@pugi/cli 0.1.0-beta.10 → 0.1.0-beta.101

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (464) hide show
  1. package/CHANGELOG.md +132 -0
  2. package/LICENSE +1 -1
  3. package/README.md +55 -11
  4. package/assets/pugi-prozr2-mascot.ansi +9 -0
  5. package/bin/run.js +33 -1
  6. package/dist/commands/deploy.js +40 -40
  7. package/dist/commands/flatten.js +191 -0
  8. package/dist/commands/jobs-watch.js +201 -0
  9. package/dist/commands/jobs.js +42 -27
  10. package/dist/commands/retro.js +210 -0
  11. package/dist/commands/smoke.js +133 -0
  12. package/dist/core/agent-progress/cleanup.js +134 -0
  13. package/dist/core/agent-progress/schema.js +144 -0
  14. package/dist/core/agent-progress/writer.js +101 -0
  15. package/dist/core/agents/adaptive-router.js +330 -0
  16. package/dist/core/agents/query-decomposer.js +297 -0
  17. package/dist/core/agents/registry.js +3 -3
  18. package/dist/core/approvals/shortcut-resolver.js +98 -0
  19. package/dist/core/artifact-chain/dispatcher.js +148 -0
  20. package/dist/core/artifact-chain/exporter.js +164 -0
  21. package/dist/core/artifact-chain/state.js +243 -0
  22. package/dist/core/artifact-chain/steps.js +169 -0
  23. package/dist/core/ask-user/question.js +92 -0
  24. package/dist/core/audit/audit-trail.js +275 -0
  25. package/dist/core/auth/ensure-authenticated.js +129 -0
  26. package/dist/core/auth/env-provider.js +238 -0
  27. package/dist/core/auto-open-browser.js +4 -4
  28. package/dist/core/auto-update/channels.js +122 -0
  29. package/dist/core/auto-update/checker.js +241 -0
  30. package/dist/core/auto-update/state.js +235 -0
  31. package/dist/core/bare-mode/index.js +107 -0
  32. package/dist/core/bash/redirect.js +281 -0
  33. package/dist/core/bash-classifier.js +436 -40
  34. package/dist/core/checkpoint/resumer.js +149 -0
  35. package/dist/core/checkpoint/rewinder.js +291 -0
  36. package/dist/core/checkpoints/shadow-git.js +670 -0
  37. package/dist/core/citations/parser.js +109 -0
  38. package/dist/core/classifier/yolo-classifier.js +88 -0
  39. package/dist/core/codegraph/db.js +506 -0
  40. package/dist/core/codegraph/decision-store.js +248 -0
  41. package/dist/core/codegraph/detect-repo.js +459 -0
  42. package/dist/core/codegraph/install.js +134 -0
  43. package/dist/core/codegraph/offer-hook.js +220 -0
  44. package/dist/core/codegraph/parser.js +598 -0
  45. package/dist/core/codegraph/queries/go.scm +57 -0
  46. package/dist/core/codegraph/queries/javascript.scm +56 -0
  47. package/dist/core/codegraph/queries/python.scm +55 -0
  48. package/dist/core/codegraph/queries/rust.scm +63 -0
  49. package/dist/core/codegraph/queries/typescript.scm +91 -0
  50. package/dist/core/codegraph/reindex.js +218 -0
  51. package/dist/core/codegraph/resolve-edges.js +107 -0
  52. package/dist/core/codegraph/types.js +34 -0
  53. package/dist/core/codegraph/watcher.js +440 -0
  54. package/dist/core/compact/auto-trigger.js +96 -0
  55. package/dist/core/compact/buffer-rewriter.js +115 -0
  56. package/dist/core/compact/summarizer.js +208 -0
  57. package/dist/core/compact/token-counter.js +108 -0
  58. package/dist/core/consensus/anvil-fanout.js +25 -25
  59. package/dist/core/consensus/diff-capture.js +121 -12
  60. package/dist/core/consensus/rubric.js +21 -21
  61. package/dist/core/context/builder.js +6 -6
  62. package/dist/core/context/compaction-events.js +8 -8
  63. package/dist/core/context/compaction.js +31 -31
  64. package/dist/core/context/index.js +15 -8
  65. package/dist/core/context/invariants.js +51 -51
  66. package/dist/core/context/markdown-loader.js +28 -10
  67. package/dist/core/context/markdown-traverse.js +255 -0
  68. package/dist/core/context/pugiignore.js +41 -41
  69. package/dist/core/context/repo-skeleton.js +37 -37
  70. package/dist/core/context/tool-eviction.js +55 -0
  71. package/dist/core/context/watcher.js +32 -32
  72. package/dist/core/context/working-set.js +23 -23
  73. package/dist/core/coordinator/agent-tools.js +77 -0
  74. package/dist/core/coordinator/agent-toolset.js +65 -0
  75. package/dist/core/coordinator/fsm.js +73 -0
  76. package/dist/core/coordinator/mode-fsm.js +70 -0
  77. package/dist/core/cost/rate-card.js +129 -0
  78. package/dist/core/cost/tracker.js +221 -0
  79. package/dist/core/credentials.js +13 -13
  80. package/dist/core/cron/scheduler.js +138 -0
  81. package/dist/core/denial-tracking/index.js +8 -0
  82. package/dist/core/denial-tracking/state.js +264 -0
  83. package/dist/core/diagnostics/probe-runner.js +93 -0
  84. package/dist/core/diagnostics/probes/api.js +46 -0
  85. package/dist/core/diagnostics/probes/auth.js +93 -0
  86. package/dist/core/diagnostics/probes/bare-mode.js +42 -0
  87. package/dist/core/diagnostics/probes/cli-version.js +127 -0
  88. package/dist/core/diagnostics/probes/config.js +72 -0
  89. package/dist/core/diagnostics/probes/denial-tracking.js +57 -0
  90. package/dist/core/diagnostics/probes/disk.js +81 -0
  91. package/dist/core/diagnostics/probes/engine-live.js +46 -0
  92. package/dist/core/diagnostics/probes/git.js +65 -0
  93. package/dist/core/diagnostics/probes/hooks.js +118 -0
  94. package/dist/core/diagnostics/probes/mcp.js +75 -0
  95. package/dist/core/diagnostics/probes/node.js +59 -0
  96. package/dist/core/diagnostics/probes/pnpm.js +36 -0
  97. package/dist/core/diagnostics/probes/pugi-md.js +89 -0
  98. package/dist/core/diagnostics/probes/sandbox.js +67 -0
  99. package/dist/core/diagnostics/probes/session.js +74 -0
  100. package/dist/core/diagnostics/probes/status-snapshot.js +488 -0
  101. package/dist/core/diagnostics/probes/workspace.js +63 -0
  102. package/dist/core/diagnostics/types.js +70 -0
  103. package/dist/core/dispatch/cache-cleanup.js +197 -0
  104. package/dist/core/dispatch/cache-handoff.js +295 -0
  105. package/dist/core/edits/apply-patch-layer-e.js +189 -0
  106. package/dist/core/edits/dispatch.js +333 -7
  107. package/dist/core/edits/format-detector.js +260 -0
  108. package/dist/core/edits/format-matrix.js +26 -0
  109. package/dist/core/edits/fuzzy-ladder.js +650 -0
  110. package/dist/core/edits/index.js +5 -1
  111. package/dist/core/edits/journal.js +199 -0
  112. package/dist/core/edits/layer-a-apply.js +15 -15
  113. package/dist/core/edits/layer-a-fuzzy-apply.js +198 -0
  114. package/dist/core/edits/layer-b-apply.js +9 -9
