wispy-cli 0.9.0 → 1.1.0

package/core/server.mjs

@@ -0,0 +1,522 @@
+/**
+ * core/server.mjs — Cloud/Server Mode for Wispy
+ *
+ * HTTP REST API + WebSocket streaming server.
+ * Default: localhost:18790
+ */
+
+import { createServer } from "node:http";
+import path from "node:path";
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { randomBytes, createHmac } from "node:crypto";
+
+import { WISPY_DIR } from "./config.mjs";
+
+const SERVER_CONFIG_FILE = path.join(WISPY_DIR, "server.json");
+const DEFAULT_PORT = 18790;
+const DEFAULT_HOST = "127.0.0.1";
+
+// ── Helpers ───────────────────────────────────────────────────────────────────
+
+function generateToken() {
+  return randomBytes(32).toString("hex");
+}
+
+async function loadOrCreateServerConfig() {
+  try {
+    const raw = await readFile(SERVER_CONFIG_FILE, "utf8");
+    const cfg = JSON.parse(raw);
+    if (!cfg.token) {
+      cfg.token = generateToken();
+      await saveServerConfig(cfg);
+    }
+    return cfg;
+  } catch {
+    const cfg = { token: generateToken(), createdAt: new Date().toISOString() };
+    await saveServerConfig(cfg);
+    return cfg;
+  }
+}
+
+async function saveServerConfig(cfg) {
+  await mkdir(WISPY_DIR, { recursive: true });
+  await writeFile(SERVER_CONFIG_FILE, JSON.stringify(cfg, null, 2) + "\n", "utf8");
+}
+
+function jsonResponse(res, status, data) {
+  const body = JSON.stringify(data);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(body),
+    "Access-Control-Allow-Origin": "*",
+    "Access-Control-Allow-Headers": "Authorization, Content-Type",
+    "Access-Control-Allow-Methods": "GET, POST, DELETE, OPTIONS",
+  });
+  res.end(body);
+}
+
+function errorResponse(res, status, message) {
+  jsonResponse(res, status, { error: message });
+}
+
+async function readBody(req) {
+  return new Promise((resolve, reject) => {
+    let body = "";
+    req.on("data", (chunk) => (body += chunk));
+    req.on("end", () => {
+      try { resolve(body ? JSON.parse(body) : {}); }
+      catch (err) { reject(new Error("Invalid JSON body")); }
+    });
+    req.on("error", reject);
+  });
+}
+
+// ── WispyServer ───────────────────────────────────────────────────────────────
+
+export class WispyServer {
+  constructor(engine, opts = {}) {
+    this.engine = engine;
+    this.opts = opts;
+    this._port = opts.port ?? parseInt(process.env.WISPY_PORT ?? DEFAULT_PORT);
+    this._host = opts.host ?? process.env.WISPY_HOST ?? DEFAULT_HOST;
+    this._token = opts.token ?? process.env.WISPY_SERVER_TOKEN ?? null;
+    this._server = null;
+    this._wsClients = new Map(); // id → { ws, req }
+    this._startTime = null;
+  }
+
+  // ── Lifecycle ─────────────────────────────────────────────────────────────────
+
+  async start() {
+    // Load or create auth token
+    if (!this._token) {
+      const cfg = await loadOrCreateServerConfig();
+      this._token = cfg.token;
+    }
+
+    this._startTime = Date.now();
+    this._server = createServer(this._handleRequest.bind(this));
+
+    // WebSocket upgrade
+    this._server.on("upgrade", this._handleUpgrade.bind(this));
+
+    await new Promise((resolve, reject) => {
+      this._server.listen(this._port, this._host, () => resolve());
+      this._server.on("error", reject);
+    });
+
+    console.log(`🌿 Wispy API server running on http://${this._host}:${this._port}`);
+    console.log(`   Token: ${this._token.slice(0, 8)}...`);
+    console.log(`   WebSocket: ws://${this._host}:${this._port}/ws`);
+  }
+
+  stop() {
+    if (this._server) {
+      this._server.close();
+      this._server = null;
+    }
+    // Close all WebSocket connections
+    for (const [id, client] of this._wsClients) {
+      try { client.socket.destroy(); } catch {}
+    }
+    this._wsClients.clear();
+  }
+
+  get address() {
+    return `http://${this._host}:${this._port}`;
+  }
+
+  // ── Auth ──────────────────────────────────────────────────────────────────────
+
+  _authenticate(req) {
+    if (!this._token) return true; // No auth configured
+    const authHeader = req.headers.authorization ?? "";
+    if (authHeader.startsWith("Bearer ")) {
+      return authHeader.slice(7).trim() === this._token;
+    }
+    // Also allow query param ?token=xxx
+    const url = new URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+    const qToken = url.searchParams.get("token");
+    return qToken === this._token;
+  }
+
+  // ── HTTP Handler ──────────────────────────────────────────────────────────────
+
+  async _handleRequest(req, res) {
+    // CORS preflight
