@wrongstack/core 0.1.0

package/dist/defaults/index.d.ts

@@ -0,0 +1,1082 @@
+import { j as Logger, i as LogLevel, P as PathResolver, S as SecretScrubber, O as RetryPolicy, A as ProviderError, E as ErrorHandler, c as Compactor, ag as Context, K as Response, a1 as TokenCounter, s as ModelsRegistry, ai as EventBus, a8 as Usage, G as ResolvedModel, C as CacheStats, V as SessionStore, U as SessionMetadata, X as SessionWriter, N as ResumedSession, Q as SessionData, W as SessionSummary, f as ContentBlock, m as MemoryStore, l as MemoryScope, v as PermissionPolicy, a2 as Tool, h as InputReader, u as PermissionDecision, Y as SkillLoader, Z as SkillManifest, d as Config, e as ConfigLoader, b as CompactReport, y as Provider, n as Message, as as MiddlewareHandler, q as ModelsDevPayload, H as ResolvedProvider, a9 as WireFamily, a5 as ToolUseBlock, a4 as ToolResultBlock } from '../secret-scrubber-Dax_Ou_o.js';
+import { g as AttachmentStore, A as AddAttachmentInput, f as AttachmentRef, c as Attachment, S as SecretVault, q as ModeStore, o as ModeConfig, n as Mode, s as MultiAgentCoordinator, r as MultiAgentConfig, Q as SubagentConfig, z as SpawnResult, a2 as TaskSpec, B as BridgeMessage, a as AgentBridge, j as CoordinatorStatus, a0 as TaskResult, b as AgentBridgeConfig, i as BridgeTransport, ah as Agent, m as DoneCondition, an as RunResult, O as Specification, F as SpecAnalysis, N as SpecValidationResult, Y as TaskGraph, Z as TaskNode, X as TaskFilter, a1 as TaskSort, $ as TaskProgress, a4 as TaskType, _ as TaskPriority, a9 as ToolExecutorOptions, aa as ToolExecutorStrategy, a5 as ToolBatchResult } from '../tool-executor-DjnMELMV.js';
+import { a as WstackPaths } from '../wstack-paths-D24ynAz1.js';
+import { EventEmitter } from 'node:events';
+
+interface DefaultLoggerOptions {
+    level?: LogLevel;
+    file?: string;
+    pretty?: boolean;
+    bindings?: Record<string, unknown>;
+}
+declare class DefaultLogger implements Logger {
+    level: LogLevel;
+    private readonly file?;
+    private readonly bindings;
+    private readonly pretty;
+    constructor(opts?: DefaultLoggerOptions);
+    error(msg: string, ctx?: unknown): void;
+    warn(msg: string, ctx?: unknown): void;
+    info(msg: string, ctx?: unknown): void;
+    debug(msg: string, ctx?: unknown): void;
+    trace(msg: string, ctx?: unknown): void;
+    child(bindings: Record<string, unknown>): Logger;
+    private log;
+}
+
+declare class DefaultPathResolver implements PathResolver {
+    readonly projectRoot: string;
+    readonly cwd: string;
+    constructor(cwd?: string);
+    detectProjectRoot(start: string): string;
+    resolve(input: string): string;
+    isInsideRoot(absPath: string): boolean;
+    ensureInsideRoot(absPath: string): string;
+}
+
+declare class DefaultSecretScrubber implements SecretScrubber {
+    scrub(text: string): string;
+    scrubObject<T>(obj: T): T;
+}
+
+declare class DefaultRetryPolicy implements RetryPolicy {
+    shouldRetry(err: Error | ProviderError, attempt: number): boolean;
+    maxAttempts(err: Error | ProviderError): number;
+    delayMs(attempt: number): number;
+}
+
+/**
+ * Tiered error recovery strategies.
+ * Each strategy is attempted in order until one succeeds.
+ */
+interface RecoveryStrategy {
+    /** Human-readable label for logs. */
+    label: string;
+    /** Optional compactor for context_overflow recovery. */
+    compactor?: Compactor;
+    /** Returns a substitute Response, or null to fall through to the next strategy. */
+    attempt: (err: unknown, ctx: Context) => Promise<Response | null>;
+}
+declare class DefaultErrorHandler implements ErrorHandler {
+    private readonly strategies;
+    constructor(strategies?: RecoveryStrategy[]);
+    classify(err: unknown): {
+        kind: 'rate_limit' | 'overloaded' | 'server' | 'client' | 'network' | 'abort' | 'context_overflow' | 'unknown';
+        retryable: boolean;
+    };
+    recover(err: unknown, ctx: Context): Promise<Response | null>;
+}
+
+/**
+ * Token counter that derives pricing from the ModelsRegistry instead of a
+ * hardcoded table. If a model is unknown to the registry (or the registry is
+ * unavailable) the counter still tracks token totals but reports zero cost.
