@remnic/core 9.3.685 → 9.3.686

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist/access-boundary.d.ts +2 -2
  2. package/dist/access-boundary.js +2 -2
  3. package/dist/access-cli.js +88 -7
  4. package/dist/access-cli.js.map +1 -1
  5. package/dist/access-http.d.ts +1 -1
  6. package/dist/access-http.js +5 -5
  7. package/dist/access-mcp.d.ts +12 -2
  8. package/dist/access-mcp.js +4 -4
  9. package/dist/access-operations.d.ts +8 -3
  10. package/dist/access-operations.js +5 -3
  11. package/dist/access-schema.d.ts +4 -4
  12. package/dist/{access-service-DeKrlYU_.d.ts → access-service-DmCHJ4cH.d.ts} +105 -29
  13. package/dist/access-service.d.ts +1 -1
  14. package/dist/access-service.js +1 -1
  15. package/dist/access-surface-catalog.d.ts +1 -1
  16. package/dist/access-surface-catalog.js +2 -0
  17. package/dist/access-surface-catalog.js.map +1 -1
  18. package/dist/{chunk-OFUULUSY.js → chunk-473JIN2U.js} +56 -5
  19. package/dist/chunk-473JIN2U.js.map +1 -0
  20. package/dist/{chunk-SQGPGC76.js → chunk-FUCUR2OZ.js} +540 -43
  21. package/dist/chunk-FUCUR2OZ.js.map +1 -0
  22. package/dist/{chunk-IIDSFFE5.js → chunk-KFBOZYME.js} +42 -3
  23. package/dist/chunk-KFBOZYME.js.map +1 -0
  24. package/dist/{chunk-PK6RGRSD.js → chunk-NN7QYW5W.js} +2 -2
  25. package/dist/chunk-NN7QYW5W.js.map +1 -0
  26. package/dist/{chunk-JPCKLFWK.js → chunk-QVMXQGT7.js} +6 -5
  27. package/dist/chunk-QVMXQGT7.js.map +1 -0
  28. package/dist/{chunk-BZISAF67.js → chunk-S2OU5DZY.js} +28 -6
  29. package/dist/chunk-S2OU5DZY.js.map +1 -0
  30. package/dist/{cli-D3-Q5Uod.d.ts → cli-D8nZ2MPH.d.ts} +1 -1
  31. package/dist/cli.d.ts +2 -2
  32. package/dist/cli.js +6 -6
  33. package/dist/index.d.ts +2 -2
  34. package/dist/index.js +6 -6
  35. package/dist/mcp-memory-inspector-app.d.ts +1 -1
  36. package/dist/schemas.d.ts +38 -38
  37. package/dist/transfer/types.d.ts +22 -22
  38. package/package.json +2 -2
  39. package/src/access-boundary.ts +2 -1
  40. package/src/access-cli.ts +94 -4
  41. package/src/access-http.ts +39 -1
  42. package/src/access-mcp.ts +54 -1
  43. package/src/access-operations.ts +66 -0
  44. package/src/access-service.ts +147 -62
  45. package/src/access-surface-catalog.test.ts +1 -1
  46. package/src/access-surface-catalog.ts +2 -0
  47. package/src/cli.ts +1 -0
  48. package/src/coding/decision-surfaces.test.ts +279 -0
  49. package/src/coding/decision-surfaces.ts +475 -0
  50. package/dist/chunk-BZISAF67.js.map +0 -1
  51. package/dist/chunk-IIDSFFE5.js.map +0 -1
  52. package/dist/chunk-JPCKLFWK.js.map +0 -1
  53. package/dist/chunk-OFUULUSY.js.map +0 -1
  54. package/dist/chunk-PK6RGRSD.js.map +0 -1
  55. package/dist/chunk-SQGPGC76.js.map +0 -1
package/src/access-cli.ts CHANGED
@@ -11,10 +11,11 @@ import { getOperation } from "./access-boundary.js";
11
11
  // Importing access-operations registers the pilot boundary operations as a
12
12
  // side effect; the store command dispatches through the registry (issue #1525).
13
13
  import "./access-operations.js";
14
+ import { projectTagProjectId } from "./coding/coding-namespace.js";
14
15
 
15
16
  const OPENCLAW_REMNIC_PLUGIN_IDS = ["openclaw-remnic", "openclaw-engram"] as const;
16
17
 
17
- type CommandName = "browse" | "store";
18
+ type CommandName = "browse" | "store" | "decision";
18
19
 
19
20
  type ParsedArgs = {
20
21
  command: CommandName;
@@ -133,9 +134,9 @@ function writeCliOutput(text: string = ""): void {
133
134
 
