@undefineds.co/linx 0.2.17 → 0.2.19

package/vendor/agent-runtime/dist/turn-controller.js

@@ -0,0 +1,129 @@
+function normalizeMentionToken(value) {
+    return value.trim().toLowerCase();
+}
+function uniqueStrings(values) {
+    return Array.from(new Set(values.filter(Boolean)));
+}
+export function findMentionedGroupAgents(message, agents) {
+    const normalizedMessage = message.toLowerCase();
+    return agents.filter((agent) => {
+        const candidates = uniqueStrings([
+            agent.id,
+            agent.name,
+            ...(agent.aliases ?? []),
+        ]).map(normalizeMentionToken);
+        return candidates.some((candidate) => candidate && normalizedMessage.includes(`@${candidate}`));
+    });
+}
+export async function routeGroupTurn(input) {
+    const coordinationId = input.coordinationId ?? `group-turn-${Date.now()}`;
+    const agents = input.agents.filter((agent) => agent.id && agent.name);
+    if (agents.length === 0) {
+        return {
+            shouldReply: false,
+            targetAgentIds: [],
+            routedBy: 'none',
+            coordinationId,
+            reason: 'No AI agent participants are available.',
+        };
+    }
+    const mentionedAgents = findMentionedGroupAgents(input.latestUserMessage, agents);
+    if (mentionedAgents.length > 0) {
+        return {
+            shouldReply: true,
+            targetAgentIds: mentionedAgents.map((agent) => agent.id),
+            routedBy: 'mention',
+            coordinationId,
+            reason: 'User explicitly mentioned one or more AI agents.',
+            confidence: 1,
+        };
+    }
+    if (agents.length === 1) {
+        return {
+            shouldReply: true,
+            targetAgentIds: [agents[0].id],
+            routedBy: 'single-agent',
+            coordinationId,
+            reason: 'Only one AI agent is present in the group.',
+            confidence: 1,
+        };
+    }
+    if (!input.decide) {
+        return {
+            shouldReply: false,
+            targetAgentIds: [],
+            routedBy: 'none',
+            coordinationId,
+            reason: 'No group turn controller is available for unmentioned multi-agent routing.',
+        };
+    }
+    const decision = await input.decide({
+        latestUserMessage: input.latestUserMessage,
+        agents,
+        history: input.history ?? [],
+    });
+    const validAgentIds = new Set(agents.map((agent) => agent.id));
+    const targetAgentIds = uniqueStrings(decision.targetAgentIds).filter((id) => validAgentIds.has(id));
+    return {
+        shouldReply: decision.shouldReply && targetAgentIds.length > 0,
+        targetAgentIds,
+        routedBy: 'controller',
+        coordinationId,
+        reason: decision.reason,
+        confidence: decision.confidence,
+    };
+}
+export const GROUP_AGENT_TURN_RULE = {
+    id: 'chat.group.agent-turn',
+    trigger: 'user.message',
+    targetAgent: 'agent-turn-controller',
+    targetRole: 'system',
+    context: {
+        recentMessages: 24,
+        includeToolCalls: false,
+        includeToolResults: false,
+        includeSystemEvents: false,
+    },
+    allowedOutputs: ['chat_message'],
+    requiresUserVisibleTrace: false,
+};
+export const WATCH_SECRETARY_APPROVAL_RULE = {
+    id: 'watch.secretary.approval',
+    trigger: 'approval.required',
+    targetAgent: 'ai-secretary',
+    targetRole: 'secretary',
+    requiredCapabilities: ['approval.request', 'approval.options'],
+    context: {
+        recentMessages: 24,
+        includeCurrentApproval: true,
+        includeMatchingGrants: true,
+        includeToolCalls: true,
+        includeToolResults: true,
+        includeSystemEvents: false,
+    },
+    allowedOutputs: ['chat_message', 'approval_decision', 'control_command'],
+    allowedControls: ['inject_message', 'pause', 'stop'],
+    requiresUserVisibleTrace: true,
+};
+export const WATCH_SECRETARY_INPUT_RULE = {
+    id: 'watch.secretary.input',
+    trigger: 'input.required',
+    targetAgent: 'ai-secretary',
+    targetRole: 'secretary',
+    requiredCapabilities: ['input.structured'],
+    context: {
+        recentMessages: 24,
+        includeCurrentApproval: false,
+        includeMatchingGrants: false,
+        includeToolCalls: true,
+        includeToolResults: true,
+        includeSystemEvents: false,
+    },
+    allowedOutputs: ['chat_message', 'input_answer', 'control_command'],
+    allowedControls: ['inject_message'],
+    requiresUserVisibleTrace: true,
+};
+export const DEFAULT_WATCH_SECRETARY_RULES = [
+    WATCH_SECRETARY_APPROVAL_RULE,
+    WATCH_SECRETARY_INPUT_RULE,
+];