+ */
+declare class DefaultTokenCounter implements TokenCounter {
+    private input;
+    private output;
+    private cacheRead;
+    private cacheWrite;
+    private costInput;
+    private costOutput;
+    private readonly registry?;
+    private readonly providerId?;
+    private readonly events?;
+    private priceCache;
+    constructor(opts?: {
+        registry?: ModelsRegistry;
+        providerId?: string;
+        events?: EventBus;
+    });
+    account(usage: Usage, model?: string): void;
+    /** Synchronous variant for code paths that have already resolved the model. */
+    accountWithModel(usage: Usage, resolved: ResolvedModel): void;
+    total(): Usage;
+    estimateCost(): {
+        input: number;
+        output: number;
+        total: number;
+        currency: 'USD';
+    };
+    cacheStats(): CacheStats;
+    /** Invalidate cached prices so the next account() call fetches fresh data. */
+    invalidateCache(): void;
+    reset(): void;
+    private applyPrice;
+}
+
+interface SessionStoreOptions {
+    dir: string;
+    /** Optional EventBus for emitting session diagnostics. */
+    events?: EventBus;
+}
+declare class DefaultSessionStore implements SessionStore {
+    private readonly dir;
+    private readonly events?;
+    constructor(opts: SessionStoreOptions);
+    create(meta: Omit<SessionMetadata, 'startedAt'>): Promise<SessionWriter>;
+    resume(id: string): Promise<ResumedSession>;
+    load(id: string): Promise<SessionData>;
+    list(limit?: number): Promise<SessionSummary[]>;
+    private summaryFor;
+    delete(id: string): Promise<void>;
+    private summarize;
+    private metaFromEvents;
+    private replay;
+}
+
+/**
+ * Per-project lockfile used for crash detection. The CLI writes one of
+ * these alongside the session JSONLs (`<projectSessions>/active.json`)
+ * when an interactive run starts, and deletes it on clean exit. If we
+ * find one on the next launch whose owning PID is dead (or whose host
+ * doesn't match), we know the previous run was killed mid-flight and
+ * the session it was writing to is a recovery candidate.
+ *
+ * The lockfile is intentionally per-project (already isolated by
+ * `wpaths.projectSessions`), so two TUIs in two different repos do not
+ * fight each other.
+ */
+interface RecoveryLockOptions {
+    /** Directory the lockfile lives in. Usually `wpaths.projectSessions`. */
+    dir: string;
+    /** This process's PID. Default: `process.pid`. */
+    pid?: number;
+    /** Hostname recorded for the lock. Default: `os.hostname()`. */
+    hostname?: string;
+    /** Locks older than this are considered orphaned (disk wiped, etc.). Default 24h. */
+    maxAgeMs?: number;
+    /** Used to check whether the abandoned session was actually closed cleanly. */
+    sessionStore?: SessionStore;
+    /**
+     * Override the PID-liveness probe. Default: `process.kill(pid, 0)` —
+     * succeeds (or throws EPERM) when the PID is alive, throws ESRCH when
+     * it is gone. Tests inject a deterministic stub.
+     */
+    isPidAlive?: (pid: number) => boolean;
+}
+interface AbandonedSession {
+    sessionId: string;
+    pid: number;
+    startedAt: string;
+    /** Lockfile age in ms at the time of the check. */
+    ageMs: number;
+    /** Number of messages already on disk for this session. */
+    messageCount: number;
+}
+declare class RecoveryLock {
+    private readonly file;
+    private readonly pid;
+    private readonly hostname;
+    private readonly maxAgeMs;
+    private readonly sessionStore?;
+    private readonly probe;
+    constructor(opts: RecoveryLockOptions);
+    /**
+     * Examine the lockfile and decide whether it represents an abandoned
+     * session. Returns `null` if the file is missing, points to a live
+     * instance, references a clean-closed session, is too old, or is
+     * malformed. Otherwise returns enough detail to prompt the user.
+     *
+     * Important: this is a read-only check. We never delete an active
+     * lock from here — if another wstack instance is alive, the caller
+     * should bail or run with a fresh session instead.
+     */
+    checkAbandoned(): Promise<AbandonedSession | null>;
+    /**
+     * Claim the lock for the given session. Overwrites any existing lock
+     * — the caller should have already handled abandonment (via
+     * `checkAbandoned`) before calling this.
+     */
+    write(sessionId: string): Promise<void>;
+    /**
+     * Release the lock. Idempotent — silently succeeds if the file is
+     * already gone (e.g. someone else cleared it, or the directory was
+     * wiped).
+     */
+    clear(): Promise<void>;
+    private readLock;
+}
+
+/**
+ * The persisted form of a single queued user message. The TUI's
+ * in-memory QueueItem has a render id; that's pure UI bookkeeping, so
+ * we drop it when serializing — fresh ids are assigned on rehydrate.
+ */
+interface PersistedQueueItem {
+    displayText: string;
+    blocks: ContentBlock[];
+}
+/**
+ * Side-file storage for a session's pending input queue. Lives at
+ * `<sessionDir>/queue.json` next to the attachment spool. Reads are
+ * tolerant (missing/malformed file → empty array); writes are atomic
+ * (tmp + rename) so a crash mid-write can never leave a partial file
+ * the next launch would choke on.
+ *
+ * The contract is "snapshot replacement": every mutation hands the
+ * full queue and we rewrite the file. The queue is small (rarely more
+ * than a handful of messages), so this is cheaper than delta logging
+ * and avoids the replay complexity.
+ */
+declare class QueueStore {
+    private readonly file;
+    constructor(opts: {
+        dir: string;
+    });
+    write(items: PersistedQueueItem[]): Promise<void>;
+    read(): Promise<PersistedQueueItem[]>;
+    clear(): Promise<void>;
+}
+
+interface AttachmentStoreOptions {
+    /**
+     * Directory for spooling payloads larger than `spoolThresholdBytes`.
+     * When omitted, all payloads stay in memory.
+     */
+    spoolDir?: string;
+    spoolThresholdBytes?: number;
+}
+/**
+ * In-memory attachment store with optional disk spool. Placeholder syntax
+ * is `[<kind> #<seq>]` where kind is `pasted` / `image` / `file`. Unknown
+ * placeholders are passed through as-is so users can write that literal
+ * text without losing it.
