@wrongstack/core 0.63.4 → 0.68.0

package/dist/{permission-Ld-i5ugf.d.ts → permission-C1A5whY5.d.ts}

@@ -1,4 +1,4 @@
-import { Q as Tool, d as Context, P as Permission } from './context-iFMEO2rN.js';
+import { Q as Tool, d as Context, P as Permission } from './context-y87Jc5ei.js';
 
 interface TrustPolicy {
     [toolNameOrPattern: string]: {
@@ -58,6 +58,10 @@ interface PermissionPolicy {
     getForceAllYolo?(): boolean;
     /** @deprecated Use `setYoloDestructive`. */
     setForceAllYolo?(enabled: boolean): void;
+    /** Query whether destructive-operation confirmation gate is active. */
+    getConfirmDestructive?(): boolean;
+    /** Enable/disable destructive-operation confirmation (only meaningful in yolo mode). */
+    setConfirmDestructive?(enabled: boolean): void;
 }
 
 export type { PermissionDecision as P, TrustPolicy as T, PermissionPolicy as a };

package/dist/{permission-policy-CL-mPufp.d.ts → permission-policy-B2dK-T5N.d.ts}

@@ -1,17 +1,25 @@
-import { Q as Tool, d as Context } from './context-iFMEO2rN.js';
+import { Q as Tool, d as Context } from './context-y87Jc5ei.js';
 import { I as InputReader } from './input-reader-E-ffP2ee.js';
-import { a as PermissionPolicy, P as PermissionDecision } from './permission-Ld-i5ugf.js';
+import { a as PermissionPolicy, P as PermissionDecision } from './permission-C1A5whY5.js';
 
 interface PermissionPolicyOptions {
     trustFile: string;
     yolo?: boolean;
     /**
-     * When true, YOLO mode allows even calls classified as truly destructive
-     * without confirm. Corresponds to the `--yolo-destructive` CLI flag.
+     * When true, YOLO mode auto-approves even destructive calls without confirm.
+     * @deprecated YOLO now auto-approves everything by default. Use `confirmDestructive`
+     *   to opt back into destructive-operation confirmation prompts.
      */
     yoloDestructive?: boolean;
-    /** @deprecated Use `yoloDestructive`. Kept for `--force-all-yolo` compatibility. */
+    /** @deprecated Use `yoloDestructive`. */
     forceAllYolo?: boolean;
+    /**
+     * When true AND yolo is true, destructive operations still require confirmation.
+     * This is the opt-in safety net: set this if you want YOLO for normal work but
+     * explicit approval for `rm -rf`, project-escaping writes, etc.
+     * Has no effect when yolo is false (normal permission flow applies).
+     */
+    confirmDestructive?: boolean;
     promptDelegate?: (tool: Tool, input: unknown, suggestedPattern: string) => Promise<'yes' | 'no' | 'always' | 'deny'>;
     inputReader?: InputReader;
 }
@@ -21,6 +29,8 @@ declare class DefaultPermissionPolicy implements PermissionPolicy {
     private readonly trustFile;
     private yolo;
     private yoloDestructive;
+    /** When true, destructive ops still require confirmation even in YOLO mode. */
+    private confirmDestructive;
     /**
      * Session-scoped "soft deny" map. When the user presses 'n' (block once),
      * the tool+pattern is added here. If the LLM retries in the same session,
@@ -66,6 +76,10 @@ declare class DefaultPermissionPolicy implements PermissionPolicy {
     setYoloDestructive(enabled: boolean): void;
     /** Check whether the destructive YOLO override is active. */
     getYoloDestructive(): boolean;
+    /** Toggle destructive confirmation gate (only meaningful when yolo is active). */
+    setConfirmDestructive(enabled: boolean): void;
+    /** Check whether destructive confirmation gate is active. */
+    getConfirmDestructive(): boolean;
     /** @deprecated Use `setYoloDestructive`. */
     setForceAllYolo(enabled: boolean): void;
     /** @deprecated Use `getYoloDestructive`. */

