agentic-orchestrator 0.1.6 → 0.1.7

package/apps/control-plane/src/mcp/mcp-server-adapter.ts

@@ -11,7 +11,10 @@ interface McpCallRequest {
   session_token?: string;
 }
 
-function extractActorClaimsFromArgs(args: Record<string, unknown>): { actor_type?: string; actor_id?: string } {
+function extractActorClaimsFromArgs(args: Record<string, unknown>): {
+  actor_type?: string;
+  actor_id?: string;
+} {
   const actor_type = typeof args.actor_type === 'string' ? args.actor_type : undefined;
   const actor_id = typeof args.actor_id === 'string' ? args.actor_id : undefined;
   return { actor_type, actor_id };
@@ -37,15 +40,18 @@ export class McpServerAdapter {
     try {
       const claims = this.authVerifier.verifyToken(request.session_token ?? '');
       const supplied = extractActorClaimsFromArgs(args);
-      if ((supplied.actor_type && supplied.actor_type !== claims.actor_type) || (supplied.actor_id && supplied.actor_id !== claims.actor_id)) {
+      if (
+        (supplied.actor_type && supplied.actor_type !== claims.actor_type) ||
+        (supplied.actor_id && supplied.actor_id !== claims.actor_id)
+      ) {
         return fail(ERROR_CODES.INVALID_ACTOR_CLAIM, 'actor claim does not match signed token', {
           retryable: false,
           requires_human: true,
           supplied,
           token_claims: {
             actor_type: claims.actor_type,
-            actor_id: claims.actor_id
-          }
+            actor_id: claims.actor_id,
+          },
         });
       }
 
@@ -54,11 +60,7 @@ export class McpServerAdapter {
 
       return this.runtime.callTool(request.name, args, claims);
     } catch (error: unknown) {
-      if (
-        typeof error === 'object' &&
-        error !== null &&
-        'normalizedResponse' in error
-      ) {
+      if (typeof error === 'object' && error !== null && 'normalizedResponse' in error) {
         return (error as { normalizedResponse: ToolResponse }).normalizedResponse;
       }
       const message =
@@ -67,7 +69,7 @@ export class McpServerAdapter {
           : undefined;
       return fail(ERROR_CODES.UNAUTHENTICATED, String(message ?? error), {
         retryable: false,
-        requires_human: true
+        requires_human: true,
       });
     }
   }

package/apps/control-plane/src/mcp/operation-ledger.ts

@@ -46,7 +46,7 @@ export class OperationLedger {
       await atomicWriteJson(this.ledgerPath(runId), {
         run_id: runId,
         updated_at: nowIso(),
-        operations: {}
+        operations: {},
       } as LedgerFile);
     }
   }
@@ -54,8 +54,12 @@ export class OperationLedger {
   async resolveOperation(
     runId: string,
     operationId: string,
-    requestHash: string
-  ): Promise<{ status: 'new' } | { status: 'replay'; response: ToolResponse } | { status: 'mismatch'; existing_hash: string }> {
+    requestHash: string,
+  ): Promise<
+    | { status: 'new' }
+    | { status: 'replay'; response: ToolResponse }
+    | { status: 'mismatch'; existing_hash: string }
+  > {
     await this.ensureRunLedger(runId);
 
     return await withFileLock(this.lockPath(runId), async () => {
@@ -69,25 +73,31 @@ export class OperationLedger {
       if (existing.request_hash !== requestHash) {
         return {
           status: 'mismatch',
-          existing_hash: existing.request_hash
+          existing_hash: existing.request_hash,
         };
       }
 
       return {
         status: 'replay',
-        response: existing.response
+        response: existing.response,
       };
     });
   }
 
