@pugi/cli 0.1.0-alpha.18 → 0.1.0-alpha.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +33 -0
- package/dist/commands/deploy.js +439 -0
- package/dist/core/edits/dispatch.js +185 -0
- package/dist/core/edits/index.js +15 -0
- package/dist/core/edits/layer-a-apply.js +217 -0
- package/dist/core/edits/layer-b-apply.js +211 -0
- package/dist/core/edits/layer-c-apply.js +160 -0
- package/dist/core/edits/layer-d-ast.js +29 -0
- package/dist/core/edits/marker-parser.js +401 -0
- package/dist/core/edits/security-gate.js +223 -0
- package/dist/core/repl/cancellation.js +98 -0
- package/dist/core/repl/dispatch-fsm.js +204 -0
- package/dist/core/repl/privacy-banner.js +4 -4
- package/dist/core/repl/session.js +90 -0
- package/dist/core/repl/slash-commands.js +12 -3
- package/dist/runtime/cli.js +193 -1
- package/dist/runtime/commands/config.js +136 -0
- package/package.json +2 -2
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Cancellation token — Sprint α6.9 Phase 1 (agent loop FSM + cancellation).
|
|
3
|
+
*
|
|
4
|
+
* A pure-JS one-shot signal that fans out to N listeners. One token is
|
|
5
|
+
* minted per dispatch turn (fresh on each operator brief); when the
|
|
6
|
+
* operator hits Ctrl+C, the REPL calls `abort()` which:
|
|
7
|
+
*
|
|
8
|
+
* 1. Latches `aborted = true` so any future `isAborted` check returns
|
|
9
|
+
* true (a tool that observes the flag mid-execution can short-circuit
|
|
10
|
+
* its loop without waiting for an explicit signal-handler callback).
|
|
11
|
+
* 2. Drains the listener set, firing each callback exactly once. The
|
|
12
|
+
* set is cleared after the drain so a late `onAbort` listener
|
|
13
|
+
* attached AFTER abort does NOT fire — that is the documented
|
|
14
|
+
* contract; late listeners are expected to check `isAborted`
|
|
15
|
+
* explicitly at registration time if they need to know whether the
|
|
16
|
+
* token already tripped.
|
|
17
|
+
*
|
|
18
|
+
* Design choices:
|
|
19
|
+
*
|
|
20
|
+
* - No coupling to `AbortController` / `AbortSignal`. The session +
|
|
21
|
+
* tool path are wrapped around this token; where a Web platform
|
|
22
|
+
* primitive is needed (fetch signal, MCP call), the wrapper bridges
|
|
23
|
+
* `onAbort` → `controller.abort()` at the seam.
|
|
24
|
+
* - Idempotent `abort()`. Calling twice is safe and the second call is
|
|
25
|
+
* a no-op (the listener set is already empty). This matters because
|
|
26
|
+
* two code paths can race to cancel — the Ctrl+C handler and a
|
|
27
|
+
* downstream tool that observed `isAborted` and threw — and both
|
|
28
|
+
* end up calling `dispatch.cancel()` which transitively calls
|
|
29
|
+
* `token.abort()`.
|
|
30
|
+
* - Listener errors do NOT block the drain. A throwing listener
|
|
31
|
+
* stops itself but the next listener still fires. The error is
|
|
32
|
+
* swallowed because the cancellation path is best-effort and
|
|
33
|
+
* surfacing the error mid-drain would leak through the abort
|
|
34
|
+
* pathway into the REPL state (a UI rerender on a half-aborted
|
|
35
|
+
* session is worse than a silent listener crash).
|
|
36
|
+
*
|
|
37
|
+
* Brand voice: no forbidden words. ASCII only. No emoji.
|
|
38
|
+
*/
|
|
39
|
+
export class CancellationToken {
|
|
40
|
+
aborted = false;
|
|
41
|
+
listeners = new Set();
|
|
42
|
+
/**
|
|
43
|
+
* Latch the token to aborted and fire every currently-attached
|
|
44
|
+
* listener exactly once. Subsequent `abort()` calls are no-ops
|
|
45
|
+
* (idempotent — the listener set was already cleared on first abort).
|
|
46
|
+
* Listener callbacks that throw are swallowed; the next listener
|
|
47
|
+
* still fires.