134
135
  function usage(): string {
135
136
  return [
136
- "Usage:",
137
137
  " engram-access browse [options]",
138
138
  " engram-access store [options]",
139
+ " engram-access decision [options]",
139
140
  "",
140
141
  "Browse options:",
141
142
  " --namespace <name>",
@@ -160,6 +161,21 @@ function usage(): string {
160
161
  " --source-reason <text>",
161
162
  " --idempotency-key <key>",
162
163
  " --dry-run",
164
+ "",
165
+ "Decision options:",
166
+ " --subcommand <list|get|record|supersede>",
167
+ " --namespace <name>",
168
+ " --session-key <key>",
169
+ " --principal <principal>",
170
+ " --id <id> (get/supersede)",
171
+ " --title <title> (record/supersede)",
172
+ " --status <proposed|accepted|superseded|rejected> (record)",
173
+ " --context <text> (record/supersede)",
174
+ " --decision <text> (record/supersede)",
175
+ " --consequences <text> (record/supersede)",
176
+ " --entity-ref <ref> (repeatable)",
177
+ " --project-tag <tag> (attach coding context for this invocation)",
178
+ " --supersedes-id <id> (alias for --id on supersede)",
163
179
  ].join("\n");
164
180
  }
165
181
 
@@ -194,8 +210,25 @@ const COMMAND_SPECS: Record<CommandName, CommandSpec> = {
194
210
  ]),
195
211
  flagOptions: new Set(["dry-run"]),
196
212
  },
213
+ decision: {
214
+ valueOptions: new Set([
215
+ "subcommand",
216
+ "namespace",
217
+ "session-key",
218
+ "principal",
219
+ "id",
220
+ "title",
221
+ "status",
222
+ "context",
223
+ "decision",
224
+ "consequences",
225
+ "entity-ref",
226
+ "project-tag",
227
+ "supersedes-id",
228
+ ]),
229
+ flagOptions: new Set(),
230
+ },
197
231
  };
198
-
199
232
  const BROWSE_SORT_VALUES = Object.freeze([
200
233
  "updated_desc",
201
234
  "updated_asc",
@@ -207,7 +240,7 @@ type BrowseSort = (typeof BROWSE_SORT_VALUES)[number];
207
240
 
208
241
  function parseArgs(argv: string[]): ParsedArgs {
209
242
  const [commandRaw, ...rest] = argv;
210
- if (commandRaw !== "browse" && commandRaw !== "store") {
243
+ if (commandRaw !== "browse" && commandRaw !== "store" && commandRaw !== "decision") {
211
244
  throw new UsageError("unsupported-command");
212
245
  }
213
246
  const spec = COMMAND_SPECS[commandRaw];
@@ -466,6 +499,59 @@ function expandOptionalPath(value: string | undefined): string | undefined {
466
499
  return value === undefined ? undefined : expandTildePath(value);
467
500
  }
468
501
 
502
+ /**
503
+ * Decision-record surface (issue #1548 Track A PR 2). Dispatches through the
504
+ * same `coding_decision` operation as the MCP tool and HTTP route — one
505
+ * validation boundary, three transports.
506
+ */
507
+ async function runDecision(args: ParsedArgs, preferredId?: string): Promise<void> {
508
+ const subcommand = requireOption(args, "subcommand");
509
+ const { config, service } = buildRuntime(preferredId);
510
+ // The CLI creates a fresh Orchestrator per invocation, so the session
511
+ // coding-context map is empty. If --project-tag + --session-key are
512
+ // provided, attach a coding context BEFORE dispatching so the gate
513
+ // passes and project-scoped writes resolve to the right namespace
514
+ // (review P2).
515
+ const projectTag = getLastOption(args, "project-tag");
516
+ const sessionKey = getLastOption(args, "session-key");
517
+ if (projectTag && projectTag.trim().length > 0 && sessionKey && sessionKey.trim().length > 0) {
518
+ const projectId = projectTagProjectId(projectTag.trim());
519
+ service.setCodingContext({
520
+ sessionKey,
521
+ codingContext: {
522
+ projectId,
523
+ branch: null,
524
+ rootPath: projectId,
525
+ defaultBranch: null,
526
+ },
527
+ });
528
+ }
529
+ const op = getOperation("coding_decision");
530
+ if (!op) {
531
+ throw new Error("access-boundary: operation not registered: coding_decision");
532
+ }
533
+ const output = (await op.run(
534
+ {
535
+ subcommand,
536
+ namespace: getLastOption(args, "namespace"),
537
+ sessionKey,
538
+ id: getLastOption(args, "id"),
539
+ supersedesId: getLastOption(args, "supersedes-id"),
540
+ title: getLastOption(args, "title"),
541
+ status: getLastOption(args, "status"),
542
+ context: getLastOption(args, "context"),
543
+ decision: getLastOption(args, "decision"),
544
+ consequences: getLastOption(args, "consequences"),
545
+ entityRefs: getAllOptions(args, "entity-ref"),
546
+ },
547
+ {
548
+ service,
549
+ authenticatedPrincipal: getLastOption(args, "principal") ?? config.agentAccessHttp.principal,
550
+ },
551
+ )) as { result: unknown };
552
+ console.log(JSON.stringify(output.result, null, 2));
553
+ }
554
+
469
555
  export async function main(
470
556
  argv: string[] = process.argv.slice(2),
471
557
  options: AccessCliOptions = {},
@@ -475,6 +561,10 @@ export async function main(
475
561
  await runBrowse(args, options.preferredId);
476
562
  return;
477
563
  }
564
+ if (args.command === "decision") {
565
+ await runDecision(args, options.preferredId);
566
+ return;
567
+ }
478
568
  await runStore(args, options.preferredId);
479
569
  }
480
570
 
