mirror of
https://github.com/MoonshotAI/kimi-code.git
synced 2026-07-13 03:09:14 +00:00
Compare commits
No commits in common. "main" and "@moonshot-ai/kimi-code@0.23.4" have entirely different histories.
main
...
@moonshot-
1447 changed files with 1315 additions and 230942 deletions
|
|
@ -1,70 +0,0 @@
|
|||
---
|
||||
name: agent-core-dev
|
||||
description: Use when developing in packages/agent-core-v2 (the DI × Scope agent engine) — adding or modifying a domain Service, choosing a LifecycleScope, wiring DI dependencies, splitting a domain across scopes, owning or migrating a config section, gating behavior behind an experimental flag, raising coded errors, working on the permission system, writing DI/Scope tests, porting business logic from agent-core (v1) to v2, triaging a main-branch commit against v2, or exposing a v2 domain over server-v2 while keeping the wire contract compatible with packages/server. Self-contained guide organized by development stage (orient → design → implement → test → verify) plus align workflows for v1→v2 migration, main-branch commit triage, and server-v2 wire exposure; each file carries the rules, examples, and red lines for its step.
|
||||
---
|
||||
|
||||
# agent-core-dev
|
||||
|
||||
> Develop `packages/agent-core-v2` by lifecycle stage. This skill is **self-contained**: every rule, recipe, and red line lives in the stage files below — it does not delegate to `packages/agent-core-v2/docs/`.
|
||||
|
||||
`agent-core-v2` is the new agent engine built on the **DI × Scope** architecture (a port of `packages/agent-core`). Everything resolves through the container: a service declares an **identity**, its **dependencies**, and a **lifetime**; the container decides construction, singleton-per-scope, ordering, and disposal. The stage files restate the rules in imperative form so you can work without reading the source docs.
|
||||
|
||||
## Lifecycle at a glance
|
||||
|
||||
```text
|
||||
Orient → Design → Implement → Test → Verify
|
||||
│ │ │ │ │
|
||||
│ │ │ │ └─ lint:domain · typecheck · test · dep graph · red lines
|
||||
│ │ │ └─ test.md
|
||||
│ │ └─ implement.md (+ errors.md · flags.md · permission.md)
|
||||
│ └─ design.md
|
||||
└─ orient.md
|
||||
```
|
||||
|
||||
Stages are ordered but not strictly linear: a test failure (stage 4) that reveals a wrong scope sends you back to design (stage 2); a `CyclicDependencyError` sends you to `design.md` §dependency-direction and `implement.md` §cycles.
|
||||
|
||||
## Workflows
|
||||
|
||||
End-to-end procedures that span the stages. Reach for these before reading the stage files individually.
|
||||
|
||||
- [Align (port `agent-core` → `agent-core-v2`)](align.md): split a v1 class into semantic units, fix each unit's domain / scope / Service / dependencies, then migrate the logic and tests. Use when the task is "move feature X from v1 to v2" or "port `IXxxService` to v2".
|
||||
- [Commit align (triage a `main` commit against v2)](commit-align.md): given one `main` commit hash + a short note, find the v1 logic it changed, check whether v2 already has the corresponding implementation, bucket it (aligned / partial / missing / not-applicable), and recommend a minimal fix. Use in the `kimi-code-v2`-catching-up-to-`main` phase, for one commit at a time; escalate to [align.md](align.md) if the gap is a whole domain.
|
||||
- [Server align (expose `agent-core-v2` over `server-v2`)](server-align.md): wire a v2 domain into `packages/kap-server` over `/api/v2` (native) and `/api/v1` (v1-compatible mirror), keep the wire schema byte-compatible with `packages/server` by sharing the `@moonshot-ai/protocol` schema, and isolate v1-only behavior in a `<domain>Legacy` edge adapter instead of distorting the native v2 Service. Use when the task is "expose the new v2 Service on the server", "port the v1 `/api/v1` routes to server-v2", or "keep server-v2 wire-compatible with `packages/server`".
|
||||
|
||||
## Stages
|
||||
|
||||
- [Stage 1 — Orient](orient.md): the DI black box (identity / dependencies / lifetime), the four `LifecycleScope` tiers and visibility, and the file-header comment convention. Read before touching business code.
|
||||
- [Stage 2 — Design a service](design.md): pick a scope, split a domain across scopes, choose a calling style (direct call vs event vs hook), and direct dependencies. Decide *where things live and who knows whom* before coding.
|
||||
- Topic: [Domain boundaries vs Scope](domain-boundaries.md) — keep `session` / `agent` / `turn` from becoming god objects; data-ownership test and their split conclusions.
|
||||
- Topic: [Persistence layering](persistence.md) — the three-layer `Store → Storage → backend` model, naming Stores by access pattern, and which layer business code should depend on.
|
||||
- Topic: [Edge exposure — `resource:action` + WS events](edge-exposure.md) — which Services are exposed over `/api/v2` (per-scope action map) and which events stream over WS; what to wrap in a facade.
|
||||
- [Stage 3 — Implement](implement.md): the standard Service recipe and the DI building blocks — interface + identity, constructor injection, scoped registration, `Disposable`, eager vs delayed, `invokeFunction`, `createInstance`, child scopes, and the cycle-refactor playbook.
|
||||
- Topic: [Service authoring](service-authoring.md) — file layout, naming, contract vs impl contents, interface style, constructor/field conventions, events, multi-Service domains, comment rules.
|
||||
- Topic: [Config](config.md) — the section-registry model, App vs Session split, owning a config section, the TOML format, and the env overlay.
|
||||
- Topic: [Errors](errors.md) — co-located `XxxError`, the central code registry, wire serialization, boundary translation.
|
||||
- Topic: [Flags](flags.md) — `registerFlagDefinition`, `IFlagService.enabled(id)`, the `[experimental]` config section, resolution precedence.
|
||||
- Topic: [Permission](permission.md) — composable chain-of-responsibility kernel, policy registry + composer, `modes`/`agentTypes` metadata, `resolveExecution`/`accesses`.
|
||||
- Topic: [Telemetry](telemetry.md) — emitting events via `ITelemetryService`, context propagation, and appender destinations (`ConsoleAppender` / `CloudAppender`).
|
||||
- [Stage 4 — Test](test.md): resolve the system under test by interface, pick `TestInstantiationService` vs `createScopedTestHost`, shared stubs, service groups, teardown.
|
||||
- [Stage 5 — Verify & submit](verify.md): `lint:domain`, `typecheck`, `test`, and the pre-submit checklist.
|
||||
|
||||
## How to use this skill
|
||||
|
||||
Jump to the stage you are in and read that one file; each is self-contained and ends with its own red lines. Skim the global red lines below before submitting — they catch most mistakes across every stage. The repo's source of truth remains the code in `packages/agent-core-v2/src/`; this skill codifies the same rules so you do not have to re-derive them.
|
||||
|
||||
## Global red lines
|
||||
|
||||
Invariants that hold across every stage. Each is expanded in the stage file noted.
|
||||
|
||||
1. No `new` on a class whose constructor carries `@IService` deps — inject with `@IX` or `accessor.get(IX)`. (implement.md)
|
||||
2. `@IX` decorates constructor parameters only; parameter order depends on construction (static-first for `createInstance`, `@IX`-first for scoped services). (service-authoring.md)
|
||||
3. Both interface and impl carry `_serviceBrand`; the `createDecorator` name is globally unique. (implement.md)
|
||||
4. Parent scope never depends on child scope — short-lived may inject long-lived, never the reverse. (orient.md)
|
||||
5. No cyclic dependencies — refactor (extract a third Service / use an event / re-scope); do not break the cycle with `Delayed`. (design.md, implement.md)
|
||||
6. `ServicesAccessor` is valid only during `invokeFunction` — never stash it for async use. (implement.md)
|
||||
7. Scope follows state identity — no `Map<sessionId, …>` at `App` to fake per-session state. (design.md)
|
||||
8. Foundational layers never know upstream ones; business code never depends on the edge layer (`gateway`/`rpc`). (design.md)
|
||||
9. Throw coded errors; register codes centrally; branch on `code` across the wire, never `instanceof`. (errors.md)
|
||||
10. Gate unreleased behavior behind a flag contributed via `registerFlagDefinition` and resolved through `IFlagService.enabled(id)`; no ad-hoc env toggles. (flags.md)
|
||||
11. Tests resolve the SUT by interface; shared stubs live under `test/`, never `src/`. (test.md)
|
||||
12. Config is the preference registry: only preferences that are persistable, schema'd, and user/operator-facing go in `IConfigService`. Domain-specific config (including env-only operational toggles) goes through `registerSection` + `envOverlay`. Facts → `IBootstrapService` (kept domain-agnostic — never add cron/flags/model state); session state → Session scope; constants → code. Business domains never call `IBootstrapService.getEnv()` directly. (config.md)
|
||||
|
|
@ -1,235 +0,0 @@
|
|||
# Subskill — Align (port `agent-core` → `agent-core-v2`)
|
||||
|
||||
Port business logic from `packages/agent-core` (v1) into `packages/agent-core-v2` (v2) by **splitting semantics, then fixing the domain, scope, Service, and dependency relationships**, and finally migrating the logic and tests.
|
||||
|
||||
Use this when the task is "move feature X from v1 to v2", "port `IXxxService` to v2", or "align a v1 domain with the v2 architecture". It complements the stage files: orient / design / implement / test explain the *target* architecture; this file explains how to get there *from v1*.
|
||||
|
||||
## The one-paragraph mental model
|
||||
|
||||
v1 is a **VSCode-style singleton container**: services self-register with `registerSingleton`, resolve as singleton-per-container, and have no explicit lifetime tier — so a single `ISessionService` / `IToolService` tends to accumulate global, per-session, and per-agent state in one class. v2 is a **DI × Scope tree**: every service binds to one of `App` / `Session` / `Agent`, and a domain with state at several lifetimes is split into several Services. Porting is therefore **not** a file copy — it is "find each lifetime of state hiding in the v1 class, give each its own v2 Service at the right scope, then re-wire the dependencies".
|
||||
|
||||
## v1 → v2 at a glance
|
||||
|
||||
| Concern | v1 (`agent-core`) | v2 (`agent-core-v2`) |
|
||||
|---|---|---|
|
||||
| Registration | `registerSingleton(IX, X, InstantiationType.Delayed)` | `registerScopedService(LifecycleScope.X, IX, X, InstantiationType.Delayed, 'domain')` |
|
||||
| DI import | `from '../../di'` | `from '#/_base/di/scope'` / `'#/_base/di/instantiation'` / `'#/_base/di/extensions'` / `'#/_base/di/lifecycle'` |
|
||||
| Lifetime | implicit singleton-per-container | explicit `LifecycleScope` (App/Session/Agent) — see orient.md |
|
||||
| Domain granularity | coarse (`session`, `tool`, `loop`) | fine, split by scope + responsibility |
|
||||
| Test import | `from '@moonshot-ai/agent-core/di/test'` | `from '#/_base/di/test'` |
|
||||
| Resolve SUT in tests | `ix.createInstance(Impl)` (common) | `ix.get(IX)` by interface — see test.md |
|
||||
| Scope tests | none | `createScopedTestHost` — see test.md |
|
||||
| Errors | `from '../../errors'` (central `KimiError`, `ErrorCodes`) | `from '#/_base/errors'` + domain co-located `XxxError` — see errors.md |
|
||||
| Flags | `flags/` (process-global `FlagResolver`) | `flag/` (App-scope `IFlagService`) — see flags.md |
|
||||
| Permission | `agent/permission/` (hardcoded chain) | `permission*` (registry + composer) — see permission.md |
|
||||
|
||||
## The align workflow
|
||||
|
||||
```text
|
||||
Read v1 → Semantic split → Map domain → Assign scope → Shape Services
|
||||
→ Direct dependencies → Port logic → Port tests → Verify
|
||||
```
|
||||
|
||||
Each step below states the goal and the concrete action, then points to the stage file that goes deeper. Do them in order; a later step often sends you back to an earlier one (a scope that does not fit means the semantic split was wrong).
|
||||
|
||||
### 1. Read v1
|
||||
|
||||
**Goal:** build an accurate inventory of what the v1 code actually owns. Read the v1 *source*, not v1 docs.
|
||||
|
||||
Actions:
|
||||
|
||||
- Locate the v1 entry: contract (`<domain>/<domain>.ts`) + impl (`<domain>/<domain>Service.ts`), plus any helpers under the same folder.
|
||||
- Inventory three things from the impl:
|
||||
- **State** — every field / `Map` / cache the class holds. For each, note its *identity* (global? keyed by `sessionId`? by `agentId`?).
|
||||
- **Behavior** — every public method; group them by which state they touch.
|
||||
- **Dependencies** — every `@IFoo` constructor injection and every cross-domain relative import (`from '../<other>/...'`).
|
||||
- Note the v1 registration line (`registerSingleton(...)`) and any `services.set(IX, ...)` overrides at bootstrap (these reveal runtime static args or prebuilt instances the port must preserve).
|
||||
|
||||
Do not start splitting yet — an accurate inventory prevents the common mistake of porting the class shape instead of the semantics.
|
||||
|
||||
### 2. Semantic split
|
||||
|
||||
**Goal:** break one v1 class into independent semantic units, each owning state at exactly one lifetime. This is the heart of the port.
|
||||
|
||||
Method — for each piece of state from the inventory, ask:
|
||||
|
||||
1. **What is it keyed by?** nothing → a global unit; `sessionId` → a per-session unit; `agentId` → a per-agent unit.
|
||||
2. **When should it die?** with the process / the session / the agent. State that must outlive its neighbors is a different unit.
|
||||
3. **Which methods touch only this state?** they travel with the unit.
|
||||
|
||||
Worked example — v1 `ISessionService` (one class, ~600 lines) holds:
|
||||
|
||||
- a global index of all sessions → **global** unit → v2 `sessionStore` (`ISessionStore`, App);
|
||||
- this session's metadata → **per-session** unit → v2 `sessionMetaStore` (`ISessionMetaStore`, Session);
|
||||
- this session's activity / status → **per-session** unit → v2 `sessionActivity`;
|
||||
- this session's context projection → **per-session** unit → v2 `sessionContext`;
|
||||
- child-agent lifecycle driven by a session → **per-session** unit → v2 `agentLifecycle`; create/close/archive/fork of the session itself → **global** unit → v2 `sessionLifecycle` (App).
|
||||
|
||||
A v1 class that maps cleanly to one v1 decorator often becomes **three to five** v2 Services. That is expected and correct — do not try to keep the v1 class shape.
|
||||
|
||||
Red lines:
|
||||
|
||||
- If two pieces of state have different identities, they belong in different units — do not keep them together "because v1 did".
|
||||
- Do not split by method count or file aesthetics; split by state identity (design.md §3).
|
||||
- If a unit has no mutable state (pure behavior), defer its scope decision to step 4 (it is pulled down by its shortest-lived dependency).
|
||||
|
||||
### 3. Map to v2 domain
|
||||
|
||||
**Goal:** assign each semantic unit to a v2 domain — an existing one if it fits, a new one only if none does.
|
||||
|
||||
Actions:
|
||||
|
||||
- Search v2 `src/` for an existing domain that owns the same responsibility. Prefer joining an existing domain over creating a new one.
|
||||
- If creating a domain, name it after the responsibility (camelCase folder, e.g. `sessionActivity`), not after the v1 file.
|
||||
- Keep a domain's public surface to one contract file (`<domain>.ts`) plus its impl(s).
|
||||
|
||||
Reference mapping (a **starting point**, not gospel — verify against the current v2 `src/`, which is the source of truth):
|
||||
|
||||
| v1 location | v2 domain(s) |
|
||||
|---|---|
|
||||
| `services/session/`, `session/` | `session`, `sessionStore`, `sessionMetaStore`, `sessionActivity`, `sessionContext`, `agentLifecycle` |
|
||||
| `services/tool/`, `tools/`, `agent/tool/` | `toolRegistry`, `toolStore`, `toolExecutor`, `tooldedup`, `userTool` |
|
||||
| `loop/`, `agent/` (turn loop) | `loop`, `llmRequester`, `llmRequestLog`, `turn` |
|
||||
| `agent/context/`, `agent/compaction/` | `contextMemory`, `contextProjector`, `contextSize`, `fullCompaction`, `dynamicInjector` |
|
||||
| `agent/permission/` | `permission`, `permissionMode`, `permissionPolicy`, `permissionRules`, `approval`, `externalHooks` |
|
||||
| `agent/goal/`, `agent/plan/`, `agent/swarm/`, `agent/cron/`, `agent/background/` | `goal`, `plan`, `swarm`, `cron`, `background`, `subagentHost` |
|
||||
| `services/config/`, `agent/config/` | `config` |
|
||||
| `services/event/`, `base/common/event` | `event`, `eventBus` |
|
||||
| `services/logger/`, `logging/` | `log` |
|
||||
| `services/fileStore/` | `filestore`, `blobStore` |
|
||||
| `services/fs/`, `services/workspace/` | `fs`, `workspace` |
|
||||
| `services/auth/`, `services/oauth/` | `auth` |
|
||||
| `services/environment/` | `environment` |
|
||||
| `services/terminal/` | `terminal` |
|
||||
| `services/question/`, `services/approval/` | `question`, `approval` |
|
||||
| `services/prompt/`, `agent/injection/` | `prompt`, `dynamicInjector` |
|
||||
| `services/mcp/`, `mcp/` | `mcp` |
|
||||
| `plugin/`, `profile/`, `skill/` | `plugin`, `profile`, `skill` |
|
||||
| `rpc/`, `services/coreProcess/` | `rpc`, `gateway` |
|
||||
| `di/` | `_base/di` |
|
||||
| `errors/`, `errors.ts` | `_base/errors` + co-located domain errors |
|
||||
| `flags/` | `flag` |
|
||||
| `telemetry.ts` | `telemetry` |
|
||||
| `agent/records/` | (records split) — verify in v2 `src/` |
|
||||
|
||||
When the table says "verify", or when v1 and v2 have diverged, **read the v2 `src/` tree and decide from the code** — do not invent a mapping.
|
||||
|
||||
### 4. Assign scope
|
||||
|
||||
For each semantic unit, fix its `LifecycleScope` from the identity you found in step 2. Follow design.md §2 verbatim:
|
||||
|
||||
- global → `App`; per `sessionId` → `Session`; per `agentId` → `Agent`.
|
||||
- Stateless unit → default to `App`, pulled down only by a shorter-lived dependency.
|
||||
- Self-check: "when this scope is disposed, should this state disappear with it?"
|
||||
|
||||
This is the decision v1 never had to make — get it right before writing any v2 code, because the scope is fixed at registration and changing it later ripples through every consumer.
|
||||
|
||||
### 5. Shape Services
|
||||
|
||||
Decide the Service shape per unit, following design.md §3:
|
||||
|
||||
- A unit that owns **one instance's** state → a single per-instance Service (`ISessionXxx` / `IAgentXxx`).
|
||||
- A unit that owns a **global view plus per-instance** state → split into an `App` registry/factory (`XxxStore` / `XxxRegistry` / `XxxCatalog`) **and** a per-instance Service. The `App` half creates or locates the per-instance half.
|
||||
- Do not pre-split a unit that has state at only one lifetime.
|
||||
|
||||
Most consumers inject the per-instance Service; inject the `App` factory only for genuine cross-instance management.
|
||||
|
||||
### 6. Direct dependencies
|
||||
|
||||
Re-wire the dependencies you inventoried in step 1, now across the new v2 Services. Follow design.md §4–§5:
|
||||
|
||||
- **Calling style** — need a result / I orchestrate → direct call (`@IX` injection); stating a fact → event; ordered participation that may veto → hook.
|
||||
- **Scope direction** — a Service may inject only its own scope or an ancestor. If an `App` Service needs something from a `Session` Service, the dependency is backwards: re-scope or invert into an event.
|
||||
- **Domain direction** — foundational layers must not know upstream ones. A cycle means a v1 relative import is now pointing the wrong way; extract a third Service or invert the notification into an event.
|
||||
- **Durable facts** — state changes that must be recorded / replayed / projected across agents go on the wire (`wireRecord`), not a direct call alone.
|
||||
|
||||
Run `lint:domain` (verify.md) as soon as the dependencies compile — it catches direction violations early.
|
||||
|
||||
### 7. Port the business logic
|
||||
|
||||
Move the behavior into the shaped v2 Services, applying the mechanical conversions below. Follow implement.md for the recipe.
|
||||
|
||||
**Registration:**
|
||||
|
||||
```ts
|
||||
// v1
|
||||
import { InstantiationType, registerSingleton } from '../../di';
|
||||
registerSingleton(IXxxService, XxxService, InstantiationType.Delayed);
|
||||
|
||||
// v2
|
||||
import { InstantiationType } from '#/_base/di/extensions';
|
||||
import { LifecycleScope, registerScopedService } from '#/_base/di/scope';
|
||||
registerScopedService(LifecycleScope.Session, IXxxService, XxxService, InstantiationType.Delayed, 'xxx');
|
||||
```
|
||||
|
||||
**Imports:**
|
||||
|
||||
```ts
|
||||
// v1
|
||||
import { createDecorator, Disposable, IInstantiationService } from '../../di';
|
||||
import { KimiError, ErrorCodes } from '../../errors';
|
||||
|
||||
// v2
|
||||
import { createDecorator, type ServiceIdentifier } from '#/_base/di/instantiation';
|
||||
import { Disposable } from '#/_base/di/lifecycle';
|
||||
import { IInstantiationService } from '#/_base/di/instantiation';
|
||||
import { KimiError, type ErrorCode } from '#/_base/errors';
|
||||
```
|
||||
|
||||
**Constructor injection** — unchanged in shape (`@IX` on constructor params, service params after static params). Verify each dependency is resolvable from the new scope (step 6).
|
||||
|
||||
**Errors** — move any shared error into a co-located `XxxError extends KimiError` with a registered `code` (errors.md). Do not keep throwing v1's central error codes from a v2 domain.
|
||||
|
||||
**Flags** — replace any `FlagResolver` / env check with `IFlagService.enabled(id)`; contribute new flags from the owning domain's `flag.ts` via `registerFlagDefinition` (flags.md).
|
||||
|
||||
**Events** — v1's `Emitter` / `Event` from `base/common/event` maps to v2's `event` / `eventBus` domains. Read existing v2 usage in neighboring domains and match it; do not import v1's `Emitter`.
|
||||
|
||||
**Runtime static args / prebuilt instances** — if v1 bootstrap did `services.set(IX, new SyncDescriptor(C, [bag]))` or set a prebuilt instance, preserve that behavior at the v2 composition root (the scope that owns the Service). Do not silently drop it.
|
||||
|
||||
Red lines:
|
||||
|
||||
- Do not copy a v1 file and "fix imports". Re-split first (steps 2–6); a straight copy carries v1's implicit-singleton assumptions into v2 and creates the `Map<sessionId, …>`-at-`App` anti-pattern.
|
||||
- Do not leave v1 relative imports (`from '../x/...'`) in v2 — use the `#/...` alias and respect the domain layers.
|
||||
- Do not preserve a v1 behavior just because it exists; if the split reveals it was a workaround for the missing scope tree, drop it.
|
||||
|
||||
### 8. Port the tests
|
||||
|
||||
Convert v1 tests to the v2 harness, following test.md:
|
||||
|
||||
```ts
|
||||
// v1
|
||||
import { TestInstantiationService } from '@moonshot-ai/agent-core/di/test';
|
||||
const svc = ix.createInstance(XxxService, 'static-arg');
|
||||
|
||||
// v2
|
||||
import { createServices } from '#/_base/di/test';
|
||||
// in additionalServices:
|
||||
reg.define(IXxxService, XxxService);
|
||||
// in the test body:
|
||||
const svc = ix.get(IXxxService);
|
||||
```
|
||||
|
||||
- Resolve the SUT by interface (`ix.get(IX)`), never `new` a `@IService`-carrying impl, and prefer `ix.get(IX)` over `ix.createInstance(Impl)`.
|
||||
- Move shared stubs into `test/<domain>/stubs.ts`; import by relative path, never `#/...`.
|
||||
- If the port introduced scope-layer behavior, add a `createScopedTestHost` test that asserts resolution from the correct scope (with `_clearScopedRegistryForTests()` + explicit re-registration in `beforeEach`).
|
||||
- Keep v1's behavioral assertions where they still describe observable behavior; delete assertions that only checked v1's internal class shape.
|
||||
|
||||
## Migration checklist
|
||||
|
||||
Before submitting a port:
|
||||
|
||||
- [ ] Every piece of v1 state landed in a v2 Service whose scope matches its identity (no `Map<sessionId, …>` at `App`).
|
||||
- [ ] Each v1 dependency now points in the right scope and domain direction; `lint:domain` passes.
|
||||
- [ ] Registrations use `registerScopedService` with an explicit scope and domain name; no `registerSingleton` remains.
|
||||
- [ ] Imports use the `#/...` alias; no v1 relative (`../../di`, `../../errors`) imports remain.
|
||||
- [ ] Errors are co-located coded errors; flags go through `IFlagService`.
|
||||
- [ ] Tests resolve the SUT by interface; scope behavior is asserted via `createScopedTestHost`; teardown goes through one `DisposableStore`.
|
||||
- [ ] v1 bootstrap overrides (`services.set(...)`) are preserved at the v2 composition root.
|
||||
|
||||
## Red lines (this subskill)
|
||||
|
||||
- Porting is semantic splitting, not file copying — never preserve a v1 class shape in v2.
|
||||
- Decide scope from state identity before writing v2 code; the scope is fixed at registration.
|
||||
- Verify the domain mapping against current v2 `src/`; the table here is a starting point, not authority.
|
||||
- One Service owns state at exactly one lifetime; split global-view + per-instance into registry + per-instance.
|
||||
- A dependency cycle introduced by the port means a v1 import is now backwards — refactor, do not route around it with `Delayed`.
|
||||
|
|
@ -1,155 +0,0 @@
|
|||
# Topic — Close vs Dispose
|
||||
|
||||
How to shut down a scoped service in `agent-core-v2`: when `dispose()` is enough, when to add an async `close()`, and where cancellation / abort belongs. Read this before putting business shutdown logic into a `Disposable`.
|
||||
|
||||
## The one-sentence rule
|
||||
|
||||
> **`close()` is async business shutdown; `dispose()` is synchronous resource cleanup.**
|
||||
|
||||
`close()` finishes a domain's work: stop in-flight operations, apply shutdown policy, flush persistence, release async resources. `dispose()` releases object resources: event subscriptions, timers, hook registrations, and child disposables.
|
||||
|
||||
## Why they must stay separate
|
||||
|
||||
`IDisposable.dispose()` is synchronous:
|
||||
|
||||
```ts
|
||||
export interface IDisposable {
|
||||
dispose(): void;
|
||||
}
|
||||
```
|
||||
|
||||
The container calls it during scope teardown. Disposal order is deterministic (orient.md): child scopes first, then reverse construction order within a scope. Nothing awaits a Promise returned from `dispose()`.
|
||||
|
||||
Business shutdown is usually async. It may need to:
|
||||
|
||||
- stop in-flight tasks and wait for settlement;
|
||||
- decide policy (`kill` vs `keepAliveOnExit` vs `markLost`);
|
||||
- flush write queues and persistence;
|
||||
- emit final records / events / telemetry;
|
||||
- close sockets, child processes, or external clients.
|
||||
|
||||
If that logic lives in `dispose()`, it becomes fire-and-forget: the scope keeps tearing down, dependencies may be disposed immediately afterward, and the async continuation can run against a half-dead object graph.
|
||||
|
||||
## What `close()` owns
|
||||
|
||||
Add `close(): Promise<void>` when a service owns async shutdown work:
|
||||
|
||||
```ts
|
||||
export interface IXxxService {
|
||||
readonly _serviceBrand: undefined;
|
||||
close(reason?: string): Promise<void>;
|
||||
}
|
||||
```
|
||||
|
||||
A good `close()`:
|
||||
|
||||
- is idempotent — repeated calls return the same Promise or no-op;
|
||||
- is called by lifecycle code **before** `scope.dispose()`;
|
||||
- rejects new work after it starts;
|
||||
- applies shutdown policy explicitly;
|
||||
- awaits the work it starts;
|
||||
- leaves `dispose()` with only synchronous cleanup.
|
||||
|
||||
Sketch:
|
||||
|
||||
```ts
|
||||
class XxxService extends Disposable implements IXxxService {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
private closed = false;
|
||||
|
||||
async close(reason = 'scope closed'): Promise<void> {
|
||||
if (this.closed) return;
|
||||
this.closed = true;
|
||||
|
||||
await this.stopInFlightWork(reason);
|
||||
await this.flushPersistence();
|
||||
}
|
||||
|
||||
override dispose(): void {
|
||||
this.closed = true;
|
||||
// synchronous cleanup only: clear timers, remove listeners, release handles.
|
||||
super.dispose();
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
`flush()` is different from `close()`: `flush()` persists buffered state while the service stays open; `close()` is terminal.
|
||||
|
||||
## What `dispose()` owns
|
||||
|
||||
`dispose()` releases resources owned by the object instance:
|
||||
|
||||
```ts
|
||||
class WSBroadcastService extends Disposable implements IWSBroadcastService {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
|
||||
constructor(@IEventService event: IEventService) {
|
||||
super();
|
||||
this._register(event.subscribe(() => { /* … */ }));
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Use `dispose()` to:
|
||||
|
||||
- `_register(...)` event subscriptions and hook registrations;
|
||||
- clear timers;
|
||||
- remove signal listeners;
|
||||
- dispose child `IDisposable`s;
|
||||
- detach from synchronous handles.
|
||||
|
||||
`dispose()` must be idempotent and should avoid throwing. If `close()` was already called, `dispose()` should be a no-op for business work and only clean resources.
|
||||
|
||||
## Where abort / cancellation belongs
|
||||
|
||||
Cancellation is not the same thing as graceful shutdown.
|
||||
|
||||
For an operation-scoped object, a cancellation trigger can be disposed:
|
||||
|
||||
```ts
|
||||
const tokenSource = new CancellationTokenSource();
|
||||
store.add(toDisposable(() => tokenSource.cancel()));
|
||||
```
|
||||
|
||||
This is fine when the contract is **fire-and-forget cancel**: the operation observes the token and settles asynchronously; disposal does not wait for completion.
|
||||
|
||||
For a manager/service that owns many tasks and their state, do not use `dispose()` as the graceful abort path. Expose `stop()` / `stopAll()` / `close()` and let lifecycle code await the one it needs.
|
||||
|
||||
Background-specific rule: a `background`-style service may use `AbortController` internally to propagate cancellation to process / agent / question tasks, but manager shutdown belongs in `close()` or explicit `stopAll()`. `dispose()` may best-effort abort controllers only as a safety net; it must not be the mechanism that decides terminal status, persistence, or notifications.
|
||||
|
||||
## Decision tree
|
||||
|
||||
```text
|
||||
What does the service own?
|
||||
│
|
||||
├─ only event subscriptions / timers / disposable handles?
|
||||
│ └─ extend Disposable; no close() needed.
|
||||
│
|
||||
├─ async work, in-flight tasks, persistence buffers, sockets, child processes?
|
||||
│ └─ add close(): Promise<void>; call it before scope.dispose().
|
||||
│
|
||||
├─ a single operation that callers may cancel?
|
||||
│ └─ expose an AbortSignal / CancellationToken or a fire-and-forget cancel handle.
|
||||
│
|
||||
└─ both async shutdown and disposable resources?
|
||||
└─ close() for business shutdown; dispose() for resource cleanup.
|
||||
```
|
||||
|
||||
## VSCode parallel
|
||||
|
||||
VSCode uses the same split:
|
||||
|
||||
- `src/vs/base/common/lifecycle.ts` — `IDisposable.dispose(): void` for synchronous cleanup.
|
||||
- `src/vs/base/parts/storage/common/storage.ts` — `close(): Promise<void>` flushes and closes the database.
|
||||
- `src/vs/base/common/cancellation.ts` — `CancellationTokenSource.dispose(true)` / `cancelOnDispose()` cancels operation-scoped work without awaiting it.
|
||||
|
||||
The lesson is not "never cancel in dispose". It is: **disposal may trigger cancellation for a scoped operation, but service shutdown policy stays in an explicit async close path.**
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Do not put business shutdown in `dispose()` — `dispose()` is synchronous and is not awaited.
|
||||
- Do not `await` inside `dispose()`.
|
||||
- Do not rely on `dispose()` to flush persistence, emit final events, wait for tasks, or send notifications.
|
||||
- Add `close(): Promise<void>` for async shutdown and call it before `scope.dispose()`.
|
||||
- Keep `close()` and `dispose()` idempotent; `dispose()` after `close()` must be safe.
|
||||
- Use disposal as a cancellation trigger only for operation-scoped work, not as a manager/service shutdown policy.
|
||||
|
|
@ -1,78 +0,0 @@
|
|||
# Subskill — Commit align (triage a `main` commit against v2)
|
||||
|
||||
Context: you are on the `kimi-code-v2` branch, in the phase of catching it up to **new commits that landed on `main`**. Those commits change `packages/agent-core` (v1); the job is to decide, for one commit at a time, whether v2 (`packages/agent-core-v2`) already has the corresponding logic — and if not, what the minimal fix is.
|
||||
|
||||
Use this when the user hands you **one commit hash plus a short description** ("look at `<commit>` — it fixed the steering race"). It is the small, per-commit sibling of [align.md](align.md): `align.md` ports a whole v1 domain into v2; this file triages a single `main` commit and says *port / adapt / skip*. If the triage reveals a whole missing domain, stop and switch to [align.md](align.md).
|
||||
|
||||
## The one-paragraph mental model
|
||||
|
||||
A `main` commit edits v1's singleton-container code. The same behavior in v2 lives behind a scoped Service, so a commit lands in one of four buckets: **already-aligned** (v2 has it, possibly by construction), **partial** (v2 has a nearby version whose semantics drift), **missing** (v2 has nothing), or **not-applicable** (the v2 architecture removed the very problem the commit fixes). Your output is a bucket assignment plus evidence, then a fix sized to that bucket — never a blind port of the diff.
|
||||
|
||||
## The workflow
|
||||
|
||||
```text
|
||||
Read the commit + the user's note → Locate the v1 logic → Map to a v2 domain
|
||||
→ Check v2 for a corresponding implementation → Bucket it → Recommend a fix → Verify
|
||||
```
|
||||
|
||||
### 1. Read the commit and the note
|
||||
|
||||
**Goal:** know exactly what changed in v1 and *why*. The user's one-liner gives the intent; the diff gives the facts.
|
||||
|
||||
Actions:
|
||||
|
||||
- Inspect the change scoped to v1: `git show <commit> -- packages/agent-core` (and `--stat` first to see the blast radius).
|
||||
- From the diff, list: touched files, changed functions/methods, and the observable behavior delta (before → after).
|
||||
- Reconcile with the user's note: is this a bugfix, a semantic correction, new behavior, or a refactor? The *why* decides whether v2 even needs the change.
|
||||
|
||||
Do not skim the user's sentence and guess — the diff is the spec for what "aligned" means here.
|
||||
|
||||
### 2. Locate the v1 logic
|
||||
|
||||
Pin the change to a v1 place: the contract (`<domain>/<domain>.ts`) + impl (`<domain>/<domain>Service.ts`), or the helper/handler the commit touched. Note which state it reads/writes and which other v1 services it calls — this is the same inventory as [align.md](align.md) §1, scoped to the commit's footprint.
|
||||
|
||||
### 3. Map to a v2 domain
|
||||
|
||||
Use the v1 → v2 domain table in [align.md](align.md) §3 as a starting point, then **verify against the current `packages/agent-core-v2/src/` tree** — it is the source of truth. Identify the candidate v2 Service(s) that would own this behavior, and their `LifecycleScope`.
|
||||
|
||||
### 4. Check v2 and assign a bucket
|
||||
|
||||
Search the candidate domain in v2 (Grep the method name, the state field, the error code). For each piece of the commit's behavior delta, decide:
|
||||
|
||||
- **Already-aligned** — v2 produces the same observable result (sometimes for free, because the v2 design never had the bug). Cite the v2 file:line.
|
||||
- **Partial** — v2 has a near miss: same method, different guard/ordering/error; or the state lives at a different scope. Name the exact drift.
|
||||
- **Missing** — no v2 Service owns this behavior. Confirm it is a single-Service gap, not a whole-domain gap (latter → [align.md](align.md)).
|
||||
- **Not-applicable** — the v2 architecture removed the condition the commit fixes (e.g. the scope tree already serializes what v1 patched with a lock). Explain why, so a reviewer trusts the skip.
|
||||
|
||||
Every claim needs a citation (`path:line`) on both sides; "I couldn't find it" is a finding only after you name where you looked.
|
||||
|
||||
### 5. Recommend a fix (sized to the bucket)
|
||||
|
||||
- **Already-aligned** — say so and stop; reference the v2 location. No code change.
|
||||
- **Partial** — propose the smallest edit that closes the drift: which Service, which method, which guard. Stay inside v2 rules — scope/domain direction, no `Map<sessionId, …>` at `App` (see [align.md](align.md) §6–§7 red lines).
|
||||
- **Missing** — sketch the port at commit granularity: target domain + scope, the Service/method to add or extend, the dependency direction, and which [align.md](align.md) §7 conversions apply (registration, `#/…` imports, co-located coded error, `IFlagService` for any gate). If it needs a new scope or a wire change, flag it.
|
||||
- **Not-applicable** — recommend no v2 change, but call out any test worth adding so the gap stays closed.
|
||||
|
||||
Keep the recommendation to the commit's footprint. If it keeps growing, that is the signal to hand off to [align.md](align.md) for a full domain port.
|
||||
|
||||
### 6. Verify
|
||||
|
||||
Point at the checks that cover the fix, per [verify.md](verify.md): `lint:domain`, `typecheck`, and the relevant `test`. Note the expected outcome rather than asserting you ran it if you did not.
|
||||
|
||||
## Output shape
|
||||
|
||||
When triaging, answer in this order so the user can act on it directly:
|
||||
|
||||
1. **Commit + intent** — one line restating what the commit changed and why (from the note + diff).
|
||||
2. **v1 location** — file(s) and the behavior delta.
|
||||
3. **v2 status** — one of the four buckets, with `path:line` evidence on both sides.
|
||||
4. **Recommendation** — the concrete fix (or the justified skip), scoped to the commit; name the target Service / scope / dependency direction.
|
||||
5. **Verify** — which checks should pass, and whether to escalate to [align.md](align.md).
|
||||
|
||||
## Red lines (this subskill)
|
||||
|
||||
- Read the diff and the note before judging v2; never infer "aligned" from the description alone.
|
||||
- Do not copy a v1 diff into v2. Decide the bucket first; a bugfix commit often maps to **not-applicable** because the v2 design already removed the defect.
|
||||
- Cite `path:line` on both sides. A recommendation without evidence is a guess.
|
||||
- Stay in the commit's footprint. Growing scope means "switch to [align.md](align.md)", not "keep porting here".
|
||||
- Do not break v2 invariants to chase v1 parity — scope direction, domain direction, and no `Map<sessionId, …>` at `App` still hold ([align.md](align.md) red lines).
|
||||
|
|
@ -1,269 +0,0 @@
|
|||
# Topic — Config
|
||||
|
||||
How the `config` domain works and how a domain owns its configuration section. Covers the section-registry model, the App vs Session split, the TOML on-disk format, and the recipe for adding or migrating a config section.
|
||||
|
||||
The `config` domain is a thin registry + loader: it does **not** know the shape of any individual section. Each domain owns the schema (and, where needed, the TOML transform) for the config it consumes, registers the section into `IConfigRegistry`, and reads it through `IConfigService`. There is no whole-config object passed around.
|
||||
|
||||
## What belongs in Config
|
||||
|
||||
`IConfigService` is the **preference registry**: it holds values a user or
|
||||
operator *chooses*, each with a schema and a default, that *can* be persisted to
|
||||
`config.toml`. It is not a grab-bag for every value a domain needs. Before
|
||||
registering a section, classify the value along three axes — **decision-maker**,
|
||||
**preference vs fact**, **mutability / persistence**:
|
||||
|
||||
| Type | Decision-maker | Preference/Fact | Persisted? | Examples | Home |
|
||||
|---|---|---|---|---|---|
|
||||
| User preference | user | preference | ✅ config.toml | model, theme, log level | **Config** |
|
||||
| Operational override | operator/deployer | preference | ❌ env / flag | `KIMI_MODEL_*`, `KIMI_LOG_*` | **Config** (env overlay) |
|
||||
| Per-run intent | invoker | preference | ❌ ephemeral | CLI `--model`, `--config` | **Config** (Memory layer) |
|
||||
| Host fact | host | fact | ❌ | platform, CI, proxy, home dir | **Bootstrap** |
|
||||
| Derived convention | code | fact (derived) | ❌ | `configPath`, `logsDir` | **Bootstrap / code** |
|
||||
| Session runtime state | session/agent | state | ✅ session meta | active model, plan mode | **Session scope** |
|
||||
| Tuning constant | developer | preference | ❌ compile-time | retry backoffs, buffer sizes | **code** |
|
||||
|
||||
A value belongs in Config **iff** it satisfies all of:
|
||||
|
||||
1. **Preference** — a choice among valid values, not an observed fact.
|
||||
2. **Persistable** — it *can* be written to `config.toml`, even when a given
|
||||
value arrives via env or CLI.
|
||||
3. **Schema + default** — registerable as a section with validation.
|
||||
4. **User- or operator-facing** — meaningful to set as a preference.
|
||||
|
||||
If it fails any rule, it is not Config:
|
||||
|
||||
- **Fact** (CI, platform, proxy, `HOME`) → a structured fact on
|
||||
`IBootstrapService` (the L1 startup snapshot), not Config.
|
||||
- **Derived convention** (`configPath`, `logsDir`) → `IBootstrapService` / code.
|
||||
- **Session runtime state** (active model, plan mode) → a Session-scoped
|
||||
service in the owning domain (e.g. `IProfileService`), not `config`.
|
||||
- **Tuning constant** (retry config, buffer sizes) → domain code; promote to
|
||||
Config only when it becomes user-tunable.
|
||||
|
||||
**`IBootstrapService` is domain-agnostic.** It holds only generic facts shared by
|
||||
all domains — the env bag, resolved paths, and host facts (`platform`, `arch`,
|
||||
`cwd`, `osHomeDir`, `isCI`, …). It must **never** hold state tied to a specific
|
||||
upper domain (no `cron`, no `flags`, no feature-specific fields): that couples
|
||||
the foundational layer to an upstream one.
|
||||
|
||||
Any value that belongs to a specific domain — including env-only operational
|
||||
toggles (`KIMI_CRON_*`, `KIMI_CODE_EXPERIMENTAL_*`), model parameters, or feature
|
||||
flags — goes through **Config registration**: the owning domain registers a
|
||||
section with a declarative `envBindings` map (and a `stripEnv` when the value must
|
||||
not be persisted) and reads it via `config.get(...)`. Each config value declares
|
||||
an optional env binding (`{ field: 'ENV_VAR' }`, with optional `parse`/`default`);
|
||||
IConfig resolves each field by `env > config.toml > default` automatically. This
|
||||
keeps every domain's config in one registry and keeps Bootstrap free of upstream
|
||||
knowledge.
|
||||
|
||||
Operational env overrides and per-run intent live *inside* Config as layers over
|
||||
the same persistable key: `model` can be set in `config.toml`, via `KIMI_MODEL_*`,
|
||||
or via CLI `--model`. They are not separate abstractions — see "Reads vs writes"
|
||||
and "Layered resolution" below.
|
||||
|
||||
Env access is encapsulated: business domains read `config.get(...)` or structured
|
||||
`IBootstrapService` facts; only the `config` domain reads the raw env bag (from
|
||||
`IBootstrapService`) to build its overlays. Business domains must not call
|
||||
`IBootstrapService.getEnv()` directly.
|
||||
|
||||
## Layered resolution
|
||||
|
||||
`IConfigService` resolves a key by precedence across layers, lowest to highest:
|
||||
|
||||
```text
|
||||
Default registered defaultValue (and code constants promoted to a section)
|
||||
↓
|
||||
User config.toml (persisted user preferences)
|
||||
↓
|
||||
Operational env overlay (e.g. KIMI_MODEL_*, KIMI_CODE_EXPERIMENTAL_*)
|
||||
↓
|
||||
Memory per-run intent (CLI flags); never persisted; highest
|
||||
```
|
||||
|
||||
`set(domain, patch, target?)` writes the `User` layer (persisted) by default;
|
||||
pass `ConfigTarget.Memory` for a per-run override that is never written to disk.
|
||||
`inspect(domain)` reports the value at each layer.
|
||||
|
||||
## Layout
|
||||
|
||||
- `src/config/config.ts` — `IConfigRegistry` / `IConfigService` tokens, `ConfigSection`, `ConfigEffectiveOverlay`, event types.
|
||||
- `src/config/configService.ts` — `ConfigRegistry` + `ConfigService` impl; self-registers at App scope.
|
||||
- `src/config/toml.ts` — generic snake_case ↔ camelCase machinery plus the registry-aware `transformTomlData` / `applySectionToToml` entry points. Per-domain normalization lives in the section owner's `configSection.ts` (registered as `fromToml` / `toToml`); this module stays free of any other domain's semantics.
|
||||
- `src/profile/thinking.ts` (owner domain, not `config`) — the `resolveThinkingEffort` helper; uses the authoritative `ThinkingConfig` from `configSection.ts`.
|
||||
- `src/config/configPure.ts` — `isPlainObject`, `deepMerge`, `omitUndefined`, `describeUnknownError`.
|
||||
|
||||
A domain that owns a section keeps the schema in its own `configSection.ts` (e.g. `src/flag/flag.ts` for `experimental`, `src/profile/configSection.ts` for `thinking`, `src/loop/configSection.ts` for `loopControl`). A cross-section env overlay (e.g. the `KIMI_MODEL_*` synthesis) lives in the owning domain too (`src/provider/envOverlay.ts`) and is registered via `IConfigRegistry.registerEffectiveOverlay`.
|
||||
|
||||
## Scope
|
||||
|
||||
- `IConfigRegistry` / `IConfigService` — **App** scope, process-global. One registry of sections; one loader reading `~/.kimi-code/config.toml` (path from `IBootstrapService.configPath`).
|
||||
|
||||
All config reads go through `IConfigService` (global config). Per-session runtime state (active model, thinking level, etc.) lives in the owning Session-scoped service (e.g. `IProfileService`), not in `config`.
|
||||
|
||||
## The section-registry model
|
||||
|
||||
A config section is identified by a camelCase domain key (`'providers'`, `'thinking'`, `'loopControl'`). Each section has:
|
||||
|
||||
- `schema?: ConfigSchema<T>` — zod schema used to validate the value (absent ⇒ passthrough).
