@wrongstack/core 0.3.4 → 0.3.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. package/dist/{agent-bridge-C3DUGjSb.d.ts → agent-bridge-DaOnnHNW.d.ts} +1 -1
  2. package/dist/{compactor-DpJBI1YH.d.ts → compactor-CFky6JKM.d.ts} +1 -1
  3. package/dist/{config-DgE3JslD.d.ts → config-RlhKLjme.d.ts} +1 -1
  4. package/dist/{context-IovtuTf8.d.ts → context-B1kBj1lY.d.ts} +4 -3
  5. package/dist/coordination/index.d.ts +10 -10
  6. package/dist/coordination/index.js +12 -1
  7. package/dist/coordination/index.js.map +1 -1
  8. package/dist/defaults/index.d.ts +16 -16
  9. package/dist/defaults/index.js +119 -6
  10. package/dist/defaults/index.js.map +1 -1
  11. package/dist/{events-BHIQs4o1.d.ts → events-BBaKeMfb.d.ts} +11 -1
  12. package/dist/execution/index.d.ts +11 -11
  13. package/dist/execution/index.js +9 -0
  14. package/dist/execution/index.js.map +1 -1
  15. package/dist/extension/index.d.ts +6 -6
  16. package/dist/{index-DedY4Euf.d.ts → index-meJRuQtc.d.ts} +20 -5
  17. package/dist/index.d.ts +25 -25
  18. package/dist/index.js +211 -27
  19. package/dist/index.js.map +1 -1
  20. package/dist/infrastructure/index.d.ts +6 -6
  21. package/dist/kernel/index.d.ts +9 -9
  22. package/dist/kernel/index.js.map +1 -1
  23. package/dist/{mcp-servers-zGiC1lQc.d.ts → mcp-servers-Cf4-bJnd.d.ts} +3 -3
  24. package/dist/models/index.d.ts +2 -2
  25. package/dist/{multi-agent-B9a6sflH.d.ts → multi-agent-D5m66hzB.d.ts} +1 -1
  26. package/dist/observability/index.d.ts +2 -2
  27. package/dist/{path-resolver--59rCou3.d.ts → path-resolver-Bg4OP5fi.d.ts} +2 -2
  28. package/dist/{provider-runner-B39miKRw.d.ts → provider-runner-CU9gnU2E.d.ts} +3 -3
  29. package/dist/sdd/index.d.ts +3 -3
  30. package/dist/secret-scrubber-DyUAWS09.d.ts +54 -0
  31. package/dist/{secret-scrubber-Cuy5afaQ.d.ts → secret-scrubber-Dyh5LVYL.d.ts} +1 -1
  32. package/dist/security/index.d.ts +58 -5
  33. package/dist/security/index.js +90 -5
  34. package/dist/security/index.js.map +1 -1
  35. package/dist/{selector-wT2fv9Fg.d.ts → selector-DBEiwXBk.d.ts} +1 -1
  36. package/dist/{session-reader-CcPi4BQ8.d.ts → session-reader-D-z0AgHs.d.ts} +1 -1
  37. package/dist/{skill-C_7znCIC.d.ts → skill-DayhFUBb.d.ts} +1 -1
  38. package/dist/storage/index.d.ts +5 -5
  39. package/dist/storage/index.js +12 -0
  40. package/dist/storage/index.js.map +1 -1
  41. package/dist/{system-prompt-Dk1qm8ey.d.ts → system-prompt-DNetCecu.d.ts} +1 -1
  42. package/dist/{tool-executor-DY0iSXYf.d.ts → tool-executor-B5bgmEgE.d.ts} +12 -5
  43. package/dist/types/index.d.ts +15 -15
  44. package/dist/types/index.js +16 -0
  45. package/dist/types/index.js.map +1 -1
  46. package/dist/utils/index.d.ts +1 -1
  47. package/package.json +1 -1
  48. package/dist/secret-scrubber-CgG2tV2B.d.ts +0 -31
@@ -1,35 +1,35 @@
1
1
  export { D as DefaultLogger, a as DefaultLoggerOptions } from '../logger-BH6AE0W9.js';
2
2