package/dist/{plan-templates-ThBHOjaM.d.ts → plan-templates-Bprrzhbu.d.ts}

@@ -1,10 +1,10 @@
-import { E as EventBus } from './events-k8CHjcrN.js';
+import { E as EventBus } from './events-CIplI98R.js';
 import { S as SecretScrubber } from './secret-scrubber-3MHDDAtm.js';
-import { y as SessionStore, x as SessionMetadata, B as SessionWriter, r as ResumedSession, S as SessionData, z as SessionSummary, c as ContentBlock, w as SessionEvent, N as TodoItem, f as ConversationState } from './context-iFMEO2rN.js';
-import { e as AttachmentStore, A as AddAttachmentInput, d as AttachmentRef, a as Attachment } from './session-reader-q2ThszgG.js';
+import { y as SessionStore, x as SessionMetadata, B as SessionWriter, r as ResumedSession, S as SessionData, z as SessionSummary, c as ContentBlock, w as SessionEvent, N as TodoItem, f as ConversationState } from './context-y87Jc5ei.js';
+import { e as AttachmentStore, A as AddAttachmentInput, d as AttachmentRef, a as Attachment } from './session-reader-BIpwM60D.js';
 import { b as MemoryStore, a as MemoryScope } from './memory-CEXuo7sz.js';
 import { a as WstackPaths } from './wstack-paths-eMXnY1_X.js';
-import { c as ConfigStore, a as Config, b as ConfigLoader, u as SyncConfig } from './config-BdDuaZmB.js';
+import { c as ConfigStore, a as Config, b as ConfigLoader, u as SyncConfig } from './config--86aHSln.js';
 import { S as SecretVault } from './secret-vault-DoISxaKO.js';
 
 interface SessionStoreOptions {

package/dist/{provider-runner-DJQa211J.d.ts → provider-runner-mXvXGSIw.d.ts}

@@ -1,8 +1,8 @@
-import { E as EventBus } from './events-k8CHjcrN.js';
+import { E as EventBus } from './events-CIplI98R.js';
 import { a as Logger } from './logger-DDd5C--Z.js';
 import { T as Tracer } from './observability-BhnVLBLS.js';
-import { m as Provider, p as Request, d as Context, q as Response } from './context-iFMEO2rN.js';
-import { a as RetryPolicy } from './retry-policy-BfBScewS.js';
+import { m as Provider, p as Request, d as Context, q as Response } from './context-y87Jc5ei.js';
+import { a as RetryPolicy } from './retry-policy-CG3qvH_e.js';
 
 /**
  * Options passed to a ProviderRunner when calling the provider.

package/dist/{retry-policy-BfBScewS.d.ts → retry-policy-CG3qvH_e.d.ts}

@@ -1,4 +1,4 @@
-import { q as Response, d as Context, n as ProviderError } from './context-iFMEO2rN.js';
+import { d as Context, q as Response, n as ProviderError } from './context-y87Jc5ei.js';
 