package/vendor/agent-runtime/package.json

@@ -0,0 +1,11 @@
+{
+  "name": "@linx/agent-runtime",
+  "version": "0.1.0",
+  "type": "module",
+  "exports": {
+    ".": "./dist/index.js",
+    "./acp": "./dist/acp.js",
+    "./companion-model": "./dist/companion-model.js",
+    "./turn-controller": "./dist/turn-controller.js"
+  }
+}

package/vendor/client/dist/client/index.d.ts

@@ -1,118 +0,0 @@
-export type LinxAuthType = 'client_credentials' | 'oidc_oauth';
-export interface LinxClientConfig {
-    url: string;
-    webId: string;
-    authType: LinxAuthType;
-}
-export interface LinxClientCredentialsSecrets {
-    clientId: string;
-    clientSecret: string;
-}
-export interface LinxOidcOAuthSecrets {
-    oidcRefreshToken: string;
-    oidcAccessToken: string;
-    oidcExpiresAt: string;
-}
-export type LinxClientSecrets = LinxClientCredentialsSecrets | LinxOidcOAuthSecrets;
-export interface AccountSession {
-    url: string;
-    email: string;
-    token: string;
-    webId?: string;
-    podUrl?: string;
-    createdAt: string;
-}
-export interface LinxAccountControls {
-    pod?: string;
-    clientCredentials?: string;
-}
-export interface LinxAccountData {
-    controls: LinxAccountControls;
-    pods: Record<string, string>;
-    webIds: Record<string, string>;
-    clientCredentials: Record<string, string>;
-}
-export interface LinxClientCredential {
-    id: string;
-    secret?: string;
-    label?: string;
-    webId?: string;
-}
-export interface LinxStoredCredentials {
-    url: string;
-    webId: string;
-    authType: LinxAuthType;
-    secrets: LinxClientSecrets;
-}
-export type LinxCredentialBootstrapStatus = 'reused' | 'created' | 'recreated';
-export interface LinxWhoAmIField {
-    key: 'email' | 'server' | 'webId' | 'pod' | 'session-created-at';
-    value: string;
-}
-export interface PerformLinxPasswordLoginInput {
-    baseUrl?: string | null;
-    fallbackBaseUrl?: string;
-    email: string;
-    password: string;
-    requestedWebId?: string | null;
-    credentialName?: string | null;
-    existingCredentials?: LinxStoredCredentials | null;
-    now?: Date;
-}
-export interface PerformLinxPasswordLoginResult {
-    baseUrl: string;
-    webId: string;
-    account: LinxAccountData;
-    session: AccountSession;
-    credentialStatus: LinxCredentialBootstrapStatus;
-    credentialsToSave?: {
-        url: string;
-        webId: string;
-        authType: 'client_credentials';
-        secrets: LinxClientCredentialsSecrets;
-    };
-}
-export interface PerformLinxPasswordLoginDependencies {
-    checkServer(baseUrl: string): Promise<boolean>;
-    login(email: string, password: string, baseUrl: string): Promise<string | null>;
-    getAccountData(token: string, baseUrl: string): Promise<LinxAccountData | null>;
-    validateClientCredentials?(credentials: LinxStoredCredentials): Promise<boolean>;
-    createClientCredentials(token: string, credentialsUrl: string, webId: string, name?: string): Promise<LinxClientCredential | null>;
-}
-export declare const LINX_HOME_DIRNAME = ".linx";
