wyrm-mcp 7.2.1 → 7.2.2

package/dist/handlers/resources.js

@@ -1,288 +1 @@
-/**
- * MCP resources — `wyrm://` URI scheme (v7 F4 T034, spec FR-3 context economy).
- *
- * THE CONTEXT-ECONOMY MOVE: big payloads (a project's full truths/failures/
- * quests, the capability inventory, an individual memory artifact) return as
- * LINKS, not inlined bytes. A resource-capable client fetches the body on
- * demand via `resources/read`; a resource-LESS client loses NO data because
- * every hot-path return that emits a `resourceLink` also carries a
- * `detail=full` FALLBACK (the full inline body) — the link is an ADDITIONAL
- * affordance, never a substitution. This module is the single source of truth
- * for the URI grammar, the listing, and the read backends.
- *
- * URI grammar (path-safe, NO network — Article VII):
- *   wyrm://capabilities                  the feature inventory (markdown)
- *   wyrm://stats                         the global DB stats (json)
- *   wyrm://memory/{id}                   one memory artifact by id (json)
- *   wyrm://project/{id}/truths           a project's current ground truths
- *   wyrm://project/{id}/failures         a project's unresolved failures
- *   wyrm://project/{id}/quests           a project's open quests
- *   wyrm://project/{id}/memory           a project's validated artifacts
- *   wyrm://project/{id}/stats            a project's memory stats
- *
- * Every dynamic segment is validated against a strict allowlist before any DB
- * access: project/memory ids are non-negative integers, the leaf is one of a
- * fixed set. A malformed URI yields a clean structured error, never a path
- * escape, never an SQL injection vector (ids are bound params), never a fetch.
- *
- * Article III: zero LLM, zero network, zero clock — a resource read is a pure
- * function of the URI and the local SQLite state.
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- * @license AGPL-3.0-or-later — dual-licensed; commercial terms: ghosts.lk@proton.me. See LICENSE.
- */
-import { getCapabilities, renderCapabilityBriefing } from '../capabilities.js';
-import { decodeCursor } from '../keyset.js';
-/** The single URI scheme. */
-export const WYRM_URI_SCHEME = 'wyrm://';
-/** JSON MIME for structured resource bodies; markdown for the capability prose. */
-const MIME_JSON = 'application/json';
-const MIME_MARKDOWN = 'text/markdown';
-/** The leaf names a project-scoped resource may carry (closed set). */
-const PROJECT_LEAVES = ['truths', 'failures', 'quests', 'memory', 'stats'];
-// ── URI builders (the ONE place a wyrm:// URI is constructed) ────────────────
-export function memoryUri(id) {
-    return `${WYRM_URI_SCHEME}memory/${id}`;
-}
-export function projectUri(projectId, leaf, cursor) {
-    const base = `${WYRM_URI_SCHEME}project/${projectId}/${leaf}`;
-    return cursor ? `${base}?cursor=${cursor}` : base;
-}
-export const CAPABILITIES_URI = `${WYRM_URI_SCHEME}capabilities`;
-export const STATS_URI = `${WYRM_URI_SCHEME}stats`;
-/** Build a resource_link content block. */
-export function resourceLink(uri, name, opts) {
-    return {
-        type: 'resource_link',
-        uri,
-        name,
-        ...(opts?.description ? { description: opts.description } : {}),
-        ...(opts?.mimeType ? { mimeType: opts.mimeType } : {}),
-    };
-}
-/** Non-negative integer, no leading zeros surprise, no sign, ≤ 15 digits. */
-function parseId(segment) {
-    if (!/^\d{1,15}$/.test(segment))
-        return null;
-    const n = Number(segment);
-    return Number.isSafeInteger(n) && n >= 0 ? n : null;
-}
-/**
- * Parse a wyrm:// URI into a typed shape, or null when malformed/unknown.
- * Defensive against path traversal: only the scheme + a fixed grammar of
- * allowlisted segments is accepted; '..', empty segments, extra depth, and any
- * non-grammar leaf all reject. There is NO filesystem and NO network behind a
- * resource read — this guards the DB-query dispatch, not a path open.
