@trucore/openclaw-atf 0.2.0 → 0.2.1

package/README.md

@@ -130,7 +130,7 @@ To explicitly allowlist individual tools and customize settings:
     }
   },
   "tools": {
-    "allowlist": [
+    "alsoAllow": [
       "atf_health",
       "atf_protect_intent",
       "atf_verify_receipt",

package/examples/README.md

@@ -130,5 +130,5 @@ openclaw gateway restart
 # Run integration doctor
 openclaw tool call atf_integration_doctor
 
-# Expected: status = "ok", all 8 tools available
+# Expected: status = "ok", all 13 tools available
 ```

package/index.cjs

@@ -0,0 +1,156 @@
+/**
+ * index.cjs — CommonJS compatibility shim for @trucore/openclaw-atf
+ *
+ * OpenClaw's plugin loader may require() the package entry.
+ * This file is a thin CJS bridge to the real ESM plugin at ./src/index.mjs.
+ *
+ * Exports:
+ *   - register(api)     — OpenClaw lifecycle: register tools
+ *   - activate(ctx)     — OpenClaw lifecycle: activate (config validation)
+ *   - deactivate()      — OpenClaw lifecycle: deactivate (no-op)
+ *   - default           — legacy single-function entry (alias for register)
+ *
+ * All other named exports are re-exported once the ESM module is loaded.
+ *
+ * Usage by OpenClaw loader:
+ *   const plugin = require("@trucore/openclaw-atf");
+ *   plugin.register(api);
+ *   plugin.activate(ctx);
+ */
+
+"use strict";
+
+// Cache for the lazily-loaded ESM module.
+let _esmModule = null;
+
+/**
+ * Lazily import the ESM module. Returns a cached promise after first call.
+ * @returns {Promise<object>}
+ */
+function loadEsm() {
+  if (!_esmModule) {
+    _esmModule = import("./src/index.mjs");
+  }
+  return _esmModule;
+}
+
+/**
+ * OpenClaw lifecycle: register tools.
+ *
+ * Loads the ESM module on first call, then delegates to the real register().
+ * If the ESM module fails to load, logs a warning and returns gracefully —
+ * never crashes the gateway.
+ *
+ * @param {{ registerTool: Function, config: Record<string, unknown> }} api
+ * @returns {Promise<void>}
+ */
+async function register(api) {
+  try {
+    const mod = await loadEsm();
+    if (typeof mod.register === "function") {
+      mod.register(api);
+    } else if (typeof mod.default === "function") {
+      mod.default(api);
+    }
+  } catch (err) {
+    if (typeof console !== "undefined") {
+      console.warn(
+        "[trucore-atf] CJS shim: failed to load ESM module: " +
+          (err?.message ?? String(err)) +
+          ". ATF CLI fallback is still available.",
+      );
+    }
+  }
+}
+
+/**
+ * OpenClaw lifecycle: activate plugin.
+ *
+ * @param {{ config?: Record<string, unknown> }} [ctx]
+ * @returns {Promise<void>}
+ */
+async function activate(ctx) {
+  try {
+    const mod = await loadEsm();
+    if (typeof mod.activate === "function") {
+      mod.activate(ctx);
+    }
+  } catch (err) {
+    if (typeof console !== "undefined") {
+      console.warn(
+        "[trucore-atf] CJS shim: activate failed: " +
+          (err?.message ?? String(err)) +
+          ". Plugin is still operational.",
+      );
+    }
+  }
+}
+
+/**
+ * OpenClaw lifecycle: deactivate plugin.
+ *
+ * @returns {Promise<void>}
+ */
+async function deactivate() {
+  try {
+    const mod = await loadEsm();
+    if (typeof mod.deactivate === "function") {
+      mod.deactivate();
+    }
+  } catch {
+    // Deactivate must never throw.
+  }
+}
+
+// ---- CJS exports ----
+
+module.exports = register; // default export = register (legacy compat)
+module.exports.default = register;
+module.exports.register = register;
+module.exports.activate = activate;
+module.exports.deactivate = deactivate;
+
+// Re-export everything from the ESM module as a lazy getter on first access.
+// This allows `const { PLUGIN_ID } = require("@trucore/openclaw-atf")`
+// to work once the module is loaded.
+const RE_EXPORT_KEYS = [
+  "PLUGIN_ID",
+  "PLUGIN_VERSION",
+  "buildHumanSummary",
+  "REASON_CODE_CATALOG",
+  "ATF_BILLING_MANIFEST",
+  "evaluateAdoption",
+  "TRIGGER_MODEL",
+  "INSTALL_GUIDANCE",
+  "SAFE_CALL_SEQUENCE",
+  "verifyBillingClaim",
+  "CLAIM_STATUS",
+  "CLAIM_DENY_CODES",
+  "TREASURY_ADDRESS",
+  "USDC_MINT",
+  "KNOWN_PACKAGES",
+  "checkDuplicate",
+  "_resetClaimTracking",
+  "CONTRACT_FAMILIES",
+  "TOOL_FAMILY_MAP",
+  "CANONICAL_TOOLS",
+  "CANONICAL_TOOL_COUNT",