@@ -315,6 +315,7 @@ export class EngramAccessHttpServer {
315
315
  citationsEnabled: options.citationsEnabled,
316
316
  citationsAutoDetect: options.citationsAutoDetect,
317
317
  emitLegacyTools: options.emitLegacyTools,
318
+ codingDecisionVisible: this.service.decisionRecordSurfaceVisible,
318
319
  });
319
320
  }
320
321
 
@@ -1331,6 +1332,35 @@ export class EngramAccessHttpServer {
1331
1332
  return;
1332
1333
  }
1333
1334
 
1335
+ if (req.method === "POST" && pathname === "/engram/v1/coding/decisions") {
1336
+ // Migrated through the access boundary (issue #1525/#1548): the
1337
+ // registry entry owns schema validation and service dispatch. HTTP
1338
+ // resolves the request principal; the boundary re-validates the
1339
+ // cleaned envelope. record/supersede persist decision memories, so they
1340
+ // are gated by the same 30/min write quota as /engram/v1/memories,
1341
+ // suggestions, and observe; list/get are pure reads and stay uncounted
1342
+ // (review P2: apply write quotas to decision writes).
1343
+ const body = await this.readJsonBody(req);
1344
+ const isWriteSubcommand =
1345
+ body.subcommand === "record" || body.subcommand === "supersede";
1346
+ if (isWriteSubcommand) {
1347
+ this.ensureWriteRateLimitAvailable();
1348
+ }
1349
+ const op = getOperation("coding_decision");
1350
+ if (!op) {
1351
+ throw new EngramAccessInputError("access-boundary: operation not registered: coding_decision");
1352
+ }
1353
+ const output = (await op.run(body, {
1354
+ service: this.service,
1355
+ authenticatedPrincipal: this.resolveRequestPrincipal(req),
1356
+ })) as { result: unknown };
1357
+ if (isWriteSubcommand) {
1358
+ this.recordWriteRateLimitHit();
1359
+ }
1360
+ this.respondJson(res, 200, output.result);
1361
+ return;
1362
+ }
1363
+
1334
1364
  if (req.method === "POST" && pathname === "/engram/v1/suggestions") {
1335
1365
  const body = await this.readValidatedBody(req, "suggestionSubmit");
1336
1366
  const request = {
@@ -2183,6 +2213,13 @@ export class EngramAccessHttpServer {
2183
2213
  typeof toolArgs === "object" &&
2184
2214
  !Array.isArray(toolArgs) &&
2185
2215
  (toolArgs as { dryRun?: unknown }).dryRun === true;
2216
+ const codingDecisionWrite =
2217
+ (toolName === "engram.coding_decision" || toolName === "remnic.coding_decision") &&
2218
+ toolArgs !== null &&
2219
+ typeof toolArgs === "object" &&
2220
+ !Array.isArray(toolArgs) &&
2221
+ ((toolArgs as { subcommand?: unknown }).subcommand === "record" ||
2222
+ (toolArgs as { subcommand?: unknown }).subcommand === "supersede");
2186
2223
  const isMcpWrite =
2187
2224
  request.method === "tools/call" &&
2188
2225
  (
@@ -2210,7 +2247,8 @@ export class EngramAccessHttpServer {
2210
2247
  toolName === "engram.memory_action_apply" ||
2211
2248
  toolName === "remnic.memory_action_apply"
2212
2249
  )
2213
- )
2250
+ ) ||
2251
+ codingDecisionWrite
2214
2252
  );
2215
2253
  if (isMcpWrite) {
2216
2254
  this.ensureWriteRateLimitAvailable();
package/src/access-mcp.ts CHANGED
@@ -109,6 +109,7 @@ const MCP_MIGRATED_OPERATIONS: Readonly<Record<string, OperationName>> = {
109
109
  "engram.memory_get": "memory_get",
110
110
  "engram.memory_search": "memory_search",
111
111
  "engram.memory_store": "memory_store",
112
+ "engram.coding_decision": "coding_decision",
112
113
  };
113
114
 