  export { AbandonedSession, AttachmentStoreOptions, ConfigLoaderOptions, ConfigMigration, ConfigMigrationError, ConfigSource, DEFAULT_CONFIG_MIGRATIONS, DefaultAttachmentStore, DefaultConfigLoader, DefaultConfigStore, DefaultMemoryStore, DefaultSessionStore, DirectorStateCheckpoint, DirectorStateSnapshot, DirectorSubagentState, DirectorTaskState, MemoryStoreOptions, MigrationContext, MigrationResult, PersistedQueueItem, PlanFile, PlanItem, QueueStore, RecoveryLock, RecoveryLockOptions, SessionAnalyzer, SessionStoreOptions, TodosCheckpointFile, addPlanItem, attachPlanCheckpoint, attachTodosCheckpoint, clearPlan, emptyPlan, formatPlan, loadDirectorState, loadPlan, loadTodosCheckpoint, removePlanItem, runConfigMigrations, savePlan, saveTodosCheckpoint, setPlanItemStatus } from '../storage/index.js';
3
- export { D as DefaultSessionReader } from '../session-reader-CcPi4BQ8.js';
4
- export { D as DefaultSecretScrubber, a as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, m as migratePlaintextSecrets, r as rewriteConfigEncrypted } from '../secret-scrubber-Cuy5afaQ.js';
3
+ export { D as DefaultSessionReader } from '../session-reader-D-z0AgHs.js';
4
+ export { D as DefaultSecretScrubber, a as DefaultSecretVault, S as SecretVaultOptions, d as decryptConfigSecrets, e as encryptConfigSecrets, m as migratePlaintextSecrets, r as rewriteConfigEncrypted } from '../secret-scrubber-Dyh5LVYL.js';
5
5
  export { AutoApprovePermissionPolicy, DefaultPermissionPolicy, PermissionPolicyOptions } from '../security/index.js';
6
- export { C as CompactorOptions, a as DefaultErrorHandler, b as DefaultRetryPolicy, H as HybridCompactor, T as ToolExecutor } from '../tool-executor-DY0iSXYf.js';
6
+ export { C as CompactorOptions, a as DefaultErrorHandler, b as DefaultRetryPolicy, H as HybridCompactor, T as ToolExecutor } from '../tool-executor-B5bgmEgE.js';
7
7
  export { AutoCompactionMiddleware, AutonomousRunner, AutonomousRunnerOptions, DefaultSkillLoader, DoneCheckResult, DoneConditionChecker, IntelligentCompactor, IntelligentCompactorOptions, SelectiveCompactor, SelectiveCompactorOptions, SkillLoaderOptions } from '../execution/index.js';
8
- import { P as ProviderRunner, R as RunProviderOptions } from '../provider-runner-B39miKRw.js';
9
- import { j as Response } from '../context-IovtuTf8.js';
8
+ import { P as ProviderRunner, R as RunProviderOptions } from '../provider-runner-CU9gnU2E.js';
9
+ import { j as Response } from '../context-B1kBj1lY.js';
10
10
  export { ALL_FLEET_AGENTS, AUDIT_LOG_AGENT, AgentFactory, AgentFactoryResult, AgentRunnerOptions, BUG_HUNTER_AGENT, CreateDelegateToolOptions, DEFAULT_DIRECTOR_PREAMBLE, DEFAULT_SUBAGENT_BASELINE, DefaultMultiAgentCoordinator, DelegateHost, Director, DirectorBudgetError, DirectorPromptParts, DirectorSessionFactory, DirectorSessionFactoryOptions, FLEET_ROSTER, FleetBus, FleetEvent, FleetHandler, FleetUsage, FleetUsageAggregator, MultiAgentCoordinatorOptions, REFACTOR_PLANNER_AGENT, SECURITY_SCANNER_AGENT, SubagentPromptParts, SubagentUsageSnapshot, composeDirectorPrompt, composeSubagentPrompt, createDelegateTool, makeAgentSubagentRunner, makeDirectorSessionFactory, rosterSummaryFromConfigs } from '../coordination/index.js';
11
- export { n as BudgetExceededError, o as BudgetKind, p as BudgetLimits, q as BudgetUsage, r as SubagentBudget } from '../multi-agent-B9a6sflH.js';
12
- export { I as InMemoryAgentBridge, a as InMemoryBridgeTransport, c as createMessage } from '../agent-bridge-C3DUGjSb.js';
