aiden-runtime 4.8.1 → 4.9.1

package/dist/core/v4/identity/executionContext.js

@@ -0,0 +1,153 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.serializeContext = serializeContext;
+exports.deserializeContext = deserializeContext;
+exports.childSpan = childSpan;
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/identity/executionContext.ts — v4.9.0 Slice 4.
+ *
+ * The `ExecutionContext` is the per-unit-of-work envelope every layer
+ * of the runtime can reach via `currentContext()`. It carries the
+ * stable correlation IDs (daemon, incarnation, run, trace, span) plus
+ * the situational metadata (source, attempt, deadline, optional
+ * external request id, optional baggage).
+ *
+ * Slice 4 is **additive only** — nothing in the existing code paths
+ * required a context yet; this file just defines the shape and the
+ * (de)serialisation primitives so later slices can plumb it through
+ * tool dispatch, hooks, trigger bus claims, and the agent loop.
+ *
+ * Serialisation is JSON. We could compact this further (e.g. msgpack
+ * over a base64url envelope) but JSON keeps it grep-friendly in env
+ * vars and log lines — and the contexts we'll be ferrying are <300 bytes.
+ */
+const ids_1 = require("./ids");
+const VALID_SOURCES = new Set([
+    'cli', 'api', 'webhook', 'cron', 'email', 'folder', 'subagent', 'unknown',
+]);
+/**
+ * Serialise a context to a single string suitable for stuffing into an
+ * env var, a log field, or a tracestate-style header. Round-trippable
+ * via `deserializeContext`.
+ *
+ * We don't ship undefined fields — keeps the payload tight when most
+ * of the optional surface is empty (the common case).
+ */
+function serializeContext(ctx) {
+    const payload = {
+        d: ctx.daemonId,
+        i: ctx.incarnationId,
+        r: ctx.runId,
+        t: ctx.traceId,
+        s: ctx.spanId,
+        sr: ctx.source,
+        a: ctx.attempt,
+    };
+    if (ctx.parentSpanId)
+        payload.ps = ctx.parentSpanId;
+    if (ctx.requestId)
+        payload.rq = ctx.requestId;
+    if (ctx.externalRequestId)
+        payload.er = ctx.externalRequestId;
+    if (ctx.triggerId)
+        payload.tg = ctx.triggerId;
+    if (ctx.sessionId)
+        payload.se = ctx.sessionId;
+    if (ctx.deadlineAt)
+        payload.dl = ctx.deadlineAt;
+    if (ctx.baggage && Object.keys(ctx.baggage).length > 0)
+        payload.b = ctx.baggage;
+    return JSON.stringify(payload);
+}
+/**
+ * Parse a serialised context. Throws on malformed input — this is a
+ * trust-boundary deserialise (env var that's supposed to exist), so
+ * "fail loud" beats silent context loss.
+ */
+function deserializeContext(s) {
+    if (typeof s !== 'string' || s.length === 0) {
+        throw new Error('deserializeContext: input must be a non-empty string');
+    }
+    let raw;
+    try {
+        raw = JSON.parse(s);
+    }
+    catch (e) {
+        throw new Error(`deserializeContext: invalid JSON (${e instanceof Error ? e.message : String(e)})`);
+    }
+    const need = (k) => {
+        const v = raw[k];
+        if (typeof v !== 'string' || v.length === 0) {
+            throw new Error(`deserializeContext: missing or non-string field '${k}'`);
+        }
+        return v;
+    };
+    // Validate required string fields FIRST so a malformed payload gets
+    // a useful "missing field 'X'" message rather than a downstream
+    // "invalid source 'undefined'" surprise.
