npm - opencandle - Versions diffs - 0.2.0 → 0.4.0 - Mend

opencandle 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (401) hide show

package/README.md +110 -87
package/assets/logo.svg +187 -0
package/dist/analysts/orchestrator.js +1 -2
package/dist/analysts/orchestrator.js.map +1 -1
package/dist/cli.d.ts +1 -1
package/dist/cli.js +38 -2
package/dist/cli.js.map +1 -1
package/dist/config.d.ts +34 -5
package/dist/config.js +29 -8
package/dist/config.js.map +1 -1
package/dist/infra/browser.d.ts +10 -0
package/dist/infra/browser.js +1 -0
package/dist/infra/browser.js.map +1 -1
package/dist/infra/cache.d.ts +4 -0
package/dist/infra/cache.js +4 -0
package/dist/infra/cache.js.map +1 -1
package/dist/infra/native-dependencies.d.ts +1 -0
package/dist/infra/native-dependencies.js +10 -0
package/dist/infra/native-dependencies.js.map +1 -0
package/dist/infra/node-version.d.ts +2 -0
package/dist/infra/node-version.js +23 -0
package/dist/infra/node-version.js.map +1 -0
package/dist/infra/rate-limiter.js +6 -0
package/dist/infra/rate-limiter.js.map +1 -1
package/dist/memory/index.d.ts +2 -0
package/dist/memory/index.js +1 -0
package/dist/memory/index.js.map +1 -1
package/dist/memory/sqlite.js +42 -4
package/dist/memory/sqlite.js.map +1 -1
package/dist/memory/storage.d.ts +6 -0
package/dist/memory/storage.js +3 -3
package/dist/memory/storage.js.map +1 -1
package/dist/memory/tool-defaults.d.ts +8 -0
package/dist/memory/tool-defaults.js +59 -0
package/dist/memory/tool-defaults.js.map +1 -0
package/dist/onboarding/connect.d.ts +35 -0
package/dist/onboarding/connect.js +118 -0
package/dist/onboarding/connect.js.map +1 -0
package/dist/onboarding/credential-interceptor.d.ts +44 -0
package/dist/onboarding/credential-interceptor.js +72 -0
package/dist/onboarding/credential-interceptor.js.map +1 -0
package/dist/onboarding/degradation-accumulator.d.ts +21 -0
package/dist/onboarding/degradation-accumulator.js +55 -0
package/dist/onboarding/degradation-accumulator.js.map +1 -0
package/dist/onboarding/prompt-user.d.ts +23 -0
package/dist/onboarding/prompt-user.js +61 -0
package/dist/onboarding/prompt-user.js.map +1 -0
package/dist/onboarding/providers.d.ts +116 -0
package/dist/onboarding/providers.js +239 -0
package/dist/onboarding/providers.js.map +1 -0
package/dist/onboarding/state.d.ts +31 -2
package/dist/onboarding/state.js +141 -13
package/dist/onboarding/state.js.map +1 -1
package/dist/onboarding/tool-helpers.d.ts +34 -0
package/dist/onboarding/tool-helpers.js +80 -0
package/dist/onboarding/tool-helpers.js.map +1 -0
package/dist/onboarding/tool-tags.d.ts +37 -0
package/dist/onboarding/tool-tags.js +149 -0
package/dist/onboarding/tool-tags.js.map +1 -0
package/dist/onboarding/validation.d.ts +19 -0
package/dist/onboarding/validation.js +117 -0
package/dist/onboarding/validation.js.map +1 -0
package/dist/pi/opencandle-extension.d.ts +7 -1
package/dist/pi/opencandle-extension.js +488 -13
package/dist/pi/opencandle-extension.js.map +1 -1
package/dist/pi/session-storage.d.ts +2 -0
package/dist/pi/session-storage.js +5 -0
package/dist/pi/session-storage.js.map +1 -0
package/dist/pi/session.d.ts +4 -1
package/dist/pi/session.js +25 -3
package/dist/pi/session.js.map +1 -1
package/dist/pi/setup.d.ts +1 -2
package/dist/pi/setup.js +67 -120
package/dist/pi/setup.js.map +1 -1
package/dist/pi/tool-adapter.d.ts +2 -2
package/dist/pi/tool-adapter.js +14 -1
package/dist/pi/tool-adapter.js.map +1 -1
package/dist/prompts/context-builder.d.ts +22 -0
package/dist/prompts/context-builder.js +47 -11
package/dist/prompts/context-builder.js.map +1 -1
package/dist/prompts/disclaimer.d.ts +6 -0
package/dist/prompts/disclaimer.js +9 -0
package/dist/prompts/disclaimer.js.map +1 -0
package/dist/prompts/workflow-prompts.d.ts +8 -0
package/dist/prompts/workflow-prompts.js +39 -5
package/dist/prompts/workflow-prompts.js.map +1 -1
package/dist/providers/alpha-vantage.js +20 -1
package/dist/providers/alpha-vantage.js.map +1 -1
package/dist/providers/exa-search.d.ts +39 -0
package/dist/providers/exa-search.js +276 -0
package/dist/providers/exa-search.js.map +1 -0
package/dist/providers/finnhub.d.ts +17 -0
package/dist/providers/finnhub.js +94 -0
package/dist/providers/finnhub.js.map +1 -0
package/dist/providers/fred.js +13 -1
package/dist/providers/fred.js.map +1 -1
package/dist/providers/index.d.ts +2 -0
package/dist/providers/index.js +1 -0
package/dist/providers/index.js.map +1 -1
package/dist/providers/provider-credential-error.d.ts +8 -0
package/dist/providers/provider-credential-error.js +22 -0
package/dist/providers/provider-credential-error.js.map +1 -0
package/dist/providers/reddit.d.ts +8 -0
package/dist/providers/reddit.js +36 -9
package/dist/providers/reddit.js.map +1 -1
package/dist/providers/twitter.js +2 -8
package/dist/providers/twitter.js.map +1 -1
package/dist/providers/web-search.d.ts +17 -0
package/dist/providers/web-search.js +224 -0
package/dist/providers/web-search.js.map +1 -0
package/dist/providers/wrap-provider.d.ts +7 -0
package/dist/providers/wrap-provider.js +15 -0
package/dist/providers/wrap-provider.js.map +1 -1
package/dist/providers/yahoo-finance.js +70 -33
package/dist/providers/yahoo-finance.js.map +1 -1
package/dist/routing/classify-intent.js +22 -0
package/dist/routing/classify-intent.js.map +1 -1
package/dist/routing/defaults.js +1 -1
package/dist/routing/defaults.js.map +1 -1
package/dist/routing/index.d.ts +4 -0
package/dist/routing/index.js +3 -0
package/dist/routing/index.js.map +1 -1
package/dist/routing/router-llm-client.d.ts +11 -0
package/dist/routing/router-llm-client.js +42 -0
package/dist/routing/router-llm-client.js.map +1 -0
package/dist/routing/router-prompt.d.ts +2 -0
package/dist/routing/router-prompt.js +138 -0
package/dist/routing/router-prompt.js.map +1 -0
package/dist/routing/router-types.d.ts +62 -0
package/dist/routing/router-types.js +2 -0
package/dist/routing/router-types.js.map +1 -0
package/dist/routing/router.d.ts +10 -0
package/dist/routing/router.js +194 -0
package/dist/routing/router.js.map +1 -0
package/dist/runtime/session-coordinator.d.ts +63 -4
package/dist/runtime/session-coordinator.js +155 -4
