@wrongstack/core 0.264.0 → 0.267.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (90) hide show
  1. package/dist/{agent-bridge-D8sa1vtv.d.ts → agent-bridge-STJ3JwwK.d.ts} +1 -1
  2. package/dist/{agent-subagent-runner-c9DLkaas.d.ts → agent-subagent-runner-CzPGP3jA.d.ts} +131 -11
  3. package/dist/{brain-O1IdKPaK.d.ts → brain-Cdg77tVN.d.ts} +103 -2
  4. package/dist/{compactor-BBy0rCtB.d.ts → compactor-iMZ84CXq.d.ts} +19 -1
  5. package/dist/{config-Dz2F3H2K.d.ts → config-Du3pYYln.d.ts} +132 -13
  6. package/dist/{context-BGSpZNSE.d.ts → context-dT5Ueund.d.ts} +90 -12
  7. package/dist/coordination/index.d.ts +78 -22
  8. package/dist/coordination/index.js +695 -273
  9. package/dist/coordination/index.js.map +1 -1
  10. package/dist/{default-config-CXsDvOmP.d.ts → default-config-B0cj-Hry.d.ts} +11 -1
  11. package/dist/defaults/index.d.ts +28 -28
  12. package/dist/defaults/index.js +2327 -965
  13. package/dist/defaults/index.js.map +1 -1
  14. package/dist/execution/index.d.ts +16 -16
  15. package/dist/execution/index.js +1500 -371
  16. package/dist/execution/index.js.map +1 -1
  17. package/dist/execution/prompt-enhancer.d.ts +2 -2
  18. package/dist/execution/prompt-enhancer.js +1 -1
  19. package/dist/execution/prompt-enhancer.js.map +1 -1
  20. package/dist/extension/index.d.ts +6 -6
  21. package/dist/{goal-preamble-DzjFuN3p.d.ts → goal-preamble-SulMTowG.d.ts} +33 -12
  22. package/dist/{goal-store-CxWmCGbH.d.ts → goal-store-CABDwdFE.d.ts} +1 -1
  23. package/dist/{index-CbLSI66_.d.ts → index-Bms0m4oy.d.ts} +5 -5
  24. package/dist/{index-CYIQrXVF.d.ts → index-DtCVWel4.d.ts} +8 -8
  25. package/dist/index-IEuxQd-E.d.ts +82 -0
  26. package/dist/index.d.ts +261 -57
  27. package/dist/index.js +4799 -2212
  28. package/dist/index.js.map +1 -1
  29. package/dist/infrastructure/index.d.ts +6 -6
  30. package/dist/infrastructure/index.js +84 -9
  31. package/dist/infrastructure/index.js.map +1 -1
  32. package/dist/kernel/index.d.ts +9 -9
  33. package/dist/kernel/index.js +1 -1
  34. package/dist/kernel/index.js.map +1 -1
  35. package/dist/{mcp-servers-DC4QRPUI.d.ts → mcp-servers-C2cBTxUR.d.ts} +3 -3
  36. package/dist/models/index.d.ts +5 -5
  37. package/dist/models/index.js +104 -31
  38. package/dist/models/index.js.map +1 -1
  39. package/dist/{models-registry-B_siPxqN.d.ts → models-registry-BqGZNJQ-.d.ts} +1 -1
  40. package/dist/{multi-agent-coordinator-CK5Jdj9K.d.ts → multi-agent-coordinator-B8R43uPz.d.ts} +1 -1
  41. package/dist/{null-fleet-bus-DgvD4SCO.d.ts → null-fleet-bus-CnXa5oTH.d.ts} +14 -9
  42. package/dist/observability/index.d.ts +2 -2
  43. package/dist/{parallel-eternal-engine-bK0JQBR_.d.ts → parallel-eternal-engine-DdNnw9BQ.d.ts} +11 -9
  44. package/dist/{path-resolver-BPEDlN38.d.ts → path-resolver-COIMLCQL.d.ts} +3 -3
  45. package/dist/{permission-4yvGmMRB.d.ts → permission-B75JAi3-.d.ts} +1 -1
