npm - aiden-runtime - Versions diffs - 4.1.5 → 4.5.0 - Mend

aiden-runtime 4.1.5 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (163) hide show

package/README.md +250 -847
package/dist/api/server.js +32 -5
package/dist/cli/v4/aidenCLI.js +351 -53
package/dist/cli/v4/callbacks.js +170 -0
package/dist/cli/v4/chatSession.js +138 -3
package/dist/cli/v4/commands/_runtimeToggleHelpers.js +92 -0
package/dist/cli/v4/commands/browserDepth.js +45 -0
package/dist/cli/v4/commands/cron.js +264 -0
package/dist/cli/v4/commands/daemon.js +541 -0
package/dist/cli/v4/commands/daemonStatus.js +253 -0
package/dist/cli/v4/commands/help.js +7 -0
package/dist/cli/v4/commands/index.js +20 -1
package/dist/cli/v4/commands/runs.js +203 -0
package/dist/cli/v4/commands/sandbox.js +48 -0
package/dist/cli/v4/commands/suggestions.js +68 -0
package/dist/cli/v4/commands/tce.js +41 -0
package/dist/cli/v4/commands/trigger.js +378 -0
package/dist/cli/v4/commands/update.js +95 -3
package/dist/cli/v4/daemonAgentBuilder.js +142 -0
package/dist/cli/v4/defaultSoul.js +1 -1
package/dist/cli/v4/display/capabilityCard.js +26 -0
package/dist/cli/v4/display.js +18 -8
package/dist/cli/v4/replyRenderer.js +31 -23
package/dist/cli/v4/updateBootPrompt.js +170 -0
package/dist/core/playwrightBridge.js +129 -0
package/dist/core/v4/aidenAgent.js +308 -4
package/dist/core/v4/browserState.js +436 -0
package/dist/core/v4/checkpoint.js +79 -0
package/dist/core/v4/daemon/bootstrap.js +604 -0
package/dist/core/v4/daemon/cleanShutdown.js +154 -0
package/dist/core/v4/daemon/cron/cronBridge.js +126 -0
package/dist/core/v4/daemon/cron/cronEmitter.js +173 -0
package/dist/core/v4/daemon/cron/migration.js +199 -0
package/dist/core/v4/daemon/cron/misfirePolicy.js +115 -0
package/dist/core/v4/daemon/daemonConfig.js +90 -0
package/dist/core/v4/daemon/db/connection.js +106 -0
package/dist/core/v4/daemon/db/migrations.js +296 -0
package/dist/core/v4/daemon/db/schema/v1.spec.js +18 -0
package/dist/core/v4/daemon/dispatcher/agentRunner.js +98 -0
package/dist/core/v4/daemon/dispatcher/budgetGate.js +127 -0
package/dist/core/v4/daemon/dispatcher/daemonApproval.js +113 -0
package/dist/core/v4/daemon/dispatcher/dailyBudgetTracker.js +120 -0
package/dist/core/v4/daemon/dispatcher/dispatcher.js +389 -0
package/dist/core/v4/daemon/dispatcher/fireRateLimiter.js +113 -0
package/dist/core/v4/daemon/dispatcher/index.js +53 -0
package/dist/core/v4/daemon/dispatcher/promptTemplate.js +95 -0
package/dist/core/v4/daemon/dispatcher/realAgentRunner.js +356 -0
package/dist/core/v4/daemon/dispatcher/resolveModel.js +93 -0
package/dist/core/v4/daemon/dispatcher/sessionId.js +93 -0
package/dist/core/v4/daemon/drain.js +156 -0
package/dist/core/v4/daemon/eventLoopLag.js +73 -0
package/dist/core/v4/daemon/health.js +159 -0
package/dist/core/v4/daemon/idempotencyStore.js +204 -0
package/dist/core/v4/daemon/index.js +179 -0
package/dist/core/v4/daemon/instanceTracker.js +99 -0
package/dist/core/v4/daemon/resourceRegistry.js +150 -0
package/dist/core/v4/daemon/restartCode.js +32 -0
package/dist/core/v4/daemon/restartFailureCounter.js +77 -0
package/dist/core/v4/daemon/runStore.js +114 -0
package/dist/core/v4/daemon/runtimeLock.js +167 -0
package/dist/core/v4/daemon/signals.js +50 -0
package/dist/core/v4/daemon/supervisor.js +272 -0
package/dist/core/v4/daemon/triggerBus.js +279 -0
package/dist/core/v4/daemon/triggers/email/allowlist.js +70 -0
package/dist/core/v4/daemon/triggers/email/automatedSender.js +78 -0
package/dist/core/v4/daemon/triggers/email/bodyExtractor.js +0 -0
package/dist/core/v4/daemon/triggers/email/emailSeenStore.js +99 -0
package/dist/core/v4/daemon/triggers/email/emailSpec.js +107 -0
package/dist/core/v4/daemon/triggers/email/imapConnection.js +211 -0