+    if (req.method === "OPTIONS") {
+      res.writeHead(204, {
+        "Access-Control-Allow-Origin": "*",
+        "Access-Control-Allow-Headers": "Authorization, Content-Type",
+        "Access-Control-Allow-Methods": "GET, POST, DELETE, OPTIONS",
+      });
+      res.end();
+      return;
+    }
+
+    const url = new URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+    const pathname = url.pathname;
+
+    // Auth check (skip /api/status for health checks)
+    if (pathname !== "/api/status" && !this._authenticate(req)) {
+      return errorResponse(res, 401, "Unauthorized");
+    }
+
+    try {
+      await this._route(req, res, pathname, url);
+    } catch (err) {
+      errorResponse(res, 500, err.message);
+    }
+  }
+
+  async _route(req, res, pathname, url) {
+    const method = req.method;
+
+    // ── Status ──────────────────────────────────────────────────────────────
+    if (pathname === "/api/status" && method === "GET") {
+      const sessions = this.engine.sessions.list?.() ?? [];
+      return jsonResponse(res, 200, {
+        status: "running",
+        uptime: Math.floor((Date.now() - this._startTime) / 1000),
+        provider: this.engine.provider,
+        model: this.engine.model,
+        sessions: sessions.length,
+        version: "1.1.0",
+      });
+    }
+
+    // ── Chat ────────────────────────────────────────────────────────────────
+    if (pathname === "/api/chat" && method === "POST") {
+      const body = await readBody(req);
+      const { message, sessionId, workstream } = body;
+      if (!message) return errorResponse(res, 400, "message required");
+
+      const result = await this.engine.processMessage(sessionId ?? null, message, {
+        workstream,
+        noSave: false,
+      });
+      return jsonResponse(res, 200, result);
+    }
+
+    // ── Sessions ────────────────────────────────────────────────────────────
+    if (pathname === "/api/sessions" && method === "GET") {
+      const sessions = await this._listSessions();
+      return jsonResponse(res, 200, { sessions });
+    }
+
+    if (pathname.match(/^\/api\/sessions\/([^/]+)$/) && method === "GET") {
+      const id = pathname.split("/")[3];
+      const session = await this._getSession(id);
+      if (!session) return errorResponse(res, 404, "Session not found");
+      return jsonResponse(res, 200, session);
+    }
+
+    if (pathname.match(/^\/api\/sessions\/([^/]+)$/) && method === "DELETE") {
+      const id = pathname.split("/")[3];
+      await this._deleteSession(id);
+      return jsonResponse(res, 200, { success: true });
+    }
+
+    if (pathname.match(/^\/api\/sessions\/([^/]+)\/clear$/) && method === "POST") {
+      const id = pathname.split("/")[3];
+      await this._clearSession(id);
+      return jsonResponse(res, 200, { success: true });
+    }
+
+    // ── Memory ──────────────────────────────────────────────────────────────
+    if (pathname === "/api/memory" && method === "GET") {
+      const memories = await this.engine.memory.list();
+      return jsonResponse(res, 200, { memories });
+    }
+
+    if (pathname === "/api/memory/search" && method === "POST") {
+      const body = await readBody(req);
+      const results = await this.engine.memory.search(body.query ?? "", { limit: body.limit ?? 10 });
+      return jsonResponse(res, 200, { results });
+    }
+
+    if (pathname === "/api/memory" && method === "POST") {
+      const body = await readBody(req);
+      await this.engine.memory.save(body.key, body.content, { title: body.title });
+      return jsonResponse(res, 200, { success: true, key: body.key });
+    }
+
+    // ── Cron ────────────────────────────────────────────────────────────────
+    if (this.engine.cron) {
+      if (pathname === "/api/cron" && method === "GET") {
+        return jsonResponse(res, 200, { jobs: this.engine.cron.list() });
+      }
+
+      if (pathname === "/api/cron" && method === "POST") {
+        const body = await readBody(req);
+        const job = await this.engine.cron.add(body);
+        return jsonResponse(res, 201, { job });
+      }
+
+      if (pathname.match(/^\/api\/cron\/([^/]+)$/) && method === "DELETE") {
+        const id = pathname.split("/")[3];
+        await this.engine.cron.remove(id);
+        return jsonResponse(res, 200, { success: true });
+      }
+
+      if (pathname.match(/^\/api\/cron\/([^/]+)\/run$/) && method === "POST") {
+        const id = pathname.split("/")[3];
+        const result = await this.engine.cron.runNow(id);
