omnius 1.0.340 → 1.0.342
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +422 -9
- package/docs/reference/auth-map.md +229 -0
- package/npm-shrinkwrap.json +63 -48
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -560736,7 +560736,7 @@ var init_critic = __esm({
|
|
|
560736
560736
|
function extractSubject(errorText) {
|
|
560737
560737
|
if (!errorText)
|
|
560738
560738
|
return null;
|
|
560739
|
-
const
|
|
560739
|
+
const PATTERNS2 = [
|
|
560740
560740
|
// Quoted module / type / symbol after recognizable phrases
|
|
560741
560741
|
/cannot find (?:module|name|type|symbol|reference|file|namespace)\s+['"`]([^'"`\n]{1,80})['"`]/i,
|
|
560742
560742
|
/(?:undefined|unresolved)\s+(?:reference|import|symbol)\s+(?:to\s+)?['"`]([^'"`\n]{1,80})['"`]/i,
|
|
@@ -560751,7 +560751,7 @@ function extractSubject(errorText) {
|
|
|
560751
560751
|
/\bcannot resolve\s+['"`]?([^'"`\n\s]{1,120})['"`]?/i,
|
|
560752
560752
|
/\bmodule not found:?\s+['"`]?([^'"`\n\s]{1,120})['"`]?/i
|
|
560753
560753
|
];
|
|
560754
|
-
for (const re of
|
|
560754
|
+
for (const re of PATTERNS2) {
|
|
560755
560755
|
const m2 = errorText.match(re);
|
|
560756
560756
|
if (m2 && m2[1]) {
|
|
560757
560757
|
const subj = m2[1].trim();
|
|
@@ -564747,6 +564747,111 @@ function recommendFanout(breadth) {
|
|
|
564747
564747
|
return 3;
|
|
564748
564748
|
return 1;
|
|
564749
564749
|
}
|
|
564750
|
+
function deriveRegions(rootEntries, packagesEntries, opts = {}) {
|
|
564751
|
+
const max = Math.max(2, opts.max ?? 8);
|
|
564752
|
+
const keep = (e2) => e2.isDir && !e2.name.startsWith(".") && !REGION_IGNORE_RE.test(e2.name);
|
|
564753
|
+
const pkgs = (packagesEntries ?? []).filter(keep).map((e2) => `packages/${e2.name}`);
|
|
564754
|
+
if (pkgs.length >= 2)
|
|
564755
|
+
return pkgs.slice(0, max);
|
|
564756
|
+
const dirs = (rootEntries ?? []).filter(keep).map((e2) => e2.name);
|
|
564757
|
+
return dirs.slice(0, max);
|
|
564758
|
+
}
|
|
564759
|
+
function buildExplorerPrompt(brief) {
|
|
564760
|
+
return [
|
|
564761
|
+
`You are a READ-ONLY exploration sub-agent. Objective: ${brief.objective}`,
|
|
564762
|
+
`Your region (do NOT read outside it): ${brief.scope}`,
|
|
564763
|
+
"Boundaries:",
|
|
564764
|
+
...brief.boundaries.map((b) => `- ${b}`),
|
|
564765
|
+
"FIRST run grep_search across your region for keywords from the objective; open only the most promising hits with file_read. Read NARROW — never dump whole files.",
|
|
564766
|
+
"Then call task_complete. In the summary, give one short line per genuinely-relevant file as `path — why it matters`.",
|
|
564767
|
+
"Your summary MUST END with a single line in EXACTLY this format, listing ONLY files that truly match the objective:",
|
|
564768
|
+
" RELEVANT_FILES: <comma-separated repo-relative paths>",
|
|
564769
|
+
"If your region has NOTHING pertinent, the final line must be exactly: RELEVANT_FILES: none",
|
|
564770
|
+
"Do NOT list files you merely read to rule the region out — only real matches go in RELEVANT_FILES."
|
|
564771
|
+
].join("\n");
|
|
564772
|
+
}
|
|
564773
|
+
function extractPathFindings(text2) {
|
|
564774
|
+
const findings = [];
|
|
564775
|
+
const seen = /* @__PURE__ */ new Set();
|
|
564776
|
+
const pathRe = /([A-Za-z0-9_.@/-]+\/[A-Za-z0-9_./-]+\.[A-Za-z]{1,6})(?:\s*[—:\-]+\s*(.*))?/;
|
|
564777
|
+
for (const line of String(text2 || "").split(/\r?\n/)) {
|
|
564778
|
+
const m2 = line.match(pathRe);
|
|
564779
|
+
if (!m2 || !m2[1])
|
|
564780
|
+
continue;
|
|
564781
|
+
const path12 = m2[1].replace(/[)\]}.,;]+$/, "");
|
|
564782
|
+
if (seen.has(path12))
|
|
564783
|
+
continue;
|
|
564784
|
+
seen.add(path12);
|
|
564785
|
+
findings.push({ path: path12, whyRelevant: (m2[2] ?? "").trim().slice(0, 200) });
|
|
564786
|
+
}
|
|
564787
|
+
return findings;
|
|
564788
|
+
}
|
|
564789
|
+
function parseExplorerDigest(region, rawText) {
|
|
564790
|
+
const text2 = String(rawText || "");
|
|
564791
|
+
const reasonByPath = new Map(extractPathFindings(text2).map((f2) => [f2.path, f2.whyRelevant]));
|
|
564792
|
+
const relMatches = [...text2.matchAll(/RELEVANT_FILES?\s*:\s*(.+)/gi)];
|
|
564793
|
+
if (relMatches.length > 0) {
|
|
564794
|
+
const value2 = (relMatches[relMatches.length - 1][1] ?? "").trim();
|
|
564795
|
+
if (/^(none|n\/a|-|nil|empty)\b/i.test(value2)) {
|
|
564796
|
+
return { region, relevant: false, findings: [], summary: "" };
|
|
564797
|
+
}
|
|
564798
|
+
const paths = [];
|
|
564799
|
+
const seen = /* @__PURE__ */ new Set();
|
|
564800
|
+
for (const tok of value2.split(/[,|]/)) {
|
|
564801
|
+
const m2 = tok.match(PATH_LIKE_RE);
|
|
564802
|
+
if (!m2)
|
|
564803
|
+
continue;
|
|
564804
|
+
const p2 = m2[0];
|
|
564805
|
+
if (!seen.has(p2)) {
|
|
564806
|
+
seen.add(p2);
|
|
564807
|
+
paths.push(p2);
|
|
564808
|
+
}
|
|
564809
|
+
}
|
|
564810
|
+
if (paths.length > 0) {
|
|
564811
|
+
return compressFindings({
|
|
564812
|
+
region,
|
|
564813
|
+
relevant: true,
|
|
564814
|
+
findings: paths.map((p2) => ({ path: p2, whyRelevant: reasonByPath.get(p2) ?? "" })),
|
|
564815
|
+
summary: ""
|
|
564816
|
+
});
|
|
564817
|
+
}
|
|
564818
|
+
return { region, relevant: false, findings: [], summary: "" };
|
|
564819
|
+
}
|
|
564820
|
+
const jsonMatch = text2.match(/\{[\s\S]*\}/);
|
|
564821
|
+
if (jsonMatch) {
|
|
564822
|
+
try {
|
|
564823
|
+
const obj = JSON.parse(jsonMatch[0]);
|
|
564824
|
+
if (obj && typeof obj === "object") {
|
|
564825
|
+
const explicitlyIrrelevant = obj["relevant"] === false;
|
|
564826
|
+
const rawFindings = Array.isArray(obj["findings"]) ? obj["findings"] : [];
|
|
564827
|
+
const findings = rawFindings.map((f2) => {
|
|
564828
|
+
const o2 = f2 ?? {};
|
|
564829
|
+
const why = o2["whyRelevant"] ?? o2["why_relevant"] ?? o2["why"] ?? "";
|
|
564830
|
+
const snip = o2["snippet"];
|
|
564831
|
+
return {
|
|
564832
|
+
path: String(o2["path"] ?? ""),
|
|
564833
|
+
whyRelevant: String(why),
|
|
564834
|
+
...snip ? { snippet: String(snip) } : {}
|
|
564835
|
+
};
|
|
564836
|
+
}).filter((f2) => f2.path);
|
|
564837
|
+
if (explicitlyIrrelevant || findings.length > 0) {
|
|
564838
|
+
return compressFindings({
|
|
564839
|
+
region,
|
|
564840
|
+
relevant: !explicitlyIrrelevant && findings.length > 0,
|
|
564841
|
+
findings,
|
|
564842
|
+
summary: typeof obj["summary"] === "string" ? obj["summary"] : ""
|
|
564843
|
+
});
|
|
564844
|
+
}
|
|
564845
|
+
}
|
|
564846
|
+
} catch {
|
|
564847
|
+
}
|
|
564848
|
+
}
|
|
564849
|
+
if (NEGATIVE_SIGNAL_RE.test(text2)) {
|
|
564850
|
+
return { region, relevant: false, findings: [], summary: "" };
|
|
564851
|
+
}
|
|
564852
|
+
const scraped = extractPathFindings(text2);
|
|
564853
|
+
return compressFindings({ region, relevant: scraped.length > 0, findings: scraped, summary: "" });
|
|
564854
|
+
}
|
|
564750
564855
|
function buildExplorerBriefs(objectivePrefix, regions) {
|
|
564751
564856
|
const outputSchema = "Return JSON: { relevant: boolean, findings: [{ path, why_relevant, snippet? }], summary }. Return relevant=false with empty findings if your region has nothing pertinent (do NOT pad).";
|
|
564752
564857
|
return regions.map((region) => ({
|
|
@@ -564792,14 +564897,11 @@ function fanoutDirective(taskText) {
|
|
|
564792
564897
|
const n2 = recommendFanout(classifyBreadth(sig));
|
|
564793
564898
|
if (n2 < 2)
|
|
564794
564899
|
return null;
|
|
564795
|
-
const schema = buildExplorerBriefs("x", ["x"])[0].outputSchema;
|
|
564796
564900
|
return [
|
|
564797
564901
|
"[Exploration strategy — fan out]",
|
|
564798
|
-
|
|
564799
|
-
`
|
|
564800
|
-
"
|
|
564801
|
-
"Then YOU merge the digests: drop the empty regions, dedupe paths, and work from the merged digest — keep your own context small by reasoning over the distilled findings, never raw file dumps.",
|
|
564802
|
-
"Only fan out when the surface genuinely spans multiple regions; for a single-file or narrow change, just do it directly."