  46. package/dist/{permission-policy-C6XpsBOy.d.ts → permission-policy-DlR9eJAM.d.ts} +2 -2
  47. package/dist/{pipeline-CXCeMz8J.d.ts → pipeline-BfD2k1rT.d.ts} +3 -3
  48. package/dist/{plan-templates-BvzRBkJc.d.ts → plan-templates-DSIKCXZN.d.ts} +32 -8
  49. package/dist/provider-model-resolve-BNRsNuJx.d.ts +107 -0
  50. package/dist/{provider-runner-C5aQpDWE.d.ts → provider-runner-CX7iIvox.d.ts} +3 -3
  51. package/dist/{retry-policy-CFhdtRzz.d.ts → retry-policy-BilV1ujH.d.ts} +1 -1
  52. package/dist/sdd/index.d.ts +8 -8
  53. package/dist/sdd/index.js +286 -105
  54. package/dist/sdd/index.js.map +1 -1
  55. package/dist/secret-vault-BAKpgFw_.d.ts +57 -0
  56. package/dist/{secret-vault-CxiVLbt1.d.ts → secret-vault-gkvEZZfE.d.ts} +43 -4
  57. package/dist/security/index.d.ts +6 -68
  58. package/dist/security/index.js +296 -95
  59. package/dist/security/index.js.map +1 -1
  60. package/dist/{selector-gIuhRTkN.d.ts → selector-Bc7eWtT3.d.ts} +1 -1
  61. package/dist/{session-event-bridge-DkvvrpDt.d.ts → session-event-bridge-D-araDEz.d.ts} +1 -1
  62. package/dist/{session-reader-KdfVwkKP.d.ts → session-reader-D7Dapswh.d.ts} +1 -1
  63. package/dist/storage/index.d.ts +112 -15
  64. package/dist/storage/index.js +491 -156
  65. package/dist/storage/index.js.map +1 -1
  66. package/dist/tools/index.d.ts +4 -2
  67. package/dist/tools/index.js.map +1 -1
  68. package/dist/types/index.d.ts +21 -21
  69. package/dist/types/index.js +1523 -450
  70. package/dist/types/index.js.map +1 -1
  71. package/dist/utils/index.d.ts +455 -407
  72. package/dist/utils/index.js +2191 -1203
  73. package/dist/utils/index.js.map +1 -1
  74. package/dist/{wstack-paths-CJjEwPXn.d.ts → wstack-paths-hOpNLmvf.d.ts} +2 -0
  75. package/package.json +1 -1
  76. package/skills/api-design/SKILL.md +1 -1
  77. package/skills/audit-log/SKILL.md +6 -6
  78. package/skills/bug-hunter/SKILL.md +5 -5
  79. package/skills/chimera/SKILL.md +4 -4
  80. package/skills/docker-deploy/SKILL.md +1 -1
  81. package/skills/git-flow/SKILL.md +3 -3
  82. package/skills/multi-agent/SKILL.md +3 -3
  83. package/skills/node-modern/SKILL.md +1 -0
  84. package/skills/observability/SKILL.md +2 -2
  85. package/skills/output-standards/SKILL.md +51 -28
  86. package/skills/refactor-planner/SKILL.md +3 -3
  87. package/skills/security-scanner/SKILL.md +4 -3
  88. package/skills/tech-stack/SKILL.md +1 -2
  89. package/dist/llm-selector-DzxuZnNz.d.ts +0 -58
  90. package/dist/secret-vault-BJDY28ev.d.ts +0 -25
@@ -0,0 +1,57 @@
1
+ /**
2
+ * SecretVault encrypts secrets-at-rest in config files. The wire format is
3
+ * `enc:v<N>:<base64-iv>:<base64-tag>:<base64-ciphertext>` where `<N>` is the
4
+ * key version used for encryption. Plaintext strings (those that do not match
5
+ * this prefix) are passed through unchanged so that existing configs and
6
+ * env-var-derived values keep working.
