@remnic/core 9.3.649 → 9.3.650
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/access-cli.js +3 -3
- package/dist/access-http.d.ts +2 -2
- package/dist/access-http.js +4 -4
- package/dist/access-mcp.d.ts +2 -2
- package/dist/access-mcp.js +3 -3
- package/dist/{access-service-DFXIlGvZ.d.ts → access-service-DIZRHQ7Q.d.ts} +255 -2
- package/dist/access-service.d.ts +2 -2
- package/dist/access-service.js +2 -2
- package/dist/bootstrap.d.ts +1 -1
- package/dist/{chunk-XUGVP7ZU.js → chunk-23RYLGYA.js} +184 -54
- package/dist/chunk-23RYLGYA.js.map +1 -0
- package/dist/{chunk-CNRZ6WJU.js → chunk-3IJEQWQX.js} +4 -4
- package/dist/{chunk-6GIKAUTN.js → chunk-MMJANTJX.js} +33 -2
- package/dist/{chunk-6GIKAUTN.js.map → chunk-MMJANTJX.js.map} +1 -1
- package/dist/{chunk-FQYFMIKG.js → chunk-TUMH6EDV.js} +4 -4
- package/dist/{chunk-FUXV6HSO.js → chunk-TVOPSKOK.js} +3 -3
- package/dist/{chunk-5ETA6OAS.js → chunk-YAFSTKTH.js} +608 -80
- package/dist/chunk-YAFSTKTH.js.map +1 -0
- package/dist/{cli-DrL2Nv4j.d.ts → cli-BG4ybtJr.d.ts} +2 -2
- package/dist/cli.d.ts +3 -3
- package/dist/cli.js +5 -5
- package/dist/explicit-capture.d.ts +1 -1
- package/dist/index.d.ts +4 -4
- package/dist/index.js +6 -6
- package/dist/mcp-memory-inspector-app.d.ts +2 -2
- package/dist/{orchestrator-DEQW9j0Z.d.ts → orchestrator-CX-oqwJq.d.ts} +58 -0
- package/dist/orchestrator.d.ts +1 -1
- package/dist/orchestrator.js +2 -2
- package/package.json +1 -1
- package/src/access-service-lcm-forgery.test.ts +410 -0
- package/src/access-service-observe-lcm-parity.test.ts +1397 -0
- package/src/access-service-observe-scope.test.ts +599 -0
- package/src/access-service-raw-excerpt-read-gate.test.ts +443 -0
- package/src/access-service.ts +1270 -113
- package/src/coding/coding-namespace.test.ts +44 -0
- package/src/coding/coding-namespace.ts +163 -0
- package/src/orchestrator.ts +335 -77
- package/dist/chunk-5ETA6OAS.js.map +0 -1
- package/dist/chunk-XUGVP7ZU.js.map +0 -1
- /package/dist/{chunk-CNRZ6WJU.js.map → chunk-3IJEQWQX.js.map} +0 -0
- /package/dist/{chunk-FQYFMIKG.js.map → chunk-TUMH6EDV.js.map} +0 -0
- /package/dist/{chunk-FUXV6HSO.js.map → chunk-TVOPSKOK.js.map} +0 -0
package/dist/access-cli.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import {
|
|
2
2
|
Orchestrator
|
|
3
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-23RYLGYA.js";
|
|
4
4
|
import "./chunk-DDRNDPX4.js";
|
|
5
5
|
import "./chunk-7HYPN2GC.js";
|
|
6
6
|
import "./chunk-666A3MOW.js";
|
|
@@ -122,7 +122,7 @@ import "./chunk-OADWQ5CR.js";
|
|
|
122
122
|
import "./chunk-7WV3F5DQ.js";
|
|
123
123
|
import {
|
|
124
124
|
EngramAccessService
|
|
125
|
-
} from "./chunk-
|
|
125
|
+
} from "./chunk-YAFSTKTH.js";
|
|
126
126
|
import "./chunk-GDASG7NC.js";
|
|
127
127
|
import "./chunk-GDB4J2H3.js";
|
|
128
128
|
import "./chunk-NT5TINK5.js";
|
|
@@ -131,7 +131,7 @@ import "./chunk-SOBJ6NEY.js";
|
|
|
131
131
|
import "./chunk-BT7NVCML.js";
|
|
132
132
|
import "./chunk-H7XKCNR6.js";
|
|
133
133
|
import "./chunk-UMTG2BN2.js";
|
|
134
|
-
import "./chunk-
|
|
134
|
+
import "./chunk-MMJANTJX.js";
|
|
135
135
|
import "./chunk-5RIRL3XL.js";
|
|
136
136
|
import "./chunk-JGSKJHF7.js";
|
|
137
137
|
import "./chunk-FF4KLI5W.js";
|
package/dist/access-http.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IncomingMessage } from 'node:http';
|
|
2
|
-
import { E as EngramAccessService } from './access-service-
|
|
2
|
+
import { E as EngramAccessService } from './access-service-DIZRHQ7Q.js';
|
|
3
3
|
import { ResolvedIdentity } from './adapters/types.js';
|
|
4
4
|
import { AdapterRegistry } from './adapters/registry.js';
|
|
5
5
|
import './storage.js';
|
|
@@ -21,7 +21,7 @@ import './user-model.js';
|
|
|
21
21
|
import './recall-audit-anomaly.js';
|
|
22
22
|
import './recall-audit.js';
|
|
23
23
|
import './explicit-capture.js';
|
|
24
|
-
import './orchestrator-
|
|
24
|
+
import './orchestrator-CX-oqwJq.js';
|
|
25
25
|
import './briefing.js';
|
|
26
26
|
import './buffer.js';
|
|
27
27
|
import './search/port.js';
|
package/dist/access-http.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import {
|
|
2
2
|
EngramAccessHttpServer
|
|
3
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-3IJEQWQX.js";
|
|
