nemoris 0.1.0 → 0.1.2

package/src/runtime/bootstrap-cache.js

@@ -1,47 +1,47 @@
-import path from "node:path";
-import { ensureDir, readJson, statPath, writeJson } from "../utils/fs.js";
-
-export class IdentityBootstrapCache {
-  constructor({ rootDir }) {
-    this.rootDir = rootDir;
-  }
-
-  async get(agentId, refs, loader) {
-    const cachePath = path.join(this.rootDir, `${agentId}.json`);
-    const currentSources = await this.buildSourceState(refs);
-    const cached = await readJson(cachePath, null);
-
-    if (cached && JSON.stringify(cached.sources) === JSON.stringify(currentSources)) {
-      return cached.identity;
-    }
-
-    const identity = await loader();
-    await ensureDir(this.rootDir);
-    await writeJson(cachePath, {
-      agentId,
-      cachedAt: new Date().toISOString(),
-      sources: currentSources,
-      identity
-    });
-    return identity;
-  }
-
-  async buildSourceState(refs = {}) {
-    const result = {};
-    for (const [key, filePath] of Object.entries(refs)) {
-      if (!filePath) {
-        result[key] = null;
-        continue;
-      }
-      const stats = await statPath(filePath);
-      result[key] = stats
-        ? {
-            path: filePath,
-            mtimeMs: stats.mtimeMs,
-            size: stats.size
-          }
-        : null;
-    }
-    return result;
-  }
-}
+import path from "node:path";
+import { ensureDir, readJson, statPath, writeJson } from "../utils/fs.js";
+
+export class IdentityBootstrapCache {
+  constructor({ rootDir }) {
+    this.rootDir = rootDir;
+  }
+
+  async get(agentId, refs, loader) {
+    const cachePath = path.join(this.rootDir, `${agentId}.json`);
+    const currentSources = await this.buildSourceState(refs);
+    const cached = await readJson(cachePath, null);
+
+    if (cached && JSON.stringify(cached.sources) === JSON.stringify(currentSources)) {
+      return cached.identity;
+    }
+
+    const identity = await loader();
+    await ensureDir(this.rootDir);
+    await writeJson(cachePath, {
+      agentId,
+      cachedAt: new Date().toISOString(),
+      sources: currentSources,
+      identity
+    });
+    return identity;
+  }
+
+  async buildSourceState(refs = {}) {
+    const result = {};
+    for (const [key, filePath] of Object.entries(refs)) {
+      if (!filePath) {
+        result[key] = null;
+        continue;
+      }
+      const stats = await statPath(filePath);
+      result[key] = stats
+        ? {
+            path: filePath,
+            mtimeMs: stats.mtimeMs,
+            size: stats.size
+          }
+        : null;
+    }
+    return result;
+  }
+}

package/src/runtime/capabilities-prompt.js

@@ -1,25 +1,25 @@
-export function buildCapabilitiesPrompt(toolSchemas = []) {
-  const toolNames = toolSchemas.map((tool) => tool.name).filter(Boolean);
-  const availableTools = toolNames.length ? toolNames.join(", ") : "none";
-
-  return [
-    `Your available tools are: ${availableTools}.`,
-    "You do NOT have: sessions_send, cross-agent messaging, email sending, or web posting.",
-    "If asked to do something outside your tool set, say so honestly.",
-    "",
-    "## Live Tools",
-    "- `web_search`: Returns real-time search results from Perplexity. These are CURRENT FACTS, not training data. Treat results as authoritative for current events, prices, and dates. Do not caveat with knowledge cutoff disclaimers.",
-    "- `http_fetch`: Fetches live content from URLs. Real-time, not cached training data.",
-    "- `read_file`, `write_file`, `list_dir`: Operate on the real filesystem right now.",
