opc-agent 1.3.0 → 1.3.2

package/src/core/runtime.ts

@@ -1,152 +1,152 @@
-import { BaseAgent } from './agent';
-import { loadOAD } from './config';
-import { Logger } from './logger';
-import { WebChannel } from '../channels/web';
-import { TelegramChannel } from '../channels/telegram';
-import { WebSocketChannel } from '../channels/websocket';
-import { DeepBrainMemoryStore } from '../memory/deepbrain';
-import type { OADDocument } from '../schema/oad';
-import type { ISkill, MemoryStore, Message } from './types';
-import type { Response } from 'express';
-
-const MAX_TOOL_OUTPUT = 5000;
-const DEFAULT_HISTORY_LIMIT = 50;
-
-export function truncateOutput(output: string, maxChars: number = MAX_TOOL_OUTPUT): string {
-  if (output.length <= maxChars) return output;
-  const half = Math.floor(maxChars / 2) - 50;
-  return `${output.slice(0, half)}\n\n... [truncated ${output.length - maxChars} chars] ...\n\n${output.slice(-half)}`;
-}
-
-export class AgentRuntime {
-  private agent: BaseAgent | null = null;
-  private config: OADDocument | null = null;
-  private logger = new Logger('runtime');
-  private historyLimit: number = DEFAULT_HISTORY_LIMIT;
-  private shutdownHandlers: (() => Promise<void>)[] = [];
-  private isShuttingDown = false;
-
-  async loadConfig(filePath: string): Promise<OADDocument> {
-    this.config = loadOAD(filePath);
-    this.logger.info('Config loaded', { name: this.config.metadata.name });
-    return this.config;
-  }
-
-  setHistoryLimit(limit: number): void {
-    this.historyLimit = limit;
-  }
-
-  async initialize(config?: OADDocument): Promise<BaseAgent> {
-    const cfg = config ?? this.config;
-    if (!cfg) throw new Error('No config loaded. Call loadConfig() first.');
-
-    let memory: MemoryStore | undefined;
-    const memCfg = cfg.spec.memory;
-    if (memCfg && typeof memCfg.longTerm === 'object' && memCfg.longTerm.provider === 'deepbrain') {
-      memory = new DeepBrainMemoryStore({
-        collection: memCfg.longTerm.collection,
-        config: memCfg.longTerm.config,
-      });
-      this.logger.info('Using DeepBrain memory provider');
-    }
-
-    this.agent = new BaseAgent({
-      name: cfg.metadata.name,
-      systemPrompt: cfg.spec.systemPrompt,
-      provider: cfg.spec.provider?.default,
-      model: cfg.spec.model,
-      memory,
-      historyLimit: this.historyLimit,
-    });
-
-    for (const ch of cfg.spec.channels) {
-      if (ch.type === 'web') {
-        const port = ch.port ?? 3000;
-        const webChannel = new WebChannel(port);
-        webChannel.setAgentName(cfg.metadata.name);
-        // Wire streaming
-        webChannel.onStreamMessage(async (msg: Message, res: Response) => {
-          res.writeHead(200, {
-            'Content-Type': 'text/event-stream',
-            'Cache-Control': 'no-cache',
-            Connection: 'keep-alive',
-            'Access-Control-Allow-Origin': '*',
-          });
-          try {
-            for await (const chunk of this.agent!.handleMessageStream(msg)) {
-              res.write(`data: ${JSON.stringify({ content: chunk })}\n\n`);
-            }
-            res.write('data: [DONE]\n\n');
-          } catch (err) {
-            const errMsg = err instanceof Error ? err.message : String(err);
-            res.write(`data: ${JSON.stringify({ error: errMsg })}\n\n`);
-          }
-          res.end();
-        });
-        this.agent.bindChannel(webChannel);
-        this.logger.info('Bound web channel', { port });
-      } else if (ch.type === 'telegram') {
-        this.agent.bindChannel(new TelegramChannel({
-          token: ch.config?.token as string,
-          port: ch.port,
-        }));
-        this.logger.info('Bound telegram channel');
-      } else if (ch.type === 'websocket') {
-        this.agent.bindChannel(new WebSocketChannel(ch.port ?? 3002));
-        this.logger.info('Bound websocket channel', { port: ch.port ?? 3002 });
-      }
-    }
-
-    await this.agent.init();
-    this.logger.info('Agent initialized', { name: cfg.metadata.name });
-    return this.agent;
-  }
-
-  async start(): Promise<void> {
-    if (!this.agent) throw new Error('Agent not initialized.');
-    this.setupGracefulShutdown();