4
4
|
import "./chunk-SEDEKFYQ.js";
|
|
5
5
|
import "./chunk-RKNJBZ55.js";
|
|
6
6
|
import "./chunk-J64TK33U.js";
|
|
@@ -9,10 +9,10 @@ import "./chunk-42NQ7AVG.js";
|
|
|
9
9
|
import "./chunk-TMSXWOBZ.js";
|
|
10
10
|
import "./chunk-7RXCMVFQ.js";
|
|
11
11
|
import "./chunk-7WV3F5DQ.js";
|
|
12
|
-
import "./chunk-
|
|
12
|
+
import "./chunk-TVOPSKOK.js";
|
|
13
13
|
import "./chunk-T4WDJPEZ.js";
|
|
14
14
|
import "./chunk-D24OXEPB.js";
|
|
15
|
-
import "./chunk-
|
|
15
|
+
import "./chunk-YAFSTKTH.js";
|
|
16
16
|
import "./chunk-GDASG7NC.js";
|
|
17
17
|
import "./chunk-GDB4J2H3.js";
|
|
18
18
|
import "./chunk-NT5TINK5.js";
|
|
@@ -21,7 +21,7 @@ import "./chunk-SOBJ6NEY.js";
|
|
|
21
21
|
import "./chunk-BT7NVCML.js";
|
|
22
22
|
import "./chunk-H7XKCNR6.js";
|
|
23
23
|
import "./chunk-UMTG2BN2.js";
|
|
24
|
-
import "./chunk-
|
|
24
|
+
import "./chunk-MMJANTJX.js";
|
|
25
25
|
import "./chunk-5RIRL3XL.js";
|
|
26
26
|
import "./chunk-JGSKJHF7.js";
|
|
27
27
|
import "./chunk-FF4KLI5W.js";
|
package/dist/access-mcp.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Readable, Writable } from 'node:stream';
|
|
2
|
-
import { E as EngramAccessService } from './access-service-
|
|
2
|
+
import { E as EngramAccessService } from './access-service-DIZRHQ7Q.js';
|
|
3
3
|
import './storage.js';
|
|
4
4
|
import './page-versioning.js';
|
|
5
5
|
import './consolidation-operator.js';
|
|
@@ -19,7 +19,7 @@ import './user-model.js';
|
|
|
19
19
|
import './recall-audit-anomaly.js';
|
|
20
20
|
import './recall-audit.js';
|
|
21
21
|
import './explicit-capture.js';
|
|
22
|
-
import './orchestrator-
|
|
22
|
+
import './orchestrator-CX-oqwJq.js';
|
|
23
23
|
import './briefing.js';
|
|
24
24
|
import './buffer.js';
|
|
25
25
|
import './search/port.js';
|
package/dist/access-mcp.js
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import {
|
|
2
2
|
EngramMcpServer
|
|
3
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-TVOPSKOK.js";
|
|
4
4
|
import "./chunk-T4WDJPEZ.js";
|
|
5
5
|
import "./chunk-D24OXEPB.js";
|
|
6
|
-
import "./chunk-
|
|
6
|
+
import "./chunk-YAFSTKTH.js";
|
|
7
7
|
import "./chunk-GDASG7NC.js";
|
|
8
8
|
import "./chunk-GDB4J2H3.js";
|
|
9
9
|
import "./chunk-NT5TINK5.js";
|
|
@@ -12,7 +12,7 @@ import "./chunk-SOBJ6NEY.js";
|
|
|
12
12
|
import "./chunk-BT7NVCML.js";
|
|
13
13
|
import "./chunk-H7XKCNR6.js";
|
|
14
14
|
import "./chunk-UMTG2BN2.js";
|
|
15
|
-
import "./chunk-
|
|
15
|
+
import "./chunk-MMJANTJX.js";
|
|
16
16
|
import "./chunk-5RIRL3XL.js";
|
|
17
17
|
import "./chunk-JGSKJHF7.js";
|
|
18
18
|
import "./chunk-FF4KLI5W.js";
|
|
@@ -6,7 +6,7 @@ import { AnomalyDetectorResult } from './recall-audit-anomaly.js';
|
|
|
6
6
|
import { ExplicitCaptureInput } from './explicit-capture.js';
|
|
7
7
|
import { BudgetDecision } from './cross-namespace-budget.js';
|
|
8
8
|
import { readMemoryGovernanceRunArtifact } from './maintenance/memory-governance.js';
|
|
9
|
-
import { O as Orchestrator, I as IntentDebugSnapshot, G as GraphRecallSnapshot, P as PatternReinforcementResult, W as WearablesService } from './orchestrator-
|
|
9
|
+
import { O as Orchestrator, I as IntentDebugSnapshot, G as GraphRecallSnapshot, P as PatternReinforcementResult, W as WearablesService } from './orchestrator-CX-oqwJq.js';
|
|
10
10
|
import { LiveConnectorsRunSummary } from './live-connectors-runner.js';
|
|
11
11
|
import { LastRecallSnapshot } from './recall-state.js';
|
|
12
12
|
import { GraphSnapshotRequest, GraphSnapshotResponse } from './graph-snapshot.js';
|
|
@@ -654,6 +654,53 @@ interface CodingScopedWriteInput {
|
|
|
654
654
|
cwd?: string;
|
|
655
655
|
projectTag?: string;
|
|
656
656
|
}
|
|
657
|
+
/**
|
|
658
|
+
* Internal, single-resolution plan describing the effective memory scope for a
|
|
659
|
+
* write-producing access request (#1495, seed for epic #1494). One plan is
|
|
660
|
+
* resolved per request and EVERY side effect (LCM archival, extraction replay,
|
|
661
|
+
* objective-state snapshot, response) consumes the same `writeNamespace`, so an
|
|
662
|
+
* observed turn and its extracted memories never drift away from the namespace a
|
|
663
|
+
* same-session project-scoped recall searches (rule 39 / 42).
