@wrongstack/core 0.267.0 → 0.269.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (78) hide show
  1. package/dist/{agent-bridge-STJ3JwwK.d.ts → agent-bridge-PcHQl_UQ.d.ts} +1 -1
  2. package/dist/{agent-subagent-runner-CzPGP3jA.d.ts → agent-subagent-runner-SHJW7t8q.d.ts} +8 -8
  3. package/dist/{brain-Cdg77tVN.d.ts → brain-BYcK__Ym.d.ts} +1 -1
  4. package/dist/{compactor-iMZ84CXq.d.ts → compactor-C2RKEBtC.d.ts} +1 -1
  5. package/dist/{config-Du3pYYln.d.ts → config-C_ae2k86.d.ts} +79 -2
  6. package/dist/{context-dT5Ueund.d.ts → context-Dp87Bcaq.d.ts} +47 -1
  7. package/dist/coordination/index.d.ts +62 -160
  8. package/dist/coordination/index.js +566 -149
  9. package/dist/coordination/index.js.map +1 -1
  10. package/dist/defaults/index.d.ts +26 -25
  11. package/dist/defaults/index.js +366 -137
  12. package/dist/defaults/index.js.map +1 -1
  13. package/dist/execution/index.d.ts +72 -16
  14. package/dist/execution/index.js +267 -55
  15. package/dist/execution/index.js.map +1 -1
  16. package/dist/execution/prompt-enhancer.d.ts +1 -1
  17. package/dist/extension/index.d.ts +7 -6
  18. package/dist/global-mailbox-Bvrz1P3f.d.ts +664 -0
  19. package/dist/{goal-preamble-SulMTowG.d.ts → goal-preamble-CA_4yiGQ.d.ts} +9 -9
  20. package/dist/{goal-store-CABDwdFE.d.ts → goal-store-DhuJoUNG.d.ts} +1 -1
  21. package/dist/hq/index.d.ts +204 -0
  22. package/dist/hq/index.js +1931 -0
  23. package/dist/hq/index.js.map +1 -0
  24. package/dist/{index-DtCVWel4.d.ts → index-CZQ6Pwbs.d.ts} +8 -8
  25. package/dist/{index-Bms0m4oy.d.ts → index-W4VJCzHa.d.ts} +5 -5
  26. package/dist/{index-IEuxQd-E.d.ts → index-whDfTANu.d.ts} +2 -2
  27. package/dist/index.d.ts +46 -42
  28. package/dist/index.js +3472 -1651
  29. package/dist/index.js.map +1 -1
  30. package/dist/infrastructure/index.d.ts +6 -6
  31. package/dist/infrastructure/index.js +48 -21
  32. package/dist/infrastructure/index.js.map +1 -1
  33. package/dist/kernel/index.d.ts +10 -9
  34. package/dist/{pipeline-BfD2k1rT.d.ts → mailbox-types-Ct2hJq0P.d.ts} +1 -244
  35. package/dist/{mcp-servers-C2cBTxUR.d.ts → mcp-servers-DJdZiRcv.d.ts} +10 -4
  36. package/dist/models/index.d.ts +5 -5
  37. package/dist/models/index.js +4 -3
  38. package/dist/models/index.js.map +1 -1
  39. package/dist/{models-registry-BqGZNJQ-.d.ts → models-registry-C3a-2-Yd.d.ts} +1 -1
  40. package/dist/{multi-agent-coordinator-B8R43uPz.d.ts → multi-agent-coordinator-CJSpTe5O.d.ts} +1 -1
  41. package/dist/{null-fleet-bus-CnXa5oTH.d.ts → null-fleet-bus-QVshIsDx.d.ts} +6 -6
  42. package/dist/observability/index.d.ts +2 -2
  43. package/dist/{parallel-eternal-engine-DdNnw9BQ.d.ts → parallel-eternal-engine-D9y5Pkcc.d.ts} +9 -15
  44. package/dist/{path-resolver-COIMLCQL.d.ts → path-resolver-CnQ8SIfh.d.ts} +4 -3
  45. package/dist/{permission-B75JAi3-.d.ts → permission-CvYQNUqZ.d.ts} +1 -1
  46. package/dist/{permission-policy-DlR9eJAM.d.ts → permission-policy-D5Ss8j4B.d.ts} +2 -3
  47. package/dist/pipeline-l_zzFRh3.d.ts +245 -0
  48. package/dist/{plan-templates-DSIKCXZN.d.ts → plan-templates-NtPgyeJA.d.ts} +6 -5
  49. package/dist/{provider-model-resolve-BNRsNuJx.d.ts → provider-model-resolve-d5poT5y0.d.ts} +3 -3
  50. package/dist/{provider-runner-CX7iIvox.d.ts → provider-runner-gkctlQV_.d.ts} +3 -3
  51. package/dist/{retry-policy-BilV1ujH.d.ts → retry-policy-CtFhfwa8.d.ts} +1 -1
  52. package/dist/sdd/index.d.ts +9 -8
  53. package/dist/sdd/index.js +33 -3
  54. package/dist/sdd/index.js.map +1 -1
  55. package/dist/{secret-vault-gkvEZZfE.d.ts → secret-vault-BLsVmTIK.d.ts} +1 -1
  56. package/dist/security/index.d.ts +5 -5
  57. package/dist/security/index.js +39 -29
  58. package/dist/security/index.js.map +1 -1
  59. package/dist/{selector-Bc7eWtT3.d.ts → selector-CXl2_y9W.d.ts} +1 -1
  60. package/dist/{session-event-bridge-D-araDEz.d.ts → session-event-bridge-Ccud20CC.d.ts} +1 -1