package/dist/runtime/session-coordinator.js.map +1 -1
package/dist/runtime/tool-defaults-wrapper.d.ts +3 -0
package/dist/runtime/tool-defaults-wrapper.js +25 -0
package/dist/runtime/tool-defaults-wrapper.js.map +1 -0
package/dist/sentiment/adapters/finnhub.d.ts +7 -0
package/dist/sentiment/adapters/finnhub.js +39 -0
package/dist/sentiment/adapters/finnhub.js.map +1 -0
package/dist/sentiment/adapters/reddit.d.ts +11 -0
package/dist/sentiment/adapters/reddit.js +54 -0
package/dist/sentiment/adapters/reddit.js.map +1 -0
package/dist/sentiment/adapters/twitter.d.ts +9 -0
package/dist/sentiment/adapters/twitter.js +32 -0
package/dist/sentiment/adapters/twitter.js.map +1 -0
package/dist/sentiment/adapters/web.d.ts +9 -0
package/dist/sentiment/adapters/web.js +40 -0
package/dist/sentiment/adapters/web.js.map +1 -0
package/dist/sentiment/index.d.ts +16 -0
package/dist/sentiment/index.js +44 -0
package/dist/sentiment/index.js.map +1 -0
package/dist/sentiment/keywords.d.ts +2 -0
package/dist/sentiment/keywords.js +9 -0
package/dist/sentiment/keywords.js.map +1 -0
package/dist/sentiment/pipeline.d.ts +9 -0
package/dist/sentiment/pipeline.js +57 -0
package/dist/sentiment/pipeline.js.map +1 -0
package/dist/sentiment/scorer.d.ts +9 -0
package/dist/sentiment/scorer.js +64 -0
package/dist/sentiment/scorer.js.map +1 -0
package/dist/sentiment/store.d.ts +24 -0
package/dist/sentiment/store.js +182 -0
package/dist/sentiment/store.js.map +1 -0
package/dist/sentiment/trends.d.ts +13 -0
package/dist/sentiment/trends.js +73 -0
package/dist/sentiment/trends.js.map +1 -0
package/dist/sentiment/types.d.ts +66 -0
package/dist/sentiment/types.js +54 -0
package/dist/sentiment/types.js.map +1 -0
package/dist/system-prompt.js +29 -13
package/dist/system-prompt.js.map +1 -1
package/dist/tool-kit.d.ts +4 -4
package/dist/tools/fundamentals/company-overview.d.ts +4 -2
package/dist/tools/fundamentals/company-overview.js +27 -27
package/dist/tools/fundamentals/company-overview.js.map +1 -1
package/dist/tools/fundamentals/comps.d.ts +1 -1
package/dist/tools/fundamentals/comps.js +45 -45
package/dist/tools/fundamentals/comps.js.map +1 -1
package/dist/tools/fundamentals/dcf.d.ts +1 -1
package/dist/tools/fundamentals/dcf.js +82 -82
package/dist/tools/fundamentals/dcf.js.map +1 -1
package/dist/tools/fundamentals/earnings.d.ts +4 -2
package/dist/tools/fundamentals/earnings.js +25 -25
package/dist/tools/fundamentals/earnings.js.map +1 -1
package/dist/tools/fundamentals/financials.d.ts +4 -2
package/dist/tools/fundamentals/financials.js +23 -23
package/dist/tools/fundamentals/financials.js.map +1 -1
package/dist/tools/fundamentals/sec-filings.d.ts +1 -1
package/dist/tools/index.d.ts +28 -1
package/dist/tools/index.js +35 -2
package/dist/tools/index.js.map +1 -1
package/dist/tools/interaction/ask-user.d.ts +1 -1
package/dist/tools/interaction/ask-user.js +28 -64
package/dist/tools/interaction/ask-user.js.map +1 -1
package/dist/tools/interaction/twitter-login.d.ts +1 -1
package/dist/tools/macro/fear-greed.d.ts +1 -1
package/dist/tools/macro/fred-data.d.ts +4 -2
package/dist/tools/macro/fred-data.js +26 -26
package/dist/tools/macro/fred-data.js.map +1 -1
package/dist/tools/market/crypto-history.d.ts +1 -1
package/dist/tools/market/crypto-price.d.ts +1 -1
package/dist/tools/market/search-ticker.d.ts +1 -1
package/dist/tools/market/stock-history.d.ts +1 -1
package/dist/tools/market/stock-quote.d.ts +1 -1
package/dist/tools/options/option-chain.d.ts +1 -1
package/dist/tools/options/option-chain.js +4 -1
package/dist/tools/options/option-chain.js.map +1 -1
package/dist/tools/portfolio/correlation.d.ts +1 -1
package/dist/tools/portfolio/predictions.d.ts +1 -1
package/dist/tools/portfolio/risk-analysis.d.ts +1 -1
package/dist/tools/portfolio/tracker.d.ts +1 -1
package/dist/tools/portfolio/watchlist.d.ts +1 -1
package/dist/tools/sentiment/reddit-sentiment.d.ts +4 -2
package/dist/tools/sentiment/reddit-sentiment.js +107 -22
package/dist/tools/sentiment/reddit-sentiment.js.map +1 -1
package/dist/tools/sentiment/sentiment-summary.d.ts +7 -0
package/dist/tools/sentiment/sentiment-summary.js +230 -0
package/dist/tools/sentiment/sentiment-summary.js.map +1 -0
package/dist/tools/sentiment/sentiment-trend.d.ts +22 -0
package/dist/tools/sentiment/sentiment-trend.js +39 -0
package/dist/tools/sentiment/sentiment-trend.js.map +1 -0
package/dist/tools/sentiment/twitter-sentiment.d.ts +1 -1
package/dist/tools/sentiment/twitter-sentiment.js +17 -0
package/dist/tools/sentiment/twitter-sentiment.js.map +1 -1
package/dist/tools/sentiment/web-search.d.ts +11 -0
package/dist/tools/sentiment/web-search.js +115 -0
package/dist/tools/sentiment/web-search.js.map +1 -0
package/dist/tools/sentiment/web-sentiment.d.ts +8 -0
package/dist/tools/sentiment/web-sentiment.js +66 -0
package/dist/tools/sentiment/web-sentiment.js.map +1 -0
package/dist/tools/technical/backtest.d.ts +1 -1
package/dist/tools/technical/indicators.d.ts +1 -1
package/dist/tools/technical/indicators.js +7 -1
package/dist/tools/technical/indicators.js.map +1 -1
package/dist/types/index.d.ts +1 -1
package/dist/types/sentiment.d.ts +21 -0
package/dist/workflows/options-screener.js +7 -2
package/dist/workflows/options-screener.js.map +1 -1
package/dist/workflows/portfolio-builder.js +3 -3
package/dist/workflows/portfolio-builder.js.map +1 -1
package/gui/server/background-quotes.ts +31 -0
package/gui/server/chat-event-adapter.ts +142 -0
package/gui/server/invoke-tool.ts +89 -0
package/gui/server/live-chat-event-adapter.ts +181 -0
package/gui/server/model-setup.ts +100 -0
package/gui/server/package.json +5 -0
package/gui/server/projector.ts +212 -0
package/gui/server/server.ts +592 -0
package/gui/server/session-actions.ts +31 -0
package/gui/server/tool-metadata.ts +88 -0
package/gui/server/websocket.ts +128 -0
package/gui/server/writer-lock.ts +118 -0
package/gui/shared/chat-events.ts +118 -0
package/gui/shared/event-reducer.ts +186 -0
package/gui/web/dist/assets/CatalogOverlay-D1ImSJTe.js +1 -0
package/gui/web/dist/assets/index-DBrWq43L.css +1 -0
package/gui/web/dist/assets/index-RflHaj0y.js +67 -0