7
+ *
8
+ * Key rotation produces a new key and re-encrypts all secrets under it.
9
+ * After rotation, `encrypt()` emits the new version prefix (e.g. `enc:v2:`)
10
+ * and `decrypt()` accepts any version prefix — it uses the current key
11
+ * regardless, since rotation re-encrypts every value atomically.
12
+ *
13
+ * The vault is intentionally NOT designed to defeat a determined local
14
+ * attacker who can read both the config file and the key file — that level
15
+ * of secrecy needs the OS keychain. The goal is to keep keys from being
16
+ * visible in screen shares, accidental log captures, and `cat config.json`
17
+ * over someone's shoulder.
18
+ */
19
+ interface SecretVault {
20
+ encrypt(plaintext: string): string;
21
+ decrypt(value: string): string;
22
+ isEncrypted(value: string): boolean;
23
+ /** Current key version. Starts at 1; incremented by `rotateKey()`. */
24
+ readonly keyVersion: number;
25
+ }
26
+ /**
27
+ * RotatableSecretVault extends SecretVault with key rotation support.
28
+ * `rotateKey()` generates a fresh key, writes it to disk, and increments
29
+ * the key version. All subsequent `encrypt()` calls use the new version
30
+ * prefix. The caller is responsible for re-encrypting existing config
31
+ * values (see `rotateConfigKeys()`).
32
+ */
33
+ interface RotatableSecretVault extends SecretVault {
34
+ rotateKey(): {
35
+ oldVersion: number;
36
+ newVersion: number;
37
+ };
38
+ }
39
+ /**
40
+ * Return the encrypted prefix for a given key version.
41
+ * @example encryptedPrefixForVersion(1) // 'enc:v1:'
42
+ * @example encryptedPrefixForVersion(2) // 'enc:v2:'
43
+ */
44
+ declare function encryptedPrefixForVersion(version: number): string;
45
+ /**
46
+ * Parse the key version from an encrypted value string.
47
+ * Returns undefined if the string is not an encrypted value.
48
+ */
49
+ declare function parseEncryptedVersion(value: string): number | undefined;
50
+ /**
51
+ * No-op SecretVault that passes values through unchanged.
52
+ * Used in contexts where encryption is not needed — e.g. reading/writing
53
+ * config sections that contain no secret fields (models, settings, etc.).
54
+ */
55
+ declare const noOpVault: SecretVault;
56
+
57
+ export { type RotatableSecretVault as R, type SecretVault as S, encryptedPrefixForVersion as e, noOpVault as n, parseEncryptedVersion as p };
@@ -1,6 +1,6 @@
1
- import { S as SecretScrubber } from './permission-4yvGmMRB.js';
1
+ import { S as SecretScrubber } from './permission-B75JAi3-.js';
2
2
  import { L as Logger } from './logger-B63L5bTg.js';
3
- import { S as SecretVault } from './secret-vault-BJDY28ev.js';
3
+ import { R as RotatableSecretVault, S as SecretVault } from './secret-vault-BAKpgFw_.js';
4
4
 
5
5
  declare class DefaultSecretScrubber implements SecretScrubber {
6
6
  scrub(text: string): string;
@@ -24,14 +24,33 @@ interface SecretVaultOptions {
24
24
  * The key is loaded lazily on first encrypt/decrypt; if it does not exist,
25
25
  * a fresh one is generated. Decryption of plaintext values is a no-op so
26
26
  * legacy configs continue to work.
27
+ *
28
+ * Key file format:
29
+ * - Legacy (v1): exactly 32 raw bytes
30
+ * - Versioned (v2+): 4-byte magic `WSKV` + 1-byte version + 32-byte key (37 bytes)
31
+ *
32
+ * Encrypted value format: `enc:v<N>:<iv>:<tag>:<ciphertext>` where N is the
33
+ * key version. After rotation, encrypt() emits the new version prefix.