  61. package/dist/{session-reader-D7Dapswh.d.ts → session-reader-ZeXQmsmE.d.ts} +1 -1
  62. package/dist/skills/index.js.map +1 -1
  63. package/dist/storage/index.d.ts +16 -12
  64. package/dist/storage/index.js +273 -100
  65. package/dist/storage/index.js.map +1 -1
  66. package/dist/tools/index.d.ts +2 -2
  67. package/dist/tools/index.js +166 -31
  68. package/dist/tools/index.js.map +1 -1
  69. package/dist/types/index.d.ts +22 -21
  70. package/dist/types/index.js +178 -70
  71. package/dist/types/index.js.map +1 -1
  72. package/dist/utils/index.d.ts +22 -3
  73. package/dist/utils/index.js +197 -25
  74. package/dist/utils/index.js.map +1 -1
  75. package/package.json +5 -1
  76. package/skills/chimera/SKILL.md +1 -1
  77. package/skills/typescript-strict/SKILL.md +3 -3
  78. package/skills/typescript-strict/SKILL.save.md +1 -1
@@ -1,4 +1,4 @@
1
- import { S as SecretScrubber } from './permission-B75JAi3-.js';
1
+ import { S as SecretScrubber } from './permission-CvYQNUqZ.js';
2
2
  import { L as Logger } from './logger-B63L5bTg.js';
3
3
  import { R as RotatableSecretVault, S as SecretVault } from './secret-vault-BAKpgFw_.js';
4
4
 
@@ -1,8 +1,8 @@
1
- export { a as DefaultSecretScrubber, D as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, i as isSecretField, m as migratePlaintextSecrets, r as rewriteConfigEncrypted, b as rotateConfigKeys } from '../secret-vault-gkvEZZfE.js';
2
- export { A as AutoApprovePermissionPolicy, D as DefaultPermissionPolicy, P as PermissionPolicyOptions } from '../permission-policy-DlR9eJAM.js';
3
- export { D as DANGEROUS_FOR_SUBAGENTS, T as ToolCapabilities, a as ToolCapability, g as getDangerousCapabilities, h as hasCapability, b as hasDangerousCapabilityForSubagents } from '../index-IEuxQd-E.js';
4
- import '../permission-B75JAi3-.js';
5
- import '../context-dT5Ueund.js';
1
+ export { a as DefaultSecretScrubber, D as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, i as isSecretField, m as migratePlaintextSecrets, r as rewriteConfigEncrypted, b as rotateConfigKeys } from '../secret-vault-BLsVmTIK.js';
2
+ export { A as AutoApprovePermissionPolicy, D as DefaultPermissionPolicy, P as PermissionPolicyOptions } from '../permission-policy-D5Ss8j4B.js';
3
+ export { D as DANGEROUS_FOR_SUBAGENTS, T as ToolCapabilities, a as ToolCapability, g as getDangerousCapabilities, h as hasCapability, b as hasDangerousCapabilityForSubagents } from '../index-whDfTANu.js';
4
+ import '../permission-CvYQNUqZ.js';
5
+ import '../context-Dp87Bcaq.js';
6
6
  import '../logger-B63L5bTg.js';
7
7
  import '../secret-vault-BAKpgFw_.js';
8
8
  import '../input-reader-E-ffP2ee.js';
@@ -395,6 +395,41 @@ function safeParse(input, maxBytes = 5e6) {
395
395
  }
396
396
  }
397
397
 
398
+ // src/utils/tool-subject.ts
399
+ var GLOB_METACHARACTERS = /[*?[\]]/g;
400
+ function escapeGlobSubject(value) {
401
+ return value.replace(GLOB_METACHARACTERS, (char) => `\\${char}`);
402
+ }
403
+ function normalizePathSubject(value) {
404
+ return escapeGlobSubject(value.replace(/\\/g, "/"));
405
+ }
406
+ function isPathSubjectKey(subjectKey) {
407
+ return subjectKey === "path" || subjectKey === "file" || subjectKey === "files";
408
+ }
409
+ function subjectForToolInput(toolName, input, subjectKey) {
410
+ if (!input || typeof input !== "object") return void 0;
411
+ const obj = input;
412
+ if (subjectKey) {
413
+ const value = obj[subjectKey];
414
+ if (typeof value === "string") {
415
+ return isPathSubjectKey(subjectKey) ? normalizePathSubject(value) : escapeGlobSubject(value);
416
+ }
417
+ }
418
+ if (toolName === "bash" && typeof obj.command === "string") {
419
+ return escapeGlobSubject(obj.command);
420
+ }
421
+ if (typeof obj.path === "string") {
422
+ return normalizePathSubject(obj.path);
423
+ }
424
+ if (typeof obj.url === "string") {
425
+ return escapeGlobSubject(obj.url);
426
+ }
427
+ if (typeof obj.name === "string") {
428
+ return escapeGlobSubject(obj.name);
429
