daftari 1.0.0

package/CHANGELOG.md

@@ -0,0 +1,37 @@
+# Changelog
+
+All notable changes to this project are documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [1.0.0] - 2026-05-17
+
+First public release. Daftari is an MCP server that exposes a curated markdown
+vault to AI agents, exposing 13 tools over stdio.
+
+### Added
+
+- **Read path** — `vault_read`, `vault_index`, and `vault_status` for reading
+  documents, listing them by collection/status/domain/tags, and reporting vault
+  health (file counts, invalid frontmatter, staleness distribution, unresolved
+  tensions, recent writes).
+- **Hybrid search** — `vault_search`, `vault_search_related`, and
+  `vault_reindex`. BM25 lexical ranking fused with vector semantic similarity,
+  with tunable weights and graceful fallback to lexical-only when embeddings are
+  unavailable.
+- **Write path** — `vault_write`, `vault_append`, `vault_promote`, and
+  `vault_deprecate`. File-level write locks (SQLite-backed, 60-second TTL),
+  every write auto-committed to git, and a provenance log of who wrote what.
+- **Curation engine** — `vault_lint`, `vault_tension_log`, and
+  `vault_provenance`. Advisory TTL-based staleness detection, contradiction
+  (tension) logging, lint checks, and per-document write history. Reports
+  problems; does not auto-fix.
+- **Config-driven RBAC** — roles and per-collection read/write/promote
+  permissions declared in `.daftari/config.yaml`; enforced across every tool.
+  Unknown or absent roles fall back to a deny-all guest.
+- **CLI** — `daftari --init` scaffolds a new vault (collections, RBAC config,
+  example documents, git history, search index); `daftari --vault` serves it.
+- 160 tests covering all 13 tools and their supporting modules.
+
+[1.0.0]: https://github.com/mavaali/daftari/releases/tag/v1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Mihir Wagle (mavaali)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,259 @@
+# Daftari
+
+[![CI](https://github.com/mavaali/daftari/actions/workflows/ci.yml/badge.svg)](https://github.com/mavaali/daftari/actions/workflows/ci.yml)
+[![npm version](https://img.shields.io/npm/v/daftari.svg)](https://www.npmjs.com/package/daftari)
+[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+
+**An MCP server that exposes a curated markdown vault to AI agents.**
+
+Daftari is not RAG. It is not a chatbot. It is a *living, agent-maintained
+knowledge vault* — a directory of markdown files that an AI agent reads from,
+writes to, and curates over time, so that knowledge **compounds** instead of
+being re-derived on every query.
+
+RAG retrieves chunks and hopes the model stitches them together. Daftari takes
+the other path: the agent does the stitching *once*, writes the synthesized
+result back as a durable document, and every later read starts from that
+compiled answer. Karpathy's framing fits — **compilation over retrieval**. The
+vault gets better the more it is used.
+
+A vault is just markdown. You can read it, `git log` it, and edit it by hand.
+Daftari adds the machinery an agent needs to treat it as a shared workspace:
+access control, write arbitration, provenance, and curation.
+
+---
+
+## The four-layer model
+
+Daftari is built in four layers. The first two are table stakes. **The moat is
+layers 3 and 4** — anyone can store markdown and check a permission; arbitrating
+concurrent agent writes and managing knowledge decay is the hard part.
+
+| Layer | Concern | What Daftari provides |
+|------:|---------|-----------------------|
+| 1 | **Storage** | Markdown + YAML frontmatter on disk, a git history, a rebuildable SQLite index for hybrid BM25 + vector search. |
+| 2 | **Multi-tenant ACL** | Config-driven RBAC. Roles and per-collection read/write/promote permissions declared in `.daftari/config.yaml`. |
+| 3 | **Write arbitration** ⭐ | File-level write locks (SQLite-backed, 60s TTL), every write auto-committed to git, a provenance log of who wrote what and when. |