- */
-export function parseWyrmUri(uri) {
-    if (typeof uri !== 'string' || !uri.startsWith(WYRM_URI_SCHEME))
-        return null;
-    let rest = uri.slice(WYRM_URI_SCHEME.length);
-    // A single optional `?cursor=<opaque>` query is permitted on the project
-    // listings (v7 F4 T035 keyset pagination). The cursor is base64url (alnum +
-    // '-' '_'); anything else is rejected outright so the query suffix can never
-    // smuggle a traversal/control byte past the path grammar below.
-    let cursor;
-    const q = rest.indexOf('?');
-    if (q >= 0) {
-        const query = rest.slice(q + 1);
-        rest = rest.slice(0, q);
-        const m = /^cursor=([A-Za-z0-9_-]{1,512})$/.exec(query);
-        if (!m)
-            return null;
-        cursor = m[1];
-    }
-    // Reject control chars, traversal, and query/fragment noise outright.
-    if (/[\x00-\x1f\x7f]/.test(rest) || rest.includes('..'))
-        return null;
-    const segs = rest.split('/');
-    if (segs.some((s) => s.length === 0))
-        return null;
-    if (segs.length === 1) {
-        if (cursor !== undefined)
-            return null;
-        if (segs[0] === 'capabilities')
-            return { kind: 'capabilities' };
-        if (segs[0] === 'stats')
-            return { kind: 'stats' };
-        return null;
-    }
-    if (segs.length === 2 && segs[0] === 'memory') {
-        if (cursor !== undefined)
-            return null;
-        const id = parseId(segs[1]);
-        return id === null ? null : { kind: 'memory', id };
-    }
-    if (segs.length === 3 && segs[0] === 'project') {
-        const id = parseId(segs[1]);
-        if (id === null)
-            return null;
-        const leaf = segs[2];
-        if (PROJECT_LEAVES.includes(leaf)) {
-            // Cursor only meaningful on the paginated `memory` leaf; reject it on the
-            // others rather than silently ignoring (strict grammar).
-            if (cursor !== undefined && leaf !== 'memory')
-                return null;
-            return { kind: 'project', id, leaf: leaf, ...(cursor !== undefined ? { cursor } : {}) };
-        }
-        return null;
-    }
-    return null;
-}
-// ── resources/list + resources/templates/list ───────────────────────────────
-/**
- * The static, always-available resources (no project context needed). The
- * project-scoped resources are advertised as TEMPLATES (their id is a
- * parameter), so resources/list stays small and stable while every project's
- * data is still reachable by URI.
- */
-export function listWyrmResources() {
-    return [
-        {
-            uri: CAPABILITIES_URI,
-            name: 'Wyrm capabilities',
-            description: 'Feature inventory + runtime state — what this memory system can do and which tool to reach for. The resource form of wyrm_capabilities.',
-            mimeType: MIME_MARKDOWN,
-        },
-        {
-            uri: STATS_URI,
-            name: 'Wyrm global stats',
-            description: 'Global database stats (projects, sessions, quests, data points, size). The resource form of wyrm_stats.',
-            mimeType: MIME_JSON,
-        },
-    ];
-}
-/** Resource templates for the project-scoped + by-id resources. */
-export function listWyrmResourceTemplates() {
-    return [
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}memory/{id}`,
-            name: 'Memory artifact',
-            description: 'A single memory artifact (lesson/pattern/anti-pattern/heuristic/reasoning trace) by id.',
-            mimeType: MIME_JSON,
-        },
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}project/{id}/truths`,
-            name: 'Project ground truths',
-            description: "A project's current ground truths (the authoritative facts).",
-            mimeType: MIME_JSON,
-        },
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}project/{id}/failures`,
-            name: 'Project failures',
-            description: "A project's unresolved failure patterns (the negative-learning set).",
-            mimeType: MIME_JSON,
-        },
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}project/{id}/quests`,
-            name: 'Project quests',
-            description: "A project's open quests (pending + in-progress).",
-            mimeType: MIME_JSON,
-        },
