ts +129 -198
- package/src/reminder-store.ts +3 -237
- package/src/secrets-store.ts +2 -91
- package/src/state.ts +11 -1302
- package/src/storage/engine.ts +106 -0
- package/src/storage/index.ts +59 -0
- package/src/storage/memory-engine.ts +588 -0
- package/src/storage/postgres-engine.ts +139 -0
- package/src/storage/schema.ts +145 -0
- package/src/storage/sql-dialect.ts +963 -0
- package/src/storage/sqlite-engine.ts +99 -0
- package/src/storage/store-adapters.ts +100 -0
- package/src/todo-tools.ts +1 -136
- package/src/upload-store.ts +1 -0
- package/src/vfs/bash-manager.ts +120 -0
- package/src/vfs/bash-tool.ts +59 -0
- package/src/vfs/create-bash-fs.ts +32 -0
- package/src/vfs/edit-file-tool.ts +72 -0
- package/src/vfs/index.ts +5 -0
- package/src/vfs/poncho-fs-adapter.ts +267 -0
- package/src/vfs/protected-fs.ts +177 -0
- package/src/vfs/read-file-tool.ts +103 -0
- package/src/vfs/write-file-tool.ts +49 -0
- package/test/harness.test.ts +30 -36
- package/test/isolate-vfs.test.ts +453 -0
- package/test/isolate.test.ts +252 -0
- package/test/state.test.ts +4 -27
- package/test/storage-engine.test.ts +250 -0
- package/test/vfs.test.ts +242 -0
- package/src/kv-store.ts +0 -216
package/src/secrets-store.ts
CHANGED
|
@@ -5,9 +5,7 @@ import {
|
|
|
5
5
|
ensureAgentIdentity,
|
|
6
6
|
getAgentStoreDirectory,
|
|
7
7
|
slugifyStorageComponent,
|
|
8
|
-
STORAGE_SCHEMA_VERSION,
|
|
9
8
|
} from "./agent-identity.js";
|
|
10
|
-
import { createRawKVStore, type RawKVStore } from "./kv-store.js";
|
|
11
9
|
import type { StateConfig } from "./state.js";
|
|
12
10
|
|
|
13
11
|
// ---------------------------------------------------------------------------
|
|
@@ -131,104 +129,17 @@ class FileSecretsStore implements SecretsStore {
|
|
|
131
129
|
}
|
|
132
130
|
}
|
|
133
131
|
|
|
134
|
-
// ---------------------------------------------------------------------------
|
|
135
|
-
// KV-backed implementation
|
|
136
|
-
// ---------------------------------------------------------------------------
|
|
137
|
-
|
|
138
|
-
class KVSecretsStore implements SecretsStore {
|
|
139
|
-
private readonly kv: RawKVStore;
|
|
140
|
-
private readonly baseKey: string;
|
|
141
|
-
private readonly encKey: Buffer;
|
|
142
|
-
private readonly ttl?: number;
|
|
143
|
-
|
|
144
|
-
constructor(kv: RawKVStore, baseKey: string, signingKey: string, ttl?: number) {
|
|
145
|
-
this.kv = kv;
|
|
146
|
-
this.baseKey = baseKey;
|
|
147
|
-
this.encKey = deriveKey(signingKey);
|
|
148
|
-
this.ttl = ttl;
|
|
149
|
-
}
|
|
150
|
-
|
|
151
|
-
private kvKey(tenantId: string): string {
|
|
152
|
-
return `${this.baseKey}:t:${slugifyStorageComponent(tenantId)}:secrets`;
|
|
153
|
-
}
|
|
154
|
-
|
|
155
|
-
private async readAll(tenantId: string): Promise<Record<string, EncryptedBlob>> {
|
|
156
|
-
try {
|
|
157
|
-
const raw = await this.kv.get(this.kvKey(tenantId));
|
|
158
|
-
if (!raw) return {};
|
|
159
|
-