|
|
664
|
+
*
|
|
665
|
+
* The resolver that produces this is READ-ONLY with respect to namespace
|
|
666
|
+
* authorization: an explicit namespace is authorized through the existing
|
|
667
|
+
* `canWriteNamespace` policy path, and a coding overlay is always REBUILT from
|
|
668
|
+
* the authenticated principal's base — never accepted as a caller string — so a
|
|
669
|
+
* caller can never reach another principal's overlay by forging an
|
|
670
|
+
* overlay-shaped namespace (rule 42 / 47 / 48).
|
|
671
|
+
*/
|
|
672
|
+
interface MemoryScopePlan {
|
|
673
|
+
/** Resolved request principal (auth precedence applied), or undefined. */
|
|
674
|
+
principal?: string;
|
|
675
|
+
/** Explicit `namespace` supplied by the caller, if any (already authorized). */
|
|
676
|
+
explicitNamespace?: string;
|
|
677
|
+
/** Principal self base namespace before any coding overlay. */
|
|
678
|
+
baseNamespace: string;
|
|
679
|
+
/** Effective write namespace — what every side effect must use. */
|
|
680
|
+
writeNamespace: string;
|
|
681
|
+
/**
|
|
682
|
+
* Effective namespace the objective-state snapshot writer must target.
|
|
683
|
+
*
|
|
684
|
+
* Objective-state has a STRICTER, pre-#1495 contract than the LCM/extraction
|
|
685
|
+
* write path (#928): an IMPLICIT (no explicit `namespace`) snapshot is based
|
|
686
|
+
* on the PRINCIPAL SELF namespace (`defaultNamespaceForPrincipal`) and is
|
|
687
|
+
* authorized against THAT base (rule 48, least-privilege) — never silently
|
|
688
|
+
* routed to `config.defaultNamespace`. Only the LCM/extraction/response path
|
|
689
|
+
* collapses an unqualified write to `config.defaultNamespace` (memory_store
|
|
690
|
+
* parity, rule 39). With an explicit namespace, or once a coding overlay
|
|
691
|
+
* applies, both targets converge: `objectiveStateNamespace === writeNamespace`.
|
|
692
|
+
*
|
|
693
|
+
* Keeping the two as separate fields of ONE plan preserves rule 22 (single
|
|
694
|
+
* resolution point) while honoring each consumer's historical contract.
|
|
695
|
+
*/
|
|
696
|
+
objectiveStateNamespace: string;
|
|
697
|
+
/** Namespaces a same-session recall would read (cheap subset). */
|
|
698
|
+
readNamespaces: string[];
|
|
699
|
+
/** Whether the coding overlay changed the base namespace. */
|
|
700
|
+
codingOverlayApplied: boolean;
|
|
701
|
+
/** Non-fatal diagnostics surfaced during resolution. */
|
|
702
|
+
warnings: string[];
|
|
703
|
+
}
|
|
657
704
|
interface EngramAccessMemoryStoreRequest extends EngramAccessWriteEnvelope, ExplicitCaptureInput, CodingScopedWriteInput {
|
|
658
705
|
}
|
|
659
706
|
interface EngramAccessSuggestionSubmitRequest extends EngramAccessWriteEnvelope, ExplicitCaptureInput, CodingScopedWriteInput {
|
|
@@ -697,10 +744,44 @@ interface EngramAccessObserveRequest {
|
|
|
697
744
|
*/
|
|
698
745
|
projectTag?: string;
|
|
699
746
|
}
|
|
747
|
+
/**
|
|
748
|
+
* Additive diagnostic view of the effective {@link MemoryScopePlan} resolved for
|
|
749
|
+
* an `observe` request (#1495 / epic #1494). Lets callers and tests inspect
|
|
750
|
+
* which namespace the operation actually wrote to without changing the
|
|
751
|
+
* backward-compatible `namespace` field. Purely informational — never gates
|
|
752
|
+
* authorization.
|
|
753
|
+
*/
|
|
754
|
+
interface EngramAccessScopeDebug {
|
|
755
|
+
/** Resolved principal, or `undefined` when none could be derived. */
|
|
756
|
+
principal?: string;
|
|
757
|
+
/** Explicit `namespace` from the request, if one was supplied. */
|
|
758
|
+
explicitNamespace?: string;
|
|
759
|
+
/** Principal self base before any coding overlay. */
|
|
760
|
+
baseNamespace: string;
|
|
761
|
+
/** Effective write namespace every side effect of the request uses. */
|
|
762
|
+
writeNamespace: string;
|
|
763
|
+
/** Whether the coding (project/branch) overlay changed the base namespace. */
|
|
764
|
+
codingOverlayApplied: boolean;
|
|
765
|
+
/** Namespaces a same-session recall would read, when cheap to compute. */
|
|
766
|
+
readNamespaces?: string[];
|
|
767
|
+
}
|
|
700
768
|
interface EngramAccessObserveResponse {
|
|
701
769
|
accepted: number;
|
|
702
770
|
sessionKey: string;
|
|
771
|
+
/**
|
|
772
|
+
* Backward-compatible base writable namespace (pre-#1495 semantics). Kept
|
|
773
|
+
* unchanged so existing callers/tests are not broken. The namespace the
|
|
774
|
+
* operation ACTUALLY wrote to is {@link EngramAccessObserveResponse.effectiveNamespace}.
|
|
775
|
+
*/
|
|
703
776
|
namespace: string;
|
|
777
|
+
/**
|
|
778
|
+
* Effective write namespace every memory-producing side effect of this
|
|
779
|
+
* request used (LCM archival, extraction replay, objective-state snapshot).
|
|
780
|
+
* Equals the namespace a same-session project-scoped recall searches (#1495).