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}project/{id}/memory`,
-            name: 'Project memory',
-            description: "A project's validated memory artifacts.",
-            mimeType: MIME_JSON,
-        },
-        {
-            uriTemplate: `${WYRM_URI_SCHEME}project/{id}/stats`,
-            name: 'Project memory stats',
-            description: "A project's memory artifact stats (totals by kind, avg confidence).",
-            mimeType: MIME_JSON,
-        },
-    ];
-}
-// ── resources/read backends ──────────────────────────────────────────────────
-/** Hard read caps so a resource read can never inline an unbounded payload. */
-const PROJECT_LIST_CAP = 200;
-/** Raised when a URI is well-formed-but-not-found / malformed. The caller maps
- * it to a clean MCP error; it is never a crash or a leaked stack. */
-export class ResourceNotFoundError extends Error {
-    uri;
-    constructor(uri, message) {
-        super(message);
-        this.uri = uri;
-        this.name = 'ResourceNotFoundError';
-    }
-}
-/** Deterministic 2-space JSON (Article III/VIII: same state ⇒ same bytes). */
-function jsonContent(uri, body) {
-    return { uri, mimeType: MIME_JSON, text: JSON.stringify(body, null, 2) };
-}
-/**
- * Read a wyrm:// resource against the local DB. Pure read — no writes, no
- * network, no clock. Throws ResourceNotFoundError for a malformed/unknown URI
- * or a missing row.
- */
-export function readWyrmResource(uri, ctx) {
-    const parsed = parseWyrmUri(uri);
-    if (!parsed)
-        throw new ResourceNotFoundError(uri, `Unknown or malformed resource URI: ${uri}`);
-    switch (parsed.kind) {
-        case 'capabilities': {
-            const report = getCapabilities(ctx.db.getDatabase(), ctx.WYRM_TOOL_COUNT, {
-                detectVectorProvider: () => (process.env.WYRM_VECTOR_PROVIDER === 'openai' ? 'openai' : 'ollama'),
-                hasEncryption: () => !!process.env.WYRM_ENCRYPTION_KEY,
-                isFederationEnabled: () => true,
-                isAgentRunning: () => {
-                    try {
-                        return ctx.agentDaemon.status().running;
-                    }
-                    catch {
-                        return null;
-                    }
-                },
-            });
-            // Markdown body — the human briefing, same bytes wyrm_capabilities emits.
-            return { uri, mimeType: MIME_MARKDOWN, text: renderCapabilityBriefing(report) };
-        }
-        case 'stats': {
-            return jsonContent(uri, ctx.db.getStats());
-        }
-        case 'memory': {
-            const artifact = ctx.memory.get(parsed.id);
-            if (!artifact)
-                throw new ResourceNotFoundError(uri, `Memory artifact not found: ${parsed.id}`);
-            return jsonContent(uri, artifact);
-        }
-        case 'project': {
-            const project = ctx.db.getProjectById(parsed.id);
-            if (!project)
-                throw new ResourceNotFoundError(uri, `Project not found: ${parsed.id}`);
-            switch (parsed.leaf) {
-                case 'truths':
-                    return jsonContent(uri, { project_id: parsed.id, truths: ctx.groundTruths.getCurrent(parsed.id) });
-                case 'failures':
-                    return jsonContent(uri, { project_id: parsed.id, failures: ctx.failures.list(parsed.id, PROJECT_LIST_CAP) });
-                case 'quests': {
-                    const quests = ctx.db
-                        .getDatabase()
-                        .prepare("SELECT * FROM quests WHERE project_id = ? AND status IN ('pending','in_progress') ORDER BY CASE priority WHEN 'critical' THEN 0 WHEN 'high' THEN 1 WHEN 'medium' THEN 2 ELSE 3 END, id LIMIT ?")
-                        .all(parsed.id, PROJECT_LIST_CAP);
-                    return jsonContent(uri, { project_id: parsed.id, quests });
-                }
-                case 'memory': {
-                    // Keyset-paginated (v7 F4 T035): a project's full artifact set can be
-                    // larger than one inline payload, so the listing returns a PAGE +
-                    // an opaque nextCursor instead of a hard 200-row truncation that
-                    // silently drops the tail. A bad/garbage cursor decodes to null → the
-                    // first page (never throws on the wire).