|
|
564902
|
+
"This task is broad, read-heavy discovery across multiple components. Do NOT grep the whole repo serially into your own context — that floods you with raw output and is slow.",
|
|
564903
|
+
"Instead make ONE call to `fanout_explore` with a clear `objective` (what you need to find). It splits the codebase into non-overlapping regions, runs parallel READ-ONLY explorer sub-agents that each return a DISTILLED digest, merges them, and hands you back a compact map of relevant paths — keeping your own context small.",
|
|
564904
|
+
"After fanout_explore returns, work from the merged digest: open only the paths it flagged. Fall back to direct grep_search/file_read only for a single-file or narrow follow-up."
|
|
564803
564905
|
].join("\n");
|
|
564804
564906
|
}
|
|
564805
564907
|
function mergeDigests(digests) {
|
|
@@ -564818,11 +564920,14 @@ function mergeDigests(digests) {
|
|
|
564818
564920
|
const synthesis = relevant.length ? `${relevant.length} region(s) yielded ${paths.length} relevant path(s); ${emptyRegions.length} region(s) empty.` : `No relevant findings across ${digests.length} region(s).`;
|
|
564819
564921
|
return { digests: relevant, paths, emptyRegions, synthesis };
|
|
564820
564922
|
}
|
|
564821
|
-
var EXPLORE_INTENT_RE;
|
|
564923
|
+
var EXPLORE_INTENT_RE, REGION_IGNORE_RE, PATH_LIKE_RE, NEGATIVE_SIGNAL_RE;
|
|
564822
564924
|
var init_exploration_fanout = __esm({
|
|
564823
564925
|
"packages/orchestrator/dist/exploration-fanout.js"() {
|
|
564824
564926
|
"use strict";
|
|
564825
564927
|
EXPLORE_INTENT_RE = /\b(explore|discover|find|locate|search|where\b|which file|map (out )?the|survey|audit|trace|understand the|gather|investigate|look (through|across)|grep|scan the (code|repo))\b/i;
|
|
564928
|
+
REGION_IGNORE_RE = /^(node_modules|dist|build|coverage|out|tmp|temp|\.git|\.next|\.turbo|\.cache|\.omnius|\.aiwg|\.vscode|\.idea|target|vendor)$/i;
|
|
564929
|
+
PATH_LIKE_RE = /[A-Za-z0-9_.@/-]+\/[A-Za-z0-9_./-]+\.[A-Za-z]{1,6}/;
|
|
564930
|
+
NEGATIVE_SIGNAL_RE = /findings?\s*:?\s*\**\s*none\b|\bnone\s+found\b|\bno\s+(relevant\s+)?(matches|results|findings|auth\w*|bearer|token)\b|\bnot\s+handled\b|\bnothing\s+(pertinent|relevant|found)\b|no[^.\n]{0,40}\b(was|were)\s+found\b/i;
|
|
564826
564931
|
}
|
|
564827
564932
|
});
|
|
564828
564933
|
|
|
@@ -565070,6 +565175,79 @@ var init_consolidation_runtime = __esm({
|
|
|
565070
565175
|
}
|
|
565071
565176
|
});
|
|
565072
565177
|
|
|
565178
|
+
// packages/orchestrator/dist/completion-evidence-gate.js
|
|
565179
|
+
function classifyCompletionClaim(text2) {
|
|
565180
|
+
const t2 = String(text2 || "");
|
|
565181
|
+
for (const p2 of PATTERNS) {
|
|
565182
|
+
if (p2.re.test(t2)) {
|
|
565183
|
+
return { category: p2.category, requiresIndependentEvidence: true, requiredCheck: p2.check };
|
|
565184
|
+
}
|
|
565185
|
+
}
|
|
565186
|
+
return { category: null, requiresIndependentEvidence: false, requiredCheck: "" };
|
|
565187
|
+
}
|
|
565188
|
+
function detectExitCodeMisread(text2) {
|
|
565189
|
+
const t2 = String(text2 || "");
|
|
565190
|
+
const nonzeroExit = /\bexit(?:ed|s)?\b[^.\n]{0,20}?\b(?:code\s*)?(?:[1-9]\d*|non-?zero)\b/i;
|
|
565191
|
+
const successWord = /\b(success(?:ful|fully|ed)?|succeeded|done|passed|works?|working|fine|ok|complete[d]?)\b/i;
|
|
565192
|
+
if (nonzeroExit.test(t2) && successWord.test(t2))
|
|
565193
|
+
return true;
|
|
565194
|
+
if (/\|\|\s*true\b|\bset \+e\b|2>\/dev\/null\s*;\s*(echo|exit 0)/i.test(t2))
|
|
565195
|
+
return true;
|
|
565196
|
+
return false;
|
|
565197
|
+
}
|
|
565198
|
+
function auditCompletionClaims(claims) {
|
|
565199
|
+
const blockers = [];
|
|
565200
|
+
for (const c8 of claims || []) {
|
|
565201
|
+
const cls = classifyCompletionClaim(c8.text);
|
|
565202
|
+
if (!cls.requiresIndependentEvidence || !cls.category)
|
|
565203
|
+
continue;
|
|
565204
|
+
if (c8.status !== "supported") {
|
|
565205
|
+
blockers.push({ claim: String(c8.text || "").slice(0, 160), category: cls.category, requiredCheck: cls.requiredCheck });
|
|
565206
|
+
}
|
|
565207
|
+
}
|
|
565208
|
+
return { ok: blockers.length === 0, blockers };
|
|
565209
|
+
}
|
|
565210
|
+
function completionEvidenceDirective() {
|
|
565211
|
+
return [
|
|
565212
|
+
"[Evidence-gated completion — do not pretend success]",
|
|
565213
|
+
"Before you claim a task is done, optimize for 'is the end state actually correct?', NOT 'did I make the change?'. Each of these claim types REQUIRES an independent check from a DIFFERENT command than the one that made the change:",
|
|
565214
|
+
"- A process is 'running/started/up' → re-probe liveness after a short delay (ps/pgrep, a health endpoint, or the listening port). A PID file or a launcher log is NOT proof it stayed alive — 'started' ≠ 'running'.",
|
|
565215
|
+
"- Something is 'installed/available' → verify with `command -v`/`--version`/a package query, NOT the installer's own log.",
|
|
565216
|
+
"- A bug is 'fixed' → re-run the ORIGINAL failing command/test and watch it pass, not just confirm the edit landed.",
|
|
565217
|
+
"- A success in simulation/mock/dry-run mode → label it as SIMULATED; never present it as the real capability.",
|
|
565218
|
+
"Exit codes: a non-zero exit is NOT success; a zero exit from a wrapper / `|| true` / `set +e` is NOT proof the underlying thing worked — inspect what actually happened.",
|
|
565219
|
+
"If you cannot produce the independent evidence, say so plainly and mark the item unverified or partial — never report a success state you have not verified."
|
|
565220
|
+
].join("\n");
|
|
565221
|
+
}
|
|
565222
|
+
var PATTERNS;
|
|
565223
|
+
var init_completion_evidence_gate = __esm({
|
|
565224
|
+
"packages/orchestrator/dist/completion-evidence-gate.js"() {
|
|
565225
|
+
"use strict";
|
|
565226
|
+
PATTERNS = [
|
|
565227
|
+
{
|
|
565228
|
+
category: "process_liveness",
|
|
565229
|
+
re: /\b(running|started|launched|spun up|brought up|is up|listening|serving|alive|daemon (is|now)|service (is|now)|server (is|now)|booted|online)\b/i,
|
|
565230
|
+
check: "Independently probe liveness AFTER a short delay: ps/pgrep for the actual process, a health endpoint, or `ss -ltnp` for the port — NOT the launcher log or a PID file (a PID file can exist while the process is dead)."
