npm - wispy-cli - Versions diffs - 2.7.10 → 2.7.12 - Mend

wispy-cli 2.7.10 → 2.7.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/core/features.mjs ADDED Viewed

@@ -0,0 +1,225 @@
+/**
+ * core/features.mjs — Feature flag system for Wispy
+ *
+ * Provides a registry of feature flags with stages (stable/experimental/development)
+ * and methods to enable/disable features, persisting state to config.
+ */
+import path from "node:path";
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { WISPY_DIR, CONFIG_PATH, loadConfig, saveConfig } from "./config.mjs";
+/**
+ * Registry of all known features.
+ * @type {Record<string, { stage: "stable"|"experimental"|"development", default: boolean, description: string }>}
+ */
+const FEATURE_REGISTRY = {
+  // ── Stable features ──────────────────────────────────────────────────────
+  smart_routing: {
+    stage: "stable",
+    default: true,
+    description: "Route tasks to optimal models",
+  },
+  task_decomposition: {
+    stage: "stable",
+    default: true,
+    description: "Split complex tasks into parallel subtasks",
+  },
+  loop_detection: {
+    stage: "stable",
+    default: true,
+    description: "Detect and break tool-call loops",
+  },
+  context_compaction: {
+    stage: "stable",
+    default: true,
+    description: "Auto-compact context when approaching token limit",
+  },
+  // ── Experimental features ────────────────────────────────────────────────
+  browser_integration: {
+    stage: "experimental",
+    default: false,
+    description: "Native browser control via local-browser-bridge",
+  },
+  auto_memory: {
+    stage: "experimental",
+    default: false,
+    description: "Auto-extract facts from conversations to memory",
+  },
+  tts: {
+    stage: "experimental",
+    default: false,
+    description: "Text-to-speech output",
+  },
+  // ── Under development ────────────────────────────────────────────────────
+  multi_agent: {
+    stage: "development",
+    default: false,
+    description: "Multi-agent orchestration patterns",
+  },
+  cloud_sync: {
+    stage: "development",
+    default: false,
+    description: "Sync sessions to cloud",
+  },
+  image_generation: {
+    stage: "development",
+    default: false,
+    description: "Generate images from prompts",
+  },
+};
+export class FeatureManager {
+  /**
+   * @param {string} [configPath] - Path to config.json (defaults to ~/.wispy/config.json)
+   */
+  constructor(configPath) {
+    this._configPath = configPath ?? CONFIG_PATH;
+    /** @type {Record<string, boolean>} — cached overrides from config */
+    this._overrides = null;
+  }
+  /**
+   * Load feature overrides from config (lazy, cached per call).
+   * @returns {Promise<Record<string, boolean>>}
+   */
+  async _loadOverrides() {
+    if (this._overrides !== null) return this._overrides;
+    try {
+      const raw = await readFile(this._configPath, "utf8");
+      const cfg = JSON.parse(raw);
+      this._overrides = cfg.features ?? {};
+    } catch {
+      this._overrides = {};
+    }
+    return this._overrides;
+  }
+  /** Invalidate the cache so next read picks up fresh config. */
+  _invalidate() {
+    this._overrides = null;
+  }
+  /**
+   * Check if a feature is enabled.
+   * Config override takes precedence over registry default.
+   * Profile-level features (passed in opts) take precedence over global config.
+   * @param {string} name
+   * @param {Record<string, boolean>} [profileFeatures] - Profile-level overrides
+   * @returns {Promise<boolean>}
+   */
+  async isEnabled(name, profileFeatures = {}) {
+    const reg = FEATURE_REGISTRY[name];
+    if (!reg) return false; // Unknown features are disabled
+    // Profile override first
+    if (name in profileFeatures) return Boolean(profileFeatures[name]);
+    // Config override second
+    const overrides = await this._loadOverrides();
+    if (name in overrides) return Boolean(overrides[name]);
+    // Registry default
+    return reg.default;
+  }
+  /**
+   * Synchronous isEnabled using pre-loaded overrides.