11
+ export { n as BudgetExceededError, o as BudgetKind, p as BudgetLimits, q as BudgetUsage, r as SubagentBudget } from '../multi-agent-D5m66hzB.js';
12
+ export { I as InMemoryAgentBridge, a as InMemoryBridgeTransport, c as createMessage } from '../agent-bridge-DaOnnHNW.js';
13
13
  export { D as DefaultModelsRegistry, a as DefaultModelsRegistryOptions, c as classifyFamily } from '../models-registry-DqzwpBQy.js';
14
14
  export { DefaultModeStore, LLMSelector, LLMSelectorOptions, ModeLoaderOptions, loadProjectModes, loadUserModes } from '../models/index.js';
15
15
  export { DefaultTaskStore, GeneratedTask, SpecDrivenDev, SpecDrivenDevOptions, SpecParser, TaskFlow, TaskFlowEventMap, TaskFlowEventName, TaskFlowExecutionContext, TaskFlowOptions, TaskFlowPhase, TaskGenerator, TaskGeneratorOptions, TaskStore, TaskTracker, TaskTrackerOptions, TaskTransition } from '../sdd/index.js';
16
16
  export { DefaultHealthRegistry, InMemoryMetricsSink, MetricsServerHandle, MetricsServerOptions, NoopMetricsSink, NoopTracer, OTelTracer, OtlpMetricsExporterHandle, OtlpMetricsExporterOptions, OtlpTraceExporterHandle, OtlpTraceExporterOptions, PROMETHEUS_CONTENT_TYPE, buildOtlpMetricsRequest, buildOtlpTracesRequest, renderPrometheus, startMetricsServer, startOtlpMetricsExporter, startOtlpTraceExporter, wireMetricsToEvents } from '../observability/index.js';
17
- export { C as ContextManagerAction, a as ContextManagerInput, b as ContextManagerResult, c as ContextManagerToolOptions, d as allServers, e as awsServer, f as blockServer, g as braveSearchServer, h as context7Server, i as contextManagerTool, j as createContextManagerTool, k as everArtServer, l as filesystemServer, m as githubServer, n as googleMapsServer, o as miniMaxVisionServer, s as sentinelServer, p as slackServer, z as zaiVisionServer } from '../mcp-servers-zGiC1lQc.js';
17
+ export { C as ContextManagerAction, a as ContextManagerInput, b as ContextManagerResult, c as ContextManagerToolOptions, d as allServers, e as awsServer, f as blockServer, g as braveSearchServer, h as context7Server, i as contextManagerTool, j as createContextManagerTool, k as everArtServer, l as filesystemServer, m as githubServer, n as googleMapsServer, o as miniMaxVisionServer, s as sentinelServer, p as slackServer, z as zaiVisionServer } from '../mcp-servers-Cf4-bJnd.js';
18
18
  import '../logger-BMQgxvdy.js';
19
- import '../events-BHIQs4o1.js';
19
+ import '../events-BBaKeMfb.js';
20
20
  import '../memory-CEXuo7sz.js';
21
21
  import '../wstack-paths-BGu2INTm.js';
22
- import '../config-DgE3JslD.js';
22
+ import '../config-RlhKLjme.js';
23
23
  import '../models-registry-Y2xbog0E.js';
24
24
  import '../secret-vault-DoISxaKO.js';
25
- import '../secret-scrubber-CgG2tV2B.js';
25
+ import '../secret-scrubber-DyUAWS09.js';
26
26
  import '../input-reader-E-ffP2ee.js';
27
- import '../compactor-DpJBI1YH.js';
28
- import '../skill-C_7znCIC.js';
29
- import '../index-DedY4Euf.js';
30
- import '../system-prompt-Dk1qm8ey.js';
27
+ import '../compactor-CFky6JKM.js';
28
+ import '../skill-DayhFUBb.js';
29
+ import '../index-meJRuQtc.js';
30
+ import '../system-prompt-DNetCecu.js';
31
31