+ */
+declare class DefaultAttachmentStore implements AttachmentStore {
+    private readonly items;
+    private readonly refs;
+    private nextSeq;
+    private readonly spoolDir;
+    private readonly spoolThreshold;
+    constructor(opts?: AttachmentStoreOptions);
+    add(input: AddAttachmentInput): Promise<AttachmentRef>;
+    get(id: string): Promise<Attachment | undefined>;
+    list(): AttachmentRef[];
+    expand(text: string): Promise<ContentBlock[]>;
+    clear(): Promise<void>;
+    private toBlock;
+}
+
+interface SecretVaultOptions {
+    /** Absolute path to the key file. Created with mode 0o600 if missing. */
+    keyFile: string;
+}
+/**
+ * Default vault: AES-256-GCM with a key stored at `keyFile` (mode 0o600).
+ * The key is loaded lazily on first encrypt/decrypt; if it does not exist,
+ * a fresh one is generated. Decryption of plaintext values is a no-op so
+ * legacy configs continue to work.
+ */
+declare class DefaultSecretVault implements SecretVault {
+    private readonly keyFile;
+    private key?;
+    constructor(opts: SecretVaultOptions);
+    isEncrypted(value: string): boolean;
+    encrypt(plaintext: string): string;
+    decrypt(value: string): string;
+    private loadOrCreateKey;
+}
+/**
+ * Walk a Config-shaped object and decrypt any apiKey-like fields in place,
+ * returning a new object. Used by the config loader so the rest of the
+ * system never has to know about the wire format.
+ */
+declare function decryptConfigSecrets<T>(cfg: T, vault: SecretVault): T;
+declare function encryptConfigSecrets<T>(cfg: T, vault: SecretVault): T;
+/**
+ * Re-write `~/.wrongstack/config.json` (or any path) with all secret-bearing
+ * fields encrypted. Used by the `wstack auth` subcommand.
+ */
+declare function rewriteConfigEncrypted(configPath: string, vault: SecretVault, patch?: Record<string, unknown>): Promise<void>;
+/**
+ * Scan a config file on disk for plaintext secret-bearing fields and
+ * rewrite the file with them encrypted in place. Returns a count of how
+ * many fields were migrated. Idempotent — calling on a fully-encrypted
+ * file is a no-op and writes nothing. Used by the CLI on every boot so
+ * users who had plaintext keys before the vault landed are upgraded
+ * transparently.
+ */
+declare function migratePlaintextSecrets(configPath: string, vault: SecretVault): Promise<{
+    migrated: number;
+    file: string;
+}>;
+
+interface MemoryStoreOptions {
+    paths: WstackPaths;
+}
+/**
+ * Three scopes:
+ *   project-agents → <project>/.wrongstack/AGENTS.md     (committed)
+ *   project-memory → ~/.wrongstack/projects/<hash>/memory.md   (per-project agent notes)
+ *   user-memory    → ~/.wrongstack/memory.md             (global personal memory)
+ */
+declare class DefaultMemoryStore implements MemoryStore {
+    private readonly files;
+    constructor(opts: MemoryStoreOptions);
+    readAll(): Promise<string>;
+    read(scope: MemoryScope): Promise<string>;
+    remember(text: string, scope?: MemoryScope): Promise<void>;
+    forget(query: string, scope?: MemoryScope): Promise<number>;
+    consolidate(scope: MemoryScope): Promise<void>;
+    clear(scope?: MemoryScope): Promise<void>;
+}
+
+interface PermissionPolicyOptions {
+    trustFile: string;
+    yolo?: boolean;
+    promptDelegate?: (tool: Tool, input: unknown, suggestedPattern: string) => Promise<'yes' | 'no' | 'always' | 'deny'>;
+    inputReader?: InputReader;
+}
+declare class DefaultPermissionPolicy implements PermissionPolicy {
+    private policy;
+    private loaded;
+    private readonly trustFile;
+    private readonly yolo;
+    private readonly promptDelegate?;
+    constructor(opts: PermissionPolicyOptions);
+    reload(): Promise<void>;
+    evaluate(tool: Tool, input: unknown, _ctx: Context): Promise<PermissionDecision>;
+    trust(rule: {
+        tool: string;
+        pattern: string;
+    }): Promise<void>;
+    private subjectFor;
+    private findNamespaceEntry;
+}
+
+interface SkillLoaderOptions {
+    paths: WstackPaths;
+    bundledDir?: string;
+}
+/**
+ * Discovery order (later layers shadow earlier ones at boot, but we walk
+ * highest priority first and skip names already seen):
+ *   1. Project-committed:  <project>/.wrongstack/skills/
+ *   2. User-global:        ~/.wrongstack/skills/
+ *   3. Bundled with build: packages/core/skills/
+ */
+declare class DefaultSkillLoader implements SkillLoader {
+    private readonly dirs;
+    private cache?;
+    constructor(opts: SkillLoaderOptions);
+    list(): Promise<SkillManifest[]>;
+    find(name: string): Promise<SkillManifest | undefined>;
+    manifestText(): Promise<string>;
+    readBody(name: string): Promise<string>;
+}
+
+/**
+ * A single config source. Higher priority wins in merges.
+ * Sources are applied in priority order (lowest first), so a source
+ * with priority=10 overrides one with priority=1.
+ */
+interface ConfigSource {
+    /** Unique name for debugging and error messages. */
+    name: string;
+    /** Lower numbers merge first, higher numbers override lower. Default: 50. */
+    priority?: number;
+    /**
+     * Read the raw config patch. Return an empty object if unavailable.
