npm - aiden-runtime - Versions diffs - 4.1.4 → 4.5.0 - Mend

aiden-runtime 4.1.4 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/README.md +250 -847
package/dist/api/server.js +32 -5
package/dist/cli/v4/aidenCLI.js +379 -53
package/dist/cli/v4/callbacks.js +248 -0
package/dist/cli/v4/chatSession.js +292 -4
package/dist/cli/v4/commands/_runtimeToggleHelpers.js +92 -0
package/dist/cli/v4/commands/browserDepth.js +45 -0
package/dist/cli/v4/commands/cron.js +264 -0
package/dist/cli/v4/commands/daemon.js +541 -0
package/dist/cli/v4/commands/daemonStatus.js +253 -0
package/dist/cli/v4/commands/help.js +7 -0
package/dist/cli/v4/commands/index.js +20 -1
package/dist/cli/v4/commands/runs.js +203 -0
package/dist/cli/v4/commands/sandbox.js +48 -0
package/dist/cli/v4/commands/suggestions.js +68 -0
package/dist/cli/v4/commands/tce.js +41 -0
package/dist/cli/v4/commands/trigger.js +378 -0
package/dist/cli/v4/commands/update.js +95 -3
package/dist/cli/v4/daemonAgentBuilder.js +142 -0
package/dist/cli/v4/defaultSoul.js +75 -3
package/dist/cli/v4/display/capabilityCard.js +26 -0
package/dist/cli/v4/display/progressBar.js +41 -8
package/dist/cli/v4/display.js +258 -15
package/dist/cli/v4/replyRenderer.js +31 -23
package/dist/cli/v4/toolPreview.js +10 -0
package/dist/cli/v4/updateBootPrompt.js +170 -0
package/dist/core/playwrightBridge.js +129 -0
package/dist/core/toolRegistry.js +7 -1
package/dist/core/v4/aidenAgent.js +371 -4
package/dist/core/v4/browserState.js +436 -0
package/dist/core/v4/checkpoint.js +79 -0
package/dist/core/v4/daemon/bootstrap.js +604 -0
package/dist/core/v4/daemon/cleanShutdown.js +154 -0
package/dist/core/v4/daemon/cron/cronBridge.js +126 -0
package/dist/core/v4/daemon/cron/cronEmitter.js +173 -0
package/dist/core/v4/daemon/cron/migration.js +199 -0
package/dist/core/v4/daemon/cron/misfirePolicy.js +115 -0
package/dist/core/v4/daemon/daemonConfig.js +90 -0
package/dist/core/v4/daemon/db/connection.js +106 -0
package/dist/core/v4/daemon/db/migrations.js +296 -0
package/dist/core/v4/daemon/db/schema/v1.spec.js +18 -0
package/dist/core/v4/daemon/dispatcher/agentRunner.js +98 -0
package/dist/core/v4/daemon/dispatcher/budgetGate.js +127 -0
package/dist/core/v4/daemon/dispatcher/daemonApproval.js +113 -0
package/dist/core/v4/daemon/dispatcher/dailyBudgetTracker.js +120 -0
package/dist/core/v4/daemon/dispatcher/dispatcher.js +389 -0
package/dist/core/v4/daemon/dispatcher/fireRateLimiter.js +113 -0
package/dist/core/v4/daemon/dispatcher/index.js +53 -0
package/dist/core/v4/daemon/dispatcher/promptTemplate.js +95 -0
package/dist/core/v4/daemon/dispatcher/realAgentRunner.js +356 -0
package/dist/core/v4/daemon/dispatcher/resolveModel.js +93 -0
package/dist/core/v4/daemon/dispatcher/sessionId.js +93 -0
package/dist/core/v4/daemon/drain.js +156 -0
package/dist/core/v4/daemon/eventLoopLag.js +73 -0
package/dist/core/v4/daemon/health.js +159 -0
package/dist/core/v4/daemon/idempotencyStore.js +204 -0
