hoomanjs 1.11.1 → 1.11.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hoomanjs",
-  "version": "1.11.1",
+  "version": "1.11.3",
   "description": "Bun-powered local AI agent CLI with chat, exec, ACP, MCP, and skills support.",
   "author": {
     "name": "Vaibhav Pandey",

package/src/acp/acp-agent.ts

@@ -350,7 +350,6 @@ export class AcpAgent implements AgentContract {
       createAcpToolApprovalHook(
         this.#connection,
         sessionId,
-        config,
         () =>
           this.#sessions.get(sessionId)?.streamedToolCallIds ??
           EMPTY_STREAMED_TOOL_CALL_IDS,
@@ -458,7 +457,6 @@ export class AcpAgent implements AgentContract {
       createAcpToolApprovalHook(
         this.#connection,
         params.sessionId,
-        config,
         () =>
           this.#sessions.get(params.sessionId)?.streamedToolCallIds ??
           EMPTY_STREAMED_TOOL_CALL_IDS,

package/src/acp/approvals.ts

@@ -1,17 +1,16 @@
 import type { AgentSideConnection } from "@agentclientprotocol/sdk";
 import { BeforeToolCallEvent, type HookCallback } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
 import {
   INTERNAL_ALWAYS_ALLOWED,
-  inferToolKind,
-  toolDisplayTitle,
-} from "./utils/tool-kind.ts";
+  allowToolForSession,
+  isToolSessionAllowed,
+} from "../core/approvals/allowed-tools.ts";
+import { inferToolKind, toolDisplayTitle } from "./utils/tool-kind.ts";
 import { toolCallLocationsFromInput } from "./utils/tool-locations.ts";
 
 export function createAcpToolApprovalHook(
   connection: AgentSideConnection,
   sessionId: string,
-  config: Config,
   /** Tool calls already announced via model stream (`tool_call` pending). */
   streamPrimedToolCallIds?: () => ReadonlySet<string>,
 ): HookCallback<BeforeToolCallEvent> {
@@ -53,7 +52,7 @@ export function createAcpToolApprovalHook(
 
     if (
       INTERNAL_ALWAYS_ALLOWED.has(name) ||
-      config.tools.allowed.includes(name)
+      isToolSessionAllowed(event.agent, name)
     ) {
       await connection.sessionUpdate({
         sessionId,
@@ -122,7 +121,7 @@ export function createAcpToolApprovalHook(
       return;
     }
     if (optionId === "allow_always") {
-      config.update({ tools: { allowed: [...config.tools.allowed, name] } });
+      allowToolForSession(event.agent, name);
       await connection.sessionUpdate({
         sessionId,
         update: {

package/src/acp/utils/tool-kind.ts

@@ -1,7 +1,7 @@
 import type { ToolKind } from "@agentclientprotocol/sdk";
 import type { Tool } from "@strands-agents/sdk";
+import { INTERNAL_ALWAYS_ALLOWED } from "../../core/approvals/allowed-tools.ts";
 
-const INTERNAL_ALWAYS_ALLOWED = new Set(["strands_structured_output"]);
 const KNOWN_TOOL_KINDS = new Map<string, ToolKind>([
   ["read_file", "read"],
   ["read_multiple_files", "read"],

package/src/chat/app.tsx

@@ -11,7 +11,6 @@ import {
   type Agent,
   type AgentStreamEvent,
 } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
 import type { Manager as McpManager } from "../core/mcp/index.ts";
 import type { Registry } from "../core/skills/index.ts";
 import {
@@ -26,7 +25,6 @@ import type { ApprovalRequest, ChatLine } from "./types.ts";
 
 type ChatAppProps = {
   agent: Agent;
-  config: Config;
   sessionId: string;
   manager: McpManager;
   registry: Registry;
@@ -69,7 +67,6 @@ function toToolResultText(result: unknown): string {
 
 export function ChatApp({
   agent,
-  config,
   sessionId,
   manager,
   registry,
@@ -143,13 +140,13 @@ export function ChatApp({
     });
     const cleanupHook = agent.addHook(
       BeforeToolCallEvent,
-      createChatApprovalHandler(config, controller, { yolo }),
+      createChatApprovalHandler(controller, { yolo }),
     );
     return () => {
       cleanupListener();
       cleanupHook();
     };
-  }, [agent, config, yolo]);
+  }, [agent, yolo]);
 
