patchwork-os 0.2.0-alpha.35 → 0.2.0-alpha.37

package/dist/server.d.ts

@@ -1,20 +1,16 @@
 import { EventEmitter } from "node:events";
 import http from "node:http";
 import { WebSocket } from "ws";
+import type { ActivityListener } from "./activityTypes.js";
 import type { Logger } from "./logger.js";
 import type { OAuthServer } from "./oauth.js";
-import type { ActivityListener } from "./activityTypes.js";
 import type { RecipeDraft } from "./recipesHttp.js";
 interface ServerEvents {
     connection: [ws: WebSocket];
     extension: [ws: WebSocket];
 }
-/**
- * Return the CORS origin to reflect, or null if the origin is untrusted.
- * Loopback origins are always allowed. Additional origins can be passed via
- * --cors-origin (e.g. https://claude.ai for remote deployments).
- */
-export declare function corsOrigin(requestOrigin: string | undefined, extraOrigins?: string[]): string | null;
+import { corsOrigin } from "./cors.js";
+export { corsOrigin };
 export interface SessionSummary {
     id: string;
     connectedAt: string;
@@ -38,6 +34,8 @@ export declare class Server extends EventEmitter<ServerEvents> {
     private oauthServer;
     private oauthIssuerUrl;
     private sseSubscriberCount;
+    /** Cache for CC permission rules (30s TTL) to avoid filesystem walks on each dashboard poll */
+    private _explainRulesCache;
     private static readonly MAX_SSE_SUBSCRIBERS;
     /** Set by bridge to provide health data */
     healthDataFn: (() => Record<string, unknown>) | null;
@@ -59,6 +57,19 @@ export declare class Server extends EventEmitter<ServerEvents> {
     }) | null;
     /** Set by bridge to cancel a running/pending task by id. Returns true if found. */
     cancelTaskFn: ((id: string) => boolean) | null;
+    /** Patchwork: set by bridge to set the trust level for a recipe by name. */
+    setRecipeTrustFn: ((name: string, level: string) => {
+        ok: boolean;
+        error?: string;
+    }) | null;
+    /** Patchwork: set by bridge to generate a recipe YAML draft from a natural-language prompt. */
+    generateRecipeFn: ((prompt: string) => Promise<{
+        ok: boolean;
+        yaml?: string;
+        warnings?: string[];
+        error?: string;
+        unavailable?: boolean;
+    }>) | null;
     /** Patchwork: set by bridge to list installed recipes for the dashboard. */
     recipesFn: (() => Record<string, unknown>) | null;
     /** Patchwork: set by bridge to load raw recipe source content by name. */
@@ -79,6 +90,22 @@ export declare class Server extends EventEmitter<ServerEvents> {
         path?: string;
         error?: string;
     }) | null;
+    /** Patchwork: set by bridge to promote a variant recipe to the canonical name. */
+    promoteRecipeVariantFn: ((variantName: string, targetName: string, options?: {
+        force?: boolean;
+    }) => Promise<{
+        ok: boolean;
+        path?: string;
+        error?: string;
+        targetExists?: boolean;
+    }>) | null;
+    /** Patchwork: set by bridge to duplicate a recipe as a variant. */
+    duplicateRecipeFn: ((name: string) => {
+        ok: boolean;
+        variantName?: string;
+        path?: string;
+        error?: string;
+    }) | null;
     /** Patchwork: set by bridge to lint raw recipe content without saving. */
     lintRecipeContentFn: ((content: string) => {
         ok: boolean;
@@ -133,6 +160,26 @@ export declare class Server extends EventEmitter<ServerEvents> {
     pushServiceBaseUrl: string | undefined;
     /** Patchwork: approval decision audit callback wired to activityLog.recordEvent. */
     onApprovalDecision: ((event: string, meta: Record<string, unknown>) => void) | undefined;
+    /**
+     * Patchwork: activity log handle, used by approvalHttp to compute
+     * passive risk personalization signals (`src/approvalSignals.ts`).
+     * When unset, personalSignals are simply omitted from queue entries.
+     */
+    activityLog: import("./activityLog.js").ActivityLog | undefined;
+    /**
+     * Patchwork: recipe-run log handle, used by approvalHttp for the
+     * "recipe-step trust" heuristic (h6 in src/approvalSignals.ts). When
+     * unset, h6 is silently skipped; the other personalSignals heuristics
+     * still compute as long as `activityLog` is wired.
+     */
+    recipeRunLog: import("./runLog.js").RecipeRunLog | undefined;
+    /**
+     * Patchwork: opt-in switch for personalSignals heuristic 10
+     * (time-of-day anomaly). Off by default — see config.ts. Threaded into
+     * routeApprovalRequest deps so the personalSignals computation honors
+     * the user's preference.
+     */
+    enableTimeOfDayAnomaly: boolean;
     /** Patchwork: set by bridge to match + fire webhook-triggered recipes. */
     webhookFn: ((path: string, payload: unknown) => Promise<{
         ok: boolean;
@@ -140,6 +187,23 @@ export declare class Server extends EventEmitter<ServerEvents> {
         name?: string;
         error?: string;
     }>) | null;
+    /**
+     * Patchwork: ring buffer of recent webhook payloads, keyed by path
+     * (e.g. "/incident-war-room"). The last MAX_WEBHOOK_PAYLOADS entries are
+     * retained per path so the dashboard can show what the recipe most
+     * recently received — answers "did the trigger fire? what did it send?"
+     * without forcing the user to dig through bridge logs. In-memory only;
+     * cleared on restart.
+     */
+    webhookPayloads: Map<string, {
+        receivedAt: number;
+        payload: unknown;
+        ok: boolean;
+        error?: string;
+        taskId?: string;
+        recipeName?: string;
+    }[]>;
+    static readonly MAX_WEBHOOK_PAYLOADS = 5;
     /** Set by bridge to handle MCP Streamable HTTP sessions (POST/GET/DELETE /mcp) */
     httpMcpHandler: ((req: http.IncomingMessage, res: http.ServerResponse) => Promise<void>) | null;
     /** Set by bridge to subscribe a caller to real-time activity events. Returns unsubscribe fn. */
@@ -172,8 +236,6 @@ export declare class Server extends EventEmitter<ServerEvents> {
     }) | null;
     /** Patchwork: set by bridge to list active agent sessions for the dashboard. */
     sessionsFn: (() => SessionSummary[]) | null;
-    private _templatesCache;
-    private _templatesCacheTs;
     /** Patchwork: set by bridge to answer GET /sessions/:id with per-session event stream + approvals. */
     sessionDetailFn: ((id: string) => {
         summary: SessionSummary | null;
@@ -211,4 +273,3 @@ export declare class Server extends EventEmitter<ServerEvents> {
     findAndListen(preferredPort: number | null, bindAddress?: string): Promise<number>;
     close(): Promise<void>;
 }
-export {};