|
||||
- `defaultValue?: T` — filled when the file has no value for the domain.
|
||||
- `merge?: ConfigMerge<T>` — how `set(domain, patch)` combines base + patch (default `deepMerge`).
|
||||
- `fromToml?: ConfigFromToml` — read-path transform (snake_case file value → in-memory shape). Defaults to a plain key-casing pass; owners register one when the on-disk shape needs custom normalization (record key preservation, nested object conversion, array entries, key renames, reshapes).
|
||||
- `toToml?: ConfigToToml` — write-path transform (in-memory value → snake_case file value). Defaults to a plain camelCase→snake_case key mapping.
|
||||
|
||||
Ownership rules:
|
||||
|
||||
- **One owner per section.** `registerSection` throws if a domain is registered twice.
|
||||
- **The domain that consumes a config owns its schema.** This is what keeps `config` (L2) from importing higher domains: `config` must not import `externalHooks` / `permissionRules` / `provider` / `kosong` / etc. for a section's schema. If a schema needs a domain's types, the schema lives in that domain.
|
||||
- **Demand-driven.** Do not register sections for config that no domain reads yet; a section appears (with its schema in the owning domain) only when a consumer appears.
|
||||
|
||||
## Env bindings
|
||||
|
||||
A section can declare how its fields are read from environment variables, so the
|
||||
value resolves through `config.get(...)` rather than ad-hoc `process.env` reads.
|
||||
Declare the bindings with `envBindings(schema, { … })` — the field names are
|
||||
type-checked against the schema (no magic strings), and nested schemas recurse:
|
||||
|
||||
```ts
|
||||
registerSection('thinking', ThinkingConfigSchema, {
|
||||
env: envBindings(ThinkingConfigSchema, {
|
||||
effort: 'KIMI_MODEL_THINKING_EFFORT',
|
||||
}),
|
||||
});
|
||||
|
||||
// nested / record section — outer key is a runtime constant, inner fields are
|
||||
// checked against the value schema:
|
||||
registerSection('providers', ProvidersSectionSchema, {
|
||||
env: envBindings(ProvidersSectionSchema, {
|
||||
[ENV_MODEL_PROVIDER_KEY]: envBindings(ProviderConfigSchema, {
|
||||
apiKey: 'KIMI_MODEL_API_KEY',
|
||||
type: 'KIMI_MODEL_PROVIDER_TYPE',
|
||||
baseUrl:'KIMI_MODEL_BASE_URL',
|
||||
}),
|
||||
}),
|
||||
stripEnv: stripProvidersEnv,
|
||||
});
|
||||
```
|
||||
|
||||
Each field is an `EnvBinding` — a string (env var name) or
|
||||
`{ env, parse?, default? }`. IConfig resolves every field by
|
||||
`env > config.toml > default`, sets it on the effective value, and validates the
|
||||
section. Empty nested entries (no field resolved) are omitted, so a synthetic
|
||||
entry like `__kimi_env__` only appears when at least one of its env vars is set.
|
||||
|
||||
`stripEnv(value, rawSnake?)` removes env-derived fields before `set`/`replace`
|
||||
persists, so env overrides never leak into `config.toml`.
|
||||
|
||||
Business domains read `config.get('section')`; they never read env directly, and
|
||||
never write their own env-merge logic.
|
||||
|
||||
## Add a config section (recipe)
|
||||
|
||||
1. Define the schema in the owning domain, e.g. `src/<domain>/configSection.ts`:
|
||||
```ts
|
||||
export const MY_SECTION = 'mySection';
|
||||
export const MySectionSchema = z.object({ /* ... */ });
|
||||
export type MySection = z.infer<typeof MySectionSchema>;
|
||||
```
|
||||
2. In the domain's service constructor, inject `IConfigRegistry` and register:
|
||||
```ts
|
||||
constructor(@IConfigRegistry registry: IConfigRegistry) {
|
||||
registry.registerSection(MY_SECTION, MySectionSchema, { defaultValue: {} });
|
||||
}
|
||||
```
|
||||
Pick a service whose scope matches when the config is first needed. Registering from an Agent-scope service is fine — see "Late registration".
|
||||
3. Read it anywhere via `IConfigService`:
|
||||
```ts
|
||||
constructor(@IConfigService private readonly config: IConfigService) {}
|
||||
// ...
|
||||
const value = this.config.get<MySection>(MY_SECTION);
|
||||
```
|
||||
4. React to edits by subscribing `IConfigService.onDidChange` and filtering on `e.domain === MY_SECTION` (see `FlagService`).
|
||||
5. Write it only through `IConfigService.set(domain, patch)` (merge) or `.replace(domain, value)` (wholesale). Never write `config.toml` directly.
|
||||
|
||||
## Reads vs writes
|
||||
|
||||
Data flow is one-way by default — reading config never touches the file:
|
||||
|
||||
```text
|
||||
config.toml ──load──▶ IConfigService.effective ──get──▶ services read
|
||||
▲ │
|
||||
└──────── IConfigService.set/replace ◀──── only on explicit writes
|
||||
```
|
||||
|
||||
- **Read path** (startup, every service): `config.toml` is loaded into `IConfigService` once; services read via `get()`. This path **never writes the file**.
|
||||
- **Write path** (rare): `config.toml` is rewritten only when something explicitly calls `IConfigService.set/replace`. The only production writers today are provider CRUD (`ProviderService.set/delete`, e.g. provisioning a provider after OAuth login).
|
||||
|
||||
**Runtime service state is not config.** Mutating a service at runtime does **not** rewrite `config.toml`:
|
||||
|
||||
- `ProfileService.configure(...)` / `update(...)` / `setModel(...)` / `setThinking(...)` only change **in-memory** fields and append to the session **wireRecord** (for replay). They never call `IConfigService.set`.
|
||||
- Switching model or thinking level mid-session is session runtime state, not a config edit — the user's `config.toml` is left untouched.
|
||||
|
||||
So `configure(...)` never overwrites the local file. Treat `config.toml` as the user's static config; runtime overrides live in memory and the session record.
|
||||
|
||||
## Late registration
|
||||
|
||||
`ConfigService` loads in its constructor (first `get(IConfigService)`). Domain services that register sections may be constructed later (especially Agent-scope services). To keep validation and defaults correct:
|
||||
|
||||
- `IConfigRegistry` emits `onDidRegisterSection` whenever a section is registered.
|
||||
- `ConfigService` subscribes and, on registration, re-validates the already-loaded raw value for that domain, applies the default if the raw value is absent, re-runs the env overlay, and fires `onDidChange` if the effective value changed.
|
||||
- Before a section is registered, `get(domain)` returns the raw (transformed, unvalidated) value; consumers that need validated values should read after the owning service is constructed, or react to `onDidChange`.
|
||||
|
||||
This means registration order is never a correctness concern — you do not need an eager bootstrap.
|
||||
|
||||
## TOML on-disk format
|
||||
|
||||
`config.toml` stores keys in **snake_case**; in-memory values are **camelCase**. `ConfigService` converts both ways by dispatching to each section's registered transform:
|
||||
|
||||
- **Read**: `transformTomlData(fileData, registry)` maps each top-level key to a domain and applies that domain's `fromToml` hook (or a plain key-casing pass when none is registered). Owner domains register their own normalization — e.g. provider `oauth`/`env`/`customHeaders`, permission `deny/allow/ask` → `rules`, `loop_control.max_steps_per_run` → `maxStepsPerTurn`, `experimental` keys preserved verbatim. When a section registers after the initial load, `ConfigService` re-applies its `fromToml` against the preserved snake_case raw value (see "Late registration"), so registration order is never a correctness concern.
|
||||
- **Write**: `applySectionToToml(rawSnake, domain, value, registry)` applies the domain's `toToml` hook (or a plain camelCase→snake_case mapping) into a raw clone of the file, preserving unknown top-level keys and unknown sub-fields (lossless round-trip).
|
||||
|
||||
`ConfigService` keeps three views:
|
||||
|
||||
- `rawSnake` — snake_case clone of the file; the write base, never carries the env overlay.
|
||||
- `raw` — camelCase, env-free; the read/set/replace base.
|
||||
- `effective` — validated `raw` plus the env overlay; what `get()` returns.
|
||||
|
||||
### `KIMI_MODEL_*` env overlay
|
||||
|
||||
When `KIMI_MODEL_NAME` is set, the `provider` domain's `kimiModelEnvOverlay` (`src/provider/envOverlay.ts`) injects a reserved model alias (`__kimi_env_model__`) into `effective`, points `defaultModel` at it, and merges the request `modelOverrides`; the reserved provider (`__kimi_env__`) comes from the `providers` section env bindings. The overlay is registered via `IConfigRegistry.registerEffectiveOverlay` and applied **only to `effective`**, never to `rawSnake`, so it is never persisted. Its `strip` (plus the providers section `stripEnv`) is the final guard so a caller that read `effective` (with the overlay) cannot write the reserved entries or the shell API key back to disk. `config` itself only runs registered overlays — it does not know the `KIMI_MODEL_*` semantics.
|
||||
|
||||
## Owner-owned sections
|
||||
|
||||
`config` holds no monolithic config schema and no whole-config object. Every section is owned by the domain that consumes it: the schema (and any `fromToml` / `toToml` normalization and `stripEnv`) lives in that domain's `configSection.ts`, and the domain registers it via `IConfigRegistry.registerSection`. Cross-section env behavior (e.g. `KIMI_MODEL_*`) lives in an owner-registered `ConfigEffectiveOverlay`. To add a section, follow "Add a config section" above in the owning domain — never add schema or normalization to `config` itself.
|
||||
|
||||
## Ownership map (current)
|
||||
|
||||
| Section | Owner | Layer | Status |
|
||||
|---|---|---|---|
|
||||
| `providers` | `provider` | L2 | owner-owned (`IProviderService` CRUD) |
|
||||
| `experimental` | `flag` | L3 | owner-owned |
|
||||
| `thinking` | `profile` | L4 | owner-owned |
|
||||
| `loopControl` | `loop` | L4 | owner-owned (read by `loop` + `profile`) |
|
||||
| `McpServerConfig` (type) | `mcp` | L5 | owner-owned (type only; not a registered section) |
|
||||
| `session` | `config` | L2 | in config |
|
||||
| `models` / `defaultModel` / `defaultProvider` | `kosong` | L1 | owner-owned (read by `ProviderManager`) |
|
||||
| `hooks` | `externalHooks` | L4 | owner-owned |
|
||||
| `permission` | `permissionRules` | L3 | owner-owned |
|
||||
| `background` | `background` | L5 | owner-owned |
|
||||
|
||||
`config` must not import from any of these owner domains; that is the whole reason the schemas, TOML normalization, and env overlays live with their owners.
|
||||
|
||||
## Layering & scope
|
||||
|
||||
- `config` is **L2**. Domains that own sections import `config` (for `IConfigRegistry` / `IConfigService`) and must be at L2 or higher; lower layers need an entry in `ALLOWED_EXCEPTIONS` (e.g. `kosong>config`, `kosong>provider`).
|
||||
- Cross-domain type sharing for a config type may need an exception too (e.g. `plugin>mcp` for `McpServerConfig`). Prefer importing the type from the owning domain over re-declaring it.
|
||||
- `IConfigRegistry` / `IConfigService` are **App**. Agent scope services may inject App services via ancestor lookup.
|
||||
- `config` never imports a higher domain and holds no section schemas of its own; if a section needs a type from another domain, that schema lives in that domain.
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- One owner per section; `registerSection` throws on duplicate domains.
|
||||
- `config` (L2) never imports a higher domain — keep section schemas in the owning domain.
|
||||
- Config is the **preference registry**: register only values that are preferences, persistable, schema'd, and user/operator-facing. Facts → `IBootstrapService`; session state → Session scope; constants → code.
|
||||
- Business domains read `config.get(...)` or structured `IBootstrapService` facts; never call `IBootstrapService.getEnv()` directly — only `config` reads the raw env bag to build overlays.
|
||||
- Keep `IBootstrapService` domain-agnostic: never add state tied to a specific upper domain (cron, flags, model params, …). Domain-specific config goes through `registerSection` + `envBindings`, read via `config.get(...)`.
|
||||
- Do not pass a whole config bag via options; read each section through `IConfigService`. There is no `KimiConfig` object — config is a registry of owner-owned sections.
|
||||
- `config.toml` is snake_case on disk, camelCase in memory — never write camelCase keys to disk, and never write to `config.toml` except through `IConfigService.set/replace`.
|
||||
- Reading config / calling `configure(...)` / switching model at runtime must not rewrite `config.toml`; runtime state lives in memory and the session wireRecord, not the file.
|
||||
- Never persist env overlays (`__kimi_env__` / `__kimi_env_model__` / shell API key / experimental env); overlays live only in `effective` / `Memory`.
|
||||
- Registering from an Agent-scope service is fine — the late-registration mechanism keeps validation correct; do not add an eager bootstrap.
|
||||
|
|
@ -1,285 +0,0 @@
|
|||
# Stage 2 — Design a service
|
||||
|
||||
Decide *where things live and who knows whom* before writing code. Every rule here derives from two questions:
|
||||
|
||||
1. **What is the identity of the state it owns?** → decides the **Scope**.
|
||||
2. **Who owns the decision, and who needs the result?** → decides the **calling style** and **dependency direction**.
|
||||
|
||||
## 1. What a Service is
|
||||
|
||||
A Service = a bundle of **state** + a set of **behaviors**, bound to a **lifetime**.
|
||||
|
||||
- **Behavior** is almost free — the same logic runs anywhere, so it does not by itself decide a scope.
|
||||
- **State** pins a Service to a scope. State has an **identity** (what it is keyed by) and a **lifetime** (when it is born, when it dies).
|
||||
- **Dependencies / calling style** answer a different question: who controls whom, and who knows whom.
|
||||
|
||||
## 2. Choosing a scope
|
||||
|
||||
> Scope = the identity + lifetime of the owned state.
|
||||
|
||||
| Scope | State identity (keyed by) | Lifetime |
|
||||
|---|---|---|
|
||||
| `App` | none (single global instance) | the process |
|
||||
| `Session` | `sessionId` | one session |
|
||||
| `Agent` | `agentId` | one agent |
|
||||
|
||||
### Decision tree
|
||||
|
||||
**Q1. Does it own mutable state?**
|
||||
|
||||
- No (pure behavior) → jump to Q3.
|
||||
- Yes → Q2.
|
||||
|
||||
**Q2. What is the identity of that state?**
|
||||
|
||||
- one global instance → **`App`**
|
||||
- one per session → **`Session`**
|
||||
- one per agent → **`Agent`**
|
||||
- a mix (a global registry *and* per-instance state) → **split it** (see §3).
|
||||
|
||||
**Q3 (stateless). What is the shortest-lived dependency it must inject?**
|
||||
|
||||
A stateless Service is pulled *down* by its shortest-lived dependency: if it injects an `Agent`-scoped Service, it cannot be `App`. Among the scopes that still satisfy every dependency, **default to the longest-lived one** (usually `App`) to maximize reuse. Push it down only when it must inject a shorter-lived Service, or when you want to limit its visibility.
|
||||
|
||||
### The core anti-pattern (a litmus test)
|
||||
|
||||
> **Do not store per-session state in a `Map<sessionId, …>` inside an `App` Service.**
|
||||
|
||||
This is the tell-tale sign of "should have been `Session`-scoped but was parked at `App`". Consequences: nobody cleans the entry up when the session ends (leak); every consumer threads `sessionId` around (loss of type safety); it cannot inject `Session`/`Agent`-scoped collaborators.
|
||||
|
||||
### One-sentence self-check
|
||||
|
||||
> "When this scope is disposed, should this state disappear with it?"
|
||||
>
|
||||
> - Yes → the scope is right.
|
||||
> - It must outlive the scope → too short; move up one tier.
|
||||
> - It should be one-per-unit but is shared → too long; move down one tier.
|
||||
|
||||
## Scope is not a domain
|
||||
|
||||
Scope answers **lifetime and visibility**. Domain answers **responsibility and data ownership**. A Service registered at `Session` or `Agent` scope is not automatically part of the `session` or `agent` domain, and an entity Service must not be named `I{Scope}EntityService` just because its data is scoped that way.
|
||||
|
||||
Use the data-ownership test and the `session` / `agent` / `turn` split conclusions in [domain-boundaries.md](domain-boundaries.md) before naming a Service or adding `I{Domain}EntityService`.
|
||||
|
||||
## 3. Multi-Scope splitting
|
||||
|
||||
> One Service owns state at exactly one identity / lifetime. If a domain owns state at several lifetimes, split it along those boundaries — one Service per lifetime.
|
||||
|
||||
The standard split is "global registry / factory" + "per-instance":
|
||||
|
||||
| Tier | Role | Naming tends to |
|
||||
|---|---|---|
|
||||
| `App` | global registry / catalog / factory — knows "all of them" and how to create one | `XxxStore` / `XxxRegistry` / `XxxCatalog` |
|
||||
| `Session` / `Agent` | one instance — only the state of "this one" | `XxxService` / `ISessionXxx` / `IAgentXxx` |
|
||||
|
||||
Canonical splits in the codebase:
|
||||
|
||||
- **`records`** — `ISessionStore` (`App`) + `ISessionMetaStore` (`Session`) + `IAgentRecords` (`Agent`).
|
||||
- **`config`** — `IConfigRegistry` / `IConfigService` (`App`).
|
||||
- **`kosong`** — `IProtocolHandlerRegistry` (`App`) + `IProviderManager` (`Session`). Generation is driven by `ILLMRequester` (`Agent`) in the `llmRequester` domain.
|
||||
- **`tool`** — `IToolDefinitionRegistry` (`App`) + `IToolService` (`Agent`).
|
||||
|
||||
Split when the domain genuinely has both a global view and per-instance state. Do **not** split when state lives at only one lifetime (e.g. purely `App` like `log`; purely `Agent` like `prompt`). Do not pre-split for symmetry.
|
||||
|
||||
After the split, the `App` Service usually plays the **factory**; most consumers inject the **per-instance** Service. Inject the `App` factory only when you genuinely need cross-instance management.
|
||||
|
||||
## 4. Choosing a calling style
|
||||
|
||||
Three mechanisms answer three different questions:
|
||||
|
||||
| Mechanism | Nature | Coupling | Returns a value? | Consumers |
|
||||
|---|---|---|---|---|
|
||||
| **Direct call** | command: A tells B to do | A → B | yes | one (known) |
|
||||
| **Event** | fact: A announces "X happened" | both depend only on the bus | no | zero / one / many (unknown) |
|
||||
| **Hook** (`onWill` / `onDid`, `OrderedHookSlot`) | participation: observers step into an operation, in order | both depend only on the bus | can observe / veto | many, but ordered |
|
||||
|
||||
### Decision tree
|
||||
|
||||
**Q1. Does A need a return value from B?** → Yes: **direct call**. Events cannot return a value (request/reply over events is an anti-pattern).
|
||||
|
||||
**Q2. Is B's reaction part of A's responsibility, or B's own concern?**
|
||||
|
||||
- A's responsibility *includes* B's behavior (A orchestrates B) → **direct call**. E.g. `session` drives `agentLifecycle`; `loop` drives `llmRequester` / `toolExecutor`.
|
||||
- B's reaction is B's own concern, A merely states a fact → **event**. E.g. `flag` reacts to `config.onDidChange`.
|
||||
|
||||
**Q3. How many consumers?**
|
||||
|
||||
- exactly one, known → **direct call**.
|
||||
- zero / one / many, producer should not know → **event**.
|
||||
|
||||
**Q4. Would a direct A→B call create a cycle or violate scope direction?** → A *consequence check*, not a primary reason. Decide by Q1–Q3 first; do not turn a genuine direct call into an event just to break a cycle.
|
||||
|
||||
**Q5. Is this fact part of the durable record / replay / cross-agent projection?** → Yes: **emit it on the wire** (`wireRecord`). State changes that must be recorded, replayed, or synchronized across agents are projected onto the wire, not handled by a direct call alone (`permission.set_mode`, `goal.create/update/clear`, `plan_mode.enter/exit`). The wire is the *durable record*, not the live notification channel.
|
||||
|
||||
### One-sentence rule
|
||||
|
||||
> "I am telling you to do this, and I may need the result" → **direct call.**
|
||||
> "I am announcing that something happened; react if you care" → **event.**
|
||||
> "I am announcing something, and you may step in, in order, possibly to veto" → **hook.**
|
||||
|
||||
### As extension points (open-closed)
|
||||
|
||||
The three mechanisms above are also where a domain accepts new behavior without being edited. When adding a scenario would otherwise require changing this domain's `if/else`, expose the right extension point instead:
|
||||
|
||||
| Need | Extension point | Typical scope |
|
||||
|---|---|---|
|
||||
| Register a new implementation / definition | a **registry / catalog** the domain queries | `App` |
|
||||
| React to a fact the domain announces | an **event** on the bus | the announcing scope |
|
||||
| Step into an operation in order / veto | a **hook** (`onWill`/`onDid`, `OrderedHookSlot`) | the owning scope |
|
||||
| Swap a backend (File ↔ DB ↔ S3) | a **Store / Storage token** at the byte layer (see persistence.md) | `App` (composition root) |
|
||||
|
||||
Closed-for-modification means: the domain's own file is not where new scenarios branch. If a new scenario forces an edit here, an extension point is missing or misplaced.
|
||||
|
||||
## 5. Dependency direction
|
||||
|
||||
Two layers are involved:
|
||||
|
||||
- **Scope direction**: short-lived → long-lived, **enforced by the container** (see orient.md).
|
||||
- **Domain direction**: which domain may depend on which — **a matter of judgment**, not enforced by the container.
|
||||
|
||||
> **A depends on B iff A needs B's data or behavior to do its own job.**
|
||||
|
||||
Add one anti-rot heuristic to keep the graph from collapsing into a clique:
|
||||
|
||||
> **Do not let a more foundational / more-reused Service come to know a more specific / more-upstream one.**
|
||||
|
||||
Once a foundational component knows about an upstream scenario, it can no longer be reused by other scenarios and will almost always create a cycle.
|
||||
|
||||
### The natural layers of this repo
|
||||
|
||||
`agent-core-v2` is stratified into eight dependency layers, **L0–L7** (the `Ln` number in file headers — see orient.md for the full table and the representative domains). A domain at layer `L` may import only domains at layer `<= L`; lower layers never reach upward. `lint:domain` enforces this from the `DOMAIN_LAYER` map in `scripts/check-domain-layers.mjs`.
|
||||
|
||||
The tiers, from lowest to highest:
|
||||
|
||||
- **L0 — base infrastructure** (`_base`, errors, wire types).
|
||||
- **L1 — bridges & low-level capabilities** (logging, telemetry, event bus, environment, storage).
|
||||
- **L2 — data & cross-cutting capabilities** (records, config, providers, auth, workspace registry).
|
||||
- **L3 — registries & capabilities** (tools, permissions, flags, skills, plugins).
|
||||
- **L4 — agent behaviour** (turn, loop, prompt, profile, context, goal, plan, swarm).
|
||||
- **L5 — async lifecycle** (background, MCP, cron, sub-agent tools).
|
||||
- **L6 — coordination** (session, agent/session lifecycle, interactions, terminal).
|
||||
- **L7 — boundary / edge** (`gateway`, `rpc`, approval/question, the `*Legacy` v1 adapters).
|
||||
|
||||
Red lines:
|
||||
|
||||
- The **L0/L1 substrate** never imports a higher business layer.
|
||||
- Business logic never depends on the **L7 edge** layer — business code should not know REST / WebSocket exist.
|
||||
- A cycle means knowledge was placed backwards: extract a third, more foundational Service, or invert the "notification" half into an event.
|
||||
|
||||
> Capability → orchestrator (e.g. `prompt → turn`) is allowed and present in this repo; the real red line is *inverted reuse* — a foundational / lower Service depending on a specific / upper one.
|
||||
|
||||
> When a Service is meant to be reached over the wire (`/api/v2`, WS), see [edge-exposure.md](edge-exposure.md) for the per-scope `resource:action` map, which Services may be exposed directly vs wrapped in a facade, and how events stream.
|
||||
|
||||
## 6. New-Service checklist
|
||||
|
||||
1. **What does it remember, and what is the state's identity?** → pick the scope (§2).
|
||||
2. **What is the shortest-lived dependency it must inject?** → the scope cannot be longer than that.
|
||||
3. **Does it own state at both a global and a per-instance lifetime?** → if yes, split Multi-Scope (§3).
|
||||
4. **For each collaborator: am I commanding it, notifying it, or letting it participate?** → pick the calling style (§4).
|
||||
5. **Does each dependency arrow make a more foundational thing know a more specific thing?** → if yes, invert it (§5).
|
||||
|
||||
## 7. Render the placement tree
|
||||
|
||||
After the checklist, render the result as a plaintext tree — the deliverable reviewers read. Keep it in the design doc or PR description.
|
||||
|
||||
```text
|
||||
domain: `<name>` (owning scope: <Scope>)
|
||||
├─ serves (who uses me) tag = HOW they reach me
|
||||
│ ├─ (inject) <ConsumerDomain> @<Scope> — <what they use me for>
|
||||
│ └─ (accessor) <ConsumerDomain> @<Scope> — <what they use me for>
|
||||
├─ exposes (interfaces I provide, by scope)
|
||||
│ ├─ App : <IXxxRegistry> — <role>
|
||||
│ ├─ Session : <ISessionXxx> — <role>
|
||||
│ └─ Agent : <IAgentXxx> — <role>
|
||||
└─ depends (what I inject) tag = calling style
|
||||
└─ <DepDomain> @<Scope> direct/event/hook — <what for>
|
||||
```
|
||||
|
||||
Conventions:
|
||||
|
||||
- List **only real interfaces**; write `—` for a scope with no exposed interface. Most domains are single-scope — do not invent symmetry.
|
||||
- On `depends`, tag each arrow with its calling style: `direct`, `event`, or `hook`.
|
||||
- On `serves`, tag each consumer with its **access mechanism**, grouped `inject` first then `accessor`:
|
||||
- `inject` — a descendant or peer scope DI-injects me. Resolved by the container; lifetime-safe.
|
||||
- `accessor` — an ancestor or edge scope borrows me through `IScopeHandle.accessor.get(...)`. Valid only while this scope lives; never cache the result; must run before the child scope is disposed. See the cross-scope borrow diagram below.
|
||||
- An empty `(inject)` group with a non-empty `(accessor)` group is a signal: the interface is currently an edge / lifecycle command surface — check it is not leaking internals.
|
||||
- A consumer is upstream of you. If you cannot name one business consumer, the domain may be dead or mis-scoped.
|
||||
|
||||
### Cross-scope borrow diagram
|
||||
|
||||
When a domain has `accessor` consumers, draw the reverse-direction borrow next to the tree so it is never mistaken for injection:
|
||||
|
||||
```text
|
||||
App scope
|
||||
<AncestorService> ──holds──► IScopeHandle(<id>)
|
||||
│
|
||||
│ accessor.get(<IMyService>)
|
||||
│ └── resolve runs inside the child scope
|
||||
▼
|
||||
<Child> scope (<id>)
|
||||
<MyService> ← the interface lives here
|
||||
```
|
||||
|
||||
Read it as:
|
||||
|
||||
- `──holds──►` = the ancestor owns a handle to the child scope (it stores the key, not the service). DI allows this.
|
||||
- `accessor.get(...)` = a **runtime borrow**, not a dependency edge. It must cross an `IScopeHandle`, run on demand, never be cached, and finish before the child scope is disposed.
|
||||
|
||||
Worked example — `sessionLifecycle`:
|
||||
|
||||
```text
|
||||
domain: `sessionLifecycle` (owning scope: App)
|
||||
├─ serves (who uses me)
|
||||
│ ├─ (inject) — (none yet)
|
||||
│ └─ (accessor)
|
||||
│ ├─ sessionLegacy @App(edge) — v1-compatible create/fork/archive/…
|
||||
│ └─ gateway / rpc @App(edge) — native v2 session lifecycle actions
|
||||
├─ exposes (interfaces I provide, by scope)
|
||||
│ ├─ App : ISessionLifecycleService — owns the live session scope tree
|
||||
│ ├─ Session : — — (per-session state lives in sessionMetadata / agentLifecycle / …)
|
||||
│ └─ Agent : — — (per-agent state lives in agentLifecycle)
|
||||
└─ depends (what I inject)
|
||||
├─ bootstrap @App direct — addresses session storage
|
||||
├─ hostEnvironment @App direct — gates scope creation on the probe
|
||||
├─ sessionIndex @App direct — persisted read model for cold resumes
|
||||
├─ storage @App direct — atomic docs + append logs
|
||||
├─ workspaceRegistry @App direct — resolves a session's workspace
|
||||
└─ event @App direct — broadcasts session-level facts (e.g. archived)
|
||||
```
|
||||
|
||||
Cross-scope borrow for `sessionLifecycle`:
|
||||
|
||||
```text
|
||||
App scope
|
||||
SessionLifecycleService ──holds──┐
|
||||
GatewayService ───────────holds──┼──► IScopeHandle(sessionId)
|
||||
│
|
||||
│ accessor.get(ISessionMetadata) …
|
||||
│ └── resolve runs inside the Session scope
|
||||
▼
|
||||
Session scope (sessionId)
|
||||
sessionMetadata / agentLifecycle / … ← per-session services live here
|
||||
```
|
||||
|
||||
How the three lenses shaped it:
|
||||
|
||||
- **Scope (§2)** → the live registry of session scopes is process-wide, so it is App-scoped; per-session data stays in Session-scoped services, reached through the handle's `accessor`.
|
||||
- **Dependency direction (§5)** → `sessionLifecycle` is consumed by the edge via `accessor` borrows; it never imports the edge. Every downward arrow lands on a peer or a more foundational Service.
|
||||
- **Extension points (§4)** → new per-session behavior plugs into the Session-scoped services (`sessionMetadata`, `agentLifecycle`, `sessionActivity`); new transports stay at the edge. Neither edits `sessionLifecycle`.
|
||||
|
||||
For a multi-scope split, the `exposes` block fills more than one scope — see the `records` pattern in §3.
|
||||
|
||||
## Red lines (this stage)
|
||||
|
||||
- Scope is not a domain; ownership follows write authority and invariants, not read consumption.
|
||||
- Do not create `I{Scope}EntityService` bundles (`IAgentEntityService`, `ISessionEntityService`) that re-merge multiple domains.
|
||||
- No `Map<sessionId, …>` at `App` to fake per-session state.
|
||||
- Scope follows state identity; stateless Services are pulled down by their shortest-lived dependency, otherwise default to `App`.
|
||||
- Do not pre-split a domain that has state at only one lifetime.
|
||||
- Need a result / I orchestrate → direct call; stating a fact → event; ordered participation / may veto → hook.
|
||||
- Foundational layers never know upstream ones; business code never depends on the edge layer.
|
||||
- A cycle means knowledge is placed backwards — refactor, do not route around it.
|
||||
- Render the placement tree with real interfaces only — never pad an empty scope for symmetry.
|
||||
- Tag `serves` consumers with `inject` / `accessor`; an empty `inject` group is a signal to check the interface is not leaking internals.
|
||||
- An `accessor` consumer is a runtime borrow across a scope boundary, not DI injection — never cache the result and finish before the child scope disposes.
|
||||
- A `serves` list with no business consumer (or only edge consumers) signals a dead or leaking interface.
|
||||
|
|
@ -1,203 +0,0 @@
|
|||
# Topic — Domain boundaries vs Scope
|
||||
|
||||
How to keep `agent-core-v2` from recreating a god object after splitting one. Read this before naming a Service, adding an `I{Domain}EntityService`, or deciding whether data belongs to `session`, `agent`, or `turn`.
|
||||
|
||||
## The one-sentence rule
|
||||
|
||||
> **Scope is a lifetime and visibility boundary; a domain is a responsibility and data-ownership boundary.**
|
||||
|
||||
A Service registered at `LifecycleScope.Session` or `LifecycleScope.Agent` is **not automatically in the `session` or `agent` domain**. Scope says when an instance is born, when it dies, and who can see it. Domain says which business responsibility it owns and which data it is allowed to mutate.
|
||||
|
||||
## Definitions
|
||||
|
||||
| Term | Meaning |
|
||||
|---|---|
|
||||
| **Scope** | Lifetime / visibility tier. Current code registers Services at `App`, `Session`, or `Agent`. |
|
||||
| **Domain** | A cohesive business responsibility with its own model, invariants, and write authority. |
|
||||
| **Entity** | Data with identity and lifecycle, usually suitable for `get/list/create/update/delete` semantics. |
|
||||
| **Aggregate** | A consistency boundary: the owner that enforces invariants over a cluster of data. |
|
||||
| **Read model / projection** | Derived data built for queries; it may be shaped like a domain, but it is not the write authority. |
|
||||
| **Runtime state** | Ephemeral data that dies with its scope; it should not be forced into an entity store. |
|
||||
|
||||
## The data-ownership test
|
||||
|
||||
Do not ask "does Session / Agent / Turn use this data?". Most data is used by several of them. Ask these instead:
|
||||
|
||||
1. **What is the data's identity?** `sessionId`, `agentId`, `turnId`, `taskId`, `workspaceId`, `providerName`, or something else?
|
||||
2. **Who is the only writer?** The writer is usually the owner. Readers and projectors are not owners.
|
||||
3. **Who enforces the invariants?** The domain that decides valid transitions owns the model.
|
||||
4. **What is the authoritative source?** Atomic document, append-log / event stream, blob, query projection, config, or runtime memory?
|
||||
5. **Can it be named without `Session` / `Agent` / `Turn`?** If yes, it probably deserves its own domain.
|
||||
|
||||
Examples:
|
||||
|
||||
- `PermissionRules` are Agent-scoped, but `permission` owns rule changes and evaluation.
|
||||
- `BackgroundTask` is spawned by an Agent, but `background` owns task state and output.
|
||||
- `ContextMessage` is consumed by the Agent loop, but `contextMemory` / `wireRecord` owns history and replay.
|
||||
- `SessionMeta` is about a Session, but it is owned by `sessionMetadata`, not by a broad `session` data bag.
|
||||
|
||||
## Persistence models are not all entity CRUD
|
||||
|
||||
Before introducing `I{Domain}EntityService`, classify the persistence model:
|
||||
|
||||
| Persistence model | Use when | Examples |
|
||||
|---|---|---|
|
||||
| **Atomic document** | One typed document per key | `SessionMeta`, `config.toml` |
|
||||
| **Append-log / event-sourced** | The authoritative record is "what happened" | `wireRecord`, `contextMemory`, `goal`, `plan`, `permission` transitions |
|
||||
| **Blob / key-value** | Large or content-addressed bytes | media offload, blob store |
|
||||
| **Indexed query / read model** | Derived, queryable view | `sessionIndex`, future `IQueryStore` projections |
|
||||
| **Registry / catalog** | Global or scoped known items | `workspaceRegistry`, `toolRegistry` |
|
||||
| **Ephemeral runtime state** | No durable entity | active turn handle, pending interactions, terminal handles |
|
||||
|
||||
See [persistence.md](persistence.md) for the `Store → Storage → backend` rules. A domain EntityService is a business facade over those stores; it is not a replacement for the store layer.
|
||||
|
||||
## Naming consequence
|
||||
|
||||
Do not name Services after a scope or a god-object-shaped concept:
|
||||
|
||||
- ❌ `IAgentEntityService`
|
||||
- ❌ `IAgentDataService`
|
||||
- ❌ `ISessionEntityService`
|
||||
- ❌ `ITurnEntityService` that bundles context, tools, permissions, and telemetry
|
||||
|
||||
Name Services after the real owning domain:
|
||||
|
||||
- ✅ `ISessionMetadata`
|
||||
- ✅ `ISessionIndex`
|
||||
- ✅ `IAgentLifecycleService`
|
||||
- ✅ `ITurnService`
|
||||
- ✅ `IBackgroundTaskEntityService`
|
||||
- ✅ `ICronTaskEntityService`
|
||||
- ✅ `IPermissionRulesService`
|
||||
|
||||
`Session` and `Agent` are valid scope names. They are usually **not** good data-owner names.
|
||||
|
||||
## Split conclusion — `session`
|
||||
|
||||
`session` is both a Scope and a narrow Domain. Keep the Domain small.
|
||||
|
||||
The `session` domain owns only Session-level identity, metadata, lifecycle commands, and Session-level read views:
|
||||
|
||||
| Concern | Owner | Notes |
|
||||
|---|---|---|
|
||||
| `sessionId`, `workspaceId`, `sessionDir`, `metaScope` | `sessionContext` | Seeded facts; no IO |
|
||||
| `SessionMeta` | `sessionMetadata` | Durable atomic document; entity-like |
|
||||
| Open session scope registry | `sessionLifecycle` | App-scope live handles; not the persisted entity table |
|
||||
| Session commands such as `archive()` | `session` | Orchestrates metadata, agent teardown, and events |
|
||||
| Persisted session list / get / count | `sessionIndex` | Backend-neutral read model |
|
||||
| Running / idle / awaiting status | `sessionActivity` | Derived from interactions and active turns; owns no state |
|
||||
|
||||
`session` must not reabsorb these:
|
||||
|
||||
| Data | Real owner |
|
||||
|---|---|
|
||||
| Agent instances / handles | `agentLifecycle` |
|
||||
| Turns | `turn` |
|
||||
| Context messages | `contextMemory` / `wireRecord` |
|
||||
| Tool state | `toolStore` / `tool` |
|
||||
| Permission rules / mode | `permission` |
|
||||
| Profile / model | `profile` |
|
||||
| Goal / Plan | `goal` / `plan` |
|
||||
| Background tasks | `background` |
|
||||
| Cron tasks | `cron` |
|
||||
| Pending approvals / questions | `interaction` / `approval` / `question` |
|
||||
| Workspace | `workspaceRegistry` |
|
||||
| Provider / config | `provider` / `config` |
|
||||
|
||||
Entity-service conclusion for `session`:
|
||||
|
||||
- ✅ `ISessionMetadata` is already an entity-document Service.
|
||||
- ✅ `ISessionIndex` is a query/read-model Service.
|
||||
- ❌ Do not create a broad `ISessionEntityService` that owns agents, turns, records, interactions, logs, workspace, and config.
|
||||
|
||||
## Split conclusion — `agent`
|
||||
|
||||
`agent` is primarily a Scope and composition boundary, not a large data Domain.
|
||||
|
||||
Strictly, the `agent` domain owns only Agent-instance concerns:
|
||||
|
||||
| Concern | Owner | Notes |
|
||||
|---|---|---|
|
||||
| Agent instance identity / handle | `agentLifecycle` | Owns live Agent scope handles |
|
||||
| Agent creation / removal | `agentLifecycle` | Lifecycle, not a data bag |
|
||||
| Parent / child relationship | `session` / `agentLifecycle` depending on current code | Do not duplicate it into a new Agent data service |
|
||||
| Active turn reference | `turn` | Turn is its own domain even though it is Agent-scoped |
|
||||
|
||||
Many Agent-scoped Services are **not** in the `agent` domain:
|
||||
|
||||
| Data / capability | Real owner | Persistence model |
|
||||
|---|---|---|
|
||||
| Wire records | `wireRecord` | Append-log |
|
||||
| Context messages | `contextMemory` | Event-sourced through `wireRecord` |
|
||||
| Profile / model config | `profile` | Config + wire records |
|
||||
| Tool definitions / registry | `toolRegistry` | Runtime registry |
|
||||
| Tool mutable state | `toolStore` | Wire records |
|
||||
| Permission mode / rules | `permissionMode` / `permissionRules` | Wire records + config |
|
||||
| Goal | `goal` | Wire records |
|
||||
| Plan | `plan` | Wire records + plan file |
|
||||
| Skill activation | `skill` | Wire records |
|
||||
| Background tasks | `background` | Task records / output logs, candidate for entity service |
|
||||
| Cron tasks | `cron` | Task records, candidate for entity service |
|
||||
|
||||
Entity-service conclusion for `agent`:
|
||||
|
||||
- ✅ Keep `IAgentLifecycleService` for Agent instance lifecycle.
|
||||
- ✅ If a persisted Agent identity registry is ever needed, name it after that narrow concern, e.g. `IAgentInstanceRegistry`.
|
||||
- ❌ Do not create `IAgentEntityService` or `IAgentDataService` that bundles profile, records, tools, permission, goal, plan, background, cron, and turn.
|
||||
|
||||
## Split conclusion — `turn`
|
||||
|
||||
`turn` is a Domain, but it is **not** currently a separate `LifecycleScope` in code; `ITurnService` is registered at `Agent` scope.
|
||||
|
||||
`turn` owns one execution round's runtime state and turn-level facts:
|
||||
|
||||
| Concern | Owner | Notes |
|
||||
|---|---|---|
|
||||
| Active `Turn` handle | `turn` | `id`, `abortController`, `ready`, `result` |
|
||||
| Turn id allocation | `turn` | Restored from `turn.prompt` records and `context.append_loop_event` turn ids |
|
||||
| Turn lifecycle hooks | `turn` | `onLaunched`, `onEnded`, `beforeStep`, `afterStep` |
|
||||
| `turn.started` / `turn.ended` live events | `turn` | Live event stream |
|
||||
|
||||
`turn` must not own these:
|
||||
|
||||
| Data / capability | Real owner |
|
||||
|---|---|
|
||||
| Prompt and context messages | `contextMemory` |
|
||||
| Append-only record log mechanics | `wireRecord` |
|
||||
| Step loop | `loop` |
|
||||
| Tool execution | `toolExecutor` / `tool` |
|
||||
| Permission decisions | `permission` |
|
||||
| External hook policy | `externalHooks` |
|
||||
| Telemetry pipeline | `telemetry` |
|
||||
| Event transport | `eventSink` |
|
||||
|
||||
Entity-service conclusion for `turn`:
|
||||
|
||||
- ✅ Keep `ITurnService` as a runtime orchestrator.
|
||||
- ✅ Add a Turn read model / projection only if history queries are needed.
|
||||
- ❌ Do not create `ITurnEntityService` with `create/update/delete/list` over a turn table as the authoritative model.
|
||||
|
||||
## Migration recipe
|
||||
|
||||
When moving data out of a v1 god object or reviewing a proposed EntityService:
|
||||
|
||||
1. **Name the data without using `Session`, `Agent`, or `Turn`.** If you cannot, the domain is probably unclear.
|
||||
2. **Find the writer.** The exclusive writer is the likely owner.
|
||||
3. **Find the invariant.** The Service that rejects invalid transitions owns the model.
|
||||
4. **Classify the persistence model.** Atomic document, append-log, blob, query projection, registry, or runtime-only.
|
||||
5. **Pick the Service shape.**
|
||||
- Entity document / record → `I{Domain}EntityService` or domain-specific CRUD Service.
|
||||
- Event-sourced → behavior Service + `wireRecord` record types + optional projection.
|
||||
- Derived query → read-model Service, not a write authority.
|
||||
- Runtime-only → scoped Service with no entity store.
|
||||
6. **Choose the Scope by state identity.** Scope follows what the state is keyed by; it does not decide the domain name.
|
||||
7. **Render the placement tree** from [design.md §7](design.md#7-render-the-placement-tree).
