@psiclawops/hypermem 0.1.0

package/dist/schema.js

@@ -0,0 +1,203 @@
+/**
+ * HyperMem Agent Message Schema
+ *
+ * Per-agent database: ~/.openclaw/hypermem/agents/{agentId}/messages.db
+ * Write-heavy, temporal, rotatable.
+ * Contains ONLY conversation data — structured knowledge lives in library.db.
+ */
+export const LATEST_SCHEMA_VERSION = 5;
+function nowIso() {
+    return new Date().toISOString();
+}
+/**
+ * V1–V3: Legacy schema (monolithic agent DB with facts/knowledge/episodes).
+ * Kept for migration detection — if we open an old DB, we know what version it is.
+ */
+/**
+ * V4: Messages-only schema.
+ * Facts, knowledge, episodes, topics moved to library.db.
+ * Agent DB now contains only conversations, messages, summaries, and agent metadata.
+ */
+function applyV4MessagesOnly(db) {
+    // -- Agent metadata (kept here for self-identification) --
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS agent_meta (
+      id TEXT PRIMARY KEY,
+      display_name TEXT,
+      tier TEXT,
+      org TEXT,
+      config TEXT,
+      created_at TEXT NOT NULL,
+      updated_at TEXT NOT NULL
+    )
+  `);
+    // -- Conversations (sessions) --
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS conversations (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      session_key TEXT NOT NULL UNIQUE,
+      session_id TEXT,
+      agent_id TEXT NOT NULL,
+      channel_type TEXT NOT NULL,
+      channel_id TEXT,
+      provider TEXT,
+      model TEXT,
+      status TEXT DEFAULT 'active',
+      message_count INTEGER DEFAULT 0,
+      token_count_in INTEGER DEFAULT 0,
+      token_count_out INTEGER DEFAULT 0,
+      created_at TEXT NOT NULL,
+      updated_at TEXT NOT NULL,
+      ended_at TEXT
+    )
+  `);
+    db.exec('CREATE INDEX IF NOT EXISTS idx_conv_agent ON conversations(agent_id, status, updated_at DESC)');
+    db.exec('CREATE INDEX IF NOT EXISTS idx_conv_channel ON conversations(agent_id, channel_type, channel_id)');
+    // -- Messages (provider-neutral, structured) --
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS messages (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      conversation_id INTEGER NOT NULL REFERENCES conversations(id),
+      agent_id TEXT NOT NULL,
+      role TEXT NOT NULL,
+      text_content TEXT,
+      tool_calls TEXT,
+      tool_results TEXT,
+      metadata TEXT,
+      token_count INTEGER,
+      message_index INTEGER NOT NULL,
+      is_heartbeat INTEGER DEFAULT 0,
+      created_at TEXT NOT NULL
+    )
+  `);
+    db.exec('CREATE INDEX IF NOT EXISTS idx_msg_conv ON messages(conversation_id, message_index)');
+    db.exec('CREATE INDEX IF NOT EXISTS idx_msg_agent_time ON messages(agent_id, created_at DESC)');
+    // -- FTS5 for message full-text search --
+    db.exec(`
+    CREATE VIRTUAL TABLE IF NOT EXISTS messages_fts USING fts5(
+      text_content,
+      content='messages',
+      content_rowid='id'
+    )
+  `);
+    db.exec(`
+    CREATE TRIGGER IF NOT EXISTS msg_fts_ai AFTER INSERT ON messages BEGIN
+      INSERT INTO messages_fts(rowid, text_content) VALUES (new.id, new.text_content);
+    END
+  `);
+    db.exec(`
+    CREATE TRIGGER IF NOT EXISTS msg_fts_ad AFTER DELETE ON messages BEGIN
+      INSERT INTO messages_fts(messages_fts, rowid, text_content) VALUES('delete', old.id, old.text_content);
+    END
+  `);
+    db.exec(`