package/gui/web/dist/assets/logo-CWpt6Y2a.svg +187 -0
package/gui/web/dist/index.html +17 -0
package/package.json +62 -20
package/src/analysts/contracts.ts +189 -0
package/src/analysts/orchestrator.ts +300 -0
package/src/cli.ts +205 -0
package/src/config.ts +161 -0
package/src/index.ts +5 -0
package/src/infra/browser.ts +111 -0
package/src/infra/cache.ts +103 -0
package/src/infra/http-client.ts +68 -0
package/src/infra/index.ts +18 -0
package/src/infra/native-dependencies.ts +12 -0
package/src/infra/node-version.ts +24 -0
package/src/infra/open-url.ts +28 -0
package/src/infra/opencandle-paths.ts +64 -0
package/src/infra/rate-limiter.ts +64 -0
package/src/memory/index.ts +10 -0
package/src/memory/manager.ts +159 -0
package/src/memory/preference-extractor.ts +106 -0
package/src/memory/retrieval.ts +70 -0
package/src/memory/sqlite.ts +172 -0
package/src/memory/storage.ts +204 -0
package/src/memory/tool-defaults.ts +87 -0
package/src/memory/types.ts +67 -0
package/src/onboarding/connect.ts +184 -0
package/src/onboarding/credential-interceptor.ts +134 -0
package/src/onboarding/degradation-accumulator.ts +79 -0
package/src/onboarding/prompt-user.ts +85 -0
package/src/onboarding/providers.ts +315 -0
package/src/onboarding/state.ts +218 -0
package/src/onboarding/tool-helpers.ts +111 -0
package/src/onboarding/tool-tags.ts +201 -0
package/src/onboarding/validation.ts +158 -0
package/src/pi/opencandle-extension.ts +724 -0
package/src/pi/session-storage.ts +5 -0
package/src/pi/session.ts +81 -0
package/src/pi/setup.ts +371 -0
package/src/pi/tool-adapter.ts +36 -0
package/src/prompts/context-builder.ts +204 -0
package/src/prompts/disclaimer.ts +9 -0
package/src/prompts/sections.ts +46 -0
package/src/prompts/workflow-prompts.ts +279 -0
package/src/providers/alpha-vantage.ts +292 -0
package/src/providers/coingecko.ts +96 -0
package/src/providers/exa-search.ts +373 -0
package/src/providers/fear-greed.ts +45 -0
package/src/providers/finnhub.ts +124 -0
package/src/providers/fred.ts +83 -0
package/src/providers/index.ts +9 -0
package/src/providers/provider-credential-error.ts +23 -0
package/src/providers/reddit.ts +151 -0
package/src/providers/sec-edgar.ts +96 -0
package/src/providers/twitter.ts +173 -0
package/src/providers/web-search.ts +293 -0
package/src/providers/with-fallback.ts +41 -0
package/src/providers/wrap-provider.ts +64 -0
package/src/providers/yahoo-finance.ts +367 -0
package/src/routing/classify-intent.ts +194 -0
package/src/routing/defaults.ts +29 -0
package/src/routing/entity-extractor.ts +140 -0
package/src/routing/index.ts +26 -0
package/src/routing/router-llm-client.ts +51 -0
package/src/routing/router-prompt.ts +159 -0
package/src/routing/router-types.ts +66 -0
package/src/routing/router.ts +213 -0
package/src/routing/slot-resolver.ts +152 -0
package/src/routing/types.ts +63 -0
package/src/runtime/evidence.ts +77 -0
package/src/runtime/index.ts +55 -0
package/src/runtime/prompt-step.ts +75 -0
package/src/runtime/provider-ids.ts +15 -0
package/src/runtime/provider-tracker.ts +40 -0
package/src/runtime/run-context.ts +22 -0
package/src/runtime/session-coordinator.ts +406 -0
package/src/runtime/tool-defaults-wrapper.ts +35 -0
package/src/runtime/validation.ts +214 -0
package/src/runtime/workflow-events.ts +75 -0
package/src/runtime/workflow-runner.ts +188 -0
package/src/runtime/workflow-types.ts +102 -0
package/src/sentiment/adapters/finnhub.ts +44 -0
package/src/sentiment/adapters/reddit.ts +65 -0
package/src/sentiment/adapters/twitter.ts +36 -0
package/src/sentiment/adapters/web.ts +44 -0
package/src/sentiment/index.ts +58 -0
package/src/sentiment/keywords.ts +9 -0
package/src/sentiment/pipeline.ts +68 -0
package/src/sentiment/scorer.ts +78 -0
package/src/sentiment/store.ts +260 -0
package/src/sentiment/trends.ts +90 -0
package/src/sentiment/types.ts +108 -0
package/src/system-prompt.ts +115 -0
package/src/tool-kit.ts +68 -0
package/src/tools/AGENTS.md +36 -0
package/src/tools/fundamentals/company-overview.ts +54 -0
package/src/tools/fundamentals/comps.ts +156 -0
package/src/tools/fundamentals/dcf.ts +267 -0
package/src/tools/fundamentals/earnings.ts +47 -0
package/src/tools/fundamentals/financials.ts +54 -0
package/src/tools/fundamentals/sec-filings.ts +61 -0
package/src/tools/index.ts +88 -0
package/src/tools/interaction/ask-user.ts +81 -0
package/src/tools/interaction/twitter-login.ts +93 -0
package/src/tools/macro/fear-greed.ts +41 -0
package/src/tools/macro/fred-data.ts +54 -0
package/src/tools/market/crypto-history.ts +51 -0
package/src/tools/market/crypto-price.ts +53 -0
package/src/tools/market/search-ticker.ts +53 -0
package/src/tools/market/stock-history.ts +79 -0
package/src/tools/market/stock-quote.ts +64 -0
package/src/tools/options/greeks.ts +82 -0
package/src/tools/options/option-chain.ts +91 -0
package/src/tools/portfolio/correlation.ts +162 -0
package/src/tools/portfolio/predictions.ts +253 -0
package/src/tools/portfolio/risk-analysis.ts +134 -0
package/src/tools/portfolio/tracker.ts +147 -0
package/src/tools/portfolio/watchlist.ts +153 -0
package/src/tools/sentiment/reddit-sentiment.ts +164 -0
package/src/tools/sentiment/sentiment-summary.ts +256 -0
package/src/tools/sentiment/sentiment-trend.ts +58 -0
package/src/tools/sentiment/twitter-sentiment.ts +96 -0
package/src/tools/sentiment/web-search.ts +150 -0
package/src/tools/sentiment/web-sentiment.ts +76 -0
package/src/tools/technical/backtest.ts +246 -0
package/src/tools/technical/indicators.ts +258 -0
package/src/types/fundamentals.ts +46 -0
package/src/types/index.ts +20 -0
package/src/types/macro.ts +27 -0
package/src/types/market.ts +43 -0
package/src/types/options.ts +35 -0
package/src/types/portfolio.ts +41 -0
package/src/types/sentiment.ts +70 -0
package/src/workflows/compare-assets.ts +39 -0
package/src/workflows/index.ts +4 -0
package/src/workflows/options-screener.ts +49 -0
package/src/workflows/portfolio-builder.ts +52 -0
package/src/workflows/types.ts +4 -0
package/dist/tools/sentiment/news-sentiment.d.ts +0 -7
package/dist/tools/sentiment/news-sentiment.js +0 -55
package/dist/tools/sentiment/news-sentiment.js.map +0 -1

