funolio-agent 0.17.8 → 1.0.3

package/dist/local-server.js

@@ -61,6 +61,7 @@ const config_cleanup_1 = require("./config-cleanup");
 const status_parser_1 = require("./orchestration/status-parser");
 const guided_actions_1 = require("./orchestration/guided-actions");
 const topic_normalizer_1 = require("./orchestration/topic-normalizer");
+const policy_prompt_1 = require("./orchestration/policy-prompt");
 const safeguards_1 = require("./orchestration/safeguards");
 const token_counter_1 = require("./token-counter");
 const response_guard_1 = require("./response-guard");
@@ -72,6 +73,7 @@ const claude_config_writer_1 = require("./mcp/claude-config-writer");
 const subscription_runtime_1 = require("./auth/subscription-runtime");
 const local_memory_search_1 = require("./local-memory-search");
 const orchestrator_profile_1 = require("./orchestrator-profile");
+const policy_detection_1 = require("./policy-detection");
 const server_runtime_1 = require("./server-runtime");
 const server_adapter_1 = require("./server-adapter");
 const wizard_support_1 = require("./wizard-support");
@@ -94,6 +96,10 @@ function startLocalServer(opts) {
     const express = requireExpress();
     const app = express();
     const port = opts.port ?? LOCAL_PORT;
+    const cliNormalization = data.normalizeCliProviderConnections();
+    if (cliNormalization.updatedIds.length > 0) {
+        console.info(`[local-server] normalized ${cliNormalization.updatedIds.length} CLI provider connection(s): ${cliNormalization.updatedIds.join(', ')}`);
+    }
     // Middleware
     app.use(express.json({ limit: '10mb' }));
     // CORS: allow any local origin. Server only listens on 127.0.0.1 so
@@ -108,6 +114,13 @@ function startLocalServer(opts) {
         next();
     });
     const USER_TODO_ACTOR = { actorType: 'user', actorId: 'User' };
+    function workerTodoActorFromBody(body) {
+        const actorType = body?.actorType === 'orchestrator' ? 'orchestrator' : 'llm';
+        const actorId = String(body?.actorId || '').trim();
+        if (!actorId)
+            throw new Error('actorId is required');
+        return { actorType, actorId };
+    }
     function sendTodoError(res, err) {
         const message = err?.message || String(err);
         if (/^Conflict:/i.test(message)) {
@@ -132,7 +145,7 @@ function startLocalServer(opts) {
                     model: preferred.default_model || '',
                     name: 'Default Agent',
                     providerConnectionId: preferred.id,
-                    apiKeyEnc: preferred.api_key_enc || preferred.oauth_token || '',
+                    apiKeyEnc: preferred.api_key_enc || '',
                     isDefault: true,
                 });
                 console.log(chalk_1.default.green('  Created default agent profile from DB-backed provider connection'));
@@ -795,21 +808,31 @@ function startLocalServer(opts) {
             if (!providerId || !accessToken) {
                 return res.status(400).json({ error: 'providerId and accessToken are required' });
             }
-            const canonicalProviderId = providerId === 'claude-cli'
-                ? 'anthropic'
-                : providerId === 'codex-cli'
-                    ? 'openai'
-                    : providerId;
-            const providerIds = [canonicalProviderId];
-            const updated = providerIds.map((id) => {
+            const effectiveProviderId = providerId === 'claude-cli' || providerId === 'codex-cli'
+                ? providerId
+                : cli === 'claude'
+                    ? 'claude-cli'
+                    : cli === 'codex'
+                        ? 'codex-cli'
+                        : providerId;
+            const isCliProvider = effectiveProviderId === 'claude-cli' || effectiveProviderId === 'codex-cli';
+            if (!isCliProvider) {
+                return res.status(400).json({ error: 'Desktop auth refresh only supports Claude CLI or Codex CLI sessions.' });
+            }
+            const metadataJson = JSON.stringify({
+                source: cli ? `desktop-cli:${cli}` : 'desktop-cli',
+            });
+            const updated = [effectiveProviderId].map((id) => {
                 const existing = data.findProviderConnection(id);
                 if (existing) {
                     return data.updateProviderConnection(existing.id, {
-                        accessMode: 'oauth',
-                        authType: 'oauth',
-                        oauthToken: accessToken,
-                        oauthRefreshToken: refreshToken || null,
-                        oauthExpiresAt: Number.isFinite(expiresAt) ? expiresAt : null,