-    "",
-    "## Memory Rules",
-    "- NEVER confirm a memory write unless the `write_memory` tool was actually called and succeeded.",
-    "- If a user asks about a preference you do not know, say: \"I don't know - tell me and I'll remember it for next time.\"",
-    "- Only recall personal facts you retrieved via `memory_search` or `lcm_recall`. Never invent personal facts about the user.",
-    "",
-    "## User vs Agent Identity",
-    "- YOUR name is the one defined in your soul or identity files. You are the agent, not the operator.",
-    "- The OPERATOR or USER name comes from memory or the user_ref identity file. You are NOT the user.",
-    "- When asked \"what's my name?\", answer with the operator's name from memory or user_ref, not your own.",
-  ].join("\n");
-}
+export function buildCapabilitiesPrompt(toolSchemas = []) {
+  const toolNames = toolSchemas.map((tool) => tool.name).filter(Boolean);
+  const availableTools = toolNames.length ? toolNames.join(", ") : "none";
+
+  return [
+    `Your available tools are: ${availableTools}.`,
+    "You do NOT have: sessions_send, cross-agent messaging, email sending, or web posting.",
+    "If asked to do something outside your tool set, say so honestly.",
+    "",
+    "## Live Tools",
+    "- `web_search`: Returns real-time search results from Perplexity. These are CURRENT FACTS, not training data. Treat results as authoritative for current events, prices, and dates. Do not caveat with knowledge cutoff disclaimers.",
+    "- `http_fetch`: Fetches live content from URLs. Real-time, not cached training data.",
+    "- `read_file`, `write_file`, `list_dir`: Operate on the real filesystem right now.",
+    "",
+    "## Memory Rules",
+    "- NEVER confirm a memory write unless the `write_memory` tool was actually called and succeeded.",
+    "- If a user asks about a preference you do not know, say: \"I don't know - tell me and I'll remember it for next time.\"",
+    "- Only recall personal facts you retrieved via `memory_search` or `lcm_recall`. Never invent personal facts about the user.",
+    "",
+    "## User vs Agent Identity",
+    "- YOUR name is the one defined in your soul or identity files. You are the agent, not the operator.",
+    "- The OPERATOR or USER name comes from memory or the user_ref identity file. You are NOT the user.",
+    "- When asked \"what's my name?\", answer with the operator's name from memory or user_ref, not your own.",
+  ].join("\n");
+}

package/src/runtime/completion-ping.js

@@ -1,99 +1,99 @@
-/**
- * Completion ping delivery — notifies humans and/or agents when
- * dispatched jobs finish.
- *
- * Separate from telegram-inbound.js per design constraint.
- */
-
-const MAX_OUTPUT_LENGTH = 500;
-
-/**
- * Format a completion ping message for a finished dispatch job.
- *
- * @param {object} job - Row from interactive_jobs
- * @param {string|null} output - Agent output text (null for failures)
- * @returns {string}
- */
-export function formatCompletionPing(job, output) {
-  const icon = job.status === "succeeded" ? "\u2705" : "\u274C";
-  const header = `${icon} ${job.agent_id} \u00B7 job_id: ${job.job_id}`;
-
-  if (job.status !== "succeeded" || !output) {
-    return `${header}\nStatus: ${job.status}`;
-  }
-
-  const text = typeof output === "string" ? output : JSON.stringify(output);
-  const truncated = text.length > MAX_OUTPUT_LENGTH
-    ? text.slice(0, MAX_OUTPUT_LENGTH - 3) + "..."
-    : text;
-  return `${header}\n${truncated}`;
-}
-
-/**
- * Scan for completed dispatch jobs and deliver completion pings.