  import '../observability-BhnVLBLS.js';
32
- import '../selector-wT2fv9Fg.js';
32
+ import '../selector-DBEiwXBk.js';
33
33
  import 'node:events';
34
34
  import '../mode-CV077NjV.js';
35
35
  import '../task-graph-BITvWt4t.js';
@@ -638,6 +638,7 @@ var QueueStore = class {
638
638
  } catch (err) {
639
639
  const code = err.code;
640
640
  if (code === "ENOENT") return [];
641
+ console.warn(`[QueueStore] failed to read queue file "${this.file}":`, err instanceof Error ? err.message : String(err));
641
642
  return [];
642
643
  }
643
644
  let parsed;
@@ -737,6 +738,13 @@ var DefaultAttachmentStore = class {
737
738
  return mergeAdjacentText(blocks);
738
739
  }
739
740
  async clear() {
741
+ if (this.spoolDir) {
742
+ const toDelete = [];
743
+ for (const att of this.items.values()) {
744
+ if (att.path) toDelete.push(att.path);
745
+ }
746
+ await Promise.all(toDelete.map((p) => fsp.unlink(p).catch(() => void 0)));
747
+ }
740
748
  this.items.clear();
741
749
  this.refs.length = 0;
742
750
  this.nextSeq = { text: 0, image: 0, file: 0 };
@@ -2114,6 +2122,10 @@ var DirectorStateCheckpoint = class {
2114
2122
  this.timer = null;
2115
2123
  }
2116
2124
  await this.persist();
2125
+ if (this.rewriteRequested) {
2126
+ this.rewriteRequested = false;
2127
+ await this.persist();
2128
+ }
2117
2129
  }
2118
2130
  bumpUpdatedAt() {
2119
2131
  this.snapshot = { ...this.snapshot, updatedAt: (/* @__PURE__ */ new Date()).toISOString() };
@@ -2513,12 +2525,49 @@ var DefaultPermissionPolicy = class {
2513
2525
  loaded = false;
2514
2526
  trustFile;
2515
2527
  yolo;
2528
+ /**
2529
+ * Session-scoped "soft deny" map. When the user presses 'n' (block once),
2530
+ * the tool+pattern is added here. If the LLM retries in the same session,
2531
+ * we return deny directly without asking again.
2532
+ *
2533
+ * Cleared on reload() since reload = fresh trust file snapshot.
2534
+ */
2535
+ sessionDenied = /* @__PURE__ */ new Map();
2536
+ /**
2537
+ * Session-scoped "soft trust" map. When the user presses 'a' (allow once),
2538
+ * the tool+pattern is added here. If the LLM retries in the same session,
2539
+ * we return auto directly without asking again.
2540
+ *
2541
+ * Cleared on reload().
2542
+ */
2543
+ sessionAllowed = /* @__PURE__ */ new Map();
2544
+ /**
2545
+ * Interactive prompt delegate. When set, `evaluate()` calls it to get a
2546
+ * user decision synchronously (CLI REPL path). When cleared (TUI / WebUI),
2547
+ * `evaluate()` returns `confirm` so the caller can emit
2548
+ * `tool.confirm_needed` for the UI layer to handle.
2549
+ *
2550
+ * Mutable so the host can switch from CLI-prompt to event-driven
2551
+ * confirmation at runtime (e.g. when `--goal` forces TUI mode after
2552
+ * the agent was already constructed).
2553
+ */
2516
2554
  promptDelegate;
2555
+ /** Pre-compiled wildcard patterns — rebuilt on reload for O(1) lookup. */
2556
+ wildcardEntries = [];
2517
2557
  constructor(opts) {
2518
2558
  this.trustFile = opts.trustFile;
2519
2559
  this.yolo = opts.yolo ?? false;
2520
2560
  this.promptDelegate = opts.promptDelegate;
2521
2561
  }
2562
+ /**
2563
+ * Replace (or clear) the interactive prompt delegate at runtime.