package/dist/core/v4/daemon/index.js +179 -0
package/dist/core/v4/daemon/instanceTracker.js +99 -0
package/dist/core/v4/daemon/resourceRegistry.js +150 -0
package/dist/core/v4/daemon/restartCode.js +32 -0
package/dist/core/v4/daemon/restartFailureCounter.js +77 -0
package/dist/core/v4/daemon/runStore.js +114 -0
package/dist/core/v4/daemon/runtimeLock.js +167 -0
package/dist/core/v4/daemon/signals.js +50 -0
package/dist/core/v4/daemon/supervisor.js +272 -0
package/dist/core/v4/daemon/triggerBus.js +279 -0
package/dist/core/v4/daemon/triggers/email/allowlist.js +70 -0
package/dist/core/v4/daemon/triggers/email/automatedSender.js +78 -0
package/dist/core/v4/daemon/triggers/email/bodyExtractor.js +0 -0
package/dist/core/v4/daemon/triggers/email/emailSeenStore.js +99 -0
package/dist/core/v4/daemon/triggers/email/emailSpec.js +107 -0
package/dist/core/v4/daemon/triggers/email/imapConnection.js +211 -0
package/dist/core/v4/daemon/triggers/email/index.js +332 -0
package/dist/core/v4/daemon/triggers/email/seenUids.js +60 -0
package/dist/core/v4/daemon/triggers/fileObservationsStore.js +93 -0
package/dist/core/v4/daemon/triggers/fileWatcher.js +253 -0
package/dist/core/v4/daemon/triggers/fileWatcherSpec.js +88 -0
package/dist/core/v4/daemon/triggers/fsIdentity.js +42 -0
package/dist/core/v4/daemon/triggers/globMatcher.js +100 -0
package/dist/core/v4/daemon/triggers/reconcile.js +206 -0
package/dist/core/v4/daemon/triggers/settleStat.js +81 -0
package/dist/core/v4/daemon/triggers/webhook.js +376 -0
package/dist/core/v4/daemon/triggers/webhookDeliveriesStore.js +109 -0
package/dist/core/v4/daemon/triggers/webhookIdempotency.js +72 -0
package/dist/core/v4/daemon/triggers/webhookRateLimit.js +56 -0
package/dist/core/v4/daemon/triggers/webhookSpec.js +76 -0
package/dist/core/v4/daemon/triggers/webhookVerifier.js +128 -0
package/dist/core/v4/daemon/types.js +15 -0
package/dist/core/v4/dockerSession.js +461 -0
package/dist/core/v4/dryRun.js +117 -0
package/dist/core/v4/failureClassifier.js +779 -0
package/dist/core/v4/loopTrace.js +257 -0
package/dist/core/v4/recoveryReport.js +449 -0
package/dist/core/v4/runtimeToggles.js +187 -0
package/dist/core/v4/sandboxConfig.js +285 -0
package/dist/core/v4/sandboxFs.js +316 -0
package/dist/core/v4/suggestionCatalog.js +41 -0
package/dist/core/v4/suggestionEngine.js +210 -0
package/dist/core/v4/toolRegistry.js +18 -0
package/dist/core/v4/turnState.js +587 -0
package/dist/core/v4/update/checkUpdate.js +63 -3
package/dist/core/v4/update/installMethodDetect.js +115 -0
package/dist/core/v4/update/registryClient.js +121 -0
package/dist/core/v4/update/skipState.js +75 -0
package/dist/core/v4/verifier.js +448 -0
package/dist/core/version.js +1 -1
package/dist/core/webSearch.js +64 -24
package/dist/tools/v4/browser/_observer.js +224 -0
package/dist/tools/v4/browser/browserBlocker.js +396 -0
package/dist/tools/v4/browser/browserClick.js +18 -1
