apcore-js 0.1.0

package/.claude/settings.local.json

@@ -0,0 +1,11 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(npx vitest run:*)",
+      "Bash(npm test:*)",
+      "Bash(npx tsc:*)",
+      "Bash(wc:*)",
+      "Bash(ls:*)"
+    ]
+  }
+}

package/.gitmessage

@@ -0,0 +1,60 @@
+# <type>(<scope>): <subject>
+#
+# <body>
+#
+# <footer>
+
+# Type must be one of the following:
+#   feat:     A new feature
+#   fix:      A bug fix
+#   docs:     Documentation only changes
+#   style:    Changes that do not affect the meaning of the code
+#   refactor: A code change that neither fixes a bug nor adds a feature
+#   perf:     A code change that improves performance
+#   test:     Adding missing tests or correcting existing tests
+#   chore:    Changes to the build process or auxiliary tools
+#   ci:       Changes to CI configuration files and scripts
+
+# Scope is optional and can be anything specifying the place of the commit change.
+# Examples: api, core, storage, cli, stdio, etc.
+
+# Subject should be:
+#   - Use imperative, present tense: "change" not "changed" nor "changes"
+#   - Don't capitalize first letter
+#   - No dot (.) at the end
+#   - Maximum 72 characters
+
+# Body should include:
+#   - Motivation for the change and contrast with previous behavior
+#   - What changed and why
+#   - Any breaking changes
+
+# Footer should contain:
+#   - Breaking changes (start with BREAKING CHANGE:)
+#   - Issue references (Closes #123, Fixes #456)
+
+# Examples:
+#   feat(stdio): add stdio executor for process execution
+#
+#   Implement a new stdio executor that allows executing system commands
+#   and processes via stdin/stdout communication, similar to MCP stdio
+#   transport mode. This enables flexible task execution through shell
+#   commands and Python scripts.
+#
+#   - Add StdioExecutor class with command execution support
+#   - Add system resource monitoring (CPU, memory, disk)
+#   - Support async process communication
+#   - Add comprehensive error handling and logging
+#
+#   Closes #123
+
+#   refactor(core): extract shared types to core.types module
+#
+#   Move common type definitions from various modules to a centralized
+#   core.types module to avoid circular dependencies and improve code
+#   organization.
+#
+#   - Add TaskPreHook and TaskPostHook type aliases
+#   - Move TaskStatus enum to core.types
+#   - Update imports across affected modules
+

package/.pre-commit-config.yaml

@@ -0,0 +1,28 @@
+repos:
+
+  # apdev-js hooks
+  - repo: local
+    hooks:
+      - id: check-chars
+        name: apdev-js check-chars
+        entry: apdev-js check-chars
+        language: system
+        types_or: [text, ts, javascript]
+
+      - id: check-imports
+        name: apdev-js check-imports
+        entry: apdev-js check-imports
+        language: system
+        pass_filenames: false
+        always_run: true
+
+  # TypeScript type checking
+  - repo: local
+    hooks:
+      - id: typecheck
+        name: tsc --noEmit
+        entry: npx tsc --noEmit
+        language: system
+        pass_filenames: false
+        always_run: true
+        files: \.(ts|tsx)$