+   * Call _loadOverrides() first if needed.
+   * @param {string} name
+   * @param {Record<string, boolean>} [overrides]
+   * @param {Record<string, boolean>} [profileFeatures]
+   * @returns {boolean}
+   */
+  isEnabledSync(name, overrides = {}, profileFeatures = {}) {
+    const reg = FEATURE_REGISTRY[name];
+    if (!reg) return false;
+    if (name in profileFeatures) return Boolean(profileFeatures[name]);
+    if (name in overrides) return Boolean(overrides[name]);
+    return reg.default;
+  }
+  /**
+   * Enable a feature and persist to config.
+   * @param {string} name
+   */
+  async enable(name) {
+    if (!FEATURE_REGISTRY[name]) {
+      throw new Error(`Unknown feature: "${name}". Use "wispy features" to see available features.`);
+    }
+    const raw = await this._readConfig();
+    if (!raw.features) raw.features = {};
+    raw.features[name] = true;
+    await this._writeConfig(raw);
+    this._invalidate();
+    return { success: true, name, enabled: true };
+  }
+  /**
+   * Disable a feature and persist to config.
+   * @param {string} name
+   */
+  async disable(name) {
+    if (!FEATURE_REGISTRY[name]) {
+      throw new Error(`Unknown feature: "${name}". Use "wispy features" to see available features.`);
+    }
+    const raw = await this._readConfig();
+    if (!raw.features) raw.features = {};
+    raw.features[name] = false;
+    await this._writeConfig(raw);
+    this._invalidate();
+    return { success: true, name, enabled: false };
+  }
+  /**
+   * List all features with their current status.
+   * @returns {Promise<Array<{ name: string, stage: string, enabled: boolean, default: boolean, description: string }>>}
+   */
+  async list() {
+    const overrides = await this._loadOverrides();
+    return Object.entries(FEATURE_REGISTRY).map(([name, meta]) => ({
+      name,
+      stage: meta.stage,
+      enabled: name in overrides ? Boolean(overrides[name]) : meta.default,
+      default: meta.default,
+      description: meta.description,
+    }));
+  }
+  /**
+   * Get the stage of a feature.
+   * @param {string} name
+   * @returns {"stable"|"experimental"|"development"|null}
+   */
+  getStage(name) {
+    return FEATURE_REGISTRY[name]?.stage ?? null;
+  }
+  async _readConfig() {
+    await mkdir(WISPY_DIR, { recursive: true });
+    try {
+      return JSON.parse(await readFile(this._configPath, "utf8"));
+    } catch {
+      return {};
+    }
+  }
+  async _writeConfig(cfg) {
+    await mkdir(WISPY_DIR, { recursive: true });
+    await writeFile(this._configPath, JSON.stringify(cfg, null, 2) + "\n", "utf8");
+  }
+}
+/** Singleton instance */
+let _instance = null;
+/** Get or create the global FeatureManager instance. */
+export function getFeatureManager(configPath) {
+  if (!_instance) _instance = new FeatureManager(configPath);
+  return _instance;
+}
+/** Export the registry for introspection. */
+export { FEATURE_REGISTRY };

package/core/harness.mjs CHANGED Viewed

@@ -13,12 +13,145 @@
  */
 import { EventEmitter } from "node:events";
-import { readFile } from "node:fs/promises";
+import { readFile, writeFile, mkdir } from "node:fs/promises";
 import path from "node:path";
 import os from "node:os";