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Scope is not a domain. `Session` / `Agent` scopes do not make data `session` / `agent` owned.
|
||||
- Ownership follows write authority and invariants, not read consumption.
|
||||
- Do not create `I{Scope}EntityService` bundles (`IAgentEntityService`, `ISessionEntityService`, `ITurnEntityService`) that re-merge multiple domains.
|
||||
- Event-sourced domains keep behavior Services and append-log records; do not replace them with arbitrary CRUD.
|
||||
- Read models may be shaped like a domain, but they are projections, not write authorities.
|
||||
- A dependency is not ownership. A Service may inject another domain without owning that domain's data.
|
||||
|
|
@ -1,181 +0,0 @@
|
|||
# Edge exposure — `resource:action` + WS events
|
||||
|
||||
How a domain's Services become the wire surface (`/api/v2`) and WebSocket events. This is a **design-time** decision: which Services are exposed, under what public `resource:action` name, and which events stream.
|
||||
|
||||
The transport (`/api/v2` over HTTP + WS) lives in the **edge** layer (`gateway`/`rpc`/`transport`). It borrows business Services by interface; business code never imports it.
|
||||
|
||||
## 1. The edge model
|
||||
|
||||
Three scopes, three URL shapes, one dispatcher:
|
||||
|
||||
```text
|
||||
GET|POST /api/v2/:sa Core
|
||||
GET|POST /api/v2/session/:session_id/:sa Session
|
||||
GET|POST /api/v2/session/:session_id/agent/:agent_id/:sa Agent
|
||||
```
|
||||
|
||||
`:sa` is a single path segment of the form `<resource>:<action>` (e.g.
|
||||
`sessions:list`, `session:read`, `profile:getModel`).
|
||||
|
||||
- `:resource` is a **public** name (`sessions`, `session`, `profile`), never an internal domain token (`ISessionMetadata`).
|
||||
- `:action` is the method. `GET` for reads, `POST` for writes.
|
||||
- Body = the method's single argument (JSON), omitted for no-arg.
|
||||
- Response = the project envelope `{ code, msg, data, request_id, details? }`.
|
||||
- The dispatcher resolves the **scope** from the URL, the **Service** from an `actionMap`, calls the method, wraps the result.
|
||||
|
||||
```ts
|
||||
// actionMap — the allowlist; hides internal domain names.
|
||||
const actionMap = {
|
||||
core: { 'sessions:list': { service: ISessionIndex, method: 'list' }, ... },
|
||||
session: { 'session:read': { service: ISessionMetadata, method: 'read' }, ... },
|
||||
agent: { 'profile:getModel': { service: IProfileService, method: 'getModel' }, ... },
|
||||
};
|
||||
```
|
||||
|
||||
The `actionMap` is the single allowlist: only mapped `resource:action` pairs are callable; unknown → `40001`.
|
||||
|
||||
## 2. What may be exposed directly
|
||||
|
||||
A Service method is directly exposable iff **all** hold:
|
||||
|
||||
1. Args are JSON-serializable (no live objects, `AbortSignal`, callbacks, resumer fns).
|
||||
2. Return is JSON-serializable data or `void` (no `IScopeHandle`, `Turn`, `IProcess`, `AsyncIterable`, `IDisposable`, `Event`).
|
||||
3. Errors are `KimiError` (coded).
|
||||
4. It is a command/query, not a factory, stream, byte-store, or sink.
|
||||
|
||||
If any fail → wrap in a **facade** (a Service that takes ids, returns data, throws `KimiError`) and expose the facade. The repo already ships a wire-shaped facade in `rpc/core-api.ts` (`CoreAPI` / `SessionAPI` / `AgentAPI`) behind `IAgentRPCService` / `ISessionRPCService` — prefer building the HTTP edge on top of it rather than re-deriving a new one.
|
||||
|
||||
## 3. Per-scope `resource:action` map
|
||||
|
||||
Read = `GET`, write = `POST`. `sid` = `session_id`, `aid` = `agent_id`.
|
||||
|
||||
### Core (`/api/v2/:resource:action`)
|
||||
|
||||
| resource | action | Service.method | verb |
|
||||
|---|---|---|---|
|
||||
| `sessions` | `list` | ISessionIndex.list | GET |
|
||||
| `sessions` | `get` | ISessionIndex.get | GET |
|
||||
| `sessions` | `countActive` | ISessionIndex.countActive | GET |
|
||||
| `workspaces` | `list` | IWorkspaceRegistry.list | GET |
|
||||
| `workspaces` | `get` | IWorkspaceRegistry.get | GET |
|
||||
| `workspaces` | `createOrTouch` | IWorkspaceRegistry.createOrTouch | POST |
|
||||
| `workspaces` | `update` | IWorkspaceRegistry.update | POST |
|
||||
| `workspaces` | `delete` | IWorkspaceRegistry.delete | POST |
|
||||
| `config` | `get` / `getAll` / `inspect` | IConfigService.* | GET |
|
||||
| `config` | `set` / `replace` / `reload` | IConfigService.* | POST |
|
||||
| `providers` | `list` / `get` | IProviderService.* | GET |
|
||||
| `providers` | `set` / `delete` | IProviderService.* | POST |
|
||||
| `oauth` | `startLogin` / `cancelLogin` / `logout` | IOAuthService.* | POST |
|
||||
| `oauth` | `getFlow` / `status` | IOAuthService.* | GET |
|
||||
| `auth` | `summarize` | IAuthSummaryService.summarize | GET |
|
||||
| `auth` | `ensureReady` | IAuthSummaryService.ensureReady | POST |
|
||||
| `flags` | `snapshot` / `enabled` / `explain` / `explainAll` | IFlagService.* | GET |
|
||||
| `fs` | `browse` / `home` | IHostFolderBrowser.* | GET |
|
||||
| `meta` | `getEnv` / `detect` | IBootstrapService.* | GET |
|
||||
|
||||
### Session (`/api/v2/session/:sid/:resource:action`)
|
||||
|
||||
| resource | action | Service.method | verb |
|
||||
|---|---|---|---|
|
||||
| `session` | `read` | ISessionMetadata.read | GET |
|
||||
| `session` | `update` | ISessionMetadata.update | POST |
|
||||
| `session` | `setTitle` | ISessionMetadata.setTitle | POST |
|
||||
| `session` | `setArchived` | ISessionMetadata.setArchived | POST |
|
||||
| `session` | `status` | ISessionActivity.status | GET |
|
||||
| `session` | `isIdle` | ISessionActivity.isIdle | GET |
|
||||
| `session` | `archive` | ISessionLifecycleService.archive | POST |
|
||||
| `approvals` | `listPending` | IApprovalService.listPending | GET |
|
||||
| `approvals` | `decide` | IApprovalService.decide | POST |
|
||||
| `questions` | `listPending` | IQuestionService.listPending | GET |
|
||||
| `questions` | `answer` | IQuestionService.answer | POST |
|
||||
| `interactions` | `listPending` | IInteractionService.listPending | GET |
|
||||
| `interactions` | `respond` | IInteractionService.respond | POST |
|
||||
| `workspace` | `setWorkDir` / `addAdditionalDir` / `removeAdditionalDir` / `resolve` | IWorkspaceContext.* | GET/POST |
|
||||
|
||||
### Agent (`/api/v2/session/:sid/agent/:aid/:resource:action`)
|
||||
|
||||
| resource | action | Service.method | verb |
|
||||
|---|---|---|---|
|
||||
| `goal` | `get` | IGoalService.getGoal | GET |
|
||||
| `goal` | `create` / `pause` / `resume` / `cancel` | IGoalService.* | POST |
|
||||
| `plan` | `status` | IPlanService.status | GET |
|
||||
| `plan` | `enter` / `exit` / `cancel` / `clear` | IPlanService.* | POST |
|
||||
| `tasks` | `list` / `get` / `readOutput` | IBackgroundService.* | GET |
|
||||
| `tasks` | `stop` / `detach` | IBackgroundService.* | POST |
|
||||
| `usage` | `status` | IUsageService.status | GET |
|
||||
| `context` | `status` | IAgentContextSizeService.get | GET |
|
||||
| `swarm` | `isActive` | ISwarmService.isActive | GET |
|
||||
| `swarm` | `enter` / `exit` | ISwarmService.* | POST |
|
||||
| `permission` | `getMode` | IPermissionModeService.mode | GET |
|
||||
| `permission` | `setMode` | IPermissionModeService.setMode | POST |
|
||||
| `permissionRules` | `list` | IPermissionRulesService.rules | GET |
|
||||
| `permissionRules` | `addRules` | IPermissionRulesService.addRules | POST |
|
||||
| `profile` | `get` / `getModel` / `getSystemPrompt` / `getActiveToolNames` | IProfileService.* | GET |
|
||||
| `profile` | `setModel` / `setThinking` | IProfileService.* | POST |
|
||||
| `messages` | `list` | IContextMemory.get | GET |
|
||||
| `messages` | `splice` | IContextMemory.splice | POST |
|
||||
| `toolStore` | `get` / `data` | IToolStoreService.* | GET |
|
||||
| `toolStore` | `set` | IToolStoreService.set | POST |
|
||||
| `mcp` | `list` | IMcpService.list | GET |
|
||||
| `mcp` | `reconnect` | IMcpService.reconnect | POST |
|
||||
| `tools` | `list` | IToolRegistry.list | GET |
|
||||
|
||||
## 4. Facade-needed (wrap before exposing)
|
||||
|
||||
These fail §2 and must be wrapped in a facade that takes ids and returns data:
|
||||
|
||||
| Service | Why not direct | Facade shape |
|
||||
|---|---|---|
|
||||
| ISessionLifecycleService | returns `IScopeHandle` | `sessions.create` / `fork` / `close` / `archive` → wire Session |
|
||||
| IAgentPromptService / IAgentTurnService | returns `Turn` handle | `prompts.submit` / `steer` / `abort` / `undo` |
|
||||
| ILLMRequester | `AsyncIterable` stream | stream over WS, not RPC |
|
||||
| ISubagentHost | `SubagentHandle` | `subagents.spawn` / `resume` → info |
|
||||
| IProcessRunner | `IProcess` streams | terminal (separate WS protocol) |
|
||||
| Storage / Store (IFileSystemStorageService / IAppendLogStore / IAtomicDocumentStore / IBlobStore) | bytes / streams | not for RPC |
|
||||
| IAgentFileSystem | `withCwd` handle | `fs.read` / `write` → text/bytes |
|
||||
| IExternalHooksService | server-side outbound | not exposed |
|
||||
| IWireRecord | write-ahead log | internal |
|
||||
|
||||
## 5. WS events
|
||||
|
||||
A single WebSocket endpoint multiplexes RPC `call`s and event `listen`s over a JSON protocol (the lean counterpart of VSCode's `IMessagePassingProtocol`, carrying the same safety features — see §6):
|
||||
|
||||
```text
|
||||
WS /api/v2/ws
|
||||
```
|
||||
|
||||
Client → server: `hello` (auth), `call` (scope + `resource:action` + arg), `cancel`, `listen` (scope + event), `unlisten`, `pong`.
|
||||
Server → client: `ready`, `result`, `error`, `event`, `ping`.
|
||||
|
||||
`call` reuses the same dispatcher as the HTTP routes (scope + `actionMap`). `listen` subscribes to an `Event<T>` source and forwards each emission as an `event` message, keyed by the client-chosen `id`.
|
||||
|
||||
The `eventMap` binds a public event name to the scope's `Event` source (analogous to the `actionMap`):
|
||||
|
||||
| Scope | event | Source |
|
||||
|---|---|---|
|
||||
| Core | `events` | `IEventService.subscribe` (process-wide `DomainEvent` bus) |
|
||||
| Agent | `events` | `IEventSink.on` (per-agent `AgentEvent` stream) |
|
||||
|
||||
Session-level `onDidChange` sources (metadata / interactions) carry no payload today, so they are not exposed until there is a concrete consumer.
|
||||
|
||||
Safety / reliability (carried over from `packages/server/src/ws/connection.ts` and VSCode's `ChannelServer`):
|
||||
|
||||
- request ids + active-request table — `cancel` / `unlisten` disposes them;
|
||||
- heartbeat — `ping` every 30s, `pong` timeout 10s → `terminate`;
|
||||
- schema validation — invalid frames are dropped, not fatal;
|
||||
- graceful close — dispose listeners, cancel pending, reject in-flight calls;
|
||||
- no stack traces over the wire;
|
||||
- non-serializable event payloads are dropped, never fatal.
|
||||
|
||||
Cursor / replay / resync for events is a future addition (a separate `call` before `listen`); the raw stream is the foundation.
|
||||
|
||||
## 6. Red lines (edge exposure)
|
||||
|
||||
- Never expose an internal domain token (`ISessionMetadata`) as a URL segment — use a public `resource` name + `action`.
|
||||
- Never expose a method that returns a handle / stream / bytes / disposable — wrap in a facade.
|
||||
- Never expose a method that takes a live object / `AbortSignal` / callback / resumer fn — wrap in a facade.
|
||||
- Session / Agent Services are reached by `accessor.get` with the id from the URL — never cache the result; finish before the scope disposes.
|
||||
- The `actionMap` is the allowlist — only mapped `resource:action` pairs are callable; unknown → `40001`.
|
||||
- Events stream over WS (`listen`), never RPC (`call`).
|
||||
- Business code never imports the edge (`gateway` / `rpc` / `transport`) — the edge borrows business Services by interface.
|
||||
- Read = `GET`, write = `POST`; do not overload `POST` for reads when caching / browser-friendliness matters.
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
# Topic — Errors
|
||||
|
||||
Error infrastructure for agent-core-v2: base classes, the per-domain code contract, wire serialization, and the conventions domains follow when raising errors. The package-level reference is `packages/agent-core-v2/docs/errors.md`; this topic summarizes the hot-path rules.
|
||||
|
||||
Base classes and serialization are **centralized** in `_base/errors`; error **codes** are **decentralized** — each domain owns an `errors.ts` that self-registers its codes and metadata, and the `src/errors.ts` facade aggregates them into the unified `ErrorCodes` const.
|
||||
|
||||
## Where things live
|
||||
|
||||
- `src/_base/errors/errors.ts`: base classes — `Error2`, `ExpectedError`, `ErrorNoTelemetry`, `BugIndicatingError`, `NotImplementedError`, plus `isError2` and `unwrapErrorCause`.
|
||||
- `src/_base/errors/codes.ts`: the `ErrorDomain` contract, the `ErrorCode` type (aliased to the protocol's `KimiErrorCode`), the registry (`registerErrorDomain` / `errorInfo` / `isErrorCode`), and `CoreErrors` (`internal`, `not_implemented`).
|
||||
- `src/_base/errors/serialize.ts`: `ErrorPayload`, `isCodedError`, `toErrorPayload`, `fromErrorPayload`. Wire-facing names (`KimiErrorPayload`, `toKimiErrorPayload`) mirror the protocol and are kept as-is.
|
||||
- `src/_base/errors/unexpectedError.ts`: `onUnexpectedError` / `setUnexpectedErrorHandler` (global handler).
|
||||
- `src/<domain>/errors.ts`: the domain's `XxxErrors` descriptor (codes + retryable list + per-code info overrides), self-registered on import.
|
||||
- `src/errors.ts`: the **facade** — imports every domain's `errors.ts`, builds `ErrorCodes`, re-exports the primitives. Throw sites import from here.
|
||||
|
||||
## Conventions (hard rules)
|
||||
|
||||
- **Throw a coded error, not a bare string.** `throw new Error2(ErrorCodes.X, …)`. Bare `new Error` only for unreachable guards; `BugIndicatingError` for caller bugs; `NotImplementedError('feature')` for stubs.
|
||||
- **Define codes in the owning domain**, in `<domain>/errors.ts` as an `XxxErrors` descriptor (`satisfies ErrorDomain` + `registerErrorDomain`), then wire it into the facade. Never add domain codes to `_base/errors`.
|
||||
- **One `code` per failure mode.** Codes read `domain.reason`. The valid code strings are fixed by the protocol (`KimiErrorCode` in `packages/protocol/src/events.ts`): **add new codes to the protocol first**. Renaming/removing a code is a major.
|
||||
- **Translate foreign errors at the boundary.** Provider/HTTP, fs, MCP errors are re-thrown as the owning domain's coded error. `_base/errors` never imports a business domain.
|
||||
- **Translation is idempotent and cause-preserving.** Translators (`toHostFsError`, `toStorageIoError`) pass through an already-translated error and always keep the original as `cause`.
|
||||
- **`details` is structured and JSON-serializable; `message` is a short human sentence.** Paths/errnos/scope/key go into `details`, not the message.
|
||||
- **Cancellation passes through untranslated** (`UserCancellationError` from `_base/utils/abort`) — apply only at boundaries that can actually see cancellation; do not sprinkle the check everywhere.
|
||||
- **Classify wrapped errors via `unwrapErrorCause`** — errno/status predicates test the unwrapped cause, not the coded wrapper.
|
||||
- **Branch on `code`, never `instanceof`, across the wire.** In-process, `instanceof Error2` / `isCodedError` are fine.
|
||||
|
||||
## Reference tiers
|
||||
|
||||
- `os.fs` — `HostFsError` via `toHostFsError` (`os/interface/hostFsErrors.ts`): errno → `os.fs.*`, details `{ path, op, errno?, syscall? }`.
|
||||
- `os.process` — `HostProcessError`: `spawn_failed` / `kill_failed`, raw error as `cause`.
|
||||
- `storage` — `StorageError` (`persistence/interface/storage.ts`): `not_found` / `decode_failed` / `corrupted` / `io_failed` (retryable) / `locked` (retryable). ENOENT keeps absence semantics, never an error. A locked query store throws `storage.locked`; consumers catch it explicitly and fall back — no silent no-op degradation.
|
||||
- `wire` — `WireError` (`wire/errors.ts`): `DuplicateOpError`, `CycleError`, and `wire.unknown_record` (replay skips unknown records, reports via `onUnexpectedError`, returns `{ unknownRecords }`).
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Throw a coded error with a `code`, not a bare string (except unreachable guards / `BugIndicatingError` / `NotImplementedError`).
|
||||
- Codes live in the owning domain's `errors.ts` and self-register; new codes land in the protocol first.
|
||||
- Translate foreign errors at the owning domain's boundary, idempotently, with `cause` and structured `details`; `_base/errors` never imports a business domain.
|
||||
- Branch on `code` across the wire, never `instanceof`.
|
||||
|
|
@ -1,108 +0,0 @@
|
|||
# Topic — Flags
|
||||
|
||||
Experimental feature-flag gating for agent-core-v2 — an App-scope `IFlagService` resolver plus a writable `IFlagRegistry` catalog that domains contribute their flags to, backed by the `[experimental]` config section.
|
||||
|
||||
Gate not-yet-public features behind `IFlagService.enabled(id)`, per the repository hard rule that unreleased behavior must be flag-gated. v1 was a process-global `FlagResolver` singleton over a central `FLAG_DEFINITIONS` array; v2 is a scoped DI service whose flag definitions are registered **decentrally** by each owning domain — there is no central catalog to edit.
|
||||
|
||||
## Layout
|
||||
|
||||
- `src/flag/flagRegistry.ts` — `IFlagRegistry` token + `FlagDefinitionInput` / `FlagId` / `FlagSurface` types + `registerFlagDefinition` / `getContributedFlags` (import-time contribution queue).
|
||||
- `src/flag/flagRegistryService.ts` — `FlagRegistryService` impl; in-memory catalog seeded from import-time contributions; App scope.
|
||||
- `src/flag/flag.ts` — `IFlagService` token + resolver types (`ExperimentalFlagMap`, `ExperimentalFlagConfig`, `ExperimentalFlagSource`, `ExperimentalFeatureState`) + `ExperimentalConfigSchema` / `ExperimentalConfig` (zod).
|
||||
- `src/flag/flagService.ts` — `FlagService` impl + `MASTER_ENV` (`KIMI_CODE_EXPERIMENTAL_FLAG`) + `EXPERIMENTAL_SECTION` (`experimental`); reads definitions from `IFlagRegistry`; self-registers at App scope.
|
||||
- `src/flag/index.ts` — **removed (no barrel)**; `src/index.ts` imports the `flag` leafs precisely instead (e.g. `import './flag/flagService'`).
|
||||
- `src/<domain>/flag.ts` — each domain that owns a flag declares it here and calls `registerFlagDefinition` at the module top level (e.g. `src/multiServer/flag.ts`). The directory already names the domain, so the file is just `flag.ts`.
|
||||
|
||||
## Public surface
|
||||
|
||||
- `IFlagService` (DI token, App scope): `enabled(id)`, `explain(id)`, `snapshot()`, `enabledIds()`, `explainAll()`, `setConfigOverrides(overrides)`, `registry`.
|
||||
- `IFlagRegistry` (DI token, App scope): `register(definition)`, `get(id)`, `list()` — writable catalog. `register` is the **runtime** path (tests, dynamic registration); `IFlagService.registry` exposes the same instance for hosts/UI to enumerate flags without resolving them.
|
||||
- `registerFlagDefinition(definition)` — the **import-time** path. Domains call this from their `flag.ts` top level; contributions are queued and drained by `FlagRegistryService` when it is instantiated.
|
||||
- `FlagService` / `FlagRegistryService`: exported for tests and hosts that construct them directly.
|
||||
|
||||
## Resolution precedence
|
||||
|
||||
Highest wins; env is read live on every call (nothing cached):
|
||||
|
||||
1. Master env `KIMI_CODE_EXPERIMENTAL_FLAG` truthy → every flag on.
|
||||
2. Per-feature `def.env` (e.g. `KIMI_CODE_EXPERIMENTAL_MY_FEATURE`) → forces on/off.
|
||||
3. `[experimental]` config section per-flag override.
|
||||
4. Registry `default`.
|
||||
|
||||
`explain(id)` returns the winning `source` (`master-env` | `env` | `config` | `default`) plus the effective `configValue`. `explain(id)` returns `undefined` (and `enabled(id)` returns `false`) for an id that no domain has registered.
|
||||
|
||||
## Config integration
|
||||
|
||||
- `FlagService` registers the `[experimental]` section into `IConfigRegistry` at construction (`registerSection('experimental', ExperimentalConfigSchema)`) and reads overrides from `IConfigService`.
|
||||
- It subscribes `IConfigService.onDidChange` and refreshes overrides whenever the `experimental` domain changes, so config edits apply live.
|
||||
- `IConfigRegistry.registerSection` throws if a domain is registered twice — `experimental` is owned exclusively by `FlagService`.
|
||||
- `setConfigOverrides(overrides)` is an imperative escape hatch for tests and hosts without an `IConfigService`; hosts on `IConfigService` should set the `[experimental]` section instead.
|
||||
|
||||
Config shape:
|
||||
|
||||
```toml
|
||||
[experimental]
|
||||
my_feature = false
|
||||
```
|
||||
|
||||
Keys are intentionally loose (`z.record(z.string(), z.boolean())`), so obsolete flags stay inert config.
|
||||
|
||||
## Add a flag
|
||||
|
||||
Declare the definition in the owning domain's `flag.ts` and call `registerFlagDefinition` at the module top level. There is no central catalog to edit.
|
||||
|
||||
`src/<domain>/flag.ts`:
|
||||
|
||||
```ts
|
||||
import { type FlagDefinitionInput, registerFlagDefinition } from '#/flag';
|
||||
|
||||
export const myFeatureFlag: FlagDefinitionInput = {
|
||||
id: 'my_feature',
|
||||
title: 'My feature',
|
||||
description: '...',
|
||||
env: 'KIMI_CODE_EXPERIMENTAL_MY_FEATURE',
|
||||
default: false,
|
||||
surface: 'both',
|
||||
};
|
||||
|
||||
registerFlagDefinition(myFeatureFlag);
|
||||
```
|
||||
|
||||
Then ensure the package entry `src/index.ts` imports the flag leaf precisely so the top-level call runs at import time — there is no `src/<domain>/index.ts` barrel:
|
||||
|
||||
```ts
|
||||
// src/index.ts
|
||||
import './<domain>/flag';
|
||||
```
|
||||
|
||||
`src/index.ts` imports every domain's leaf files precisely (one line per leaf), so the contribution runs during bootstrap, before any scope is created — and therefore before any consumer resolves `IFlagService`.
|
||||
|
||||
- `env` must start with `KIMI_CODE_EXPERIMENTAL_`, be unique, and not equal `KIMI_CODE_EXPERIMENTAL_FLAG`.
|
||||
- `id` must not be `flag`. A duplicate `id` throws when `FlagRegistryService` drains the contributions.
|
||||
- `FlagId` is `string`, not a literal union: with no central catalog there is nothing to derive it from, so `enabled()` has no compile-time typo-checking. Cover gated behavior with tests instead.
|
||||
- `surface`: `core` | `tui` | `both` (documentation/grouping only; not used in resolution).
|
||||
|
||||
## Consume a flag
|
||||
|
||||
Inject `IFlagService` and gate on it. It is resolvable from any scope (App ancestor):
|
||||
|
||||
```ts
|
||||
constructor(@IFlagService private readonly flags: IFlagService) {}
|
||||
// ...
|
||||
if (!this.flags.enabled('my_feature')) return;
|
||||
```
|
||||
|
||||
## Layering & scope
|
||||
|
||||
- Domain `flag` is registered at **L3**. It imports only `config` (L2) downward.
|
||||
- It cannot live in `_base` (L0): registering/reading the config section requires importing `config`, and L0 must not import L2.
|
||||
- Scope: `IFlagRegistry` and `IFlagService` are both `App`. Env + config are process-global inputs, so there is no per-session/agent state. Flag definitions are contributed at **import time** (top-level `registerFlagDefinition` calls), so they are queued before any scope is created and drained when `FlagRegistryService` is first instantiated — before `IFlagService` is first resolved.
|
||||
- Tests build `FlagService` + `FlagRegistryService` directly with a real `ConfigRegistry`/`ConfigService` and an injected env map, then `register` the flags they exercise.
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Gate unreleased behavior behind a registered flag; no ad-hoc env toggles.
|
||||
- Contribute each flag from the **owning domain's** `flag.ts` (`src/<domain>/flag.ts`) via a top-level `registerFlagDefinition` call; there is no central catalog to edit. The directory names the domain, so the file is just `flag.ts`.
|
||||
- `env` must start with `KIMI_CODE_EXPERIMENTAL_`, be unique, and not equal `KIMI_CODE_EXPERIMENTAL_FLAG`; `id` must not be `flag`.
|
||||
- `FlagId` is `string` (decentralized registration) — do not reintroduce a central `FLAG_DEFINITIONS` array or a derived literal union.
|
||||
- `flag` lives at L3 and `App` scope — never in `_base`, never per-session.
|
||||
|
|
@ -1,258 +0,0 @@
|
|||
# Stage 3 — Implement
|
||||
|
||||
Write the contract leaf, implementation leaf (with its registration), and the package-entry lines that load them. Each section below introduces one DI building block as you need it. Source lives in `src/_base/di/`.
|
||||
|
||||
## Standard recipe for a new `IXxxService`
|
||||
|
||||
1. **Contract leaf** — `src/<domain>/<domain>.ts`: interface (with `_serviceBrand`) + `createDecorator` identity.
|
||||
2. **Impl leaf** — `src/<domain>/<domain>Service.ts`: class with `@IX` constructor deps; top-level `registerScopedService(scope, IX, Impl, type, '<domain>')`.
|
||||
3. **Entry** — `src/index.ts`: load each leaf precisely — `export * from './<domain>/<domain>';` for the contract and `import './<domain>/<domain>Service';` for the impl (importing the impl runs the registration). **No `src/<domain>/index.ts` barrel.**
|
||||
4. **Tests** — see test.md.
|
||||
|
||||
There is **no central wiring file**: bindings live in each domain's impl file and are collected through import side effects.
|
||||
|
||||
## §1 Interface + identity (a global service, no deps)
|
||||
|
||||
```ts
|
||||
// greet/greet.ts
|
||||
import { createDecorator, type ServiceIdentifier } from '#/_base/di/instantiation';
|
||||
|
||||
export interface IGreeter {
|
||||
readonly _serviceBrand: undefined; // type marker: tells DI "this is a service"
|
||||
hello(): string;
|
||||
}
|
||||
|
||||
export const IGreeter: ServiceIdentifier<IGreeter> = createDecorator<IGreeter>('greeter');
|
||||
```
|
||||
|
||||
`createDecorator(name)` produces a `ServiceIdentifier` that is three things at once: a runtime key, a parameter decorator, and a compile-time carrier of the `IGreeter` type.
|
||||
|
||||
> **The identity name is globally unique.** `createDecorator` caches by `name`; two domains using the same string collide and share one identity.
|
||||
|
||||
```ts
|
||||
// greet/greetService.ts
|
||||
import { InstantiationType } from '#/_base/di/extensions';
|
||||
import { LifecycleScope, registerScopedService } from '#/_base/di/scope';
|
||||
import { IGreeter } from './greet';
|
||||
|
||||
export class Greeter implements IGreeter {
|
||||
declare readonly _serviceBrand: undefined; // mirrors the interface marker
|
||||
hello(): string { return 'hi'; }
|
||||
}
|
||||
|
||||
registerScopedService(
|
||||
LifecycleScope.App, // lifetime: process-wide
|
||||
IGreeter, // identity
|
||||
Greeter, // implementation
|
||||
InstantiationType.Eager, // when to construct: immediately
|
||||
'greet', // domain name (for diagnostics)
|
||||
);
|
||||
```
|
||||
|
||||
The scope a class binds to is an **intrinsic property of the class**, decided at the registration point, not the call site.
|
||||
|
||||
The impl's top-level `registerScopedService` runs as soon as the module is imported. There is no `greet/index.ts` barrel — instead, add the leafs to the package entry `src/index.ts`, one line per leaf:
|
||||
|
||||
```ts
|
||||
// src/index.ts
|
||||
export * from './greet/greet';
|
||||
import './greet/greetService'; // this import runs registerScopedService
|
||||
```
|
||||
|
||||
Anyone can now `accessor.get(IGreeter)` the single global instance.
|
||||
|
||||
## §2 Constructor injection (your service uses others)
|
||||
|
||||
```ts
|
||||
export class SessionMetadata extends Disposable implements ISessionMetadata {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
|
||||
constructor(
|
||||
@ISessionContext private readonly ctx: ISessionContext,
|
||||
@IAtomicDocumentStore private readonly store: IAtomicDocumentStore,
|
||||
@ILogService private readonly log: ILogService,
|
||||
) {
|
||||
super();
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
`@ISessionContext` records "parameter 0 needs `ISessionContext`" on the class metadata; the container fills it when constructing.
|
||||
|
||||
Three inviolable constraints:
|
||||
|
||||
1. **Do not `new` a class with `@IService` deps** — `new` bypasses registration, scope, and the singleton cache. Inject with `@IX` or `accessor.get(IX)`.
|
||||
2. **`@IX` decorates constructor parameters only.** Decorating a field/method throws at runtime.
|
||||
3. **Parameter order depends on how the object is built** — for `createInstance` non-singletons, static params come first (see §7); for scoped services, `@IX` params are conventionally first and any static params need defaults. See service-authoring.md §constructor-conventions.
|
||||
|
||||
Consumers resolve by interface and never import the impl class:
|
||||
|
||||
```ts
|
||||
const meta = accessor.get(ISessionMetadata); // type is ISessionMetadata
|
||||
```
|
||||
|
||||
> If you need "a config" rather than "a service", model it as a service (e.g. `IConfigService`) and inject it. If you need a per-turn, parameterized, non-singleton object, see §7.
|
||||
|
||||
## §3 Scoped registration (not global)
|
||||
|
||||
Swap the `scope` argument to bind to a different tier:
|
||||
|
||||
```ts
|
||||
registerScopedService(LifecycleScope.Session, ISessionMetadata, SessionMetadata, InstantiationType.Delayed, 'sessionMetadata');
|
||||
```
|
||||
|
||||
Remember the visibility rule from orient.md: a service may inject services from its own scope or any ancestor; never from a descendant.
|
||||
|
||||
## §4 Releasing resources (`Disposable`)
|
||||
|
||||
For a service that subscribes to events, starts timers, or holds handles:
|
||||
|
||||
```ts
|
||||
import { Disposable } from '#/_base/di/lifecycle';
|
||||
|
||||
export class WSBroadcastService extends Disposable implements IWSBroadcastService {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
|
||||
constructor(@IEventService event: IEventService) {
|
||||
super();
|
||||
this._register(event.subscribe(() => { /* … */ })); // collect child resources
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
- Extend `Disposable`, collect any `IDisposable` with `this._register(d)` (event subscriptions, `toDisposable(fn)`, etc.).
|
||||
- The container calls `dispose()` automatically when the service is torn down; child resources release in turn.
|
||||
- Disposal order is deterministic (orient.md): child scopes first, then reverse construction order within a scope.
|
||||
|
||||
## §5 Eager vs delayed instantiation
|
||||
|
||||
```ts
|
||||
// Eager: constructed when the scope is created
|
||||
registerScopedService(LifecycleScope.App, ILogService, LogService, InstantiationType.Eager, 'log');
|
||||
|
||||
// Delayed: constructed on first get
|
||||
registerScopedService(LifecycleScope.App, IScopeRegistry, ScopeRegistry, InstantiationType.Delayed, 'gateway');
|
||||
```
|
||||
|
||||
A `Delayed` service returns a **Proxy** that constructs the real instance on first property access. Listeners registered on its `onDid…` / `onWill…` events before construction are not lost — the container records them and replays the subscriptions once the instance exists.
|
||||
|
||||
> Rule of thumb: `Eager` for dependency-free, frequently-used, or "early side effect" services (e.g. `ILogService`); default to `Delayed` otherwise.
|
||||
|
||||
## §6 Using a service inside a plain function (`invokeFunction`)
|
||||
|
||||
When you do not want a new class and just need a service once, or when you expose a `ServicesAccessor` to the outside:
|
||||
|
||||
```ts
|
||||
const accessor: ServicesAccessor = {
|
||||
get: <T>(id: ServiceIdentifier<T>): T => instantiation.invokeFunction((a) => a.get(id)),
|
||||
};
|
||||
```
|
||||
|
||||
`invokeFunction(fn)` hands `fn` a `ServicesAccessor` valid **only during that call**.
|
||||
|
||||
> **The accessor is valid only during the invocation.** Calling `accessor.get()` after `invokeFunction` returns throws `"service accessor is only valid during the invocation"`. Do not stash it for async use — inject the service in the constructor (§2) if you need it long-term.
|
||||
|
||||
## §7 Creating a non-singleton object with deps (`createInstance`)
|
||||
|
||||
For a per-turn executor that also has `@IService` deps:
|
||||
|
||||
```ts
|
||||
class TurnRunner {
|
||||
constructor(
|
||||
private readonly input: string, // static param: passed by caller
|
||||
private readonly turn: number, // static param: passed by caller
|
||||
@ILogService private readonly log: ILogService, // service param: injected by container
|
||||
) {}
|
||||
}
|
||||
|
||||
const runner = instantiation.createInstance(TurnRunner, 'hello', 1);
|
||||
```
|
||||
|
||||
Static params come first (you pass them), service params follow (the container fills them), then `Reflect.construct` builds the instance. This object is **not** placed in any scope's singleton cache — every call is a fresh instance.
|
||||
|
||||
> This is why service params must follow static params **for `createInstance`**: the container sorts by the parameter positions recorded via `@IX`. `_serviceBrand` lets the compiler tell the two kinds apart. Scoped services built by `registerScopedService` follow a different convention (`@IX` params first, optional static params after) — see service-authoring.md §constructor-conventions.
|
||||
|
||||
## §8 Spawning a child scope / child container
|
||||
|
||||
For a service that "starts a new session / agent" and needs a child scope, inject `IInstantiationService` itself (every container binds itself as `IInstantiationService`):
|
||||
|
||||
```ts
|
||||
export class ScopeRegistry implements IScopeRegistry {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
|
||||
constructor(@IInstantiationService private readonly instantiation: IInstantiationService) {}
|
||||
|
||||
createSession(opts: CreateSessionOptions): Promise<IScopeHandle> {
|
||||
const collection = new ServiceCollection();
|
||||
for (const entry of getScopedServiceDescriptors(LifecycleScope.Session)) {
|
||||
collection.set(entry.id, entry.descriptor); // collect Session-tier descriptors
|
||||
}
|
||||
const child = this.instantiation.createChild(collection); // spawn child container
|
||||
const accessor: ServicesAccessor = {
|
||||
get: <T>(id: ServiceIdentifier<T>): T => child.invokeFunction((a) => a.get(id)),
|
||||
};
|
||||
const handle: IScopeHandle = { id: opts.sessionId, kind: LifecycleScope.Session, accessor };
|
||||
this.sessions.set(opts.sessionId, handle);
|
||||
return Promise.resolve(handle);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Key points:
|
||||
|
||||
- `getScopedServiceDescriptors(scope)` returns every descriptor registered at that tier; load them into a `ServiceCollection`.
|
||||
- `instantiation.createChild(collection)` builds a child container whose parent pointer is the current container — so the child resolves upward to `App` services (the visibility rule).
|
||||
- Expose the child to the outside by wrapping it in a `ServicesAccessor` via `invokeFunction` (§6).
|
||||
|
||||
> Higher-level code usually calls `Scope.createChild(kind, id)` (it does the "filter descriptors + build child" for you). Drop to the manual `ServiceCollection` form only when you need explicit control.
|
||||
|
||||
## §9 Cyclic dependencies (forbidden — refactor)
|
||||
|
||||
Business rule: **no cyclic dependencies.** The container rejects them; the correct response is to refactor, not to make it run.
|
||||
|
||||
### The container rejects synchronous cycles
|
||||
|
||||
If A needs B while being created and B needs A while being created, the container throws `CyclicDependencyError` with a `path` like `['A', 'B', 'A']`. Self-cycles (A depends on itself) are also rejected. This is a protection mechanism telling you the two services' responsibilities are mis-drawn.
|
||||
|
||||
### Why cycles are disallowed
|
||||
|
||||
- Scope layering makes normal dependencies a DAG (Agent → Session → App, resolving upward); a cycle is almost always a design smell.
|
||||
- "Making the cycle happen to work" turns construction order into an implicit contract — hard to debug.
|
||||
|
||||
v2's stance: **the dependency graph must be acyclic.**
|
||||
|
||||
### How to refactor (in priority order)
|
||||
|
||||
1. **Extract a third service C.** Move the part A and B both need into C; let A and B both depend on C instead of each other. The most common fix.
|
||||
2. **Decouple with an event.** If A only needs to know about a change in B, have B emit via `IEventService` and A subscribe, rather than A holding a reference to B.
|
||||
3. **Re-partition scope.** One of them may belong at a different tier — moving it makes the cycle disappear.
|
||||
|
||||
### Delayed as a cycle-breaker (legacy escape hatch — forbidden)
|
||||
|
||||
A legacy mechanism lets a `Delayed` edge turn a "soft cycle" into a non-synchronous Proxy. **Do not use it to bypass cyclic dependencies** — it exists for historical compatibility, not to paper over your design. On `CyclicDependencyError`, refactor per the above.
|
||||
|
||||
## Interface cheat sheet
|
||||
|
||||
| Interface | Section | Role |
|
||||
|---|---|---|
|
||||
| `createDecorator<T>(name)` → `ServiceIdentifier<T>` | §1 | identity (runtime key + compile-time type + param decorator) |
|
||||
| `@IService` | §2, §7 | declare a dependency on a constructor param |
|
||||
| `registerScopedService(scope, id, ctor, type, domain)` | §1, §3, §5 | bind an impl to a lifetime tier |
|
||||
| `ServicesAccessor.get(IX)` | §2, §6 | resolve an instance by interface |
|
||||
| `IInstantiationService.invokeFunction(fn, …)` | §6, §8 | obtain a temporary accessor inside a function |
|
||||
| `IInstantiationService.createInstance(ctor, …args)` | §7 | build a non-singleton object with deps injected |
|
||||
| `IInstantiationService.createChild(collection)` | §8 | spawn a child container |
|
||||
| `getScopedServiceDescriptors(scope)` | §8 | retrieve all descriptors registered at a tier |
|
||||
| `Disposable` / `DisposableStore` / `IDisposable` | §4 | resource management and disposal |
|
||||
| `Scope` / `LifecycleScope` | §3, §8 | the lifetime tree |
|
||||
| `SyncDescriptor` | (tests / low-level) | package a constructor + static args into a pending descriptor |
|
||||
|
||||
> Legacy export (not used in v2, just recognize it): `refineServiceDecorator` is a VS Code leftover DI helper. v2 src/test has zero references; always use `registerScopedService`.
|
||||
|
||||
## Red lines (this stage)
|
||||
|
||||
- No `new` on a class whose constructor carries `@IService` deps — inject or `accessor.get(IX)`.
|
||||
- `@IX` decorates constructor params only; parameter order depends on construction (static-first for `createInstance`, `@IX`-first for scoped services — see service-authoring.md).
|
||||
- Both interface and impl carry `_serviceBrand`; the `createDecorator` name is globally unique.
|
||||
- `ServicesAccessor` is valid only during `invokeFunction` — never stash it for async use.
|
||||
- No cyclic dependencies — refactor (extract / event / re-scope); do not break the cycle with `Delayed`.
|
||||
|
|
@ -1,111 +0,0 @@
|
|||
# Stage 1 — Orient
|
||||
|
||||
Understand the DI × Scope black box and the file conventions before touching business code.
|
||||
|
||||
## The DI black box
|
||||
|
||||
When writing business code you declare three things; the container handles the rest (when to construct, whether it is the same instance, ordering, disposal):
|
||||
|
||||
- **Who am I** — an identity that is both a runtime key and a compile-time type.
|
||||
- **Whom do I need** — the dependencies that provide my capabilities.
|
||||
- **How long do I live** — which lifetime tier I belong to.
|
||||
|
||||
Classes talk only to interfaces and never care how an implementation is constructed.
|
||||
|
||||
## The three `LifecycleScope` tiers
|
||||
|
||||
Lifetimes form a tree, from longest to shortest:
|
||||
|
||||
```text
|
||||
App (0) process-wide, single global instance
|
||||
└── Session (1) one session
|
||||
└── Agent (2) one agent
|
||||
```
|
||||
|
||||
```ts
|
||||
export enum LifecycleScope {
|
||||
App = 0,
|
||||
Session = 1,
|
||||
Agent = 2,
|
||||
}
|
||||
```
|
||||
|
||||
- A larger number = shorter life = closer to a leaf.
|
||||
- "Singleton" means **one per scope**: `ILogService` is global once; each `Session` scope has its own `ISessionMetadata`.
|
||||
- `kind` strictly increases along the parent→child direction.
|
||||
|
||||
### Visibility rule
|
||||
|
||||
A child scope sees its ancestors; a parent never sees its children. Resolution walks *up* the tree:
|
||||
|
||||
- ✅ An `Agent` service injects a `Session` or `App` service (found upward).
|
||||
- ❌ An `App` service injects a `Session` service (the parent does not look down, and the child may not exist yet).
|
||||
|
||||
> **Short-lived may inject long-lived; never the reverse.** The tree structure enforces this — it is not a matter of discipline.
|
||||
|
||||
### Disposal order
|
||||
|
||||
Deterministic: **child scopes die first; within one scope, instances dispose in reverse construction order** (last constructed, first disposed). Business code declares which tier it lives in and never disposes by hand.
|
||||
|
||||
## The `(Ln)` layer number in headers
|
||||
|
||||
The `Ln` in a file-header identity line is the domain's **dependency layer** (L0–L7), **not** its `LifecycleScope`. They are easy to confuse because both are small integers, but they answer different questions:
|
||||
|
||||
- `LifecycleScope` (App=0 / Session=1 / Agent=2) — **lifetime & visibility** (this stage).
|
||||
- Dependency layer `Ln` (L0–L7) — **who may import whom**: a domain at layer `L` may import only domains at layer `<= L`. Enforced by `lint:domain` from the authoritative `DOMAIN_LAYER` map in `scripts/check-domain-layers.mjs`.
|
||||
|
||||
So a Session-scoped service is not "L1" — e.g. `session` is Session-scoped but lives at **L6**. When you write the header, read the number from the layer map, not from the scope.
|
||||
|
||||
| Layer | Role | Representative domains |
|
||||
|---|---|---|
|
||||
| L0 | base infrastructure | `_base`, `errors`, `llmProtocol` |
|
||||
| L1 | bridges & low-level capabilities | `log`, `telemetry`, `event`, `environment`, `bootstrap`, `storage` |
|
||||
| L2 | data & cross-cutting capabilities | `records`, `wireRecord`, `config`, `provider`, `auth`, `workspaceRegistry` |
|
||||
| L3 | registries & capabilities | `tool`, `toolRegistry`, `permission*`, `flag`, `skill`, `plugin` |
|
||||
| L4 | agent behaviour | `turn`, `loop`, `prompt`, `profile`, `contextMemory`, `goal`, `plan`, `swarm` |
|
||||
| L5 | async lifecycle | `background`, `mcp`, `cron`, `agentTool` |
|
||||
| L6 | coordination | `session`, `agentLifecycle`, `sessionMetadata`, `interaction`, `terminal` |
|
||||
| L7 | boundary / edge | `gateway`, `rpc`, `approval`, `question`, `*Legacy` |
|
||||
|
||||
## File-header comment convention
|
||||
|
||||
`packages/agent-core-v2/AGENTS.md` mandates a header-only comment style:
|
||||
|
||||
- **Header only.** Comments live solely in the top-of-file `/** */` block — never beside functions, methods, or statements. The code is the source of truth for *how*; the header states *what the module exposes and the responsibility it owns*.
|
||||
- **Identity line first.** Start with `` `<domain>` domain (Ln) — <one-line role>. `` Keep an existing `(cross-cutting)` label as-is. Write the role as a responsibility ("drives the turn lifecycle"), not a symbol list.
|
||||
- **Scope is in the filename.** `session*.ts` = Session, `agent*.ts` = Agent, no prefix = App (see service-authoring.md). State the same scope in the header so the two never drift.
|
||||
- **Interface files** (`<name>.ts`) state the public contract + scope: which `IXxx` they define and what it is for.
|
||||
- **Impl files** (`<name>Service.ts`) add collaborators + scope: list every imported cross-domain collaborator as a role ("persists records through `records`"); read scope from `registerScopedService(LifecycleScope.X, …)`.
|
||||
- **Contribution files** (`<targetDomain>.ts` / `<what>.contrib.ts`) state what they register into the target domain (e.g. "registers the `log` config section into `config`").
|
||||
- **Pure-function / `.types` / `.errors` files** state the responsibility only — they own no scoped state, so no scope line.
|
||||
|
||||
Impl file example (`sessionMetadataService.ts`):
|
||||
|
||||
```ts
|
||||
/**
|
||||
* `sessionMetadata` domain (L6) — `ISessionMetadata` implementation.
|
||||
*
|
||||
* Persists the session metadata document (`state.json`) through the `storage`
|
||||
* access-pattern store (`IAtomicDocumentStore`), rooted at the `metaScope`
|
||||
* namespace from `sessionContext`. Loads the existing document on
|
||||
* construction (creating it on first run), and logs through `log`. Bound at
|
||||
* Session scope.
|
||||
*/
|
||||
```
|
||||
|
||||
Contribution file example (`config.ts` inside `log/`):
|
||||
|
||||
```ts
|
||||
/**
|
||||
* `log` domain — registers the `log` config section into `config`.
|
||||
*
|
||||
* Owns the `log` section schema and its env overlay; imported for the
|
||||
* registration side effect. Bound at App scope.
|
||||
*/
|
||||
```
|
||||
|
||||
## Red lines (this stage)
|
||||
|
||||
- Import via the `#/...` alias (mapped to `src/`); never reach into another domain's internals by relative path.
|
||||
- Short-lived may inject long-lived; never the reverse.
|
||||
- File-header comments describe role and scope only; never narrate implementation beside statements.
|
||||
|
|
@ -1,206 +0,0 @@
|
|||
# Topic — Permission
|
||||
|
||||
The target design for the agent-core permission system. Read this when touching `permission`, `permissionMode`, `permissionRules`, or when adding a new permission dimension.
|
||||
|
||||
> **The permission system should be a composable, registrable chain of responsibility (a microkernel).** The kernel only runs the chain in order, first hit wins; concrete permission dimensions (policies) are contributed by their owning Domain Services through a registry; tools only declare standardized resource access (`accesses`) in `resolveExecution`, and generic dimensions consume that metadata.
|
||||
>
|
||||
> **Do not introduce Casbin** — the hard part here is *decision behavior* (continuations, side effects, RPC, state machines), not "match + scalar decision".
|
||||
|
||||
## 1. Problem definition
|
||||
|
||||
The permission system answers one question: **for each tool call, in the current agent and current mode — allow / deny / ask the user?** Three traits shape the architecture:
|
||||
|
||||
1. **Decisions carry behavior.** Returning `ask` is not an enum value — it is a workflow with an RPC round-trip, hooks, telemetry, state writes, and a continuation; returning `deny` may be the result of running an external hook.
|
||||
2. **Heterogeneous policies.** Some check a tool-name set, some count same-batch `AgentSwarm` calls, some run a hook, some inspect the plan state machine — no uniform `(sub, obj, act)` shape.
|
||||
3. **Multi-agent × multi-mode × external extension.** Different agents / modes need different permissions, and outsiders (org admins, plugins) must contribute rules or behavior in a decoupled way.
|
||||
|
||||
## 2. Current state (v1) at a glance
|
||||
|
||||
Code lives in `packages/agent-core/src/agent/permission/`.
|
||||
|
||||
- **Architecture: ordered chain of responsibility, first hit wins.** `PermissionManager` holds `PermissionPolicy[]`; evaluation iterates in order, the first non-`undefined` result wins.
|
||||
- **`PermissionPolicyResult` is a behavior bundle, not a scalar:** `approve` (with `executionMetadata`), `deny` (with `message`), or `ask` (with `resolveApproval` / `resolveError` continuations).
|
||||
- **11 dimensions, 19 policies**, hardcoded in `policies/index.ts#createPermissionDecisionPolicies()`. Order is a high-to-low safety cascade: external force → structural deny → state-machine deny → static deny → mode allow → session-memory allow → static ask → static allow → flow allow → sensitive-path ask → default allow → fallback ask.