114
115
  function resolveChatGptInspectorRecallSessionKey(
@@ -304,7 +305,9 @@ export class EngramMcpServer {
304
305
  */
305
306
  private initSessionIds = new Map<string, string>();
306
307
 
307
- /** Whether oai-mem-citation guidance is explicitly enabled via config. */
308
+ /**
309
+ * Whether oai-mem-citation guidance is explicitly enabled via config.
310
+ */
308
311
  private readonly citationsEnabled: boolean;
309
312
  /** Whether to auto-enable citations for Codex adapter connections. */
310
313
  private readonly citationsAutoDetect: boolean;
@@ -314,6 +317,13 @@ export class EngramMcpServer {
314
317
  * set false to halve the advertised `tools/list` surface.
315
318
  */
316
319
  private readonly emitLegacyTools: boolean;
320
+ /**
321
+ * Whether the `coding_decision` tool should appear in `tools/list`. Gated on
322
+ * `codingKnowledge.enabled && codingKnowledge.decisionRecords` (issue #1548
323
+ * Track A PR 2, rule 39). When false the tools array is byte-identical to
324
+ * pre-feature.
325
+ */
326
+ private readonly codingDecisionVisible: boolean;
317
327
 
318
328
  constructor(
319
329
  private readonly service: EngramAccessService,
@@ -322,11 +332,13 @@ export class EngramMcpServer {
322
332
  citationsEnabled?: boolean;
323
333
  citationsAutoDetect?: boolean;
324
334
  emitLegacyTools?: boolean;
335
+ codingDecisionVisible?: boolean;
325
336
  } = {},
326
337
  ) {
327
338
  this.citationsEnabled = options.citationsEnabled === true;
328
339
  this.citationsAutoDetect = options.citationsAutoDetect !== false;
329
340
  this.emitLegacyTools = options.emitLegacyTools !== false;
341
+ this.codingDecisionVisible = options.codingDecisionVisible === true;
330
342
  this.authenticatedPrincipal =
331
343
  options.principal?.trim() ||
332
344
  readEnvVar("OPENCLAW_ENGRAM_ACCESS_PRINCIPAL")?.trim() ||
@@ -1946,6 +1958,47 @@ export class EngramMcpServer {
1946
1958
  },
1947
1959
  },
1948
1960
  ].flatMap((tool) => withToolAliases(tool, this.emitLegacyTools));
1961
+ if (this.codingDecisionVisible) {
1962
+ const codingDecisionTools = withToolAliases(
1963
+ {
1964
+ name: "engram.coding_decision",
1965
+ description:
1966
+ "List, get, record, or supersede decision records in the session's coding namespace (issue #1548 Track A). Subcommands: list, get, record, supersede.",
1967
+ inputSchema: {
1968
+ type: "object",
1969
+ properties: {
1970
+ subcommand: {
1971
+ type: "string",
1972
+ enum: ["list", "get", "record", "supersede"],
1973
+ description: "Which decision-record operation to run.",
1974
+ },
1975
+ sessionKey: { type: "string", description: "Session identifier whose coding context scopes the operation." },
1976
+ namespace: { type: "string", description: "Optional explicit namespace (overrides coding-context overlay)." },
1977
+ id: { type: "string", description: "Decision record id (required for get and supersede)." },
1978
+ title: { type: "string", description: "Decision title (required for record and supersede)." },
1979
+ status: {
1980
+ type: "string",
1981
+ enum: ["proposed", "accepted", "superseded", "rejected"],
1982
+ description: "Decision status (record only; defaults to proposed).",
1983
+ },
1984
+ context: { type: "string", description: "Context/background for the decision." },
1985
+ decision: { type: "string", description: "The decision itself (required for record and supersede)." },
1986
+ consequences: { type: "string", description: "Consequences of the decision." },
1987
+ entityRefs: {
1988
+ type: "array",
1989
+ items: { type: "string" },
1990
+ description: "Entity references the decision relates to.",
1991
+ },
1992
+ supersedesId: { type: "string", description: "Id of the record this decision supersedes (supersede only)." },
1993
+ },
1994
+ required: ["subcommand"],
1995
+ additionalProperties: false,
1996
+ },
1997
+ },
1998
+ this.emitLegacyTools,
1999
+ );
2000
+ this.tools = [...this.tools, ...codingDecisionTools];
2001
+ }
1949
2002
  }
1950
2003
 
1951
2004
  /** Get clientInfo for a specific MCP session. Returns undefined for non-MCP requests. */
@@ -20,6 +20,11 @@ import type {
20
20
  EngramAccessMemoryResponse,
21
21
  EngramAccessWriteResponse,
22
22
  } from "./access-service.js";
23
+ import {
24
+ DECISION_SUBCOMMANDS,
25
+ type DecisionSurfaceRequest,
26
+ type DecisionSurfaceResponse,
27
+ } from "./coding/decision-surfaces.js";
23
28
 