|
|
781
|
+
*/
|
|
782
|
+
effectiveNamespace: string;
|
|
783
|
+
/** Additive diagnostic view of the resolved scope plan (#1495). */
|
|
784
|
+
scopeDebug?: EngramAccessScopeDebug;
|
|
704
785
|
lcmArchived: boolean;
|
|
705
786
|
extractionQueued: boolean;
|
|
706
787
|
}
|
|
@@ -825,6 +906,31 @@ declare class EngramAccessService {
|
|
|
825
906
|
* never fails a write — there is no namespace to "pin".
|
|
826
907
|
*/
|
|
827
908
|
private resolveCodingScopedWriteNamespace;
|
|
909
|
+
/**
|
|
910
|
+
* Resolve ONE effective memory scope plan for a write-producing request
|
|
911
|
+
* (#1495 / seed for epic #1494). The returned {@link MemoryScopePlan} is the
|
|
912
|
+
* single source of truth `observe` (and, later, other write surfaces) consume
|
|
913
|
+
* so every side effect lands in `plan.writeNamespace`.
|
|
914
|
+
*
|
|
915
|
+
* Authorization mirrors {@link resolveCodingScopedWriteNamespace} EXACTLY so
|
|
916
|
+
* `observe`'s scoping is identical to `memory_store`/`suggestion_submit`
|
|
917
|
+
* (rule 39 — feature gates identical across code paths):
|
|
918
|
+
* - an explicit `namespace` always wins and is authorized strictly through
|
|
919
|
+
* `resolveWritableNamespace` → `canWriteNamespace`; an overlay-shaped string
|
|
920
|
+
* is never a writable target (rule 42 / 47 / 48);
|
|
921
|
+
* - with NO overlay, the base stays on `config.defaultNamespace` (pre-#1434
|
|
922
|
+
* behavior), auth-checked;
|
|
923
|
+
* - WITH an overlay, the base is the principal self namespace and the overlay
|
|
924
|
+
* is REBUILT from that authorized base — never accepted as a caller string.
|
|
925
|
+
*
|
|
926
|
+
* READ-ONLY: this never mutates session coding context. Callers that need the
|
|
927
|
+
* `cwd`/`projectTag` bound to the session (so a later bare recall is scoped)
|
|
928
|
+
* must attach it via `maybeAttachCodingContext` BEFORE calling this, which
|
|
929
|
+
* also preserves the no-orphan-context guard (attach only after auth passes).
|
|
930
|
+
* The overlay here reads the session's attached context first (matching recall
|
|
931
|
+
* precedence), falling back to the per-call `cwd`/`projectTag`.
|
|
932
|
+
*/
|
|
933
|
+
private resolveMemoryScopePlan;
|
|
828
934
|
private objectiveStateStoreLocationForNamespace;
|
|
829
935
|
private resolveReadableNamespace;
|
|
830
936
|
private resolveReadableNamespacesForSearch;
|
|
@@ -1080,6 +1186,153 @@ declare class EngramAccessService {
|
|
|
1080
1186
|
private serializeMemorySummary;
|
|
1081
1187
|
observe(request: EngramAccessObserveRequest): Promise<EngramAccessObserveResponse>;
|
|
1082
1188
|
lcmSearch(request: EngramAccessLcmSearchRequest): Promise<EngramAccessLcmSearchResponse>;
|
|
1189
|
+
/**
|
|
1190
|
+
* Resolve the LCM `session_id` a same-session READER (compaction flush/record,
|
|
1191
|
+
* `lcmSearch`, raw-excerpt lookup) must target so it matches the key `observe`
|
|
1192
|
+
* archived under (#1495 thread 2 + #1505 round 3, rule 42). One helper for
|
|
1193
|
+
* EVERY access-surface LCM read so the read key cannot drift from the write key
|
|
1194
|
+
* (rule 22).
|
|
1195
|
+
*
|
|
1196
|
+
* Precedence mirrors `observe`'s effective write namespace:
|
|
1197
|
+
* - With an explicit `request.namespace`, use the already-authorized
|
|
1198
|
+
* `resolvedNamespace` (the overlay never applies to an explicit write).
|
|
1199
|
+
* - With NO explicit namespace, an auto-scoped session was archived under
|
|
1200
|
+
* its coding-overlay namespace, so overlay the session's bound coding
|
|
1201
|
+
* context onto the principal self base — the SAME resolution
|
|
1202
|
+
* `resolveMemoryScopePlan`/recall use. `applyCodingNamespaceOverlay`
|
|
1203
|
+
* returns the base unchanged when projectScope/namespaces are off or no
|
|
1204
|
+
* context is bound, so single-store / no-overlay flows collapse to the raw
|
|
1205
|
+
* sessionKey exactly as before.
|
|
1206
|
+
*
|
|
1207
|
+
* Then encode the `${namespace}:${sessionKey}` prefix via the shared helper
|
|
1208
|
+
* so the read key is byte-for-byte what the LCM write and the recall readers
|
|
1209
|
+
* use.
|
|
1210
|
+
*/
|
|
1211
|
+
/**
|
|
1212
|
+
* Resolve the effective LCM NAMESPACE a same-session operation must prefix
|
|
1213
|
+
* with (the namespace half of {@link resolveLcmReadSessionKey}). Split out so
|
|
1214
|
+
* `lcmSearch` can apply ONE namespace to BOTH its `sessionKey` and its
|
|
1215
|
+
* `sessionPrefix` — the prefix is a search fragment, not a real session, so its
|
|
1216
|
+
* own coding context can't be looked up; it must inherit the namespace resolved
|
|
1217
|
+
* from the real session (`sessionKeyForOverlay`).