-  async recordOperation(runId: string, operationId: string, toolName: string, requestHash: string, response: ToolResponse): Promise<void> {
+  async recordOperation(
+    runId: string,
+    operationId: string,
+    toolName: string,
+    requestHash: string,
+    response: ToolResponse,
+  ): Promise<void> {
     await this.ensureRunLedger(runId);
 
     await withFileLock(this.lockPath(runId), async () => {
       const ledger = (await readJson<LedgerFile>(this.ledgerPath(runId), null)) ?? {
         run_id: runId,
         updated_at: nowIso(),
-        operations: {}
+        operations: {},
       };
 
       const now = nowIso();
@@ -98,7 +108,7 @@ export class OperationLedger {
         request_hash: requestHash,
         response,
         created_at: existing?.created_at ?? now,
-        updated_at: now
+        updated_at: now,
       };
       ledger.updated_at = now;
 

package/apps/control-plane/src/mcp/protocol-contract.ts

@@ -2,8 +2,8 @@ export const MCP_PROTOCOL_PIN = {
   mcp_protocol_version: '2025-11-05',
   sdk: {
     package: '@modelcontextprotocol/sdk',
-    version: '1.18.0'
-  }
+    version: '1.18.0',
+  },
 } as const;
 
 export const REQUIRED_MCP_TRANSPORTS = ['stdio'] as const;

package/apps/control-plane/src/mcp/runtime-factory.ts

@@ -36,7 +36,11 @@ export class ToolingRuntimeComposer {
   private readonly kernel: ToolingKernelPort;
   private readonly options: CreateToolingRuntimeOptions;
 
-  constructor(repoRoot: string, kernel: ToolingKernelPort, options: CreateToolingRuntimeOptions = {}) {
+  constructor(
+    repoRoot: string,
+    kernel: ToolingKernelPort,
+    options: CreateToolingRuntimeOptions = {},
+  ) {
     this.repoRoot = repoRoot;
     this.kernel = kernel;
     this.options = options;
@@ -58,7 +62,7 @@ export class ToolingRuntimeComposer {
       validator,
       authorizer,
       ledger,
-      executor
+      executor,
     });
     const authVerifier = new TokenAuthVerifier();
     const mcpAdapter = new McpServerAdapter(runtime, authVerifier);
@@ -74,11 +78,13 @@ export class ToolingRuntimeComposer {
       authVerifier,
       mcpAdapter,
       inProcessClient: new InProcessToolClient(runtime),
-      mcpClient: new McpToolClient(mcpAdapter, authVerifier)
+      mcpClient: new McpToolClient(mcpAdapter, authVerifier),
     };
   }
 
-  private async generateToolsMarkdownIfEnabled(catalog: Awaited<ReturnType<ToolRegistryLoader['load']>>['catalog']): Promise<void> {
+  private async generateToolsMarkdownIfEnabled(
+    catalog: Awaited<ReturnType<ToolRegistryLoader['load']>>['catalog'],
+  ): Promise<void> {
     const shouldGenerateDocs = this.options.generateToolsMarkdown ?? true;
     if (!shouldGenerateDocs) {
       return;
@@ -91,13 +97,16 @@ export class ToolingRuntimeComposer {
 export async function createToolingRuntime(
   repoRoot: string,
   kernel: ToolingKernelPort,
-  options: CreateToolingRuntimeOptions = {}
+  options: CreateToolingRuntimeOptions = {},
 ): Promise<ToolingRuntime> {
   const composer = new ToolingRuntimeComposer(repoRoot, kernel, options);
   return await composer.compose();
 }
 
-export function resolveToolClient(transport: 'inprocess' | 'mcp', tooling: ToolingRuntime): ToolClient {
+export function resolveToolClient(
+  transport: 'inprocess' | 'mcp',
+  tooling: ToolingRuntime,
+): ToolClient {
   if (transport === 'mcp') {
     return tooling.mcpClient;
   }

package/apps/control-plane/src/mcp/token-auth-verifier.ts

@@ -32,7 +32,8 @@ export class TokenAuthVerifier {
     expires_at?: string;
   }): string {
     const issuedAt = this.now().toISOString();
-    const expiresAt = input.expires_at ?? new Date(this.now().getTime() + this.ttlSeconds * 1000).toISOString();
+    const expiresAt =
+      input.expires_at ?? new Date(this.now().getTime() + this.ttlSeconds * 1000).toISOString();
 
     const claims: VerifiedActorClaims = {
       run_id: input.run_id,
@@ -41,7 +42,7 @@ export class TokenAuthVerifier {
       actor_id: input.actor_id,
       feature_scope: input.feature_scope,
       issued_at: issuedAt,
-      expires_at: expiresAt
+      expires_at: expiresAt,
     };
 
     this.claimsValidator.validate(claims, { checkExpiry: false });

package/apps/control-plane/src/mcp/token-claims-validator.ts

@@ -11,8 +11,8 @@ function claimsValidationError(message: string) {
   return {
     normalizedResponse: fail(ERROR_CODES.UNAUTHENTICATED, message, {
       retryable: false,
-      requires_human: true
-    })
+      requires_human: true,
+    }),
   };
 }
 