|
|
48
|
+
*/
|
|
49
|
+
abort() {
|
|
50
|
+
if (this.aborted)
|
|
51
|
+
return;
|
|
52
|
+
this.aborted = true;
|
|
53
|
+
// Snapshot the listener set so a listener that mutates the set
|
|
54
|
+
// (e.g. detaches itself via the returned unsubscribe handle while
|
|
55
|
+
// its own callback is running) does not corrupt the iteration.
|
|
56
|
+
const snapshot = Array.from(this.listeners);
|
|
57
|
+
this.listeners.clear();
|
|
58
|
+
for (const listener of snapshot) {
|
|
59
|
+
try {
|
|
60
|
+
listener();
|
|
61
|
+
}
|
|
62
|
+
catch {
|
|
63
|
+
// Swallow listener errors — see header comment for rationale.
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* True after `abort()` has been called. Mutation observers and tool
|
|
69
|
+
* inner loops should read this BEFORE each potentially-expensive
|
|
70
|
+
* iteration so they can short-circuit on cancel.
|
|
71
|
+
*/
|
|
72
|
+
get isAborted() {
|
|
73
|
+
return this.aborted;
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Register a callback that fires on the FIRST `abort()` call. If the
|
|
77
|
+
* token has already aborted at registration time, the callback is
|
|
78
|
+
* NOT auto-fired — the caller is responsible for checking
|
|
79
|
+
* `isAborted` first.
|
|
80
|
+
*
|
|
81
|
+
* Returns an unsubscribe handle. Calling it before abort detaches the
|
|
82
|
+
* listener so it never fires; calling it after abort is a no-op (the
|
|
83
|
+
* set was already drained).
|
|
84
|
+
*/
|
|
85
|
+
onAbort(listener) {
|
|
86
|
+
if (this.aborted) {
|
|
87
|
+
// Document the contract by returning a no-op unsubscribe handle.
|
|
88
|
+
// The listener does NOT fire — late subscribers must check
|
|
89
|
+
// isAborted at registration time.
|
|
90
|
+
return () => undefined;
|
|
91
|
+
}
|
|
92
|
+
this.listeners.add(listener);
|
|
93
|
+
return () => {
|
|
94
|
+
this.listeners.delete(listener);
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
//# sourceMappingURL=cancellation.js.map
|
|
@@ -0,0 +1,204 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dispatch FSM — Sprint α6.9 Phase 1 (agent loop FSM + cancellation).
|
|
3
|
+
*
|
|
4
|
+
* Tracks the lifecycle of a single operator-issued brief from the moment
|
|
5
|
+
* `POST /api/pugi/sessions/:id/brief` fires until the persona returns a
|
|
6
|
+
* final reply (or the operator aborts). The Ctrl+C handler and the
|
|
7
|
+
* status-bar surface both subscribe to state transitions so the UX is
|
|
8
|
+
* predictable: the operator can always tell where the dispatch is in
|
|
9
|
+
* its lifecycle and the abort signal lands at a deterministic seam.
|
|
10
|
+
*
|
|
11
|
+
* State graph:
|
|
12
|
+
*
|
|
13
|
+
* idle
|
|
14
|
+
* │ (brief posted)
|
|
15
|
+
* ▼
|
|
16
|
+
* awaiting_response ←──────────┐
|
|
17
|
+
* │ │ (next turn)
|
|
18
|
+
* ▼ │
|
|
19
|
+
* tool_running ────────────────┘
|
|
20
|
+
* │
|
|
21
|
+
* ▼
|
|
22
|
+
* completed
|
|
23
|
+
*
|
|
24
|
+
* Terminal states: `completed`, `failed`, `aborted`. The FSM does not
|
|
25
|
+
* transition out of a terminal state; a fresh brief mints a new FSM
|
|
26
|
+
* instance. `aborting` is transient — any non-terminal state can
|
|
27
|
+
* transition to `aborting`, which then transitions to `aborted` once
|
|
28
|
+
* the SSE stream + in-flight tool acknowledge the abort.
|
|
29
|
+
*
|
|
30
|
+
* Illegal transitions are rejected by throwing a typed error. This is
|
|
31
|
+
* load-bearing: a bug that tries to walk `completed → tool_running`
|
|
32
|
+
* would otherwise silently corrupt the agent tree. Throwing fails
|
|
33
|
+
* loud at the call site so the integration bug surfaces immediately.