-                    const after = decodeCursor(parsed.cursor);
-                    const page = ctx.memory.listPage(parsed.id, { pageSize: PROJECT_LIST_CAP, after });
-                    const content = jsonContent(uri, {
-                        project_id: parsed.id,
-                        artifacts: page.items,
-                        ...(page.nextCursor ? { next_cursor: page.nextCursor } : {}),
-                    });
-                    if (page.nextCursor)
-                        content.nextCursor = page.nextCursor;
-                    return content;
-                }
-                case 'stats':
-                    return jsonContent(uri, { project_id: parsed.id, stats: ctx.memory.getStats(parsed.id) });
-            }
-        }
-    }
-}
-//# sourceMappingURL=resources.js.map
+import{getCapabilities as f,renderCapabilityBriefing as y}from"../capabilities.js";import{decodeCursor as g}from"../keyset.js";const o="wyrm://",c="application/json",l="text/markdown",T=["truths","failures","quests","memory","stats"];function b(r){return`${o}memory/${r}`}function C(r,t,e){const i=`${o}project/${r}/${t}`;return e?`${i}?cursor=${e}`:i}const h=`${o}capabilities`,j=`${o}stats`;function $(r,t,e){return{type:"resource_link",uri:r,name:t,...e?.description?{description:e.description}:{},...e?.mimeType?{mimeType:e.mimeType}:{}}}function d(r){if(!/^\d{1,15}$/.test(r))return null;const t=Number(r);return Number.isSafeInteger(t)&&t>=0?t:null}function E(r){if(typeof r!="string"||!r.startsWith(o))return null;let t=r.slice(o.length),e;const i=t.indexOf("?");if(i>=0){const s=t.slice(i+1);t=t.slice(0,i);const a=/^cursor=([A-Za-z0-9_-]{1,512})$/.exec(s);if(!a)return null;e=a[1]}if(/[\x00-\x1f\x7f]/.test(t)||t.includes(".."))return null;const n=t.split("/");if(n.some(s=>s.length===0))return null;if(n.length===1)return e!==void 0?null:n[0]==="capabilities"?{kind:"capabilities"}:n[0]==="stats"?{kind:"stats"}:null;if(n.length===2&&n[0]==="memory"){if(e!==void 0)return null;const s=d(n[1]);return s===null?null:{kind:"memory",id:s}}if(n.length===3&&n[0]==="project"){const s=d(n[1]);if(s===null)return null;const a=n[2];return T.includes(a)?e!==void 0&&a!=="memory"?null:{kind:"project",id:s,leaf:a,...e!==void 0?{cursor:e}:{}}:null}return null}function N(){return[{uri:h,name:"Wyrm capabilities",description:"Feature inventory + runtime state \u2014 what this memory system can do and which tool to reach for. The resource form of wyrm_capabilities.",mimeType:l},{uri:j,name:"Wyrm global stats",description:"Global database stats (projects, sessions, quests, data points, size). The resource form of wyrm_stats.",mimeType:c}]}function I(){return[{uriTemplate:`${o}memory/{id}`,name:"Memory artifact",description:"A single memory artifact (lesson/pattern/anti-pattern/heuristic/reasoning trace) by id.",mimeType:c},{uriTemplate:`${o}project/{id}/truths`,name:"Project ground truths",description:"A project's current ground truths (the authoritative facts).",mimeType:c},{uriTemplate:`${o}project/{id}/failures`,name:"Project failures",description:"A project's unresolved failure patterns (the negative-learning set).",mimeType:c},{uriTemplate:`${o}project/{id}/quests`,name:"Project quests",description:"A project's open quests (pending + in-progress).",mimeType:c},{uriTemplate:`${o}project/{id}/memory`,name:"Project memory",description:"A project's validated memory artifacts.",mimeType:c},{uriTemplate:`${o}project/{id}/stats`,name:"Project memory stats",description:"A project's memory artifact stats (totals by kind, avg confidence).",mimeType:c}]}const m=200;class p extends Error{uri;constructor(t,e){super(e),this.uri=t,this.name="ResourceNotFoundError"}}function u(r,t){return{uri:r,mimeType:c,text:JSON.stringify(t,null,2)}}function x(r,t){const e=E(r);if(!e)throw new p(r,`Unknown or malformed resource URI: ${r}`);switch(e.kind){case"capabilities":{const i=f(t.db.getDatabase(),t.WYRM_TOOL_COUNT,{detectVectorProvider:()=>process.env.WYRM_VECTOR_PROVIDER==="openai"?"openai":"ollama",hasEncryption:()=>!!process.env.WYRM_ENCRYPTION_KEY,isFederationEnabled:()=>!0,isAgentRunning:()=>{try{return