 type RecoveryDecision = {
     /**

package/dist/sdd/index.d.ts

@@ -1,16 +1,16 @@
 import { h as Specification, S as SpecAnalysis, g as SpecValidationResult, l as TaskGraph, m as TaskNode, k as TaskFilter, p as TaskSort, o as TaskProgress, r as TaskType, n as TaskPriority, e as SpecStatus, f as SpecTemplate, b as SpecRequirement } from '../task-graph-D1YQbpxF.js';
-import { E as EventBus } from '../events-k8CHjcrN.js';
-import { D as DoneCondition, u as TaskResult } from '../multi-agent-SASYOrWA.js';
-import { c as Agent } from '../index-Bc6BiP5q.js';
-import { A as AgentFactory } from '../agent-subagent-runner-Zc3f37Sg.js';
-import '../context-iFMEO2rN.js';
+import { E as EventBus } from '../events-CIplI98R.js';
+import { D as DoneCondition, A as Agent, c as AgentFactory, X as TaskResult } from '../agent-subagent-runner-DRZ9-NnR.js';
+import '../context-y87Jc5ei.js';
+import '../index-DKUvyTvV.js';
 import '../logger-DDd5C--Z.js';
-import '../system-prompt-7LHyBbIf.js';
-import '../config-BdDuaZmB.js';
+import '../system-prompt-b61lOd49.js';
+import '../config--86aHSln.js';
 import '../models-registry-BcYJDKLm.js';
 import '../observability-BhnVLBLS.js';
 import '../secret-scrubber-3MHDDAtm.js';
-import '../permission-Ld-i5ugf.js';
+import '../permission-C1A5whY5.js';
+import '../retry-policy-CG3qvH_e.js';
 
 declare class SpecParser {
     parse(content: string): Specification;

package/dist/sdd/index.js

@@ -2867,15 +2867,22 @@ var SubagentBudget = class _SubagentBudget {
     void this.checkLimits();
   }
   /**
-   * Wall-clock budget check. Unlike other limits, timeout is always a hard stop
-   * — wall-clock time cannot be "extended" by the coordinator, so it throws
-   * synchronously rather than entering the negotiation flow.
+   * Wall-clock / idle budget check. Delegates to `checkLimits(elapsed)`, so
+   * `timeout` and `idle_timeout` follow the SAME negotiation path as the other
+   * kinds — they are NOT a special-cased hard stop. This is deliberate: a
+   * heartbeat-aware policy (see `attachAutoExtend` and `CollabSession`) grants
+   * a timeout extension only while the agent is making progress and denies it
+   * once the agent is genuinely stuck, which is safer than an unconditional
+   * hard kill of a long-but-working agent. The runner translates the resulting
+   * `BudgetThresholdSignal` decision (`extend` → patch limits in place,
+   * `stop` → abort) just like every other kind.
    *
-   * Decision table:
-   * - no `onThreshold` handler         → throw `BudgetExceededError`
-   * - `mode === 'sync'`               → throw `BudgetExceededError`
-   * - `mode === 'auto'` + no listener  → throw `BudgetExceededError`
-   * - `mode === 'auto'` + listener     → throw `BudgetExceededError` (timeout is not extendable)
+   * Decision table (same as `checkLimits`):
+   * - no `onThreshold` handler        → throw `BudgetExceededError` (hard stop)
+   * - `mode === 'sync'`               → throw `BudgetExceededError` (hard stop)
+   * - `mode === 'auto'` + no listener → throw `BudgetExceededError` (no one to ask)
+   * - `mode === 'auto'` + listener    → throw `BudgetThresholdSignal` (negotiated;
+   *                                     a heartbeat-aware policy may extend the timeout)
    */
   checkTimeout() {
     if (this.startTime === null) return;
@@ -3190,6 +3197,71 @@ function providerStatusToCode(status, type) {
   return ERROR_CODES.PROVIDER_INVALID_REQUEST;
 }
 
