agentic-orchestrator 0.1.6 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.prettierignore +10 -0
- package/.prettierrc.json +24 -0
- package/CLAUDE.md +3 -2
- package/README.md +71 -48
- package/agentic/orchestrator/defaults/policy.defaults.yaml +1 -1
- package/agentic/orchestrator/prompts/planner.system.md +1 -0
- package/agentic/orchestrator/schemas/agents.schema.json +5 -22
- package/agentic/orchestrator/schemas/gates.schema.json +4 -19
- package/agentic/orchestrator/schemas/index.schema.json +3 -14
- package/agentic/orchestrator/schemas/multi-project.schema.json +2 -8
- package/agentic/orchestrator/schemas/plan.schema.json +6 -26
- package/agentic/orchestrator/schemas/policy.schema.json +19 -81
- package/agentic/orchestrator/schemas/policy.user.schema.json +1 -5
- package/agentic/orchestrator/schemas/qa_test_index.schema.json +5 -29
- package/agentic/orchestrator/schemas/state.schema.json +11 -61
- package/agentic/orchestrator/tools/catalog.json +33 -164
- package/agentic/orchestrator/tools/schemas/input/evidence.latest.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.delete.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/feature.get_context.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.init.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/feature.log_append.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/feature.ready_to_merge.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/feature.state_get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/feature.state_patch.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/gates.run.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/locks.acquire.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/locks.release.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/performance.record_outcome.input.schema.json +10 -1
- package/agentic/orchestrator/tools/schemas/input/plan.get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/plan.submit.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/plan.update.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/qa.test_index_get.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/qa.test_index_update.input.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/input/repo.apply_patch.input.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/input/repo.diff.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/repo.diff_bundle.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/repo.ensure_worktree.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.read_file.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.search.input.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/input/repo.status.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/input/report.feature_summary.input.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/output/collisions.scan.output.schema.json +1 -3
- package/agentic/orchestrator/tools/schemas/output/evidence.latest.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/feature.delete.output.schema.json +4 -20
- package/agentic/orchestrator/tools/schemas/output/feature.discover_specs.output.schema.json +2 -7
- package/agentic/orchestrator/tools/schemas/output/feature.get_context.output.schema.json +1 -8
- package/agentic/orchestrator/tools/schemas/output/feature.init.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/feature.log_append.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/feature.ready_to_merge.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/feature.state_get.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/feature.state_patch.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/gates.list.output.schema.json +2 -7
- package/agentic/orchestrator/tools/schemas/output/gates.run.output.schema.json +1 -8
- package/agentic/orchestrator/tools/schemas/output/locks.acquire.output.schema.json +1 -7
- package/agentic/orchestrator/tools/schemas/output/locks.release.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/performance.get_analytics.output.schema.json +22 -2
- package/agentic/orchestrator/tools/schemas/output/plan.get.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/plan.submit.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/plan.update.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/qa.test_index_get.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/qa.test_index_update.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/repo.apply_patch.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/repo.diff.output.schema.json +1 -4
- package/agentic/orchestrator/tools/schemas/output/repo.diff_bundle.output.schema.json +1 -7
- package/agentic/orchestrator/tools/schemas/output/repo.ensure_worktree.output.schema.json +1 -6
- package/agentic/orchestrator/tools/schemas/output/repo.read_file.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/repo.search.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/repo.status.output.schema.json +1 -5
- package/agentic/orchestrator/tools/schemas/output/report.dashboard.output.schema.json +1 -4
- package/apps/control-plane/scripts/validate-architecture-rules.mjs +16 -5
- package/apps/control-plane/scripts/validate-docker-mcp-contract.mjs +30 -8
- package/apps/control-plane/scripts/validate-mcp-contracts.ts +13 -7
- package/apps/control-plane/src/application/adapters/adapter-registry.ts +35 -15
- package/apps/control-plane/src/application/multi-project-loader.ts +27 -10
- package/apps/control-plane/src/application/services/activity-monitor-service.ts +26 -14
- package/apps/control-plane/src/application/services/collision-queue-service.ts +31 -17
- package/apps/control-plane/src/application/services/cost-tracking-service.ts +23 -16
- package/apps/control-plane/src/application/services/dependency-scheduler-service.ts +12 -4
- package/apps/control-plane/src/application/services/feature-deletion-service.ts +94 -58
- package/apps/control-plane/src/application/services/feature-lifecycle-service.ts +19 -13
- package/apps/control-plane/src/application/services/feature-state-service.ts +29 -19
- package/apps/control-plane/src/application/services/gate-interpolation-service.ts +7 -2
- package/apps/control-plane/src/application/services/gate-service.ts +64 -41
- package/apps/control-plane/src/application/services/instance-isolation-service.ts +1 -1
- package/apps/control-plane/src/application/services/issue-tracker-service.ts +49 -38
- package/apps/control-plane/src/application/services/lock-service.ts +75 -49
- package/apps/control-plane/src/application/services/merge-service.ts +91 -50
- package/apps/control-plane/src/application/services/notifier-service.ts +42 -20
- package/apps/control-plane/src/application/services/patch-service.ts +73 -44
- package/apps/control-plane/src/application/services/performance-analytics-service.ts +8 -6
- package/apps/control-plane/src/application/services/plan-service.ts +148 -89
- package/apps/control-plane/src/application/services/policy-loader-service.ts +10 -4
- package/apps/control-plane/src/application/services/pr-monitor-service.ts +33 -14
