@remnic/plugin-openclaw 1.0.10 → 1.0.12

package/dist/chunk-4LYQ4ONL.js

@@ -0,0 +1,185 @@
+import {
+  external_exports
+} from "./chunk-EXDYWXMB.js";
+
+// ../remnic-core/src/transfer/types.ts
+var ExportManifestV1Schema = external_exports.object({
+  format: external_exports.literal("openclaw-engram-export"),
+  schemaVersion: external_exports.literal(1),
+  createdAt: external_exports.string(),
+  pluginVersion: external_exports.string(),
+  includesTranscripts: external_exports.boolean(),
+  files: external_exports.array(
+    external_exports.object({
+      path: external_exports.string(),
+      sha256: external_exports.string(),
+      bytes: external_exports.number().int().nonnegative()
+    })
+  )
+});
+var ExportMemoryRecordV1Schema = external_exports.object({
+  path: external_exports.string(),
+  content: external_exports.string()
+});
+var ExportBundleV1Schema = external_exports.object({
+  manifest: ExportManifestV1Schema,
+  records: external_exports.array(ExportMemoryRecordV1Schema)
+});
+var CAPSULE_ID_PATTERN = /^[A-Za-z0-9](?:[A-Za-z0-9]|-(?!-))*[A-Za-z0-9]$|^[A-Za-z0-9]$/;
+var CapsuleIdSchema = external_exports.string().min(1, "capsule.id must not be empty").max(64, "capsule.id must be 64 characters or fewer").regex(
+  CAPSULE_ID_PATTERN,
+  "capsule.id must be alphanumeric with single dashes (no spaces, no leading/trailing dashes)"
+);
+var SemverLikeSchema = external_exports.string().min(1, "capsule.version must not be empty").regex(
+  /^\d+\.\d+\.\d+(?:-[0-9A-Za-z.-]+)?(?:\+[0-9A-Za-z.-]+)?$/,
+  "capsule.version must be a semver-like string (e.g. 1.0.0)"
+);
+var CapsuleRetrievalPolicySchema = external_exports.object({
+  /**
+   * Per-tier weight overrides applied during recall when the capsule is the
+   * active scope. Keys are tier names (e.g. `bm25`, `vector`, `graph`); values
+   * are non-negative finite multipliers. The set of valid keys is left open
+   * for now so future tiers do not break older manifests.
+   */
+  tierWeights: external_exports.record(
+    external_exports.string().min(1),
+    external_exports.number().finite().nonnegative()
+  ),
+  /**
+   * Whether the direct-answer fast path is allowed when this capsule is
+   * active. Operators may disable it for capsules whose contents should
+   * always flow through the full retrieval pipeline.
+   */
+  directAnswerEnabled: external_exports.boolean()
+});
+var CapsuleIncludesSchema = external_exports.object({
+  taxonomy: external_exports.boolean(),
+  identityAnchors: external_exports.boolean(),
+  peerProfiles: external_exports.boolean(),
+  procedural: external_exports.boolean()
+});
+var CapsuleParentSchema = external_exports.object({
+  capsuleId: CapsuleIdSchema,
+  version: SemverLikeSchema,
+  /**
+   * Posix-relative path prefix under the fork's memory root where the parent
+   * capsule's records were placed. Typically `forks/<parent-capsule-id>`.
+   * Must be a non-empty string with no leading slash.
+   */
+  forkRoot: external_exports.string().min(1, "capsule.parent.forkRoot must not be empty").refine((v) => !v.startsWith("/"), {
+    message: "capsule.parent.forkRoot must be a relative path (no leading slash)"
+  })
+});
+var CapsuleBlockSchema = external_exports.object({
+  id: CapsuleIdSchema,
+  version: SemverLikeSchema,
+  /**
+   * Taxonomy schema version the capsule was authored against. Free-form for
+   * now; later PRs may tighten this to a known taxonomy registry.
+   */
+  schemaVersion: external_exports.string().min(1, "capsule.schemaVersion must not be empty"),
+  /**
+   * Optional reference to the parent capsule this one was forked or derived
+   * from. `null` (not `undefined`) is the explicit "no parent" sentinel so
+   * that round-trips through JSON do not silently drop the field.
