salmon-loop 0.4.1 → 0.5.0

package/dist/cli/authorization/provider.js

@@ -1,6 +1,5 @@
 import { createInterface } from 'readline/promises';
-import { getLogger } from '../../core/facades/cli-authorization-provider.js';
-import { TOOL_AUTH_CONFIG } from '../config.js';
+import { DEFAULT_TOOL_AUTH, getLogger } from '../../core/facades/cli-authorization-provider.js';
 import { text } from '../locales/index.js';
 import { getPendingAuthorization, requestAuthorization } from '../ui/authorization/bus.js';
 import { loadAllowlistDecision, persistAllowlistDecision } from './allowlist.js';
@@ -27,14 +26,7 @@ const shouldAutoAllow = (request, config) => {
 const resolveConfig = (config) => {
     if (config)
         return config;
-    return {
-        sessionTtlMs: TOOL_AUTH_CONFIG.SESSION_TTL_MS,
-        autoAllowRisk: TOOL_AUTH_CONFIG.AUTO_ALLOW_RISK,
-        allowlist: {
-            repoFile: '.salmonloop/config/authorization.json',
-            userFile: '~/.salmonloop/config/authorization-user.json',
-        },
-    };
+    return DEFAULT_TOOL_AUTH;
 };
 export function createUiAuthorizationProvider(options) {
     const pending = new Map();

package/dist/cli/commands/config.js

@@ -169,9 +169,9 @@ const permissionModeSubcommand = {
     usage: text.cli.configPermissionModeUsage,
     getSuggestions: (ctx) => modeCommand.getSuggestions?.({
         ...ctx,
-        input: delegateInputToCommand(ctx.input, '/mode'),
+        input: delegateInputToCommand(ctx.input, '/permission-mode'),
     }) ?? [],
-    execute: async (ctx) => modeCommand.execute({ ...ctx, input: delegateInputToCommand(ctx.input, '/mode') }),
+    execute: async (ctx) => modeCommand.execute({ ...ctx, input: delegateInputToCommand(ctx.input, '/permission-mode') }),
 };
 const outputSubcommand = {
     name: 'output',

package/dist/cli/commands/mode.js

@@ -41,8 +41,8 @@ async function persistPermissionMode(repoRoot, mode) {
     return configPath;
 }
 export const modeCommand = {
-    name: '/mode',
-    aliases: ['/permission-mode', '/perm-mode'],
+    name: '/permission-mode',
+    aliases: ['/mode', '/perm-mode'],
     description: text.cli.commandMode,
     order: 53,
     getSuggestions: ({ input }) => {

package/dist/cli/commands/run/handler.js

@@ -201,6 +201,7 @@ export async function handleRunCommand(options, command) {
     const llmOutput = runtimeOptions.llmOutput;
     const effectiveVerify = runtimeOptions.effectiveVerify;
     const effectiveWorktreePrepare = runtimeOptions.effectiveWorktreePrepare;
+    const verifyPolicyOverride = runtimeOptions.verifyPolicyOverride;
     const instructionGuard = ensureInstructionOrExit({
         command,
         instruction,
@@ -303,7 +304,7 @@ export async function handleRunCommand(options, command) {
     }
     const extensionResolution = extensionsResult.extensionResolution;
     const operationalHeadlessWarnings = [];
-    if (!effectiveVerify) {
+    if (!effectiveVerify && !verifyPolicyOverride) {
         if (!headlessOutput) {
             getLogger().warn(text.verify.noCommandFound);
         }
@@ -399,6 +400,7 @@ export async function handleRunCommand(options, command) {
         const loopParams = buildRunLoopParams({
             instruction: instructionText,
             verify: effectiveVerify,
+            verifyPolicy: verifyPolicyOverride,
             repoPath: runPath,
             llm,
             languagePlugins,

package/dist/cli/commands/run/loop-params.js

@@ -3,6 +3,7 @@ export function buildRunLoopParams(params) {
     return {
         instruction: params.instruction,
         verify: params.verify,
+        verifyPolicy: params.verifyPolicy,
         repoPath: params.repoPath,
         llm: params.llm,
         conversationContext: params.conversationContext,