+    const daemonId = need('d');
+    const incarnationId = need('i');
+    const runId = need('r');
+    const traceId = need('t');
+    const spanId = need('s');
+    const source = need('sr');
+    if (!VALID_SOURCES.has(source)) {
+        throw new Error(`deserializeContext: invalid source '${source}'`);
+    }
+    const attempt = Number(raw.a);
+    if (!Number.isFinite(attempt) || attempt < 0) {
+        throw new Error(`deserializeContext: invalid attempt '${String(raw.a)}'`);
+    }
+    const ctx = {
+        daemonId,
+        incarnationId,
+        runId,
+        traceId,
+        spanId,
+        source: source,
+        attempt,
+    };
+    if (typeof raw.ps === 'string')
+        ctx.parentSpanId = raw.ps;
+    if (typeof raw.rq === 'string')
+        ctx.requestId = raw.rq;
+    if (typeof raw.er === 'string')
+        ctx.externalRequestId = raw.er;
+    if (typeof raw.tg === 'string')
+        ctx.triggerId = raw.tg;
+    if (typeof raw.se === 'string')
+        ctx.sessionId = raw.se;
+    if (typeof raw.dl === 'string')
+        ctx.deadlineAt = raw.dl;
+    if (raw.b && typeof raw.b === 'object' && !Array.isArray(raw.b)) {
+        // Defensive cast: only string-valued entries survive.
+        const bag = {};
+        for (const [k, v] of Object.entries(raw.b)) {
+            if (typeof v === 'string')
+                bag[k] = v;
+        }
+        if (Object.keys(bag).length > 0)
+            ctx.baggage = bag;
+    }
+    return ctx;
+}
+/**
+ * Fork a child span: returns a new context with the same trace/run but
+ * a fresh `spanId` and `parentSpanId` set to the parent's `spanId`.
+ *
+ * Pass `newSpanIdOverride` only in tests where determinism matters; in
+ * normal operation the freshly-minted span id is what you want.
+ */
+function childSpan(ctx, newSpanIdOverride) {
+    return {
+        ...ctx,
+        spanId: newSpanIdOverride ?? (0, ids_1.newSpanId)(),
+        parentSpanId: ctx.spanId,
+    };
+}

package/dist/core/v4/identity/hookExecution.js

@@ -0,0 +1,62 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/identity/hookExecution.ts — v4.9.0 Slice 7.
+ *
+ * Ergonomic boundary helper for hook execution. Wraps a hook callback
+ * with:
+ *
+ *   - Timeout enforcement (default 5s; configurable per call)
+ *   - Structured outcome shape (`'ok' | 'timeout' | 'error'`) — caller
+ *     decides whether a hook timeout/error should block the operation
+ *     or fail-open
+ *   - A span via Slice 6's `runHookWithSpan` so every firing is durable
+ *
+ * Slice 7 lands the helper. Slice 9 wires it into the actual lifecycle
+ * dispatcher.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HookTimeoutError = void 0;
+exports.executeHookWithBoundary = executeHookWithBoundary;
+/**
+ * Execute `fn` inside a hook boundary. Returns a structured outcome —
+ * the caller decides whether to block or fail-open on timeout/error.
+ * Never throws.
+ *
+ * Uses Slice 6's `runHookWithSpan` for the durable span side; here we
+ * adapt the spanned result into the explicit `{outcome}` envelope.
+ */
+async function executeHookWithBoundary(_ctx, opts, fn) {
+    const timeoutMs = opts.timeoutMs ?? 5000;
+    let timer = null;
+    try {
+        const timeoutPromise = new Promise((_resolve, reject) => {
+            timer = setTimeout(() => reject(new HookTimeoutError(opts.hookName, timeoutMs)), timeoutMs);
+        });
+        const value = await Promise.race([fn(), timeoutPromise]);
+        if (timer)
+            clearTimeout(timer);
+        return { outcome: 'ok', value: value };
+    }
+    catch (err) {
+        if (timer)
+            clearTimeout(timer);
+        if (err instanceof HookTimeoutError) {
+            return { outcome: 'timeout', error: err };
+        }
+        const wrapped = err instanceof Error ? err : new Error(String(err));
+        return { outcome: 'error', error: wrapped };
+    }
+}
+class HookTimeoutError extends Error {
+    constructor(hookName, ms) {
+        super(`hook '${hookName}' timed out after ${ms}ms`);
+        this.name = 'HookTimeout';
+    }
+}
+exports.HookTimeoutError = HookTimeoutError;

package/dist/core/v4/identity/httpContext.js

@@ -0,0 +1,68 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/identity/httpContext.ts — v4.9.0 Slice 7.