+   *
+   * @deprecated Prefer {@link parent} (structured). This field is preserved
+   *   for backward compatibility with V2 manifests written before PR 4/6.
+   */
+  parentCapsule: external_exports.string().min(1).nullable(),
+  /**
+   * Structured fork-lineage pointer added in PR 4/6. When present, this
+   * capsule is a fork of the described parent. `null` is the explicit
+   * "not a fork" sentinel — round-trips through JSON cleanly without
+   * silently dropping the field.
+   *
+   * Defaults to `null` so that V2 manifests written before PR 4/6 (which
+   * omit this field) still parse without error. This preserves backward
+   * compatibility with the existing `makeV2Manifest()` test fixtures and
+   * any in-the-wild V2 archives produced by PR 2/6 and PR 3/6.
+   *
+   * Invariant: when `parent` is non-null, `parentCapsule` SHOULD equal
+   * `parent.capsuleId` for backward compatibility with readers that only
+   * understand the legacy field. `forkCapsule()` sets both.
+   */
+  parent: CapsuleParentSchema.nullable().default(null),
+  description: external_exports.string(),
+  retrievalPolicy: CapsuleRetrievalPolicySchema,
+  includes: CapsuleIncludesSchema
+});
+var ExportManifestV2Schema = external_exports.object({
+  format: external_exports.literal("openclaw-engram-export"),
+  schemaVersion: external_exports.literal(2),
+  createdAt: external_exports.string(),
+  pluginVersion: external_exports.string(),
+  includesTranscripts: external_exports.boolean(),
+  files: external_exports.array(
+    external_exports.object({
+      path: external_exports.string(),
+      sha256: external_exports.string(),
+      bytes: external_exports.number().int().nonnegative()
+    })
+  ),
+  capsule: CapsuleBlockSchema
+});
+var ExportBundleV2Schema = external_exports.object({
+  manifest: ExportManifestV2Schema,
+  records: external_exports.array(ExportMemoryRecordV1Schema)
+});
+function parseExportManifest(input) {
+  const version = typeof input === "object" && input !== null ? input.schemaVersion : void 0;
+  if (version === 2) {
+    const manifest = ExportManifestV2Schema.parse(input);
+    return {
+      capsuleVersion: 2,
+      manifest,
+      capsule: manifest.capsule
+    };
+  }
+  if (version === 1) {
+    const manifest = ExportManifestV1Schema.parse(input);
+    return { capsuleVersion: 1, manifest, capsule: null };
+  }
+  const v1 = ExportManifestV1Schema.safeParse(input);
+  if (v1.success) {
+    return { capsuleVersion: 1, manifest: v1.data, capsule: null };
+  }
+  const v2 = ExportManifestV2Schema.safeParse(input);
+  if (v2.success) {
+    return {
+      capsuleVersion: 2,
+      manifest: v2.data,
+      capsule: v2.data.capsule
+    };
+  }
+  throw v2.error;
+}
+function parseExportBundle(input) {
+  if (typeof input !== "object" || input === null) {
+    ExportBundleV1Schema.parse(input);
+    throw new Error("unreachable");
+  }
+  const manifestRaw = input.manifest;
+  const normalized = parseExportManifest(manifestRaw);
+  if (normalized.capsuleVersion === 2) {
+    const bundle2 = ExportBundleV2Schema.parse(input);
+    return { capsuleVersion: 2, bundle: bundle2, capsule: bundle2.manifest.capsule };
+  }
+  const bundle = ExportBundleV1Schema.parse(input);
+  return { capsuleVersion: 1, bundle, capsule: null };
+}
+
+export {
+  ExportManifestV1Schema,
+  ExportMemoryRecordV1Schema,
+  ExportBundleV1Schema,
+  CAPSULE_ID_PATTERN,
+  CapsuleRetrievalPolicySchema,
+  CapsuleIncludesSchema,
+  CapsuleParentSchema,
+  CapsuleBlockSchema,
+  ExportManifestV2Schema,
+  ExportBundleV2Schema,
+  parseExportManifest,
+  parseExportBundle
+};

package/dist/chunk-6F6EKSVP.js