package/dist/core/v4/daemon/triggers/email/index.js +332 -0
package/dist/core/v4/daemon/triggers/email/seenUids.js +60 -0
package/dist/core/v4/daemon/triggers/fileObservationsStore.js +93 -0
package/dist/core/v4/daemon/triggers/fileWatcher.js +253 -0
package/dist/core/v4/daemon/triggers/fileWatcherSpec.js +88 -0
package/dist/core/v4/daemon/triggers/fsIdentity.js +42 -0
package/dist/core/v4/daemon/triggers/globMatcher.js +100 -0
package/dist/core/v4/daemon/triggers/reconcile.js +206 -0
package/dist/core/v4/daemon/triggers/settleStat.js +81 -0
package/dist/core/v4/daemon/triggers/webhook.js +376 -0
package/dist/core/v4/daemon/triggers/webhookDeliveriesStore.js +109 -0
package/dist/core/v4/daemon/triggers/webhookIdempotency.js +72 -0
package/dist/core/v4/daemon/triggers/webhookRateLimit.js +56 -0
package/dist/core/v4/daemon/triggers/webhookSpec.js +76 -0
package/dist/core/v4/daemon/triggers/webhookVerifier.js +128 -0
package/dist/core/v4/daemon/types.js +15 -0
package/dist/core/v4/dockerSession.js +461 -0
package/dist/core/v4/dryRun.js +117 -0
package/dist/core/v4/failureClassifier.js +779 -0
package/dist/core/v4/recoveryReport.js +449 -0
package/dist/core/v4/runtimeToggles.js +187 -0
package/dist/core/v4/sandboxConfig.js +285 -0
package/dist/core/v4/sandboxFs.js +316 -0
package/dist/core/v4/suggestionCatalog.js +41 -0
package/dist/core/v4/suggestionEngine.js +210 -0
package/dist/core/v4/toolRegistry.js +18 -0
package/dist/core/v4/turnState.js +587 -0
package/dist/core/v4/update/checkUpdate.js +63 -3
package/dist/core/v4/update/installMethodDetect.js +115 -0
package/dist/core/v4/update/registryClient.js +121 -0
package/dist/core/v4/update/skipState.js +75 -0
package/dist/core/v4/verifier.js +448 -0
package/dist/core/version.js +1 -1
package/dist/tools/v4/browser/_observer.js +224 -0
package/dist/tools/v4/browser/browserBlocker.js +396 -0
package/dist/tools/v4/browser/browserClick.js +18 -1
package/dist/tools/v4/browser/browserClose.js +18 -1
package/dist/tools/v4/browser/browserExtract.js +5 -1
package/dist/tools/v4/browser/browserFill.js +17 -1
package/dist/tools/v4/browser/browserGetUrl.js +5 -1
package/dist/tools/v4/browser/browserNavigate.js +16 -1
package/dist/tools/v4/browser/browserScreenshot.js +5 -1
package/dist/tools/v4/browser/browserScroll.js +18 -1
package/dist/tools/v4/browser/browserType.js +17 -1
package/dist/tools/v4/browser/captchaCheck.js +5 -1
package/dist/tools/v4/executeCode.js +1 -0
package/dist/tools/v4/files/fileCopy.js +56 -2
package/dist/tools/v4/files/fileDelete.js +38 -1
package/dist/tools/v4/files/fileList.js +12 -1
package/dist/tools/v4/files/fileMove.js +59 -2
package/dist/tools/v4/files/filePatch.js +43 -1
package/dist/tools/v4/files/fileRead.js +12 -1
package/dist/tools/v4/files/fileWrite.js +41 -1
package/dist/tools/v4/index.js +71 -58
package/dist/tools/v4/memory/memoryAdd.js +14 -0
package/dist/tools/v4/memory/memoryRemove.js +14 -0
package/dist/tools/v4/memory/memoryReplace.js +15 -0
package/dist/tools/v4/memory/sessionSummary.js +12 -0
package/dist/tools/v4/process/processKill.js +19 -0
package/dist/tools/v4/process/processList.js +1 -0
package/dist/tools/v4/process/processLogRead.js +1 -0
package/dist/tools/v4/process/processSpawn.js +13 -0
package/dist/tools/v4/process/processWait.js +1 -0
package/dist/tools/v4/sessions/recallSession.js +1 -0
package/dist/tools/v4/sessions/sessionList.js +1 -0
package/dist/tools/v4/sessions/sessionSearch.js +1 -0
package/dist/tools/v4/skills/lookupToolSchema.js +2 -0
package/dist/tools/v4/skills/skillManage.js +13 -0
package/dist/tools/v4/skills/skillView.js +1 -0
package/dist/tools/v4/skills/skillsList.js +1 -0
package/dist/tools/v4/subagent/subagentFanout.js +1 -0
package/dist/tools/v4/system/aidenSelfUpdate.js +16 -0