  115. package/dist/core/edits/layer-c-apply.js +6 -6
  116. package/dist/core/edits/layer-d-ast.js +557 -14
  117. package/dist/core/edits/marker-parser.js +12 -12
  118. package/dist/core/edits/security-gate.js +27 -27
  119. package/dist/core/edits/verify-hook.js +273 -0
  120. package/dist/core/edits/worktree.js +29 -29
  121. package/dist/core/engine/anvil-client.js +214 -26
  122. package/dist/core/engine/auto-compact.js +247 -0
  123. package/dist/core/engine/budgets.js +220 -0
  124. package/dist/core/engine/compact-llm-summarizer.js +124 -0
  125. package/dist/core/engine/context-prefix.js +155 -0
  126. package/dist/core/engine/index.js +1 -1
  127. package/dist/core/engine/intensity.js +163 -0
  128. package/dist/core/engine/intent.js +260 -0
  129. package/dist/core/engine/native-pugi.js +1559 -227
  130. package/dist/core/engine/prompts.js +219 -19
  131. package/dist/core/engine/strip-internal-fields.js +124 -0
  132. package/dist/core/engine/tool-bridge.js +1887 -59
  133. package/dist/core/engine/verification-patterns.js +195 -0
  134. package/dist/core/eval/v1/ledger.js +83 -0
  135. package/dist/core/eval/v1/runner.js +280 -0
  136. package/dist/core/eval/v1/scoring.js +68 -0
  137. package/dist/core/eval/v1/task-loader.js +191 -0
  138. package/dist/core/eval/v1/types.js +14 -0
  139. package/dist/core/eval/v1/verifier.js +176 -0
  140. package/dist/core/eval/v1/yaml-parser.js +250 -0
  141. package/dist/core/evaluation/golden-dataset.js +293 -0
  142. package/dist/core/feedback/queue.js +177 -0
  143. package/dist/core/feedback/submitter.js +145 -0
  144. package/dist/core/file-cache.js +113 -1
  145. package/dist/core/flatten/flatten-repo.js +439 -0
  146. package/dist/core/format/osc8-link.js +28 -0
  147. package/dist/core/hook-chains.js +392 -0
  148. package/dist/core/hooks/citation-verify-hook.js +138 -0
  149. package/dist/core/hooks/citation-verify.js +112 -0
  150. package/dist/core/hooks/events.js +46 -0
  151. package/dist/core/hooks/index.js +15 -0
  152. package/dist/core/hooks/registry.js +216 -0
  153. package/dist/core/hooks/runner.js +236 -0
  154. package/dist/core/hooks/v2/event-emitter.js +115 -0
  155. package/dist/core/hooks/v2/executor.js +282 -0
  156. package/dist/core/hooks/v2/index.js +25 -0
  157. package/dist/core/hooks/v2/lifecycle.js +104 -0
  158. package/dist/core/hooks/v2/loader.js +216 -0
  159. package/dist/core/hooks/v2/matcher.js +125 -0
  160. package/dist/core/hooks/v2/trust.js +143 -0
  161. package/dist/core/hooks/v2/types.js +86 -0
  162. package/dist/core/hooks/worktree-events.js +158 -0
  163. package/dist/core/image/renderer.js +71 -0
  164. package/dist/core/init/detector.js +582 -0
  165. package/dist/core/init/template-renderer.js +242 -0
  166. package/dist/core/jobs/registry.js +18 -18
  167. package/dist/core/ledger/results-tsv.js +142 -0
  168. package/dist/core/log-discipline/stdout-redirect.js +51 -0
  169. package/dist/core/lsp/cache.js +105 -0
  170. package/dist/core/lsp/client.js +551 -41
  171. package/dist/core/lsp/language-detect.js +66 -0
  172. package/dist/core/lsp/post-edit-diagnostics.js +171 -0
  173. package/dist/core/lsp/server-detect.js +173 -0
  174. package/dist/core/lsp/symbol-cache.js +162 -0
  175. package/dist/core/lsp/symbol-tools.js +664 -0
  176. package/dist/core/mcp/client.js +97 -28
  177. package/dist/core/mcp/http-server.js +553 -0
  178. package/dist/core/mcp/orchestrator-config.js +192 -0
  179. package/dist/core/mcp/orchestrator-tools.js +806 -0
  180. package/dist/core/mcp/permission.js +190 -0
  181. package/dist/core/mcp/registry.js +39 -17
  182. package/dist/core/mcp/server-tools.js +219 -0
  183. package/dist/core/mcp/server.js +397 -0
  184. package/dist/core/mcp/trust.js +10 -10
  185. package/dist/core/memory/dual-write.js +416 -0
  186. package/dist/core/memory/passive-extract.js +130 -0
  187. package/dist/core/memory/phase1-kinds.js +20 -0
  188. package/dist/core/memory/secret-scanner.js +304 -0
  189. package/dist/core/memory-sync/queue.js +170 -0
  190. package/dist/core/metrics/extract.js +113 -0
  191. package/dist/core/modes/roo-modes.js +68 -0
  192. package/dist/core/notes/notes-paths.js +113 -0
  193. package/dist/core/notes/notes-recorder.js +140 -0
  194. package/dist/core/notes/notes-writer.js +53 -0
  195. package/dist/core/notes/renderers.js +0 -0
  196. package/dist/core/notes/slug.js +105 -0
  197. package/dist/core/onboarding/ensure-initialized.js +133 -0
  198. package/dist/core/onboarding/marker.js +111 -0
  199. package/dist/core/onboarding/telemetry-state.js +108 -0
  200. package/dist/core/output-style/presets.js +176 -0
  201. package/dist/core/output-style/state.js +185 -0
  202. package/dist/core/path-security.js +287 -5
  203. package/dist/core/permission.js +82 -22
  204. package/dist/core/permissions/auto-classifier.js +124 -0
  205. package/dist/core/permissions/bash-parser.js +371 -0
  206. package/dist/core/permissions/circuit-breaker.js +83 -0
  207. package/dist/core/permissions/constrained-edit.js +91 -0
  208. package/dist/core/permissions/gate.js +278 -0
  209. package/dist/core/permissions/index.js +20 -0
  210. package/dist/core/permissions/mode.js +174 -0
  211. package/dist/core/permissions/network-egress.js +137 -0
  212. package/dist/core/permissions/state.js +241 -0
  213. package/dist/core/permissions/tool-class.js +107 -0
  214. package/dist/core/plan-mode/ui-state.js +51 -0
  215. package/dist/core/plans/plan-artifact.js +721 -0
  216. package/dist/core/policy-limits/etag-store.js +122 -0
  217. package/dist/core/prd-check/parser.js +215 -0
  218. package/dist/core/prd-check/reporter.js +127 -0
  219. package/dist/core/prd-check/session-review.js +557 -0
  220. package/dist/core/prd-check/verifiers.js +223 -0
  221. package/dist/core/prompt-cache/client-cache.js +99 -0
  222. package/dist/core/prompts/assembly.js +29 -0
  223. package/dist/core/prompts/registry.js +364 -0
  224. package/dist/core/pugi-gitignore.js +52 -0
  225. package/dist/core/pugi-md/cc-compat-rules.js +735 -0
  226. package/dist/core/pugi-md/context-injector.js +76 -0
  227. package/dist/core/pugi-md/walk-up.js +207 -0
  228. package/dist/core/python/uv-installer.js +270 -0
  229. package/dist/core/python/uv-resolver.js +83 -0
  230. package/dist/core/rate-limit/narrator.js +146 -0
  231. package/dist/core/recipes/cli-types.js +20 -0