   const appendLine = useCallback((line: ChatLine) => {
     setLines((prev) => [...prev, line]);

package/src/chat/approvals.ts

@@ -1,8 +1,10 @@
 import { BeforeToolCallEvent } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
+import {
+  INTERNAL_ALWAYS_ALLOWED,
+  allowToolForSession,
+  isToolSessionAllowed,
+} from "../core/approvals/allowed-tools.ts";
 import type { ApprovalDecision, ApprovalRequest } from "./types.ts";
-
-const INTERNAL_ALWAYS_ALLOWED = new Set(["strands_structured_output"]);
 const INPUT_PREVIEW_LIMIT = 256;
 
 function previewInput(input: unknown): string {
@@ -67,7 +69,6 @@ export class ChatApprovalController {
 }
 
 export function createChatApprovalHandler(
-  config: Config,
   controller: ChatApprovalController,
   options?: { yolo?: boolean },
 ): (event: BeforeToolCallEvent) => Promise<void> {
@@ -78,7 +79,7 @@ export function createChatApprovalHandler(
     }
     if (
       INTERNAL_ALWAYS_ALLOWED.has(toolName) ||
-      config.tools.allowed.includes(toolName)
+      isToolSessionAllowed(event.agent, toolName)
     ) {
       return;
     }
@@ -88,11 +89,7 @@ export function createChatApprovalHandler(
       return;
     }
     if (decision === "always") {
-      if (!config.tools.allowed.includes(toolName)) {
-        config.update({
-          tools: { allowed: [...config.tools.allowed, toolName] },
-        });
-      }
+      allowToolForSession(event.agent, toolName);
       return;
     }
     event.cancel = `Tool "${toolName}" was rejected by the user.`;

package/src/chat/index.tsx

@@ -1,14 +1,12 @@
 import React from "react";
 import { render } from "ink";
 import type { Agent } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
 import type { Manager as McpManager } from "../core/mcp/index.ts";
 import type { Registry } from "../core/skills/index.ts";
 import { ChatApp } from "./app.tsx";
 
 type LaunchChatOptions = {
   agent: Agent;
-  config: Config;
   manager: McpManager;
   registry: Registry;
   sessionId: string;
@@ -21,7 +19,6 @@ export async function chat(options: LaunchChatOptions): Promise<void> {
   const { waitUntilExit, unmount } = render(
     <ChatApp
       agent={options.agent}
-      config={options.config}
       manager={options.manager}
       registry={options.registry}
       sessionId={options.sessionId}

package/src/cli.ts

@@ -53,13 +53,12 @@ program
     async (prompt: string, options: { session?: string; yolo?: boolean }) => {
       const sessionId = options.session?.trim() || crypto.randomUUID();
       const {
-        config,
         agent,
         mcp: { manager },
       } = await bootstrap({ sessionId }, true);
       agent.addHook(
         BeforeToolCallEvent,
-        createToolApprovalHandler(config, { yolo: Boolean(options.yolo) }),
+        createToolApprovalHandler({ yolo: Boolean(options.yolo) }),
       );
       try {
         await agent.invoke(prompt);
@@ -84,7 +83,6 @@ program
     ) => {
       const sessionId = options.session?.trim() || crypto.randomUUID();
       const {
-        config,
         agent,
         mcp: { manager },
         registry,
@@ -93,7 +91,6 @@ program
       try {
         await chat({
           agent,
-          config,
           manager,
           registry,
           sessionId,
@@ -129,7 +126,6 @@ program
     }) => {
       const session = options.session?.trim();
       const {
-        config,
         agent,
         mcp: { manager },
       } = await bootstrap(
@@ -141,7 +137,7 @@ program
       );
       agent.addHook(
         BeforeToolCallEvent,
-        createDaemonApprovalHandler(config, manager, agent, {
+        createDaemonApprovalHandler(manager, agent, {
           yolo: Boolean(options.yolo),
         }),
       );