+| 4 | **Curation decay** ⭐ | The draft → canonical → deprecated lifecycle, TTL-based staleness, tension logging for contradictions, and an advisory linter. Knowledge that stops being true is surfaced, not silently trusted. |
+
+Layers 1–2 keep the vault *stored and scoped*. Layers 3–4 keep it *coherent as
+it grows* — which is the entire point of a vault that compounds.
+
+---
+
+## Quickstart
+
+```bash
+# 1. Scaffold a new vault (collections, config, example documents, git, index)
+npx daftari --init ./my-vault
+
+# 2. Start the MCP server against it, as an identity with a role
+npx daftari --vault ./my-vault --user me --role admin
+```
+
+The server speaks the Model Context Protocol over stdio. Point any MCP client
+(Claude Desktop, an agent SDK, your own harness) at it. See
+[docs/getting-started.md](docs/getting-started.md) for the full walkthrough,
+including a `claude_desktop_config.json` snippet.
+
+---
+
+## The MCP tools
+
+Daftari exposes 13 tools, grouped by layer.
+
+**Read path**
+
+| Tool | Description |
+|------|-------------|
+| `vault_read` | Read one document: markdown body, parsed frontmatter, and an advisory validation report. |
+| `vault_index` | List documents, filterable by collection, status, domain, or tags. |
+| `vault_status` | Vault health dashboard: total file count, per-collection counts, count of documents with invalid frontmatter, a staleness distribution (fresh/aging/stale), unresolved tensions, and recent write history. |
+
+**Search**
+
+| Tool | Description |
+|------|-------------|
+| `vault_search` | Hybrid BM25 + vector search across the vault, with tunable ranking weights. |
+| `vault_search_related` | Find documents thematically related to a given document. |
+| `vault_reindex` | Rebuild the SQLite search index from the markdown files. |
+
+**Write arbitration**
+
+| Tool | Description |
+|------|-------------|
+| `vault_write` | Create or overwrite a document. Stamps `updated`/`updated_by`, preserves `created`, auto-commits. |
+| `vault_append` | Append a markdown section to a document. Re-stamps metadata, auto-commits. |
+| `vault_promote` | Promote a draft to canonical — refuses unless the draft's frontmatter is complete. |
+| `vault_deprecate` | Mark a document deprecated with a required reason and an optional `superseded_by`. |
+
+**Curation**
+
+| Tool | Description |
+|------|-------------|
+| `vault_tension_log` | Record a contradiction between two documents to the advisory tension log. Records; does not resolve. |
+| `vault_lint` | Run advisory curation checks: stale-past-TTL, orphans, old drafts, stagnant low-confidence files, deprecated-but-linked. |
+| `vault_provenance` | Return a single document's full write history from the provenance log. |
+
+The curation engine is **advisory**: `vault_lint` reports problems and
+`vault_tension_log` records contradictions — neither auto-fixes anything. A
+human or a deliberate agent decision drives every change.
+
+---
+
+## What an agent call looks like
+
+Daftari speaks the Model Context Protocol over stdio. An agent invokes a tool
+by name with JSON arguments; the server replies with a JSON text block. Here is
+`vault_search` against a freshly scaffolded vault (`npx daftari --init`):
+
+**Request**
+
+```json
+{ "method": "tools/call", "params": {
+    "name": "vault_search",
+    "arguments": { "query": "consumption pricing", "limit": 1 } } }
+```
+
+**Response** — `content[0].text`, parsed:
+
+```json
+{
+  "query": "consumption pricing",
+  "count": 1,
+  "vectorUsed": true,
+  "weights": { "bm25": 0.5, "vector": 0.5 },
+  "hits": [
+    {
+      "path": "pricing/helios-consumption-pricing.md",
+      "title": "Helios Consumption Pricing (Compute Credit Model)",
+      "collection": "pricing", "status": "canonical",
+      "score": 1, "bm25Score": 1, "vectorScore": 1,
+      "snippet": "# Helios Consumption Pricing (Compute Credit Model) Helios is a fictional platform…"
+    }
+  ]
+}
+```
+
+---
+
+## RBAC
+
+Access is config-driven. There is no user-management system — roles and their
+per-collection permissions live in `.daftari/config.yaml`, and the server is