|
|
1218
|
+
*
|
|
1219
|
+
* `purpose` selects the AUTHORIZATION gate applied before honouring the
|
|
1220
|
+
* coding overlay (#1505 round 3 + round 4, codex P2):
|
|
1221
|
+
*
|
|
1222
|
+
* - `"read"` (`lcmSearch` / raw-excerpt recall): the overlay rows are only
|
|
1223
|
+
* visible when the principal SELF base is in the READABLE RECALL SET — the
|
|
1224
|
+
* same gate the orchestrator's `lcmReadNamespaceForSession` and the recall
|
|
1225
|
+
* namespace set use (`recallNamespacesForPrincipal`, gated by both
|
|
1226
|
+
* `defaultRecallNamespaces.includes("self")` AND `canReadNamespace`). A
|
|
1227
|
+
* caller that passed the default read check must NOT receive
|
|
1228
|
+
* `<principal>-project-*` rows the policy never granted (cross-tenant read
|
|
1229
|
+
* leak). When the self base is not readable, keep the just-authorized
|
|
1230
|
+
* namespace (collapses to the raw key on the default store).
|
|
1231
|
+
*
|
|
1232
|
+
* - `"write"` (`lcmCompactionFlush` / `lcmCompactionRecord`): these are
|
|
1233
|
+
* write/maintenance operations on the SAME queue `observe` just wrote, so
|
|
1234
|
+
* the gate must mirror observe's WRITE authorization (`canWriteNamespace`
|
|
1235
|
+
* on the self base), NOT readability. A principal that can WRITE but not
|
|
1236
|
+
* READ its self namespace (or whose `defaultRecallNamespaces` omits `self`)
|
|
1237
|
+
* archived under the overlay key via `observe`; gating compaction by
|
|
1238
|
+
* readability would fall back to the default/raw key and leave that queue
|
|
1239
|
+
* never flushed/recorded (round-4 codex P2). Write-authorized ⇒ overlay
|
|
1240
|
+
* key, matching the observe write key (rule 42 read/write parity; rule 39
|
|
1241
|
+
* identical gates across paths).
|
|
1242
|
+
*/
|
|
1243
|
+
private resolveLcmReadNamespace;
|
|
1244
|
+
/**
|
|
1245
|
+
* Resolve the namespace the raw-disclosure excerpt lookup
|
|
1246
|
+
* ({@link fetchRawExcerpts}) must prefix its LCM `session_id` with (#1505
|
|
1247
|
+
* thread 2f7). Raw disclosure reads the SAME LCM archive `lcmSearch` and the
|
|
1248
|
+
* in-prompt LCM sections read, so it MUST pass through the identical
|
|
1249
|
+
* read-authorization gate — NOT `snapshot.namespace`, which records the
|
|
1250
|
+
* effective WRITE/overlay namespace (`<principal>-project-*`) even when the
|
|
1251
|
+
* principal can WRITE but not READ its self base (or `defaultRecallNamespaces`
|
|
1252
|
+
* omits `self`). Routing through `resolveLcmReadNamespace(..., "read")` makes
|
|
1253
|
+
* raw disclosure fall back to the default store exactly like normal recall +
|
|
1254
|
+
* `lcmSearch`, so it never attaches overlay transcript rows the read gate
|
|
1255
|
+
* excludes (cross-tenant read leak). Collapses to the default store / raw
|
|
1256
|
+
* sessionKey for single-store / no-overlay / explicit-default flows, so
|
|
1257
|
+
* single-user recall is byte-for-byte unchanged.
|
|
1258
|
+
*
|
|
1259
|
+
* Returns `undefined` when NO readable LCM namespace exists for an IMPLICIT
|
|
1260
|
+
* (no explicit `namespace`) raw recall — i.e. a restrictive `default` READ
|
|
1261
|
+
* policy denies the principal `default` AND no overlay/self namespace is
|
|
1262
|
+
* readable. In that case the caller emits NO excerpts rather than throwing
|
|
1263
|
+
* `namespace is not readable: default` (#1505 thread NBHWz): normal recall
|
|
1264
|
+
* still succeeds via `recallNamespacesForPrincipal`, so `disclosure: "raw"`
|
|
1265
|
+
* must degrade gracefully (empty excerpts), never pre-authorize `default`.
|
|
1266
|
+
*
|
|
1267
|
+
* IMPLICIT-namespace fallback selection derives from the ALREADY
|
|
1268
|
+
* read-authorized recall namespace set (`recallNamespacesForPrincipal` +
|
|
1269
|
+
* `canReadNamespace`) — the principal's self base when it is in the readable
|
|
1270
|
+
* recall set, else `config.defaultNamespace` ONLY when the principal may read
|
|
1271
|
+
* it. It NEVER pre-authorizes `default`. An EXPLICIT `namespace` is still
|
|
1272
|
+
* authorized strictly via `resolveReadableNamespace` (explicit reads must pass
|
|
1273
|
+
* the ACL — no behavior change).
|
|
1274
|
+
*/
|
|
1275
|
+
private resolveRawExcerptReadNamespace;
|
|
1276
|
+
/**
|
|
1277
|
+
* The base `resolvedNamespace` an IMPLICIT (no explicit `namespace`)
|
|
1278
|
+
* same-session LCM READER (`resolveRawExcerptReadNamespace`, `lcmSearch`)
|
|
1279
|
+
* passes into {@link resolveLcmReadNamespace} — WITHOUT pre-authorizing
|
|
1280
|
+
* `default` (#1505 thread NBHWz). It decides PROCEED vs SUPPRESS only; the
|
|
1281
|
+
* actual LCM prefix is then resolved by `resolveLcmReadNamespace`, which
|
|
1282
|
+
* mirrors the orchestrator's `lcmReadNamespaceForSession` EXACTLY (rule 39 /
|
|
1283
|
+
* 42): the coding overlay when the principal SELF base is in the readable
|
|
1284
|
+
* recall set, else `config.defaultNamespace` (the raw key).