|
|
34
|
+
*
|
|
35
|
+
* onEnter listeners fire AFTER the state transition is committed.
|
|
36
|
+
* Subscribers can call `transition()` from inside a listener; the FSM
|
|
37
|
+
* uses a small re-entrancy guard so nested transitions are processed
|
|
38
|
+
* in order (the inner transition fires its own listeners before the
|
|
39
|
+
* outer transition returns).
|
|
40
|
+
*
|
|
41
|
+
* Brand voice: no forbidden words. ASCII only. No emoji.
|
|
42
|
+
*/
|
|
43
|
+
/**
|
|
44
|
+
* Legal transitions per state. Building the matrix at module scope
|
|
45
|
+
* keeps the FSM declarative and exhaustive — adding a new state forces
|
|
46
|
+
* the matrix update at typecheck time.
|
|
47
|
+
*
|
|
48
|
+
* `idle` is the start state. Posting a brief moves to
|
|
49
|
+
* `awaiting_response`. The model's first turn either returns a final
|
|
50
|
+
* text (`completed`), requests tools (`tool_running`), or fails
|
|
51
|
+
* (`failed`). After tools execute the model gets another turn
|
|
52
|
+
* (`awaiting_response`); the cycle repeats until a final text or a
|
|
53
|
+
* terminal outcome.
|
|
54
|
+
*
|
|
55
|
+
* `aborting` is reachable from every non-terminal state. From
|
|
56
|
+
* `aborting` we always end at `aborted` (no rollback — once the
|
|
57
|
+
* operator aborts, the dispatch is dead). Terminal states have no
|
|
58
|
+
* outgoing transitions.
|
|
59
|
+
*/
|
|
60
|
+
const LEGAL_TRANSITIONS = {
|
|
61
|
+
idle: new Set(['awaiting_response', 'aborting']),
|
|
62
|
+
awaiting_response: new Set([
|
|
63
|
+
'tool_running',
|
|
64
|
+
'completed',
|
|
65
|
+
'failed',
|
|
66
|
+
'aborting',
|
|
67
|
+
]),
|
|
68
|
+
tool_running: new Set([
|
|
69
|
+
'awaiting_response',
|
|
70
|
+
'completed',
|
|
71
|
+
'failed',
|
|
72
|
+
'aborting',
|
|
73
|
+
]),
|
|
74
|
+
aborting: new Set(['aborted']),
|
|
75
|
+
aborted: new Set(),
|
|
76
|
+
completed: new Set(),
|
|
77
|
+
failed: new Set(),
|
|
78
|
+
};
|
|
79
|
+
/**
|
|
80
|
+
* Thrown when `transition()` is called with a state that is not in the
|
|
81
|
+
* current state's legal outgoing set. Carries enough context that a log
|
|
82
|
+
* line can be reconstructed at the call site.
|
|
83
|
+
*/
|
|
84
|
+
export class IllegalDispatchTransitionError extends Error {
|
|
85
|
+
from;
|
|
86
|
+
to;
|
|
87
|
+
constructor(from, to) {
|
|
88
|
+
super(`Illegal dispatch FSM transition: ${from} -> ${to}`);
|
|
89
|
+
this.name = 'IllegalDispatchTransitionError';
|
|
90
|
+
this.from = from;
|
|
91
|
+
this.to = to;
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
export class DispatchFSM {
|
|
95
|
+
state = 'idle';
|
|
96
|
+
listeners = new Map();
|
|
97
|
+
/**
|
|
98
|
+
* Re-entrancy guard. While `firing === true` we are draining the
|
|
99
|
+
* listener fan-out for an in-progress transition. A nested
|
|
100
|
+
* `transition()` call from inside a listener queues into `pending`
|
|
101
|
+
* instead of recursing, so the legality check + state mutation +
|
|
102
|
+
* listener drain happen sequentially in commit order. Without this,
|
|
103
|
+
* a listener that immediately fired another transition would mutate
|
|
104
|
+
* `this.state` mid-iteration of the outer listener snapshot, which
|
|
105
|
+
* (a) could turn a legal outer transition into a thrown illegal
|
|
106
|
+
* inner one (the legality check reads `this.state` already mutated),
|
|
107
|
+
* (b) could ship `onEnter(B)` reasons under state A's snapshot.