package/src/core/approvals/allowed-tools.ts

@@ -0,0 +1,61 @@
+type AppStateLike = {
+  get<T = unknown>(key: string): T;
+  set(key: string, value: unknown): void;
+};
+
+type AgentLike = {
+  appState: AppStateLike;
+};
+
+const SESSION_ALLOWED_TOOLS_KEY = "allowedTools";
+
+export const INTERNAL_ALWAYS_ALLOWED = new Set(["strands_structured_output"]);
+
+function normalizeAllowedTools(value: unknown): string[] {
+  if (!Array.isArray(value)) {
+    return [];
+  }
+
+  const unique = new Set<string>();
+  for (const entry of value) {
+    if (typeof entry !== "string") {
+      continue;
+    }
+    const normalized = entry.trim();
+    if (!normalized) {
+      continue;
+    }
+    unique.add(normalized);
+  }
+  return [...unique];
+}
+
+export function getSessionAllowedTools(agent: AgentLike): string[] {
+  const current = normalizeAllowedTools(
+    agent.appState.get(SESSION_ALLOWED_TOOLS_KEY),
+  );
+  const raw = agent.appState.get(SESSION_ALLOWED_TOOLS_KEY);
+  if (!Array.isArray(raw) || current.length !== raw.length) {
+    agent.appState.set(SESSION_ALLOWED_TOOLS_KEY, current);
+  }
+  return current;
+}
+
+export function isToolSessionAllowed(
+  agent: AgentLike,
+  toolName: string,
+): boolean {
+  return getSessionAllowedTools(agent).includes(toolName);
+}
+
+export function allowToolForSession(agent: AgentLike, toolName: string): void {
+  const normalized = toolName.trim();
+  if (!normalized) {
+    return;
+  }
+  const allowed = getSessionAllowedTools(agent);
+  if (allowed.includes(normalized)) {
+    return;
+  }
+  agent.appState.set(SESSION_ALLOWED_TOOLS_KEY, [...allowed, normalized]);
+}

package/src/core/memory/stm/lazy-session-manager.ts

@@ -2,21 +2,26 @@ import {
   AfterInvocationEvent,
   BeforeInvocationEvent,
   Message,
+  contentBlockFromData,
   type LocalAgent,
   type MessageData,
   type Plugin,
+  type SystemPrompt,
+  type SystemPromptData,
   type Snapshot,
   type SnapshotLocation,
   type SnapshotStorage,
 } from "@strands-agents/sdk";
+import type { JSONValue } from "@strands-agents/sdk";
 
 const DEFAULT_SESSION_ID = "default-session";
 const DEFAULT_APP_STATE_KEY = "sessionId";
 const DEFAULT_SCOPE_ID = "agent";
-const SCHEMA_VERSION = "1.0";
+const SNAPSHOT_SCHEMA_VERSION = "1.0";
 // `FileStorage` (and any backend that follows its convention) validates ids
 // against `[a-z0-9_-]+`, so coerce anything else (e.g. `919599960600@c.us`).
 const UNSAFE_CHARS = /[^a-z0-9_-]+/g;
+const RUNTIME_OWNED_KEYS = ["userId", "origin"] as const;
 
 export type LazySessionManagerConfig = {
   /** Pluggable snapshot backend (e.g. `FileStorage`). */
@@ -86,27 +91,21 @@ export class LazySessionManager implements Plugin {
   }
 
   private async restore(agent: LocalAgent): Promise<void> {
+    const runtimeState = this.captureRuntimeState(agent);
     const snapshot = await this.storage.loadSnapshot({
       location: this.location(agent),
     });
     agent.messages.length = 0;
-    if (!snapshot) return;
-    const raw = snapshot.data.messages;
-    if (!Array.isArray(raw)) return;
-    for (const md of raw as unknown as MessageData[]) {
-      agent.messages.push(Message.fromJSON(md));
+    if (!snapshot) {
+      this.restoreRuntimeState(agent, runtimeState);
+      return;
     }
+    loadSnapshot(agent, snapshot);
+    this.restoreRuntimeState(agent, runtimeState);
   }
 