|
|
565231
|
+
},
|
|
565232
|
+
{
|
|
565233
|
+
category: "installation",
|
|
565234
|
+
re: /\b(installed|available in PATH|on the PATH|set up|provisioned|configured and ready|now available|dependency (is )?(present|installed))\b/i,
|
|
565235
|
+
check: "Independently confirm presence: `command -v <bin>` / `<bin> --version` / package manager query (e.g. `apt-cache policy`, `pip show`) — NOT the installer's own success log."
|
|
565236
|
+
},
|
|
565237
|
+
{
|
|
565238
|
+
category: "fix_confirmation",
|
|
565239
|
+
re: /\b(fixed|resolved|corrected|patched|repaired|no longer (fails|errors|crashes)|works now|issue (is )?gone)\b/i,
|
|
565240
|
+
check: "Re-run the ORIGINAL failing command/test and observe it now passes — an independent reproduction, not just confirming the edit was written."
|
|
565241
|
+
},
|
|
565242
|
+
{
|
|
565243
|
+
category: "reality",
|
|
565244
|
+
re: /\b(simulat\w+|mock\w*|stub\w*|fake|dry[- ]?run|--sim|placeholder mode|fallback mode)\b/i,
|
|
565245
|
+
check: "This was a SIMULATED/mock run. Label it explicitly as simulated and do NOT present it as the real capability; verify against the real system before claiming the real success."
|
|
565246
|
+
}
|
|
565247
|
+
];
|
|
565248
|
+
}
|
|
565249
|
+
});
|
|
565250
|
+
|
|
565073
565251
|
// packages/orchestrator/dist/tool-batching.js
|
|
565074
565252
|
function isConcurrencySafe(toolName, readOnlyHints) {
|
|
565075
565253
|
if (CONCURRENT_SAFE_TOOLS.has(toolName))
|
|
@@ -568620,6 +568798,7 @@ var init_agenticRunner = __esm({
|
|
|
568620
568798
|
init_dist5();
|
|
568621
568799
|
init_exploration_fanout();
|
|
568622
568800
|
init_consolidation_runtime();
|
|
568801
|
+
init_completion_evidence_gate();
|
|
568623
568802
|
init_tool_batching();
|
|
568624
568803
|
init_hooks2();
|
|
568625
568804
|
init_todo_context_chunker();
|
|
@@ -570710,6 +570889,18 @@ ${input.answerText ?? ""}`.toLowerCase().trim();
|
|
|
570710
570889
|
this._completionLedger = reconcileClaimsWithEvidence(this._completionLedger);
|
|
570711
570890
|
this._saveCompletionLedgerSafe();
|
|
570712
570891
|
}
|
|
570892
|
+
try {
|
|
570893
|
+
const _audit = auditCompletionClaims(this._completionLedger.proposedClaims.map((c8) => ({ text: c8.text, status: c8.status })));
|
|
570894
|
+
if (!_audit.ok) {
|
|
570895
|
+
const _checks = _audit.blockers.map((b) => `• [${b.category}] "${b.claim}" → ${b.requiredCheck}`).join("\n");
|
|
570896
|
+
this._completionCaveat = [
|
|
570897
|
+
this._completionCaveat || "",
|
|
570898
|
+
`[UNVERIFIED SUCCESS — run these independent checks before claiming done]
|
|
570899
|
+
${_checks}`
|
|
570900
|
+
].filter(Boolean).join("\n\n");
|
|
570901
|
+
}
|
|
570902
|
+
} catch {
|
|
570903
|
+
}
|
|
570713
570904
|
}
|
|
570714
570905
|
const optOverride = this.options.backwardPassReview;
|
|
570715
570906
|
const raw = (process.env["OMNIUS_BACKWARD_PASS"] || "on").toLowerCase();
|
|
@@ -573943,6 +574134,12 @@ Respond with your assessment, then take action.`;
|
|
|
573943
574134
|
}
|
|
573944
574135
|
const contextComposition = await this.assembleContext(task, context2);
|
|
573945
574136
|
let systemPrompt = contextComposition.assembled;
|
|
574137
|
+
try {
|
|
574138
|
+
systemPrompt = `${systemPrompt}
|
|
574139
|
+
|
|
574140
|
+
${completionEvidenceDirective()}`;
|
|
574141
|
+
} catch {
|
|
574142
|
+
}
|
|
573946
574143
|
try {
|
|
573947
574144
|
const _cap = getMediaCapability();
|
|
573948
574145
|
const _tier = this.options.modelTier ?? "large";
|
|
@@ -590380,6 +590577,7 @@ __export(dist_exports3, {
|
|
|
590380
590577
|
appendSteeringLedgerEntry: () => appendSteeringLedgerEntry,
|
|
590381
590578
|
appendSteeringOutcome: () => appendSteeringOutcome,
|
|
590382
590579
|
arcSummary: () => arcSummary,
|
|
590580
|
+
auditCompletionClaims: () => auditCompletionClaims,
|
|
590383
590581
|
buildAgentNotification: () => buildAgentNotification,
|
|
590384
590582
|
buildAgentTypeSummary: () => buildAgentTypeSummary,
|
|
590385
590583
|
buildCompletionScenarioDecomposition: () => buildCompletionScenarioDecomposition,
|
|
@@ -590389,6 +590587,7 @@ __export(dist_exports3, {
|
|
|
590389
590587
|
buildDecompositionDirective: () => buildDecompositionDirective,
|
|
590390
590588
|
buildDecompositionTodos: () => buildDecompositionTodos,
|
|
590391
590589
|
buildExplorerBriefs: () => buildExplorerBriefs,
|
|
590590
|
+
buildExplorerPrompt: () => buildExplorerPrompt,
|
|
590392
590591
|
buildForkPrompt: () => buildForkPrompt,
|
|
590393
590592
|
buildLessonQuery: () => buildLessonQuery,
|
|
590394
590593
|
buildMetaCritiquePrompt: () => buildMetaCritiquePrompt,
|
|
@@ -590400,6 +590599,7 @@ __export(dist_exports3, {
|
|
|
590400
590599
|
chooseCheapModelRoute: () => chooseCheapModelRoute,
|
|
590401
590600
|
claimAssertion: () => claimAssertion,
|
|
590402
590601
|
classifyBreadth: () => classifyBreadth,
|
|
590602
|
+
classifyCompletionClaim: () => classifyCompletionClaim,
|
|
590403
590603
|
classifyHandoff: () => classifyHandoff,
|
|
590404
590604
|
classifyOllamaProcesses: () => classifyOllamaProcesses,
|
|
590405
590605
|
cleanForStorage: () => cleanForStorage,
|
|
@@ -590408,6 +590608,7 @@ __export(dist_exports3, {
|
|
|
590408
590608
|
clearTurnState: () => clearTurnState,
|
|
590409
590609
|
combineValidatorResults: () => combineValidatorResults,
|
|
590410
590610
|
compilePersonalityPrompt: () => compilePersonalityPrompt,
|
|
590611
|
+
completionEvidenceDirective: () => completionEvidenceDirective,
|
|
590411
590612
|
compressFindings: () => compressFindings,
|
|
590412
590613
|
computeArc: () => computeArc,
|
|
590413
590614
|
computeStabilityHash: () => computeStabilityHash,
|
|
@@ -590425,6 +590626,8 @@ __export(dist_exports3, {
|
|
|
590425
590626
|
decomposeSpec: () => decomposeSpec,
|
|
590426
590627
|
deleteAgentTaskSidecar: () => deleteAgentTaskSidecar,
|
|
590427
590628
|
deriveClaimsFromProposedText: () => deriveClaimsFromProposedText,
|
|
590629
|
+
deriveRegions: () => deriveRegions,
|
|
590630
|
+
detectExitCodeMisread: () => detectExitCodeMisread,
|
|
590428
590631
|
detectExplorationIntent: () => detectExplorationIntent,
|
|
590429
590632
|
detectPressure: () => detectPressure,
|
|
590430
590633
|
detectTaskType: () => detectTaskType,
|
|
@@ -590436,6 +590639,7 @@ __export(dist_exports3, {
|
|
|
590436
590639
|
extractConstraint: () => extractConstraint,
|
|
590437
590640
|
extractLessons: () => extractLessons,
|
|
590438
590641
|
extractMidTaskSteeringInput: () => extractMidTaskSteeringInput,
|
|
590642
|
+
extractPathFindings: () => extractPathFindings,
|
|
590439
590643
|
extractTaskCompleteSummary: () => extractTaskCompleteSummary,
|
|
590440
590644
|
fanoutDirective: () => fanoutDirective,
|
|
590441
590645
|
findDuplicateGroups: () => findDuplicateGroups,
|
|
@@ -590495,6 +590699,7 @@ __export(dist_exports3, {
|
|
|
590495
590699
|
noteAfterTask: () => noteAfterTask,
|
|
590496
590700
|
parseContextReferences: () => parseContextReferences,
|
|
590497
590701
|
parseCritique: () => parseCritique,
|
|
590702
|
+
parseExplorerDigest: () => parseExplorerDigest,
|
|
590498
590703
|
parseMetaCritique: () => parseMetaCritique,
|
|
590499
590704
|
parsePlan: () => parsePlan,
|
|
590500
590705
|
parseTextToolCalls: () => parseTextToolCalls,
|
|
@@ -590638,6 +590843,7 @@ var init_dist8 = __esm({
|
|
|
590638
590843
|
init_memory_consolidation();
|
|
590639
590844
|
init_exploration_fanout();
|
|
590640
590845
|
init_consolidation_runtime();
|
|
590846
|
+
init_completion_evidence_gate();
|
|
590641
590847
|
}
|
|
590642
590848
|
});
|
|
590643
590849
|
|
|
@@ -610805,6 +611011,28 @@ var init_status_bar = __esm({
|
|
|
610805
611011
|
_brailleSpinner = new BrailleSpinner();
|
|
610806
611012
|
/** Slow refresh timer for monitoring bar when braille spinner is off */
|
|
610807
611013
|
_monitorTimer = null;
|
|
611014
|
+
/**
|
|
611015
|
+
* Header inference indicator — a small braille glyph that cycles next to the
|
|
611016
|
+
* "Omnius v{version}" identity segment (left of the menu buttons) WHENEVER the
|
|
611017
|
+
* agent is inferencing, so the user can see it's working in the background and
|
|
611018
|
+
* not stalled — including during prompt-processing / cold-load before any
|
|
611019
|
+
* tokens stream. Self-driven on its own timer so it animates even when no
|
|
611020
|
+
* tokens are flowing yet.