package/CHANGELOG.md

@@ -0,0 +1,47 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0] - 2026-02-16
+
+### Added
+
+- **Core executor** — 10-step async execution pipeline with timeout support via `Promise.race`
+- **Context system** — Execution context with trace IDs, call chains, identity, and redacted inputs
+- **Config** — Dot-path configuration accessor
+- **Registry system**
+  - File-based module discovery (`scanExtensions`, `scanMultiRoot`)
+  - Dynamic entry point resolution with duck-type validation
+  - YAML metadata loading and merging (code values + YAML overrides)
+  - Dependency parsing with topological sort (Kahn's algorithm) and cycle detection
+  - ID map support for custom module IDs
+  - Schema export in JSON/YAML with strict and compact modes
+- **FunctionModule** — Schema-driven module wrapper with TypeBox schemas
+- **Binding loader** — YAML-based module registration with three schema modes (inline, external ref, permissive fallback)
+- **ACL (Access Control List)**
+  - Pattern-based rules with glob matching
+  - Identity type and role-based conditions
+  - Call depth conditions
+  - Dynamic rule management (`addRule`, `removeRule`, `reload`)
+  - YAML configuration loading
+- **Middleware system**
+  - Onion-model execution (before forward, after reverse)
+  - Error recovery via `onError` hooks
+  - `BeforeMiddleware` and `AfterMiddleware` adapters
+  - `LoggingMiddleware` for structured execution logging
+- **Observability**
+  - **Tracing** — Span creation, `InMemoryExporter`, `StdoutExporter`, `TracingMiddleware` with sampling strategies (full, off, proportional, error_first)
+  - **Metrics** — `MetricsCollector` with counters, histograms, Prometheus text format export, `MetricsMiddleware`
+  - **Logging** — `ContextLogger` with JSON/text formats, level filtering, `_secret_` field redaction, `ObsLoggingMiddleware`
+- **Schema system**
+  - JSON Schema to TypeBox conversion
+  - `$ref` resolution
+  - Schema validation
+  - Strict transforms (`additionalProperties: false`)
+  - LLM description injection and extension stripping
+- **Error hierarchy** — 20+ typed error classes with error codes, details, trace IDs, and timestamps
+- **Pattern matching** — Glob-style pattern matching for ACL rules and module targeting
+- **Comprehensive test suite** — 385 tests across 29 test files

package/CLAUDE.md

@@ -0,0 +1,68 @@
+# High-Quality Code Specification – Simplicity, Readability, and Maintainability First
+
+## Project Overview
+The core of `apcore` is **task orchestration and execution specifications**. It provides a unified task orchestration framework that supports execution of multiple task types.
+
+## Core Principles
+- Prioritize **simplicity, readability, and maintainability** above all.
+- Avoid premature abstraction, optimization, or over-engineering.
+- Code should be understandable in ≤10 seconds; favor straightforward over clever.
+- Always follow: Understand → Plan → Implement minimally → Test/Validate → Commit.
+
+## TypeScript Code Quality
+
+### Readability
+- Use precise, full-word names (standard abbreviations only when conventional).
+- Functions ≤50 lines, single responsibility, verb-named.
+- Avoid obscure tricks, excessive generics, or unnecessary abstraction layers.
+- Break complex logic into small, well-named helpers.
+
+### Types (Mandatory)
+- Full type annotations on all public APIs and function signatures.
+- Avoid `any` except for dynamic/external data; prefer `unknown` with narrowing.
+- Prefer `interface` for object shapes, `type` for unions/intersections.
+- Use `readonly` for immutable data structures.
+
+### Design
+- Favor functional style + plain objects; minimize class inheritance.
+- Composition > inheritance; use `interface` only for true contracts.
+- No circular imports.
+- Dependency injection for config, logging, external services, etc.
+
+### Errors & Resources
+- Explicit error handling; no bare `catch {}` that swallows errors silently.
+- Use `try/finally` or equivalent cleanup patterns for resources.
+- Validate/sanitize all public inputs.
+
+### Logging
+- Use `console.warn` for warnings in library code.
+- Prefix log messages with `[apcore:<subsystem>]` for traceability.
+- No `console.log` in production code paths.
+
+### Testing
+- Unit tests in `tests/`, ≥90% coverage on core logic.
+- Test files named: `test-<unit>.test.ts`.
+- Test cases named descriptively: `it('throws X when Y', ...)`.
+- Never change production code without updating tests.
+- Use `vitest` as test runner.
+
+### Build & Checks
+- After changes, always run:
+  - `npx tsc --noEmit` (type checking)
+  - `npx vitest run` (tests)
+- Zero errors before commit.
+
+### Module System
+- ESM only (`"type": "module"` in package.json).
+- All imports must use `.js` extension (NodeNext resolution).
+- Use `@sinclair/typebox` for runtime schema definitions.
+
+### Security & Performance
+- Never hardcode secrets; use env/config.
+- Validate/sanitize inputs at system boundaries.
+- Avoid unjustified quadratic+ complexity in hot paths.
+
+## General Guidelines
+- English ONLY for comments, JSDoc, logs, errors, commit messages.
+- Fully understand surrounding code before changes.
+- Do not generate unnecessary documentation, examples, or stubs unless explicitly requested.

