opencode-swarm 6.38.0 → 6.39.0

package/LICENSE

@@ -1,21 +1,21 @@
-MIT License
-
-Copyright (c) 2025
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+MIT License
+
+Copyright (c) 2025
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/cli/index.js

@@ -5,43 +5,25 @@ var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-function __accessProp(key) {
-  return this[key];
-}
-var __toESMCache_node;
-var __toESMCache_esm;
 var __toESM = (mod, isNodeMode, target) => {
-  var canCache = mod != null && typeof mod === "object";
-  if (canCache) {
-    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
-    var cached = cache.get(mod);
-    if (cached)
-      return cached;
-  }
   target = mod != null ? __create(__getProtoOf(mod)) : {};
   const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
   for (let key of __getOwnPropNames(mod))
     if (!__hasOwnProp.call(to, key))
       __defProp(to, key, {
-        get: __accessProp.bind(mod, key),
+        get: () => mod[key],
         enumerable: true
       });
-  if (canCache)
-    cache.set(mod, to);
   return to;
 };
 var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
-var __returnValue = (v) => v;
-function __exportSetter(name, newValue) {
-  this[name] = __returnValue.bind(null, newValue);
-}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: __exportSetter.bind(all, name)
+      set: (newValue) => all[name] = () => newValue
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
@@ -17620,7 +17602,13 @@ var TOOL_NAMES = [
   "update_task_status",
   "write_retro",
   "declare_scope",
-  "knowledge_query"
+  "knowledge_query",
+  "doc_scan",
+  "doc_extract",
+  "curator_analyze",
+  "knowledgeAdd",
+  "knowledgeRecall",
+  "knowledgeRemove"
 ];
 var TOOL_NAME_SET = new Set(TOOL_NAMES);
 
@@ -17645,6 +17633,7 @@ var AGENT_TOOL_MAP = {
   architect: [
     "checkpoint",
     "check_gate_status",
+    "completion_verify",
     "complexity_hotspots",
     "detect_domains",
     "evidence_check",
@@ -17656,6 +17645,7 @@ var AGENT_TOOL_MAP = {
     "diff",
     "pkg_audit",
     "pre_check_batch",
+    "quality_budget",
     "retrieve_summary",
     "save_plan",
     "schema_drift",
@@ -17665,7 +17655,19 @@ var AGENT_TOOL_MAP = {
     "todo_extract",
     "update_task_status",
     "write_retro",
-    "declare_scope"
+    "declare_scope",
+    "sast_scan",
+    "sbom_generate",
+    "build_check",
+    "syntax_check",
+    "placeholder_scan",
+    "phase_complete",
+    "doc_scan",
+    "doc_extract",
+    "curator_analyze",
+    "knowledgeAdd",
+    "knowledgeRecall",
+    "knowledgeRemove"
   ],
   explorer: [
     "complexity_hotspots",
@@ -17676,7 +17678,9 @@ var AGENT_TOOL_MAP = {
     "retrieve_summary",
     "schema_drift",
     "symbols",
-    "todo_extract"
+    "todo_extract",
+    "doc_scan",
+    "knowledgeRecall"
   ],
   coder: [
     "diff",
@@ -17684,7 +17688,11 @@ var AGENT_TOOL_MAP = {
     "lint",
     "symbols",
     "extract_code_blocks",
-    "retrieve_summary"
+    "retrieve_summary",
+    "build_check",
+    "syntax_check",
+    "knowledgeAdd",
+    "knowledgeRecall"
   ],
   test_engineer: [
     "test_runner",
@@ -17694,7 +17702,9 @@ var AGENT_TOOL_MAP = {
     "retrieve_summary",
     "imports",
     "complexity_hotspots",
-    "pkg_audit"
+    "pkg_audit",
+    "build_check",
+    "syntax_check"
   ],
   sme: [
     "complexity_hotspots",
@@ -17703,7 +17713,8 @@ var AGENT_TOOL_MAP = {
     "imports",
     "retrieve_summary",
     "schema_drift",
-    "symbols"
+    "symbols",
+    "knowledgeRecall"
   ],
   reviewer: [
     "diff",
@@ -17716,28 +17727,34 @@ var AGENT_TOOL_MAP = {
     "complexity_hotspots",
     "retrieve_summary",
     "extract_code_blocks",
-    "test_runner"
+    "test_runner",
+    "sast_scan",
+    "placeholder_scan",
+    "knowledgeRecall"
   ],
   critic: [
     "complexity_hotspots",
     "detect_domains",
     "imports",
     "retrieve_summary",
-    "symbols"
+    "symbols",
+    "knowledgeRecall"
   ],
   critic_sounding_board: [
     "complexity_hotspots",
     "detect_domains",
     "imports",
     "retrieve_summary",
-    "symbols"
+    "symbols",
+    "knowledgeRecall"
   ],
   critic_drift_verifier: [
     "complexity_hotspots",
     "detect_domains",
     "imports",
     "retrieve_summary",
-    "symbols"
+    "symbols",
+    "knowledgeRecall"
   ],
   docs: [
     "detect_domains",
@@ -17747,9 +17764,15 @@ var AGENT_TOOL_MAP = {
     "retrieve_summary",
     "schema_drift",
     "symbols",
-    "todo_extract"
+    "todo_extract",
+    "knowledgeRecall"
   ],
-  designer: ["extract_code_blocks", "retrieve_summary", "symbols"]
+  designer: [
+    "extract_code_blocks",
+    "retrieve_summary",
+    "symbols",
+    "knowledgeRecall"
+  ]
 };
 for (const [agentName, tools] of Object.entries(AGENT_TOOL_MAP)) {
   const invalidTools = tools.filter((tool) => !TOOL_NAME_SET.has(tool));
@@ -35947,6 +35970,38 @@ var build_discovery = tool({
 