package/dist/tools/v4/system/appClose.js +13 -0
package/dist/tools/v4/system/appInput.js +13 -0
package/dist/tools/v4/system/appLaunch.js +13 -0
package/dist/tools/v4/system/clipboardRead.js +1 -0
package/dist/tools/v4/system/clipboardWrite.js +14 -0
package/dist/tools/v4/system/mediaKey.js +12 -0
package/dist/tools/v4/system/mediaSessions.js +1 -0
package/dist/tools/v4/system/mediaTransport.js +13 -0
package/dist/tools/v4/system/naturalEvents.js +1 -0
package/dist/tools/v4/system/nowPlaying.js +1 -0
package/dist/tools/v4/system/osProcessList.js +1 -0
package/dist/tools/v4/system/screenshot.js +1 -0
package/dist/tools/v4/system/systemInfo.js +1 -0
package/dist/tools/v4/system/volumeSet.js +17 -0
package/dist/tools/v4/terminal/shellExec.js +81 -9
package/dist/tools/v4/web/deepResearch.js +1 -0
package/dist/tools/v4/web/openUrl.js +1 -0
package/dist/tools/v4/web/webFetch.js +1 -0
package/dist/tools/v4/web/webPage.js +1 -0
package/dist/tools/v4/web/webSearch.js +1 -0
package/dist/tools/v4/web/youtubeSearch.js +1 -0
package/package.json +7 -1

package/dist/core/v4/daemon/triggers/settleStat.js ADDED Viewed

@@ -0,0 +1,81 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/daemon/triggers/settleStat.ts — v4.5 Phase 2.
+ *
+ * Stable-stat helper. Watches a path's size+mtime over time and
+ * returns once two consecutive stats agree (or maxSettleMs elapses).
+ *
+ * Second layer on top of chokidar's `awaitWriteFinish`. The two
+ * cover different editor patterns:
+ *   - awaitWriteFinish handles "write then flush" streams
+ *   - settleStat handles the rapid-rename pattern many editors
+ *     use (write to <name>.swp, fsync, rename onto <name>) —
+ *     chokidar emits unlink+add in rapid succession; our debounce
+ *     window plus a final settle gives one stable snapshot.
+ *
+ * Returns the FINAL stat. Returns null when the path doesn't exist
+ * at the final read (file deleted during settle — caller decides).
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.settleStat = settleStat;
+const node_fs_1 = __importDefault(require("node:fs"));
+function defaultStat(p) {
+    try {
+        const s = node_fs_1.default.statSync(p);
+        return { size: s.size, mtimeMs: s.mtimeMs };
+    }
+    catch {
+        return null;
+    }
+}
+function defaultSleep(ms) {
+    return new Promise((r) => {
+        const t = setTimeout(r, ms);
+        if (typeof t.unref === 'function')
+            t.unref();
+    });
+}
+/**
+ * Stat repeatedly until two adjacent reads agree on size+mtime, OR
+ * until `maxSettleMs` has elapsed. Returns the stable stat (or the
+ * last non-null read if we timed out).
+ *
+ * Returns null when the path doesn't exist at all (caller can treat
+ * as deleted-mid-settle).
+ */
+async function settleStat(absPath, opts) {
+    const stat = opts.stat ?? defaultStat;
+    const sleep = opts.sleep ?? defaultSleep;
+    const interval = Math.max(10, opts.intervalMs);
+    const deadline = Date.now() + Math.max(interval * 2, opts.maxSettleMs);
+    let prev = stat(absPath);
+    if (prev === null)
+        return null;
+    // Loop: sleep, re-stat, compare to previous.
+    while (Date.now() < deadline) {
+        await sleep(interval);
+        const cur = stat(absPath);
+        if (cur === null) {
+            // Disappeared mid-settle. Caller decides — most likely an
+            // unlink event will follow.
+            return null;
+        }
+        if (cur.size === prev.size && cur.mtimeMs === prev.mtimeMs) {
+            return cur;
+        }
+        prev = cur;
+    }
+    // Timed out without two-in-a-row agreement. Return the last read
+    // so the caller still has something to record. The agent loop
+    // tolerates this (file may be a never-stable log file etc.).
