@tpsdev-ai/flair 0.2.0

package/dist/resources/WorkspaceState.js

@@ -0,0 +1,76 @@
+/**
+ * WorkspaceState.ts — Harper table resource for workspace state records (OPS-47 Phase 2)
+ *
+ * Auth: Ed25519 middleware sets request.tpsAgent. Agent can only read/write own records.
+ * Pattern follows Memory.ts — extends Harper auto-generated table class.
+ *
+ * Note: Harper's static methods call instance methods with positional args only.
+ * Use this.getContext() to access request context (tpsAgent, tpsAgentIsAdmin).
+ */
+import { databases } from "@harperfast/harper";
+export class WorkspaceState extends databases.flair.WorkspaceState {
+    /**
+     * Helper to extract auth info from Harper's Resource instance context.
+     */
+    _authInfo() {
+        const ctx = this.getContext?.();
+        const request = ctx?.request ?? ctx;
+        return {
+            agentId: request?.tpsAgent,
+            isAdmin: request?.tpsAgentIsAdmin ?? false,
+        };
+    }
+    /**
+     * Override search() to scope collection GETs to the authenticated agent's
+     * own workspace state records. Admin agents see all records.
+     */
+    async search(query) {
+        const { agentId: authAgent, isAdmin: isAdminAgent } = this._authInfo();
+        if (!authAgent || isAdminAgent) {
+            return super.search(query);
+        }
+        const agentIdCondition = { attribute: "agentId", comparator: "equals", value: authAgent };
+        // Harper passes `query` as a request target object (with pathname, id, isCollection, etc.)
+        // Inject scope condition into its `.conditions` array so Table.search() processes it correctly.
+        if (query && typeof query === "object" && !Array.isArray(query)) {
+            const existing = query.conditions ?? [];
+            query.conditions = Array.isArray(existing)
+                ? [agentIdCondition, ...existing]
+                : [agentIdCondition, existing];
+            return super.search(query);
+        }
+        const conditions = Array.isArray(query) && query.length > 0
+            ? [agentIdCondition, ...query]
+            : [agentIdCondition];
+        return super.search(conditions);
+    }
+    async post(content) {
+        const { agentId, isAdmin: isAdminAgent } = this._authInfo();
+        // Agent-scoped: agentId in body must match authenticated agent
+        if (agentId && !isAdminAgent && content.agentId !== agentId) {
+            return new Response(JSON.stringify({ error: "forbidden: cannot write workspace state for another agent" }), { status: 403, headers: { "Content-Type": "application/json" } });
+        }
+        content.createdAt = new Date().toISOString();
+        content.timestamp ||= content.createdAt;
+        return super.post(content);
+    }
+    async put(content) {
+        const { agentId, isAdmin: isAdminAgent } = this._authInfo();
+        if (agentId && !isAdminAgent && content.agentId !== agentId) {
+            return new Response(JSON.stringify({ error: "forbidden: cannot write workspace state for another agent" }), { status: 403, headers: { "Content-Type": "application/json" } });
+        }
+        return super.put(content);
+    }
+    async delete(id) {
+        const { agentId, isAdmin: isAdminAgent } = this._authInfo();
+        if (!agentId)
+            return super.delete(id);
+        const record = await this.get(id);
+        if (!record)
+            return super.delete(id);
+        if (!isAdminAgent && record.agentId !== agentId) {
+            return new Response(JSON.stringify({ error: "forbidden: cannot delete workspace state for another agent" }), { status: 403, headers: { "Content-Type": "application/json" } });
+        }
+        return super.delete(id);
+    }
+}

package/dist/resources/auth-middleware.js

@@ -0,0 +1,470 @@
+import { patchRecord } from "./table-helpers.js";
+import { server, databases } from "@harperfast/harper";
+import { initEmbeddings, getEmbedding } from "./embeddings-provider.js";
+// --- Admin credentials ---
+// Admin auth is sourced exclusively from Harper's own environment variables
+// (HDB_ADMIN_PASSWORD / FLAIR_ADMIN_PASSWORD). No filesystem token file.
+//
+// FLAIR_ADMIN_TOKEN env var is still accepted for backwards compat but
+// emits a deprecation warning on first use.