@@ -0,0 +1,453 @@
+import {
+  buildHeaderFromPassphrase,
+  deriveKeyFromHeader,
+  getKey,
+  headerPath,
+  lock,
+  readHeader,
+  secureStoreDir,
+  status,
+  unlock,
+  verifyKey,
+  writeHeader
+} from "./chunk-CXM7EBAO.js";
+import {
+  DEFAULT_ARGON2ID_PARAMS,
+  DEFAULT_SCRYPT_PARAMS,
+  KDF_SALT_LENGTH
+} from "./chunk-6IWEAUN6.js";
+import {
+  decryptMemoryDirToPlaintext,
+  migrateMemoryDirToEncrypted
+} from "./chunk-RKR6PTPA.js";
+import {
+  generateSalt
+} from "./chunk-YGGGUTG3.js";
+
+// ../remnic-core/src/secure-store/cli-handlers.ts
+async function runSecureStoreInit(options) {
+  const { memoryDir, readPassphrase } = options;
+  if (typeof memoryDir !== "string" || memoryDir.length === 0) {
+    throw new Error("secure-store init: memoryDir is required");
+  }
+  const existing = await readHeader(memoryDir);
+  if (existing !== null) {
+    throw new Error(
+      `secure-store header already exists at ${headerPath(memoryDir)}. Run 'remnic secure-store status' to inspect, or remove the .secure-store directory explicitly to reinitialize.`
+    );
+  }
+  const passphrase = await readPassphrase("Enter new passphrase: ", { confirm: true });
+  validatePassphrase(passphrase);
+  const algorithm = options.algorithm ?? "argon2id";
+  const params = resolveParams(algorithm, options.params);
+  const salt = options.salt ?? generateSalt();
+  if (salt.length !== KDF_SALT_LENGTH) {
+    throw new Error(`salt must be ${KDF_SALT_LENGTH} bytes, got ${salt.length}`);
+  }
+  const built = buildHeaderFromPassphrase({
+    passphrase,
+    salt,
+    algorithm,
+    params,
+    ...options.note !== void 0 ? { note: options.note } : {},
+    ...options.now ? { createdAt: options.now().toISOString() } : {}
+  });
+  built.derivedKey.fill(0);
+  const writtenPath = await writeHeader(memoryDir, built.header);
+  return {
+    ok: true,
+    headerPath: writtenPath,
+    kdf: built.header.metadata.kdf,
+    createdAt: built.header.createdAt
+  };
+}
+async function runSecureStoreUnlock(options) {
+  const { memoryDir, readPassphrase } = options;
+  const header = await readHeader(memoryDir);
+  if (!header) {
+    return { ok: false, reason: "not-initialized" };
+  }
+  const passphrase = await readPassphrase("Enter passphrase: ");
+  validatePassphrase(passphrase);
+  const candidateKey = deriveKeyFromHeader(header, passphrase);
+  if (!verifyKey(header, candidateKey)) {
+    candidateKey.fill(0);
+    return { ok: false, reason: "wrong-passphrase" };
+  }
+  const id = options.keyringId ?? secureStoreDir(memoryDir);
+  const now = options.now ?? (() => /* @__PURE__ */ new Date());
+  unlock(id, candidateKey, now);
+  const status2 = status(id);
+  return {
+    ok: true,
+    unlockedAt: status2.unlockedAt ?? now().toISOString(),
+    algorithm: header.metadata.kdf.algorithm
+  };
+}
+function runSecureStoreLock(options) {
+  const id = options.keyringId ?? secureStoreDir(options.memoryDir);
+  const cleared = lock(id);
+  return { ok: true, cleared };
+}
+async function runSecureStoreMigrate(options) {
+  const { memoryDir } = options;
+  const header = await readHeader(memoryDir);
+  if (!header) {
+    return {
+      ok: false,
+      reason: "not-initialized",
+      encrypted: 0,
+      skipped: 0,
+      errors: []
+    };
+  }
+  const id = options.keyringId ?? secureStoreDir(memoryDir);
+  const key = getKey(id);
+  if (key === null) {
+    return {
+      ok: false,
+      reason: "locked",
+      encrypted: 0,
+      skipped: 0,
+      errors: []
+    };
+  }
+  const result = await migrateMemoryDirToEncrypted(memoryDir, key);
+  if (result.errors.length > 0) {