+                        accessMode: 'cli',
+                        authType: 'cli',
+                        apiKeyEnc: null,
+                        oauthToken: null,
+                        oauthRefreshToken: null,
+                        oauthExpiresAt: null,
+                        metadataJson,
                         status: 'active',
                         lastValidatedAt: new Date().toISOString(),
                         lastError: null,
@@ -817,16 +840,12 @@ function startLocalServer(opts) {
                 }
                 return data.createProviderConnection({
                     providerId: id,
-                    accessMode: 'oauth',
-                    authType: 'oauth',
-                    oauthToken: accessToken,
-                    oauthRefreshToken: refreshToken || undefined,
-                    oauthExpiresAt: Number.isFinite(expiresAt) ? expiresAt : null,
+                    accessMode: 'cli',
+                    authType: 'cli',
+                    oauthExpiresAt: null,
                     status: 'active',
                     lastValidatedAt: new Date().toISOString(),
-                    metadataJson: JSON.stringify({
-                        source: cli ? `desktop-cli:${cli}` : 'desktop-cli',
-                    }),
+                    metadataJson,
                 });
             });
             res.json({ ok: true, updated });
@@ -1892,6 +1911,51 @@ function startLocalServer(opts) {
             sendTodoError(res, err);
         }
     });
+    app.post('/api/todo/:id/worker-complete', (req, res) => {
+        try {
+            const taskId = Number(req.params.id);
+            const { outputSummary, artifactRefs, handoffPrompt, insertTask, expectedVersion, expectedLastUpdated, } = req.body || {};
+            const result = data.completeTodoTaskByWorker(taskId, {
+                outputSummary: outputSummary === undefined ? undefined : String(outputSummary),
+                artifactRefs: Array.isArray(artifactRefs) ? artifactRefs : undefined,
+                handoffPrompt: handoffPrompt === undefined ? undefined : String(handoffPrompt),
+                insertTask: insertTask ? {
+                    title: String(insertTask.title || ''),
+                    prompt: String(insertTask.prompt || ''),
+                    nextWorker: insertTask.nextWorker === undefined ? undefined : String(insertTask.nextWorker || ''),
+                    taskType: insertTask.taskType === undefined ? undefined : String(insertTask.taskType || ''),
+                    successCriteria: insertTask.successCriteria === undefined ? undefined : String(insertTask.successCriteria || ''),
+                    details: insertTask.details === undefined ? undefined : String(insertTask.details || ''),
+                } : undefined,
+                expectedVersion: expectedVersion === undefined ? undefined : Number(expectedVersion),
+                expectedLastUpdated: expectedLastUpdated === undefined ? undefined : String(expectedLastUpdated),
+                actor: workerTodoActorFromBody(req.body || {}),
+            });
+            res.json(result);
+        }
+        catch (err) {
+            sendTodoError(res, err);
+        }
+    });
+    app.post('/api/todo/:id/worker-block', (req, res) => {
+        try {
+            const taskId = Number(req.params.id);
+            const { blockerSummary, checkedContext, userQuestion, artifactRefs, expectedVersion, expectedLastUpdated, } = req.body || {};
+            const result = data.blockTodoTaskByWorker(taskId, {
+                blockerSummary: String(blockerSummary || ''),
+                checkedContext: String(checkedContext || ''),
+                userQuestion: String(userQuestion || ''),
+                artifactRefs: Array.isArray(artifactRefs) ? artifactRefs : undefined,
+                expectedVersion: expectedVersion === undefined ? undefined : Number(expectedVersion),
+                expectedLastUpdated: expectedLastUpdated === undefined ? undefined : String(expectedLastUpdated),
+                actor: workerTodoActorFromBody(req.body || {}),
+            });
+            res.json(result);
+        }
+        catch (err) {
+            sendTodoError(res, err);
+        }
+    });
     app.delete('/api/todo/:id', (req, res) => {
         try {
             const taskId = Number(req.params.id);
@@ -2091,13 +2155,13 @@ function startLocalServer(opts) {
             let profile = botId ? data.getAgentProfile(botId) : data.getDefaultAgentProfile();
             if (!profile) {
                 // Auto-create a default profile from the DB-backed provider connection if available.