+     * Errors are surfaced but do not abort loading — the source is skipped.
+     */
+    read(): Promise<Partial<Config>>;
+}
+interface ConfigLoaderOptions {
+    paths: WstackPaths;
+    strict?: boolean;
+    vault?: SecretVault;
+    /** Extra sources merged after the built-in layers. */
+    sources?: ConfigSource[];
+}
+declare class DefaultConfigLoader implements ConfigLoader {
+    private readonly paths;
+    private readonly strict;
+    private readonly vault;
+    private readonly extraSources;
+    constructor(opts: ConfigLoaderOptions);
+    load(opts?: {
+        cliFlags?: Partial<Config>;
+        cwd?: string;
+    }): Promise<Config>;
+    private readJson;
+    private validateBehavior;
+    private validateIdentity;
+}
+
+interface CompactorOptions {
+    preserveK?: number;
+    eliseThreshold?: number;
+    estimator?: (text: string) => number;
+}
+declare class HybridCompactor implements Compactor {
+    private readonly preserveK;
+    private readonly eliseThreshold;
+    private readonly estimator;
+    constructor(opts?: CompactorOptions);
+    compact(ctx: Context, opts?: {
+        aggressive?: boolean;
+    }): Promise<CompactReport>;
+    private eliseOldToolResults;
+    private collapseAncientTurns;
+    private estimateMessages;
+}
+
+/**
+ * Options for IntelligentCompactor.
+ */
+interface IntelligentCompactorOptions {
+    /** Provider to use for LLM-assisted summarization. Required. */
+    provider: Provider;
+    /** Fraction of maxContext that triggers a warning (default 0.6). */
+    warnThreshold?: number;
+    /** Fraction of maxContext that triggers soft compaction (default 0.75). */
+    softThreshold?: number;
+    /** Fraction of maxContext that triggers hard compaction (default 0.9). */
+    hardThreshold?: number;
+    /** Max context window in tokens (used only for threshold fraction math). */
+    maxContext?: number;
+    /** How many recent (user+assistant) pairs to always preserve (default 4). */
+    preserveK?: number;
+    /** Token threshold below which tool results are not elided (default 500). */
+    eliseThreshold?: number;
+    /** System prompt for the summarizer sub-LLM. */
+    summarizerPrompt?: string;
+    /**
+     * Model ID to use for summarization. When not set, the same model as the
+     * agent is used (which risks cascading failure on context overflow). Set to
+     * a fast/cheap model like `claude-3-5-haiku-20240620` for resilience.
+     */
+    summarizerModel?: string;
+}
+/**
+ * IntelligentCompactor uses an LLM to:
+ *  - Analyze message importance and preserve critical context
+ *  - Generate semantic summaries for old message ranges
+ *  - Make intelligent decisions about what to compact
+ *
+ * It extends HybridCompactor's elision logic with LLM-assisted summarization.
+ */
+declare class IntelligentCompactor implements Compactor {
+    private readonly provider;
+    private readonly warnThreshold;
+    private readonly softThreshold;
+    private readonly hardThreshold;
+    private readonly maxContext;
+    private readonly preserveK;
+    private readonly eliseThreshold;
+    private readonly summarizerPrompt;
+    private readonly summarizerModel?;
+    constructor(opts: IntelligentCompactorOptions);
+    compact(ctx: Context, opts?: {
+        aggressive?: boolean;
+    }): Promise<CompactReport>;
+    private summarizeAncientTurns;
+    private findSafeBoundary;
+    private findExchangeStart;
+    private callSummarizer;
+    private messagesToText;
+    private lightweightCompact;
+    private eliseOldToolResults;
+    private hasTextContent;
+    private estimateTokens;
+    private roughTokenEstimate;
+}
+
+/**
+ * Result of LLM-driven message importance analysis.
+ * The selector marks each message range with an importance tier,
+ * and optionally provides a natural-language summary for collapsed ranges.
+ */
+interface SelectorResult {
+    /**
+     * Ordered list of kept message ranges. Each entry describes a
+     * message range that should be preserved verbatim in the context.
+     */
+    kept: Array<{
+        from: number;
+        to: number;
+        importance: 'critical' | 'high' | 'medium';
+    }>;
+    /**
+     * Collapsed ranges — either replaced by the compactor or omitted.
+     * Each entry may carry a summary text produced by the LLM.
+     */
+    collapsed: Array<{
+        from: number;
+        to: number;
+        summary?: string;
+    }>;
+    /**
+     * Raw reasoning from the selector LLM (for debugging / audit).
+     */
+    reasoning: string;
+}
+/**
+ * Message selector that uses an LLM to decide which message ranges
+ * to keep vs collapse/summarize. The selector runs as a separate API
+ * call before compaction, making it more surgical than fixed-window
+ * or rules-based approaches.
+ */
+interface MessageSelector {
+    /**
+     * Analyze `messages` and return a structured plan for what to keep
+     * vs collapse. May modify the messages array in-place if needed,
+     * or return a plan that the caller (Compactor) executes.
+     *
+     * @param messages  Current message history (may be modified in-place)
+     * @param maxToKeep Token budget — selector should aim to keep total
+     *                  retained message content under this threshold
+     */
+    select(messages: Message[], maxToKeep: number): Promise<SelectorResult>;
+}
+
+/**
+ * Options for SelectiveCompactor — the most configurable compactor.