|
||||
- **Resource-access declaration:** tools declare accessed resources in `resolveExecution(input)` via `accesses` (`ToolAccesses`, currently `file` and `all`); generic dimensions read `context.execution.accesses`.
|
||||
|
||||
### v1 pain points the target design fixes
|
||||
|
||||
1. The chain is hardcoded — outsiders cannot contribute.
|
||||
2. `mode` is an `if` inside each policy (`YoloModeApprove` / `AutoModeApprove` self-guard).
|
||||
3. No per-agent chain entry point (only scattered `agent.type === 'sub'` checks).
|
||||
4. No external extension point beyond the single `PreToolUse` hook slot.
|
||||
|
||||
## 3. Why not Casbin
|
||||
|
||||
- **`policy_effect` is unusable** — composition here is a fixed, intentionally hardcoded safety cascade; the real complexity lives in each policy's `evaluate` behavior, which a Casbin expression cannot absorb. Externally tunable safety knobs are already exposed via `mode` + allow/deny/ask rules.
|
||||
- **Flexible priority is unusable** — there is no plugin injection point, no multi-subject/RBAC, and a fixed subject (agent/user), so priority collisions do not arise. Casbin's `(sub, obj, act)`, `g()`, and domains would idle.
|
||||
- **Fundamental mismatch: decisions are not scalars.** `enforce()` maps a request to an effect; agent-core decisions are behavior bundles (continuations, side effects, synthesized results). Even if Casbin computed `ask`, the surrounding behavior would still need to be rewritten — Casbin would degrade to an enum generator.
|
||||
- **When Casbin becomes worth it:** when the hard part is matching semantics itself — role inheritance, domain isolation, ABAC expressions, policies loaded from a DB. Not before.
|
||||
|
||||
## 4. Design-pattern placement
|
||||
|
||||
Permission orchestration is a layered combination, not a single pattern:
|
||||
|
||||
| Layer | Pattern | Role |
|
||||
|---|---|---|
|
||||
| Runtime decision | **Chain of Responsibility** | multiple candidates in order; first hit wins, rest short-circuit |
|
||||
| Single handler | **Strategy** | each policy is an interchangeable "permission adjudication" algorithm |
|
||||
| Assembly / external extension | **Plugin / Microkernel** | minimal kernel + explicit extension points + pluggable policies |
|
||||
| Landing support | **Registry + Factory** | collect plugins; assemble the chain per `(agent, mode)` on demand |
|
||||
|
||||
Casbin = single Strategy + data-driven. This design = multiple Strategies + chain-of-responsibility composition. Behavior-heavy systems must choose the latter — behavior cannot be flattened into data rows.
|
||||
|
||||
## 5. Target design
|
||||
|
||||
### 5.1 Core principles
|
||||
|
||||
1. **The chain encodes "permission dimensions", not "tools".** Adding a tool does not lengthen the chain; only adding a dimension adds a node.
|
||||
2. **Two contribution paths:** high-frequency trivial specifics go through the **data path** (rules); low-frequency new dimensions with behavior go through the **code path** (policies).
|
||||
3. **Domain self-registration:** a domain that owns a dimension (plan/goal/swarm) registers its policy in DI, mirroring v2's existing "domain self-registers tools".
|
||||
4. **Tools declare resources; generic dimensions consume them:** bash/write/read only declare `accesses`; file/security dimensions judge centrally.
|
||||
|
||||
### 5.2 Core abstractions
|
||||
|
||||
```ts
|
||||
type Phase =
|
||||
| 'guard' | 'user-deny' | 'mode' | 'session'
|
||||
| 'user-ask' | 'default' | 'fallback';
|
||||
|
||||
interface PermissionPolicyEntry {
|
||||
name: string;
|
||||
phase: Phase;
|
||||
modes?: PermissionMode[]; // declare which modes this applies in (no more in-evaluate if)
|
||||
agentTypes?: AgentType[];
|
||||
factory: (accessor: ServicesAccessor) => PermissionPolicy;
|
||||
}
|
||||
|
||||
// App scope — collects every domain's registration
|
||||
interface IPermissionPolicyRegistry {
|
||||
register(entry: PermissionPolicyEntry): IDisposable;
|
||||
list(): readonly PermissionPolicyEntry[];
|
||||
}
|
||||
```
|
||||
|
||||
`PermissionPolicyService` (Agent scope) changes from a hardcoded list to "assemble by `(agent, mode)`":
|
||||
|
||||
```ts
|
||||
this.policies = registry.list()
|
||||
.filter(e => !e.modes || e.modes.includes(mode))
|
||||
.filter(e => !e.agentTypes || e.agentTypes.includes(agentType))
|
||||
.sort(byPhaseThenRegistrationOrder)
|
||||
.map(e => e.factory(accessor));
|
||||
```
|
||||
|
||||
Key points:
|
||||
|
||||
- `modes` / `agentTypes` are **declarations** — they lift the `if (mode !== 'yolo') return` out of `YoloModeApprove` into metadata.
|
||||
- `factory`, not `instance`: a node may depend on agent-scoped services (mode, rules) and must be instantiated in the Agent scope — symmetric to `IToolDefinitionRegistry` (App) storing factories and `IToolService` (Agent) instantiating tools.
|
||||
- **Different `(agent, mode)` produce differently-shaped chains** — under yolo the ask/fallback phases are physically filtered out.
|
||||
|
||||
### 5.3 Two contribution paths
|
||||
|
||||
| What is being added | Path | Chain length |
|
||||
|---|---|---|
|
||||
| New tool, new org rule, new user preference ("deny `Bash(curl *)`") | **Data path**: add a `PermissionRule` to an existing node | unchanged |
|
||||
| New cross-cutting behavior (custom approval UI, audit log, new mode) | **Code path**: register a new policy node | +1 |
|
||||
|
||||
Most growth goes through the data path — node count is bounded by "kinds of behavior"; rule count grows with specifics (rule matching is a cheap Set/glob).
|
||||
|
||||
### 5.4 Domain self-registration
|
||||
|
||||
Mirrors v2's "domain registers tools in its constructor". `PlanService` self-registers its dimensions:
|
||||
|
||||
```ts
|
||||
// src/plan/planService.ts
|
||||
constructor(@IPermissionPolicyRegistry registry: IPermissionPolicyRegistry) {
|
||||
registry.register({ name: 'plan-mode-guard-deny', phase: 'guard',
|
||||
factory: a => new PlanModeGuardDenyPolicy(a.get(IPlanService)) });
|
||||
registry.register({ name: 'plan-mode-tool-approve', phase: 'mode',
|
||||
factory: a => new PlanModeToolApprovePolicy(a.get(IPlanService)) });
|
||||
registry.register({ name: 'exit-plan-mode-review-ask', phase: 'user-ask',
|
||||
factory: a => new ExitPlanModeReviewAskPolicy(a.get(IPlanService), a.get(IPermissionModeService)) });
|
||||
}
|
||||
```
|
||||
|
||||
A complex domain may register a single **composite** node externally and run a small internal chain, hiding its internal order from the global chain.
|
||||
|
||||
### 5.5 Tools declare resources at runtime (`resolveExecution` / `accesses`)
|
||||
|
||||
In `resolveExecution(input)`, before execution, declare accessed resources with the `ToolAccesses.*` builders:
|
||||
|
||||
```ts
|
||||
resolveExecution(args: WriteInput): ToolExecution {
|
||||
const path = resolvePathAccessPath(args.path, { kaos, workspace, operation: 'write' });
|
||||
return {
|
||||
accesses: ToolAccesses.writeFile(path), // declares: write this file
|
||||
approvalRule: literalRulePattern(this.name, path),
|
||||
matchesRule: (ruleArgs) => matchesPathRuleSubject(ruleArgs, path, ...),
|
||||
execute: () => this.execution(args, path),
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
Current resource types:
|
||||
|
||||
```ts
|
||||
type ToolResourceAccess =
|
||||
| { kind: 'file'; operation: 'read'|'write'|'readwrite'|'search'; path: string; recursive?: boolean }
|
||||
| { kind: 'all' }; // non-enumerable side effects (pessimistic, globally exclusive)
|
||||
```
|
||||
|
||||
Two complementary channels:
|
||||
|
||||
- **Enumerable resources** (write/read/edit/grep/glob) → use `accesses`; generic file dimensions cover them automatically.
|
||||
- **Non-enumerable resources** (bash running arbitrary commands) → do not declare `accesses`; use the `matchesRule` DSL (e.g. `Bash(rm *)` globs by command string).
|
||||
|
||||
**kaos's role:** kaos is the execution-environment abstraction (fs/process/pathClass) used by the file dimension for path normalization and judgment — it is **not** the permission-dimension abstraction itself. Permission semantics live one layer above kaos, at "file access".
|
||||
|
||||
**v2 evolution:** extend the `ToolResourceAccess` union so non-file resources can be declared structurally:
|
||||
|
||||
```ts
|
||||
type ToolResourceAccess =
|
||||
| { kind: 'file'; operation: FileOp; path: string; recursive?: boolean }
|
||||
| { kind: 'network'; operation: 'connect'; host: string }
|
||||
| { kind: 'shell'; command: string }
|
||||
| { kind: 'datastore'; operation: 'read'|'write'; table: string }
|
||||
| { kind: 'all' };
|
||||
```
|
||||
|
||||
Each new resource kind can pair with a generic dimension that consumes it; tools always only **declare**.
|
||||
|
||||
### 5.6 Dimension ownership
|
||||
|
||||
| Dimension | Owner (who registers) | Type |
|
||||
|---|---|---|
|
||||
| external hook veto | `externalHooks` domain | generic |
|
||||
| tool-batch exclusivity | `swarm` domain | domain-specific (ships with the AgentSwarm tool) |
|
||||
| runtime-mode posture | `permissionMode` domain | generic |
|
||||
| plan-mode constraints | `plan` domain | domain-specific |
|
||||
| goal-start approval | `goal` domain | domain-specific |
|
||||
| static config rules | `permissionRules` domain | generic (data path) |
|
||||
| session approval memory | `permissionRules` domain | generic |
|
||||
| sensitive / special paths | generic "file-access/security" dimension | generic (consumes `accesses`) |
|
||||
| tool intrinsic risk | core permission | generic (consumes tool declarations) |
|
||||
| workspace write trust | generic "file-access/security" dimension | generic (consumes `accesses`) |
|
||||
| fallback | core permission | generic |
|
||||
|
||||
Pattern: **specific dimensions ship with their owning domain + tool; generic dimensions register centrally and apply across tools via the declared `accesses`.**
|
||||
|
||||
## 6. Evolution path
|
||||
|
||||
Incremental, not big-bang:
|
||||
|
||||
1. **Registry + Composer (zero behavior change).** Replace the 19 hardcoded `new`s in v2 `PermissionPolicyService` with reads from `IPermissionPolicyRegistry`; register existing policies as-is. Immediately gain multi-agent/mode selectable chains and an external registration entry.
|
||||
2. **Declarative modes.** Lift the mode guards in `YoloModeApprove` / `AutoModeApprove` into `modes` metadata.
|
||||
3. **Sink domain dimensions.** Move registration of plan/goal/swarm policies into their owning domain service constructors.
|
||||
4. **(On demand) extend resource types.** When non-file resources (network/DB/shell) need structural dimensions, extend the `ToolResourceAccess` union.
|
||||
5. **(On demand) swap the matching kernel for Casbin.** Only when external rules genuinely need RBAC/ABAC semantics, swap the data-path rule-matching kernel for Casbin. Not before.
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Do not introduce Casbin — decisions are behavior bundles, not scalar effects.
|
||||
- The chain encodes dimensions, not tools: a new tool must not lengthen the chain.
|
||||
- New specifics go through the data path (rules); only new behavior goes through the code path (a policy node).
|
||||
- A domain that owns a dimension self-registers its policy in DI; do not centralize domain policies in core.
|
||||
- Tools only declare `accesses`; generic dimensions consume them. kaos is the execution environment, not the permission abstraction.
|
||||
- Use `factory` (Agent-scope instantiation), not `instance`, for registered policies.
|
||||
|
|
@ -1,204 +0,0 @@
|
|||
# Topic — Persistence layering
|
||||
|
||||
How business code persists data in `agent-core-v2`: the three-layer model (`Store → Storage → backend`), the naming rules for each layer, and how to decide which layer a domain should depend on. Read this before adding any persistence to a domain.
|
||||
|
||||
A domain `I{Domain}EntityService` is a business facade over these layers, not a replacement for them. Before naming or bundling EntityServices by `session` / `agent` / `turn`, read [domain-boundaries.md](domain-boundaries.md).
|
||||
|
||||
## The three-layer model
|
||||
|
||||
Persistence is split into three layers, each hiding one kind of change:
|
||||
|
||||
```text
|
||||
Business Service
|
||||
│ inject
|
||||
▼
|
||||
┌────────────────────────────────────────┐
|
||||
│ Store (semantic layer) │ ← access-pattern facade
|
||||
│ IAppendLogStore / IAtomicDocumentStore│ append-log / atomic-doc / blob
|
||||
└────────────────────────────────────────┘
|
||||
│ inject
|
||||
▼
|
||||
┌────────────────────────────────────────┐
|
||||
│ Storage (byte layer) │ ← byte primitives
|
||||
│ IFileSystemStorageService │ read/write/append/list/delete
|
||||
└────────────────────────────────────────┘
|
||||
│ implements
|
||||
▼
|
||||
┌────────────────────────────────────────┐
|
||||
│ Backend (deployment-specific) │ ← File / Postgres / Redis / S3
|
||||
│ FileStorageService / PostgresStorage │
|
||||
└────────────────────────────────────────┘
|
||||
│ uses
|
||||
▼
|
||||
┌────────────────────────────────────────┐
|
||||
│ Platform primitives │ ← hostFs / dbClient / redisClient
|
||||
└────────────────────────────────────────┘
|
||||
```
|
||||
|
||||
Each layer hides exactly one concern:
|
||||
|
||||
| Layer | Hides | Business code sees |
|
||||
|---|---|---|
|
||||
| **Store** | how an access pattern works (append-log reads, atomic-doc serialization) | "append this record" / "save this document" |
|
||||
| **Storage** | byte primitives (atomic write, ordered append, prefix list) | `read/write/append/list/delete` over `(scope, key)` |
|
||||
| **Backend** | deployment environment (file vs DB vs Redis vs S3) | nothing — chosen at the composition root |
|
||||
|
||||
## The one-sentence rule
|
||||
|
||||
> **Business code expresses *what* to store or fetch, never *how* to store it.**
|
||||
|
||||
If business code contains any "how to persist" detail, it has punched through the layer it should depend on:
|
||||
|
||||
| Business code contains | It has punched through | Depend on instead |
|
||||
|---|---|---|
|
||||
| `INSERT INTO …` / `SELECT …` | Storage + backend | a Store |
|
||||
| file paths / `rename` / `fsync` | Storage | Storage or a Store |
|
||||
| `JSON.parse` / `JSON.stringify` | Store (serialization) | `IAtomicDocumentStore` |
|
||||
| append offsets / sequential cursors | Store (log semantics) | `IAppendLogStore` |
|
||||
| `hash(data)` used as a key | Store (blob semantics) | `IBlobStore` |
|
||||
| `pathe.join / relative / basename` on `homeDir` etc. | Bootstrap (path layout) | `IBootstrapService.scope(...)` / scope contexts |
|
||||
| only `read/write/list/delete` on bytes | nothing — this is the byte layer | `IFileSystemStorageService` directly ✅ |
|
||||
|
||||
## Where scopes come from — `IBootstrapService` and scope contexts
|
||||
|
||||
Business code **never assembles scope strings from paths**. Scope strings come from three places:
|
||||
|
||||
1. **`IBootstrapService.scope(name)`** — well-known top-level scopes (`'config' | 'sessions' | 'blobs' | 'store' | 'logs' | 'cache' | 'credentials'`). App-scope, deployment-agnostic contract.
|
||||
2. **`ISessionContext.scope(subKey?)`** — persistence scope rooted at the current session; `scope('agents/main')` etc.
|
||||
3. **`IAgentScopeContext.scope(subKey?)`** — persistence scope rooted at the current agent; `scope('cron')`, `scope('blobs')` etc.
|
||||
|
||||
The bootstrap layer decides how each semantic scope maps to concrete addressing. In the file deployment, `FileBootstrapService` reads a `ResolvedEnvironment` (the paths bag) and returns homeDir-relative scopes; a server deployment could bind a different `IBootstrapService` implementation that maps `'sessions'` to a DB table without any business change.
|
||||
|
||||
```ts
|
||||
// ❌ Wrong — path arithmetic on homeDir/sessionDir leaks the file layout
|
||||
const scope = relative(bootstrap.homeDir, join(session.sessionDir, 'agents', agentId, 'cron'));
|
||||
|
||||
// ✅ Right — the agent already knows its own scope root
|
||||
const scope = agentCtx.scope('cron');
|
||||
```
|
||||
|
||||
Absolute paths (`sessionDir`, `agentHomedir`) are still available on `IBootstrapService` for the very small number of legacy APIs that expose on-disk paths (session log rotation, background task tail file). Prefer scope strings; ask before adding a new absolute-path caller.
|
||||
|
||||
## Which layer to depend on — decision tree
|
||||
|
||||
```text
|
||||
Need to persist
|
||||
│
|
||||
├─ read-whole / write-whole, JSON-serializable?
|
||||
│ └─ IAtomicDocumentStore
|
||||
│
|
||||
├─ append-only writes / sequential reads, independent records?
|
||||
│ └─ IAppendLogStore
|
||||
│
|
||||
├─ large object, addressed by content hash?
|
||||
│ └─ IBlobStore
|
||||
│
|
||||
├─ custom byte layout (index / cache / binary) that read/write/list cover?
|
||||
│ └─ IFileSystemStorageService directly
|
||||
│
|
||||
├─ new, reusable access semantics (multi-field query / time-range / graph)?
|
||||
│ └─ add a new Store; business depends on the Store
|
||||
│
|
||||
└─ business-specific, trivial, one or two lines?
|
||||
└─ IFileSystemStorageService directly; if it grows, extract a private Store
|
||||
```
|
||||
|
||||
## Naming — Store by access pattern, not by business
|
||||
|
||||
A Store abstracts an **access pattern**, not a business data type. Name it after the pattern so its reusability is obvious from the name.
|
||||
|
||||
| Access pattern | Store name | Backend examples |
|
||||
|---|---|---|
|
||||
| append-log (append / sequential read) | `IAppendLogStore` | `FileAppendLogStore` / `PostgresAppendLogStore` |
|
||||
| atomic-document (read/write whole) | `IAtomicDocumentStore` | `FileDocumentStore` / `RedisDocumentStore` |
|
||||
| blob (hash-addressed large object) | `IBlobStore` | `FileBlobStore` / `S3BlobStore` |
|
||||
|
||||
**Do not name a generic Store after a business concept.** `IRecordStore` / `IConfigStore` make a reusable access pattern look like a private store for one feature. Any domain that needs an append-log uses `IAppendLogStore`; any domain that needs an atomic document uses `IAtomicDocumentStore`.
|
||||
|
||||
**Exception — business-specific Stores are named after the business.** When a Store captures one domain's unique query semantics (not a generic access pattern), name it after the domain:
|
||||
|
||||
```text
|
||||
ISessionIndex query / enumerate sessions by workspace ← business-specific
|
||||
```
|
||||
|
||||
Test: is the Store's semantics a *generic access pattern* (append-log / atomic-doc / blob) or *one domain's unique query*? Generic → name by pattern; unique → name by domain.
|
||||
|
||||
## Storage — a filesystem-specific byte layer
|
||||
|
||||
The byte layer is a single `IFileSystemStorageService` interface (read / readStream / write / append / list / delete / watch / flush / close). As the name says, it is **filesystem-specific**: it exposes the two irreducible durable primitives a local filesystem implements optimally — atomic whole-value replacement (`write`, via tmp + rename) and ordered durable extension (`append`, via `open('a')`). The node-fs Store backends (`AppendLogStore`, `JsonAtomicDocumentStore`, `BlobStoreService`) are built on it.
|
||||
|
||||
```ts
|
||||
export interface IFileSystemStorageService {
|
||||
read(scope: string, key: string): Promise<Uint8Array | undefined>;
|
||||
readStream(scope: string, key: string): AsyncIterable<Uint8Array>;
|
||||
write(scope: string, key: string, data: Uint8Array, options?: { atomic?: boolean }): Promise<void>;
|
||||
append(scope: string, key: string, data: Uint8Array, options?: { durable?: boolean }): Promise<void>;
|
||||
list(scope: string, prefix?: string): Promise<readonly string[]>;
|
||||
delete(scope: string, key: string): Promise<void>;
|
||||
watch?(scope: string, key: string): Event<void>;
|
||||
flush(): Promise<void>;
|
||||
close(): Promise<void>;
|
||||
}
|
||||
```
|
||||
|
||||
Two backends implement it today, both bound at the composition root:
|
||||
|
||||
```ts
|
||||
// Production — local filesystem rooted at homeDir
|
||||
collection.set(IFileSystemStorageService, new FileStorageService(homeDir));
|
||||
|
||||
// Tests — in-memory backend seeded by the test harness
|
||||
collection.set(IFileSystemStorageService, new InMemoryStorageService());
|
||||
```
|
||||
|
||||
**Non-filesystem backends (Postgres, S3, Redis) do not implement this interface.** Atomic-rename and byte-append have no native equivalent in those stores, so they implement the **Store** interfaces directly via their own clients instead:
|
||||
|
||||
```ts
|
||||
// Server profile — append-logs on Postgres, atomic documents on Redis.
|
||||
// Each Store is backed by a native client; IFileSystemStorageService is not involved.
|
||||
collection.set(IAppendLogStore, new PostgresAppendLogStore(db, 'records'));
|
||||
collection.set(IAtomicDocumentStore, new RedisDocumentStore(redis, 'config'));
|
||||
```
|
||||
|
||||
Use the `scope` parameter to express **business namespace** within a backend. Do not overload `scope` to route backends — bind a different Store implementation at the composition root instead.
|
||||
|
||||
## Store `acquire(scope, key)` — flush-on-dispose handle
|
||||
|
||||
Stores that buffer writes expose an `acquire(scope, key)` handle so a business can flush them on disposal:
|
||||
|
||||
```ts
|
||||
export interface IAppendLogStore {
|
||||
// …
|
||||
/**
|
||||
* Acquire a disposable handle for `(scope, key)`. Register it with your
|
||||
* `Disposable` (via `this._register(...)`); when you are disposed, pending
|
||||
* appends for that log are flushed. The shared store itself is not disposed.
|
||||
*/
|
||||
acquire(scope: string, key: string): IDisposable;
|
||||
}
|
||||
```
|
||||
|
||||
`IAppendLogStore.acquire` flushes the log's pending appends on dispose — it exists because `append` is fire-and-forget. `IAtomicDocumentStore.acquire` is a no-op today (atomic documents are durable on write) and exists for interface symmetry. Businesses that do not need flush-on-dispose simply do not call `acquire`.
|
||||
|
||||
## When the byte layer does not apply
|
||||
|
||||
`IFileSystemStorageService` covers only the local-filesystem byte primitives. It is not a universal storage abstraction:
|
||||
|
||||
- **Non-filesystem backends** (Postgres / S3 / Redis) implement the **Store** interfaces directly via native clients — they never implement `IFileSystemStorageService`.
|
||||
- **Blobs** are a Store-level interface (`IBlobStore`) with their own backends; the node-fs `BlobStoreService` sits on `IFileSystemStorageService`, but an `S3BlobStore` would not.
|
||||
- **A backend has a fast primitive the Store interface cannot express** (e.g. Postgres `COPY`) → as an exception, extend that backend's Store implementation directly. This is an exception, not the default.
|
||||
|
||||
## Platform primitives are deployment-coupled, not core abstractions
|
||||
|
||||
`hostFs` (local filesystem) is a **platform primitive** used only by local backends (`FileStorageService`, `LocalFileSystemBackend`, `LocalSkillCatalog`, `HostFolderBrowser`). It is **not** a core abstraction and must not appear in L2/L3 dependency graphs. A server deployment swaps those backends for DB / S3 implementations and never registers `hostFs`.
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Business code never contains "how to persist" details (serialization / paths / SQL / append offsets) — if it does, drop a layer.
|
||||
- Business code never assembles scope strings from paths (`pathe.join / relative / basename` on `homeDir` / `sessionDir` / …). Use `IBootstrapService.scope(name)` for well-known scopes, `ISessionContext.scope(subKey?)` for session-rooted scopes, and `IAgentScopeContext.scope(subKey?)` for agent-rooted scopes.
|
||||
- Name generic Stores by access pattern (`IAppendLogStore` / `IAtomicDocumentStore` / `IBlobStore`), never by business concept (`IRecordStore` / `IConfigStore`).
|
||||
- Business-specific Stores (unique query semantics) are named after the domain (`ISessionIndex`).
|
||||
- `IFileSystemStorageService` is the filesystem byte-layer interface; non-filesystem backends implement the **Store** interfaces directly. Route backends by binding a different Store implementation at the composition root, not by overloading `scope`.
|
||||
- `hostFs` is a local-only platform primitive; L2/L3 domains must not import `node:fs` or `hostFs` directly.
|
||||
- Only the file-backed bootstrap (`FileBootstrapService`) and file backends import `pathe`; business domains do not.
|
||||
- Do not create a pass-through `Store` that only forwards `read/write` — a Store must hide a real access-pattern concern, or it is noise; use `IFileSystemStorageService` directly instead.
|
||||
|
|
@ -1,249 +0,0 @@
|
|||
# Subskill — Server align (expose `agent-core-v2` over `server-v2`)
|
||||
|
||||
Wire a v2 domain into `packages/kap-server`, and — when the endpoint already exists in `packages/server` (v1) — keep the wire shape **byte-for-byte compatible**. This is the server-side counterpart of [align.md](align.md): `align.md` ports v1 *business logic* into v2; this file exposes the v2 result over HTTP / WS, reusing the v1 wire contract where it already exists.
|
||||
|
||||
Use this when the task is "expose the new v2 Service on the server", "port the v1 `/sessions/:sid/...` routes to server-v2", or "make server-v2 speak the same `/api/v1` contract as `packages/server`".
|
||||
|
||||
## The one-paragraph mental model
|
||||
|
||||
`server-v2` serves **two HTTP surfaces** off the same `agent-core-v2` scope tree:
|
||||
|
||||
- **`/api/v2/:sa`** — the native v2 RPC surface, driven by the `actionMap` allowlist (`packages/kap-server/src/transport/actionMap.ts`). One `resource:action` segment maps to one `Service.method`. New v2-native capabilities land here. See [edge-exposure.md](edge-exposure.md).
|
||||
- **`/api/v1/...`** — the v1-compatible surface, hand-written routes in `packages/kap-server/src/routes/*.ts` that **mirror `packages/server/src/routes/*.ts` path-for-path and schema-for-schema**, mounted by `registerApiV1Routes.ts`. This exists so existing v1 clients keep working against server-v2 unchanged.
|
||||
|
||||
The two surfaces can point at **different Services** for the same feature. v2's native `IAgentPromptService` serves `/api/v2`; a v1-shaped `IAgentPromptService` serves `/api/v1`. Keeping them separate is what lets v2's domain design stay clean while the wire stays compatible.
|
||||
|
||||
## Decision: which surface?
|
||||
|
||||
```text
|
||||
Is there a matching endpoint in packages/server (v1)?
|
||||
├─ YES → /api/v1 mirror route (this file, §schema-fidelity + §legacy-service).
|
||||
│ Reuse the protocol schema; add a LegacyService if v2 semantics diverge.
|
||||
└─ NO → /api/v2 native action (edge-exposure.md).
|
||||
Add to actionMap, wrapping in a facade if the method fails §2 there.
|
||||
```
|
||||
|
||||
A feature often needs **both**: the v1 mirror so old clients keep working, and the v2 action so new clients get the cleaner shape. Do them as two routes / two action-map entries over the same scope tree.
|
||||
|
||||
## The server-align workflow
|
||||
|
||||
```text
|
||||
Pick surface → Read the v1 route (if any) → Reuse / add the protocol schema
|
||||
→ Choose native Service vs LegacyService → Wire the route / actionMap entry
|
||||
→ Map errors → Test against the v1 wire shape → Verify
|
||||
```
|
||||
|
||||
### 1. Pick the surface
|
||||
|
||||
Apply the decision above. For a v1-matched endpoint, open **both** files side by side:
|
||||
|
||||
- `packages/server/src/routes/<resource>.ts` — the contract you must match.
|
||||
- `packages/kap-server/src/routes/<resource>.ts` — the file you are writing (create it if missing).
|
||||
|
||||
The v1 route file is the **spec**. Do not re-derive the wire shape from memory or from the v2 domain model.
|
||||
|
||||
### 2. Reuse (or add) the protocol schema
|
||||
|
||||
The wire schema lives in **`@moonshot-ai/protocol`** under `packages/protocol/src/rest/<resource>.ts` (e.g. `promptSubmissionSchema`, `promptListResponseSchema`, `configResponseSchema`). Both `packages/server` and `packages/kap-server` import from it — that single import is what guarantees the two servers speak the same shape.
|
||||
|
||||
Actions:
|
||||
|
||||
- **Schema already in protocol** → import it in the server-v2 route and use it in `defineRoute` (`body`, `success.data`, error `dataSchema` / `detailsSchema`). Do **not** re-declare the schema inline in server-v2.
|
||||
- **Schema missing in protocol** → add it to `packages/protocol/src/rest/<resource>.ts` first, with a `rest-<resource>.test.ts`, then consume it from **both** servers. The protocol package is the source of truth; server-v2 never owns a v1 wire schema locally.
|
||||
- **Schema exists but only v1 uses it** → move/keep it in protocol and import it into server-v2; do not fork a copy.
|
||||
|
||||
#### Schema-fidelity rule (the hard rule)
|
||||
|
||||
When the endpoint matches a `packages/server` endpoint, the request and response schemas **must be the same protocol schema** (or a strict superset):
|
||||
|
||||
- ✅ **Adding** an optional field is allowed (`field: z.string().optional()`). Old clients ignore it; new clients may send it.
|
||||
- ❌ **Renaming** a field, **changing** its type, **tightening** its validation, or **changing its meaning** is a wire break — do not do it in a mirror route. If the v2 domain genuinely needs a different shape, that shape belongs on `/api/v2`, not on the `/api/v1` mirror.
|
||||
- ❌ Re-declaring the schema inline in server-v2 (even if it "looks identical") is forbidden — it drifts. One schema, one home: `packages/protocol`.
|
||||
|
||||
Self-check: "would a client talking to `packages/server` get a byte-identical envelope from `packages/kap-server` for the same request?" If you cannot answer yes from the shared schema, the route is wrong.
|
||||
|
||||
### 3. Choose native Service vs LegacyService
|
||||
|
||||
Resolve the v2 Service that will back the route. Two cases:
|
||||
|
||||
**Case A — the v2 native Service already matches the v1 contract.** Use it directly. Most data/command Services (`IConfigService`, `IWorkspaceRegistry`, `IApprovalService`, `IQuestionService`, `IFileStore`, …) land here: the route is a thin adapter that resolves the scope, calls the method, and wraps the result. Examples: `routes/config.ts`, `routes/messages.ts`, `routes/questions.ts`, `routes/files.ts`.
|
||||
|
||||
**Case B — the v1 contract needs behavior that would distort the v2 domain.** Introduce a **`*LegacyService`** — an L7 edge adapter that implements the v1 contract **on top of** the v2 native Service, leaving the native Service untouched. The v2 native Service keeps serving `/api/v2`; the LegacyService serves `/api/v1`.
|
||||
|
||||
Reach for a LegacyService when **any** hold:
|
||||
|
||||
- The v1 endpoint carries state the v2 domain deliberately dropped (e.g. a FIFO queue, a `prompt_id`, idempotent `abort`/`steer`, auto-start-next).
|
||||
- The v1 method returns a handle/stream that v2 wraps differently, and the v1 clients expect the old envelope shape.
|
||||
- Matching v1 would force a `Map<sessionId, …>`-at-`App` anti-pattern or a scope/domain-direction violation into the native Service (see [align.md](align.md) red lines).
|
||||
- The native Service's error set / return type would have to grow v1-only branches.
|
||||
|
||||
Do **not** put v1 quirks into the native v2 Service "to keep the route simple". That is the conflict this rule exists to prevent: the native Service serves the v2 architecture; the LegacyService serves the wire contract.
|
||||
|
||||
#### LegacyService recipe
|
||||
|
||||
A LegacyService is a normal v2 Service (service-authoring.md) with one extra convention: its contract is shaped by the **protocol** types, not by the v2 domain model.
|
||||
|
||||
```text
|
||||
packages/agent-core-v2/src/<domain>Legacy/
|
||||
├── <domain>Legacy.ts ← contract: protocol-typed interface + decorator
|
||||
├── <domain>LegacyService.ts ← impl: delegates to the native v2 Service(s)
|
||||
└── errors.ts ← v1-compatible error codes (KimiError codes)
|
||||
```
|
||||
|
||||
Skeleton (matches `prompt/`):
|
||||
|
||||
```ts
|
||||
// prompt.ts — contract shaped by @moonshot-ai/protocol
|
||||
import type { PromptSubmitResult, PromptSubmission } from '@moonshot-ai/protocol';
|
||||
import { createDecorator, type ServiceIdentifier } from '#/_base/di/instantiation';
|
||||
|
||||
export interface IAgentPromptService {
|
||||
readonly _serviceBrand: undefined;
|
||||
submit(body: PromptSubmission): Promise<PromptSubmitResult>;
|
||||
// ...the rest of the v1 contract, typed by protocol
|
||||
}
|
||||
export const IAgentPromptService: ServiceIdentifier<IAgentPromptService> =
|
||||
createDecorator<IAgentPromptService>('agentPromptLegacyService');
|
||||
```
|
||||
|
||||
```ts
|
||||
// promptService.ts — impl delegates to the native v2 Service
|
||||
constructor(@IAgentPromptService private readonly prompt: IAgentPromptService /*, ... */) {}
|
||||
// submit() builds v2-native input, calls the native Service, projects the result
|
||||
// back into the protocol PromptSubmitResult.
|
||||
|
||||
registerScopedService(
|
||||
LifecycleScope.Agent, // scope = the lifetime of the legacy state
|
||||
IAgentPromptService,
|
||||
AgentPromptLegacyService,
|
||||
InstantiationType.Delayed,
|
||||
'prompt',
|
||||
);
|
||||
```
|
||||
|
||||
Conventions:
|
||||
|
||||
- **Name** the domain `<domain>Legacy` and the interface with the scope prefix, `I<Scope><Domain>LegacyService` (e.g. `prompt` / `IAgentPromptService`), per service-authoring.md.
|
||||
- **Header comment** must say it is an `L7 edge adapter` and name both the v1 contract it implements and the native v2 Service it leaves untouched (see `prompt.ts`).
|
||||
- **Scope** = the lifetime of the *legacy* state it holds (the `prompt` queue is per-agent → `LifecycleScope.Agent`). Apply [orient.md](orient.md) / [design.md](design.md) normally — a LegacyService is not exempt from scope rules.
|
||||
- **Delegate, do not duplicate** business logic. The LegacyService translates the v1 contract into native-Service calls and translates results back; the real work stays in the native Service.
|
||||
- **Contract types come from `@moonshot-ai/protocol`**, so the interface cannot drift from the wire shape.
|
||||
|
||||
### 4. Wire the route / actionMap entry
|
||||
|
||||
**For `/api/v1` (mirror):** add a route file under `packages/kap-server/src/routes/<resource>.ts` using `defineRoute`, then register it in `registerApiV1Routes.ts`. Resolve the scope from the URL (`session_id` → Session scope, agent → Agent scope via `IAgentLifecycleService.getHandle`), then `accessor.get(IX)` the native or Legacy Service. Mirror the v1 file's verbs, paths (`:sid` / `{session_id}`), and `parseActionSuffix` actions (`:steer`, `:abort`) exactly.
|
||||
|
||||
```ts
|
||||
const route = defineRoute(
|
||||
{
|
||||
method: 'POST',
|
||||
path: '/sessions/{session_id}/prompts',
|
||||
body: promptSubmissionSchema, // ← from @moonshot-ai/protocol
|
||||
params: sessionIdParamSchema,
|
||||
success: { data: promptSubmitResultSchema }, // ← from @moonshot-ai/protocol
|
||||
errors: {
|
||||
[ErrorCode.SESSION_NOT_FOUND]: {},
|
||||
[ErrorCode.SESSION_BUSY]: {},
|
||||
[ErrorCode.PROMPT_ALREADY_COMPLETED]: { dataSchema: z.object({ aborted: z.literal(false) }) },
|
||||
},
|
||||
operationId: 'submitPrompt',
|
||||
tags: ['prompts'],
|
||||
},
|
||||
async (req, reply) => {
|
||||
try {
|
||||
const result = await resolveLegacy(core, req.params.session_id).submit(req.body);
|
||||
reply.send(okEnvelope(result, req.id));
|
||||
} catch (error) {
|
||||
sendMappedError(reply, req.id, error);
|
||||
}
|
||||
},
|
||||
);
|
||||
app.post(route.path, route.options, route.handler);
|
||||
```
|
||||
|
||||
**For `/api/v2` (native):** add a `resource:action` entry to `actionMap` ([edge-exposure.md](edge-exposure.md) §3). If the method fails the direct-exposure rules (returns a handle / stream / bytes, takes a live object), wrap it in a wire-shaped facade first (`IAgentRPCService` / `ISessionRPCService`) and map to the facade — as `prompts:*` does via `IAgentRPCService`.
|
||||
|
||||
### 5. Map errors
|
||||
|
||||
The route translates domain `KimiError` codes into protocol `ErrorCode` numbers. Two registries must stay in sync:
|
||||
|
||||
- **Domain code** — register in `agent-core-v2/src/errors.ts` (`ErrorCodes`) and throw from the Service (errors.md). Co-located domain errors go in `<domain>Legacy/errors.ts` (e.g. `prompt.not_found`, `session.busy`).
|
||||
- **Wire code** — register the matching number in `packages/protocol/src/error-codes.ts` and reference it in the route's `errors` map and `sendMappedError`.
|
||||
|
||||
```ts
|
||||
function sendMappedError(reply, requestId, err) {
|
||||
if (isKimiError(err)) {
|
||||
switch (err.code) {
|
||||
case 'session.not_found':
|
||||
case 'agent.not_found':
|
||||
return reply.send(errEnvelope(ErrorCode.SESSION_NOT_FOUND, err.message, requestId));
|
||||
case 'prompt.not_found':
|
||||
return reply.send(errEnvelope(ErrorCode.PROMPT_NOT_FOUND, err.message, requestId));
|
||||
// ...
|
||||
}
|
||||
}
|
||||
return reply.send(errEnvelope(ErrorCode.INTERNAL_ERROR, String(err), requestId));
|
||||
}
|
||||
```
|
||||
|
||||
Match the v1 route's status codes and idempotent-conflict envelopes (e.g. `prompt.already_completed` → `40903` with `{ data: { aborted: false } }`). The error envelope is part of the wire contract — it is covered by the same schema-fidelity rule.
|
||||
|
||||
### 6. Test against the v1 wire shape
|
||||
|
||||
Add a `packages/kap-server/test/<resource>.test.ts` that boots the server and hits the route. Assert on the **envelope + protocol shape**, not on the v2 domain internals:
|
||||
|
||||
- success envelope `{ code: 0, data: <protocol shape>, request_id }`;
|
||||
- each declared error envelope `{ code: <ErrorCode>, msg, data, request_id }`;
|
||||
- the fields v1 clients read are present with the same names/types.
|
||||
|
||||
Where the route mirrors v1, the test is the regression guard for the schema-fidelity rule: if someone drifts the protocol schema or the projection, this test breaks.
|
||||
|
||||
### 7. Verify
|
||||
|
||||
- `pnpm -C packages/kap-server test` — server routes green.
|
||||
- `pnpm -C packages/protocol test` — schema tests green (incl. any new `rest-*.test.ts`).
|
||||
- `pnpm -C packages/agent-core-v2 test` — native + Legacy Service tests green.
|
||||
- `pnpm -C packages/agent-core-v2 run lint:domain` — a LegacyService is still inside the domain layers (edge adapter, L7); it must not pull business code into the edge or invert scope direction.
|
||||
- `pnpm -C packages/server-e2e ...` when a v1 parity scenario exists.
|
||||
|
||||
## Worked example — porting v1 `/sessions/:sid/prompts`
|
||||
|
||||
This is the reference alignment (commits `feat(server-v2): port v1 /sessions/:sid/prompts routes`, `feat(server-v2): return turn ids for prompt actions`). It shows all three decisions at once.
|
||||
|
||||
**The mismatch.** v1 `IPromptService` is a per-agent *scheduler*: it owns a FIFO queue, assigns `prompt_id`s, supports `steer`/`abort`, and auto-starts the next queued prompt when a turn settles. v2's native `IAgentPromptService` is a *turn driver*: a submission *is* a turn, there is no queue and no `prompt_id`. Forcing the queue into the v2 native Service would distort the v2 domain.
|
||||
|
||||
**The split.**
|
||||
|
||||
- `/api/v2` keeps the native shape — `prompts:submit` / `steer` / `undo` / `clear` / `cancel` map to `IAgentRPCService` (a wire facade over the v2 turn driver) in `actionMap`. The native `IAgentPromptService` is untouched.
|
||||
- `/api/v1` gets an `AgentPromptLegacyService` (`prompt/`, `LifecycleScope.Agent`) that re-implements the v1 scheduler — queue, `prompt_id`, steer/abort, auto-start-next — **on top of** the native `IAgentPromptService`. The `/api/v1` routes consume the LegacyService.
|
||||
|
||||
**The schema.** Both servers import `promptSubmissionSchema` / `promptSubmitResultSchema` / `promptListResponseSchema` / `promptSteerRequestSchema` / `promptSteerResultSchema` / `promptAbortResponseSchema` from `@moonshot-ai/protocol`. The v1 and v2 route files are therefore byte-compatible by construction; the LegacyService projects v2 turn results back into those protocol shapes.
|
||||
|
||||
**The errors.** v1 codes (`prompt.not_found`, `session.busy`, `prompt.already_completed`) are registered in `agent-core-v2` (`prompt/errors.ts`) and in `packages/protocol` (`error-codes.ts`), then mapped in the route's `sendMappedError` — including the idempotent `prompt.already_completed` → `40903 { data: { aborted: false } }`.
|
||||
|
||||
**The lesson.** When the v1 contract and the v2 domain disagree, add an adapter (LegacyService) at the edge; do not let the wire contract leak into the native domain. The two surfaces share the protocol schema but not the Service.
|
||||
|
||||
## Migration checklist
|
||||
|
||||
Before submitting a server-align change:
|
||||
|
||||
- [ ] Surface chosen deliberately: `/api/v1` mirror for a v1-matched endpoint, `/api/v2` for a new native capability (both if needed).
|
||||
- [ ] For a `/api/v1` mirror, the route file mirrors `packages/server/src/routes/<resource>.ts` path-for-path, verb-for-verb, action-for-action.
|
||||
- [ ] Request and response schemas come from `@moonshot-ai/protocol` (`packages/protocol/src/rest/<resource>.ts`); no inline re-declaration in server-v2.
|
||||
- [ ] Existing schema fields are unchanged in name, type, and semantics; only optional fields added (if any).
|
||||
- [ ] Native v2 Service left clean; v1-only behavior isolated in a `<domain>Legacy` / `I<Domain>LegacyService` edge adapter when the semantics diverge.
|
||||
- [ ] LegacyService registered with the correct `LifecycleScope` and a header comment naming it an L7 edge adapter + the native Service it preserves.
|
||||
- [ ] Domain error codes registered in `agent-core-v2`; wire codes registered in `packages/protocol`; route maps them in `sendMappedError`, matching v1's status codes and idempotent envelopes.
|
||||
- [ ] Route resolves the scope from the URL by `accessor.get(IX)`; no cached scope; finishes before disposal.
|
||||
- [ ] Tests assert the wire envelope + protocol shape; schema tests in `packages/protocol` added/updated.
|
||||
- [ ] `lint:domain` passes; the LegacyService did not invert scope or domain direction.
|
||||
|
||||
## Red lines (this subskill)
|
||||
|
||||
- One wire schema, one home: `packages/protocol`. Never re-declare a v1 wire schema inline in server-v2.
|
||||
- A `/api/v1` mirror route must keep every existing schema field's name, type, and semantics; only optional additions are allowed. A different shape belongs on `/api/v2`, not on the mirror.
|
||||
- Do not distort the native v2 Service to satisfy a v1 quirk — add a `<domain>Legacy` edge adapter instead. The native Service serves the v2 architecture; the LegacyService serves the wire contract.
|
||||
- A LegacyService is still a v2 Service: it follows scope, domain-direction, and DI rules. "Edge adapter" describes its role, not an exemption.
|
||||
- The v1 route file (`packages/server/src/routes/<resource>.ts`) is the spec for a mirror — match it; do not re-derive the wire shape from the v2 domain model or from memory.
|
||||
- Register every new error code in **both** `agent-core-v2` and `packages/protocol`; an unmapped code is a wire break.
|
||||
- Events stream over WS (`listen`), never over the REST mirror; do not invent REST polling for something v1 pushed as an event.
|
||||
|
|
@ -1,341 +0,0 @@
|
|||
# Topic — Service authoring
|
||||
|
||||
How to write a Service in `packages/agent-core-v2`: file layout, naming, what goes in the contract vs the impl, interface style, constructor / field conventions, events, multi-Service domains, and the comment rules. This is the day-to-day reference for stage 3 (implement.md covers the DI *mechanics*; this file covers the *authoring details*).
|
||||
|
||||
## File layout
|
||||
|
||||
One folder per domain, **camelCase**: `session/`, `sessionActivity/`, `contextMemory/`, `toolDedup/`. Inside, six kinds of files:
|
||||
|
||||
```text
|
||||
<domain>/
|
||||
├── <name>.ts ← interface file: exactly one IXxx + its createDecorator + the types it owns
|
||||
├── <name>Service.ts ← impl file: exactly one class + exactly one registerScopedService(...)
|
||||
├── <concern>.ts ← pure function(s): no Service suffix, no class, no registration
|
||||
├── <targetDomain>.ts ← contribution file (common): registers into another domain's extension point
|
||||
├── <what>.contrib.ts ← contribution file (uncommon / ad-hoc)
|
||||
└── <domain>.types.ts ← shared types that no single interface owns
|
||||
```
|
||||
|
||||
- **Strictly one service per file.** An interface file holds exactly one injectable interface and exactly one `createDecorator(...)`; an impl file holds exactly one service implementation class and exactly one `registerScopedService(...)`. No exceptions for "tightly-coupled" groups: even same-scope collaborators each get their own `<name>.ts` + `<name>Service.ts` pair.