+let _adminPass = null;
+let _deprecationWarned = false;
+function getAdminPass() {
+    if (_adminPass)
+        return _adminPass;
+    // Primary source: Harper's own admin password (set at startup via env)
+    const primary = process.env.HDB_ADMIN_PASSWORD ?? process.env.FLAIR_ADMIN_PASSWORD;
+    if (primary) {
+        _adminPass = primary;
+        return _adminPass;
+    }
+    // Backwards compat: FLAIR_ADMIN_TOKEN (deprecated — never write to disk)
+    if (process.env.FLAIR_ADMIN_TOKEN) {
+        if (!_deprecationWarned) {
+            console.warn("[auth] DEPRECATION: FLAIR_ADMIN_TOKEN is deprecated. Use HDB_ADMIN_PASSWORD instead.");
+            _deprecationWarned = true;
+        }
+        _adminPass = process.env.FLAIR_ADMIN_TOKEN;
+        return _adminPass;
+    }
+    const msg = "[auth] FATAL: no admin password found. Set HDB_ADMIN_PASSWORD env var.";
+    console.error(msg);
+    throw new Error(msg);
+}
+const WINDOW_MS = 30_000;
+const nonceSeen = new Map();
+// ─── Admin resolution ─────────────────────────────────────────────────────────
+// Admin agents: from FLAIR_ADMIN_AGENTS env var (comma-separated) OR
+// Agent records with role === "admin". Both sources are OR-combined.
+// Result is cached for 60s to avoid per-request DB hits.
+let adminCacheExpiry = 0;
+let adminCache = new Set();
+async function getAdminAgents() {
+    const now = Date.now();
+    if (now < adminCacheExpiry)
+        return adminCache;
+    const from_env = (process.env.FLAIR_ADMIN_AGENTS ?? "")
+        .split(",").map((s) => s.trim()).filter(Boolean);
+    let from_db = [];
+    try {
+        const results = await databases.flair.Agent.search([{ attribute: "role", value: "admin", condition: "equals" }]);
+        for await (const row of results) {
+            if (row?.id)
+                from_db.push(row.id);
+        }
+    }
+    catch { /* Agent table might not be populated yet */ }
+    adminCache = new Set([...from_env, ...from_db]);
+    adminCacheExpiry = now + 60_000;
+    return adminCache;
+}
+export async function isAdmin(agentId) {
+    const admins = await getAdminAgents();
+    return admins.has(agentId);
+}
+// ─── Crypto helpers ───────────────────────────────────────────────────────────
+function b64ToArrayBuffer(b64) {
+    // Handle both standard and URL-safe base64
+    const std = b64.replace(/-/g, '+').replace(/_/g, '/');
+    const bin = atob(std);
+    const buf = new ArrayBuffer(bin.length);
+    const view = new Uint8Array(buf);
+    for (let i = 0; i < bin.length; i++)
+        view[i] = bin.charCodeAt(i);
+    return buf;
+}
+const keyCache = new Map();
+async function importEd25519Key(publicKeyStr) {
+    if (keyCache.has(publicKeyStr))
+        return keyCache.get(publicKeyStr);
+    // Accept hex (64-char) or base64 (44-char) encoded 32-byte Ed25519 public key
+    let raw;
+    if (/^[0-9a-f]{64}$/i.test(publicKeyStr)) {
+        // Hex-encoded raw key (TPS CLI default: Buffer.toString('hex'))
+        const bytes = new Uint8Array(32);
+        for (let i = 0; i < 32; i++)
+            bytes[i] = parseInt(publicKeyStr.slice(i * 2, i * 2 + 2), 16);
+        raw = bytes.buffer;
+    }
+    else {
+        raw = b64ToArrayBuffer(publicKeyStr);
+    }
+    const key = await crypto.subtle.importKey("raw", raw, { name: "Ed25519" }, false, ["verify"]);
+    keyCache.set(publicKeyStr, key);
+    return key;
+}
+initEmbeddings().catch((err) => console.error("[embeddings] init:", err.message));
+async function backfillEmbedding(memoryId) {
+    try {
+        const record = await databases.flair.Memory.get(memoryId);
+        if (!record?.content)
+            return;
+        if (record.embedding?.length > 100)
+            return;
+        const embedding = await getEmbedding(record.content);
+        if (!embedding)
+            return;
+        await patchRecord(databases.flair.Memory, memoryId, { embedding });
+        console.log(`[auto-embed] ${memoryId}: ${embedding.length}d`);
+    }
+    catch (err) {
+        console.error(`[auto-embed] Failed for ${memoryId}: ${err.message}`);