t.agentDaemon.status().running}catch{return null}}});return{uri:r,mimeType:l,text:y(i)}}case"stats":return u(r,t.db.getStats());case"memory":{const i=t.memory.get(e.id);if(!i)throw new p(r,`Memory artifact not found: ${e.id}`);return u(r,i)}case"project":{if(!t.db.getProjectById(e.id))throw new p(r,`Project not found: ${e.id}`);switch(e.leaf){case"truths":return u(r,{project_id:e.id,truths:t.groundTruths.getCurrent(e.id)});case"failures":return u(r,{project_id:e.id,failures:t.failures.list(e.id,m)});case"quests":{const n=t.db.getDatabase().prepare("SELECT * FROM quests WHERE project_id = ? AND status IN ('pending','in_progress') ORDER BY CASE priority WHEN 'critical' THEN 0 WHEN 'high' THEN 1 WHEN 'medium' THEN 2 ELSE 3 END, id LIMIT ?").all(e.id,m);return u(r,{project_id:e.id,quests:n})}case"memory":{const n=g(e.cursor),s=t.memory.listPage(e.id,{pageSize:m,after:n}),a=u(r,{project_id:e.id,artifacts:s.items,...s.nextCursor?{next_cursor:s.nextCursor}:{}});return s.nextCursor&&(a.nextCursor=s.nextCursor),a}case"stats":return u(r,{project_id:e.id,stats:t.memory.getStats(e.id)})}}}}export{h as CAPABILITIES_URI,p as ResourceNotFoundError,j as STATS_URI,o as WYRM_URI_SCHEME,I as listWyrmResourceTemplates,N as listWyrmResources,b as memoryUri,E as parseWyrmUri,C as projectUri,x as readWyrmResource,$ as resourceLink};

package/dist/handlers/review.js

@@ -1,74 +1,11 @@
-/**
- * Review domain — ToolSpec contract v2 (v7 F3 T026, hot-path extraction).
- *
- * wyrm_review (the review-queue gate), moved VERBATIM from the index.ts
- * dispatch switch + buildAllTools(). Approve flips needs_review off; reject
- * HARD-DELETES the artifact (the raw SQL moved with the handler — the
- * ctx.raw() verbatim-SQL seam, see handlers/types.ts).
- *
- * @copyright 2026 Ghost Protocol (Pvt) Ltd.
- * @license AGPL-3.0-or-later — dual-licensed; commercial terms: ghosts.lk@proton.me. See LICENSE.
- */
-import { TOOL_ANNOTATIONS } from '../tool-annotations.js';
-import { renderResult, withGlyph } from '../render.js';
-import { reverseBridgeSigFromTags, recordReverseBridgeRejection } from '../reverse-bridge.js';
-export const reviewToolSpecs = [
-    {
-        name: "wyrm_review",
-        description: "Use to process the review queue - approve or reject the pending memory candidates waiting from extraction, harvest, imports, capture conflicts, or session distillation. Approve activates the artifact for recall; reject permanently deletes it (unrecoverable).",
-        inputSchema: {
-            type: "object",
-            properties: {
-                artifactId: { type: "number" },
-                approved: { type: "boolean", description: "true = activate, false = hard delete" },
-                notes: { type: "string" },
-            },
-            required: ["artifactId", "approved"],
-        },
-        outputSchema: {
-            type: "object",
-            properties: {
-                artifact_id: { type: "integer" },
-                approved: { type: "boolean" },
-                deleted: { type: "boolean" },
-                problem: { type: "string" },
-                notes: { type: ["string", "null"] },
-            },
-            required: ["artifact_id", "approved", "deleted", "problem", "notes"],
-        },
-        annotations: TOOL_ANNOTATIONS.wyrm_review,
-        aliases: [],
-        handler: (args, { memory, raw }) => {
-            const { artifactId: rvId, approved, notes: rvNotes } = args;
-            const artifact = memory.get(rvId);
-            if (!artifact)
-                return { content: [{ type: "text", text: `Artifact #${rvId} not found.` }], isError: true };
-            if (approved) {
-                memory.update(rvId, { needs_review: 0 });
-            }
-            else {
-                // A reverse-bridge candidate (rb:-tagged) that the operator rejects gets
-                // a rejection tombstone BEFORE the delete, so the next bridge sweep does
-                // not re-extract + re-queue the identical outside-prose (security pass
-                // #2, finding #1). Non-bridge artifacts have no rb: sig → no tombstone.
