npm - smol-symphony - Versions diffs - 0.2.0 → 0.3.0 - Mend

smol-symphony 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (716) hide show

package/AGENTS.md +41 -22
package/DESIGN.md +494 -273
package/README.md +109 -57
package/SPEC.md +33 -24
package/WORKFLOW.minimal.yaml +34 -0
package/{WORKFLOW.template.md → WORKFLOW.template.yaml} +409 -256
package/WORKFLOW.yaml +487 -0
package/assets/skills/symphony-issues/SKILL.md +136 -0
package/assets/symphony-mise.system.toml +68 -0
package/dist/src/bin/symphony.js +30 -0
package/dist/src/bin/symphony.js.map +1 -0
package/dist/src/core/actions/context.js +109 -0
package/dist/src/core/actions/context.js.map +1 -0
package/dist/{actions/parsing.js → src/core/actions/parse.js} +33 -114
package/dist/src/core/actions/parse.js.map +1 -0
package/dist/src/core/actions/plan.js +197 -0
package/dist/src/core/actions/plan.js.map +1 -0
package/dist/src/core/actions/predicates.js +111 -0
package/dist/src/core/actions/predicates.js.map +1 -0
package/dist/src/core/actions/run-fold.js +248 -0
package/dist/src/core/actions/run-fold.js.map +1 -0
package/dist/src/core/actions/template.js +118 -0
package/dist/src/core/actions/template.js.map +1 -0
package/dist/src/core/cli/args.js +116 -0
package/dist/src/core/cli/args.js.map +1 -0
package/dist/src/core/coerce.js +75 -0
package/dist/src/core/coerce.js.map +1 -0
package/dist/src/core/credential/account-id.js +20 -0
package/dist/src/core/credential/account-id.js.map +1 -0
package/dist/src/core/credential/adapter-config.js +136 -0
package/dist/src/core/credential/adapter-config.js.map +1 -0
package/dist/src/core/credential/availability.js +98 -0
package/dist/src/core/credential/availability.js.map +1 -0
package/dist/src/core/credential/extract.js +228 -0
package/dist/src/core/credential/extract.js.map +1 -0
package/dist/src/core/credential/fake-creds.js +171 -0
package/dist/src/core/credential/fake-creds.js.map +1 -0
package/dist/src/core/credential/identity.js +125 -0
package/dist/src/core/credential/identity.js.map +1 -0
package/dist/src/core/credential/shape.js +230 -0
package/dist/src/core/credential/shape.js.map +1 -0
package/dist/src/core/credential/strings.js +15 -0
package/dist/src/core/credential/strings.js.map +1 -0
package/dist/src/core/doctor/checks.js +303 -0
package/dist/src/core/doctor/checks.js.map +1 -0
package/dist/src/core/git/result.js +107 -0
package/dist/src/core/git/result.js.map +1 -0
package/dist/src/core/http/decisions.js +225 -0
package/dist/src/core/http/decisions.js.map +1 -0
package/dist/{http.js → src/core/http/render.js} +472 -738
package/dist/src/core/http/render.js.map +1 -0
package/dist/{http-handlers.js → src/core/http/routes.js} +52 -87
package/dist/src/core/http/routes.js.map +1 -0
package/dist/src/core/http/views.js +181 -0
package/dist/src/core/http/views.js.map +1 -0
package/dist/src/core/image/managed-image.js +95 -0
package/dist/src/core/image/managed-image.js.map +1 -0
package/dist/src/core/issue/file.js +149 -0
package/dist/src/core/issue/file.js.map +1 -0
package/dist/src/core/issue/parse.js +210 -0
package/dist/src/core/issue/parse.js.map +1 -0
package/dist/src/core/mcp/dispatch.js +239 -0
package/dist/src/core/mcp/dispatch.js.map +1 -0
package/dist/src/core/mcp/post-move.js +92 -0
package/dist/src/core/mcp/post-move.js.map +1 -0
package/dist/src/core/mcp/protocol.js +293 -0
package/dist/src/core/mcp/protocol.js.map +1 -0
package/dist/src/core/mcp/url.js +162 -0
package/dist/src/core/mcp/url.js.map +1 -0
package/dist/src/core/path.js +63 -0
package/dist/src/core/path.js.map +1 -0
package/dist/src/core/reconcile/image-decide.js +48 -0
package/dist/src/core/reconcile/image-decide.js.map +1 -0
package/dist/src/core/reconcile/ledger.js +142 -0
package/dist/src/core/reconcile/ledger.js.map +1 -0
package/dist/src/core/reconcile/pr-classify.js +62 -0
package/dist/src/core/reconcile/pr-classify.js.map +1 -0
package/dist/{reconciler → src/core/reconcile}/pr-decide.js +25 -12
package/dist/src/core/reconcile/pr-decide.js.map +1 -0
package/dist/src/core/reconcile/pr-loop.js +161 -0
package/dist/src/core/reconcile/pr-loop.js.map +1 -0
package/dist/src/core/reconcile/pr-notes.js +35 -0
package/dist/src/core/reconcile/pr-notes.js.map +1 -0
package/dist/src/core/reconcile/vm-decide.js +70 -0
package/dist/src/core/reconcile/vm-decide.js.map +1 -0
package/dist/src/core/reconcile/vm-reap.js +207 -0
package/dist/src/core/reconcile/vm-reap.js.map +1 -0
package/dist/src/core/reconcile/workspace-decide.js +162 -0
package/dist/src/core/reconcile/workspace-decide.js.map +1 -0
package/dist/src/core/runlog/summary.js +231 -0
package/dist/src/core/runlog/summary.js.map +1 -0
package/dist/src/core/runner/dispatch-config.js +95 -0
package/dist/src/core/runner/dispatch-config.js.map +1 -0
package/dist/src/core/runner/injection.js +61 -0
package/dist/src/core/runner/injection.js.map +1 -0
package/dist/src/core/runner/mise.js +210 -0
package/dist/src/core/runner/mise.js.map +1 -0
package/dist/src/core/runner/prompt.js +720 -0
package/dist/src/core/runner/prompt.js.map +1 -0
package/dist/src/core/runner/turn.js +242 -0
package/dist/src/core/runner/turn.js.map +1 -0
package/dist/src/core/runner/vm-plan.js +390 -0
package/dist/src/core/runner/vm-plan.js.map +1 -0
package/dist/src/core/schedule/admission.js +123 -0
package/dist/src/core/schedule/admission.js.map +1 -0
package/dist/src/core/schedule/circuit-breaker.js +111 -0
package/dist/src/core/schedule/circuit-breaker.js.map +1 -0
package/dist/src/core/schedule/eligibility.js +83 -0
package/dist/src/core/schedule/eligibility.js.map +1 -0
package/dist/src/core/schedule/reconcile-issue.js +82 -0
package/dist/src/core/schedule/reconcile-issue.js.map +1 -0
package/dist/src/core/schedule/retry.js +96 -0
package/dist/src/core/schedule/retry.js.map +1 -0
package/dist/src/core/schedule/sleep-cycle.js +133 -0
package/dist/src/core/schedule/sleep-cycle.js.map +1 -0
package/dist/src/core/schedule/slots.js +124 -0
package/dist/src/core/schedule/slots.js.map +1 -0
package/dist/src/core/schedule/tick.js +553 -0
package/dist/src/core/schedule/tick.js.map +1 -0
package/dist/src/core/schedule/token-fold.js +181 -0
package/dist/src/core/schedule/token-fold.js.map +1 -0
package/dist/src/core/state-resolve.js +86 -0
package/dist/src/core/state-resolve.js.map +1 -0
package/dist/src/core/vm-guards.js +278 -0
package/dist/src/core/vm-guards.js.map +1 -0
package/dist/src/core/workflow/derive.js +107 -0
package/dist/src/core/workflow/derive.js.map +1 -0
package/dist/src/core/workflow/parse.js +687 -0
package/dist/src/core/workflow/parse.js.map +1 -0
package/dist/src/core/workflow/prompt-probe.js +78 -0
package/dist/src/core/workflow/prompt-probe.js.map +1 -0
package/dist/src/core/workflow/validate.js +189 -0
package/dist/src/core/workflow/validate.js.map +1 -0
package/dist/src/core/workspace-key.js +19 -0
package/dist/src/core/workspace-key.js.map +1 -0
package/dist/src/shell/actions-runner.js +356 -0
package/dist/src/shell/actions-runner.js.map +1 -0
package/dist/src/shell/adapter/adapter-registry.js +45 -0
package/dist/src/shell/adapter/adapter-registry.js.map +1 -0
package/dist/src/shell/adapter/clock-random.js +96 -0
package/dist/src/shell/adapter/clock-random.js.map +1 -0
package/dist/src/shell/adapter/gondolin-dispatch-helpers.js +158 -0
package/dist/src/shell/adapter/gondolin-dispatch-helpers.js.map +1 -0
package/dist/src/shell/adapter/gondolin-dispatch.js +385 -0
package/dist/src/shell/adapter/gondolin-dispatch.js.map +1 -0
package/dist/src/shell/adapter/gondolin-image-converter.js +233 -0
package/dist/src/shell/adapter/gondolin-image-converter.js.map +1 -0
package/dist/src/shell/adapter/gondolin-image-fetch.js +180 -0
package/dist/src/shell/adapter/gondolin-image-fetch.js.map +1 -0
package/dist/src/shell/adapter/launcher-asset.js +57 -0
package/dist/src/shell/adapter/launcher-asset.js.map +1 -0
package/dist/src/shell/adapter/mise-config-asset.js +65 -0
package/dist/src/shell/adapter/mise-config-asset.js.map +1 -0
package/dist/src/shell/adapter/workflow-loader.js +304 -0
package/dist/src/shell/adapter/workflow-loader.js.map +1 -0
package/dist/src/shell/cli/doctor.js +268 -0
package/dist/src/shell/cli/doctor.js.map +1 -0
package/dist/src/shell/effect-interpreter-families.js +314 -0
package/dist/src/shell/effect-interpreter-families.js.map +1 -0
package/dist/src/shell/effect-interpreter.js +29 -0
package/dist/src/shell/effect-interpreter.js.map +1 -0
package/dist/src/shell/interp/acp-frame.js +137 -0
package/dist/src/shell/interp/acp-frame.js.map +1 -0
package/dist/src/shell/interp/acp-ws-conn.js +320 -0
package/dist/src/shell/interp/acp-ws-conn.js.map +1 -0
package/dist/src/shell/interp/acp-ws-frames.js +159 -0
package/dist/src/shell/interp/acp-ws-frames.js.map +1 -0
package/dist/src/shell/interp/acp-ws.js +197 -0
package/dist/src/shell/interp/acp-ws.js.map +1 -0
package/dist/src/shell/interp/acp.js +319 -0
package/dist/src/shell/interp/acp.js.map +1 -0
package/dist/src/shell/interp/credential-defaults.js +128 -0
package/dist/src/shell/interp/credential-defaults.js.map +1 -0
package/dist/src/shell/interp/credential-hooks.js +149 -0
package/dist/src/shell/interp/credential-hooks.js.map +1 -0
package/dist/src/shell/interp/credential-registry.js +226 -0