-    await this.agent.start();
-    this.logger.info('Agent started');
-  }
-
-  async stop(): Promise<void> {
-    if (!this.agent) return;
-    this.logger.info('Stopping agent...');
-    await this.agent.stop();
-    for (const handler of this.shutdownHandlers) {
-      await handler();
-    }
-    this.logger.info('Agent stopped');
-  }
-
-  onShutdown(handler: () => Promise<void>): void {
-    this.shutdownHandlers.push(handler);
-  }
-
-  private setupGracefulShutdown(): void {
-    const shutdown = async (signal: string) => {
-      if (this.isShuttingDown) return;
-      this.isShuttingDown = true;
-      this.logger.info(`Received ${signal}, shutting down gracefully...`);
-      await this.stop();
-      process.exit(0);
-    };
-
-    process.on('SIGINT', () => shutdown('SIGINT'));
-    process.on('SIGTERM', () => shutdown('SIGTERM'));
-    process.on('uncaughtException', (err) => {
-      this.logger.error('Uncaught exception', { message: err.message });
-      shutdown('uncaughtException');
-    });
-  }
-
-  registerSkill(skill: ISkill): void {
-    if (!this.agent) throw new Error('Agent not initialized.');
-    this.agent.registerSkill(skill);
-    this.logger.debug('Skill registered', { name: skill.name });
-  }
-
-  getAgent(): BaseAgent | null {
-    return this.agent;
-  }
-}
+import { BaseAgent } from './agent';
+import { loadOAD } from './config';
+import { Logger } from './logger';
+import { WebChannel } from '../channels/web';
+import { TelegramChannel } from '../channels/telegram';
+import { WebSocketChannel } from '../channels/websocket';
+import { DeepBrainMemoryStore } from '../memory/deepbrain';
+import type { OADDocument } from '../schema/oad';
+import type { ISkill, MemoryStore, Message } from './types';
+import type { Response } from 'express';
+
+const MAX_TOOL_OUTPUT = 5000;
+const DEFAULT_HISTORY_LIMIT = 50;
+
+export function truncateOutput(output: string, maxChars: number = MAX_TOOL_OUTPUT): string {
+  if (output.length <= maxChars) return output;
+  const half = Math.floor(maxChars / 2) - 50;
+  return `${output.slice(0, half)}\n\n... [truncated ${output.length - maxChars} chars] ...\n\n${output.slice(-half)}`;
+}
+
+export class AgentRuntime {
+  private agent: BaseAgent | null = null;
+  private config: OADDocument | null = null;
+  private logger = new Logger('runtime');
+  private historyLimit: number = DEFAULT_HISTORY_LIMIT;
+  private shutdownHandlers: (() => Promise<void>)[] = [];
+  private isShuttingDown = false;
+
+  async loadConfig(filePath: string): Promise<OADDocument> {
+    this.config = loadOAD(filePath);
+    this.logger.info('Config loaded', { name: this.config.metadata.name });
+    return this.config;
+  }
+
+  setHistoryLimit(limit: number): void {
+    this.historyLimit = limit;
+  }
+
+  async initialize(config?: OADDocument): Promise<BaseAgent> {
+    const cfg = config ?? this.config;
+    if (!cfg) throw new Error('No config loaded. Call loadConfig() first.');
+
+    let memory: MemoryStore | undefined;
+    const memCfg = cfg.spec.memory;
+    if (memCfg && typeof memCfg.longTerm === 'object' && memCfg.longTerm.provider === 'deepbrain') {
+      memory = new DeepBrainMemoryStore({
+        collection: memCfg.longTerm.collection,
+        config: memCfg.longTerm.config,
+      });
+      this.logger.info('Using DeepBrain memory provider');
+    }
+
+    this.agent = new BaseAgent({
+      name: cfg.metadata.name,
+      systemPrompt: cfg.spec.systemPrompt,
+      provider: cfg.spec.provider?.default,
+      model: cfg.spec.model,
+      memory,
+      historyLimit: this.historyLimit,
+    });
+
+    for (const ch of cfg.spec.channels) {
+      if (ch.type === 'web') {
+        const port = ch.port ?? 3000;
+        const webChannel = new WebChannel(port);
+        webChannel.setAgentName(cfg.metadata.name);
+        // Wire streaming
+        webChannel.onStreamMessage(async (msg: Message, res: Response) => {
+          res.writeHead(200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            Connection: 'keep-alive',
+            'Access-Control-Allow-Origin': '*',
+          });
+          try {
+            for await (const chunk of this.agent!.handleMessageStream(msg)) {