 import { EVENT_TYPES } from "./audit.mjs";
+// ── Approval gate constants ────────────────────────────────────────────────────
+// Tools that require approval depending on security mode
+const DANGEROUS_TOOLS = new Set([
+  "run_command", "write_file", "file_edit", "delete_file",
+  "spawn_subagent", "browser_navigate",
+]);
+// Tools that ALWAYS require approval (even in yolo mode)
+const ALWAYS_APPROVE = new Set(["delete_file"]);
+// System-path prefixes — writing here requires approval even in balanced mode
+const SYSTEM_PATH_PREFIXES = ["/usr", "/etc", "/System", "/bin", "/sbin", "/Library/LaunchDaemons"];
+const APPROVALS_PATH = path.join(os.homedir(), ".wispy", "approvals.json");
+const DEFAULT_ALLOWLIST = {
+  run_command: ["npm test", "npm run build", "git status", "git diff", "ls"],
+  write_file: [],
+  file_edit: [],
+  delete_file: [],
+  spawn_subagent: [],
+  browser_navigate: [],
+};
+// ── Allowlist manager ─────────────────────────────────────────────────────────
+export class ApprovalAllowlist {
+  constructor() {
+    this._list = null; // lazy load
+  }
+  async _load() {
+    if (this._list !== null) return;
+    try {
+      const raw = await readFile(APPROVALS_PATH, "utf8");
+      this._list = JSON.parse(raw);
+    } catch {
+      this._list = { ...DEFAULT_ALLOWLIST };
+    }
+  }
+  async _save() {
+    await mkdir(path.dirname(APPROVALS_PATH), { recursive: true });
+    await writeFile(APPROVALS_PATH, JSON.stringify(this._list, null, 2) + "\n", "utf8");
+  }
+  async matches(toolName, args) {
+    await this._load();
+    const patterns = this._list[toolName] ?? [];
+    if (patterns.length === 0) return false;
+    // Get a string representation of args for matching
+    const argStr = _getArgString(toolName, args);
+    if (!argStr) return false;
+    return patterns.some(pattern => {
+      // Glob-style: "*" matches everything
+      if (pattern === "*") return true;
+      // Prefix match or exact match
+      if (pattern.endsWith("*")) return argStr.startsWith(pattern.slice(0, -1));
+      return argStr === pattern || argStr.startsWith(pattern);
+    });
+  }
+  async add(toolName, pattern) {
+    await this._load();
+    if (!this._list[toolName]) this._list[toolName] = [];
+    if (!this._list[toolName].includes(pattern)) {
+      this._list[toolName].push(pattern);
+      await this._save();
+    }
+  }
+  async clear() {
+    this._list = {};
+    await this._save();
+  }
+  async reset() {
+    this._list = { ...DEFAULT_ALLOWLIST };
+    await this._save();
+  }
+  async getAll() {
+    await this._load();
+    return { ...this._list };
+  }
+}
+// Singleton allowlist instance
+const globalAllowlist = new ApprovalAllowlist();
+function _getArgString(toolName, args) {
+  if (!args) return "";
+  if (toolName === "run_command") return args.command ?? "";
+  if (toolName === "write_file" || toolName === "file_edit") return args.path ?? "";
+  if (toolName === "delete_file") return args.path ?? "";
+  if (toolName === "browser_navigate") return args.url ?? "";
+  if (toolName === "spawn_subagent") return args.task ?? "";
+  return JSON.stringify(args);
+}
+/**
+ * Determine if a tool+args needs approval based on security mode.