|
|
108
|
+
* Queueing keeps the transition log linear.
|
|
109
|
+
*/
|
|
110
|
+
firing = false;
|
|
111
|
+
pending = [];
|
|
112
|
+
/**
|
|
113
|
+
* Current state. Read-only — mutate via `transition()`.
|
|
114
|
+
*/
|
|
115
|
+
get current() {
|
|
116
|
+
return this.state;
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* True when the current state is one of `completed`, `failed`,
|
|
120
|
+
* `aborted`. Terminal states cannot transition further.
|
|
121
|
+
*/
|
|
122
|
+
get isTerminal() {
|
|
123
|
+
return this.state === 'completed' || this.state === 'failed' || this.state === 'aborted';
|
|
124
|
+
}
|
|
125
|
+
/**
|
|
126
|
+
* Transition the FSM to `next`, optionally carrying a `reason` string
|
|
127
|
+
* that is forwarded to `onEnter` listeners. Throws
|
|
128
|
+
* `IllegalDispatchTransitionError` when the transition is not in the
|
|
129
|
+
* current state's legal outgoing set.
|
|
130
|
+
*
|
|
131
|
+
* Listener errors do NOT block the transition. A throwing listener
|
|
132
|
+
* stops itself but the transition is already committed; the next
|
|
133
|
+
* listener still fires.
|
|
134
|
+
*
|
|
135
|
+
* Re-entrant calls (a listener calls `transition()` again) are
|
|
136
|
+
* queued — the inner transition runs after the outer listener drain
|
|
137
|
+
* completes, in FIFO order. See `firing` field comment.
|
|
138
|
+
*/
|
|
139
|
+
transition(next, reason) {
|
|
140
|
+
if (this.firing) {
|
|
141
|
+
this.pending.push({ next, reason });
|
|
142
|
+
return;
|
|
143
|
+
}
|
|
144
|
+
this.firing = true;
|
|
145
|
+
try {
|
|
146
|
+
this.commit(next, reason);
|
|
147
|
+
while (this.pending.length > 0) {
|
|
148
|
+
const queued = this.pending.shift();
|
|
149
|
+
if (!queued)
|
|
150
|
+
break;
|
|
151
|
+
this.commit(queued.next, queued.reason);
|
|
152
|
+
}
|
|
153
|
+
}
|
|
154
|
+
finally {
|
|
155
|
+
this.firing = false;
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* Inner commit step — legality check + state mutation + listener
|
|
160
|
+
* drain. Called by `transition()` directly for the first move and
|
|
161
|
+
* for every queued nested move thereafter. Errors propagate to the
|
|
162
|
+
* outer `transition()` caller (illegal transitions still throw).
|
|
163
|
+
*/
|
|
164
|
+
commit(next, reason) {
|
|
165
|
+
const legal = LEGAL_TRANSITIONS[this.state];
|
|
166
|
+
if (!legal.has(next)) {
|
|
167
|
+
throw new IllegalDispatchTransitionError(this.state, next);
|
|
168
|
+
}
|
|
169
|
+
this.state = next;
|
|
170
|
+
const set = this.listeners.get(next);
|
|
171
|
+
if (!set || set.size === 0)
|
|
172
|
+
return;
|
|
173
|
+
// Snapshot the listener set so a listener that detaches itself
|
|
174
|
+
// (via the returned unsubscribe handle) does not corrupt iteration.
|
|
175
|
+
const snapshot = Array.from(set);
|
|
176
|
+
for (const listener of snapshot) {
|
|
177
|
+
try {
|
|
178
|
+
listener(reason);
|
|
179
|
+
}
|
|
180
|
+
catch {
|
|
181
|
+
// Swallow listener errors — see header comment for rationale.