+              res.write(`data: ${JSON.stringify({ content: chunk })}\n\n`);
+            }
+            res.write('data: [DONE]\n\n');
+          } catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            res.write(`data: ${JSON.stringify({ error: errMsg })}\n\n`);
+          }
+          res.end();
+        });
+        this.agent.bindChannel(webChannel);
+        this.logger.info('Bound web channel', { port });
+      } else if (ch.type === 'telegram') {
+        this.agent.bindChannel(new TelegramChannel({
+          token: ch.config?.token as string,
+          port: ch.port,
+        }));
+        this.logger.info('Bound telegram channel');
+      } else if (ch.type === 'websocket') {
+        this.agent.bindChannel(new WebSocketChannel(ch.port ?? 3002));
+        this.logger.info('Bound websocket channel', { port: ch.port ?? 3002 });
+      }
+    }
+
+    await this.agent.init();
+    this.logger.info('Agent initialized', { name: cfg.metadata.name });
+    return this.agent;
+  }
+
+  async start(): Promise<void> {
+    if (!this.agent) throw new Error('Agent not initialized.');
+    this.setupGracefulShutdown();
+    await this.agent.start();
+    this.logger.info('Agent started');
+  }
+
+  async stop(): Promise<void> {
+    if (!this.agent) return;
+    this.logger.info('Stopping agent...');
+    await this.agent.stop();
+    for (const handler of this.shutdownHandlers) {
+      await handler();
+    }
+    this.logger.info('Agent stopped');
+  }
+
+  onShutdown(handler: () => Promise<void>): void {
+    this.shutdownHandlers.push(handler);
+  }
+
+  private setupGracefulShutdown(): void {
+    const shutdown = async (signal: string) => {
+      if (this.isShuttingDown) return;
+      this.isShuttingDown = true;
+      this.logger.info(`Received ${signal}, shutting down gracefully...`);
+      await this.stop();
+      process.exit(0);
+    };
+
+    process.on('SIGINT', () => shutdown('SIGINT'));
+    process.on('SIGTERM', () => shutdown('SIGTERM'));
+    process.on('uncaughtException', (err) => {
+      this.logger.error('Uncaught exception', { message: err.message });
+      shutdown('uncaughtException');
+    });
+  }
+
+  registerSkill(skill: ISkill): void {
+    if (!this.agent) throw new Error('Agent not initialized.');
+    this.agent.registerSkill(skill);
+    this.logger.debug('Skill registered', { name: skill.name });
+  }
+
+  getAgent(): BaseAgent | null {
+    return this.agent;
+  }
+}

package/src/core/sandbox.ts

@@ -1,101 +1,101 @@
-import type { TrustLevelType } from '../schema/oad';
-import * as path from 'path';
-
-export interface SandboxConfig {
-  trustLevel: TrustLevelType;
-  agentDir: string;
-  networkAllowlist?: string[];
-  shellAllowed?: boolean;
-}
-
-export interface SandboxRestrictions {
-  fileSystem: { read: string[]; write: string[] };
-  network: { allowed: string[] };
-  shell: boolean;
-}
-
-const TRUST_RESTRICTIONS: Record<string, SandboxRestrictions> = {
-  sandbox: {
-    fileSystem: { read: ['.'], write: ['.'] },
-    network: { allowed: [] },
-    shell: false,
-  },
-  verified: {
-    fileSystem: { read: ['.', '..'], write: ['.'] },
-    network: { allowed: ['*.deepleaper.com', 'api.openai.com', 'api.deepseek.com'] },
-    shell: false,
-  },
-  certified: {
-    fileSystem: { read: ['*'], write: ['.', '..'] },
-    network: { allowed: ['*'] },
-    shell: true,
-  },
-  listed: {
-    fileSystem: { read: ['*'], write: ['*'] },
-    network: { allowed: ['*'] },
-    shell: true,
-  },
-};
-
-export class Sandbox {
-  private config: SandboxConfig;
-  private restrictions: SandboxRestrictions;
-
-  constructor(config: SandboxConfig) {
-    this.config = config;
-    this.restrictions = {
-      ...TRUST_RESTRICTIONS[config.trustLevel] ?? TRUST_RESTRICTIONS.sandbox,
-    };
-    if (config.networkAllowlist) {
-      this.restrictions.network.allowed = config.networkAllowlist;
-    }
-    if (config.shellAllowed !== undefined) {
-      this.restrictions.shell = config.shellAllowed;
-    }
-  }
-
-  get trustLevel(): TrustLevelType {
-    return this.config.trustLevel;
-  }
-
-  getRestrictions(): SandboxRestrictions {