+    CREATE TRIGGER IF NOT EXISTS msg_fts_au AFTER UPDATE ON messages BEGIN
+      INSERT INTO messages_fts(messages_fts, rowid, text_content) VALUES('delete', old.id, old.text_content);
+      INSERT INTO messages_fts(rowid, text_content) VALUES (new.id, new.text_content);
+    END
+  `);
+    // -- Summaries (hierarchical compaction) --
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS summaries (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      conversation_id INTEGER NOT NULL REFERENCES conversations(id),
+      agent_id TEXT NOT NULL,
+      depth INTEGER NOT NULL DEFAULT 0,
+      content TEXT NOT NULL,
+      token_count INTEGER,
+      created_at TEXT NOT NULL,
+      updated_at TEXT NOT NULL
+    )
+  `);
+    db.exec('CREATE INDEX IF NOT EXISTS idx_summaries_conv ON summaries(conversation_id, depth)');
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS summary_messages (
+      summary_id INTEGER NOT NULL REFERENCES summaries(id),
+      message_id INTEGER NOT NULL REFERENCES messages(id),
+      PRIMARY KEY (summary_id, message_id)
+    )
+  `);
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS summary_parents (
+      parent_summary_id INTEGER NOT NULL REFERENCES summaries(id),
+      child_summary_id INTEGER NOT NULL REFERENCES summaries(id),
+      PRIMARY KEY (parent_summary_id, child_summary_id)
+    )
+  `);
+    // -- Index events (for tracking what's been vectorized) --
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS index_events (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      agent_id TEXT NOT NULL,
+      event_type TEXT NOT NULL,
+      target_table TEXT,
+      target_id INTEGER,
+      details TEXT,
+      created_at TEXT NOT NULL
+    )
+  `);
+    db.exec('CREATE INDEX IF NOT EXISTS idx_index_events ON index_events(agent_id, created_at DESC)');
+}
+/**
+ * Run migrations on an agent message database.
+ */
+export function migrate(db) {
+    db.exec(`
+    CREATE TABLE IF NOT EXISTS schema_version (
+      version INTEGER PRIMARY KEY,
+      applied_at TEXT NOT NULL
+    )
+  `);
+    const row = db
+        .prepare('SELECT MAX(version) AS version FROM schema_version')
+        .get();
+    const currentVersion = typeof row?.version === 'number' ? row.version : 0;
+    if (currentVersion > LATEST_SCHEMA_VERSION) {
+        console.warn(`[hypermem] Database schema version (${currentVersion}) is newer than this engine (${LATEST_SCHEMA_VERSION}).`);
+        return;
+    }
+    // For fresh DBs (version 0), jump straight to v4 (messages-only).
+    // For existing DBs (v1–v3), we skip the old schema — those tables will be
+    // left in place but unused. Data migration to library is a separate step.
+    if (currentVersion < 4) {
+        if (currentVersion === 0) {
+            // Fresh DB — create messages-only schema directly
+            applyV4MessagesOnly(db);
+        }
+        else {
+            // Existing DB with old schema (v1–v3).
+            // The old tables (facts, knowledge, episodes, topics, agents) remain
+            // but are no longer written to. New tables get created alongside.
+            applyV4MessagesOnly(db);
+            // Note: old tables like 'facts', 'knowledge', etc. are left in place
+            // for data migration. A separate migration tool will move them to library.db.
+        }
+        db.prepare('INSERT INTO schema_version (version, applied_at) VALUES (?, ?)')