+    return prev;
+}

package/dist/core/v4/daemon/triggers/webhook.js ADDED Viewed

@@ -0,0 +1,376 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/daemon/triggers/webhook.ts — v4.5 Phase 3.
+ *
+ * Mounts POST /api/triggers/webhook/:id onto the daemon's Express
+ * app. Single dispatch endpoint handles every registered webhook
+ * trigger — route looked up by :id at request time.
+ *
+ * Ordering invariant (every request, every route):
+ *
+ *   1. Route lookup    → 404 if unknown, 503 if disabled
+ *   2. Content-Length  → 413 if > spec.maxBodyBytes
+ *      (express.raw enforces a global cap via `limit`)
+ *   3. Body read
+ *   4. HMAC verify     → 401 if bad
+ *   5. Event filter    → 204 No Content if event-name excluded
+ *   6. Rate limit      → 429 if over cap (POST-auth so attackers
+ *                        can't burn quota)
+ *   7. Idempotency     → 200 with cached body if duplicate
+ *   8. trigger_events insert → 202 Accepted
+ *   9. webhook_deliveries row logged
+ *  10. Idempotency cache populated with cached response
+ *
+ * Per-route stats are recorded in-memory and surfaced via
+ * GET /api/triggers/webhook/:id/stats (Phase 3 ships this minimal
+ * diagnostic; Phase 6 adds richer surface).
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.mountWebhookRoutes = mountWebhookRoutes;
+exports.assertSafeBind = assertSafeBind;
+const express_1 = __importDefault(require("express"));
+const node_crypto_1 = __importDefault(require("node:crypto"));
+const webhookSpec_1 = require("./webhookSpec");
+const webhookVerifier_1 = require("./webhookVerifier");
+const webhookRateLimit_1 = require("./webhookRateLimit");
+const webhookIdempotency_1 = require("./webhookIdempotency");
+const webhookDeliveriesStore_1 = require("./webhookDeliveriesStore");
+const initialStats = () => ({
+    totalRequests: 0,
+    accepted: 0,
+    rejectedAuth: 0,
+    rejectedRate: 0,
+    rejectedSize: 0,
+    rejectedFilter: 0,
+    duplicates: 0,
+    triggerEventsEmitted: 0,
+    lastError: null,
+});
+const noopLog = (_l, _m) => undefined;
+function mountWebhookRoutes(opts) {
+    const log = opts.log ?? noopLog;
+    const rateLimiter = (0, webhookRateLimit_1.createRateLimiter)();
+    const deliveries = (0, webhookDeliveriesStore_1.createWebhookDeliveriesStore)({ db: opts.db });
+    const statsByRoute = new Map();
+    let shuttingDown = false;
+    // Register as a global resource so shutdown drain can reach us.
+    const resourceId = opts.resourceRegistry.register({
+        kind: 'webhook_server',
+        owner: 'global',
+        close: async () => { shuttingDown = true; },
+    });
+    void resourceId;
+    // express.raw — give us the raw bytes so we can compute the HMAC.
+    // `limit` is the global guard; per-route maxBodyBytes is the
+    // primary check (we check after parsing the route).
+    const globalLimit = opts.globalMaxBodyBytes ?? 1048576;
+    const rawParser = express_1.default.raw({ type: '*/*', limit: globalLimit });
+    opts.app.post('/api/triggers/webhook/:id', rawParser, (req, res) => {
+        void handleWebhookRequest({
+            req, res, opts, log, rateLimiter, deliveries,
+            statsByRoute, shuttingDown,
+        });
+    });
+    // GET /stats — per-route diagnostic.
+    opts.app.get('/api/triggers/webhook/:id/stats', (req, res) => {
+        const routeId = String(req.params.id);
+        const s = statsByRoute.get(routeId);
+        if (!s) {
+            res.status(404).json({ error: 'unknown route or no traffic yet' });
+            return;
+        }
+        res.status(200).json(s);
+    });
+    return {
+        getStats(routeId) {
+            return statsByRoute.get(routeId) ?? null;
+        },
+        listRoutes() {
+            return [...statsByRoute.keys()];
+        },
+        shutdown() {
+            shuttingDown = true;
+            return Promise.resolve();
+        },
+        sweepDeliveries(retentionDays) {
+            return deliveries.sweep(retentionDays);
+        },
+    };
+}
+async function handleWebhookRequest(ctx) {
+    const { req, res, opts, log, rateLimiter, deliveries, statsByRoute, shuttingDown } = ctx;
+    const routeId = String(req.params.id);
+    const stats = (() => {
+        let s = statsByRoute.get(routeId);
+        if (!s) {
+            s = initialStats();
+            statsByRoute.set(routeId, s);
+        }
+        return s;
+    })();
+    stats.totalRequests += 1;
+    if (shuttingDown) {
+        res.status(503).json({ error: 'daemon shutting down' });
+        return;
+    }
+    // Step 1: load spec from DB.