package/README.md

@@ -0,0 +1,131 @@
+<div align="center">
+  <img src="./apcore-logo.svg" alt="apcore logo" width="200"/>
+</div>
+
+# apcore
+
+**AI-Perceivable Core** — A schema-driven module development framework for TypeScript.
+
+apcore provides a unified task orchestration framework with schema validation, access control, middleware pipelines, and observability built in.
+
+## Features
+
+- **Schema-driven modules** — Define input/output schemas with TypeBox for runtime validation
+- **Executor pipeline** — 10-step execution pipeline: context → safety checks → lookup → ACL → validation → middleware before → execute → output validation → middleware after → return
+- **Registry system** — File-based module discovery with metadata, dependencies, and topological ordering
+- **Binding loader** — YAML-based module registration for no-code integration
+- **Access control (ACL)** — Pattern-based rules with identity types, roles, and call-depth conditions
+- **Middleware** — Onion-model middleware with before/after/onError hooks and error recovery
+- **Observability** — Tracing (spans + exporters), metrics (counters + histograms + Prometheus export), structured logging with redaction
+- **Schema export** — JSON/YAML schema export with strict and compact modes
+
+## Requirements
+
+- Node.js >= 18.0.0
+- TypeScript >= 5.5
+
+## Installation
+
+```bash
+npm install apcore-js
+```
+
+## Quick Start
+
+```typescript
+import { Type } from '@sinclair/typebox';
+import { FunctionModule, Registry, Executor } from 'apcore-js';
+
+// Define a module
+const greet = new FunctionModule({
+  execute: (inputs) => ({ greeting: `Hello, ${inputs.name}!` }),
+  moduleId: 'example.greet',
+  inputSchema: Type.Object({ name: Type.String() }),
+  outputSchema: Type.Object({ greeting: Type.String() }),
+  description: 'Greet a user',
+});
+
+// Register and execute
+const registry = new Registry();
+registry.register('example.greet', greet);
+
+const executor = new Executor({ registry });
+const result = await executor.call('example.greet', { name: 'World' });
+// => { greeting: 'Hello, World!' }
+```
+
+## Architecture
+
+```
+src/
+  index.ts              # Public API exports
+  executor.ts           # 10-step execution pipeline
+  context.ts            # Execution context and identity
+  config.ts             # Dot-path configuration accessor
+  acl.ts                # Access control with pattern matching
+  decorator.ts          # FunctionModule class and helpers
+  bindings.ts           # YAML binding loader
+  errors.ts             # Error hierarchy (20+ typed errors)
+  module.ts             # Module types and annotations
+  middleware/
+    base.ts             # Middleware base class
+    manager.ts          # MiddlewareManager (onion model)
+    adapters.ts         # BeforeMiddleware, AfterMiddleware adapters
+    logging.ts          # LoggingMiddleware
+  registry/
+    registry.ts         # Registry with discover() pipeline
+    scanner.ts          # File-based module discovery
+    entry-point.ts      # Dynamic import and entry point resolution
+    metadata.ts         # YAML metadata and ID map loading
+    dependencies.ts     # Topological sort with cycle detection
+    validation.ts       # Module duck-type validation
+    schema-export.ts    # Schema export (JSON/YAML, strict/compact)
+    types.ts            # Registry type definitions
+  schema/
+    loader.ts           # JSON Schema to TypeBox conversion
+    validator.ts        # Schema validation
+    exporter.ts         # Schema serialization
+    ref-resolver.ts     # $ref resolution
+    strict.ts           # Strict schema transforms
+    types.ts            # Schema type definitions
+  observability/
+    tracing.ts          # Span, SpanExporter, TracingMiddleware
+    metrics.ts          # MetricsCollector, MetricsMiddleware
+    context-logger.ts   # ContextLogger, ObsLoggingMiddleware
+  utils/
+    pattern.ts          # Glob-style pattern matching
+```
+
+## Development
+
+```bash
+# Install dependencies
+npm install
+
+# Type check
+npm run typecheck
+
+# Run tests
+npm test
+
+# Run tests in watch mode
+npm run test:watch
+
+# Build
+npm run build
+```
+
+## Testing
+
+- Core executor pipeline
+- Schema validation (strict mode, type coercion)
+- Middleware chain (ordering, transforms, error recovery)
+- ACL enforcement (patterns, conditions, identity types)
+- Registry system (scanner, metadata, entry points, dependencies)
+- Binding loader (YAML loading, target resolution, schema modes)
+- Observability (tracing, metrics, structured logging)
+- Integration tests (end-to-end flows, error propagation, safety checks)
+
+## License
+
+MIT