+ *
+ * Inject outbound HTTP headers carrying ExecutionContext correlation
+ * data so downstream services + log aggregators can stitch the call
+ * back to its originating run/trace/span. Emits both:
+ *
+ *   - W3C-standard `traceparent` (32-hex/16-hex/sampled)
+ *   - `X-Aiden-*` companion headers for fine-grained run/incarnation
+ *     correlation that doesn't fit in `traceparent`
+ *
+ * `injectContextHeaders` is pure — it does not read ambient context
+ * itself. Callers pass an explicit ctx (either current or one they
+ * forked). Outside a `runWithContext` frame, callers can pass
+ * `currentContext()` and receive the same headers, or short-circuit
+ * to skip header injection entirely.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.injectContextHeaders = injectContextHeaders;
+exports.maybeInjectContextHeaders = maybeInjectContextHeaders;
+const traceparent_1 = require("./traceparent");
+const ids_1 = require("./ids");
+const enforcement_1 = require("./enforcement");
+/**
+ * Headers Aiden adds to outbound requests when an ExecutionContext
+ * is active. Caller-supplied headers in the merge target win on key
+ * collision so a tool that needs to override (e.g. `User-Agent`) can.
+ */
+function injectContextHeaders(ctx, headers = {}) {
+    const traceparent = (() => {
+        try {
+            return (0, traceparent_1.emitTraceparent)((0, traceparent_1.stripPrefix)(ctx.traceId, 'trc_'), (0, traceparent_1.stripPrefix)(ctx.spanId, 'spn_'), true);
+        }
+        catch {
+            return undefined;
+        }
+    })();
+    const out = {};
+    if (traceparent)
+        out['traceparent'] = traceparent;
+    out['X-Request-Id'] = ctx.requestId ?? (0, ids_1.newRequestId)();
+    out['X-Aiden-Run-Id'] = ctx.runId;
+    out['X-Aiden-Trace-Id'] = ctx.traceId;
+    out['X-Aiden-Span-Id'] = ctx.spanId;
+    // Caller-supplied headers win on collision.
+    return { ...out, ...headers };
+}
+/**
+ * Convenience: pass-through helper when the caller may or may not
+ * have a context. Returns the original headers unchanged when ctx
+ * is undefined (no trace propagation outside a context frame).
+ */
+function maybeInjectContextHeaders(ctx, headers = {}) {
+    if (ctx)
+        return injectContextHeaders(ctx, headers);
+    // v4.9.0 Slice 8 — report missing-context on the outbound HTTP path.
+    // 'silent' / 'warn' degrade to pass-through (no trace propagation
+    // outside a context frame); 'strict' throws via the enforcement.
+    (0, enforcement_1.reportMissingContext)('http_outbound', 'maybeInjectContextHeaders');
+    return headers;
+}

package/dist/core/v4/identity/ids.js

@@ -0,0 +1,185 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/identity/ids.ts — v4.9.0 Slice 4.
+ *
+ * UUIDv7 generation per RFC 9562 §5.7 + typed-prefix wrappers.
+ *
+ * UUIDv7 lays a millisecond timestamp in the top 48 bits, so lexicographic
+ * sort == time sort. That property is the reason we picked v7 over v4:
+ * `runs.id`-style auto-increment is wedded to one SQLite file; UUIDv7
+ * gives us a globally-unique, time-orderable id we can correlate across
+ * the daemon DB, the structured log, future remote sinks, and crash
+ * reports without needing a central counter.