- package/apps/control-plane/src/application/services/qa-index-service.ts +20 -16
- package/apps/control-plane/src/application/services/reactions-service.ts +30 -15
- package/apps/control-plane/src/application/services/reporting-service.ts +16 -12
- package/apps/control-plane/src/application/services/run-lease-service.ts +138 -81
- package/apps/control-plane/src/application/tools/tool-metadata.ts +5 -5
- package/apps/control-plane/src/application/tools/tool-router.ts +6 -3
- package/apps/control-plane/src/cli/aop.ts +2 -2
- package/apps/control-plane/src/cli/attach-command-handler.ts +9 -9
- package/apps/control-plane/src/cli/cleanup-command-handler.ts +16 -11
- package/apps/control-plane/src/cli/cli-argument-parser.ts +6 -3
- package/apps/control-plane/src/cli/dashboard-command-handler.ts +28 -8
- package/apps/control-plane/src/cli/delete-command-handler.ts +7 -7
- package/apps/control-plane/src/cli/env-file.ts +115 -0
- package/apps/control-plane/src/cli/help-command-handler.ts +61 -32
- package/apps/control-plane/src/cli/init-command-handler.ts +182 -56
- package/apps/control-plane/src/cli/io.ts +7 -3
- package/apps/control-plane/src/cli/resume-command-handler.ts +21 -13
- package/apps/control-plane/src/cli/retry-command-handler.ts +12 -11
- package/apps/control-plane/src/cli/run-command-handler.ts +12 -8
- package/apps/control-plane/src/cli/send-command-handler.ts +6 -6
- package/apps/control-plane/src/cli/spec-ingestion-service.ts +14 -8
- package/apps/control-plane/src/cli/spec-input-resolver.ts +6 -1
- package/apps/control-plane/src/cli/spec-utils.ts +2 -2
- package/apps/control-plane/src/cli/status-command-handler.ts +13 -12
- package/apps/control-plane/src/cli/tooling.ts +3 -3
- package/apps/control-plane/src/cli/types.ts +1 -1
- package/apps/control-plane/src/core/collisions.ts +27 -10
- package/apps/control-plane/src/core/constants.ts +13 -7
- package/apps/control-plane/src/core/error-codes.ts +1 -1
- package/apps/control-plane/src/core/fs.ts +11 -5
- package/apps/control-plane/src/core/gates.ts +53 -27
- package/apps/control-plane/src/core/git.ts +18 -6
- package/apps/control-plane/src/core/kernel.ts +513 -227
- package/apps/control-plane/src/core/patch.ts +7 -3
- package/apps/control-plane/src/core/path-layout.ts +5 -1
- package/apps/control-plane/src/core/path-rules.ts +19 -5
- package/apps/control-plane/src/core/qa-index.ts +26 -12
- package/apps/control-plane/src/core/response.ts +9 -6
- package/apps/control-plane/src/core/schemas.ts +29 -10
- package/apps/control-plane/src/core/tool-caller.ts +1 -1
- package/apps/control-plane/src/core/workspace-hooks.ts +5 -5
- package/apps/control-plane/src/index.ts +3 -9
- package/apps/control-plane/src/interfaces/cli/bootstrap.ts +79 -35
- package/apps/control-plane/src/mcp/kernel-tool-executor.ts +7 -3
- package/apps/control-plane/src/mcp/mcp-server-adapter.ts +12 -10
- package/apps/control-plane/src/mcp/operation-ledger.ts +18 -8
- package/apps/control-plane/src/mcp/protocol-contract.ts +2 -2
- package/apps/control-plane/src/mcp/runtime-factory.ts +15 -6
- package/apps/control-plane/src/mcp/token-auth-verifier.ts +3 -2
- package/apps/control-plane/src/mcp/token-claims-validator.ts +11 -7
- package/apps/control-plane/src/mcp/tool-authorizer.ts +1 -3
- package/apps/control-plane/src/mcp/tool-client.ts +17 -5
- package/apps/control-plane/src/mcp/tool-contract-validator.ts +17 -8
- package/apps/control-plane/src/mcp/tool-registry-loader.ts +7 -3
- package/apps/control-plane/src/mcp/tool-runtime.ts +66 -39
- package/apps/control-plane/src/mcp/tools-markdown-generator.ts +6 -1
- package/apps/control-plane/src/providers/providers.ts +137 -54
- package/apps/control-plane/src/supervisor/build-wave-executor.ts +44 -25
- package/apps/control-plane/src/supervisor/planning-wave-executor.ts +46 -33
- package/apps/control-plane/src/supervisor/prompt-bundle-loader.ts +1 -1
- package/apps/control-plane/src/supervisor/qa-wave-executor.ts +38 -23
- package/apps/control-plane/src/supervisor/run-coordinator.ts +71 -36
- package/apps/control-plane/src/supervisor/runtime.ts +59 -35
- package/apps/control-plane/src/supervisor/session-orchestrator.ts +48 -31
- package/apps/control-plane/src/supervisor/types.ts +22 -7
- package/apps/control-plane/src/supervisor/worker-decision-loop.ts +30 -20
- package/apps/control-plane/test/activity-monitor.spec.ts +54 -30
- package/apps/control-plane/test/adapter-registry.spec.ts +5 -5
- package/apps/control-plane/test/aop.spec.ts +4 -4
- package/apps/control-plane/test/batch-operations.spec.ts +20 -18
- package/apps/control-plane/test/bootstrap-attach.spec.ts +52 -19
- package/apps/control-plane/test/bootstrap-edge-cases.spec.ts +58 -27
- package/apps/control-plane/test/bootstrap.spec.ts +72 -40
- package/apps/control-plane/test/cleanup-command.spec.ts +86 -32
- package/apps/control-plane/test/cli-helpers.spec.ts +119 -66
- package/apps/control-plane/test/cli.spec.ts +1 -1
- package/apps/control-plane/test/cli.unit.spec.ts +226 -167
- package/apps/control-plane/test/collision-queue.spec.ts +49 -40
- package/apps/control-plane/test/collisions.spec.ts +30 -30
- package/apps/control-plane/test/core-utils.spec.ts +29 -15
- package/apps/control-plane/test/cost-tracking.spec.ts +38 -22
- package/apps/control-plane/test/dashboard-api.integration.spec.ts +68 -36
- package/apps/control-plane/test/dashboard-client.spec.ts +18 -12
- package/apps/control-plane/test/dashboard-command.spec.ts +11 -7
- package/apps/control-plane/test/delete-command-handler.spec.ts +49 -41
- package/apps/control-plane/test/dependency-scheduler.spec.ts +47 -20
- package/apps/control-plane/test/epoch-tracking.spec.ts +9 -9
- package/apps/control-plane/test/feature-deletion-service.spec.ts +60 -52
- package/apps/control-plane/test/feature-lifecycle.spec.ts +36 -17
- package/apps/control-plane/test/gates.spec.ts +101 -81
- package/apps/control-plane/test/git-spawn-error.spec.ts +1 -1
- package/apps/control-plane/test/helpers.ts +10 -6
- package/apps/control-plane/test/incremental-gates.spec.ts +59 -20
- package/apps/control-plane/test/init-wizard.spec.ts +328 -68
- package/apps/control-plane/test/instance-isolation.spec.ts +43 -10
- package/apps/control-plane/test/issue-tracker.spec.ts +368 -128
- package/apps/control-plane/test/kernel-collision-replay.spec.ts +50 -29
- package/apps/control-plane/test/kernel.branches.spec.ts +64 -40
- package/apps/control-plane/test/kernel.coverage.spec.ts +85 -49
- package/apps/control-plane/test/kernel.coverage2.spec.ts +109 -65
- package/apps/control-plane/test/kernel.spec.ts +134 -51
- package/apps/control-plane/test/lock-service.spec.ts +92 -68
- package/apps/control-plane/test/mcp-helpers.spec.ts +53 -39
- package/apps/control-plane/test/mcp.spec.ts +231 -115
- package/apps/control-plane/test/merge-service.spec.ts +142 -94
- package/apps/control-plane/test/multi-project.spec.ts +28 -22
- package/apps/control-plane/test/notifier-service.spec.ts +136 -92
- package/apps/control-plane/test/parallel-gates.spec.ts +51 -35
- package/apps/control-plane/test/patch-service.spec.ts +128 -48