24
29
  // ---------------------------------------------------------------------------
25
30
  // memory_get — fetch one memory by id
@@ -135,12 +140,72 @@ export const memoryStoreOperation = defineOperation<MemoryStoreInput, MemoryStor
135
140
  // so the hook still fires inside the service's idempotent-write lock —
136
141
  // never before, never on a replay (#1434 invariant preserved by the
137
142
  // boundary migration).
143
+
138
144
  ctx.hooks,
139
145
  );
140
146
  return { result };
141
147
  },
142
148
  });
143
149
 
150
+ // ---------------------------------------------------------------------------
151
+ // coding_decision — decision-record surfaces (issue #1548 Track A PR 2)
152
+ // ---------------------------------------------------------------------------
153
+
154
+ /**
155
+ * The subcommand field is required and MUST be one of the four valid values
156
+ * (rule 51 — reject loudly, list the options, never silently default). The
157
+ * remaining fields are optional because each subcommand uses a different
158
+ * subset; the handler validates subcommand-specific requirements after
159
+ * routing.
160
+ */
161
+ /**
162
+ * MCP clients send `null` for absent optional fields. Zod `.optional()`
163
+ * rejects `null`, so strip nulls at the object level before the inner
164
+ * schema validates (review: cursor null-field thread).
165
+ */
166
+ const codingDecisionSchema = z.preprocess(
167
+ (data) => {
168
+ if (data && typeof data === "object" && !Array.isArray(data)) {
169
+ const out: Record<string, unknown> = {};
170
+ for (const [k, v] of Object.entries(data as Record<string, unknown>)) {
171
+ if (v !== null) out[k] = v;
172
+ }
173
+ return out;
174
+ }
175
+ return data;
176
+ },
177
+ z.object({
178
+ subcommand: z.enum(DECISION_SUBCOMMANDS),
179
+ sessionKey: z.string().trim().max(512).optional(),
180
+ namespace: z.string().trim().max(256).optional(),
181
+ id: z.string().trim().max(512).optional(),
182
+ title: z.string().trim().max(512).optional(),
183
+ status: z.string().trim().max(64).optional(),
184
+ context: z.string().trim().max(8192).optional(),
185
+ decision: z.string().trim().max(8192).optional(),
186
+ consequences: z.string().trim().max(8192).optional(),
187
+ entityRefs: z.array(z.string().trim().min(1).max(256)).optional(),
188
+ supersedesId: z.string().trim().max(512).optional(),
189
+ }),
190
+ );
191
+
192
+ export type CodingDecisionInput = DecisionSurfaceRequest;
193
+ export type CodingDecisionOutput = { result: DecisionSurfaceResponse };
194
+
195
+ export const codingDecisionOperation = defineOperation<
196
+ CodingDecisionInput,
197
+ CodingDecisionOutput
198
+ >({
199
+ name: "coding_decision",
200
+ description:
201
+ "List, get, record, or supersede decision records in the session's coding namespace (issue #1548 Track A).",
202
+ schema: codingDecisionSchema as z.ZodType<CodingDecisionInput>,
203
+ handler: async (input, ctx) => {
204
+ const result = await ctx.service.codingDecision(input, ctx.authenticatedPrincipal);
205
+ return { result };
206
+ },
207
+ });
208
+
144
209
  // ---------------------------------------------------------------------------
145
210
  // Surface registration map — what each transport calls the pilot ops
146
211
  // ---------------------------------------------------------------------------
@@ -154,4 +219,5 @@ export const REGISTERED_OPERATIONS = [
154
219
  memoryGetOperation.spec.name,
155
220
  memorySearchOperation.spec.name,
156
221
  memoryStoreOperation.spec.name,
222
+ codingDecisionOperation.spec.name,
157
223
  ] as const;
@@ -12,7 +12,13 @@ import {
12
12
  lcmSessionKeyForNamespace,
13
13
  projectTagProjectId,
14
14
  resolveCodingNamespaceOverlay,
15
+ type CodingNamespaceOverlay,
15
16
  } from "./coding/coding-namespace.js";
17
+ import {
18
+ handleCodingDecision,
19
+ type DecisionSurfaceRequest,
20
+ type DecisionSurfaceResponse,
21
+ } from "./coding/decision-surfaces.js";
16
22
  import { WorkStorage } from "./work/storage.js";
17
23
  import {
18
24
  exportWorkBoardMarkdown,
@@ -59,6 +65,7 @@ import { canReadNamespace, canWriteNamespace, defaultNamespaceForPrincipal, reca
59
65
  import {
60
66
  expandScopeProfileReadNamespaces,
61
67
  resolveScopeProfilePlan,
68
+ type ResolvedScopeProfilePlan,
62
69
  type ScopeProfileLayerResolution,
63
70
  type ScopeProfilePromotionResolution,
64
71
  } from "./namespaces/scope-profiles.js";
@@ -1346,74 +1353,29 @@ export class EngramAccessService {
1346
1353
  return null;
1347
1354
  }
1348
1355
 