+];
+
+for (const key of RE_EXPORT_KEYS) {
+  Object.defineProperty(module.exports, key, {
+    configurable: true,
+    enumerable: true,
+    get() {
+      // Synchronous access — returns undefined until ESM is loaded.
+      // Call register() or loadEsm() first in async context.
+      if (_esmModule && typeof _esmModule.then !== "function") {
+        return _esmModule[key];
+      }
+      return undefined;
+    },
+  });
+}
+
+// Expose loadEsm for tests that need to await ESM initialization.
+module.exports._loadEsm = loadEsm;

package/openclaw.plugin.json

@@ -1,11 +1,11 @@
 {
   "id": "trucore-atf",
   "name": "TruCore ATF",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Transaction firewall tools for autonomous finance agents: protect + verify + report savings. ATF evaluates swap, lend, and perps intents against policy before they reach the chain. Never signs. Deny-by-default.",
   "homepage": "https://github.com/trucore-ai/agent-transaction-firewall",
-  "main": "src/index.mjs",
-  "extensions": ["src/index.mjs"],
+  "main": "index.cjs",
+  "extensions": ["index.cjs"],
   "tools": "optional",
   "configSchema": {
     "$schema": "http://json-schema.org/draft-07/schema#",

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@trucore/openclaw-atf",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "OpenClaw plugin — ATF transaction firewall tools for autonomous agents: discover, protect, verify, report savings.",
   "license": "MIT",
   "type": "module",
-  "main": "src/index.mjs",
+  "main": "index.cjs",
   "files": [
     "src",
+    "index.cjs",
     "examples",
     "openclaw.plugin.json",
     "README.md",
@@ -43,7 +44,7 @@
   },
   "openclaw": {
     "extensions": [
-      "openclaw.plugin.json"
+      "index.cjs"
     ]
   },
   "peerDependencies": {

package/src/contracts/result_builder.mjs

@@ -29,7 +29,7 @@ import { RESPONSE_STATUS } from "./status_codes.mjs";
 const PRODUCT_ID = "trucore-atf";
 
 /** Product version — kept in sync by version consistency tests. */
-const PRODUCT_VERSION = "0.2.0";
+const PRODUCT_VERSION = "0.2.1";
 
 // ---------------------------------------------------------------------------
 // Meta builder

package/src/doctor.mjs

@@ -37,7 +37,7 @@ import {
 // Canonical plugin identity — duplicated from index.mjs to avoid circular
 // import at module level. Kept in sync by version consistency tests.
 const PLUGIN_ID = "trucore-atf";
-const PLUGIN_VERSION = "0.2.0";
+const PLUGIN_VERSION = "0.2.1";
 
 // ---------------------------------------------------------------------------
 // Constants

package/src/index.mjs

@@ -99,7 +99,7 @@ const execFileAsync = promisify(execFile);
 export const PLUGIN_ID = "trucore-atf";
 
 /** Plugin version. Must match package.json + openclaw.plugin.json `version`. */
-export const PLUGIN_VERSION = "0.2.0";
+export const PLUGIN_VERSION = "0.2.1";
 
 // ---------------------------------------------------------------------------
 // Default config
@@ -218,7 +218,7 @@ async function toolAtfDiscover(cfg, params = {}) {
   let manifest;
   try {
     const res = await fetch(base, {
-      headers: { "User-Agent": "openclaw-atf-plugin/0.2.0" },
+      headers: { "User-Agent": "openclaw-atf-plugin/0.2.1" },
       signal: AbortSignal.timeout(10_000),
     });
     if (!res.ok) {
@@ -393,7 +393,7 @@ async function toolAtfProtectIntent(cfg, params = {}) {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
-          "User-Agent": "openclaw-atf-plugin/0.2.0",
+          "User-Agent": "openclaw-atf-plugin/0.2.1",
         },
         body: payloadStr,
         signal: AbortSignal.timeout(15_000),
@@ -1579,6 +1579,7 @@ export default function atfPlugin(api) {
       required: ["receipt"],
       properties: {
         receipt: {
+          type: ["object", "string"],
           description:
             "Receipt to verify: JSON object, JSON string, or file path.",
         },

package/src/tool_response.mjs

@@ -48,7 +48,7 @@ export const RESPONSE_STATUS = _RESPONSE_STATUS;
  * Kept in sync by version consistency tests.
  */
 const PLUGIN_ID = "trucore-atf";
-const PLUGIN_VERSION = "0.2.0";
+const PLUGIN_VERSION = "0.2.1";
 
 // ---------------------------------------------------------------------------
 // Backend meta builder