+// src/coordination/coordinator/error-classifier.ts
+function classifySubagentError(err, hints = {}) {
+  const cause = err instanceof Error ? { name: err.name, message: err.message, stack: err.stack } : void 0;
+  if (err instanceof ProviderError) {
+    const baseMessage2 = err.describe();
+    return providerErrorToSubagentError(err, baseMessage2, cause);
+  }
+  const baseMessage = err instanceof Error ? err.message : String(err);
+  if (err instanceof BudgetExceededError) {
+    const map = {
+      iterations: "budget_iterations",
+      tool_calls: "budget_tool_calls",
+      tokens: "budget_tokens",
+      cost: "budget_cost",
+      timeout: "budget_timeout",
+      idle_timeout: "budget_timeout"
+    };
+    return {
+      kind: map[err.kind],
+      message: baseMessage,
+      retryable: false,
+      cause
+    };
+  }
+  if (hints.parentAborted) {
+    return { kind: "aborted_by_parent", message: baseMessage, retryable: false, cause };
+  }
+  const lower = baseMessage.toLowerCase();
+  if (/agent aborted$/i.test(baseMessage)) {
+    return { kind: "aborted_by_parent", message: baseMessage, retryable: false, cause };
+  }
+  if (/agent exhausted iteration limit$/i.test(baseMessage)) {
+    return { kind: "budget_iterations", message: baseMessage, retryable: false, cause };
+  }
+  if (/empty response$/i.test(baseMessage)) {
+    return { kind: "empty_response", message: baseMessage, retryable: false, cause };
+  }
+  if (/^tool failed: /i.test(baseMessage)) {
+    return { kind: "tool_failed", message: baseMessage, retryable: false, cause };
+  }
+  if (lower.includes("bridge transport") || /bridge.*(closed|disconnect)/i.test(baseMessage)) {
+    return { kind: "bridge_failed", message: baseMessage, retryable: false, cause };
+  }
+  if (/context length|max.*tokens?.*exceeded|prompt is too long/i.test(baseMessage)) {
+    return { kind: "context_overflow", message: baseMessage, retryable: false, cause };
+  }
+  return { kind: "unknown", message: baseMessage, retryable: false, cause };
+}
+function providerErrorToSubagentError(err, message, cause) {
+  const status = err.status;
+  if (status === 429 || err.body?.type === "rate_limit_error") {
+    return { kind: "provider_rate_limit", message, retryable: true, backoffMs: 5e3, cause };
+  }
+  if (status === 401 || status === 403 || err.body?.type === "authentication_error") {
+    return { kind: "provider_auth", message, retryable: false, cause };
+  }
+  if (status === 408 || status === 0) {
+    return { kind: "provider_timeout", message, retryable: true, cause };
+  }
+  if (status >= 500 && status < 600) {
+    return { kind: "provider_5xx", message, retryable: true, backoffMs: 3e3, cause };
+  }
+  return { kind: "unknown", message, retryable: err.retryable, cause };
+}
+
 // src/coordination/agents/types.ts
 var HOUR = 60 * 60 * 1e3;
 var LIGHT_BUDGET = {
@@ -5507,7 +5579,10 @@ var NICKNAME_POOL = {
   "lavoisier": { name: "Lavoisier", domain: "chemistry" },
   "mendeleev": { name: "Mendeleev", domain: "chemistry" }
 };
-var ALL_NICKNAMES = Object.values(NICKNAME_POOL);
+var ALL_NICKNAMES = Object.entries(NICKNAME_POOL);
+Object.fromEntries(
+  ALL_NICKNAMES.map(([key, entry]) => [entry.name, key])
+);
 var DOMAIN_PREFERENCES = {
   "security": ["shannon", "turing", "lamarr", "stallman"],
   "bug-hunter": ["darwin", "curie", "feynman", "fermi"],
@@ -5540,17 +5615,16 @@ function assignNickname(role, used) {
   for (const key of preferences) {
     const entry = NICKNAME_POOL[key];
     if (entry && !used.has(key)) {
-      return `${entry.name} (${formatRole(role)})`;
+      return { key, display: `${entry.name} (${formatRole(role)})` };
     }
   }
-  for (const entry of ALL_NICKNAMES) {
-    const key = Object.entries(NICKNAME_POOL).find(([, v]) => v.name === entry.name)?.[0];