package/dist/src/shell/interp/credential-registry.js.map +1 -0
package/dist/src/shell/interp/credential.js +103 -0
package/dist/src/shell/interp/credential.js.map +1 -0
package/dist/src/shell/interp/gh.js +163 -0
package/dist/src/shell/interp/gh.js.map +1 -0
package/dist/src/shell/interp/git.js +28 -0
package/dist/src/shell/interp/git.js.map +1 -0
package/dist/src/shell/interp/log.js +213 -0
package/dist/src/shell/interp/log.js.map +1 -0
package/dist/src/shell/interp/process.js +178 -0
package/dist/src/shell/interp/process.js.map +1 -0
package/dist/src/shell/interp/runlog.js +193 -0
package/dist/src/shell/interp/runlog.js.map +1 -0
package/dist/src/shell/interp/timer.js +64 -0
package/dist/src/shell/interp/timer.js.map +1 -0
package/dist/src/shell/interp/tracker-disk.js +99 -0
package/dist/src/shell/interp/tracker-disk.js.map +1 -0
package/dist/src/shell/interp/tracker-parse.js +71 -0
package/dist/src/shell/interp/tracker-parse.js.map +1 -0
package/dist/src/shell/interp/tracker-scan.js +238 -0
package/dist/src/shell/interp/tracker-scan.js.map +1 -0
package/dist/src/shell/interp/tracker-write.js +91 -0
package/dist/src/shell/interp/tracker-write.js.map +1 -0
package/dist/src/shell/interp/tracker.js +41 -0
package/dist/src/shell/interp/tracker.js.map +1 -0
package/dist/src/shell/interp/tty.js +48 -0
package/dist/src/shell/interp/tty.js.map +1 -0
package/dist/src/shell/interp/vm.js +199 -0
package/dist/src/shell/interp/vm.js.map +1 -0
package/dist/src/shell/interp/workspace.js +310 -0
package/dist/src/shell/interp/workspace.js.map +1 -0
package/dist/src/shell/main-acp.js +78 -0
package/dist/src/shell/main-acp.js.map +1 -0
package/dist/src/shell/main-adapters.js +222 -0
package/dist/src/shell/main-adapters.js.map +1 -0
package/dist/src/shell/main-credential.js +122 -0
package/dist/src/shell/main-credential.js.map +1 -0
package/dist/src/shell/main-doctor.js +22 -0
package/dist/src/shell/main-doctor.js.map +1 -0
package/dist/src/shell/main-entry.js +46 -0
package/dist/src/shell/main-entry.js.map +1 -0
package/dist/src/shell/main-http-csrf.js +45 -0
package/dist/src/shell/main-http-csrf.js.map +1 -0
package/dist/src/shell/main-http-handler.js +389 -0
package/dist/src/shell/main-http-handler.js.map +1 -0
package/dist/src/shell/main-http-mcp.js +122 -0
package/dist/src/shell/main-http-mcp.js.map +1 -0
package/dist/src/shell/main-http-views.js +253 -0
package/dist/src/shell/main-http-views.js.map +1 -0
package/dist/src/shell/main-http.js +76 -0
package/dist/src/shell/main-http.js.map +1 -0
package/dist/src/shell/main-loops.js +130 -0
package/dist/src/shell/main-loops.js.map +1 -0
package/dist/src/shell/main-mcp.js +129 -0
package/dist/src/shell/main-mcp.js.map +1 -0
package/dist/src/shell/main-orchestrator.js +120 -0
package/dist/src/shell/main-orchestrator.js.map +1 -0
package/dist/src/shell/main-preflight.js +43 -0
package/dist/src/shell/main-preflight.js.map +1 -0
package/dist/src/shell/main-reconcilers-helpers.js +244 -0
package/dist/src/shell/main-reconcilers-helpers.js.map +1 -0
package/dist/src/shell/main-reconcilers-pr.js +148 -0
package/dist/src/shell/main-reconcilers-pr.js.map +1 -0
package/dist/src/shell/main-reconcilers.js +225 -0
package/dist/src/shell/main-reconcilers.js.map +1 -0
package/dist/src/shell/main-runner.js +355 -0
package/dist/src/shell/main-runner.js.map +1 -0
package/dist/src/shell/main-scaffold.js +116 -0
package/dist/src/shell/main-scaffold.js.map +1 -0
package/dist/src/shell/main-shutdown.js +115 -0
package/dist/src/shell/main-shutdown.js.map +1 -0
package/dist/src/shell/main-startup.js +48 -0
package/dist/src/shell/main-startup.js.map +1 -0
package/dist/src/shell/main-substrates.js +43 -0
package/dist/src/shell/main-substrates.js.map +1 -0
package/dist/src/shell/main.js +385 -0
package/dist/src/shell/main.js.map +1 -0
package/dist/src/shell/orchestrator-feedback.js +69 -0
package/dist/src/shell/orchestrator-feedback.js.map +1 -0
package/dist/src/shell/orchestrator-image.js +167 -0
package/dist/src/shell/orchestrator-image.js.map +1 -0
package/dist/src/shell/orchestrator-loop.js +468 -0
package/dist/src/shell/orchestrator-loop.js.map +1 -0
package/dist/src/shell/orchestrator-reconcile.js +36 -0
package/dist/src/shell/orchestrator-reconcile.js.map +1 -0
package/dist/src/shell/reconciler-loop.js +228 -0
package/dist/src/shell/reconciler-loop.js.map +1 -0
package/dist/src/shell/runner-loop-turn.js +301 -0
package/dist/src/shell/runner-loop-turn.js.map +1 -0
package/dist/src/shell/runner-loop.js +338 -0
package/dist/src/shell/runner-loop.js.map +1 -0
package/dist/src/shell/server/http.js +208 -0
package/dist/src/shell/server/http.js.map +1 -0
package/dist/src/shell/server/mcp-runtime-effects.js +237 -0
package/dist/src/shell/server/mcp-runtime-effects.js.map +1 -0
package/dist/src/shell/server/mcp-runtime.js +99 -0
package/dist/src/shell/server/mcp-runtime.js.map +1 -0
package/dist/src/shell/workspace-key.js +14 -0
package/dist/src/shell/workspace-key.js.map +1 -0
package/dist/src/types/acp.js +8 -0
package/dist/src/types/acp.js.map +1 -0
package/dist/src/types/actions/plan.js +6 -0
package/dist/src/types/actions/plan.js.map +1 -0
package/dist/src/types/actions/predicates.js +6 -0
package/dist/src/types/actions/predicates.js.map +1 -0
package/dist/src/types/actions/run-fold.js +8 -0
package/dist/src/types/actions/run-fold.js.map +1 -0
package/dist/src/types/actions.js +7 -0
package/dist/src/types/actions.js.map +1 -0
package/dist/src/types/adapter/clock-random.js +4 -0
package/dist/src/types/adapter/clock-random.js.map +1 -0
package/dist/src/types/adapter/gondolin-image-converter.js +5 -0
package/dist/src/types/adapter/gondolin-image-converter.js.map +1 -0
package/dist/src/types/adapter/gondolin-image-fetch.js +5 -0
package/dist/src/types/adapter/gondolin-image-fetch.js.map +1 -0
package/dist/src/types/adapter/workflow-loader.js +4 -0
package/dist/src/types/adapter/workflow-loader.js.map +1 -0
package/dist/src/types/cli/args.js +8 -0
package/dist/src/types/cli/args.js.map +1 -0
package/dist/src/types/config.js +8 -0
package/dist/src/types/config.js.map +1 -0
package/dist/src/types/credential-interp.js +6 -0
package/dist/src/types/credential-interp.js.map +1 -0
package/dist/src/types/credentials.js +10 -0
package/dist/src/types/credentials.js.map +1 -0
package/dist/src/types/doctor.js +7 -0
package/dist/src/types/doctor.js.map +1 -0
package/dist/src/types/domain.js +7 -0
package/dist/src/types/domain.js.map +1 -0
package/dist/src/types/effect.js +15 -0
package/dist/src/types/effect.js.map +1 -0
package/dist/src/types/errors.js +39 -0
package/dist/src/types/errors.js.map +1 -0
package/dist/src/types/http/decisions.js +6 -0
package/dist/src/types/http/decisions.js.map +1 -0
package/dist/src/types/http/render.js +10 -0
package/dist/src/types/http/render.js.map +1 -0
package/dist/src/types/http/views.js +6 -0
package/dist/src/types/http/views.js.map +1 -0
package/dist/src/types/http.js +9 -0
package/dist/src/types/http.js.map +1 -0
package/dist/src/types/image/managed-image.js +7 -0
package/dist/src/types/image/managed-image.js.map +1 -0
package/dist/src/types/interp/effect-interpreter.js +8 -0
package/dist/src/types/interp/effect-interpreter.js.map +1 -0
package/dist/src/types/interp/tracker.js +7 -0
package/dist/src/types/interp/tracker.js.map +1 -0
package/dist/src/types/issue/file.js +6 -0
package/dist/src/types/issue/file.js.map +1 -0
package/dist/src/types/issue/parse.js +8 -0
package/dist/src/types/issue/parse.js.map +1 -0
package/dist/src/types/main-acp.js +13 -0
package/dist/src/types/main-acp.js.map +1 -0
package/dist/src/types/main-adapters.js +5 -0
package/dist/src/types/main-adapters.js.map +1 -0
package/dist/src/types/main-credential.js +21 -0
package/dist/src/types/main-credential.js.map +1 -0
package/dist/src/types/main-doctor.js +6 -0
package/dist/src/types/main-doctor.js.map +1 -0
package/dist/src/types/main-http-handler.js +12 -0
package/dist/src/types/main-http-handler.js.map +1 -0
package/dist/src/types/main-http.js +5 -0
package/dist/src/types/main-http.js.map +1 -0
package/dist/src/types/main-loops.js +5 -0
package/dist/src/types/main-loops.js.map +1 -0
package/dist/src/types/main-mcp.js +12 -0
package/dist/src/types/main-mcp.js.map +1 -0
package/dist/src/types/main-orchestrator.js +5 -0
package/dist/src/types/main-orchestrator.js.map +1 -0
package/dist/src/types/main-reconcilers.js +11 -0
package/dist/src/types/main-reconcilers.js.map +1 -0
package/dist/src/types/main-runner.js +13 -0
package/dist/src/types/main-runner.js.map +1 -0
package/dist/src/types/main-startup.js +5 -0
package/dist/src/types/main-startup.js.map +1 -0
package/dist/src/types/main-substrates.js +5 -0
package/dist/src/types/main-substrates.js.map +1 -0
package/dist/src/types/mcp/dispatch.js +4 -0
package/dist/src/types/mcp/dispatch.js.map +1 -0
package/dist/src/types/mcp/post-move.js +7 -0
package/dist/src/types/mcp/post-move.js.map +1 -0
package/dist/src/types/mcp.js +9 -0
package/dist/src/types/mcp.js.map +1 -0
package/dist/src/types/ports.js +12 -0
package/dist/src/types/ports.js.map +1 -0
package/dist/src/types/reconcile/image-decide.js +5 -0
package/dist/src/types/reconcile/image-decide.js.map +1 -0
package/dist/src/types/reconcile/ledger.js +7 -0