+            .run(4, nowIso());
+    }
+    // v4 → v5: add cursor columns to conversations table for dual-write durability
+    if (currentVersion < 5) {
+        // ALTER TABLE ADD COLUMN is safe on existing rows — all default to NULL
+        const cols = db.prepare('PRAGMA table_info(conversations)').all()
+            .map(r => r.name);
+        if (!cols.includes('cursor_last_sent_id')) {
+            db.exec('ALTER TABLE conversations ADD COLUMN cursor_last_sent_id INTEGER');
+        }
+        if (!cols.includes('cursor_last_sent_index')) {
+            db.exec('ALTER TABLE conversations ADD COLUMN cursor_last_sent_index INTEGER');
+        }
+        if (!cols.includes('cursor_last_sent_at')) {
+            db.exec('ALTER TABLE conversations ADD COLUMN cursor_last_sent_at TEXT');
+        }
+        if (!cols.includes('cursor_window_size')) {
+            db.exec('ALTER TABLE conversations ADD COLUMN cursor_window_size INTEGER');
+        }
+        if (!cols.includes('cursor_token_count')) {
+            db.exec('ALTER TABLE conversations ADD COLUMN cursor_token_count INTEGER');
+        }
+        db.prepare('INSERT OR IGNORE INTO schema_version (version, applied_at) VALUES (?, ?)')
+            .run(5, nowIso());
+    }
+}
+export { LATEST_SCHEMA_VERSION as SCHEMA_VERSION };
+//# sourceMappingURL=schema.js.map

package/dist/secret-scanner.d.ts

@@ -0,0 +1,51 @@
+/**
+ * HyperMem Secret Scanner
+ *
+ * Lightweight regex-based gate to prevent secrets from leaking into
+ * shared memory (visibility >= 'org'). Runs before any write that
+ * promotes content to org/council/fleet visibility.
+ *
+ * Design principles:
+ *   - Fast: regex-only, no LLM dependency
+ *   - Conservative: false positives are okay; false negatives are not
+ *   - Auditable: each hit includes the rule name and matched region (redacted)
+ *   - Not a full DLP system: blocks the obvious leaks; does not guarantee clean content
+ *
+ * Patterns sourced from:
+ *   - gitleaks ruleset (https://github.com/gitleaks/gitleaks)
+ *   - trufflehog common patterns
+ *   - Manual additions for OpenClaw-specific secrets
+ */
+export interface ScanResult {
+    clean: boolean;
+    hits: ScanHit[];
+}
+export interface ScanHit {
+    rule: string;
+    description: string;
+    /** Redacted match — only first/last 3 chars of the matched value */
+    redactedMatch: string;
+    /** Character offset of the match start */
+    offset: number;
+}
+/**
+ * Scan content for secrets before promoting to shared visibility.
+ *
+ * Returns { clean: true } when no secrets found.
+ * Returns { clean: false, hits } when secrets are detected.
+ *
+ * Callers must NOT write content with visibility >= 'org' when clean is false.
+ */
+export declare function scanForSecrets(content: string): ScanResult;
+/**
+ * Returns true when content is safe to promote to shared visibility (>= 'org').
+ * Convenience wrapper around scanForSecrets.
+ */
+export declare function isSafeForSharedVisibility(content: string): boolean;
+/**
+ * Check whether a visibility level requires secret scanning.
+ * Scanning is required for 'org', 'council', and 'fleet'.
+ * 'private' content stays with the owner — no cross-agent risk.
+ */
+export declare function requiresScan(visibility: string): boolean;
+//# sourceMappingURL=secret-scanner.d.ts.map

package/dist/secret-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-scanner.d.ts","sourceRoot":"","sources":["../src/secret-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAIH,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,OAAO,CAAC;IACf,IAAI,EAAE,OAAO,EAAE,CAAC;CACjB;AAED,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,aAAa,EAAE,MAAM,CAAC;IACtB,0CAA0C;IAC1C,MAAM,EAAE,MAAM,CAAC;CAChB;AAmMD;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CA+B1D;AAED;;;GAGG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAElE;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAExD"}

package/dist/secret-scanner.js

@@ -0,0 +1,248 @@
+/**
+ * HyperMem Secret Scanner
+ *
+ * Lightweight regex-based gate to prevent secrets from leaking into
+ * shared memory (visibility >= 'org'). Runs before any write that
+ * promotes content to org/council/fleet visibility.