- package/apps/control-plane/test/performance-analytics.spec.ts +99 -63
- package/apps/control-plane/test/plan-service.spec.ts +50 -39
- package/apps/control-plane/test/planning-wave-executor.spec.ts +95 -71
- package/apps/control-plane/test/policy-loader-service.spec.ts +41 -19
- package/apps/control-plane/test/pr-monitor.spec.ts +113 -64
- package/apps/control-plane/test/providers.spec.ts +208 -104
- package/apps/control-plane/test/qa-index-service.spec.ts +31 -33
- package/apps/control-plane/test/qa-index.spec.ts +58 -61
- package/apps/control-plane/test/reactions.spec.ts +88 -45
- package/apps/control-plane/test/response.spec.ts +5 -5
- package/apps/control-plane/test/resume-command.spec.ts +121 -80
- package/apps/control-plane/test/run-coordinator.spec.ts +205 -136
- package/apps/control-plane/test/schema-date-time.spec.ts +49 -41
- package/apps/control-plane/test/service-retry-paths.spec.ts +77 -57
- package/apps/control-plane/test/services.spec.ts +147 -129
- package/apps/control-plane/test/session-management.spec.ts +136 -74
- package/apps/control-plane/test/spec-ingestion.spec.ts +23 -21
- package/apps/control-plane/test/spec-input-resolver.spec.ts +11 -10
- package/apps/control-plane/test/supervisor-collaborators.spec.ts +168 -121
- package/apps/control-plane/test/supervisor.calltool.spec.ts +21 -18
- package/apps/control-plane/test/supervisor.spec.ts +67 -43
- package/apps/control-plane/test/supervisor.unit.spec.ts +195 -126
- package/apps/control-plane/test/token-auth-verifier.spec.ts +29 -14
- package/apps/control-plane/test/tool-registry-loader.spec.ts +51 -27
- package/apps/control-plane/test/tool-runtime.spec.ts +63 -46
- package/apps/control-plane/test/worker-decision-loop.spec.ts +143 -122
- package/apps/control-plane/test/workspace-hooks.spec.ts +61 -23
- package/apps/control-plane/tsconfig.build.json +2 -7
- package/apps/control-plane/tsconfig.json +1 -5
- package/apps/control-plane/vitest.config.ts +7 -7
- package/config/agentic/orchestrator/adapters.yaml +3 -0
- package/config/agentic/orchestrator/agents.yaml +14 -0
- package/config/agentic/orchestrator/gates.yaml +28 -0
- package/config/agentic/orchestrator/policy.yaml +22 -0
- package/config/agentic/orchestrator/prompts/builder.system.md +1 -0
- package/config/agentic/orchestrator/prompts/planner.system.md +16 -0
- package/config/agentic/orchestrator/prompts/qa.system.md +1 -0
- package/dist/apps/control-plane/application/adapters/adapter-registry.js +12 -5
- package/dist/apps/control-plane/application/adapters/adapter-registry.js.map +1 -1
- package/dist/apps/control-plane/application/multi-project-loader.js +26 -9
- package/dist/apps/control-plane/application/multi-project-loader.js.map +1 -1
- package/dist/apps/control-plane/application/services/activity-monitor-service.js +7 -7
- package/dist/apps/control-plane/application/services/activity-monitor-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/collision-queue-service.js +7 -7
- package/dist/apps/control-plane/application/services/collision-queue-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/cost-tracking-service.js +6 -8
- package/dist/apps/control-plane/application/services/cost-tracking-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/dependency-scheduler-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-deletion-service.js +37 -29
- package/dist/apps/control-plane/application/services/feature-deletion-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-lifecycle-service.js +10 -10
- package/dist/apps/control-plane/application/services/feature-lifecycle-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/feature-state-service.js +11 -11
- package/dist/apps/control-plane/application/services/feature-state-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/gate-interpolation-service.js +3 -1
- package/dist/apps/control-plane/application/services/gate-interpolation-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/gate-service.js +26 -26
- package/dist/apps/control-plane/application/services/gate-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/instance-isolation-service.js +1 -1
- package/dist/apps/control-plane/application/services/instance-isolation-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/issue-tracker-service.js +25 -15
- package/dist/apps/control-plane/application/services/issue-tracker-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/lock-service.js +32 -32
- package/dist/apps/control-plane/application/services/lock-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/merge-service.js +41 -27
- package/dist/apps/control-plane/application/services/merge-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/notifier-service.js +29 -15
- package/dist/apps/control-plane/application/services/notifier-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/patch-service.js +21 -19
- package/dist/apps/control-plane/application/services/patch-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/performance-analytics-service.js +4 -4
- package/dist/apps/control-plane/application/services/performance-analytics-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/plan-service.js +33 -33
- package/dist/apps/control-plane/application/services/plan-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/policy-loader-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/pr-monitor-service.js +23 -11
- package/dist/apps/control-plane/application/services/pr-monitor-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/qa-index-service.js +11 -11
- package/dist/apps/control-plane/application/services/qa-index-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/reactions-service.js +13 -9
- package/dist/apps/control-plane/application/services/reactions-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/reporting-service.js +11 -9
- package/dist/apps/control-plane/application/services/reporting-service.js.map +1 -1
- package/dist/apps/control-plane/application/services/run-lease-service.js +34 -33
- package/dist/apps/control-plane/application/services/run-lease-service.js.map +1 -1
- package/dist/apps/control-plane/application/tools/tool-metadata.js +2 -2
- package/dist/apps/control-plane/application/tools/tool-router.js.map +1 -1
- package/dist/apps/control-plane/cli/attach-command-handler.js +9 -9
- package/dist/apps/control-plane/cli/cleanup-command-handler.js +11 -9
- package/dist/apps/control-plane/cli/cleanup-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/cli-argument-parser.js +4 -3
- package/dist/apps/control-plane/cli/cli-argument-parser.js.map +1 -1
- package/dist/apps/control-plane/cli/dashboard-command-handler.js +23 -7
- package/dist/apps/control-plane/cli/dashboard-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/delete-command-handler.js +7 -7
- package/dist/apps/control-plane/cli/env-file.d.ts +4 -0
- package/dist/apps/control-plane/cli/env-file.js +89 -0
- package/dist/apps/control-plane/cli/env-file.js.map +1 -0
- package/dist/apps/control-plane/cli/help-command-handler.js +58 -30
