akemon 0.3.4 → 0.3.5

package/dist/server.js

@@ -2,6 +2,7 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { exec } from "child_process";
 import { scanAndKillOrphans } from "./orphan-scan.js";
+import { timingSafeEqual } from "node:crypto";
 import { createServer } from "http";
 import { createInterface } from "readline";
 import { mkdir } from "fs/promises";
@@ -86,8 +87,35 @@ function bearerToken(req) {
 }
 function isOwnerRequest(req, options) {
     const token = bearerToken(req);
-    const validTokens = [options.secretKey, options.key].filter(Boolean);
-    return !!token && validTokens.includes(token);
+    const validTokens = [options.secretKey, options.key]
+        .filter((validToken) => typeof validToken === "string" && validToken.length > 0);
+    return !!token && validTokens.some((validToken) => constantTimeTokenEqual(token, validToken));
+}
+function constantTimeTokenEqual(left, right) {
+    const leftBuffer = Buffer.from(left);
+    const rightBuffer = Buffer.from(right);
+    const length = Math.max(leftBuffer.length, rightBuffer.length, 1);
+    const leftPadded = Buffer.alloc(length);
+    const rightPadded = Buffer.alloc(length);
+    leftBuffer.copy(leftPadded);
+    rightBuffer.copy(rightPadded);
+    return timingSafeEqual(leftPadded, rightPadded) && leftBuffer.length === rightBuffer.length;
+}
+function writeJsonResponse(res, statusCode, body, pretty = false) {
+    res.writeHead(statusCode, { "Content-Type": "application/json" })
+        .end(JSON.stringify(body, null, pretty ? 2 : 0));
+}
+function requireOwnerRequest(req, res, options) {
+    if (isOwnerRequest(req, options))
+        return true;
+    writeJsonResponse(res, 401, { error: "Owner token required" });
+    return false;
+}
+function requireSoftwareAgent(res, softwareAgent) {
+    if (softwareAgent)
+        return softwareAgent;
+    writeJsonResponse(res, 503, { error: "Software agent peripheral not ready" });
+    return null;
 }
 function readJsonBody(req, maxBytes = 256 * 1024) {
     return new Promise((resolve, reject) => {
@@ -118,87 +146,57 @@ function readJsonBody(req, maxBytes = 256 * 1024) {
         req.on("error", reject);
     });
 }
-export async function handleSoftwareAgentRunHttp(req, res, deps) {
-    if (!isOwnerRequest(req, deps.options)) {
-        res.writeHead(401, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Owner token required" }));
-        return;
-    }
-    if (!deps.softwareAgent) {
-        res.writeHead(503, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Software agent peripheral not ready" }));
-        return;
-    }
+async function readOwnerSoftwareAgentEnvelope(req, res, deps) {
     let body;
     try {
         body = await readJsonBody(req);
     }
     catch (err) {
-        res.writeHead(400, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || "Invalid request body" }));
-        return;
+        writeJsonResponse(res, 400, { error: err.message || "Invalid request body" });
+        return null;
     }
-    let envelope;
     try {
-        envelope = createOwnerTaskEnvelope(body, deps.workdir);
+        const envelope = createOwnerTaskEnvelope(body, deps.workdir);
         envelope.memorySummary = await buildSoftwareAgentMemorySummary({
             workdir: deps.workdir,
             agentName: deps.agentName,
             envelope,
             request: body,
         });
+        return envelope;
     }
     catch (err) {
-        res.writeHead(400, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || "Invalid software-agent envelope" }));
-        return;
+        writeJsonResponse(res, 400, { error: err.message || "Invalid software-agent envelope" });
+        return null;
     }
+}
+export async function handleSoftwareAgentRunHttp(req, res, deps) {
+    if (!requireOwnerRequest(req, res, deps.options))
+        return;
+    const softwareAgent = requireSoftwareAgent(res, deps.softwareAgent);
+    if (!softwareAgent)
+        return;
+    const envelope = await readOwnerSoftwareAgentEnvelope(req, res, deps);
+    if (!envelope)
+        return;
     try {
-        const result = await deps.softwareAgent.sendTask(envelope);