+    const spec = loadSpec(opts.db, routeId);
+    if (!spec) {
+        res.status(404).json({ error: 'unknown route' });
+        return;
+    }
+    if (!spec.enabled) {
+        res.status(503).json({ error: 'route disabled' });
+        return;
+    }
+    const clientIp = typeof req.ip === 'string'
+        ? req.ip
+        : (typeof req.socket?.remoteAddress === 'string' ? req.socket.remoteAddress : null);
+    const bodyBuf = Buffer.isBuffer(req.body) ? req.body : Buffer.from('');
+    const bodyHash = node_crypto_1.default.createHash('sha256').update(bodyBuf).digest('hex');
+    // Step 2: per-route size cap.
+    if (bodyBuf.length > spec.spec.maxBodyBytes) {
+        stats.rejectedSize += 1;
+        const responseBody = JSON.stringify({ error: 'payload too large' });
+        res.status(413).type('application/json').send(responseBody);
+        deliveries.record({
+            routeId, deliveryId: null, signatureVerified: false,
+            statusCode: 413, responseBody, clientIp,
+            headers: req.headers,
+            bodyHash, triggerEventId: null,
+        });
+        return;
+    }
+    // Step 3: HMAC verify.
+    const verified = (0, webhookVerifier_1.verifyWebhookSignature)({
+        format: spec.spec.hmacFormat,
+        secret: spec.spec.secret,
+        body: bodyBuf,
+        headers: req.headers,
+    });
+    if (!verified) {
+        stats.rejectedAuth += 1;
+        const responseBody = JSON.stringify({ error: 'invalid signature' });
+        res.status(401).type('application/json').send(responseBody);
+        deliveries.record({
+            routeId, deliveryId: null, signatureVerified: false,
+            statusCode: 401, responseBody, clientIp,
+            headers: req.headers,
+            bodyHash, triggerEventId: null,
+        });
+        return;
+    }
+    // Step 4: event filter.
+    if (spec.spec.allowedEvents && spec.spec.allowedEvents.length > 0) {
+        const ev = (0, webhookVerifier_1.deriveEventName)(spec.spec.hmacFormat, req.headers);
+        if (!spec.spec.allowedEvents.includes(ev)) {
+            stats.rejectedFilter += 1;
+            res.status(204).end();
+            return;
+        }
+    }
+    // Step 5: rate limit (POST-auth).
+    if (!rateLimiter.allow(routeId, spec.spec.rateLimit.perMinute)) {
+        stats.rejectedRate += 1;
+        const responseBody = JSON.stringify({ error: 'rate limit exceeded' });
+        res.status(429).type('application/json').send(responseBody);
+        deliveries.record({
+            routeId, deliveryId: null, signatureVerified: true,
+            statusCode: 429, responseBody, clientIp,
+            headers: req.headers,
+            bodyHash, triggerEventId: null,
+        });
+        return;
+    }
+    // Step 6: idempotency check.
+    const idemKey = (0, webhookIdempotency_1.deriveIdempotencyKey)(routeId, spec.spec.hmacFormat, bodyBuf, req.headers);
+    const cached = opts.idempotencyStore.get('webhook', idemKey);
+    if (cached) {
+        stats.duplicates += 1;
+        // v4.5 Phase 6 — idempotency-replay cosmetic fix.
+        // The cached body was stamped with `deduplicated: false` on the
+        // first (successful) accept. Re-issuing it verbatim on a replay
+        // made every retried delivery look like a brand-new accept,
+        // which confused operators investigating duplicate POSTs. Inject
+        // `deduplicated: true` dynamically here so retries report the
+        // truth without a schema change.
+        let replayBody = cached.responseJson;
+        try {
+            const parsed = JSON.parse(cached.responseJson);
+            parsed.deduplicated = true;
+            replayBody = JSON.stringify(parsed);
+        }
+        catch { /* malformed cache entry — fall back to verbatim */ }
+        res.status(cached.statusCode).type('application/json').send(replayBody);
+        // Log the replay in webhook_deliveries with the corrected body so
+        // forensic search ("show me all deduped replays") works.
+        try {
+            deliveries.record({
+                routeId,
+                deliveryId: spec.spec.hmacFormat === 'github'
+                    ? (pickHeaderStr(req.headers, 'x-github-delivery') ?? null)
+                    : null,
+                signatureVerified: true,
+                statusCode: cached.statusCode,
+                responseBody: replayBody,
+                clientIp,
+                headers: req.headers,
+                bodyHash,
+                triggerEventId: null,
+            });
+        }
+        catch { /* never let delivery logging crash the replay path */ }
+        return;
+    }
+    // Step 7: insert trigger_event + record delivery.