|
||||
- **Scope is in the filename.** `session*.ts` = Session, `agent*.ts` = Agent, no scope prefix = App (see [Naming](#naming)). The header comment restates the same scope.
|
||||
- A domain therefore has as many impl files as it has services (e.g. `logService.ts` for the App `ILogService`, `sessionLogService.ts` for the Session `ISessionLogService`). See [Multi-Service domains](#multi-service-domains).
|
||||
|
||||
The package entry `src/index.ts` imports and `export *`s every domain's leaf files precisely (one line per leaf), so importing the package still runs every `registerScopedService(...)` side effect — exactly as the old per-domain barrels did.
|
||||
|
||||
## Naming
|
||||
|
||||
### Interfaces and classes
|
||||
|
||||
| Artifact | Rule | Example |
|
||||
|---|---|---|
|
||||
| Interface | `I` + scope prefix + PascalCase domain + role suffix. Scope prefix: `Session` / `Agent` / none (= App). Role suffix is usually `Service`. | `ISessionLogService`, `IAgentLoopService`, `ILogService` (App) |
|
||||
| Class | the interface name minus the leading `I`, plus `Service` if it does not already end in `Service`; `implements` the interface | `SessionLogService implements ISessionLogService`, `AppendLogStoreService implements IAppendLogStore` |
|
||||
| Decorator string | lowerCamelCase of the interface name minus the leading `I`; **globally unique and stable** (it surfaces in `CyclicDependencyError.path` and "no service registered" errors) | `createDecorator<ISessionLogService>('sessionLogService')` |
|
||||
| Model / non-service types | PascalCase, no `I` prefix | `SessionMeta`, `LogEntry`, `ConfigSection` |
|
||||
|
||||
The scope prefix makes a service's lifetime readable from its name. App services carry **no** prefix (App is the default, longest-lived tier); Session and Agent services always carry `Session` / `Agent`. The prefix applies to the interface, the class, and therefore the file names.
|
||||
|
||||
> Do **not** use the scope prefix to re-merge domains by lifetime. `IAgentEntityService`, `IAgentDataService`, and `ISessionEntityService` are still banned — the prefix marks lifetime, the rest of the name must still be the real owning domain (`IBackgroundTaskEntityService`, `ISessionMetadata`, `IPermissionRulesService`). See [domain-boundaries.md](domain-boundaries.md).
|
||||
|
||||
### File names
|
||||
|
||||
File names derive from the interface / class names so that scope and role are visible in the tree:
|
||||
|
||||
| File kind | Rule | Example (interface → file) |
|
||||
|---|---|---|
|
||||
| Interface file | interface name minus leading `I`, minus trailing `Service` if present; acronym-aware lowerCamelCase | `ISessionLogService` → `sessionLog.ts`; `IAppendLogStore` → `appendLogStore.ts`; `ILogService` → `log.ts` |
|
||||
| Impl file | the class name; acronym-aware lowerCamelCase | `SessionLogService` → `sessionLogService.ts`; `AppendLogStoreService` → `appendLogStoreService.ts` |
|
||||
| Pure-function file | the function / concern name; no `Service` suffix | `formatLogEntry.ts`, `levelEnabled.ts` |
|
||||
| Contribution file (common) | the **target** domain name | `config.ts` (registers a config section), `tool.ts`, `flag.ts` |
|
||||
| Contribution file (uncommon) | `<what>.contrib.ts` | `slackWebhook.contrib.ts` |
|
||||
| Shared-types file | `<domain>.types.ts` | `log.types.ts` |
|
||||
| Errors file | `<name>.errors.ts` | `appendLogStore.errors.ts` |
|
||||
|
||||
Acronym-aware lowerCamelCase lowercases a leading acronym as a group: `ILLMRequester` → `llmRequester.ts`, `IWSGateway` → `wsGateway.ts`, `IOAuthToolkit` → `oauthToolkit.ts`, `IAgentRPCService` → `agentRpcService.ts`.
|
||||
|
||||
Because the impl class always ends in `Service` and the interface file never does, the two files of one service never collide — even for `Store` / `Registry` / `Resolver` interfaces (`IAppendLogStore` → `appendLogStore.ts` + `appendLogStoreService.ts`).
|
||||
|
||||
## The contract file (`<domain>.ts`)
|
||||
|
||||
Holds the public surface of the domain. A typical contract:
|
||||
|
||||
```ts
|
||||
/**
|
||||
* `greet` domain (Ln) — one-line role.
|
||||
*
|
||||
* Defines the `Greeting` model and the `IGreeter` used by … Bound at … scope.
|
||||
*/
|
||||
|
||||
import { createDecorator, type ServiceIdentifier } from '#/_base/di/instantiation';
|
||||
|
||||
export interface Greeting { // model — no _serviceBrand
|
||||
readonly message: string;
|
||||
}
|
||||
|
||||
export interface IGreeter { // injectable service — carries _serviceBrand
|
||||
readonly _serviceBrand: undefined;
|
||||
hello(): Greeting;
|
||||
}
|
||||
|
||||
export const IGreeter: ServiceIdentifier<IGreeter> =
|
||||
createDecorator<IGreeter>('greeter');
|
||||
```
|
||||
|
||||
What belongs here:
|
||||
|
||||
- **Model types** (`type` / `interface`) the domain exposes — `SessionMeta`, `LogEntry`, `ConfigSection`.
|
||||
- **Service interface(s)** — the contract consumers depend on.
|
||||
- **Decorator(s)** — one `createDecorator` per injectable service.
|
||||
- **Helper types and pure functions** tightly bound to the contract — e.g. option bags, `satisfies`-checked seeds, predicate functions like `levelEnabled`.
|
||||
|
||||
### Which interfaces carry `_serviceBrand`
|
||||
|
||||
Only interfaces used as a **DI token** carry `readonly _serviceBrand: undefined`. Everything else does not:
|
||||
|
||||
- ✅ Service interface resolved via `@IX` / `accessor.get(IX)` → carries `_serviceBrand`.
|
||||
- ❌ Base interface extended by a service (e.g. `ILogger` extended by `ILogService`) → no `_serviceBrand`.
|
||||
- ❌ Plain model / data interface (`LogEntry`, `SessionMeta`) → no `_serviceBrand`.
|
||||
|
||||
```ts
|
||||
export interface ILogger { // base interface — no brand
|
||||
info(message: string): void;
|
||||
}
|
||||
export interface ILogService extends ILogger { // DI token — branded
|
||||
readonly _serviceBrand: undefined;
|
||||
setLevel(level: LogLevel): void;
|
||||
}
|
||||
```
|
||||
|
||||
## Interface style
|
||||
|
||||
- **Sync methods** return a concrete type; **async methods** return `Promise<T>`. Do not wrap a sync return in `Promise`.
|
||||
- **Readonly fields** for immutable exposed state: `readonly ready: Promise<void>`, `readonly modelAlias: string | undefined`.
|
||||
- **Optional members** with `?`: `flush?(): Promise<void>`, `close?(): Promise<void>`.
|
||||
- **Generics** where the caller supplies the shape: `get<T = unknown>(domain: string): T`.
|
||||
- **Extend** a base interface to share method groups: `interface ILogService extends ILogger`.
|
||||
- **Events** as `readonly onDid…` / `onWill…` properties typed `Event<T>` — see [Events](#events).
|
||||
|
||||
```ts
|
||||
export interface IConfigService {
|
||||
readonly _serviceBrand: undefined;
|
||||
readonly ready: Promise<void>;
|
||||
readonly onDidChange: Event<ConfigChangedEvent>;
|
||||
get<T = unknown>(domain: string): T;
|
||||
set(domain: string, patch: unknown): Promise<void>;
|
||||
reload(): Promise<void>;
|
||||
}
|
||||
```
|
||||
|
||||
## The impl file (`<domain>Service.ts`)
|
||||
|
||||
Holds the concrete class(es) and the top-level registration. A typical impl:
|
||||
|
||||
```ts
|
||||
/**
|
||||
* `greet` domain (Ln) — `IGreeter` implementation.
|
||||
*
|
||||
* … collaborators as roles ("logs through `log`") … Bound at App scope.
|
||||
*/
|
||||
|
||||
import { InstantiationType } from '#/_base/di/extensions';
|
||||
import { LifecycleScope, registerScopedService } from '#/_base/di/scope';
|
||||
import { ILogService } from '#/log';
|
||||
|
||||
import { type Greeting, IGreeter } from './greet';
|
||||
|
||||
export class Greeter implements IGreeter {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
|
||||
constructor(@ILogService private readonly log: ILogService) {}
|
||||
|
||||
hello(): Greeting {
|
||||
this.log.info('hello');
|
||||
return { message: 'hi' };
|
||||
}
|
||||
}
|
||||
|
||||
registerScopedService(LifecycleScope.App, IGreeter, Greeter, InstantiationType.Eager, 'greet');
|
||||
```
|
||||
|
||||
What belongs here:
|
||||
|
||||
- **Imports** — `InstantiationType` from `'#/_base/di/extensions'`; `LifecycleScope` + `registerScopedService` from `'#/_base/di/scope'`; collaborators via the `#/<domain>` alias; the contract's types + decorator via a relative `./<domain>` import.
|
||||
- **Class** — `XxxService implements IXxxService`, with `declare readonly _serviceBrand: undefined`.
|
||||
- **Helper classes / functions** used only by this impl (e.g. a built-in writer, an `extractError` helper) — co-located in the same file.
|
||||
- **Top-level `registerScopedService(...)`** — one per Service the file owns; importing the impl file runs the registration.
|
||||
|
||||
## Constructor conventions
|
||||
|
||||
- Declare every dependency with `@IX` on a constructor parameter.
|
||||
- Use `private readonly` (or `protected readonly`) to store a used dependency as a field.
|
||||
- For an injected dependency the class does **not** directly use (e.g. passed through, or only needed to force construction order), drop the visibility modifier and prefix with `_`: `@IEventService _event: IEventService`.
|
||||
- Service parameters and static parameters may both appear; the ordering rule depends on how the object is created — see below.
|
||||
|
||||
### Parameter order: scoped service vs `createInstance`
|
||||
|
||||
- **`registerScopedService` services** — the container injects only the `@IX` parameters; any static parameters must have defaults and are left at their default when the container builds the instance. Order is therefore not enforced by the container, but the common style is **`@IX` parameters first, optional static parameters after**:
|
||||
|
||||
```ts
|
||||
constructor(
|
||||
@ILogWriterService protected readonly writer: ILogWriterService,
|
||||
private readonly bound: LogContext = {},
|
||||
level: LogLevel = 'info',
|
||||
) {}
|
||||
```
|
||||
|
||||
- **`createInstance` objects** (non-singletons built with `instantiation.createInstance(Ctor, …staticArgs)`) — static parameters **must come first**, service parameters after, because the caller passes the static prefix positionally:
|
||||
|
||||
```ts
|
||||
constructor(
|
||||
private readonly input: string, // static — passed by caller
|
||||
@ILogService private readonly log: ILogService, // service — injected
|
||||
) {}
|
||||
```
|
||||
|
||||
### Factory methods
|
||||
|
||||
A scoped Service may expose a factory method that returns a **new** instance of itself (or a related class) with extra context bound — e.g. `ILogger.child(ctx)` returns `new LogService(this.writer, { …this.bound, …ctx }, this._level)`. This is not a DI violation: it is an explicit factory, not a request for the container to build a Service. Do not use it to circumvent scope or singleton semantics.
|
||||
|
||||
## Fields and state
|
||||
|
||||
- `private readonly` for fields set once at construction (injected deps, derived config).
|
||||
- `private _name` (underscore prefix) for mutable private state: `private _level: LogLevel`.
|
||||
- `readonly` public fields only for immutable exposed state; prefer a getter (`get level()`) when the value can change.
|
||||
- Keep state minimal — a Service owns only the state that matches its scope's identity (design.md §2). Anything else belongs in a different Service.
|
||||
|
||||
## Events
|
||||
|
||||
v2 has two distinct event mechanisms. Pick by audience:
|
||||
|
||||
### `Event<T>` / `Emitter` — typed property on a Service
|
||||
|
||||
Use when a Service exposes a typed event its consumers subscribe to. Lives in `'#/_base/event'`.
|
||||
|
||||
```ts
|
||||
// contract
|
||||
import type { Event } from '#/_base/event';
|
||||
export interface IConfigService {
|
||||
readonly onDidChange: Event<ConfigChangedEvent>;
|
||||
}
|
||||
|
||||
// impl
|
||||
import { Emitter, type Event } from '#/_base/event';
|
||||
export class ConfigService extends Disposable implements IConfigService {
|
||||
private readonly _onDidChange = this._register(new Emitter<ConfigChangedEvent>());
|
||||
readonly onDidChange: Event<ConfigChangedEvent> = this._onDidChange.event;
|
||||
|
||||
private notify(changed: ConfigChangedEvent): void {
|
||||
this._onDidChange.fire(changed);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Conventions:
|
||||
|
||||
- Back the public `Event<T>` with a private `Emitter<T>`, registered with `this._register(...)` so it disposes with the Service.
|
||||
- Naming: `onDid…` for "happened" (past tense, after the fact); `onWill…` for "about to happen" (may allow `waitUntil` participation / veto — see `AsyncEmitter` / `IWaitUntil` in `'#/_base/event'`).
|
||||
- The Delayed-instantiation Proxy preserves early `onDid…` / `onWill…` subscriptions (implement.md §5).
|
||||
|
||||
### `IEventService` — global pub-sub bus
|
||||
|
||||
Use to broadcast protocol events across domains. Lives in `'#/event'`.
|
||||
|
||||
```ts
|
||||
export interface IEventService {
|
||||
readonly _serviceBrand: undefined;
|
||||
publish(event: ProtocolEvent): void;
|
||||
subscribe(handler: (event: ProtocolEvent) => void): IDisposable;
|
||||
}
|
||||
```
|
||||
|
||||
Inject `@IEventService` and `publish(...)`; `subscribe(...)` returns an `IDisposable` to register with `this._register(...)`. This is the bus for "a fact happened, react if you care" (design.md §4) — not for typed per-Service events.
|
||||
|
||||
## Multi-Service domains
|
||||
|
||||
A domain may define several Services. Each Service gets its own pair of files regardless of scope or coupling:
|
||||
|
||||
- **One pair per Service** → `<name>.ts` for the contract + `<name>Service.ts` for the implementation.
|
||||
- **Different scopes** → the scope prefix in the Service name makes this obvious (`logService.ts` for App `ILogService`, `sessionLogService.ts` for Session `ISessionLogService`).
|
||||
- **Same interface, multiple role tokens** (e.g. `IAtomicDocumentStore` and `IAtomicTomlDocumentStore` share one interface type but are distinct DI tokens) → each token is its own Service identity and must be registered and resolved independently.
|
||||
|
||||
There is no `index.ts` barrel: consumers import each contract/impl from its precise leaf path (e.g. `import { ILogService } from '#/log/log'`), never the domain directory.
|
||||
|
||||
## No barrel — the package entry loads leafs precisely
|
||||
|
||||
A domain has **no `index.ts` barrel**. Its files are the contract leaf (`<name>.ts`) and the impl leaf (`<name>Service.ts`), and consumers import the precise file — never the directory:
|
||||
|
||||
```ts
|
||||
import { IGreeter, type Greeting } from '#/greet/greet';
|
||||
```
|
||||
|
||||
Self-registration is unchanged: `greetService.ts` keeps its top-level `registerScopedService(...)`. The package entry `src/index.ts` loads the domain's leafs precisely — `export *` for the contract, a side-effect `import` for the impl — one line per leaf:
|
||||
|
||||
```ts
|
||||
// src/index.ts
|
||||
export * from './greet/greet';
|
||||
import './greet/greetService';
|
||||
```
|
||||
|
||||
Importing the package therefore fires every `register*` side effect, exactly as the old per-domain barrels did. When you add a new domain, write the contract + impl leafs (with their top-level `register*`), then add the leaf path(s) to `src/index.ts`. **Do not create an `index.ts`.**
|
||||
|
||||
- Load the impl file too — its top-level `registerScopedService(...)` only runs when the module is imported.
|
||||
- `export *` helper modules only if they are part of the domain's public surface.
|
||||
- Each leaf's file-header comment still names the domain, scope, and (for impls) the `register*` binding it owns.
|
||||
|
||||
## Comments
|
||||
|
||||
- **File-header comment is mandatory** and the only place comments live (orient.md). State the identity line, the role, collaborators (impls), and scope.
|
||||
- **Methods and fields carry no comments by default.** Well-named identifiers and types say *what*; the code is the source of truth for *how*.
|
||||
- Write an inline comment only when the *why* is non-obvious (a hidden constraint, a subtle invariant, a workaround). One short line.
|
||||
- For unimplemented stubs, throw `NotImplementedError('feature')` rather than `throw new Error('TODO: …')` (errors.md).
|
||||
|
||||
## Complete minimal example
|
||||
|
||||
```ts
|
||||
// greet/greet.ts
|
||||
import { createDecorator, type ServiceIdentifier } from '#/_base/di/instantiation';
|
||||
|
||||
export interface Greeting { readonly message: string; }
|
||||
|
||||
export interface IGreeter {
|
||||
readonly _serviceBrand: undefined;
|
||||
hello(): Greeting;
|
||||
}
|
||||
|
||||
export const IGreeter: ServiceIdentifier<IGreeter> = createDecorator<IGreeter>('greeter');
|
||||
```
|
||||
|
||||
```ts
|
||||
// greet/greetService.ts
|
||||
import { InstantiationType } from '#/_base/di/extensions';
|
||||
import { LifecycleScope, registerScopedService } from '#/_base/di/scope';
|
||||
import { type Greeting, IGreeter } from './greet';
|
||||
|
||||
export class Greeter implements IGreeter {
|
||||
declare readonly _serviceBrand: undefined;
|
||||
hello(): Greeting { return { message: 'hi' }; }
|
||||
}
|
||||
|
||||
registerScopedService(LifecycleScope.App, IGreeter, Greeter, InstantiationType.Eager, 'greet');
|
||||
```
|
||||
|
||||
```ts
|
||||
// src/index.ts
|
||||
export * from './greet/greet';
|
||||
import './greet/greetService';
|
||||
```
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- One folder per domain, camelCase; one service per file pair: contract `<name>.ts` + impl `<name>Service.ts`; **no `index.ts` barrel** — `src/index.ts` loads each leaf file precisely.
|
||||
- Exactly one injectable interface and one `createDecorator(...)` per contract file.
|
||||
- Exactly one service implementation class and one `registerScopedService(...)` per impl file.
|
||||
- `IXxxService` / `XxxService` naming; decorator string is lowerCamelCase, globally unique, and stable.
|
||||
- Name Services by owning domain, never by scope (`IAgentEntityService`, `ISessionEntityService`).
|
||||
- `_serviceBrand` only on interfaces used as a DI token — never on base interfaces or plain models.
|
||||
- Sync methods return concrete types, async return `Promise<T>`; do not `Promise`-wrap sync work.
|
||||
- `createInstance` objects put static parameters before service parameters; scoped services put `@IX` parameters first (static params need defaults).
|
||||
- Never `new` a `@IService`-carrying Service — except inside an explicit factory method, which is not a DI request.
|
||||
- Events: typed per-Service event → `Event<T>`/`Emitter` from `'#/_base/event'`; cross-domain broadcast → `IEventService` from `'#/event'`.
|
||||
- `src/index.ts` must import/export every leaf file (including the impl) so each `register*` side effect runs.
|
||||
- File-header comment only; methods/fields carry no comments by default; stubs throw `NotImplementedError`.
|
||||
|
|
@ -1,95 +0,0 @@
|
|||
# Topic — Telemetry
|
||||
|
||||
Telemetry infrastructure for agent-core-v2: how business services emit events, how context propagates, and how events reach a destination through appenders.
|
||||
|
||||
Telemetry is a **layer-1 root** domain (alongside `log`): pure `App` scope, stateless, no business-domain dependencies. It is a thin facade — enrichment, batching, and transport belong to the appenders, not to this layer.
|
||||
|
||||
## Where things live
|
||||
|
||||
- `src/app/telemetry/telemetry.ts`: contract — `ITelemetryService` (facade), `ITelemetryAppender` (destination), `TelemetryProperties`, `nullTelemetryAppender`, and `TelemetryServiceOptions`.
|
||||
- `src/app/telemetry/events.ts`: event registry — `telemetryEventDefinitions` pairs every business event's property type with review metadata (owner / purpose / per-property comment); the single source of truth for `track2`.
|
||||
- `src/app/telemetry/telemetryService.ts`: `TelemetryService` impl + `registerScopedService(LifecycleScope.App, …)`.
|
||||
- `src/app/telemetry/consoleAppender.ts`: `ConsoleAppender` — echoes events to a log function (dev / debug).
|
||||
- `src/app/telemetry/cloudAppender.ts`: `CloudAppender` — sanitizes + PII-cleans properties, batches + enriches + posts to the telemetry endpoint.
|
||||
- `src/app/telemetry/cloudTransport.ts`: `CloudTransport` — HTTP transport behind `CloudAppender`.
|
||||
- `src/app/telemetry/privacy.ts`: outbound PII redaction (`cleanTelemetryProperties`) — URLs, emails, tokens, and absolute file paths become `<REDACTED: ...>` labels; `node_modules/` tails are kept.
|
||||
|
||||
## Emitting events (business services)
|
||||
|
||||
Inject `ITelemetryService` and call `track2` with a registered event:
|
||||
|
||||
```ts
|
||||
import { ITelemetryService } from '#/app/telemetry/telemetry';
|
||||
|
||||
constructor(@ITelemetryService private readonly telemetry: ITelemetryService) {}
|
||||
|
||||
this.telemetry.track2('cron_fired', { task_id: taskId, coalesced_count: 0, stale: false, buffered: false, recurring: true });
|
||||
```
|
||||
|
||||
`track2` is checked against the registry in `events.ts` at compile time: the event name must be a key of `telemetryEventDefinitions`, and the properties must match the registered interface exactly (extra or missing keys are compile errors). **New events must be registered first** — add a properties interface and a `defineTelemetryEvent<P>({ owner, comment, properties })` entry documenting every property. Naming: snake_case for events and properties, unit suffixes (`_ms` / `_count` / `_bytes`), no user content or file paths; `test/app/telemetry/events.test.ts` enforces the conventions. The low-level `track` remains for appender plumbing and tests only.
|
||||
|
||||
`TelemetryService.track` merges the bound context into the properties and fans the event out to every registered appender. A single throwing appender is isolated via `onUnexpectedError` and never blocks the rest.
|
||||
|
||||
### Context (sessionId / agentId / turnId)
|
||||
|
||||
The service carries a bound context (`sessionId` / `agentId` / `turnId`) that is merged into every event. Bind it at construction or derive a scoped view:
|
||||
|
||||
```ts
|
||||
const child = telemetry.withContext({ agentId: 'main', turnId: 't1' });
|
||||
child.track2('tool_call', { turn_id: 1, tool_call_id: 'c1', tool_name: 'bash', outcome: 'success', duration_ms: 12 }); // carries sessionId + agentId + turnId
|
||||
```
|
||||
|
||||
`withContext(patch)` returns a new service sharing the same appenders; per-call properties override bound context on key collision. `setContext(patch)` mutates the bound context in place and propagates to appenders that implement `setContext`.
|
||||
|
||||
## Appenders (destinations)
|
||||
|
||||
An appender is the destination an event is fanned out to. It is **not a DI Service** — it is a plain object implementing `ITelemetryAppender`, held by `TelemetryService`.
|
||||
|
||||
```ts
|
||||
export interface ITelemetryAppender {
|
||||
track(event: string, properties?: TelemetryProperties): void;
|
||||
withContext?(patch: TelemetryContextPatch): ITelemetryAppender;
|
||||
setContext?(patch: TelemetryContextPatch): void;
|
||||
flush?(): Promise<void> | void;
|
||||
shutdown?(): Promise<void> | void;
|
||||
}
|
||||
```
|
||||
|
||||
Built-in appenders:
|
||||
|
||||
- `ConsoleAppender` — `[telemetry] <event> <json>` to a log function (default `console.log`); options `prefix` / `pretty` / `log`.
|
||||
- `CloudAppender` — batches events, enriches with common context (`app_name` / `version` / `platform` / …), and posts to `https://telemetry-logs.kimi.com/v1/event` through `CloudTransport` (Bearer auth, retry, on-disk fallback). Options: `homeDir` / `deviceId` / `sessionId?` / `appName` / `version` / `uiMode?` / `model?` / `getAccessToken?` / `endpoint?` / `flushThreshold?` / `flushIntervalMs?`.
|
||||
|
||||
### Registering appenders (bootstrap)
|
||||
|
||||
Appenders are added after the App scope exists, by resolving the service and calling `addAppender`:
|
||||
|
||||
```ts
|
||||
const app = createAppScope();
|
||||
const telemetry = app.accessor.get(ITelemetryService);
|
||||
|
||||
telemetry.addAppender(new ConsoleAppender({ prefix: '[dev]' })); // dev echo
|
||||
telemetry.addAppender(new CloudAppender({ // production
|
||||
homeDir, deviceId, sessionId,
|
||||
appName: 'kimi-code', version, uiMode: 'shell', model,
|
||||
getAccessToken: () => auth.getCachedAccessToken(KIMI_CODE_PROVIDER_NAME),
|
||||
}));
|
||||
```
|
||||
|
||||
`addAppender` returns an `IDisposable` that removes the appender when disposed. `setAppender(appender)` resets to a single appender (mainly for tests). `removeAppender(appender)` drops one.
|
||||
|
||||
> There is no production bootstrap wired yet — `TelemetryService` defaults to `[nullTelemetryAppender]`, so `track(...)` is a no-op until `addAppender` is called at startup.
|
||||
|
||||
## Lifecycle
|
||||
|
||||
- `setEnabled(false)` drops `track` (service-level switch); `setEnabled(true)` resumes. `flush` / `shutdown` are unaffected by the switch.
|
||||
- `flush()` / `shutdown()` fan out to all appenders concurrently; a single rejecting appender is swallowed. Await `shutdown()` before process exit so buffered events (e.g. in `CloudAppender`) are sent.
|
||||
|
||||
## Red lines (this topic)
|
||||
|
||||
- Business services depend only on `ITelemetryService` — never import an appender class.
|
||||
- Telemetry is layer-1 root: do not inject any business-domain service into it, and do not move it off `App`.
|
||||
- Appenders are plain `ITelemetryAppender` objects, not DI Services — register them with `addAppender`, never via `registerScopedService`.
|
||||
- `track` is fire-and-forget and must not throw; appender `track` must be synchronous — buffer and send asynchronously via `flush` / `shutdown`.
|
||||
- Await `telemetry.shutdown()` before process exit when a buffering appender is registered.
|
||||
- Keep event names stable; register every business event in `events.ts` and emit via `track2` — properties must be JSON-serializable primitives (non-primitives are dropped with a warning by `CloudAppender`).
|
||||
|
|
@ -1,262 +0,0 @@
|
|||
# Stage 4 — Test
|
||||
|
||||
Exercise the **same path production uses**: a service is reached by its interface through the container, its `@IService` dependencies are resolved from the container, and — where the scope layer matters — through the scope tree. Tests that `new` a service and paper over its constructor with hand-rolled objects bypass that path and let the `registerScopedService(IX → Impl)` binding rot untested.
|
||||
|
||||
`@IService` parameter decorators run under vitest (the build uses `experimentalDecorators`), so fixtures declare dependencies exactly like production code. There is **no** `param()` helper, no manual `(Id as …)(Ctor, '', 0)`, and no capturing `accessor` inside a constructor to synchronously `.get()` a peer.
|
||||
|
||||
## The one rule
|
||||
|
||||
**Resolve the system under test by its interface, through the container. Never call `new` on a production service whose constructor carries `@IService` dependencies.**
|
||||
|
||||
```ts
|
||||
// ✅ resolve by interface — the IX → Sut binding is exercised
|
||||
ix.set(IMessageService, new SyncDescriptor(MessageService));
|
||||
const svc = ix.get(IMessageService);
|
||||
|
||||
// ❌ construct the implementation directly — the registration is never run
|
||||
const svc = new MessageService(stubContext);
|
||||
```
|
||||
|
||||
Resolving by interface is what makes `registerScopedService(ISut, Sut, …)` part of the test. Constructing the class directly (or via `ix.createInstance(Sut)`) tests the class in isolation but leaves the binding, the scope layer, and the delayed/eager flag unverified.
|
||||
|
||||
Pure functions, value objects, and services with **no** `@IService` dependencies may be constructed directly.
|
||||
|
||||
The only other exception is a test that genuinely needs **two independent instances** of the same service with different dependencies (e.g. constructing two `TurnService`s with different `ILoopRunner`s). A singleton-per-container resolution cannot produce both, so `ix.createInstance(Impl)` is acceptable there — annotate it with a comment explaining why.
|
||||
|
||||
## Two harnesses
|
||||
|
||||
Pick the harness by *whether the scope layer is part of what you are testing*.
|
||||
|
||||
| Under test | Harness | Resolve the SUT with |
|
||||
|---|---|---|
|
||||
| A single service's behavior (unit) | `TestInstantiationService` (flat) | `ix.get(ISut)` after `ix.set(ISut, new SyncDescriptor(Sut))` |
|
||||
| Cross-scope wiring, or which layer a service lives in | `createScopedTestHost` (scope tree) | `host.<scope>.accessor.get(ISut)` |
|
||||
|
||||
### Unit harness — `TestInstantiationService`
|
||||
|
||||
Default for domain service unit tests. It is an `InstantiationService` that also implements `ServicesAccessor` (so you can `ix.get(...)` directly) and owns sinon (so `dispose()` restores stubs).
|
||||
|
||||
```ts
|
||||
import { afterEach, beforeEach, describe, expect, it } from 'vitest';
|
||||
import { DisposableStore } from '#/_base/di/lifecycle';
|
||||
import { createServices } from '#/_base/di/test';
|
||||
import type { TestInstantiationService } from '#/_base/di/test';
|
||||
import { registerRecordsServices } from '../records/stubs';
|
||||
|
||||
describe('XxxService', () => {
|
||||
let disposables: DisposableStore;
|
||||
let ix: TestInstantiationService;
|
||||
|
||||
beforeEach(() => {
|
||||
disposables = new DisposableStore();
|
||||
ix = createServices(disposables, {
|
||||
base: [registerRecordsServices],
|
||||
additionalServices: (reg) => {
|
||||
reg.define(IContextService, ContextService); // 1. real collaborator, by interface
|
||||
reg.define(IXxxService, XxxService); // 2. system under test, by interface
|
||||
},
|
||||
});
|
||||
});
|
||||
afterEach(() => disposables.dispose());
|
||||
|
||||
it('does the thing', () => {
|
||||
const svc = ix.get(IXxxService); // 3. resolve by interface
|
||||
expect(svc.thing()).toBe('…');
|
||||
});
|
||||
});
|
||||
```
|
||||
|
||||
`createServices` builds the container from domain **service groups** plus per-test overrides (see Service groups). Reach for `ix.stub(...)` / `ix.set(...)` directly only inside an `it` when a single test needs to swap a registration:
|
||||
|
||||
- whole service, partial object: `ix.stub(IId, { method() { return … } })`;
|
||||
- single method: `ix.stub(IId, 'method', value)` returns a sinon stub; `ix.spy(IId, 'method')` returns a spy;
|
||||
- a prebuilt instance or descriptor: `ix.set(IId, instance)` / `ix.set(IId, new SyncDescriptor(Impl))`;
|
||||
- when a collaborator's behavior must vary per test, model it as a `Test*Service` subclass whose methods read suite-scoped `let` variables rather than rebuilding the container each test.
|
||||
|
||||
### Scope harness — `createScopedTestHost`
|
||||
|
||||
Reach for this only when *which layer a service lives in* is itself the thing being asserted, or when the SUT reads from parent/child scopes. It builds the real `Scope` tree and resolves through it.
|
||||
|
||||
```ts
|
||||
import { beforeEach, describe, expect, it } from 'vitest';
|
||||
import { InstantiationType } from '#/_base/di/extensions';
|
||||
import {
|
||||
LifecycleScope,
|
||||
_clearScopedRegistryForTests,
|
||||
registerScopedService,
|
||||
} from '#/_base/di/scope';
|
||||
import { createScopedTestHost, stubPair } from '#/_base/di/test';
|
||||
|
||||
describe('XxxService (scoped)', () => {
|
||||
beforeEach(() => {
|
||||
_clearScopedRegistryForTests();
|
||||
registerScopedService(
|
||||
LifecycleScope.Agent,
|
||||
IXxxService,
|
||||
XxxService,
|
||||
InstantiationType.Delayed,
|
||||
'xxx',
|
||||
);
|
||||
});
|
||||
|
||||
it('resolves from the Agent scope with ancestor deps injected', () => {
|
||||
const host = createScopedTestHost([stubPair(ILogService, stubLog())]);
|
||||
const agent = host.child(LifecycleScope.Agent, 'main');
|
||||
const svc = agent.accessor.get(IXxxService); // by interface
|
||||
expect(svc.thing()).toBe('…');
|
||||
host.dispose();
|
||||
});
|
||||
});
|
||||
```
|
||||
|
||||
Always `_clearScopedRegistryForTests()` and re-register explicitly in `beforeEach`. Do not rely on a production module's top-level `registerScopedService(...)` side effect: import order then becomes part of the test, and another suite's `_clearScopedRegistryForTests()` can wipe it.
|
||||
|
||||
## Register the SUT by interface
|
||||
|
||||
Whichever harness you use, the SUT is registered under its interface (`ix.set(IX, new SyncDescriptor(Impl))` or `registerScopedService(scope, IX, Impl, …)`) and resolved by that interface. This is non-negotiable: it is the only thing that keeps the production registration honest.
|
||||
|
||||
A test that does `ix.createInstance(Impl)` is testing the class, not the service. Convert those (see Migration).
|
||||
|
||||
## Shared stubs
|
||||
|
||||
Hand-rolled stubs (`noopLog`, `noneEvent`, `unusedRecords`, …) must not be copied between test files. Each domain that owns a frequently-stubbed interface exports a stub from a `stubs.ts` **in the `test/` tree**, never from `src/`:
|
||||
|
||||
```text
|
||||
test/log/stubs.ts → stubLog() / stubLogger()
|
||||
test/turn/stubs.ts → stubTurn()
|
||||
test/records/stubs.ts → stubAgentRecords()
|
||||
test/environment/stubs.ts → stubEnvironment()
|
||||
```
|
||||
|
||||
All test support lives under `test/` so test-only code stays out of the production source tree. Because `tsdown` builds from `src/index.ts`, anything under `test/` is unreachable from the entry and is never bundled into `dist/`.
|
||||
|
||||
Conventions:
|
||||
|
||||
- export a **factory** (`stubXxx()`), not a shared singleton, so tests cannot leak state through a stub;
|
||||
- name it `stub<Interface>` — e.g. `stubAgentRecords`;
|
||||
- the stub satisfies the full interface so the compiler, not a cast, guarantees it stays in sync;
|
||||
- import it with a **relative path** — `./stubs` from the same domain's tests, `../<domain>/stubs` from another domain. Never import stubs from `#/…` (that alias is for production `src/`) and never import one test file from another;
|
||||
- a `stubs.ts` may import its domain's production types via `#/<domain>/…`.
|
||||
|
||||
If a stub is needed by two test files, it belongs in that domain's `test/<domain>/stubs.ts`.
|
||||
|
||||
## Service groups
|
||||
|
||||
Most unit tests stub the same handful of collaborators (`ILogService`, `IAgentRecords`, `IConfigService`, `ITelemetryService`, …). Rather than repeat `ix.stub(...)` lines in every `beforeEach`, each domain exports a `register*Services` function from its `stubs.ts` that registers the default test doubles for that domain:
|
||||
|
||||
```ts
|
||||
// test/log/stubs.ts
|
||||
export function registerLogServices(reg: ServiceRegistration): void {
|
||||
reg.defineInstance(ILogService, stubLog());
|
||||
}
|
||||
```
|
||||
|
||||
`createServices(disposables, { base, additionalServices })` composes them:
|
||||
|
||||
- `base` — an ordered list of service groups. Each group's registrations are deduped (first writer wins), so groups supply safe defaults without clobbering each other.
|
||||
- `additionalServices` — applied after `base`. Registrations here **overwrite** any base default, so a test can swap a stub for a spy, register the system under test, or supply a one-off collaborator.
|
||||
|
||||
```ts
|
||||
ix = createServices(disposables, {
|
||||
base: [registerLogServices, registerConfigServices, registerRecordsServices],
|
||||
additionalServices: (reg) => {
|
||||
reg.definePartialInstance(IAgentKaos, {}); // one-off collaborator
|
||||
reg.define(IAgentRecords, spyRecords); // override a base default
|
||||
reg.define(IXxxService, XxxService); // system under test
|
||||
},
|
||||
});
|
||||
```
|
||||
|
||||
`ServiceRegistration` offers three verbs:
|
||||
|
||||
- `define(id, Ctor)` — lazy `SyncDescriptor`; the service is instantiated on first resolve. Use for real collaborators and the system under test.
|
||||
- `defineInstance(id, instance)` — a fully-built instance (a fake such as `stubLog()`, or `new ConfigRegistry()`).
|
||||
- `definePartialInstance(id, { ... })` — a partial mock; only the supplied members are provided. Use for collaborators the test does not exercise.
|
||||
|
||||
Conventions:
|
||||
|
||||
- a group registers the domain's services **as dependencies** (a fake, or a `{}` partial when no fake exists yet). When a service is the system under test, the test registers the real implementation via `additionalServices` and does not rely on the group's default for it;
|
||||
- keep groups small and domain-local. A service that is almost always the system under test, or that every consumer configures differently, should not have a group — register it inline via `additionalServices`;
|
||||
- import groups with a **relative path** (`../<domain>/stubs`), never from `#/…`.
|
||||
|
||||
`createServices` defaults to `strict: false` (missing dependencies warn rather than throw), matching `new TestInstantiationService()`. Pass `strict: true` to surface unregistered `@IService` dependencies.
|
||||
|
||||
## Declaring dependencies
|
||||
|
||||
Always use `@IService` constructor decorators — in fixtures and in production services alike.
|
||||
|
||||
```ts
|
||||
// ✅
|
||||
class Consumer {
|
||||
constructor(@IGreeter private readonly greeter: IGreeter) {}
|
||||
}
|
||||
|
||||
// ❌ no param() helper, no inline cast
|
||||
class Consumer {
|
||||
constructor(private readonly greeter: IGreeter) {}
|
||||
}
|
||||
param(IGreeter, Consumer, 0);
|
||||
```
|
||||
|
||||
Because the decorator runs when the class is defined, the `createDecorator` identifier must be initialized **before** the class that uses it. Declare the identifier, then the class:
|
||||
|
||||
```ts
|
||||
const IDep = createDecorator<IDep>('dep');
|
||||
class Consumer {
|
||||
constructor(@IDep private readonly dep: IDep) {}
|
||||
}
|
||||
```
|
||||
|
||||
For two services that depend on each other (a cycle), declare both identifiers first, then both classes, so neither class references an uninitialized binding.
|
||||
|
||||
Declare fixtures at module top, interface + decorator + implementation co-located, and keep `_serviceBrand` on the interface when it represents a real service — `GetLeadingNonServiceArgs` relies on the brand to tell service parameters apart from static ones. Pure throwaway fixtures may omit `_serviceBrand`.
|
||||
|
||||
## Lifecycle / teardown
|
||||
|
||||
One `DisposableStore` per suite. Add the **container** and any event subscriptions to it; dispose in `afterEach`.
|
||||
|
||||
```ts
|
||||
beforeEach(() => { disposables = new DisposableStore(); /* … */ });
|
||||
afterEach(() => disposables.dispose());
|
||||
```
|
||||
|
||||
Do **not** add the system-under-test itself to the store. `TestInstantiationService` disposes every service it creates when the container is disposed, so `ix.get(IX)` instances are cleaned up automatically via `disposables.add(ix)`. Wrapping the SUT in `disposables.add(...)` would double-dispose it. For the same reason, do not call `svc.dispose()` at the end of a test unless you are asserting something about disposal itself.
|
||||
|
||||
Scope-host tests call `host.dispose()` in `afterEach` (or at the end of the `it`). Route teardown through the store so ordering is deterministic and nothing leaks when a test fails mid-way.
|
||||
|
||||
## Assertions and naming
|
||||
|
||||
- One behavior per `it`; describe observable behavior (`child shadows parent registration`), not implementation (`calls _getOrCreateServiceInstance`).
|
||||
- For cycles, assert `CyclicDependencyError` and its `path` array (e.g. `['A', 'B', 'A']`), not merely `toThrow`.
|
||||
- For disposal order, capture events in an array and assert the sequence (`['C', 'B', 'A']` — children before parents).
|
||||
|
||||
## Migrating existing tests
|
||||
|
||||
Most legacy tests build the SUT with `ix.createInstance(Impl)`. Converting one is mechanical:
|
||||
|
||||
1. import the interface (`IX`) and the descriptor;
|
||||
2. register the SUT by interface — `reg.define(IX, Impl)` inside `additionalServices` (or `ix.set(IX, new SyncDescriptor(Impl))`);
|
||||
3. replace `ix.createInstance(Impl)` with `ix.get(IX)`;
|
||||
4. drop the `disposables.add(...)` wrapper around the SUT and any trailing `svc.dispose()` — the container disposes it;
|
||||
5. replace any hand-rolled collaborator object with the domain's shared stub or service group (or add one to `test/<domain>/stubs.ts` if it does not exist);
|
||||
6. delete now-unused imports.
|
||||
|
||||
Before / after:
|
||||
|
||||
```ts
|
||||
// before
|
||||
const svc = ix.createInstance(MessageService);
|
||||
|
||||
// after — registration in beforeEach additionalServices
|
||||
reg.define(IMessageService, MessageService);
|
||||
// after — resolution in the test body
|
||||
const svc = ix.get(IMessageService);
|
||||
```
|
||||
|
||||
## Red lines (this stage)
|
||||
|
||||
- Resolve the SUT by interface — never `new` a production service with `@IService` deps; prefer `ix.get(IX)` over `ix.createInstance(Impl)`.
|
||||
- Shared stubs live in `test/<domain>/stubs.ts` (never `src/`); import by relative path, never `#/...`.
|
||||
- Scope tests call `_clearScopedRegistryForTests()` and re-register explicitly in `beforeEach`; do not rely on production import-order side effects.
|
||||
- One `DisposableStore` per suite; add the container, dispose in `afterEach`; do not add the SUT itself.
|
||||
- Declare fixture dependencies with `@IService`; initialize `createDecorator` identifiers before the classes that use them.
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
# Stage 5 — Verify & submit
|
||||
|
||||
Run the guards and re-scan the red lines before submitting.
|
||||
|
||||
## Commands
|
||||
|
||||
Run from the package (or with `--filter @moonshot-ai/agent-core-v2`):
|
||||
|
||||
- `pnpm --filter @moonshot-ai/agent-core-v2 lint:domain` — domain-layer / dependency-direction guard (`scripts/check-domain-layers.mjs`). Catches a domain importing a layer it must not.
|
||||
- `pnpm --filter @moonshot-ai/agent-core-v2 typecheck` — `tsc -p tsconfig.json --noEmit`.
|
||||
- `pnpm --filter @moonshot-ai/agent-core-v2 test` — `vitest run`.
|
||||
|
||||
## Changesets (when the change ships through the CLI)
|
||||
|
||||
If the change is user-facing and ships through the CLI, generate a changeset with the repository's `gen-changesets` skill (root `AGENTS.md` workflow). `agent-core-v2` is an internal package; if its change enters the CLI bundle, the changeset lists `@moonshot-ai/kimi-code` and describes the real change — do not present an internal-only change as a user-facing feature. Never write a `major` bump without explicit user confirmation.
|
||||
|
||||
## Pre-submit checklist
|
||||
|
||||
Walk the stages you touched and confirm:
|
||||
|
||||
- **Design** — scope follows state identity; no `Map<sessionId, …>` at `App`; dependency arrows do not make a foundational layer know an upstream one; no cycle was routed around.
|
||||
- **Implement** — no `new` on `@IService`-carrying classes; `@IX` on constructor params only (service params after static params); interface + impl carry `_serviceBrand`; decorator names unique; coded errors only; flags for unreleased behavior.
|
||||
- **Test** — SUT resolved by interface; stubs under `test/`; scope tests re-register after `_clearScopedRegistryForTests()`; teardown through one `DisposableStore`.
|
||||
- **Files** — header comments describe role + scope only; registration runs from the impl file's top level; the new domain is exported from `src/index.ts`.
|
||||
|
||||
Then re-read the [global red lines](SKILL.md#global-red-lines) once — they catch most cross-stage mistakes in a single scan.
|
||||
|
||||
## Red lines (this stage)
|
||||
|
||||
- Do not skip `lint:domain` — it is the only automated check for the dependency-direction rules.
|
||||
- Do not list internal packages in a changeset when the change enters the CLI bundle — list `@moonshot-ai/kimi-code` and describe the real change.
|
||||
- Never write a `major` changeset without explicit user confirmation.