+ *
+ * The `uuid` package on disk is v9, which doesn't ship UUIDv7 (added in
+ * uuid@10). We hand-roll the 16-byte layout from RFC 9562 §5.7:
+ *
+ *     0                   1                   2                   3
+ *     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |                           unix_ts_ms                          |
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |          unix_ts_ms           |  ver  |       rand_a          |
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |var|                        rand_b                             |
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |                            rand_b                             |
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *   - 48 bits unix_ts_ms (big-endian)
+ *   - 4 bits version = 0b0111 (UUIDv7)
+ *   - 12 bits rand_a (random)
+ *   - 2 bits variant = 0b10 (RFC 4122)
+ *   - 62 bits rand_b (random)
+ *
+ * Output canonical hex with dashes (e.g. `01919c34-8e21-7c8c-bcd7-...`).
+ * That's then base32-cased for prefixed IDs — keeps the output URL-safe
+ * and short while preserving the millisecond ordering at the prefix.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.newHookExecId = exports.newHookSubId = exports.newHookId = exports.newMemoryId = exports.newToolCallId = exports.newRequestId = exports.newSpanId = exports.newTraceId = exports.newAttemptId = exports.newRunId = exports.newTriggerId = exports.newIncarnationId = exports.newDaemonId = exports.ID_PREFIXES = void 0;
+exports.uuidv7Bytes = uuidv7Bytes;
+exports.newUuidV7 = newUuidV7;
+exports.newUuidV7Compact = newUuidV7Compact;
+exports.parseId = parseId;
+exports.isIdWithPrefix = isIdWithPrefix;
+const node_crypto_1 = require("node:crypto");
+/**
+ * Allowed prefixes. Adding a new ID kind means adding the prefix here
+ * and the helper. `parseId` validates against this set so a stray
+ * `xyz_...` string can't masquerade as one of ours.
+ */
+exports.ID_PREFIXES = [
+    'dmn', // daemon identity (persists across incarnations)
+    'inc', // single daemon process incarnation
+    'trg', // trigger event
+    'run', // agent run (one turn or daemon-fired job)
+    'att', // v4.9.0 Slice 5 — execution attempt within a run
+    'trc', // trace (top-level correlation across runs/spans)
+    'spn', // span (sub-unit of a trace)
+    'req', // external request id (e.g. webhook delivery)
+    'tool', // tool invocation
+    'mem', // memory write
+    'hook', // hook firing (legacy generic id)
+    'hsub', // v4.9.0 Slice 12a — hook subscription
+    'hexec', // v4.9.0 Slice 12a — hook execution (subprocess invocation)
+];
+const PREFIX_SET = new Set(exports.ID_PREFIXES);
+/**
+ * Generate one UUIDv7 byte buffer.
+ * Exported for tests; consumers should use `newUuidV7()` or one of the
+ * typed helpers below.
+ */
+function uuidv7Bytes(now = Date.now()) {
+    if (!Number.isFinite(now) || now < 0) {
+        throw new Error(`uuidv7Bytes: invalid timestamp ${now}`);
+    }
+    const buf = (0, node_crypto_1.randomBytes)(16);
+    // 48-bit timestamp, big-endian, into bytes 0-5.
+    // JS bitwise ops are 32-bit, so split into high/low halves first.
+    const tsHi = Math.floor(now / 4294967296); // top 16 of the 48-bit ts
+    const tsLo = now >>> 0; // bottom 32
+    buf[0] = (tsHi >>> 8) & 0xff;
+    buf[1] = tsHi & 0xff;
+    buf[2] = (tsLo >>> 24) & 0xff;
+    buf[3] = (tsLo >>> 16) & 0xff;
+    buf[4] = (tsLo >>> 8) & 0xff;
+    buf[5] = tsLo & 0xff;
+    // Version 0b0111 in the top nibble of byte 6.
+    buf[6] = (buf[6] & 0x0f) | 0x70;
+    // Variant 0b10 in the top 2 bits of byte 8.