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
/**
|
|
186
|
+
* Register a listener that fires whenever the FSM ENTERS `state`. The
|
|
187
|
+
* listener does NOT fire if the FSM is already in `state` at
|
|
188
|
+
* registration time — onEnter is edge-triggered, not level-triggered.
|
|
189
|
+
*
|
|
190
|
+
* Returns an unsubscribe handle.
|
|
191
|
+
*/
|
|
192
|
+
onEnter(state, listener) {
|
|
193
|
+
let set = this.listeners.get(state);
|
|
194
|
+
if (!set) {
|
|
195
|
+
set = new Set();
|
|
196
|
+
this.listeners.set(state, set);
|
|
197
|
+
}
|
|
198
|
+
set.add(listener);
|
|
199
|
+
return () => {
|
|
200
|
+
set?.delete(listener);
|
|
201
|
+
};
|
|
202
|
+
}
|
|
203
|
+
}
|
|
204
|
+
//# sourceMappingURL=dispatch-fsm.js.map
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Privacy mode REPL surface
|
|
2
|
+
* Privacy mode REPL surface - alpha 6.13 (Phase 1).
|
|
3
3
|
*
|
|
4
4
|
* Two surfaces:
|
|
5
5
|
*
|
|
6
|
-
* 1. `renderPrivacyBanner(mode)`
|
|
6
|
+
* 1. `renderPrivacyBanner(mode)` - one-line banner shown on REPL
|
|
7
7
|
* bootstrap (mirrors `apps/admin-api/src/privacy/privacy-mode.ts`
|
|
8
|
-
* `PRIVACY_MODE_BANNER` verbatim
|
|
8
|
+
* `PRIVACY_MODE_BANNER` verbatim - keep in sync, the unit spec
|
|
9
9
|
* asserts they match).
|
|
10
10
|
*
|
|
11
|
-
* 2. `renderPrivacyContractDoc(mode)`
|
|
11
|
+
* 2. `renderPrivacyContractDoc(mode)` - multi-line contract doc the
|
|
12
12
|
* `/privacy` slash command prints. Shows the active mode header
|
|
13
13
|
* + the full 3-mode contract so the operator can compare their
|
|
14
14
|
* current posture to the alternatives without leaving the REPL.
|
|
@@ -134,6 +134,22 @@ export class ReplSession {
|
|
|
134
134
|
* with `[store]` errors on every keystroke.
|
|
135
135
|
*/
|
|
136
136
|
storeErrorEmitted = false;
|
|
137
|
+
/**
|
|
138
|
+
* Privacy mode fetched on bootstrap from /api/admin/privacy/mode and
|
|
139
|
+
* surfaced via `renderPrivacyBanner` (one-line system message after
|
|
140
|
+
* splash). Cached on the session so the in-REPL `/privacy` slash
|
|
141
|
+
* command can render the live mode without a second round-trip on
|
|
142
|
+
* the input box's thread. Null means "not yet fetched" (still
|
|
143
|
+
* connecting) OR "fetch failed" (offline / unauthenticated). The
|
|
144
|
+
* `/privacy` slash falls back to the contract doc with an "unknown"
|
|
145
|
+
* banner when null.
|
|
146
|
+
*
|
|
147
|
+
* Triple-review P1 fix (2026-05-25): the prior build defined
|
|
148
|
+
* `renderPrivacyBanner` but never called it, and `/privacy` always
|
|
149
|
+
* rendered with `null` mode. The contract was advertised but the
|
|
150
|
+
* operator had no mode visibility.
|
|
151
|
+
*/
|
|
152
|
+
privacyMode = null;
|
|
137
153
|
/**
|
|
138
154
|
* α6.5 Tier 0 / Tier 1 / chokidar wiring. The bootstrap builds the
|
|
139
155
|
* skeleton + working set + watcher once and hands them to the
|
|
@@ -270,12 +286,58 @@ export class ReplSession {
|
|
|
270
286
|
});
|
|
271
287
|
this.patch({ sessionId, connection: 'connecting' });
|
|
272
288
|
this.openStream();
|
|
289
|
+
// alpha 6.13 privacy banner. Fire-and-forget - never blocks the
|
|
290
|
+
// input box on the network round-trip. The banner is a single
|
|
291
|
+
// system-line so the operator sees the active mode under the
|
|
292
|
+
// splash without an extra slash command. Mode is cached on the
|
|
293
|
+
// session so `/privacy` later renders the live value without a
|
|
294
|
+
// second fetch. Failure to fetch (offline, unauthenticated,
|
|
295
|
+
// admin-api down) is silent - the operator can still type
|
|
296
|
+
// `/privacy` to see the contract.