  232. package/dist/core/recipes/loader.js +103 -0
  233. package/dist/core/recipes/runner.js +345 -0
  234. package/dist/core/recipes/schema.js +587 -0
  235. package/dist/core/release-notes/parser.js +241 -0
  236. package/dist/core/release-notes/state.js +116 -0
  237. package/dist/core/repl/ask.js +37 -37
  238. package/dist/core/repl/cancellation.js +26 -26
  239. package/dist/core/repl/cap-warning.js +4 -4
  240. package/dist/core/repl/clipboard-read.js +11 -11
  241. package/dist/core/repl/dispatch-fsm.js +12 -12
  242. package/dist/core/repl/engine-bridge.js +303 -0
  243. package/dist/core/repl/history-search.js +15 -15
  244. package/dist/core/repl/history.js +28 -18
  245. package/dist/core/repl/kill-ring.js +5 -5
  246. package/dist/core/repl/model-pricing.js +135 -0
  247. package/dist/core/repl/privacy-banner.js +22 -22
  248. package/dist/core/repl/session.js +2690 -229
  249. package/dist/core/repl/slash-commands.js +540 -41
  250. package/dist/core/repl/store/index.js +1 -1
  251. package/dist/core/repl/store/jsonl-log.js +22 -22
  252. package/dist/core/repl/store/lockfile.js +10 -10
  253. package/dist/core/repl/store/session-store.js +136 -107
  254. package/dist/core/repl/store/types.js +15 -15
  255. package/dist/core/repl/store/uuid-v7.js +12 -12
  256. package/dist/core/repl/tool-route.js +382 -0
  257. package/dist/core/repl/workspace-context.js +43 -21
  258. package/dist/core/repo-map/build.js +125 -0
  259. package/dist/core/repo-map/cache.js +185 -0
  260. package/dist/core/repo-map/extractor.js +254 -0
  261. package/dist/core/repo-map/formatter.js +145 -0
  262. package/dist/core/repo-map/page-rank.js +105 -0
  263. package/dist/core/repo-map/scanner.js +211 -0
  264. package/dist/core/retro/git-collector.js +251 -0
  265. package/dist/core/retro/health-card.js +25 -0
  266. package/dist/core/retro/metrics.js +342 -0
  267. package/dist/core/retro/narrative.js +249 -0
  268. package/dist/core/retro/plane-collector.js +274 -0
  269. package/dist/core/retro/pr-issue-link.js +65 -0
  270. package/dist/core/retro/types.js +16 -0
  271. package/dist/core/retry-budget/budget.js +284 -0
  272. package/dist/core/retry-budget/index.js +5 -0
  273. package/dist/core/retry-budget/retry-cap.js +74 -0
  274. package/dist/core/routing/lead-worker.js +43 -0
  275. package/dist/core/routing/pre-flight-estimator.js +108 -0
  276. package/dist/core/runs/run-tree.js +103 -0
  277. package/dist/core/sandboxing/adapter.js +43 -0
  278. package/dist/core/sandboxing/bubblewrap.js +209 -0
  279. package/dist/core/sandboxing/index.js +78 -0
  280. package/dist/core/sandboxing/none.js +19 -0
  281. package/dist/core/sandboxing/policy.js +97 -0
  282. package/dist/core/sandboxing/seatbelt.js +231 -0
  283. package/dist/core/security/injection-scanner.js +367 -0
  284. package/dist/core/security/output-filter.js +418 -0
  285. package/dist/core/session/env-file.js +105 -0
  286. package/dist/core/session/section-budgets.js +140 -0
  287. package/dist/core/session.js +119 -0
  288. package/dist/core/settings.js +402 -5
  289. package/dist/core/share/formatter.js +271 -0
  290. package/dist/core/share/redactor.js +221 -0
  291. package/dist/core/share/uploader.js +267 -0
  292. package/dist/core/skills/defaults.js +30 -30
  293. package/dist/core/skills/loader.js +22 -22
  294. package/dist/core/skills/sources.js +27 -27
  295. package/dist/core/smoke/headless-driver.js +174 -0
  296. package/dist/core/smoke/orchestrator.js +194 -0
  297. package/dist/core/smoke/runner.js +238 -0
  298. package/dist/core/smoke/scenario-parser.js +316 -0
  299. package/dist/core/statusline.js +99 -0
  300. package/dist/core/subagents/dispatcher-real.js +600 -0
  301. package/dist/core/subagents/dispatcher.js +146 -52
  302. package/dist/core/subagents/index.js +19 -6
  303. package/dist/core/subagents/isolation-matrix.js +213 -0
  304. package/dist/core/subagents/spawn.js +19 -4
  305. package/dist/core/telemetry/emitter.js +229 -0
  306. package/dist/core/telemetry/queue.js +251 -0
  307. package/dist/core/theme/context.js +91 -0
  308. package/dist/core/theme/presets.js +228 -0
  309. package/dist/core/theme/state.js +181 -0
  310. package/dist/core/todos/invariant.js +10 -0
  311. package/dist/core/todos/state.js +177 -0
  312. package/dist/core/tool-schema/compressor.js +89 -0
  313. package/dist/core/transport/version-interceptor.js +166 -0
  314. package/dist/core/trust.js +2 -2
  315. package/dist/core/tui/thinking-block.js +64 -0
  316. package/dist/core/vim/keymap.js +288 -0
  317. package/dist/core/vim/state.js +92 -0
  318. package/dist/core/watch-markers/marker-watcher.js +133 -0
  319. package/dist/core/worktree/include-parser.js +249 -0
  320. package/dist/core/worktree-manager/cleanup.js +123 -0
  321. package/dist/core/worktree-manager/manager.js +303 -0
  322. package/dist/index.js +36 -0
  323. package/dist/runtime/bootstrap.js +190 -0
  324. package/dist/runtime/cli.js +4403 -561
  325. package/dist/runtime/commands/agents.js +31 -31
  326. package/dist/runtime/commands/budget.js +5 -5
  327. package/dist/runtime/commands/cancel.js +231 -0
  328. package/dist/runtime/commands/chain.js +489 -0
  329. package/dist/runtime/commands/codegraph-status.js +227 -0
  330. package/dist/runtime/commands/compact.js +297 -0
  331. package/dist/runtime/commands/config.js +74 -40
  332. package/dist/runtime/commands/cost.js +199 -0
  333. package/dist/runtime/commands/delegate.js +27 -4
  334. package/dist/runtime/commands/dispatch.js +126 -0
  335. package/dist/runtime/commands/doctor.js +579 -0
  336. package/dist/runtime/commands/eval-v1.js +266 -0
  337. package/dist/runtime/commands/feedback.js +184 -0
  338. package/dist/runtime/commands/hooks.js +187 -0
  339. package/dist/runtime/commands/index-cmd.js +459 -0
  340. package/dist/runtime/commands/init.js +254 -0
  341. package/dist/runtime/commands/lsp.js +200 -38
  342. package/dist/runtime/commands/mcp.js +935 -0
  343. package/dist/runtime/commands/memory.js +582 -0
  344. package/dist/runtime/commands/model.js +237 -0
  345. package/dist/runtime/commands/onboarding.js +275 -0
  346. package/dist/runtime/commands/patch.js +12 -12
  347. package/dist/runtime/commands/permissions.js +112 -0
  348. package/dist/runtime/commands/plan.js +143 -0
  349. package/dist/runtime/commands/prd-check.js +285 -0
  350. package/dist/runtime/commands/privacy.js +17 -17