package/apcore-logo.svg

@@ -0,0 +1,79 @@
+<svg width="512" height="512" viewBox="46 70 420 420" xmlns="http://www.w3.org/2000/svg">
+  <!-- apcore jellyfish logo - cartoon ocean mascot -->
+
+  <defs>
+    <!-- Bell radial gradient: bright center → deep indigo edge -->
+    <radialGradient id="bellGrad" cx="50%" cy="45%" r="50%">
+      <stop offset="0%" stop-color="#818CF8"/>
+      <stop offset="100%" stop-color="#4338CA"/>
+    </radialGradient>
+
+    <!-- Bioluminescence glow -->
+    <radialGradient id="glowGrad" cx="50%" cy="50%" r="50%">
+      <stop offset="0%" stop-color="#67E8F9" stop-opacity="0.4"/>
+      <stop offset="100%" stop-color="#67E8F9" stop-opacity="0"/>
+    </radialGradient>
+
+    <!-- Tentacle gradients (top solid → bottom fade) -->
+    <linearGradient id="tentGrad1" x1="0" y1="0" x2="0" y2="1">
+      <stop offset="0%" stop-color="#6366F1"/>
+      <stop offset="100%" stop-color="#4F46E5" stop-opacity="0"/>
+    </linearGradient>
+    <linearGradient id="tentGrad2" x1="0" y1="0" x2="0" y2="1">
+      <stop offset="0%" stop-color="#818CF8"/>
+      <stop offset="100%" stop-color="#6366F1" stop-opacity="0"/>
+    </linearGradient>
+  </defs>
+
+  <!-- Tentacles (behind bell) - 6 flowing tentacles -->
+  <!-- Outer left tentacle -->
+  <path d="M 175,300 C 160,350 145,390 155,430 Q 162,455 150,470"
+        stroke="url(#tentGrad1)" stroke-width="8" fill="none" stroke-linecap="round"/>
+  <!-- Inner left tentacle -->
+  <path d="M 210,310 C 200,360 188,400 195,445 Q 200,465 190,480"
+        stroke="url(#tentGrad2)" stroke-width="7" fill="none" stroke-linecap="round"/>
+  <!-- Center left tentacle -->
+  <path d="M 245,310 C 240,365 235,410 242,455 Q 248,475 240,490"
+        stroke="url(#tentGrad1)" stroke-width="6" fill="none" stroke-linecap="round"/>
+  <!-- Center right tentacle -->
+  <path d="M 267,310 C 272,365 277,410 270,455 Q 264,475 272,490"
+        stroke="url(#tentGrad1)" stroke-width="6" fill="none" stroke-linecap="round"/>
+  <!-- Inner right tentacle -->
+  <path d="M 302,310 C 312,360 324,400 317,445 Q 312,465 322,480"
+        stroke="url(#tentGrad2)" stroke-width="7" fill="none" stroke-linecap="round"/>
+  <!-- Outer right tentacle -->
+  <path d="M 337,300 C 352,350 367,390 357,430 Q 350,455 362,470"
+        stroke="url(#tentGrad1)" stroke-width="8" fill="none" stroke-linecap="round"/>
+
+  <!-- Bell (dome body) -->
+  <path d="M 130,290 C 130,150 190,80 256,80 C 322,80 382,150 382,290 Q 382,310 256,310 Q 130,310 130,290 Z"
+        fill="url(#bellGrad)"/>
+
+  <!-- Bell rim / ruffle -->
+  <path d="M 130,290 Q 150,318 175,298 Q 200,318 225,298 Q 250,318 268,298 Q 290,318 312,298 Q 335,318 355,298 Q 375,318 382,290"
+        fill="#4338CA" opacity="0.6"/>
+
+  <!-- Bioluminescence glow overlay -->
+  <ellipse cx="256" cy="210" rx="100" ry="90" fill="url(#glowGrad)"/>
+
+  <!-- Bell highlight (specular) -->
+  <ellipse cx="230" cy="160" rx="55" ry="35" fill="#A5B4FC" opacity="0.3"/>
+
+  <!-- Eyes -->
+  <ellipse cx="222" cy="215" rx="22" ry="24" fill="white"/>
+  <ellipse cx="290" cy="215" rx="22" ry="24" fill="white"/>
+  <!-- Pupils -->
+  <circle cx="228" cy="220" r="13" fill="#1E1B4B"/>
+  <circle cx="296" cy="220" r="13" fill="#1E1B4B"/>
+  <!-- Eye highlights -->
+  <circle cx="233" cy="212" r="6" fill="white"/>
+  <circle cx="301" cy="212" r="6" fill="white"/>
+
+  <!-- Smile -->
+  <path d="M 240,252 Q 256,268 272,252"
+        stroke="#312E81" stroke-width="3.5" fill="none" stroke-linecap="round"/>
+
+  <!-- Cheek blush -->
+  <ellipse cx="205" cy="242" rx="14" ry="9" fill="#C4B5FD" opacity="0.45"/>
+  <ellipse cx="307" cy="242" rx="14" ry="9" fill="#C4B5FD" opacity="0.45"/>
+</svg>