|
|
297
|
+
void this.fetchAndAnnouncePrivacyMode().catch(() => undefined);
|
|
273
298
|
}
|
|
274
299
|
catch (error) {
|
|
275
300
|
this.appendSystemLine(`Could not open Pugi session: ${this.errorMessage(error)}`);
|
|
276
301
|
this.patch({ connection: 'offline' });
|
|
277
302
|
}
|
|
278
303
|
}
|
|
304
|
+
/**
|
|
305
|
+
* Fetch the tenant's current privacy mode from
|
|
306
|
+
* `GET /api/admin/privacy/mode`, cache it on the session, and emit
|
|
307
|
+
* a one-line system banner so the operator sees their active mode
|
|
308
|
+
* right under the bootstrap splash. Failure is silent - missing
|
|
309
|
+
* banner is preferable to a noisy "could not fetch privacy mode"
|
|
310
|
+
* line on every login.
|
|
311
|
+
*
|
|
312
|
+
* Triple-review P1 fix (2026-05-25): without this call,
|
|
313
|
+
* `renderPrivacyBanner` was defined but never reached the wire, and
|
|
314
|
+
* `/privacy` always rendered with `null` mode.
|
|
315
|
+
*/
|
|
316
|
+
async fetchAndAnnouncePrivacyMode() {
|
|
317
|
+
const { renderPrivacyBanner, isPrivacyMode } = await import('./privacy-banner.js');
|
|
318
|
+
try {
|
|
319
|
+
const url = `${this.options.apiUrl.replace(/\/+$/, '')}/api/admin/privacy/mode`;
|
|
320
|
+
const res = await fetch(url, {
|
|
321
|
+
headers: {
|
|
322
|
+
authorization: `Bearer ${this.options.apiKey}`,
|
|
323
|
+
accept: 'application/json',
|
|
324
|
+
},
|
|
325
|
+
});
|
|
326
|
+
if (!res.ok) {
|
|
327
|
+
// Silent fail - banner is decoration, not a blocking surface.
|
|
328
|
+
return;
|
|
329
|
+
}
|
|
330
|
+
const payload = (await res.json());
|
|
331
|
+
const mode = payload.mode;
|
|
332
|
+
if (typeof mode === 'string' && isPrivacyMode(mode)) {
|
|
333
|
+
this.privacyMode = mode;
|
|
334
|
+
this.appendSystemLine(renderPrivacyBanner(mode));
|
|
335
|
+
}
|
|
336
|
+
}
|
|
337
|
+
catch {
|
|
338
|
+
// Silent fail - offline / DNS / unauth all collapse to no banner.
|
|
339
|
+
}
|
|
340
|
+
}
|
|
279
341
|
/**
|
|
280
342
|
* Tear down the SSE stream and stop the reconnect timer. The session
|
|
281
343
|
* id stays valid server-side; `pugi resume <id>` reopens later.
|
|
@@ -396,12 +458,40 @@ export class ReplSession {
|
|
|
396
458
|
this.patch({ pendingAsk: askTag, pendingAskSource: 'local' });
|
|
397
459
|
return verdict;
|
|
398
460
|
}
|
|
461
|
+
case 'privacy': {
|
|
462
|
+
// alpha 6.13: print the full mode contract + current banner
|
|
463
|
+
// inline. The current mode is resolved lazily by the helper -
|
|
464
|
+
// when unauthenticated or offline the banner falls back to
|
|
465
|
+
// "(unknown - mode lookup pending)" and the contract doc still
|
|
466
|
+
// renders so the operator can read the alternatives.
|
|
467
|
+
await this.dispatchPrivacy();
|
|
468
|
+
return verdict;
|
|
469
|
+
}
|
|
399
470
|
case 'stub': {
|
|
400
471
|
this.appendSystemLine(verdict.message);
|
|
401
472
|
return verdict;
|
|
402
473
|
}
|
|
403
474
|
}
|
|
404
475
|
}
|
|
476
|
+
/**
|
|
477
|
+
* In-REPL `/privacy` - alpha 6.13. Prints the full 3-mode contract
|
|
478
|
+
* doc + the current mode banner inline. The current mode is fetched
|
|
479
|
+
* via the admin-api /api/admin/privacy/mode endpoint when the
|
|
480
|
+
* operator is authenticated; otherwise the banner falls back to
|
|
481
|
+
* "(unknown)" and the contract doc still renders so the operator
|
|
482
|
+
* can compare modes without leaving the REPL.