@@ -31,7 +31,7 @@ export class TokenClaimsValidator {
       'actor_type',
       'actor_id',
       'issued_at',
-      'expires_at'
+      'expires_at',
     ];
     for (const field of requiredStringFields) {
       if (!claims[field] || typeof claims[field] !== 'string') {
@@ -45,10 +45,14 @@ export class TokenClaimsValidator {
 
     if (claims.actor_type === 'system' && !claims.session_id.startsWith('bootstrap:')) {
       throw {
-        normalizedResponse: fail(ERROR_CODES.FORBIDDEN_TOOL_FOR_ROLE, 'system_role_requires_bootstrap_session', {
-          retryable: false,
-          requires_human: true
-        })
+        normalizedResponse: fail(
+          ERROR_CODES.FORBIDDEN_TOOL_FOR_ROLE,
+          'system_role_requires_bootstrap_session',
+          {
+            retryable: false,
+            requires_human: true,
+          },
+        ),
       };
     }
 

package/apps/control-plane/src/mcp/tool-authorizer.ts

@@ -24,9 +24,7 @@ export class ToolAuthorizer {
 
   private assertPolicyIntersectionIsValid(): void {
     for (const [role, allowlist] of Object.entries(this.policyRbac)) {
-      const effective = allowlist.includes('*')
-        ? [...this.registry.toolsByName.keys()]
-        : allowlist;
+      const effective = allowlist.includes('*') ? [...this.registry.toolsByName.keys()] : allowlist;
 
       for (const toolName of effective) {
         const tool = this.registry.toolsByName.get(toolName);

package/apps/control-plane/src/mcp/tool-client.ts

@@ -16,7 +16,11 @@ export interface ToolClientIdentity {
 
 export interface ToolClient {
   listTools(): Promise<ToolDescriptor[]>;
-  call(toolName: string, args: Record<string, unknown>, identity: ToolClientIdentity): Promise<ToolResponse>;
+  call(
+    toolName: string,
+    args: Record<string, unknown>,
+    identity: ToolClientIdentity,
+  ): Promise<ToolResponse>;
 }
 
 function toVerifiedClaims(identity: ToolClientIdentity): VerifiedActorClaims {
@@ -24,7 +28,7 @@ function toVerifiedClaims(identity: ToolClientIdentity): VerifiedActorClaims {
   return {
     ...identity,
     issued_at: now.toISOString(),
-    expires_at: new Date(now.getTime() + 15 * 60 * 1000).toISOString()
+    expires_at: new Date(now.getTime() + 15 * 60 * 1000).toISOString(),
   };
 }
 
@@ -39,7 +43,11 @@ export class InProcessToolClient implements ToolClient {
     return await this.runtime.listTools();
   }
 
-  async call(toolName: string, args: Record<string, unknown>, identity: ToolClientIdentity): Promise<ToolResponse> {
+  async call(
+    toolName: string,
+    args: Record<string, unknown>,
+    identity: ToolClientIdentity,
+  ): Promise<ToolResponse> {
     return await this.runtime.callTool(toolName, args, toVerifiedClaims(identity));
   }
 }
@@ -58,12 +66,16 @@ export class McpToolClient implements ToolClient {
     return response.tools;
   }
 
-  async call(toolName: string, args: Record<string, unknown>, identity: ToolClientIdentity): Promise<ToolResponse> {
+  async call(
+    toolName: string,
+    args: Record<string, unknown>,
+    identity: ToolClientIdentity,
+  ): Promise<ToolResponse> {
     const token = this.authVerifier.issueToken(identity);
     return await this.adapter.toolsCall({
       name: toolName,
       arguments: args,
-      session_token: token
+      session_token: token,
     });
   }
 }

package/apps/control-plane/src/mcp/tool-contract-validator.ts

@@ -10,7 +10,7 @@ interface AjvInstance {
 
 function createAjvInstance(): AjvInstance {
   const Ajv2020Ctor = Ajv2020Import as unknown as new (
-    options?: Record<string, unknown>
+    options?: Record<string, unknown>,
   ) => AjvInstance;
   return new Ajv2020Ctor({ allErrors: true, strict: false });
 }
@@ -26,7 +26,7 @@ export class ToolContractValidator {
     loader: ToolRegistryLoader,
     registry: LoadedToolRegistry,
     ajv: AjvInstance,
-    errorsValidator: ValidateFunction
+    errorsValidator: ValidateFunction,
   ) {
     this.loader = loader;
     this.registry = registry;
@@ -35,28 +35,37 @@ export class ToolContractValidator {
     this.errorsValidator = errorsValidator;
   }
 