+started with `--role <name>` to select one:
+
+```yaml
+version: 1
+vault_name: my-vault
+
+roles:
+  analyst:
+    read: [competitive-intel, pricing]
+    write: [competitive-intel, _drafts]
+  researcher:
+    read: ["*"]            # "*" matches every collection
+    write: [moonshot, _drafts]
+  admin:
+    read: ["*"]
+    write: ["*"]
+    promote: true          # only this role may promote drafts to canonical
+```
+
+- `read` — collections the role may read and search
+- `write` — collections the role may create, append to, or deprecate in
+- `promote` — whether the role may promote a draft to canonical (default `false`)
+
+Starting the server with no `--role`, or with a name not in the config, falls
+back to a deny-all **guest**: every tool is denied.
+
+---
+
+## File format
+
+Every document is a markdown file with a YAML frontmatter block. Frontmatter
+*is* the metadata layer — there is no separate database of record.
+
+```markdown
+---
+title: "Aurora Pipelines — Positioning Overview"
+domain: accumulation
+collection: competitive-intel
+status: canonical
+confidence: medium
+created: 2026-05-17
+updated: 2026-05-17
+updated_by: agent:claude-code
+provenance: direct
+sources:
+  - aurora-product-page
+superseded_by: null
+ttl_days: 120
+tags: [aurora, ingestion, competitive]
+---
+
+# Aurora Pipelines — Positioning Overview
+
+Aurora Pipelines treats ingestion as an authored, version-controlled artifact
+rather than a managed black box.
+
+## Questions Answered
+- How does Aurora frame the ingestion-vs-transformation boundary?
+
+## Questions Raised
+- Does an authored-pipeline model slow teams down at small scale?
+```
+
+The `## Questions Answered` / `## Questions Raised` pattern is a convention,
+not a requirement: it makes a document's epistemic edges explicit so the next
+agent knows what is settled and what is still open. Full field reference in
+[docs/file-format.md](docs/file-format.md).
+
+---
+
+## What's not in v1
+
+A few capabilities were deliberately deferred so v1 ships with a tight,
+defensible surface — a server that does its core job well rather than a wide
+one that does many jobs partially. Not in this release:
+
+- **Cloud-hosted multi-tenant server** — an S3/GCS storage backend with
+  auth-token identity. v1 runs against a local filesystem as a single process.
+- **Conflict resolution beyond file-level locks** — CRDTs or semantic merge for
+  concurrent edits to the same document. v1 arbitrates with 60-second write locks.
+- **Background curation agent** — a scheduler that runs `vault_lint` on a
+  cadence. v1's linter is advisory and invoked on demand.
+- **LLM reranking of search results** — a model pass over the BM25 + vector
+  candidate set. v1 ships hybrid ranking without a rerank stage.
+- **Enforced domain separation** — v1 *documents* the convention that
+  generative-domain documents are not cross-referenced into accumulation pages;
+  the write tools do not yet enforce it. v2 will.
+
+Each of these is a clean increment on top of a surface that already works —
+deliberately deferred, not forgotten.
+
+---
+
+## Documentation
+
+- [docs/getting-started.md](docs/getting-started.md) — end-to-end walkthrough: scaffold, write, search, lint, promote, deprecate, and connect from Claude Desktop.
+- [docs/architecture.md](docs/architecture.md) — the layered architecture, the request path, and the accumulation-vs-generative domain split.
+- [docs/file-format.md](docs/file-format.md) — the complete frontmatter reference and markdown body conventions.
+
+---
+
+## Development
+
+```bash
+npm install
+npm run build      # compile TypeScript to dist/
+npm test           # run the vitest suite
+npm run dev        # run the server in watch mode against the sample vault
+```
+
+Design tenets: functions and types, no classes; tool handlers return
+`Result<T, Error>` rather than throwing; tests mirror the `src/` structure.
+
+## License
+
+MIT. Open source — `daftari` on npm, [`mavaali/daftari`](https://github.com/mavaali/daftari) on GitHub.

