wyrm-mcp 7.2.1 → 7.2.2

package/NOTICE

@@ -1,40 +1,21 @@
 Wyrm — Persistent Memory for AI Agents
 Copyright © 2026 Ghost Protocol (Pvt) Ltd. All rights reserved.
 
-This software ("Wyrm", published as the npm package "wyrm-mcp") and its source
-code, documentation, and associated materials are the original work and
-intellectual property of Ghost Protocol (Pvt) Ltd, Colombo, Sri Lanka.
+Wyrm (published as the npm package "wyrm-mcp") and its source code, documentation,
+and associated materials are the proprietary and confidential property of Ghost
+Protocol (Pvt) Ltd, Colombo, Sri Lanka.
 
-LICENSE — dual-licensed:
+LICENSE: Proprietary — see the LICENSE file. No open-source license is granted for
+this or any version published after 2026-06-14. Versions of "wyrm-mcp" at 7.2.1 and
+earlier were released under AGPL-3.0-or-later, which continues to apply to those
+specific versions only. Use of the official builds and the Wyrm hosted services
+requires a Ghost Protocol account and is governed by the Wyrm Terms of Service.
 
-  1. Open source: GNU Affero General Public License, version 3 or later
-     (AGPL-3.0-or-later). See the LICENSE file for the full terms. Note in
-     particular AGPL section 13: if you run a modified version of this software
-     to provide a network service, you must offer the complete corresponding
-     source code of your modified version to the users of that service.
+Trademarks: "Wyrm", "Ghost Protocol", and the silver-dragon mark are trademarks of
+Ghost Protocol (Pvt) Ltd.
 
-  2. Commercial: a separate, non-copyleft commercial license is available for
-     embedding Wyrm in a closed-source product, or operating it as a managed
-     service without AGPL's source-sharing obligations. Contact:
-     ghosts.lk@proton.me
+Unauthorized copying, modification, reverse engineering, or distribution is
+prohibited and may infringe the copyright, trademark, and other rights of Ghost
+Protocol (Pvt) Ltd.
 
-Official distribution — account required: the official Wyrm builds published by
-Ghost Protocol (the "wyrm-mcp" package on npm and signed releases) and the Wyrm
-hosted services (wyrm.ghosts.lk, mcp.wyrm.ghosts.lk, account.ghosts.lk) require a
-free account and are subject to the Wyrm Terms of Service. The official build
-validates a short-lived, account-bound license locally ("wyrm login"); your
-memory stays on your machine. This account requirement governs the official
-distribution and services — it does not restrict your AGPL rights in the source,
-which remains free to build and run without an account. Circumventing, disabling,
-or removing the activation requirement and redistributing the result under the
-"Wyrm" name or marks is not permitted.
-
-Trademarks: "Wyrm", "Ghost Protocol", and the silver-dragon mark are trademarks
-of Ghost Protocol (Pvt) Ltd. Use of the AGPL license does not grant any
-trademark rights.
-
-Unauthorized copying, reverse engineering to circumvent the license, or
-distribution of derivative works outside the terms above is prohibited and may
-infringe the copyright and other rights of Ghost Protocol (Pvt) Ltd.
-
-Ghost Protocol (Pvt) Ltd · Colombo, Sri Lanka · ghosts.lk · ghosts.lk@proton.me
+Ghost Protocol (Pvt) Ltd · Colombo, Sri Lanka · ghosts.lk · ryan@ghosts.lk