|
|
611021
|
+
*/
|
|
611022
|
+
static HEADER_SPINNER_FRAMES = [
|
|
611023
|
+
"⠋",
|
|
611024
|
+
"⠙",
|
|
611025
|
+
"⠹",
|
|
611026
|
+
"⠸",
|
|
611027
|
+
"⠼",
|
|
611028
|
+
"⠴",
|
|
611029
|
+
"⠦",
|
|
611030
|
+
"⠧",
|
|
611031
|
+
"⠇",
|
|
611032
|
+
"⠏"
|
|
611033
|
+
];
|
|
611034
|
+
_headerSpinnerFrame = 0;
|
|
611035
|
+
_headerSpinnerTimer = null;
|
|
610808
611036
|
/** Current dynamic footer height: box top + input rows + box bottom + optional metrics. */
|
|
610809
611037
|
_currentFooterHeight = 4;
|
|
610810
611038
|
// box-top(1) + input(1) + box-bottom(1) + metrics(1)
|
|
@@ -610909,6 +611137,14 @@ var init_status_bar = __esm({
|
|
|
610909
611137
|
last2.width += 2;
|
|
610910
611138
|
}
|
|
610911
611139
|
}
|
|
611140
|
+
if (this._processing) {
|
|
611141
|
+
const glyph = _StatusBar.HEADER_SPINNER_FRAMES[this._headerSpinnerFrame] ?? "";
|
|
611142
|
+
const last2 = parts[parts.length - 1];
|
|
611143
|
+
if (last2 && glyph) {
|
|
611144
|
+
last2.text += `${glyph} `;
|
|
611145
|
+
last2.width += 2;
|
|
611146
|
+
}
|
|
611147
|
+
}
|
|
610912
611148
|
return parts;
|
|
610913
611149
|
}
|
|
610914
611150
|
buildHeaderIdentityRender() {
|
|
@@ -611420,10 +611656,35 @@ var init_status_bar = __esm({
|
|
|
611420
611656
|
clearInterval(this._monitorTimer);
|
|
611421
611657
|
this._monitorTimer = null;
|
|
611422
611658
|
}
|
|
611659
|
+
this._startHeaderSpinner();
|
|
611423
611660
|
} else {
|
|
611661
|
+
this._stopHeaderSpinner();
|
|
611424
611662
|
this.ensureMonitorTimer();
|
|
611425
611663
|
}
|
|
611426
611664
|
}
|
|
611665
|
+
/**
|
|
611666
|
+
* Start cycling the header inference glyph. Ticks on its own ~110 ms timer
|
|
611667
|
+
* and repaints the header panels so the braille frame advances even while the
|
|
611668
|
+
* model is still processing the prompt (no token stream yet). Idempotent.
|
|
611669
|
+
*/
|
|
611670
|
+
_startHeaderSpinner() {
|
|
611671
|
+
if (this._headerSpinnerTimer) return;
|
|
611672
|
+
this._headerSpinnerFrame = 0;
|
|
611673
|
+
if (this.active) this.refreshHeaderPanels();
|
|
611674
|
+
this._headerSpinnerTimer = setInterval(() => {
|
|
611675
|
+
this._headerSpinnerFrame = (this._headerSpinnerFrame + 1) % _StatusBar.HEADER_SPINNER_FRAMES.length;
|
|
611676
|
+
if (this.active) this.refreshHeaderPanels();
|
|
611677
|
+
}, 110);
|
|
611678
|
+
this._headerSpinnerTimer.unref?.();
|
|
611679
|
+
}
|
|
611680
|
+
/** Stop the header inference glyph and repaint once so it disappears cleanly. */
|
|
611681
|
+
_stopHeaderSpinner() {
|
|
611682
|
+
if (this._headerSpinnerTimer) {
|
|
611683
|
+
clearInterval(this._headerSpinnerTimer);
|
|
611684
|
+
this._headerSpinnerTimer = null;
|
|
611685
|
+
}
|
|
611686
|
+
if (this.active) this.refreshHeaderPanels();
|
|
611687
|
+
}
|
|
611427
611688
|
/**
|
|
611428
611689
|
* Ensure the monitoring timer is running when the registry has entries
|
|
611429
611690
|
* and the braille spinner is not active. Refreshes the buffer line
|
|
@@ -611984,6 +612245,10 @@ var init_status_bar = __esm({
|
|
|
611984
612245
|
this._brailleSpinner.stop();
|
|
611985
612246
|
this._processing = false;
|
|
611986
612247
|
}
|
|
612248
|
+
if (this._headerSpinnerTimer) {
|
|
612249
|
+
clearInterval(this._headerSpinnerTimer);
|
|
612250
|
+
this._headerSpinnerTimer = null;
|
|
612251
|
+
}
|
|
611987
612252
|
this.stopAllMetrics();
|
|
611988
612253
|
this.termWrite(`\x1B[1;${termRows()}r`);
|
|
611989
612254
|
}
|
|
@@ -710115,6 +710380,9 @@ function buildTools(repoRoot, config, contextWindowSize, modelTier2) {
|
|
|
710115
710380
|
// MCP tools (dynamic — from connected MCP servers, WO-MCP-01)
|
|
710116
710381
|
..._mcpTools.map(adaptTool6),
|
|
710117
710382
|
createSubAgentTool(config, repoRoot, contextWindowSize),
|
|
710383
|
+
// Active exploration fan-out — one call spawns parallel read-only explorers
|
|
710384
|
+
// and returns a merged digest (Workstream B).
|
|
710385
|
+
createFanoutExploreTool(config, repoRoot, contextWindowSize),
|
|
710118
710386
|
// Self-critique plan mode (WO-TP2)
|
|
710119
710387
|
createPlanModeTool(config, repoRoot, contextWindowSize),
|
|
710120
710388
|
createTaskCompleteTool(modelTier2, repoRoot)
|
|
@@ -710381,6 +710649,151 @@ Use task_status(task_id="${taskId}") or task_output(task_id="${taskId}") to chec
|
|
|
710381
710649
|
};
|
|
710382
710650
|
return tool;
|
|
710383
710651
|
}
|
|
710652
|
+
function createFanoutExploreTool(config, repoRoot, ctxWindowSize) {
|
|
710653
|
+
return {
|
|
710654
|
+
name: "fanout_explore",
|
|
710655
|
+
description: "Discover where something lives across a large/multi-package codebase by fanning out parallel READ-ONLY explorer sub-agents — one per region — and returning a single merged, distilled map of the relevant files. Use this ONCE for broad 'where/how is X handled across the codebase' questions instead of grepping the whole repo serially. For a single-file or narrow lookup, use grep_search/file_read directly instead.",
|
|
710656
|
+
parameters: {
|
|
710657
|
+
type: "object",
|
|
710658
|
+
properties: {
|
|
710659
|
+
objective: {
|
|
710660
|
+
type: "string",
|
|
710661
|
+
description: "What to find, e.g. 'where authentication is handled' or 'all places that read the media store path'."
|
|
710662
|
+
},
|
|
710663
|
+
regions: {
|
|
710664
|
+
type: "array",
|
|
710665
|
+
items: { type: "string" },
|
|
710666
|
+
description: "Optional explicit regions (dirs/packages) to split across. If omitted, regions are derived from the repo (packages/* or top-level dirs)."
|
|
710667
|
+
},
|
|
710668
|
+
max_regions: {
|
|
710669
|
+
type: "number",
|
|
710670
|
+
description: "Cap on the number of parallel explorers (default 6)."
