apcore-js 0.4.0 → 0.6.0

package/.gitmessage

@@ -1,60 +0,0 @@
-# <type>(<scope>): <subject>
-#
-# <body>
-#
-# <footer>
-
-# Type must be one of the following:
-#   feat:     A new feature
-#   fix:      A bug fix
-#   docs:     Documentation only changes
-#   style:    Changes that do not affect the meaning of the code
-#   refactor: A code change that neither fixes a bug nor adds a feature
-#   perf:     A code change that improves performance
-#   test:     Adding missing tests or correcting existing tests
-#   chore:    Changes to the build process or auxiliary tools
-#   ci:       Changes to CI configuration files and scripts
-
-# Scope is optional and can be anything specifying the place of the commit change.
-# Examples: api, core, storage, cli, stdio, etc.
-
-# Subject should be:
-#   - Use imperative, present tense: "change" not "changed" nor "changes"
-#   - Don't capitalize first letter
-#   - No dot (.) at the end
-#   - Maximum 72 characters
-
-# Body should include:
-#   - Motivation for the change and contrast with previous behavior
-#   - What changed and why
-#   - Any breaking changes
-
-# Footer should contain:
-#   - Breaking changes (start with BREAKING CHANGE:)
-#   - Issue references (Closes #123, Fixes #456)
-
-# Examples:
-#   feat(stdio): add stdio executor for process execution
-#
-#   Implement a new stdio executor that allows executing system commands
-#   and processes via stdin/stdout communication, similar to MCP stdio
-#   transport mode. This enables flexible task execution through shell
-#   commands and Python scripts.
-#
-#   - Add StdioExecutor class with command execution support
-#   - Add system resource monitoring (CPU, memory, disk)
-#   - Support async process communication
-#   - Add comprehensive error handling and logging
-#
-#   Closes #123
-
-#   refactor(core): extract shared types to core.types module
-#
-#   Move common type definitions from various modules to a centralized
-#   core.types module to avoid circular dependencies and improve code
-#   organization.
-#
-#   - Add TaskPreHook and TaskPostHook type aliases
-#   - Move TaskStatus enum to core.types
-#   - Update imports across affected modules
-

package/.pre-commit-config.yaml

@@ -1,28 +0,0 @@
-repos:
-
-  # apdev-js hooks
-  - repo: local
-    hooks:
-      - id: check-chars
-        name: apdev-js check-chars
-        entry: npx apdev-js check-chars
-        language: system
-        types_or: [text, ts, javascript]
-
-      - id: check-imports
-        name: apdev-js check-imports
-        entry: npx apdev-js check-imports --package apcore-js
-        language: system
-        pass_filenames: false
-        always_run: true
-
-  # TypeScript type checking
-  - repo: local
-    hooks:
-      - id: typecheck
-        name: tsc --noEmit
-        entry: npx tsc --noEmit
-        language: system
-        pass_filenames: false
-        always_run: true
-        files: \.(ts|tsx)$