-        res.writeHead(result.success ? 200 : 500, { "Content-Type": "application/json" })
-            .end(JSON.stringify(result, null, 2));
+        const result = await softwareAgent.sendTask(envelope);
+        writeJsonResponse(res, 200, redactSecrets(result), true);
     }
     catch (err) {
         const busy = String(err.message || "").includes("busy");
-        res.writeHead(busy ? 409 : 500, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || String(err) }));
+        writeJsonResponse(res, busy ? 409 : 500, { error: err.message || String(err) });
     }
 }
 export async function handleSoftwareAgentRunStreamHttp(req, res, deps) {
-    if (!isOwnerRequest(req, deps.options)) {
-        res.writeHead(401, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Owner token required" }));
+    if (!requireOwnerRequest(req, res, deps.options))
         return;
-    }
-    if (!deps.softwareAgent) {
-        res.writeHead(503, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Software agent peripheral not ready" }));
+    const softwareAgent = requireSoftwareAgent(res, deps.softwareAgent);
+    if (!softwareAgent)
         return;
-    }
-    let body;
-    try {
-        body = await readJsonBody(req);
-    }
-    catch (err) {
-        res.writeHead(400, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || "Invalid request body" }));
-        return;
-    }
-    let envelope;
-    try {
-        envelope = createOwnerTaskEnvelope(body, deps.workdir);
-        envelope.memorySummary = await buildSoftwareAgentMemorySummary({
-            workdir: deps.workdir,
-            agentName: deps.agentName,
-            envelope,
-            request: body,
-        });
-    }
-    catch (err) {
-        res.writeHead(400, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || "Invalid software-agent envelope" }));
+    const envelope = await readOwnerSoftwareAgentEnvelope(req, res, deps);
+    if (!envelope)
         return;
-    }
     const abortController = new AbortController();
     let responseFinished = false;
     let streamStarted = false;
@@ -218,7 +216,7 @@ export async function handleSoftwareAgentRunStreamHttp(req, res, deps) {
         res.flushHeaders?.();
     };
     try {
-        await deps.softwareAgent.sendTask(envelope, {
+        await softwareAgent.sendTask(envelope, {
             signal: abortController.signal,
             observer: {
                 onStart(event) {
@@ -242,6 +240,8 @@ export async function handleSoftwareAgentRunStreamHttp(req, res, deps) {
                     writeSoftwareAgentStreamEvent(res, {
                         type: "end",
                         taskId: event.taskId,
+                        exitCode: event.exitCode,
+                        durationMs: event.durationMs,
                         result: event.result,
                     });
                 },
@@ -251,8 +251,7 @@ export async function handleSoftwareAgentRunStreamHttp(req, res, deps) {
     catch (err) {
         if (!streamStarted) {
             const busy = String(err.message || "").includes("busy");
-            res.writeHead(busy ? 409 : 500, { "Content-Type": "application/json" })
-                .end(JSON.stringify({ error: err.message || String(err) }));
+            writeJsonResponse(res, busy ? 409 : 500, { error: err.message || String(err) });
             responseFinished = true;
             return;
         }
@@ -268,58 +267,47 @@ export async function handleSoftwareAgentRunStreamHttp(req, res, deps) {
     }
 }
 export async function handleSoftwareAgentStatusHttp(req, res, deps) {
-    if (!isOwnerRequest(req, deps.options)) {
-        res.writeHead(401, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Owner token required" }));
+    if (!requireOwnerRequest(req, res, deps.options))
         return;
-    }
-    if (!deps.softwareAgent) {
-        res.writeHead(503, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Software agent peripheral not ready" }));
+    const softwareAgent = requireSoftwareAgent(res, deps.softwareAgent);
+    if (!softwareAgent)
         return;
-    }
-    res.writeHead(200, { "Content-Type": "application/json" })
-        .end(JSON.stringify(deps.softwareAgent.getState(), null, 2));