-    return { ...this.restrictions };
-  }
-
-  checkFileAccess(filePath: string, mode: 'read' | 'write'): boolean {
-    const resolved = path.resolve(filePath);
-    const agentDir = path.resolve(this.config.agentDir);
-    const allowedPaths = mode === 'read' ? this.restrictions.fileSystem.read : this.restrictions.fileSystem.write;
-
-    if (allowedPaths.includes('*')) return true;
-
-    for (const allowed of allowedPaths) {
-      const allowedResolved = path.resolve(this.config.agentDir, allowed);
-      if (resolved.startsWith(allowedResolved)) return true;
-    }
-
-    // Always allow access within agent's own directory
-    return resolved.startsWith(agentDir);
-  }
-
-  checkNetworkAccess(url: string): boolean {
-    if (this.restrictions.network.allowed.includes('*')) return true;
-    if (this.restrictions.network.allowed.length === 0) return false;
-
-    try {
-      const hostname = new URL(url).hostname;
-      return this.restrictions.network.allowed.some((pattern) => {
-        if (pattern.startsWith('*.')) {
-          return hostname.endsWith(pattern.slice(1));
-        }
-        return hostname === pattern;
-      });
-    } catch {
-      return false;
-    }
-  }
-
-  checkShellAccess(): boolean {
-    return this.restrictions.shell;
-  }
-}
+import type { TrustLevelType } from '../schema/oad';
+import * as path from 'path';
+
+export interface SandboxConfig {
+  trustLevel: TrustLevelType;
+  agentDir: string;
+  networkAllowlist?: string[];
+  shellAllowed?: boolean;
+}
+
+export interface SandboxRestrictions {
+  fileSystem: { read: string[]; write: string[] };
+  network: { allowed: string[] };
+  shell: boolean;
+}
+
+const TRUST_RESTRICTIONS: Record<string, SandboxRestrictions> = {
+  sandbox: {
+    fileSystem: { read: ['.'], write: ['.'] },
+    network: { allowed: [] },
+    shell: false,
+  },
+  verified: {
+    fileSystem: { read: ['.', '..'], write: ['.'] },
+    network: { allowed: ['*.deepleaper.com', 'api.openai.com', 'api.deepseek.com'] },
+    shell: false,
+  },
+  certified: {
+    fileSystem: { read: ['*'], write: ['.', '..'] },
+    network: { allowed: ['*'] },
+    shell: true,
+  },
+  listed: {
+    fileSystem: { read: ['*'], write: ['*'] },
+    network: { allowed: ['*'] },
+    shell: true,
+  },
+};
+
+export class Sandbox {
+  private config: SandboxConfig;
+  private restrictions: SandboxRestrictions;
+
+  constructor(config: SandboxConfig) {
+    this.config = config;
+    this.restrictions = {
+      ...TRUST_RESTRICTIONS[config.trustLevel] ?? TRUST_RESTRICTIONS.sandbox,
+    };
+    if (config.networkAllowlist) {
+      this.restrictions.network.allowed = config.networkAllowlist;
+    }
+    if (config.shellAllowed !== undefined) {
+      this.restrictions.shell = config.shellAllowed;
+    }
+  }
+
+  get trustLevel(): TrustLevelType {
+    return this.config.trustLevel;
+  }
+
+  getRestrictions(): SandboxRestrictions {
+    return { ...this.restrictions };
+  }
+
+  checkFileAccess(filePath: string, mode: 'read' | 'write'): boolean {
+    const resolved = path.resolve(filePath);
+    const agentDir = path.resolve(this.config.agentDir);
+    const allowedPaths = mode === 'read' ? this.restrictions.fileSystem.read : this.restrictions.fileSystem.write;
+
+    if (allowedPaths.includes('*')) return true;
+
+    for (const allowed of allowedPaths) {
+      const allowedResolved = path.resolve(this.config.agentDir, allowed);
+      if (resolved.startsWith(allowedResolved)) return true;
+    }
+
+    // Always allow access within agent's own directory
+    return resolved.startsWith(agentDir);
+  }
+
+  checkNetworkAccess(url: string): boolean {
+    if (this.restrictions.network.allowed.includes('*')) return true;
+    if (this.restrictions.network.allowed.length === 0) return false;
+
+    try {
+      const hostname = new URL(url).hostname;
+      return this.restrictions.network.allowed.some((pattern) => {
+        if (pattern.startsWith('*.')) {
+          return hostname.endsWith(pattern.slice(1));
+        }
+        return hostname === pattern;
+      });
+    } catch {
+      return false;
+    }
+  }
+
+  checkShellAccess(): boolean {
+    return this.restrictions.shell;
+  }
+}