27
34
  */
28
- declare class DefaultSecretVault implements SecretVault {
35
+ declare class DefaultSecretVault implements RotatableSecretVault {
29
36
  private readonly keyFile;
30
37
  private key?;
38
+ private _keyVersion;
31
39
  constructor(opts: SecretVaultOptions);
40
+ /** Current key version. Starts at 1; incremented by rotateKey(). */
41
+ get keyVersion(): number;
32
42
  isEncrypted(value: string): boolean;
33
43
  encrypt(plaintext: string): string;
34
44
  decrypt(value: string): string;
45
+ /**
46
+ * Generate a new encryption key, write it to disk, and increment the key version.
47
+ * After rotation, encrypt() emits the new version prefix (e.g. enc:v2:).
48
+ * The caller must re-encrypt existing config values (see rotateConfigKeys()).
49
+ */
50
+ rotateKey(): {
51
+ oldVersion: number;
52
+ newVersion: number;
53
+ };
35
54
  private loadOrCreateKey;
36
55
  }
37
56
  /**
@@ -67,5 +86,25 @@ declare function migratePlaintextSecrets(configPath: string, vault: SecretVault,
67
86
  migrated: number;
68
87
  file: string;
69
88
  }>;
89
+ /**
90
+ * Rotate the vault's encryption key and re-encrypt all secret-bearing
91
+ * fields in a config file. This is the atomic key rotation operation:
92
+ *
93
+ * 1. Read the config file
94
+ * 2. Decrypt all encrypted values with the old key
95
+ * 3. Generate a new key (vault.rotateKey())
96
+ * 4. Re-encrypt all values with the new key (new version prefix)
97
+ * 5. Write the config file atomically
98
+ *
99
+ * Returns the number of fields re-encrypted and the version transition.
100
+ * If the config file doesn't exist or has no encrypted fields, returns
101
+ * { rotated: 0 } without modifying the key.
102
+ */
103
+ declare function rotateConfigKeys(configPath: string, vault: RotatableSecretVault, logger?: Pick<Logger, 'warn' | 'info'>): Promise<{
104
+ rotated: number;
105
+ oldVersion: number;
106
+ newVersion: number;
107
+ file: string;
108
+ }>;
70
109
 
71
- export { DefaultSecretScrubber as D, type SecretVaultOptions as S, DefaultSecretVault as a, decryptConfigSecrets as d, encryptConfigSecrets as e, isSecretField as i, migratePlaintextSecrets as m, rewriteConfigEncrypted as r };
110
+ export { DefaultSecretVault as D, type SecretVaultOptions as S, DefaultSecretScrubber as a, rotateConfigKeys as b, decryptConfigSecrets as d, encryptConfigSecrets as e, isSecretField as i, migratePlaintextSecrets as m, rewriteConfigEncrypted as r };
@@ -1,70 +1,8 @@
1
- export { D as DefaultSecretScrubber, a as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, i as isSecretField, m as migratePlaintextSecrets, r as rewriteConfigEncrypted } from '../secret-vault-CxiVLbt1.js';
2
- export { A as AutoApprovePermissionPolicy, D as DefaultPermissionPolicy, P as PermissionPolicyOptions } from '../permission-policy-C6XpsBOy.js';
3
- import '../permission-4yvGmMRB.js';
4
- import '../context-BGSpZNSE.js';
1
+ export { a as DefaultSecretScrubber, D as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, i as isSecretField, m as migratePlaintextSecrets, r as rewriteConfigEncrypted, b as rotateConfigKeys } from '../secret-vault-gkvEZZfE.js';
2
+ export { A as AutoApprovePermissionPolicy, D as DefaultPermissionPolicy, P as PermissionPolicyOptions } from '../permission-policy-DlR9eJAM.js';
3
+ export { D as DANGEROUS_FOR_SUBAGENTS, T as ToolCapabilities, a as ToolCapability, g as getDangerousCapabilities, h as hasCapability, b as hasDangerousCapabilityForSubagents } from '../index-IEuxQd-E.js';
4
+ import '../permission-B75JAi3-.js';
5
+ import '../context-dT5Ueund.js';
5
6
  import '../logger-B63L5bTg.js';
6
- import '../secret-vault-BJDY28ev.js';
7
+ import '../secret-vault-BAKpgFw_.js';
7
8
  import '../input-reader-E-ffP2ee.js';
8
-
9
- /**
10
- * Well-known tool capabilities used for authorization decisions.