- *
- * @param {import('./scheduler-state.js').SchedulerStateStore} stateStore
- * @param {{ operatorChatId: string, botTokenEnv: string }} telegramConfig
- * @param {{ fetchImpl: Function, botToken: string, logger?: object }} options
- */
-export async function fireCompletionPings(stateStore, telegramConfig, options = {}) {
-  const { fetchImpl = globalThis.fetch, botToken, logger = console } = options;
-
-  const completed = stateStore.getCompletedDispatchJobs();
-  if (completed.length === 0) return;
-
-  for (const job of completed) {
-    const pingMessage = formatCompletionPing(job, job.status === "succeeded" ? job.input : null);
-    let delivered = true;
-
-    // Human delivery path
-    if (job.completion_target === "human" || job.completion_target === "both") {
-      const chatId = telegramConfig.operatorChatId;
-      if (chatId && botToken) {
-        try {
-          const res = await fetchImpl(`https://api.telegram.org/bot${botToken}/sendMessage`, {
-            method: "POST",
-            headers: { "content-type": "application/json" },
-            body: JSON.stringify({ chat_id: chatId, text: pingMessage }),
-          });
-          const body = await res.json();
-          if (!body.ok) {
-            delivered = false;
-            logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: body.description || "sendMessage failed" }));
-          }
-        } catch (error) {
-          delivered = false;
-          logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: error.message }));
-        }
-      } else {
-        delivered = false;
-      }
-    }
-
-    // Agent delivery path — enqueue synthetic interactive job for the triggering agent
-    if (job.completion_target === "agent" || job.completion_target === "both") {
-      try {
-        stateStore.enqueueInteractiveJob({
-          jobId: `ping-${job.job_id}-${Date.now()}`,
-          agentId: job.triggered_by,
-          input: pingMessage,
-          source: "completion_ping",
-          chatId: "",
-        });
-      } catch (error) {
-        delivered = false;
-        logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: error.message }));
-      }
-    }
-
-    if (delivered) {
-      stateStore.markCompletionPinged(job.job_id);
-    } else {
-      stateStore.incrementCompletionPingAttempts(job.job_id);
-      const updated = stateStore.getInteractiveJob(job.job_id);
-      if (updated.completion_pinged_at === "FAILED") {
-        logger.warn(JSON.stringify({ service: "completion_ping", jobId: job.job_id, event: "gave_up", attempts: updated.completion_ping_attempts }));
-      }
-    }
-  }
-}
+/**
+ * Completion ping delivery — notifies humans and/or agents when
+ * dispatched jobs finish.
+ *
+ * Separate from telegram-inbound.js per design constraint.
+ */
+
+const MAX_OUTPUT_LENGTH = 500;
+
+/**
+ * Format a completion ping message for a finished dispatch job.
+ *
+ * @param {object} job - Row from interactive_jobs
+ * @param {string|null} output - Agent output text (null for failures)
+ * @returns {string}
+ */
+export function formatCompletionPing(job, output) {
+  const icon = job.status === "succeeded" ? "\u2705" : "\u274C";
+  const header = `${icon} ${job.agent_id} \u00B7 job_id: ${job.job_id}`;
+
+  if (job.status !== "succeeded" || !output) {
+    return `${header}\nStatus: ${job.status}`;
+  }
+
+  const text = typeof output === "string" ? output : JSON.stringify(output);
+  const truncated = text.length > MAX_OUTPUT_LENGTH
+    ? text.slice(0, MAX_OUTPUT_LENGTH - 3) + "..."
+    : text;
+  return `${header}\n${truncated}`;
+}
+
+/**
+ * Scan for completed dispatch jobs and deliver completion pings.
+ *
+ * @param {import('./scheduler-state.js').SchedulerStateStore} stateStore
+ * @param {{ operatorChatId: string, botTokenEnv: string }} telegramConfig
+ * @param {{ fetchImpl: Function, botToken: string, logger?: object }} options
+ */
+export async function fireCompletionPings(stateStore, telegramConfig, options = {}) {
+  const { fetchImpl = globalThis.fetch, botToken, logger = console } = options;
+