package/dist/src/types/reconcile/ledger.js.map +1 -0
package/dist/src/types/reconcile/pr-loop.js +8 -0
package/dist/src/types/reconcile/pr-loop.js.map +1 -0
package/dist/src/types/reconcile/vm-reap.js +8 -0
package/dist/src/types/reconcile/vm-reap.js.map +1 -0
package/dist/src/types/reconcile/workspace-decide.js +7 -0
package/dist/src/types/reconcile/workspace-decide.js.map +1 -0
package/dist/src/types/reconcile.js +9 -0
package/dist/src/types/reconcile.js.map +1 -0
package/dist/src/types/runlog.js +7 -0
package/dist/src/types/runlog.js.map +1 -0
package/dist/src/types/runner/actions-runner.js +12 -0
package/dist/src/types/runner/actions-runner.js.map +1 -0
package/dist/src/types/runner/gondolin-dispatch.js +5 -0
package/dist/src/types/runner/gondolin-dispatch.js.map +1 -0
package/dist/src/types/runner/injection.js +6 -0
package/dist/src/types/runner/injection.js.map +1 -0
package/dist/src/types/runner/runner-loop.js +5 -0
package/dist/src/types/runner/runner-loop.js.map +1 -0
package/dist/src/types/runner/turn.js +4 -0
package/dist/src/types/runner/turn.js.map +1 -0
package/dist/src/types/runner/vm-plan.js +4 -0
package/dist/src/types/runner/vm-plan.js.map +1 -0
package/dist/src/types/runtime.js +9 -0
package/dist/src/types/runtime.js.map +1 -0
package/dist/src/types/schedule/admission.js +7 -0
package/dist/src/types/schedule/admission.js.map +1 -0
package/dist/src/types/schedule/circuit-breaker.js +2 -0
package/dist/src/types/schedule/circuit-breaker.js.map +1 -0
package/dist/src/types/schedule/eligibility.js +9 -0
package/dist/src/types/schedule/eligibility.js.map +1 -0
package/dist/src/types/schedule/orchestrator-loop.js +10 -0
package/dist/src/types/schedule/orchestrator-loop.js.map +1 -0
package/dist/src/types/schedule/sleep-cycle.js +4 -0
package/dist/src/types/schedule/sleep-cycle.js.map +1 -0
package/dist/src/types/schedule/slots.js +8 -0
package/dist/src/types/schedule/slots.js.map +1 -0
package/dist/src/types/schedule/tick.js +9 -0
package/dist/src/types/schedule/tick.js.map +1 -0
package/dist/src/types/server/mcp-runtime.js +8 -0
package/dist/src/types/server/mcp-runtime.js.map +1 -0
package/dist/src/types/workflow/parse.js +4 -0
package/dist/src/types/workflow/parse.js.map +1 -0
package/dist/tests/core/account-id.test.js +35 -0
package/dist/tests/core/account-id.test.js.map +1 -0
package/dist/tests/core/actions-parse.test.js +176 -0
package/dist/tests/core/actions-parse.test.js.map +1 -0
package/dist/tests/core/adapter-config.test.js +133 -0
package/dist/tests/core/adapter-config.test.js.map +1 -0
package/dist/tests/core/admission.test.js +215 -0
package/dist/tests/core/admission.test.js.map +1 -0
package/dist/tests/core/args.test.js +132 -0
package/dist/tests/core/args.test.js.map +1 -0
package/dist/tests/core/availability.test.js +62 -0
package/dist/tests/core/availability.test.js.map +1 -0
package/dist/tests/core/checks.test.js +395 -0
package/dist/tests/core/checks.test.js.map +1 -0
package/dist/tests/core/circuit-breaker.test.js +172 -0
package/dist/tests/core/circuit-breaker.test.js.map +1 -0
package/dist/tests/core/coerce.test.js +87 -0
package/dist/tests/core/coerce.test.js.map +1 -0
package/dist/tests/core/context.test.js +228 -0
package/dist/tests/core/context.test.js.map +1 -0
package/dist/tests/core/decisions.test.js +310 -0
package/dist/tests/core/decisions.test.js.map +1 -0
package/dist/tests/core/derive.test.js +205 -0
package/dist/tests/core/derive.test.js.map +1 -0
package/dist/tests/core/dispatch-config.test.js +164 -0
package/dist/tests/core/dispatch-config.test.js.map +1 -0
package/dist/tests/core/dispatch.test.js +302 -0
package/dist/tests/core/dispatch.test.js.map +1 -0
package/dist/tests/core/eligibility.test.js +163 -0
package/dist/tests/core/eligibility.test.js.map +1 -0
package/dist/tests/core/extract.test.js +139 -0
package/dist/tests/core/extract.test.js.map +1 -0
package/dist/tests/core/fake-creds.test.js +134 -0
package/dist/tests/core/fake-creds.test.js.map +1 -0
package/dist/tests/core/file.test.js +197 -0
package/dist/tests/core/file.test.js.map +1 -0
package/dist/tests/core/git-result.test.js +113 -0
package/dist/tests/core/git-result.test.js.map +1 -0
package/dist/tests/core/identity.test.js +180 -0
package/dist/tests/core/identity.test.js.map +1 -0
package/dist/tests/core/image-decide.test.js +59 -0
package/dist/tests/core/image-decide.test.js.map +1 -0
package/dist/tests/core/injection.test.js +163 -0
package/dist/tests/core/injection.test.js.map +1 -0
package/dist/tests/core/ledger.test.js +218 -0
package/dist/tests/core/ledger.test.js.map +1 -0
package/dist/tests/core/managed-image.test.js +68 -0
package/dist/tests/core/managed-image.test.js.map +1 -0
package/dist/tests/core/mise.test.js +138 -0
package/dist/tests/core/mise.test.js.map +1 -0
package/dist/tests/core/parse.test.js +174 -0
package/dist/tests/core/parse.test.js.map +1 -0
package/dist/tests/core/path.test.js +50 -0
package/dist/tests/core/path.test.js.map +1 -0
package/dist/tests/core/plan.test.js +218 -0
package/dist/tests/core/plan.test.js.map +1 -0
package/dist/tests/core/post-move.test.js +162 -0
package/dist/tests/core/post-move.test.js.map +1 -0
package/dist/tests/core/pr-classify.test.js +117 -0
package/dist/tests/core/pr-classify.test.js.map +1 -0
package/dist/tests/core/pr-decide.test.js +298 -0
package/dist/tests/core/pr-decide.test.js.map +1 -0
package/dist/tests/core/pr-loop.test.js +301 -0
package/dist/tests/core/pr-loop.test.js.map +1 -0
package/dist/tests/core/pr-notes.test.js +165 -0
package/dist/tests/core/pr-notes.test.js.map +1 -0
package/dist/tests/core/predicates.test.js +154 -0
package/dist/tests/core/predicates.test.js.map +1 -0
package/dist/tests/core/prompt.test.js +189 -0
package/dist/tests/core/prompt.test.js.map +1 -0
package/dist/tests/core/protocol.test.js +195 -0
package/dist/tests/core/protocol.test.js.map +1 -0
package/dist/tests/core/reconcile-issue.test.js +116 -0
package/dist/tests/core/reconcile-issue.test.js.map +1 -0
package/dist/tests/core/render.test.js +549 -0
package/dist/tests/core/render.test.js.map +1 -0
package/dist/tests/core/retry.test.js +186 -0
package/dist/tests/core/retry.test.js.map +1 -0
package/dist/tests/core/routes.test.js +247 -0
package/dist/tests/core/routes.test.js.map +1 -0
package/dist/tests/core/run-fold.test.js +299 -0
package/dist/tests/core/run-fold.test.js.map +1 -0
package/dist/tests/core/shape.test.js +185 -0
package/dist/tests/core/shape.test.js.map +1 -0
package/dist/tests/core/sleep-cycle.test.js +150 -0
package/dist/tests/core/sleep-cycle.test.js.map +1 -0
package/dist/tests/core/slots.test.js +201 -0
package/dist/tests/core/slots.test.js.map +1 -0
package/dist/tests/core/state-resolve.test.js +80 -0
package/dist/tests/core/state-resolve.test.js.map +1 -0
package/dist/tests/core/summary.test.js +200 -0
package/dist/tests/core/summary.test.js.map +1 -0
package/dist/tests/core/template.test.js +116 -0
package/dist/tests/core/template.test.js.map +1 -0
package/dist/tests/core/tick.test.js +558 -0
package/dist/tests/core/tick.test.js.map +1 -0
package/dist/tests/core/token-fold.test.js +176 -0
package/dist/tests/core/token-fold.test.js.map +1 -0
package/dist/tests/core/turn.test.js +388 -0
package/dist/tests/core/turn.test.js.map +1 -0
package/dist/tests/core/url.test.js +118 -0
package/dist/tests/core/url.test.js.map +1 -0
package/dist/tests/core/validate.test.js +247 -0
package/dist/tests/core/validate.test.js.map +1 -0
package/dist/tests/core/views.test.js +252 -0
package/dist/tests/core/views.test.js.map +1 -0
package/dist/tests/core/vm-decide.test.js +110 -0
package/dist/tests/core/vm-decide.test.js.map +1 -0
package/dist/tests/core/vm-guards.test.js +153 -0
package/dist/tests/core/vm-guards.test.js.map +1 -0
package/dist/tests/core/vm-plan.test.js +332 -0
package/dist/tests/core/vm-plan.test.js.map +1 -0
package/dist/tests/core/vm-reap.test.js +196 -0
package/dist/tests/core/vm-reap.test.js.map +1 -0
package/dist/tests/core/workflow-parse.test.js +493 -0
package/dist/tests/core/workflow-parse.test.js.map +1 -0
package/dist/tests/core/workspace-decide.test.js +236 -0
package/dist/tests/core/workspace-decide.test.js.map +1 -0
package/dist/tests/helpers/fixtures.js +167 -0
package/dist/tests/helpers/fixtures.js.map +1 -0
package/dist/tests/shell/acp-substrate.test.js +101 -0
package/dist/tests/shell/acp-substrate.test.js.map +1 -0
package/dist/tests/shell/actions-runner-push.test.js +203 -0
package/dist/tests/shell/actions-runner-push.test.js.map +1 -0
package/dist/tests/shell/credential-hooks.test.js +36 -0
package/dist/tests/shell/credential-hooks.test.js.map +1 -0
package/dist/tests/shell/credential-registry.test.js +165 -0
package/dist/tests/shell/credential-registry.test.js.map +1 -0
package/dist/tests/shell/credential-substrate.test.js +179 -0
package/dist/tests/shell/credential-substrate.test.js.map +1 -0
package/dist/tests/shell/dockerfile-mise-pin.test.js +51 -0
package/dist/tests/shell/dockerfile-mise-pin.test.js.map +1 -0
package/dist/tests/shell/doctor.test.js +101 -0
package/dist/tests/shell/doctor.test.js.map +1 -0
package/dist/tests/shell/effect-vm-create.test.js +52 -0
package/dist/tests/shell/effect-vm-create.test.js.map +1 -0
package/dist/tests/shell/gh-port.test.js +63 -0