-export declare const LINX_CONFIG_FILE_NAME = "config.json";
-export declare const LINX_SECRETS_FILE_NAME = "secrets.json";
-export declare const LINX_ACCOUNT_SESSION_FILE_NAME = "account.json";
-export declare const LINX_CLOUD_IDENTITY_ORIGIN = "https://id.undefineds.co";
-export declare const LINX_CLOUD_API_ORIGIN = "https://api.undefineds.co";
-export declare const LINX_CLOUD_ACCOUNT_API_BASE_URL = "https://id.undefineds.co/";
-export declare const LINX_CLOUD_RUNTIME_API_BASE_URL = "https://api.undefineds.co/v1";
-export declare const LINX_CLOUD_API_BASE_URL = "https://id.undefineds.co/";
-export declare const LINX_CLOUD_IDENTITY_HOSTS: readonly ["id.undefineds.co"];
-export declare function resolveLinxBaseUrl(url?: string | null, fallbackBaseUrl?: string): string;
-export declare function resolveLinxRuntimeApiBaseUrl(url?: string | null, fallbackBaseUrl?: string): string;
-export declare function resolveLinxCloudAccountBaseUrl(url?: string | null): string;
-export declare function resolveLinxCloudRuntimeApiBaseUrl(url?: string | null): string;
-export declare function resolveLinxCloudApiBaseUrl(url?: string | null): string;
-export declare function isLinxCloudIdentityBaseUrl(url?: string | null): boolean;
-export declare function resolveLinxRuntimeOriginForIssuerUrl(url?: string | null): string;
-export declare function resolveLinxRuntimeApiBaseUrlForIssuerUrl(url?: string | null): string;
-export declare function resolveLinxPodUrl(webId: string): string;
-export declare function resolveLinxPodBaseUrl(webId: string): string;
-export declare function parseLinxClientConfig(raw: unknown): LinxClientConfig | null;
-export declare function isLinxClientCredentialsSecrets(secrets: LinxClientSecrets): secrets is LinxClientCredentialsSecrets;
-export declare function isLinxOidcOAuthSecrets(secrets: LinxClientSecrets): secrets is LinxOidcOAuthSecrets;
-export declare function parseLinxClientSecrets(raw: unknown): LinxClientSecrets | null;
-export declare function parseLinxAccountData(raw: unknown): LinxAccountData | null;
-export declare function parseLinxClientCredential(raw: unknown): LinxClientCredential | null;
-export declare function parseAccountSession(raw: unknown): AccountSession | null;
-export declare function selectLinxAccountWebId(account: LinxAccountData | null, preferredWebId?: string | null): string | null;
-export declare function hasMatchingLinxStoredCredentials(credentials: Pick<LinxStoredCredentials, 'url' | 'webId'> | null | undefined, baseUrl: string, webId: string): boolean;
-export declare function resolveLinxCredentialBootstrapStatus(input: {
-    reusedExistingCredentials: boolean;
-    hadMatchingStoredCredentials: boolean;
-}): LinxCredentialBootstrapStatus;
-export declare function listLinxWhoAmIFields(session: AccountSession, options?: {
-    verbose?: boolean;
-}): LinxWhoAmIField[];
-export declare function performLinxPasswordLogin(input: PerformLinxPasswordLoginInput, deps: PerformLinxPasswordLoginDependencies): Promise<PerformLinxPasswordLoginResult>;