+    }
+}
+// ─── HTTP middleware ──────────────────────────────────────────────────────────
+server.http(async (request, nextLayer) => {
+    const url = new URL(request.url, "http://" + (request.headers.get("host") || "localhost"));
+    if (url.pathname === "/health" ||
+        url.pathname === "/Health" ||
+        url.pathname === "/a2a" ||
+        url.pathname === "/A2AAdapter" ||
+        url.pathname === "/AgentCard" ||
+        url.pathname.startsWith("/A2AAdapter/") ||
+        url.pathname.startsWith("/AgentCard/"))
+        return nextLayer(request);
+    // Skip re-entry: if we already swapped auth to Basic, pass through
+    if (request._tpsAuthVerified)
+        return nextLayer(request);
+    const header = request.headers.get("authorization") || request.headers?.asObject?.authorization || "";
+    // ── Basic admin auth ──────────────────────────────────────────────────────
+    // Allow Basic auth with the admin password for CLI operations (backup, etc.)
+    // This is checked BEFORE Ed25519 so admin tools can use simple auth.
+    if (header.startsWith("Basic ")) {
+        try {
+            const decoded = Buffer.from(header.slice(6), "base64").toString("utf-8");
+            const [user, pass] = decoded.split(":");
+            if (user === "admin" && pass === getAdminPass()) {
+                // Mark as verified and pass through to Harper with admin credentials
+                request._tpsAuthVerified = true;
+                request.headers.set("x-tps-agent", "admin");
+                if (request.headers.asObject)
+                    request.headers.asObject["x-tps-agent"] = "admin";
+                return nextLayer(request);
+            }
+        }
+        catch { /* fall through to Ed25519 check */ }
+        return new Response(JSON.stringify({ error: "invalid_admin_credentials" }), { status: 401 });
+    }
+    // ── Ed25519 agent auth ────────────────────────────────────────────────────
+    const m = header.match(/^TPS-Ed25519\s+([^:]+):(\d+):([^:]+):(.+)$/);
+    if (!m) {
+        return new Response(JSON.stringify({ error: "missing_or_invalid_authorization" }), { status: 401 });
+    }
+    const [, agentId, tsRaw, nonce, signatureB64] = m;
+    const ts = Number(tsRaw);
+    const now = Date.now();
+    if (!Number.isFinite(ts) || Math.abs(now - ts) > WINDOW_MS)
+        return new Response(JSON.stringify({ error: "timestamp_out_of_window" }), { status: 401 });
+    for (const [k, signatureTs] of nonceSeen.entries())
+        if (now - signatureTs > WINDOW_MS)
+            nonceSeen.delete(k);
+    const nonceKey = `${agentId}:${nonce}`;
+    if (nonceSeen.has(nonceKey))
+        return new Response(JSON.stringify({ error: "nonce_replay_detected" }), { status: 401 });
+    const agent = await databases.flair.Agent.get(agentId);
+    if (!agent)
+        return new Response(JSON.stringify({ error: "unknown_agent" }), { status: 401 });
+    try {
+        const payload = `${agentId}:${tsRaw}:${nonce}:${request.method}:${url.pathname}${url.search}`;
+        const key = await importEd25519Key(agent.publicKey);
+        const sigBuf = b64ToArrayBuffer(signatureB64);
+        const payloadBuf = new TextEncoder().encode(payload);
+        const ok = await crypto.subtle.verify({ name: "Ed25519" }, key, sigBuf, payloadBuf);
+        if (!ok)
+            return new Response(JSON.stringify({ error: "invalid_signature" }), { status: 401 });
+    }
+    catch (e) {
+        return new Response(JSON.stringify({ error: "signature_verification_failed", detail: e?.message }), { status: 401 });
+    }
+    nonceSeen.set(nonceKey, ts);
+    request.tpsAgent = agentId;
+    request._tpsAuthVerified = true;
+    request.tpsAgentIsAdmin = await isAdmin(agentId);
+    const superAuth = "Basic " + btoa("admin:" + getAdminPass());
+    request.headers.set("authorization", superAuth);
+    if (request.headers.asObject)
+        request.headers.asObject.authorization = superAuth;
+    // Propagate authenticated agent to downstream resources via header.