-    if (key && !used.has(key)) {
-      return `${entry.name} (${formatRole(role)})`;
+  for (const [key, entry] of ALL_NICKNAMES) {
+    if (!used.has(key)) {
+      return { key, display: `${entry.name} (${formatRole(role)})` };
     }
   }
   const counter = used.size + 1;
-  return `Scientist #${counter} (${formatRole(role)})`;
+  return { key: `scientist-${counter}`, display: `Scientist #${counter} (${formatRole(role)})` };
 }
 function formatRole(role) {
   return role.split(/[-_]/).map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ");
@@ -5637,11 +5711,10 @@ var DefaultMultiAgentCoordinator = class _DefaultMultiAgentCoordinator extends E
     const name = subagent.name?.trim() ?? "";
     const isPlaceholder = name === "" || name.toLowerCase() === role.toLowerCase() || name === "subagent" || name === "adhoc" || name === "generic" || /^slot-/.test(name);
     if (!isPlaceholder) return subagent;
-    const nickname = assignNickname(role, this.usedNicknames);
-    const baseKey = nickname.split(" ")[0].toLowerCase().replace(/[^a-z0-9-]/g, "-");
-    this.usedNicknames.add(baseKey);
-    this.subagentNicknames.set(subagentId, baseKey);
-    return { ...subagent, name: nickname };
+    const { key, display } = assignNickname(role, this.usedNicknames);
+    this.usedNicknames.add(key);
+    this.subagentNicknames.set(subagentId, key);
+    return { ...subagent, name: display };
   }
   async spawn(subagent) {
     const id = subagent.id || randomUUID();
@@ -5893,23 +5966,32 @@ var DefaultMultiAgentCoordinator = class _DefaultMultiAgentCoordinator extends E
    */
   drainPendingAsAborted(message) {
     const dropped = this.pendingTasks.splice(0, this.pendingTasks.length);
-    for (const t of dropped) {
-      const synthetic = {
-        subagentId: t.subagentId ?? "unassigned",
-        taskId: t.id,
-        status: "stopped",
-        error: {
-          kind: "aborted_by_parent",
-          message,
-          retryable: false
-        },
-        iterations: 0,
-        toolCalls: 0,
-        durationMs: 0
-      };
-      this.completedResults.push(synthetic);
-      this.emit("task.completed", { task: t, result: synthetic });
-    }
+    for (const t of dropped) this.emitPendingAborted(t, message);
+  }
+  /**
+   * Emit a synthetic `stopped`/`aborted_by_parent` completion for a single
+   * PENDING task — one that was never counted in `inFlight`. This MUST bypass
+   * `recordCompletion`: that path does `inFlight--`, which for a pending task
+   * steals a decrement from a genuinely in-flight task and trips the underflow
+   * guard — suppressing that real task's `task.completed` and hanging its
+   * `awaitTasks()` caller. Pushes the result and fires the event directly.
+   */
+  emitPendingAborted(task, message) {
+    const synthetic = {
+      subagentId: task.subagentId ?? "unassigned",
+      taskId: task.id,
+      status: "stopped",
+      error: {
+        kind: "aborted_by_parent",
+        message,
+        retryable: false
+      },
+      iterations: 0,
+      toolCalls: 0,
+      durationMs: 0
+    };
+    this.completedResults.push(synthetic);
+    this.emit("task.completed", { task, result: synthetic });
   }
   async runDispatched(subagentId, task) {
     const subagent = this.subagents.get(subagentId);
@@ -6170,20 +6252,10 @@ var DefaultMultiAgentCoordinator = class _DefaultMultiAgentCoordinator extends E
     const orphaned = this.pendingTasks.filter((t) => t.subagentId === subagentId);
     this.pendingTasks = this.pendingTasks.filter((t) => t.subagentId !== subagentId);
     for (const t of orphaned) {
-      const synthetic = {
-        subagentId,
-        taskId: t.id,
-        status: "stopped",
-        error: {
-          kind: "aborted_by_parent",
-          message: `Subagent "${subagentId}" was removed while task "${t.id}" was pending`,