-                const providerConnection = data.listProviderConnections().find((conn) => !!(conn.api_key_enc || conn.oauth_token));
+                const providerConnection = data.listProviderConnections().find((conn) => conn.access_mode === 'cli' || !!conn.api_key_enc);
                 if (providerConnection) {
                     profile = data.createAgentProfile({
                         provider: providerConnection.provider_id,
                         model: providerConnection.default_model || 'default',
                         name: providerConnection.label || 'Default Agent',
-                        apiKeyEnc: providerConnection.api_key_enc || providerConnection.oauth_token || '',
+                        apiKeyEnc: providerConnection.api_key_enc || '',
                         isDefault: true,
                     });
                 }
@@ -2160,9 +2224,32 @@ function startLocalServer(opts) {
                 }
             };
             // Save user message (skip if multi-bot call where first bot already saved it)
+            let savedUserMessage = null;
             if (!skipUserMessage) {
-                data.addMessage(convId, 'user', message);
+                savedUserMessage = data.addMessage(convId, 'user', message);
                 (0, context_window_1.incrementTurnCount)(convId);
+                const convForPolicy = data.getConversation(convId);
+                const effectiveProjectId = projectId ? String(projectId) : (convForPolicy?.project_id || undefined);
+                const projectForPolicy = effectiveProjectId ? data.getProject(effectiveProjectId) : undefined;
+                const currentPolicy = data.getEffectiveOrchestrationPolicy(effectiveProjectId);
+                const clerkForPolicy = (0, clerk_model_1.getClerk)();
+                const agentNames = data.listAgentProfiles().map((agent) => agent.name);
+                if (clerkForPolicy && savedUserMessage) {
+                    void (0, policy_detection_1.stagePolicyDetectionForMessage)({
+                        prompt: message,
+                        conversationId: convId,
+                        messageId: savedUserMessage.id,
+                        projectId: effectiveProjectId,
+                        projectName: projectForPolicy?.name,
+                        currentPolicy,
+                        clerk: clerkForPolicy,
+                        source: 'turn',
+                        requireCodeSignal: true,
+                        agentNames,
+                    }).catch((err) => {
+                        console.error(chalk_1.default.yellow(`  [policy-detection] ${err.message}`));
+                    });
+                }
             }
             // ─── Orchestrator Mode Branch ─────────────────────────
             if ((0, orchestrator_profile_1.isOrchestratorProfile)(profile)) {
@@ -2384,13 +2471,17 @@ function startLocalServer(opts) {
                 if (fallbackMeta.length > 0) {
                     systemPrompt += '\n\n[Project Overview]\n' + fallbackMeta.join('\n');
                 }
+                const effectivePolicy = data.getEffectiveOrchestrationPolicy(convForFallback?.project_id || undefined);
+                systemPrompt += '\n\n' + (0, policy_prompt_1.buildEffectivePolicyPromptSection)(effectivePolicy, {
+                    heading: '[Effective Policy]',
+                    defaultLine: 'No confirmed special policy is set.',
+                });
                 try {
                     const todoStatus = data.getTodoStatusMarker(convForFallback?.project_id ?? undefined);
                     systemPrompt += `\n\n[TODO Coordination]\nTODO STATUS: ${todoStatus}`;
                 }
                 catch { /* best-effort */ }
                 systemPrompt += '\n\n' + (0, clerk_model_1.buildTodoInstructions)(profile?.name || profile?.id || 'LLM');
-                systemPrompt += '\n\n' + (0, clerk_model_1.buildMemoryCaptureInstructions)();
                 let hasSummary = false;
                 try {
                     const summaryContext = (0, context_window_1.getPromptContextWindow)(convId, safeguards_1.SAFEGUARDS.CONTEXT_WINDOW_TURNS);
@@ -4078,28 +4169,6 @@ async function buildChatRuntime(profile) {
     const cliModel = (profile.model || '').trim() || 'default';
     const apiKeyFallback = buildApiKeyFallback(profile);
     if (providerName === 'claude-cli' || providerName === 'codex-cli') {
-        // CLI-FIRST: Use CLI auth as primary (no daily re-auth).
-        // Subscription/OAuth is available as a fallback via apiKeyFallback if CLI fails at call time.
