npm - bare-agent - Versions diffs - 0.10.0 → 0.10.2 - Mend

bare-agent 0.10.0 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -101,17 +101,24 @@ Every piece works alone — take what you need, ignore the rest.
 ```js
 const { Gate } = require('bareguard');
-const { Loop } = require('bare-agent');
-const { wireGate } = require('bare-agent/bareguard');
+const { Loop, wireGate, defaultActionTranslator } = require('bare-agent');
 const gate = new Gate({
   budget: { maxCostUsd: 0.50 },
-  limits: { maxTurns: 20 },
+  limits: { maxToolRounds: 20 },                // bareguard 0.4.2+ — N tool rounds, LLM rounds bypass
   audit:  { path: './audit.jsonl' },
 });
 await gate.init();
-const { policy, onLlmResult, onToolResult, filterTools } = wireGate(gate);
+const { policy, onLlmResult, onToolResult, filterTools } = wireGate(gate, {
+  // Optional: translate tool names → bareguard primitive types for bash/fs/net rules.
+  // bareguard 0.4.1+ reads args.command / args.path verbatim, so args passes through.
+  actionTranslator: (toolName, args, ctx) => {
+    if (toolName === 'shell_exec') return { type: 'bash', args, _ctx: ctx };
+    if (toolName === 'shell_read') return { type: 'read', args, _ctx: ctx };
+    return defaultActionTranslator(toolName, args, ctx);
+  },
+});
 const tools = await filterTools(myTools);      // drop tools denied by static policy
 const loop = new Loop({ provider, policy, onLlmResult, onToolResult });

package/index.js CHANGED Viewed

@@ -10,7 +10,7 @@ const { Stream } = require('./src/stream');
 const { Retry } = require('./src/retry');
 const { runPlan } = require('./src/run-plan');
 const { CircuitBreaker } = require('./src/circuit-breaker');
-const { wireGate } = require('./src/bareguard-adapter');
+const { wireGate, defaultActionTranslator } = require('./src/bareguard-adapter');
 const {
   BareAgentError,
   ProviderError,
@@ -18,6 +18,7 @@ const {
   TimeoutError,
   ValidationError,
   CircuitOpenError,
+  HaltError,
 } = require('./src/errors');
 module.exports = {
@@ -32,10 +33,12 @@ module.exports = {
   runPlan,
   CircuitBreaker,
   wireGate,
+  defaultActionTranslator,
   BareAgentError,
   ProviderError,
   ToolError,
   TimeoutError,
   ValidationError,
   CircuitOpenError,
+  HaltError,
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "bare-agent",
-  "version": "0.10.0",
+  "version": "0.10.2",
   "files": [
     "index.js",
     "src/",
@@ -22,12 +22,14 @@
   },
   "exports": {
     ".": "./index.js",
+    "./errors": "./src/errors.js",
     "./providers": "./src/providers.js",
     "./stores": "./src/stores.js",
     "./transports": "./src/transports.js",
     "./tools": "./src/tools.js",
     "./mcp": "./src/mcp.js",
-    "./bareguard": "./src/bareguard-adapter.js"
+    "./bareguard": "./src/bareguard-adapter.js",
+    "./package.json": "./package.json"
   },
   "engines": {
     "node": ">=18"
@@ -44,7 +46,7 @@
     "governance"
   ],
   "dependencies": {
-    "bareguard": "^0.2.0"
+    "bareguard": "^0.4.2"
   },
   "optionalDependencies": {
     "barebrowse": "^0.5.0",

package/src/bareguard-adapter.js CHANGED Viewed

@@ -28,6 +28,14 @@ const { HaltError } = require('./errors');
  * @param {Function} [options.formatDeny] - (decision) => string. Transforms the deny
  *   string fed to the LLM. Default: "[deny: <rule>] <reason>". Halt bypasses this
  *   (HaltError doesn't reach the LLM).
+ * @param {Function} [options.actionTranslator] - (toolName, args, ctx) => action.