package/CHANGELOG.md

@@ -1,183 +0,0 @@
-# Changelog
-
-All notable changes to this project will be documented in this file.
-
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
-and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-## [0.4.0] - 2026-02-22
-
-### Changed
-- Improved performance of `Executor.stream()` with optimized buffering.
-
-### Added
-- Introduced `ModuleAnnotations.batchProcessing` for enhanced batch processing capabilities.
-- Added new logging features for better observability in the execution pipeline.
-
-### Fixed
-- Resolved issues with error handling in `context.ts`.
-
-### Co-Authors
-- Claude Opus 4.6 <noreply@anthropic.com>
-- New Contributor <newcontributor@example.com>
-
-### Added
-
-- **Error classes and constants**
-  - `ModuleExecuteError` — New error class for module execution failures
-  - `InternalError` — New error class for general internal errors
-  - `ErrorCodes` — Frozen object with all 26 error code strings for consistent error code usage
-  - `ErrorCode` — Type definition for all error codes
-- **Registry constants**
-  - `REGISTRY_EVENTS` — Frozen object with standard event names (`register`, `unregister`)
-  - `MODULE_ID_PATTERN` — Regex pattern enforcing lowercase/digits/underscores/dots for module IDs (no hyphens allowed to ensure bijective MCP tool name normalization)
-- **Executor methods**
-  - `Executor.callAsync()` — Alias for `call()` for compatibility with MCP bridge packages
-
-### Changed
-
-- **Module ID validation** — Registry now validates module IDs against `MODULE_ID_PATTERN` on registration, rejecting IDs with hyphens or invalid characters
-- **Event handling** — Registry event validation now uses `REGISTRY_EVENTS` constants instead of hardcoded strings
-- **Test updates** — Updated tests to use underscore-separated module IDs instead of hyphens (e.g., `math.add_ten` instead of `math.addTen`, `ctx_test` instead of `ctx-test`)
-
-### Fixed
-
-- **String literals in Registry** — Replaced hardcoded `'register'` and `'unregister'` strings with `REGISTRY_EVENTS.REGISTER` and `REGISTRY_EVENTS.UNREGISTER` constants in event triggers for consistency
-
-## [0.3.0] - 2026-02-20
-
-### Changed
-- Use shallow merge for `stream()` accumulation instead of last-chunk.
-
-### Added
-- Add `Executor.stream()` async generator and `ModuleAnnotations.streaming` for streaming support in the core execution pipeline.
-
-### Co-Authors
-- Claude Opus 4.6 <noreply@anthropic.com>
-
-### Added
-
-- **Error classes and constants**
-  - `ModuleExecuteError` — New error class for module execution failures
-  - `InternalError` — New error class for general internal errors
-  - `ErrorCodes` — Frozen object with all 26 error code strings for consistent error code usage
-  - `ErrorCode` — Type definition for all error codes
-- **Registry constants**
-  - `REGISTRY_EVENTS` — Frozen object with standard event names (`register`, `unregister`)
-  - `MODULE_ID_PATTERN` — Regex pattern enforcing lowercase/digits/underscores/dots for module IDs (no hyphens allowed to ensure bijective MCP tool name normalization)
-- **Executor methods**
-  - `Executor.callAsync()` — Alias for `call()` for compatibility with MCP bridge packages
-
-### Changed
-
-- **Module ID validation** — Registry now validates module IDs against `MODULE_ID_PATTERN` on registration, rejecting IDs with hyphens or invalid characters
-- **Event handling** — Registry event validation now uses `REGISTRY_EVENTS` constants instead of hardcoded strings
-- **Test updates** — Updated tests to use underscore-separated module IDs instead of hyphens (e.g., `math.add_ten` instead of `math.addTen`, `ctx_test` instead of `ctx-test`)
-
-### Fixed
-
-- **String literals in Registry** — Replaced hardcoded `'register'` and `'unregister'` strings with `REGISTRY_EVENTS.REGISTER` and `REGISTRY_EVENTS.UNREGISTER` constants in event triggers for consistency
-
-## [0.2.0] - 2026-02-20
-
-### Added
-
-- **Error classes and constants**
-  - `ModuleExecuteError` — New error class for module execution failures
-  - `InternalError` — New error class for general internal errors
-  - `ErrorCodes` — Frozen object with all 26 error code strings for consistent error code usage
-  - `ErrorCode` — Type definition for all error codes
-- **Registry constants**
-  - `REGISTRY_EVENTS` — Frozen object with standard event names (`register`, `unregister`)
-  - `MODULE_ID_PATTERN` — Regex pattern enforcing lowercase/digits/underscores/dots for module IDs (no hyphens allowed to ensure bijective MCP tool name normalization)
-- **Executor methods**
-  - `Executor.callAsync()` — Alias for `call()` for compatibility with MCP bridge packages
-
-### Changed
-
-- **Module ID validation** — Registry now validates module IDs against `MODULE_ID_PATTERN` on registration, rejecting IDs with hyphens or invalid characters