+    buf[8] = (buf[8] & 0x3f) | 0x80;
+    return buf;
+}
+/** Format 16 bytes as canonical UUID string with dashes. */
+function bytesToUuidString(buf) {
+    const hex = Buffer.from(buf).toString('hex');
+    return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
+}
+/** Strip dashes; canonical UUID → 32-char lowercase hex. */
+function bytesToCompact(buf) {
+    return Buffer.from(buf).toString('hex');
+}
+/** One fresh UUIDv7 in canonical dashed form. */
+function newUuidV7() {
+    return bytesToUuidString(uuidv7Bytes());
+}
+/** One fresh UUIDv7 in compact (dashless lowercase hex) form. */
+function newUuidV7Compact() {
+    return bytesToCompact(uuidv7Bytes());
+}
+/**
+ * Build a typed ID: `<prefix>_<compactHex>`. The compact form keeps the
+ * output URL-safe and shorter than the canonical dashed form, while
+ * preserving the millisecond-ordered prefix.
+ */
+function makeId(prefix) {
+    return `${prefix}_${newUuidV7Compact()}`;
+}
+const newDaemonId = () => makeId('dmn');
+exports.newDaemonId = newDaemonId;
+const newIncarnationId = () => makeId('inc');
+exports.newIncarnationId = newIncarnationId;
+const newTriggerId = () => makeId('trg');
+exports.newTriggerId = newTriggerId;
+const newRunId = () => makeId('run');
+exports.newRunId = newRunId;
+const newAttemptId = () => makeId('att');
+exports.newAttemptId = newAttemptId;
+const newTraceId = () => makeId('trc');
+exports.newTraceId = newTraceId;
+const newSpanId = () => makeId('spn');
+exports.newSpanId = newSpanId;
+const newRequestId = () => makeId('req');
+exports.newRequestId = newRequestId;
+const newToolCallId = () => makeId('tool');
+exports.newToolCallId = newToolCallId;
+const newMemoryId = () => makeId('mem');
+exports.newMemoryId = newMemoryId;
+const newHookId = () => makeId('hook');
+exports.newHookId = newHookId;
+const newHookSubId = () => makeId('hsub');
+exports.newHookSubId = newHookSubId;
+const newHookExecId = () => makeId('hexec');
+exports.newHookExecId = newHookExecId;
+/**
+ * Parse a prefixed ID. Returns `null` if the prefix is unknown or the
+ * UUID payload is malformed. Never throws — callers are expected to
+ * branch on `null` (think "trusted input boundary check, not parse-or-die").
+ *
+ * Accepts both compact (no dashes) and canonical (with dashes) UUID
+ * forms in the payload — the typed helpers emit compact, but
+ * deserialised IDs from external sources (logs, env vars, query strings)
+ * could carry either shape.
+ */
+function parseId(s) {
+    if (typeof s !== 'string' || s.length === 0)
+        return null;
+    const idx = s.indexOf('_');
+    if (idx <= 0)
+        return null;
+    const prefix = s.slice(0, idx);
+    if (!PREFIX_SET.has(prefix))
+        return null;
+    let payload = s.slice(idx + 1);
+    // Strip dashes if the caller passed canonical form.
+    if (payload.includes('-'))
+        payload = payload.replace(/-/g, '');
+    if (!/^[0-9a-f]{32}$/i.test(payload))
+        return null;
+    return { prefix: prefix, uuid: payload.toLowerCase() };
+}
+/**
+ * Type guard — `true` when `s` is a well-formed typed ID with the
+ * expected prefix. Cheap; used at API boundaries.
+ */
+function isIdWithPrefix(s, prefix) {
+    const parsed = parseId(s);
+    return parsed !== null && parsed.prefix === prefix;
+}

package/dist/core/v4/identity/index.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._resetContextMissingCountersForTests = exports.getAllContextMissingCounters = exports.getContextMissingCounter = exports.ContextMissingError = exports.reportMissingContext = exports.getEnforcementMode = exports.HookTimeoutError = exports.executeHookWithBoundary = exports.readContextFromEnv = exports.spawnEnvWithContext = exports.maybeInjectContextHeaders = exports.injectContextHeaders = exports.validateExternalRequestId = exports.stripPrefix = exports.emitTraceparent = exports.parseTraceparent = exports.daemonIdFilePath = exports.loadOrCreateDaemonId = exports.requireContext = exports.currentContext = exports.runWithContext = exports.childSpan = exports.deserializeContext = exports.serializeContext = exports.isIdWithPrefix = exports.parseId = exports.newHookExecId = exports.newHookSubId = exports.newHookId = exports.newMemoryId = exports.newToolCallId = exports.newRequestId = exports.newSpanId = exports.newTraceId = exports.newAttemptId = exports.newRunId = exports.newTriggerId = exports.newIncarnationId = exports.newDaemonId = exports.newUuidV7Compact = exports.newUuidV7 = exports.uuidv7Bytes = exports.ID_PREFIXES = void 0;
+/**
+ * core/v4/identity/index.ts — v4.9.0 Slice 4 barrel.