- package/dist/apps/control-plane/cli/help-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/init-command-handler.js +97 -37
- package/dist/apps/control-plane/cli/init-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/io.js +2 -2
- package/dist/apps/control-plane/cli/io.js.map +1 -1
- package/dist/apps/control-plane/cli/resume-command-handler.js +9 -9
- package/dist/apps/control-plane/cli/resume-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/retry-command-handler.js +12 -11
- package/dist/apps/control-plane/cli/retry-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/run-command-handler.js +12 -8
- package/dist/apps/control-plane/cli/run-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/send-command-handler.js +6 -6
- package/dist/apps/control-plane/cli/spec-ingestion-service.js +10 -8
- package/dist/apps/control-plane/cli/spec-ingestion-service.js.map +1 -1
- package/dist/apps/control-plane/cli/spec-input-resolver.js.map +1 -1
- package/dist/apps/control-plane/cli/spec-utils.js.map +1 -1
- package/dist/apps/control-plane/cli/status-command-handler.js +8 -8
- package/dist/apps/control-plane/cli/status-command-handler.js.map +1 -1
- package/dist/apps/control-plane/cli/tooling.js +1 -1
- package/dist/apps/control-plane/core/collisions.js +11 -8
- package/dist/apps/control-plane/core/collisions.js.map +1 -1
- package/dist/apps/control-plane/core/constants.js +13 -7
- package/dist/apps/control-plane/core/constants.js.map +1 -1
- package/dist/apps/control-plane/core/error-codes.js +1 -1
- package/dist/apps/control-plane/core/fs.js.map +1 -1
- package/dist/apps/control-plane/core/gates.d.ts +2 -2
- package/dist/apps/control-plane/core/gates.js +26 -19
- package/dist/apps/control-plane/core/gates.js.map +1 -1
- package/dist/apps/control-plane/core/git.js +3 -3
- package/dist/apps/control-plane/core/git.js.map +1 -1
- package/dist/apps/control-plane/core/kernel.d.ts +1 -0
- package/dist/apps/control-plane/core/kernel.js +134 -81
- package/dist/apps/control-plane/core/kernel.js.map +1 -1
- package/dist/apps/control-plane/core/patch.js +7 -3
- package/dist/apps/control-plane/core/patch.js.map +1 -1
- package/dist/apps/control-plane/core/path-layout.d.ts +1 -0
- package/dist/apps/control-plane/core/path-layout.js +4 -1
- package/dist/apps/control-plane/core/path-layout.js.map +1 -1
- package/dist/apps/control-plane/core/path-rules.js +3 -1
- package/dist/apps/control-plane/core/path-rules.js.map +1 -1
- package/dist/apps/control-plane/core/qa-index.js +5 -5
- package/dist/apps/control-plane/core/qa-index.js.map +1 -1
- package/dist/apps/control-plane/core/response.js +3 -3
- package/dist/apps/control-plane/core/response.js.map +1 -1
- package/dist/apps/control-plane/core/schemas.js +10 -6
- package/dist/apps/control-plane/core/schemas.js.map +1 -1
- package/dist/apps/control-plane/core/workspace-hooks.js +3 -3
- package/dist/apps/control-plane/index.d.ts +1 -1
- package/dist/apps/control-plane/index.js +1 -1
- package/dist/apps/control-plane/index.js.map +1 -1
- package/dist/apps/control-plane/interfaces/cli/bootstrap.js +40 -23
- package/dist/apps/control-plane/interfaces/cli/bootstrap.js.map +1 -1
- package/dist/apps/control-plane/mcp/kernel-tool-executor.js +1 -1
- package/dist/apps/control-plane/mcp/kernel-tool-executor.js.map +1 -1
- package/dist/apps/control-plane/mcp/mcp-server-adapter.js +6 -7
- package/dist/apps/control-plane/mcp/mcp-server-adapter.js.map +1 -1
- package/dist/apps/control-plane/mcp/operation-ledger.js +5 -5
- package/dist/apps/control-plane/mcp/operation-ledger.js.map +1 -1
- package/dist/apps/control-plane/mcp/protocol-contract.js +2 -2
- package/dist/apps/control-plane/mcp/runtime-factory.js +2 -2
- package/dist/apps/control-plane/mcp/runtime-factory.js.map +1 -1
- package/dist/apps/control-plane/mcp/token-auth-verifier.js +1 -1
- package/dist/apps/control-plane/mcp/token-auth-verifier.js.map +1 -1
- package/dist/apps/control-plane/mcp/token-claims-validator.js +5 -5
- package/dist/apps/control-plane/mcp/token-claims-validator.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-authorizer.js +1 -3
- package/dist/apps/control-plane/mcp/tool-authorizer.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-client.js +2 -2
- package/dist/apps/control-plane/mcp/tool-client.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-contract-validator.js +3 -3
- package/dist/apps/control-plane/mcp/tool-contract-validator.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-registry-loader.js +1 -1
- package/dist/apps/control-plane/mcp/tool-registry-loader.js.map +1 -1
- package/dist/apps/control-plane/mcp/tool-runtime.js +17 -17
- package/dist/apps/control-plane/mcp/tool-runtime.js.map +1 -1
- package/dist/apps/control-plane/mcp/tools-markdown-generator.js +6 -1
- package/dist/apps/control-plane/mcp/tools-markdown-generator.js.map +1 -1
- package/dist/apps/control-plane/providers/providers.d.ts +3 -2
- package/dist/apps/control-plane/providers/providers.js +81 -39
- package/dist/apps/control-plane/providers/providers.js.map +1 -1
- package/dist/apps/control-plane/supervisor/build-wave-executor.js +12 -12
- package/dist/apps/control-plane/supervisor/build-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/planning-wave-executor.js +19 -16
- package/dist/apps/control-plane/supervisor/planning-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/prompt-bundle-loader.js +1 -1
- package/dist/apps/control-plane/supervisor/qa-wave-executor.js +13 -13
- package/dist/apps/control-plane/supervisor/qa-wave-executor.js.map +1 -1
- package/dist/apps/control-plane/supervisor/run-coordinator.js +37 -20
- package/dist/apps/control-plane/supervisor/run-coordinator.js.map +1 -1
- package/dist/apps/control-plane/supervisor/runtime.js +25 -21
- package/dist/apps/control-plane/supervisor/runtime.js.map +1 -1
- package/dist/apps/control-plane/supervisor/session-orchestrator.js +29 -23
- package/dist/apps/control-plane/supervisor/session-orchestrator.js.map +1 -1
- package/dist/apps/control-plane/supervisor/types.d.ts +3 -3
- package/dist/apps/control-plane/supervisor/types.js.map +1 -1
- package/dist/apps/control-plane/supervisor/worker-decision-loop.js +14 -16
- package/dist/apps/control-plane/supervisor/worker-decision-loop.js.map +1 -1
- package/eslint.config.mjs +20 -20
- package/example-configurations/README.md +1 -1
- package/example-configurations/java/agents.yaml +3 -3
- package/example-configurations/java/policy.yaml +1 -1
- package/example-configurations/node/agents.yaml +3 -3
- package/example-configurations/node/policy.yaml +1 -1
- package/package.json +10 -5
- package/packages/web-dashboard/next.config.js +2 -2
- package/packages/web-dashboard/src/app/api/actions/route.ts +25 -9
- package/packages/web-dashboard/src/app/api/events/route.ts +20 -6
- package/packages/web-dashboard/src/app/api/features/[id]/checkout/route.ts +88 -37
- package/packages/web-dashboard/src/app/api/features/[id]/evidence/[artifact]/route.ts +8 -5
- package/packages/web-dashboard/src/app/api/features/[id]/review/route.ts +27 -9
- package/packages/web-dashboard/src/app/api/features/[id]/route.ts +5 -2