-- **Event handling** — Registry event validation now uses `REGISTRY_EVENTS` constants instead of hardcoded strings
-- **Test updates** — Updated tests to use underscore-separated module IDs instead of hyphens (e.g., `math.add_ten` instead of `math.addTen`, `ctx_test` instead of `ctx-test`)
-
-### Fixed
-
-- **String literals in Registry** — Replaced hardcoded `'register'` and `'unregister'` strings with `REGISTRY_EVENTS.REGISTER` and `REGISTRY_EVENTS.UNREGISTER` constants in event triggers for consistency
-
-## [0.1.2] - 2026-02-18
-
-### Fixed
-
-- **Timer leak in executor** — `_executeWithTimeout` now calls `clearTimeout` in `.finally()` to prevent timer leak on normal completion
-- **Path traversal protection** — `resolveTarget` in binding loader rejects module paths containing `..` segments before dynamic `import()`
-- **Bare catch blocks** — 6 silent `catch {}` blocks in registry and middleware manager now log warnings with `[apcore:<subsystem>]` prefix
-- **Python-style error messages** — Fixed `FuncMissingTypeHintError` and `FuncMissingReturnTypeError` to use TypeScript syntax (`: string`, `: Record<string, unknown>`)
-- **Console.log in production** — Replaced `console.log` with `console.info` in logging middleware and `process.stdout.write` in tracing exporter
-
-### Changed
-
-- **Long method decomposition** — Broke up 4 oversized methods to meet ≤50 line guideline:
-  - `Executor.call()` (108 → 6 private helpers)
-  - `Registry.discover()` (110 → 7 private helpers)
-  - `ACL.load()` (71 → extracted `parseAclRule`)
-  - `jsonSchemaToTypeBox()` (80 → 5 converter helpers)
-- **Deeply readonly callChain** — `Context.callChain` type narrowed from `readonly string[]` to `readonly (readonly string[])` preventing mutation via push/splice
-- **Consolidated `deepCopy`** — Removed 4 duplicate `deepCopy` implementations; single shared version now lives in `src/utils/index.ts`
-
-### Added
-
-- **42 new tests** for previously uncovered modules:
-  - `tests/schema/test-annotations.test.ts` — 16 tests for `mergeAnnotations`, `mergeExamples`, `mergeMetadata`
-  - `tests/schema/test-exporter.test.ts` — 14 tests for `SchemaExporter` across all 4 export profiles
-  - `tests/test-logging-middleware.test.ts` — 12 tests for `LoggingMiddleware` before/after/onError
-
-## [0.1.1] - 2026-02-17
-
-### Fixed
-
-- Updated logo URL in README
-
-### Changed
-
-- Renamed package from `apcore` to `apcore-js`
-- Updated installation instructions
-
-## [0.1.0] - 2026-02-16
-
-### Added
-
-- **Core executor** — 10-step async execution pipeline with timeout support via `Promise.race`
-- **Context system** — Execution context with trace IDs, call chains, identity, and redacted inputs
-- **Config** — Dot-path configuration accessor
-- **Registry system**
-  - File-based module discovery (`scanExtensions`, `scanMultiRoot`)
-  - Dynamic entry point resolution with duck-type validation
-  - YAML metadata loading and merging (code values + YAML overrides)
-  - Dependency parsing with topological sort (Kahn's algorithm) and cycle detection
-  - ID map support for custom module IDs
-  - Schema export in JSON/YAML with strict and compact modes
-- **FunctionModule** — Schema-driven module wrapper with TypeBox schemas
-- **Binding loader** — YAML-based module registration with three schema modes (inline, external ref, permissive fallback)
-- **ACL (Access Control List)**
-  - Pattern-based rules with glob matching
-  - Identity type and role-based conditions
-  - Call depth conditions
-  - Dynamic rule management (`addRule`, `removeRule`, `reload`)
-  - YAML configuration loading
-- **Middleware system**
-  - Onion-model execution (before forward, after reverse)
-  - Error recovery via `onError` hooks
-  - `BeforeMiddleware` and `AfterMiddleware` adapters
-  - `LoggingMiddleware` for structured execution logging
-- **Observability**
-  - **Tracing** — Span creation, `InMemoryExporter`, `StdoutExporter`, `TracingMiddleware` with sampling strategies (full, off, proportional, error_first)
-  - **Metrics** — `MetricsCollector` with counters, histograms, Prometheus text format export, `MetricsMiddleware`
-  - **Logging** — `ContextLogger` with JSON/text formats, level filtering, `_secret_` field redaction, `ObsLoggingMiddleware`
-- **Schema system**
-  - JSON Schema to TypeBox conversion
-  - `$ref` resolution
-  - Schema validation
-  - Strict transforms (`additionalProperties: false`)
-  - LLM description injection and extension stripping
-- **Error hierarchy** — 20+ typed error classes with error codes, details, trace IDs, and timestamps
-- **Pattern matching** — Glob-style pattern matching for ACL rules and module targeting
-- **Comprehensive test suite** — 385 tests across 29 test files