-                const rbSig = reverseBridgeSigFromTags(artifact.tags);
-                if (rbSig)
-                    recordReverseBridgeRejection(raw(), artifact.project_id, rbSig);
-                raw().prepare('DELETE FROM memory_artifacts WHERE id = ?').run(rvId);
-            }
-            const body = {
-                artifact_id: rvId,
-                approved,
-                deleted: !approved,
-                problem: artifact.problem.slice(0, 80),
-                notes: rvNotes ?? null,
-            };
-            return renderResult(body, (b, g) => b.approved
-                ? withGlyph(g.ok, `**Approved** -- Artifact #${b.artifact_id} is now active.`) +
-                    `\n\n"${b.problem}"\n\nIt will appear in future \`wyrm_recall\` and \`wyrm_context_build\` results.${b.notes ? `\n\nNotes: ${b.notes}` : ''}`
-                : withGlyph(g.fail, `**Rejected** -- Artifact #${b.artifact_id} permanently deleted.`) +
-                    `\n\n"${b.problem}"${b.notes ? `\n\nNotes: ${b.notes}` : ''}`);
-        },
-    },
-];
-//# sourceMappingURL=review.js.map
+import{TOOL_ANNOTATIONS as l}from"../tool-annotations.js";import{renderResult as f,withGlyph as p}from"../render.js";import{reverseBridgeSigFromTags as m,recordReverseBridgeRejection as u}from"../reverse-bridge.js";const g=[{name:"wyrm_review",description:"Use to process the review queue - approve or reject the pending memory candidates waiting from extraction, harvest, imports, capture conflicts, or session distillation. Approve activates the artifact for recall; reject permanently deletes it (unrecoverable).",inputSchema:{type:"object",properties:{artifactId:{type:"number"},approved:{type:"boolean",description:"true = activate, false = hard delete"},notes:{type:"string"}},required:["artifactId","approved"]},outputSchema:{type:"object",properties:{artifact_id:{type:"integer"},approved:{type:"boolean"},deleted:{type:"boolean"},problem:{type:"string"},notes:{type:["string","null"]}},required:["artifact_id","approved","deleted","problem","notes"]},annotations:l.wyrm_review,aliases:[],handler:(s,{memory:i,raw:a})=>{const{artifactId:t,approved:o,notes:d}=s,r=i.get(t);if(!r)return{content:[{type:"text",text:`Artifact #${t} not found.`}],isError:!0};if(o)i.update(t,{needs_review:0});else{const e=m(r.tags);e&&u(a(),r.project_id,e),a().prepare("DELETE FROM memory_artifacts WHERE id = ?").run(t)}const c={artifact_id:t,approved:o,deleted:!o,problem:r.problem.slice(0,80),notes:d??null};return f(c,(e,n)=>e.approved?p(n.ok,`**Approved** -- Artifact #${e.artifact_id} is now active.`)+`
+
+"${e.problem}"
+
+It will appear in future \`wyrm_recall\` and \`wyrm_context_build\` results.${e.notes?`
+
+Notes: ${e.notes}`:""}`:p(n.fail,`**Rejected** -- Artifact #${e.artifact_id} permanently deleted.`)+`
+
+"${e.problem}"${e.notes?`
+
+Notes: ${e.notes}`:""}`)}}];export{g as reviewToolSpecs};