package/dist/onboarding/connect.js ADDED Viewed

@@ -0,0 +1,118 @@
+// Shared `runProviderConnect` function — the actual side-effectful flow that
+// opens a browser, collects a pasted API key, validates it against the
+// provider's API, persists it to `~/.opencandle/config.json`, and refreshes
+// the cached Config so the next tool call sees the new credential.
+//
+// Called from two places:
+//   1. The Pi `tool_result` extension handler when the user picks "Connect now"
+//      in the just-in-time prompt (Task Group 10).
+//   2. The `/connect` Pi command (Task Group 13).
+//
+// Validation (Task Group 8 final pass): before persisting, the pasted key is
+// validated via `validateCredential`, which makes a single cheap request to
+// the provider's canonical API and classifies the response. A hard
+// auth failure (401/403 or a provider-specific error-in-200-body) is
+// returned as `invalid_key` WITHOUT persisting the bad value; a transient
+// failure (timeout, 5xx, network error) warns the user but still persists
+// the key so they aren't blocked on a provider outage — the next real tool
+// call will surface any lingering issue via the credential-required tag.
+import { openInBrowser } from "../infra/open-url.js";
+import { loadFileConfig, saveFileConfig, loadConfig, } from "../config.js";
+import { getProvider, getCredentialSource, } from "./providers.js";
+import { loadOnboardingState, markProviderCompleted, saveOnboardingState, } from "./state.js";
+import { validateCredential } from "./validation.js";
+function writeNested(obj, path, value) {
+    if (path.length === 0)
+        return obj;
+    const [head, ...rest] = path;
+    const next = { ...obj };
+    if (rest.length === 0) {
+        next[head] = value;
+    }
+    else {
+        const child = next[head] && typeof next[head] === "object"
+            ? next[head]
+            : {};
+        next[head] = writeNested(child, rest, value);
+    }
+    return next;
+}
+/**
+ * Persist an already-validated provider credential.
+ *
+ * Writes the key into `~/.opencandle/config.json` (preserving sibling fields),
+ * refreshes the cached `Config` so the next tool call sees the new value, and
+ * marks the provider as completed in the onboarding state.
+ *
+ * Shared by the TUI `/connect` flow (`runProviderConnect`) and the GUI
+ * provider-setup form. Validation is the caller's responsibility — both
+ * call sites run `validateCredential` before invoking this helper.
+ */
+export function persistProviderCredential(providerId, key) {
+    const descriptor = getProvider(providerId);
+    const existing = loadFileConfig();
+    const updated = writeNested(existing, descriptor.configPath, key);
+    saveFileConfig(updated);
+    loadConfig();
+    const state = loadOnboardingState();
+    saveOnboardingState(markProviderCompleted(state, providerId));
+}
+/**
+ * Run the connect flow for a single provider.
+ *
+ * Env-precedence short-circuit: if the provider's configured credential
+ * already comes from an environment variable, the file-config write would
+ * be invisible to the next tool call (env vars win in `resolveConfig`).
+ * Notify the user explicitly and return `blocked_by_env` — do not open
+ * the browser or collect a pasted value.
+ */
+export async function runProviderConnect(ctx, providerId) {
+    const descriptor = getProvider(providerId);
+    // Env-precedence check.
+    if (getCredentialSource(providerId) === "env") {
+        ctx.ui.notify(`${descriptor.displayName} is currently set via the ${descriptor.envVar} environment variable. ` +
+            `To change it from here, unset that variable first and reopen /connect ${descriptor.aliases[0] ?? descriptor.id}. ` +
+            `Otherwise, update ${descriptor.envVar} directly in your shell profile.`, "warning");
+        return { status: "blocked_by_env" };
+    }
+    // Open the signup URL in the user's browser. We ignore errors here — if
+    // the browser can't be opened, the user can still paste a key they
+    // already have, so we continue rather than bailing.
+    await openInBrowser(descriptor.signupUrl).catch(() => { });
+    ctx.ui.notify(`Opening ${descriptor.displayName} signup in your browser...`, "info");
+    // Prompt for the key. Uses the provider's instructionsHint as the
+    // placeholder text to remind the user what they're pasting.
+    const pasted = await ctx.ui.input(`Paste your ${descriptor.displayName} API key`, descriptor.instructionsHint);
+    if (!pasted) {
+        return { status: "cancelled" };
+    }
+    const trimmed = pasted.trim();
+    if (trimmed.length === 0) {
+        return { status: "cancelled" };
+    }
+    // Validate the key with the provider BEFORE persisting. Hard auth failures
+    // short-circuit here without writing anything; transient failures warn
+    // but proceed to persist so users don't get stuck on a provider outage.
+    ctx.ui.notify(`Verifying your ${descriptor.displayName} key...`, "info");
+    const validation = await validateCredential(providerId, trimmed);
+    if (validation.status === "invalid") {
+        const statusHint = validation.httpStatus !== undefined ? ` (HTTP ${validation.httpStatus})` : "";
+        const messageHint = validation.message ? ` — ${validation.message}` : "";
+        ctx.ui.notify(`${descriptor.displayName} rejected the key${statusHint}${messageHint}. ` +
+            `Your existing configuration was not changed. Re-run /connect ${descriptor.aliases[0] ?? descriptor.id} to try a different key.`, "error");
+        return {
+            status: "invalid_key",
+            httpStatus: validation.httpStatus,
+            message: validation.message,
+        };
+    }
+    if (validation.status === "transient") {
+        ctx.ui.notify(`Couldn't reach ${descriptor.displayName} to verify the key (${validation.reason}). ` +
+            `Saving it anyway — the next request will surface any issue.`, "warning");
+        // Fall through to persist.
+    }
+    persistProviderCredential(providerId, trimmed);
+    ctx.ui.notify(`${descriptor.displayName} connected. Your key has been saved.`, "info");
+    return { status: "connected" };
+}
+//# sourceMappingURL=connect.js.map