11
- *
12
- * These are the preferred values for `Tool.capabilities`.
13
- * New capabilities should be added here with clear documentation.
14
- *
15
- * Philosophy (2026-06+):
16
- * - Prefer capabilities over exact tool name matching.
17
- * - Subagent guards and future policies should primarily key off capabilities.
18
- * - Name-based denylists are legacy and will be phased down.
19
- */
20
- declare const ToolCapabilities: {
21
- /** Can execute arbitrary commands in the user's shell (the `bash` tool). */
22
- readonly SHELL_ARBITRARY: "shell.arbitrary";
23
- /** Can execute a restricted set of commands (the `exec` tool). */
24
- readonly SHELL_RESTRICTED: "shell.restricted";
25
- /** Can read files inside the project (and possibly outside via symlinks if not guarded). */
26
- readonly FS_READ: "fs.read";
27
- /** Can write / modify / delete files inside the project. */
28
- readonly FS_WRITE: "fs.write";
29
- /** Can write files outside the current project root (very high risk). */
30
- readonly FS_WRITE_OUTSIDE_PROJECT: "fs.write.outside-project";
31
- /** Can perform outbound network requests. */
32
- readonly NET_OUTBOUND: "net.outbound";
33
- /** Proxies tools from external MCP servers (unknown capability). */
34
- readonly MCP_PROXY: "mcp.proxy";
35
- /** Can spawn or manage subagents / multi-agent tasks. */
36
- readonly SUBAGENT_SPAWN: "subagent.spawn";
37
- /** Can mutate global or session configuration / trust state. */
38
- readonly CONFIG_MUTATE: "config.mutate";
39
- /** Can install packages or run package managers with side effects. */
40
- readonly PACKAGE_INSTALL: "package.install";
41
- };
42
- type ToolCapability = (typeof ToolCapabilities)[keyof typeof ToolCapabilities];
43
- /**
44
- * Set of capabilities that are considered dangerous for subagents by default.
45
- * Subagents should not receive these capabilities unless the leader explicitly
46
- * allows the specific tool at spawn time.
47
- */
48
- declare const DANGEROUS_FOR_SUBAGENTS: readonly ToolCapability[];
49
- /**
50
- * Check if a tool (or its capabilities array) includes any dangerous capability
51
- * for subagent execution.
52
- */
53
- declare function hasDangerousCapabilityForSubagents(toolOrCaps: {
54
- capabilities?: readonly string[] | undefined;
55
- } | readonly string[] | undefined): boolean;
56
- /**
57
- * Check if a tool declares a specific capability (or any of the provided ones).
58
- */
59
- declare function hasCapability(toolOrCaps: {
60
- capabilities?: readonly string[] | undefined;
61
- } | readonly string[] | undefined, capability: ToolCapability | ToolCapability[]): boolean;
62
- /**
63
- * Returns the intersection of a tool's capabilities with the dangerous set.
64
- * Useful for logging and audit trails.
65
- */
66
- declare function getDangerousCapabilities(toolOrCaps: {
67
- capabilities?: readonly string[] | undefined;
68
- } | readonly string[] | undefined): ToolCapability[];
69
-
70
- export { DANGEROUS_FOR_SUBAGENTS, ToolCapabilities, type ToolCapability, getDangerousCapabilities, hasCapability, hasDangerousCapabilityForSubagents };