+ */
+interface SelectiveCompactorOptions {
+    /** Provider for LLM calls (selector + summarizer). Required. */
+    provider: Provider;
+    /** Selector for LLM-driven importance analysis. */
+    selector?: MessageSelector;
+    /** Fraction of maxContext that triggers a warning (default 0.6). */
+    warnThreshold?: number;
+    /** Fraction of maxContext that triggers soft compaction (default 0.75). */
+    softThreshold?: number;
+    /** Fraction of maxContext that triggers hard compaction (default 0.9). */
+    hardThreshold?: number;
+    /** Max context window in tokens (used for threshold fraction math). */
+    maxContext?: number;
+    /** How many recent (user+assistant) pairs to always preserve (default 4). */
+    preserveK?: number;
+    /** Token threshold below which tool results are not elided (default 500). */
+    eliseThreshold?: number;
+    /** Model for selector LLM calls (default: same as provider default). */
+    selectorModel?: string;
+    /** Summarizer model for collapsed ranges (default: same as selectorModel). */
+    summarizerModel?: string;
+    /** Prompt for the summarizer sub-LLM. */
+    summarizerPrompt?: string;
+}
+/**
+ * SelectiveCompactor uses an LLM-driven MessageSelector to make
+ * surgical decisions about which message ranges to keep vs collapse.
+ *
+ * Compared to HybridCompactor / IntelligentCompactor:
+ * - HybridCompactor: rule-based (preserveK + elision), no LLM calls
+ * - IntelligentCompactor: LLM summarization but no structured selection
+ * - SelectiveCompactor: full LLM-driven selection + optional summarization
+ */
+declare class SelectiveCompactor implements Compactor {
+    private readonly provider;
+    private readonly selector;
+    private readonly warnThreshold;
+    private readonly softThreshold;
+    private readonly hardThreshold;
+    private readonly maxContext;
+    private readonly preserveK;
+    private readonly eliseThreshold;
+    private readonly summarizerModel;
+    private readonly summarizerPrompt;
+    constructor(opts: SelectiveCompactorOptions);
+    compact(ctx: Context, opts?: {
+        aggressive?: boolean;
+    }): Promise<CompactReport>;
+    /**
+     * Run the LLM selector to decide what to keep vs collapse.
+     * Returns the token savings achieved.
+     */
+    private runSelector;
+    /**
+     * Execute a SelectorResult plan: collapse/remove ranges and
+     * insert summaries where the selector provided them.
+     */
+    private executePlan;
+    private summarizeRange;
+    private messagePreview;
+    /**
+     * Fallback when selector fails: aggressively trim from the oldest end
+     * until we hit targetBudget.
+     */
+    private aggressiveRecencyTrim;
+    private computeTargetBudget;
+    private eliseOldToolResults;
+    private hasTextContent;
+    private estimateTokens;
+    private roughTokenEstimate;
+}
+
+interface LLMSelectorOptions {
+    /** Provider used for the selector LLM call. Required. */
+    provider: Provider;
+    /** Model for the selector. Defaults to the provider's default model. */
+    model?: string;
+    /**
+     * Maximum tokens to keep in context (target budget).
+     * Selector will aim to keep total content below this.
+     */
+    maxContextTokens?: number;
+    /**
+     * Prompt instructing the selector how to behave.
+     * Should guide the LLM on importance tiers and output format.
+     */
+    systemPrompt?: string;
+}
+/**
+ * LLM-powered message selector. Calls a sub-LLM to analyze the
+ * message history and produce a keep/collapse plan — more surgical
+ * than fixed-window rules.
+ */
+declare class LLMSelector implements MessageSelector {
+    private readonly provider;
+    private readonly model;
+    private readonly maxContextTokens;
+    private readonly systemPrompt;
+    constructor(opts: LLMSelectorOptions);
+    select(messages: Message[], maxToKeep: number): Promise<SelectorResult>;
+    private fallbackSelect;
+    private parseSelectorOutput;
+}
+
+/**
+ * Pipeline middleware that monitors context token load and
+ * automatically triggers compaction when the warn/soft/hard
+ * thresholds are crossed. Runs before the next agent iteration.
+ */
+declare class AutoCompactionMiddleware {
+    readonly name = "AutoCompaction";
+    private readonly compactor;
+    private readonly warnThreshold;
+    private readonly softThreshold;
+    private readonly hardThreshold;
+    private readonly maxContext;
+    private readonly estimator;
+    private readonly aggressiveOn;
+    /**
+     * @param compactor        Compactor to use for compaction
+     * @param maxContext       Provider's max context window in tokens
+     * @param estimator        Token estimation function (ctx → token count)
+     * @param thresholds      Threshold fractions (0-1) of maxContext
+     * @param aggressiveOn    Which threshold triggers aggressive (full LLM summarization)
+     */
+    constructor(compactor: Compactor, maxContext: number, estimator: (ctx: Context) => number, thresholds: {
+        warn: number;
+        soft: number;
+        hard: number;
+    }, aggressiveOn?: 'hard' | 'soft' | 'warn');
+    handler(): MiddlewareHandler<Context>;
+    private compact;
+}
+
+interface DefaultModelsRegistryOptions {
+    cacheFile: string;
+    url?: string;
+    ttlSeconds?: number;
+    fetchImpl?: typeof fetch;
+    /** Pre-seeded payload — useful for offline scenarios and tests. */
+    seed?: ModelsDevPayload;
+    /**
+     * Maximum age in seconds for stale cache fallback when network fails.
+     * Defaults to 7 days. Set to `Infinity` for full offline resilience
+     * (risk: deprecated models, wrong pricing). Set to `0` to disable
+     * stale fallback entirely.