- package/packages/web-dashboard/src/app/api/projects/route.ts +5 -5
- package/packages/web-dashboard/src/app/globals.css +10 -2
- package/packages/web-dashboard/src/app/page.tsx +100 -37
- package/packages/web-dashboard/src/lib/aop-client.ts +68 -37
- package/packages/web-dashboard/src/lib/multi-project-config.ts +28 -7
- package/packages/web-dashboard/src/lib/orchestrator-tools.ts +59 -36
- package/packages/web-dashboard/tsconfig.json +3 -11
- package/scripts/nx-safe.mjs +10 -10
- package/spec-files/completed/agentic_orchestrator_cli_delete_command_spec.md +5 -0
- package/spec-files/completed/agentic_orchestrator_feature_gaps_closure_spec.md +189 -90
- package/spec-files/completed/agentic_orchestrator_init_policy_ux_simplification_spec.md +49 -16
- package/spec-files/completed/agentic_orchestrator_mcp_formalization_spec.md +24 -1
- package/spec-files/completed/agentic_orchestrator_single_global_orchestrator_spec.md +9 -0
- package/spec-files/completed/agentic_orchestrator_spec.md +171 -75
- package/spec-files/completed/agentic_orchestrator_validator_hardening_spec.md +25 -17
- package/spec-files/outstanding/agentic_orchestrator_artifact_database_publishing_spec.md +40 -5
- package/spec-files/outstanding/agentic_orchestrator_enterprise_governance_dashboard_spec.md +23 -12
- package/spec-files/outstanding/agentic_orchestrator_knowledge_canary_spec.md +16 -4
- package/spec-files/outstanding/agentic_orchestrator_observability_integrity_diagnostics_spec.md +42 -2
- package/spec-files/outstanding/agentic_orchestrator_performance_improvements_spec.md +209 -130
- package/spec-files/outstanding/agentic_orchestrator_planning_review_quality_spec.md +56 -3
- package/spec-files/outstanding/agentic_orchestrator_productization_commercial_spec.md +77 -10
- package/spec-files/outstanding/agentic_orchestrator_provider_auth_bootstrap_spec.md +384 -0
- package/spec-files/outstanding/agentic_orchestrator_quality_adoption_execution_spec.md +29 -14
- package/spec-files/progress.md +186 -175
- package/tsconfig.json +2 -8
|
@@ -2,7 +2,10 @@ import crypto from 'node:crypto';
|
|
|
2
2
|
import path from 'node:path';
|
|
3
3
|
import readline from 'node:readline/promises';
|
|
4
4
|
import { AopKernel } from '../../core/kernel.js';
|
|
5
|
-
import {
|
|
5
|
+
import {
|
|
6
|
+
computeInstanceId,
|
|
7
|
+
defaultConfigPath,
|
|
8
|
+
} from '../../application/services/instance-isolation-service.js';
|
|
6
9
|
import { ERROR_CODES } from '../../core/error-codes.js';
|
|
7
10
|
import type { AppError } from '../../providers/providers.js';
|
|
8
11
|
import { createToolingRuntime, resolveToolClient } from '../../mcp/runtime-factory.js';
|
|
@@ -21,6 +24,7 @@ import { RetryCommandHandler } from '../../cli/retry-command-handler.js';
|
|
|
21
24
|
import { SendCommandHandler } from '../../cli/send-command-handler.js';
|
|
22
25
|
import { AttachCommandHandler } from '../../cli/attach-command-handler.js';
|
|
23
26
|
import { HelpCommandHandler } from '../../cli/help-command-handler.js';
|
|
27
|
+
import { readEnvFileValues } from '../../cli/env-file.js';
|
|
24
28
|
import { MultiProjectLoader } from '../../application/multi-project-loader.js';
|
|
25
29
|
import { NullWorkerProvider, resolveProviderSelection } from '../../providers/providers.js';
|
|
26
30
|
import type { RuntimeContext } from '../../cli/types.js';
|
|
@@ -50,7 +54,7 @@ async function promptForProjectSelection(projects: ProjectConfig[]): Promise<str
|
|
|
50
54
|
}
|
|
51
55
|
const rl = readline.createInterface({
|
|
52
56
|
input: process.stdin,
|
|
53
|
-
output: process.stdout
|
|
57
|
+
output: process.stdout,
|
|
54
58
|
});
|
|
55
59
|
try {
|
|
56
60
|
const answer = await rl.question('Project number: ');
|
|
@@ -66,7 +70,7 @@ async function promptForProjectSelection(projects: ProjectConfig[]): Promise<str
|
|
|
66
70
|
|
|
67
71
|
export async function runCli(
|
|
68
72
|
argv: string[] = process.argv.slice(2),
|
|
69
|
-
runtime: RuntimeContext = { cwd: process.cwd(), env: process.env }
|
|
73
|
+
runtime: RuntimeContext = { cwd: process.cwd(), env: process.env },
|
|
70
74
|
): Promise<number> {
|
|
71
75
|
const parser = new CliArgumentParser();
|
|
72
76
|
const options = parser.parse(argv);
|
|
@@ -80,16 +84,20 @@ export async function runCli(
|
|
|
80
84
|
|
|
81
85
|
if (options.project) {
|
|
82
86
|
if (!multiConfig) {
|
|
83
|
-
printError(
|
|
84
|
-
|
|
85
|
-
|
|
87
|
+
printError(
|
|
88
|
+
ERROR_CODES.INVALID_CLI_ARGS,
|
|
89
|
+
'No multi-project.yaml found; cannot use --project',
|
|
90
|
+
{
|
|
91
|
+
project: options.project,
|
|
92
|
+
},
|
|
93
|
+
);
|
|
86
94
|
return 1;
|
|
87
95
|
}
|
|
88
96
|
selectedProject = multiLoader.getProject(multiConfig, options.project);
|
|
89
97
|
if (!selectedProject) {
|
|
90
98
|
printError(ERROR_CODES.INVALID_CLI_ARGS, `Project not found: ${options.project}`, {
|
|
91
99
|
project: options.project,
|
|
92
|
-
available: multiConfig.projects.map((p) => p.name)
|
|
100
|
+
available: multiConfig.projects.map((p) => p.name),
|
|
93
101
|
});
|
|
94
102
|
return 1;
|
|
95
103
|
}
|
|
@@ -116,22 +124,30 @@ export async function runCli(
|
|
|
116
124
|
const selectedName = await promptForProjectSelection(multiConfig.projects);
|
|
117
125
|
if (!selectedName) {
|
|
118
126
|
printError(ERROR_CODES.INVALID_CLI_ARGS, 'Invalid project selection', {
|
|
119
|
-
available_projects: multiConfig.projects.map((p) => p.name)
|
|
127
|
+
available_projects: multiConfig.projects.map((p) => p.name),
|
|
120
128
|
});
|
|
121
129
|
return 1;
|
|
122
130
|
}
|
|
123
131
|
selectedProject = multiLoader.getProject(multiConfig, selectedName);
|
|
124
132
|
if (!selectedProject) {
|
|
125
|
-
printError(
|
|
126
|
-
|
|
127
|
-
|
|
133
|
+
printError(
|
|
134
|
+
ERROR_CODES.INVALID_CLI_ARGS,
|
|
135
|
+
'Selected project was not found in configuration',
|
|
136
|
+
{
|
|
137
|
+
selected_project: selectedName,
|
|
138
|
+
},
|
|
139
|
+
);
|
|
128
140
|
return 1;
|
|
129
141
|
}
|
|
130
142
|
repoRoot = selectedProject.path;
|
|
131
143
|
} else {
|
|
132
|
-
printError(
|
|
133
|
-
|
|
134
|
-
|
|
144
|
+
printError(
|
|
145
|
+
ERROR_CODES.INVALID_CLI_ARGS,
|
|
146
|
+
'Multiple projects configured; --project is required',
|
|
147
|
+
{
|
|
148
|
+
available_projects: multiConfig.projects.map((p) => p.name),
|
|
149
|
+
},
|
|
150
|
+
);
|
|
135
151
|
return 1;
|
|
136
152
|
}
|
|
137
153
|
}
|
|
@@ -139,9 +155,15 @@ export async function runCli(
|
|
|
139
155
|
}
|
|
140
156
|
|
|
141
157
|
try {
|
|
158
|
+
const envFileValues = await readEnvFileValues(path.join(repoRoot, '.env'));
|
|
159
|
+
const effectiveEnv: NodeJS.ProcessEnv = {
|
|
160
|
+
...envFileValues,
|
|
161
|
+
...runtime.env,
|
|
162
|
+
};
|
|
163
|
+
|
|
142
164
|
if (!SUPPORTED_COMMANDS.has(options.command)) {
|
|
143
165
|
printError(ERROR_CODES.INVALID_CLI_ARGS, `Unknown command: ${options.command}`, {
|
|
144
|
-
command: options.command
|
|
166
|
+
command: options.command,
|
|
145
167
|
});
|
|
146
168
|
return 1;
|
|
147
169
|
}
|
|
@@ -157,18 +179,23 @@ export async function runCli(