|
|
483
|
+
*/
|
|
484
|
+
async dispatchPrivacy() {
|
|
485
|
+
const { renderPrivacyContractDoc } = await import('./privacy-banner.js');
|
|
486
|
+
// Triple-review P1 fix (2026-05-25): use the bootstrap-cached mode
|
|
487
|
+
// so the operator sees the LIVE current mode in the banner header
|
|
488
|
+
// instead of "(unknown)". The fetch happens once on session start;
|
|
489
|
+
// if it failed (offline / unauth) the cache stays null and the
|
|
490
|
+
// banner falls back to "(unknown)" - same UX as before, just with
|
|
491
|
+
// the happy path actually delivering the mode.
|
|
492
|
+
const doc = renderPrivacyContractDoc(this.privacyMode);
|
|
493
|
+
this.appendSystemLine(doc);
|
|
494
|
+
}
|
|
405
495
|
/**
|
|
406
496
|
* In-REPL `/resume` - α6.4. Lists the 10 most recent sessions from
|
|
407
497
|
* the local SessionStore and prints them as a numbered system menu.
|
|
@@ -41,7 +41,9 @@ export const SLASH_STUB_MESSAGES = Object.freeze({
|
|
|
41
41
|
compact: 'Manual context compaction lands in α6.5b.',
|
|
42
42
|
memory: 'Session memory editor lands in α6.5b.',
|
|
43
43
|
config: 'Run `pugi config list` from a fresh shell for the full surface; in-REPL editor lands in α6.5.',
|
|
44
|
-
|
|
44
|
+
// alpha 6.13: /privacy graduated from stub; nothing reads this at
|
|
45
|
+
// runtime but the type record stays exhaustive.
|
|
46
|
+
privacy: '',
|
|
45
47
|
budget: 'Run `pugi budget` from a fresh shell; in-REPL summary lands in α6.5.',
|
|
46
48
|
mcp: 'Run `pugi config mcp list` from a fresh shell; in-REPL palette lands in α6.5.',
|
|
47
49
|
undo: 'Run `pugi undo` from a fresh shell; in-REPL undo lands in α6.5.',
|
|
@@ -67,7 +69,7 @@ export const SLASH_COMMAND_HELP = Object.freeze([
|
|
|
67
69
|
{ name: 'consensus', args: '[ref]', gloss: '3-model consensus review (codex · claude · deepseek)', group: 'Pugi tools' },
|
|
68
70
|
// Settings
|
|
69
71
|
{ name: 'config', args: '', gloss: 'Show config', group: 'Settings', stub: true },
|
|
70
|
-
{ name: 'privacy', args: '', gloss: 'Show privacy mode', group: 'Settings'
|
|
72
|
+
{ name: 'privacy', args: '', gloss: 'Show privacy mode + contract', group: 'Settings' },
|
|
71
73
|
{ name: 'budget', args: '', gloss: 'Show usage budget', group: 'Settings', stub: true },
|
|
72
74
|
{ name: 'mcp', args: '', gloss: 'List MCP servers', group: 'Settings', stub: true },
|
|
73
75
|
{ name: 'undo', args: '', gloss: 'Undo last write', group: 'Settings', stub: true },
|
|
@@ -205,10 +207,17 @@ export function parseSlashCommand(input) {
|
|
|
205
207
|
// skeleton size + working-set utilisation at a glance.
|
|
206
208
|
return { kind: 'context' };
|
|
207
209
|
}
|
|
210
|
+
case 'privacy': {
|
|
211
|
+
// alpha 6.13: real handler - the session module prints the
|
|
212
|
+
// contract doc + the current mode banner. Tail is ignored (no
|
|
213
|
+
// sub-commands today; mode flips go through
|
|
214
|
+
// `pugi config set privacy=<mode>` from a fresh shell so the
|
|
215
|
+
// device flow + audit identity are wired correctly).
|
|
216
|
+
return { kind: 'privacy' };
|
|
217
|
+
}
|
|
208
218
|
case 'compact':
|
|
209
219
|
case 'memory':
|
|
210
220
|
case 'config':
|
|
211
|
-
case 'privacy':
|
|
212
221
|
case 'budget':
|
|
213
222
|
case 'mcp':
|
|
214
223
|
case 'undo': {
|