package/CLAUDE.md

@@ -1,68 +0,0 @@
-# High-Quality Code Specification – Simplicity, Readability, and Maintainability First
-
-## Project Overview
-The core of `apcore` is **task orchestration and execution specifications**. It provides a unified task orchestration framework that supports execution of multiple task types.
-
-## Core Principles
-- Prioritize **simplicity, readability, and maintainability** above all.
-- Avoid premature abstraction, optimization, or over-engineering.
-- Code should be understandable in ≤10 seconds; favor straightforward over clever.
-- Always follow: Understand → Plan → Implement minimally → Test/Validate → Commit.
-
-## TypeScript Code Quality
-
-### Readability
-- Use precise, full-word names (standard abbreviations only when conventional).
-- Functions ≤50 lines, single responsibility, verb-named.
-- Avoid obscure tricks, excessive generics, or unnecessary abstraction layers.
-- Break complex logic into small, well-named helpers.
-
-### Types (Mandatory)
-- Full type annotations on all public APIs and function signatures.
-- Avoid `any` except for dynamic/external data; prefer `unknown` with narrowing.
-- Prefer `interface` for object shapes, `type` for unions/intersections.
-- Use `readonly` for immutable data structures.
-
-### Design
-- Favor functional style + plain objects; minimize class inheritance.
-- Composition > inheritance; use `interface` only for true contracts.
-- No circular imports.
-- Dependency injection for config, logging, external services, etc.
-
-### Errors & Resources
-- Explicit error handling; no bare `catch {}` that swallows errors silently.
-- Use `try/finally` or equivalent cleanup patterns for resources.
-- Validate/sanitize all public inputs.
-
-### Logging
-- Use `console.warn` for warnings in library code.
-- Prefix log messages with `[apcore:<subsystem>]` for traceability.
-- No `console.log` in production code paths.
-
-### Testing
-- Unit tests in `tests/`, ≥90% coverage on core logic.
-- Test files named: `test-<unit>.test.ts`.
-- Test cases named descriptively: `it('throws X when Y', ...)`.
-- Never change production code without updating tests.
-- Use `vitest` as test runner.
-
-### Build & Checks
-- After changes, always run:
-  - `npx tsc --noEmit` (type checking)
-  - `npx vitest run` (tests)
-- Zero errors before commit.
-
-### Module System
-- ESM only (`"type": "module"` in package.json).
-- All imports must use `.js` extension (NodeNext resolution).
-- Use `@sinclair/typebox` for runtime schema definitions.
-
-### Security & Performance
-- Never hardcode secrets; use env/config.
-- Validate/sanitize inputs at system boundaries.
-- Avoid unjustified quadratic+ complexity in hot paths.
-
-## General Guidelines
-- English ONLY for comments, JSDoc, logs, errors, commit messages.
-- Fully understand surrounding code before changes.
-- Do not generate unnecessary documentation, examples, or stubs unless explicitly requested.