+    // Resources can read this to enforce agent-level scoping.
+    request.headers.set("x-tps-agent", agentId);
+    if (request.headers.asObject)
+        request.headers.asObject["x-tps-agent"] = agentId;
+    // ── Raw query endpoint block (non-admins) ─────────────────────────────────
+    // SQL and GraphQL endpoints bypass all resource-level scoping — block them
+    // for non-admin agents. Admins (bootstrap, consolidation scripts) still pass.
+    if (!request.tpsAgentIsAdmin) {
+        const rawPath = url.pathname.toLowerCase();
+        if (rawPath === "/sql" || rawPath.startsWith("/sql/") ||
+            rawPath === "/graphql" || rawPath.startsWith("/graphql/")) {
+            return new Response(JSON.stringify({ error: "forbidden: raw query endpoints require admin access" }), { status: 403, headers: { "Content-Type": "application/json" } });
+        }
+    }
+    // ── Server-side permission guards ──────────────────────────────────────────
+    const method = request.method.toUpperCase();
+    const isMutation = method === "POST" || method === "PUT" || method === "PATCH" || method === "DELETE";
+    if (isMutation) {
+        // OrgEvent: authorId must match authenticated agent
+        if ((url.pathname === "/OrgEvent" || url.pathname.startsWith("/OrgEvent/")) &&
+            (method === "POST" || method === "PUT" || method === "PATCH")) {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const clone = request.clone();
+                    const body = await clone.json();
+                    if (body?.authorId && body.authorId !== agentId) {
+                        return new Response(JSON.stringify({
+                            error: "forbidden: authorId must match authenticated agent"
+                        }), { status: 403 });
+                    }
+                }
+                catch { }
+            }
+        }
+        // OrgEvent DELETE: ownership check
+        if (url.pathname.startsWith("/OrgEvent/") && method === "DELETE") {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const pathParts = url.pathname.split("/").filter(Boolean);
+                    const eventId = pathParts[1] ? decodeURIComponent(pathParts[1]) : null;
+                    if (eventId) {
+                        const record = await databases.flair.OrgEvent.get(eventId);
+                        if (record && record.authorId && record.authorId !== agentId) {
+                            return new Response(JSON.stringify({
+                                error: "forbidden: cannot delete events authored by another agent"
+                            }), { status: 403 });
+                        }
+                    }
+                }
+                catch { }
+            }
+        }
+        // WorkspaceState: agent-scoped mutations (non-admin can only write own records)
+        if ((url.pathname === "/WorkspaceState" || url.pathname.startsWith("/WorkspaceState/")) &&
+            (method === "POST" || method === "PUT" || method === "PATCH")) {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const clone = request.clone();
+                    const body = await clone.json();
+                    if (body?.agentId && body.agentId !== agentId) {
+                        return new Response(JSON.stringify({
+                            error: "forbidden: cannot write workspace state for another agent"
+                        }), { status: 403 });
+                    }
+                }
+                catch { }
+            }
+        }
+        // WorkspaceState DELETE: ownership check
+        if ((url.pathname.startsWith("/WorkspaceState/")) && method === "DELETE") {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const pathParts = url.pathname.split("/").filter(Boolean);
+                    const wsId = pathParts[1] ? decodeURIComponent(pathParts[1]) : null;
+                    if (wsId) {
+                        const record = await databases.flair.WorkspaceState.get(wsId);
+                        if (record && record.agentId && record.agentId !== agentId) {
+                            return new Response(JSON.stringify({
+                                error: "forbidden: cannot delete workspace state for another agent"