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
---
|
||||
name: agent-core-review
|
||||
description: Use ONLY for code review and test write/review guidance in `packages/agent-core-v2` (the DI × Scope agent engine). Does NOT apply to the legacy `packages/agent-core` or to any other package — for those, do not load this skill. Groups the review and testing lenses used for agent-core-v2 — `slop` (single-level-of-abstraction / layered error-handling review, invoked only on explicit request) and `test` (contract-driven per-test rules for both authoring and reviewing tests). Apply the sub-skill that matches the task; do not apply `slop` unprompted.
|
||||
has-sub-skill: true
|
||||
---
|
||||
|
||||
# kc-review
|
||||
|
||||
> **Scope: `packages/agent-core-v2` only.** These lenses are calibrated for the v2 engine (DI × Scope). Do not apply them to the legacy `packages/agent-core` or to other packages.
|
||||
|
||||
A bundle of the lenses used when reviewing or testing `packages/agent-core-v2`. Each sub-skill is self-contained; invoke the one that matches the task.
|
||||
|
||||
## Sub-skills
|
||||
|
||||
- **`slop/`** — Single Level of Abstraction & layered error handling. A *review dimension*: a function should read as a straight-line description of its own layer, with errors handled above or below. The agent reports detections and measurements, not severity grades. **Invoke only when the user explicitly asks for this lens** — do not apply it unprompted to general reviews or refactors.
|
||||
- **`test/`** — Per-test rules behind "test the contract / responsibility, not the implementation," serving two modes. **Write mode:** author a test — one behavior per `it`, drive through the public surface, stub only the true external boundary, control time/config via documented knobs, keep tests clear, isolated, and refactor-resilient (CCCR). **Review mode:** audit existing tests against the same rules and report findings with `file:line`. Use when writing, modifying, or reviewing tests, or when asked how to write a good single test.
|
||||
|
||||
## Routing
|
||||
|
||||
- Reviewing code structure / abstraction layers / where error handling belongs → `slop` (only on explicit request).
|
||||
- Writing or modifying tests, reviewing test quality, or advising on a single test → `test`.
|
||||
|
|
@ -1,133 +0,0 @@
|
|||
---
|
||||
name: slop
|
||||
description: Invoke only when the user explicitly asks to review code through the "single level of abstraction / layered error handling" lens — a function does only its own layer's business logic while errors are handled above or below. The agent reports detections, raw-count measurements, and move directions. Apply only when the user explicitly requests this lens.
|
||||
---
|
||||
|
||||
# Single Level of Abstraction & Layered Error Handling
|
||||
|
||||
North star: **a function should read as a straight-line description of what its own layer does. Anything that is not that — input validation, error handling, error-to-response translation, logging, retries, low-level mechanics — belongs to a layer above or below, not inline.**
|
||||
|
||||
This is a review dimension, not a hard rule. See "Exemption checklist" at the end.
|
||||
|
||||
## Scope of this skill — detect and measure
|
||||
|
||||
The agent applying this lens is a **sensor**. Its one job is to report *whether* a function mixes levels and *by how much*; deciding *how serious* it is belongs downstream. Severity labels (`Block` / `Request changes` / `Nit`) compress a continuous quantity into an uncalibrated three-point scale and are the main source of review-to-review variance, so they are produced downstream — by a deterministic rubric, anchored examples, or a human — from the facts the agent reports.
|
||||
|
||||
The agent's output is exactly these four things:
|
||||
|
||||
- **Detection (yes/no):** does this statement / block / function violate a rule of the lens?
|
||||
- **Measurement (raw factual counts only):** mechanically countable quantities — body size, control-flow keywords, named syntactic shapes (see "Quantify"). Anything that first requires classifying a line (core/foreign, happy/error, high/low level) is recorded under detection, not here.
|
||||
- **Direction (where it moves):** for each foreign concern, the destination layer — push **down** into a value / parser / infra helper, or push **up** into the edge handler.
|
||||
- **Exemption flags:** which items, if any, hit the exemption checklist — recorded, not weighed.
|
||||
|
||||
Severity grades, merge/block verdicts, and "is splitting worth it" calls live downstream, derived from the four items above.
|
||||
|
||||
## When to use
|
||||
|
||||
Apply this lens only when the user asks for it explicitly (for example "用单一抽象层次审视一下", "check whether this function does too much", "errors should be handled above/below, right?"). Leave general reviews and refactors to other lenses unless the user names this one.
|
||||
|
||||
## The principle
|
||||
|
||||
One function, one level of abstraction, one responsibility. Three mutually reinforcing rules:
|
||||
|
||||
1. **Single Level of Abstraction (SLAP).** Every statement inside a function sits at the same conceptual level. High-level intent ("reserve inventory, charge payment, create the order") must not be interleaved with low-level mechanics (building headers, escaping strings, opening sockets, parsing bytes). If some lines read as "what" and others as "how", they belong in different functions.
|
||||
2. **Error handling is its own concern (Clean Code).** A function either does the work or handles the error — not both. Business logic describes the happy path and *signals* failure (throw or return a result); the catch, mapping, logging, and recovery live in a dedicated handler, usually one layer up. Prefer exceptions / result types over threaded check-and-return ladders that interrupt the main flow.
|
||||
3. **Separation of concerns by layer.** Each layer owns exactly one kind of knowledge: low-level code knows formats and protocols; mid-level code knows business rules; edge code knows the outside world (HTTP / CLI / UI). A function that knows two of these at once is leaking a layer.
|
||||
|
||||
The combined test: **could you explain this function to someone without using the word "and"?** If the explanation is "it reserves stock AND validates the email format AND maps the error to a status code AND logs to metrics", it is doing more than its layer's job.
|
||||
|
||||
Concerns that usually do **not** belong in a business function:
|
||||
|
||||
- Format / range / null validation that a lower value or parser could guarantee once.
|
||||
- Mapping domain failures to an external protocol (status code, exit code, UI message) — that is the edge layer's job.
|
||||
- Catch-and-swallow, retry loops, backoff, timeout, circuit breaking around a single call — infrastructure, push down.
|
||||
- Cross-cutting telemetry / log / metric noise woven through every step — extract or push to a wrapper.
|
||||
- Check-and-return ladders that occupy more space than the business core — replace with signal + a handler above.
|
||||
|
||||
## Methodology — fixing a function that violates it
|
||||
|
||||
Work top-down. Never start by shuffling lines.
|
||||
|
||||
1. **Name the level.** In one sentence, write what this function is for at its own layer. If you cannot, the function has no clear level — split before polishing.
|
||||
2. **Classify every statement.** Tag each line or block as: **core** (this layer's business), **down** (a detail a lower abstraction should own), **up** (a concern an upper / edge layer should own), or **cross-cutting** (log / metric / retry). Unlabeled lines are where the mess hides — do not "just leave them".
|
||||
3. **Decide down vs. up for each foreign item.**
|
||||
- Push **down** when it is a guarantee a lower building block can provide: a value that can only be constructed valid, a parser that returns a typed result, an infra helper that already retries. The business function then assumes validity and stays clean.
|
||||
- Push **up** when it is about translating or reacting to failure for the outside world: status codes, messages, exit codes, aggregation of many errors. The edge layer catches once and maps; business code just signals.
|
||||
- Rule of thumb: if removing it would change what the business rule says, it is core and stays; if removing it only changes how a failure is reported or a detail is computed, it moves.
|
||||
4. **Extract, do not interleave.** Pull each foreign concern into its own named function or layer. Keep the original function as a readable sequence of same-level calls. For error handling specifically, separate the work body from the recovery body into distinct functions so neither clutters the other.
|
||||
5. **Signal, do not handle, in the middle.** Mid-layer business functions throw / return and let the right layer react. Do not catch-and-log-and-continue in business code unless continuing is itself the business rule.
|
||||
6. **Re-read for level.** After the moves, every remaining line should be explainable at the same altitude. If not, repeat from step 1.
|
||||
|
||||
Keep the change minimal: move the smallest thing that restores the level. Do not invent abstractions, frameworks, or generic "handler" machinery beyond what the function actually needs. Three straight-line, same-level calls beat a premature pipeline.
|
||||
|
||||
## Review method — applying the lens to a diff
|
||||
|
||||
Read each changed or touched function and, for each check, record only: **the hit (yes/no) plus evidence (`file:line`)**, and — where the check points at a construct — a raw factual count from "Quantify".
|
||||
|
||||
1. **Altitude check.** Are all lines at the same level of abstraction? Record each place where a "what" line is immediately followed by a "how" block (or vice versa) inside the same function, with `file:line`.
|
||||
2. **Happy-path check.** Can you read the business intent top to bottom without stepping through error branches? Record whether error handling sits inline between business steps (yes/no + `file:line`), supported by raw counts from "Quantify" (e.g. number of `catch` clauses, `continue` statements).
|
||||
3. **Ownership check.** For each validation, catch, mapping, log, retry: is this layer the rightful owner, or is it borrowed from above / below? Record each borrowed item with `file:line` and its destination (down / up), using the rules from the methodology.
|
||||
4. **Layer-leak check.** Does a business function mention an external protocol (status code, exit code, UI text, wire field)? Does an edge function contain a business rule? Record each leak candidate with `file:line` and whether it names an *external* protocol or an *internal* domain shape.
|
||||
5. **Explanation test.** Describe the function in one sentence with no "and". Record whether "and" was needed; if so, list the proposed split as candidate moves (down / up).
|
||||
|
||||
### Quantify — report only raw factual counts
|
||||
|
||||
Report only quantities that can be counted **mechanically from the text**. Anything that first requires classifying a line (core vs foreign, happy-path vs error-handling, high-level vs low-level) is recorded under detection (the five checks above) as evidence, not as a number here.
|
||||
|
||||
Report, per function:
|
||||
|
||||
- **Body size** — lines and/or statements of the function body; state the basis (e.g. "statements, excluding lone braces").
|
||||
- **Control-flow keywords (raw counts)** — `if`, `continue`, early `return`, `throw`, `try` / `catch` / `finally`, `await`, loops (`for` / `while` / `.forEach`).
|
||||
- **Named syntactic shapes a check points at** — when a check cites a construct, count it verbatim and name the exact token: e.g. number of object literals, string literals, `.trim()` calls, `.length` reads, `origin.` property reads, spread `[...x]` operations.
|
||||
- **Recovery presence (raw)** — number of `catch` clauses, and number of log / metric calls inside them.
|
||||
|
||||
Quantities that embed a prior classification — out-of-level vs core counts, guard-to-core ratios, happy-path vs error-handling volume, "repeated boundary checks a lower layer could guarantee once", "low-level literals in a high-level flow" — are captured as evidence under the relevant check (`file:line` + the verbatim tokens). A downstream rubric derives any ratio from those raw facts.
|
||||
|
||||
### Red flags
|
||||
|
||||
Record each as evidence (yes/no + `file:line`); these are candidates, not verdicts:
|
||||
|
||||
- A body that is mostly check-and-return / check-and-throw ladders around a thin core.
|
||||
- A recovery block that logs, maps, and returns inline, sitting next to business steps.
|
||||
- A function that both computes a value and decides how that value's failure is shown to the user.
|
||||
- Low-level literals (byte offsets, header strings, format codes) inside a high-level workflow.
|
||||
- A name that needs "And" / "Or" / "With" to be honest, or a name so vague ("handle", "process", "do") that it hides multiple levels.
|
||||
- Catch-and-swallow that hides a failure the caller needed to see.
|
||||
- Defensive null / format checks repeated at every call site instead of guaranteed once at the boundary.
|
||||
|
||||
### Severity grading belongs downstream
|
||||
|
||||
The agent's facts (detections, raw counts, directions, exemptions) feed a downstream grade; the agent reports those facts and stops there. Grades compress a continuous quantity into an uncalibrated three-point scale and are exactly where identical evidence gets labeled differently across runs. Grading happens above the agent:
|
||||
|
||||
- A **deterministic rubric** — a versioned threshold table over the raw counts from "Quantify"; or
|
||||
- **Anchored examples** — the reviewer judges relative to repo-known reference functions rather than against an absolute adjective like "materially"; or
|
||||
- A **human**, for items that land near a threshold boundary.
|
||||
|
||||
If a downstream consumer still asks the agent for a grade, the agent returns the underlying facts and the threshold band it would fall under, with `confidence: low` on boundary cases; the grade itself is produced downstream.
|
||||
|
||||
### How to report findings
|
||||
|
||||
Report **evidence + direction**. Lead with the location and the level, then the proposed move. Prefer "this block is one level lower than the rest of the function (`file:line`) — move it **down** into X" over "this is ugly" or "this is a request-changes". The destination layer (down into a value / parser / infra helper, or up into the edge handler) is the actionable output and the deliverable. Attach the "Quantify" numbers and any exemption flags to each finding.
|
||||
|
||||
## Exemption checklist
|
||||
|
||||
This is a lens, not a law. For each foreign concern, check whether any exemption below applies and **record the hit (yes/no) plus the reason**. The agent records exemptions as facts; a recorded exemption is then used downstream to cap the grade (e.g. to `Nit`) deterministically.
|
||||
|
||||
- **Tiny function:** the function is small enough that splitting would add indirection with no reader benefit.
|
||||
- **Foreign concern is the single job:** the "foreign" concern is in fact the function's one purpose — a dedicated error mapper, a validator, an infra wrapper, or an index-bookkeeping helper whose low-level arithmetic *is* its level.
|
||||
- **Atomicity / correctness / performance:** the steps genuinely must stay together (e.g. a re-check after an `await` to guard state that may have changed).
|
||||
- **Edge-translator role:** an edge / handler function whose job is to translate an external event into internal indices; naming the wire fields is its job.
|
||||
|
||||
Keep a split that would make the code harder to read as a recorded candidate for downstream review. When the evidence lands on an exemption boundary, record both sides and set `confidence: low`.
|
||||
|
||||
## Output contract
|
||||
|
||||
Return, per function, items 1–5 only:
|
||||
|
||||
1. **Level statement** — one sentence: what the function is for at its own layer.
|
||||
2. **Per-check results** — for each of the five review checks: `hit: yes/no`, evidence `file:line`, and (only where the check points at a construct) a raw factual count.
|
||||
3. **Measurements** — the raw factual counts from "Quantify".
|
||||
4. **Exemptions** — checklist hits (yes/no + reason).
|
||||
5. **Proposed moves** — for each foreign concern: `file:line` → destination (down into X / up into Y). This is the actionable deliverable.
|
||||
|
||||
Severity grades, block/merge verdicts, and "worth splitting" calls live downstream, derived from items 1–4. When a consumer asks for a label, hand back items 1–4 and the threshold band, with `confidence: low` on boundary cases.
|
||||
|
|
@ -1,115 +0,0 @@
|
|||
---
|
||||
name: test
|
||||
description: Use when writing or reviewing tests, or when asked how to write a good single test. Encodes the per-test rules behind the "test the contract / responsibility, not the implementation" principle — name and structure one behavior per `it`, drive through the public surface, stub only true external boundaries, control time and config via documented knobs, and keep tests clear, isolated, and refactor-resilient. The same rules drive both authoring (write mode) and auditing existing tests (review mode).
|
||||
---
|
||||
|
||||
# Tests — write & review
|
||||
|
||||
Per-test rules that operationalize one principle: **test the contract / responsibility, not the implementation**. This is the how-to for a single `it`, and the lens for reviewing one.
|
||||
|
||||
## Two modes, one rule set
|
||||
|
||||
- **Write mode** — authoring a test. Apply the rules below to produce it.
|
||||
- **Review mode** — auditing an existing test or test diff. Apply the same rules as a checklist; report each violation with `file:line`, the rule it breaks, and the fix. See "Review mode" near the end.
|
||||
|
||||
The rules are identical in both modes — only the posture changes (produce vs. audit).
|
||||
|
||||
## Test contract, not implementation
|
||||
|
||||
- Drive the system through its **public control plane** and assert on **observable effects** (returned values, persisted state, emitted events, injected messages), never on source details.
|
||||
- Resolve collaborators through their contract — the interface plus its identifier — not the module that binds a concrete implementation.
|
||||
- Do not reach into private fields or add backdoors "for testing". If you feel the need, the seam is wrong — fix the design, not the test.
|
||||
|
||||
## One behavior per `it`
|
||||
|
||||
Each `it` covers exactly one responsibility / scenario. If the name needs "and", split it.
|
||||
|
||||
```ts
|
||||
it('returns 401 when the caller is unauthorized', ...);
|
||||
it('does not double-fire when the same tick repeats', ...);
|
||||
```
|
||||
|
||||
## Name and structure
|
||||
|
||||
- `describe('<slice> (<responsibilities>)'` — name the **responsibility**, not the class.
|
||||
- An `it(...)` reads as a sentence, but it must still encode three things — the **behavior / method**, the **state or condition**, and the **expected outcome**: `it('<behavior> when <condition>, <outcome>')`. A name like `does X when Y` with no result is too vague to fail usefully.
|
||||
- Use spaces, not the Java-style `method_state_outcome` underscores — that convention exists only because Java test methods cannot contain spaces. A string-named test reads fine as a sentence.
|
||||
- Good: `it('returns 401 when the caller is unauthorized')` · `it('advances the cursor and does not double-fire on a repeat tick')`
|
||||
- Bad: `it('works')` · `it('handles auth correctly')` — no condition, no outcome
|
||||
- Arrange / Act / Assert. A short `// Given` `// When` `// Then` is fine when it aids reading; do not paste it mechanically on trivial tests.
|
||||
|
||||
## Build a small rig
|
||||
|
||||
When several tests share setup, write a factory (`rig()`, `createHost()`, whatever fits the codebase) that returns the **smallest surface the test needs**. Tests reach into the rig; they do not rebuild the world each time. Keep the rig dumb: wiring only, no assertions.
|
||||
|
||||
## Stub only the real external boundary
|
||||
|
||||
Default to real collaborators wired the way production wires them. Stub the **minimum seam** that is genuinely external:
|
||||
|
||||
- A remote / model / service boundary — spy on the contract method (the interface), and capture what the system sends across it. Do not stand up the real external thing.
|
||||
- Network / other-process boundaries — stub at the boundary, not the internals.
|
||||
- Time, timers, jitter — use the documented control knobs the system exposes (env, an injected clock, a manual tick). Do **not** use fake timers or real `setTimeout` to drive time.
|
||||
- Env / config knobs are usually snapshotted at bootstrap — set them **before** building the system under test, and restore them in `afterEach`.
|
||||
|
||||
## Keep tests DAMP and keep cause next to effect
|
||||
|
||||
- DAMP over DRY: use **literal expected values** in assertions; do not compute the expectation with the same logic as the code under test.
|
||||
- Keep the key preconditions inside the `it` (or its rig), where the reader can see cause next to effect. Reserve `beforeEach` for cross-cutting plumbing (env snapshot, cleanup), not for hiding the scenario's setup.
|
||||
|
||||
```ts
|
||||
// Good — the expected value is a literal the reader can check.
|
||||
expect(discount).toBe(15);
|
||||
// Bad — re-derives the expectation; mirrors the implementation.
|
||||
expect(discount).toBe(price * rate);
|
||||
```
|
||||
|
||||
## Assert only what is relevant
|
||||
|
||||
Assert the effect that proves the contract. Use matchers / partial-object matching to ignore incidental fields. Do not assert internal counters, call orders, or shapes the user cannot rely on.
|
||||
|
||||
## Isolate and clean up (no flakes)
|
||||
|
||||
Every test must be hermetic and order-independent. In `afterEach`:
|
||||
|
||||
- restore every mock / spy
|
||||
- restore every env var you touched (snapshot in `beforeEach`)
|
||||
- dispose the host / container and reset its reference
|
||||
|
||||
No dependence on wall-clock time, run order, or leftover on-disk state — give each scenario its own isolated identity / workspace when state persists.
|
||||
|
||||
## Quality bar: CCCR
|
||||
|
||||
Before finishing, check each test against:
|
||||
|
||||
- **Clarity** — a stranger can tell what broke from the failure message alone.
|
||||
- **Completeness** — covers the responsibility's success, error, and boundary paths.
|
||||
- **Conciseness** — no duplicate or speculative cases; one scenario per `it`.
|
||||
- **Resilience** — survives an internal refactor with no test change (because it asserts contract, not implementation).
|
||||
|
||||
## Per-file scenario header
|
||||
|
||||
Start each test file with a short header comment: the **scenario**, the **responsibilities** asserted, the **wiring** (which collaborators are real vs. the single stubbed boundary), and how to run it.
|
||||
|
||||
## Review mode — auditing existing tests
|
||||
|
||||
Apply the rules above as a checklist against each test in scope (a file, a diff, or a named `it`). For every hit, report `file:line` + the rule it breaks + the fix; do not rewrite unless asked. Lead with the contract question: *what observable behavior does this test prove, and would it survive a refactor?*
|
||||
|
||||
Check, in order:
|
||||
|
||||
1. **Contract, not implementation** — asserts observable effects, not private fields, call order, or internal shapes the user cannot rely on.
|
||||
2. **One behavior per `it`** — the name carries behavior + condition + outcome; "and" in the name means a split is owed.
|
||||
3. **Boundary discipline** — only the true external seam is stubbed; time is driven by documented knobs, not fake timers / real `setTimeout`.
|
||||
4. **DAMP expectations** — expected values are literals, not re-derived by the code under test's logic.
|
||||
5. **Isolation** — mocks / spies / env / host restored in `afterEach`; no wall-clock, run-order, or leftover on-disk dependence.
|
||||
6. **CCCR read-through** — Clarity, Completeness (success / error / boundary), Conciseness, Resilience.
|
||||
|
||||
Report findings as evidence + fix, e.g. "`foo.test.ts:42` asserts on `service.internalMap` (contract) — assert the returned value instead." If a test passes the lens, say so briefly; silence on a rule means it held.
|
||||
|
||||
## Quick checklist (write & review)
|
||||
|
||||
- Resolved through the contract; no concrete-impl import
|
||||
- One behavior per `it`; name carries behavior + condition + outcome; AAA
|
||||
- Stubbed only the true external seam; time via knobs, not fake timers
|
||||
- Literal expectations; relevant assertions only
|
||||
- Mocks / env / host restored in `afterEach`; hermetic, no flakes
|
||||
- CCCR read-through done
|
||||
|
|
@ -148,8 +148,8 @@ The docs changelog uses five section types:
|
|||
| English section | Chinese section | Meaning |
|
||||
|---|---|---|
|
||||
| `### Features` | `### 新功能` | New user-facing functionality, such as a new command, flag, mode, or capability that did not exist before |
|
||||
| `### Polish` | `### 优化` | User-visible improvements to existing functionality, including UX adjustments, behavior tweaks, and performance improvements that are not fixes or new capabilities |
|
||||
| `### Bug Fixes` | `### 修复` | Fixes for behavior that was broken |
|
||||
| `### Polish` | `### 优化` | User-visible improvements to existing functionality, including UX adjustments, behavior tweaks, and performance improvements that are not fixes or new capabilities |
|
||||
| `### Refactors` | `### 重构` | Internal changes with no user-visible behavior change, including build, CI, tests, dependency cleanup, and internal renames |
|
||||
| `### Other` | `### 其他` | Anything that does not fit above, such as CDN/endpoint swaps and docs-related artifacts |
|
||||
|
||||
|
|
@ -176,7 +176,7 @@ Keyword hints:
|
|||
Within each version, section order is:
|
||||
|
||||
```text
|
||||
Features → Polish → Bug Fixes → Refactors → Other
|
||||
Features → Bug Fixes → Polish → Refactors → Other
|
||||
```
|
||||
|
||||
Omit empty sections. Within each section, order entries by reader value, not upstream order:
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": minor
|
||||
---
|
||||
|
||||
Add v2 session export support for packaging diagnostic zip archives.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": minor
|
||||
"@moonshot-ai/protocol": minor
|
||||
---
|
||||
|
||||
Track the agent's live phase (idle, running, streaming, tool call, retrying, awaiting approval, interrupted, ended) as a single model field driven by the existing turn events, and carry it on the status update channel for downstream consumers.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
"@moonshot-ai/kap-server": patch
|
||||
---
|
||||
|
||||
Fix the v2 AskUserQuestion flow: answers now come back keyed by question text with option labels as values, aborting a turn or stopping a background question dismisses the pending question instead of leaking it, and duplicate question texts or option labels are rejected before the question is shown. The pending-question wire shape no longer carries a synthetic expires_at field.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Fix the production build by resolving internal module imports directly instead of through directory re-exports.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
"@moonshot-ai/kap-server": patch
|
||||
---
|
||||
|
||||
Reorganize the agent execution environment into separate filesystem, process and tool domains.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Fix a race in the experimental v2 config service that could drop a just-written setting from the config response.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Fix a storage race in the experimental v2 engine that could fail value reads when writes overlap with compaction.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Fix MCP tools being unavailable on the first turn after session startup.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
"@moonshot-ai/kap-server": patch
|
||||
---
|
||||
|
||||
Reroute the blob store backend from the host filesystem to the pluggable storage layer, so server-only deployments no longer require a local filesystem implementation.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Fix approval and question prompts not appearing in real time for web clients connected to the v2 server; they previously only showed up after a page refresh.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Log a warning when a skill fails to parse instead of silently dropping it, and fix the skill catalog so scanned skill roots and policy-skipped skills are actually reported.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": minor
|
||||
---
|
||||
|
||||
Port progressive tool disclosure to the new agent engine: MCP tool schemas stay out of the top-level tool list, and the model loads them by name on demand through the announcements plus the select_tools tool, keeping the prompt cache stable. Off by default; set KIMI_CODE_EXPERIMENTAL_TOOL_SELECT=1 to enable.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Enforce a typed registry for v2 engine telemetry events and redact URLs, tokens, and file paths from outgoing telemetry properties.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Route FetchURL through the managed Kimi fetch service when the Kimi provider is logged in, with automatic fallback to local fetching on failure, and forward the host identity headers with the request.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Introduce a graded error taxonomy for the v2 engine's filesystem, storage, and wire layers, translating raw OS and parse failures into specific error codes instead of generic internal errors.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Hide image-compression captions from user-visible history: captions that prompt ingestion places inside a user message are rerouted through hidden system reminders (and stripped from session titles), while the model still receives the full note. ReadMediaFile is now registered in production whenever the bound model supports image or video input, re-registering on model switches.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Align v2 media reads with v1: the ReadMediaFile summary moves to the tool result's note side channel so raw `<system>` markup never renders in UIs, image dimensions are reported in the decoded EXIF-rotated space so portrait photos get correct coordinate guidance, the downscale cap rises from 2000px to 3000px with a gentler byte-budget fallback, and image compression and crop telemetry is reported for media reads.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
"@moonshot-ai/kap-server": patch
|
||||
---
|
||||
|
||||
Fix the managed OAuth device-code login getting aborted when an unrelated provider refresh fires during the login flow.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Harden plugin management: degrade sessions gracefully when plugin state fails to load, clean up temp dirs and roll back the managed copy on failed installs, restore managed endpoint env for stdio plugin MCP servers, and make update checks concurrent with per-repo failure isolation.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Forward the host identity headers (User-Agent and device identity) with WebSearch requests, matching v1.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Send the CLI identity headers (User-Agent and device identity) with outbound requests from the experimental v2 server, matching direct CLI runs.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Align v2 engine telemetry with the v1 wire format: rename `tool_call_dedupe_detected` to `tool_call_dedup_detected`, carry mode/protocol tags on turn events, emit `turn_ended` unconditionally with interrupt reasons, add alias/protocol/input token fields to `api_error`, tag `tool_call` with `dup_type`, rename compaction usage fields to `input_tokens`/`output_tokens`, and add `context_projection_repaired`, `session_started`, and `session_load_failed` events.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": patch
|
||||
---
|
||||
|
||||
Report `video_upload` telemetry for ReadMediaFile video uploads — outcome, byte size, mime type, duration, and model/protocol tags; a failing telemetry sink never affects the upload.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/kimi-code": patch
|
||||
---
|
||||
|
||||
Keep sessions from the new agent engine compatible with existing transcript replay.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
"@moonshot-ai/agent-core-v2": minor
|
||||
---
|
||||
|
||||
Persist v2 wire records natively in the v1 record vocabulary and remove the persist-time rewrite layer: ops now write v1-shaped records directly (todo updates persist as `tools.update_store`, `turn.prompt` carries only `input`/`origin`, `usage.record` drops request context, `plan_mode.enter` carries only the plan id), live-only state (runtime phase, task/cron registries, context size, skill activations, runtime permission rules) is declared `persist: false` instead of being stripped at write time, and the swarm-mode exit reminder removal replays from the `swarm_mode.exit` record itself. This fixes resumed sessions losing the todo list, drifting turn counters after retries, and removed reminders reappearing after resume.
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
|
|
@ -4,12 +4,9 @@ dist-web/
|
|||
dist-single/
|
||||
dist-native/
|
||||
.tmp-api-extractor/
|
||||
.contract-types-tmp/
|
||||
.local/
|
||||
coverage/
|
||||
*.tsbuildinfo
|
||||
.vitest-results/
|
||||
.vite/
|
||||
.DS_Store
|
||||
.playwright-mcp/
|
||||
.claude
|
||||
|
|
@ -19,7 +16,6 @@ plugins/cdn/
|
|||
.worktrees/
|
||||
.kimi-code/local.toml
|
||||
.kimi-sandbox/
|
||||
.vscode/
|
||||
|
||||
Dockerfile
|
||||
docker-compose.yml
|
||||
|
|
|
|||
231
GOAL.md
231
GOAL.md
|
|
@ -1,231 +0,0 @@
|
|||
# Goal 功能拆分
|
||||
|
||||
本文把 agent-core 中 goal mode 的能力拆成三部分:
|
||||
|
||||
1. 核心工作流:没有它就不能运行 goal。
|
||||
2. 统计 / token 数限制:让 goal 可度量、可限额、可审计。
|
||||
3. 用户交互相关:让用户可以安全启动、理解、控制和恢复 goal。
|
||||
|
||||
## 1. 核心工作流
|
||||
|
||||
核心工作流是 goal mode 的运行骨架。它负责创建结构化目标、维护状态机、把普通 turn 串成自治多轮执行,并让模型用机器可读状态结束或停放目标。
|
||||
|
||||
### 目标状态
|
||||
|
||||
同一个 main agent 同时最多只有一个当前 goal。goal 不是普通聊天文本,而是 runtime 持有的结构化状态,至少包含目标、可选完成标准、当前状态、停止原因和运行统计。
|
||||
|
||||
状态分为四类:
|
||||
|
||||
- `active`:正在被 goal driver 推进。只有这个状态会自动运行下一轮。
|
||||
- `paused`:暂停但保留目标。通常来自用户暂停、中断、进程恢复后降级、provider 或 runtime 错误。可以恢复。
|
||||
- `blocked`:目标遇到真实阻塞但保留目标。通常来自模型判断需要外部输入、目标无法按当前表述完成、预算达到、prompt hook 阻止。可以恢复。
|
||||
- `complete`:瞬时完成状态。runtime 发出完成事件后立即清除 goal,不长期持久化。
|
||||
|
||||
没有 `cancelled` 状态。取消就是清除 goal,并提醒模型忽略之前关于该目标的 active reminder。
|
||||
|
||||
### 创建和替换
|
||||
|
||||
创建 goal 时,runtime 需要校验目标不能为空、不能过长。已有 active、paused 或 blocked goal 时,默认拒绝创建新 goal,防止静默覆盖。只有用户或调用方明确要求替换时,才先清除旧 goal,再创建新 goal。
|
||||
|
||||
新 goal 创建后进入 `active`,写入持久记录,并发出 goal 更新事件。
|
||||
|
||||
### 多轮驱动
|
||||
|
||||
goal driver 的职责是把一个 active goal 推进成连续的普通 turn:
|
||||
|
||||
- turn 开始时如果 goal 已经是 `active`,进入 goal driver。
|
||||
- 普通 turn 中如果模型创建了 goal,或把 paused/blocked goal 恢复成 active,当前 turn 结束后 goal driver 接管继续执行。
|
||||
- driver 每次只运行一个普通 turn。
|
||||
- 每个 turn 结束后读取 goal 状态。
|
||||
- goal 仍是 `active` 时,runtime 自动追加 continuation prompt 并启动下一轮。
|
||||
- goal 变成 `paused`、`blocked` 或被清除时,driver 停止。
|
||||
|
||||
模型如果不调用状态更新工具,且 goal 仍是 active,runtime 会继续下一轮。模型不能只靠自然语言说“完成了”来结束 goal,必须给出结构化状态信号。
|
||||
|
||||
### Goal 注入
|
||||
|
||||
每个 goal turn 的边界,runtime 会把当前 goal 状态注入上下文。注入内容包括:
|
||||
|
||||
- 当前正在 goal mode。
|
||||
- 目标和完成标准是什么。
|
||||
- 目标文本是用户提供的数据,不能覆盖 system/developer 指令、工具 schema、权限规则或 host 控制。
|
||||
- 当前状态和进度。
|
||||
- 模型应该做简短自审,然后推进一个连贯工作切片。
|
||||
- 简单、已完成、不可能、不安全、矛盾的目标,应在同一轮内直接标记 complete 或 blocked。
|
||||
- 只有全部要求完成、验证通过、没有下一步有用动作时,才能标记 complete。
|
||||
- 外部条件或用户输入阻塞时,应标记 blocked。
|
||||
- 不要只做了计划、总结、第一版或部分结果就标记 complete。
|
||||
|
||||
goal 注入只在 turn / continuation 边界做,不在每个 model step 都做,避免上下文重复膨胀,也有利于 prompt cache。
|
||||
|
||||
paused 和 blocked goal 的注入更轻:
|
||||
|
||||
- paused:提醒模型目标存在但当前不应自治推进,除非用户明确要求继续。
|
||||
- blocked:提醒模型目标被阻塞且当前不自治推进,除非用户要求处理或恢复。
|
||||
|
||||
### Continuation prompt
|
||||
|
||||
当 goal 仍是 active,runtime 会追加一个系统触发输入,含义相当于“继续朝当前 active goal 工作”。它不只是简单续跑,还要求模型每轮重新判断:
|
||||
|
||||
- 是否已经完成。
|
||||
- 是否遇到真实阻塞。
|
||||
- 是否应该只推进一个合理切片后继续下一轮。
|
||||
- 是否应该避免发散或启动无关工作。
|
||||
- 除非真实阻塞,否则不要向用户要输入。
|
||||
|
||||
### 完成、阻塞和暂停
|
||||
|
||||
模型通过结构化状态更新控制 goal 生命周期:
|
||||
|
||||
- `complete`:目标已满足,runtime 发出完成事件并清除 goal。
|
||||
- `blocked`:遇到真实阻塞,runtime 保留 goal 并停止自治推进。
|
||||
- `paused`:暂时放下 goal,runtime 保留 goal 并停止自治推进。
|
||||
- `active`:恢复 paused 或 blocked goal。
|
||||
|
||||
状态更新工具的输入应保持窄,只表达机器状态。完成总结或阻塞原因由模型随后给用户说明。
|
||||
|
||||
当模型标记 complete 后,runtime 应再给模型一次收尾机会,生成简短最终回复,说明 goal 已完成、主要做了什么、跑了什么验证。
|
||||
|
||||
当模型标记 blocked 后,runtime 应再给模型一次收尾机会,说明具体阻塞、需要什么输入或变化才能继续。
|
||||
|
||||
如果当前 turn 已经没有 step 预算,不应为了收尾总结强行再跑一步,避免把“没法写总结”变成 turn 失败。
|
||||
|
||||
### 错误停车
|
||||
|
||||
goal mode 把技术运行失败视为可恢复停车:
|
||||
|
||||
- 用户中断当前 turn:goal 变 paused。
|
||||
- provider rate limit:goal 变 paused。
|
||||
- provider 连接错误、认证错误、API 错误:goal 变 paused。
|
||||
- 模型配置错误:goal 变 paused。
|
||||
- runtime 异常:goal 变 paused。
|
||||
- provider safety filter:goal 变 paused。
|
||||
|
||||
业务、规则或外部条件阻塞则变 blocked:
|
||||
|
||||
- prompt hook 阻止目标。
|
||||
- 模型判断无法继续。
|
||||
- 预算达到。
|
||||
- 需要用户或外部系统提供新条件。
|
||||
|
||||
### 持久化和恢复
|
||||
|
||||
goal 的创建、更新、完成、阻塞、清除应写入可恢复记录。session 恢复时,runtime 用记录重建 goal。
|
||||
|
||||
恢复时如果发现 goal 原来是 active,不应自动继续跑,而是降级为 paused。因为旧进程中的 active turn 不可能还活着,自动继续会造成重启后偷偷消耗资源。
|
||||
|
||||
paused 和 blocked 原样保留。complete 理论上不长期存在,因为完成后会清除。
|
||||
|
||||
fork session 时不继承源 session 的 goal,并提醒模型不要继续源 session 的旧目标。
|
||||
|
||||
## 2. 统计 / token 数限制
|
||||
|
||||
这一部分让 goal 可度量、可限额、可审计。没有它,goal 仍然可以运行,但不可控。
|
||||
|
||||
### 运行统计
|
||||
|
||||
goal 统计包括:
|
||||
|
||||
- continuation turn 数。
|
||||
- token 数。
|
||||
- active wall-clock 时间。
|
||||
|
||||
统计只在 goal 是 `active` 时增长。paused 和 blocked 期间不继续计数。
|
||||
|
||||
turn 统计在每个 goal turn 准备运行时增加,因此模型在某一轮里标记 complete 时,这一轮也计入最终统计。
|
||||
|
||||
token 统计在 model step 结束后累计。没有 active goal 时,不记入 goal。token 统计应以静默更新为主,不应每一步都刷 UI。
|
||||
|
||||
时间统计只计算 active pursuit 时间。进入 active 时开启计时区间,离开 active 时折算进累计时间;pause/resume 会形成新的 active 区间。
|
||||
|
||||
### 预算
|
||||
|
||||
goal 预算包括:
|
||||
|
||||
- turn budget。
|
||||
- token budget。
|
||||
- wall-clock budget。
|
||||
|
||||
默认没有预算。只有用户明确给出硬限制时才设置,例如“最多 20 轮”“不超过 500k token”“30 分钟内”。模糊表达如“尽快”“别花太久”不能设置预算,模型也不能自行发明预算。
|
||||
|
||||
时间预算需要合理范围。过短或过长应拒绝。turn 和 token 预算应规范化为正整数。
|
||||
|
||||
### 预算硬停
|
||||
|
||||
预算检查应发生在 goal turn 开始前和结束后。token budget 还应在 model step 后触发停止,避免超额后继续下一步。
|
||||
|
||||
一旦达到预算,runtime 应直接把 goal 标记为 blocked,原因是配置预算已达到。这个 blocked 仍可恢复,但如果预算不变,恢复后可能立刻再次 blocked。
|
||||
|
||||
### 预算引导和最终统计
|
||||
|
||||
当预算未接近时,模型提示应鼓励稳定推进。当任一预算达到 75% 以上时,提示应转为收敛,避免启动新的可选工作。
|
||||
|
||||
complete 和 blocked 的最终回复提示应包含 worked turns、elapsed time、tokens used 等统计信息。UI 事件也应带当前 snapshot 和变化类型。
|
||||
|
||||
telemetry 可以记录 goal 创建、预算设置、continuation、状态变化、清除等事件,但不应包含目标文本、停止原因等敏感内容。
|
||||
|
||||
## 3. 用户交互相关
|
||||
|
||||
这一部分让用户可以安全启动、理解、控制和恢复 goal。没有它,runtime 仍可能运行,但交互体验和安全边界不足。
|
||||
|
||||
### 生命周期控制
|
||||
|
||||
用户可以直接控制 goal:
|
||||
|
||||
- 创建。
|
||||
- 查看。
|
||||
- 暂停。
|
||||
- 恢复。
|
||||
- 取消。
|
||||
|
||||
这些操作可以不经过模型 turn。pause 把 active goal 变 paused;resume 把 paused 或 blocked goal 变 active;cancel 直接清除当前 goal。
|
||||
|
||||
resume 会清除旧停止原因,表示开始新的尝试。paused/blocked goal 不会因为用户发普通消息就自动继续。
|
||||
|
||||
### 模型发起 goal 的确认
|
||||
|
||||
模型可以代表用户创建 goal,但只有在用户明确要求启动 goal、自治工作,或宿主 goal-intake 提示要求时才应该这样做。普通请求不能被模型擅自升级成 goal。
|
||||
|
||||
模型发起 CreateGoal 时,非 auto 权限模式下应触发用户确认。确认菜单允许用户选择本次 goal 的运行权限模式。用户拒绝则 goal 不创建。
|
||||
|
||||
`GetGoal`、`SetGoalBudget`、`UpdateGoal` 只改 goal runtime 状态,默认可以更容易批准。真正写文件、跑 shell、访问敏感路径等仍走普通权限系统。
|
||||
|
||||
### 暂停、阻塞和取消后的提示
|
||||
|
||||
paused goal 的上下文提示应说明目标存在但当前不应继续做,除非用户明确要求继续。
|
||||
|
||||
blocked goal 的上下文提示应说明目标被阻塞且当前不自治推进,可以在用户要求时帮助解阻,否则正常处理当前请求。
|
||||
|
||||
cancel 后应追加提醒,让模型忽略旧 goal 的 active reminder,避免旧上下文诱导模型继续已经取消的目标。
|
||||
|
||||
### 完成和阻塞的用户回复
|
||||
|
||||
complete 后,goal 被清除,模型应给用户一条简短完成总结,说明完成了什么、做了什么验证。
|
||||
|
||||
blocked 后,goal 保留,模型应给用户一条简短阻塞说明,说明具体阻塞和继续所需输入、权限、外部条件或变更。
|
||||
|
||||
### Tool 暴露和隔离
|
||||
|
||||
goal 工具只给 main agent。subagent 不应直接创建、恢复、结束主 goal。
|
||||
|
||||
没有 goal 时,模型不应看到 `UpdateGoal` 和 `SetGoalBudget`。有 goal 时才暴露这些控制工具。
|
||||
|
||||
goal ID 不应暴露给模型,因为它只是 runtime/UI 内部标识,没有用户语义。
|
||||
|
||||
### 辅助写 goal
|
||||
|
||||
`write-goal` 类能力用于帮助用户把粗糙意图整理成适合 goal mode 的完成契约。好的 goal 应明确:
|
||||
|
||||
- end state:什么条件必须变成真。
|
||||
- proof:用什么可观察证据证明完成。
|
||||
- boundaries:工作范围和禁止触碰的内容。
|
||||
- loop:如何迭代推进。
|
||||
- stop rule:什么情况下停止并报告,而不是强行继续。
|
||||
|
||||
预算是 opt-in,不应默认加入,也不应把 turn cap 写进目标文本。
|
||||
|
||||
### UI 和会话语义
|
||||
|
||||
goal 创建、暂停、恢复、阻塞、完成、清除都应发出 goal updated 事件。lifecycle 变化和 completion 变化应区分。completion 是一次终局事件,然后 snapshot 变 null。blocked/paused 保留 snapshot,UI 可以继续展示可恢复 goal。
|
||||
|
||||
session 恢复时,active goal 会变 paused,避免重启后自动继续。fork session 时不继承 goal,并提醒模型不要继续源 session 的目标。
|
||||
|
|
@ -1,57 +1,5 @@
|
|||
# @moonshot-ai/kimi-code
|
||||
|
||||
## 0.23.6
|
||||
|
||||
### Patch Changes
|
||||
|
||||
- [#1550](https://github.com/MoonshotAI/kimi-code/pull/1550) [`f17a6ec`](https://github.com/MoonshotAI/kimi-code/commit/f17a6ecb52907ffabf67a26de65df89572ac515a) Thanks [@wbxl2000](https://github.com/wbxl2000)! - Treat a dismissed question prompt as the user choosing not to answer, instead of implicitly selecting the recommended option.
|
||||
|
||||
- [#1488](https://github.com/MoonshotAI/kimi-code/pull/1488) [`7bd29ab`](https://github.com/MoonshotAI/kimi-code/commit/7bd29ab0117a1c15691404f411fd67f511bbb897) Thanks [@starquakee](https://github.com/starquakee)! - Rename the dynamic tool loading model capability from `select_tools` to `dynamically_loaded_tools`.
|
||||
|
||||
- [#1497](https://github.com/MoonshotAI/kimi-code/pull/1497) [`c6e02da`](https://github.com/MoonshotAI/kimi-code/commit/c6e02daf421b47e8451e60ed4d7b3847a895d00b) Thanks [@sailist](https://github.com/sailist)! - Add a print-mode background policy that lets `kimi -p` stay alive across background-task completions so the main agent can be steered into follow-up turns. Set `[background].print_background_mode = "steer"` to enable it.
|
||||
|
||||
- [#1555](https://github.com/MoonshotAI/kimi-code/pull/1555) [`2f97917`](https://github.com/MoonshotAI/kimi-code/commit/2f97917bb5edc8bdb9837724e57a88f5c0e1f2bd) Thanks [@sailist](https://github.com/sailist)! - Keep `kimi -p` runs alive after a turn ends while a goal is still active or a cron task is pending, so goal continuations and cron fires run their turns instead of being cut off when the main turn finishes.
|
||||
|
||||
- [#1564](https://github.com/MoonshotAI/kimi-code/pull/1564) [`cc03816`](https://github.com/MoonshotAI/kimi-code/commit/cc03816ee0a89b272c1ab87ca43ed246833f0453) Thanks [@sailist](https://github.com/sailist)! - Recognize the support_efforts and default_effort fields when importing a custom registry, so thinking effort levels are available for those models.
|
||||
|
||||
- [#1562](https://github.com/MoonshotAI/kimi-code/pull/1562) [`faefad0`](https://github.com/MoonshotAI/kimi-code/commit/faefad0e290ceacb89851baa42043c8685b08dc9) Thanks [@sailist](https://github.com/sailist)! - Add a `subagent.timeout_ms` config option to control how long a single subagent may run before timing out, and raise the default from 30 minutes to 2 hours. Set `[subagent] timeout_ms` in config.toml (or the `KIMI_SUBAGENT_TIMEOUT_MS` env var) to adjust it.
|
||||
|
||||
- [#1572](https://github.com/MoonshotAI/kimi-code/pull/1572) [`3a7aad6`](https://github.com/MoonshotAI/kimi-code/commit/3a7aad653f1226ce4e2c7103318471f65154c406) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix sessions getting stuck in a sending state after a reconnect, so the working spinner stops and the next message sends normally once a turn finishes while the connection is down.
|
||||
|
||||
- [#1574](https://github.com/MoonshotAI/kimi-code/pull/1574) [`b1942bd`](https://github.com/MoonshotAI/kimi-code/commit/b1942bd5718c46991ba5021b4ae96dbf2458617c) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix the first visit after starting or updating the web UI bouncing to the login page when the initial auth check fails; the connecting screen now stays up, shows the connection error, and retries until the server answers.
|
||||
|
||||
- [#1553](https://github.com/MoonshotAI/kimi-code/pull/1553) [`264525e`](https://github.com/MoonshotAI/kimi-code/commit/264525eb51f87409a8961bcf3f5f0271ab767c49) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix the chat view jumping downward while scrolling through conversation history.
|
||||
|
||||
- [#1565](https://github.com/MoonshotAI/kimi-code/pull/1565) [`1d3dba5`](https://github.com/MoonshotAI/kimi-code/commit/1d3dba56832b69628f3bb22ce240f38a08f0af3a) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix the model dropdown showing checkmarks on same-named models from other providers; the current model is now matched by its unique model id.
|
||||
|
||||
- [#1567](https://github.com/MoonshotAI/kimi-code/pull/1567) [`f901b9e`](https://github.com/MoonshotAI/kimi-code/commit/f901b9e1da9a9575b5d47dba40babe2ccd035180) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Keep the server access token for up to 7 days across tab close and browser restarts, instead of asking for it again with every new tab.
|
||||
|
||||
- [#1552](https://github.com/MoonshotAI/kimi-code/pull/1552) [`37bb4b8`](https://github.com/MoonshotAI/kimi-code/commit/37bb4b870edf6a5458dda755a5b4a432c32df2a7) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix ReadMediaFile results rendering as plain tool cards instead of images after resuming or reloading a session.