package/dist/onboarding/connect.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"connect.js","sourceRoot":"","sources":["../../src/onboarding/connect.ts"],"names":[],"mappings":"AAAA,6EAA6E;AAC7E,uEAAuE;AACvE,4EAA4E;AAC5E,mEAAmE;AACnE,EAAE;AACF,0BAA0B;AAC1B,gFAAgF;AAChF,mDAAmD;AACnD,kDAAkD;AAClD,EAAE;AACF,6EAA6E;AAC7E,4EAA4E;AAC5E,mEAAmE;AACnE,qEAAqE;AACrE,0EAA0E;AAC1E,0EAA0E;AAC1E,2EAA2E;AAC3E,yEAAyE;AAGzE,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EACL,cAAc,EACd,cAAc,EACd,UAAU,GAEX,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,WAAW,EACX,mBAAmB,GAEpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAQrD,SAAS,WAAW,CAClB,GAA4B,EAC5B,IAAuB,EACvB,KAAa;IAEb,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAClC,MAAM,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IAC7B,MAAM,IAAI,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IACxB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;IACrB,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GACT,IAAI,CAAC,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,CAAC,KAAK,QAAQ;YAC1C,CAAC,CAAE,IAAI,CAAC,IAAI,CAA6B;YACzC,CAAC,CAAC,EAAE,CAAC;QACT,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,KAAK,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,yBAAyB,CACvC,UAAsB,EACtB,GAAW;IAEX,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,cAAc,EAAwC,CAAC;IACxE,MAAM,OAAO,GAAG,WAAW,CACzB,QAAQ,EACR,UAAU,CAAC,UAAU,EACrB,GAAG,CACoB,CAAC;IAC1B,cAAc,CAAC,OAAO,CAAC,CAAC;IACxB,UAAU,EAAE,CAAC;IACb,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,mBAAmB,CAAC,qBAAqB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,GAAqB,EACrB,UAAsB;IAEtB,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAE3C,wBAAwB;IACxB,IAAI,mBAAmB,CAAC,UAAU,CAAC,KAAK,KAAK,EAAE,CAAC;QAC9C,GAAG,CAAC,EAAE,CAAC,MAAM,CACX,GAAG,UAAU,CAAC,WAAW,6BAA6B,UAAU,CAAC,MAAM,yBAAyB;YAC9F,yEAAyE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,IAAI;YACnH,qBAAqB,UAAU,CAAC,MAAM,kCAAkC,EAC1E,SAAS,CACV,CAAC;QACF,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtC,CAAC;IAED,wEAAwE;IACxE,mEAAmE;IACnE,oDAAoD;IACpD,MAAM,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAC1D,GAAG,CAAC,EAAE,CAAC,MAAM,CACX,WAAW,UAAU,CAAC,WAAW,4BAA4B,EAC7D,MAAM,CACP,CAAC;IAEF,kEAAkE;IAClE,4DAA4D;IAC5D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAC/B,cAAc,UAAU,CAAC,WAAW,UAAU,EAC9C,UAAU,CAAC,gBAAgB,CAC5B,CAAC;IACF,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACjC,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACjC,CAAC;IAED,2EAA2E;IAC3E,uEAAuE;IACvE,wEAAwE;IACxE,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,kBAAkB,UAAU,CAAC,WAAW,SAAS,EAAE,MAAM,CAAC,CAAC;IACzE,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAEjE,IAAI,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACpC,MAAM,UAAU,GACd,UAAU,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,UAAU,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAChF,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzE,GAAG,CAAC,EAAE,CAAC,MAAM,CACX,GAAG,UAAU,CAAC,WAAW,oBAAoB,UAAU,GAAG,WAAW,IAAI;YACvE,gEACE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EACtC,0BAA0B,EAC5B,OAAO,CACR,CAAC;QACF,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,UAAU,EAAE,UAAU,CAAC,UAAU;YACjC,OAAO,EAAE,UAAU,CAAC,OAAO;SAC5B,CAAC;IACJ,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QACtC,GAAG,CAAC,EAAE,CAAC,MAAM,CACX,kBAAkB,UAAU,CAAC,WAAW,uBAAuB,UAAU,CAAC,MAAM,KAAK;YACnF,6DAA6D,EAC/D,SAAS,CACV,CAAC;QACF,2BAA2B;IAC7B,CAAC;IAED,yBAAyB,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAE/C,GAAG,CAAC,EAAE,CAAC,MAAM,CACX,GAAG,UAAU,CAAC,WAAW,sCAAsC,EAC/D,MAAM,CACP,CAAC;IAEF,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC"}

package/dist/onboarding/credential-interceptor.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import type { ProviderId } from "./providers.js";
+import type { OnboardingState } from "./state.js";
+import type { CredentialRequiredReason } from "./tool-tags.js";
+export interface InterceptInput {
+    /** The provider id parsed from the tagged tool-result content. */
+    provider: ProviderId;
+    /** Why the credential was flagged as required. */
+    reason: CredentialRequiredReason;
+    /** Current persistent onboarding state (providers map, welcome flag). */
+    state: OnboardingState;
+    /** Providers already prompted at least once in this session (across workflows). */
+    sessionPromptedSet: ReadonlySet<ProviderId>;
+    /**
+     * Whether a hard-tier provider has already fired a prompt earlier in the
+     * current workflow invocation. When true, subsequent hard-provider prompts
+     * in the same workflow SHALL be silenced per the "at most one prompt per
+     * workflow" requirement in `conversational-provider-setup.spec.md`.
+     */
+    hardPromptFiredInWorkflow: boolean;
+    /** Injected clock for deterministic snooze-expiry tests. */
+    now: Date;
+}
+/** Outcome of the interception decision. */
+export type InterceptAction = {
+    action: "prompt";
+    provider: ProviderId;
+    reason: CredentialRequiredReason;
+} | {
+    action: "skip";
+    provider: ProviderId;
+    remediation: string;
+    /** True when the skip is due to explicit never_ask — downstream gap-note
+     *  synthesis should suppress the `/connect` remediation in that case. */
+    silenced: boolean;
+};
+/**
+ * Pure decision function — given an `InterceptInput`, return either a
+ * `prompt` action (the extension handler should pause and call `promptUser`)
+ * or a `skip` action (the handler should replace the tool result with a
+ * `[OPENCANDLE_SKIPPED ...]` placeholder).
+ *
+ * No side effects. No Pi imports. Trivially unit-testable.
+ */
+export declare function resolveCredentialRequired(input: InterceptInput): InterceptAction;