+        return jsonResponse(res, 200, result);
+      }
+    }
+
+    // ── Sub-agents ──────────────────────────────────────────────────────────
+    if (pathname === "/api/subagents" && method === "GET") {
+      const result = await this.engine._toolListSubagents();
+      return jsonResponse(res, 200, result);
+    }
+
+    if (pathname === "/api/subagents" && method === "POST") {
+      const body = await readBody(req);
+      const result = await this.engine._toolSpawnSubagent(body);
+      return jsonResponse(res, 201, result);
+    }
+
+    if (pathname.match(/^\/api\/subagents\/([^/]+)$/) && method === "GET") {
+      const id = pathname.split("/")[3];
+      const result = await this.engine._toolGetSubagentResult({ id });
+      if (!result.success) return errorResponse(res, 404, result.error);
+      return jsonResponse(res, 200, result);
+    }
+
+    if (pathname.match(/^\/api\/subagents\/([^/]+)$/) && method === "DELETE") {
+      const id = pathname.split("/")[3];
+      const result = this.engine._toolKillSubagent({ id });
+      return jsonResponse(res, 200, result);
+    }
+
+    // ── Nodes ───────────────────────────────────────────────────────────────
+    if (this.engine.nodes) {
+      if (pathname === "/api/nodes" && method === "GET") {
+        const list = await this.engine.nodes.list();
+        return jsonResponse(res, 200, { nodes: list });
+      }
+
+      if (pathname === "/api/nodes/pair" && method === "POST") {
+        const body = await readBody(req);
+        try {
+          const result = await this.engine.nodes.confirmPair(body.code, {
+            name: body.name,
+            capabilities: body.capabilities ?? [],
+            host: body.host ?? "localhost",
+            port: body.port ?? 18791,
+          });
+          return jsonResponse(res, 200, result);
+        } catch (err) {
+          return errorResponse(res, 400, err.message);
+        }
+      }
+
+      if (pathname.match(/^\/api\/nodes\/([^/]+)$/) && method === "DELETE") {
+        const id = pathname.split("/")[3];
+        try {
+          await this.engine.nodes.remove(id);
+          return jsonResponse(res, 200, { success: true });
+        } catch (err) {
+          return errorResponse(res, 404, err.message);
+        }
+      }
+
+      if (pathname === "/api/nodes/generate-pair-code" && method === "POST") {
+        const code = await this.engine.nodes.generatePairCode();
+        return jsonResponse(res, 200, { code, expiresIn: "1 hour" });
+      }
+
+      if (pathname.match(/^\/api\/nodes\/([^/]+)\/ping$/) && method === "GET") {
+        const id = pathname.split("/")[3];
+        const result = await this.engine.nodes.ping(id);
+        return jsonResponse(res, 200, result);
+      }
+    }
+
+    // ── Audit ───────────────────────────────────────────────────────────────
+    if (pathname === "/api/audit" && method === "GET") {
+      const filter = {};
+      if (url.searchParams.has("session")) filter.sessionId = url.searchParams.get("session");
+      if (url.searchParams.has("type")) filter.type = url.searchParams.get("type");
+      if (url.searchParams.has("tool")) filter.tool = url.searchParams.get("tool");
+      if (url.searchParams.has("limit")) filter.limit = parseInt(url.searchParams.get("limit"));
+      if (url.searchParams.has("today")) filter.date = new Date().toISOString().slice(0, 10);
+
+      if (this.engine.audit) {
+        const events = await this.engine.audit.search(filter);
+        return jsonResponse(res, 200, { events });
+      }
+      return jsonResponse(res, 200, { events: [] });
+    }
+
+    return errorResponse(res, 404, "Not found");
+  }
+
+  // ── Session helpers ────────────────────────────────────────────────────────
+
+  async _listSessions() {
+    try {
+      const { CONVERSATIONS_DIR } = await import("./config.mjs");
+      const { readdir } = await import("node:fs/promises");
+      const files = await readdir(CONVERSATIONS_DIR);
+      return files.filter(f => f.endsWith(".json")).map(f => ({
+        id: f.replace(".json", ""),
+        file: f,
+      }));
+    } catch { return []; }
+  }
+
+  async _getSession(id) {
+    try {
+      const { CONVERSATIONS_DIR } = await import("./config.mjs");
+      const content = await readFile(path.join(CONVERSATIONS_DIR, `${id}.json`), "utf8");
+      return { id, messages: JSON.parse(content) };
+    } catch { return null; }
+  }
+
+  async _deleteSession(id) {
+    try {
+      const { CONVERSATIONS_DIR } = await import("./config.mjs");
+      const { unlink } = await import("node:fs/promises");