+ }
430
+ return void 0;
431
+ }
432
+
398
433
  // src/types/errors.ts
399
434
  var ERROR_CODES = {
400
435
  // Provider
@@ -1167,7 +1202,7 @@ var DefaultPermissionPolicy = class {
1167
1202
  if (!this.loaded) await this.reload();
1168
1203
  const namespaceEntry = this.findNamespaceEntry(tool.name);
1169
1204
  const entry = this.policy[tool.name] ?? namespaceEntry;
1170
- const subject = this.subjectFor(tool.name, input, tool.subjectKey);
1205
+ const subject = subjectForToolInput(tool.name, input, tool.subjectKey);
1171
1206
  const cacheKey = `${tool.name}::${subject ?? tool.name}`;
1172
1207
  if (tool.name !== "write") {
1173
1208
  const cached = this._evalCache.get(cacheKey);
@@ -1349,32 +1384,6 @@ var DefaultPermissionPolicy = class {
1349
1384
  this.sessionAllowed.set(`${rule.tool}::${rule.pattern}`, true);
1350
1385
  this._evalCache.clear();
1351
1386
  }
1352
- subjectFor(toolName, input, subjectKey) {
1353
- if (!input || typeof input !== "object") return void 0;
1354
- const obj = input;
1355
- const globChars = /[*?[\]]/g;
1356
- const escapeGlob = (s) => s.replace(globChars, (c) => `\\${c}`);
1357
- const normalizePath = (s) => escapeGlob(s.replace(/\\/g, "/"));
1358
- if (subjectKey) {
1359
- const v = obj[subjectKey];
1360
- if (typeof v === "string") {
1361
- return subjectKey === "path" || subjectKey === "file" || subjectKey === "files" ? normalizePath(v) : escapeGlob(v);
1362
- }
1363
- }
1364
- if (toolName === "bash" && typeof obj.command === "string") {
1365
- return escapeGlob(obj.command);
1366
- }
1367
- if (typeof obj.path === "string") {
1368
- return normalizePath(obj.path);
1369
- }
1370
- if (typeof obj.url === "string") {
1371
- return escapeGlob(obj.url);
1372
- }
1373
- if (typeof obj.name === "string") {
1374
- return escapeGlob(obj.name);
1375
- }
1376
- return void 0;
1377
- }
1378
1387
  findNamespaceEntry(toolName) {
1379
1388
  for (const { pattern, value } of this.wildcardEntries) {
1380
1389
  if (matchGlob(pattern, toolName)) return value;
@@ -1397,12 +1406,13 @@ var AutoApprovePermissionPolicy = class _AutoApprovePermissionPolicy {
1397
1406
  const caps = tool.capabilities ?? [];
1398
1407
  const hasAllowedCap = caps.some((c) => this.allowedCapabilities.includes(c));
1399
1408
  const isMcp = _AutoApprovePermissionPolicy.isMcpTool(tool.name);
1409
+ const mcpProxyAllowed = this.allowedCapabilities.includes(ToolCapabilities.MCP_PROXY);
1400
1410
  const dangerousNotAllowed = getDangerousCapabilities(tool).filter(
1401
1411
  (c) => !this.allowedCapabilities.includes(c)
1402
1412
  );
1403
- const blocked = tool.permission === "deny" || isMcp || !hasAllowedCap || dangerousNotAllowed.length > 0;
1413
+ const blocked = tool.permission === "deny" || isMcp && !mcpProxyAllowed || !hasAllowedCap || dangerousNotAllowed.length > 0;
1404
1414
  if (blocked) {
1405
- const reason = isMcp ? `MCP tool ${tool.name} is not auto-approved for subagents \u2014 ask the leader to allow it explicitly` : tool.permission === "deny" ? "tool default deny" : dangerousNotAllowed.length > 0 ? `tool requires un-granted dangerous capability (needs: ${dangerousNotAllowed.join(", ")}, allowed: ${this.allowedCapabilities.join(", ")})` : `tool lacks allowed capability (has: ${caps.join(", ") || "none"}, allowed: ${this.allowedCapabilities.join(", ")})`;
1415
+ const reason = isMcp && !mcpProxyAllowed ? `MCP tool ${tool.name} is not auto-approved for subagents \u2014 ask the leader to allow mcp.proxy explicitly` : tool.permission === "deny" ? "tool default deny" : dangerousNotAllowed.length > 0 ? `tool requires un-granted dangerous capability (needs: ${dangerousNotAllowed.join(", ")}, allowed: ${this.allowedCapabilities.join(", ")})` : `tool lacks allowed capability (has: ${caps.join(", ") || "none"}, allowed: ${this.allowedCapabilities.join(", ")})`;
1406
1416
  return {
1407
1417
  permission: "deny",
1408
1418
  source: "subagent_guard",