|
|
|
157
179
|
|
|
158
180
|
if (options.command === CliCommand.Init) {
|
|
159
181
|
const handler = new InitCommandHandler(repoRoot);
|
|
160
|
-
const payload = await handler.execute({
|
|
182
|
+
const payload = await handler.execute({
|
|
183
|
+
auto: options.auto,
|
|
184
|
+
force: options.force,
|
|
185
|
+
advanced_policy: options.advanced_policy,
|
|
186
|
+
});
|
|
161
187
|
printPayload(payload);
|
|
162
188
|
return 0;
|
|
163
189
|
}
|
|
164
190
|
|
|
165
191
|
if (options.command === CliCommand.Dashboard) {
|
|
166
192
|
const handler = new DashboardCommandHandler();
|
|
167
|
-
const defaultDashboardPort =
|
|
193
|
+
const defaultDashboardPort =
|
|
194
|
+
selectedProject?.dashboard_port ?? multiConfig?.defaults?.dashboard_port;
|
|
168
195
|
const payload = await handler.execute({
|
|
169
196
|
port: options.port ?? defaultDashboardPort,
|
|
170
197
|
foreground: options.foreground,
|
|
171
|
-
dev: options.dev
|
|
198
|
+
dev: options.dev,
|
|
172
199
|
});
|
|
173
200
|
printPayload(payload);
|
|
174
201
|
return 0;
|
|
@@ -187,10 +214,14 @@ export async function runCli(
|
|
|
187
214
|
try {
|
|
188
215
|
const projectPolicyPath = multiLoader.resolveProjectPolicyPath(multiConfig, project);
|
|
189
216
|
const projectGatesPath = multiLoader.resolveProjectGatesPath(multiConfig, project);
|
|
190
|
-
const projectKernel = new AopKernel(
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
217
|
+
const projectKernel = new AopKernel(
|
|
218
|
+
project.path,
|
|
219
|
+
computeInstanceId(defaultConfigPath(project.path)),
|
|
220
|
+
{
|
|
221
|
+
policyPath: projectPolicyPath,
|
|
222
|
+
gatesPath: projectGatesPath,
|
|
223
|
+
},
|
|
224
|
+
);
|
|
194
225
|
await projectKernel.ensureLoaded();
|
|
195
226
|
const projectTooling = await createToolingRuntime(project.path, projectKernel);
|
|
196
227
|
const projectToolClient = resolveToolClient(transport, projectTooling);
|
|
@@ -202,7 +233,10 @@ export async function runCli(
|
|
|
202
233
|
projectStatuses.push({
|
|
203
234
|
name: project.name,
|
|
204
235
|
path: project.path,
|
|
205
|
-
status: {
|
|
236
|
+
status: {
|
|
237
|
+
ok: false,
|
|
238
|
+
error: { code: typed.code ?? ERROR_CODES.INTERNAL_ERROR, message: typed.message },
|
|
239
|
+
},
|
|
206
240
|
});
|
|
207
241
|
}
|
|
208
242
|
}
|
|
@@ -213,14 +247,18 @@ export async function runCli(
|
|
|
213
247
|
}
|
|
214
248
|
|
|
215
249
|
const selectedPolicyPath =
|
|
216
|
-
selectedProject && multiConfig
|
|
250
|
+
selectedProject && multiConfig
|
|
251
|
+
? multiLoader.resolveProjectPolicyPath(multiConfig, selectedProject)
|
|
252
|
+
: undefined;
|
|
217
253
|
const selectedGatesPath =
|
|
218
|
-
selectedProject && multiConfig
|
|
254
|
+
selectedProject && multiConfig
|
|
255
|
+
? multiLoader.resolveProjectGatesPath(multiConfig, selectedProject)
|
|
256
|
+
: undefined;
|
|
219
257
|
|
|
220
258
|
const instanceId = computeInstanceId(defaultConfigPath(repoRoot));
|
|
221
259
|
const kernel = new AopKernel(repoRoot, instanceId, {
|
|
222
260
|
policyPath: selectedPolicyPath,
|
|
223
|
-
gatesPath: selectedGatesPath
|
|
261
|
+
gatesPath: selectedGatesPath,
|
|
224
262
|
});
|
|
225
263
|
await kernel.ensureLoaded();
|
|
226
264
|
|
|
@@ -233,15 +271,15 @@ export async function runCli(
|
|
|
233
271
|
try {
|
|
234
272
|
selection = resolveProviderSelection({
|
|
235
273
|
cli: options as unknown as Record<string, string | undefined>,
|
|
236
|
-
env:
|
|
237
|
-
agentsConfig: kernel.getAgentsConfig()
|
|
274
|
+
env: effectiveEnv,
|
|
275
|
+
agentsConfig: kernel.getAgentsConfig(),
|
|
238
276
|
});
|
|
239
277
|
} catch {
|
|
240
278
|
selection = {
|
|
241
279
|
provider: 'custom',
|
|
242
280
|
model: 'custom-default',
|
|
243
281
|
provider_config_env: null,
|
|
244
|
-
provider_config_ref: null
|
|
282
|
+
provider_config_ref: null,
|
|
245
283
|
};
|
|
246
284
|
}
|
|
247
285
|
commandProvider = new NullWorkerProvider(selection);
|
|
@@ -259,12 +297,12 @@ export async function runCli(
|
|
|
259
297
|
const handler = new ResumeCommandHandler();
|
|
260
298
|
const payload = await handler.execute({
|
|
261
299
|
repoRoot,
|
|
262
|
-
env:
|
|
300
|
+
env: effectiveEnv,
|
|
263
301
|
runId,
|
|
264
302
|
transport,
|
|
265
303
|
options,
|
|
266
304
|
kernel,
|
|
267
|
-
toolClient
|
|
305
|
+
toolClient,
|
|
268
306
|
});
|
|
269
307
|
printPayload(payload);
|
|
270
308
|
return 0;
|
|
@@ -290,7 +328,13 @@ export async function runCli(
|
|
|
290
328
|
};
|
|
291
329
|
const gracePeriodSeconds = policySnapshot.cleanup?.grace_period_seconds;
|
|
292
330
|
const autoAfterMerge = policySnapshot.cleanup?.auto_after_merge === true;
|
|
293
|
-
const handler = new CleanupCommandHandler(
|
|
331
|
+
const handler = new CleanupCommandHandler(
|
|
332
|
+
toolClient,
|
|
333
|
+
runId,
|
|
334
|
+
repoRoot,
|
|
335
|
+
gracePeriodSeconds,
|
|
336
|
+
autoAfterMerge,
|
|
337
|
+
);
|
|
294
338
|
const payload = await handler.execute(options);
|
|
295
339
|
printPayload(payload);
|
|
296
340
|
return 0;
|
|
@@ -325,14 +369,14 @@ export async function runCli(
|
|
|
325
369
|
const handler = new RunCommandHandler();
|
|
326
370
|
const payload = await handler.execute({
|
|
327
371
|
repoRoot,
|
|
328
|
-
env:
|
|
372
|
+
env: effectiveEnv,
|
|
329
373
|
runId,
|
|
330
374
|
transport,
|
|
331
375
|
options,
|
|
332
376
|
kernel,
|
|
333
377
|
toolClient,
|
|
334
378
|
maxActiveFeatures: multiConfig?.defaults?.max_active_features ?? undefined,
|
|
335
|
-
maxParallelGateRuns: multiConfig?.defaults?.max_parallel_gate_runs ?? undefined
|
|
379
|
+
maxParallelGateRuns: multiConfig?.defaults?.max_parallel_gate_runs ?? undefined,
|
|
336
380
|
});
|
|
337
381
|
printPayload(payload);
|
|
338
382
|
return 0;
|
|
@@ -342,7 +386,7 @@ export async function runCli(
|
|
|
342
386
|
printError(code, typed.message || 'Unhandled CLI error', {
|
|
343
387
|
...(typed.details ?? {}),
|
|
344
388
|
retryable: false,
|
|
345
|
-
requires_human: true
|
|
389
|
+
requires_human: true,
|
|
346
390
|
});
|
|
347
391
|
return 1;
|
|
348
392
|
}
|
|
@@ -5,7 +5,7 @@ export interface ToolExecutionRouterPort {
|
|
|
5
5
|
dispatchTool(
|
|
6
6
|
toolName: string,
|
|
7
7
|
args: Record<string, unknown>,
|
|
8
|
-
context: { actorType: string; actorId: string }
|
|
8
|
+
context: { actorType: string; actorId: string },
|
|
9
9
|
): Promise<unknown>;
|
|
10
10
|
normalizeError(error: unknown): ToolResponse;
|
|
11
11
|
}
|
|
@@ -17,11 +17,15 @@ export class KernelToolExecutor {
|
|
|
17
17
|
this.router = router;
|
|
18
18
|
}
|
|
19
19
|
|
|
20
|
-
async execute(
|
|
20
|
+
async execute(
|
|
21
|
+
tool: ToolCatalogEntry,
|
|
22
|
+
args: Record<string, unknown>,
|
|
23
|
+
claims: VerifiedActorClaims,
|
|
24
|
+
): Promise<ToolResponse> {
|
|
21
25
|
try {
|
|
22
26
|
const result = (await this.router.dispatchTool(tool.name, args, {
|
|
23
27
|
actorType: claims.actor_type,
|
|
24
|
-
actorId: claims.actor_id
|
|
28
|
+
actorId: claims.actor_id,
|
|
25
29
|
})) as Record<string, unknown>;
|
|
26
30
|