package/dist/access/locks.d.ts

@@ -0,0 +1,19 @@
+import Database from "better-sqlite3";
+import { type Result } from "../frontmatter/types.js";
+export type LockDb = Database.Database;
+export declare const LOCK_TTL_MS = 60000;
+export interface Lock {
+    path: string;
+    holder: string;
+    acquiredAt: number;
+    expiresAt: number;
+}
+export declare function lockDbPath(vaultRoot: string): string;
+export declare function openLockDb(vaultRoot: string): Result<LockDb, Error>;
+export declare function acquireLock(db: LockDb, path: string, holder: string, now?: number): Result<Lock, Error>;
+export declare function releaseLock(db: LockDb, path: string, holder: string): Result<{
+    released: boolean;
+}, Error>;
+export declare function isLocked(db: LockDb, path: string, now?: number): boolean;
+export declare function getLock(db: LockDb, path: string, now?: number): Lock | null;
+//# sourceMappingURL=locks.d.ts.map

package/dist/access/locks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"locks.d.ts","sourceRoot":"","sources":["../../src/access/locks.ts"],"names":[],"mappings":"AAcA,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAW,KAAK,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAE/D,MAAM,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC;AAEvC,eAAO,MAAM,WAAW,QAAS,CAAC;AAElC,MAAM,WAAW,IAAI;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAEpD;AAWD,wBAAgB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAWnE;AA4BD,wBAAgB,WAAW,CACzB,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,GAAG,GAAE,MAAmB,GACvB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAmCrB;AAKD,wBAAgB,WAAW,CACzB,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,GACb,MAAM,CAAC;IAAE,QAAQ,EAAE,OAAO,CAAA;CAAE,EAAE,KAAK,CAAC,CAQtC;AAGD,wBAAgB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,GAAE,MAAmB,GAAG,OAAO,CAKpF;AAGD,wBAAgB,OAAO,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,GAAE,MAAmB,GAAG,IAAI,GAAG,IAAI,CAIvF"}

package/dist/access/locks.js

@@ -0,0 +1,112 @@
+// File-level write locks, SQLite-backed.
+//
+// A write to a vault document acquires an exclusive lock on its path for the
+// duration of the operation. Locks carry a 60-second TTL: a lock whose
+// expires_at has passed is treated as released, so a crashed or hung writer
+// can never wedge a file permanently. There is no background reaper — TTL is
+// enforced lazily, on every acquire/isLocked check.
+//
+// Locks live in their own .daftari/locks.db (separate from the search index)
+// so a reindex never disturbs them. The file is still ephemeral: every lock
+// expires within a minute, so a lost locks.db costs nothing.
+import { mkdirSync } from "node:fs";
+import { join } from "node:path";
+import Database from "better-sqlite3";
+import { err, ok } from "../frontmatter/types.js";
+export const LOCK_TTL_MS = 60_000;
+export function lockDbPath(vaultRoot) {
+    return join(vaultRoot, ".daftari", "locks.db");
+}
+const SCHEMA = `
+CREATE TABLE IF NOT EXISTS locks (
+  path        TEXT PRIMARY KEY,
+  holder      TEXT NOT NULL,
+  acquired_at INTEGER NOT NULL,
+  expires_at  INTEGER NOT NULL
+);
+`;
+export function openLockDb(vaultRoot) {
+    try {
+        mkdirSync(join(vaultRoot, ".daftari"), { recursive: true });
+        const db = new Database(lockDbPath(vaultRoot));
+        db.pragma("journal_mode = WAL");
+        db.exec(SCHEMA);
+        return ok(db);
+    }
+    catch (e) {
+        const reason = e instanceof Error ? e.message : String(e);
+        return err(new Error(`cannot open lock db: ${reason}`));
+    }
+}
+function rowToLock(row) {
+    return {
+        path: row.path,
+        holder: row.holder,
+        acquiredAt: row.acquired_at,
+        expiresAt: row.expires_at,
+    };
+}
+// Drops every lock whose TTL has passed. Called before each acquire so an
+// expired lock is auto-released without a separate reaper.
+function purgeExpired(db, now) {
+    db.prepare("DELETE FROM locks WHERE expires_at <= ?").run(now);
+}
+// Acquires an exclusive lock on `path` for `holder`. Fails if the file is held
+// by a *different* holder under a still-live TTL. Re-acquiring a lock the same
+// holder already owns succeeds and refreshes the TTL. `now` is injectable for
+// deterministic tests.
+export function acquireLock(db, path, holder, now = Date.now()) {
+    if (typeof path !== "string" || path.length === 0) {
+        return err(new Error("acquireLock requires a non-empty path"));
+    }
+    if (typeof holder !== "string" || holder.length === 0) {
+        return err(new Error("acquireLock requires a non-empty holder"));
+    }
+    try {
+        purgeExpired(db, now);
+        const existing = db.prepare("SELECT * FROM locks WHERE path = ?").get(path);
+        if (existing && existing.holder !== holder) {
+            return err(new Error(`file is locked by ${existing.holder}: ${path} ` +
+                `(expires in ${Math.max(0, existing.expires_at - now)}ms)`));
+        }
+        const lock = {
+            path,
+            holder,
+            acquiredAt: now,
+            expiresAt: now + LOCK_TTL_MS,
+        };
+        db.prepare(`INSERT OR REPLACE INTO locks (path, holder, acquired_at, expires_at)
+       VALUES (?, ?, ?, ?)`).run(lock.path, lock.holder, lock.acquiredAt, lock.expiresAt);
+        return ok(lock);
+    }
+    catch (e) {
+        const reason = e instanceof Error ? e.message : String(e);
+        return err(new Error(`cannot acquire lock: ${reason}`));
+    }
+}
+// Releases a lock. Only the holder may release its own lock; releasing a lock
+// held by someone else (or one that no longer exists) is a no-op that reports
+// `released: false` rather than an error.
+export function releaseLock(db, path, holder) {
+    try {
+        const info = db.prepare("DELETE FROM locks WHERE path = ? AND holder = ?").run(path, holder);
+        return ok({ released: info.changes > 0 });
+    }
+    catch (e) {
+        const reason = e instanceof Error ? e.message : String(e);
+        return err(new Error(`cannot release lock: ${reason}`));
+    }
+}
+// True if `path` carries a lock whose TTL has not yet passed.
+export function isLocked(db, path, now = Date.now()) {
+    const row = db.prepare("SELECT expires_at FROM locks WHERE path = ?").get(path);
+    return row !== undefined && row.expires_at > now;
+}
+// Returns the live lock on `path`, or null if none / expired.
+export function getLock(db, path, now = Date.now()) {
+    const row = db.prepare("SELECT * FROM locks WHERE path = ?").get(path);
+    if (!row || row.expires_at <= now)
+        return null;
+    return rowToLock(row);
+}
+//# sourceMappingURL=locks.js.map