package/dist/tests/shell/gh-port.test.js.map +1 -0
package/dist/tests/shell/gondolin-dispatch-guard.test.js +144 -0
package/dist/tests/shell/gondolin-dispatch-guard.test.js.map +1 -0
package/dist/tests/shell/gondolin-dispatch-shquote.test.js +168 -0
package/dist/tests/shell/gondolin-dispatch-shquote.test.js.map +1 -0
package/dist/tests/shell/gondolin-image-converter.test.js +208 -0
package/dist/tests/shell/gondolin-image-converter.test.js.map +1 -0
package/dist/tests/shell/gondolin-image-fetch.test.js +93 -0
package/dist/tests/shell/gondolin-image-fetch.test.js.map +1 -0
package/dist/tests/shell/http-handler.test.js +608 -0
package/dist/tests/shell/http-handler.test.js.map +1 -0
package/dist/tests/shell/http-server.test.js +53 -0
package/dist/tests/shell/http-server.test.js.map +1 -0
package/dist/tests/shell/mcp-runtime.test.js +366 -0
package/dist/tests/shell/mcp-runtime.test.js.map +1 -0
package/dist/tests/shell/mise-config-asset.test.js +87 -0
package/dist/tests/shell/mise-config-asset.test.js.map +1 -0
package/dist/tests/shell/orchestrator-loop.test.js +583 -0
package/dist/tests/shell/orchestrator-loop.test.js.map +1 -0
package/dist/tests/shell/reconciler-passes.test.js +314 -0
package/dist/tests/shell/reconciler-passes.test.js.map +1 -0
package/dist/tests/shell/runner-loop-turn.test.js +97 -0
package/dist/tests/shell/runner-loop-turn.test.js.map +1 -0
package/dist/tests/shell/runner-slice.test.js +536 -0
package/dist/tests/shell/runner-slice.test.js.map +1 -0
package/dist/tests/shell/scaffold.test.js +65 -0
package/dist/tests/shell/scaffold.test.js.map +1 -0
package/dist/tests/shell/tick-config.test.js +83 -0
package/dist/tests/shell/tick-config.test.js.map +1 -0
package/dist/tests/shell/tracker-parse-dates.test.js +44 -0
package/dist/tests/shell/tracker-parse-dates.test.js.map +1 -0
package/dist/tests/shell/tracker-write-issue.test.js +154 -0
package/dist/tests/shell/tracker-write-issue.test.js.map +1 -0
package/dist/tests/shell/workflow-prompt-split.test.js +208 -0
package/dist/tests/shell/workflow-prompt-split.test.js.map +1 -0
package/dist/tests/shell/workspace-live-config.test.js +140 -0
package/dist/tests/shell/workspace-live-config.test.js.map +1 -0
package/package.json +21 -9
package/patches/@earendil-works+gondolin+0.12.0.patch +173 -0
package/prompts/Reflect.md +91 -0
package/prompts/Review.md +97 -0
package/prompts/Todo.md +96 -0
package/prompts/_footer.md +41 -0
package/prompts/_preamble.md +42 -0
package/prompts-minimal/Todo.md +26 -0
package/scripts/postinstall.mjs +63 -0
package/scripts/vm-agent.mjs +312 -90
package/WORKFLOW.md +0 -744
package/dist/acp-bridge.js +0 -324
package/dist/acp-bridge.js.map +0 -1
package/dist/actions/cache.js +0 -191
package/dist/actions/cache.js.map +0 -1
package/dist/actions/effects.js +0 -41
package/dist/actions/effects.js.map +0 -1
package/dist/actions/executor.js +0 -570
package/dist/actions/executor.js.map +0 -1
package/dist/actions/index.js +0 -13
package/dist/actions/index.js.map +0 -1
package/dist/actions/parsing.js.map +0 -1
package/dist/actions/predicate-env.js +0 -27
package/dist/actions/predicate-env.js.map +0 -1
package/dist/actions/predicates.js +0 -49
package/dist/actions/predicates.js.map +0 -1
package/dist/actions/templating.js +0 -66
package/dist/actions/templating.js.map +0 -1
package/dist/actions/types.js +0 -15
package/dist/actions/types.js.map +0 -1
package/dist/agent/acp.js +0 -473
package/dist/agent/acp.js.map +0 -1
package/dist/agent/adapter-names.js +0 -159
package/dist/agent/adapter-names.js.map +0 -1
package/dist/agent/adapters.js +0 -511
package/dist/agent/adapters.js.map +0 -1
package/dist/agent/credential-extractors.js +0 -342
package/dist/agent/credential-extractors.js.map +0 -1
package/dist/agent/credential-secrets.js +0 -628
package/dist/agent/credential-secrets.js.map +0 -1
package/dist/agent/credential-ticker.js +0 -57
package/dist/agent/credential-ticker.js.map +0 -1
package/dist/agent/gondolin-creds-staging.js +0 -356
package/dist/agent/gondolin-creds-staging.js.map +0 -1
package/dist/agent/gondolin-dispatch.js +0 -375
package/dist/agent/gondolin-dispatch.js.map +0 -1
package/dist/agent/gondolin.js +0 -124
package/dist/agent/gondolin.js.map +0 -1
package/dist/agent/runner-decisions.js +0 -134
package/dist/agent/runner-decisions.js.map +0 -1
package/dist/agent/runner.js +0 -1456
package/dist/agent/runner.js.map +0 -1
package/dist/agent/tool-call-summary.js +0 -102
package/dist/agent/tool-call-summary.js.map +0 -1
package/dist/agent/vm-acp-mapping.js +0 -73
package/dist/agent/vm-acp-mapping.js.map +0 -1
package/dist/agent/vm-guards.js +0 -262
package/dist/agent/vm-guards.js.map +0 -1
package/dist/agent/vm-port.js +0 -22
package/dist/agent/vm-port.js.map +0 -1
package/dist/agent/vm-process-registry.js +0 -79
package/dist/agent/vm-process-registry.js.map +0 -1
package/dist/bin/cli-args.js +0 -105
package/dist/bin/cli-args.js.map +0 -1
package/dist/bin/symphony.js +0 -794
package/dist/bin/symphony.js.map +0 -1
package/dist/errors.js +0 -15
package/dist/errors.js.map +0 -1
package/dist/http-disk.js +0 -135
package/dist/http-disk.js.map +0 -1
package/dist/http-handlers.js.map +0 -1
package/dist/http.js.map +0 -1
package/dist/issues.js +0 -178
package/dist/issues.js.map +0 -1
package/dist/logging.js +0 -203
package/dist/logging.js.map +0 -1
package/dist/mcp.js +0 -706
package/dist/mcp.js.map +0 -1
package/dist/memory.js +0 -85
package/dist/memory.js.map +0 -1
package/dist/orchestrator-decisions.js +0 -331
package/dist/orchestrator-decisions.js.map +0 -1
package/dist/orchestrator.js +0 -1569
package/dist/orchestrator.js.map +0 -1
package/dist/prompt.js +0 -65
package/dist/prompt.js.map +0 -1
package/dist/reconciler/cache.js +0 -65
package/dist/reconciler/cache.js.map +0 -1
package/dist/reconciler/index.js +0 -448
package/dist/reconciler/index.js.map +0 -1
package/dist/reconciler/ledger.js +0 -131
package/dist/reconciler/ledger.js.map +0 -1
package/dist/reconciler/pr-adapters.js +0 -174
package/dist/reconciler/pr-adapters.js.map +0 -1
package/dist/reconciler/pr-decide.js.map +0 -1
package/dist/reconciler/pr.js +0 -422
package/dist/reconciler/pr.js.map +0 -1
package/dist/reconciler/types.js +0 -12
package/dist/reconciler/types.js.map +0 -1
package/dist/reconciler/vm.js +0 -243
package/dist/reconciler/vm.js.map +0 -1
package/dist/reconciler/workspace-defaults.js +0 -83
package/dist/reconciler/workspace-defaults.js.map +0 -1
package/dist/reconciler/workspace.js +0 -272
package/dist/reconciler/workspace.js.map +0 -1
package/dist/runlog.js +0 -403
package/dist/runlog.js.map +0 -1
package/dist/scaffold.js +0 -165
package/dist/scaffold.js.map +0 -1
package/dist/trackers/local.js +0 -445
package/dist/trackers/local.js.map +0 -1
package/dist/trackers/types.js +0 -10
package/dist/trackers/types.js.map +0 -1
package/dist/types.js +0 -3
package/dist/types.js.map +0 -1
package/dist/util/clock.js +0 -12
package/dist/util/clock.js.map +0 -1
package/dist/util/crypto.js +0 -25
package/dist/util/crypto.js.map +0 -1
package/dist/util/frontmatter.js +0 -70
package/dist/util/frontmatter.js.map +0 -1
package/dist/util/fs-issues.js +0 -22
package/dist/util/fs-issues.js.map +0 -1
package/dist/util/process.js +0 -152
package/dist/util/process.js.map +0 -1
package/dist/util/workspace-key.js +0 -10
package/dist/util/workspace-key.js.map +0 -1
package/dist/workflow-loader.js +0 -147
package/dist/workflow-loader.js.map +0 -1
package/dist/workflow.js +0 -822
package/dist/workflow.js.map +0 -1
package/dist/workspace-types.js +0 -8
package/dist/workspace-types.js.map +0 -1
package/dist/workspace.js +0 -443
package/dist/workspace.js.map +0 -1

package/dist/agent/gondolin-dispatch.js DELETED Viewed

@@ -1,375 +0,0 @@
-// Gondolin dispatch orchestration — the Gondolin VM bring-up +
-// exec-launch + teardown sequence (runner.ts
-// `startVmOrFail`/`launchExecStream`/`attachStderrTap` + teardown), composed over
-// the injected `VmClient` port, the host `CredentialSecretRegistry`, and gondolin's
-// `createHttpHooks`. This is the `application`-role composition seam: it wires the
-// credential adapter + the VM port + the ACP bridge mapping together.
-//
-// LIVE: the live dispatch path (`runner.ts` runAttempt etc.) imports this.
-// Gondolin is the live VM backend. The invariant guards (vm-guards.ts) are
-// wired in here so the Gondolin
-// path is enforced-by-construction: mounts are validated and env is stripped while
-// the `CreateVmOptions` are built — a credential mount HARD-FAILs and a credential
-// env var can never reach the guest's PID-1 environment.
-//
-// Contract mirrored from the live runner (without modifying it):
-//   - mounts: workspace RW + gondolin.volumes + eval-mode RO (buildVmMounts) — here the
-//     caller passes the already-built list; we validate it.
-//   - env: forwarded env (buildForwardedEnv) — here generalized via stripCredentialEnv.
-//   - launch: `node /opt/symphony/vm-agent.mjs` (the in-VM ACP launcher), stdin
-//     end()ed immediately (ACP rides the TCP bridge, not stdio), stderr tapped before
-//     the bridge handshake (attachStderrTap).
-//   - teardown: kill the exec, close the VM, deregister the secret manager —
-//     idempotent and error-tolerant.