package/package.json

@@ -0,0 +1,37 @@
+{
+  "name": "apcore-js",
+  "version": "0.1.0",
+  "description": "AI-Perceivable Core — schema-driven module development framework",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "@sinclair/typebox": "^0.34.0",
+    "js-yaml": "^4.1.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.5.0",
+    "@types/node": "^20.0.0",
+    "@types/js-yaml": "^4.0.9",
+    "apdev-js": "^0.1.1",
+    "vitest": "^2.0.0",
+    "@vitest/coverage-v8": "^2.0.0"
+  }
+}

package/planning/acl-system/overview.md

@@ -0,0 +1,54 @@
+# Feature: ACL System
+
+## Overview
+
+The ACL (Access Control List) system provides pattern-based access control for apcore module calls. It evaluates caller-to-target permissions using a first-match-wins strategy over an ordered rule list. Each rule specifies caller patterns, target patterns, an effect (allow/deny), and optional conditions (identity types, roles, call depth). The `ACL` class supports runtime rule mutation (`addRule`, `removeRule`), YAML-based configuration loading via a static `load()` factory, and live `reload()` for configuration hot-swapping. Pattern matching uses a wildcard algorithm (Algorithm A08) that supports `*` globs in module IDs.
+
+## Scope
+
+### Included
+
+- `ACLRule` interface defining the structure of access control rules (callers, targets, effect, description, conditions)
+- `ACL` class with `check()` for first-match-wins evaluation, `addRule()` for prepending rules, `removeRule()` for removal by caller/target match via `JSON.stringify` comparison
+- Static `ACL.load()` factory for loading rules from YAML configuration files with strict validation
+- `reload()` method for hot-reloading YAML-based configuration without reconstructing the ACL instance
+- `matchPattern()` wildcard utility (Algorithm A08) for glob-style module ID matching
+- Special caller tokens: `@external` (null caller substitution), `@system` (identity type check)
+- Conditional rule evaluation: `identity_types`, `roles`, `max_call_depth` with AND logic
+- Error types: `ACLDeniedError` (thrown by executor on denial), `ACLRuleError` (invalid rules/config), `ConfigNotFoundError` (missing YAML)
+
+### Excluded
+
+- Executor integration (the executor consumes `ACL.check()` as a dependency)
+- Thread locking or concurrency guards (Node.js single-threaded event loop eliminates the need)
+- Debug logging (identified gap vs. Python implementation; not included in current scope)
+- Role or identity management (consumed from `Context.identity`)
+
+## Technology Stack
+
+- **TypeScript 5.5+** with strict mode
+- **js-yaml** for YAML configuration parsing
+- **Node.js >= 18.0.0** with ES Module support (`node:fs` for file I/O)
+- **vitest** for unit and integration testing
+
+## Task Execution Order
+
+| # | Task File | Description | Status |
+|---|-----------|-------------|--------|
+| 1 | [acl-rule](./tasks/acl-rule.md) | ACLRule interface definition | completed |
+| 2 | [acl-core](./tasks/acl-core.md) | ACL class with check(), addRule(), removeRule(), default effect | completed |
+| 3 | [pattern-matching](./tasks/pattern-matching.md) | matchPattern() wildcard matching (Algorithm A08) | completed |
+| 4 | [yaml-loading](./tasks/yaml-loading.md) | ACL.load() from YAML with strict validation, reload() support | completed |
+| 5 | [conditional-rules](./tasks/conditional-rules.md) | _checkConditions() with identity_types, roles, max_call_depth | completed |
+
+## Progress
+
+| Total | Completed | In Progress | Pending |
+|-------|-----------|-------------|---------|
+| 5     | 5         | 0           | 0       |
+
+## Reference Documents
+
+- `src/acl.ts` -- ACL class and ACLRule interface (~188 lines)
+- `src/utils/pattern.ts` -- matchPattern wildcard utility (~30 lines)
+- `src/errors.ts` -- ACLDeniedError, ACLRuleError, ConfigNotFoundError