-        const subscriptionFallback = await resolveSubscriptionApiRuntime(profile);
-        const oauthFallback = subscriptionFallback ? {
-            providerName: subscriptionFallback.providerName,
-            apiKey: subscriptionFallback.apiKey,
-            model: subscriptionFallback.model,
-            llm: (0, index_1.createProvider)(subscriptionFallback.providerName, {
-                apiKey: subscriptionFallback.apiKey,
-                model: subscriptionFallback.model,
-                ...(subscriptionFallback.providerName === 'anthropic'
-                    ? { requestShape: (0, subscription_runtime_1.resolveClaudeSubscriptionRequestShape)(subscriptionFallback.source) }
-                    : {}),
-                ...(subscriptionFallback.baseUrl ? { baseUrl: subscriptionFallback.baseUrl } : {}),
-                ...(subscriptionFallback.apiQuery ? { apiQuery: subscriptionFallback.apiQuery } : {}),
-                ...(subscriptionFallback.apiStyle ? { apiStyle: subscriptionFallback.apiStyle } : {}),
-                ...(subscriptionFallback.authMode ? { authMode: subscriptionFallback.authMode } : {}),
-                ...(subscriptionFallback.extraHeaders ? { extraHeaders: subscriptionFallback.extraHeaders } : {}),
-            }),
-            runtimeMode: 'subscription-api',
-            runtimeSource: subscriptionFallback.source,
-        } : undefined;
         return {
             providerName,
             apiKey: 'cli-auth',
@@ -4107,8 +4176,7 @@ async function buildChatRuntime(profile) {
             llm: (0, index_1.createProvider)(providerName, { apiKey: 'cli-auth', model: cliModel }),
             runtimeMode: 'subscription-cli',
             runtimeSource: 'cli-direct',
-            // OAuth available as fallback if CLI auth fails
-            apiKeyFallback: oauthFallback || apiKeyFallback,
+            apiKeyFallback,
         };
     }
     const apiKey = resolveApiKey(profile);
@@ -4126,8 +4194,6 @@ async function buildChatRuntime(profile) {
     };
 }
 function runtimeModeLabel(mode, runtimeSource) {
-    if (mode === 'subscription-api')
-        return (0, subscription_runtime_1.claudeSubscriptionRuntimeLabel)(runtimeSource);
     if (mode === 'subscription-cli')
         return 'Subscription CLI';
     return 'API Key';
@@ -4148,21 +4214,10 @@ function configuredRuntimeLabelForProfile(profile) {
     const directConnection = profile.provider_connection_id
         ? data.listProviderConnections().find((row) => row.id === profile.provider_connection_id)
         : undefined;
-    const connection = profile.provider === 'claude-cli'
-        ? data.findProviderConnection('anthropic', 'openclaw')
-            || data.findProviderConnection('anthropic', 'oauth')
-            || directConnection
-        : profile.provider === 'codex-cli'
-            ? data.findProviderConnection('openai', 'oauth')
-                || directConnection
-            : directConnection;
+    const connection = directConnection;
     if (connection) {
-        if (connection.access_mode === 'openclaw')
-            return 'OpenClaw Connection';
         if (connection.access_mode === 'cli')
             return 'Subscription CLI';
-        if (connection.auth_type === 'oauth')
-            return 'Subscription API';
         return 'API Key';
     }
     if (profile.provider === 'claude-cli' || profile.provider === 'codex-cli') {
@@ -4324,7 +4379,7 @@ function buildApiKeyFallback(profile) {
             ? 'anthropic'
             : profile.provider;
     const configured = data.findProviderConnection(providerName);
-    const apiKey = configured?.api_key_enc || configured?.oauth_token || resolveApiKey({ ...profile, provider: providerName });
+    const apiKey = configured?.api_key_enc || resolveApiKey({ ...profile, provider: providerName });
     if (!apiKey)
         return undefined;
     const model = (0, subscription_runtime_1.resolveSubscriptionApiModel)(profile.model, configured?.default_model || undefined)
@@ -4339,36 +4394,6 @@ function buildApiKeyFallback(profile) {
         runtimeSource: 'api-key-fallback',
     };
 }
-async function resolveSubscriptionApiRuntime(profile) {
-    if (profile.provider === 'claude-cli') {
-        try {
-            const profileConnection = profile.provider_connection_id
-                ? data.getProviderConnection(profile.provider_connection_id)
-                : undefined;
-            return await (0, subscription_runtime_1.resolveClaudeSubscriptionRuntime)({
-                preferredModel: profile.model,
-                inputToken: profileConnection?.access_mode === 'openclaw' ? (profileConnection.api_key_enc || null) : null,
-                inputAccessMode: profileConnection?.access_mode || null,
-            });
-        }
-        catch (err) {
-            console.warn(chalk_1.default.yellow(`  [chat] Claude subscription auth failed: ${err?.message || err}`));
-            return null;
-        }
-    }
-    if (profile.provider === 'codex-cli') {
-        try {
-            return await (0, subscription_runtime_1.resolveCodexSubscriptionRuntime)({
-                preferredModel: profile.model,
-            });
-        }
-        catch (err) {
-            console.warn(chalk_1.default.yellow(`  [chat] Codex subscription auth failed: ${err?.message || err}`));
-            return null;
-        }
-    }
-    return null;
-}
 function resolveApiKey(profile) {
     // Check profile-stored key first
     if (profile.api_key_enc)
@@ -4377,8 +4402,6 @@ function resolveApiKey(profile) {
     const providerConnection = data.findProviderConnection(profile.provider);
     if (providerConnection?.api_key_enc)
         return providerConnection.api_key_enc;
-    if (providerConnection?.oauth_token)
-        return providerConnection.oauth_token;
     // Env vars
     switch (profile.provider) {
         case 'anthropic': return process.env.ANTHROPIC_API_KEY;