-import { Buffer } from 'node:buffer';
-import { createHttpHooks } from '@earendil-works/gondolin';
-import { log } from '../logging.js';
-import { SYMPHONY_VM_PREFIX, } from './vm-port.js';
-import { buildAcpTcpDns, buildMcpTcpHostEntry } from './vm-acp-mapping.js';
-import { assertNoCredentialMounts, stripCredentialEnv, stripCredentialTokenVars, } from './vm-guards.js';
-import { buildGondolinFakeCreds, } from './gondolin-creds-staging.js';
-/**
- * The in-VM ACP launcher command. Mirrors the earlier dispatch path's
- * `exec node /opt/symphony/vm-agent.mjs` (deriveAcpCommand). On Gondolin there is no
- * `bash -lc` wrapper and no per-dispatch staged-file `cp` preamble — runtime files
- * land via VFS mounts / the baked image — so the launcher is exec'd directly.
- */
-const VM_AGENT_COMMAND = ['node', '/opt/symphony/vm-agent.mjs'];
-/**
- * PATH for the launched agent's exec. Gondolin's `vm.exec` runs the command
- * WITHOUT a login shell, so the guest's profile-set PATH does not apply — the
- * default exec PATH is only `/usr/sbin:/usr/bin:/sbin:/bin`, which EXCLUDES
- * `/usr/local/bin` where the image installs `node` and every agent CLI
- * (`claude-agent-acp` / `codex-acp` / `opencode`). Without this, the launch
- * command `node …` fails to spawn (ENOENT) and the in-VM agent never dials the
- * bridge back — and even if `node` were found, the adapter the agent spawns
- * (`SYMPHONY_ADAPTER_BIN`, also in `/usr/local/bin`) would not resolve either.
- * Set it explicitly on the launch exec env (which the adapter child inherits) so
- * the production dispatch path does not depend on a login shell. This carries no
- * secret — it is a fixed search path. (Go-live validation finding.)
- */
-const GUEST_AGENT_PATH = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin';
-/**
- * Guest path of the gitconfig the dispatcher stages so in-guest git trusts the
- * host-owned, bind-mounted workspace. The workspace dir is owned by the HOST uid
- * (e.g. 1000), while in-guest git runs as a DIFFERENT uid — so git's
- * CVE-2022-24765 ownership guard FATALs every command (`fatal: detected dubious
- * ownership`, exit 128, empty stdout), breaking the in-guest `git rebase` /
- * conflict-handoff path. `safe.directory` is honored ONLY from system/global
- * config files — NOT from `-c`/command-level config, `GIT_CONFIG_*` injected
- * values, or repo-local config — so a global config FILE is the load-bearing
- * surface (`buildLaunchEnv` points `GIT_CONFIG_GLOBAL` here). Lives OUTSIDE the
- * workspace mount (`/opt/symphony`, the same image dir the launcher lives in) so
- * it never shows up in the repo's own `git status`. (Issue 149.)
- */
-const GUEST_GITCONFIG_PATH = '/opt/symphony/gitconfig';
-/**
- * Contents of the staged guest gitconfig: disarm git's bind-mount ownership guard
- * for every workspace path. `*` (not the per-workspace path) so a re-dispatch into a
- * differently-named workspace dir needs no per-issue value. Holds NO secret → 0644.
- */
-const GUEST_GITCONFIG_CONTENT = '[safe]\n\tdirectory = *\n';
-const GUEST_GITCONFIG_MODE = 0o644;
-/**
- * The staged guest gitconfig as a `GuestCredFile` — written via the SAME
- * base64-piped pre-launch write-exec the fake creds use, so it lands before the
- * agent's first git command. Carries only the bind-mount trust line, never a secret.
- */
-function guestGitconfigFile() {
-    return {
-        guestPath: GUEST_GITCONFIG_PATH,
-        content: GUEST_GITCONFIG_CONTENT,
-        mode: GUEST_GITCONFIG_MODE,
-    };
-}
-/** Bound on each fake-creds write exec (a tiny mkdir+write; never hangs). */
-const STAGE_TIMEOUT_MS = 15_000;
-/**
- * Build the in-guest write command for a single fake-creds file. The content is
- * base64-encoded host-side and decoded in-guest, so arbitrary JSON (quotes,
- * newlines, `$`) can never break out of the shell or be interpreted — there is no
- * heredoc/`echo` injection surface. `mkdir -p` the parent, decode into place, then
- * `chmod`. POSIX-portable (`/bin/sh`, `base64 -d`). The guest path is single-quoted
- * (paths we emit contain no `'`).
- */
-function writeFileCommand(file) {
-    const b64 = Buffer.from(file.content, 'utf8').toString('base64');
-    const dir = posixDirname(file.guestPath);
-    const mode = file.mode.toString(8);
-    const script = `mkdir -p '${dir}' && ` +
-        `printf %s '${b64}' | base64 -d > '${file.guestPath}' && ` +
-        `chmod ${mode} '${file.guestPath}'`;
-    return ['/bin/sh', '-c', script];
-}
-/** POSIX dirname for an absolute guest path (always `/`-separated). */
-function posixDirname(p) {
-    const idx = p.lastIndexOf('/');
-    if (idx <= 0)
-        return '/';
-    return p.slice(0, idx);
-}
-/**
- * Orchestrates a single Gondolin dispatch. Inject the VM port, the host credential
- * registry, and the per-adapter hooks config; `dispatch()` builds the enforced
- * `CreateVmOptions`, creates the VM, seeds + registers the secret manager BEFORE the
- * agent launches, then launches the in-VM ACP agent and returns a teardown handle.
- */
-export class GondolinDispatcher {
-    vmClient;
-    registry;
-    hooksConfig;
-    vmConfig;
-    constructor(vmClient, registry, hooksConfig, vmConfig) {
-        this.vmClient = vmClient;
-        this.registry = registry;
-        this.hooksConfig = hooksConfig;
-        this.vmConfig = vmConfig;
-    }
-    async dispatch(opts) {
-        // ONE createHttpHooks call yields the httpHooks (into createVm), the
-        // secretManager (into the registry), AND the placeholder `env` map (the
-        // token-shaped fake bearer keyed by the secret name) for this VM. They must be
-        // the same instance — and the placeholder `env` (previously dropped) is the
-        // value the guest holds, so its fake creds + launch env are built from it.
-        const { httpHooks, secretManager, env: placeholderEnv } = createHttpHooks(this.hooksConfig.options);
-        const mapping = buildAcpTcpDns(opts.bridgeHost, opts.bridgePort);
-        // Add the guest→host MCP control-plane tunnel into the SAME tcp.hosts record
-        // (the synthetic per-host DNS already resolves both names). Without this the
-        // agent can run inference turns but cannot reach `symphony.transition` — so it
-        // completes work but never transitions state (the gap dogfooding surfaced).
-        if (opts.mcp) {
-            mapping.tcp = {
-                ...mapping.tcp,
-                hosts: { ...mapping.tcp.hosts, ...buildMcpTcpHostEntry(opts.mcp.host, opts.mcp.port) },
-            };
-        }
-        const fakeCreds = await this.buildFakeCreds(opts, placeholderEnv);
-        // Phase 3 enforcement, BEFORE createVm: a credential mount throws here, and the
-        // env is stripped so no real token reaches the guest's boot environment.
-        assertNoCredentialMounts(opts.mounts, opts.mountGuard);
-        const createOpts = this.buildCreateVmOptions(opts, httpHooks, mapping);
-        const vm = await this.vmClient.createVm(createOpts);
-        // Once the VM exists, EVERY subsequent step (register, stage, launch) can
-        // throw — and the handle (the only teardown affordance) has not been returned
-        // yet, so a throw here would strand the VM + the registered manager. Guard the
-        // whole post-createVm bring-up: on any failure close the VM and deregister the
-        // manager (if it got registered), then rethrow. Cleanup reuses the same
-        // idempotent, error-tolerant `teardownDispatch` the handle uses.
-        return this.bringUpOrTeardown(vm, secretManager, fakeCreds, mapping.acpUrl, opts);
-    }
-    /**
-     * Register the secret manager, stage the fake creds, and launch the agent —
-     * tearing the VM down (and deregistering the manager) on any failure so a
-     * post-createVm throw can never leak the VM handle the caller never received.
-     */
-    async bringUpOrTeardown(vm, secretManager, fakeCreds, acpUrl, opts) {
-        let registered = null;
-        try {
-            // Seed + register the manager BEFORE launching the agent so the placeholder's
-            // real value is present before the first egress (the registry seeds value '' →
-            // real token synchronously-after-await). AWAIT it before exec.
-            registered = await this.registerSecretManager(secretManager);
-            // Materialize the bind-mount-trust gitconfig (so in-guest git accepts the
-            // host-owned workspace from its first command — issue 149) PLUS the fake
-            // native creds files PLUS any non-credential runtime files (model/effort
-            // knobs) into the guest BEFORE launching the agent — the placeholder bearer
-            // (a fake) and the effort settings.json must be in place at first read.
-            await this.stageFakeCredsFiles(vm, [guestGitconfigFile(), ...fakeCreds.files, ...(opts.extraGuestFiles ?? [])], opts.workdir);
-            const exec = this.launchAgent(vm, opts, acpUrl, fakeCreds.env);
-            return this.buildHandle(vm, exec, registered, acpUrl, fakeCreds);
-        }
-        catch (err) {
-            // No launch exec yet (or the launch itself threw): close the VM + deregister
-            // the manager (if registration succeeded). teardownDispatch tolerates a null
-            // exec and a null registration, so this is safe at any failure point.
-            await teardownDispatch(vm, null, registered);
-            throw err;
-        }
-    }
-    /**
-     * Build the per-adapter fake native creds + placeholder env from the
-     * placeholder Gondolin minted (`createHttpHooks().env[secretName]`). The
-     * placeholder is used VERBATIM so it byte-matches what Gondolin substitutes at
-     * egress; the real token never appears.
-     */
-    async buildFakeCreds(opts, placeholderEnv) {
-        const secretName = this.hooksConfig.secretName;
-        const placeholder = placeholderEnv[secretName] ?? '';
-        return buildGondolinFakeCreds(this.hooksConfig.adapterId, {
-            placeholder,
-            secretName,
-            opencodeModel: opts.opencodeModel ?? null,
-            hostReaders: opts.hostReaders,
-        });
-    }
-    /**
-     * Write each fake-creds file into the guest via a pre-launch exec. The content
-     * is base64-piped (no shell-quoting hazard for arbitrary JSON) into a
-     * `mkdir -p`'d destination, then chmod'd. Gondolin's programmable VFS could also
-     * host these as mounts, but a write-exec needs no port extension and keeps the
-     * "placeholder-before-launch" ordering enforced-by-construction here. Each write
-     * is awaited so the file exists before `vm-agent.mjs` (and the adapter) starts.