1349
- /**
1350
- * Resolve the write namespace for explicit-write tools (memory_store /
1351
- * suggestion_submit), project-scoping the write the same way recall does so a
1352
- * memory stored with a client-injected `cwd`/`projectTag` is discoverable by
1353
- * project-scoped recall (#1434, rule 42).
1354
- *
1355
- * Precedence:
1356
- * - An explicit `namespace` always wins and is authorized strictly via
1357
- * `resolveWritableNamespace` → `canWriteNamespace`. A coding-overlay
1358
- * namespace string (`<base>-project-*`) is NOT a writable target via the
1359
- * explicit field — project scoping is requested with `cwd`/`projectTag`,
1360
- * never by naming the derived namespace — so there is no way to bypass the
1361
- * policy allow-list by guessing/forging an overlay name (Codex review).
1362
- * - With NO coding overlay, the write stays on `config.defaultNamespace` —
1363
- * exactly the pre-#1434 behavior, so an unqualified write is NOT silently
1364
- * moved to a principal self namespace (Codex review).
1365
- * - WITH a coding overlay, the base is the principal self namespace
1366
- * (`defaultNamespaceForPrincipal`, write-checked) — the SAME base recall,
1367
- * observe, and the orchestrator buffer-flush write path overlay onto
1368
- * (rule 42 / Cursor) — so a project-scoped store lands exactly where
1369
- * project-scoped recall searches. The overlay namespace is always REBUILT
1370
- * from the authenticated principal's base, never accepted as a caller
1371
- * string, so a caller can never reach another principal's subtree.
1372
- *
1373
- * Read-only: this NEVER mutates session coding context, so the idempotency
1374
- * peeks and dryRun preflights that call it stay side-effect free (Codex
1375
- * review). It prefers the per-call `cwd`/`projectTag` (the project explicitly
1376
- * identified for this write), else the session's existing context. The HTTP
1377
- * surface lets the peek and the write each resolve independently; the peek's
1378
- * namespace only gates rate-limiting (memory_store/suggestion_submit run their
1379
- * own idempotency check), so a benign session-context change between the two
1380
- * never fails a write — there is no namespace to "pin".
1381
- */
1382
- private async resolveCodingScopedWriteNamespace(
1356
+ /** Shared coding-scope derivation for the read/write resolvers below —
1357
+ * coding context, overlay, principal, scope-profile plan for an IMPLICIT
1358
+ * request, IDENTICAL to recall precedence (session-first, per-call fallback)
1359
+ * so a scoped store is discoverable by scoped recall (#1434). Single source
1360
+ * of truth for the namespacesEnabled/projectScope gates (rule 22; keeps the
1361
+ * scattered-config-read ratchet flat). READ-ONLY: never mutates session. */
1362
+ private async resolveCodingScopeInputs(
1383
1363
  request: CodingScopedWriteInput & {
1384
1364
  namespace?: string;
1385
1365
  sessionKey?: string;
1386
1366
  authenticatedPrincipal?: string;
1387
1367
  },
1388
- ): Promise<string> {
1389
- const hasExplicitNamespace =
1390
- typeof request.namespace === "string" && request.namespace.trim().length > 0;
1391
- if (hasExplicitNamespace) {
1392
- return this.resolveWritableNamespace(
1393
- request.namespace,
1394
- request.sessionKey,
1395
- request.authenticatedPrincipal,
1396
- );
1397
- }
1398
- // Project scoping only applies when namespaces are enabled (else overlaying
1399
- // would create false isolation over a single storage dir) and projectScope
1400
- // is on. The coding context MUST be resolved exactly as the recall path
1401
- // resolves it, or a scoped store won't be discoverable by scoped recall
1402
- // (the whole point of #1434). Recall calls `maybeAttachCodingContext`, which
1403
- // returns early when the session already has a context — so recall is
1404
- // SESSION-FIRST: an existing session binding wins, and the per-call
1405
- // cwd/projectTag is only used to seed a context when none is attached yet.
1406
- // Mirror that precedence here: session context first, per-call as fallback
1407
- // (Codex review — a per-call-wins write would land in a project that the
1408
- // same session's recall, still on the bound project, never searches).
1409
- //
1368
+ ): Promise<{
1369
+ principal: string | undefined;
1370
+ codingContext: CodingContext | null;
1371
+ overlay: CodingNamespaceOverlay | null;
1372
+ profilePlan: ResolvedScopeProfilePlan | null;
1373
+ }> {
1410
1374
  // A sessionKey is REQUIRED to apply the overlay. The recall path can only
1411
- // attach/look up coding context per session (`maybeAttachCodingContext` and
1412
- // `applyCodingNamespaceOverlay` both no-op without a sessionKey), so a
1413
- // sessionless recall always searches the base namespace. A sessionless
1414
- // write must therefore also stay on the base — otherwise a client that
1415
- // injects cwd/projectTag but no sessionKey would store into
1416
- // `default-project-*` that its own recall never searches (Codex review).
1375
+ // attach/look up coding context per session, so a sessionless recall always
1376
+ // searches the base namespace; a sessionless write/read must too — otherwise
1377
+ // a client that injects cwd/projectTag but no sessionKey would land in a
1378
+ // `default-project-*` namespace its own recall never searches (Codex review).
1417
1379
  const hasSession =
1418
1380
  typeof request.sessionKey === "string" && request.sessionKey.length > 0;
1419
1381
  const codingContext =
@@ -1443,6 +1405,35 @@ export class EngramAccessService {
1443
1405
  codingContext,
1444
1406
  codingOverlay: overlay,
1445
1407
  });
1408
+ return { principal, codingContext, overlay, profilePlan };
1409
+ }
1410
+
1411
+ /**
1412
+ * Resolve the write namespace for explicit-write tools (memory_store /
1413
+ * suggestion_submit), project-scoping the write the same way recall does so a
1414
+ * memory stored with a client-injected `cwd`/`projectTag` is discoverable by
1415
+ * project-scoped recall (#1434, rule 42). Shared derivation lives in
1416
+ * {@link resolveCodingScopeInputs}; this method enforces the WRITE acl
1417
+ * (`canWriteNamespace` / profile-layer writability). Read-only: never mutates
1418
+ * session coding context.
1419
+ */
1420
+ private async resolveCodingScopedWriteNamespace(
1421
+ request: CodingScopedWriteInput & {
1422
+ namespace?: string;
1423
+ sessionKey?: string;
1424
+ authenticatedPrincipal?: string;
1425
+ },
1426
+ ): Promise<string> {
1427
+ const hasExplicitNamespace =
1428
+ typeof request.namespace === "string" && request.namespace.trim().length > 0;
1429
+ if (hasExplicitNamespace) {
1430
+ return this.resolveWritableNamespace(
1431
+ request.namespace,
1432
+ request.sessionKey,
1433
+ request.authenticatedPrincipal,
1434
+ );
1435
+ }
1436
+ const { principal, overlay, profilePlan } = await this.resolveCodingScopeInputs(request);
1446
1437
  if (profilePlan) {
1447
1438
  const selectedLayer = profilePlan.layers.find((layer) => layer.id === profilePlan.writeLayer);
1448
1439
  const writeNamespaceReadable =
@@ -1475,6 +1466,60 @@ export class EngramAccessService {
1475
1466
  return combineNamespaces(base, overlay.namespace);
1476
1467
  }
1477
1468
 