const payload =
|
|
27
31
|
result.data && typeof result.data === 'object'
|
|
@@ -11,7 +11,10 @@ interface McpCallRequest {
|
|
|
11
11
|
session_token?: string;
|
|
12
12
|
}
|
|
13
13
|
|
|
14
|
-
function extractActorClaimsFromArgs(args: Record<string, unknown>): {
|
|
14
|
+
function extractActorClaimsFromArgs(args: Record<string, unknown>): {
|
|
15
|
+
actor_type?: string;
|
|
16
|
+
actor_id?: string;
|
|
17
|
+
} {
|
|
15
18
|
const actor_type = typeof args.actor_type === 'string' ? args.actor_type : undefined;
|
|
16
19
|
const actor_id = typeof args.actor_id === 'string' ? args.actor_id : undefined;
|
|
17
20
|
return { actor_type, actor_id };
|
|
@@ -37,15 +40,18 @@ export class McpServerAdapter {
|
|
|
37
40
|
try {
|
|
38
41
|
const claims = this.authVerifier.verifyToken(request.session_token ?? '');
|
|
39
42
|
const supplied = extractActorClaimsFromArgs(args);
|
|
40
|
-
if (
|
|
43
|
+
if (
|
|
44
|
+
(supplied.actor_type && supplied.actor_type !== claims.actor_type) ||
|
|
45
|
+
(supplied.actor_id && supplied.actor_id !== claims.actor_id)
|
|
46
|
+
) {
|
|
41
47
|
return fail(ERROR_CODES.INVALID_ACTOR_CLAIM, 'actor claim does not match signed token', {
|
|
42
48
|
retryable: false,
|
|
43
49
|
requires_human: true,
|
|
44
50
|
supplied,
|
|
45
51
|
token_claims: {
|
|
46
52
|
actor_type: claims.actor_type,
|
|
47
|
-
actor_id: claims.actor_id
|
|
48
|
-
}
|
|
53
|
+
actor_id: claims.actor_id,
|
|
54
|
+
},
|
|
49
55
|
});
|
|
50
56
|
}
|
|
51
57
|
|
|
@@ -54,11 +60,7 @@ export class McpServerAdapter {
|
|
|
54
60
|
|
|
55
61
|
return this.runtime.callTool(request.name, args, claims);
|
|
56
62
|
} catch (error: unknown) {
|
|
57
|
-
if (
|
|
58
|
-
typeof error === 'object' &&
|
|
59
|
-
error !== null &&
|
|
60
|
-
'normalizedResponse' in error
|
|
61
|
-
) {
|
|
63
|
+
if (typeof error === 'object' && error !== null && 'normalizedResponse' in error) {
|
|
62
64
|
return (error as { normalizedResponse: ToolResponse }).normalizedResponse;
|
|
63
65
|
}
|
|
64
66
|
const message =
|
|
@@ -67,7 +69,7 @@ export class McpServerAdapter {
|
|
|
67
69
|
: undefined;
|
|
68
70
|
return fail(ERROR_CODES.UNAUTHENTICATED, String(message ?? error), {
|
|
69
71
|
retryable: false,
|
|
70
|
-
requires_human: true
|
|
72
|
+
requires_human: true,
|
|
71
73
|
});
|
|
72
74
|
}
|
|
73
75
|
}
|
|
@@ -46,7 +46,7 @@ export class OperationLedger {
|
|
|
46
46
|
await atomicWriteJson(this.ledgerPath(runId), {
|
|
47
47
|
run_id: runId,
|
|
48
48
|
updated_at: nowIso(),
|
|
49
|
-
operations: {}
|
|
49
|
+
operations: {},
|
|
50
50
|
} as LedgerFile);
|
|
51
51
|
}
|
|
52
52
|
}
|
|
@@ -54,8 +54,12 @@ export class OperationLedger {
|
|
|
54
54
|
async resolveOperation(
|
|
55
55
|
runId: string,
|
|
56
56
|
operationId: string,
|
|
57
|
-
requestHash: string
|
|
58
|
-
): Promise<
|
|
57
|
+
requestHash: string,
|
|
58
|
+
): Promise<
|
|
59
|
+
| { status: 'new' }
|
|
60
|
+
| { status: 'replay'; response: ToolResponse }
|
|
61
|
+
| { status: 'mismatch'; existing_hash: string }
|
|
62
|
+
> {
|
|
59
63
|
await this.ensureRunLedger(runId);
|
|
60
64
|
|
|
61
65
|
return await withFileLock(this.lockPath(runId), async () => {
|
|
@@ -69,25 +73,31 @@ export class OperationLedger {
|
|
|
69
73
|
if (existing.request_hash !== requestHash) {
|
|
70
74
|
return {
|
|
71
75
|
status: 'mismatch',
|
|
72
|
-
existing_hash: existing.request_hash
|
|
76
|
+
existing_hash: existing.request_hash,
|
|
73
77
|
};
|
|
74
78
|
}
|
|
75
79
|
|
|
76
80
|
return {
|
|
77
81
|
status: 'replay',
|
|
78
|
-
response: existing.response
|
|
82
|
+
response: existing.response,
|
|
79
83
|
};
|
|
80
84
|
});
|
|
81
85
|
}
|
|
82
86
|
|
|
83
|
-
async recordOperation(
|
|
87
|
+
async recordOperation(
|
|
88
|
+
runId: string,
|
|
89
|
+
operationId: string,
|
|
90
|
+
toolName: string,
|
|
91
|
+
requestHash: string,
|
|
92
|
+
response: ToolResponse,
|
|
93
|
+
): Promise<void> {
|
|
84
94
|
await this.ensureRunLedger(runId);
|
|
85
95
|
|
|
86
96
|
await withFileLock(this.lockPath(runId), async () => {
|
|
87
97
|
const ledger = (await readJson<LedgerFile>(this.ledgerPath(runId), null)) ?? {
|
|
88
98
|
run_id: runId,
|
|
89
99
|
updated_at: nowIso(),
|
|
90
|
-
operations: {}
|
|
100
|
+
operations: {},
|
|
91
101
|
};
|
|
92
102
|
|
|
93
103
|
const now = nowIso();
|
|
@@ -98,7 +108,7 @@ export class OperationLedger {
|
|
|
98
108
|
request_hash: requestHash,
|
|
99
109
|
response,
|
|
100
110
|
created_at: existing?.created_at ?? now,
|
|
101
|
-
updated_at: now
|
|
111
|
+
updated_at: now,
|
|
102
112
|
};
|
|
103
113
|
ledger.updated_at = now;
|
|
104
114
|
|
|
@@ -36,7 +36,11 @@ export class ToolingRuntimeComposer {
|
|
|
36
36
|
private readonly kernel: ToolingKernelPort;
|
|
37
37
|
private readonly options: CreateToolingRuntimeOptions;
|
|
38
38
|
|
|
39
|
-
constructor(
|
|
39
|
+
constructor(
|
|
40
|
+
repoRoot: string,
|
|
41
|
+
kernel: ToolingKernelPort,
|
|
42
|
+
options: CreateToolingRuntimeOptions = {},
|
|
43
|
+
) {
|
|
40
44
|
this.repoRoot = repoRoot;
|
|
41
45
|
this.kernel = kernel;
|
|
42
46
|
this.options = options;
|
|
@@ -58,7 +62,7 @@ export class ToolingRuntimeComposer {
|
|
|
58
62
|
validator,
|
|
59
63
|
authorizer,
|
|
60
64
|
ledger,
|
|
61
|
-
executor
|
|
65
|
+
executor,
|
|
62
66
|
});
|
|
63
67
|
const authVerifier = new TokenAuthVerifier();
|
|
64
68
|
const mcpAdapter = new McpServerAdapter(runtime, authVerifier);
|
|
@@ -74,11 +78,13 @@ export class ToolingRuntimeComposer {
|
|
|
74
78
|
authVerifier,
|
|
75
79
|
mcpAdapter,
|
|
76
80
|
inProcessClient: new InProcessToolClient(runtime),
|
|
77
|
-
mcpClient: new McpToolClient(mcpAdapter, authVerifier)
|
|
81
|
+
mcpClient: new McpToolClient(mcpAdapter, authVerifier),
|
|
78
82
|
};
|
|
79
83
|
}
|
|
80
84
|
|
|
81
|
-
private async generateToolsMarkdownIfEnabled(
|
|
85
|
+
private async generateToolsMarkdownIfEnabled(
|
|
86
|
+
catalog: Awaited<ReturnType<ToolRegistryLoader['load']>>['catalog'],
|
|
87
|
+
): Promise<void> {
|
|
82
88
|
const shouldGenerateDocs = this.options.generateToolsMarkdown ?? true;
|
|
83
89
|
if (!shouldGenerateDocs) {
|
|
84
90
|
return;
|
|
@@ -91,13 +97,16 @@ export class ToolingRuntimeComposer {
|
|
|
91
97
|
export async function createToolingRuntime(
|
|
92
98
|
repoRoot: string,
|
|
93
99
|
kernel: ToolingKernelPort,
|
|
94
|
-
options: CreateToolingRuntimeOptions = {}
|
|
100
|
+
options: CreateToolingRuntimeOptions = {},
|
|
95
101
|
): Promise<ToolingRuntime> {
|
|
96
102
|
const composer = new ToolingRuntimeComposer(repoRoot, kernel, options);
|
|
97
103
|
return await composer.compose();
|
|
98
104
|
}
|
|
99
105
|
|
|
100
|
-
export function resolveToolClient(
|
|
106
|
+
export function resolveToolClient(
|
|
107
|
+
transport: 'inprocess' | 'mcp',
|
|
108
|
+
tooling: ToolingRuntime,
|
|
109
|
+
): ToolClient {
|
|
101
110
|
if (transport === 'mcp') {
|
|
102
111
|
return tooling.mcpClient;
|
|
103
112
|
}
|
|
@@ -32,7 +32,8 @@ export class TokenAuthVerifier {
|
|
|
32
32
|
expires_at?: string;
|
|
33
33
|
}): string {
|
|
34
34
|