+ *
+ * Design principles:
+ *   - Fast: regex-only, no LLM dependency
+ *   - Conservative: false positives are okay; false negatives are not
+ *   - Auditable: each hit includes the rule name and matched region (redacted)
+ *   - Not a full DLP system: blocks the obvious leaks; does not guarantee clean content
+ *
+ * Patterns sourced from:
+ *   - gitleaks ruleset (https://github.com/gitleaks/gitleaks)
+ *   - trufflehog common patterns
+ *   - Manual additions for OpenClaw-specific secrets
+ */
+const RULES = [
+    // ── API Keys ──────────────────────────────────────────────
+    {
+        id: 'anthropic-api-key',
+        description: 'Anthropic API key',
+        pattern: /\bsk-ant-[a-zA-Z0-9\-_]{20,}\b/g,
+    },
+    {
+        id: 'openai-api-key',
+        description: 'OpenAI API key',
+        pattern: /\bsk-[a-zA-Z0-9\-_]{20,}\b/g,
+    },
+    {
+        id: 'openai-org-id',
+        description: 'OpenAI organization ID',
+        pattern: /\borg-[a-zA-Z0-9]{16,}\b/g,
+    },
+    {
+        id: 'github-pat-classic',
+        description: 'GitHub personal access token (classic)',
+        pattern: /\bghp_[a-zA-Z0-9]{36}\b/g,
+    },
+    {
+        id: 'github-pat-fine',
+        description: 'GitHub fine-grained personal access token',
+        pattern: /\bgithub_pat_[a-zA-Z0-9_]{82}\b/g,
+    },
+    {
+        id: 'github-oauth-token',
+        description: 'GitHub OAuth token',
+        pattern: /\bgho_[a-zA-Z0-9]{36}\b/g,
+    },
+    {
+        id: 'github-app-token',
+        description: 'GitHub App installation token',
+        pattern: /\bghs_[a-zA-Z0-9]{36}\b/g,
+    },
+    {
+        id: 'github-refresh-token',
+        description: 'GitHub refresh token',
+        pattern: /\bghr_[a-zA-Z0-9]{76}\b/g,
+    },
+    {
+        id: 'aws-access-key',
+        description: 'AWS access key ID',
+        pattern: /\b(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b/g,
+    },
+    {
+        id: 'aws-secret-key',
+        description: 'AWS secret access key (heuristic)',
+        pattern: /(?:aws_secret_access_key|AWS_SECRET_ACCESS_KEY)["\s:=]+([A-Za-z0-9\/+]{40})\b/gi,
+    },
+    {
+        id: 'google-api-key',
+        description: 'Google API key',
+        pattern: /\bAIza[0-9A-Za-z_\-]{35}\b/g,
+    },
+    {
+        id: 'google-oauth',
+        description: 'Google OAuth client secret',
+        pattern: /\bGOCSPX-[0-9A-Za-z_\-]{28}\b/g,
+    },
+    {
+        id: 'slack-token',
+        description: 'Slack API token',
+        pattern: /\bxox[baprs]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24,32}\b/g,
+    },
+    {
+        id: 'slack-webhook',
+        description: 'Slack incoming webhook URL',
+        pattern: /https:\/\/hooks\.slack\.com\/services\/[A-Z0-9]{9,11}\/[A-Z0-9]{9,11}\/[a-zA-Z0-9]{24}/g,
+    },
+    {
+        id: 'discord-token',
+        description: 'Discord bot token',
+        pattern: /\b[MNO][a-zA-Z0-9]{23}\.[a-zA-Z0-9_\-]{6}\.[a-zA-Z0-9_\-]{27}\b/g,
+    },
+    {
+        id: 'discord-webhook',
+        description: 'Discord webhook URL',
+        pattern: /https:\/\/discord(?:app)?\.com\/api\/webhooks\/[0-9]{17,19}\/[a-zA-Z0-9_\-]{68}/g,
+    },
+    {
+        id: 'stripe-key',
+        description: 'Stripe API key',
+        pattern: /\b(?:sk|pk|rk)_(?:live|test)_[a-zA-Z0-9]{24,99}\b/g,
+    },
+    {
+        id: 'sendgrid-key',
+        description: 'SendGrid API key',