+    writeJsonResponse(res, 200, softwareAgent.getState(), true);
 }
 export async function handleSoftwareAgentTasksHttp(req, res, deps) {
-    if (!isOwnerRequest(req, deps.options)) {
-        res.writeHead(401, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Owner token required" }));
+    if (!requireOwnerRequest(req, res, deps.options))
         return;
-    }
     const url = new URL(req.url || "/", "http://127.0.0.1");
     const basePath = "/self/software-agent/tasks";
     const taskLedgerDir = softwareAgentTaskLedgerDir(deps.workdir, deps.agentName);
     if (url.pathname === basePath) {
         const limit = readPositiveIntQuery(url.searchParams.get("limit"), 20, 100);
         const tasks = listSoftwareAgentTaskRecords(taskLedgerDir, limit);
-        res.writeHead(200, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ tasks }, null, 2));
+        writeJsonResponse(res, 200, { tasks }, true);
         return;
     }
     if (url.pathname.startsWith(`${basePath}/`)) {
         const taskId = decodeURIComponent(url.pathname.slice(basePath.length + 1));
         if (!taskId || taskId.includes("/")) {
-            res.writeHead(400, { "Content-Type": "application/json" })
-                .end(JSON.stringify({ error: "Invalid software-agent task id" }));
+            writeJsonResponse(res, 400, { error: "Invalid software-agent task id" });
             return;
         }
         const task = readSoftwareAgentTaskRecord(taskLedgerDir, taskId);
         if (!task) {
-            res.writeHead(404, { "Content-Type": "application/json" })
-                .end(JSON.stringify({ error: "Software-agent task not found" }));
+            writeJsonResponse(res, 404, { error: "Software-agent task not found" });
             return;
         }
-        res.writeHead(200, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ task }, null, 2));
+        writeJsonResponse(res, 200, { task }, true);
         return;
     }
-    res.writeHead(404, { "Content-Type": "application/json" })
-        .end(JSON.stringify({ error: "Software-agent task endpoint not found" }));
+    writeJsonResponse(res, 404, { error: "Software-agent task endpoint not found" });
 }
 function softwareAgentTaskLedgerDir(workdir, agentName) {
     return join(workdir, ".akemon", "agents", agentName, "software-agent", "tasks");
 }
+function softwareAgentContextSessionDir(workdir, agentName) {
+    return join(workdir, ".akemon", "agents", agentName, "software-agent", "sessions");
+}
 function readPositiveIntQuery(value, fallback, max) {
     if (!value)
         return fallback;
@@ -331,27 +319,20 @@ function readPositiveIntQuery(value, fallback, max) {
 function writeSoftwareAgentStreamEvent(res, event) {
     if (res.destroyed)
         return;
-    res.write(`${JSON.stringify(event)}\n`);
+    res.write(`${JSON.stringify(redactSecrets(event))}\n`);
 }
 export async function handleSoftwareAgentResetHttp(req, res, deps) {
-    if (!isOwnerRequest(req, deps.options)) {
-        res.writeHead(401, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Owner token required" }));
+    if (!requireOwnerRequest(req, res, deps.options))
         return;
-    }
-    if (!deps.softwareAgent) {
-        res.writeHead(503, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: "Software agent peripheral not ready" }));
+    const softwareAgent = requireSoftwareAgent(res, deps.softwareAgent);
+    if (!softwareAgent)
         return;
-    }
     try {
-        await deps.softwareAgent.resetSession();
-        res.writeHead(200, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ ok: true, state: deps.softwareAgent.getState() }, null, 2));
+        await softwareAgent.resetSession();
+        writeJsonResponse(res, 200, { ok: true, state: softwareAgent.getState() }, true);
     }
     catch (err) {
-        res.writeHead(500, { "Content-Type": "application/json" })
-            .end(JSON.stringify({ error: err.message || String(err) }));
+        writeJsonResponse(res, 500, { error: err.message || String(err) });
     }
 }
 import { RelayPeripheral } from "./relay-peripheral.js";
@@ -370,6 +351,7 @@ import { CodexSoftwareAgentPeripheral, createOwnerTaskEnvelope, listSoftwareAgen