-  static async create(loader: ToolRegistryLoader, registry: LoadedToolRegistry): Promise<ToolContractValidator> {
+  static async create(
+    loader: ToolRegistryLoader,
+    registry: LoadedToolRegistry,
+  ): Promise<ToolContractValidator> {
     const ajv = createAjvInstance();
     const errorsSchema = await loader.readErrorsSchema();
     const errorsValidator = ajv.compile(errorsSchema);
     return new ToolContractValidator(loader, registry, ajv, errorsValidator);
   }
 
-  async validateInput(tool: ToolCatalogEntry, payload: unknown): Promise<{ valid: boolean; errors: ErrorObject[] }> {
+  async validateInput(
+    tool: ToolCatalogEntry,
+    payload: unknown,
+  ): Promise<{ valid: boolean; errors: ErrorObject[] }> {
     const validator = await this.getOrCompile(tool.input_schema_ref);
     const valid = validator(payload);
     return {
       valid: Boolean(valid),
-      errors: valid ? [] : ((validator.errors ?? []))
+      errors: valid ? [] : (validator.errors ?? []),
     };
   }
 
-  async validateOutput(tool: ToolCatalogEntry, payload: unknown): Promise<{ valid: boolean; errors: ErrorObject[] }> {
+  async validateOutput(
+    tool: ToolCatalogEntry,
+    payload: unknown,
+  ): Promise<{ valid: boolean; errors: ErrorObject[] }> {
     const validator = await this.getOrCompile(tool.output_schema_ref);
     const valid = validator(payload);
     return {
       valid: Boolean(valid),
-      errors: valid ? [] : ((validator.errors ?? []))
+      errors: valid ? [] : (validator.errors ?? []),
     };
   }
 
@@ -64,7 +73,7 @@ export class ToolContractValidator {
     const valid = this.errorsValidator(response);
     return {
       valid: Boolean(valid),
-      errors: valid ? [] : ((this.errorsValidator.errors ?? []))
+      errors: valid ? [] : (this.errorsValidator.errors ?? []),
     };
   }
 

package/apps/control-plane/src/mcp/tool-registry-loader.ts

@@ -4,7 +4,12 @@ import path from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { pathExists } from '../core/fs.js';
 import { MCP_PROTOCOL_PIN, REQUIRED_MCP_TRANSPORTS } from './protocol-contract.js';
-import type { LoadedToolRegistry, ProtocolContract, ToolCatalog, ToolCatalogEntry } from './runtime-types.js';
+import type {
+  LoadedToolRegistry,
+  ProtocolContract,
+  ToolCatalog,
+  ToolCatalogEntry,
+} from './runtime-types.js';
 
 const MODULE_DIR = path.dirname(fileURLToPath(import.meta.url));
 
@@ -113,7 +118,7 @@ export class ToolRegistryLoader {
       catalog,
       protocol,
       toolsByName,
-      toolsByHandlerId
+      toolsByHandlerId,
     };
   }
 
@@ -167,5 +172,4 @@ export class ToolRegistryLoader {
 
     return parsed;
   }
-
 }

package/apps/control-plane/src/mcp/tool-runtime.ts

@@ -56,7 +56,8 @@ function emitToolLog(params: {
   latencyMs: number;
   response: ToolResponse;
 }): void {
-  const operationId = typeof params.args.operation_id === 'string' ? params.args.operation_id : null;
+  const operationId =
+    typeof params.args.operation_id === 'string' ? params.args.operation_id : null;
   const featureId = typeof params.args.feature_id === 'string' ? params.args.feature_id : null;
   const errorCode = isFailResponse(params.response) ? params.response.error.code : null;
   const payload = {
@@ -67,7 +68,7 @@ function emitToolLog(params: {
     actor_type: params.claims.actor_type,
     latency_ms: params.latencyMs,
     result: params.response.ok ? 'ok' : 'error',
-    error_code: errorCode
+    error_code: errorCode,
   };
 