+ * @param {string} toolName
+ * @param {object} args
+ * @param {string} mode - "careful" | "balanced" | "yolo"
+ * @returns {boolean}
+ */
+function _needsApproval(toolName, args, mode) {
+  if (ALWAYS_APPROVE.has(toolName)) return true;
+  if (!DANGEROUS_TOOLS.has(toolName)) return false;
+  if (mode === "careful") return true;
+  if (mode === "balanced") {
+    // Only destructive tools or writes to system paths
+    if (toolName === "delete_file") return true;
+    if (toolName === "write_file" || toolName === "file_edit") {
+      const filePath = args?.path ?? "";
+      const resolved = filePath.replace(/^~/, os.homedir());
+      return SYSTEM_PATH_PREFIXES.some(prefix => resolved.startsWith(prefix));
+    }
+    return false;
+  }
+  // yolo: only ALWAYS_APPROVE (handled above)
+  return false;
+}
+export { globalAllowlist };
 // ── Receipt ────────────────────────────────────────────────────────────────────
 export class Receipt {
@@ -349,6 +482,7 @@ export class Harness extends EventEmitter {
     this.permissions = permissions;
     this.audit = audit;
     this.config = config;
+    this.allowlist = globalAllowlist;
     // Sandbox config per-tool: "preview" | "diff" | null
     this._sandboxModes = {

package/core/index.mjs CHANGED Viewed

@@ -9,7 +9,8 @@ export { SessionManager, Session, sessionManager } from "./session.mjs";
 export { ProviderRegistry } from "./providers.mjs";
 export { ToolRegistry } from "./tools.mjs";
 export { MCPClient, MCPManager, ensureDefaultMcpConfig } from "./mcp.mjs";
-export { loadConfig, saveConfig, detectProvider, isFirstRun, PROVIDERS, WISPY_DIR, CONFIG_PATH, MCP_CONFIG_PATH, SESSIONS_DIR, CONVERSATIONS_DIR, MEMORY_DIR } from "./config.mjs";
+export { loadConfig, saveConfig, loadConfigWithProfile, listProfiles, detectProvider, isFirstRun, PROVIDERS, WISPY_DIR, CONFIG_PATH, MCP_CONFIG_PATH, SESSIONS_DIR, CONVERSATIONS_DIR, MEMORY_DIR } from "./config.mjs";
+export { FeatureManager, getFeatureManager, FEATURE_REGISTRY } from "./features.mjs";
 export { OnboardingWizard, isFirstRun as checkFirstRun, printStatus } from "./onboarding.mjs";
 export { MemoryManager } from "./memory.mjs";
 export { CronManager } from "./cron.mjs";

package/core/loop-detector.mjs ADDED Viewed

@@ -0,0 +1,183 @@
+/**
+ * core/loop-detector.mjs — Tool-call loop detection for Wispy
+ *
+ * Detects four patterns:
+ *   1. Exact repeat: same tool + same args hash 3+ times in window
+ *   2. Oscillation: A→B→A→B pattern (alternating between two calls)
+ *   3. No progress: 5+ tool calls where result hash doesn't change
+ *   4. Error loop: same tool fails 3+ times in a row
+ *
+ * v1.0.0
+ */
+import { createHash } from "node:crypto";
+import { EventEmitter } from "node:events";
+/**
+ * Compute a short hash of any value.
+ */
+function hashValue(value) {
+  if (value === null || value === undefined) return "null";
+  let str;
+  try {
+    str = JSON.stringify(value);
+  } catch {
+    str = String(value);
+  }
+  return createHash("sha1").update(str).digest("hex").slice(0, 16);
+}
+export class LoopDetector extends EventEmitter {
+  /**
+   * @param {object} options
+   * @param {number} options.windowSize  - Look at last N calls (default 10)
+   * @param {number} options.maxRepeats  - Same call N times = loop (default 3)
+   * @param {number} options.maxNoProgress - N calls with no new output = stuck (default 5)
+   */
+  constructor(options = {}) {
+    super();
+    this.windowSize = options.windowSize ?? 10;
+    this.maxRepeats = options.maxRepeats ?? 3;
+    this.maxNoProgress = options.maxNoProgress ?? 5;
+    // Array of { tool, argsHash, resultHash, isError, timestamp }
+    this._history = [];
+    // How many warnings have been emitted (to decide force-break)
+    this._warningCount = 0;
+  }
+  /**
+   * Record a tool call result.
+   * @param {string} toolName
+   * @param {object} args
+   * @param {any} result  - The result (or Error/string on failure)
+   */
+  record(toolName, args, result) {
+    const argsHash = hashValue(args);
+    const isError = (result && typeof result === "object" && result.success === false)
+      || (result instanceof Error);
+    // Use error message as result hash if error, so errors are deduplicated
+    const resultForHash = isError
+      ? (result?.error ?? result?.message ?? "error")
+      : result;
+    const resultHash = hashValue(resultForHash);
+    this._history.push({
+      tool: toolName,
+      argsHash,
+      resultHash,
+      isError,
+      timestamp: Date.now(),
+    });
+    // Keep only the window
+    if (this._history.length > this.windowSize) {
+      this._history = this._history.slice(-this.windowSize);
+    }
+  }
+  /**
+   * Check if the agent is in a loop.