package/dist/access/locks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"locks.js","sourceRoot":"","sources":["../../src/access/locks.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,EAAE;AACF,6EAA6E;AAC7E,uEAAuE;AACvE,4EAA4E;AAC5E,6EAA6E;AAC7E,oDAAoD;AACpD,EAAE;AACF,6EAA6E;AAC7E,4EAA4E;AAC5E,6DAA6D;AAE7D,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,GAAG,EAAE,EAAE,EAAe,MAAM,yBAAyB,CAAC;AAI/D,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC;AASlC,MAAM,UAAU,UAAU,CAAC,SAAiB;IAC1C,OAAO,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,MAAM,GAAG;;;;;;;CAOd,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,SAAiB;IAC1C,IAAI,CAAC;QACH,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5D,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;QAC/C,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QAChC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChB,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;IAChB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,wBAAwB,MAAM,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AASD,SAAS,SAAS,CAAC,GAAY;IAC7B,OAAO;QACL,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,UAAU,EAAE,GAAG,CAAC,WAAW;QAC3B,SAAS,EAAE,GAAG,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,0EAA0E;AAC1E,2DAA2D;AAC3D,SAAS,YAAY,CAAC,EAAU,EAAE,GAAW;IAC3C,EAAE,CAAC,OAAO,CAAC,yCAAyC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AACjE,CAAC;AAED,+EAA+E;AAC/E,+EAA+E;AAC/E,8EAA8E;AAC9E,uBAAuB;AACvB,MAAM,UAAU,WAAW,CACzB,EAAU,EACV,IAAY,EACZ,MAAc,EACd,MAAc,IAAI,CAAC,GAAG,EAAE;IAExB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClD,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtD,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC,CAAC;IACnE,CAAC;IACD,IAAI,CAAC;QACH,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACtB,MAAM,QAAQ,GAAG,EAAE,CAAC,OAAO,CAAC,oCAAoC,CAAC,CAAC,GAAG,CAAC,IAAI,CAE7D,CAAC;QACd,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC3C,OAAO,GAAG,CACR,IAAI,KAAK,CACP,qBAAqB,QAAQ,CAAC,MAAM,KAAK,IAAI,GAAG;gBAC9C,eAAe,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,UAAU,GAAG,GAAG,CAAC,KAAK,CAC7D,CACF,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAS;YACjB,IAAI;YACJ,MAAM;YACN,UAAU,EAAE,GAAG;YACf,SAAS,EAAE,GAAG,GAAG,WAAW;SAC7B,CAAC;QACF,EAAE,CAAC,OAAO,CACR;2BACqB,CACtB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/D,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,wBAAwB,MAAM,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,8EAA8E;AAC9E,0CAA0C;AAC1C,MAAM,UAAU,WAAW,CACzB,EAAU,EACV,IAAY,EACZ,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,iDAAiD,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC7F,OAAO,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,wBAAwB,MAAM,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,8DAA8D;AAC9D,MAAM,UAAU,QAAQ,CAAC,EAAU,EAAE,IAAY,EAAE,MAAc,IAAI,CAAC,GAAG,EAAE;IACzE,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,6CAA6C,CAAC,CAAC,GAAG,CAAC,IAAI,CAEjE,CAAC;IACd,OAAO,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;AACnD,CAAC;AAED,8DAA8D;AAC9D,MAAM,UAAU,OAAO,CAAC,EAAU,EAAE,IAAY,EAAE,MAAc,IAAI,CAAC,GAAG,EAAE;IACxE,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,oCAAoC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAwB,CAAC;IAC9F,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG;QAAE,OAAO,IAAI,CAAC;IAC/C,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC;AACxB,CAAC"}