  351. package/dist/runtime/commands/recipe.js +325 -0
  352. package/dist/runtime/commands/redo-blob-store.js +92 -0
  353. package/dist/runtime/commands/redo.js +361 -0
  354. package/dist/runtime/commands/release-notes.js +229 -0
  355. package/dist/runtime/commands/repo-map.js +95 -0
  356. package/dist/runtime/commands/report.js +299 -0
  357. package/dist/runtime/commands/resume.js +118 -0
  358. package/dist/runtime/commands/review-consensus.js +68 -53
  359. package/dist/runtime/commands/rewind.js +333 -0
  360. package/dist/runtime/commands/roster.js +14 -14
  361. package/dist/runtime/commands/servers-cli.js +182 -0
  362. package/dist/runtime/commands/servers.js +236 -0
  363. package/dist/runtime/commands/sessions.js +163 -0
  364. package/dist/runtime/commands/share.js +316 -0
  365. package/dist/runtime/commands/skills.js +31 -31
  366. package/dist/runtime/commands/status.js +186 -0
  367. package/dist/runtime/commands/stickers.js +82 -0
  368. package/dist/runtime/commands/style.js +194 -0
  369. package/dist/runtime/commands/theme.js +196 -0
  370. package/dist/runtime/commands/undo.js +54 -22
  371. package/dist/runtime/commands/update.js +289 -0
  372. package/dist/runtime/commands/vim.js +140 -0
  373. package/dist/runtime/commands/worktree.js +8 -8
  374. package/dist/runtime/commands/worktrees.js +155 -0
  375. package/dist/runtime/deprecation-warning.js +69 -0
  376. package/dist/runtime/engine-exit-code.js +50 -0
  377. package/dist/runtime/headless-repl.js +195 -0
  378. package/dist/runtime/headless.js +548 -0
  379. package/dist/runtime/load-hooks-or-exit.js +71 -0
  380. package/dist/runtime/plan-decompose.js +22 -22
  381. package/dist/runtime/sigint-guard.js +272 -0
  382. package/dist/runtime/stream-renderer.js +195 -0
  383. package/dist/runtime/update-check.js +28 -28
  384. package/dist/runtime/version.js +65 -0
  385. package/dist/runtime/worktree-bootstrap.js +579 -0
  386. package/dist/skills/bundled/batch.js +617 -0
  387. package/dist/skills/bundled/index.js +45 -0
  388. package/dist/skills/bundled/loop.js +358 -0
  389. package/dist/skills/bundled/remember.js +383 -0
  390. package/dist/skills/bundled/simplify.js +289 -0
  391. package/dist/skills/bundled/skillify.js +373 -0
  392. package/dist/skills/bundled/stuck.js +558 -0
  393. package/dist/skills/bundled/verify.js +439 -0
  394. package/dist/testing/vcr.js +486 -0
  395. package/dist/tools/agent-tool.js +229 -0
  396. package/dist/tools/apply-patch.js +89 -28
  397. package/dist/tools/ask-user-question.js +337 -0
  398. package/dist/tools/ask-user.js +115 -0
  399. package/dist/tools/bash.js +811 -49
  400. package/dist/tools/brief.js +224 -0
  401. package/dist/tools/cron.js +433 -0
  402. package/dist/tools/enter-worktree.js +250 -0
  403. package/dist/tools/exit-worktree.js +147 -0
  404. package/dist/tools/file-tools.js +161 -44
  405. package/dist/tools/http-request.js +336 -0
  406. package/dist/tools/lsp-tools.js +377 -1
  407. package/dist/tools/mcp-tool.js +260 -0
  408. package/dist/tools/multi-edit.js +361 -0
  409. package/dist/tools/powershell.js +268 -0
  410. package/dist/tools/registry.js +120 -5
  411. package/dist/tools/server-tools.js +892 -0
  412. package/dist/tools/skill-tool.js +96 -0
  413. package/dist/tools/sleep.js +99 -0
  414. package/dist/tools/synthetic-output.js +133 -0
  415. package/dist/tools/tasks.js +208 -0
  416. package/dist/tools/todo-write.js +184 -0
  417. package/dist/tools/verify-plan-execution.js +295 -0
  418. package/dist/tools/web-fetch-injection-scanner.js +207 -0
  419. package/dist/tools/web-fetch.js +195 -10
  420. package/dist/tools/web-search.js +458 -0
  421. package/dist/tui/agent-progress-card.js +111 -0
  422. package/dist/tui/agent-tree.js +22 -1
  423. package/dist/tui/ask-modal.js +14 -14
  424. package/dist/tui/ask-user-question-chips.js +315 -0
  425. package/dist/tui/ask-user-question-prompt.js +203 -0
  426. package/dist/tui/compact-banner.js +81 -0
  427. package/dist/tui/conversation-pane.js +85 -11
  428. package/dist/tui/cost-table.js +111 -0
  429. package/dist/tui/device-flow.js +2 -2
  430. package/dist/tui/doctor-table.js +46 -0
  431. package/dist/tui/feedback-prompt.js +156 -0
  432. package/dist/tui/input-box.js +247 -32
  433. package/dist/tui/login-picker.js +3 -3
  434. package/dist/tui/markdown-render.js +6 -6
  435. package/dist/tui/multi-file-diff-approval.js +375 -0
  436. package/dist/tui/onboarding-wizard.js +240 -0
  437. package/dist/tui/permissions-picker.js +86 -0
  438. package/dist/tui/render.js +36 -1
  439. package/dist/tui/repl-render.js +239 -25
  440. package/dist/tui/repl-splash-art.js +16 -16
  441. package/dist/tui/repl-splash-mascot.js +48 -24
  442. package/dist/tui/repl-splash.js +22 -22
  443. package/dist/tui/repl.js +125 -45
  444. package/dist/tui/slash-palette.js +6 -6
  445. package/dist/tui/splash.js +2 -2
  446. package/dist/tui/status-bar.js +109 -31
  447. package/dist/tui/status-table.js +7 -0
  448. package/dist/tui/stickers-art.js +136 -0
  449. package/dist/tui/style-table.js +28 -0
  450. package/dist/tui/theme-table.js +29 -0
  451. package/dist/tui/thinking-spinner.js +123 -0
  452. package/dist/tui/tool-stream-pane.js +53 -4
  453. package/dist/tui/update-banner.js +27 -2
  454. package/dist/tui/vim-input.js +267 -0
  455. package/dist/tui/welcome-banner.js +107 -0
  456. package/dist/tui/welcome-data.js +293 -0
  457. package/dist/tui/workspace-context.js +2 -2
  458. package/package.json +29 -6
  459. package/test/scenarios/codegen-create-file.scenario.txt +13 -0
  460. package/test/scenarios/compact-force.scenario.txt +12 -0
  461. package/test/scenarios/identity.scenario.txt +11 -0
  462. package/test/scenarios/persona-handoff.scenario.txt +12 -0
  463. package/test/scenarios/walkback.scenario.txt +12 -0
  464. package/dist/core/engine/compaction-hook.js +0 -154
@@ -0,0 +1,221 @@
1
+ /**
2
+ * Persisted per-session cost tracker — L19 sprint .
3
+ *
4
+ * Mission: every Anvil-mediated LLM call goes through `recordCall`, which
5
+ * aggregates per-model token + USD totals and atomically persists them
6
+ * to `.pugi/cost.json` so the operator can read `/cost` across REPL
7
+ * restarts and reconcile a 14-min session that crossed a process boundary.
8
+ *
9
+ * Why a fresh module instead of bolting onto `core/repl/session.ts`?