+   * @returns {{ looping: boolean, reason?: string, suggestion?: string, warningCount: number }}
+   */
+  check() {
+    const history = this._history;
+    if (history.length < 2) return { looping: false, warningCount: this._warningCount };
+    // ── 1. Exact repeat: same tool + same args hash N+ times in window ────────
+    const callKey = (e) => `${e.tool}:${e.argsHash}`;
+    const counts = new Map();
+    for (const entry of history) {
+      const key = callKey(entry);
+      counts.set(key, (counts.get(key) ?? 0) + 1);
+    }
+    for (const [key, count] of counts) {
+      if (count >= this.maxRepeats) {
+        const [tool] = key.split(":");
+        this._warningCount++;
+        return {
+          looping: true,
+          reason: `exact_repeat`,
+          tool,
+          count,
+          warningCount: this._warningCount,
+          suggestion: `Loop detected: you've called ${tool} with the same arguments ${count} times. Try a different approach or verify the outcome before retrying.`,
+        };
+      }
+    }
+    // ── 2. Oscillation: A→B→A→B pattern ─────────────────────────────────────
+    if (history.length >= 4) {
+      const last4 = history.slice(-4).map(callKey);
+      // A→B→A→B
+      if (last4[0] === last4[2] && last4[1] === last4[3] && last4[0] !== last4[1]) {
+        const toolA = history[history.length - 4].tool;
+        const toolB = history[history.length - 3].tool;
+        this._warningCount++;
+        return {
+          looping: true,
+          reason: `oscillation`,
+          tool: `${toolA}↔${toolB}`,
+          warningCount: this._warningCount,
+          suggestion: `Loop detected: oscillating between ${toolA} and ${toolB}. These calls aren't making progress. Try a different strategy.`,
+        };
+      }
+    }
+    // ── 3. No progress: N consecutive calls with identical result hash ────────
+    if (history.length >= this.maxNoProgress) {
+      const recent = history.slice(-this.maxNoProgress);
+      const firstHash = recent[0].resultHash;
+      // All results are the same AND none are "null" (null = tool produced nothing)
+      if (firstHash !== "null" && recent.every(e => e.resultHash === firstHash)) {
+        const tool = recent[recent.length - 1].tool;
+        this._warningCount++;
+        return {
+          looping: true,
+          reason: `no_progress`,
+          tool,
+          count: this.maxNoProgress,
+          warningCount: this._warningCount,
+          suggestion: `Loop detected: ${this.maxNoProgress} consecutive tool calls produced identical results. The agent appears to be stuck — try a different approach.`,
+        };
+      }
+    }
+    // ── 4. Error loop: same tool fails 3+ times in a row ─────────────────────
+    if (history.length >= 3) {
+      const recent = history.slice(-3);
+      if (recent.every(e => e.isError && e.tool === recent[0].tool)) {
+        const tool = recent[0].tool;
+        this._warningCount++;
+        return {
+          looping: true,
+          reason: `error_loop`,
+          tool,
+          count: 3,
+          warningCount: this._warningCount,
+          suggestion: `Loop detected: ${tool} has failed 3 times in a row. Stop retrying and try a different approach or report the error.`,
+        };
+      }
+    }
+    return { looping: false, warningCount: this._warningCount };
+  }
+  /**
+   * Reset the detector state (e.g., after user intervention or successful progress).
+   */
+  reset() {
+    this._history = [];
+    this._warningCount = 0;
+  }
+  /**
+   * Returns the number of recorded entries.
+   */
+  get size() {
+    return this._history.length;
+  }
+}