+ */
+var ids_1 = require("./ids");
+Object.defineProperty(exports, "ID_PREFIXES", { enumerable: true, get: function () { return ids_1.ID_PREFIXES; } });
+Object.defineProperty(exports, "uuidv7Bytes", { enumerable: true, get: function () { return ids_1.uuidv7Bytes; } });
+Object.defineProperty(exports, "newUuidV7", { enumerable: true, get: function () { return ids_1.newUuidV7; } });
+Object.defineProperty(exports, "newUuidV7Compact", { enumerable: true, get: function () { return ids_1.newUuidV7Compact; } });
+Object.defineProperty(exports, "newDaemonId", { enumerable: true, get: function () { return ids_1.newDaemonId; } });
+Object.defineProperty(exports, "newIncarnationId", { enumerable: true, get: function () { return ids_1.newIncarnationId; } });
+Object.defineProperty(exports, "newTriggerId", { enumerable: true, get: function () { return ids_1.newTriggerId; } });
+Object.defineProperty(exports, "newRunId", { enumerable: true, get: function () { return ids_1.newRunId; } });
+Object.defineProperty(exports, "newAttemptId", { enumerable: true, get: function () { return ids_1.newAttemptId; } });
+Object.defineProperty(exports, "newTraceId", { enumerable: true, get: function () { return ids_1.newTraceId; } });
+Object.defineProperty(exports, "newSpanId", { enumerable: true, get: function () { return ids_1.newSpanId; } });
+Object.defineProperty(exports, "newRequestId", { enumerable: true, get: function () { return ids_1.newRequestId; } });
+Object.defineProperty(exports, "newToolCallId", { enumerable: true, get: function () { return ids_1.newToolCallId; } });
+Object.defineProperty(exports, "newMemoryId", { enumerable: true, get: function () { return ids_1.newMemoryId; } });
+Object.defineProperty(exports, "newHookId", { enumerable: true, get: function () { return ids_1.newHookId; } });
+Object.defineProperty(exports, "newHookSubId", { enumerable: true, get: function () { return ids_1.newHookSubId; } });
+Object.defineProperty(exports, "newHookExecId", { enumerable: true, get: function () { return ids_1.newHookExecId; } });
+Object.defineProperty(exports, "parseId", { enumerable: true, get: function () { return ids_1.parseId; } });
+Object.defineProperty(exports, "isIdWithPrefix", { enumerable: true, get: function () { return ids_1.isIdWithPrefix; } });
+var executionContext_1 = require("./executionContext");
+Object.defineProperty(exports, "serializeContext", { enumerable: true, get: function () { return executionContext_1.serializeContext; } });
+Object.defineProperty(exports, "deserializeContext", { enumerable: true, get: function () { return executionContext_1.deserializeContext; } });
+Object.defineProperty(exports, "childSpan", { enumerable: true, get: function () { return executionContext_1.childSpan; } });
+var contextManager_1 = require("./contextManager");
+Object.defineProperty(exports, "runWithContext", { enumerable: true, get: function () { return contextManager_1.runWithContext; } });
+Object.defineProperty(exports, "currentContext", { enumerable: true, get: function () { return contextManager_1.currentContext; } });
+Object.defineProperty(exports, "requireContext", { enumerable: true, get: function () { return contextManager_1.requireContext; } });
+var daemonId_1 = require("./daemonId");
+Object.defineProperty(exports, "loadOrCreateDaemonId", { enumerable: true, get: function () { return daemonId_1.loadOrCreateDaemonId; } });
+Object.defineProperty(exports, "daemonIdFilePath", { enumerable: true, get: function () { return daemonId_1.daemonIdFilePath; } });
+// v4.9.0 Slice 7 — HTTP / subprocess / hook boundaries.