package/dist/cli/commands/run/runtime-options.js

@@ -25,6 +25,8 @@ export async function resolveRunRuntimeOptions(params) {
     }
     const effectiveVerify = await resolveVerifyOption(params.repoPath, params.cliOptions.verify, params.resolvedConfig.verify.command, { quiet: params.headlessOutput });
     const effectiveWorktreePrepare = await resolveWorktreePrepareOption(params.repoPath, params.cliOptions.checkpointStrategy, params.cliOptions.worktreePrepare, { quiet: params.headlessOutput });
-    return { ok: true, llmOutput, effectiveVerify, effectiveWorktreePrepare };
+    // When --no-verify is explicit, override verifyPolicy to 'never'
+    const verifyPolicyOverride = params.cliOptions.verify === false && effectiveVerify === undefined ? 'never' : undefined;
+    return { ok: true, llmOutput, effectiveVerify, effectiveWorktreePrepare, verifyPolicyOverride };
 }
 //# sourceMappingURL=runtime-options.js.map

package/dist/cli/config.js

@@ -5,12 +5,4 @@ export const CHAT_QUEUE_CONFIG = {
     THINKING_MIN_VISIBLE_MS: 150, // Reduced from 300ms to minimize perceived lag
     TASK_TIMEOUT_MS: 10 * 60 * 1000,
 };
-export const TOOL_AUTH_CONFIG = {
-    SESSION_TTL_MS: 30 * 60 * 1000,
-    AUTO_ALLOW_RISK: {
-        low: true,
-        medium: false,
-        high: false,
-    },
-};
 //# sourceMappingURL=config.js.map

package/dist/cli/locales/en.js

@@ -19,7 +19,7 @@ export const en = {
     chatCommandHistory: '  /history      - Show iteration history',
     chatCommandQueue: '  /queue        - Manage the chat queue',
     chatCommandAuth: '  /config allowlist - Manage tool allowlist',
-    chatCommandMode: '  /mode         - Set permission mode (interactive/yolo)',
+    chatCommandMode: '  /permission-mode - Set permission mode (interactive/yolo)',
     chatCommandConfig: '  /config           - Settings (log-mode/view/output/allowlist/permission-mode)',
     chatSessionSaved: 'Session saved. Goodbye!',
     chatThinking: 'Thinking...',
@@ -108,7 +108,7 @@ export const en = {
     llmOutputUnavailable: 'LLM output configuration is unavailable in this mode.',
     llmOutputPersisted: (path) => `LLM output settings saved to ${path}`,
     llmOutputPersistFailed: (reason) => `Failed to save LLM output settings: ${reason}`,
-    modeUsage: 'Usage: /mode <interactive|yolo>',
+    modeUsage: 'Usage: /permission-mode <interactive|yolo>',
     modeSuggestion: (mode) => {
         if (mode === 'interactive')
             return 'Interactive permission checks and allowlist rules';

package/dist/cli/reporters/standard.js

@@ -110,6 +110,16 @@ export class StandardReporter {
             getLogger().info(text.cli.budgetSummaryTitle);
             getLogger().info(text.cli.budgetSummaryLine(s.attemptCount, s.adjustmentCount, s.alertCount, s.criticalDropCount, Math.round(s.avgUtilization * 100), Math.round(s.truncationRate * 100), Math.round(s.successRate * 100)));
         }
+        if (result.usage) {
+            const u = result.usage;
+            const tokenLine = `Tokens: ${u.inputTokens.toLocaleString()} in / ${u.outputTokens.toLocaleString()} out (${u.totalTokens.toLocaleString()} total)`;
+            if (u.estimatedCost !== undefined && u.estimatedCost > 0) {
+                getLogger().info(`${tokenLine} | Est. cost: $${u.estimatedCost.toFixed(2)}`);
+            }
+            else {
+                getLogger().info(tokenLine);
+            }
+        }
         if (this.verbose && result.logs) {
             getLogger().log('\n' + chalk.bold(text.cli.stepLogs));
             result.logs.forEach((log) => {

package/dist/core/adapters/fs/file-adapter.js

@@ -1,5 +1,6 @@
 import { promises as fs, constants } from 'fs';
 import * as path from 'path';
+import { getLogger } from '../../observability/logger.js';
 import { AtomicFileWriter } from './atomic-file-writer.js';
 /**
  * Unified file system adapter for all file operations.
@@ -45,7 +46,8 @@ export class FileAdapter {
             await fs.access(filePath);
             return true;
         }
-        catch {
+        catch (error) {
+            getLogger().debug(`[FileAdapter] exists check failed: ${error instanceof Error ? error.message : String(error)}`);
             return false;
         }
     }