+      await unlink(path.join(CONVERSATIONS_DIR, `${id}.json`));
+    } catch {}
+  }
+
+  async _clearSession(id) {
+    try {
+      const { CONVERSATIONS_DIR } = await import("./config.mjs");
+      await writeFile(path.join(CONVERSATIONS_DIR, `${id}.json`), "[]", "utf8");
+    } catch {}
+  }
+
+  // ── WebSocket handler ─────────────────────────────────────────────────────
+
+  _handleUpgrade(req, socket, head) {
+    const url = new URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+    if (url.pathname !== "/ws") {
+      socket.destroy();
+      return;
+    }
+
+    // Auth check for WS
+    if (!this._authenticate(req)) {
+      socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n");
+      socket.destroy();
+      return;
+    }
+
+    // Simple WebSocket handshake
+    const key = req.headers["sec-websocket-key"];
+    if (!key) { socket.destroy(); return; }
+
+    this._doWsHandshake(socket, key, req);
+  }
+
+  async _doWsHandshake(socket, key, req) {
+    try {
+      const { createHash } = await import("node:crypto");
+      const MAGIC = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
+      const accept = createHash("sha1")
+        .update(key + MAGIC)
+        .digest("base64");
+
+      socket.write(
+        "HTTP/1.1 101 Switching Protocols\r\n" +
+        "Upgrade: websocket\r\n" +
+        "Connection: Upgrade\r\n" +
+        `Sec-WebSocket-Accept: ${accept}\r\n\r\n`
+      );
+
+      const clientId = randomBytes(8).toString("hex");
+      const client = { id: clientId, socket, sessionId: null };
+      this._wsClients.set(clientId, client);
+
+      socket.on("data", (data) => this._handleWsData(clientId, data));
+      socket.on("close", () => this._wsClients.delete(clientId));
+      socket.on("error", () => this._wsClients.delete(clientId));
+    } catch (err) {
+      socket.destroy();
+    }
+  }
+
+  _handleWsData(clientId, data) {
+    const client = this._wsClients.get(clientId);
+    if (!client) return;
+
+    try {
+      const msg = this._parseWsFrame(data);
+      if (!msg) return;
+      const parsed = JSON.parse(msg);
+      this._handleWsMessage(clientId, parsed);
+    } catch {}
+  }
+
+  _parseWsFrame(data) {
+    if (data.length < 2) return null;
+    const opcode = data[0] & 0x0f;
+    if (opcode === 8) return null; // Close frame
+    if (opcode !== 1) return null; // Only text frames
+
+    const masked = !!(data[1] & 0x80);
+    let payloadLen = data[1] & 0x7f;
+    let offset = 2;
+
+    if (payloadLen === 126) { payloadLen = data.readUInt16BE(2); offset = 4; }
+    else if (payloadLen === 127) { payloadLen = Number(data.readBigUInt64BE(2)); offset = 10; }
+
+    if (masked) {
+      const mask = data.slice(offset, offset + 4);
+      offset += 4;
+      const payload = Buffer.allocUnsafe(payloadLen);
+      for (let i = 0; i < payloadLen; i++) {
+        payload[i] = data[offset + i] ^ mask[i % 4];
+      }
+      return payload.toString("utf8");
+    }
+    return data.slice(offset, offset + payloadLen).toString("utf8");
+  }
+
+  _sendWsFrame(socket, text) {
+    const payload = Buffer.from(text, "utf8");
+    const header = Buffer.allocUnsafe(payload.length < 126 ? 2 : 4);
+    header[0] = 0x81; // FIN + text
+    if (payload.length < 126) {
+      header[1] = payload.length;
+      socket.write(Buffer.concat([header, payload]));
+    } else if (payload.length < 65536) {
+      header[1] = 126;
+      header.writeUInt16BE(payload.length, 2);
+      socket.write(Buffer.concat([header.slice(0, 4), payload]));
+    } else {
+      // Large payload — just write text, not handling 64bit length here
+      socket.write(Buffer.concat([header, payload]));
+    }
+  }
+
+  async _handleWsMessage(clientId, msg) {
+    const client = this._wsClients.get(clientId);
+    if (!client) return;
+
+    if (msg.type === "chat") {
+      const sessionId = msg.sessionId ?? client.sessionId;
+      client.sessionId = sessionId;
+
+      const send = (obj) => {
+        try { this._sendWsFrame(client.socket, JSON.stringify(obj)); } catch {}
+      };
+
+      try {
+        await this.engine.processMessage(sessionId, msg.message, {
+          onChunk: (chunk) => send({ type: "chunk", content: chunk }),
+          onToolCall: (name, args) => send({ type: "tool_call", name, args }),
+        });
+        // Engine doesn't return full text via onChunk, so send done
+        send({ type: "done", sessionId });
+      } catch (err) {
+        send({ type: "error", message: err.message });
+      }
+    }
+  }
+}