package/dist/onboarding/credential-interceptor.js ADDED Viewed

@@ -0,0 +1,72 @@
+// Pure decision function for handling `[OPENCANDLE_CREDENTIAL_REQUIRED ...]`
+// tool results. This module has NO Pi dependencies so it can be tested in
+// isolation — the Pi extension `tool_result` handler is a thin wrapper that
+// calls this function, inspects the returned `InterceptAction`, and drives
+// the appropriate side effects (promptUser, state mutation, tool rerun).
+//
+// Decision table — see design.md Decision 3 for the canonical version.
+import { getProvider } from "./providers.js";
+function buildRemediation(providerId) {
+    const descriptor = getProvider(providerId);
+    // Prefer the first alias as the friendly target; fall back to the id.
+    const alias = descriptor.aliases[0] ?? providerId;
+    return `run /connect ${alias} to unlock`;
+}
+function skip(providerId, silenced) {
+    return {
+        action: "skip",
+        provider: providerId,
+        remediation: buildRemediation(providerId),
+        silenced,
+    };
+}
+/**
+ * Pure decision function — given an `InterceptInput`, return either a
+ * `prompt` action (the extension handler should pause and call `promptUser`)
+ * or a `skip` action (the handler should replace the tool result with a
+ * `[OPENCANDLE_SKIPPED ...]` placeholder).
+ *
+ * No side effects. No Pi imports. Trivially unit-testable.
+ */
+export function resolveCredentialRequired(input) {
+    const { provider, reason, state, sessionPromptedSet, hardPromptFiredInWorkflow, now, } = input;
+    const descriptor = getProvider(provider);
+    const entry = state.providers[provider];
+    // 1. Never-ask: always skip, marked silenced so the gap-note copy drops the
+    //    `/connect` remediation.
+    if (entry?.status === "never_ask") {
+        return skip(provider, true);
+    }
+    // 2. Completed + missing (defensive — shouldn't normally happen because the
+    //    tool layer only emits `missing` when `hasCredential` returns false, and
+    //    a completed state implies the credential was persisted).
+    if (entry?.status === "completed" && reason === "missing") {
+        return skip(provider, false);
+    }
+    // 3. Session-level dedup: a previous prompt this session already settled
+    //    the user's answer for this provider. Don't re-ask until next session.
+    if (sessionPromptedSet.has(provider)) {
+        return skip(provider, false);
+    }
+    // 4. Per-workflow cap: at most one hard-provider prompt per workflow run.
+    if (hardPromptFiredInWorkflow && descriptor.tier === "hard") {
+        return skip(provider, false);
+    }
+    // 5. Active snooze: skip without decrementing the session set (the user
+    //    will see the prompt again if they try a workflow after snoozeUntil).
+    if (entry?.status === "snoozed") {
+        const until = Date.parse(entry.snoozeUntil);
+        if (!Number.isNaN(until) && now.getTime() < until) {
+            return skip(provider, false);
+        }
+        // snoozed but expired → fall through to prompt.
+    }
+    // 6. Completed + stale: re-prompt. This is the ONE stale-credential path
+    //    this change ships — the full failure-as-invitation story is deferred.
+    if (entry?.status === "completed" && reason === "stale") {
+        return { action: "prompt", provider, reason };
+    }
+    // 7. Default: prompt.
+    return { action: "prompt", provider, reason };
+}
+//# sourceMappingURL=credential-interceptor.js.map

package/dist/onboarding/credential-interceptor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credential-interceptor.js","sourceRoot":"","sources":["../../src/onboarding/credential-interceptor.ts"],"names":[],"mappings":"AAAA,6EAA6E;AAC7E,0EAA0E;AAC1E,4EAA4E;AAC5E,2EAA2E;AAC3E,yEAAyE;AACzE,EAAE;AACF,uEAAuE;AAGvE,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAwC7C,SAAS,gBAAgB,CAAC,UAAsB;IAC9C,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAC3C,sEAAsE;IACtE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC;IAClD,OAAO,gBAAgB,KAAK,YAAY,CAAC;AAC3C,CAAC;AAED,SAAS,IAAI,CACX,UAAsB,EACtB,QAAiB;IAEjB,OAAO;QACL,MAAM,EAAE,MAAM;QACd,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gBAAgB,CAAC,UAAU,CAAC;QACzC,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,yBAAyB,CACvC,KAAqB;IAErB,MAAM,EACJ,QAAQ,EACR,MAAM,EACN,KAAK,EACL,kBAAkB,EAClB,yBAAyB,EACzB,GAAG,GACJ,GAAG,KAAK,CAAC;IAEV,MAAM,UAAU,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAExC,4EAA4E;IAC5E,6BAA6B;IAC7B,IAAI,KAAK,EAAE,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;IAED,4EAA4E;IAC5E,6EAA6E;IAC7E,8DAA8D;IAC9D,IAAI,KAAK,EAAE,MAAM,KAAK,WAAW,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,yEAAyE;IACzE,2EAA2E;IAC3E,IAAI,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,0EAA0E;IAC1E,IAAI,yBAAyB,IAAI,UAAU,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,wEAAwE;IACxE,0EAA0E;IAC1E,IAAI,KAAK,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,OAAO,EAAE,GAAG,KAAK,EAAE,CAAC;YAClD,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC/B,CAAC;QACD,gDAAgD;IAClD,CAAC;IAED,yEAAyE;IACzE,2EAA2E;IAC3E,IAAI,KAAK,EAAE,MAAM,KAAK,WAAW,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACxD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;IAChD,CAAC;IAED,sBAAsB;IACtB,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}

package/dist/onboarding/degradation-accumulator.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { ProviderId } from "./providers.js";
+import type { OnboardingState } from "./state.js";
+export interface DegradationAccumulator {
+    /** Record that a soft-tier provider fell back during this turn. Idempotent. */
+    record(provider: ProviderId): void;
+    /** Number of distinct providers recorded since the last reset. */
+    size(): number;
+    /** True when nothing has been recorded since the last reset. */
+    isEmpty(): boolean;
+    /**
+     * Build a newline-delimited list of `[OPENCANDLE_SKIPPED ...]` tags — one
+     * per distinct recorded provider. Providers whose `state.providers[id]`
+     * entry has `status: "never_ask"` get the `(silenced)` suffix in their
+     * remediation so the system prompt instruction suppresses the `/connect`
+     * link in the final answer. Returns `null` when no providers are recorded.
+     */
+    buildCombinedAnnotation(state: OnboardingState): string | null;
+    /** Clear all recorded providers. Call this at turn_start. */
+    reset(): void;
+}
+export declare function createDegradationAccumulator(): DegradationAccumulator;