package/dist/core/adapters/git/git-adapter.js

@@ -662,8 +662,9 @@ export class GitAdapter {
             // Example: /tmp -> /private/tmp on macOS
             tmpReal = realpathSync(tmpResolved);
         }
-        catch {
+        catch (error) {
             // Fall back to resolved path. If tmp is not realpath-resolvable, prefer denying shadow checks elsewhere.
+            getLogger().debug(`[GitAdapter] realpath resolve failed for tmpdir: ${error instanceof Error ? error.message : String(error)}`);
             tmpReal = tmpResolved;
         }
         return path.join(tmpReal, 's8p-wt');
@@ -674,7 +675,8 @@ export class GitAdapter {
         try {
             repoReal = realpathSync(repoResolved);
         }
-        catch {
+        catch (error) {
+            getLogger().debug(`[GitAdapter] realpath resolve failed for repo: ${error instanceof Error ? error.message : String(error)}`);
             repoReal = repoResolved;
         }
         const parent = path.dirname(repoReal);
@@ -721,7 +723,8 @@ export class GitAdapter {
             // Prevents attacker from creating a symlink to main repo inside shadow root
             repo = realpathSync(repoResolved);
         }
-        catch {
+        catch (error) {
+            getLogger().debug(`[GitAdapter] realpath resolve failed for shadow check: ${error instanceof Error ? error.message : String(error)}`);
             repo = repoResolved;
         }
         if (isPathWithinDirectory(expectedRoot, repo, { allowEqual: false }))

package/dist/core/adapters/git/git-runner.js

@@ -1,6 +1,7 @@
 import { realpathSync } from 'fs';
 import path from 'path';
 import { LIMITS } from '../../config/limits.js';
+import { getLogger } from '../../observability/logger.js';
 import { spawnCommand } from '../../runtime/process-runner.js';
 function assertCwdSandboxed(repoRoot, cwd) {
     const resolvedRoot = path.resolve(repoRoot);
@@ -10,13 +11,15 @@ function assertCwdSandboxed(repoRoot, cwd) {
     try {
         realRoot = realpathSync(resolvedRoot);
     }
-    catch {
+    catch (error) {
+        getLogger().debug(`[GitRunner] realpath resolve failed for root: ${error instanceof Error ? error.message : String(error)}`);
         realRoot = resolvedRoot;
     }
     try {
         realCwd = realpathSync(resolvedCwd);
     }
-    catch {
+    catch (error) {
+        getLogger().debug(`[GitRunner] realpath resolve failed for cwd: ${error instanceof Error ? error.message : String(error)}`);
         realCwd = resolvedCwd;
     }
     const rel = path.relative(realRoot, realCwd);

package/dist/core/adapters/git/lock-manager.js

@@ -96,8 +96,9 @@ export class FileHandleManager {
                     const fs = await import('fs/promises');
                     await fs.unlink(lockFile);
                 }
-                catch {
-                    // Ignore
+                catch (error) {
+                    // Ignore - best-effort force unlock
+                    getLogger().debug(`[LockManager] force unlock failed: ${error instanceof Error ? error.message : String(error)}`);
                 }
             }
             while (Date.now() - start < LIMITS.lockWaitTimeoutMs) {
@@ -142,9 +143,10 @@ export class FileHandleManager {
                                 continue; // Retry immediately after removing stale lock
                             }
                         }
-                        catch {
+                        catch (error) {
                             // If the lock file is unreadable, we cannot safely determine ownership.
                             // Do not auto-remove in this path; rely on timeout-based recovery instead.
+                            getLogger().debug(`[LockManager] lock file unreadable during stale check: ${error instanceof Error ? error.message : String(error)}`);
                         }
                         // Exponential backoff: delay increases with retry count, capped at 2000ms
                         retryCount++;
@@ -159,8 +161,9 @@ export class FileHandleManager {
                             await mkdir(repoPath, { recursive: true });
                             continue; // Retry immediately
                         }
-                        catch {
+                        catch (error) {
                             // If mkdir fails, just wait and retry
+                            getLogger().debug(`[LockManager] mkdir fallback failed: ${error instanceof Error ? error.message : String(error)}`);
                         }
                         await this.abortableDelay(LIMITS.retry.io.initialDelayMs, hardAbort.signal);
                     }