+        pattern: /\bSG\.[a-zA-Z0-9\-_]{22,}\.[a-zA-Z0-9\-_]{43,}\b/g,
+    },
+    {
+        id: 'twilio-account-sid',
+        description: 'Twilio Account SID',
+        pattern: /\bAC[0-9a-fA-F]{32}\b/g,
+    },
+    {
+        id: 'twilio-auth-token',
+        description: 'Twilio Auth Token (heuristic)',
+        pattern: /(?:twilio[_\s\-]*(?:auth[_\s\-]*)?token)["\s:=]+([0-9a-f]{32})\b/gi,
+    },
+    // ── Private Keys / Certificates ───────────────────────────
+    {
+        id: 'pem-private-key',
+        description: 'PEM private key block',
+        pattern: /-----BEGIN (?:RSA |EC |DSA |OPENSSH |ENCRYPTED )?PRIVATE KEY-----/g,
+    },
+    {
+        id: 'pem-certificate',
+        description: 'PEM certificate (may contain private data)',
+        pattern: /-----BEGIN CERTIFICATE-----/g,
+    },
+    // ── Passwords in common config patterns ───────────────────
+    {
+        id: 'password-assignment',
+        description: 'Password in config-like assignment',
+        // Matches: password=<value>, "password": "<value>", PASSWORD=<value>
+        pattern: /(?:^|[,{;\n])\s*(?:password|passwd|secret|token|api_key|apikey|api-key|access_token|auth_token|client_secret)\s*[=:]\s*["']([^"'\n]{8,})["']/gim,
+        minEntropy: 2.5,
+    },
+    // ── Database connection strings ────────────────────────────
+    {
+        id: 'db-connection-string',
+        description: 'Database connection string with credentials',
+        pattern: /(?:postgres|postgresql|mysql|mongodb|redis):\/\/[^:]+:[^@]{6,}@/gi,
+    },
+    // ── Bearer tokens ─────────────────────────────────────────
+    {
+        id: 'bearer-token-header',
+        description: 'Bearer token in Authorization header value',
+        pattern: /Authorization[:\s]+Bearer\s+([a-zA-Z0-9\-_=.]{20,})/gi,
+    },
+    // ── JWT ───────────────────────────────────────────────────
+    {
+        id: 'jwt-token',
+        description: 'JSON Web Token',
+        pattern: /\beyJ[a-zA-Z0-9\-_]+\.eyJ[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\b/g,
+        minEntropy: 3.0,
+    },
+    // ── OpenClaw-specific ──────────────────────────────────────
+    {
+        id: 'openclaw-api-key',
+        description: 'OpenClaw API key',
+        pattern: /\boc_[a-zA-Z0-9\-_]{24,}\b/g,
+    },
+];
+// ─── Entropy Calculation ─────────────────────────────────────────
+/**
+ * Calculate Shannon entropy of a string (bits per character, base 2).
+ * Used to filter out low-entropy false positives like "password=example".
+ */
+function shannonEntropy(s) {
+    if (s.length === 0)
+        return 0;
+    const freq = new Map();
+    for (const ch of s) {
+        freq.set(ch, (freq.get(ch) || 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / s.length;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+// ─── Redaction ───────────────────────────────────────────────────
+/**
+ * Redact a matched value: show first 3 and last 3 characters, mask the middle.
+ */
+function redact(value) {
+    if (value.length <= 8)
+        return '[REDACTED]';
+    const prefix = value.slice(0, 3);
+    const suffix = value.slice(-3);
+    const masked = '*'.repeat(Math.min(value.length - 6, 20));
+    return `${prefix}${masked}${suffix}`;
+}
+// ─── Public API ──────────────────────────────────────────────────
+/**
+ * Scan content for secrets before promoting to shared visibility.