package/dist/onboarding/degradation-accumulator.js ADDED Viewed

@@ -0,0 +1,55 @@
+// Per-turn accumulator for soft-tier provider degradations. When a soft
+// provider falls back to a keyless alternative (e.g. Brave → DuckDuckGo, Exa →
+// keyless MCP, Finnhub → cached/free source), the tool result content carries
+// a `[OPENCANDLE_SOFT_DEGRADED ...]` tag. The extension's `tool_result` hook
+// records the provider id in this accumulator WITHOUT mutating the tool
+// result; at `turn_end` the accumulator builds a single combined
+// `[OPENCANDLE_SKIPPED ...]`-style annotation that gets appended to the
+// session as a sidecar entry for observability.
+//
+// Per-provider state (never_ask / snoozed / completed) lives in the persistent
+// OnboardingState on disk — the accumulator stays pure and consults the
+// caller-supplied state snapshot at `buildCombinedAnnotation` time. This keeps
+// the accumulator trivially testable without mocking the filesystem.
+import { getProvider } from "./providers.js";
+import { buildSkippedTag } from "./tool-tags.js";
+export function createDegradationAccumulator() {
+    const recorded = new Set();
+    return {
+        record(provider) {
+            recorded.add(provider);
+        },
+        size() {
+            return recorded.size;
+        },
+        isEmpty() {
+            return recorded.size === 0;
+        },
+        buildCombinedAnnotation(state) {
+            if (recorded.size === 0)
+                return null;
+            const lines = [];
+            for (const provider of recorded) {
+                const descriptor = getProvider(provider);
+                const entry = state.providers[provider];
+                const silenced = entry?.status === "never_ask";
+                const alias = descriptor.aliases[0] ?? descriptor.id;
+                const baseRemediation = `run /connect ${alias} to unlock`;
+                const remediation = silenced
+                    ? `${baseRemediation} (silenced)`
+                    : baseRemediation;
+                lines.push(buildSkippedTag({
+                    provider,
+                    reason: "credential_not_provided",
+                    remediation,
+                    silenced: silenced || undefined,
+                }));
+            }
+            return lines.join("\n");
+        },
+        reset() {
+            recorded.clear();
+        },
+    };
+}
+//# sourceMappingURL=degradation-accumulator.js.map

package/dist/onboarding/degradation-accumulator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"degradation-accumulator.js","sourceRoot":"","sources":["../../src/onboarding/degradation-accumulator.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,+EAA+E;AAC/E,8EAA8E;AAC9E,6EAA6E;AAC7E,wEAAwE;AACxE,iEAAiE;AACjE,wEAAwE;AACxE,gDAAgD;AAChD,EAAE;AACF,+EAA+E;AAC/E,wEAAwE;AACxE,+EAA+E;AAC/E,qEAAqE;AAGrE,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAqBjD,MAAM,UAAU,4BAA4B;IAC1C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAc,CAAC;IAEvC,OAAO;QACL,MAAM,CAAC,QAAoB;YACzB,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;QACD,IAAI;YACF,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QACD,OAAO;YACL,OAAO,QAAQ,CAAC,IAAI,KAAK,CAAC,CAAC;QAC7B,CAAC;QACD,uBAAuB,CAAC,KAAsB;YAC5C,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACrC,MAAM,KAAK,GAAa,EAAE,CAAC;YAC3B,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;gBAChC,MAAM,UAAU,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;gBACzC,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACxC,MAAM,QAAQ,GAAG,KAAK,EAAE,MAAM,KAAK,WAAW,CAAC;gBAC/C,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC;gBACrD,MAAM,eAAe,GAAG,gBAAgB,KAAK,YAAY,CAAC;gBAC1D,MAAM,WAAW,GAAG,QAAQ;oBAC1B,CAAC,CAAC,GAAG,eAAe,aAAa;oBACjC,CAAC,CAAC,eAAe,CAAC;gBACpB,KAAK,CAAC,IAAI,CACR,eAAe,CAAC;oBACd,QAAQ;oBACR,MAAM,EAAE,yBAAyB;oBACjC,WAAW;oBACX,QAAQ,EAAE,QAAQ,IAAI,SAAS;iBAChC,CAAC,CACH,CAAC;YACJ,CAAC;YACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;QACD,KAAK;YACH,QAAQ,CAAC,KAAK,EAAE,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/onboarding/prompt-user.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import type { AskUserHandler } from "../types/index.js";
+export interface PromptOptions {
+    question: string;
+    questionType: "select" | "text" | "confirm";
+    options?: string[];
+    placeholder?: string;
+    reason?: string;
+}
+export interface PromptResult {
+    answer: string | null;
+    cancelled: boolean;
+}
+/**
+ * Ask the user a structured question, routing to the appropriate UI primitive
+ * (`ctx.ui.select` / `ctx.ui.input` / `ctx.ui.confirm`).
+ *
+ * When an `askUserHandler` is injected (test harness, programmatic runs), the
+ * handler takes precedence over `ctx.ui` and provides the answer directly.
+ *
+ * When neither a handler nor a UI is available, returns `{answer: null, cancelled: true}`.
+ */
+export declare function promptUser(ctx: ExtensionContext, opts: PromptOptions, handler?: AskUserHandler): Promise<PromptResult>;

package/dist/onboarding/prompt-user.js ADDED Viewed

@@ -0,0 +1,61 @@
+// Shared prompt primitive used by both the `ask_user` tool and the
+// credential-interception handler in the Pi `tool_result` hook.
+//
+// The original `ask_user` tool embedded its UI routing in a closure inside
+// `execute()`. Extracting it here means the `tool_result` handler can call
+// the same logic without synthesizing a fake tool call (Pi has no "execute
+// a tool now" API), and the headless harness's `askUserHandler` injection
+// point is preserved for automated flows.
+/**
+ * Ask the user a structured question, routing to the appropriate UI primitive
+ * (`ctx.ui.select` / `ctx.ui.input` / `ctx.ui.confirm`).
+ *
+ * When an `askUserHandler` is injected (test harness, programmatic runs), the
+ * handler takes precedence over `ctx.ui` and provides the answer directly.
+ *
+ * When neither a handler nor a UI is available, returns `{answer: null, cancelled: true}`.
+ */
+export async function promptUser(ctx, opts, handler) {
+    // Priority: injected handler > UI > no-UI fallback.
+    if (handler) {
+        const result = await handler({
+            question: opts.question,
+            questionType: opts.questionType,
+            options: opts.options,
+            placeholder: opts.placeholder,
+            reason: opts.reason,
+        });
+        if (result.cancelled) {
+            return { answer: null, cancelled: true };
+        }
+        return { answer: result.answer ?? null, cancelled: false };
+    }
+    if (!ctx?.hasUI) {
+        return { answer: null, cancelled: true };
+    }
+    switch (opts.questionType) {
+        case "select": {
+            const options = opts.options ?? [];
+            if (options.length === 0) {
+                return { answer: null, cancelled: true };
+            }
+            const choice = await ctx.ui.select(opts.question, options);
+            if (choice === undefined) {
+                return { answer: null, cancelled: true };
+            }
+            return { answer: choice, cancelled: false };
+        }
+        case "text": {
+            const input = await ctx.ui.input(opts.question, opts.placeholder ?? "");
+            if (input === undefined || input.trim() === "") {
+                return { answer: null, cancelled: true };
+            }
+            return { answer: input.trim(), cancelled: false };
+        }
+        case "confirm": {
+            const confirmed = await ctx.ui.confirm(opts.question, opts.reason ?? "");
+            return { answer: confirmed ? "Yes" : "No", cancelled: false };
+        }
+    }
+}
+//# sourceMappingURL=prompt-user.js.map

package/dist/onboarding/prompt-user.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"prompt-user.js","sourceRoot":"","sources":["../../src/onboarding/prompt-user.ts"],"names":[],"mappings":"AAAA,mEAAmE;AACnE,gEAAgE;AAChE,EAAE;AACF,2EAA2E;AAC3E,2EAA2E;AAC3E,2EAA2E;AAC3E,0EAA0E;AAC1E,0CAA0C;AAkB1C;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAqB,EACrB,IAAmB,EACnB,OAAwB;IAExB,oDAAoD;IACpD,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;QAC3C,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAC7D,CAAC;IAED,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC;QAChB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC3C,CAAC;IAED,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1B,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;YAC3C,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC3D,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;YAC3C,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9C,CAAC;QAED,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACxE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;gBAC/C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;YAC3C,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QACpD,CAAC;QAED,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;YACzE,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/onboarding/providers.d.ts ADDED Viewed