package/dist/tools/v4/browser/browserClose.js +18 -1
package/dist/tools/v4/browser/browserExtract.js +5 -1
package/dist/tools/v4/browser/browserFill.js +17 -1
package/dist/tools/v4/browser/browserGetUrl.js +5 -1
package/dist/tools/v4/browser/browserNavigate.js +16 -1
package/dist/tools/v4/browser/browserScreenshot.js +5 -1
package/dist/tools/v4/browser/browserScroll.js +18 -1
package/dist/tools/v4/browser/browserType.js +17 -1
package/dist/tools/v4/browser/captchaCheck.js +5 -1
package/dist/tools/v4/executeCode.js +1 -0
package/dist/tools/v4/files/fileCopy.js +56 -2
package/dist/tools/v4/files/fileDelete.js +38 -1
package/dist/tools/v4/files/fileList.js +12 -1
package/dist/tools/v4/files/fileMove.js +59 -2
package/dist/tools/v4/files/filePatch.js +43 -1
package/dist/tools/v4/files/fileRead.js +12 -1
package/dist/tools/v4/files/fileWrite.js +41 -1
package/dist/tools/v4/index.js +71 -58
package/dist/tools/v4/memory/memoryAdd.js +14 -0
package/dist/tools/v4/memory/memoryRemove.js +14 -0
package/dist/tools/v4/memory/memoryReplace.js +15 -0
package/dist/tools/v4/memory/sessionSummary.js +12 -0
package/dist/tools/v4/process/processKill.js +19 -0
package/dist/tools/v4/process/processList.js +1 -0
package/dist/tools/v4/process/processLogRead.js +1 -0
package/dist/tools/v4/process/processSpawn.js +13 -0
package/dist/tools/v4/process/processWait.js +1 -0
package/dist/tools/v4/sessions/recallSession.js +1 -0
package/dist/tools/v4/sessions/sessionList.js +1 -0
package/dist/tools/v4/sessions/sessionSearch.js +1 -0
package/dist/tools/v4/skills/lookupToolSchema.js +2 -0
package/dist/tools/v4/skills/skillManage.js +13 -0
package/dist/tools/v4/skills/skillView.js +1 -0
package/dist/tools/v4/skills/skillsList.js +1 -0
package/dist/tools/v4/subagent/subagentFanout.js +1 -0
package/dist/tools/v4/system/aidenSelfUpdate.js +16 -0
package/dist/tools/v4/system/appClose.js +13 -0
package/dist/tools/v4/system/appInput.js +13 -0
package/dist/tools/v4/system/appLaunch.js +13 -0
package/dist/tools/v4/system/clipboardRead.js +1 -0
package/dist/tools/v4/system/clipboardWrite.js +14 -0
package/dist/tools/v4/system/mediaKey.js +12 -0
package/dist/tools/v4/system/mediaSessions.js +1 -0
package/dist/tools/v4/system/mediaTransport.js +13 -0
package/dist/tools/v4/system/naturalEvents.js +1 -0
package/dist/tools/v4/system/nowPlaying.js +1 -0
package/dist/tools/v4/system/osProcessList.js +1 -0
package/dist/tools/v4/system/screenshot.js +1 -0
package/dist/tools/v4/system/systemInfo.js +1 -0
package/dist/tools/v4/system/volumeSet.js +17 -0
package/dist/tools/v4/terminal/shellExec.js +81 -9
package/dist/tools/v4/web/deepResearch.js +1 -0
package/dist/tools/v4/web/openUrl.js +1 -0
package/dist/tools/v4/web/webFetch.js +1 -0
package/dist/tools/v4/web/webPage.js +1 -0
package/dist/tools/v4/web/webSearch.js +1 -0
package/dist/tools/v4/web/youtubeSearch.js +1 -0
package/package.json +7 -1
package/plugins/aiden-plugin-cdp-browser/.granted-permissions.json +8 -0