 // src/tools/lint.ts
 init_utils();
+
+// src/utils/path-security.ts
+function containsPathTraversal(str) {
+  if (/\.\.[/\\]/.test(str))
+    return true;
+  if (/(?:^|[/\\])\.\.(?:[/\\]|$)/.test(str))
+    return true;
+  if (/%2e%2e/i.test(str))
+    return true;
+  if (/%2e\./i.test(str))
+    return true;
+  if (/%2e/i.test(str) && /\.\./.test(str))
+    return true;
+  if (/%252e%252e/i.test(str))
+    return true;
+  if (/\uff0e/.test(str))
+    return true;
+  if (/\u3002/.test(str))
+    return true;
+  if (/\uff65/.test(str))
+    return true;
+  if (/%2f/i.test(str))
+    return true;
+  if (/%5c/i.test(str))
+    return true;
+  return false;
+}
+function containsControlChars(str) {
+  return /[\0\t\r\n]/.test(str);
+}
+
+// src/tools/lint.ts
 var MAX_OUTPUT_BYTES = 512000;
 var MAX_COMMAND_LENGTH = 500;
 function validateArgs(args) {
@@ -36516,19 +36571,6 @@ function isHighEntropyString(str) {
   const entropy = calculateShannonEntropy(str);
   return entropy > 4;
 }
-function containsPathTraversal(str) {
-  if (/\.\.[/\\]/.test(str))
-    return true;
-  if (/[/\\]\.\.$/.test(str) || str === "..")
-    return true;
-  if (/\.\.[/\\]/.test(path18.normalize(str.replace(/\*/g, "x"))))
-    return true;
-  if (str.includes("%2e%2e") || str.includes("%2E%2E"))
-    return true;
-  if (str.includes("..") && /%2e/i.test(str))
-    return true;
-  return false;
-}
 function validateExcludePattern(exc) {
   if (exc.length === 0)
     return null;
@@ -36581,9 +36623,6 @@ function isExcluded(entry, relPath, exactNames, globPatterns) {
   }
   return false;
 }
-function containsControlChars(str) {
-  return /[\0\t\r\n]/.test(str);
-}
 function validateDirectoryInput(dir) {
   if (!dir || dir.length === 0) {
     return "directory is required";
@@ -37024,31 +37063,6 @@ var MAX_COMMAND_LENGTH2 = 500;
 var DEFAULT_TIMEOUT_MS = 60000;
 var MAX_TIMEOUT_MS = 300000;
 var MAX_SAFE_TEST_FILES = 50;
-function containsPathTraversal2(str) {
-  if (/\.\.[/\\]/.test(str))
-    return true;
-  if (/(?:^|[/\\])\.\.(?:[/\\]|$)/.test(str))
-    return true;
-  if (/%2e%2e/i.test(str))
-    return true;
-  if (/%2e\./i.test(str))
-    return true;
-  if (/%2e/i.test(str) && /\.\./.test(str))
-    return true;
-  if (/%252e%252e/i.test(str))
-    return true;
-  if (/\uff0e/.test(str))
-    return true;
-  if (/\u3002/.test(str))
-    return true;
-  if (/\uff65/.test(str))
-    return true;
-  if (/%2f/i.test(str))
-    return true;
-  if (/%5c/i.test(str))
-    return true;
-  return false;
-}
 function isAbsolutePath(str) {
   if (str.startsWith("/"))
     return true;
@@ -37060,9 +37074,6 @@ function isAbsolutePath(str) {
     return true;
   return false;
 }
-function containsControlChars2(str) {
-  return /[\x00-\x08\x0a\x0b\x0c\x0d\x0e-\x1f\x7f\x80-\x9f]/.test(str);
-}
 var POWERSHELL_METACHARACTERS = /[|;&`$(){}[\]<>"'#*?\x00-\x1f]/;
 function containsPowerShellMetacharacters(str) {
   return POWERSHELL_METACHARACTERS.test(str);
@@ -37084,9 +37095,9 @@ function validateArgs2(args) {
         return false;
       if (isAbsolutePath(f))
         return false;
-      if (containsPathTraversal2(f))
+      if (containsPathTraversal(f))
         return false;
-      if (containsControlChars2(f))
+      if (containsControlChars(f))
         return false;
       if (containsPowerShellMetacharacters(f))
         return false;
@@ -37909,7 +37920,7 @@ var test_runner = createSwarmTool({
       };
       return JSON.stringify(errorResult, null, 2);
     }
-    if (containsControlChars2(workingDir)) {
+    if (containsControlChars(workingDir)) {
       const errorResult = {
         success: false,
         framework: "none",
@@ -37918,7 +37929,7 @@ var test_runner = createSwarmTool({
       };
       return JSON.stringify(errorResult, null, 2);
     }
-    if (containsPathTraversal2(workingDir)) {
+    if (containsPathTraversal(workingDir)) {
       const errorResult = {
         success: false,
         framework: "none",