npm - @xemahq/agent-session-runtime - Versions diffs - 0.1.1 → 0.3.0 - Mend

@xemahq/agent-session-runtime 0.1.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/LICENSE +175 -201
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/dist/lib/composition-resolution.d.ts +43 -0
package/dist/lib/composition-resolution.d.ts.map +1 -0
package/dist/lib/composition-resolution.js +236 -0
package/dist/lib/composition-resolution.js.map +1 -0
package/dist/lib/composition-workspace-manifest.d.ts +7 -0
package/dist/lib/composition-workspace-manifest.d.ts.map +1 -1
package/dist/lib/composition-workspace-manifest.js +36 -1
package/dist/lib/composition-workspace-manifest.js.map +1 -1
package/package.json +8 -3
package/src/index.ts +1 -0
package/src/lib/composition-resolution.ts +524 -0
package/src/lib/composition-workspace-manifest.ts +126 -1

package/src/lib/composition-workspace-manifest.ts CHANGED Viewed

@@ -31,13 +31,19 @@ import {
   ManifestSurface,
   OutputSurfaceKind,
   type AgentRunRole,
+  type CompiledManifestCredential,
+  type CompiledManifestPermissions,
+  type ModelRef,
 } from '@xemahq/kernel-contracts/workflow';
+import type { PermissionMap } from '@xemahq/kernel-contracts/agent-permission';
 import {
   compileManifest,
   type CompiledWorkspaceManifest,
+  type ManifestCredential,
   type ManifestInputDeclaration,
   type ManifestMountsBlock,
   type ManifestOutputSurface,
+  type ManifestPermissions,
   type ManifestSeedFile,
   type ManifestSubAgent,
   type WorkspaceManifest as DslWorkspaceManifest,
@@ -104,10 +110,23 @@ export interface CompositionMountLayoutInput {
 /**
  * A single manifest-declared sub-agent binding the composition resolved.
  * Mirrors the binding subset the manifest DSL's `ManifestSubAgent` needs.
+ *
+ * Carries the {@link NodeOverlayFragment} overlay trio (`modelOverride` /
+ * `instructions` / `permission`) so a resolved sub-agent's per-node
+ * specialization survives the manifest reconstruction. Without these the
+ * worker silently DROPPED a delegate's `modelOverride` (the root fix for the
+ * worker drift). All optional ⇒ backward-compatible with callers that only
+ * supply `slug` / `alias`.
  */
 export interface CompositionSubAgentBindingInput {
   readonly slug: string;
   readonly alias?: string;
+  /** Per-delegate model override — OVERRIDE on the referenced agent's model. */
+  readonly modelOverride?: ModelRef;
+  /** Per-delegate instructions — APPENDED to the referenced agent's prompt. */
+  readonly instructions?: string;
+  /** Per-delegate permission — RESTRICT-merged over the agent's permission. */
+  readonly permission?: PermissionMap;
 }
 /**
@@ -160,6 +179,32 @@ export interface CompositionManifestSource {
    * `{ kind: 'none' }` default.
    */
   readonly outputSurface?: CompositionOutputSurfaceInput;
+  /**
+   * The composition's `workspace.credentials` block. Threaded into the
+   * reconstructed manifest's `spec.credentials` so the compiled manifest's
+   * `credentials` matches the source-of-truth — the EnvironmentResolver
+   * reads the same `{name, kind, sourceRef, required}` entries the
+   * authored composition declared (BUG-1 carry-through: authored
+   * `spec.credentials` were silently dropped on reconstruction). Carried
+   * as the kernel `CompiledManifestCredential[]` because that is the shape
+   * `composition.workspace.credentials` holds (the seeder projects the
+   * authored entries through the manifest compiler). `undefined` when the
+   * composition declared none — the DSL compile then yields `[]`.
+   */
+  readonly credentials?: readonly CompiledManifestCredential[];
+  /**
+   * The composition's `workspace.permissions` block. Threaded into the
+   * reconstructed manifest's `spec.permissions` so the compiled manifest's
+   * `permissions` matches the source-of-truth — the EnvironmentResolver
+   * reads the same `{tools: {allow, deny}}` the authored composition
+   * declared (BUG-1 carry-through: authored `spec.permissions` were
+   * silently dropped on reconstruction). Carried as the kernel
+   * `CompiledManifestPermissions` because that is the shape
+   * `composition.workspace.permissions` holds. `undefined` when the
+   * composition declared none — the DSL compile then yields
+   * `{ tools: { allow: [], deny: [] } }`.
+   */
+  readonly permissions?: CompiledManifestPermissions;
 }
 /**
@@ -227,6 +272,20 @@ export function compileCompositionWorkspaceManifest(
     (binding) => ({
       slug: binding.slug,
       ...(binding.alias !== undefined ? { alias: binding.alias } : {}),
+      // Pass the overlay trio through to the manifest agent block so a
+      // resolved delegate's per-node `modelOverride` / `instructions` /
+      // `permission` are NOT dropped on reconstruction (the worker bug).