package/dist/activation.js

@@ -1,60 +1 @@
-/**
- * Activation gate for account-required builds.
- *
- * OFF by default in the AGPL source — self-hosters and the test suite are
- * unaffected, and the open-standard (WMP) ecosystem keeps working without an
- * account. The OFFICIAL distribution bakes `WYRM_REQUIRE_ACTIVATION=1`, so the
- * free tier needs a (free) account: `wyrm login` fetches a short-lived,
- * account-bound signed license that's validated locally by license.ts. A
- * suspended account can't refresh, so access lapses at expiry. Memory is local
- * either way — login only ties usage to a revocable identity.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- * @license AGPL-3.0-or-later — dual-licensed; commercial terms: ghosts.lk@proton.me.
- */
-import { getLicenseInfo, selfTestVerifier } from './license.js';
-import { OFFICIAL_BUILD } from './build-flags.js';
-/**
- * Whether the account-required gate is enabled on this build. ON when this is the
- * official published artifact (OFFICIAL_BUILD baked true at release), OR when the
- * operator opts in via WYRM_REQUIRE_ACTIVATION. OFF in AGPL source + tests.
- */
-export const REQUIRE_ACTIVATION = OFFICIAL_BUILD || /^(1|true|yes|on)$/i.test(process.env.WYRM_REQUIRE_ACTIVATION ?? '');
-/**
- * Tamper-evidence: on the official build, verify at load that the license verifier
- * still rejects a forged signature. If it doesn't, someone stubbed the verifier to
- * bypass the gate — so we keep the gate CLOSED regardless of what getLicenseInfo()
- * now claims. A determined forker can remove this too (it's open source) — a
- * deterrent, not a guarantee.
- */
-const TAMPERED = OFFICIAL_BUILD ? !selfTestVerifier().ok : false;
-if (TAMPERED) {
-    try {
-        console.error('Wyrm: integrity self-test FAILED — license verifier tampered; activation gate locked.');
-    }
-    catch { /* noop */ }
-}
-/**
- * True when tool execution is permitted. Always true unless the build requires
- * activation AND no valid (free or paid) account-bound license is loaded.
- * Re-checked live so a mid-session `wyrm login` takes effect without a restart.
- */
-export function activationSatisfied() {
-    if (TAMPERED)
-        return false; // verifier subverted → never satisfy the gate
-    return !REQUIRE_ACTIVATION || getLicenseInfo().valid;
-}
-/** The MCP error result returned for any tool call while activation is unmet. */
-export function activationGateResult() {
-    return {
-        content: [{
-                type: 'text',
-                text: '🔒 Wyrm requires a free account on this build.\n\n'
-                    + 'Run `wyrm login` in your terminal to sign in and activate (free). '
-                    + 'Your memory stays local — login just ties usage to an account so it can be managed.\n\n'
-                    + 'Already logged in? Your activation may have expired — run `wyrm login` again to refresh.',
-            }],
-        isError: true,
-    };
-}
-//# sourceMappingURL=activation.js.map
+import{getLicenseInfo as r,selfTestVerifier as n}from"./license.js";import{OFFICIAL_BUILD as e}from"./build-flags.js";const i=e||/^(1|true|yes|on)$/i.test(process.env.WYRM_REQUIRE_ACTIVATION??""),t=e?!n().ok:!1;if(t)try{console.error("Wyrm: integrity self-test FAILED \u2014 license verifier tampered; activation gate locked.")}catch{}function s(){return t?!1:!i||r().valid}function c(){return{content:[{type:"text",text:"\u{1F512} Wyrm requires a free account on this build.\n\nRun `wyrm login` in your terminal to sign in and activate (free). Your memory stays local \u2014 login just ties usage to an account so it can be managed.\n\nAlready logged in? Your activation may have expired \u2014 run `wyrm login` again to refresh."}],isError:!0}}export{i as REQUIRE_ACTIVATION,c as activationGateResult,s as activationSatisfied};