+  const completed = stateStore.getCompletedDispatchJobs();
+  if (completed.length === 0) return;
+
+  for (const job of completed) {
+    const pingMessage = formatCompletionPing(job, job.status === "succeeded" ? job.input : null);
+    let delivered = true;
+
+    // Human delivery path
+    if (job.completion_target === "human" || job.completion_target === "both") {
+      const chatId = telegramConfig.operatorChatId;
+      if (chatId && botToken) {
+        try {
+          const res = await fetchImpl(`https://api.telegram.org/bot${botToken}/sendMessage`, {
+            method: "POST",
+            headers: { "content-type": "application/json" },
+            body: JSON.stringify({ chat_id: chatId, text: pingMessage }),
+          });
+          const body = await res.json();
+          if (!body.ok) {
+            delivered = false;
+            logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: body.description || "sendMessage failed" }));
+          }
+        } catch (error) {
+          delivered = false;
+          logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: error.message }));
+        }
+      } else {
+        delivered = false;
+      }
+    }
+
+    // Agent delivery path — enqueue synthetic interactive job for the triggering agent
+    if (job.completion_target === "agent" || job.completion_target === "both") {
+      try {
+        stateStore.enqueueInteractiveJob({
+          jobId: `ping-${job.job_id}-${Date.now()}`,
+          agentId: job.triggered_by,
+          input: pingMessage,
+          source: "completion_ping",
+          chatId: "",
+        });
+      } catch (error) {
+        delivered = false;
+        logger.error(JSON.stringify({ service: "completion_ping", jobId: job.job_id, error: error.message }));
+      }
+    }
+
+    if (delivered) {
+      stateStore.markCompletionPinged(job.job_id);
+    } else {
+      stateStore.incrementCompletionPingAttempts(job.job_id);
+      const updated = stateStore.getInteractiveJob(job.job_id);
+      if (updated.completion_pinged_at === "FAILED") {
+        logger.warn(JSON.stringify({ service: "completion_ping", jobId: job.job_id, event: "gave_up", attempts: updated.completion_ping_attempts }));
+      }
+    }
+  }
+}

package/src/runtime/config-validator.js

@@ -1,121 +1,121 @@
-import { statPath } from "../utils/fs.js";
-
-const SECRET_KEY_PATTERN = /(api[-_]?key|token|secret|password)$/i;
-
-function resolveNamedProfile(profiles, profileName) {
-  if (!profileName) return null;
-  return profiles[profileName] || profiles[String(profileName).replace(/_([a-z])/g, (_, letter) => letter.toUpperCase())] || null;
-}
-
-function pushError(errors, code, details) {
-  errors.push({ code, details });
-}
-
-function stringifyValidationErrors(errors) {
-  return errors.map((item) => `${item.code}: ${item.details}`).join("\n");
-}
-
-function validateSecretShape(errors, scopeLabel, object) {
-  if (!object || typeof object !== "object") return;
-  for (const [key, value] of Object.entries(object)) {
-    if (!SECRET_KEY_PATTERN.test(key)) continue;
-    if (typeof value !== "string" || !value) continue;
-    if (key === "authRef" && value.startsWith("env:")) continue;
-    pushError(errors, "unsafe_secret_reference", `${scopeLabel}.${key} must use env-backed auth, not inline secret material`);
-  }
-}
-
-async function validatePathRef(errors, label, filePath) {
-  if (!filePath) return;
-  const stats = await statPath(filePath);
-  if (!stats?.isFile()) {
-    pushError(errors, "missing_file_ref", `${label} -> ${filePath}`);
-  }
-}
-
-export async function validateRuntimeConfig(config) {
-  const errors = [];
-
-  if (!config.providers || Object.keys(config.providers).length === 0) {
-    pushError(errors, "providers_missing", "No providers are configured.");
-  }
-
-  for (const [providerId, provider] of Object.entries(config.providers || {})) {
-    if (!provider.baseUrl) pushError(errors, "provider_base_url_missing", providerId);
-    if (
-      provider.authRef &&
-      !String(provider.authRef).startsWith("env:") &&
-      !String(provider.authRef).startsWith("profile:")