1469
+ /** Read-side mirror of {@link resolveCodingScopedWriteNamespace}. Decision
1470
+ * `list`/`get` use this so a record written by a project-scoped session is
1471
+ * listable/fetchable by the SAME session without manually supplying the
1472
+ * overlaid namespace (review P2). Derivation is IDENTICAL to the write path
1473
+ * (shared via {@link resolveCodingScopeInputs}); the only difference is the
1474
+ * ACL — reads enforce {@link canReadNamespace}, so a read-but-not-write
1475
+ * principal can still list/fetch (rule 42). */
1476
+ private async resolveCodingScopedReadableNamespace(
1477
+ request: CodingScopedWriteInput & {
1478
+ namespace?: string;
1479
+ sessionKey?: string;
1480
+ authenticatedPrincipal?: string;
1481
+ },
1482
+ ): Promise<string> {
1483
+ const principal = this.resolveRequestPrincipal(
1484
+ request.sessionKey,
1485
+ request.authenticatedPrincipal,
1486
+ );
1487
+ const hasExplicitNamespace =
1488
+ typeof request.namespace === "string" && request.namespace.trim().length > 0;
1489
+ if (hasExplicitNamespace) {
1490
+ return this.resolveReadableNamespace(request.namespace, principal);
1491
+ }
1492
+ const inputs = await this.resolveCodingScopeInputs(request);
1493
+ const { overlay, profilePlan, principal: resolvedPrincipal } = inputs;
1494
+ if (profilePlan) {
1495
+ // The write layer is the namespace decisions are RECORDED under. The
1496
+ // WRITE path authorizes it through the profile plan (selectedLayer.
1497
+ // writable AND readNamespaces.includes(writeNamespace)), NOT the raw
1498
+ // namespace ACL, so the READ path must use the SAME profile-plan
1499
+ // authorization. canReadNamespace only recognizes explicit policies
1500
+ // plus default/shared namespaces, which would reject a profile-granted
1501
+ // layer the same session just wrote through (review P2: scope-profile
1502
+ // read authorization for decision reads; rule 42).
1503
+ const target = profilePlan.writeNamespace;
1504
+ if (!profilePlan.readNamespaces.includes(target)) {
1505
+ throw new EngramAccessInputError(`namespace is not readable: ${target}`);
1506
+ }
1507
+ return target;
1508
+ }
1509
+ if (!overlay) {
1510
+ // No coding overlay → read the base namespace through the standard read
1511
+ // ACL, identical to memory_get with no explicit namespace.
1512
+ return this.resolveReadableNamespace(undefined, resolvedPrincipal);
1513
+ }
1514
+ // Coding overlay → overlay onto the principal self base, the SAME namespace
1515
+ // the write path writes to, then enforce the read ACL.
1516
+ const base = defaultNamespaceForPrincipal(resolvedPrincipal, this.orchestrator.config);
1517
+ if (!canReadNamespace(resolvedPrincipal, base, this.orchestrator.config)) {
1518
+ throw new EngramAccessInputError(`namespace is not readable: ${base}`);
1519
+ }
1520
+ return combineNamespaces(base, overlay.namespace);
1521
+ }
1522
+
1478
1523
  /**
1479
1524
  * Resolve ONE effective memory scope plan for a write-producing request
1480
1525
  * (#1495 / seed for epic #1494). The returned {@link MemoryScopePlan} is the
@@ -4401,6 +4446,45 @@ export class EngramAccessService {
4401
4446
  };
4402
4447
  }
4403
4448
 