package/dist/agent-daemon.js

@@ -1,283 +1,6 @@
-/**
- * Agent daemon process manager.
- *
- * Lets an AI client (Claude / Codex / Cursor / etc.) bootstrap, monitor,
- * and tear down the `wyrm-loop` autonomous scheduler without the
- * operator running shell commands. The MCP server can spawn the daemon
- * as a detached background process, write a PID + log file under
- * `~/.wyrm/`, and check liveness on demand.
- *
- * Files (all under `~/.wyrm/`):
- *   wyrm-loop.pid    PID of the running daemon (single-line)
- *   wyrm-loop.log    Stdout/stderr of the daemon (rotated at 1MB)
- *
- * Single-instance guarantee — if a PID file exists and the process is
- * alive, `start()` refuses (no fork-bomb). `restart()` is provided as
- * an explicit operation.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- * @license AGPL-3.0-or-later — dual-licensed; commercial terms: ghosts.lk@proton.me. See LICENSE.
- */
-import { spawn } from 'child_process';
-import { existsSync, readFileSync, writeFileSync, statSync, openSync, closeSync, renameSync, unlinkSync, mkdirSync } from 'fs';
-import { homedir } from 'os';
-import { join, dirname, resolve } from 'path';
-import { fileURLToPath } from 'url';
-const WYRM_DIR = join(homedir(), '.wyrm');
-const PID_FILE = join(WYRM_DIR, 'wyrm-loop.pid');
-const LOG_FILE = join(WYRM_DIR, 'wyrm-loop.log');
-const LOG_FILE_OLD = join(WYRM_DIR, 'wyrm-loop.log.1');
-const MAX_LOG_BYTES = 1_000_000;
-function ensureWyrmDir() {
-    if (!existsSync(WYRM_DIR))
-        mkdirSync(WYRM_DIR, { recursive: true });
-}
-function rotateLogIfLarge() {
-    try {
-        if (existsSync(LOG_FILE) && statSync(LOG_FILE).size > MAX_LOG_BYTES) {
-            if (existsSync(LOG_FILE_OLD))
-                unlinkSync(LOG_FILE_OLD);
-            renameSync(LOG_FILE, LOG_FILE_OLD);
-        }
-    }
-    catch { /* best-effort */ }
-}
-function readPid() {
-    try {
-        const raw = readFileSync(PID_FILE, 'utf-8').trim();
-        const pid = parseInt(raw, 10);
-        return Number.isFinite(pid) && pid > 0 ? pid : null;
-    }
-    catch {
-        return null;
-    }
-}
-function isProcessAlive(pid) {
-    try {
-        // signal 0 doesn't kill; just checks existence + permission
-        process.kill(pid, 0);
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-/** Find the bundled `wyrm-loop` script path. Resolves relative to this
- * module so it works whether installed via npm, run from source, or
- * invoked from a global symlink. */
-function locateLoopBinary() {
-    // 1. import.meta.url → packages/mcp-server/dist/agent-daemon.js
-    try {
-        const here = fileURLToPath(import.meta.url);
-        const candidates = [
-            // installed alongside (dist/wyrm-loop.js)
-            resolve(dirname(here), 'wyrm-loop.js'),
-            // source layout
-            resolve(dirname(here), '..', 'dist', 'wyrm-loop.js'),
-        ];
-        for (const p of candidates) {
-            if (existsSync(p))
-                return p;
-        }
-    }
-    catch { /* fall through */ }
-    // 2. Look in PATH for the `wyrm-loop` binary (set up by `npm install -g`)
-    const pathDirs = (process.env.PATH ?? '').split(':');
-    for (const dir of pathDirs) {
-        const cand = join(dir, 'wyrm-loop');
-        if (existsSync(cand))
-            return cand;
-    }
-    return null;
-}
-export class AgentDaemon {
-    db;
-    constructor(db) {
-        this.db = db;
-    }
-    /** Current daemon status. Always safe to call. */
-    status() {
-        const pid = readPid();
-        const running = pid != null && isProcessAlive(pid);
-        let started_at;
-        let uptime_seconds;
-        try {
-            if (existsSync(PID_FILE)) {
-                const st = statSync(PID_FILE);
-                started_at = st.mtime.toISOString();
-                uptime_seconds = Math.round((Date.now() - st.mtime.getTime()) / 1000);
-            }
-        }
-        catch { /* best-effort */ }
-        // Read latest agent_actions row for "last action" summary
-        let last_action;
-        try {
-            const row = this.db.prepare(`