package/core/session.mjs

@@ -127,12 +127,24 @@ export class SessionManager {
 
   /**
    * Load a session from disk.
+   * Returns null if file doesn't exist or is corrupted.
    */
   async load(id) {
     const filePath = path.join(SESSIONS_DIR, `${id}.json`);
     try {
       const raw = await readFile(filePath, "utf8");
-      const data = JSON.parse(raw);
+      let data;
+      try {
+        data = JSON.parse(raw);
+      } catch {
+        // Corrupted JSON — treat as missing
+        console.error(`[wispy] Session file corrupted (id: ${id}), starting fresh.`);
+        return null;
+      }
+      // Validate required fields
+      if (!data || typeof data !== "object" || !data.id) {
+        return null;
+      }
       const session = new Session(data);
       this._sessions.set(id, session);
       if (session.channel && session.chatId) {

package/core/subagents.mjs

@@ -182,9 +182,19 @@ Reply in the same language as the task. Sign off with 🌿.`;
         messages.push({ role: "assistant", toolCalls: result.calls, content: "" });
 
         for (const call of result.calls) {
-          const toolResult = await this._engine._executeTool(
-            call.name, call.args, messages, session, {}
-          );
+          let toolResult;
+          try {
+            // Enforce per-tool timeout of 60s to prevent runaway tools
+            const TOOL_TIMEOUT_MS = 60_000;
+            toolResult = await Promise.race([
+              this._engine._executeTool(call.name, call.args, messages, session, {}),
+              new Promise((_, reject) =>
+                setTimeout(() => reject(new Error(`Tool '${call.name}' timed out`)), TOOL_TIMEOUT_MS)
+              ),
+            ]);
+          } catch (err) {
+            toolResult = { error: err.message, success: false };
+          }
           messages.push({
             role: "tool_result",
             toolName: call.name,

package/lib/wispy-repl.mjs

@@ -336,6 +336,12 @@ ${bold("Sub-agent Commands (v0.9):")}
   ${cyan("/agent")} <id>        Show sub-agent details and result
   ${cyan("/kill")} <id>         Cancel a running sub-agent
 