|
|
710671
|
+
}
|
|
710672
|
+
},
|
|
710673
|
+
required: ["objective"]
|
|
710674
|
+
},
|
|
710675
|
+
async execute(args) {
|
|
710676
|
+
const objective = String(
|
|
710677
|
+
args["objective"] ?? args["task"] ?? args["query"] ?? ""
|
|
710678
|
+
).trim();
|
|
710679
|
+
if (!objective) {
|
|
710680
|
+
return { success: false, output: "", error: "objective is required" };
|
|
710681
|
+
}
|
|
710682
|
+
const maxRegions = typeof args["max_regions"] === "number" && args["max_regions"] > 0 ? Math.min(8, Math.floor(args["max_regions"])) : 6;
|
|
710683
|
+
let regions = Array.isArray(args["regions"]) ? args["regions"].map((r2) => String(r2)).filter(Boolean) : [];
|
|
710684
|
+
if (regions.length === 0) {
|
|
710685
|
+
const listDir = (rel) => {
|
|
710686
|
+
try {
|
|
710687
|
+
return readdirSync57(join173(repoRoot, rel), { withFileTypes: true }).map(
|
|
710688
|
+
(d2) => ({ name: d2.name, isDir: d2.isDirectory() })
|
|
710689
|
+
);
|
|
710690
|
+
} catch {
|
|
710691
|
+
return [];
|
|
710692
|
+
}
|
|
710693
|
+
};
|
|
710694
|
+
regions = deriveRegions(listDir("."), listDir("packages"), {
|
|
710695
|
+
max: maxRegions
|
|
710696
|
+
});
|
|
710697
|
+
} else {
|
|
710698
|
+
regions = regions.slice(0, maxRegions);
|
|
710699
|
+
}
|
|
710700
|
+
if (regions.length < 2) {
|
|
710701
|
+
return {
|
|
710702
|
+
success: false,
|
|
710703
|
+
output: "",
|
|
710704
|
+
error: "fanout_explore needs ≥2 regions to be worthwhile; for a narrow search use grep_search/file_read directly."
|
|
710705
|
+
};
|
|
710706
|
+
}
|
|
710707
|
+
const briefs = buildExplorerBriefs(objective, regions);
|
|
710708
|
+
const subTier = getModelTier(config.model);
|
|
710709
|
+
const compaction = subTier === "small" ? 12e3 : subTier === "medium" ? 24e3 : 4e4;
|
|
710710
|
+
const debug = process.env["OMNIUS_FANOUT_DEBUG"] === "1";
|
|
710711
|
+
const rawReturns = [];
|
|
710712
|
+
const digests = await Promise.all(
|
|
710713
|
+
briefs.map(async (brief) => {
|
|
710714
|
+
try {
|
|
710715
|
+
const backend = new OllamaAgenticBackend(
|
|
710716
|
+
config.backendUrl,
|
|
710717
|
+
config.model,
|
|
710718
|
+
config.apiKey
|
|
710719
|
+
);
|
|
710720
|
+
const runner = new AgenticRunner(backend, {
|
|
710721
|
+
maxTurns: 10,
|
|
710722
|
+
maxTokens: 4096,
|
|
710723
|
+
temperature: 0,
|
|
710724
|
+
requestTimeoutMs: config.timeoutMs,
|
|
710725
|
+
taskTimeoutMs: config.timeoutMs * 2,
|
|
710726
|
+
compactionThreshold: compaction,
|
|
710727
|
+
contextWindowSize: ctxWindowSize ?? 0,
|
|
710728
|
+
modelTier: subTier,
|
|
710729
|
+
toolProfile: getRuntimeToolProfilePolicy(repoRoot)
|
|
710730
|
+
});
|
|
710731
|
+
const roTools = [
|
|
710732
|
+
new FileReadTool(repoRoot),
|
|
710733
|
+
new GrepSearchTool(repoRoot),
|
|
710734
|
+
new GlobFindTool(repoRoot),
|
|
710735
|
+
new ListDirectoryTool(repoRoot)
|
|
710736
|
+
].map(adaptTool6);
|
|
710737
|
+
roTools.push(createTaskCompleteTool(subTier, repoRoot));
|
|
710738
|
+
for (const t2 of roTools) runner.registerTool(t2);
|
|
710739
|
+
const result = await runner.run(
|
|
710740
|
+
buildExplorerPrompt(brief),
|
|
710741
|
+
`Working directory: ${repoRoot}`
|
|
710742
|
+
);
|
|
710743
|
+
const raw = result.summary || "";
|
|
710744
|
+
if (debug) rawReturns.push({ region: brief.scope, raw });
|
|
710745
|
+
return parseExplorerDigest(brief.scope, raw);
|
|
710746
|
+
} catch (err) {
|
|
710747
|
+
if (debug)
|
|
710748
|
+
rawReturns.push({
|
|
710749
|
+
region: brief.scope,
|
|
710750
|
+
raw: `[explorer error] ${err instanceof Error ? err.message : String(err)}`
|
|
710751
|
+
});
|
|
710752
|
+
return { region: brief.scope, relevant: false, findings: [], summary: "" };
|
|
710753
|
+
}
|
|
710754
|
+
})
|
|
710755
|
+
);
|
|
710756
|
+
if (debug) {
|
|
710757
|
+
try {
|
|
710758
|
+
writeFileSync87(
|
|
710759
|
+
join173(repoRoot, ".omnius", "fanout-debug.json"),
|
|
710760
|
+
JSON.stringify({ objective, regions, rawReturns, digests }, null, 2)
|
|
710761
|
+
);
|
|
710762
|
+
} catch {
|
|
710763
|
+
}
|
|
710764
|
+
}
|
|
710765
|
+
const merged = mergeDigests(digests);
|
|
710766
|
+
if (merged.paths.length === 0) {
|
|
710767
|
+
return {
|
|
710768
|
+
success: true,
|
|
710769
|
+
output: `[fanout_explore] ${objective}
|
|
710770
|
+
${merged.synthesis}
|
|
710771
|
+
Explored regions: ${regions.join(", ")}
|
|
710772
|
+
No relevant files found — broaden the objective or search specific paths directly.`
|
|
710773
|
+
};
|
|
710774
|
+
}
|
|
710775
|
+
const lines = [
|
|
710776
|
+
`[fanout_explore] ${objective}`,
|
|
710777
|
+
merged.synthesis,
|
|
710778
|
+
"",
|
|
710779
|
+
"Relevant files (deduped):",
|
|
710780
|
+
...merged.paths.map((p2) => ` - ${p2}`),
|
|
710781
|
+
"",
|
|
710782
|
+
"By region:"
|
|
710783
|
+
];
|
|
710784
|
+
for (const d2 of merged.digests) {
|
|
710785
|
+
lines.push(`## ${d2.region}${d2.summary ? ` — ${d2.summary}` : ""}`);
|
|
710786
|
+
for (const f2 of d2.findings) {
|
|
710787
|
+
lines.push(` - ${f2.path} — ${f2.whyRelevant}`);
|
|
710788
|
+
}
|
|
710789
|
+
}
|
|
710790
|
+
if (merged.emptyRegions.length > 0) {
|
|
710791
|
+
lines.push("", `Empty regions (covered, nothing found): ${merged.emptyRegions.join(", ")}`);
|
|
710792
|
+
}
|
|
710793
|
+
return { success: true, output: lines.join("\n") };
|
|
710794
|
+
}
|
|
710795
|
+
};
|
|
710796
|
+
}
|
|
710384
710797
|
function createPlanModeTool(config, repoRoot, ctxWindowSize) {
|
|
710385
710798
|
return {
|
|
710386
710799
|
name: "enter_plan_mode",
|
|
@@ -0,0 +1,229 @@
|
|
|
1
|
+
# Auth Map — Where Authentication/Authorization is Handled Across Omnius
|
|
2
|
+
|
|
3
|
+
> Auto-generated from codebase scan. Covers all packages and apps.
|
|
4
|
+
|
|
5
|
+
## Summary
|
|
6
|
+
|
|
7
|
+
Omnius has **no centralized auth system** (no login, no JWT, no session cookies, no OAuth). Authentication is handled **peripherally** in three ways:
|
|
8
|
+
|
|
9
|
+
1. **External provider auth** — API keys/tokens for remote inference providers (OpenAI, Anthropic, etc.)
|
|
10
|
+
2. **Secret redaction** — preventing credential leaks in logs/tool output
|
|
11
|
+
3. **Session-scoped permissions** — internal permission rules for sub-agent handoffs
|
|
12
|
+
|
|
13
|
+
There is **zero auth on the REST daemon** (`apps/api`) — all routes are open.