+    try {
+        let payload;
+        try {
+            payload = JSON.parse(bodyBuf.toString('utf-8'));
+        }
+        catch {
+            payload = { _raw: bodyBuf.toString('base64'), _format: 'base64' };
+        }
+        const event = (0, webhookVerifier_1.deriveEventName)(spec.spec.hmacFormat, req.headers);
+        const deliveryMode = spec.spec.deliverOnly ? 'deliver_only' : 'agent';
+        const inserted = opts.triggerBus.insert({
+            source: 'webhook',
+            sourceKey: routeId,
+            idempotencyKey: idemKey,
+            payload: {
+                headers: selectHeadersForPayload(req.headers),
+                event,
+                body: payload,
+                deliveryMode,
+            },
+        });
+        stats.triggerEventsEmitted += 1;
+        stats.accepted += 1;
+        const responseBody = JSON.stringify({
+            status: 'accepted',
+            event_id: inserted.id,
+            deduplicated: !inserted.inserted,
+            deliveryMode,
+        });
+        res.status(202).type('application/json').send(responseBody);
+        // Cache the response for retries within the idempotency TTL.
+        opts.idempotencyStore.set('webhook', idemKey, null, { responseJson: responseBody, statusCode: 202 }, spec.spec.idempotencyTtlMs);
+        deliveries.record({
+            routeId,
+            deliveryId: spec.spec.hmacFormat === 'github'
+                ? (pickHeaderStr(req.headers, 'x-github-delivery') ?? null)
+                : null,
+            signatureVerified: true,
+            statusCode: 202,
+            responseBody,
+            clientIp,
+            headers: req.headers,
+            bodyHash,
+            triggerEventId: inserted.id,
+        });
+        if (spec.spec.deliverOnly) {
+            log('info', `[webhook] deliver_only stub for ${routeId} — Phase 5 will dispatch via channel target`);
+        }
+    }
+    catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        stats.lastError = msg;
+        log('error', `[webhook] handler error for ${routeId}: ${msg}`);
+        const responseBody = JSON.stringify({ error: 'internal error' });
+        res.status(500).type('application/json').send(responseBody);
+    }
+}
+function loadSpec(db, routeId) {
+    const row = db
+        .prepare(`SELECT enabled, spec_json FROM triggers WHERE id = ? AND source = 'webhook'`)
+        .get(routeId);
+    if (!row)
+        return null;
+    try {
+        const spec = (0, webhookSpec_1.parseWebhookSpec)(row.spec_json);
+        return { enabled: row.enabled === 1, spec };
+    }
+    catch {
+        return null;
+    }
+}
+function selectHeadersForPayload(headers) {
+    // Same selective subset as the deliveries store, plus event names
+    // so the agent payload includes what triggered it.
+    const out = {};
+    const want = new Set([
+        'content-type', 'user-agent',
+        'x-github-event', 'x-github-delivery',
+        'x-gitlab-event',
+        'x-webhook-event',
+        'x-request-id',
+        'x-forwarded-for',
+    ]);
+    for (const [k, v] of Object.entries(headers)) {
+        const lk = k.toLowerCase();
+        if (!want.has(lk))
+            continue;
+        const value = Array.isArray(v) ? v[0] : v;
+        if (typeof value === 'string')
+            out[lk] = value;
+    }
+    return out;
+}
+function pickHeaderStr(headers, name) {
+    const v = headers[name.toLowerCase()];
+    if (Array.isArray(v))
+        return v[0] ?? null;
+    if (typeof v === 'string')
+        return v;
+    return null;
+}
+/**
+ * Public-bind guard — refuses to start a daemon bound to a non-
+ * loopback address when (a) any registered webhook route uses the
+ * INSECURE_NO_AUTH sentinel OR (b) AIDEN_API_KEY is unset.
+ *
+ * Called from bootstrap BEFORE the HTTP listener binds.
+ */
+function assertSafeBind(opts) {
+    if (opts.bindHost === '127.0.0.1' || opts.bindHost === 'localhost' || opts.bindHost === '::1') {
+        return;
+    }
+    if (!opts.apiKeyConfigured) {
+        const msg = `[daemon] AIDEN_DAEMON_BIND=${opts.bindHost} requires AIDEN_API_KEY to be set. ` +
+            `Refusing to start — public bind without a bearer token would expose ` +
+            `/api/chat, /v1/*, and /api/scheduler/* unauthenticated. ` +
+            `Set AIDEN_API_KEY or revert to AIDEN_DAEMON_BIND=127.0.0.1.`;
+        opts.log('error', msg);
+        throw new Error(msg);
+    }
+    // Look up any INSECURE_NO_AUTH webhook routes — REFUSE.