 import { buildSoftwareAgentMemorySummary } from "./software-agent-memory.js";
 import { SIG, sig } from "./types.js";
 import { loadConversation, listConversations, buildLLMContext } from "./context.js";
+import { redactSecrets } from "./redaction.js";
 import { createMcpServer, initMcpProxy, createMcpProxyServer } from "./mcp-server.js";
 import { autoRoute, runCollaborativeQuery } from "./agent-utils.js";
 // createMcpServer, initMcpProxy, createMcpProxyServer → see mcp-server.ts
@@ -378,11 +360,11 @@ const LLM_ENGINES = LLM_ENGINES_SET;
 // Engine execution — delegates to EnginePeripheral (V2 Step 3)
 // ---------------------------------------------------------------------------
 /** Unified engine runner — delegates to EnginePeripheral */
-function runEngine(engine, model, allowAll, task, workdir, extraAllowedTools, relay, signal, origin, routing, taskId) {
+function runEngine(engine, model, allowAll, task, workdir, extraAllowedTools, relay, signal, origin, routing, taskId, routeRequest) {
     if (!_engineP) {
         throw new Error("Engine peripheral not initialized");
     }
-    const result = _engineP.runEngine(task, allowAll, extraAllowedTools, signal, origin, routing, taskId);
+    const result = _engineP.runEngine(task, allowAll, extraAllowedTools, signal, origin, routing, taskId, routeRequest);
     // Sync trace back to module-level for reporting
     result.then(() => { lastEngineTrace = _engineP.lastTrace; }).catch(() => { lastEngineTrace = _engineP.lastTrace; });
     return result;
@@ -681,6 +663,9 @@ export async function serve(options) {
         model: process.env.AKEMON_CODEX_MODEL,
         sandbox: "workspace-write",
         taskLedgerDir: softwareAgentTaskLedgerDir(workdir, options.agentName),
+        contextSessionDir: softwareAgentContextSessionDir(workdir, options.agentName),
+        envPolicy: options.softwareAgentEnvPolicy,
+        envAllowlist: options.softwareAgentEnvAllowlist,
     });
     // Peripheral registry — Core routes by capability
     const peripherals = [relay, engineP, codexSoftwareAgent];
@@ -718,7 +703,7 @@ export async function serve(options) {
         const abortController = new AbortController();
         const timer = setTimeout(() => abortController.abort(), ENGINE_EXEC_TIMEOUT_MS);
         try {
-            const response = await runEngine(options.engine || "claude", options.model, options.allowAll, prompt, workdir, req.tools, req.relay, abortController.signal, req.origin, routing, req.taskId);
+            const response = await runEngine(options.engine || "claude", options.model, options.allowAll, prompt, workdir, req.tools, req.relay, abortController.signal, req.origin, routing, req.taskId, req.engineHints);
             emitTokenUsage(prompt.length, response.length);
             return { success: true, response };
         }

package/dist/software-agent-memory.js

@@ -1,6 +1,14 @@
 import { buildLLMContext, loadConversation } from "./context.js";
 import { buildRoleContext, loadRoles, resolveRoles } from "./role-module.js";
 const DEFAULT_CONTEXT_BUDGET = 6000;
+const OWNER_MEMORY_EXCLUDE_TERMS = [
+    "owner",
+    "private",
+    "personal",
+    "note",
+    "diary",
+    "bio",
+];
 export async function buildSoftwareAgentMemorySummary(opts) {
     const budget = opts.contextBudget ?? DEFAULT_CONTEXT_BUDGET;
     const parts = [
@@ -103,17 +111,7 @@ async function resolveRoleMemoryPolicy(workdir, agentName, roleTrigger) {
 function roleExcludesOwnerMemory(policy) {
     return policy.exclude.some((item) => {
         const normalized = item.toLowerCase();
-        return normalized.includes("owner")
-            || normalized.includes("private")
-            || normalized.includes("personal")
-            || normalized.includes("note")
-            || normalized.includes("diary")
-            || normalized.includes("bio")
-            || normalized.includes("全部记忆")
-            || normalized.includes("个人")
-            || normalized.includes("笔记")
-            || normalized.includes("日记")
-            || normalized.includes("状态");
+        return OWNER_MEMORY_EXCLUDE_TERMS.some((term) => normalized.includes(term));
     });
 }
 function normalizeRequest(value) {