|
||||
|
||||
- [#1563](https://github.com/MoonshotAI/kimi-code/pull/1563) [`c982386`](https://github.com/MoonshotAI/kimi-code/commit/c98238699c1ae51a2237969b43282373fc0c0e89) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix sidebar lag with many sessions by removing repeated session list scans during rendering.
|
||||
|
||||
- [#1475](https://github.com/MoonshotAI/kimi-code/pull/1475) [`5a208cb`](https://github.com/MoonshotAI/kimi-code/commit/5a208cb041530e320f343a46e231bf3c109e30c9) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Auto-enable the default thinking effort when switching to a model that supports effort levels in the web UI.
|
||||
|
||||
- [#1577](https://github.com/MoonshotAI/kimi-code/pull/1577) [`6fc1deb`](https://github.com/MoonshotAI/kimi-code/commit/6fc1deb45312574a9e97ffaf6d7ced530d38910d) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Let wide Markdown tables in the desktop chat grow beyond the reading column up to 1040px, temporarily hiding the conversation outline while a table passes under it; anything wider still scrolls inside the table.
|
||||
|
||||
- [#1575](https://github.com/MoonshotAI/kimi-code/pull/1575) [`9d96b53`](https://github.com/MoonshotAI/kimi-code/commit/9d96b538bf4311fdf07aa262a1b4141f7bdd83ed) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Let wide Markdown tables scroll horizontally inside the table instead of being squeezed into the reading column.
|
||||
|
||||
- [#1556](https://github.com/MoonshotAI/kimi-code/pull/1556) [`d2c2c33`](https://github.com/MoonshotAI/kimi-code/commit/d2c2c33f3e89c7c9ed06aa7c2376b88b6107e41d) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Add workspaces by typing an absolute path directly in the workspace picker's search box, with live validation and completion suggestions.
|
||||
|
||||
- [#1547](https://github.com/MoonshotAI/kimi-code/pull/1547) [`19c5aa6`](https://github.com/MoonshotAI/kimi-code/commit/19c5aa64ebef86925ad58074ebcac6a5a7a8ff8d) Thanks [@wbxl2000](https://github.com/wbxl2000)! - Update the WebBridge install page link opened from the /plugins panel.
|
||||
|
||||
## 0.23.5
|
||||
|
||||
### Patch Changes
|
||||
|
||||
- [#1542](https://github.com/MoonshotAI/kimi-code/pull/1542) [`f80b2ea`](https://github.com/MoonshotAI/kimi-code/commit/f80b2eaf04925ce920f693fc8d4d81cb00e825d7) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Fix the "Turn finished" desktop notification and completion sound firing twice per turn.
|
||||
|
||||
- [#1535](https://github.com/MoonshotAI/kimi-code/pull/1535) [`04041eb`](https://github.com/MoonshotAI/kimi-code/commit/04041eb998b6798898fa5df97f7587b3aa119b27) Thanks [@wbxl2000](https://github.com/wbxl2000)! - web: Hide the internal image-compression note so it no longer renders as user message text.
|
||||
|
||||
- [#1536](https://github.com/MoonshotAI/kimi-code/pull/1536) [`db61c9e`](https://github.com/MoonshotAI/kimi-code/commit/db61c9e2dddcb6c35b019ef7f374385248ece881) Thanks [@RealKai42](https://github.com/RealKai42)! - Stop unsupported image formats (AVIF, BMP, TIFF, ICO, …) from breaking sessions at every entry point — including remote image URLs and images mislabeled by a tool — and recover an already-stuck session by dropping the offending image and retrying, so one such image can no longer make every later request fail.
|
||||
|
||||
- [#1530](https://github.com/MoonshotAI/kimi-code/pull/1530) [`9f66ec4`](https://github.com/MoonshotAI/kimi-code/commit/9f66ec416cc658842dc1414b79b6447d1b4cc7f9) Thanks [@sailist](https://github.com/sailist)! - Retry provider 429, overload, and other transient errors more reliably, honoring the server Retry-After delay, and surface retries in `-p --output-format stream-json`.
|
||||
|
||||
## 0.23.4
|
||||
|
||||
### Patch Changes
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "@moonshot-ai/kimi-code",
|
||||
"version": "0.23.6",
|
||||
"version": "0.23.4",
|
||||
"description": "The Starting Point for Next-Gen Agents",
|
||||
"license": "MIT",
|
||||
"author": "Moonshot AI",
|
||||
|
|
@ -63,7 +63,6 @@
|
|||
"dev": "node scripts/dev.mjs",
|
||||
"dev:cli-only": "tsx --import ../../build/register-raw-text-loader.mjs ./src/main.ts",
|
||||
"dev:server": "tsx --tsconfig ./tsconfig.dev.json --import ../../build/register-raw-text-loader.mjs ./src/main.ts server run --foreground",
|
||||
"dev:kap-server": "KIMI_CODE_EXPERIMENTAL_FLAG=1 tsx --tsconfig ./tsconfig.dev.json --import ../../build/register-raw-text-loader.mjs --import ../../build/register-hash-imports-loader.mjs ./src/main.ts server run --foreground",
|
||||
"dev:server:restart": "node scripts/dev-server-restart.mjs",
|
||||
"dev:plugin-marketplace": "node scripts/dev-plugin-marketplace-server.mjs",
|
||||
"build:plugin-marketplace": "node scripts/build-plugin-marketplace-cdn.mjs",
|
||||
|
|
@ -81,8 +80,6 @@
|
|||
},
|
||||
"devDependencies": {
|
||||
"@moonshot-ai/acp-adapter": "workspace:^",
|
||||
"@moonshot-ai/agent-core-v2": "workspace:^",
|
||||
"@moonshot-ai/kap-server": "workspace:^",
|
||||
"@moonshot-ai/kimi-code-oauth": "workspace:^",
|
||||
"@moonshot-ai/kimi-code-sdk": "workspace:^",
|
||||
"@moonshot-ai/kimi-telemetry": "workspace:^",
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ function executableLines() {
|
|||
}
|
||||
|
||||
for (const line of executableLines()) {
|
||||
for (const match of line.matchAll(/(?<![.\w])require\(\s*["']([^"']+)["']\s*\)/g)) {
|
||||
for (const match of line.matchAll(/\brequire\(\s*["']([^"']+)["']\s*\)/g)) {
|
||||
const specifier = match[1];
|
||||
if (specifier.startsWith('.') || specifier.startsWith('/')) {
|
||||
if (optionalRelativeRuntimeRequires.has(specifier)) continue;
|
||||
|
|
|
|||
|
|
@ -24,10 +24,6 @@ const KEEP_MODEL = new Set([
|
|||
"reasoning",
|
||||
"interleaved",
|
||||
"modalities",
|
||||
// Message-level tool declarations capability — kosong's
|
||||
// catalogModelToCapability reads it; stripping it here would silently
|
||||
// disable tool-select for catalog-imported aliases.
|
||||
"dynamically_loaded_tools",
|
||||
]);
|
||||
|
||||
function resolveOutputFile(args) {
|
||||
|
|
|
|||
|
|
@ -1,28 +0,0 @@
|
|||
/**
|
||||
* Experimental agent-core-v2 engine gate.
|
||||
*
|
||||
* The `kimi server run` → server-v2 routing (see `sub/server/run.ts`) keys off
|
||||
* the master switch `KIMI_CODE_EXPERIMENTAL_FLAG`. Read directly from the env
|
||||
* (matching `cli/update/rollout.ts`) because the CLI must not depend on the core
|
||||
* flag registry. Unset / any non-truthy value keeps the v1 engine.
|
||||
*
|
||||
* `kimi -p` (print mode) routes to the native agent-core-v2 runner through the
|
||||
* same master switch.
|
||||
*/
|
||||
|
||||
export const KIMI_V2_ENV = 'KIMI_CODE_EXPERIMENTAL_FLAG';
|
||||
|
||||
const TRUTHY_VALUES = new Set(['1', 'true', 'yes', 'on']);
|
||||
|
||||
function isTruthyEnv(
|
||||
key: string,
|
||||
env: Readonly<Record<string, string | undefined>>,
|
||||
): boolean {
|
||||
return TRUTHY_VALUES.has((env[key] ?? '').trim().toLowerCase());
|
||||
}
|
||||
|
||||
export function isKimiV2Enabled(
|
||||
env: Readonly<Record<string, string | undefined>> = process.env,
|
||||
): boolean {
|
||||
return isTruthyEnv(KIMI_V2_ENV, env);
|
||||
}
|
||||
|
|
@ -1,39 +1,6 @@
|
|||
export type UIMode = 'shell' | 'print';
|
||||
export type PromptOutputFormat = 'text' | 'stream-json';
|
||||
|
||||
/** Environment variable that sets the default `-p` output format (flag wins). */
|
||||
export const OUTPUT_FORMAT_ENV = 'KIMI_MODEL_OUTPUT_FORMAT';
|
||||
|
||||
const OUTPUT_FORMATS = ['text', 'stream-json'] as const;
|
||||
|
||||
function isOutputFormat(value: string): value is PromptOutputFormat {
|
||||
return (OUTPUT_FORMATS as readonly string[]).includes(value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Resolve the effective `-p` output format.
|
||||
*
|
||||
* Precedence: explicit `--output-format` flag → `KIMI_MODEL_OUTPUT_FORMAT` env
|
||||
* (prompt mode only) → `text`. The env var is ignored outside prompt mode so an
|
||||
* ambient value never affects interactive `kimi`. An invalid env value fails
|
||||
* fast via `OptionConflictError`.
|
||||
*/
|
||||
export function resolveOutputFormat(
|
||||
opts: Pick<CLIOptions, 'prompt' | 'outputFormat'>,
|
||||
env: Readonly<Record<string, string | undefined>> = process.env,
|
||||
): PromptOutputFormat {
|
||||
if (opts.outputFormat !== undefined) return opts.outputFormat;
|
||||
if (opts.prompt === undefined) return 'text';
|
||||
const raw = (env[OUTPUT_FORMAT_ENV] ?? '').trim();
|
||||
if (raw.length === 0) return 'text';
|
||||
if (!isOutputFormat(raw)) {
|
||||
throw new OptionConflictError(
|
||||
`Invalid ${OUTPUT_FORMAT_ENV} value "${raw}". Expected one of: text, stream-json.`,
|
||||
);
|
||||
}
|
||||
return raw;
|
||||
}
|
||||
|
||||
export interface CLIOptions {
|
||||
session: string | undefined;
|
||||
continue: boolean;
|
||||
|
|
@ -59,10 +26,7 @@ export class OptionConflictError extends Error {
|
|||
}
|
||||
}
|
||||
|
||||
export function validateOptions(
|
||||
opts: CLIOptions,
|
||||
env: Readonly<Record<string, string | undefined>> = process.env,
|
||||
): ValidatedOptions {
|
||||
export function validateOptions(opts: CLIOptions): ValidatedOptions {
|
||||
const prompt = opts.prompt;
|
||||
const promptMode = prompt !== undefined;
|
||||
if (promptMode && prompt.trim().length === 0) {
|
||||
|
|
@ -92,8 +56,5 @@ export function validateOptions(
|
|||
if (opts.yolo && opts.auto) {
|
||||
throw new OptionConflictError('Cannot combine --yolo with --auto.');
|
||||
}
|
||||
// Validate `KIMI_MODEL_OUTPUT_FORMAT` eagerly in prompt mode so a typo fails
|
||||
// fast through the friendly `error:` path instead of mid-run.
|
||||
if (promptMode) resolveOutputFormat(opts, env);
|
||||
return { options: opts, uiMode: promptMode ? 'print' : 'shell' };
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,409 +0,0 @@
|
|||
/**
|
||||
* Output rendering for `kimi -p` (print mode) — shared by the v1 driver
|
||||
* (`run-prompt.ts`) and the native v2 runner (`v2/run-v2-print.ts`).
|
||||
*
|
||||
* Both engines feed the same writer classes: v1 via the SDK `Event` stream, v2
|
||||
* via the main agent's native `IEventBus` (whose `DomainEvent` payloads are
|
||||
* already v1-protocol-shaped). Keeping the writers here lets v2 reuse them
|
||||
* without re-implementing rendering, while v1's `runPromptTurn` keeps its own
|
||||
* event-filtering / completion flow intact.
|
||||
*/
|
||||
|
||||
import type { PromptOutputFormat } from './options';
|
||||
|
||||
/**
|
||||
* Structural hook-result shape the renderer reads. Both the v1 SDK
|
||||
* `HookResultEvent` and the v2 native `hook.result` `DomainEvent` satisfy it,
|
||||
* so the renderer stays engine-agnostic without depending on either event
|
||||
* definition.
|
||||
*/
|
||||
interface HookResultEventLike {
|
||||
readonly hookEvent: string;
|
||||
readonly content: string;
|
||||
readonly blocked?: boolean;
|
||||
}
|
||||
|
||||
/**
|
||||
* Structural retry shape the renderer reads. Mirrors the v1 SDK
|
||||
* `turn.step.retrying` event fields the stream-json meta line surfaces. Only
|
||||
* the v1 driver forwards retries to `writeRetrying`; the v2 runner currently
|
||||
* just discards the failed attempt's partial output and stays silent.
|
||||
*/
|
||||
interface RetryingEventLike {
|
||||
readonly failedAttempt: number;
|
||||
readonly nextAttempt: number;
|
||||
readonly maxAttempts: number;
|
||||
readonly delayMs: number;
|
||||
readonly errorName: string;
|
||||
readonly errorMessage: string;
|
||||
readonly statusCode?: number;
|
||||
}
|
||||
|
||||
export interface PromptOutput {
|
||||
readonly columns?: number | undefined;
|
||||
write(chunk: string): boolean;
|
||||
}
|
||||
|
||||
const PROMPT_BLOCK_BULLET = '• ';
|
||||
const PROMPT_BLOCK_INDENT = ' ';
|
||||
|
||||
export interface PromptTurnWriter {
|
||||
writeAssistantDelta(delta: string): void;
|
||||
writeHookResult(event: HookResultEventLike): void;
|
||||
writeThinkingDelta(delta: string): void;
|
||||
writeToolCall(toolCallId: string, name: string, args: unknown): void;
|
||||
writeToolCallDelta(
|
||||
toolCallId: string,
|
||||
name: string | undefined,
|
||||
argumentsPart: string | undefined,
|
||||
): void;
|
||||
writeToolResult(toolCallId: string, output: unknown): void;
|
||||
writeRetrying(event: RetryingEventLike): void;
|
||||
flushAssistant(): void;
|
||||
discardAssistant(): void;
|
||||
finish(): void;
|
||||
}
|
||||
|
||||
interface PromptJsonToolCall {
|
||||
type: 'function';
|
||||
id: string;
|
||||
function: {
|
||||
name: string;
|
||||
arguments: string;
|
||||
};
|
||||
}
|
||||
|
||||
interface PromptJsonAssistantMessage {
|
||||
role: 'assistant';
|
||||
content?: string;
|
||||
tool_calls?: PromptJsonToolCall[];
|
||||
}
|
||||
|
||||
interface PromptJsonToolMessage {
|
||||
role: 'tool';
|
||||
tool_call_id: string;
|
||||
content: string;
|
||||
}
|
||||
|
||||
interface PromptJsonRetryMetaMessage {
|
||||
role: 'meta';
|
||||
type: 'turn.step.retrying';
|
||||
failed_attempt: number;
|
||||
next_attempt: number;
|
||||
max_attempts: number;
|
||||
delay_ms: number;
|
||||
error_name: string;
|
||||
error_message: string;
|
||||
status_code?: number;
|
||||
}
|
||||
|
||||
export class PromptTranscriptWriter implements PromptTurnWriter {
|
||||
private readonly assistantWriter: PromptBlockWriter;
|
||||
private readonly thinkingWriter: PromptBlockWriter;
|
||||
|
||||
constructor(stdout: PromptOutput, stderr: PromptOutput) {
|
||||
this.assistantWriter = new PromptBlockWriter(stdout);
|
||||
this.thinkingWriter = new PromptBlockWriter(stderr);
|
||||
}
|
||||
|
||||
writeAssistantDelta(delta: string): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.write(delta);
|
||||
}
|
||||
|
||||
writeHookResult(event: HookResultEventLike): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.finish();
|
||||
this.assistantWriter.write(formatHookResultPlain(event));
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
|
||||
writeThinkingDelta(delta: string): void {
|
||||
this.thinkingWriter.write(delta);
|
||||
}
|
||||
|
||||
writeToolCall(): void {}
|
||||
|
||||
writeToolCallDelta(): void {}
|
||||
|
||||
writeToolResult(): void {}
|
||||
|
||||
// Text `-p` keeps retries silent: only the failed attempt's partial assistant
|
||||
// text is discarded (handled by the caller). No human-readable retry line is
|
||||
// emitted, matching the prior behavior.
|
||||
writeRetrying(): void {}
|
||||
|
||||
flushAssistant(): void {
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
|
||||
discardAssistant(): void {}
|
||||
|
||||
finish(): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
}
|
||||
|
||||
export class PromptJsonWriter implements PromptTurnWriter {
|
||||
private assistantText = '';
|
||||
private readonly toolCalls: PromptJsonToolCall[] = [];
|
||||
|
||||
constructor(private readonly stdout: PromptOutput) {}
|
||||
|
||||
writeAssistantDelta(delta: string): void {
|
||||
this.assistantText += delta;
|
||||
}
|
||||
|
||||
writeHookResult(event: HookResultEventLike): void {
|
||||
this.flushAssistant();
|
||||
this.writeJsonLine({
|
||||
role: 'assistant',
|
||||
content: formatHookResultPlain(event),
|
||||
});
|
||||
}
|
||||
|
||||
writeThinkingDelta(): void {}
|
||||
|
||||
writeToolCall(toolCallId: string, name: string, args: unknown): void {
|
||||
const existing = this.toolCalls.find((toolCall) => toolCall.id === toolCallId);
|
||||
if (existing !== undefined) {
|
||||
existing.function.name = name;
|
||||
existing.function.arguments = stringifyJsonValue(args);
|
||||
return;
|
||||
}
|
||||
this.toolCalls.push({
|
||||
type: 'function',
|
||||
id: toolCallId,
|
||||
function: {
|
||||
name,
|
||||
arguments: stringifyJsonValue(args),
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
writeToolCallDelta(
|
||||
toolCallId: string,
|
||||
name: string | undefined,
|
||||
argumentsPart: string | undefined,
|
||||
): void {
|
||||
const toolCall = this.findOrCreateToolCall(toolCallId, name ?? '');
|
||||
if (name !== undefined) {
|
||||
toolCall.function.name = name;
|
||||
}
|
||||
if (argumentsPart !== undefined) {
|
||||
toolCall.function.arguments += argumentsPart;
|
||||
}
|
||||
}
|
||||
|
||||
writeToolResult(toolCallId: string, output: unknown): void {
|
||||
this.flushAssistant();
|
||||
this.writeJsonLine({
|
||||
role: 'tool',
|
||||
tool_call_id: toolCallId,
|
||||
content: stringifyToolOutput(output),
|
||||
});
|
||||
}
|
||||
|
||||
writeRetrying(event: RetryingEventLike): void {
|
||||
// Emit a machine-readable meta line so stream-json consumers can observe
|
||||
// provider retries. The failed attempt's partial assistant text was already
|
||||
// discarded by the caller, so no half-formed assistant message leaks.
|
||||
const message: PromptJsonRetryMetaMessage = {
|
||||
role: 'meta',
|
||||
type: 'turn.step.retrying',
|
||||
failed_attempt: event.failedAttempt,
|
||||
next_attempt: event.nextAttempt,
|
||||
max_attempts: event.maxAttempts,
|
||||
delay_ms: event.delayMs,
|
||||
error_name: event.errorName,
|
||||
error_message: event.errorMessage,
|
||||
status_code: event.statusCode,
|
||||
};
|
||||
this.writeJsonLine(message);
|
||||
}
|
||||
|
||||
flushAssistant(): void {
|
||||
if (this.assistantText.length === 0 && this.toolCalls.length === 0) return;
|
||||
const message: PromptJsonAssistantMessage = {
|
||||
role: 'assistant',
|
||||
content: this.assistantText.length > 0 ? this.assistantText : undefined,
|
||||
tool_calls: this.toolCalls.length > 0 ? [...this.toolCalls] : undefined,
|
||||
};
|
||||
this.writeJsonLine(message);
|
||||
this.discardAssistant();
|
||||
}
|
||||
|
||||
discardAssistant(): void {
|
||||
this.assistantText = '';
|
||||
this.toolCalls.length = 0;
|
||||
}
|
||||
|
||||
finish(): void {
|
||||
this.flushAssistant();
|
||||
}
|
||||
|
||||
private findOrCreateToolCall(toolCallId: string, name: string): PromptJsonToolCall {
|
||||
const existing = this.toolCalls.find((toolCall) => toolCall.id === toolCallId);
|
||||
if (existing !== undefined) return existing;
|
||||
const toolCall: PromptJsonToolCall = {
|
||||
type: 'function',
|
||||
id: toolCallId,
|
||||
function: {
|
||||
name,
|
||||
arguments: '',
|
||||
},
|
||||
};
|
||||
this.toolCalls.push(toolCall);
|
||||
return toolCall;
|
||||
}
|
||||
|
||||
private writeJsonLine(
|
||||
message: PromptJsonAssistantMessage | PromptJsonToolMessage | PromptJsonRetryMetaMessage,
|
||||
): void {
|
||||
this.stdout.write(`${JSON.stringify(message)}\n`);
|
||||
}
|
||||
}
|
||||
|
||||
class PromptBlockWriter {
|
||||
private started = false;
|
||||
private atLineStart = false;
|
||||
private lineWidth = 0;
|
||||
private readonly wrapWidth: number | undefined;
|
||||
|
||||
constructor(private readonly output: PromptOutput) {
|
||||
this.wrapWidth =
|
||||
typeof output.columns === 'number' && output.columns > PROMPT_BLOCK_INDENT.length + 1
|
||||
? output.columns
|
||||
: undefined;
|
||||
}
|
||||
|
||||
write(chunk: string): void {
|
||||
if (chunk.length === 0) return;
|
||||
let rendered = this.start();
|
||||
for (const char of chunk) {
|
||||
if (this.atLineStart && char !== '\n') {
|
||||
rendered += PROMPT_BLOCK_INDENT;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = PROMPT_BLOCK_INDENT.length;
|
||||
}
|
||||
const charWidth = visibleCharWidth(char);
|
||||
if (
|
||||
this.wrapWidth !== undefined &&
|
||||
!this.atLineStart &&
|
||||
char !== '\n' &&
|
||||
this.lineWidth + charWidth > this.wrapWidth
|
||||
) {
|
||||
rendered += `\n${PROMPT_BLOCK_INDENT}`;
|
||||
this.lineWidth = PROMPT_BLOCK_INDENT.length;
|
||||
}
|
||||
rendered += char;
|
||||
if (char === '\n') {
|
||||
this.atLineStart = true;
|
||||
this.lineWidth = 0;
|
||||
} else {
|
||||
this.lineWidth += charWidth;
|
||||
}
|
||||
}
|
||||
this.output.write(rendered);
|
||||
}
|
||||
|
||||
finish(): void {
|
||||
if (!this.started) return;
|
||||
this.output.write(this.atLineStart ? '\n' : '\n\n');
|
||||
this.started = false;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = 0;
|
||||
}
|
||||
|
||||
private start(): string {
|
||||
if (this.started) return '';
|
||||
this.started = true;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = PROMPT_BLOCK_BULLET.length;
|
||||
return PROMPT_BLOCK_BULLET;
|
||||
}
|
||||
}
|
||||
|
||||
function visibleCharWidth(char: string): number {
|
||||
return char === '\t' ? 4 : 1;
|
||||
}
|
||||
|
||||
function formatHookResultPlain(event: HookResultEventLike): string {
|
||||
return `${formatHookResultTitle(event)}\n\n${formatHookResultBody(event)}`;
|
||||
}
|
||||
|
||||
function formatHookResultTitle(event: HookResultEventLike): string {
|
||||
return `${event.hookEvent} hook${event.blocked === true ? ' blocked' : ''}`;
|
||||
}
|
||||
|
||||
function formatHookResultBody(event: HookResultEventLike): string {
|
||||
const content = event.content.trim();
|
||||
return content.length === 0 ? '(empty)' : content;
|
||||
}
|
||||
|
||||
function stringifyJsonValue(value: unknown): string {
|
||||
if (typeof value === 'string') return value;
|
||||
const json = JSON.stringify(value);
|
||||
return json ?? '';
|
||||
}
|
||||
|
||||
function stringifyToolOutput(output: unknown): string {
|
||||
if (typeof output === 'string') return output;
|
||||
const json = JSON.stringify(output);
|
||||
return json ?? String(output);
|
||||
}
|
||||
|
||||
interface PromptJsonResumeMetaMessage {
|
||||
role: 'meta';
|
||||
type: 'session.resume_hint';
|
||||
session_id: string;
|
||||
command: string;
|
||||
content: string;
|
||||
}
|
||||
|
||||
interface PromptJsonVersionMetaMessage {
|
||||
role: 'meta';
|
||||
type: 'system.version';
|
||||
version: string;
|
||||
}
|
||||
|
||||
export function writeExperimentalVersion(
|
||||
version: string,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
): void {
|
||||
if (outputFormat === 'stream-json') {
|
||||
const message: PromptJsonVersionMetaMessage = {
|
||||
role: 'meta',
|
||||
type: 'system.version',
|
||||
version,
|
||||
};
|
||||
stdout.write(`${JSON.stringify(message)}\n`);
|
||||
return;
|
||||
}
|
||||
stderr.write(`kimi version ${version}\n`);
|
||||
}
|
||||
|
||||
export function writeResumeHint(
|
||||
sessionId: string,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
): void {
|
||||
const command = `kimi -r ${sessionId}`;
|
||||
const content = `To resume this session: ${command}`;
|
||||
if (outputFormat === 'stream-json') {
|
||||
const message: PromptJsonResumeMetaMessage = {
|
||||
role: 'meta',
|
||||
type: 'session.resume_hint',
|
||||
session_id: sessionId,
|
||||
command,
|
||||
content,
|
||||
};
|
||||
stdout.write(`${JSON.stringify(message)}\n`);
|
||||
return;
|
||||
}
|
||||
stderr.write(`${content}\n`);
|
||||
}
|
||||
|
|
@ -1,66 +0,0 @@
|
|||
/**
|
||||
* Minimal harness/session surface consumed by `kimi -p` (print mode).
|
||||
*
|
||||
* `run-prompt.ts` only needs a small subset of the SDK `KimiHarness` / `Session`
|
||||
* API. Coding the print-mode driver against these narrow interfaces — instead of
|
||||
* the concrete SDK classes — lets the same driver run on either the v1 engine
|
||||
* (`createKimiHarness`, the default) or the experimental agent-core-v2 engine
|
||||
* (`createPromptHarnessV2`, gated by `KIMI_CODE_EXPERIMENTAL_FLAG`). Both the
|
||||
* v1 `KimiHarness` / `Session` and the v2 harness structurally satisfy these
|
||||
* interfaces, so no adapter wrappers are needed on the v1 path.
|
||||
*/
|
||||
|
||||
import type {
|
||||
ApprovalHandler,
|
||||
ConfigDiagnostics,
|
||||
CreateGoalInput,
|
||||
CreateSessionOptions,
|
||||
Event,
|
||||
GetCronTasksResult,
|
||||
GoalSnapshot,
|
||||
GoalToolResult,
|
||||
KimiAuthFacade,
|
||||
KimiConfig,
|
||||
ListSessionsOptions,
|
||||
PermissionMode,
|
||||
PromptInput,
|
||||
QuestionHandler,
|
||||
ResumeSessionInput,
|
||||
SessionStatus,
|
||||
SessionSummary,
|
||||
TelemetryProperties,
|
||||
Unsubscribe,
|
||||
} from '@moonshot-ai/kimi-code-sdk';
|
||||
|
||||
export interface PromptHarness {
|
||||
readonly homeDir: string;
|
||||
readonly auth: KimiAuthFacade;
|
||||
|
||||
track(event: string, properties?: TelemetryProperties): void;
|
||||
|
||||
ensureConfigFile(): Promise<void>;
|
||||
getConfig(): Promise<Pick<KimiConfig, 'defaultModel' | 'telemetry'>>;
|
||||
getConfigDiagnostics(): Promise<ConfigDiagnostics>;
|
||||
listSessions(options: ListSessionsOptions): Promise<readonly SessionSummary[]>;
|
||||
createSession(options: CreateSessionOptions): Promise<PromptSession>;
|
||||
resumeSession(input: ResumeSessionInput): Promise<PromptSession>;
|
||||
close(): Promise<void>;
|
||||
}
|
||||
|
||||
export interface PromptSession {
|
||||
readonly id: string;
|
||||
readonly workDir: string;
|
||||
|
||||
getStatus(): Promise<SessionStatus>;
|
||||
setModel(model: string): Promise<void>;
|
||||
setPermission(mode: PermissionMode): Promise<void>;
|
||||
setApprovalHandler(handler: ApprovalHandler | undefined): void;
|
||||
setQuestionHandler(handler: QuestionHandler | undefined): void;
|
||||
onEvent(listener: (event: Event) => void): Unsubscribe;
|
||||
prompt(input: string | PromptInput): Promise<void>;
|
||||
waitForBackgroundTasksOnPrint(): Promise<void>;
|
||||
handlePrintMainTurnCompleted?(): Promise<'finish' | 'continue'>;
|
||||
createGoal(input: CreateGoalInput): Promise<GoalSnapshot>;
|
||||
getGoal(): Promise<GoalToolResult>;
|
||||
getCronTasks(): Promise<GetCronTasksResult>;
|
||||
}
|
||||
|
|
@ -11,6 +11,9 @@ import {
|
|||
log,
|
||||
type Event,
|
||||
type GoalSnapshot,
|
||||
type HookResultEvent,
|
||||
type KimiHarness,
|
||||
type Session,
|
||||
type SessionStatus,
|
||||
type TelemetryClient,
|
||||
} from '@moonshot-ai/kimi-code-sdk';
|
||||
|
|
@ -18,8 +21,6 @@ import { resolve } from 'pathe';
|
|||
|
||||
import { CLI_SHUTDOWN_TIMEOUT_MS, PROMPT_CLEANUP_TIMEOUT_MS } from '#/constant/app';
|
||||
|
||||
import { isKimiV2Enabled } from './experimental-v2';
|
||||
import { resolveOutputFormat } from './options';
|
||||
import type { CLIOptions, PromptOutputFormat } from './options';
|
||||
import {
|
||||
formatGoalSummaryText,
|
||||
|
|
@ -28,8 +29,6 @@ import {
|
|||
parseHeadlessGoalCreate,
|
||||
type HeadlessGoalCreate,
|
||||
} from './goal-prompt';
|
||||
import type { PromptHarness, PromptSession } from './prompt-session';
|
||||
import { PromptJsonWriter, PromptTranscriptWriter, writeResumeHint } from './prompt-render';
|
||||
import { createCliTelemetryBootstrap, initializeCliTelemetry } from './telemetry';
|
||||
import { createKimiCodeHostIdentity } from './version';
|
||||
|
||||
|
|
@ -51,7 +50,7 @@ import { createKimiCodeHostIdentity } from './version';
|
|||
* alive until it fires, then gives the rejection a chance to surface. A wedged
|
||||
* cleanup is still bounded by `timeoutMs`, so this can't hang the run forever.
|
||||
*/
|
||||
export async function raceWithTimeout(promise: Promise<void>, timeoutMs: number): Promise<void> {
|
||||
async function raceWithTimeout(promise: Promise<void>, timeoutMs: number): Promise<void> {
|
||||
let timedOut = false;
|
||||
let timer: ReturnType<typeof setTimeout> | undefined;
|
||||
// Attach the catch eagerly (synchronously) so `promise` is always consumed and
|
||||
|
|
@ -79,13 +78,13 @@ interface PromptOutput {
|
|||
write(chunk: string): boolean;
|
||||
}
|
||||
|
||||
export interface PromptRunIO {
|
||||
interface PromptRunIO {
|
||||
readonly stdout?: PromptOutput;
|
||||
readonly stderr?: PromptOutput;
|
||||
readonly process?: PromptProcess;
|
||||
}
|
||||
|
||||
export interface PromptProcess {
|
||||
interface PromptProcess {
|
||||
once(signal: NodeJS.Signals, listener: () => Promise<void>): unknown;
|
||||
off(signal: NodeJS.Signals, listener: () => Promise<void>): unknown;
|
||||
exit(code?: number): never | void;
|
||||
|
|
@ -93,27 +92,18 @@ export interface PromptProcess {
|
|||
|
||||
const PROMPT_UI_MODE = 'print';
|
||||
const PROMPT_MAIN_AGENT_ID = 'main';
|
||||
const PROMPT_BLOCK_BULLET = '• ';
|
||||
const PROMPT_BLOCK_INDENT = ' ';
|
||||
|
||||
export async function runPrompt(
|
||||
opts: CLIOptions,
|
||||
version: string,
|
||||
io: PromptRunIO = {},
|
||||
): Promise<void> {
|
||||
if (isKimiV2Enabled()) {
|
||||
// The experimental agent-core-v2 engine runs on its own native DI service
|
||||
// runtime (see v2/run-v2-print.ts); it does not share the v1 PromptHarness
|
||||
// path below. Loaded lazily so the v2 module graph stays off the default
|
||||
// (v1) path.
|
||||
const { runV2Print } = await import('./v2/run-v2-print');
|
||||
await runV2Print(opts, version, io);
|
||||
return;
|
||||
}
|
||||
|
||||
const startedAt = Date.now();
|
||||
const stdout = io.stdout ?? process.stdout;
|
||||
const stderr = io.stderr ?? process.stderr;
|
||||
const promptProcess = io.process ?? process;
|
||||
const outputFormat = resolveOutputFormat(opts);
|
||||
const workDir = process.cwd();
|
||||
const telemetryBootstrap = createCliTelemetryBootstrap();
|
||||
const telemetryClient: TelemetryClient = {
|
||||
|
|
@ -121,7 +111,7 @@ export async function runPrompt(
|
|||
withContext: withTelemetryContext,
|
||||
setContext: setTelemetryContext,
|
||||
};
|
||||
const harness = await createPromptHarness({
|
||||
const harness = createKimiHarness({
|
||||
homeDir: telemetryBootstrap.homeDir,
|
||||
identity: createKimiCodeHostIdentity(version),
|
||||
uiMode: PROMPT_UI_MODE,
|
||||
|
|
@ -196,6 +186,7 @@ export async function runPrompt(
|
|||
});
|
||||
setCrashPhase('runtime');
|
||||
|
||||
const outputFormat = opts.outputFormat ?? 'text';
|
||||
// Headless goal mode: `kimi -p "/goal <objective>"`. The goal driver keeps
|
||||
// the turn-run alive across continuation turns, so the normal prompt-turn
|
||||
// waiter blocks until the goal is terminal; we then emit a summary and set a
|
||||
|
|
@ -204,13 +195,7 @@ export async function runPrompt(
|
|||
if (goalCreate !== undefined) {
|
||||
await runHeadlessGoal(session, goalCreate, goalModel, outputFormat, stdout, stderr);
|
||||
} else {
|
||||
await runPromptTurn(
|
||||
session as PrintTurnSession,
|
||||
opts.prompt!,
|
||||
outputFormat,
|
||||
stdout,
|
||||
stderr,
|
||||
);
|
||||
await runPromptTurn(session, opts.prompt!, outputFormat, stdout, stderr);
|
||||
}
|
||||
writeResumeHint(session.id, outputFormat, stdout, stderr);
|
||||
|
||||
|
|
@ -222,16 +207,8 @@ export async function runPrompt(
|
|||
}
|
||||
}
|
||||
|
||||
async function createPromptHarness(
|
||||
options: Parameters<typeof createKimiHarness>[0],
|
||||
): Promise<PromptHarness> {
|
||||
// The v2 engine is dispatched earlier in `runPrompt` (see the
|
||||
// `isKimiV2Enabled()` branch) and never reaches here; this is the v1 path.
|
||||
return createKimiHarness(options);
|
||||
}
|
||||
|
||||
async function runHeadlessGoal(
|
||||
session: PromptSession,
|
||||
session: Session,
|
||||
goal: HeadlessGoalCreate,
|
||||
model: string | undefined,
|
||||
outputFormat: PromptOutputFormat,
|
||||
|
|
@ -257,13 +234,7 @@ async function runHeadlessGoal(
|
|||
try {
|
||||
// The objective is sent as the normal prompt; goal continuation keeps the
|
||||
// turn alive until a terminal state is reached.
|
||||
await runPromptTurn(
|
||||
session as PrintTurnSession,
|
||||
goal.objective,
|
||||
outputFormat,
|
||||
stdout,
|
||||
stderr,
|
||||
);
|
||||
await runPromptTurn(session, goal.objective, outputFormat, stdout, stderr, true);
|
||||
} finally {
|
||||
unsubscribeGoalEvents();
|
||||
const snapshot = completedSnapshot ?? (await session.getGoal()).goal;
|
||||
|
|
@ -281,7 +252,7 @@ async function runHeadlessGoal(
|
|||
}
|
||||
|
||||
interface ResolvedPromptSession {
|
||||
readonly session: PromptSession;
|
||||
readonly session: Session;
|
||||
readonly resumed: boolean;
|
||||
readonly restorePermission: () => Promise<void>;
|
||||
readonly telemetryModel?: string;
|
||||
|
|
@ -289,7 +260,7 @@ interface ResolvedPromptSession {
|
|||
}
|
||||
|
||||
async function resolvePromptSession(
|
||||
harness: PromptHarness,
|
||||
harness: KimiHarness,
|
||||
opts: CLIOptions,
|
||||
workDir: string,
|
||||
defaultModel: string | undefined,
|
||||
|
|
@ -384,7 +355,7 @@ async function resolvePromptSession(
|
|||
}
|
||||
|
||||
async function forcePromptPermission(
|
||||
session: PromptSession,
|
||||
session: Session,
|
||||
previousPermission: SessionStatus['permission'],
|
||||
setRestorePermission: (restorePermission: () => Promise<void>) => void,
|
||||
): Promise<() => Promise<void>> {
|
||||
|
|
@ -403,7 +374,7 @@ async function forcePromptPermission(
|
|||
return restorePermission;
|
||||
}
|
||||
|
||||
export function requireConfiguredModel(...models: readonly (string | undefined)[]): string {
|
||||
function requireConfiguredModel(...models: readonly (string | undefined)[]): string {
|
||||
const model = configuredModel(...models);
|
||||
if (model === undefined) {
|
||||
throw new Error(
|
||||
|
|
@ -413,16 +384,16 @@ export function requireConfiguredModel(...models: readonly (string | undefined)[
|
|||
return model;
|
||||
}
|
||||
|
||||
export function configuredModel(...models: readonly (string | undefined)[]): string | undefined {
|
||||
function configuredModel(...models: readonly (string | undefined)[]): string | undefined {
|
||||
return models.find((model) => model !== undefined && model.trim().length > 0);
|
||||
}
|
||||
|
||||
function installHeadlessHandlers(session: PromptSession): void {
|
||||
function installHeadlessHandlers(session: Session): void {
|
||||
session.setApprovalHandler(() => ({ decision: 'approved' }));
|
||||
session.setQuestionHandler(() => null);
|
||||
}
|
||||
|
||||
export function installPromptTerminationCleanup(
|
||||
function installPromptTerminationCleanup(
|
||||
promptProcess: PromptProcess,
|
||||
cleanup: () => Promise<void>,
|
||||
): () => void {
|
||||
|
|
@ -449,52 +420,34 @@ export function installPromptTerminationCleanup(
|
|||
};
|
||||
}
|
||||
|
||||
export function signalExitCode(signal: NodeJS.Signals): number {
|
||||
function signalExitCode(signal: NodeJS.Signals): number {
|
||||
if (signal === 'SIGINT') return 130;
|
||||
if (signal === 'SIGHUP') return 129;
|
||||
return 143;
|
||||
}
|
||||
|
||||
type PrintTurnSession = PromptSession &
|
||||
Required<Pick<PromptSession, 'handlePrintMainTurnCompleted'>>;
|
||||
|
||||
function runPromptTurn(
|
||||
session: PrintTurnSession,
|
||||
session: Session,
|
||||
prompt: string,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
waitForGoalTerminal = false,
|
||||
): Promise<void> {
|
||||
let activeTurnId: number | undefined;
|
||||
let activeAgentId: string | undefined;
|
||||
let latestStartedTurnId: number | undefined;
|
||||
const outputWriter =
|
||||
outputFormat === 'stream-json'
|
||||
? new PromptJsonWriter(stdout)
|
||||
: new PromptTranscriptWriter(stdout, stderr);
|
||||
let settled = false;
|
||||
let unsubscribe: (() => void) | undefined;
|
||||
// A `kimi -p` run is not done just because the model ended a turn: an active
|
||||
// goal drives continuation turns on its own, and a scheduled cron task fires
|
||||
// later from an idle session — both trigger new turns after `end_turn`. While
|
||||
// either is pending, something must keep the event loop alive: the cron
|
||||
// scheduler's tick is deliberately unref'd, so without a ref'd handle the
|
||||
// process would drain and exit before the next turn is ever triggered. This
|
||||
// no-op interval is that handle; finish() always clears it.
|
||||
let keepAliveTimer: NodeJS.Timeout | undefined;
|
||||
const holdEventLoop = (): void => {
|
||||
keepAliveTimer ??= setInterval(() => {}, 60_000);
|
||||
};
|
||||
const releaseEventLoop = (): void => {
|
||||
if (keepAliveTimer === undefined) return;
|
||||
clearInterval(keepAliveTimer);
|
||||
keepAliveTimer = undefined;
|
||||
};
|
||||
|
||||
return new Promise<void>((resolve, reject) => {
|
||||
const finish = (error?: Error): void => {
|
||||
if (settled) return;
|
||||
settled = true;
|
||||
releaseEventLoop();
|
||||
unsubscribe?.();
|
||||
outputWriter.finish();
|
||||
if (error !== undefined) {
|
||||
|
|
@ -504,36 +457,6 @@ function runPromptTurn(
|
|||
resolve();
|
||||
};
|
||||
|
||||
// Re-evaluates whether the run can settle now that the main agent is idle.
|
||||
// The run outlives a completed turn while a goal is still active (the goal
|
||||
// driver launches the next continuation turn itself) or while cron tasks
|
||||
// with a future fire remain (their fire steers a fresh turn when idle).
|
||||
// Called on turn.ended and on a terminal goal.updated — the latter covers
|
||||
// the driver blocking a goal on a hard budget, which emits no further
|
||||
// turn.ended. Only when neither is pending do we drain background tasks
|
||||
// and settle.
|
||||
const evaluateRunCompletion = async (): Promise<void> => {
|
||||
try {
|
||||
const { goal } = await session.getGoal();
|
||||
if (settled || activeTurnId !== undefined) return;
|
||||
if (goal?.status === 'active') {
|
||||
holdEventLoop();
|
||||
return;
|
||||
}
|
||||
const { tasks } = await session.getCronTasks();
|
||||
if (settled || activeTurnId !== undefined) return;
|
||||
// A task whose expression has no future fire can never trigger a
|
||||
// turn; don't hold the run open for it.
|
||||
if (tasks.some((task) => task.nextFireAt !== null)) {
|
||||
holdEventLoop();
|
||||
return;
|
||||
}
|
||||
await finishCompletedTurn();
|
||||
} catch (error) {
|
||||
finish(error instanceof Error ? error : new Error(String(error)));
|
||||
}
|
||||
};
|
||||
|
||||
unsubscribe = session.onEvent((event) => {
|
||||
if (event.type === 'error') {
|
||||
if (event.agentId !== PROMPT_MAIN_AGENT_ID) {
|
||||
|
|
@ -542,22 +465,24 @@ function runPromptTurn(
|
|||
finish(new Error(`${event.code}: ${event.message}`));
|
||||
return;
|
||||
}
|
||||
if (event.type === 'turn.started') {
|
||||
if (event.type === 'turn.started' && activeTurnId === undefined) {
|
||||
if (event.agentId !== PROMPT_MAIN_AGENT_ID) {
|
||||
return;
|
||||
}
|
||||
activeTurnId = event.turnId;
|
||||
activeAgentId = event.agentId;
|
||||
latestStartedTurnId = event.turnId;
|
||||
return;
|
||||
}
|
||||
if (
|
||||
waitForGoalTerminal &&
|
||||
event.type === 'goal.updated' &&
|
||||
event.agentId === PROMPT_MAIN_AGENT_ID &&
|
||||
activeTurnId === undefined &&
|
||||
event.snapshot !== null &&
|
||||
event.snapshot.status !== 'active'
|
||||
) {
|
||||
void evaluateRunCompletion();
|
||||
void finishCompletedTurn();
|
||||
return;
|
||||
}
|
||||
if (
|
||||
|
|
@ -576,7 +501,6 @@ function runPromptTurn(
|
|||
return;
|
||||
case 'turn.step.retrying':
|
||||
outputWriter.discardAssistant();
|
||||
outputWriter.writeRetrying(event);
|
||||
return;
|
||||
case 'assistant.delta':
|
||||
outputWriter.writeAssistantDelta(event.delta);
|
||||
|
|
@ -606,9 +530,28 @@ function runPromptTurn(
|
|||
case 'turn.ended':
|
||||
if (event.reason === 'completed') {
|
||||
outputWriter.flushAssistant();
|
||||
activeTurnId = undefined;
|
||||
activeAgentId = undefined;
|
||||
void evaluateRunCompletion();
|
||||
if (waitForGoalTerminal) {
|
||||
const completedTurnId = event.turnId;
|
||||
activeTurnId = undefined;
|
||||
activeAgentId = undefined;
|
||||
void (async () => {
|
||||
try {
|
||||
const { goal } = await session.getGoal();
|
||||
if (
|
||||
activeTurnId !== undefined ||
|
||||
latestStartedTurnId !== completedTurnId
|
||||
) {
|
||||
return;
|
||||
}
|
||||
if (goal?.status === 'active') return;
|
||||
await finishCompletedTurn();
|
||||
} catch (error) {
|
||||
finish(error instanceof Error ? error : new Error(String(error)));
|
||||
}
|
||||
})();
|
||||
return;
|
||||
}
|
||||
void finishCompletedTurn();
|
||||
return;
|
||||
}
|
||||
finish(new Error(formatTurnEndedFailure(event)));
|
||||
|
|
@ -631,6 +574,7 @@ function runPromptTurn(
|
|||
case 'subagent.started':
|
||||
case 'subagent.suspended':
|
||||
case 'tool.list.updated':
|
||||
case 'turn.started':
|
||||
case 'turn.step.completed':
|
||||
case 'warning':
|
||||
return;
|
||||
|
|
@ -642,39 +586,328 @@ function runPromptTurn(
|
|||
});
|
||||
|
||||
async function finishCompletedTurn(): Promise<void> {
|
||||
// Flush the buffered assistant message before the end-of-turn policy
|
||||
// runs: in stream-json mode the final message is only emitted by
|
||||
// finish(), so a long drain/steer wait would otherwise withhold the main
|
||||
// turn's result until the run exits.