   process.stderr.write(`${JSON.stringify(payload)}\n`);
@@ -103,7 +104,9 @@ export class ToolRuntime {
 
   async listTools(): Promise<ToolDescriptor[]> {
     const descriptors: ToolDescriptor[] = [];
-    const sorted = [...this.registry.toolsByName.values()].sort((a, b) => a.name.localeCompare(b.name));
+    const sorted = [...this.registry.toolsByName.values()].sort((a, b) =>
+      a.name.localeCompare(b.name),
+    );
 
     for (const tool of sorted) {
       descriptors.push({
@@ -112,14 +115,18 @@ export class ToolRuntime {
         input_schema: await this.loader.readSchemaByRef(tool.input_schema_ref),
         output_schema: await this.loader.readSchemaByRef(tool.output_schema_ref),
         mutating: tool.mutating,
-        requires_operation_id: tool.requires_operation_id
+        requires_operation_id: tool.requires_operation_id,
       });
     }
 
     return descriptors;
   }
 
-  async callTool(toolName: string, args: Record<string, unknown>, claims: VerifiedActorClaims): Promise<ToolResponse> {
+  async callTool(
+    toolName: string,
+    args: Record<string, unknown>,
+    claims: VerifiedActorClaims,
+  ): Promise<ToolResponse> {
     const started = Date.now();
     const safeArgs = { ...(args ?? {}) };
     const tool = this.lookupTool(toolName);
@@ -148,7 +155,11 @@ export class ToolRuntime {
     }
 
     const executionResponse = await this.executor.execute(tool, safeArgs, claims);
-    const outputValidationResult = await this.validateExecutionResponse(tool, toolName, executionResponse);
+    const outputValidationResult = await this.validateExecutionResponse(
+      tool,
+      toolName,
+      executionResponse,
+    );
     if (outputValidationResult) {
       return this.finalize(started, claims, toolName, safeArgs, outputValidationResult);
     }
@@ -159,7 +170,7 @@ export class ToolRuntime {
         idempotencyResolution.operationId,
         toolName,
         idempotencyResolution.requestHash,
-        executionResponse
+        executionResponse,
       );
     }
 
@@ -173,13 +184,13 @@ export class ToolRuntime {
   private unknownToolResponse(toolName: string): ToolResponse {
     return fail(ERROR_CODES.INVALID_ARGUMENT, `Unknown tool ${toolName}`, {
       retryable: false,
-      requires_human: true
+      requires_human: true,
     });
   }
 
   private authorizeFeatureScope(
     claims: VerifiedActorClaims,
-    args: Record<string, unknown>
+    args: Record<string, unknown>,
   ): ToolResponse | null {
     if (featureScopeAllows(claims, args)) {
       return null;
@@ -188,7 +199,7 @@ export class ToolRuntime {
       retryable: false,
       requires_human: true,
       feature_scope: claims.feature_scope,
-      feature_id: args.feature_id
+      feature_id: args.feature_id,
     });
   }
 
@@ -196,18 +207,22 @@ export class ToolRuntime {
     if (this.authorizer.isAuthorized(claims.actor_type, toolName)) {
       return null;
     }
-    return fail(ERROR_CODES.FORBIDDEN_TOOL_FOR_ROLE, `Tool ${toolName} is not allowed for role ${claims.actor_type}`, {
-      retryable: false,
-      requires_human: true,
-      actor_type: claims.actor_type,
-      tool_name: toolName
-    });
+    return fail(
+      ERROR_CODES.FORBIDDEN_TOOL_FOR_ROLE,
+      `Tool ${toolName} is not allowed for role ${claims.actor_type}`,
+      {
+        retryable: false,
+        requires_human: true,
+        actor_type: claims.actor_type,
+        tool_name: toolName,
+      },
+    );
   }
 
   private async validateInput(
     tool: ToolCatalogEntry,
     toolName: string,
-    args: Record<string, unknown>
+    args: Record<string, unknown>,
   ): Promise<ToolResponse | null> {
     const inputValidation = await this.validator.validateInput(tool, args);
     if (inputValidation.valid) {
@@ -217,14 +232,14 @@ export class ToolRuntime {
       retryable: false,
       requires_human: true,
       errors: inputValidation.errors,
-      tool_name: toolName
+      tool_name: toolName,
     });
   }
 