+    const rows = opts.db
+        .prepare(`SELECT id, name, spec_json FROM triggers WHERE source = 'webhook' AND enabled = 1`)
+        .all();
+    for (const r of rows) {
+        try {
+            const spec = (0, webhookSpec_1.parseWebhookSpec)(r.spec_json);
+            if (spec.secret === webhookSpec_1.INSECURE_NO_AUTH) {
+                const msg = `[daemon] webhook route '${r.name}' (${r.id}) uses the INSECURE_NO_AUTH ` +
+                    `sentinel which is only valid on loopback. Daemon is bound to ` +
+                    `${opts.bindHost}; refusing to start. Disable the route or set a real secret.`;
+                opts.log('error', msg);
+                throw new Error(msg);
+            }
+        }
+        catch (e) {
+            if (e instanceof Error && e.message.includes('INSECURE_NO_AUTH'))
+                throw e;
+            // Bad spec — let the request-time loadSpec handle it.
+        }
+    }
+}

package/dist/core/v4/daemon/triggers/webhookDeliveriesStore.js ADDED Viewed

@@ -0,0 +1,109 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/daemon/triggers/webhookDeliveriesStore.ts — v4.5 Phase 3.
+ *
+ * Writer for the `webhook_deliveries` table. Every POST gets a row
+ * (verified or not) so operators have a forensic trail.
+ *
+ * Retention: AIDEN_DAEMON_WEBHOOK_RETENTION_DAYS env var (default 7).
+ * Sweep runs on boot + every 24h.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createWebhookDeliveriesStore = createWebhookDeliveriesStore;
+function rowToTs(r) {
+    return {
+        id: r.id,
+        routeId: r.route_id,
+        deliveryId: r.delivery_id,
+        signatureVerified: r.signature_verified === 1,
+        statusCode: r.status_code,
+        responseBody: r.response_body,
+        clientIp: r.client_ip,
+        headersJson: r.headers_json,
+        bodyHash: r.body_hash,
+        receivedAt: r.received_at,
+        processedAt: r.processed_at,
+        triggerEventId: r.trigger_event_id,
+    };
+}
+const FORENSIC_HEADER_NAMES = new Set([
+    'content-type',
+    'content-length',
+    'user-agent',
+    'x-github-event',
+    'x-github-delivery',
+    'x-gitlab-event',
+    'x-gitlab-token', // present-flag only — VALUE redacted below
+    'x-hub-signature-256', // present-flag only — VALUE redacted below
+    'x-webhook-signature', // present-flag only — VALUE redacted below
+    'x-webhook-event',
+    'x-request-id',
+    'x-forwarded-for',
+]);
+const REDACT_HEADERS = new Set([
+    'x-gitlab-token',
+    'x-hub-signature-256',
+    'x-webhook-signature',
+    'authorization',
+    'cookie',
+]);
+function selectHeaders(headers) {
+    const out = {};
+    for (const [k, v] of Object.entries(headers)) {
+        const lk = k.toLowerCase();
+        if (!FORENSIC_HEADER_NAMES.has(lk))
+            continue;
+        const value = Array.isArray(v) ? v[0] : v;
+        if (typeof value !== 'string')
+            continue;
+        out[lk] = REDACT_HEADERS.has(lk) ? '<redacted>' : value;
+    }
+    return out;
+}
+function createWebhookDeliveriesStore(opts) {
+    const db = opts.db;
+    return {
+        record(input) {
+            const now = Date.now();
+            const headersJson = JSON.stringify(selectHeaders(input.headers));
+            // Truncate response body for forensic storage (1 KB cap).
+            const responseBody = input.responseBody != null
+                ? input.responseBody.length > 1024 ? input.responseBody.slice(0, 1024) + '…' : input.responseBody
+                : null;
+            const r = db
+                .prepare(`INSERT INTO webhook_deliveries
+             (route_id, delivery_id, signature_verified, status_code,
+              response_body, client_ip, headers_json, body_hash,
+              received_at, processed_at, trigger_event_id)
+           VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`)
+                .run(input.routeId, input.deliveryId, input.signatureVerified ? 1 : 0, input.statusCode, responseBody, input.clientIp, headersJson, input.bodyHash, now, now, input.triggerEventId);
+            return Number(r.lastInsertRowid);
+        },
+        list(routeId, limit = 100) {
+            const rows = db
+                .prepare(`SELECT * FROM webhook_deliveries WHERE route_id = ?