10
+ *
11
+ * - `session.ts` accumulates in-memory state for the live TUI status
12
+ * row, which is by-design ephemeral and cleared on REPL boot. The
13
+ * operator's "what did I spend across the project?" question needs
14
+ * a durable surface that survives a process restart.
15
+ * - L19 also has to read `--all-sessions` (last 30 days). The natural
16
+ * store for that is a per-workspace history of session aggregates,
17
+ * which is easy with the JSON file pattern below and would be
18
+ * awkward stitched into the REPL reducer.
19
+ *
20
+ * On-disk shape (single JSON file, atomic tmp+rename writes):
21
+ *
22
+ * {
23
+ * "version": 1,
24
+ * "current": { sessionId, startedAt, models: { <slug>: ModelEntry } },
25
+ * "history": [
26
+ * { sessionId, startedAt, endedAt, models: { ... } }
27
+ * ]
28
+ * }
29
+ *
30
+ * History rotation: when `recordCall` is invoked with a sessionId
31
+ * different from `current.sessionId`, the existing `current` row is
32
+ * stamped with `endedAt = now()` and pushed onto `history`, then a new
33
+ * `current` row is initialised. History is capped at 90 entries (the L19
34
+ * `--all-sessions` window is 30 days; 90 gives a generous buffer for
35
+ * operators on >1 session/day cadence without unbounded growth).
36
+ *
37
+ * The tracker is workspace-scoped — every workspace has its own
38
+ * `.pugi/cost.json`. This matches the existing `.pugi/events.jsonl` /
39
+ * `.pugi/index.json` pattern and means a multi-repo operator's costs
40
+ * are billed against the repo they were incurred in.
41
+ */
42
+ import { existsSync, mkdirSync, readFileSync, renameSync, writeFileSync, unlinkSync } from 'node:fs';
43
+ import { dirname, resolve } from 'node:path';
44
+ import { estimateUsd } from './rate-card.js';
45
+ /** On-disk schema version. Bump if the file shape changes. */
46
+ export const COST_FILE_SCHEMA_VERSION = 1;
47
+ /** Maximum number of historical sessions persisted in `.pugi/cost.json`. */
48
+ export const COST_HISTORY_CAP = 90;
49
+ export function createCostTracker(opts) {
50
+ const filePath = resolve(opts.workspaceRoot, '.pugi/cost.json');
51
+ const now = opts.now ?? Date.now;
52
+ let state = readOrInit(filePath);
53
+ function ensureCurrent(sessionId) {
54
+ if (state.current && state.current.sessionId === sessionId) {
55
+ return state.current;
56
+ }
57
+ // Session rotation: stamp the previous current with endedAt and push
58
+ // onto history. Idempotent — calling rotate twice with the same
59
+ // session id is a no-op.
60
+ if (state.current) {
61
+ const ended = {
62
+ ...state.current,
63
+ endedAt: new Date(now()).toISOString(),
64
+ };
65
+ state.history = [ended, ...state.history].slice(0, COST_HISTORY_CAP);
66
+ }
67
+ state.current = {
68
+ sessionId,
69
+ startedAt: new Date(now()).toISOString(),
70
+ models: {},
71
+ };
72
+ return state.current;
73
+ }
74
+ function persist() {
75
+ try {
76
+ mkdirSync(dirname(filePath), { recursive: true });
77
+ }
78
+ catch {
79
+ // best-effort directory create; the write below surfaces the real
80
+ // error if the parent is genuinely unwritable
81
+ }
82
+ const tmp = `${filePath}.tmp`;
83
+ writeFileSync(tmp, JSON.stringify(state, null, 2), 'utf8');
84
+ renameSync(tmp, filePath);
85
+ }
86
+ return {
87
+ recordCall(input) {
88
+ const sessionId = opts.sessionIdProvider();
89
+ if (!sessionId)
90
+ return;
91
+ const current = ensureCurrent(sessionId);
92
+ const slug = typeof input.model === 'string' && input.model.length > 0 ? input.model : 'unknown';
93
+ const safeIn = Number.isFinite(input.inputTokens) && input.inputTokens > 0 ? input.inputTokens : 0;
94
+ const safeOut = Number.isFinite(input.outputTokens) && input.outputTokens > 0 ? input.outputTokens : 0;
95
+ const existing = current.models[slug] ?? { input: 0, output: 0, callCount: 0 };
96
+ current.models[slug] = {
97
+ input: existing.input + safeIn,
98
+ output: existing.output + safeOut,
99
+ callCount: existing.callCount + 1,
100
+ };
101
+ persist();
102
+ },
103
+ current() {
104
+ return state.current;
105
+ },
106
+ history() {
107
+ return state.history;
108
+ },
109
+ aggregateWithin(withinDays) {
110
+ const cutoffMs = now() - withinDays * 24 * 60 * 60 * 1000;
111
+ const aggregate = {
112
+ sessionId: 'aggregate',
113
+ startedAt: new Date(cutoffMs).toISOString(),
114
+ endedAt: new Date(now()).toISOString(),
115
+ models: {},
116
+ };
117
+ const rows = [];
118
+ if (state.current)
119
+ rows.push(state.current);
120
+ for (const row of state.history) {
121
+ const stamp = Date.parse(row.startedAt);
122
+ if (Number.isFinite(stamp) && stamp >= cutoffMs)
123
+ rows.push(row);
124
+ }
125
+ for (const row of rows) {
126
+ for (const [slug, entry] of Object.entries(row.models)) {
127
+ const existing = aggregate.models[slug] ?? { input: 0, output: 0, callCount: 0 };
128
+ aggregate.models[slug] = {
129
+ input: existing.input + entry.input,
130
+ output: existing.output + entry.output,
131
+ callCount: existing.callCount + entry.callCount,
132
+ };
133
+ }
134
+ }
135
+ return aggregate;
136
+ },
137
+ resetCurrent() {
138
+ const wiped = state.current;
139
+ state.current = null;
140
+ persist();
141
+ return wiped;
142
+ },
143
+ flush() {
144
+ persist();
145
+ },
146
+ };
147
+ }
148
+ /**
149
+ * Compute the per-session USD total from a `SessionAggregate`. Pure —
150
+ * uses the rate card to bind a price to every model entry. Open-weight
151
+ * models contribute $0 (their entries always have $0/$0 rate).
152
+ */
153
+ export function totalUsd(aggregate) {
154
+ let total = 0;
155
+ for (const [slug, entry] of Object.entries(aggregate.models)) {
156
+ total += estimateUsd(slug, entry.input, entry.output);
157
+ }
158
+ return total;
159
+ }
160
+ /**
161
+ * Compute total input + output token sums across all models in an
162
+ * aggregate. Used by the CLI table footer.
163
+ */
164
+ export function totalTokens(aggregate) {
165
+ let input = 0;
166
+ let output = 0;
167
+ for (const entry of Object.values(aggregate.models)) {
168
+ input += entry.input;
169
+ output += entry.output;
170
+ }
171
+ return { input, output };
172
+ }
173
+ /**
174
+ * Read the persisted file (or initialise an empty one). Tolerates a
175
+ * corrupted file by returning a fresh empty state — losing one
176
+ * session's history is preferable to throwing from the boot path of
177
+ * every `pugi cost` invocation.