+var traceparent_1 = require("./traceparent");
+Object.defineProperty(exports, "parseTraceparent", { enumerable: true, get: function () { return traceparent_1.parseTraceparent; } });
+Object.defineProperty(exports, "emitTraceparent", { enumerable: true, get: function () { return traceparent_1.emitTraceparent; } });
+Object.defineProperty(exports, "stripPrefix", { enumerable: true, get: function () { return traceparent_1.stripPrefix; } });
+Object.defineProperty(exports, "validateExternalRequestId", { enumerable: true, get: function () { return traceparent_1.validateExternalRequestId; } });
+var httpContext_1 = require("./httpContext");
+Object.defineProperty(exports, "injectContextHeaders", { enumerable: true, get: function () { return httpContext_1.injectContextHeaders; } });
+Object.defineProperty(exports, "maybeInjectContextHeaders", { enumerable: true, get: function () { return httpContext_1.maybeInjectContextHeaders; } });
+var subprocessContext_1 = require("./subprocessContext");
+Object.defineProperty(exports, "spawnEnvWithContext", { enumerable: true, get: function () { return subprocessContext_1.spawnEnvWithContext; } });
+Object.defineProperty(exports, "readContextFromEnv", { enumerable: true, get: function () { return subprocessContext_1.readContextFromEnv; } });
+var hookExecution_1 = require("./hookExecution");
+Object.defineProperty(exports, "executeHookWithBoundary", { enumerable: true, get: function () { return hookExecution_1.executeHookWithBoundary; } });
+Object.defineProperty(exports, "HookTimeoutError", { enumerable: true, get: function () { return hookExecution_1.HookTimeoutError; } });
+// v4.9.0 Slice 8 — enforcement layer for missing-context events.
+var enforcement_1 = require("./enforcement");
+Object.defineProperty(exports, "getEnforcementMode", { enumerable: true, get: function () { return enforcement_1.getEnforcementMode; } });
+Object.defineProperty(exports, "reportMissingContext", { enumerable: true, get: function () { return enforcement_1.reportMissingContext; } });
+Object.defineProperty(exports, "ContextMissingError", { enumerable: true, get: function () { return enforcement_1.ContextMissingError; } });
+Object.defineProperty(exports, "getContextMissingCounter", { enumerable: true, get: function () { return enforcement_1.getContextMissingCounter; } });
+Object.defineProperty(exports, "getAllContextMissingCounters", { enumerable: true, get: function () { return enforcement_1.getAllContextMissingCounters; } });
+Object.defineProperty(exports, "_resetContextMissingCountersForTests", { enumerable: true, get: function () { return enforcement_1._resetContextMissingCountersForTests; } });

package/dist/core/v4/identity/subprocessContext.js

@@ -0,0 +1,98 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Shiva Deore (Taracod).
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ *
+ * Aiden — local-first agent.
+ */
+/**
+ * core/v4/identity/subprocessContext.ts — v4.9.0 Slice 7.
+ *
+ * AsyncLocalStorage does NOT cross subprocess boundaries; the child's
+ * Node runtime has its own ALS instance. To preserve correlation, we
+ * stamp the parent's ExecutionContext into the child's `env` block at
+ * spawn time. The child reconstitutes via `readContextFromEnv` and
+ * enters its own `runWithContext(ctx, fn)` frame on startup.
+ *
+ * Wire-format choice: ten env vars instead of one JSON-encoded blob.