   private async save(agent: LocalAgent): Promise<void> {
-    const messages = agent.messages.map((m) => m.toJSON());
-    const snapshot: Snapshot = {
-      scope: "agent",
-      schemaVersion: SCHEMA_VERSION,
-      createdAt: new Date().toISOString(),
-      data: { messages: messages as unknown as Snapshot["data"]["messages"] },
-      appData: {},
-    };
+    const snapshot = takeSnapshot(agent);
     await this.storage.saveSnapshot({
       location: this.location(agent),
       snapshotId: "latest",
@@ -114,9 +113,108 @@ export class LazySessionManager implements Plugin {
       snapshot,
     });
   }
+
+  private captureRuntimeState(agent: LocalAgent): Map<string, unknown> {
+    const state = new Map<string, unknown>();
+    const keys = [this.appStateKey, ...RUNTIME_OWNED_KEYS];
+    for (const key of keys) {
+      state.set(key, agent.appState.get(key));
+    }
+    return state;
+  }
+
+  private restoreRuntimeState(
+    agent: LocalAgent,
+    runtimeState: Map<string, unknown>,
+  ): void {
+    for (const [key, value] of runtimeState.entries()) {
+      if (value === undefined) {
+        agent.appState.delete(key);
+        continue;
+      }
+      agent.appState.set(key, value);
+    }
+  }
 }
 
 function sanitize(value: string): string {
   const trimmed = value.trim().toLowerCase().replace(UNSAFE_CHARS, "_");
   return trimmed.length > 0 ? trimmed : DEFAULT_SESSION_ID;
 }
+
+function takeSnapshot(agent: LocalAgent): Snapshot {
+  const data: Record<string, JSONValue> = {
+    messages: agent.messages.map((message) =>
+      message.toJSON(),
+    ) as unknown as JSONValue,
+    state: agent.appState.getAll() as JSONValue,
+    systemPrompt:
+      agent.systemPrompt !== undefined
+        ? (systemPromptToData(agent.systemPrompt) as JSONValue)
+        : null,
+  };
+
+  return {
+    scope: "agent",
+    schemaVersion: SNAPSHOT_SCHEMA_VERSION,
+    createdAt: new Date().toISOString(),
+    data,
+    appData: {},
+  };
+}
+
+function loadSnapshot(agent: LocalAgent, snapshot: Snapshot): void {
+  if (snapshot.scope !== "agent") {
+    throw new Error(`Expected snapshot scope 'agent', got '${snapshot.scope}'`);
+  }
+  if (snapshot.schemaVersion !== SNAPSHOT_SCHEMA_VERSION) {
+    throw new Error(
+      `Unsupported snapshot schema version: ${snapshot.schemaVersion}. Current version: ${SNAPSHOT_SCHEMA_VERSION}`,
+    );
+  }
+
+  if ("messages" in snapshot.data) {
+    const messages = snapshot.data.messages;
+    agent.messages.length = 0;
+    for (const msgData of messages as unknown as MessageData[]) {
+      agent.messages.push(Message.fromJSON(msgData));
+    }
+  }
+
+  if ("state" in snapshot.data) {
+    const state = snapshot.data.state;
+    const nextState =
+      state && typeof state === "object" && !Array.isArray(state)
+        ? (state as Record<string, JSONValue>)
+        : {};
+    agent.appState.clear();
+    for (const [key, value] of Object.entries(nextState)) {
+      agent.appState.set(key, value);
+    }
+  }
+
+  if ("systemPrompt" in snapshot.data) {
+    const systemPrompt = snapshot.data.systemPrompt;
+    if (systemPrompt !== null) {
+      agent.systemPrompt = systemPromptFromData(
+        systemPrompt as SystemPromptData,
+      );
+    } else {
+      delete agent.systemPrompt;
+    }
+  }
+}
+
+function systemPromptToData(prompt: SystemPrompt): SystemPromptData {
+  if (typeof prompt === "string") {
+    return prompt;
+  }
+  return prompt.map((block) => block.toJSON()) as SystemPromptData;
+}
+
+function systemPromptFromData(data: SystemPromptData): SystemPrompt {
+  if (typeof data === "string") {
+    return data;
+  }
+  return data.map((block) => contentBlockFromData(block)) as SystemPrompt;
+}

package/src/daemon/approvals.ts

@@ -1,7 +1,10 @@
 import type { Agent, BeforeToolCallEvent } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
 import type { Manager as McpManager } from "../core/mcp/index.ts";
-import { INTERNAL_ALWAYS_ALLOWED } from "../acp/utils/tool-kind.ts";
+import {
+  INTERNAL_ALWAYS_ALLOWED,
+  allowToolForSession,
+  isToolSessionAllowed,
+} from "../core/approvals/allowed-tools.ts";
 
 const TOOL_DESCRIPTION_PREVIEW_LIMIT = 50;
 const TOOL_ARGS_PREVIEW_LIMIT = 50;
@@ -62,7 +65,6 @@ function readOrigin(agent: Agent): ChannelOrigin | null {
 }
 
