akm-cli 0.7.4 → 0.8.0-rc.10

package/dist/core/asset-serialize.js

@@ -0,0 +1,88 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+/**
+ * Canonical asset-on-disk serialization.
+ *
+ * Before this module, 9+ call sites across `src/` independently reimplemented
+ * `yamlStringify(fm).trimEnd() + "---\n…\n---\n\n${body}"` to assemble a
+ * Markdown asset. The reimplementations drifted (different body normalization,
+ * different separator newlines, different trailing-newline policy), which is
+ * exactly the kind of silent format-shift the proposal-quality validators end
+ * up chasing downstream. This file is the single point of truth for
+ * "what does a well-formed AKM asset look like on disk".
+ *
+ * Two helpers are exported:
+ *   - `serializeFrontmatter(fm)` — YAML for the frontmatter block only, with
+ *     no `---` fences and no trailing newline. Single home for quoting style,
+ *     field-order policy, and trailing-whitespace rules.
+ *   - `assembleAsset(fm, body)` — frontmatter wrapped in `---` fences with a
+ *     blank line between the closing fence and the body, and exactly one
+ *     trailing `\n`. Single home for body normalization and the file-shape
+ *     contract.
+ *
+ * Contract (must hold for the dedup to be safe):
+ *   - Idempotent: `parseFrontmatter(assembleAsset(fm, body))` re-assembled
+ *     reproduces the same bytes.
+ *   - Field order: insertion order of `fm` is preserved (the caller controls
+ *     ordering; the helper never reorders).
+ *   - Quoting: `yaml.stringify` defaults — no custom quoting logic.
+ *   - Trailing newline: exactly one `\n` at end of output.
+ *   - Body normalization: leading newlines are stripped (`/^\n+/`). This
+ *     collapses the assorted `body.replace(/^\n+/, "")` /
+ *     `body.startsWith("\n") ? "" : "\n" + body` / bare `${body}` patterns
+ *     onto the most aggressive existing normalizer.
+ */
+import { stringify as yamlStringify } from "yaml";
+/**
+ * Serialize a frontmatter object to its on-disk YAML form, without `---`
+ * fences and without a trailing newline.
+ *
+ * Two calls with the same input produce byte-identical output. Field order is
+ * preserved from the input object's insertion order — callers control
+ * ordering, the helper never reorders.
+ */
+export function serializeFrontmatter(frontmatter) {
+    return yamlStringify(frontmatter).trimEnd();
+}
+/**
+ * Assemble a complete asset file string from a frontmatter object and a body.
+ *
+ * Output shape: `---\n<yaml>\n---\n\n<body>\n` where:
+ *   - `<yaml>` is `serializeFrontmatter(frontmatter)`.
+ *   - `<body>` has any leading `\n` characters stripped.
+ *   - Exactly one `\n` terminates the file.
+ *
+ * Idempotent under round-trip through the project's `parseFrontmatter`.
+ */
+export function assembleAsset(frontmatter, body) {
+    return assembleAssetFromString(serializeFrontmatter(frontmatter), body);
+}
+/**
+ * Same fence/body assembly as `assembleAsset` but takes a pre-serialized
+ * frontmatter string. Use this when a caller needs its own frontmatter
+ * serializer (e.g. defensive single-line flattening for untrusted LLM
+ * output, or JSON.stringify-per-value for guaranteed-quoted scalars) while
+ * still sharing the canonical fence-and-body template.
+ *
+ * The `serializedFm` argument must already match `serializeFrontmatter`'s
+ * contract: no `---` fences, no trailing newline. Trailing whitespace is
+ * trimmed defensively.
+ *
+ * Output contract — identical to `assembleAsset`:
+ *   - `---\n<serializedFm>\n---\n\n<body>\n`
+ *   - body has leading `\n` characters stripped
+ *   - exactly one `\n` terminates the file
+ *
+ * This helper is the single point of truth for the fence-and-body template.
+ * Three command surfaces (`reflect`, `distill`, `consolidate`) call it
+ * directly because their inputs are pre-validated LLM payloads where the
+ * full `yamlStringify` may emit shapes (`|`-block scalars, anchors) that
+ * the project's hand-rolled `parseFrontmatter` subset parser cannot read.
+ */
+export function assembleAssetFromString(serializedFm, body) {
+    const yaml = serializedFm.replace(/\s+$/, "");
+    const normalizedBody = body.replace(/^\n+/, "");
+    const withTrailingNewline = normalizedBody.endsWith("\n") ? normalizedBody : `${normalizedBody}\n`;
+    return `---\n${yaml}\n---\n\n${withTrailingNewline}`;
+}