+    return { ok: false, reason: "file-errors", ...result };
+  }
+  return { ok: true, ...result };
+}
+async function runSecureStoreDisable(options) {
+  const { memoryDir } = options;
+  const header = await readHeader(memoryDir);
+  if (!header) {
+    return {
+      ok: false,
+      reason: "not-initialized",
+      decrypted: 0,
+      skipped: 0,
+      errors: []
+    };
+  }
+  const id = options.keyringId ?? secureStoreDir(memoryDir);
+  const key = getKey(id);
+  if (key === null) {
+    return {
+      ok: false,
+      reason: "locked",
+      decrypted: 0,
+      skipped: 0,
+      errors: []
+    };
+  }
+  const result = await decryptMemoryDirToPlaintext(memoryDir, key);
+  if (result.errors.length > 0) {
+    return { ok: false, reason: "file-errors", ...result };
+  }
+  return { ok: true, ...result };
+}
+async function runSecureStoreStatus(options) {
+  const { memoryDir } = options;
+  const id = options.keyringId ?? secureStoreDir(memoryDir);
+  const header = await readHeader(memoryDir);
+  const ks = status(id);
+  const target = headerPath(memoryDir);
+  if (!header) {
+    return {
+      initialized: false,
+      headerPath: target,
+      locked: !ks.unlocked,
+      unlockedAt: ks.unlockedAt,
+      kdf: null,
+      createdAt: null
+    };
+  }
+  return {
+    initialized: true,
+    headerPath: target,
+    locked: !ks.unlocked,
+    unlockedAt: ks.unlockedAt,
+    kdf: header.metadata.kdf,
+    createdAt: header.createdAt
+  };
+}
+var MIN_PASSPHRASE_LENGTH = 8;
+function validatePassphrase(passphrase) {
+  if (typeof passphrase !== "string") {
+    throw new Error("passphrase must be a string");
+  }
+  if (passphrase.length === 0) {
+    throw new Error("passphrase must not be empty");
+  }
+  if (passphrase.length < MIN_PASSPHRASE_LENGTH) {
+    throw new Error(`passphrase must be at least ${MIN_PASSPHRASE_LENGTH} characters`);
+  }
+}
+function resolveParams(algorithm, override) {
+  if (override !== void 0) return override;
+  if (algorithm === "scrypt") return { ...DEFAULT_SCRYPT_PARAMS };
+  return { ...DEFAULT_ARGON2ID_PARAMS };
+}
+
+// ../remnic-core/src/secure-store/cli-renderer.ts
+function renderInitReport(report) {
+  const lines = [];
+  lines.push("=== Remnic secure-store initialized ===");
+  lines.push("");
+  lines.push(`header: ${report.headerPath}`);
+  lines.push(`createdAt: ${report.createdAt}`);
+  lines.push(...renderKdfLines(report.kdf));
+  lines.push("");
+  lines.push("Note: init does NOT auto-unlock the store. Run");
+  lines.push("  remnic engram secure-store unlock");
+  lines.push("to register the master key with the running daemon.");
+  return lines.join("\n");
+}
+function renderUnlockReport(report) {
+  if (report.ok) {
+    return `OK \u2014 secure-store unlocked at ${report.unlockedAt} (algorithm=${report.algorithm}).`;
+  }
+  if (report.reason === "not-initialized") {
+    return "ERR \u2014 secure-store is not initialized. Run 'remnic engram secure-store init' first.";
+  }
+  return "ERR \u2014 wrong passphrase.";
+}
+function renderLockReport(report) {
+  if (report.cleared) {
+    return "OK \u2014 secure-store key cleared from in-memory keyring.";
+  }
+  return "OK \u2014 secure-store was already locked (no in-memory key to clear).";
+}
+function renderMigrateReport(report) {
+  if (!report.ok && report.reason === "not-initialized") {
+    return "ERR \u2014 secure-store is not initialized. Run 'remnic engram secure-store init' first.";
+  }
+  if (!report.ok && report.reason === "locked") {
+    return "ERR \u2014 secure-store is locked. Run 'remnic engram secure-store unlock' before migrate.";
+  }
+  const lines = [];