package/vendor/client/dist/client/index.js

@@ -1,260 +0,0 @@
-export const LINX_HOME_DIRNAME = '.linx';
-export const LINX_CONFIG_FILE_NAME = 'config.json';
-export const LINX_SECRETS_FILE_NAME = 'secrets.json';
-export const LINX_ACCOUNT_SESSION_FILE_NAME = 'account.json';
-export const LINX_CLOUD_IDENTITY_ORIGIN = 'https://id.undefineds.co';
-export const LINX_CLOUD_API_ORIGIN = 'https://api.undefineds.co';
-export const LINX_CLOUD_ACCOUNT_API_BASE_URL = `${LINX_CLOUD_IDENTITY_ORIGIN}/`;
-export const LINX_CLOUD_RUNTIME_API_BASE_URL = `${LINX_CLOUD_API_ORIGIN}/v1`;
-export const LINX_CLOUD_API_BASE_URL = LINX_CLOUD_ACCOUNT_API_BASE_URL;
-export const LINX_CLOUD_IDENTITY_HOSTS = ['id.undefineds.co'];
-function isRecord(value) {
-    return typeof value === 'object' && value !== null && !Array.isArray(value);
-}
-function optionalString(value) {
-    return typeof value === 'string' ? value : undefined;
-}
-function parseStringRecord(value) {
-    if (!isRecord(value)) {
-        return {};
-    }
-    const entries = Object.entries(value)
-        .filter((entry) => typeof entry[1] === 'string');
-    return Object.fromEntries(entries);
-}
-function normalizeAuthType(value) {
-    return value === 'oidc_oauth' ? 'oidc_oauth' : 'client_credentials';
-}
-function trimTrailingSlash(url) {
-    return url.replace(/\/+$/, '');
-}
-function resolveHostname(url) {
-    try {
-        return new URL(url).hostname;
-    }
-    catch {
-        return '';
-    }
-}
-export function resolveLinxBaseUrl(url, fallbackBaseUrl = 'http://localhost:3000') {
-    const raw = typeof url === 'string' && url.trim() ? url.trim() : fallbackBaseUrl;
-    return raw.endsWith('/') ? raw : `${raw}/`;
-}
-export function resolveLinxRuntimeApiBaseUrl(url, fallbackBaseUrl = LINX_CLOUD_ACCOUNT_API_BASE_URL) {
-    const normalized = trimTrailingSlash(resolveLinxBaseUrl(url, fallbackBaseUrl));
-    return normalized.endsWith('/v1') ? normalized : `${normalized}/v1`;
-}
-export function resolveLinxCloudAccountBaseUrl(url) {
-    return resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL);
-}
-export function resolveLinxCloudRuntimeApiBaseUrl(url) {
-    return resolveLinxRuntimeApiBaseUrl(url, LINX_CLOUD_RUNTIME_API_BASE_URL);
-}
-export function resolveLinxCloudApiBaseUrl(url) {
-    return resolveLinxCloudAccountBaseUrl(url);
-}
-export function isLinxCloudIdentityBaseUrl(url) {
-    const normalized = resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL);
-    const hostname = resolveHostname(normalized);
-    return LINX_CLOUD_IDENTITY_HOSTS.includes(hostname);
-}
-export function resolveLinxRuntimeOriginForIssuerUrl(url) {
-    const normalized = trimTrailingSlash(resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL));
-    if (isLinxCloudIdentityBaseUrl(normalized)) {
-        return LINX_CLOUD_API_ORIGIN;
-    }
-    return normalized;
-}
-export function resolveLinxRuntimeApiBaseUrlForIssuerUrl(url) {
-    const runtimeOrigin = resolveLinxRuntimeOriginForIssuerUrl(url);
-    return resolveLinxRuntimeApiBaseUrl(runtimeOrigin, LINX_CLOUD_RUNTIME_API_BASE_URL);
-}
-export function resolveLinxPodUrl(webId) {
-    try {
-        const target = new URL(webId);
-        const pathParts = target.pathname.split('/').filter(Boolean);
-        return `${target.origin}/${pathParts[0] ?? ''}/`.replace(/\/+$/, '/');
-    }
-    catch {
-        return '';
-    }
-}
-export function resolveLinxPodBaseUrl(webId) {
-    return trimTrailingSlash(resolveLinxPodUrl(webId));
-}
-export function parseLinxClientConfig(raw) {
-    if (!isRecord(raw) || typeof raw.url !== 'string' || typeof raw.webId !== 'string') {
-        return null;
-    }
-    return {
-        url: raw.url,
-        webId: raw.webId,
-        authType: normalizeAuthType(raw.authType),
-    };
-}
-export function isLinxClientCredentialsSecrets(secrets) {
-    return 'clientId' in secrets && 'clientSecret' in secrets;
-}
-export function isLinxOidcOAuthSecrets(secrets) {
-    return 'oidcRefreshToken' in secrets && 'oidcAccessToken' in secrets && 'oidcExpiresAt' in secrets;
-}
-export function parseLinxClientSecrets(raw) {
-    if (!isRecord(raw)) {
-        return null;
-    }
-    if (typeof raw.clientId === 'string' && typeof raw.clientSecret === 'string') {
-        return {
-            clientId: raw.clientId,
-            clientSecret: raw.clientSecret,
-        };
-    }
-    if (typeof raw.oidcRefreshToken === 'string'
-        && typeof raw.oidcAccessToken === 'string'
-        && typeof raw.oidcExpiresAt === 'string') {
-        return {
-            oidcRefreshToken: raw.oidcRefreshToken,
-            oidcAccessToken: raw.oidcAccessToken,
-            oidcExpiresAt: raw.oidcExpiresAt,
-        };
-    }
-    return null;
-}
-export function parseLinxAccountData(raw) {
-    if (!isRecord(raw)) {
-        return null;
-    }
-    const controls = isRecord(raw.controls) ? raw.controls : {};
-    const accountControls = isRecord(controls.account) ? controls.account : controls;
-    return {
-        controls: {