package/dist/core/asset-spec.js

@@ -1,7 +1,11 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 import path from "node:path";
 import { buildWorkflowAction } from "../output/renderers";
 import { registerActionBuilder, registerTypeRenderer } from "./asset-registry";
 import { toPosix } from "./common";
+const buildTaskAction = (ref) => `akm tasks show ${ref.replace(/^task:/, "")} -> inspect; akm tasks run <id> -> run now; akm tasks remove <id> -> unschedule`;
 const markdownSpec = {
     isRelevantFile: (fileName) => path.extname(fileName).toLowerCase() === ".md",
     toCanonicalName: (typeRoot, filePath) => {
@@ -62,6 +66,34 @@ const ASSET_SPECS_INTERNAL = {
     },
     script: { stashDir: "scripts", ...scriptSpec },
     memory: { stashDir: "memories", ...markdownSpec },
+    // Environment assets — whole `.env` files sourced/injected wholesale. Replaces
+    // the deprecated `vault` type (see below). Key NAMES + start-of-line comments
+    // are surfaced as metadata; values are never read for indexing.
+    env: {
+        stashDir: "env",
+        isRelevantFile: (fileName) => fileName === ".env" || fileName.endsWith(".env"),
+        toCanonicalName: (typeRoot, filePath) => {
+            const rel = toPosix(path.relative(typeRoot, filePath));
+            const fileName = path.basename(rel);
+            // Treat ".env" as the "default" env; "<name>.env" → "<name>"
+            if (fileName === ".env") {
+                const dir = path.dirname(rel);
+                return dir === "." || dir === "" ? "default" : `${dir}/default`;
+            }
+            const stripped = rel.endsWith(".env") ? rel.slice(0, -4) : rel;
+            return stripped;
+        },
+        toAssetPath: (typeRoot, name) => {
+            if (name === "default")
+                return path.join(typeRoot, ".env");
+            return path.join(typeRoot, name.endsWith(".env") ? name : `${name}.env`);
+        },
+        rendererName: "env-file",
+        actionBuilder: (ref) => `akm show ${ref} -> inspect key names; akm env run ${ref} -- <command> -> run with the whole .env injected (values never reach stdout); akm env export ${ref} --out <file> -> write a sourceable script to a file`,
+    },
+    // DEPRECATED in 0.8.0, removed in 0.9.0 — use `env` instead. Retained so the
+    // frozen `vaults/` copy left by the migration still resolves and so existing
+    // `vault:` refs keep working through the deprecation window.
     vault: {
         stashDir: "vaults",
         isRelevantFile: (fileName) => fileName === ".env" || fileName.endsWith(".env"),
@@ -82,7 +114,23 @@ const ASSET_SPECS_INTERNAL = {
             return path.join(typeRoot, name.endsWith(".env") ? name : `${name}.env`);
         },
         rendererName: "vault-env",
-        actionBuilder: (ref) => `akm vault list ${ref} -> see key names; eval "$(akm vault load ${ref})" -> load values into the current shell (values never echoed)`,
+        actionBuilder: (ref) => `DEPRECATED (use env): akm show ${ref} -> inspect key names; akm env run ${ref} -- <command> -> run with injected env`,
+    },
+    // Secrets — a single sensitive value used on its own for authentication (a
+    // PEM key, API token, TLS cert). Unlike `env` (a group of related .env
+    // configuration), the ENTIRE file is the one secret value — there is no safe
+    // region to parse, so only the filename is ever surfaced as metadata. The
+    // value reaches a command only via `akm secret run` (injected into a child
+    // env var) or `akm secret path` (Docker `_FILE` convention). A secret is any
+    // regular file under `secrets/` except `.lock`/`.sensitive` sidecars; the
+    // canonical name preserves the natural filename (e.g. `id_rsa`, `team/deploy.key`).
+    secret: {
+        stashDir: "secrets",
+        isRelevantFile: (fileName) => !fileName.endsWith(".lock") && !fileName.endsWith(".sensitive"),
+        toCanonicalName: (typeRoot, filePath) => toPosix(path.relative(typeRoot, filePath)),
+        toAssetPath: (typeRoot, name) => path.join(typeRoot, name),
+        rendererName: "secret-file",
+        actionBuilder: (ref) => `akm show ${ref} -> name only (value never shown); akm secret path ${ref} -> file path; akm secret run ${ref} <VAR> -- <command> -> run with value injected into $VAR`,
     },
     wiki: {
         stashDir: "wikis",
@@ -102,6 +150,24 @@ const ASSET_SPECS_INTERNAL = {
         rendererName: "lesson-md",
         actionBuilder: (ref) => `akm show ${ref} -> read the lesson and apply when_to_use`,
     },
+    // Scheduled tasks. A task file pairs a cron-style schedule with a target
+    // (workflow ref, prompt, or command) that `akm tasks` registers with the
+    // OS-native scheduler (cron / launchd / schtasks). Stored as pure YAML
+    // under <stash>/tasks/<id>.yml.
+    task: {
+        stashDir: "tasks",
+        isRelevantFile: (fileName) => path.extname(fileName).toLowerCase() === ".yml",
+        toCanonicalName: (typeRoot, filePath) => {
+            const rel = toPosix(path.relative(typeRoot, filePath));
+            return rel.endsWith(".yml") ? rel.slice(0, -4) : rel;
+        },
+        toAssetPath: (typeRoot, name) => {
+            const withExt = name.endsWith(".yml") ? name : `${name}.yml`;
+            return path.join(typeRoot, withExt);
+        },
+        rendererName: "task-yaml",
+        actionBuilder: buildTaskAction,
+    },
 };
 export const ASSET_SPECS = ASSET_SPECS_INTERNAL;
 /**