package/planning/acl-system/plan.md

@@ -0,0 +1,92 @@
+# Implementation Plan: ACL System
+
+## Goal
+
+Implement a pattern-based access control list that evaluates caller-to-target module permissions using first-match-wins semantics, supporting wildcard patterns, conditional rules, YAML-based configuration, and runtime rule mutation.
+
+## Architecture Design
+
+### Component Structure
+
+- **ACL** (`acl.ts`, ~188 lines) -- Main access control class. Holds an ordered array of `ACLRule` objects and a `_defaultEffect` (default `'deny'`). Provides `check(callerId, targetId, context?)` for permission evaluation, `addRule(rule)` to prepend a rule, `removeRule(callers, targets)` to remove by JSON-stringified comparison, and `reload()` for hot-swapping YAML-loaded rules. Static `load(yamlPath)` factory parses and validates YAML configuration files.
+
+- **ACLRule** (`acl.ts`) -- Interface defining a single access control rule: `callers` (string array of patterns), `targets` (string array of patterns), `effect` (`'allow'` or `'deny'`), `description` (string), and optional `conditions` record. Conditions are evaluated with AND logic across all present keys.
+
+- **matchPattern** (`utils/pattern.ts`, ~30 lines) -- Standalone wildcard pattern matcher implementing Algorithm A08. Splits the pattern on `*` delimiters and verifies each segment appears in order within the module ID string. Handles edge cases: bare `*` matches everything, no `*` means exact match.
+
+- **Error Types** (`errors.ts`) -- `ACLDeniedError` (raised by executor when `check()` returns `false`), `ACLRuleError` (invalid rule structure, bad YAML, missing keys), `ConfigNotFoundError` (YAML file does not exist). All extend `ModuleError` base class.
+
+### Data Flow
+
+The `check()` method evaluates permissions through this pipeline:
+
+1. **Caller Normalization** -- `null` caller is replaced with `'@external'`
+2. **Rule Snapshot** -- Shallow copy of `_rules` array (safe iteration)
+3. **First-Match-Wins Scan** -- Iterate rules in order:
+   a. **Caller Pattern Match** -- `rule.callers.some(p => _matchPattern(p, caller, context))`
+   b. **Target Pattern Match** -- `rule.targets.some(p => _matchPattern(p, target, context))`
+   c. **Condition Evaluation** -- If `rule.conditions != null`, apply `_checkConditions()`
+   d. **Effect Return** -- If all checks pass, return `rule.effect === 'allow'`
+4. **Default Effect** -- If no rule matches, return `_defaultEffect === 'allow'`
+
+Pattern matching handles three special patterns:
+- `'@external'` -- Exact match against the `@external` sentinel
+- `'@system'` -- Checks `context.identity.type === 'system'`
+- Wildcard patterns -- Delegated to `matchPattern()` from `utils/pattern.ts`
+
+### Technical Choices and Rationale
+
+- **First-match-wins over priority scores**: Simpler mental model; rule ordering in YAML is explicit and deterministic. No conflict resolution needed.
+- **`JSON.stringify` for rule comparison in `removeRule()`**: Pragmatic approach for comparing string arrays without deep-equal dependencies. Suitable since callers/targets are always `string[]`.
+- **No thread locking**: Node.js single-threaded event loop means no concurrent mutation of the rules array. The shallow copy in `check()` guards against mid-iteration `addRule`/`removeRule` calls from synchronous code, but no mutex is needed.
+- **Synchronous YAML loading via `readFileSync`**: ACL configuration is loaded at startup or explicit reload. Synchronous I/O is appropriate for initialization-time config loading.