package/apcore-logo.svg

@@ -1,79 +0,0 @@
-<svg width="512" height="512" viewBox="46 70 420 420" xmlns="http://www.w3.org/2000/svg">
-  <!-- apcore jellyfish logo - cartoon ocean mascot -->
-
-  <defs>
-    <!-- Bell radial gradient: bright center → deep indigo edge -->
-    <radialGradient id="bellGrad" cx="50%" cy="45%" r="50%">
-      <stop offset="0%" stop-color="#818CF8"/>
-      <stop offset="100%" stop-color="#4338CA"/>
-    </radialGradient>
-
-    <!-- Bioluminescence glow -->
-    <radialGradient id="glowGrad" cx="50%" cy="50%" r="50%">
-      <stop offset="0%" stop-color="#67E8F9" stop-opacity="0.4"/>
-      <stop offset="100%" stop-color="#67E8F9" stop-opacity="0"/>
-    </radialGradient>
-
-    <!-- Tentacle gradients (top solid → bottom fade) -->
-    <linearGradient id="tentGrad1" x1="0" y1="0" x2="0" y2="1">
-      <stop offset="0%" stop-color="#6366F1"/>
-      <stop offset="100%" stop-color="#4F46E5" stop-opacity="0"/>
-    </linearGradient>
-    <linearGradient id="tentGrad2" x1="0" y1="0" x2="0" y2="1">
-      <stop offset="0%" stop-color="#818CF8"/>
-      <stop offset="100%" stop-color="#6366F1" stop-opacity="0"/>
-    </linearGradient>
-  </defs>
-
-  <!-- Tentacles (behind bell) - 6 flowing tentacles -->
-  <!-- Outer left tentacle -->
-  <path d="M 175,300 C 160,350 145,390 155,430 Q 162,455 150,470"
-        stroke="url(#tentGrad1)" stroke-width="8" fill="none" stroke-linecap="round"/>
-  <!-- Inner left tentacle -->
-  <path d="M 210,310 C 200,360 188,400 195,445 Q 200,465 190,480"
-        stroke="url(#tentGrad2)" stroke-width="7" fill="none" stroke-linecap="round"/>
-  <!-- Center left tentacle -->
-  <path d="M 245,310 C 240,365 235,410 242,455 Q 248,475 240,490"
-        stroke="url(#tentGrad1)" stroke-width="6" fill="none" stroke-linecap="round"/>
-  <!-- Center right tentacle -->
-  <path d="M 267,310 C 272,365 277,410 270,455 Q 264,475 272,490"
-        stroke="url(#tentGrad1)" stroke-width="6" fill="none" stroke-linecap="round"/>
-  <!-- Inner right tentacle -->
-  <path d="M 302,310 C 312,360 324,400 317,445 Q 312,465 322,480"
-        stroke="url(#tentGrad2)" stroke-width="7" fill="none" stroke-linecap="round"/>
-  <!-- Outer right tentacle -->
-  <path d="M 337,300 C 352,350 367,390 357,430 Q 350,455 362,470"
-        stroke="url(#tentGrad1)" stroke-width="8" fill="none" stroke-linecap="round"/>
-
-  <!-- Bell (dome body) -->
-  <path d="M 130,290 C 130,150 190,80 256,80 C 322,80 382,150 382,290 Q 382,310 256,310 Q 130,310 130,290 Z"
-        fill="url(#bellGrad)"/>
-
-  <!-- Bell rim / ruffle -->
-  <path d="M 130,290 Q 150,318 175,298 Q 200,318 225,298 Q 250,318 268,298 Q 290,318 312,298 Q 335,318 355,298 Q 375,318 382,290"
-        fill="#4338CA" opacity="0.6"/>
-
-  <!-- Bioluminescence glow overlay -->
-  <ellipse cx="256" cy="210" rx="100" ry="90" fill="url(#glowGrad)"/>
-
-  <!-- Bell highlight (specular) -->
-  <ellipse cx="230" cy="160" rx="55" ry="35" fill="#A5B4FC" opacity="0.3"/>
-
-  <!-- Eyes -->
-  <ellipse cx="222" cy="215" rx="22" ry="24" fill="white"/>
-  <ellipse cx="290" cy="215" rx="22" ry="24" fill="white"/>
-  <!-- Pupils -->
-  <circle cx="228" cy="220" r="13" fill="#1E1B4B"/>
-  <circle cx="296" cy="220" r="13" fill="#1E1B4B"/>
-  <!-- Eye highlights -->
-  <circle cx="233" cy="212" r="6" fill="white"/>
-  <circle cx="301" cy="212" r="6" fill="white"/>
-
-  <!-- Smile -->
-  <path d="M 240,252 Q 256,268 272,252"
-        stroke="#312E81" stroke-width="3.5" fill="none" stroke-linecap="round"/>
-
-  <!-- Cheek blush -->
-  <ellipse cx="205" cy="242" rx="14" ry="9" fill="#C4B5FD" opacity="0.45"/>
-  <ellipse cx="307" cy="242" rx="14" ry="9" fill="#C4B5FD" opacity="0.45"/>
-</svg>