|
|
14
|
+
|
|
15
|
+
---
|
|
16
|
+
|
|
17
|
+
## 1. apps/api (REST Daemon) — NO AUTH
|
|
18
|
+
|
|
19
|
+
| File | Finding |
|
|
20
|
+
|------|---------|
|
|
21
|
+
| `apps/api/src/app.ts` | Helmet, CORS, compression, morgan. **No auth middleware, no API key check, no bearer validation.** |
|
|
22
|
+
| `apps/api/src/routes/sessions.ts` | In-memory Map-based session store. **No auth on any route** (POST/GET/DELETE all accept unauthenticated requests). |
|
|
23
|
+
| `apps/api/src/routes/health.ts` | Health check — no auth needed. |
|
|
24
|
+
| `apps/api/src/middleware/error-handler.ts` | Error handling only. |
|
|
25
|
+
|
|
26
|
+
**Verdict:** The REST daemon is completely open. Any caller can create sessions, send messages, list/delete sessions.
|
|
27
|
+
|
|
28
|
+
---
|
|
29
|
+
|
|
30
|
+
## 2. apps/worker (Background Worker) — NO AUTH
|
|
31
|
+
|
|
32
|
+
| File | Finding |
|
|
33
|
+
|------|---------|
|
|
34
|
+
| `apps/worker/src/queue.ts` | Only references `sessionId: string` in queue job types. No auth logic. |
|
|
35
|
+
|
|
36
|
+
**Verdict:** Worker processes tasks from the queue without auth checks. Trusts the API daemon to route correctly.
|
|
37
|
+
|
|
38
|
+
---
|
|
39
|
+
|
|
40
|
+
## 3. packages/cli — Provider Auth + Secret Redaction
|
|
41
|
+
|
|
42
|
+
### 3a. Provider API Key Configuration
|
|
43
|
+
|
|
44
|
+
| File | Line | Finding |
|
|
45
|
+
|------|------|---------|
|
|
46
|
+
| `packages/cli/src/config.ts` | 32 | `/** Optional Bearer token for authenticated vLLM deployments */` — config field for vLLM auth |
|
|
47
|
+
| `packages/cli/src/config.ts` | 50 | Tool-calling session opt-in logic (not auth, but session-scoped) |
|
|
48
|
+
|
|
49
|
+
### 3b. Secret Redaction (preventing credential leaks)
|
|
50
|
+
|
|
51
|
+
| File | Finding |
|
|
52
|
+
|------|---------|
|
|
53
|
+
| `packages/cli/src/redact/secret-redactor.ts` | Comprehensive regex-based secret redactor. Detects and masks: |
|
|
54
|
+
| | - Known API key prefixes: `sk-`, `sk-or-`, `gsk_`, `fw_`, `cpk_`, `csk-`, `nvapi-`, `xox[baprs]-`, `hf_`, `r8_`, `npm_`, `pypi-`, `gAAAA` |
|
|
55
|
+
| | - Generic patterns: `api_key`, `token`, `secret`, `password`, `access_token`, `refresh_token`, `auth_token`, `bearer` |
|
|
56
|
+
| | - Short tokens (<18 chars) → fully masked (`***`). Longer → partial (`sk-..yKey`) |
|
|
57
|
+
|
|
58
|
+
### 3c. Session State
|
|
59
|
+
|
|
60
|
+
| File | Finding |
|
|
61
|
+
|------|---------|
|
|
62
|
+
| `packages/cli/src/state/store.ts` | `closeSession(sessionId, endReason)` — session lifecycle management. Token counting (input/output/cache_read/cache_write/reasoning). No auth. |
|
|
63
|
+
|
|
64
|
+
---
|
|
65
|
+
|
|
66
|
+
## 4. packages/backend-vllm — Provider Auth (API Keys)
|
|
67
|
+
|
|
68
|
+
### 4a. Provider Auth Configuration
|
|
69
|
+
|
|
70
|
+
| File | Line | Provider | authRequired | keyPrefix |
|
|
71
|
+
|------|------|----------|-------------|-----------|
|
|
72
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 81 | Anthropic | true | `sk-ant-` |
|
|
73
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 85 | OpenAI | true | `sk-` |
|
|
74
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 89 | Together AI | true | — |
|
|
75
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 93 | Groq | true | `gsk_` |
|
|
76
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 97 | OpenRouter | true | `sk-or-` |
|
|
77
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 101 | Fireworks AI | true | `fw_` |
|
|
78
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 105 | DeepInfra | true | — |
|
|
79
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 109 | Mistral AI | true | — |
|
|
80
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 113 | Chutes AI | true | `cpk_` |
|
|
81
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 117 | Cerebras | true | `csk-` |
|
|
82
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 121 | SambaNova | true | — |
|
|
83
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 125 | NVIDIA NIM | true | `nvapi-` |
|
|
84
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 129 | Hyperbolic | true | — |
|
|
85
|
+
| `packages/backend-vllm/src/normalizeUrl.ts` | 134 | Ollama (local) | **false** | — |
|
|
86
|
+
|
|
87
|
+
### 4b. Runtime Auth Headers
|
|
88
|
+
|
|
89
|
+
| File | Line | Finding |
|
|
90
|
+
|------|------|---------|
|
|
91
|
+
| `packages/backend-vllm/src/VllmBackend.ts` | 217 | `private authHeaders(): Record<string, string>` — builds auth headers for vLLM requests |
|
|
92
|
+
| `packages/backend-vllm/src/VllmBackend.ts` | 237 | Uses `authHeaders()` in fetch calls |
|
|
93
|
+
|
|
94
|
+
**Verdict:** Provider auth is key-based (Bearer tokens). No OAuth flow. Keys are configured in CLI config and passed as headers.
|
|
95
|
+
|
|
96
|
+
---
|
|
97
|
+
|
|
98
|
+
## 5. packages/orchestrator — Session-Scoped Permissions
|
|
99
|
+
|
|
100
|
+
### 5a. Permission Ruleset (sub-agent authorization)
|
|
101
|
+
|
|
102
|
+
| File | Finding |
|
|
103
|
+
|------|---------|
|
|
104
|
+
| `packages/orchestrator/src/permissionRuleset.ts` | **The only authorization logic in the codebase.** Implements: |
|
|
105
|
+
| | - Parent session deny rules (cascade to sub-agents) |
|
|
106
|
+
| | - Parent agent deny rules |
|
|
107
|
+
| | - External directory rules forwarded to sub-agent sessions |
|
|
108
|
+
| | - "Forwarding pattern" — parent agent denies + parent session denies + external_directory rules cascade |
|
|
109
|
+
|
|
110
|
+
### 5b. Session Metrics
|
|
111
|
+
|
|
112
|
+
| File | Finding |
|
|
113
|
+
|------|---------|
|
|
114
|
+
| `packages/orchestrator/src/sessionMetrics.ts` | Tracks `sessionDurationMs`, token usage, context estimates. No auth. |
|
|
115
|
+
|
|
116
|
+
### 5c. Adversarial Handoffs (test data only)
|
|
117
|
+
|
|
118
|
+
| File | Finding |
|
|
119
|
+
|------|---------|
|
|
120
|
+
| `packages/orchestrator/src/adversarialHandoffs.ts` | Contains test scenarios referencing logout/session cleanup (lines 324-369). These are **test fixtures**, not production auth code. |
|
|
121
|
+
|
|
122
|
+
---
|
|
123
|
+
|
|
124
|
+
## 6. packages/execution — Session Key Reservation + Secret Detection
|
|
125
|
+
|
|
126
|
+
### 6a. Model Broker (session key reservation)
|
|
127
|
+
|
|
128
|
+
| File | Line | Finding |
|
|
129
|
+
|------|------|---------|
|
|
130
|
+
| `packages/execution/src/model-broker.ts` | 205-207 | `sessionKey?: string` — reserved per-chat session key for guaranteed slots |
|
|
131
|
+
| `packages/execution/src/model-broker.ts` | 361-362 | `_reservedBySession: Map<string, string>` — reserved slots per sessionKey |
|
|
132
|
+
| `packages/execution/src/model-broker.ts` | 1271-1277 | Reserved slot path: per-session, one outstanding slot per sessionKey |
|
|
133
|
+
|
|
134
|
+
### 6b. Secret Detector (MCP)
|
|
135
|
+
|
|
136
|
+
| File | Finding |
|
|
137
|
+
|------|---------|
|
|
138
|
+
| `packages/execution/src/mcp/secret-detector.ts` | `matchType: "auth-header"` — detects auth header prefixes in strings. Sensitive field name tracking. |
|
|
139
|
+
|
|
140
|
+
---
|
|
141
|
+
|
|
142
|
+
## 7. packages/indexer — Auth Domain Classification (metadata only)
|
|
143
|
+
|
|
144
|
+
| File | Line | Finding |
|
|
145
|
+
|------|------|---------|
|
|
146
|
+
| `packages/indexer/src/fileSummarizer.ts` | 30 | `ownershipArea` field: "Logical ownership area (e.g. 'auth', 'api', 'db', 'frontend')" |
|
|
147
|
+
| `packages/indexer/src/fileSummarizer.ts` | 54 | Path regex: `/\/(auth|authentication|login|session|jwt|oauth|passport)/` → classifies as "auth" domain |
|
|
148
|
+
| `packages/indexer/src/fileSummarizer.ts` | 80 | Domain keyword `/auth/i` in file content |
|
|
149
|
+
| `packages/indexer/src/fileSummarizer.ts` | 119 | `if (domain === "auth") return "high"` — auth domain files get high priority |
|
|
150
|
+
|
|
151
|
+
**Verdict:** The indexer classifies files as "auth" domain for indexing priority, but this is metadata, not auth enforcement.