|
|
1285
|
+
*
|
|
1286
|
+
* Returns `config.defaultNamespace` (PROCEED) whenever the principal has ANY
|
|
1287
|
+
* readable LCM access — either `default` itself is readable, OR a coding
|
|
1288
|
+
* overlay / self base is in the readable recall set. The returned value is
|
|
1289
|
+
* ALWAYS `config.defaultNamespace`, NEVER an arbitrary readable recall
|
|
1290
|
+
* namespace (e.g. `shared`): `resolveLcmReadNamespace` returns this fallback
|
|
1291
|
+
* verbatim only on the overlay-applies-but-self-unreadable branch, where the
|
|
1292
|
+
* orchestrator collapses to the default store — so returning anything but the
|
|
1293
|
+
* default store there would prefix LCM reads with `shared:sessionKey` while
|
|
1294
|
+
* in-prompt recall uses the raw `sessionKey`, diverging the two (cursor
|
|
1295
|
+
* "LCM read gate wrong fallback").
|
|
1296
|
+
*
|
|
1297
|
+
* Returns `undefined` (SUPPRESS) only when NO readable LCM namespace exists —
|
|
1298
|
+
* a restrictive `default` READ policy AND no readable overlay/self — so the
|
|
1299
|
+
* caller emits NO rows instead of throwing `namespace is not readable:
|
|
1300
|
+
* default`. Normal recall still succeeds through the readable self namespace.
|
|
1301
|
+
*
|
|
1302
|
+
* Single-store / namespaces-disabled deployments resolve to
|
|
1303
|
+
* `config.defaultNamespace`, keeping single-user recall byte-for-byte
|
|
1304
|
+
* unchanged.
|
|
1305
|
+
*/
|
|
1306
|
+
private resolveImplicitLcmReadFallbackNamespace;
|
|
1307
|
+
private resolveLcmReadSessionKey;
|
|
1308
|
+
/**
|
|
1309
|
+
* Resolve the ORDERED, read-authorized set of LCM `session_id`s a same-session
|
|
1310
|
+
* READER (`lcmSearch`, raw-excerpt disclosure) must query so it matches every
|
|
1311
|
+
* key `observe` archived under across the coding scope (#1505 thread "Include
|
|
1312
|
+
* coding fallback namespaces in LCM reads").
|
|
1313
|
+
*
|
|
1314
|
+
* Mirrors the orchestrator recall path exactly (rule 39): `observe` archives
|
|
1315
|
+
* each turn under `${effectiveNamespace}:${sessionKey}` for whichever namespace
|
|
1316
|
+
* was effective at write time, and normal QMD/file recall searches the primary
|
|
1317
|
+
* coding-overlay namespace AND `codingOverlay.readFallbacks` (project → root).
|
|
1318
|
+
* A single overlay key therefore MISSES rows a branch-scoped session archived at
|
|
1319
|
+
* project/root scope. This returns the primary overlay LCM key first, then one
|
|
1320
|
+
* per read fallback, deduped + ordered so the caller can short-circuit on the
|
|
1321
|
+
* first hit.
|
|
1322
|
+
*
|
|
1323
|
+
* READ-AUTHORIZATION (preserved from the round-3..5 `resolveLcmReadNamespace`
|
|
1324
|
+
* "read" gate; rule 42 / 48): the overlay + fallbacks are `<principal>-project-*`
|
|
1325
|
+
* sub-namespaces authorized transitively by the principal SELF base. They are
|
|
1326
|
+
* included ONLY when the self base is in the readable recall set
|
|
1327
|
+
* (`recallNamespacesForPrincipal`). When the self base is NOT readable (write-
|
|
1328
|
+
* only / self-omitted principal), or when an explicit namespace was supplied,
|
|
1329
|
+
* or no overlay applies, this collapses to the single key
|
|
1330
|
+
* {@link resolveLcmReadSessionKey} returns — byte-for-byte the prior behavior
|
|
1331
|
+
* (single-store / no-overlay flows stay the raw `sessionKey`). No
|
|
1332
|
+
* `<principal>-project-*` key is ever searched for an unauthorized reader (no
|
|
1333
|
+
* cross-tenant read leak).
|
|
1334
|
+
*/
|
|
1335
|
+
private resolveLcmReadSessionIds;
|
|
1083
1336
|
lcmCompactionFlush(request: EngramAccessLcmCompactionFlushRequest): Promise<EngramAccessLcmCompactionFlushResponse>;
|
|
1084
1337
|
lcmCompactionRecord(request: EngramAccessLcmCompactionRecordRequest): Promise<EngramAccessLcmCompactionRecordResponse>;
|
|
1085
1338
|
continuityAuditGenerate(request: {
|
|
@@ -1582,4 +1835,4 @@ declare class EngramAccessService {
|
|
|
1582
1835
|
}): Promise<Awaited<ReturnType<WearablesService["transcriptMemories"]>>>;
|
|
1583
1836
|
}
|
|
1584
1837
|
|
|
1585
|
-
export { type EngramAccessReviewDispositionRequest as $, type EngramAccessMemoryBrowseRequest as A, type EngramAccessMemoryBrowseResponse as B, type CodingScopedWriteInput as C, type EngramAccessMemoryRecord as D, EngramAccessService as E, type EngramAccessMemoryResponse as F, type EngramAccessMemoryStoreRequest as G, type EngramAccessMemorySummary as H, type EngramAccessObserveMessage as I, type EngramAccessObserveRequest as J, type EngramAccessObserveResponse as K, type EngramAccessOfflineSyncApplyFileContentRequest as L, type EngramAccessOfflineSyncApplyFileContentResponse as M, type EngramAccessOfflineSyncApplyRequest as N, type EngramAccessOfflineSyncApplyResponse as O, type ProcedureStatsConfigSnapshot as P, type EngramAccessOfflineSyncFileContentRequest as Q, type EngramAccessOfflineSyncFileContentResponse as R, type EngramAccessOfflineSyncFilesRequest as S, type EngramAccessOfflineSyncFilesResponse as T, type EngramAccessOfflineSyncSnapshotRequest as U, type EngramAccessOfflineSyncSnapshotResponse as V, type EngramAccessOfflineSyncSnapshotStreamResponse as W, type EngramAccessQualityResponse as X, type EngramAccessRecallExplainRequest as Y, type EngramAccessRecallExplainResponse as Z, type EngramAccessRecallRequest as _, type EngramAccessRecallResponse as a, type EngramAccessReviewDispositionResponse as a0, type EngramAccessReviewQueueResponse as a1, type