+  lines.push(report.ok ? "OK \u2014 secure-store migration complete." : "ERR \u2014 secure-store migration completed with file errors.");
+  lines.push(`encrypted: ${report.encrypted}`);
+  lines.push(`skipped: ${report.skipped}`);
+  lines.push(`errors: ${report.errors.length}`);
+  for (const entry of report.errors.slice(0, 10)) {
+    lines.push(`- ${entry.filePath}: ${entry.error}`);
+  }
+  if (report.errors.length > 10) {
+    lines.push(`- ... ${report.errors.length - 10} more error(s)`);
+  }
+  return lines.join("\n");
+}
+function renderDisableReport(report) {
+  if (!report.ok && report.reason === "not-initialized") {
+    return "ERR \u2014 secure-store is not initialized. Run 'remnic engram secure-store init' first.";
+  }
+  if (!report.ok && report.reason === "locked") {
+    return "ERR \u2014 secure-store is locked. Run 'remnic engram secure-store unlock' before disable.";
+  }
+  const lines = [];
+  lines.push(report.ok ? "OK \u2014 secure-store disable complete." : "ERR \u2014 secure-store disable completed with file errors.");
+  lines.push(`decrypted: ${report.decrypted}`);
+  lines.push(`skipped: ${report.skipped}`);
+  lines.push(`errors: ${report.errors.length}`);
+  for (const entry of report.errors.slice(0, 10)) {
+    lines.push(`- ${entry.filePath}: ${entry.error}`);
+  }
+  if (report.errors.length > 10) {
+    lines.push(`- ... ${report.errors.length - 10} more error(s)`);
+  }
+  lines.push("header: kept");
+  return lines.join("\n");
+}
+function renderStatusReport(report) {
+  const lines = [];
+  lines.push("=== Remnic secure-store status ===");
+  lines.push("");
+  lines.push(`header: ${report.headerPath}`);
+  lines.push(`initialized: ${report.initialized ? "yes" : "no"}`);
+  if (!report.initialized) {
+    lines.push("");
+    lines.push("Run 'remnic engram secure-store init' to initialize a new store.");
+    return lines.join("\n");
+  }
+  lines.push(`createdAt: ${report.createdAt ?? "n/a"}`);
+  lines.push(`locked: ${report.locked ? "yes" : "no"}`);
+  if (!report.locked) {
+    lines.push(`lastUnlockAt: ${report.unlockedAt ?? "n/a"}`);
+  }
+  if (report.kdf) {
+    lines.push(...renderKdfLines(report.kdf));
+  }
+  return lines.join("\n");
+}
+function renderKdfLines(kdf) {
+  const lines = [];
+  lines.push(`kdf.algorithm: ${kdf.algorithm}`);
+  if (kdf.algorithm === "scrypt") {
+    const { N, r, p, keyLength, maxmem } = kdf.params;
+    lines.push(`kdf.params: N=${N} r=${r} p=${p} keyLength=${keyLength} maxmem=${maxmem}`);
+  } else {
+    const { memoryKiB, iterations, parallelism, keyLength } = kdf.params;
+    lines.push(
+      `kdf.params: memoryKiB=${memoryKiB} iterations=${iterations} parallelism=${parallelism} keyLength=${keyLength}`
+    );
+  }
+  return lines;
+}
+
+// ../remnic-core/src/secure-store/passphrase-reader.ts
+import { createInterface } from "readline";
+import { StringDecoder } from "string_decoder";
+function createPassphraseReader(options = {}) {
+  const input = options.input ?? process.stdin;
+  const output = options.output ?? process.stdout;
+  const errorStream = options.errorStream ?? process.stderr;
+  let nonTtyReader = null;
+  let nonTtyWarned = false;
+  return async function readPassphrase(prompt, readerOptions) {
+    const first = await readSinglePassphrase(prompt);
+    if (readerOptions?.confirm) {
+      const second = await readSinglePassphrase("Confirm passphrase: ");
+      if (first !== second) {
+        throw new Error("passphrases did not match");
+      }
+    }
+    return first;
+  };
+  async function readSinglePassphrase(prompt) {
+    const inputAsAny = input;