+import{spawn as E}from"child_process";import{existsSync as l,readFileSync as g,writeFileSync as I,statSync as w,openSync as M,closeSync as h,renameSync as v,unlinkSync as f,mkdirSync as O}from"fs";import{homedir as R}from"os";import{join as d,dirname as S,resolve as k}from"path";import{fileURLToPath as b}from"url";const m=d(R(),".wyrm"),i=d(m,"wyrm-loop.pid"),u=d(m,"wyrm-loop.log"),_=d(m,"wyrm-loop.log.1"),D=1e6;function T(){l(m)||O(m,{recursive:!0})}function C(){try{l(u)&&w(u).size>D&&(l(_)&&f(_),v(u,_))}catch{}}function L(){try{const p=g(i,"utf-8").trim(),t=parseInt(p,10);return Number.isFinite(t)&&t>0?t:null}catch{return null}}function y(p){try{return process.kill(p,0),!0}catch{return!1}}function F(){try{const t=b(import.meta.url),r=[k(S(t),"wyrm-loop.js"),k(S(t),"..","dist","wyrm-loop.js")];for(const n of r)if(l(n))return n}catch{}const p=(process.env.PATH??"").split(":");for(const t of p){const r=d(t,"wyrm-loop");if(l(r))return r}return null}class A{db;constructor(t){this.db=t}status(){const t=L(),r=t!=null&&y(t);let n,a;try{if(l(i)){const s=w(i);n=s.mtime.toISOString(),a=Math.round((Date.now()-s.mtime.getTime())/1e3)}}catch{}let e;try{const s=this.db.prepare(`
         SELECT actor, goal_id, action_kind, summary, result_status, ran_at
         FROM agent_actions ORDER BY id DESC LIMIT 1
-      `).get();
-            if (row)
-                last_action = {
-                    ran_at: row.ran_at, actor: row.actor, goal_id: row.goal_id,
-                    summary: `${row.action_kind}: ${row.summary}`.slice(0, 200),
-                    result_status: row.result_status,
-                };
-        }
-        catch { /* table may not exist on pre-v5 DBs */ }
-        let active_goals = 0;
-        let total_iterations = 0;
-        try {
-            active_goals = this.db.prepare(`SELECT COUNT(*) as c FROM goals WHERE status = 'active'`).get().c;
-            total_iterations = this.db.prepare(`SELECT COALESCE(SUM(iterations_count), 0) as c FROM goals`).get().c;
-        }
-        catch { /* pre-v5 DB */ }
-        return {
-            running,
-            pid: running ? pid : null,
-            pid_file: PID_FILE,
-            log_file: LOG_FILE,
-            started_at: running ? started_at : undefined,
-            uptime_seconds: running ? uptime_seconds : undefined,
-            last_action,
-            active_goals,
-            total_iterations,
-        };
-    }
-    /** Start the daemon. No-op if already running. */
-    start(opts = {}) {
-        ensureWyrmDir();
-        rotateLogIfLarge();
-        const cur = this.status();
-        if (cur.running) {
-            return { ok: true, pid: cur.pid ?? undefined, status: cur };
-        }
-        // Clear stale PID file from a crashed prior run
-        if (existsSync(PID_FILE)) {
-            try {
-                unlinkSync(PID_FILE);
-            }
-            catch { /* ignore */ }
-        }
-        const binary = locateLoopBinary();
-        if (!binary) {
-            return { ok: false, error: 'Could not locate wyrm-loop binary. Run `npm install -g wyrm-mcp` or `npm run build` in packages/mcp-server.' };
-        }
-        const args = ['--interval', String(opts.interval_seconds ?? 600)];
-        if (opts.max_steps)
-            args.push('--max-steps', String(opts.max_steps));
-        if (opts.project_path)
-            args.push('--project', opts.project_path);
-        if (opts.verbose)
-            args.push('--verbose');
-        // Open the log file once, share fd with the child
-        let logFd;
-        try {
-            logFd = openSync(LOG_FILE, 'a');
-        }
-        catch (err) {
-            return { ok: false, error: `Could not open log file ${LOG_FILE}: ${err.message}` };
-        }
-        let child;
-        try {
-            child = spawn('node', [binary, ...args], {
-                detached: true,
-                stdio: ['ignore', logFd, logFd],
-                env: { ...process.env, WYRM_LOOP_LOG: opts.verbose ? '1' : '0' },
-            });
-        }
-        catch (err) {
-            return { ok: false, error: `spawn failed: ${err.message}` };
-        }
-        if (!child.pid) {
-            try {
-                closeSync(logFd);
-            }
-            catch { /* ignore */ }
-            return { ok: false, error: 'spawn returned no PID' };
-        }
-        try {
-            writeFileSync(PID_FILE, String(child.pid), 'utf-8');
-        }
-        catch (err) {
-            // Process is up but we can't track it — kill to keep state consistent
-            try {
-                process.kill(child.pid, 'SIGTERM');
-            }
-            catch { /* ignore */ }
-            try {
-                closeSync(logFd);
-            }
-            catch { /* ignore */ }
-            return { ok: false, error: `Could not write PID file: ${err.message}` };
-        }
-        // Close the parent's copy of the log fd — the child inherits its own
-        // dup via stdio. Without this, every successful spawn leaks one fd in
-        // the parent (the MCP server).