const issuedAt = this.now().toISOString();
|
|
35
|
-
const expiresAt =
|
|
35
|
+
const expiresAt =
|
|
36
|
+
input.expires_at ?? new Date(this.now().getTime() + this.ttlSeconds * 1000).toISOString();
|
|
36
37
|
|
|
37
38
|
const claims: VerifiedActorClaims = {
|
|
38
39
|
run_id: input.run_id,
|
|
@@ -41,7 +42,7 @@ export class TokenAuthVerifier {
|
|
|
41
42
|
actor_id: input.actor_id,
|
|
42
43
|
feature_scope: input.feature_scope,
|
|
43
44
|
issued_at: issuedAt,
|
|
44
|
-
expires_at: expiresAt
|
|
45
|
+
expires_at: expiresAt,
|
|
45
46
|
};
|
|
46
47
|
|
|
47
48
|
this.claimsValidator.validate(claims, { checkExpiry: false });
|
|
@@ -11,8 +11,8 @@ function claimsValidationError(message: string) {
|
|
|
11
11
|
return {
|
|
12
12
|
normalizedResponse: fail(ERROR_CODES.UNAUTHENTICATED, message, {
|
|
13
13
|
retryable: false,
|
|
14
|
-
requires_human: true
|
|
15
|
-
})
|
|
14
|
+
requires_human: true,
|
|
15
|
+
}),
|
|
16
16
|
};
|
|
17
17
|
}
|
|
18
18
|
|
|
@@ -31,7 +31,7 @@ export class TokenClaimsValidator {
|
|
|
31
31
|
'actor_type',
|
|
32
32
|
'actor_id',
|
|
33
33
|
'issued_at',
|
|
34
|
-
'expires_at'
|
|
34
|
+
'expires_at',
|
|
35
35
|
];
|
|
36
36
|
for (const field of requiredStringFields) {
|
|
37
37
|
if (!claims[field] || typeof claims[field] !== 'string') {
|
|
@@ -45,10 +45,14 @@ export class TokenClaimsValidator {
|
|
|
45
45
|
|
|
46
46
|
if (claims.actor_type === 'system' && !claims.session_id.startsWith('bootstrap:')) {
|
|
47
47
|
throw {
|
|
48
|
-
normalizedResponse: fail(
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
48
|
+
normalizedResponse: fail(
|
|
49
|
+
ERROR_CODES.FORBIDDEN_TOOL_FOR_ROLE,
|
|
50
|
+
'system_role_requires_bootstrap_session',
|
|
51
|
+
{
|
|
52
|
+
retryable: false,
|
|
53
|
+
requires_human: true,
|
|
54
|
+
},
|
|
55
|
+
),
|
|
52
56
|
};
|
|
53
57
|
}
|
|
54
58
|
|
|
@@ -24,9 +24,7 @@ export class ToolAuthorizer {
|
|
|
24
24
|
|
|
25
25
|
private assertPolicyIntersectionIsValid(): void {
|
|
26
26
|
for (const [role, allowlist] of Object.entries(this.policyRbac)) {
|
|
27
|
-
const effective = allowlist.includes('*')
|
|
28
|
-
? [...this.registry.toolsByName.keys()]
|
|
29
|
-
: allowlist;
|
|
27
|
+
const effective = allowlist.includes('*') ? [...this.registry.toolsByName.keys()] : allowlist;
|
|
30
28
|
|
|
31
29
|
for (const toolName of effective) {
|
|
32
30
|
const tool = this.registry.toolsByName.get(toolName);
|
|
@@ -16,7 +16,11 @@ export interface ToolClientIdentity {
|
|
|
16
16
|
|
|
17
17
|
export interface ToolClient {
|
|
18
18
|
listTools(): Promise<ToolDescriptor[]>;
|
|
19
|
-
call(
|
|
19
|
+
call(
|
|
20
|
+
toolName: string,
|
|
21
|
+
args: Record<string, unknown>,
|
|
22
|
+
identity: ToolClientIdentity,
|
|
23
|
+
): Promise<ToolResponse>;
|
|
20
24
|
}
|
|
21
25
|
|
|
22
26
|
function toVerifiedClaims(identity: ToolClientIdentity): VerifiedActorClaims {
|
|
@@ -24,7 +28,7 @@ function toVerifiedClaims(identity: ToolClientIdentity): VerifiedActorClaims {
|
|
|
24
28
|
return {
|
|
25
29
|
...identity,
|
|
26
30
|
issued_at: now.toISOString(),
|
|
27
|
-
expires_at: new Date(now.getTime() + 15 * 60 * 1000).toISOString()
|
|
31
|
+
expires_at: new Date(now.getTime() + 15 * 60 * 1000).toISOString(),
|
|
28
32
|
};
|
|
29
33
|
}
|
|
30
34
|
|
|
@@ -39,7 +43,11 @@ export class InProcessToolClient implements ToolClient {
|
|
|
39
43
|
return await this.runtime.listTools();
|
|
40
44
|
}
|
|
41
45
|
|
|
42
|
-
async call(
|
|
46
|
+
async call(
|
|
47
|
+
toolName: string,
|
|
48
|
+
args: Record<string, unknown>,
|
|
49
|
+
identity: ToolClientIdentity,
|
|
50
|
+
): Promise<ToolResponse> {
|
|
43
51
|
return await this.runtime.callTool(toolName, args, toVerifiedClaims(identity));
|
|
44
52
|
}
|
|
45
53
|
}
|
|
@@ -58,12 +66,16 @@ export class McpToolClient implements ToolClient {
|
|
|
58
66
|
return response.tools;
|
|
59
67
|
}
|
|
60
68
|
|
|
61
|
-
async call(
|
|
69
|
+
async call(
|
|
70
|
+
toolName: string,
|
|
71
|
+
args: Record<string, unknown>,
|
|
72
|
+
identity: ToolClientIdentity,
|
|
73
|
+
): Promise<ToolResponse> {
|
|
62
74
|
const token = this.authVerifier.issueToken(identity);
|
|
63
75
|
return await this.adapter.toolsCall({
|
|
64
76
|
name: toolName,
|
|
65
77
|
arguments: args,
|
|
66
|
-
session_token: token
|
|
78
|
+
session_token: token,
|
|
67
79
|
});
|
|
68
80
|
}
|
|
69
81
|
}
|
|
@@ -10,7 +10,7 @@ interface AjvInstance {
|
|
|
10
10
|
|
|
11
11
|
function createAjvInstance(): AjvInstance {
|
|
12
12
|
const Ajv2020Ctor = Ajv2020Import as unknown as new (
|
|
13
|
-
options?: Record<string, unknown
|
|
13
|
+
options?: Record<string, unknown>,
|
|
14
14
|
) => AjvInstance;
|
|
15
15
|
return new Ajv2020Ctor({ allErrors: true, strict: false });
|
|
16
16
|
}
|
|
@@ -26,7 +26,7 @@ export class ToolContractValidator {
|
|
|
26
26
|
loader: ToolRegistryLoader,
|
|
27
27
|
registry: LoadedToolRegistry,
|
|
28
28
|
ajv: AjvInstance,
|
|
29
|
-
errorsValidator: ValidateFunction
|
|
29
|
+
errorsValidator: ValidateFunction,
|
|
30
30
|
) {
|
|
31
31
|
this.loader = loader;
|
|
32
32
|
this.registry = registry;
|
|
@@ -35,28 +35,37 @@ export class ToolContractValidator {
|
|
|
35
35
|
this.errorsValidator = errorsValidator;
|
|
36
36
|
}
|
|
37
37
|
|
|
38
|
-
static async create(
|
|
38
|
+
static async create(
|
|
39
|
+
loader: ToolRegistryLoader,
|
|
40
|
+
registry: LoadedToolRegistry,
|
|
41
|
+
): Promise<ToolContractValidator> {
|
|
39
42
|
const ajv = createAjvInstance();
|
|
40
43
|
const errorsSchema = await loader.readErrorsSchema();
|
|
41
44
|
const errorsValidator = ajv.compile(errorsSchema);
|
|
42
45
|
return new ToolContractValidator(loader, registry, ajv, errorsValidator);
|
|
43
46
|
}
|
|
44
47
|
|
|
45
|
-
async validateInput(
|
|
48
|
+
async validateInput(
|
|
49
|
+
tool: ToolCatalogEntry,
|
|
50
|
+
payload: unknown,
|
|
51
|
+
): Promise<{ valid: boolean; errors: ErrorObject[] }> {
|
|
46
52
|
const validator = await this.getOrCompile(tool.input_schema_ref);
|
|
47
53
|
const valid = validator(payload);
|
|
48
54
|
return {
|
|
49
55
|
valid: Boolean(valid),
|
|
50
|
-
errors: valid ? [] : (
|
|
56
|
+
errors: valid ? [] : (validator.errors ?? []),
|
|
51
57
|
};
|
|
52
58
|
}
|
|
53
59
|
|
|
54
|
-
async validateOutput(
|
|
60
|
+
async validateOutput(
|
|
61
|
+
tool: ToolCatalogEntry,
|
|
62
|
+
payload: unknown,
|
|
63
|
+
): Promise<{ valid: boolean; errors: ErrorObject[] }> {
|
|
55
64
|
const validator = await this.getOrCompile(tool.output_schema_ref);
|
|
56
65
|
const valid = validator(payload);
|
|
57
66
|
return {
|
|
58
67
|
valid: Boolean(valid),
|
|
59
|
-
errors: valid ? [] : (
|
|
68
|
+
errors: valid ? [] : (validator.errors ?? []),
|
|
60
69
|
};
|
|
61
70
|
}
|
|
62
71
|
|
|
@@ -64,7 +73,7 @@ export class ToolContractValidator {
|
|
|
64
73
|
const valid = this.errorsValidator(response);
|
|
65
74
|
return {
|
|
66
75
|
valid: Boolean(valid),
|
|
67
|
-
errors: valid ? [] : (
|
|
76
|
+
errors: valid ? [] : (this.errorsValidator.errors ?? []),
|
|
68
77
|
};
|
|
69
78
|
}
|
|
70
79
|
|