-     */
-    async stageFakeCredsFiles(vm, files, workdir) {
-        for (const f of files) {
-            const exec = vm.exec({
-                command: writeFileCommand(f),
-                workdir,
-                timeoutMs: STAGE_TIMEOUT_MS,
-            });
-            exec.stdin.end();
-            await exec.exit;
-        }
-    }
-    /** Build the enforced `CreateVmOptions`: stripped env, validated mounts, ACP mapping. */
-    buildCreateVmOptions(opts, httpHooks, mapping) {
-        return {
-            imagePath: this.vmConfig.imagePath,
-            cpus: this.vmConfig.cpus,
-            memMib: this.vmConfig.memMib,
-            mounts: opts.mounts,
-            env: stripCredentialEnv(opts.env),
-            httpHooks,
-            tcp: mapping.tcp,
-            dns: mapping.dns,
-            // Per-adapter (credential-secrets spec). Default-deny; codex → true because
-            // codex-acp streams the Responses API over a WS Upgrade. SAFE: Gondolin
-            // substitutes the real token on the (hookable) Upgrade handshake, so the
-            // placeholder never egresses, and the post-101 tunnel reaches only the
-            // allowlisted inference host (a refresh host's upgrade would be blocked). The
-            // proxy-era #127 wss-leak concern does not apply under Gondolin substitution.
-            allowWebSockets: this.hooksConfig.allowWebSockets,
-            sessionLabel: `${SYMPHONY_VM_PREFIX}${opts.identifier}`,
-            workdir: opts.workdir,
-        };
-    }
-    /** Register the VM's secret manager with the host registry; await the seed. */
-    async registerSecretManager(manager) {
-        return this.registry.register({
-            manager,
-            secretName: this.hooksConfig.secretName,
-            adapterId: this.hooksConfig.adapterId,
-        });
-    }
-    /**
-     * Launch the in-VM ACP agent. Stdin is end()ed immediately — ACP frames ride the
-     * TCP bridge, not the exec stdio; the exec channel is a process tether + a
-     * diagnostic-stderr pipe (mirrors launchExecStream + attachStderrTap).
-     */
-    launchAgent(vm, opts, acpUrl, placeholderEnv) {
-        const exec = vm.exec({
-            command: [...VM_AGENT_COMMAND],
-            workdir: opts.workdir,
-            env: this.buildLaunchEnv(opts, acpUrl, placeholderEnv),
-            timeoutMs: null,
-        });
-        exec.stdin.end();
-        this.attachStderrTap(exec, opts.onStderr);
-        return exec;
-    }
-    /**
-     * The launch env the in-VM `vm-agent.mjs` reads to dial back + spawn the adapter.
-     * Runtime env (model/effort/base-url injection) is merged but passed through
-     * `stripCredentialTokenVars` so an adapter injection can never smuggle a real token
-     * into the guest while preserving the non-secret vendor-prefixed config knobs
-     * (`ANTHROPIC_MODEL`, `OPENAI_BASE_URL`, …) the adapter legitimately needs.
-     *
-     * ORDERING (load-bearing): the placeholder bearer (a FAKE value keyed by the
-     * credential var name itself, e.g. `ANTHROPIC_AUTH_TOKEN` / `OPENAI_API_KEY`) is
-     * merged AFTER `stripCredentialTokenVars` — the strip would otherwise drop it as
-     * a `*_TOKEN`/`*_API_KEY` name. Spreading it last means the placeholder survives
-     * the strip while a real token smuggled via `runtimeEnv` (stripped first) cannot.
-     */
-    buildLaunchEnv(opts, acpUrl, placeholderEnv) {
-        return {
-            // PATH first so a non-login exec resolves `node` + the agent CLIs in
-            // `/usr/local/bin` (see GUEST_AGENT_PATH). A runtimeEnv-supplied PATH (rare)
-            // would override it via the spread below.
-            PATH: GUEST_AGENT_PATH,
-            // Point git's GLOBAL config at the staged bind-mount-trust gitconfig so
-            // in-guest git accepts the host-owned workspace from its first command (the
-            // adapter the agent spawns inherits this exec env — see GUEST_GITCONFIG_PATH).
-            // Honored as "global" by the CVE-2022-24765 ownership check and
-            // HOME-independent (this exec sets no HOME). (Issue 149.)
-            GIT_CONFIG_GLOBAL: GUEST_GITCONFIG_PATH,
-            SYMPHONY_ACP_URL: acpUrl,
-            SYMPHONY_ACP_TOKEN: opts.acpToken,
-            SYMPHONY_ADAPTER_BIN: opts.adapterBin,
-            SYMPHONY_ADAPTER_ARGS: JSON.stringify(opts.adapterArgs),
-            ...stripCredentialTokenVars(opts.runtimeEnv),
-            // The placeholder (a fake) is ADDED after the strip — see the ordering note.
-            ...placeholderEnv,
-        };
-    }
-    /**
-     * Pipe the exec's stderr to the caller's sink. Attached before the bridge
-     * handshake so a pre-connect crash (vm-agent missing, malformed env, adapter that
-     * exits during startup) still surfaces.
-     */
-    attachStderrTap(exec, sink) {
-        exec.stderr.setEncoding('utf8');
-        exec.stderr.on('data', (chunk) => {
-            try {
-                sink(chunk);
-            }
-            catch (err) {
-                log.warn('gondolin-dispatch: stderr sink threw', { error: err.message });
-            }
-        });
-    }
-    /** Wrap the live VM + exec + registration into the idempotent teardown handle. */
-    buildHandle(vm, exec, registered, acpUrl, fakeCreds) {
-        let torndown = false;
-        return {
-            vm,
-            exec,
-            acpUrl,
-            fakeCreds,
-            teardown: async () => {
-                if (torndown)
-                    return;
-                torndown = true;
-                await teardownDispatch(vm, exec, registered);
-            },
-        };
-    }
-}
-/**
- * Idempotent, error-tolerant teardown: kill the exec, close the VM, deregister the
- * secret manager. Each step is independently guarded so one failure does not strand
- * the others (mirrors the runner's tearDownSession resilience). `exec` is `null` when
- * teardown runs from a bring-up failure that aborted BEFORE the launch exec was
- * created, and `registered` is `null` when the secret manager never got registered —
- * both are skipped so the partial-bring-up cleanup is safe at any failure point.
- */
-async function teardownDispatch(vm, exec, registered) {
-    if (exec) {
-        try {
-            exec.kill();
-        }
-        catch (err) {
-            log.warn('gondolin-dispatch: exec.kill threw during teardown', {
-                error: err.message,
-            });
-        }
-    }
-    try {
-        await vm.close();
-    }
-    catch (err) {
-        log.warn('gondolin-dispatch: vm.close threw during teardown', {
-            error: err.message,
-        });
-    }
-    if (registered) {
-        try {
-            registered.deregister();
-        }
-        catch (err) {
-            log.warn('gondolin-dispatch: deregister threw during teardown', {
-                error: err.message,
-            });
-        }
-    }
-}
-//# sourceMappingURL=gondolin-dispatch.js.map

package/dist/agent/gondolin-dispatch.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"gondolin-dispatch.js","sourceRoot":"","sources":["../../src/agent/gondolin-dispatch.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,6CAA6C;AAC7C,kFAAkF;AAClF,oFAAoF;AACpF,mFAAmF;AACnF,sEAAsE;AACtE,EAAE;AACF,2EAA2E;AAC3E,2EAA2E;AAC3E,gCAAgC;AAChC,mFAAmF;AACnF,mFAAmF;AACnF,yDAAyD;AACzD,EAAE;AACF,iEAAiE;AACjE,wFAAwF;AACxF,4DAA4D;AAC5D,wFAAwF;AACxF,gFAAgF;AAChF,sFAAsF;AACtF,8CAA8C;AAC9C,6EAA6E;AAC7E,qCAAqC;AAErC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,eAAe,EAAsB,MAAM,0BAA0B,CAAC;AAC/E,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAGpC,OAAO,EACL,kBAAkB,GAMnB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAkB,MAAM,qBAAqB,CAAC;AAC3F,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,wBAAwB,GAEzB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,sBAAsB,GAIvB,MAAM,6BAA6B,CAAC;AAwFrC;;;;;GAKG;AACH,MAAM,gBAAgB,GAAsB,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;AAEnF;;;;;;;;;;;;GAYG;AACH,MAAM,gBAAgB,GAAG,8DAA8D,CAAC;AAExF;;;;;;;;;;;;GAYG;AACH,MAAM,oBAAoB,GAAG,yBAAyB,CAAC;AAEvD;;;;GAIG;AACH,MAAM,uBAAuB,GAAG,2BAA2B,CAAC;AAC5D,MAAM,oBAAoB,GAAG,KAAK,CAAC;AAEnC;;;;GAIG;AACH,SAAS,kBAAkB;IACzB,OAAO;QACL,SAAS,EAAE,oBAAoB;QAC/B,OAAO,EAAE,uBAAuB;QAChC,IAAI,EAAE,oBAAoB;KAC3B,CAAC;AACJ,CAAC;AAED,6EAA6E;AAC7E,MAAM,gBAAgB,GAAG,MAAM,CAAC;AAEhC;;;;;;;GAOG;AACH,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnC,MAAM,MAAM,GACV,aAAa,GAAG,OAAO;QACvB,cAAc,GAAG,oBAAoB,IAAI,CAAC,SAAS,OAAO;QAC1D,SAAS,IAAI,KAAK,IAAI,CAAC,SAAS,GAAG,CAAC;IACtC,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AACnC,CAAC;AAED,uEAAuE;AACvE,SAAS,YAAY,CAAC,CAAS;IAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,GAAG,IAAI,CAAC;QAAE,OAAO,GAAG,CAAC;IACzB,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AACzB,CAAC;AAED;;;;;GAKG;AACH,MAAM,OAAO,kBAAkB;IAEV;IACA;IACA;IACA;IAJnB,YACmB,QAAkB,EAClB,QAAkC,EAClC,WAA+B,EAC/B,QAA0B;QAH1B,aAAQ,GAAR,QAAQ,CAAU;QAClB,aAAQ,GAAR,QAAQ,CAA0B;QAClC,gBAAW,GAAX,WAAW,CAAoB;QAC/B,aAAQ,GAAR,QAAQ,CAAkB;IAC1C,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,IAA6B;QAC1C,qEAAqE;QACrE,wEAAwE;QACxE,+EAA+E;QAC/E,4EAA4E;QAC5E,2EAA2E;QAC3E,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,EAAE,cAAc,EAAE,GAAG,eAAe,CACvE,IAAI,CAAC,WAAW,CAAC,OAAO,CACzB,CAAC;QACF,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACjE,6EAA6E;QAC7E,6EAA6E;QAC7E,+EAA+E;QAC/E,4EAA4E;QAC5E,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,GAAG;gBACZ,GAAG,OAAO,CAAC,GAAG;gBACd,KAAK,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;aACvF,CAAC;QACJ,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QAElE,gFAAgF;QAChF,yEAAyE;QACzE,wBAAwB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAEvE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACpD,0EAA0E;QAC1E,8EAA8E;QAC9E,+EAA+E;QAC/E,+EAA+E;QAC/E,wEAAwE;QACxE,iEAAiE;QACjE,OAAO,IAAI,CAAC,iBAAiB,CAAC,EAAE,EAAE,aAAa,EAAE,SAAS,EAAE,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACpF,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,iBAAiB,CAC7B,EAAY,EACZ,aAA4B,EAC5B,SAA4B,EAC5B,MAAc,EACd,IAA6B;QAE7B,IAAI,UAAU,GAAwB,IAAI,CAAC;QAC3C,IAAI,CAAC;YACH,8EAA8E;YAC9E,+EAA+E;YAC/E,+DAA+D;YAC/D,UAAU,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;YAC7D,0EAA0E;YAC1E,yEAAyE;YACzE,yEAAyE;YACzE,4EAA4E;YAC5E,wEAAwE;YACxE,MAAM,IAAI,CAAC,mBAAmB,CAC5B,EAAE,EACF,CAAC,kBAAkB,EAAE,EAAE,GAAG,SAAS,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,EAC3E,IAAI,CAAC,OAAO,CACb,CAAC;YACF,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACnE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,6EAA6E;YAC7E,6EAA6E;YAC7E,sEAAsE;YACtE,MAAM,gBAAgB,CAAC,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;YAC7C,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,cAAc,CAC1B,IAA6B,EAC7B,cAAsC;QAEtC,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC;QAC/C,MAAM,WAAW,GAAG,cAAc,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACrD,OAAO,sBAAsB,CAAC,IAAI,CAAC,WAAW,CAAC,SAAyB,EAAE;YACxE,WAAW;YACX,UAAU;YACV,