178
+ */
179
+ function readOrInit(filePath) {
180
+ if (!existsSync(filePath)) {
181
+ return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
182
+ }
183
+ try {
184
+ const raw = readFileSync(filePath, 'utf8');
185
+ const parsed = JSON.parse(raw);
186
+ if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
187
+ return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
188
+ }
189
+ const obj = parsed;
190
+ return {
191
+ version: typeof obj.version === 'number' ? obj.version : COST_FILE_SCHEMA_VERSION,
192
+ current: isAggregate(obj.current) ? obj.current : null,
193
+ history: Array.isArray(obj.history) ? obj.history.filter(isAggregate) : [],
194
+ };
195
+ }
196
+ catch {
197
+ return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
198
+ }
199
+ }
200
+ function isAggregate(v) {
201
+ if (!v || typeof v !== 'object' || Array.isArray(v))
202
+ return false;
203
+ const obj = v;
204
+ if (typeof obj.sessionId !== 'string' || typeof obj.startedAt !== 'string')
205
+ return false;
206
+ if (!obj.models || typeof obj.models !== 'object')
207
+ return false;
208
+ return true;
209
+ }
210
+ /**
211
+ * Test helper — wipe the `.pugi/cost.json` file. Not exported through the
212
+ * public CostTracker surface because production code must never call
213
+ * this; an operator-facing reset goes through `resetCurrent()` which
214
+ * preserves history.
215
+ */
216
+ export function _danger_wipeCostFile_forTests(workspaceRoot) {
217
+ const filePath = resolve(workspaceRoot, '.pugi/cost.json');
218
+ if (existsSync(filePath))
219
+ unlinkSync(filePath);
220
+ }
221
+ //# sourceMappingURL=tracker.js.map
@@ -6,7 +6,7 @@ import { z } from 'zod';
6
6
  * Local credentials store for the Pugi CLI.
7
7
  *
8
8
  * Stored at `~/.pugi/credentials.json` (mode 0o600). Mirrors the convention
9
- * Codex CLI uses (`~/.codex/auth.json`) and matches gh CLI's per-host
9
+ * peer CLI uses (`~/.codex/auth.json`) and matches gh CLI's per-host
10
10
  * token model. The store is intentionally file-based, not OS keychain —
11
11
  * adding the native `keytar` dep would force per-platform native builds
12
12
  * across npm distribution and complicate the install path. The 0600
@@ -207,11 +207,11 @@ export function loadApiKey(apiUrl, home = homedir()) {
207
207
  }
208
208
  export function resolveActiveCredential(env = process.env, home = homedir()) {
209
209
  // Resolve the active apiUrl with this precedence:
210
- // 1. PUGI_API_URL env (lets CI / self-hosted users force a specific endpoint)
211
- // 2. credentials.json `activeApiUrl` (set by `pugi login` to the host the
212
- // user most recently authenticated against — covers self-hosted Anvil
213
- // without re-exporting env between commands)
214
- // 3. DEFAULT_API_URL (`https://api.pugi.io`)
210
+ // 1. PUGI_API_URL env (lets CI / self-hosted users force a specific endpoint)
211
+ // 2. credentials.json `activeApiUrl` (set by `pugi login` to the host the
212
+ // user most recently authenticated against — covers self-hosted Anvil
213
+ // without re-exporting env between commands)
214
+ // 3. DEFAULT_API_URL (`https://api.pugi.io`)
215
215
  const file = readCredentialsFile(home);
216
216
  const apiUrl = normalizeApiUrl(env.PUGI_API_URL ?? file.activeApiUrl ?? DEFAULT_API_URL);
217
217
  if (env.PUGI_API_KEY) {
@@ -238,10 +238,10 @@ export function resolveActiveCredential(env = process.env, home = homedir()) {
238
238
  * re-export PUGI_API_URL between commands.
239
239
  *
240
240
  * Match precedence:
241
- * 1. exact `label` match (case-insensitive, label is user-chosen so
242
- * we forgive casing — same convention as `gh auth switch`)
243
- * 2. exact `apiUrl` match (canonicalised) — lets `pugi accounts
244
- * switch https://api.acme.com` work without a label.
241
+ * 1. exact `label` match (case-insensitive, label is user-chosen so
242
+ * we forgive casing — same convention as `gh auth switch`)
243
+ * 2. exact `apiUrl` match (canonicalised) — lets `pugi accounts
244
+ * switch https://api.acme.com` work without a label.
245
245
  *
246
246
  * Returns the now-active record, or null when nothing matched.
247
247
  */
@@ -311,9 +311,9 @@ export function listStoredCredentials(home = homedir()) {
311
311
  /**
312
312
  * Canonicalize an apiUrl so two equivalent inputs always resolve to the
313
313
  * same record:
314
- * - lowercase scheme + host (URL spec: scheme/host are case-insensitive)
315
- * - strip trailing slashes
316
- * - preserve path/query/fragment case (those ARE case-sensitive)
314
+ * - lowercase scheme + host (URL spec: scheme/host are case-insensitive)
315
+ * - strip trailing slashes
316
+ * - preserve path/query/fragment case (those ARE case-sensitive)
317
317
  *
318
318
  * Falls back to the trimmed input when the URL is not parseable, so a
319
319
  * caller that manages to pass a non-URL string still sees a stable key
@@ -0,0 +1,138 @@
1
+ /**
2
+ * Cron scheduler primitive .
3
+ *
4
+ * Wraps `node-cron` (4.2.1, MIT, ~4M weekly downloads) — the de-facto
5
+ * Node cron scheduler. We do NOT parse cron expressions ourselves;
6
+ * node-cron handles validation, timezone math, и DST edge cases.
7
+ *
8
+ * What this module adds:
9
+ * - Named job registry (schedule/cancel/list by name)
10
+ * - Concurrency guard — a still-running job is skipped, not stacked,
11
+ * when the next tick fires (prevents overlap when an action runs
12
+ * longer than the cron period)
13
+ * - Stats per job: scheduled, lastRunAt, lastDurationMs, failures
14
+ *
15
+ * Pure-ish: state lives в the CronScheduler instance, no globals.
16
+ * Tool surface (ScheduleCronTool / CronList / CronDelete) wires this
17
+ * primitive into the engine в a separate PR.
18
+ */
19
+ import cron from 'node-cron';
20
+ export class CronScheduler {
21
+ jobs = new Map();
22
+ /**
23
+ * Register a cron job. Replaces any prior job at the same name —
24
+ * the previous one is stopped и destroyed first.
25
+ *
26
+ * Throws `RangeError` when `expression` is invalid per node-cron's
27
+ * parser. The error originates from node-cron and bubbles unchanged.
28
+ */
29
+ schedule(name, expression, action, options = {}) {
30
+ if (!name)
31
+ throw new TypeError('cron job name must be non-empty');
32
+ if (!cron.validate(expression)) {
33
+ throw new RangeError(`invalid cron expression: ${expression}`);
34
+ }
35
+ const existing = this.jobs.get(name);
36
+ if (existing) {
37
+ existing.task.stop();
38
+ }
39
+ const internal = {
40
+ task: undefined,
41
+ expression,
42
+ scheduledAt: Date.now(),
43
+ lastRunAt: null,
44
+ lastDurationMs: null,
45
+ runs: 0,
46
+ failures: 0,
47
+ running: false,
48
+ };
49
+ const wrapped = async () => {
50
+ // Concurrency guard: if previous invocation still running, skip.
51
+ // Stacking would tie up the event loop с long-running actions.