2564
+ * Used by the CLI to switch from inline prompts (REPL) to event-driven
2565
+ * confirmation (TUI) when the run mode is determined after the policy
2566
+ * was constructed (e.g. `--goal` auto-flipping to TUI).
2567
+ */
2568
+ setPromptDelegate(delegate) {
2569
+ this.promptDelegate = delegate;
2570
+ }
2522
2571
  async reload() {
2523
2572
  try {
2524
2573
  const raw = await fsp.readFile(this.trustFile, "utf8");
@@ -2527,13 +2576,26 @@ var DefaultPermissionPolicy = class {
2527
2576
  } catch {
2528
2577
  this.policy = {};
2529
2578
  }
2579
+ this.wildcardEntries = [];
2580
+ for (const [key, val] of Object.entries(this.policy)) {
2581
+ if (key.includes("*")) this.wildcardEntries.push({ pattern: key, value: val });
2582
+ }
2583
+ this.sessionDenied.clear();
2584
+ this.sessionAllowed.clear();
2530
2585
  this.loaded = true;
2531
2586
  }
2532
- async evaluate(tool, input, _ctx) {
2587
+ async evaluate(tool, input, ctx) {
2533
2588
  if (!this.loaded) await this.reload();
2534
2589
  const namespaceEntry = this.findNamespaceEntry(tool.name);
2535
2590
  const entry = this.policy[tool.name] ?? namespaceEntry;
2536
2591
  const subject = this.subjectFor(tool.name, input, tool.subjectKey);
2592
+ const subjectKey = `${tool.name}::${subject ?? tool.name}`;
2593
+ if (this.sessionDenied.has(subjectKey)) {
2594
+ return { permission: "deny", source: "deny", reason: "session soft deny (user pressed no)" };
2595
+ }
2596
+ if (this.sessionAllowed.has(subjectKey)) {
2597
+ return { permission: "auto", source: "trust", reason: "session soft allow (user pressed yes)" };
2598
+ }
2537
2599
  if (entry?.deny && subject && matchAny(entry.deny, subject)) {
2538
2600
  return { permission: "deny", source: "deny", reason: "matched deny pattern" };
2539
2601
  }
@@ -2549,6 +2611,11 @@ var DefaultPermissionPolicy = class {
2549
2611
  if (this.yolo) {
2550
2612
  return { permission: "auto", source: "yolo" };
2551
2613
  }
2614
+ if (tool.name === "write" && subject) {
2615
+ if (ctx.hasRead(subject)) {
2616
+ return { permission: "auto", source: "context", reason: "file already read in this session" };
2617
+ }
2618
+ }
2552
2619
  if (tool.permission === "auto") {
2553
2620
  return { permission: "auto", source: "default" };
2554
2621
  }
@@ -2559,6 +2626,7 @@ var DefaultPermissionPolicy = class {
2559
2626
  return { permission: "auto", source: "user", reason: "user always-allowed" };
2560
2627
  }
2561
2628
  if (decision === "deny") {
2629
+ await this.deny({ tool: tool.name, pattern: subject ?? tool.name });
2562
2630
  return { permission: "deny", source: "user", reason: "user denied" };
2563
2631
  }
2564
2632
  return { permission: decision === "yes" ? "auto" : "deny", source: "user" };
@@ -2581,6 +2649,31 @@ var DefaultPermissionPolicy = class {
2581
2649
  throw err;
2582
2650
  }
2583
2651
  }
2652
+ /** Persist a deny rule — this tool+pattern pair is permanently blocked. */
2653
+ async deny(rule) {
2654
+ if (!this.loaded) await this.reload();
2655
+ const entry = this.policy[rule.tool] ?? {};
2656
+ entry.deny = Array.from(/* @__PURE__ */ new Set([...entry.deny ?? [], rule.pattern]));
2657
+ this.policy[rule.tool] = entry;
2658
+ try {
2659