return JSON.parse(raw) as Record<string, EncryptedBlob>;
|
|
160
|
-
} catch {
|
|
161
|
-
return {};
|
|
162
|
-
}
|
|
163
|
-
}
|
|
164
|
-
|
|
165
|
-
private async writeAll(
|
|
166
|
-
tenantId: string,
|
|
167
|
-
data: Record<string, EncryptedBlob>,
|
|
168
|
-
): Promise<void> {
|
|
169
|
-
const key = this.kvKey(tenantId);
|
|
170
|
-
const value = JSON.stringify(data);
|
|
171
|
-
if (this.ttl) {
|
|
172
|
-
await this.kv.setWithTtl(key, value, this.ttl);
|
|
173
|
-
} else {
|
|
174
|
-
await this.kv.set(key, value);
|
|
175
|
-
}
|
|
176
|
-
}
|
|
177
|
-
|
|
178
|
-
async get(tenantId: string): Promise<Record<string, string>> {
|
|
179
|
-
const data = await this.readAll(tenantId);
|
|
180
|
-
const result: Record<string, string> = {};
|
|
181
|
-
for (const [k, blob] of Object.entries(data)) {
|
|
182
|
-
try {
|
|
183
|
-
result[k] = decrypt(blob, this.encKey);
|
|
184
|
-
} catch {
|
|
185
|
-
// Skip entries that can't be decrypted
|
|
186
|
-
}
|
|
187
|
-
}
|
|
188
|
-
return result;
|
|
189
|
-
}
|
|
190
|
-
|
|
191
|
-
async set(tenantId: string, key: string, value: string): Promise<void> {
|
|
192
|
-
const data = await this.readAll(tenantId);
|
|
193
|
-
data[key] = encrypt(value, this.encKey);
|
|
194
|
-
await this.writeAll(tenantId, data);
|
|
195
|
-
}
|
|
196
|
-
|
|
197
|
-
async delete(tenantId: string, key: string): Promise<void> {
|
|
198
|
-
const data = await this.readAll(tenantId);
|
|
199
|
-
delete data[key];
|
|
200
|
-
await this.writeAll(tenantId, data);
|
|
201
|
-
}
|
|
202
|
-
|
|
203
|
-
async list(tenantId: string): Promise<string[]> {
|
|
204
|
-
const data = await this.readAll(tenantId);
|
|
205
|
-
return Object.keys(data);
|
|
206
|
-
}
|
|
207
|
-
}
|
|
208
|
-
|
|
209
132
|
// ---------------------------------------------------------------------------
|
|
210
133
|
// Factory
|
|
211
134
|
// ---------------------------------------------------------------------------
|
|
212
135
|
|
|
213
136
|
export const createSecretsStore = (
|
|
214
|
-
|
|
137
|
+
_agentId: string,
|
|
215
138
|
signingKey: string,
|
|
216
|
-
|
|
139
|
+
_config?: StateConfig,
|
|
217
140
|
options?: { workingDir?: string },
|
|
218
141
|
): SecretsStore => {
|
|
219
|
-
const provider = config?.provider ?? "local";
|
|
220
|
-
const ttl = typeof config?.ttl === "number" ? config.ttl : undefined;
|
|
221
142
|
const workingDir = options?.workingDir ?? process.cwd();
|
|
222
|
-
|
|
223
|
-
if (provider === "local" || provider === "memory") {
|
|
224
|
-
return new FileSecretsStore(workingDir, signingKey);
|
|
225
|
-
}
|
|
226
|
-
|
|
227
|
-
const kv = createRawKVStore(config);
|
|
228
|
-
if (kv) {
|
|
229
|
-
const baseKey = `poncho:${STORAGE_SCHEMA_VERSION}:${slugifyStorageComponent(agentId)}`;
|
|
230
|
-
return new KVSecretsStore(kv, baseKey, signingKey, ttl);
|
|
231
|
-
}
|
|
232
143
|
return new FileSecretsStore(workingDir, signingKey);
|
|
233
144
|
};
|
|
234
145
|
|