|
|
152
|
+
|
|
153
|
+
---
|
|
154
|
+
|
|
155
|
+
## 8. packages/memory — Session-Scoped Memory
|
|
156
|
+
|
|
157
|
+
| File | Finding |
|
|
158
|
+
|------|---------|
|
|
159
|
+
| `packages/memory/src/selfModel.ts` | `DECAY_CLASSES: ["session", "daily", "procedural", "permanent"]` — session-scoped memory decay |
|
|
160
|
+
| `packages/memory/src/toolOutcomes.ts` | `Reset (e.g., on session start before restoring from store)` |
|
|
161
|
+
| `packages/memory/src/predictionStore.ts` | `tokenSimilarity()` — token-based string comparison (not auth tokens) |
|
|
162
|
+
|
|
163
|
+
---
|
|
164
|
+
|
|
165
|
+
## 9. packages/schemas — Session Schema
|
|
166
|
+
|
|
167
|
+
| File | Finding |
|
|
168
|
+
|------|---------|
|
|
169
|
+
| `packages/schemas/src/messages.ts` | `sessionId: z.string().uuid()` — session ID schema |
|
|
170
|
+
| `packages/schemas/src/index.ts` | `export { SessionSchema, type Session }` |
|
|
171
|
+
| `packages/schemas/src/memory.ts` | `ownershipArea` field: "Logical ownership area (e.g. 'auth', 'api', 'db', 'frontend')" |
|
|
172
|
+
|
|
173
|
+
---
|
|
174
|
+
|
|
175
|
+
## 10. packages/retrieval — No Auth
|
|
176
|
+
|
|
177
|
+
| File | Finding |
|
|
178
|
+
|------|---------|
|
|
179
|
+
| `packages/retrieval/src/semanticSearch.ts` | "auth" appears only as an example query term: `Example: "auth middleware +api -test ~service"` |
|
|
180
|
+
| `packages/retrieval/src/snippetPacker.ts` | Token budget logic (not auth tokens) |
|
|
181
|
+
|
|
182
|
+
---
|
|
183
|
+
|
|
184
|
+
## 11. packages/prompts — No Auth
|
|
185
|
+
|
|
186
|
+
No auth-related code found.
|
|
187
|
+
|
|
188
|
+
---
|
|
189
|
+
|
|
190
|
+
## Consolidated Auth Architecture
|
|
191
|
+
|
|
192
|
+
```
|
|
193
|
+
┌─────────────────────────────────────────────────────────────────┐
|
|
194
|
+
│ AUTH IN OMNIUS │
|
|
195
|
+
│ │
|
|
196
|
+
│ 1. PROVIDER AUTH (API Keys) │
|
|
197
|
+
│ ├── CLI config → bearer tokens for remote providers │
|
|
198
|
+
│ ├── backend-vllm → authHeaders() for vLLM requests │
|
|
199
|
+
│ ├── 14 remote providers configured (all require API keys) │
|
|
200
|
+
│ └── Ollama (local) → no auth required │
|
|
201
|
+
│ │
|
|
202
|
+
│ 2. SECRET REDACTION │
|
|
203
|
+
│ ├── CLI secret-redactor.ts — regex-based masking │
|
|
204
|
+
│ ├── MCP secret-detector.ts — auth header detection │
|
|
205
|
+
│ └── Covers: sk-, gsk_, hf_, npm_, pypi-, etc. │
|
|
206
|
+
│ │
|
|
207
|
+
│ 3. SESSION-SCOPED PERMISSIONS (internal) │
|
|
208
|
+
│ ├── orchestrator/permissionRuleset.ts — deny cascade │
|
|
209
|
+
│ ├── execution/model-broker.ts — sessionKey slot reservation│
|
|
210
|
+
│ └── memory/selfModel.ts — session-scoped decay │
|
|
211
|
+
│ │
|
|
212
|
+
│ 4. REST DAEMON — NO AUTH │
|
|
213
|
+
│ ├── apps/api — helmet + cors only │
|
|
214
|
+
│ ├── sessionsRouter — in-memory, no auth │
|
|
215
|
+
│ └── healthRouter — open │
|
|
216
|
+
│ │
|
|
217
|
+
│ 5. WORKER — NO AUTH │
|
|
218
|
+
│ └── Trusts API daemon for routing │
|
|
219
|
+
└─────────────────────────────────────────────────────────────────┘
|
|
220
|
+
```
|
|
221
|
+
|
|
222
|
+
## Key Gaps
|
|
223
|
+
|
|
224
|
+
1. **REST daemon has zero authentication** — anyone can create sessions, send messages, and read responses
|
|
225
|
+
2. **No OAuth flows** — all provider auth is static API keys
|
|
226
|
+
3. **No rate limiting** — no rate-limit middleware in the API
|
|
227
|
+
4. **No CSRF protection** — CORS is enabled but no CSRF tokens
|
|
228
|
+
5. **No session validation** — sessions are in-memory Map, no persistence or validation
|
|
229
|
+
6. **No admin/auth endpoints** — no login, logout, or user management
|
package/npm-shrinkwrap.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "omnius",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.342",
|
|
4
4
|
"lockfileVersion": 3,
|
|
5
5
|
"requires": true,
|
|
6
6
|
"packages": {
|
|
7
7
|
"": {
|
|
8
8
|
"name": "omnius",
|
|
9
|
-
"version": "1.0.
|
|
9
|
+
"version": "1.0.342",
|
|
10
10
|
"bundleDependencies": [
|
|
11
11
|
"image-to-ascii"
|
|
12
12
|
],
|
|
@@ -430,9 +430,9 @@
|
|
|
430
430
|
}
|
|
431
431
|
},
|
|
432
432
|
"node_modules/@helia/utils/node_modules/cborg": {
|
|
433
|
-
"version": "5.1.
|
|
434
|
-
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.
|
|
435
|
-
"integrity": "sha512-
|
|
433
|
+
"version": "5.1.4",
|
|
434
|
+
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.4.tgz",
|
|
435
|
+
"integrity": "sha512-EDoD59RBV51H5ar6i29ut7AyOJi0BUIEhtbnJJac3qYcMG74Db6eVce/dIh+Wh6tVwBi7cRWDXmdms+fKPQvcQ==",
|
|
436
436
|
"license": "Apache-2.0",
|
|
437
437
|
"bin": {
|
|
438
438
|
"cborg": "lib/bin.js"
|
|
@@ -461,9 +461,9 @@
|
|
|
461
461
|
}
|
|
462
462
|
},
|
|
463
463
|
"node_modules/@ipld/dag-cbor/node_modules/cborg": {
|
|
464
|
-
"version": "5.1.
|
|
465
|
-
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.
|
|
466
|
-
"integrity": "sha512-
|
|
464
|
+
"version": "5.1.4",
|
|
465
|
+
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.4.tgz",
|
|
466
|
+
"integrity": "sha512-EDoD59RBV51H5ar6i29ut7AyOJi0BUIEhtbnJJac3qYcMG74Db6eVce/dIh+Wh6tVwBi7cRWDXmdms+fKPQvcQ==",
|
|
467
467
|
"license": "Apache-2.0",
|
|
468
468
|
"bin": {
|
|
469
469
|
"cborg": "lib/bin.js"
|
|
@@ -480,9 +480,9 @@
|
|
|
480
480
|
}
|
|
481
481
|
},
|
|
482
482
|
"node_modules/@ipld/dag-json/node_modules/cborg": {
|
|
483
|
-
"version": "5.1.
|
|
484
|
-
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.
|
|
485
|
-
"integrity": "sha512-
|
|
483
|
+
"version": "5.1.4",
|
|
484
|
+
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.4.tgz",
|
|
485
|
+
"integrity": "sha512-EDoD59RBV51H5ar6i29ut7AyOJi0BUIEhtbnJJac3qYcMG74Db6eVce/dIh+Wh6tVwBi7cRWDXmdms+fKPQvcQ==",
|
|
486
486
|
"license": "Apache-2.0",
|
|
487
487
|
"bin": {
|
|
488
488
|
"cborg": "lib/bin.js"
|
|
@@ -502,9 +502,9 @@
|
|
|
502
502
|
}
|
|
503
503
|
},
|
|
504
504
|
"node_modules/@ipld/dag-pb/node_modules/multiformats": {
|
|
505
|
-
"version": "14.0.
|
|
506
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
507
|
-
"integrity": "sha512-
|
|
505
|
+
"version": "14.0.2",
|
|
506
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
507
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
508
508
|
"license": "Apache-2.0 OR MIT"
|
|
509
509
|
},
|
|
510
510
|
"node_modules/@ipshipyard/libp2p-auto-tls": {
|
|
@@ -741,9 +741,9 @@
|
|
|
741
741
|
}
|
|
742
742
|
},
|
|
743
743
|
"node_modules/@libp2p/http-utils/node_modules/multiformats": {
|
|
744
|
-
"version": "14.0.