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,IAAI;YACzC,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,mBAAmB,CAC/B,EAAY,EACZ,KAA+B,EAC/B,OAAe;QAEf,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;gBAC5B,OAAO;gBACP,SAAS,EAAE,gBAAgB;aAC5B,CAAC,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,IAAI,CAAC;QAClB,CAAC;IACH,CAAC;IAED,yFAAyF;IACjF,oBAAoB,CAC1B,IAA6B,EAC7B,SAAuC,EACvC,OAAkB;QAElB,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;YAClC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;YACxB,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;YAC5B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,GAAG,EAAE,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;YACjC,SAAS;YACT,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,4EAA4E;YAC5E,wEAAwE;YACxE,yEAAyE;YACzE,uEAAuE;YACvE,8EAA8E;YAC9E,8EAA8E;YAC9E,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,eAAe;YACjD,YAAY,EAAE,GAAG,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE;YACvD,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC;IACJ,CAAC;IAED,+EAA+E;IACvE,KAAK,CAAC,qBAAqB,CAAC,OAAsB;QACxD,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC5B,OAAO;YACP,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,UAAU;YACvC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,SAAyB;SACtD,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACK,WAAW,CACjB,EAAY,EACZ,IAA6B,EAC7B,MAAc,EACd,cAAsC;QAEtC,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,CAAC,GAAG,gBAAgB,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,cAAc,CAAC;YACtD,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;;;;;OAYG;IACK,cAAc,CACpB,IAA6B,EAC7B,MAAc,EACd,cAAsC;QAEtC,OAAO;YACL,qEAAqE;YACrE,6EAA6E;YAC7E,0CAA0C;YAC1C,IAAI,EAAE,gBAAgB;YACtB,wEAAwE;YACxE,4EAA4E;YAC5E,+EAA+E;YAC/E,gEAAgE;YAChE,0DAA0D;YAC1D,iBAAiB,EAAE,oBAAoB;YACvC,gBAAgB,EAAE,MAAM;YACxB,kBAAkB,EAAE,IAAI,CAAC,QAAQ;YACjC,oBAAoB,EAAE,IAAI,CAAC,UAAU;YACrC,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;YACvD,GAAG,wBAAwB,CAAC,IAAI,CAAC,UAAU,CAAC;YAC5C,6EAA6E;YAC7E,GAAG,cAAc;SAClB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACK,eAAe,CAAC,IAAY,EAAE,IAAgB;QACpD,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,IAAI,CAAC;gBACH,IAAI,CAAC,KAAK,CAAC,CAAC;YACd,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACtF,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,kFAAkF;IAC1E,WAAW,CACjB,EAAY,EACZ,IAAY,EACZ,UAAwB,EACxB,MAAc,EACd,SAA4B;QAE5B,IAAI,QAAQ,GAAG,KAAK,CAAC;QACrB,OAAO;YACL,EAAE;YACF,IAAI;YACJ,MAAM;YACN,SAAS;YACT,QAAQ,EAAE,KAAK,IAAI,EAAE;gBACnB,IAAI,QAAQ;oBAAE,OAAO;gBACrB,QAAQ,GAAG,IAAI,CAAC;gBAChB,MAAM,gBAAgB,CAAC,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;YAC/C,CAAC;SACF,CAAC;IACJ,CAAC;CACF;AAED;;;;;;;GAOG;AACH,KAAK,UAAU,gBAAgB,CAC7B,EAAY,EACZ,IAAmB,EACnB,UAA+B;IAE/B,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,IAAI,CAAC,oDAAoD,EAAE;gBAC7D,KAAK,EAAG,GAAa,CAAC,OAAO;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,mDAAmD,EAAE;YAC5D,KAAK,EAAG,GAAa,CAAC,OAAO;SAC9B,CAAC,CAAC;IACL,CAAC;IACD,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC;YACH,UAAU,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,IAAI,CAAC,qDAAqD,EAAE;gBAC9D,KAAK,EAAG,GAAa,CAAC,OAAO;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/agent/gondolin.js DELETED Viewed

@@ -1,124 +0,0 @@
-// GondolinVmClient — concrete VM-substrate adapter over `@earendil-works/gondolin`.
-//
-// Implements the `vm-port.ts` contract. Thin by design: `createVm` → `VM.create`
-// (host mounts become `RealFSProvider`/`ReadonlyProvider` VFS entries), the
-// handle's `exec` → `vm.exec` (piped stdio + an `AbortController` standing in
-// for the VM port's `kill()`), `close` → `vm.close`, and `listSessions`/`gc`
-// → Gondolin's session registry. No domain imports (hexagonal `adapters↛inward`).
-//
-// Phase 0: added but not yet wired into the runner/reconciler — that is Phase 1+.
-import { VM, RealFSProvider, ReadonlyProvider, listSessions as gondolinListSessions, gcSessions, } from '@earendil-works/gondolin';
-import { VmProcessRegistry } from './vm-process-registry.js';
-class GondolinVmHandle {
-    vm;
-    onClose;
-    /**
-     * `onClose` deregisters this VM from the client's process registry after a
-     * clean `close()` (which has already torn down qemu). Defaults to a no-op so
-     * the handle can be constructed without a registry in tests.
-     */
-    constructor(vm, onClose = () => undefined) {
-        this.vm = vm;
-        this.onClose = onClose;
-    }
-    get id() {
-        return this.vm.id;
-    }
-    exec(opts) {
-        // Gondolin has no `proc.kill()`; aborting the signal passed to `exec` is the
-        // teardown path, so the handle owns the controller.
-        const ac = new AbortController();
-        const proc = this.vm.exec(opts.command, {
-            cwd: opts.workdir ?? undefined,
-            env: opts.env,
-            stdin: true,
-            stdout: 'pipe',
-            stderr: 'pipe',
-            signal: ac.signal,
-        });
-        const stdout = proc.stdout;
-        const stderr = proc.stderr;
-        if (!stdout || !stderr) {
-            throw new Error('gondolin exec did not expose piped stdout/stderr');
-        }
-        let killed = false;
-        return {
-            stdin: {
-                write: (chunk) => proc.write(chunk),
-                end: () => proc.end(),
-            },
-            stdout,
-            stderr,
-            pid: this.vm.getHostPid() ?? undefined,
-            exit: proc.result.then((r) => ({ code: r.exitCode, signal: r.signal ?? null })),
-            kill: () => {
-                if (killed)
-                    return;
-                killed = true;
-                try {
-                    ac.abort();
-                }
-                catch {
-                    // idempotent — already aborted / process gone
-                }
-            },
-        };
-    }
-    async close() {
-        // Deregister only after a clean close. If `close()` throws, the VM stays
-        // tracked so the force-quit backstop (`killAllVms`) can still SIGKILL its
-        // backing qemu — a teardown that failed must not leave an orphan.
-        await this.vm.close();
-        this.onClose();
-    }
-}
-export class GondolinVmClient {
-    // Tracks the backing host (qemu) process of every live VM so a forced exit can
-    // SIGKILL them before `process.exit` (issue 152). Each qemu is a direct child
-    // of this in-process orchestrator; the session registry only knows our own
-    // pid, so this is the sole reliable handle on the backing process.
-    procRegistry;
-    constructor(opts = {}) {
-        this.procRegistry = new VmProcessRegistry(opts);
-    }
-    async createVm(opts) {
-        const mounts = {};
-        for (const m of opts.mounts) {
-            const provider = new RealFSProvider(m.host);
-            mounts[m.guest] = m.readonly ? new ReadonlyProvider(provider) : provider;
-        }
-        const options = {
-            sandbox: { imagePath: opts.imagePath },
-            cpus: opts.cpus,
-            memory: `${opts.memMib}M`,
-            env: opts.env,
-            vfs: { mounts },
-            httpHooks: opts.httpHooks,
-            tcp: opts.tcp,
-            dns: opts.dns,
-            allowWebSockets: opts.allowWebSockets,
-            sessionLabel: opts.sessionLabel,
-        };
-        const vm = await VM.create(options);
-        const deregister = this.procRegistry.track(vm);
-        return new GondolinVmHandle(vm, deregister);
-    }
-    /** @see VmClient.killAllVms — synchronous, best-effort qemu reap on forced exit. */
-    killAllVms() {
-        return this.procRegistry.killAll();
-    }
-    async listSessions() {
-        const sessions = await gondolinListSessions();
-        return sessions.map((s) => ({
-            id: s.id,
-            pid: s.pid,
-            label: s.label,
-            alive: s.alive,
-            createdAt: s.createdAt,
-        }));
-    }
-    async gc() {
-        return gcSessions();
-    }
-}
-//# sourceMappingURL=gondolin.js.map

package/dist/agent/gondolin.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"gondolin.js","sourceRoot":"","sources":["../../src/agent/gondolin.ts"],"names":[],"mappings":"AAAA,oFAAoF;AACpF,EAAE;AACF,iFAAiF;AACjF,4EAA4E;AAC5E,8EAA8E;AAC9E,6EAA6E;AAC7E,kFAAkF;AAClF,EAAE;AACF,kFAAkF;AAGlF,OAAO,EACL,EAAE,EACF,cAAc,EACd,gBAAgB,EAChB,YAAY,IAAI,oBAAoB,EACpC,UAAU,GAGX,MAAM,0BAA0B,CAAC;AASlC,OAAO,EAAE,iBAAiB,EAAiC,MAAM,0BAA0B,CAAC;AAE5F,MAAM,gBAAgB;IAOD;IACA;IAPnB;;;;OAIG;IACH,YACmB,EAAM,EACN,UAAsB,GAAG,EAAE,CAAC,SAAS;QADrC,OAAE,GAAF,EAAE,CAAI;QACN,YAAO,GAAP,OAAO,CAA8B;IACrD,CAAC;IAEJ,IAAI,EAAE;QACJ,OAAO,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;IACpB,CAAC;IAED,IAAI,CAAC,IAAmB;QACtB,6EAA6E;QAC7E,oDAAoD;QACpD,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACtC,GAAG,EAAE,IAAI,CAAC,OAAO,IAAI,SAAS;YAC9B,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI;YACX,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,EAAE,CAAC,MAAM;SAClB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,OAAO;YACL,KAAK,EAAE;gBACL,KAAK,EAAE,CAAC,KAAsB,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;gBACpD,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;aACtB;YACD,MAAM;YACN,MAAM;YACN,GAAG,EAAE,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,SAAS;YACtC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;YAC/E,IAAI,EAAE,GAAG,EAAE;gBACT,IAAI,MAAM;oBAAE,OAAO;gBACnB,MAAM,GAAG,IAAI,CAAC;gBACd,IAAI,CAAC;oBACH,EAAE,CAAC,KAAK,EAAE,CAAC;gBACb,CAAC;gBAAC,MAAM,CAAC;oBACP,8CAA8C;gBAChD,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK;QACT,yEAAyE;QACzE,0EAA0E;QAC1E,kEAAkE;QAClE,MAAM,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;CACF;AAED,MAAM,OAAO,gBAAgB;IAC3B,+EAA+E;IAC/E,8EAA8E;IAC9E,2EAA2E;IAC3E,mEAAmE;IAClD,YAAY,CAAoB;IAEjD,YAAY,OAAiC,EAAE;QAC7C,IAAI,CAAC,YAAY,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,IAAqB;QAClC,MAAM,MAAM,GAAoC,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,IAAI,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC5C,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;QAC3E,CAAC;QACD,MAAM,OAAO,GAAc;YACzB,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE;YACtC,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,GAAG;YACzB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,EAAE,MAAM,EAAE;YACf,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;QACF,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC/C,OAAO,IAAI,gBAAgB,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;IAC9C,CAAC;IAED,oFAAoF;IACpF,UAAU;QACR,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,QAAQ,GAAG,MAAM,oBAAoB,EAAE,CAAC;QAC9C,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1B,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,KAAK,CAAC,EAAE;QACN,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;CACF"}

package/dist/agent/runner-decisions.js DELETED Viewed

@@ -1,134 +0,0 @@
-// Pure decisions extracted from `runAttempt` / its cleanup closure (issues 62, 103).