-    ) {
-      pushError(errors, "provider_auth_ref_invalid", `${providerId}.authRef must start with env: or profile:`);
-    }
-    validateSecretShape(errors, `providers.${providerId}`, provider);
-  }
-
-  for (const [laneId, lane] of Object.entries(config.router || {})) {
-    if (!lane.primary) pushError(errors, "lane_primary_missing", laneId);
-  }
-
-  const deliveryProfiles = config.delivery?.profiles || {};
-  const defaultProfiles = [
-    config.delivery?.defaultInteractiveProfile,
-    config.delivery?.defaultInteractiveProfileStandalone,
-    config.delivery?.defaultPeerProfile,
-    config.delivery?.defaultPeerProfileStandalone,
-    config.delivery?.defaultSchedulerProfile
-  ].filter(Boolean);
-  for (const profileName of defaultProfiles) {
-    if (!resolveNamedProfile(deliveryProfiles, profileName)) {
-      pushError(errors, "delivery_profile_missing", `default profile ${profileName}`);
-    }
-  }
-
-  for (const [agentId, agent] of Object.entries(config.agents || {})) {
-    await validatePathRef(errors, `agents.${agentId}.soulRef`, agent.soulRef);
-    await validatePathRef(errors, `agents.${agentId}.purposeRef`, agent.purposeRef);
-    const deliveryProfile = agent.delivery?.profile;
-    if (deliveryProfile && !resolveNamedProfile(deliveryProfiles, deliveryProfile)) {
-      pushError(errors, "delivery_profile_missing", `agents.${agentId}.delivery.profile -> ${deliveryProfile}`);
-    }
-  }
-
-  for (const [jobId, job] of Object.entries(config.jobs || {})) {
-    if (!config.agents?.[job.agentId]) {
-      pushError(errors, "job_agent_missing", `${jobId}.agentId -> ${job.agentId}`);
-    }
-    if (!config.router?.[job.modelLane]) {
-      pushError(errors, "job_lane_missing", `${jobId}.modelLane -> ${job.modelLane}`);
-    }
-    const fallbackLane = job.reportFallback?.lane;
-    if (fallbackLane && !config.router?.[fallbackLane]) {
-      pushError(errors, "job_fallback_lane_missing", `${jobId}.reportFallback.lane -> ${fallbackLane}`);
-    }
-  }
-
-  for (const [peerId, peer] of Object.entries(config.peers?.peers || {})) {
-    if (peer.deliveryProfile && !resolveNamedProfile(deliveryProfiles, peer.deliveryProfile)) {
-      pushError(errors, "peer_delivery_profile_missing", `${peerId}.deliveryProfile -> ${peer.deliveryProfile}`);
-    }
-    if (!Array.isArray(peer.sessionKeys) || peer.sessionKeys.length === 0) {
-      pushError(errors, "peer_session_keys_missing", peerId);
-    }
-  }
-
-  // Split into hard errors (broken config) and soft warnings (expected in fresh/no-provider installs)
-  const softCodes = new Set(["providers_missing", "job_lane_missing", "job_agent_missing"]);
-  const hardErrors = errors.filter((e) => !softCodes.has(e.code));
-  const warnings = errors.filter((e) => softCodes.has(e.code));
-
-  if (hardErrors.length) {
-    const error = new Error(`Runtime config validation failed:\n${stringifyValidationErrors(hardErrors)}`);
-    error.validationErrors = errors; // include all for doctor/diagnostics
-    error.errors = hardErrors;
-    throw error;
-  }
-
-  return {
-    ok: warnings.length === 0,
-    warnings,
-    checkedAt: new Date().toISOString()
-  };
-}
+import { statPath } from "../utils/fs.js";
+
+const SECRET_KEY_PATTERN = /(api[-_]?key|token|secret|password)$/i;
+
+function resolveNamedProfile(profiles, profileName) {
+  if (!profileName) return null;
+  return profiles[profileName] || profiles[String(profileName).replace(/_([a-z])/g, (_, letter) => letter.toUpperCase())] || null;
+}
+
+function pushError(errors, code, details) {
+  errors.push({ code, details });
+}
+
+function stringifyValidationErrors(errors) {
+  return errors.map((item) => `${item.code}: ${item.details}`).join("\n");
+}
+
+function validateSecretShape(errors, scopeLabel, object) {
+  if (!object || typeof object !== "object") return;
+  for (const [key, value] of Object.entries(object)) {
+    if (!SECRET_KEY_PATTERN.test(key)) continue;
+    if (typeof value !== "string" || !value) continue;
+    if (key === "authRef" && value.startsWith("env:")) continue;