package/planning/acl-system/overview.md

@@ -1,54 +0,0 @@
-# Feature: ACL System
-
-## Overview
-
-The ACL (Access Control List) system provides pattern-based access control for apcore module calls. It evaluates caller-to-target permissions using a first-match-wins strategy over an ordered rule list. Each rule specifies caller patterns, target patterns, an effect (allow/deny), and optional conditions (identity types, roles, call depth). The `ACL` class supports runtime rule mutation (`addRule`, `removeRule`), YAML-based configuration loading via a static `load()` factory, and live `reload()` for configuration hot-swapping. Pattern matching uses a wildcard algorithm (Algorithm A08) that supports `*` globs in module IDs.
-
-## Scope
-
-### Included
-
-- `ACLRule` interface defining the structure of access control rules (callers, targets, effect, description, conditions)
-- `ACL` class with `check()` for first-match-wins evaluation, `addRule()` for prepending rules, `removeRule()` for removal by caller/target match via `JSON.stringify` comparison
-- Static `ACL.load()` factory for loading rules from YAML configuration files with strict validation
-- `reload()` method for hot-reloading YAML-based configuration without reconstructing the ACL instance
-- `matchPattern()` wildcard utility (Algorithm A08) for glob-style module ID matching
-- Special caller tokens: `@external` (null caller substitution), `@system` (identity type check)
-- Conditional rule evaluation: `identity_types`, `roles`, `max_call_depth` with AND logic
-- Error types: `ACLDeniedError` (thrown by executor on denial), `ACLRuleError` (invalid rules/config), `ConfigNotFoundError` (missing YAML)
-
-### Excluded
-
-- Executor integration (the executor consumes `ACL.check()` as a dependency)
-- Thread locking or concurrency guards (Node.js single-threaded event loop eliminates the need)
-- Debug logging (identified gap vs. Python implementation; not included in current scope)
-- Role or identity management (consumed from `Context.identity`)
-
-## Technology Stack
-
-- **TypeScript 5.5+** with strict mode
-- **js-yaml** for YAML configuration parsing
-- **Node.js >= 18.0.0** with ES Module support (`node:fs` for file I/O)
-- **vitest** for unit and integration testing
-
-## Task Execution Order
-
-| # | Task File | Description | Status |
-|---|-----------|-------------|--------|
-| 1 | [acl-rule](./tasks/acl-rule.md) | ACLRule interface definition | completed |
-| 2 | [acl-core](./tasks/acl-core.md) | ACL class with check(), addRule(), removeRule(), default effect | completed |
-| 3 | [pattern-matching](./tasks/pattern-matching.md) | matchPattern() wildcard matching (Algorithm A08) | completed |
-| 4 | [yaml-loading](./tasks/yaml-loading.md) | ACL.load() from YAML with strict validation, reload() support | completed |
-| 5 | [conditional-rules](./tasks/conditional-rules.md) | _checkConditions() with identity_types, roles, max_call_depth | completed |
-
-## Progress
-
-| Total | Completed | In Progress | Pending |
-|-------|-----------|-------------|---------|
-| 5     | 5         | 0           | 0       |
-
-## Reference Documents
-
-- `src/acl.ts` -- ACL class and ACLRule interface (~188 lines)
-- `src/utils/pattern.ts` -- matchPattern wildcard utility (~30 lines)
-- `src/errors.ts` -- ACLDeniedError, ACLRuleError, ConfigNotFoundError