+ *
+ * Returns { clean: true } when no secrets found.
+ * Returns { clean: false, hits } when secrets are detected.
+ *
+ * Callers must NOT write content with visibility >= 'org' when clean is false.
+ */
+export function scanForSecrets(content) {
+    const hits = [];
+    for (const rule of RULES) {
+        // Reset lastIndex for global regexes
+        rule.pattern.lastIndex = 0;
+        let match;
+        while ((match = rule.pattern.exec(content)) !== null) {
+            const matched = match[1] ?? match[0]; // prefer capture group 1 if present
+            // Entropy filter
+            if (rule.minEntropy && shannonEntropy(matched) < rule.minEntropy) {
+                continue;
+            }
+            hits.push({
+                rule: rule.id,
+                description: rule.description,
+                redactedMatch: redact(matched),
+                offset: match.index,
+            });
+            // Cap at 10 hits per content to avoid O(n²) explosion on adversarial input
+            if (hits.length >= 10)
+                break;
+        }
+        if (hits.length >= 10)
+            break;
+    }
+    return { clean: hits.length === 0, hits };
+}
+/**
+ * Returns true when content is safe to promote to shared visibility (>= 'org').
+ * Convenience wrapper around scanForSecrets.
+ */
+export function isSafeForSharedVisibility(content) {
+    return scanForSecrets(content).clean;
+}
+/**
+ * Check whether a visibility level requires secret scanning.
+ * Scanning is required for 'org', 'council', and 'fleet'.
+ * 'private' content stays with the owner — no cross-agent risk.
+ */
+export function requiresScan(visibility) {
+    return visibility === 'org' || visibility === 'council' || visibility === 'fleet';
+}
+//# sourceMappingURL=secret-scanner.js.map

package/dist/seed.d.ts

@@ -0,0 +1,108 @@
+/**
+ * HyperMem Workspace Seeder
+ *
+ * Reads ACA workspace files, chunks them by logical section, and indexes
+ * into HyperMem for demand-loaded retrieval (ACA offload).
+ *
+ * Usage:
+ *   const seeder = new WorkspaceSeeder(hypermem);
+ *   const result = await seeder.seedWorkspace('/path/to/workspace', { agentId: 'forge' });
+ *
+ * Idempotent: skips files whose source hash hasn't changed since last index.
+ * Atomic: each file's chunks are swapped in a single transaction.
+ *
+ * Files seeded (from ACA_COLLECTIONS):
+ *   POLICY.md      → governance/policy   (shared-fleet)
+ *   CHARTER.md     → governance/charter  (per-tier)
+ *   COMMS.md       → governance/comms    (shared-fleet)
+ *   AGENTS.md      → operations/agents   (per-tier)
+ *   TOOLS.md       → operations/tools    (per-agent)
+ *   SOUL.md        → identity/soul       (per-agent)
+ *   JOB.md         → identity/job        (per-agent)
+ *   MOTIVATIONS.md → identity/motivations(per-agent)
+ *   MEMORY.md      → memory/decisions    (per-agent)
+ *   memory/*.md    → memory/daily        (per-agent)
+ */
+import { type IndexResult } from './doc-chunk-store.js';
+export interface SeedOptions {
+    /** Agent ID for per-agent scoped chunks */
+    agentId?: string;
+    /** Tier for per-tier scoped chunks (council/director) */
+    tier?: string;
+    /** Whether to force re-index even if hash unchanged */
+    force?: boolean;
+    /** Only seed specific collections (e.g., ['governance/policy']) */
+    collections?: string[];
+    /** Whether to include daily memory files (memory/YYYY-MM-DD.md) */
+    includeDailyMemory?: boolean;
+    /** Max daily memory files to include (most recent first) */
+    dailyMemoryLimit?: number;
+}
+export interface SeedFileResult {
+    filePath: string;
+    collection: string;
+    result: IndexResult;
+}
+export interface SeedResult {
+    /** Files successfully processed */
+    files: SeedFileResult[];
+    /** Total new chunks inserted */
+    totalInserted: number;
+    /** Total stale chunks deleted */
+    totalDeleted: number;
+    /** Files that were up to date (skipped) */
+    skipped: number;
+    /** Files that were re-indexed */
+    reindexed: number;
+    /** Files that had errors */
+    errors: Array<{
+        filePath: string;
+        error: string;
+    }>;
+}
+export declare class WorkspaceSeeder {
+    private db;
+    private chunkStore;
+    constructor(db: import('node:sqlite').DatabaseSync);
+    /**
+     * Seed all ACA files from a workspace directory.