|
|
745
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
746
|
-
"integrity": "sha512-
|
|
744
|
+
"version": "14.0.2",
|
|
745
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
746
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
747
747
|
"license": "Apache-2.0 OR MIT"
|
|
748
748
|
},
|
|
749
749
|
"node_modules/@libp2p/http-utils/node_modules/uint8arraylist": {
|
|
@@ -783,9 +783,9 @@
|
|
|
783
783
|
}
|
|
784
784
|
},
|
|
785
785
|
"node_modules/@libp2p/http-websocket/node_modules/multiformats": {
|
|
786
|
-
"version": "14.0.
|
|
787
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
788
|
-
"integrity": "sha512-
|
|
786
|
+
"version": "14.0.2",
|
|
787
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
788
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
789
789
|
"license": "Apache-2.0 OR MIT"
|
|
790
790
|
},
|
|
791
791
|
"node_modules/@libp2p/http-websocket/node_modules/uint8arraylist": {
|
|
@@ -1021,9 +1021,9 @@
|
|
|
1021
1021
|
}
|
|
1022
1022
|
},
|
|
1023
1023
|
"node_modules/@libp2p/peer-record/node_modules/multiformats": {
|
|
1024
|
-
"version": "14.0.
|
|
1025
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
1026
|
-
"integrity": "sha512-
|
|
1024
|
+
"version": "14.0.2",
|
|
1025
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1026
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1027
1027
|
"license": "Apache-2.0 OR MIT"
|
|
1028
1028
|
},
|
|
1029
1029
|
"node_modules/@libp2p/peer-record/node_modules/protons-runtime": {
|
|
@@ -1131,9 +1131,9 @@
|
|
|
1131
1131
|
}
|
|
1132
1132
|
},
|
|
1133
1133
|
"node_modules/@libp2p/record/node_modules/multiformats": {
|
|
1134
|
-
"version": "14.0.
|
|
1135
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
1136
|
-
"integrity": "sha512-
|
|
1134
|
+
"version": "14.0.2",
|
|
1135
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1136
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1137
1137
|
"license": "Apache-2.0 OR MIT"
|
|
1138
1138
|
},
|
|
1139
1139
|
"node_modules/@libp2p/record/node_modules/protons-runtime": {
|
|
@@ -1368,9 +1368,9 @@
|
|
|
1368
1368
|
}
|
|
1369
1369
|
},
|
|
1370
1370
|
"node_modules/@libp2p/webrtc/node_modules/multiformats": {
|
|
1371
|
-
"version": "14.0.
|
|
1372
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
1373
|
-
"integrity": "sha512-
|
|
1371
|
+
"version": "14.0.2",
|
|
1372
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1373
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1374
1374
|
"license": "Apache-2.0 OR MIT"
|
|
1375
1375
|
},
|
|
1376
1376
|
"node_modules/@libp2p/webrtc/node_modules/node-datachannel": {
|
|
@@ -1495,9 +1495,9 @@
|
|
|
1495
1495
|
}
|
|
1496
1496
|
},
|
|
1497
1497
|
"node_modules/@multiformats/dns": {
|
|
1498
|
-
"version": "1.0.
|
|
1499
|
-
"resolved": "https://registry.npmjs.org/@multiformats/dns/-/dns-1.0.
|
|
1500
|
-
"integrity": "sha512-
|
|
1498
|
+
"version": "1.0.14",
|
|
1499
|
+
"resolved": "https://registry.npmjs.org/@multiformats/dns/-/dns-1.0.14.tgz",
|
|
1500
|
+
"integrity": "sha512-5h8q+baKBsV4nW7rCREbJBpGNP8Lcn443illiZs5eWNBd+fXCt+mRGGIL7UNF7y8HD8mtciIYKJwCMbJBvsZMA==",
|
|
1501
1501
|
"license": "Apache-2.0 OR MIT",
|
|
1502
1502
|
"dependencies": {
|
|
1503
1503
|
"@dnsquery/dns-packet": "^6.1.1",
|
|
@@ -1505,7 +1505,22 @@
|
|
|
1505
1505
|
"hashlru": "^2.3.0",
|
|
1506
1506
|
"p-queue": "^9.0.0",
|
|
1507
1507
|
"progress-events": "^1.0.0",
|
|
1508
|
-
"uint8arrays": "^
|
|
1508
|
+
"uint8arrays": "^6.1.1"
|
|
1509
|
+
}
|
|
1510
|
+
},
|
|
1511
|
+
"node_modules/@multiformats/dns/node_modules/multiformats": {
|
|
1512
|
+
"version": "14.0.2",
|
|
1513
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1514
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1515
|
+
"license": "Apache-2.0 OR MIT"
|
|
1516
|
+
},
|
|
1517
|
+
"node_modules/@multiformats/dns/node_modules/uint8arrays": {
|
|
1518
|
+
"version": "6.1.1",
|
|
1519
|
+
"resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-6.1.1.tgz",
|
|
1520
|
+
"integrity": "sha512-iz7JN0XCSZYA111lhFG2Ui9EhFvTNekqSRHw3lvMHq+dzwWy1OQftxFQREEh4rffU0oSoXdQHsk2TiHKVm4fsA==",
|
|
1521
|
+
"license": "Apache-2.0 OR MIT",
|
|
1522
|
+
"dependencies": {
|
|
1523
|
+
"multiformats": "^14.0.0"
|
|
1509
1524
|
}
|
|
1510
1525
|
},
|
|
1511
1526
|
"node_modules/@multiformats/multiaddr": {
|
|
@@ -1539,9 +1554,9 @@
|
|
|
1539
1554
|
}
|
|
1540
1555
|
},
|
|
1541
1556
|
"node_modules/@multiformats/multiaddr/node_modules/multiformats": {
|
|
1542
|
-
"version": "14.0.
|
|
1543
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
1544
|
-
"integrity": "sha512-
|
|
1557
|
+
"version": "14.0.2",
|
|
1558
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1559
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1545
1560
|
"license": "Apache-2.0 OR MIT"
|
|
1546
1561
|
},
|
|
1547
1562
|
"node_modules/@multiformats/multiaddr/node_modules/uint8-varint": {
|
|
@@ -1586,9 +1601,9 @@
|
|
|
1586
1601
|
}
|
|
1587
1602
|
},
|
|
1588
1603
|
"node_modules/@multiformats/murmur3/node_modules/multiformats": {
|
|
1589
|
-
"version": "14.0.
|
|
1590
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
1591
|
-
"integrity": "sha512-
|
|
1604
|
+
"version": "14.0.2",
|
|
1605
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
1606
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
1592
1607
|
"license": "Apache-2.0 OR MIT"
|
|
1593
1608
|
},
|
|
1594
1609
|
"node_modules/@multiformats/uri-to-multiaddr": {
|
|
@@ -3858,9 +3873,9 @@
|
|
|
3858
3873
|
}
|
|
3859
3874
|
},
|
|
3860
3875
|
"node_modules/hamt-sharding/node_modules/multiformats": {
|
|
3861
|
-
"version": "14.0.
|
|
3862
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
3863
|
-
"integrity": "sha512-
|
|
3876
|
+
"version": "14.0.2",
|
|
3877
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
3878
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
3864
3879
|
"license": "Apache-2.0 OR MIT"
|
|
3865
3880
|
},
|
|
3866
3881
|
"node_modules/hamt-sharding/node_modules/uint8arrays": {
|
|
@@ -4232,9 +4247,9 @@
|
|
|
4232
4247
|
}
|
|
4233
4248
|
},
|
|
4234
4249
|
"node_modules/ipns/node_modules/cborg": {
|
|
4235
|
-
"version": "5.1.
|
|
4236
|
-
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.
|
|
4237
|
-
"integrity": "sha512-
|
|
4250
|
+
"version": "5.1.4",
|
|
4251
|
+
"resolved": "https://registry.npmjs.org/cborg/-/cborg-5.1.4.tgz",
|
|
4252
|
+
"integrity": "sha512-EDoD59RBV51H5ar6i29ut7AyOJi0BUIEhtbnJJac3qYcMG74Db6eVce/dIh+Wh6tVwBi7cRWDXmdms+fKPQvcQ==",
|
|
4238
4253
|
"license": "Apache-2.0",
|
|
4239
4254
|
"bin": {
|
|
4240
4255
|
"cborg": "lib/bin.js"
|
|
@@ -4624,9 +4639,9 @@
|
|
|
4624
4639
|
}
|
|
4625
4640
|
},
|
|
4626
4641
|
"node_modules/it-protobuf-stream/node_modules/multiformats": {
|
|
4627
|
-
"version": "14.0.
|
|
4628
|
-
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.
|
|
4629
|
-
"integrity": "sha512-
|
|
4642
|
+
"version": "14.0.2",
|
|
4643
|
+
"resolved": "https://registry.npmjs.org/multiformats/-/multiformats-14.0.2.tgz",
|
|
4644
|
+
"integrity": "sha512-sF7F3gBKCyehzIhDwVuTRf79TZ8qWRz5NXwWYBX+4a+n22KcFqqcDYJvZr7tySrI0MhuTBXVOlo3qMTiAHC78g==",
|
|
4630
4645
|
"license": "Apache-2.0 OR MIT"
|
|
4631
4646
|
},
|
|
4632
4647
|
"node_modules/it-protobuf-stream/node_modules/uint8arraylist": {
|
package/package.json
CHANGED