+- **AND logic for conditions**: All present condition keys must pass for the rule to match. This provides a restrictive-by-default composition model (conditions narrow access rather than broaden it).
+- **No debug logging**: Identified gap vs. Python implementation. The TypeScript ACL omits `debug` flag logging to keep the implementation lean. Can be added later via middleware or observability hooks.
+
+## Task Breakdown
+
+```mermaid
+graph TD
+    T1[acl-rule] --> T2[acl-core]
+    T1 --> T5[conditional-rules]
+    T3[pattern-matching] --> T2
+    T2 --> T4[yaml-loading]
+    T5 --> T2
+```
+
+| Task ID | Title | Estimated Time | Dependencies |
+|---------|-------|---------------|--------------|
+| acl-rule | ACLRule interface definition | 1h | none |
+| acl-core | ACL class with check, addRule, removeRule | 3h | acl-rule, pattern-matching, conditional-rules |
+| pattern-matching | matchPattern() wildcard matching (Algorithm A08) | 2h | none |
+| yaml-loading | ACL.load() from YAML, reload() support | 2h | acl-core |
+| conditional-rules | _checkConditions() with identity_types, roles, max_call_depth | 2h | acl-rule |
+
+## Risks and Considerations
+
+- **Rule ordering sensitivity**: First-match-wins means a broadly-scoped rule placed early can shadow more specific rules. Documentation should emphasize that more specific rules should appear before general rules.
+- **`JSON.stringify` ordering dependency**: `removeRule` relies on `JSON.stringify` producing identical output for identical arrays. This holds for simple `string[]` but would break for arrays containing objects with non-deterministic key order. Current usage is safe since callers/targets are always string arrays.
+- **Synchronous file I/O in `load()`/`reload()`**: Blocks the event loop during YAML parsing. Acceptable for startup configuration but could be problematic if `reload()` is called frequently with large config files.
+- **No validation of condition values at load time**: Condition values (e.g., `identity_types` expected as `string[]`) are validated at match time via type assertions, not at YAML load time. Malformed conditions will only surface when a rule is evaluated.
+- **Debug flag exists but is unused**: The `debug` property is declared on the `ACL` class but no logging is wired up, representing a gap from the Python implementation.
+
+## Acceptance Criteria
+
+- [x] `ACLRule` interface defines callers, targets, effect, description, and optional conditions
+- [x] `ACL.check()` implements first-match-wins evaluation returning `boolean`
+- [x] Null caller is normalized to `'@external'`
+- [x] `@system` pattern checks `context.identity.type === 'system'`
+- [x] `matchPattern()` handles exact, wildcard, prefix, suffix, and multi-segment patterns
+- [x] `ACL.load()` parses YAML, validates structure, and returns configured ACL instance
+- [x] `reload()` re-reads YAML and replaces rules in-place; throws `ACLRuleError` if not loaded from YAML
+- [x] `addRule()` prepends rules; `removeRule()` finds and removes by JSON-stringified caller/target match
+- [x] Conditions (`identity_types`, `roles`, `max_call_depth`) are evaluated with AND logic
+- [x] `ACLRuleError` thrown for invalid config structure; `ConfigNotFoundError` for missing YAML files
+- [x] All tests pass with `vitest`; zero errors from `tsc --noEmit`
+
+## References
+
+- `src/acl.ts` -- ACL class and ACLRule interface
+- `src/utils/pattern.ts` -- matchPattern wildcard utility
+- `src/errors.ts` -- ACLDeniedError, ACLRuleError, ConfigNotFoundError
+- `src/context.ts` -- Context and Identity types (consumed by ACL)