52
+ if (internal.running)
53
+ return;
54
+ internal.running = true;
55
+ const start = Date.now();
56
+ try {
57
+ await action();
58
+ internal.runs += 1;
59
+ }
60
+ catch {
61
+ internal.failures += 1;
62
+ }
63
+ finally {
64
+ internal.lastRunAt = start;
65
+ internal.lastDurationMs = Date.now() - start;
66
+ internal.running = false;
67
+ }
68
+ };
69
+ const scheduleOptions = {};
70
+ if (options.timezone !== undefined) {
71
+ scheduleOptions.timezone = options.timezone;
72
+ }
73
+ internal.task = cron.schedule(expression, wrapped, scheduleOptions);
74
+ this.jobs.set(name, internal);
75
+ if (options.runOnRegister) {
76
+ // Don't await — register is sync from the caller's perspective
77
+ void wrapped();
78
+ }
79
+ }
80
+ /** Cancel + drop a job by name. Returns true когда removed, false absent. */
81
+ cancel(name) {
82
+ const job = this.jobs.get(name);
83
+ if (!job)
84
+ return false;
85
+ job.task.stop();
86
+ this.jobs.delete(name);
87
+ return true;
88
+ }
89
+ /** Stop + drop ALL jobs. Safe to call on an empty scheduler. */
90
+ cancelAll() {
91
+ for (const job of this.jobs.values()) {
92
+ job.task.stop();
93
+ }
94
+ this.jobs.clear();
95
+ }
96
+ /** Snapshot of all registered jobs. Sorted by name for stable output. */
97
+ list() {
98
+ const out = [];
99
+ for (const [name, job] of this.jobs) {
100
+ out.push({
101
+ name,
102
+ expression: job.expression,
103
+ scheduledAt: job.scheduledAt,
104
+ lastRunAt: job.lastRunAt,
105
+ lastDurationMs: job.lastDurationMs,
106
+ runs: job.runs,
107
+ failures: job.failures,
108
+ running: job.running,
109
+ });
110
+ }
111
+ return out.sort((a, b) => a.name.localeCompare(b.name));
112
+ }
113
+ /** Lookup a single job's stats. Returns null when absent. */
114
+ stats(name) {
115
+ const job = this.jobs.get(name);
116
+ if (!job)
117
+ return null;
118
+ return {
119
+ name,
120
+ expression: job.expression,
121
+ scheduledAt: job.scheduledAt,
122
+ lastRunAt: job.lastRunAt,
123
+ lastDurationMs: job.lastDurationMs,
124
+ runs: job.runs,
125
+ failures: job.failures,
126
+ running: job.running,
127
+ };
128
+ }
129
+ }
130
+ /**
131
+ * Standalone helper для callers that only want one-off validation
132
+ * without creating a scheduler. Mirrors node-cron's `validate()` so
133
+ * callers don't need to import node-cron directly.
134
+ */
135
+ export function isValidCronExpression(expression) {
136
+ return cron.validate(expression);
137
+ }
138
+ //# sourceMappingURL=scheduler.js.map
@@ -0,0 +1,8 @@
1
+ /**
2
+ * Public re-exports for the denial-tracking surface. Engine adapter
3
+ * code imports from here so we can move internals around (e.g. split
4
+ * the diagnostics probe into a sibling file) without churning every
5
+ * call site.
6
+ */
7
+ export { DenialTrackingState, buildDenialContext, canonicalArgHash, DENIAL_TRACKING_MAX_ENTRIES, DENIAL_REMINDER_THRESHOLD, DENIAL_ARGS_SUMMARY_BYTES, } from './state.js';
8
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1,264 @@
1
+ /**
2
+ * L11 — DenialTrackingState surface (the upstream tool parity).
3
+ *
4
+ * Per the upstream / the upstream behavior (``
5
+ * §5.2): the upstream tool's `QueryEngine.ts` maintains a per-session
6
+ * `DenialTrackingState` that records every tool-dispatch denial.
7
+ * Subsequent turns receive a compact reminder so the model does not
8
+ * loop on the same refused operation, the operator can audit pressure
9
+ * points via `/permissions denials` / `/doctor`, and hooks can react
10
+ * to recurring patterns.
11
+ *
12
+ * Pugi pre-L11 surfaced denials only as a one-line sentinel inside the
13
+ * tool error (`HOOK_BLOCKED:`, `PLAN_MODE_REFUSED:`, `STALE_READ:`).
14
+ * The model saw each refusal in isolation; no aggregate, no count, no
15
+ * "do not retry" context across turns. This module closes that gap.
16
+ *
17
+ * Design contract:
18
+ *
19
+ * - Per-session in-memory state. The engine adapter creates one
20
+ * instance at session open and threads it through `buildExecutor`
21
+ * + `runEngineLoop`. No disk persistence — denial history is a
22
+ * turn-scoped signal, not a forensic log (the audit ledger at
23
+ * `.pugi/events.jsonl` already carries every refused dispatch).
24
+ *
25
+ * - Pure: no I/O, no logging. Inputs are passed by caller, output
26
+ * is in-memory only. The diagnostics probe + system-reminder
27
+ * splice are pure functions over the snapshot.
28
+ *
29
+ * - Canonical argHash: sha256 of `canonicalize(args)`. Same call
30
+ * to same tool with same args = same key. Reordering JSON object
31
+ * keys does NOT change the hash (we sort keys recursively before
32
+ * stringification). This makes "repeated denial" detection
33
+ * deterministic across model retries.
34
+ *
35
+ * - Bounded: the map caps at 256 entries per session. Once full,
36
+ * `recordDenial` evicts the oldest entry (lowest `lastDeniedAt`).
37
+ * A session with > 256 distinct denials is already pathological;
38
+ * the cap is defensive insurance against pathological loops
39
+ * blowing memory.
40
+ *
41
+ * - Reminder threshold: the reminder splice only injects when at
42
+ * least one record has `count >= 2`. One-off denials are normal
43
+ * (the operator is shaping the session); repeated denials = the
44
+ * model is failing to learn from the refusal and we should
45
+ * reinforce it.
46
+ */
47
+ import { createHash } from 'node:crypto';
48
+ /** Bound on the per-session map. See module header. */
49
+ export const DENIAL_TRACKING_MAX_ENTRIES = 256;
50
+ /** Threshold above which `buildDenialContext` injects a system reminder. */
51
+ export const DENIAL_REMINDER_THRESHOLD = 2;
52
+ /** Per-denial-args summary cap surfaced to the model. */
53
+ export const DENIAL_ARGS_SUMMARY_BYTES = 240;
54
+ /**
55
+ * Per-session denial tracker. Instances are mutable but threaded
56
+ * through `buildExecutor` so every dispatcher in the loop sees the
57
+ * same view.
58
+ */
59
+ export class DenialTrackingState {
60
+ /** Insertion-ordered map. Eviction walks oldest `lastDeniedAt`. */
61
+ records = new Map();
62
+ /**
63
+ * Wall clock. Defaults to `Date.now`. Injected so tests can drive
64
+ * deterministic timestamps.
65
+ */
66
+ clock;
67
+ constructor(options = {}) {
68
+ this.clock = options.clock ?? Date.now;
69
+ }
70
+ /**
71
+ * Record a denial. Increments the count when the (tool, args) pair
72
+ * has been denied before; otherwise inserts a new record. The reason
73
+ * is always overwritten with the latest value so the system reminder
74
+ * surfaces the most-recent context.
75
+ */
76
+ recordDenial(toolName, args, reason) {
77
+ const argHash = canonicalArgHash(args);
78
+ const key = `${toolName}:${argHash}`;
79
+ const now = new Date(this.clock());
80
+ const existing = this.records.get(key);
81
+ if (existing) {
82
+ existing.count += 1;
83
+ existing.lastDeniedAt = now;
84
+ existing.lastReason = truncateReason(reason);
85
+ // Re-insert so the iteration order tracks lastDeniedAt (LRU-ish).