4449
+ /** Whether the coding_decision tool should appear in tools/list (rule 39). */
4450
+ get decisionRecordSurfaceVisible(): boolean {
4451
+ return this.orchestrator.config.codingKnowledge?.enabled === true
4452
+ && this.orchestrator.config.codingKnowledge?.decisionRecords === true;
4453
+ }
4454
+ /**
4455
+ * Thin delegate — handler logic in coding/decision-surfaces.ts (#1548 PR2).
4456
+ * All three surfaces (MCP/HTTP/CLI) arrive here via the boundary operation.
4457
+ * Namespace resolution uses the SAME path as memory_store (principal ACL +
4458
+ * coding overlay + default fallback) so decision records land in the same
4459
+ * storage root.
4460
+ */
4461
+ async codingDecision(
4462
+ request: DecisionSurfaceRequest,
4463
+ authenticatedPrincipal?: string,
4464
+ ): Promise<DecisionSurfaceResponse> {
4465
+ return handleCodingDecision(request, {
4466
+ codingKnowledge: this.orchestrator.config.codingKnowledge,
4467
+ getCodingContext: (sk) => this.orchestrator.getCodingContextForSession(sk),
4468
+ resolveStorage: async (req) => {
4469
+ const isWrite = req.subcommand === "record" || req.subcommand === "supersede";
4470
+ const ns = isWrite
4471
+ ? await this.resolveCodingScopedWriteNamespace({
4472
+ namespace: req.namespace,
4473
+ sessionKey: req.sessionKey,
4474
+ authenticatedPrincipal,
4475
+ })
4476
+ : await this.resolveCodingScopedReadableNamespace({
4477
+ namespace: req.namespace,
4478
+ sessionKey: req.sessionKey,
4479
+ authenticatedPrincipal,
4480
+ });
4481
+ const storage = await this.orchestrator.getStorage(ns);
4482
+ return Object.assign(storage, { namespace: ns });
4483
+ },
4484
+ throwInputError: (msg) => { throw new EngramAccessInputError(msg); },
4485
+ });
4486
+ }
4487
+
4404
4488
  async memoryBrowse(
4405
4489
  request: EngramAccessMemoryBrowseRequest = {},
4406
4490
  ): Promise<EngramAccessMemoryBrowseResponse> {
@@ -8264,3 +8348,4 @@ export class EngramAccessService {
8264
8348
  });
8265
8349
  }
8266
8350
  }
8351
+
@@ -67,7 +67,7 @@ function shortToolName(advertised: string): string {
67
67
  /** Spin up a server with emitLegacyTools=true and read the deduped short names. */
68
68
  async function liveMcpToolShortNames(): Promise<ReadonlySet<string>> {
69
69
  const stub = { briefingEnabled: true } as unknown as EngramAccessService;
70
- const server = new EngramMcpServer(stub, { emitLegacyTools: true });
70
+ const server = new EngramMcpServer(stub, { emitLegacyTools: true, codingDecisionVisible: true });
71
71
  const response = await server.handleRequest({ jsonrpc: "2.0", id: 1, method: "tools/list" });
72
72
  const result = (response as { result?: { tools?: Array<{ name: string }> } }).result;
73
73
  const names = new Set<string>();