+     */
+    maxStaleAgeSeconds?: number;
+}
+declare function classifyFamily(npm: string | undefined): WireFamily;
+declare class DefaultModelsRegistry implements ModelsRegistry {
+    private payload?;
+    private fetchedAt?;
+    private readonly cacheFile;
+    private readonly url;
+    private readonly ttlMs;
+    private readonly fetchImpl;
+    private readonly seed?;
+    private readonly maxStaleAgeMs;
+    constructor(opts: DefaultModelsRegistryOptions);
+    load(opts?: {
+        force?: boolean;
+    }): Promise<ModelsDevPayload>;
+    refresh(): Promise<ModelsDevPayload>;
+    listProviders(): Promise<ResolvedProvider[]>;
+    getProvider(id: string): Promise<ResolvedProvider | undefined>;
+    getModel(providerId: string, modelId: string): Promise<ResolvedModel | undefined>;
+    suggestModel(providerId: string): Promise<string | undefined>;
+    ageSeconds(): Promise<number>;
+    private resolveProvider;
+    private isFresh;
+    private isWithinMaxStaleAge;
+    private readCache;
+    /** Used by `wstack models refresh` to expose where the cache lives. */
+    cacheLocation(): string;
+}
+
+declare class DefaultModeStore implements ModeStore {
+    private activeModeId;
+    private modes;
+    private configDir;
+    constructor(config: ModeConfig);
+    getActiveMode(): Promise<Mode | null>;
+    setActiveMode(modeId: string | null): Promise<void>;
+    listModes(): Promise<Mode[]>;
+    getMode(modeId: string): Promise<Mode | null>;
+    addMode(mode: Mode): Promise<void>;
+    removeMode(modeId: string): Promise<void>;
+    private loadActiveMode;
+    private saveActiveMode;
+}
+interface ModeLoaderOptions {
+    projectModesDir?: string;
+    userModesDir?: string;
+}
+declare function loadProjectModes(modesDir: string): Promise<Mode[]>;
+declare function loadUserModes(modesDir: string): Promise<Mode[]>;
+
+declare class DefaultMultiAgentCoordinator extends EventEmitter implements MultiAgentCoordinator {
+    readonly coordinatorId: string;
+    readonly config: MultiAgentConfig;
+    private readonly subagents;
+    private pendingTasks;
+    private completedResults;
+    private totalIterations;
+    constructor(config: MultiAgentConfig);
+    spawn(subagent: SubagentConfig): Promise<SpawnResult>;
+    assign(task: TaskSpec): Promise<void>;
+    delegate(to: string, msg: BridgeMessage): Promise<void>;
+    /**
+     * Wire up the communication bridge for a subagent. Call this after `spawn()`
+     * once the caller has created the bidirectional bridge connection.
+     */
+    setSubagentBridge(subagentId: string, bridge: AgentBridge): void;
+    stop(subagentId: string): Promise<void>;
+    stopAll(): Promise<void>;
+    getStatus(): CoordinatorStatus;
+    private getAvailableSubagent;
+    private dispatch;
+    private isDone;
+    completeTask(result: TaskResult): void;
+}
+
+declare class InMemoryBridgeTransport implements BridgeTransport {
+    private subs;
+    send(msg: BridgeMessage, to: string): Promise<void>;
+    subscribe(agentId: string, handler: (msg: BridgeMessage) => void): () => void;
+    close(agentId: string): Promise<void>;
+}
+declare class InMemoryAgentBridge implements AgentBridge {
+    readonly agentId: string;
+    readonly coordinatorId: string;
+    private readonly transport;
+    private readonly subscriptions;
+    private pendingRequests;
+    private stopped;
+    private timeoutMs;
+    constructor(config: AgentBridgeConfig, transport: BridgeTransport);
+    send(msg: BridgeMessage): Promise<void>;
+    broadcast(msg: BridgeMessage): Promise<void>;
+    subscribe(handler: (msg: BridgeMessage) => void | Promise<void>): () => void;
+    request<T>(msg: BridgeMessage, timeoutMs?: number): Promise<BridgeMessage<T>>;
+    stop(): Promise<void>;
+}
+declare function createMessage<T = unknown>(type: BridgeMessage['type'], from: string, payload: T, to?: string): BridgeMessage<T>;
+
+interface DoneCheckResult {
+    done: boolean;
+    reason?: string;
+    iterations: number;
+    toolCalls: number;
+}
+declare class DoneConditionChecker {
+    private readonly condition;
+    constructor(condition: DoneCondition);
+    check(state: {
+        iterations: number;
+        toolCalls: number;
+        lastOutput?: string;
+    }): DoneCheckResult;
+}
+interface AutonomousRunnerOptions {
+    agent: Agent;
+    context: Context;
+    doneCondition: DoneCondition;
+    iterationTimeoutMs?: number;
+    onIteration?: (state: {
+        iteration: number;
+        toolCalls: number;
+    }) => void;
+    onDone?: (result: RunResult & {
+        toolCalls: number;
+        reason?: string;
+    }) => void;
+}
+declare class AutonomousRunner {
+    private readonly opts;
+    private iterations;
+    private toolCalls;
+    private lastOutput?;
+    private stopped;
+    private readonly doneChecker;
+    constructor(opts: AutonomousRunnerOptions);
+    run(): Promise<RunResult & {
+        toolCalls: number;
+        reason?: string;
+    }>;
+    stop(): void;
+}
+
+interface SpecParserOptions {
+    strict?: boolean;
+}
+declare class SpecParser {
+    private readonly opts;
+    constructor(opts?: SpecParserOptions);
+    parse(content: string): Specification;
+    private extractTitle;
+    private extractVersion;
+    private extractOverview;
+    private extractSections;
+    private extractRequirements;
+    private parseRequirementLine;
+    private mapSectionType;
+    analyze(spec: Specification): SpecAnalysis;
+    validate(spec: Specification): SpecValidationResult;
+}
+
+interface TaskStore {
+    saveGraph(graph: TaskGraph): Promise<void>;