|
|
1838
|
+
export { type EngramAccessReviewDispositionRequest as $, type EngramAccessMemoryBrowseRequest as A, type EngramAccessMemoryBrowseResponse as B, type CodingScopedWriteInput as C, type EngramAccessMemoryRecord as D, EngramAccessService as E, type EngramAccessMemoryResponse as F, type EngramAccessMemoryStoreRequest as G, type EngramAccessMemorySummary as H, type EngramAccessObserveMessage as I, type EngramAccessObserveRequest as J, type EngramAccessObserveResponse as K, type EngramAccessOfflineSyncApplyFileContentRequest as L, type EngramAccessOfflineSyncApplyFileContentResponse as M, type EngramAccessOfflineSyncApplyRequest as N, type EngramAccessOfflineSyncApplyResponse as O, type ProcedureStatsConfigSnapshot as P, type EngramAccessOfflineSyncFileContentRequest as Q, type EngramAccessOfflineSyncFileContentResponse as R, type EngramAccessOfflineSyncFilesRequest as S, type EngramAccessOfflineSyncFilesResponse as T, type EngramAccessOfflineSyncSnapshotRequest as U, type EngramAccessOfflineSyncSnapshotResponse as V, type EngramAccessOfflineSyncSnapshotStreamResponse as W, type EngramAccessQualityResponse as X, type EngramAccessRecallExplainRequest as Y, type EngramAccessRecallExplainResponse as Z, type EngramAccessRecallRequest as _, type EngramAccessRecallResponse as a, type EngramAccessReviewDispositionResponse as a0, type EngramAccessReviewQueueResponse as a1, type EngramAccessScopeDebug as a2, type EngramAccessSetCodingContextRequest as a3, type EngramAccessSuggestionSubmitRequest as a4, type EngramAccessTimelineResponse as a5, type EngramAccessTrustZoneBrowseRequest as a6, type EngramAccessTrustZoneBrowseResponse as a7, type EngramAccessTrustZoneDemoSeedRequest as a8, type EngramAccessTrustZoneDemoSeedResponse as a9, type EngramAccessTrustZonePromoteRequest as aa, type EngramAccessTrustZonePromoteResponse as ab, type EngramAccessTrustZoneRecordSummary as ac, type EngramAccessTrustZoneStatusResponse as ad, type EngramAccessWriteEnvelope as ae, type EngramAccessWriteResponse as af, type MemoryScopePlan as ag, shapeMemorySummary as ah, EngramAccessInputError as b, type ProcedureStatsRecent as c, type ProcedureStatsReport as d, type ProcedureStatusCounts as e, computeProcedureStats as f, formatProcedureStatsText as g, ENGRAM_ACCESS_WRITE_SCHEMA_VERSION as h, type EngramAccessActionConfidenceRequest as i, type EngramAccessActionConfidenceResponse as j, type EngramAccessBriefingRequest as k, type EngramAccessBriefingResponse as l, type EngramAccessCapsuleListResponse as m, type EngramAccessDaySummaryRequest as n, type EngramAccessEntityListResponse as o, type EngramAccessEntityResponse as p, type EngramAccessEntitySummary as q, type EngramAccessHealthResponse as r, type EngramAccessLcmCompactionFlushRequest as s, type EngramAccessLcmCompactionFlushResponse as t, type EngramAccessLcmCompactionRecordRequest as u, type EngramAccessLcmCompactionRecordResponse as v, type EngramAccessLcmSearchRequest as w, type EngramAccessLcmSearchResponse as x, type EngramAccessLcmStatusResponse as y, type EngramAccessMaintenanceResponse as z };
|
package/dist/access-service.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import './storage.js';
|
|
2
2
|
import './types-B1VHaf2w.js';
|
|
3
|
-
export { C as CodingScopedWriteInput, h as ENGRAM_ACCESS_WRITE_SCHEMA_VERSION, i as EngramAccessActionConfidenceRequest, j as EngramAccessActionConfidenceResponse, k as EngramAccessBriefingRequest, l as EngramAccessBriefingResponse, m as EngramAccessCapsuleListResponse, n as EngramAccessDaySummaryRequest, o as EngramAccessEntityListResponse, p as EngramAccessEntityResponse, q as EngramAccessEntitySummary, r as EngramAccessHealthResponse, b as EngramAccessInputError, s as EngramAccessLcmCompactionFlushRequest, t as EngramAccessLcmCompactionFlushResponse, u as EngramAccessLcmCompactionRecordRequest, v as EngramAccessLcmCompactionRecordResponse, w as EngramAccessLcmSearchRequest, x as EngramAccessLcmSearchResponse, y as EngramAccessLcmStatusResponse, z as EngramAccessMaintenanceResponse, A as EngramAccessMemoryBrowseRequest, B as EngramAccessMemoryBrowseResponse, D as EngramAccessMemoryRecord, F as EngramAccessMemoryResponse, G as EngramAccessMemoryStoreRequest, H as EngramAccessMemorySummary, I as EngramAccessObserveMessage, J as EngramAccessObserveRequest, K as EngramAccessObserveResponse, L as EngramAccessOfflineSyncApplyFileContentRequest, M as EngramAccessOfflineSyncApplyFileContentResponse, N