tycono-server 0.1.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (84) hide show
  1. package/bin/cli.js +35 -0
  2. package/bin/server.ts +160 -0
  3. package/package.json +50 -0
  4. package/src/api/package.json +31 -0
  5. package/src/api/src/create-app.ts +90 -0
  6. package/src/api/src/create-server.ts +251 -0
  7. package/src/api/src/engine/agent-loop.ts +738 -0
  8. package/src/api/src/engine/authority-validator.ts +149 -0
  9. package/src/api/src/engine/context-assembler.ts +912 -0
  10. package/src/api/src/engine/index.ts +27 -0
  11. package/src/api/src/engine/knowledge-gate.ts +365 -0
  12. package/src/api/src/engine/llm-adapter.ts +304 -0
  13. package/src/api/src/engine/org-tree.ts +270 -0
  14. package/src/api/src/engine/role-lifecycle.ts +369 -0
  15. package/src/api/src/engine/runners/claude-cli.ts +796 -0
  16. package/src/api/src/engine/runners/direct-api.ts +66 -0
  17. package/src/api/src/engine/runners/index.ts +30 -0
  18. package/src/api/src/engine/runners/types.ts +95 -0
  19. package/src/api/src/engine/skill-template.ts +134 -0
  20. package/src/api/src/engine/tools/definitions.ts +201 -0
  21. package/src/api/src/engine/tools/executor.ts +611 -0
  22. package/src/api/src/routes/active-sessions.ts +134 -0
  23. package/src/api/src/routes/coins.ts +153 -0
  24. package/src/api/src/routes/company.ts +57 -0
  25. package/src/api/src/routes/cost.ts +141 -0
  26. package/src/api/src/routes/engine.ts +220 -0
  27. package/src/api/src/routes/execute.ts +1075 -0
  28. package/src/api/src/routes/git.ts +211 -0
  29. package/src/api/src/routes/knowledge.ts +378 -0
  30. package/src/api/src/routes/operations.ts +309 -0
  31. package/src/api/src/routes/preferences.ts +63 -0
  32. package/src/api/src/routes/presets.ts +123 -0
  33. package/src/api/src/routes/projects.ts +82 -0
  34. package/src/api/src/routes/quests.ts +41 -0
  35. package/src/api/src/routes/roles.ts +112 -0
  36. package/src/api/src/routes/save.ts +152 -0
  37. package/src/api/src/routes/sessions.ts +288 -0
  38. package/src/api/src/routes/setup.ts +437 -0
  39. package/src/api/src/routes/skills.ts +357 -0
  40. package/src/api/src/routes/speech.ts +959 -0
  41. package/src/api/src/routes/supervision.ts +136 -0
  42. package/src/api/src/routes/sync.ts +165 -0
  43. package/src/api/src/server.ts +59 -0
  44. package/src/api/src/services/activity-stream.ts +184 -0
  45. package/src/api/src/services/activity-tracker.ts +115 -0
  46. package/src/api/src/services/claude-md-manager.ts +94 -0
  47. package/src/api/src/services/company-config.ts +115 -0
  48. package/src/api/src/services/database.ts +77 -0
  49. package/src/api/src/services/digest-engine.ts +313 -0
  50. package/src/api/src/services/execution-manager.ts +1036 -0
  51. package/src/api/src/services/file-reader.ts +77 -0
  52. package/src/api/src/services/git-save.ts +614 -0
  53. package/src/api/src/services/job-manager.ts +16 -0
  54. package/src/api/src/services/knowledge-importer.ts +466 -0
  55. package/src/api/src/services/markdown-parser.ts +173 -0
  56. package/src/api/src/services/port-registry.ts +222 -0
  57. package/src/api/src/services/preferences.ts +150 -0
  58. package/src/api/src/services/preset-loader.ts +149 -0
  59. package/src/api/src/services/pricing.ts +34 -0
  60. package/src/api/src/services/scaffold.ts +546 -0
  61. package/src/api/src/services/session-store.ts +340 -0
  62. package/src/api/src/services/supervisor-heartbeat.ts +897 -0
  63. package/src/api/src/services/team-recommender.ts +382 -0
  64. package/src/api/src/services/token-ledger.ts +127 -0
  65. package/src/api/src/services/wave-messages.ts +194 -0
  66. package/src/api/src/services/wave-multiplexer.ts +356 -0
  67. package/src/api/src/services/wave-tracker.ts +359 -0
  68. package/src/api/src/utils/role-level.ts +31 -0
  69. package/src/core/scaffolder.ts +620 -0
  70. package/src/shared/types.ts +224 -0
  71. package/templates/CLAUDE.md.tmpl +239 -0
  72. package/templates/company.md.tmpl +17 -0
  73. package/templates/gitignore.tmpl +28 -0
  74. package/templates/roles.md.tmpl +8 -0
  75. package/templates/skills/_manifest.json +23 -0
  76. package/templates/skills/agent-browser/SKILL.md +159 -0
  77. package/templates/skills/agent-browser/meta.json +19 -0
  78. package/templates/skills/akb-linter/SKILL.md +125 -0
  79. package/templates/skills/akb-linter/meta.json +12 -0
  80. package/templates/skills/knowledge-gate/SKILL.md +120 -0
  81. package/templates/skills/knowledge-gate/meta.json +12 -0
  82. package/templates/teams/agency.json +58 -0
  83. package/templates/teams/research.json +58 -0
  84. package/templates/teams/startup.json +58 -0
package/src/api/src/engine/authority-validator.ts ADDED
@@ -0,0 +1,149 @@
1
+ import { type OrgTree, canDispatchTo, canConsult, getChainOfCommand } from './org-tree.js';
2
+
3
+ /* ─── Types ──────────────────────────────────── */
4
+
5
+ export interface AuthResult {
6
+ allowed: boolean;
7
+ reason: string;
8
+ }
9
+
10
+ /* ─── Validation ─────────────────────────────── */
11
+
12
+ /**
13
+ * Validate whether a source role can dispatch a task to a target role.