 export function createDaemonApprovalHandler(
-  config: Config,
   manager: McpManager,
   agent: Agent,
   options?: { yolo?: boolean },
@@ -74,7 +76,7 @@ export function createDaemonApprovalHandler(
     }
     if (
       INTERNAL_ALWAYS_ALLOWED.has(name) ||
-      config.tools.allowed.includes(name)
+      isToolSessionAllowed(event.agent, name)
     ) {
       return;
     }
@@ -116,9 +118,7 @@ export function createDaemonApprovalHandler(
       return;
     }
     if (behavior === "allow_always") {
-      if (!config.tools.allowed.includes(name)) {
-        config.update({ tools: { allowed: [...config.tools.allowed, name] } });
-      }
+      allowToolForSession(event.agent, name);
       return;
     }
 

package/src/daemon/index.ts

@@ -64,16 +64,26 @@ export async function main(options: RunDaemonOptions): Promise<void> {
 
       options.agent.appState.set("userId", user);
       options.agent.appState.set("sessionId", session);
-      options.agent.appState.set("origin", {
+      const origin = {
         server: message.meta.server,
         channel: message.meta.channel,
-        source: message.meta.source,
-        user: message.meta.identity.user,
-        session: message.meta.identity.session,
-        thread: message.meta.identity.thread,
+        ...(message.meta.source ? { source: message.meta.source } : {}),
+        ...(message.meta.identity.user
+          ? { user: message.meta.identity.user }
+          : {}),
+        ...(message.meta.identity.session
+          ? { session: message.meta.identity.session }
+          : {}),
+        ...(message.meta.identity.thread
+          ? { thread: message.meta.identity.thread }
+          : {}),
+      };
+      options.agent.appState.set("origin", {
+        ...origin,
       });
 
       try {
+        debug(`invoking agent → ${tag} session=${session} user=${user}`);
         await options.agent.invoke(message.prompt);
         debug(`completed → ${tag} session=${session} user=${user}`);
       } catch (error) {

package/src/exec/approvals.ts

@@ -1,9 +1,11 @@
 import { createInterface } from "node:readline/promises";
 import { stdin, stdout } from "node:process";
 import { BeforeToolCallEvent } from "@strands-agents/sdk";
-import type { Config } from "../core/config.ts";
-
-const INTERNAL_ALWAYS_ALLOWED = new Set(["strands_structured_output"]);
+import {
+  INTERNAL_ALWAYS_ALLOWED,
+  allowToolForSession,
+  isToolSessionAllowed,
+} from "../core/approvals/allowed-tools.ts";
 const INPUT_PREVIEW_LIMIT = 1_024;
 
 type ApprovalDecision = "allow" | "reject" | "always";
@@ -57,10 +59,9 @@ async function promptForApproval(
 
 type BeforeToolCallEventHandler = (event: BeforeToolCallEvent) => Promise<void>;
 
-export function createToolApprovalHandler(
-  config: Config,
-  options?: { yolo?: boolean },
-): BeforeToolCallEventHandler {
+export function createToolApprovalHandler(options?: {
+  yolo?: boolean;
+}): BeforeToolCallEventHandler {
   return async function onBeforeToolCallEvent(event: BeforeToolCallEvent) {
     const name = event.toolUse.name;
     if (options?.yolo) {
@@ -68,12 +69,12 @@ export function createToolApprovalHandler(
     }
     if (
       INTERNAL_ALWAYS_ALLOWED.has(name) ||
-      config.tools.allowed.includes(name)
+      isToolSessionAllowed(event.agent, name)
     ) {
       return;
     }
     if (!canPromptForApproval()) {
-      event.cancel = `Tool "${name}" requires approval, but no interactive terminal is available. Add it to config.tools.allowed to always allow it.`;
+      event.cancel = `Tool "${name}" requires approval, but no interactive terminal is available.`;
       return;
     }
     const decision = await promptForApproval(event);
@@ -81,7 +82,7 @@ export function createToolApprovalHandler(
       return;
     }
     if (decision === "always") {
-      config.update({ tools: { allowed: [...config.tools.allowed, name] } });
+      allowToolForSession(event.agent, name);
       return;
     }
     event.cancel = `Tool "${name}" was rejected by the user.`;