-        try {
-            closeSync(logFd);
-        }
-        catch { /* ignore */ }
-        // unref so this process doesn't wait on the child
-        child.unref();
-        // Brief settle delay so status() reflects the new state
-        return { ok: true, pid: child.pid, status: this.status() };
-    }
-    /** Stop the daemon. Sends SIGTERM, then SIGKILL after a grace period. */
-    async stop(opts = {}) {
-        const pid = readPid();
-        if (pid == null) {
-            return { ok: true, was_running: false };
-        }
-        if (!isProcessAlive(pid)) {
-            // Stale PID file
-            try {
-                unlinkSync(PID_FILE);
-            }
-            catch { /* ignore */ }
-            return { ok: true, was_running: false, pid };
-        }
-        try {
-            process.kill(pid, 'SIGTERM');
-        }
-        catch (err) {
-            return { ok: false, was_running: true, pid, error: `SIGTERM failed: ${err.message}` };
-        }
-        const grace = Math.max(100, Math.min(opts.grace_ms ?? 3000, 30_000));
-        const start = Date.now();
-        while (Date.now() - start < grace) {
-            if (!isProcessAlive(pid))
-                break;
-            await new Promise(r => { setTimeout(r, 100); });
-        }
-        if (isProcessAlive(pid)) {
-            try {
-                process.kill(pid, 'SIGKILL');
-            }
-            catch { /* may already be dead */ }
-        }
-        try {
-            unlinkSync(PID_FILE);
-        }
-        catch { /* ignore */ }
-        return { ok: true, was_running: true, pid };
-    }
-    /** Stop + Start in sequence. */
-    async restart(opts = {}) {
-        await this.stop({ grace_ms: 3000 });
-        return this.start(opts);
-    }
-    /** Read the last N lines of the daemon log. */
-    recentLog(lines = 40) {
-        try {
-            if (!existsSync(LOG_FILE))
-                return '(log file does not exist)';
-            const raw = readFileSync(LOG_FILE, 'utf-8');
-            const all = raw.split('\n');
-            return all.slice(-Math.max(1, Math.min(lines, 1000))).join('\n');
-        }
-        catch (err) {
-            return `(could not read log: ${err.message})`;
-        }
-    }
-}
-//# sourceMappingURL=agent-daemon.js.map
+      `).get();s&&(e={ran_at:s.ran_at,actor:s.actor,goal_id:s.goal_id,summary:`${s.action_kind}: ${s.summary}`.slice(0,200),result_status:s.result_status})}catch{}let o=0,c=0;try{o=this.db.prepare("SELECT COUNT(*) as c FROM goals WHERE status = 'active'").get().c,c=this.db.prepare("SELECT COALESCE(SUM(iterations_count), 0) as c FROM goals").get().c}catch{}return{running:r,pid:r?t:null,pid_file:i,log_file:u,started_at:r?n:void 0,uptime_seconds:r?a:void 0,last_action:e,active_goals:o,total_iterations:c}}start(t={}){T(),C();const r=this.status();if(r.running)return{ok:!0,pid:r.pid??void 0,status:r};if(l(i))try{f(i)}catch{}const n=F();if(!n)return{ok:!1,error:"Could not locate wyrm-loop binary. Run `npm install -g wyrm-mcp` or `npm run build` in packages/mcp-server."};const a=["--interval",String(t.interval_seconds??600)];t.max_steps&&a.push("--max-steps",String(t.max_steps)),t.project_path&&a.push("--project",t.project_path),t.verbose&&a.push("--verbose");let e;try{e=M(u,"a")}catch(c){return{ok:!1,error:`Could not open log file ${u}: ${c.message}`}}let o;try{o=E("node",[n,...a],{detached:!0,stdio:["ignore",e,e],env:{...process.env,WYRM_LOOP_LOG:t.verbose?"1":"0"}})}catch(c){return{ok:!1,error:`spawn failed: ${c.message}`}}if(!o.pid){try{h(e)}catch{}return{ok:!1,error:"spawn returned no PID"}}try{I(i,String(o.pid),"utf-8")}catch(c){try{process.kill(o.pid,"SIGTERM")}catch{}try{h(e)}catch{}return{ok:!1,error:`Could not write PID file: ${c.message}`}}try{h(e)}catch{}return o.unref(),{ok:!0,pid:o.pid,status:this.status()}}async stop(t={}){const r=L();if(r==null)return{ok:!0,was_running:!1};if(!y(r)){try{f(i)}catch{}return{ok:!0,was_running:!1,pid:r}}try{process.kill(r,"SIGTERM")}catch(e){return{ok:!1,was_running:!0,pid:r,error:`SIGTERM failed: ${e.message}`}}const n=Math.max(100,Math.min(t.grace_ms??3e3,3e4)),a=Date.now();for(;Date.now()-a<n&&y(r);)await new Promise(e=>{setTimeout(e,100)});if(y(r))try{process.kill(r,"SIGKILL")}catch{}try{f(i)}catch{}return{ok:!0,was_running:!0,pid:r}}async restart(t={}){return await this.stop({grace_ms:3e3}),this.start(t)}recentLog(t=40){try{return l(u)?g(u,"utf-8").split(`
+`).slice(-Math.max(1,Math.min(t,1e3))).join(`
+`):"(log file does not exist)"}catch(r){return`(could not read log: ${r.message})`}}}export{A as AgentDaemon};