-// The runner remains the imperative shell that drives ports (the Gondolin VM, bridge,
-// tracker, typed actions); each helper here takes a snapshot of shell state and
-// returns the next decision so branches can be unit tested without spinning
-// up a VM or a workspace. Everything in this module is deterministic and
-// side-effect free.
-/**
- * Collapse the three failure channels into one AttemptOutcome.
- * Precedence: agentFailure > non-routed terminal-action failure > success.
- * The non-routed action failure case fronts a `state action failed: ` prefix
- * so the orchestrator (and any downstream `reason`-keyed dashboard logic)
- * can tell apart "the agent itself failed" from "the post-agent push/PR
- * step failed". Silently treating a failed push as success was the prior
- * bug this contract closes.
- */
-export function decideAttemptOutcome(input) {
-    if (input.agentFailure !== null) {
-        return {
-            ok: false,
-            reason: input.agentFailure,
-            threadId: input.sessionId,
-            turnsCompleted: input.turnsCompleted,
-        };
-    }
-    if (input.nonRoutedActionFailureReason !== null) {
-        return {
-            ok: false,
-            reason: `state action failed: ${input.nonRoutedActionFailureReason}`,
-            threadId: input.sessionId,
-            turnsCompleted: input.turnsCompleted,
-        };
-    }
-    return {
-        ok: true,
-        reason: input.lastReason,
-        threadId: input.sessionId,
-        turnsCompleted: input.turnsCompleted,
-    };
-}
-/**
- * Pick which prompt template to render for the next iteration. A pending
- * steering reply trumps everything (the human is in the loop), then the
- * first-turn full prompt, then the bare continuation prompt for later
- * autonomous turns.
- */
-export function selectPromptKind(input) {
-    if (input.pendingSteering)
-        return 'steering';
-    if (input.firstTurn)
-        return 'initial';
-    return 'continuation';
-}
-/**
- * Classify the outcome of a single `runPrompt`. `end_turn` is the happy path.
- * Anything else is a failure UNLESS the agent has called `symphony.transition`
- * (which can race with the adapter's reply): `transitioned` overrides because
- * the work is genuinely done and reconcile may have tripped the cancel signal
- * mid-flight, masking the real reason.
- */
-export function classifyTurnOutcome(input) {
-    if (input.outcomeReason === 'end_turn')
-        return { kind: 'success' };
-    if (input.transitioned)
-        return { kind: 'agent_transitioned' };
-    return {
-        kind: 'agent_failure',
-        agentFailure: `agent turn ${input.outcomeReason}: ${input.outcomeMessage}`,
-        reason: input.outcomeReason,
-    };
-}
-/**
- * Decide whether the autonomous loop should run another iteration after a
- * successful `end_turn`. The three break conditions, in order: the tracker
- * lost the issue (file deleted out from under us), the issue moved to an
- * inactive state (terminal, holding, or routed elsewhere), or the per-state
- * `max_turns` budget is spent.
- */
-export function decideTurnContinuation(input) {
-    if (input.refreshedIssue === null)
-        return { kind: 'break', reason: 'issue_no_longer_present' };
-    if (!input.activeStates.has(input.refreshedIssue.state.toLowerCase())) {
-        return { kind: 'break', reason: 'issue_no_longer_active' };
-    }
-    if (input.autonomousTurns >= input.maxTurns) {
-        return { kind: 'break', reason: 'max_turns_reached' };
-    }
-    return { kind: 'continue' };
-}
-/**
- * Map a `RunningEntry` snapshot + optional staged SYMPHONY_* env into the
- * `ActionContext` the actions executor consumes. Mirrors the prior inline
- * fallback chain in `buildActionContext` so a Done state reads `$branch` from
- * the action template namespace (the staged SYMPHONY_* env feeds the fallbacks).
- *
- * Lifting the ternary fallbacks here drops `buildActionContext`'s
- * complexity from 14 to 1 (single pass-through call), letting the shell
- * stay under the imperative-shell budget.
- */
-/**
- * Compute the VM boot env from the `forward_env` list, dropping `omitVar` when
- * set. `omitVar` lets a caller exclude a single var from the forwarded set; the
- * runner now strips every credential-bearing var uniformly via
- * `stripCredentialEnv` (the guest holds only a placeholder Gondolin substitutes
- * at egress), so it passes `undefined` here. `readEnv` is injected so this stays
- * deterministic and unit-testable.
- */
-export function computeForwardedEnv(forwardList, omitVar, readEnv) {
-    const env = {};
-    for (const k of forwardList) {
-        if (k === omitVar)
-            continue;
-        const v = readEnv(k);
-        if (v && v.length > 0)
-            env[k] = v;
-    }
-    return env;
-}
-export function deriveActionContext(input) {
-    const trimmedTitle = input.issueTitle.trim();
-    const defaultPrTitle = trimmedTitle.length > 0 ? `${input.issueId}: ${trimmedTitle}` : input.issueId;
-    const repoEnv = input.repoEnv;
-    return {
-        identifier: input.identifier,
-        workspace: input.workspacePath,
-        branch: input.extraEnv?.SYMPHONY_BRANCH ?? `agent/${input.identifier}`,
-        base_branch: input.extraEnv?.SYMPHONY_BASE_BRANCH ?? 'main',
-        issue_title: input.issueTitle,
-        issue_body: input.issueDescription ?? '',
-        repo: repoEnv && repoEnv.length > 0 ? repoEnv : null,
-        pr_title: input.extraEnv?.SYMPHONY_PR_TITLE ?? defaultPrTitle,
-        pr_body_file: input.extraEnv?.SYMPHONY_PR_BODY_FILE ?? '',
-    };
-}
-//# sourceMappingURL=runner-decisions.js.map

package/dist/agent/runner-decisions.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"runner-decisions.js","sourceRoot":"","sources":["../../src/agent/runner-decisions.ts"],"names":[],"mappings":"AAAA,qFAAqF;AACrF,sFAAsF;AACtF,gFAAgF;AAChF,4EAA4E;AAC5E,yEAAyE;AACzE,oBAAoB;AAoBpB;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAA0B;IAC7D,IAAI,KAAK,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;QAChC,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,KAAK,CAAC,YAAY;YAC1B,QAAQ,EAAE,KAAK,CAAC,SAAS;YACzB,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,4BAA4B,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,wBAAwB,KAAK,CAAC,4BAA4B,EAAE;YACpE,QAAQ,EAAE,KAAK,CAAC,SAAS;YACzB,cAAc,EAAE,KAAK,CAAC,cAAc;SACrC,CAAC;IACJ,CAAC;IACD,OAAO;QACL,EAAE,EAAE,IAAI;QACR,MAAM,EAAE,KAAK,CAAC,UAAU;QACxB,QAAQ,EAAE,KAAK,CAAC,SAAS;QACzB,cAAc,EAAE,KAAK,CAAC,cAAc;KACrC,CAAC;AACJ,CAAC;AAaD;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAGhC;IACC,IAAI,KAAK,CAAC,eAAe;QAAE,OAAO,UAAU,CAAC;IAC7C,IAAI,KAAK,CAAC,SAAS;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,cAAc,CAAC;AACxB,CAAC;AAOD;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAInC;IACC,IAAI,KAAK,CAAC,aAAa,KAAK,UAAU;QAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IACnE,IAAI,KAAK,CAAC,YAAY;QAAE,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC;IAC9D,OAAO;QACL,IAAI,EAAE,eAAe;QACrB,YAAY,EAAE,cAAc,KAAK,CAAC,aAAa,KAAK,KAAK,CAAC,cAAc,EAAE;QAC1E,MAAM,EAAE,KAAK,CAAC,aAAa;KAC5B,CAAC;AACJ,CAAC;AAWD;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CAAC,KAKtC;IACC,IAAI,KAAK,CAAC,cAAc,KAAK,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;IAC/F,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QACtE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;IAC7D,CAAC;IACD,IAAI,KAAK,CAAC,eAAe,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC5C,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IACxD,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;AAC9B,CAAC;AAcD;;;;;;;;;GASG;AACH;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,WAA8B,EAC9B,OAA2B,EAC3B,OAA4C;IAE5C,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;QAC5B,IAAI,CAAC,KAAK,OAAO;YAAE,SAAS;QAC5B,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACrB,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAA+B;IACjE,MAAM,YAAY,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;IAC7C,MAAM,cAAc,GAClB,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,KAAK,YAAY,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC;IAChF,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;IAC9B,OAAO;QACL,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,SAAS,EAAE,KAAK,CAAC,aAAa;QAC9B,MAAM,EAAE,KAAK,CAAC,QAAQ,EAAE,eAAe,IAAI,SAAS,KAAK,CAAC,UAAU,EAAE;QACtE,WAAW,EAAE,KAAK,CAAC,QAAQ,EAAE,oBAAoB,IAAI,MAAM;QAC3D,WAAW,EAAE,KAAK,CAAC,UAAU;QAC7B,UAAU,EAAE,KAAK,CAAC,gBAAgB,IAAI,EAAE;QACxC,IAAI,EAAE,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;QACpD,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,iBAAiB,IAAI,cAAc;QAC7D,YAAY,EAAE,KAAK,CAAC,QAAQ,EAAE,qBAAqB,IAAI,EAAE;KAC1D,CAAC;AACJ,CAAC"}