+                            }), { status: 403 });
+                        }
+                    }
+                }
+                catch { }
+            }
+        }
+        // Soul PUT: only owner or admin
+        if (url.pathname.startsWith("/Soul") && (method === "PUT" || method === "POST")) {
+            if (!request.tpsAgentIsAdmin) {
+                let bodyAgentId = null;
+                try {
+                    const clone = request.clone();
+                    const body = await clone.json();
+                    bodyAgentId = body?.agentId ?? null;
+                }
+                catch { }
+                if (bodyAgentId && bodyAgentId !== agentId) {
+                    return new Response(JSON.stringify({ error: "forbidden: non-admin cannot modify another agent's soul" }), { status: 403 });
+                }
+            }
+        }
+        // Memory promotion guard: only admin can approve or set durability=permanent
+        if (((url.pathname === "/Memory" || url.pathname.startsWith("/Memory/") || url.pathname === "/memory" || url.pathname.startsWith("/memory/"))) &&
+            (method === "PUT" || method === "POST" || method === "PATCH")) {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const clone = request.clone();
+                    const body = await clone.json();
+                    const setsApproved = body?.promotionStatus === "approved";
+                    const setsPermanent = body?.durability === "permanent";
+                    const setsArchived = body?.archived === true;
+                    if (setsApproved || setsPermanent || setsArchived) {
+                        return new Response(JSON.stringify({
+                            error: "forbidden: only admins can approve promotions, set permanent durability, or archive memories"
+                        }), { status: 403 });
+                    }
+                }
+                catch { }
+            }
+        }
+        // Memory PUT/DELETE: ownership check (non-admin can only modify their own memories)
+        if (((url.pathname === "/Memory" || url.pathname.startsWith("/Memory/") || url.pathname === "/memory" || url.pathname.startsWith("/memory/"))) &&
+            (method === "PUT" || method === "DELETE" || method === "PATCH")) {
+            if (!request.tpsAgentIsAdmin) {
+                try {
+                    const pathParts = url.pathname.split("/").filter(Boolean);
+                    const memId = pathParts[1] ? decodeURIComponent(pathParts[1]) : null;
+                    if (memId) {
+                        const record = await databases.flair.Memory.get(memId);
+                        if (record && record.agentId && record.agentId !== agentId) {
+                            return new Response(JSON.stringify({
+                                error: `forbidden: cannot modify memory owned by ${record.agentId}`
+                            }), { status: 403 });
+                        }
+                        if (method === "DELETE" && record?.durability === "permanent") {
+                            return new Response(JSON.stringify({
+                                error: "forbidden: only admins can purge permanent memories"
+                            }), { status: 403 });
+                        }
+                    }
+                }
+                catch { }
+            }
+        }
+    }
+    // ── WorkspaceState read guard: agent-scoped reads ───────────────────────────
+    if (method === "GET" && !request.tpsAgentIsAdmin) {
+        if (url.pathname === "/WorkspaceState" || url.pathname === "/WorkspaceState/") {
+            const queryAgent = url.searchParams.get("agentId");
+            if (queryAgent && queryAgent !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: cannot read workspace state for another agent"
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+    }
+    // ── SemanticSearch: agentId must match authenticated agent ─────────────────
+    // Non-admin agents can only search their own memories (plus MemoryGrant access,
+    // which is enforced inside SemanticSearch.ts using the x-tps-agent header).