86
+ this.records.delete(key);
87
+ this.records.set(key, existing);
88
+ return existing;
89
+ }
90
+ if (this.records.size >= DENIAL_TRACKING_MAX_ENTRIES) {
91
+ // Evict the oldest entry (insertion order = LRU after our delete
92
+ // + set pattern above). Map iteration order is insertion order
93
+ // in JS; the first key is the LRU one.
94
+ const oldestKey = this.records.keys().next().value;
95
+ if (oldestKey !== undefined) {
96
+ this.records.delete(oldestKey);
97
+ }
98
+ }
99
+ const record = {
100
+ key,
101
+ toolName,
102
+ argsSummary: summariseArgs(args),
103
+ firstDeniedAt: now,
104
+ lastDeniedAt: now,
105
+ count: 1,
106
+ lastReason: truncateReason(reason),
107
+ };
108
+ this.records.set(key, record);
109
+ return record;
110
+ }
111
+ /**
112
+ * Snapshot of every recorded denial. Returned in insertion order
113
+ * (LRU-ish: most-recently-touched at the tail). The caller MUST
114
+ * treat the array as read-only — mutating it does not affect state.
115
+ */
116
+ getDenialHistory() {
117
+ return Array.from(this.records.values()).map((r) => ({ ...r }));
118
+ }
119
+ /** Lookup the record for a specific (tool, args) pair, or undefined. */
120
+ getPatternFor(toolName, args) {
121
+ const argHash = canonicalArgHash(args);
122
+ const key = `${toolName}:${argHash}`;
123
+ const record = this.records.get(key);
124
+ return record ? { ...record } : undefined;
125
+ }
126
+ /**
127
+ * Aggregate counts — handy for `/doctor`, `/permissions denials`,
128
+ * and the system-reminder threshold check.
129
+ */
130
+ summary() {
131
+ let totalDenials = 0;
132
+ let repeatedPatterns = 0;
133
+ for (const record of this.records.values()) {
134
+ totalDenials += record.count;
135
+ if (record.count >= DENIAL_REMINDER_THRESHOLD)
136
+ repeatedPatterns += 1;
137
+ }
138
+ return {
139
+ totalDenials,
140
+ uniquePatterns: this.records.size,
141
+ repeatedPatterns,
142
+ };
143
+ }
144
+ /** Drop every recorded denial. Called on session end. */
145
+ clear() {
146
+ this.records.clear();
147
+ }
148
+ /** Number of distinct (tool, args) pairs currently tracked. */
149
+ size() {
150
+ return this.records.size;
151
+ }
152
+ }
153
+ /**
154
+ * Build the operator-facing system-reminder block. Returns an empty
155
+ * string when no record meets the threshold — the caller short-circuits
156
+ * the splice in that case.
157
+ *
158
+ * Rendered shape:
159
+ *
160
+ * <denial-context>
161
+ * - Tool `bash` denied 3 times in this session.
162
+ * Last reason: HOOK_BLOCKED: PreToolUse refused (exit=1).
163
+ * Args: {"command":"rm -rf node_modules"}
164
+ * Do not retry without operator intervention.
165
+ * - Tool `edit` denied 2 times in this session.
166
+ * Last reason: STALE_READ: file changed since last read.
167
+ * Args: {"path":"src/index.ts","oldString":"..."}
168
+ * Do not retry without operator intervention.
169
+ * </denial-context>
170
+ *
171
+ * Determinism: same snapshot always produces the same block. We sort
172
+ * entries by `count` descending then `lastDeniedAt` descending so the
173
+ * most-pressing patterns surface first.
174
+ */
175
+ export function buildDenialContext(state) {
176
+ const records = state.getDenialHistory()
177
+ .filter((r) => r.count >= DENIAL_REMINDER_THRESHOLD)
178
+ .sort((a, b) => {
179
+ if (b.count !== a.count)
180
+ return b.count - a.count;
181
+ return b.lastDeniedAt.getTime() - a.lastDeniedAt.getTime();
182
+ });
183
+ if (records.length === 0)
184
+ return '';
185
+ const lines = ['<denial-context>'];
186
+ for (const record of records) {
187
+ lines.push(` - Tool \`${record.toolName}\` denied ${record.count} times in this session.`);
188
+ lines.push(` Last reason: ${record.lastReason}`);
189
+ lines.push(` Args: ${record.argsSummary}`);
190
+ lines.push(' Do not retry without operator intervention.');
191
+ }
192
+ lines.push('</denial-context>');
193
+ return lines.join('\n');
194
+ }
195
+ /**
196
+ * Canonical sha256 of the args. Object keys are sorted recursively
197
+ * before stringification so `{a:1,b:2}` and `{b:2,a:1}` hash to the
198
+ * same value. Undefined values + functions are stripped (JSON.stringify
199
+ * already does this); circular refs throw — the caller is expected to
200
+ * pass plain JSON objects (every Pugi tool argument set is a JSON
201
+ * object by contract).
202
+ *
203
+ * Returns the full 64-char hex digest. The denial key prepends the
204
+ * tool name (`<tool>:<hash>`) so a hash collision across tools cannot
205
+ * confuse the matcher.
206
+ */
207
+ export function canonicalArgHash(args) {
208
+ const canonical = canonicalize(args);
209
+ const hash = createHash('sha256');
210
+ hash.update(canonical);
211
+ return hash.digest('hex');
212
+ }
213
+ function canonicalize(value) {
214
+ if (value === null)
215
+ return 'null';
216
+ if (value === undefined)
217
+ return 'null';
218
+ const t = typeof value;
219
+ if (t === 'string')
220
+ return JSON.stringify(value);
221
+ if (t === 'number' || t === 'boolean')
222
+ return JSON.stringify(value);
223
+ if (t === 'bigint')
224
+ return JSON.stringify(value.toString());
225
+ if (Array.isArray(value)) {
226
+ return `[${value.map((entry) => canonicalize(entry)).join(',')}]`;
227
+ }
228
+ if (t === 'object') {
229
+ const obj = value;
230
+ const keys = Object.keys(obj).sort();
231
+ const parts = keys.map((k) => `${JSON.stringify(k)}:${canonicalize(obj[k])}`);
232
+ return `{${parts.join(',')}}`;
233
+ }
234
+ // Functions / symbols — neither should reach here for tool args.
235
+ // Stringify defensively so the hash is stable.
236
+ return JSON.stringify(String(value));
237
+ }
238
+ /**
239
+ * Short, operator-readable preview of the args object. Cap so a
240
+ * 32 KB write payload does not blow up the reminder block. Falls back
241
+ * к `[non-JSON args]` when stringification fails (e.g. a circular ref
242
+ * snuck through — unlikely for tool args by contract).
243
+ */
244
+ function summariseArgs(args) {
245
+ let stringified;
246
+ try {
247
+ stringified = JSON.stringify(args);
248
+ }
249
+ catch {
250
+ return '[non-JSON args]';
251
+ }
252
+ if (stringified === undefined)
253
+ return '{}';
254
+ if (stringified.length <= DENIAL_ARGS_SUMMARY_BYTES)
255
+ return stringified;
256
+ return `${stringified.slice(0, DENIAL_ARGS_SUMMARY_BYTES)}…`;
257
+ }
258
+ /** Cap reason at a sane length so a hook script's stdout cannot flood the reminder. */
259
+ function truncateReason(reason, cap = 240) {
260
+ if (reason.length <= cap)
261
+ return reason;
262
+ return `${reason.slice(0, cap)}…`;
263
+ }
264
+ //# sourceMappingURL=state.js.map