+ * Reasons:
+ *   - Greppable in `ps -ef`-style output for forensics
+ *   - Individual vars survive partial truncation by intermediate
+ *     shells / sudo / containers that mangle long env values
+ *   - The set is small + stable; no schema-version footgun
+ *
+ * The child's spanId is ALWAYS freshly minted — never reuse the
+ * parent's spanId in the child, because the child's spans are
+ * causally downstream and should chain via `parentSpanId`.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.spawnEnvWithContext = spawnEnvWithContext;
+exports.readContextFromEnv = readContextFromEnv;
+const ids_1 = require("./ids");
+const ENV_PREFIX = 'AIDEN_';
+/**
+ * Build a child-process env block carrying the parent's context.
+ * Caller spreads `baseEnv` first so AIDEN_* keys win — these are
+ * never user-overridable from the parent invocation.
+ */
+function spawnEnvWithContext(ctx, baseEnv = process.env) {
+    return {
+        ...baseEnv,
+        [`${ENV_PREFIX}DAEMON_ID`]: ctx.daemonId,
+        [`${ENV_PREFIX}INCARNATION_ID`]: ctx.incarnationId,
+        [`${ENV_PREFIX}RUN_ID`]: ctx.runId,
+        [`${ENV_PREFIX}TRACE_ID`]: ctx.traceId,
+        // Child's parent IS this span; child mints its own spanId on read.
+        [`${ENV_PREFIX}PARENT_SPAN_ID`]: ctx.spanId,
+        [`${ENV_PREFIX}REQUEST_ID`]: ctx.requestId ?? '',
+        [`${ENV_PREFIX}SESSION_ID`]: ctx.sessionId ?? '',
+        [`${ENV_PREFIX}SOURCE`]: ctx.source,
+        [`${ENV_PREFIX}ATTEMPT`]: String(ctx.attempt),
+        [`${ENV_PREFIX}TRIGGER_ID`]: ctx.triggerId ?? '',
+    };
+}
+const VALID_SOURCES = new Set([
+    'cli', 'api', 'webhook', 'cron', 'email', 'folder', 'subagent', 'unknown',
+]);
+/**
+ * Reconstruct an ExecutionContext from env vars. Returns `null` when
+ * any of the three required fields (daemonId, incarnationId, runId)
+ * are absent — child wasn't spawned with context.
+ *
+ * The child's `spanId` is ALWAYS freshly minted; the parent's spanId
+ * becomes the child's `parentSpanId`. `source` falls back to
+ * `'subagent'` (the most common child case) if the env didn't carry it.
+ */
+function readContextFromEnv(env = process.env) {
+    const daemonId = env[`${ENV_PREFIX}DAEMON_ID`];
+    const incarnationId = env[`${ENV_PREFIX}INCARNATION_ID`];
+    const runId = env[`${ENV_PREFIX}RUN_ID`];
+    if (!daemonId || !incarnationId || !runId)
+        return null;
+    const sourceRaw = env[`${ENV_PREFIX}SOURCE`] ?? 'subagent';
+    const source = (VALID_SOURCES.has(sourceRaw)
+        ? sourceRaw
+        : 'subagent');
+    const attemptRaw = env[`${ENV_PREFIX}ATTEMPT`] ?? '1';
+    const attempt = Number.parseInt(attemptRaw, 10);
+    const ctx = {
+        daemonId,
+        incarnationId,
+        runId,
+        traceId: env[`${ENV_PREFIX}TRACE_ID`] ?? '',
+        spanId: (0, ids_1.newSpanId)(),
+        parentSpanId: env[`${ENV_PREFIX}PARENT_SPAN_ID`] || undefined,
+        source,
+        attempt: Number.isFinite(attempt) && attempt > 0 ? attempt : 1,
+    };
+    const req = env[`${ENV_PREFIX}REQUEST_ID`];
+    if (req)
+        ctx.requestId = req;
+    const sess = env[`${ENV_PREFIX}SESSION_ID`];
+    if (sess)
+        ctx.sessionId = sess;
+    const trig = env[`${ENV_PREFIX}TRIGGER_ID`];
+    if (trig)
+        ctx.triggerId = trig;
+    return ctx;
+}