package/dist/core/checkpoint-domain/manifest-store.js

@@ -2,6 +2,7 @@ import { createHash } from 'crypto';
 import { mkdir, open, readFile, rename, stat, unlink, writeFile } from '../adapters/fs/node-fs.js';
 import { defaultPathAdapter } from '../adapters/path/path-adapter.js';
 import { recordAuditEvent } from '../observability/audit-trail.js';
+import { getLogger } from '../observability/logger.js';
 import { getUserCheckpointManifestDir } from '../runtime/paths.js';
 const CHECKPOINT_MANIFEST_FILENAME_V2 = 'manifest.v2.json';
 const CHECKPOINT_MANIFEST_FILENAME_V1 = 'manifest.v1.json';
@@ -131,7 +132,8 @@ async function withManifestLock(repoPath, operation, lockPolicy) {
                 lockPathHash,
             }, { source: 'runtime', severity: 'low', scope: 'session', phase: 'PREFLIGHT' });
         }
-        catch {
+        catch (error) {
+            getLogger().debug(`[ManifestStore] Stale lock reclaim failed: ${error instanceof Error ? error.message : String(error)}`);
             try {
                 const lockStat = await stat(lockPath);
                 const ageMs = Date.now() - lockStat.mtimeMs;
@@ -144,8 +146,9 @@ async function withManifestLock(repoPath, operation, lockPolicy) {
                     }, { source: 'runtime', severity: 'medium', scope: 'session', phase: 'PREFLIGHT' });
                 }
             }
-            catch {
+            catch (error) {
                 // Ignore lock probe failures; retry loop handles contention.
+                getLogger().debug(`[ManifestStore] Lock probe failed: ${error instanceof Error ? error.message : String(error)}`);
             }
         }
     };
@@ -156,7 +159,8 @@ async function withManifestLock(repoPath, operation, lockPolicy) {
             await handle.writeFile(JSON.stringify({ pid: process.pid, createdAtMs: Date.now() }), 'utf8');
             break;
         }
-        catch {
+        catch (error) {
+            getLogger().debug(`[ManifestStore] Lock acquisition attempt failed: ${error instanceof Error ? error.message : String(error)}`);
             await tryClearStaleLock();
             await new Promise((resolve) => setTimeout(resolve, 30 * (attempt + 1)));
         }
@@ -185,14 +189,14 @@ async function withManifestLock(repoPath, operation, lockPolicy) {
         try {
             await handle.close();
         }
-        catch {
-            // ignore
+        catch (error) {
+            getLogger().debug(`[ManifestStore] Failed to close lock handle: ${error instanceof Error ? error.message : String(error)}`);
         }
         try {
             await unlink(lockPath);
         }
-        catch {
-            // ignore
+        catch (error) {
+            getLogger().debug(`[ManifestStore] Failed to unlink lock file: ${error instanceof Error ? error.message : String(error)}`);
         }
     }
 }
@@ -204,7 +208,8 @@ export async function readCheckpointManifest(repoPath) {
         try {
             return normalizeManifest(JSON.parse(raw));
         }
-        catch {
+        catch (error) {
+            getLogger().warn(`[ManifestStore] v2 manifest parse error, triggering self-heal: ${error instanceof Error ? error.message : String(error)}`);
             await selfHealCorruptedManifest({
                 repoPath,
                 manifestPath: manifestV2Path,
@@ -214,15 +219,16 @@ export async function readCheckpointManifest(repoPath) {
             });
         }
     }
-    catch {
-        // fallback to legacy v1 file
+    catch (error) {
+        getLogger().debug(`[ManifestStore] v2 manifest read failed, falling back to v1: ${error instanceof Error ? error.message : String(error)}`);
     }
     try {
         const raw = await readFile(manifestV1Path, 'utf8');
         try {
             return normalizeManifest(JSON.parse(raw));
         }
-        catch {
+        catch (error) {
+            getLogger().warn(`[ManifestStore] v1 manifest parse error, triggering self-heal: ${error instanceof Error ? error.message : String(error)}`);
             await selfHealCorruptedManifest({
                 repoPath,
                 manifestPath: manifestV1Path,
@@ -233,7 +239,8 @@ export async function readCheckpointManifest(repoPath) {
             return createEmptyManifest();
         }
     }
-    catch {
+    catch (error) {
+        getLogger().debug(`[ManifestStore] v1 manifest read failed, returning empty manifest: ${error instanceof Error ? error.message : String(error)}`);
         return createEmptyManifest();
     }
     return createEmptyManifest();
@@ -333,7 +340,8 @@ export async function probeCheckpointHandle(repoPath, checkpointId) {
             return { handle: null, reason: 'not_found' };
         return { handle, reason: 'ok' };
     }
-    catch {
+    catch (error) {
+        getLogger().debug(`[ManifestStore] Manifest parse failed during probe: ${error instanceof Error ? error.message : String(error)}`);
         return { handle: null, reason: 'manifest_parse_error' };
     }
 }