+    loadGraph(id: string): Promise<TaskGraph | null>;
+    listGraphs(): Promise<{
+        id: string;
+        title: string;
+        updatedAt: number;
+    }[]>;
+    deleteGraph(id: string): Promise<void>;
+}
+interface TaskTrackerOptions {
+    store: TaskStore;
+}
+interface TaskTransition {
+    from: TaskNode['status'];
+    to: TaskNode['status'];
+    timestamp: number;
+    reason?: string;
+}
+declare class TaskTracker {
+    private readonly opts;
+    private graph;
+    private transitions;
+    constructor(opts: TaskTrackerOptions);
+    createGraph(specId: string, title: string): Promise<TaskGraph>;
+    loadGraph(id: string): Promise<TaskGraph | null>;
+    addNode(node: Omit<TaskNode, 'id' | 'createdAt' | 'updatedAt'>): TaskNode;
+    addEdge(from: string, to: string, type?: TaskGraph['edges'][0]['type']): void;
+    updateNodeStatus(id: string, status: TaskNode['status'], reason?: string): void;
+    getNode(id: string): TaskNode | undefined;
+    getAllNodes(filter?: TaskFilter, sort?: TaskSort): TaskNode[];
+    getChildren(parentId: string): TaskNode[];
+    getDependents(taskId: string): string[];
+    getBlockers(taskId: string): string[];
+    canStart(taskId: string): boolean;
+    getProgress(): TaskProgress;
+    getTransitions(taskId?: string): TaskTransition[];
+    private unblockDependents;
+    private checkAndBlockIfNeeded;
+}
+
+interface TaskGeneratorOptions {
+    taskTracker: TaskTracker;
+}
+interface GeneratedTask {
+    specRequirementId?: string;
+    title: string;
+    description: string;
+    type: TaskType;
+    priority: TaskPriority;
+    estimateHours?: number;
+    tags?: string[];
+}
+declare class TaskGenerator {
+    private readonly opts;
+    constructor(opts: TaskGeneratorOptions);
+    generateFromSpec(spec: Specification): Promise<TaskGraph>;
+    private createTaskFromRequirement;
+    private createTaskFromEndpoint;
+    private buildDescription;
+    private mapRequirementType;
+    private mapPriority;
+    private estimateHours;
+    private estimateForEndpoint;
+    generateSubtasks(parentTaskId: string, spec: Specification): Promise<void>;
+}
+declare class DefaultTaskStore implements TaskStore {
+    private graphs;
+    saveGraph(graph: TaskGraph): Promise<void>;
+    loadGraph(id: string): Promise<TaskGraph | null>;
+    listGraphs(): Promise<{
+        id: string;
+        title: string;
+        updatedAt: number;
+    }[]>;
+    deleteGraph(id: string): Promise<void>;
+    private cloneGraph;
+}
+
+/**
+ * Extended event map used internally by TaskFlow and multi-agent components.
+ * These events are emitted on the injected EventBus and are a subset of
+ * the full EventMap — they do not require a separate registration.
+ */
+interface TaskFlowEventMap {
+    'phase.change': {
+        from: TaskFlowPhase;
+        to: TaskFlowPhase;
+    };
+    'task.started': {
+        taskId: string;
+    };
+    'task.completed': {
+        taskId: string;
+        result?: unknown;
+    };
+    'task.failed': {
+        taskId: string;
+        error: string;
+    };
+    'task.review': {
+        taskId: string;
+    };
+    'spec.analyzed': {
+        analysis: SpecAnalysis;
+    };
+    'progress': {
+        percent: number;
+        message: string;
+    };
+    'done': {
+        graph: TaskGraph;
+    };
+    'error': {
+        phase: TaskFlowPhase;
+        error: Error;
+    };
+}
+type TaskFlowPhase = 'idle' | 'parsing' | 'analyzing' | 'generating' | 'executing' | 'reviewing' | 'completing' | 'done' | 'failed';
+type TaskFlowEventName = keyof TaskFlowEventMap;
+interface TaskFlowOptions {
+    tracker: TaskTracker;
+    events: EventBus;
+    doneCondition?: DoneCondition;
+    maxConcurrent?: number;
+}
+interface TaskFlowExecutionContext {
+    executeTask: (task: TaskNode) => Promise<unknown>;
+    onTaskComplete?: (task: TaskNode, result: unknown) => void;
+    onTaskFail?: (task: TaskNode, error: Error) => void;
+}
+declare class TaskFlow {
+    private readonly opts;
+    private phase;
+    private spec;
+    private graph;
+    private stopped;
+    constructor(opts: TaskFlowOptions);
+    private emit;
+    fromSpec(specContent: string): Promise<TaskGraph>;
+    execute(ctx: TaskFlowExecutionContext): Promise<TaskGraph>;
+    reviewTask(taskId: string, approved: boolean, comment?: string): Promise<void>;
+    stop(): void;
+    getPhase(): TaskFlowPhase;
+    getGraph(): TaskGraph | null;
+    getSpec(): Specification | null;
+    private setPhase;
+    private getExecutableTasks;
+    private executeSingleTask;
+    private checkDoneCondition;
+    private emitProgress;
+}
+interface SpecDrivenDevOptions {
+    workingDirectory: string;
+    events: EventBus;
+    doneCondition?: DoneCondition;
+}
+declare class SpecDrivenDev {
+    private store;
+    private tracker;
+    private readonly events;
+    private flows;
+    constructor(opts: SpecDrivenDevOptions);
+    createFlow(specContent: string, options?: Partial<TaskFlowOptions>): Promise<TaskFlow>;
+    getTracker(): TaskTracker;
+    getFlow(graphId: string): TaskFlow | undefined;
+    listFlows(): {
+        id: string;
+        title: string;
+        phase: TaskFlowPhase;
+    }[];
+}
+
+declare class ToolExecutor {
+    private readonly registry;
+    private readonly opts;
+    private readonly serializer;
+    private readonly iterationTimeoutMs;
+    constructor(registry: {
+        get(name: string): Tool | undefined;
+        list(): Tool[];
+    }, opts: ToolExecutorOptions);
+    /**
+     * Execute a batch of tool uses using the configured strategy.