package/dist/tools/v4/system/naturalEvents.js CHANGED Viewed

@@ -40,6 +40,7 @@ exports.naturalEventsTool = {
     category: 'network',
     mutates: false,
     toolset: 'system',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const limit = typeof args.limit === 'number' && args.limit > 0
             ? Math.floor(args.limit)

package/dist/tools/v4/system/nowPlaying.js CHANGED Viewed

@@ -32,6 +32,7 @@ exports.nowPlayingTool = {
     category: 'read',
     mutates: false,
     toolset: 'system',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute() {
         try {
             const result = await (0, nowPlaying_1.getNowPlaying)();

package/dist/tools/v4/system/osProcessList.js CHANGED Viewed

@@ -62,6 +62,7 @@ exports.osProcessListTool = {
     category: 'read',
     mutates: false,
     toolset: 'system',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args, _ctx) {
         if (!(0, _psHelpers_1.isWindows)())
             return (0, _psHelpers_1.windowsOnlyError)('os_process_list');

package/dist/tools/v4/system/screenshot.js CHANGED Viewed

@@ -63,6 +63,7 @@ exports.screenshotTool = {
     category: 'read',
     mutates: false,
     toolset: 'system',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(_args, ctx) {
         if (!(0, _psHelpers_1.isWindows)())
             return (0, _psHelpers_1.windowsOnlyError)('screenshot');

package/dist/tools/v4/system/systemInfo.js CHANGED Viewed

@@ -57,6 +57,7 @@ exports.systemInfoTool = {
     category: 'read',
     mutates: false,
     toolset: 'system',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute() {
         try {
             const info = process.platform === 'win32' ? await readWindows() : readPosix();

package/dist/tools/v4/system/volumeSet.js CHANGED Viewed

@@ -123,6 +123,23 @@ exports.volumeSetTool = {
     category: 'execute',
     mutates: true,
     toolset: 'system',
+    riskTier: 'caution', // v4.4 Phase 1
+    buildPreview(args) {
+        const action = typeof args.action === 'string' ? args.action : '';
+        const percent = typeof args.percent === 'number' ? args.percent : -1;
+        return {
+            tool: 'volume_set',
+            args,
+            riskTier: 'caution',
+            sideEffects: action === 'set'
+                ? [{ type: 'volume_set', level: Math.max(0, Math.min(100, percent)) }]
+                : [{ type: 'media_control', action }],
+            detectedRisks: [],
+            summary: action === 'set'
+                ? `Would set volume to ${percent}%`
+                : `Would ${action.replace('_', ' ')}`,
+        };
+    },
     async execute(args, _ctx) {
         if (!(0, _psHelpers_1.isWindows)())
             return (0, _psHelpers_1.windowsOnlyError)('volume_set');