@@ -0,0 +1,116 @@
+export type ProviderId = "alpha_vantage" | "fred" | "finnhub" | "brave" | "exa";
+export type ProviderCategory = "fundamentals" | "macro" | "news" | "web_search";
+export type ProviderTier = "hard" | "soft";
+export interface ProviderDescriptor {
+    readonly id: ProviderId;
+    readonly displayName: string;
+    readonly category: ProviderCategory;
+    /**
+     * `hard` providers pause the workflow with a just-in-time prompt when their
+     * credential is missing; they have no meaningful fallback.
+     *
+     * `soft` providers silently use a fallback path and surface a post-answer
+     * gap note in the final output.
+     */
+    readonly tier: ProviderTier;
+    /** Lowercase friendly aliases accepted by `/connect` in addition to the id. */
+    readonly aliases: readonly string[];
+    readonly signupUrl: string;
+    readonly freeTier: boolean;
+    readonly envVar: string;
+    /** Nested key path into `OpenCandleFileConfig` where the key is persisted. */
+    readonly configPath: readonly string[];
+    readonly unlocks: readonly string[];
+    /**
+     * Human copy describing the degraded experience when missing, or `null`
+     * when there is no fallback (hard tier).
+     */
+    readonly fallbackDescription: string | null;
+    readonly snoozeDurationDays: number;
+    readonly instructionsHint: string;
+}
+export declare const PROVIDERS: readonly [{
+    readonly id: "alpha_vantage";
+    readonly displayName: "Alpha Vantage";
+    readonly category: "fundamentals";
+    readonly tier: "hard";
+    readonly aliases: readonly ["financials", "fundamentals", "company-financials", "alphavantage"];
+    readonly signupUrl: "https://www.alphavantage.co/support/#api-key";
+    readonly freeTier: true;
+    readonly envVar: "ALPHA_VANTAGE_API_KEY";
+    readonly configPath: readonly ["providers", "alphaVantage", "apiKey"];
+    readonly unlocks: readonly ["company fundamentals", "income/balance/cashflow statements", "DCF valuation", "earnings history"];
+    readonly fallbackDescription: null;
+    readonly snoozeDurationDays: 7;
+    readonly instructionsHint: "Free, about 30 seconds, signup opens in your browser";
+}, {
+    readonly id: "fred";
+    readonly displayName: "FRED";
+    readonly category: "macro";
+    readonly tier: "hard";
+    readonly aliases: readonly ["economy", "macro", "economic-data", "st-louis-fed"];
+    readonly signupUrl: "https://fredaccount.stlouisfed.org/apikeys";
+    readonly freeTier: true;
+    readonly envVar: "FRED_API_KEY";
+    readonly configPath: readonly ["providers", "fred", "apiKey"];
+    readonly unlocks: readonly ["interest rates", "inflation data", "yield curve", "economic indicators"];
+    readonly fallbackDescription: null;
+    readonly snoozeDurationDays: 7;
+    readonly instructionsHint: "Free, about 30 seconds, requires a St. Louis Fed account";
+}, {
+    readonly id: "finnhub";
+    readonly displayName: "Finnhub";
+    readonly category: "news";
+    readonly tier: "soft";
+    readonly aliases: readonly ["news", "company-news", "finnhub-news"];
+    readonly signupUrl: "https://finnhub.io/register";
+    readonly freeTier: true;
+    readonly envVar: "FINNHUB_API_KEY";
+    readonly configPath: readonly ["providers", "finnhub", "apiKey"];
+    readonly unlocks: readonly ["ticker-tagged company news", "sentiment enrichment with a dedicated news source"];
+    readonly fallbackDescription: "Other sentiment sources (Reddit, Twitter, web search) continue to work without Finnhub";
+    readonly snoozeDurationDays: 7;
+    readonly instructionsHint: "Free, about 30 seconds, signup opens in your browser";
+}, {
+    readonly id: "brave";
+    readonly displayName: "Brave Search";
+    readonly category: "web_search";
+    readonly tier: "soft";
+    readonly aliases: readonly ["brave", "brave-search"];
+    readonly signupUrl: "https://brave.com/search/api/";
+    readonly freeTier: true;
+    readonly envVar: "BRAVE_API_KEY";
+    readonly configPath: readonly ["providers", "brave", "apiKey"];
+    readonly unlocks: readonly ["tier-2 web search with freshness control", "independent search index outside of DuckDuckGo"];
+    readonly fallbackDescription: "Web search continues to work via DuckDuckGo (free, no key needed, lower-quality freshness)";
+    readonly snoozeDurationDays: 7;
+    readonly instructionsHint: "Free tier available, signup opens in your browser";
+}, {
+    readonly id: "exa";
+    readonly displayName: "Exa";
+    readonly category: "web_search";
+    readonly tier: "soft";
+    readonly aliases: readonly ["exa", "exa-search"];
+    readonly signupUrl: "https://dashboard.exa.ai/";
+    readonly freeTier: false;
+    readonly envVar: "EXA_API_KEY";
+    readonly configPath: readonly ["providers", "exa", "apiKey"];
+    readonly unlocks: readonly ["tier-1 semantic web search", "full article text and highlights", "higher freshness accuracy than DuckDuckGo"];
+    readonly fallbackDescription: "Exa search continues to work via the keyless Exa MCP endpoint, which has lower rate limits but similar quality";
+    readonly snoozeDurationDays: 7;
+    readonly instructionsHint: "Paid with free tier, signup opens in your browser";
+}];
+export declare function listAllProviders(): readonly ProviderDescriptor[];
+export declare function getProvider(id: ProviderId): ProviderDescriptor;
+export declare function getProvidersByCategory(category: ProviderCategory): readonly ProviderDescriptor[];
+export declare function getProvidersByTier(tier: ProviderTier): readonly ProviderDescriptor[];
+export declare function hasCredential(id: ProviderId): boolean;
+export declare function getCredentialSource(id: ProviderId): "env" | "file" | "absent";
+export declare function getCredential(id: ProviderId): {
+    source: "env" | "file";
+    value: string;
+} | {
+    source: "absent";
+    value?: undefined;
+};
+export declare function resolveProviderFromArgument(arg: string): ProviderDescriptor | readonly ProviderDescriptor[] | undefined;