package/planning/acl-system/plan.md

@@ -1,92 +0,0 @@
-# Implementation Plan: ACL System
-
-## Goal
-
-Implement a pattern-based access control list that evaluates caller-to-target module permissions using first-match-wins semantics, supporting wildcard patterns, conditional rules, YAML-based configuration, and runtime rule mutation.
-
-## Architecture Design
-
-### Component Structure
-
-- **ACL** (`acl.ts`, ~188 lines) -- Main access control class. Holds an ordered array of `ACLRule` objects and a `_defaultEffect` (default `'deny'`). Provides `check(callerId, targetId, context?)` for permission evaluation, `addRule(rule)` to prepend a rule, `removeRule(callers, targets)` to remove by JSON-stringified comparison, and `reload()` for hot-swapping YAML-loaded rules. Static `load(yamlPath)` factory parses and validates YAML configuration files.
-
-- **ACLRule** (`acl.ts`) -- Interface defining a single access control rule: `callers` (string array of patterns), `targets` (string array of patterns), `effect` (`'allow'` or `'deny'`), `description` (string), and optional `conditions` record. Conditions are evaluated with AND logic across all present keys.
-
-- **matchPattern** (`utils/pattern.ts`, ~30 lines) -- Standalone wildcard pattern matcher implementing Algorithm A08. Splits the pattern on `*` delimiters and verifies each segment appears in order within the module ID string. Handles edge cases: bare `*` matches everything, no `*` means exact match.
-
-- **Error Types** (`errors.ts`) -- `ACLDeniedError` (raised by executor when `check()` returns `false`), `ACLRuleError` (invalid rule structure, bad YAML, missing keys), `ConfigNotFoundError` (YAML file does not exist). All extend `ModuleError` base class.
-
-### Data Flow
-
-The `check()` method evaluates permissions through this pipeline:
-
-1. **Caller Normalization** -- `null` caller is replaced with `'@external'`
-2. **Rule Snapshot** -- Shallow copy of `_rules` array (safe iteration)
-3. **First-Match-Wins Scan** -- Iterate rules in order:
-   a. **Caller Pattern Match** -- `rule.callers.some(p => _matchPattern(p, caller, context))`
-   b. **Target Pattern Match** -- `rule.targets.some(p => _matchPattern(p, target, context))`
-   c. **Condition Evaluation** -- If `rule.conditions != null`, apply `_checkConditions()`
-   d. **Effect Return** -- If all checks pass, return `rule.effect === 'allow'`
-4. **Default Effect** -- If no rule matches, return `_defaultEffect === 'allow'`
-
-Pattern matching handles three special patterns:
-- `'@external'` -- Exact match against the `@external` sentinel
-- `'@system'` -- Checks `context.identity.type === 'system'`
-- Wildcard patterns -- Delegated to `matchPattern()` from `utils/pattern.ts`
-
-### Technical Choices and Rationale
-
-- **First-match-wins over priority scores**: Simpler mental model; rule ordering in YAML is explicit and deterministic. No conflict resolution needed.
-- **`JSON.stringify` for rule comparison in `removeRule()`**: Pragmatic approach for comparing string arrays without deep-equal dependencies. Suitable since callers/targets are always `string[]`.
-- **No thread locking**: Node.js single-threaded event loop means no concurrent mutation of the rules array. The shallow copy in `check()` guards against mid-iteration `addRule`/`removeRule` calls from synchronous code, but no mutex is needed.
-- **Synchronous YAML loading via `readFileSync`**: ACL configuration is loaded at startup or explicit reload. Synchronous I/O is appropriate for initialization-time config loading.
-- **AND logic for conditions**: All present condition keys must pass for the rule to match. This provides a restrictive-by-default composition model (conditions narrow access rather than broaden it).
-- **No debug logging**: Identified gap vs. Python implementation. The TypeScript ACL omits `debug` flag logging to keep the implementation lean. Can be added later via middleware or observability hooks.
-
-## Task Breakdown
-
-```mermaid
-graph TD
-    T1[acl-rule] --> T2[acl-core]
-    T1 --> T5[conditional-rules]
-    T3[pattern-matching] --> T2
-    T2 --> T4[yaml-loading]
-    T5 --> T2
-```
-
-| Task ID | Title | Estimated Time | Dependencies |
-|---------|-------|---------------|--------------|
-| acl-rule | ACLRule interface definition | 1h | none |
-| acl-core | ACL class with check, addRule, removeRule | 3h | acl-rule, pattern-matching, conditional-rules |
-| pattern-matching | matchPattern() wildcard matching (Algorithm A08) | 2h | none |
-| yaml-loading | ACL.load() from YAML, reload() support | 2h | acl-core |
-| conditional-rules | _checkConditions() with identity_types, roles, max_call_depth | 2h | acl-rule |
-
-## Risks and Considerations
-
-- **Rule ordering sensitivity**: First-match-wins means a broadly-scoped rule placed early can shadow more specific rules. Documentation should emphasize that more specific rules should appear before general rules.
-- **`JSON.stringify` ordering dependency**: `removeRule` relies on `JSON.stringify` producing identical output for identical arrays. This holds for simple `string[]` but would break for arrays containing objects with non-deterministic key order. Current usage is safe since callers/targets are always string arrays.
-- **Synchronous file I/O in `load()`/`reload()`**: Blocks the event loop during YAML parsing. Acceptable for startup configuration but could be problematic if `reload()` is called frequently with large config files.
-- **No validation of condition values at load time**: Condition values (e.g., `identity_types` expected as `string[]`) are validated at match time via type assertions, not at YAML load time. Malformed conditions will only surface when a rule is evaluated.
-- **Debug flag exists but is unused**: The `debug` property is declared on the `ACL` class but no logging is wired up, representing a gap from the Python implementation.
-
-## Acceptance Criteria
-
-- [x] `ACLRule` interface defines callers, targets, effect, description, and optional conditions
-- [x] `ACL.check()` implements first-match-wins evaluation returning `boolean`
-- [x] Null caller is normalized to `'@external'`
-- [x] `@system` pattern checks `context.identity.type === 'system'`
-- [x] `matchPattern()` handles exact, wildcard, prefix, suffix, and multi-segment patterns
-- [x] `ACL.load()` parses YAML, validates structure, and returns configured ACL instance
-- [x] `reload()` re-reads YAML and replaces rules in-place; throws `ACLRuleError` if not loaded from YAML
-- [x] `addRule()` prepends rules; `removeRule()` finds and removes by JSON-stringified caller/target match
-- [x] Conditions (`identity_types`, `roles`, `max_call_depth`) are evaluated with AND logic
-- [x] `ACLRuleError` thrown for invalid config structure; `ConfigNotFoundError` for missing YAML files
-- [x] All tests pass with `vitest`; zero errors from `tsc --noEmit`
-
-## References
-
-- `src/acl.ts` -- ACL class and ACLRule interface
-- `src/utils/pattern.ts` -- matchPattern wildcard utility
-- `src/errors.ts` -- ACLDeniedError, ACLRuleError, ConfigNotFoundError
-- `src/context.ts` -- Context and Identity types (consumed by ACL)