+    pushError(errors, "unsafe_secret_reference", `${scopeLabel}.${key} must use env-backed auth, not inline secret material`);
+  }
+}
+
+async function validatePathRef(errors, label, filePath) {
+  if (!filePath) return;
+  const stats = await statPath(filePath);
+  if (!stats?.isFile()) {
+    pushError(errors, "missing_file_ref", `${label} -> ${filePath}`);
+  }
+}
+
+export async function validateRuntimeConfig(config) {
+  const errors = [];
+
+  if (!config.providers || Object.keys(config.providers).length === 0) {
+    pushError(errors, "providers_missing", "No providers are configured.");
+  }
+
+  for (const [providerId, provider] of Object.entries(config.providers || {})) {
+    if (!provider.baseUrl) pushError(errors, "provider_base_url_missing", providerId);
+    if (
+      provider.authRef &&
+      !String(provider.authRef).startsWith("env:") &&
+      !String(provider.authRef).startsWith("profile:")
+    ) {
+      pushError(errors, "provider_auth_ref_invalid", `${providerId}.authRef must start with env: or profile:`);
+    }
+    validateSecretShape(errors, `providers.${providerId}`, provider);
+  }
+
+  for (const [laneId, lane] of Object.entries(config.router || {})) {
+    if (!lane.primary) pushError(errors, "lane_primary_missing", laneId);
+  }
+
+  const deliveryProfiles = config.delivery?.profiles || {};
+  const defaultProfiles = [
+    config.delivery?.defaultInteractiveProfile,
+    config.delivery?.defaultInteractiveProfileStandalone,
+    config.delivery?.defaultPeerProfile,
+    config.delivery?.defaultPeerProfileStandalone,
+    config.delivery?.defaultSchedulerProfile
+  ].filter(Boolean);
+  for (const profileName of defaultProfiles) {
+    if (!resolveNamedProfile(deliveryProfiles, profileName)) {
+      pushError(errors, "delivery_profile_missing", `default profile ${profileName}`);
+    }
+  }
+
+  for (const [agentId, agent] of Object.entries(config.agents || {})) {
+    await validatePathRef(errors, `agents.${agentId}.soulRef`, agent.soulRef);
+    await validatePathRef(errors, `agents.${agentId}.purposeRef`, agent.purposeRef);
+    const deliveryProfile = agent.delivery?.profile;
+    if (deliveryProfile && !resolveNamedProfile(deliveryProfiles, deliveryProfile)) {
+      pushError(errors, "delivery_profile_missing", `agents.${agentId}.delivery.profile -> ${deliveryProfile}`);
+    }
+  }
+
+  for (const [jobId, job] of Object.entries(config.jobs || {})) {
+    if (!config.agents?.[job.agentId]) {
+      pushError(errors, "job_agent_missing", `${jobId}.agentId -> ${job.agentId}`);
+    }
+    if (!config.router?.[job.modelLane]) {
+      pushError(errors, "job_lane_missing", `${jobId}.modelLane -> ${job.modelLane}`);
+    }
+    const fallbackLane = job.reportFallback?.lane;
+    if (fallbackLane && !config.router?.[fallbackLane]) {
+      pushError(errors, "job_fallback_lane_missing", `${jobId}.reportFallback.lane -> ${fallbackLane}`);
+    }
+  }
+
+  for (const [peerId, peer] of Object.entries(config.peers?.peers || {})) {
+    if (peer.deliveryProfile && !resolveNamedProfile(deliveryProfiles, peer.deliveryProfile)) {
+      pushError(errors, "peer_delivery_profile_missing", `${peerId}.deliveryProfile -> ${peer.deliveryProfile}`);
+    }
+    if (!Array.isArray(peer.sessionKeys) || peer.sessionKeys.length === 0) {
+      pushError(errors, "peer_session_keys_missing", peerId);
+    }
+  }
+
+  // Split into hard errors (broken config) and soft warnings (expected in fresh/no-provider installs)
+  const softCodes = new Set(["providers_missing", "job_lane_missing", "job_agent_missing"]);
+  const hardErrors = errors.filter((e) => !softCodes.has(e.code));
+  const warnings = errors.filter((e) => softCodes.has(e.code));
+
+  if (hardErrors.length) {
+    const error = new Error(`Runtime config validation failed:\n${stringifyValidationErrors(hardErrors)}`);
+    error.validationErrors = errors; // include all for doctor/diagnostics
+    error.errors = hardErrors;
+    throw error;
+  }
+
+  return {
+    ok: warnings.length === 0,
+    warnings,
+    checkedAt: new Date().toISOString()
+  };
+}