+     */
+    seedWorkspace(workspaceDir: string, opts?: SeedOptions): Promise<SeedResult>;
+    /**
+     * Seed a single file explicitly.
+     */
+    seedFile(filePath: string, collection: string, opts?: SeedOptions): SeedFileResult;
+    /**
+     * Check which workspace files need re-indexing.
+     */
+    checkStaleness(workspaceDir: string, opts?: SeedOptions): Array<{
+        filePath: string;
+        collection: string;
+        needsReindex: boolean;
+    }>;
+    /**
+     * Get stats about what's currently indexed.
+     */
+    getIndexStats(): {
+        collection: string;
+        count: number;
+        sources: number;
+        totalTokens: number;
+    }[];
+    /**
+     * Query indexed chunks by collection.
+     */
+    queryChunks(collection: string, opts?: {
+        agentId?: string;
+        tier?: string;
+        limit?: number;
+        keyword?: string;
+    }): import("./doc-chunk-store.js").DocChunkRow[];
+    private discoverFiles;
+}
+/**
+ * Seed a workspace directly from a DatabaseSync instance.
+ * Convenience wrapper for use in the hook handler and CLI.
+ */
+export declare function seedWorkspace(db: import('node:sqlite').DatabaseSync, workspaceDir: string, opts?: SeedOptions): Promise<SeedResult>;
+//# sourceMappingURL=seed.d.ts.map

package/dist/seed.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"seed.d.ts","sourceRoot":"","sources":["../src/seed.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAKH,OAAO,EAAiB,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAIvE,MAAM,WAAW,WAAW;IAC1B,2CAA2C;IAC3C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,yDAAyD;IACzD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,uDAAuD;IACvD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,mEAAmE;IACnE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,mEAAmE;IACnE,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,4DAA4D;IAC5D,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,WAAW,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,mCAAmC;IACnC,KAAK,EAAE,cAAc,EAAE,CAAC;IACxB,gCAAgC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,YAAY,EAAE,MAAM,CAAC;IACrB,2CAA2C;IAC3C,OAAO,EAAE,MAAM,CAAC;IAChB,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,4BAA4B;IAC5B,MAAM,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACpD;AAID,qBAAa,eAAe;IAGd,OAAO,CAAC,EAAE;IAFtB,OAAO,CAAC,UAAU,CAAgB;gBAEd,EAAE,EAAE,OAAO,aAAa,EAAE,YAAY;IAI1D;;OAEG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,UAAU,CAAC;IAmDtF;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,cAAc;IAmBtF;;OAEG;IACH,cAAc,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,KAAK,CAAC;QAClE,QAAQ,EAAE,MAAM,CAAC;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC;IAeF;;OAEG;IACH,aAAa;;;;;;IAIb;;OAEG;IACH,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,GAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAO;IAMhH,OAAO,CAAC,aAAa;CAuCtB;AAID;;;GAGG;AACH,wBAAsB,aAAa,CACjC,EAAE,EAAE,OAAO,aAAa,EAAE,YAAY,EACtC,YAAY,EAAE,MAAM,EACpB,IAAI,GAAE,WAAgB,GACrB,OAAO,CAAC,UAAU,CAAC,CAGrB"}