+ await atomicWrite(this.trustFile, JSON.stringify(this.policy, null, 2));
2660
+ } catch (err) {
2661
+ const existing = this.policy[rule.tool];
2662
+ if (existing?.deny) {
2663
+ const idx = existing.deny.indexOf(rule.pattern);
2664
+ if (idx !== -1) existing.deny.splice(idx, 1);
2665
+ }
2666
+ throw err;
2667
+ }
2668
+ }
2669
+ /** Block this tool+pattern for the rest of this session (no trust file). */
2670
+ denyOnce(rule) {
2671
+ this.sessionDenied.set(`${rule.tool}::${rule.pattern}`, true);
2672
+ }
2673
+ /** Auto-approve this tool+pattern for the rest of this session (no trust file). */
2674
+ allowOnce(rule) {
2675
+ this.sessionAllowed.set(`${rule.tool}::${rule.pattern}`, true);
2676
+ }
2584
2677
  subjectFor(toolName, input, subjectKey) {
2585
2678
  if (!input || typeof input !== "object") return void 0;
2586
2679
  const obj = input;
@@ -2608,10 +2701,8 @@ var DefaultPermissionPolicy = class {
2608
2701
  return void 0;
2609
2702
  }
2610
2703
  findNamespaceEntry(toolName) {
2611
- for (const key of Object.keys(this.policy)) {
2612
- if (key.includes("*") && matchGlob(key, toolName)) {
2613
- return this.policy[key];
2614
- }
2704
+ for (const { pattern, value } of this.wildcardEntries) {
2705
+ if (matchGlob(pattern, toolName)) return value;
2615
2706
  }
2616
2707
  return void 0;
2617
2708
  }
@@ -2625,6 +2716,12 @@ var AutoApprovePermissionPolicy = class {
2625
2716
  }
2626
2717
  async trust() {
2627
2718
  }
2719
+ async deny() {
2720
+ }
2721
+ denyOnce() {
2722
+ }
2723
+ allowOnce() {
2724
+ }
2628
2725
  async reload() {
2629
2726
  }
2630
2727
  };
@@ -4211,6 +4308,15 @@ var ToolExecutor = class {
4211
4308
  opts;
4212
4309
  serializer;
4213
4310
  iterationTimeoutMs;
4311
+ /**
4312
+ * Clear the interactive confirm awaiter so the executor returns
4313
+ * `ToolConfirmPendingResult` instead of blocking on stdin. Used by
4314
+ * the CLI to switch from inline prompts (REPL) to event-driven
4315
+ * confirmation (TUI) at runtime.
4316
+ */
4317
+ clearConfirmAwaiter() {
4318
+ this.opts.confirmAwaiter = void 0;
4319
+ }
4214
4320
  /**
4215
4321
  * Execute a batch of tool uses using the configured strategy.
4216
4322
  * Returns the execution results and the remaining output budget.
@@ -4709,6 +4815,13 @@ var InMemoryAgentBridge = class {
4709
4815
  this.pendingRequests.delete(correlationId);
4710
4816
  reject(new Error(`Request ${correlationId} timed out after ${timeout}ms`));
4711
4817
  }, timeout);
4818
+ if (this.stopped) {
4819
+ clearTimeout(timer);
4820
+ this.inflightGuards.delete(correlationId);
4821
+ this.pendingRequests.delete(correlationId);
4822
+ reject(new Error("Bridge stopped"));
4823
+ return;
4824
+ }
4712
4825
  this.pendingRequests.set(correlationId, {
4713
4826
  resolve: resolve2,
4714
4827
  reject,
@@ -5925,8 +6038,8 @@ var Director = class {
5925
6038
  if (this.spawnCount >= this.maxSpawns) {
5926
6039
  throw new DirectorBudgetError("max_spawns", this.maxSpawns, this.spawnCount + 1);
5927
6040
  }
5928
- this.spawnCount += 1;
5929
6041
  const result = await this.coordinator.spawn(config);
6042
+ this.spawnCount += 1;
5930
6043
  this.subagentMeta.set(result.subagentId, {
5931
6044
  provider: config.provider,
5932
6045
  model: config.model