+ *   Builds the action object passed to `gate.check` and `gate.record`. Default:
+ *   `{ type: toolName, args, _ctx: ctx }`. Override when bareguard's primitives
+ *   need a specific shape — e.g. `bashCheck` requires `{type:'bash', cmd:...}`,
+ *   `fsCheck` requires `{type:'read'|'write'|'edit', path:...}`. The default shape
+ *   matches `tools.denylist` / `tools.allowlist` (which read `action.type`) but
+ *   does NOT activate `bash`/`fs`/`net` primitives — those need their own
+ *   `action.type` value. Adopters using those primitives must translate.
  * @returns {{policy: Function, onLlmResult: Function, onToolResult: Function, filterTools: Function, wrapTool: Function, wrapTools: Function}}
  *
  * @example
@@ -54,10 +62,14 @@ function wireGate(gate, options = {}) {
   if (options.formatDeny != null && typeof options.formatDeny !== 'function') {
     throw new Error('[wireGate] options.formatDeny must be a function (decision) => string');
   }
+  if (options.actionTranslator != null && typeof options.actionTranslator !== 'function') {
+    throw new Error('[wireGate] options.actionTranslator must be a function (toolName, args, ctx) => action');
+  }
   const formatDeny = options.formatDeny || defaultFormatDeny;
+  const translate = options.actionTranslator || defaultActionTranslator;
   const policy = async (toolName, args, ctx) => {
-    const decision = await gate.check({ type: toolName, args, _ctx: ctx });
+    const decision = await gate.check(translate(toolName, args, ctx));
     if (decision.outcome === 'allow') return true;
     if (decision.severity === 'halt') {
       throw new HaltError(decision.reason || `${toolName} halted by ${decision.rule}`, {
@@ -69,6 +81,8 @@ function wireGate(gate, options = {}) {
   };
   const onLlmResult = async ({ model, provider, usage, costUsd, durationMs, ctx }) => {
+    // LLM rounds bypass actionTranslator — they always use the canonical
+    // {type:'llm'} action so budget rules can match without translator collusion.
     await gate.record(
       { type: 'llm', args: { model: model || null, provider: provider || null }, _ctx: ctx ?? null },
       {
@@ -80,7 +94,7 @@ function wireGate(gate, options = {}) {
   };
   const onToolResult = async ({ name, args, result, error, durationMs, ctx }) => {
-    const action = { type: name, args, _ctx: ctx ?? null };
+    const action = translate(name, args, ctx);
     if (error) {
       await gate.record(action, {
         error: error?.message || String(error),
@@ -159,4 +173,13 @@ function defaultFormatDeny(decision, toolName) {
   return decision.reason ? `${tag} ${decision.reason}` : `${tag} ${toolName} denied`;
 }
-module.exports = { wireGate };
+// Canonical action shape: tool name as type, args nested, ctx tagged. Matches
+// bareguard's `tools.denylist`/`tools.allowlist` (which read `action.type`) but
+// does NOT activate `bash`/`fs`/`net` primitives — those require `action.type`
+// to be `bash`/`read`/`write`/etc. and read fields like `action.cmd` /
+// `action.path` at the top level. Override via `wireGate(gate, { actionTranslator })`.
+function defaultActionTranslator(toolName, args, ctx) {
+  return { type: toolName, args, _ctx: ctx ?? null };
+}
+module.exports = { wireGate, defaultActionTranslator };

package/src/loop.js CHANGED Viewed

@@ -50,6 +50,14 @@ class Loop {
    */
   constructor(options = {}) {
     if (!options.provider) throw new Error('[Loop] requires a provider');
+    if (options.maxRounds !== undefined) {
+      throw new Error(
+        '[Loop] options.maxRounds was removed in v0.8 when single-gate governance landed. ' +
+        'Bound iteration via bareguard `new Gate({ limits: { maxTurns: N } })` and wire it with ' +
+        '`new Loop({ policy: wireGate(gate).policy })`. Loop\'s internal HARD_ROUND_LIMIT (100) is ' +
+        'a safety net only and not configurable.',
+      );
+    }
     this.provider = options.provider;
     this.system = options.system || null;
     this.checkpoint = options.checkpoint || null;