+    if (!request.tpsAgentIsAdmin &&
+        method === "POST" &&
+        (url.pathname === "/SemanticSearch" || url.pathname === "/SemanticSearch/")) {
+        try {
+            const clone = request.clone();
+            const body = await clone.json();
+            if (body?.agentId && body.agentId !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: agentId must match authenticated agent",
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+        catch { /* malformed body — let resource return its own error */ }
+    }
+    // ── BootstrapMemories: agentId must match authenticated agent ───────────────
+    if (!request.tpsAgentIsAdmin &&
+        method === "POST" &&
+        (url.pathname === "/BootstrapMemories" || url.pathname === "/BootstrapMemories/")) {
+        try {
+            const clone = request.clone();
+            const body = await clone.json();
+            if (body?.agentId && body.agentId !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: agentId must match authenticated agent",
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+        catch { /* malformed body — let resource return its own error */ }
+    }
+    // ── Memory POST (create): agentId must match authenticated agent ────────────
+    if (!request.tpsAgentIsAdmin &&
+        method === "POST" &&
+        (url.pathname === "/Memory" || url.pathname === "/Memory/")) {
+        try {
+            const clone = request.clone();
+            const body = await clone.json();
+            if (body?.agentId && body.agentId !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: cannot create memories for another agent",
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+        catch { }
+    }
+    // ── Soul POST/PUT: agentId must match authenticated agent ───────────────────
+    if (!request.tpsAgentIsAdmin &&
+        (method === "POST" || method === "PUT") &&
+        (url.pathname === "/Soul" || url.pathname === "/Soul/" || url.pathname.startsWith("/Soul/"))) {
+        try {
+            const clone = request.clone();
+            const body = await clone.json();
+            if (body?.agentId && body.agentId !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: cannot write another agent's soul",
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+        catch { }
+    }
+    // ── Memory PUT: agentId must match authenticated agent ──────────────────────
+    if (!request.tpsAgentIsAdmin &&
+        method === "PUT" &&
+        (url.pathname === "/Memory" || url.pathname === "/Memory/" || url.pathname.startsWith("/Memory/"))) {
+        try {
+            const clone = request.clone();
+            const body = await clone.json();
+            if (body?.agentId && body.agentId !== agentId) {
+                return new Response(JSON.stringify({
+                    error: "forbidden: cannot write memories for another agent",
+                }), { status: 403, headers: { "Content-Type": "application/json" } });
+            }
+        }
+        catch { }
+    }
+    // ── Memory GET: non-admin can only read own memories (by ID) ────────────────
+    if (!request.tpsAgentIsAdmin && method === "GET") {
+        if (url.pathname.startsWith("/Memory/")) {
+            try {
+                const pathParts = url.pathname.split("/").filter(Boolean);
+                const memId = pathParts[1] ? decodeURIComponent(pathParts[1]) : null;
+                if (memId) {
+                    const record = await databases.flair.Memory.get(memId);
+                    if (record && record.agentId && record.agentId !== agentId) {
+                        // Allow office-wide memories
+                        if (record.visibility !== "office") {
+                            // Check MemoryGrant
+                            let hasGrant = false;
+                            try {
+                                for await (const grant of databases.flair.MemoryGrant.search({
+                                    conditions: [{ attribute: "granteeId", comparator: "equals", value: agentId }],
+                                })) {
+                                    if (grant.ownerId === record.agentId &&
+                                        (grant.scope === "read" || grant.scope === "search")) {
+                                        hasGrant = true;
+                                        break;
+                                    }
+                                }
+                            }
+                            catch { }
+                            if (!hasGrant) {
+                                return new Response(JSON.stringify({
+                                    error: `forbidden: cannot read memory owned by ${record.agentId}`,
+                                }), { status: 403, headers: { "Content-Type": "application/json" } });
+                            }
+                        }
+                    }
+                }
+            }
+            catch { /* record not found or table error — let resource handle */ }
+        }
+    }
+    // ── Embedding backfill ─────────────────────────────────────────────────────
+    const isMemoryWrite = isMutation && (url.pathname === "/Memory" || url.pathname.startsWith("/Memory/"));
+    let memoryId = null;
+    if (isMemoryWrite) {
+        const pathParts = url.pathname.split("/").filter(Boolean);
+        memoryId = pathParts.length >= 2 ? decodeURIComponent(pathParts[1]) : (request.headers.get("x-memory-id") ?? null);
+    }
+    const response = await nextLayer(request);
+    if (isMemoryWrite && memoryId && response.status >= 200 && response.status < 300) {
+        backfillEmbedding(memoryId).catch(() => { });
+    }
+    return response;
+}, { runFirst: true });

package/dist/resources/embeddings-provider.js

@@ -0,0 +1,127 @@
+/**
+ * In-process embeddings via harper-fabric-embeddings (v0.2.1+).
+ *
+ * Uses process-level singleton for cross-thread model sharing.
+ * Avoids dynamic imports inside Harper's VM sandbox by using
+ * globalThis.__hfe_resolve__ set during module load.