+${bold("Permissions & Audit (v1.1):")}
+  ${cyan("/permissions")}       Show current permission policies
+  ${cyan("/permit")} <tool> <level>  Change policy (auto|notify|approve)
+  ${cyan("/audit")}             Show last 10 audit events
+  ${cyan("/replay")}            Replay current session steps
+
   ${cyan("/quit")} or ${cyan("/exit")}    Exit
 `);
     return true;
@@ -686,6 +692,82 @@ ${bold("Sub-agent Commands (v0.9):")}
     return true;
   }
 
+  // ── Permission commands (v1.1) ────────────────────────────────────────────
+
+  if (cmd === "/permissions" || cmd === "/perms") {
+    await engine.permissions.load();
+    console.log(engine.permissions.formatTable());
+    return true;
+  }
+
+  if (cmd === "/permit") {
+    const tool = parts[1];
+    const level = parts[2];
+    if (!tool || !level) {
+      console.log(yellow("Usage: /permit <tool> <auto|notify|approve>"));
+      return true;
+    }
+    try {
+      engine.permissions.setPolicy(tool, level);
+      await engine.permissions.save();
+      console.log(green(`✅ ${tool} → ${level}`));
+    } catch (err) {
+      console.log(red(`Error: ${err.message}`));
+    }
+    return true;
+  }
+
+  // ── Audit commands (v1.1) ─────────────────────────────────────────────────
+
+  if (cmd === "/audit") {
+    const events = await engine.audit.getRecent(10);
+    if (events.length === 0) {
+      console.log(dim("No audit events yet."));
+    } else {
+      console.log(bold(`\n📋 Recent Events (${events.length}):\n`));
+      for (const evt of events) {
+        const ts = new Date(evt.timestamp).toLocaleTimeString();
+        const icons = {
+          tool_call: "🔧", tool_result: "✅", approval_requested: "⚠️ ",
+          approval_granted: "✅", approval_denied: "❌", message_sent: "🌿",
+          message_received: "👤", error: "🚨", subagent_spawned: "🤖",
+        };
+        const icon = icons[evt.type] ?? "•";
+        let detail = evt.tool ? ` ${cyan(evt.tool)}` : (evt.content ? ` ${dim(evt.content.slice(0, 60))}` : "");
+        console.log(`  ${dim(ts)} ${icon} ${evt.type}${detail}`);
+      }
+    }
+    return true;
+  }
+
+  if (cmd === "/replay") {
+    // Replay current session
+    const sessionId = engine.sessions?.list?.()?.find(Boolean)?.id;
+    if (!sessionId) {
+      console.log(dim("No active session to replay."));
+      return true;
+    }
+    const steps = await engine.audit.getReplayTrace(sessionId);
+    if (steps.length === 0) {
+      console.log(dim("No events found for current session."));
+    } else {
+      console.log(bold(`\n🎬 Session Replay: ${dim(sessionId)}\n`));
+      for (const step of steps) {
+        const icons = {
+          user_message: "👤", assistant_message: "🌿", tool_call: "🔧",
+          tool_result: "✅", approval_requested: "⚠️ ", approval_granted: "✅",
+          approval_denied: "❌", subagent_spawned: "🤖",
+        };
+        const icon = icons[step.type] ?? "•";
+        let detail = "";
+        if (step.content) detail = dim(step.content.slice(0, 80));
+        if (step.tool) detail = `${cyan(step.tool)} ${dim(JSON.stringify(step.args ?? {}).slice(0, 50))}`;
+        console.log(`  ${bold(`${step.step}.`)} ${icon} ${detail}`);
+      }
+    }
+    return true;
+  }
+
   if (cmd === "/quit" || cmd === "/exit") {
     console.log(dim(`🌿 Bye! (${engine.providers.formatCost()})`));
     engine.destroy();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wispy-cli",
-  "version": "0.9.0",
+  "version": "1.1.0",
   "description": "🌿 Wispy — AI workspace assistant with multi-agent orchestration and multi-channel bot support",
   "license": "Apache-2.0",
   "author": "Minseo & Poropo",