package/dist/core/common.js

@@ -1,23 +1,116 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+import crypto from "node:crypto";
 import fs from "node:fs";
 import path from "node:path";
 import { TYPE_DIRS } from "./asset-spec";
 import { ConfigError } from "./errors";
 import { getConfigPath, getDefaultStashDir } from "./paths";
+// ── Types ───────────────────────────────────────────────────────────────────
+export const ASSET_TYPES = [
+    "skill",
+    "command",
+    "agent",
+    "knowledge",
+    "workflow",
+    "script",
+    "memory",
+    "env",
+    "vault",
+    "secret",
+    "wiki",
+    "lesson",
+];
+export const ASSET_TYPE_SET = new Set(ASSET_TYPES);
 // ── Constants ───────────────────────────────────────────────────────────────
 export const IS_WINDOWS = process.platform === "win32";
 export function isHttpUrl(value) {
     return !!value && /^https?:\/\//.test(value);
 }
+/**
+ * Returns `true` when `value` looks like a remote URL that a VCS or HTTP
+ * fetch can access. Covers http/https, git@, ssh://, and git:// schemes.
+ * Consolidates the repeated inline URL-detection pattern in source-manage.ts.
+ */
+export function isRemoteUrl(value) {
+    if (!value)
+        return false;
+    return (value.startsWith("http://") ||
+        value.startsWith("https://") ||
+        value.startsWith("git@") ||
+        value.startsWith("ssh://") ||
+        value.startsWith("git://"));
+}
 export function filterNonEmptyStrings(value) {
     if (!Array.isArray(value))
         return undefined;
     return value.filter((entry) => typeof entry === "string" && entry.trim().length > 0);
 }
 // ── Validators ──────────────────────────────────────────────────────────────
+/**
+ * Returns true if `type` is a known asset type — either a built-in from
+ * {@link ASSET_TYPES} or one dynamically registered via `registerAssetType`.
+ *
+ * The type guard narrows to `AkmAssetType` for all built-in types. Dynamic
+ * types (e.g. registered by plugins) are also accepted at runtime, but the
+ * type system treats them as `AkmAssetType` via assertion since they are not
+ * part of the static union.
+ */
 export function isAssetType(type) {
     return Object.hasOwn(TYPE_DIRS, type);
 }
 // ── Utilities ───────────────────────────────────────────────────────────────
+/**
+ * Write content to a file atomically via a temp file + rename.
+ * Prevents partial-write corruption on crash.
+ * The temp file is opened with the target `mode` (default 0o600) from the
+ * start, so it is never world-readable even briefly.
+ *
+ * Durability: fsync'd against the May 2026 config-clobber incident (#472).
+ * On ext4 (data=ordered) and NVMe-with-TRIM, a power-loss inside the kernel
+ * writeback window could leave the renamed file truncated to zero — defeating
+ * the purpose of the atomic rename. We:
+ *   1. fdatasync the temp fd before close, so the data is on disk before the
+ *      rename observes it.
+ *   2. fsync the parent directory after rename, so the directory entry change
+ *      is durable too. Some filesystems (FAT, certain FUSE mounts) don't
+ *      support directory fsync; we ignore EINVAL/ENOTSUP so atomic writes
+ *      don't fail on exotic mounts.
+ */
+export function writeFileAtomic(target, content, mode) {
+    const tmp = `${target}.tmp.${process.pid}.${crypto.randomBytes(8).toString("hex")}`;
+    const fd = fs.openSync(tmp, "w", mode ?? 0o600);
+    try {
+        fs.writeSync(fd, content);
+        try {
+            fs.fdatasyncSync(fd);
+        }
+        catch {
+            // Best-effort: some pseudo-filesystems lack fdatasync. Fall through
+            // to closeSync — the rename below still preserves atomicity even if
+            // the data isn't durable, and the calling code's retry will recover.
+        }
+    }
+    finally {
+        fs.closeSync(fd);
+    }
+    fs.renameSync(tmp, target);
+    try {
+        const dirFd = fs.openSync(path.dirname(target), "r");
+        try {
+            fs.fsyncSync(dirFd);
+        }
+        finally {
+            fs.closeSync(dirFd);
+        }
+    }
+    catch {
+        // Directory fsync is unsupported on FAT, some FUSE mounts, and Windows
+        // (where directories cannot be opened for read like POSIX). Silently