+    if (inputAsAny.isTTY && typeof inputAsAny.setRawMode === "function") {
+      return readNoEcho(prompt, inputAsAny, output);
+    }
+    if (!nonTtyWarned) {
+      errorStream.write(
+        "[remnic secure-store] warning: stdin is not a TTY; reading passphrase as a plain line. Take care that the passphrase is not exposed in shell history.\n"
+      );
+      nonTtyWarned = true;
+    }
+    errorStream.write(prompt);
+    if (!nonTtyReader) nonTtyReader = createNonTtyLineReader(input);
+    return nonTtyReader.next();
+  }
+}
+function readNoEcho(prompt, input, output) {
+  return new Promise((resolve, reject) => {
+    output.write(prompt);
+    let buffer = "";
+    let settled = false;
+    const wasRaw = input.isRaw === true;
+    const decoder = new StringDecoder("utf8");
+    if (input.setRawMode) input.setRawMode(true);
+    input.resume();
+    const cleanup = () => {
+      input.pause();
+      input.removeListener("data", onData);
+      decoder.end();
+      if (input.setRawMode) input.setRawMode(wasRaw);
+      output.write("\n");
+    };
+    const onData = (chunk) => {
+      const str = decoder.write(chunk);
+      for (const ch of str) {
+        if (settled) return;
+        const code = ch.charCodeAt(0);
+        if (ch === "\n" || ch === "\r") {
+          settled = true;
+          cleanup();
+          resolve(buffer);
+          return;
+        }
+        if (code === 3) {
+          settled = true;
+          cleanup();
+          reject(new Error("passphrase entry aborted (Ctrl+C)"));
+          return;
+        }
+        if (code === 4) {
+          settled = true;
+          cleanup();
+          if (buffer.length === 0) {
+            reject(new Error("passphrase entry aborted (EOF)"));
+          } else {
+            resolve(buffer);
+          }
+          return;
+        }
+        if (code === 8 || code === 127) {
+          if (buffer.length > 0) {
+            const codePoints = Array.from(buffer);
+            buffer = codePoints.slice(0, -1).join("");
+          }
+          continue;
+        }
+        if (code < 32) {
+          continue;
+        }
+        buffer += ch;
+      }
+    };
+    input.on("data", onData);
+  });
+}
+function createNonTtyLineReader(input) {
+  const rl = createInterface({ input, terminal: false });
+  const lineQueue = [];
+  const waiterQueue = [];
+  const errorQueue = [];
+  let closed = false;
+  let error = null;
+  rl.on("line", (line) => {
+    const waiter = waiterQueue.shift();
+    if (waiter) {
+      waiter(line);
+    } else {
+      lineQueue.push(line);
+    }
+  });
+  rl.on("close", () => {
+    closed = true;
+    while (waiterQueue.length > 0) {
+      const w = waiterQueue.shift();
+      errorQueue.shift();
+      w("");
+    }
+  });
+  rl.on("error", (err) => {
+    error = err;
+    while (errorQueue.length > 0) {
+      const r = errorQueue.shift();
+      waiterQueue.shift();
+      r(err);
+    }
+  });
+  return {
+    next() {
+      if (error) return Promise.reject(error);
+      const queued = lineQueue.shift();
+      if (queued !== void 0) return Promise.resolve(queued);
+      if (closed) return Promise.resolve("");
+      return new Promise((resolve, reject) => {
+        waiterQueue.push(resolve);
+        errorQueue.push(reject);
+      });
+    }
+  };
+}
+
+export {
+  runSecureStoreInit,
+  runSecureStoreUnlock,
+  runSecureStoreLock,
+  runSecureStoreMigrate,
+  runSecureStoreDisable,
+  runSecureStoreStatus,
+  MIN_PASSPHRASE_LENGTH,
+  renderInitReport,
+  renderUnlockReport,
+  renderLockReport,
+  renderMigrateReport,
+  renderDisableReport,
+  renderStatusReport,
+  createPassphraseReader
+};