+     * Returns the execution results and the remaining output budget.
+     */
+    executeBatch(toolUses: ToolUseBlock[], ctx: Context, strategy: ToolExecutorStrategy): Promise<ToolBatchResult>;
+    /**
+     * Execute a single tool with timeout, permission check, and output capping.
+     * Emits `tool.started` via the injected EventBus (if any) right before
+     * invoking the tool — closes the observability gap between "model decided
+     * to call a tool" and "tool.executed".
+     */
+    executeTool(tool: Tool, use: ToolUseBlock, ctx: Context, budget: number): Promise<ToolResultBlock>;
+    private runWithTimeout;
+    private unknownToolResult;
+    private deniedResult;
+    private confirmResult;
+}
+
+type ContextManagerAction = 'check' | 'summary' | 'prune' | 'add_note' | 'compact';
+interface ContextManagerInput {
+    action: ContextManagerAction;
+    /** 0-based message indices for prune/summary (inclusive). */
+    from?: number;
+    to?: number;
+    /** Text for add_note / summary actions. For summary, this is the LLM-provided summary text. */
+    text?: string;
+    /** Inject after which index (for add_note). Defaults to prepend (0). */
+    afterIndex?: number;
+}
+interface ContextManagerResult {
+    action: ContextManagerAction;
+    beforeTokens: number;
+    afterTokens?: number;
+    removedCount?: number;
+    messageCount: number;
+    summary?: string;
+    notes?: string;
+}
+/**
+ * Options for creating a context manager tool.
+ * `compactor` is required for the "compact" action; without it the action returns an error.
+ */
+interface ContextManagerToolOptions {
+    compactor?: Compactor;
+    /**
+     * Optional sub-LLM summarizer. When provided, the "summary" action calls this
+     * to produce real summaries of message ranges instead of placeholder text.
+     * (signature matches Provider.complete — return the summary text in result.content[0].text)
+     */
+    summarizer?: (messages: Message[]) => Promise<string>;
+}
+declare function createContextManagerTool(opts?: ContextManagerToolOptions): Tool<ContextManagerInput, ContextManagerResult>;
+/** Pre-built instance with no compactor — compact action will return an error. */
+declare const contextManagerTool: Tool<ContextManagerInput, ContextManagerResult>;
+
+export { type AbandonedSession, type AttachmentStoreOptions, AutoCompactionMiddleware, AutonomousRunner, type AutonomousRunnerOptions, type CompactorOptions, type ConfigLoaderOptions, type ConfigSource, type ContextManagerAction, type ContextManagerInput, type ContextManagerResult, type ContextManagerToolOptions, DefaultAttachmentStore, DefaultConfigLoader, DefaultErrorHandler, DefaultLogger, type DefaultLoggerOptions, DefaultMemoryStore, DefaultModeStore, DefaultModelsRegistry, type DefaultModelsRegistryOptions, DefaultMultiAgentCoordinator, DefaultPathResolver, DefaultPermissionPolicy, DefaultRetryPolicy, DefaultSecretScrubber, DefaultSecretVault, DefaultSessionStore, DefaultSkillLoader, DefaultTaskStore, DefaultTokenCounter, type DoneCheckResult, DoneConditionChecker, type GeneratedTask, HybridCompactor, InMemoryAgentBridge, InMemoryBridgeTransport, IntelligentCompactor, type IntelligentCompactorOptions, LLMSelector, type LLMSelectorOptions, type MemoryStoreOptions, type ModeLoaderOptions, type PermissionPolicyOptions, type PersistedQueueItem, QueueStore, RecoveryLock, type RecoveryLockOptions, type SecretVaultOptions, SelectiveCompactor, type SelectiveCompactorOptions, type SessionStoreOptions, type SkillLoaderOptions, SpecDrivenDev, type SpecDrivenDevOptions, SpecParser, type SpecParserOptions, TaskFlow, type TaskFlowEventMap, type TaskFlowEventName, type TaskFlowExecutionContext, type TaskFlowOptions, type TaskFlowPhase, TaskGenerator, type TaskGeneratorOptions, type TaskStore, TaskTracker, type TaskTrackerOptions, type TaskTransition, ToolExecutor, classifyFamily, contextManagerTool, createContextManagerTool, createMessage, decryptConfigSecrets, encryptConfigSecrets, loadProjectModes, loadUserModes, migratePlaintextSecrets, rewriteConfigEncrypted };