package/dist/core/checkpoint-domain/service.js

@@ -1,3 +1,4 @@
+import { getLogger } from '../observability/logger.js';
 import { CheckpointManager } from '../strata/checkpoint/manager.js';
 import { garbageCollectManifest, linkSessionToCheckpoint, probeCheckpointHandle, readCheckpointManifest, removeCheckpointHandle, upsertCheckpointHandle, } from './manifest-store.js';
 export class GitSnapshotCheckpointService {
@@ -74,8 +75,9 @@ export class GitSnapshotCheckpointService {
                 await this.checkpointManager.deleteSnapshot(input.repoPath, checkpointId);
                 refsRemoved += 1;
             }
-            catch {
+            catch (error) {
                 // Best-effort ref reconciliation; manifest remains source of truth.
+                getLogger().debug(`[CheckpointService] snapshot ref cleanup failed for ${checkpointId}: ${error instanceof Error ? error.message : String(error)}`);
             }
         }
         return { removed: manifestGc.removed, refsRemoved };

package/dist/core/config/limits.js

@@ -2,7 +2,7 @@ export const LIMITS = {
     // Patch safety
     maxFilesChanged: 2,
     maxDiffLines: 200,
-    maxRetries: 2,
+    maxRetries: 5,
     // Context budget (token-based, with char fallback)
     maxContextTokens: 7500, // ~30k chars equivalent
     minContextTokens: 1250, // ~5k chars equivalent

package/dist/core/config/model-pricing.js

@@ -0,0 +1,61 @@
+/**
+ * Per-model token pricing (USD per 1M tokens).
+ *
+ * Used to estimate run cost from token counts.
+ * Prices are approximate and should be updated when providers change rates.
+ */
+// prettier-ignore
+export const MODEL_PRICING = {
+    // Anthropic Claude
+    'claude-opus-4-7': { inputPer1M: 15, outputPer1M: 75 },
+    'claude-opus-4-6': { inputPer1M: 15, outputPer1M: 75 },
+    'claude-sonnet-4-6': { inputPer1M: 3, outputPer1M: 15 },
+    'claude-sonnet-4-5': { inputPer1M: 3, outputPer1M: 15 },
+    'claude-haiku-4-5': { inputPer1M: 0.80, outputPer1M: 4 },
+    'claude-haiku-4-5-20251001': { inputPer1M: 0.80, outputPer1M: 4 },
+    'claude-3-opus': { inputPer1M: 15, outputPer1M: 75 },
+    'claude-3-sonnet': { inputPer1M: 3, outputPer1M: 15 },
+    'claude-3-haiku': { inputPer1M: 0.25, outputPer1M: 1.25 },
+    // OpenAI
+    'gpt-4o': { inputPer1M: 2.50, outputPer1M: 10 },
+    'gpt-4o-mini': { inputPer1M: 0.15, outputPer1M: 0.60 },
+    'gpt-4-turbo': { inputPer1M: 10, outputPer1M: 30 },
+    'gpt-4': { inputPer1M: 30, outputPer1M: 60 },
+    'o1': { inputPer1M: 15, outputPer1M: 60 },
+    'o1-mini': { inputPer1M: 3, outputPer1M: 12 },
+    'o3-mini': { inputPer1M: 1.10, outputPer1M: 4.40 },
+    // Google Gemini
+    'gemini-2.5-pro': { inputPer1M: 1.25, outputPer1M: 10 },
+    'gemini-2.5-flash': { inputPer1M: 0.15, outputPer1M: 0.60 },
+    'gemini-2.0-flash': { inputPer1M: 0.10, outputPer1M: 0.40 },
+};
+/**
+ * Look up pricing for a model ID.
+ * Tries exact match first, then prefix match (e.g. "claude-sonnet-4-6-20250514" matches "claude-sonnet-4-6").
+ * Returns undefined if no pricing is available.
+ */
+export function getModelPricing(modelId) {
+    if (!modelId)
+        return undefined;
+    // Exact match
+    if (MODEL_PRICING[modelId])
+        return MODEL_PRICING[modelId];
+    // Prefix match — try longest prefix first
+    const normalized = modelId.toLowerCase();
+    for (const key of Object.keys(MODEL_PRICING)) {
+        if (normalized.startsWith(key))
+            return MODEL_PRICING[key];
+    }
+    return undefined;
+}
+/**
+ * Estimate cost in USD from token counts and model ID.
+ */
+export function estimateCost(inputTokens, outputTokens, modelId) {
+    const pricing = getModelPricing(modelId);
+    if (!pricing)
+        return undefined;
+    return ((inputTokens / 1_000_000) * pricing.inputPer1M +
+        (outputTokens / 1_000_000) * pricing.outputPer1M);
+}
+//# sourceMappingURL=model-pricing.js.map