+            ORDER BY received_at DESC LIMIT ?`)
+                .all(routeId, limit);
+            return rows.map(rowToTs);
+        },
+        sweep(retentionDays, now) {
+            const cutoff = (now ?? Date.now()) - retentionDays * 24 * 60 * 60 * 1000;
+            const r = db
+                .prepare(`DELETE FROM webhook_deliveries WHERE received_at < ?`)
+                .run(cutoff);
+            return { deleted: r.changes };
+        },
+        countForRoute(routeId) {
+            const r = db
+                .prepare(`SELECT COUNT(*) AS c FROM webhook_deliveries WHERE route_id = ?`)
+                .get(routeId);
+            return r.c;
+        },
+    };
+}

package/dist/core/v4/daemon/triggers/webhookIdempotency.js ADDED Viewed

@@ -0,0 +1,72 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/daemon/triggers/webhookIdempotency.ts — v4.5 Phase 3.
+ *
+ * Key derivation for the L1/L2 idempotency cache. Phase 1's
+ * `idempotencyStore` does the actual caching; this module just
+ * computes the key per format.
+ *
+ * Priority order:
+ *   github  → X-GitHub-Delivery header
+ *   gitlab  → X-Gitlab-Event + X-Request-Id (or X-Gitlab-Event alone)
+ *   any     → X-Request-Id
+ *   fallback→ sha256(routeId + body + 5_000ms_bucket) — defeats burst
+ *             retries while still letting deliberate re-posts through
+ *             a few seconds apart
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deriveIdempotencyKey = deriveIdempotencyKey;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+function deriveIdempotencyKey(routeId, format, body, headers, now) {
+    if (format === 'github') {
+        const id = pickHeader(headers, 'x-github-delivery');
+        if (id)
+            return `gh:${id}`;
+    }
+    if (format === 'gitlab') {
+        const event = pickHeader(headers, 'x-gitlab-event');
+        const reqId = pickHeader(headers, 'x-request-id');
+        if (event && reqId)
+            return `gl:${event}:${reqId}`;
+        if (event)
+            return `gl:${event}:${shortHash(routeId, body, now)}`;
+    }
+    const reqId = pickHeader(headers, 'x-request-id');
+    if (reqId)
+        return `gen:${reqId}`;
+    return `sha:${shortHash(routeId, body, now)}`;
+}
+function shortHash(routeId, body, now) {
+    const bucket = Math.floor((now ?? Date.now()) / 5000);
+    const h = node_crypto_1.default.createHash('sha256');
+    h.update(routeId);
+    h.update('|');
+    h.update(body);
+    h.update('|');
+    h.update(String(bucket));
+    return h.digest('hex').slice(0, 32);
+}
+function pickHeader(headers, name) {
+    const k = name.toLowerCase();
+    // Express middleware lowercases header keys, but unit tests + ad-hoc
+    // callers may pass mixed-case. Scan with a lowercase compare.
+    for (const [hk, v] of Object.entries(headers)) {
+        if (hk.toLowerCase() !== k)
+            continue;
+        if (Array.isArray(v))
+            return v[0] ?? null;
+        if (typeof v === 'string')
+            return v;
+        return null;
+    }
+    return null;
+}

package/dist/core/v4/daemon/triggers/webhookRateLimit.js ADDED Viewed

@@ -0,0 +1,56 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/daemon/triggers/webhookRateLimit.ts — v4.5 Phase 3.
+ *
+ * Per-route fixed-window rate limiter. In-memory only — daemon
+ * restart resets the counters (acceptable).
+ *
+ * Window: 60 seconds. Per-route cap configured by spec.rateLimit.perMinute.
+ *
+ * Critical ordering: called AFTER HMAC verification so an
+ * unauthenticated attacker cannot burn the legitimate quota with
+ * bad-signature spam.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRateLimiter = createRateLimiter;
+const WINDOW_MS = 60000;
+function createRateLimiter(opts = {}) {
+    const now = opts.now ?? (() => Date.now());
+    const windows = new Map();
+    return {
+        allow(routeId, perMinute) {
+            const t = now();
+            let w = windows.get(routeId);
+            if (!w) {
+                w = [];
+                windows.set(routeId, w);
+            }
+            // Prune entries older than the window.
+            const cutoff = t - WINDOW_MS;
+            while (w.length > 0 && w[0] < cutoff)
+                w.shift();
+            if (w.length >= perMinute)
+                return false;
+            w.push(t);
+            return true;
+        },
+        stats(routeId) {
+            const w = windows.get(routeId);
+            if (!w || w.length === 0)
+                return { count: 0, oldestMs: null };
+            return { count: w.length, oldestMs: w[0] };
+        },
+        reset(routeId) {
+            if (routeId === undefined)
+                windows.clear();
+            else
+                windows.delete(routeId);
+        },
+    };
+}