package/dist/tools/v4/terminal/shellExec.js CHANGED Viewed

@@ -8,17 +8,34 @@
 /**
  * tools/v4/terminal/shellExec.ts — `shell_exec` wrapper.
  *
- * Routes a shell command to either the local backend (PowerShell on
- * Windows, bash on POSIX) or the Docker backend, based on
- * `ctx.terminalBackend`. Phase 8 has no shell-injection guards —
- * Phase 9's approval engine inspects every call before it lands here.
+ * Routes a shell command to one of three backends:
+ *   - local backend  (status quo: PowerShell on Windows, bash on POSIX)
+ *   - docker single-shot backend (status quo for explicit
+ *     `ctx.terminalBackend='docker'` with AIDEN_SANDBOX=0)
+ *   - docker session backend (v4.4 Phase 3: long-lived container reuse
+ *     with hardening + resource limits when AIDEN_SANDBOX=1)
  *
- * Status: PHASE 8.
+ * Backend selection precedence:
+ *   1. Per-call override `ctx.terminalBackend` wins. When that's
+ *      `'docker'` AND AIDEN_SANDBOX is enabled, the session-backed
+ *      `dockerSessionExec` is used (reuse + hardening). When
+ *      `'docker'` AND AIDEN_SANDBOX is disabled, the legacy
+ *      single-shot `dockerBackendExecute` runs (tests rely on this).
+ *   2. No override + AIDEN_SANDBOX=1 → docker session backend.
+ *   3. No override + AIDEN_SANDBOX=0 → local (current behavior).
+ *
+ * Phase 9's approval engine still gates this tool the same way. The
+ * tool stays `riskTier: 'dangerous'` — sandbox isolation does not
+ * promote a shell command's tier; it only constrains the blast radius.
+ *
+ * Status: PHASE 8 → v4.4 Phase 3.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.shellExecTool = void 0;
 const local_1 = require("../backends/local");
 const docker_1 = require("../backends/docker");
+const dockerSession_1 = require("../../../core/v4/dockerSession");
+const sandboxConfig_1 = require("../../../core/v4/sandboxConfig");
 exports.shellExecTool = {
     schema: {
         name: 'shell_exec',
@@ -43,6 +60,41 @@ exports.shellExecTool = {
     category: 'execute',
     mutates: true,
     toolset: 'terminal',
+    riskTier: 'dangerous', // v4.4 Phase 1 — arbitrary shell command
+    // v4.4 Phase 4 — dry-run preview.
+    buildPreview(args, ctx) {
+        const command = String(args.command ?? args.cmd ?? '').trim();
+        const cwd = typeof args.cwd === 'string' ? args.cwd : ctx.cwd;
+        const config = (0, sandboxConfig_1.getSandboxConfig)();
+        const userOverride = ctx.terminalBackend;
+        const effective = userOverride ?? (config.enabled ? config.defaultBackend : 'local');
+        // Lightweight risk hints — same patterns ApprovalEngine uses
+        // in smart mode. Kept inline to avoid pulling moat/ into the
+        // tool layer.
+        const risks = [];
+        if (/\brm\s+-rf?\b/.test(command))
+            risks.push('rm -rf');
+        if (/sudo\b/.test(command))
+            risks.push('sudo');
+        if (/\bcurl\s.+\|\s*(sh|bash)/.test(command))
+            risks.push('curl|sh');
+        if (/\bwget\s.+\|\s*(sh|bash)/.test(command))
+            risks.push('wget|sh');
+        if (/\bdd\s+if=/.test(command))
+            risks.push('dd');
+        if (/:\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;\s*:/.test(command))
+            risks.push('fork bomb');
+        if (/format\s+[a-zA-Z]:/i.test(command))
+            risks.push('format');
+        return {
+            tool: 'shell_exec',
+            args,
+            riskTier: 'dangerous',
+            sideEffects: [{ type: 'shell_command', command, cwd, backend: effective }],
+            detectedRisks: risks,
+            summary: `Would run \`${command.length > 80 ? command.slice(0, 80) + '…' : command}\` via ${effective} backend in ${cwd}`,
+        };
+    },
     async execute(args, ctx) {
         const command = String(args.command ?? args.cmd ?? '').trim();
         if (!command)
@@ -56,10 +108,30 @@ exports.shellExecTool = {
                 : true,
         };
         const cb = ctx.log ? { log: ctx.log } : {};
-        const backend = ctx.terminalBackend ?? 'local';
-        const result = backend === 'docker'
-            ? await (0, docker_1.dockerBackendExecute)(shellArgs, { image: ctx.dockerImage }, cb)
-            : await (0, local_1.localBackendExecute)(shellArgs, cb);
+        // v4.4 Phase 3 — effective backend selection.
+        const config = (0, sandboxConfig_1.getSandboxConfig)();
+        const userOverride = ctx.terminalBackend;
+        const effective = userOverride ?? (config.enabled ? config.defaultBackend : 'local');
+        let result;
+        if (effective === 'docker') {
+            if (config.enabled) {
+                // Long-lived session container + hardening flags.
+                result = await (0, dockerSession_1.dockerSessionExec)({
+                    ...shellArgs,
+                    sessionId: ctx.sessionId,
+                    image: ctx.dockerImage,
+                }, cb);
+            }
+            else {
+                // Status-quo single-shot docker path (AIDEN_SANDBOX=0 +
+                // explicit ctx.terminalBackend='docker'). No reuse, no
+                // hardening — kept for backward compatibility.
+                result = await (0, docker_1.dockerBackendExecute)(shellArgs, { image: ctx.dockerImage }, cb);
+            }
+        }
+        else {
+            result = await (0, local_1.localBackendExecute)(shellArgs, cb);
+        }
         return {
             success: result.exitCode === 0,
             exitCode: result.exitCode,