-          retryable: false
-        },
-        iterations: 0,
-        toolCalls: 0,
-        durationMs: 0
-      };
-      this.recordCompletion(synthetic);
+      this.emitPendingAborted(
+        t,
+        `Subagent "${subagentId}" was removed while task "${t.id}" was pending`
+      );
     }
     this.fleetBus?.emit({
       subagentId,
@@ -6203,101 +6275,6 @@ var DefaultMultiAgentCoordinator = class _DefaultMultiAgentCoordinator extends E
     return false;
   }
 };
-function classifySubagentError(err, hints = {}) {
-  const cause = err instanceof Error ? { name: err.name, message: err.message, stack: err.stack } : void 0;
-  if (err instanceof ProviderError) {
-    const baseMessage2 = err.describe();
-    return providerErrorToSubagentError(err, baseMessage2, cause);
-  }
-  const baseMessage = err instanceof Error ? err.message : String(err);
-  if (err instanceof BudgetExceededError) {
-    const map = {
-      iterations: "budget_iterations",
-      tool_calls: "budget_tool_calls",
-      tokens: "budget_tokens",
-      cost: "budget_cost",
-      timeout: "budget_timeout",
-      idle_timeout: "budget_timeout"
-    };
-    return {
-      kind: map[err.kind],
-      message: baseMessage,
-      // Budgets are user-configured ceilings, not transient failures —
-      // retrying with the same budget will hit the same ceiling. The
-      // orchestrator must raise the budget or narrow the task first.
-      retryable: false,
-      cause
-    };
-  }
-  if (hints.parentAborted) {
-    return {
-      kind: "aborted_by_parent",
-      message: baseMessage,
-      retryable: false,
-      cause
-    };
-  }
-  const lower = baseMessage.toLowerCase();
-  if (/agent aborted$/i.test(baseMessage)) {
-    return {
-      kind: "aborted_by_parent",
-      message: baseMessage,
-      retryable: false,
-      cause
-    };
-  }
-  if (/agent exhausted iteration limit$/i.test(baseMessage)) {
-    return { kind: "budget_iterations", message: baseMessage, retryable: false, cause };
-  }
-  if (/empty response$/i.test(baseMessage)) {
-    return { kind: "empty_response", message: baseMessage, retryable: false, cause };
-  }
-  if (/^tool failed: /i.test(baseMessage)) {
-    return { kind: "tool_failed", message: baseMessage, retryable: false, cause };
-  }
-  if (lower.includes("bridge transport") || /bridge.*(closed|disconnect)/i.test(baseMessage)) {
-    return { kind: "bridge_failed", message: baseMessage, retryable: false, cause };
-  }
-  if (/context length|max.*tokens?.*exceeded|prompt is too long/i.test(baseMessage)) {
-    return { kind: "context_overflow", message: baseMessage, retryable: false, cause };
-  }
-  return {
-    kind: "unknown",
-    message: baseMessage,
-    retryable: false,
-    cause
-  };
-}
-function providerErrorToSubagentError(err, message, cause) {
-  const status = err.status;
-  if (status === 429 || err.body?.type === "rate_limit_error") {
-    return {
-      kind: "provider_rate_limit",
-      message,
-      retryable: true,
-      // Conservative default: 5s. Provider-specific code can override
-      // by emitting an error whose body carries an explicit hint.
-      backoffMs: 5e3,
-      cause
-    };
-  }
-  if (status === 401 || status === 403 || err.body?.type === "authentication_error") {
-    return { kind: "provider_auth", message, retryable: false, cause };
-  }
-  if (status === 408 || status === 0) {
-    return { kind: "provider_timeout", message, retryable: true, cause };
-  }
-  if (status >= 500 && status < 600) {
-    return {
-      kind: "provider_5xx",
-      message,
-      retryable: true,
-      backoffMs: 3e3,
-      cause
-    };
-  }
-  return { kind: "unknown", message, retryable: err.retryable, cause };
-}
 
 // src/sdd/sdd-parallel-run.ts
 var SddParallelRun = class {