-            pod: optionalString(accountControls.pod),
-            clientCredentials: optionalString(accountControls.clientCredentials),
-        },
-        pods: parseStringRecord(raw.pods),
-        webIds: parseStringRecord(raw.webIds),
-        clientCredentials: parseStringRecord(raw.clientCredentials),
-    };
-}
-export function parseLinxClientCredential(raw) {
-    if (!isRecord(raw) || typeof raw.id !== 'string') {
-        return null;
-    }
-    return {
-        id: raw.id,
-        label: optionalString(raw.label),
-        secret: optionalString(raw.secret),
-        webId: optionalString(raw.webId),
-    };
-}
-export function parseAccountSession(raw) {
-    if (!isRecord(raw)
-        || typeof raw.url !== 'string'
-        || typeof raw.email !== 'string'
-        || typeof raw.token !== 'string'
-        || typeof raw.createdAt !== 'string') {
-        return null;
-    }
-    return {
-        url: raw.url,
-        email: raw.email,
-        token: raw.token,
-        webId: optionalString(raw.webId),
-        podUrl: optionalString(raw.podUrl),
-        createdAt: raw.createdAt,
-    };
-}
-export function selectLinxAccountWebId(account, preferredWebId) {
-    if (typeof preferredWebId === 'string' && preferredWebId.trim()) {
-        return preferredWebId.trim();
-    }
-    if (!account) {
-        return null;
-    }
-    return Object.keys(account.webIds)[0] ?? null;
-}
-export function hasMatchingLinxStoredCredentials(credentials, baseUrl, webId) {
-    return credentials?.url === baseUrl && credentials?.webId === webId;
-}
-export function resolveLinxCredentialBootstrapStatus(input) {
-    if (input.reusedExistingCredentials) {
-        return 'reused';
-    }
-    return input.hadMatchingStoredCredentials ? 'recreated' : 'created';
-}
-export function listLinxWhoAmIFields(session, options = {}) {
-    const fields = [
-        { key: 'email', value: session.email },
-        { key: 'server', value: session.url },
-    ];
-    if (session.webId) {
-        fields.push({ key: 'webId', value: session.webId });
-    }
-    if (options.verbose && session.podUrl) {
-        fields.push({ key: 'pod', value: session.podUrl });
-    }
-    fields.push({ key: 'session-created-at', value: session.createdAt });
-    return fields;
-}
-export async function performLinxPasswordLogin(input, deps) {
-    const baseUrl = resolveLinxBaseUrl(input.baseUrl, input.fallbackBaseUrl);
-    if (!(await deps.checkServer(baseUrl))) {
-        throw new Error(`Cannot reach server at ${baseUrl}`);
-    }
-    const token = await deps.login(input.email, input.password, baseUrl);
-    if (!token) {
-        throw new Error('Login failed.');
-    }
-    const account = await deps.getAccountData(token, baseUrl);
-    if (!account) {
-        throw new Error('Failed to load account data after login.');
-    }
-    const webId = selectLinxAccountWebId(account, input.requestedWebId);
-    if (!webId) {
-        throw new Error('No WebID found. Pass --web-id explicitly.');
-    }
-    const hadMatchingStoredCredentials = hasMatchingLinxStoredCredentials(input.existingCredentials, baseUrl, webId);
-    const existingCredentialsValid = hadMatchingStoredCredentials && input.existingCredentials?.authType === 'client_credentials'
-        ? await deps.validateClientCredentials?.(input.existingCredentials)
-        : false;
-    const reusedExistingCredentials = hadMatchingStoredCredentials
-        && input.existingCredentials?.authType === 'client_credentials'
-        && existingCredentialsValid === true;
-    const credentialStatus = resolveLinxCredentialBootstrapStatus({
-        reusedExistingCredentials,
-        hadMatchingStoredCredentials,
-    });
-    let credentialsToSave;
-    if (!reusedExistingCredentials) {
-        if (!account.controls.clientCredentials) {
-            throw new Error('Cannot find client credentials endpoint.');
-        }
-        const credential = await deps.createClientCredentials(token, account.controls.clientCredentials, webId, input.credentialName ?? undefined);
-        if (!credential?.id || !credential.secret) {
-            throw new Error('Failed to create local client credentials.');
-        }
-        credentialsToSave = {
-            url: baseUrl,
-            webId,
-            authType: 'client_credentials',
-            secrets: {
-                clientId: credential.id,
-                clientSecret: credential.secret,
-            },
-        };
-    }
-    return {
-        baseUrl,
-        webId,
-        account,
-        credentialStatus,
-        ...(credentialsToSave ? { credentialsToSave } : {}),
-        session: {
-            url: baseUrl,
-            email: input.email,
-            token,
-            webId,
-            podUrl: resolveLinxPodUrl(webId),
-            createdAt: (input.now ?? new Date()).toISOString(),
-        },
-    };
-}

package/vendor/client/dist/index.d.ts

@@ -1 +0,0 @@
-export * from './client/index.js';

package/vendor/client/dist/index.js

@@ -1 +0,0 @@
-export * from './client/index.js';