package/dist/access/rbac.d.ts

@@ -0,0 +1,18 @@
+import type { DaftariConfig, RoleConfig } from "../utils/config.js";
+export declare const GUEST_ROLE = "guest";
+export declare const WILDCARD = "*";
+export interface AccessContext {
+    user: string;
+    roleName: string;
+    role: RoleConfig | null;
+}
+export declare function resolveAccess(config: DaftariConfig, user: string, roleName: string): AccessContext;
+export declare function guestAccess(user?: string): AccessContext;
+export declare function canRead(role: RoleConfig | null, collection: string): boolean;
+export declare function canWrite(role: RoleConfig | null, collection: string): boolean;
+export declare function canPromote(role: RoleConfig | null): boolean;
+export declare function hasAnyRead(role: RoleConfig | null): boolean;
+export declare function filterByReadPermission<T extends {
+    collection: string;
+}>(role: RoleConfig | null, items: T[]): T[];
+//# sourceMappingURL=rbac.d.ts.map

package/dist/access/rbac.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rbac.d.ts","sourceRoot":"","sources":["../../src/access/rbac.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEpE,eAAO,MAAM,UAAU,UAAU,CAAC;AAClC,eAAO,MAAM,QAAQ,MAAM,CAAC;AAI5B,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,UAAU,GAAG,IAAI,CAAC;CACzB;AAKD,wBAAgB,aAAa,CAC3B,MAAM,EAAE,aAAa,EACrB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,GACf,aAAa,CAEf;AAID,wBAAgB,WAAW,CAAC,IAAI,SAAU,GAAG,aAAa,CAEzD;AAOD,wBAAgB,OAAO,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAE5E;AAGD,wBAAgB,QAAQ,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAE7E;AAGD,wBAAgB,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,GAAG,OAAO,CAE3D;AAID,wBAAgB,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,GAAG,OAAO,CAE3D;AAID,wBAAgB,sBAAsB,CAAC,CAAC,SAAS;IAAE,UAAU,EAAE,MAAM,CAAA;CAAE,EACrE,IAAI,EAAE,UAAU,GAAG,IAAI,EACvB,KAAK,EAAE,CAAC,EAAE,GACT,CAAC,EAAE,CAEL"}