14
+ * Returns a detailed result with the reason.
15
+ */
16
+ export function validateDispatch(
17
+ orgTree: OrgTree,
18
+ sourceRole: string,
19
+ targetRole: string,
20
+ ): AuthResult {
21
+ // Self-dispatch not allowed
22
+ if (sourceRole === targetRole) {
23
+ return { allowed: false, reason: `Cannot dispatch to self (${sourceRole})` };
24
+ }
25
+
26
+ // Check source exists
27
+ if (!orgTree.nodes.has(sourceRole) && sourceRole !== 'ceo') {
28
+ return { allowed: false, reason: `Source role not found: ${sourceRole}` };
29
+ }
30
+
31
+ // Check target exists
32
+ if (!orgTree.nodes.has(targetRole)) {
33
+ return { allowed: false, reason: `Target role not found: ${targetRole}` };
34
+ }
35
+
36
+ // Check authority
37
+ if (!canDispatchTo(orgTree, sourceRole, targetRole)) {
38
+ const sourceChain = getChainOfCommand(orgTree, sourceRole).join(' → ');
39
+ const targetChain = getChainOfCommand(orgTree, targetRole).join(' → ');
40
+ return {
41
+ allowed: false,
42
+ reason: `${sourceRole} has no authority over ${targetRole}. ` +
43
+ `Source chain: ${sourceChain}. Target chain: ${targetChain}.`,
44
+ };
45
+ }
46
+
47
+ return { allowed: true, reason: 'Dispatch authorized' };
48
+ }
49
+
50
+ /**
51
+ * Validate whether a source role can consult (ask a question to) a target role.
52
+ * Allowed: peers (same parent), direct manager, or subordinates.
53
+ */
54
+ export function validateConsult(
55
+ orgTree: OrgTree,
56
+ sourceRole: string,
57
+ targetRole: string,
58
+ ): AuthResult {
59
+ if (sourceRole === targetRole) {
60
+ return { allowed: false, reason: `Cannot consult self (${sourceRole})` };
61
+ }
62
+
63
+ if (!orgTree.nodes.has(sourceRole) && sourceRole !== 'ceo') {
64
+ return { allowed: false, reason: `Source role not found: ${sourceRole}` };
65
+ }
66
+
67
+ if (!orgTree.nodes.has(targetRole)) {
68
+ return { allowed: false, reason: `Target role not found: ${targetRole}` };
69
+ }
70
+
71
+ if (!canConsult(orgTree, sourceRole, targetRole)) {
72
+ return {
73
+ allowed: false,
74
+ reason: `${sourceRole} cannot consult ${targetRole}. Only peers (same manager), direct manager, or subordinates are allowed.`,
75
+ };
76
+ }
77
+
78
+ return { allowed: true, reason: 'Consult authorized' };
79
+ }
80
+
81
+ /**
82
+ * Validate whether a role can perform a write operation to a given path.
83
+ * Checks the knowledge.writes scope from role.yaml.
84
+ */
85
+ export function validateWrite(
86
+ orgTree: OrgTree,
87
+ roleId: string,
88
+ filePath: string,
89
+ ): AuthResult {
90
+ const node = orgTree.nodes.get(roleId);
91
+ if (!node) {
92
+ return { allowed: false, reason: `Role not found: ${roleId}` };
93
+ }
94
+
95
+ // CEO can write anywhere
96
+ if (roleId === 'ceo') {
97
+ return { allowed: true, reason: 'CEO has full write access' };
98
+ }
99
+
100
+ // Check if file path matches any write scope
101
+ const normalizedPath = filePath.replace(/^\//, '');
102
+ for (const scope of node.knowledge.writes) {
103
+ const normalizedScope = scope.replace(/\*$/, '').replace(/\/$/, '');
104
+ if (normalizedPath.startsWith(normalizedScope)) {
105
+ return { allowed: true, reason: `Path ${filePath} is within write scope ${scope}` };
106
+ }
107
+ }
108
+
109
+ return {
110
+ allowed: false,
111
+ reason: `${roleId} cannot write to ${filePath}. ` +
112
+ `Allowed write paths: ${node.knowledge.writes.join(', ')}`,
113
+ };
114
+ }
115
+
116
+ /**
117
+ * Validate whether a role can read a given path.
118
+ */
119
+ export function validateRead(
120
+ orgTree: OrgTree,
121
+ roleId: string,
122
+ filePath: string,
123
+ ): AuthResult {
124
+ const node = orgTree.nodes.get(roleId);
125
+ if (!node) {
126
+ return { allowed: false, reason: `Role not found: ${roleId}` };
127
+ }
128
+
129
+ // CEO can read anywhere
130
+ if (roleId === 'ceo') {
131
+ return { allowed: true, reason: 'CEO has full read access' };
132
+ }
133
+
134
+ const normalizedPath = filePath.replace(/^\//, '');
135
+ const allReadable = [...node.knowledge.reads, ...node.knowledge.writes];
136
+
137
+ for (const scope of allReadable) {
138
+ const normalizedScope = scope.replace(/\*$/, '').replace(/\/$/, '');
139
+ if (normalizedPath.startsWith(normalizedScope)) {
140
+ return { allowed: true, reason: `Path ${filePath} is within read scope` };
141
+ }
142
+ }
143
+
144
+ return {
145
+ allowed: false,
146
+ reason: `${roleId} cannot read ${filePath}. ` +
147
+ `Allowed paths: ${allReadable.join(', ')}`,
148
+ };
149
+ }