   private async validateExecutionResponse(
     tool: ToolCatalogEntry,
     toolName: string,
-    response: ToolResponse
+    response: ToolResponse,
   ): Promise<ToolResponse | null> {
     if (response.ok) {
       const outputValidation = await this.validator.validateOutput(tool, response.data);
@@ -235,7 +250,7 @@ export class ToolRuntime {
         retryable: false,
         requires_human: true,
         errors: outputValidation.errors,
-        tool_name: toolName
+        tool_name: toolName,
       });
     }
 
@@ -247,7 +262,7 @@ export class ToolRuntime {
       retryable: false,
       requires_human: true,
       errors: envelope.errors,
-      tool_name: toolName
+      tool_name: toolName,
     });
   }
 
@@ -256,14 +271,14 @@ export class ToolRuntime {
     claims: VerifiedActorClaims,
     toolName: string,
     args: Record<string, unknown>,
-    response: ToolResponse
+    response: ToolResponse,
   ): ToolResponse {
     emitToolLog({
       claims,
       toolName,
       args,
       latencyMs: Date.now() - started,
-      response
+      response,
     });
     return response;
   }
@@ -272,8 +287,12 @@ export class ToolRuntime {
     tool: ToolCatalogEntry,
     toolName: string,
     args: Record<string, unknown>,
-    claims: VerifiedActorClaims
-  ): Promise<{ operationId: string | null; requestHash: string | null; result: ToolResponse | null }> {
+    claims: VerifiedActorClaims,
+  ): Promise<{
+    operationId: string | null;
+    requestHash: string | null;
+    result: ToolResponse | null;
+  }> {
     if (!tool.mutating) {
       return { operationId: null, requestHash: null, result: null };
     }
@@ -283,22 +302,30 @@ export class ToolRuntime {
       return {
         operationId: null,
         requestHash: null,
-        result: fail(ERROR_CODES.OPERATION_ID_REQUIRED, 'operation_id is required for mutating tools', {
-          retryable: false,
-          requires_human: true,
-          tool_name: toolName
-        })
+        result: fail(
+          ERROR_CODES.OPERATION_ID_REQUIRED,
+          'operation_id is required for mutating tools',
+          {
+            retryable: false,
+            requires_human: true,
+            tool_name: toolName,
+          },
+        ),
       };
     }
     if (!operationId) {
       return {
         operationId: null,
         requestHash: null,
-        result: fail(ERROR_CODES.OPERATION_ID_REQUIRED, 'operation_id is required for mutating tools', {
-          retryable: false,
-          requires_human: true,
-          tool_name: toolName
-        })
+        result: fail(
+          ERROR_CODES.OPERATION_ID_REQUIRED,
+          'operation_id is required for mutating tools',
+          {
+            retryable: false,
+            requires_human: true,
+            tool_name: toolName,
+          },
+        ),
       };
     }
 
@@ -308,7 +335,7 @@ export class ToolRuntime {
       return {
         operationId,
         requestHash,
-        result: dedupe.response
+        result: dedupe.response,
       };
     }
 
@@ -322,15 +349,15 @@ export class ToolRuntime {
           operation_id: operationId,
           request_hash: requestHash,
           existing_hash: dedupe.existing_hash,
-          tool_name: toolName
-        })
+          tool_name: toolName,
+        }),
       };
     }
 
     return {
       operationId,
       requestHash,
-      result: null
+      result: null,
     };
   }
 }

package/apps/control-plane/src/mcp/tools-markdown-generator.ts

@@ -11,7 +11,12 @@ export class ToolsMarkdownGenerator {
 
   renderFromCatalog(catalog: ToolCatalog): string {
     const names = [...catalog.tools].map((tool) => tool.name).sort((a, b) => a.localeCompare(b));
-    const lines = ['# AOP MCP Tool Surface', '', 'Generated from `agentic/orchestrator/tools/catalog.json`.', ''];
+    const lines = [
+      '# AOP MCP Tool Surface',
+      '',
+      'Generated from `agentic/orchestrator/tools/catalog.json`.',
+      '',
+    ];
     for (const name of names) {
       lines.push(`- ${name}`);
     }