package/planning/acl-system/state.json

@@ -1,76 +0,0 @@
-{
-  "feature": "acl-system",
-  "created": "2026-02-16T00:00:00Z",
-  "updated": "2026-02-16T00:00:00Z",
-  "status": "completed",
-  "execution_order": [
-    "acl-rule",
-    "pattern-matching",
-    "conditional-rules",
-    "acl-core",
-    "yaml-loading"
-  ],
-  "progress": {
-    "total_tasks": 5,
-    "completed": 5,
-    "in_progress": 0,
-    "pending": 0
-  },
-  "tasks": [
-    {
-      "id": "acl-rule",
-      "file": "tasks/acl-rule.md",
-      "title": "ACLRule Interface Definition",
-      "status": "completed",
-      "started_at": "2026-02-16T08:00:00Z",
-      "completed_at": "2026-02-16T08:45:00Z",
-      "assignee": null,
-      "commits": []
-    },
-    {
-      "id": "pattern-matching",
-      "file": "tasks/pattern-matching.md",
-      "title": "matchPattern() Wildcard Matching (Algorithm A08)",
-      "status": "completed",
-      "started_at": "2026-02-16T08:45:00Z",
-      "completed_at": "2026-02-16T10:15:00Z",
-      "assignee": null,
-      "commits": []
-    },
-    {
-      "id": "conditional-rules",
-      "file": "tasks/conditional-rules.md",
-      "title": "Conditional Rule Evaluation (identity_types, roles, max_call_depth)",
-      "status": "completed",
-      "started_at": "2026-02-16T10:15:00Z",
-      "completed_at": "2026-02-16T11:45:00Z",
-      "assignee": null,
-      "commits": []
-    },
-    {
-      "id": "acl-core",
-      "file": "tasks/acl-core.md",
-      "title": "ACL Class with check(), addRule(), removeRule()",
-      "status": "completed",
-      "started_at": "2026-02-16T11:45:00Z",
-      "completed_at": "2026-02-16T14:00:00Z",
-      "assignee": null,
-      "commits": []
-    },
-    {
-      "id": "yaml-loading",
-      "file": "tasks/yaml-loading.md",
-      "title": "ACL.load() from YAML and reload() Support",
-      "status": "completed",
-      "started_at": "2026-02-16T14:00:00Z",
-      "completed_at": "2026-02-16T15:30:00Z",
-      "assignee": null,
-      "commits": []
-    }
-  ],
-  "metadata": {
-    "source_doc": "planning/features/acl-system.md",
-    "created_by": "code-forge",
-    "version": "1.0"
-  }
-}