package/dist/access/rbac.js

@@ -0,0 +1,48 @@
+// Role-based access control.
+//
+// Permissions are config-driven (.daftari/config.yaml) — Daftari has no user
+// management system of its own. A running server holds one AccessContext: the
+// --user / --role it was started with, resolved against the loaded config.
+//
+// The model fails safe. A role that does not exist in the config, or a server
+// started without --role, resolves to a null role — the implicit "guest" —
+// which is denied everything. Tools never grant access on a missing rule.
+export const GUEST_ROLE = "guest";
+export const WILDCARD = "*";
+// Resolves a --user / --role pair against the config into an AccessContext. An
+// unknown role name yields a null role rather than an error: unknown ⇒ guest
+// ⇒ denied, never granted.
+export function resolveAccess(config, user, roleName) {
+    return { user, roleName, role: config.roles[roleName] ?? null };
+}
+// A guest AccessContext — no role, no permissions. Used when the server is
+// started without --role.
+export function guestAccess(user = "guest") {
+    return { user, roleName: GUEST_ROLE, role: null };
+}
+function permits(list, collection) {
+    return list.includes(WILDCARD) || list.includes(collection);
+}
+// True if the role may read documents in `collection`.
+export function canRead(role, collection) {
+    return role !== null && permits(role.read, collection);
+}
+// True if the role may create/modify documents in `collection`.
+export function canWrite(role, collection) {
+    return role !== null && permits(role.write, collection);
+}
+// True if the role may promote a draft to canonical.
+export function canPromote(role) {
+    return role?.promote ?? false;
+}
+// True if the role has read access to at least one collection. Curation tools
+// (lint, tension log, provenance) are open to anyone with any read grant.
+export function hasAnyRead(role) {
+    return role !== null && role.read.length > 0;
+}
+// Keeps only the items in collections the role may read. Each item must carry
+// a `collection` field.
+export function filterByReadPermission(role, items) {
+    return items.filter((item) => canRead(role, item.collection));
+}
+//# sourceMappingURL=rbac.js.map

package/dist/access/rbac.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rbac.js","sourceRoot":"","sources":["../../src/access/rbac.ts"],"names":[],"mappings":"AAAA,6BAA6B;AAC7B,EAAE;AACF,6EAA6E;AAC7E,8EAA8E;AAC9E,2EAA2E;AAC3E,EAAE;AACF,8EAA8E;AAC9E,2EAA2E;AAC3E,0EAA0E;AAI1E,MAAM,CAAC,MAAM,UAAU,GAAG,OAAO,CAAC;AAClC,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CAAC;AAU5B,+EAA+E;AAC/E,6EAA6E;AAC7E,2BAA2B;AAC3B,MAAM,UAAU,aAAa,CAC3B,MAAqB,EACrB,IAAY,EACZ,QAAgB;IAEhB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;AAClE,CAAC;AAED,2EAA2E;AAC3E,0BAA0B;AAC1B,MAAM,UAAU,WAAW,CAAC,IAAI,GAAG,OAAO;IACxC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACpD,CAAC;AAED,SAAS,OAAO,CAAC,IAAc,EAAE,UAAkB;IACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;AAC9D,CAAC;AAED,uDAAuD;AACvD,MAAM,UAAU,OAAO,CAAC,IAAuB,EAAE,UAAkB;IACjE,OAAO,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;AACzD,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,QAAQ,CAAC,IAAuB,EAAE,UAAkB;IAClE,OAAO,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;AAC1D,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,UAAU,CAAC,IAAuB;IAChD,OAAO,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC;AAChC,CAAC;AAED,8EAA8E;AAC9E,0EAA0E;AAC1E,MAAM,UAAU,UAAU,CAAC,IAAuB;IAChD,OAAO,IAAI,KAAK,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,8EAA8E;AAC9E,wBAAwB;AACxB,MAAM,UAAU,sBAAsB,CACpC,IAAuB,EACvB,KAAU;IAEV,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;AAChE,CAAC"}

package/dist/cli.d.ts

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+export declare function initVault(targetPath: string): Promise<number>;
+export declare function run(argv: string[]): Promise<void>;
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAsJA,wBAAsB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA8DnE;AAED,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAqBvD"}