+        // ignore so writeFileAtomic remains portable.
+    }
+}
 /**
  * Resolve the stash directory using a three-level fallback chain:
  *   1. AKM_STASH_DIR environment variable (override for CI/scripts)
@@ -329,3 +422,92 @@ function parseRetryAfter(response) {
 export function toErrorMessage(error) {
     return error instanceof Error ? error.message : String(error);
 }
+// ── Date / timestamp utilities ───────────────────────────────────────────────
+/**
+ * Return today's date in ISO-8601 format (`YYYY-MM-DD`).
+ * Consolidates the `new Date().toISOString().slice(0, 10)` pattern that
+ * appears at multiple call sites.
+ */
+export function todayIso() {
+    return new Date().toISOString().slice(0, 10);
+}
+/**
+ * Return a filesystem-safe timestamp string derived from the current instant.
+ * Colons and dots are replaced with hyphens so the result is safe as a
+ * filename component on all platforms (e.g. `2024-01-15T10-30-00-000Z`).
+ */
+export function timestampForFilename() {
+    return new Date().toISOString().replace(/[:.]/g, "-");
+}
+// ── String coercion ──────────────────────────────────────────────────────────
+/**
+ * Return the trimmed string value if non-empty, otherwise `undefined`.
+ * Consolidates `toStringOrUndefined` (frontmatter.ts), `asNonEmptyString`
+ * (config.ts), and `firstString` (memory-improve.ts) — all had the same
+ * "return a string or undefined" contract with minor semantic differences.
+ */
+export function asNonEmptyString(value) {
+    if (typeof value !== "string")
+        return undefined;
+    const trimmed = value.trim();
+    return trimmed.length > 0 ? trimmed : undefined;
+}
+// ── Generic data utilities ───────────────────────────────────────────────────
+/**
+ * Return the trimmed string if non-empty, otherwise `undefined`.
+ * Equivalent to `firstString` previously defined in `memory-improve.ts`.
+ */
+export function firstString(value) {
+    return typeof value === "string" && value.trim().length > 0 ? value.trim() : undefined;
+}
+/**
+ * Coerce an unknown value to a filtered, trimmed string array.
+ * Non-strings and empty/whitespace-only entries are dropped.
+ */
+export function stringArray(value) {
+    if (!Array.isArray(value))
+        return [];
+    const out = [];
+    for (const item of value) {
+        if (typeof item === "string" && item.trim().length > 0)
+            out.push(item.trim());
+    }
+    return out;
+}
+/**
+ * Group an array of values by a string key derived from each element.
+ * Returns a `Map` so insertion order within each group is preserved.
+ */
+/**
+ * Return true if a process with the given PID is currently alive.
+ * Uses `process.kill(pid, 0)` which does not deliver a signal but
+ * throws ESRCH when the process does not exist.
+ */
+export function isProcessAlive(pid) {
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Convert a number of days to milliseconds. Consolidates the
+ * `N * 24 * 60 * 60 * 1000` pattern used throughout the cooldown logic.
+ */
+export function daysToMs(days) {
+    return days * 86_400_000;
+}
+export function groupBy(values, keyFn) {
+    const groups = new Map();
+    for (const value of values) {
+        const key = keyFn(value);
+        const existing = groups.get(key);
+        if (existing)
+            existing.push(value);
+        else
+            groups.set(key, [value]);
+    }
+    return groups;
+}

package/dist/core/concurrent.js

@@ -0,0 +1,25 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+/**
+ * Maps over items concurrently with a pool size limit.
+ * Uses Promise.allSettled semantics — one failure does not cancel others.
+ */
+export async function concurrentMap(items, fn, concurrency = 1) {
+    const results = new Array(items.length).fill(undefined);
+    let nextIndex = 0;
+    async function worker() {
+        while (nextIndex < items.length) {
+            const i = nextIndex++;
+            try {
+                results[i] = await fn(items[i], i);
+            }
+            catch {
+                // individual failure: leave undefined, caller checks
+            }
+        }
+    }
+    const workers = Array.from({ length: Math.min(concurrency, items.length) }, worker);
+    await Promise.all(workers);
+    return results;
+}