package/dist/tools/v4/web/deepResearch.js CHANGED Viewed

@@ -36,6 +36,7 @@ exports.deepResearchTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const topic = String(args.topic ?? '').trim();
         if (!topic)

package/dist/tools/v4/web/openUrl.js CHANGED Viewed

@@ -76,6 +76,7 @@ exports.openUrlTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const url = String(args.url ?? '').trim();
         if (!isLaunchableUrl(url)) {

package/dist/tools/v4/web/webFetch.js CHANGED Viewed

@@ -49,6 +49,7 @@ exports.webFetchTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const url = String(args.url ?? '').trim();
         if (!url)

package/dist/tools/v4/web/webPage.js CHANGED Viewed

@@ -38,6 +38,7 @@ exports.webPageTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const url = String(args.url ?? '').trim();
         if (!url)

package/dist/tools/v4/web/webSearch.js CHANGED Viewed

@@ -35,6 +35,7 @@ exports.webSearchTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const query = String(args.query ?? '').trim();
         if (!query) {

package/dist/tools/v4/web/youtubeSearch.js CHANGED Viewed

@@ -239,6 +239,7 @@ exports.youtubeSearchTool = {
     category: 'network',
     mutates: false,
     toolset: 'web',
+    riskTier: 'safe', // v4.4 Phase 1
     async execute(args) {
         const query = String(args.query ?? '').trim();
         if (!query) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "aiden-runtime",
-  "version": "4.1.4",
+  "version": "4.5.0",
   "publishConfig": {
     "access": "public"
   },
@@ -242,6 +242,7 @@
     "better-sqlite3": "^12.9.0",
     "blessed": "^0.1.81",
     "chalk": "^5.6.2",
+    "chokidar": "^4.0.3",
     "chrome-remote-interface": "^0.34.0",
     "commander": "^5.1.0",
     "cors": "^2.8.5",
@@ -257,6 +258,7 @@
     "js-tiktoken": "^1.0.21",
     "js-yaml": "^4.1.1",
     "kleur": "^4.1.5",
+    "mailparser": "^3.9.8",
     "marked": "^15.0.12",
     "marked-terminal": "^7.3.0",
     "multer": "^2.1.1",
@@ -296,13 +298,16 @@
     "@types/better-sqlite3": "^7.6.13",
     "@types/blessed": "^0.1.27",
     "@types/dockerode": "^4.0.1",
+    "@types/imap-simple": "^4.2.10",
     "@types/js-yaml": "^4.0.9",
+    "@types/mailparser": "^3.4.6",
     "@types/multer": "^2.0.0",
     "@types/node": "^25.3.0",
     "@types/node-telegram-bot-api": "0.64.14",
     "@types/nodemailer": "^7.0.11",
     "@types/pdf-parse": "^1.1.4",
     "@types/qrcode-terminal": "^0.12.2",
+    "@types/supertest": "^7.2.0",
     "@types/tar-stream": "^3.1.4",
     "@types/uuid": "^9.0.0",
     "@vitest/ui": "^4.1.5",
@@ -310,6 +315,7 @@
     "electron-builder": "^26.8.1",
     "esbuild": "^0.28.0",
     "javascript-obfuscator": "^5.4.1",
+    "supertest": "^7.2.2",
     "ts-node": "^10.9.2",
     "typescript": "^5.9.3",
     "vitest": "^4.1.5"

package/plugins/aiden-plugin-cdp-browser/.granted-permissions.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "version": 1,
+  "granted": [
+    "browser",
+    "subprocess",
+    "network"
+  ]
+}