+      // `ManifestSubAgent.defaultModel` is the manifest DSL's name for the
+      // kernel `modelOverride` slot.
+      ...(binding.modelOverride !== undefined
+        ? { defaultModel: binding.modelOverride }
+        : {}),
+      ...(binding.instructions !== undefined
+        ? { instructions: binding.instructions }
+        : {}),
+      ...(binding.permission !== undefined
+        ? { permission: binding.permission }
+        : {}),
     }),
   );
@@ -236,6 +295,8 @@ export function compileCompositionWorkspaceManifest(
   // `WorkspaceManifestSchema`, so the casts here are checked downstream,
   // not silently trusted.
   const outputSurface = projectOutputSurface(source.outputSurface);
+  const credentials = projectCredentials(source.credentials);
+  const permissions = projectPermissions(source.permissions);
   const spec: WorkspaceManifestSpec = {
     mounts: mountLayout.mounts as unknown as ManifestMountsBlock,
     agent: {
@@ -262,6 +323,8 @@ export function compileCompositionWorkspaceManifest(
         }
       : {}),
     ...(outputSurface === undefined ? {} : { outputSurface }),
+    ...(credentials === undefined ? {} : { credentials }),
+    ...(permissions === undefined ? {} : { permissions }),
   };
   const envelope: DslWorkspaceManifest = {
@@ -309,7 +372,9 @@ function projectOutputSurface(
   return {
     kind: surface.kind as OutputSurfaceKind,
     ...(surface.port === undefined ? {} : { port: surface.port }),
-    ...(surface.healthPath === undefined ? {} : { healthPath: surface.healthPath }),
+    ...(surface.healthPath === undefined
+      ? {}
+      : { healthPath: surface.healthPath }),
     ...(surface.autoOpen === undefined ? {} : { autoOpen: surface.autoOpen }),
     ...(surface.mode === undefined ? {} : { mode: surface.mode }),
     ...(surface.root === undefined ? {} : { root: surface.root }),
@@ -319,6 +384,66 @@ function projectOutputSurface(
   };
 }
+/**
+ * Project the composition's `workspace.credentials` block (carried on the
+ * runtime-agnostic `CompositionManifestSource` as the kernel
+ * `CompiledManifestCredential[]`) into the manifest DSL's authored
+ * `ManifestCredential[]` shape so the reconstructed envelope's
+ * `spec.credentials` carries the same entries as the source.
+ *
+ * The compiled shape is a structural superset of the authored shape
+ * (`{name, kind, sourceRef}` plus a now-required `required` boolean), so the
+ * projection is a 1:1 field copy — `compileManifest`'s Zod schema below
+ * re-validates each entry and re-defaults `required` idempotently. The map
+ * is explicit (not a pass-through cast) so a malformed entry fails fast at
+ * the manifest compile boundary, mirroring {@link projectOutputSurface}.
+ *
+ * Returns `undefined` when the composition declared no credentials — the DSL
+ * `compileManifest` then defaults the compiled `credentials` to `[]`.
+ */
+function projectCredentials(
+  credentials: readonly CompiledManifestCredential[] | undefined,
+): readonly ManifestCredential[] | undefined {
+  if (credentials === undefined) return undefined;
+  return credentials.map((credential) => ({
+    name: credential.name,
+    kind: credential.kind,
+    sourceRef: credential.sourceRef,
+    required: credential.required,
+  }));
+}
+/**
+ * Project the composition's `workspace.permissions` block (carried on the
+ * runtime-agnostic `CompositionManifestSource` as the kernel
+ * `CompiledManifestPermissions`) into the manifest DSL's authored
+ * `ManifestPermissions` shape so the reconstructed envelope's
+ * `spec.permissions` carries the same tool allow/deny lists as the source.
+ *
+ * The compiled shape is a structural superset of the authored shape (the
+ * compiled `tools.allow` / `tools.deny` are always present; the authored
+ * ones are optional), so the projection is a 1:1 field copy —
+ * `compileManifest`'s Zod schema below re-validates and re-defaults the
+ * lists idempotently. Explicit (not a pass-through cast) so a malformed
+ * block fails fast at the manifest compile boundary, mirroring
+ * {@link projectOutputSurface}.
+ *
+ * Returns `undefined` when the composition declared no permissions — the DSL
+ * `compileManifest` then defaults the compiled `permissions` to
+ * `{ tools: { allow: [], deny: [] } }`.
+ */
+function projectPermissions(
+  permissions: CompiledManifestPermissions | undefined,
+): ManifestPermissions | undefined {
+  if (permissions === undefined) return undefined;
+  return {
+    tools: {
+      allow: permissions.tools.allow,
+      deny: permissions.tools.deny,
+    },
+  };
+}
 /**
  * Build the manifest bind-input bag from the caller's explicit input bag
  * and the implicit inputs, validated against the composition's declared