as EngramAccessOfflineSyncApplyRequest, O as EngramAccessOfflineSyncApplyResponse, Q as EngramAccessOfflineSyncFileContentRequest, R as EngramAccessOfflineSyncFileContentResponse, S as EngramAccessOfflineSyncFilesRequest, T as EngramAccessOfflineSyncFilesResponse, U as EngramAccessOfflineSyncSnapshotRequest, V as EngramAccessOfflineSyncSnapshotResponse, W as EngramAccessOfflineSyncSnapshotStreamResponse, X as EngramAccessQualityResponse, Y as EngramAccessRecallExplainRequest, Z as EngramAccessRecallExplainResponse, _ as EngramAccessRecallRequest, a as EngramAccessRecallResponse, $ as EngramAccessReviewDispositionRequest, a0 as EngramAccessReviewDispositionResponse, a1 as EngramAccessReviewQueueResponse, E as EngramAccessService,
|
|
3
|
+
export { C as CodingScopedWriteInput, h as ENGRAM_ACCESS_WRITE_SCHEMA_VERSION, i as EngramAccessActionConfidenceRequest, j as EngramAccessActionConfidenceResponse, k as EngramAccessBriefingRequest, l as EngramAccessBriefingResponse, m as EngramAccessCapsuleListResponse, n as EngramAccessDaySummaryRequest, o as EngramAccessEntityListResponse, p as EngramAccessEntityResponse, q as EngramAccessEntitySummary, r as EngramAccessHealthResponse, b as EngramAccessInputError, s as EngramAccessLcmCompactionFlushRequest, t as EngramAccessLcmCompactionFlushResponse, u as EngramAccessLcmCompactionRecordRequest, v as EngramAccessLcmCompactionRecordResponse, w as EngramAccessLcmSearchRequest, x as EngramAccessLcmSearchResponse, y as EngramAccessLcmStatusResponse, z as EngramAccessMaintenanceResponse, A as EngramAccessMemoryBrowseRequest, B as EngramAccessMemoryBrowseResponse, D as EngramAccessMemoryRecord, F as EngramAccessMemoryResponse, G as EngramAccessMemoryStoreRequest, H as EngramAccessMemorySummary, I as EngramAccessObserveMessage, J as EngramAccessObserveRequest, K as EngramAccessObserveResponse, L as EngramAccessOfflineSyncApplyFileContentRequest, M as EngramAccessOfflineSyncApplyFileContentResponse, N as EngramAccessOfflineSyncApplyRequest, O as EngramAccessOfflineSyncApplyResponse, Q as EngramAccessOfflineSyncFileContentRequest, R as EngramAccessOfflineSyncFileContentResponse, S as EngramAccessOfflineSyncFilesRequest, T as EngramAccessOfflineSyncFilesResponse, U as EngramAccessOfflineSyncSnapshotRequest, V as EngramAccessOfflineSyncSnapshotResponse, W as EngramAccessOfflineSyncSnapshotStreamResponse, X as EngramAccessQualityResponse, Y as EngramAccessRecallExplainRequest, Z as EngramAccessRecallExplainResponse, _ as EngramAccessRecallRequest, a as EngramAccessRecallResponse, $ as EngramAccessReviewDispositionRequest, a0 as EngramAccessReviewDispositionResponse, a1 as EngramAccessReviewQueueResponse, a2 as EngramAccessScopeDebug, E as EngramAccessService, a3 as EngramAccessSetCodingContextRequest, a4 as EngramAccessSuggestionSubmitRequest, a5 as EngramAccessTimelineResponse, a6 as EngramAccessTrustZoneBrowseRequest, a7 as EngramAccessTrustZoneBrowseResponse, a8 as EngramAccessTrustZoneDemoSeedRequest, a9 as EngramAccessTrustZoneDemoSeedResponse, aa as EngramAccessTrustZonePromoteRequest, ab as EngramAccessTrustZonePromoteResponse, ac as EngramAccessTrustZoneRecordSummary, ad as EngramAccessTrustZoneStatusResponse, ae as EngramAccessWriteEnvelope, af as EngramAccessWriteResponse, ag as MemoryScopePlan, ah as shapeMemorySummary } from './access-service-DIZRHQ7Q.js';
|
|
4
4
|
import './recall-explain-renderer.js';
|
|
5
5
|
import './types-D8yUmSik.js';
|
|
6
6
|
import './recall-audit-anomaly.js';
|
|
7
7
|
import './explicit-capture.js';
|
|
8
8
|
import './cross-namespace-budget.js';
|
|
9
9
|
import './maintenance/memory-governance.js';
|
|
10
|
-
import './orchestrator-
|
|
10
|
+
import './orchestrator-CX-oqwJq.js';
|
|
11
11
|
import './live-connectors-runner.js';
|
|
12
12
|
import './recall-state.js';
|
|
13
13
|
import './graph-snapshot.js';
|
package/dist/access-service.js
CHANGED
|
@@ -3,7 +3,7 @@ import {
|
|
|
3
3
|
EngramAccessInputError,
|
|
4
4
|
EngramAccessService,
|
|
5
5
|
shapeMemorySummary
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-YAFSTKTH.js";
|
|
7
7
|
import "./chunk-GDASG7NC.js";
|
|
8
8
|
import "./chunk-GDB4J2H3.js";
|
|
9
9
|
import "./chunk-NT5TINK5.js";
|
|
@@ -12,7 +12,7 @@ import "./chunk-SOBJ6NEY.js";
|
|
|
12
12
|
import "./chunk-BT7NVCML.js";
|
|
13
13
|
import "./chunk-H7XKCNR6.js";
|
|
14
14
|
import "./chunk-UMTG2BN2.js";
|
|
15
|
-
import "./chunk-
|
|
15
|
+
import "./chunk-MMJANTJX.js";
|
|
16
16
|
import "./chunk-5RIRL3XL.js";
|
|
17
17
|
import "./chunk-JGSKJHF7.js";
|
|
18
18
|
import "./chunk-FF4KLI5W.js";
|
package/dist/bootstrap.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { P as PluginConfig } from './types-D8yUmSik.js';
|
|
2
|
-
import { O as Orchestrator } from './orchestrator-
|
|
2
|
+
import { O as Orchestrator } from './orchestrator-CX-oqwJq.js';
|
|
3
3
|
import './types-ByK7T3L6.js';
|
|
4
4
|
import './index-DJ9QWMw-.js';
|
|
5
5
|
import './briefing.js';
|