+ */
+const MAX_CHARS = 500;
+const MODELS_DIR = process.env.FLAIR_MODELS_DIR || "/tmp/flair-models";
+const SINGLETON_KEY = "__flair_hfe_021__";
+const QUEUE_KEY = "__flair_embed_queue_021__";
+function getSingleton() {
+    if (!process[SINGLETON_KEY]) {
+        process[SINGLETON_KEY] = { hfe: null, dims: 0, mode: "none", initPromise: null };
+    }
+    return process[SINGLETON_KEY];
+}
+function getQueue() {
+    if (!process[QUEUE_KEY]) {
+        process[QUEUE_KEY] = { queue: [], processing: false };
+    }
+    return process[QUEUE_KEY];
+}
+// ─── Init ─────────────────────────────────────────────────────────────────────
+export async function initEmbeddings() {
+    const s = getSingleton();
+    if (s.mode !== "none")
+        return;
+    if (s.initPromise) {
+        await s.initPromise;
+        return;
+    }
+    s.initPromise = doInit(s);
+    await s.initPromise;
+}
+async function doInit(s) {
+    // Resolve path at build time relative to this file's location
+    const hfePath = new URL("../../node_modules/harper-fabric-embeddings/dist/index.js", import.meta.url).href;
+    try {
+        // Use globalThis.process to do a native dynamic import outside the
+        // VM sandbox's importModuleDynamically interception. The Function
+        // constructor creates code in the global scope, not the VM context.
+        const importFn = new Function("url", "return import(url)");
+        const mod = await importFn(hfePath);
+        if (typeof mod.init !== "function") {
+            throw new Error(`Module has no init(). Keys: ${Object.keys(mod)}`);
+        }
+        const result = mod.init({ modelsDir: MODELS_DIR, gpuLayers: 99 });
+        if (result?.then)
+            await result;
+        s.hfe = mod;
+        s.dims = mod.dimensions();
+        s.mode = "native";
+        console.log(`[embeddings] Native in-process (v0.2.1): ${s.dims} dims`);
+    }
+    catch (err) {
+        console.error(`[embeddings] Native load failed: ${err.message}`);
+        // Fallback to hash-based embeddings
+        try {
+            s.dims = 512;
+            s.mode = "hash";
+            console.log(`[embeddings] Fallback: 512 dims (hash-based)`);
+        }
+        catch (e2) {
+            console.error(`[embeddings] All embedding modes failed: ${e2.message}`);
+        }
+    }
+}
+// ─── Public API ───────────────────────────────────────────────────────────────
+export function getDimensions() { return getSingleton().dims; }
+export function getMode() { return getSingleton().mode; }
+export async function getEmbedding(text) {
+    const s = getSingleton();
+    if (s.mode === "none")
+        await initEmbeddings();
+    return new Promise((resolve) => {
+        const q = getQueue();
+        q.queue.push({ text, resolve });
+        processQueue(q);
+    });
+}
+export function getQueueLength() { return getQueue().queue.length; }
+async function processQueue(q) {
+    if (q.processing)
+        return;
+    q.processing = true;
+    while (q.queue.length > 0) {
+        const job = q.queue.shift();
+        try {
+            const s = getSingleton();
+            if (s.mode === "native" && s.hfe) {
+                job.resolve(await s.hfe.embed(job.text.slice(0, MAX_CHARS)));
+            }
+            else if (s.mode === "hash") {
+                // Hash fallback doesn't need the module
+                const text = job.text.slice(0, MAX_CHARS);
+                job.resolve(fallbackEmbed(text));
+            }
+            else {
+                job.resolve(null);
+            }
+        }
+        catch (err) {
+            console.error(`[embeddings] embed failed: ${err.message}`);
+            job.resolve(null);
+        }
+    }
+    q.processing = false;
+}
+// ─── Hash Fallback ────────────────────────────────────────────────────────────
+function fallbackEmbed(text) {
+    const dims = 512;
+    const vec = new Array(dims).fill(0);
+    for (let i = 0; i < text.length; i++) {
+        const code = text.charCodeAt(i);
+        vec[i % dims] += code / 128;
+        vec[(i * 7 + 3) % dims] += Math.sin(code * 0.1) * 0.5;
+    }
+    // Normalize
+    let mag = 0;
+    for (let i = 0; i < dims; i++)
+        mag += vec[i] * vec[i];
+    mag = Math.sqrt(mag) || 1;
+    for (let i = 0; i < dims; i++)
+        vec[i] /= mag;
+    return vec;
+}