|
||||
// Flush the buffered assistant message before draining background tasks:
|
||||
// in stream-json mode the final message is only emitted by finish(), so a
|
||||
// long background wait would otherwise withhold the main turn's result
|
||||
// until the drain settles.
|
||||
outputWriter.flushAssistant();
|
||||
try {
|
||||
const action = await session.handlePrintMainTurnCompleted();
|
||||
if (action === 'continue') {
|
||||
// Stay alive: a still-pending background task will, on completion,
|
||||
// steer the main agent into a new turn whose events we keep mapping.
|
||||
// Do not finish yet.
|
||||
holdEventLoop();
|
||||
return;
|
||||
}
|
||||
await session.waitForBackgroundTasksOnPrint();
|
||||
} catch (error) {
|
||||
log.warn('handlePrintMainTurnCompleted failed', { error });
|
||||
log.warn('waitForBackgroundTasksOnPrint failed', { error });
|
||||
}
|
||||
finish();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
interface PromptTurnWriter {
|
||||
writeAssistantDelta(delta: string): void;
|
||||
writeHookResult(event: HookResultEvent): void;
|
||||
writeThinkingDelta(delta: string): void;
|
||||
writeToolCall(toolCallId: string, name: string, args: unknown): void;
|
||||
writeToolCallDelta(
|
||||
toolCallId: string,
|
||||
name: string | undefined,
|
||||
argumentsPart: string | undefined,
|
||||
): void;
|
||||
writeToolResult(toolCallId: string, output: unknown): void;
|
||||
flushAssistant(): void;
|
||||
discardAssistant(): void;
|
||||
finish(): void;
|
||||
}
|
||||
|
||||
class PromptTranscriptWriter implements PromptTurnWriter {
|
||||
private readonly assistantWriter: PromptBlockWriter;
|
||||
private readonly thinkingWriter: PromptBlockWriter;
|
||||
|
||||
constructor(stdout: PromptOutput, stderr: PromptOutput) {
|
||||
this.assistantWriter = new PromptBlockWriter(stdout);
|
||||
this.thinkingWriter = new PromptBlockWriter(stderr);
|
||||
}
|
||||
|
||||
writeAssistantDelta(delta: string): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.write(delta);
|
||||
}
|
||||
|
||||
writeHookResult(event: HookResultEvent): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.finish();
|
||||
this.assistantWriter.write(formatHookResultPlain(event));
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
|
||||
writeThinkingDelta(delta: string): void {
|
||||
this.thinkingWriter.write(delta);
|
||||
}
|
||||
|
||||
writeToolCall(): void {}
|
||||
|
||||
writeToolCallDelta(): void {}
|
||||
|
||||
writeToolResult(): void {}
|
||||
|
||||
flushAssistant(): void {
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
|
||||
discardAssistant(): void {}
|
||||
|
||||
finish(): void {
|
||||
this.thinkingWriter.finish();
|
||||
this.assistantWriter.finish();
|
||||
}
|
||||
}
|
||||
|
||||
interface PromptJsonToolCall {
|
||||
type: 'function';
|
||||
id: string;
|
||||
function: {
|
||||
name: string;
|
||||
arguments: string;
|
||||
};
|
||||
}
|
||||
|
||||
interface PromptJsonAssistantMessage {
|
||||
role: 'assistant';
|
||||
content?: string;
|
||||
tool_calls?: PromptJsonToolCall[];
|
||||
}
|
||||
|
||||
interface PromptJsonToolMessage {
|
||||
role: 'tool';
|
||||
tool_call_id: string;
|
||||
content: string;
|
||||
}
|
||||
|
||||
interface PromptJsonResumeMetaMessage {
|
||||
role: 'meta';
|
||||
type: 'session.resume_hint';
|
||||
session_id: string;
|
||||
command: string;
|
||||
content: string;
|
||||
}
|
||||
|
||||
function writeResumeHint(
|
||||
sessionId: string,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
): void {
|
||||
const command = `kimi -r ${sessionId}`;
|
||||
const content = `To resume this session: ${command}`;
|
||||
if (outputFormat === 'stream-json') {
|
||||
const message: PromptJsonResumeMetaMessage = {
|
||||
role: 'meta',
|
||||
type: 'session.resume_hint',
|
||||
session_id: sessionId,
|
||||
command,
|
||||
content,
|
||||
};
|
||||
stdout.write(`${JSON.stringify(message)}\n`);
|
||||
return;
|
||||
}
|
||||
stderr.write(`${content}\n`);
|
||||
}
|
||||
|
||||
class PromptJsonWriter implements PromptTurnWriter {
|
||||
private assistantText = '';
|
||||
private readonly toolCalls: PromptJsonToolCall[] = [];
|
||||
|
||||
constructor(private readonly stdout: PromptOutput) {}
|
||||
|
||||
writeAssistantDelta(delta: string): void {
|
||||
this.assistantText += delta;
|
||||
}
|
||||
|
||||
writeHookResult(event: HookResultEvent): void {
|
||||
this.flushAssistant();
|
||||
this.writeJsonLine({
|
||||
role: 'assistant',
|
||||
content: formatHookResultPlain(event),
|
||||
});
|
||||
}
|
||||
|
||||
writeThinkingDelta(): void {}
|
||||
|
||||
writeToolCall(toolCallId: string, name: string, args: unknown): void {
|
||||
const existing = this.toolCalls.find((toolCall) => toolCall.id === toolCallId);
|
||||
if (existing !== undefined) {
|
||||
existing.function.name = name;
|
||||
existing.function.arguments = stringifyJsonValue(args);
|
||||
return;
|
||||
}
|
||||
this.toolCalls.push({
|
||||
type: 'function',
|
||||
id: toolCallId,
|
||||
function: {
|
||||
name,
|
||||
arguments: stringifyJsonValue(args),
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
writeToolCallDelta(
|
||||
toolCallId: string,
|
||||
name: string | undefined,
|
||||
argumentsPart: string | undefined,
|
||||
): void {
|
||||
const toolCall = this.findOrCreateToolCall(toolCallId, name ?? '');
|
||||
if (name !== undefined) {
|
||||
toolCall.function.name = name;
|
||||
}
|
||||
if (argumentsPart !== undefined) {
|
||||
toolCall.function.arguments += argumentsPart;
|
||||
}
|
||||
}
|
||||
|
||||
writeToolResult(toolCallId: string, output: unknown): void {
|
||||
this.flushAssistant();
|
||||
this.writeJsonLine({
|
||||
role: 'tool',
|
||||
tool_call_id: toolCallId,
|
||||
content: stringifyToolOutput(output),
|
||||
});
|
||||
}
|
||||
|
||||
flushAssistant(): void {
|
||||
if (this.assistantText.length === 0 && this.toolCalls.length === 0) return;
|
||||
const message: PromptJsonAssistantMessage = {
|
||||
role: 'assistant',
|
||||
content: this.assistantText.length > 0 ? this.assistantText : undefined,
|
||||
tool_calls: this.toolCalls.length > 0 ? [...this.toolCalls] : undefined,
|
||||
};
|
||||
this.writeJsonLine(message);
|
||||
this.discardAssistant();
|
||||
}
|
||||
|
||||
discardAssistant(): void {
|
||||
this.assistantText = '';
|
||||
this.toolCalls.length = 0;
|
||||
}
|
||||
|
||||
finish(): void {
|
||||
this.flushAssistant();
|
||||
}
|
||||
|
||||
private findOrCreateToolCall(toolCallId: string, name: string): PromptJsonToolCall {
|
||||
const existing = this.toolCalls.find((toolCall) => toolCall.id === toolCallId);
|
||||
if (existing !== undefined) return existing;
|
||||
const toolCall: PromptJsonToolCall = {
|
||||
type: 'function',
|
||||
id: toolCallId,
|
||||
function: {
|
||||
name,
|
||||
arguments: '',
|
||||
},
|
||||
};
|
||||
this.toolCalls.push(toolCall);
|
||||
return toolCall;
|
||||
}
|
||||
|
||||
private writeJsonLine(message: PromptJsonAssistantMessage | PromptJsonToolMessage): void {
|
||||
this.stdout.write(`${JSON.stringify(message)}\n`);
|
||||
}
|
||||
}
|
||||
|
||||
class PromptBlockWriter {
|
||||
private started = false;
|
||||
private atLineStart = false;
|
||||
private lineWidth = 0;
|
||||
private readonly wrapWidth: number | undefined;
|
||||
|
||||
constructor(private readonly output: PromptOutput) {
|
||||
this.wrapWidth =
|
||||
typeof output.columns === 'number' && output.columns > PROMPT_BLOCK_INDENT.length + 1
|
||||
? output.columns
|
||||
: undefined;
|
||||
}
|
||||
|
||||
write(chunk: string): void {
|
||||
if (chunk.length === 0) return;
|
||||
let rendered = this.start();
|
||||
for (const char of chunk) {
|
||||
if (this.atLineStart && char !== '\n') {
|
||||
rendered += PROMPT_BLOCK_INDENT;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = PROMPT_BLOCK_INDENT.length;
|
||||
}
|
||||
const charWidth = visibleCharWidth(char);
|
||||
if (
|
||||
this.wrapWidth !== undefined &&
|
||||
!this.atLineStart &&
|
||||
char !== '\n' &&
|
||||
this.lineWidth + charWidth > this.wrapWidth
|
||||
) {
|
||||
rendered += `\n${PROMPT_BLOCK_INDENT}`;
|
||||
this.lineWidth = PROMPT_BLOCK_INDENT.length;
|
||||
}
|
||||
rendered += char;
|
||||
if (char === '\n') {
|
||||
this.atLineStart = true;
|
||||
this.lineWidth = 0;
|
||||
} else {
|
||||
this.lineWidth += charWidth;
|
||||
}
|
||||
}
|
||||
this.output.write(rendered);
|
||||
}
|
||||
|
||||
finish(): void {
|
||||
if (!this.started) return;
|
||||
this.output.write(this.atLineStart ? '\n' : '\n\n');
|
||||
this.started = false;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = 0;
|
||||
}
|
||||
|
||||
private start(): string {
|
||||
if (this.started) return '';
|
||||
this.started = true;
|
||||
this.atLineStart = false;
|
||||
this.lineWidth = PROMPT_BLOCK_BULLET.length;
|
||||
return PROMPT_BLOCK_BULLET;
|
||||
}
|
||||
}
|
||||
|
||||
function visibleCharWidth(char: string): number {
|
||||
return char === '\t' ? 4 : 1;
|
||||
}
|
||||
|
||||
function formatHookResultPlain(event: HookResultEvent): string {
|
||||
return `${formatHookResultTitle(event)}\n\n${formatHookResultBody(event)}`;
|
||||
}
|
||||
|
||||
function formatHookResultTitle(event: HookResultEvent): string {
|
||||
return `${event.hookEvent} hook${event.blocked === true ? ' blocked' : ''}`;
|
||||
}
|
||||
|
||||
function formatHookResultBody(event: HookResultEvent): string {
|
||||
const content = event.content.trim();
|
||||
return content.length === 0 ? '(empty)' : content;
|
||||
}
|
||||
|
||||
function stringifyJsonValue(value: unknown): string {
|
||||
if (typeof value === 'string') return value;
|
||||
const json = JSON.stringify(value);
|
||||
return json ?? '';
|
||||
}
|
||||
|
||||
function stringifyToolOutput(output: unknown): string {
|
||||
if (typeof output === 'string') return output;
|
||||
const json = JSON.stringify(output);
|
||||
return json ?? String(output);
|
||||
}
|
||||
|
||||
function hasTurnId(event: Event): event is Event & { readonly turnId: number } {
|
||||
return 'turnId' in event;
|
||||
}
|
||||
|
||||
function formatTurnEndedFailure(event: Extract<Event, { type: 'turn.ended' }>): string {
|
||||
if (event.error?.code === 'provider.filtered') {
|
||||
return 'Provider safety policy blocked the response.';
|
||||
}
|
||||
if (event.error !== undefined) return `${event.error.code}: ${event.error.message}`;
|
||||
if (event.reason === 'blocked') {
|
||||
return 'Prompt hook blocked the request.';
|
||||
if (event.reason === 'filtered') {
|
||||
return 'Provider safety policy blocked the response.';
|
||||
}
|
||||
return `Prompt turn ended with reason: ${event.reason}`;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,11 +14,10 @@
|
|||
import { join } from 'node:path';
|
||||
|
||||
import { shutdownTelemetry, track } from '@moonshot-ai/kimi-telemetry';
|
||||
import { startServer, type ServerLogger } from '@moonshot-ai/server';
|
||||
import { startServer, type RunningServer } from '@moonshot-ai/server';
|
||||
import chalk from 'chalk';
|
||||
import { Option, type Command } from 'commander';
|
||||
|
||||
import { isKimiV2Enabled } from '#/cli/experimental-v2';
|
||||
import { CLI_SHUTDOWN_TIMEOUT_MS } from '#/constant/app';
|
||||
import { getNativeWebAssetsDir } from '#/native/web-assets';
|
||||
import { darkColors } from '#/tui/theme/colors';
|
||||
|
|
@ -26,12 +25,7 @@ import { openUrl as defaultOpenUrl } from '#/utils/open-url';
|
|||
import { getDataDir } from '#/utils/paths';
|
||||
|
||||
import { initializeServerTelemetry } from '../../telemetry';
|
||||
import {
|
||||
buildKimiDefaultHeaders,
|
||||
createKimiCodeHostIdentity,
|
||||
getHostPackageRoot,
|
||||
getVersion,
|
||||
} from '../../version';
|
||||
import { createKimiCodeHostIdentity, getHostPackageRoot, getVersion } from '../../version';
|
||||
import {
|
||||
accessUrlLines,
|
||||
buildOpenableUrl,
|
||||
|
|
@ -54,27 +48,6 @@ import {
|
|||
|
||||
const WEB_ASSETS_DIR = 'dist-web';
|
||||
|
||||
/**
|
||||
* `kimi server run` → server-v2 routing is gated by the master experimental
|
||||
* switch (`#/cli/experimental-v2`). When it is truthy, the in-process runner
|
||||
* boots the DI × Scope engine server (`@moonshot-ai/kap-server`) instead of
|
||||
* the default `@moonshot-ai/server`.
|
||||
*
|
||||
* Re-exported under the historical name so existing callers/tests keep working.
|
||||
*/
|
||||
export const isServerV2Enabled = isKimiV2Enabled;
|
||||
|
||||
/**
|
||||
* Minimal surface `runServerInProcess` needs from either server flavor. v1's
|
||||
* `RunningServer` already satisfies it; v2's `RunningServer` is adapted to it
|
||||
* (it returns `{ host, port, close }` instead of `{ address, logger, close }`).
|
||||
*/
|
||||
interface RoutedServer {
|
||||
readonly address: string;
|
||||
readonly logger: ServerLogger;
|
||||
close(): Promise<void>;
|
||||
}
|
||||
|
||||
export interface RunCliOptions extends ServerCliOptions {
|
||||
open?: boolean;
|
||||
/** Run the server in-process instead of spawning a background daemon. */
|
||||
|
|
@ -369,7 +342,7 @@ async function runServerInProcess(
|
|||
const version = getVersion();
|
||||
const telemetry = initializeServerTelemetry({ version });
|
||||
|
||||
let running: RoutedServer | undefined;
|
||||
let running: RunningServer | undefined;
|
||||
let stopping = false;
|
||||
|
||||
// Idle auto-shutdown is only for the on-demand personal daemon. It is skipped
|
||||
|
|
@ -402,82 +375,30 @@ async function runServerInProcess(
|
|||
process.exit(0);
|
||||
}
|
||||
|
||||
if (isKimiV2Enabled()) {
|
||||
// Experimental: boot the DI × Scope engine server. v2 speaks the same
|
||||
// `/api/v1` wire interface but its `startServer` returns `{ host, port,
|
||||
// close }` rather than `{ address, logger, close }`, so adapt it to the
|
||||
// `RoutedServer` surface the rest of this runner consumes. Loaded lazily so
|
||||
// the default (flag-off) path keeps the exact v1-only module graph — v2 and
|
||||
// its agent-core-v2 engine are only resolved when the flag is on.
|
||||
const { createServerLogger: createServerV2Logger, startServer: startServerV2 } =
|
||||
await import('@moonshot-ai/kap-server');
|
||||
const { hostRequestHeadersSeed } = await import('@moonshot-ai/agent-core-v2');
|
||||
const logger = createServerV2Logger({ level: options.logLevel });
|
||||
const v2 = await startServerV2({
|
||||
host: options.host,
|
||||
port: options.port,
|
||||
logLevel: options.logLevel,
|
||||
logger,
|
||||
debugEndpoints: options.debugEndpoints,
|
||||
insecureNoTls: options.insecureNoTls,
|
||||
allowRemoteShutdown: options.allowRemoteShutdown,
|
||||
allowRemoteTerminals: options.allowRemoteTerminals,
|
||||
allowedHosts: options.allowedHosts,
|
||||
disableAuth: options.dangerousBypassAuth,
|
||||
// Seed the CLI's Kimi identity headers so the v2 engine's outbound
|
||||
// requests (model, WebSearch, FetchURL) carry the same User-Agent +
|
||||
// X-Msh-* identity as direct CLI runs.
|
||||
seeds: hostRequestHeadersSeed(buildKimiDefaultHeaders(version)),
|
||||
webAssetsDir: serverWebAssetsDir(),
|
||||
});
|
||||
// v2's connection registry exposes no count-change hook, so forward
|
||||
// add/remove to the daemon's idle-shutdown handler (a no-op when `idle`
|
||||
// is undefined, e.g. foreground or --keep-alive).
|
||||
if (idle !== undefined) {
|
||||
const registry = v2.connectionRegistry;
|
||||
const add = registry.add.bind(registry);
|
||||
const remove = registry.remove.bind(registry);
|
||||
registry.add = (conn) => {
|
||||
add(conn);
|
||||
idle.onConnectionCountChange(registry.size());
|
||||
};
|
||||
registry.remove = (connId) => {
|
||||
remove(connId);
|
||||
idle.onConnectionCountChange(registry.size());
|
||||
};
|
||||
}
|
||||
logger.info('server-v2 (KIMI_CODE_EXPERIMENTAL_FLAG) is serving the REST/WS API and the bundled web UI');
|
||||
running = {
|
||||
address: `http://${v2.host}:${v2.port}`,
|
||||
logger: logger as unknown as ServerLogger,
|
||||
close: () => v2.close(),
|
||||
};
|
||||
} else {
|
||||
running = await startServer({
|
||||
host: options.host,
|
||||
port: options.port,
|
||||
logLevel: options.logLevel,
|
||||
debugEndpoints: options.debugEndpoints,
|
||||
insecureNoTls: options.insecureNoTls,
|
||||
allowRemoteShutdown: options.allowRemoteShutdown,
|
||||
allowRemoteTerminals: options.allowRemoteTerminals,
|
||||
dangerousBypassAuth: options.dangerousBypassAuth,
|
||||
allowedHosts: options.allowedHosts,
|
||||
webAssetsDir: serverWebAssetsDir(),
|
||||
coreProcessOptions: {
|
||||
identity: createKimiCodeHostIdentity(version),
|
||||
telemetry,
|
||||
},
|
||||
wsGatewayOptions: {
|
||||
telemetry,
|
||||
onConnectionCountChange: idle
|
||||
? (size) => {
|
||||
idle.onConnectionCountChange(size);
|
||||
}
|
||||
: undefined,
|
||||
},
|
||||
});
|
||||
}
|
||||
running = await startServer({
|
||||
host: options.host,
|
||||
port: options.port,
|
||||
logLevel: options.logLevel,
|
||||
debugEndpoints: options.debugEndpoints,
|
||||
insecureNoTls: options.insecureNoTls,
|
||||
allowRemoteShutdown: options.allowRemoteShutdown,
|
||||
allowRemoteTerminals: options.allowRemoteTerminals,
|
||||
dangerousBypassAuth: options.dangerousBypassAuth,
|
||||
allowedHosts: options.allowedHosts,
|
||||
webAssetsDir: serverWebAssetsDir(),
|
||||
coreProcessOptions: {
|
||||
identity: createKimiCodeHostIdentity(version),
|
||||
telemetry,
|
||||
},
|
||||
wsGatewayOptions: {
|
||||
telemetry,
|
||||
onConnectionCountChange: idle
|
||||
? (size) => {
|
||||
idle.onConnectionCountChange(size);
|
||||
}
|
||||
: undefined,
|
||||
},
|
||||
});
|
||||
|
||||
track('server_started', { daemon: mode.daemon });
|
||||
|
||||
|
|
|
|||
|
|
@ -5,10 +5,9 @@ import {
|
|||
resolveConfigPath,
|
||||
resolveKimiHome,
|
||||
type KimiConfig,
|
||||
type KimiHarness,
|
||||
type TelemetryClient,
|
||||
} from '@moonshot-ai/kimi-code-sdk';
|
||||
|
||||
import type { PromptHarness } from './prompt-session';
|
||||
import {
|
||||
initializeTelemetry,
|
||||
setTelemetryContext,
|
||||
|
|
@ -27,7 +26,7 @@ export interface CliTelemetryBootstrap {
|
|||
}
|
||||
|
||||
export interface InitializeCliTelemetryOptions {
|
||||
readonly harness: PromptHarness;
|
||||
readonly harness: KimiHarness;
|
||||
readonly bootstrap: CliTelemetryBootstrap;
|
||||
readonly config: Pick<KimiConfig, 'defaultModel' | 'telemetry'>;
|
||||
readonly version: string;
|
||||
|
|
|
|||
|
|
@ -1,517 +0,0 @@
|
|||
/**
|
||||
* Native v2 `kimi -p` (print mode) runner.
|
||||
*
|
||||
* Unlike the v1 path (and the former `V2PromptHarness` / `V2Session` shim), this
|
||||
* runner talks to agent-core-v2's native DI services directly — no
|
||||
* `PromptHarness`, no SDK-shaped session, no v2→v1 event translation. It:
|
||||
* - `bootstrap()`s the app scope,
|
||||
* - creates / resumes a session and its main agent via native services,
|
||||
* - subscribes to the main agent's per-agent `IEventBus` and renders the
|
||||
* native `DomainEvent` stream (payloads are already v1-protocol-shaped),
|
||||
* - drives a turn through `IAgentPromptService.enqueue()` and awaits
|
||||
* `Turn.result` for authoritative completion,
|
||||
* - drains background tasks (config-driven) before exiting.
|
||||
*
|
||||
* Selected by `runPrompt` when `KIMI_CODE_EXPERIMENTAL_FLAG` is set.
|
||||
*/
|
||||
|
||||
import {
|
||||
IAgentGoalService,
|
||||
IAgentLifecycleService,
|
||||
IAgentPermissionModeService,
|
||||
IAgentProfileService,
|
||||
IAgentPromptService,
|
||||
IAgentTaskService,
|
||||
IAuthSummaryService,
|
||||
IConfigService,
|
||||
IEventBus,
|
||||
IOAuthToolkit,
|
||||
ISessionIndex,
|
||||
ISessionLifecycleService,
|
||||
ITelemetryService,
|
||||
bootstrap,
|
||||
createCloudAppender,
|
||||
ensureMainAgent,
|
||||
hostRequestHeadersSeed,
|
||||
logSeed,
|
||||
resolveKimiHome,
|
||||
resolveLoggingConfig,
|
||||
type DomainEvent,
|
||||
type IAgentScopeHandle,
|
||||
type ISessionScopeHandle,
|
||||
type LoopRunResult,
|
||||
type Scope,
|
||||
} from '@moonshot-ai/agent-core-v2';
|
||||
import { createKimiDefaultHeaders, createKimiDeviceId } from '@moonshot-ai/kimi-code-oauth';
|
||||
import { resolve } from 'pathe';
|
||||
|
||||
import {
|
||||
CLI_SHUTDOWN_TIMEOUT_MS,
|
||||
CLI_USER_AGENT_PRODUCT,
|
||||
PROMPT_CLEANUP_TIMEOUT_MS,
|
||||
} from '#/constant/app';
|
||||
|
||||
import {
|
||||
formatGoalSummaryText,
|
||||
goalExitCode,
|
||||
goalSummaryJson,
|
||||
parseHeadlessGoalCreate,
|
||||
type HeadlessGoalCreate,
|
||||
} from '../goal-prompt';
|
||||
import {
|
||||
type PromptRunIO,
|
||||
configuredModel,
|
||||
installPromptTerminationCleanup,
|
||||
raceWithTimeout,
|
||||
requireConfiguredModel,
|
||||
} from '../run-prompt';
|
||||
import { createKimiCodeHostIdentity } from '../version';
|
||||
|
||||
import { resolveOutputFormat } from '../options';
|
||||
import type { CLIOptions, PromptOutputFormat } from '../options';
|
||||
import {
|
||||
type PromptOutput,
|
||||
PromptJsonWriter,
|
||||
type PromptTurnWriter,
|
||||
PromptTranscriptWriter,
|
||||
writeExperimentalVersion,
|
||||
writeResumeHint,
|
||||
} from '../prompt-render';
|
||||
|
||||
const PROMPT_UI_MODE = 'print';
|
||||
const DEFAULT_PRINT_WAIT_CEILING_S = 3600;
|
||||
const TASK_CONFIG_SECTION = 'task';
|
||||
const LEGACY_BACKGROUND_CONFIG_SECTION = 'background';
|
||||
|
||||
interface TaskPrintWaitConfig {
|
||||
readonly printWaitCeilingS?: number;
|
||||
}
|
||||
|
||||
export async function runV2Print(
|
||||
opts: CLIOptions,
|
||||
version: string,
|
||||
io: PromptRunIO = {},
|
||||
): Promise<void> {
|
||||
const startedAt = Date.now();
|
||||
const stdout = io.stdout ?? process.stdout;
|
||||
const stderr = io.stderr ?? process.stderr;
|
||||
const promptProcess = io.process ?? process;
|
||||
const outputFormat = resolveOutputFormat(opts);
|
||||
const workDir = process.cwd();
|
||||
|
||||
writeExperimentalVersion(version, outputFormat, stdout, stderr);
|
||||
|
||||
const homeDir = resolveKimiHome();
|
||||
let firstLaunch = false;
|
||||
const deviceId = createKimiDeviceId(homeDir, {
|
||||
onFirstLaunch: () => {
|
||||
firstLaunch = true;
|
||||
},
|
||||
});
|
||||
const logging = resolveLoggingConfig({ homeDir, env: process.env });
|
||||
const identity = createKimiCodeHostIdentity(version);
|
||||
const hostHeaders = createKimiDefaultHeaders({ homeDir, ...identity });
|
||||
|
||||
const { app } = bootstrap({ homeDir, clientVersion: version }, [
|
||||
...logSeed(logging),
|
||||
...hostRequestHeadersSeed(hostHeaders),
|
||||
]);
|
||||
const auth = app.accessor.get(IOAuthToolkit);
|
||||
|
||||
const configService = app.accessor.get(IConfigService);
|
||||
await configService.ready;
|
||||
const defaultModel = configService.get<string>('defaultModel') ?? undefined;
|
||||
let telemetryEnabled = true;
|
||||
try {
|
||||
telemetryEnabled = configService.get('telemetry') !== false;
|
||||
} catch {
|
||||
telemetryEnabled = true;
|
||||
}
|
||||
for (const diagnostic of configService.diagnostics()) {
|
||||
if (diagnostic.severity === 'warning') {
|
||||
stderr.write(`Warning: ${diagnostic.message}\n`);
|
||||
}
|
||||
}
|
||||
|
||||
let restorePermission = async (): Promise<void> => {};
|
||||
let removeTerminationCleanup: (() => void) | undefined;
|
||||
let cleanupPromise: Promise<void> | undefined;
|
||||
let telemetryService: ITelemetryService | undefined;
|
||||
const cleanup = async (): Promise<void> => {
|
||||
const pending = (cleanupPromise ??= (async () => {
|
||||
removeTerminationCleanup?.();
|
||||
try {
|
||||
await restorePermission();
|
||||
} finally {
|
||||
if (telemetryService !== undefined) {
|
||||
await raceWithTimeout(telemetryService.shutdown(), CLI_SHUTDOWN_TIMEOUT_MS);
|
||||
}
|
||||
app.dispose();
|
||||
}
|
||||
})());
|
||||
await raceWithTimeout(pending, PROMPT_CLEANUP_TIMEOUT_MS);
|
||||
};
|
||||
removeTerminationCleanup = installPromptTerminationCleanup(promptProcess, cleanup);
|
||||
|
||||
try {
|
||||
const resolved = await resolveNativeSession(app, opts, workDir, defaultModel, stderr);
|
||||
restorePermission = resolved.restorePermission;
|
||||
|
||||
telemetryService = app.accessor.get(ITelemetryService);
|
||||
if (telemetryEnabled) {
|
||||
telemetryService.setAppender(
|
||||
createCloudAppender(app.accessor, {
|
||||
deviceId,
|
||||
appName: CLI_USER_AGENT_PRODUCT,
|
||||
uiMode: PROMPT_UI_MODE,
|
||||
model: resolved.telemetryModel,
|
||||
getAccessToken: async () => (await auth.getCachedAccessToken()) ?? null,
|
||||
}),
|
||||
);
|
||||
}
|
||||
telemetryService.setContext({ sessionId: resolved.session.id });
|
||||
if (firstLaunch) {
|
||||
telemetryService.track2('first_launch');
|
||||
}
|
||||
|
||||
const goalCreate = parseHeadlessGoalCreate(opts.prompt!);
|
||||
if (goalCreate !== undefined) {
|
||||
await runNativeGoal(
|
||||
app,
|
||||
resolved.session,
|
||||
resolved.agent,
|
||||
goalCreate,
|
||||
resolved.goalModel,
|
||||
outputFormat,
|
||||
stdout,
|
||||
stderr,
|
||||
);
|
||||
} else {
|
||||
await runNativeTurn(
|
||||
app,
|
||||
resolved.session,
|
||||
resolved.agent,
|
||||
opts.prompt!,
|
||||
outputFormat,
|
||||
stdout,
|
||||
stderr,
|
||||
);
|
||||
}
|
||||
writeResumeHint(resolved.session.id, outputFormat, stdout, stderr);
|
||||
|
||||
telemetryService.withContext({ sessionId: resolved.session.id }).track2('exit', {
|
||||
duration_ms: Date.now() - startedAt,
|
||||
});
|
||||
} finally {
|
||||
await cleanup();
|
||||
}
|
||||
}
|
||||
|
||||
interface ResolvedNativeSession {
|
||||
readonly session: ISessionScopeHandle;
|
||||
readonly agent: IAgentScopeHandle;
|
||||
readonly restorePermission: () => Promise<void>;
|
||||
readonly telemetryModel: string | undefined;
|
||||
readonly goalModel: string | undefined;
|
||||
}
|
||||
|
||||
async function resolveNativeSession(
|
||||
app: Scope,
|
||||
opts: CLIOptions,
|
||||
workDir: string,
|
||||
defaultModel: string | undefined,
|
||||
stderr: PromptOutput,
|
||||
): Promise<ResolvedNativeSession> {
|
||||
const lifecycle = app.accessor.get(ISessionLifecycleService);
|
||||
const index = app.accessor.get(ISessionIndex);
|
||||
|
||||
const resumeById = async (id: string): Promise<ISessionScopeHandle> => {
|
||||
const session = await lifecycle.resume(id);
|
||||
if (session === undefined) {
|
||||
throw new Error(`Session "${id}" not found.`);
|
||||
}
|
||||
return session;
|
||||
};
|
||||
|
||||
const forceAuto = (
|
||||
agent: IAgentScopeHandle,
|
||||
): { readonly restorePermission: () => Promise<void> } => {
|
||||
const permissionMode = agent.accessor.get(IAgentPermissionModeService);
|
||||
const previous = permissionMode.mode;
|
||||
permissionMode.setMode('auto');
|
||||
return {
|
||||
restorePermission: async () => {
|
||||
permissionMode.setMode(previous);
|
||||
},
|
||||
};
|
||||
};
|
||||
|
||||
if (opts.session !== undefined) {
|
||||
const page = await index.list({});
|
||||
const target = page.items.find((summary) => summary.id === opts.session);
|
||||
if (target === undefined) {
|
||||
throw new Error(`Session "${opts.session}" not found.`);
|
||||
}
|
||||
if (target.cwd !== undefined && resolve(target.cwd) !== resolve(workDir)) {
|
||||
stderr.write(
|
||||
`Session "${opts.session}" was created under a different directory.\n` +
|
||||
` cd "${target.cwd}" && kimi -r ${opts.session}\n\n`,
|
||||
);
|
||||
throw new Error(`Session "${opts.session}" was created under a different directory.`);
|
||||
}
|
||||
const session = await resumeById(opts.session);
|
||||
const agent = await ensureMainAgent(session);
|
||||
const profile = agent.accessor.get(IAgentProfileService);
|
||||
if (opts.model !== undefined) {
|
||||
await profile.setModel(opts.model);
|
||||
}
|
||||
const currentModel = profile.getModel();
|
||||
const { restorePermission } = forceAuto(agent);
|
||||
return {
|
||||
session,
|
||||
agent,
|
||||
restorePermission,
|
||||
telemetryModel: configuredModel(opts.model, currentModel, defaultModel),
|
||||
goalModel: configuredModel(opts.model, currentModel),
|
||||
};
|
||||
}
|
||||
|
||||
if (opts.continue) {
|
||||
const page = await index.list({});
|
||||
const previous = page.items.find((summary) => summary.cwd === workDir);
|
||||
if (previous !== undefined) {
|
||||
const session = await resumeById(previous.id);
|
||||
const agent = await ensureMainAgent(session);
|
||||
const profile = agent.accessor.get(IAgentProfileService);
|
||||
if (opts.model !== undefined) {
|
||||
await profile.setModel(opts.model);
|
||||
}
|
||||
const currentModel = profile.getModel();
|
||||
const { restorePermission } = forceAuto(agent);
|
||||
return {
|
||||
session,
|
||||
agent,
|
||||
restorePermission,
|
||||
telemetryModel: configuredModel(opts.model, currentModel, defaultModel),
|
||||
goalModel: configuredModel(opts.model, currentModel),
|
||||
};
|
||||
}
|
||||
stderr.write(`No sessions to continue under "${workDir}"; starting a fresh session.\n`);
|
||||
}
|
||||
|
||||
const model = requireConfiguredModel(opts.model, defaultModel);
|
||||
const session = await lifecycle.create({
|
||||
workDir,
|
||||
additionalDirs: opts.addDirs?.length ? opts.addDirs : undefined,
|
||||
});
|
||||
const agent = await ensureMainAgent(session);
|
||||
await agent.accessor.get(IAgentProfileService).setModel(model);
|
||||
agent.accessor.get(IAgentPermissionModeService).setMode('auto');
|
||||
return {
|
||||
session,
|
||||
agent,
|
||||
restorePermission: async () => {},
|
||||
telemetryModel: model,
|
||||
goalModel: model,
|
||||
};
|
||||
}
|
||||
|
||||
async function runNativeTurn(
|
||||
app: Scope,
|
||||
session: ISessionScopeHandle,
|
||||
agent: IAgentScopeHandle,
|
||||
prompt: string,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
): Promise<void> {
|
||||
const writer: PromptTurnWriter =
|
||||
outputFormat === 'stream-json'
|
||||
? new PromptJsonWriter(stdout)
|
||||
: new PromptTranscriptWriter(stdout, stderr);
|
||||
|
||||
await agent.accessor.get(IAuthSummaryService).ensureReady();
|
||||
|
||||
const subscription = agent.accessor.get(IEventBus).subscribe((event: DomainEvent) => {
|
||||
dispatchNativeEvent(writer, event, stderr);
|
||||
});
|
||||
try {
|
||||
const handle = await agent.accessor.get(IAgentPromptService).enqueue({
|
||||
message: {
|
||||
role: 'user',
|
||||
content: [{ type: 'text', text: prompt }],
|
||||
toolCalls: [],
|
||||
origin: { kind: 'user' },
|
||||
},
|
||||
});
|
||||
const turn = await handle.launched;
|
||||
if (turn === undefined) {
|
||||
// A prompt blocked by an onBeforeSubmitPrompt hook never launches a turn.
|
||||
writer.finish();
|
||||
const completion = await handle.completion;
|
||||
throw new Error(
|
||||
completion.state === 'blocked'
|
||||
? 'Prompt hook blocked the request.'
|
||||
: 'Prompt turn could not be started',
|
||||
);
|
||||
}
|
||||
const result = await turn.result;
|
||||
|
||||
// Turn settled, but `-p` is not done until any background work the turn
|
||||
// spawned has drained (config-bounded). Flush the buffered assistant
|
||||
// message first so a long drain does not withhold the final message.
|
||||
writer.flushAssistant();
|
||||
if (result.type === 'completed') {
|
||||
try {
|
||||
await drainBackgroundTasks(app, session);
|
||||
} catch {
|
||||
// Draining is best-effort; a wedged background task must not fail the
|
||||
// (already completed) turn. Swallow and proceed to finish.
|
||||
}
|
||||
writer.finish();
|
||||
return;
|
||||
}
|
||||
writer.finish();
|
||||
throw new Error(formatNativeTurnFailure(result));
|
||||
} catch (error) {
|
||||
writer.finish();
|
||||
throw error instanceof Error ? error : new Error(String(error));
|
||||
} finally {
|
||||
subscription.dispose();
|
||||
}
|
||||
}
|
||||
|
||||
async function runNativeGoal(
|
||||
app: Scope,
|
||||
session: ISessionScopeHandle,
|
||||
agent: IAgentScopeHandle,
|
||||
goal: HeadlessGoalCreate,
|
||||
model: string | undefined,
|
||||
outputFormat: PromptOutputFormat,
|
||||
stdout: PromptOutput,
|
||||
stderr: PromptOutput,
|
||||
): Promise<void> {
|
||||
requireConfiguredModel(model);
|
||||
const goalService = agent.accessor.get(IAgentGoalService);
|
||||
await goalService.createGoal({
|
||||
objective: goal.objective,
|
||||
replace: goal.replace,
|
||||
});
|
||||
let completedSnapshot: { readonly status: string } | null = null;
|
||||
const subscription = agent.accessor.get(IEventBus).subscribe((event: DomainEvent) => {
|
||||
if (
|
||||
event.type === 'goal.updated' &&
|
||||
event.change?.kind === 'completion' &&
|
||||
event.snapshot !== null
|
||||
) {
|
||||
completedSnapshot = event.snapshot;
|
||||
}
|
||||
});
|
||||
try {
|
||||
await runNativeTurn(app, session, agent, goal.objective, outputFormat, stdout, stderr);
|
||||
} finally {
|
||||
subscription.dispose();
|
||||
const snapshot = completedSnapshot ?? goalService.getGoal().goal;
|
||||
if (outputFormat === 'stream-json') {
|
||||
stdout.write(`${JSON.stringify(goalSummaryJson(snapshot))}\n`);
|
||||
} else {
|
||||
stderr.write(`${formatGoalSummaryText(snapshot)}\n`);
|
||||
}
|
||||
if (snapshot !== null && snapshot.status !== 'complete') {
|
||||
process.exitCode = goalExitCode(snapshot.status);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function dispatchNativeEvent(
|
||||
writer: PromptTurnWriter,
|
||||
event: DomainEvent,
|
||||
stderr: PromptOutput,
|
||||
): void {
|
||||
switch (event.type) {
|
||||
case 'turn.step.started':
|
||||
case 'turn.step.interrupted':
|
||||
writer.flushAssistant();
|
||||
return;
|
||||
case 'turn.step.retrying':
|
||||
writer.discardAssistant();
|
||||
return;
|
||||
case 'assistant.delta':
|
||||
writer.writeAssistantDelta(event.delta);
|
||||
return;
|
||||
case 'hook.result':
|
||||
writer.writeHookResult(event);
|
||||
return;
|
||||
case 'thinking.delta':
|
||||
writer.writeThinkingDelta(event.delta);
|
||||
return;
|
||||
case 'tool.call.started':
|
||||
writer.writeToolCall(event.toolCallId, event.name, event.args);
|
||||
return;
|
||||
case 'tool.call.delta':
|
||||
writer.writeToolCallDelta(event.toolCallId, event.name, event.argumentsPart);
|
||||
return;
|
||||
case 'tool.result':
|
||||
writer.writeToolResult(event.toolCallId, event.output);
|
||||
return;
|
||||
case 'tool.progress':
|
||||
if (event.update.text !== undefined && event.update.text.length > 0) {
|
||||
stderr.write(event.update.text.endsWith('\n') ? event.update.text : `${event.update.text}\n`);
|
||||
}
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
async function drainBackgroundTasks(app: Scope, session: ISessionScopeHandle): Promise<void> {
|
||||
const config = app.accessor.get(IConfigService);
|
||||
const section =
|
||||
config.get<TaskPrintWaitConfig>(TASK_CONFIG_SECTION) ??
|
||||
config.get<TaskPrintWaitConfig>(LEGACY_BACKGROUND_CONFIG_SECTION);
|
||||
const ceilingS = section?.printWaitCeilingS;
|
||||
const ceilingMs =
|
||||
typeof ceilingS === 'number' && Number.isFinite(ceilingS) && ceilingS > 0
|
||||
? ceilingS * 1000
|
||||
: DEFAULT_PRINT_WAIT_CEILING_S * 1000;
|
||||
|
||||
const deadline = Date.now() + ceilingMs;
|
||||
const seen = new Set<string>();
|
||||
const allWaiters: Promise<unknown>[] = [];
|
||||
while (Date.now() < deadline) {
|
||||
const batch: Promise<unknown>[] = [];
|
||||
const suppressions: Promise<void>[] = [];
|
||||
let activeCount = 0;
|
||||
for (const handle of session.accessor.get(IAgentLifecycleService).list()) {
|
||||
const taskService = handle.accessor.get(IAgentTaskService);
|
||||
for (const task of taskService.list(true)) {
|
||||
activeCount++;
|
||||
if (seen.has(task.taskId)) continue;
|
||||
seen.add(task.taskId);
|
||||
suppressions.push(taskService.suppressTerminalNotification(task.taskId));
|
||||
const remaining = Math.max(1, deadline - Date.now());
|
||||
const waiter = taskService.wait(task.taskId, remaining);
|
||||
batch.push(waiter);
|
||||
allWaiters.push(waiter);
|
||||
}
|
||||
}
|
||||
if (suppressions.length > 0) await Promise.all(suppressions);
|
||||
if (activeCount === 0 || batch.length === 0) break;
|
||||
await Promise.all(batch);
|
||||
}
|
||||
if (allWaiters.length > 0) await Promise.all(allWaiters);
|
||||
}
|
||||
|
||||
function formatNativeTurnFailure(result: LoopRunResult): string {
|
||||
if (result.type === 'failed') {
|
||||
const error = result.error as { readonly code?: string; readonly message?: string } | undefined;
|
||||
if (error?.code === 'provider.filtered') {
|
||||
return 'Provider safety policy blocked the response.';
|
||||
}
|
||||
if (error?.code !== undefined) {
|
||||
return `${error.code}: ${error.message ?? ''}`.trimEnd();
|
||||
}
|
||||
if (result.error instanceof Error) {
|
||||
return result.error.message;
|
||||
}
|
||||
}
|
||||
return `Prompt turn ended with reason: ${result.type}`;
|
||||
}
|
||||
|
|
@ -32,7 +32,7 @@ const ELLIPSIS = '…';
|
|||
// Official tab, even when the marketplace catalog is unavailable. Selecting it
|
||||
// opens the install page in the browser rather than installing from a source,
|
||||
// because Web Bridge is a browser extension + daemon, not a plugin package.
|
||||
const WEB_BRIDGE_URL = 'https://www.kimi.com/features/webbridge#local-agent';
|
||||
const WEB_BRIDGE_URL = 'https://www.kimi.com/features/webbridge';
|
||||
const WEB_BRIDGE_ENTRY: PluginMarketplaceEntry = {
|
||||
id: 'kimi-webbridge',
|
||||
displayName: 'Kimi WebBridge',
|
||||
|
|
|
|||
|
|
@ -196,17 +196,14 @@ export class BtwPanelController {
|
|||
}
|
||||
|
||||
function formatBtwTurnEnd(event: TurnEndedEvent): string {
|
||||
if (event.reason === 'cancelled') {
|
||||
return 'Interrupted by user';
|
||||
}
|
||||
if (event.error?.code === 'provider.filtered') {
|
||||
return 'Provider safety policy blocked the response.';
|
||||
}
|
||||
if (event.error !== undefined) {
|
||||
return `[${event.error.code}] ${event.error.message}`;
|
||||
}
|
||||
if (event.reason === 'blocked') {
|
||||
return 'Prompt hook blocked the request.';
|
||||
if (event.reason === 'cancelled') {
|
||||
return 'Interrupted by user';
|
||||
}
|
||||
if (event.reason === 'filtered') {
|
||||
return 'Provider safety policy blocked the response.';
|
||||
}
|
||||
return `BTW turn ended with reason: ${event.reason}`;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -333,12 +333,9 @@ export class SessionEventHandler {
|
|||
if (event.reason === 'cancelled') {
|
||||
this.markActiveAgentSwarmsCancelled();
|
||||
}
|
||||
if (event.reason === 'failed' && event.error?.code === 'provider.filtered') {
|
||||
if (event.reason === 'filtered') {
|
||||
this.host.showStatus('Turn stopped: provider safety policy blocked the response.', 'error');
|
||||
}
|
||||
if (event.reason === 'blocked') {
|
||||
this.host.showStatus('Turn stopped: prompt hook blocked the request.', 'error');
|
||||
}
|
||||
const todos = this.host.state.todoPanel.getTodos();
|
||||
if (todos.length > 0 && todos.every((t) => t.status === 'done')) {
|
||||
this.host.streamingUI.setTodoList([]);
|
||||
|
|
@ -429,11 +426,7 @@ export class SessionEventHandler {
|
|||
if (reason === 'error') return;
|
||||
if (reason === 'aborted' || reason === undefined || reason === '') {
|
||||
this.markActiveAgentSwarmsCancelled();
|
||||
if (event.message === undefined || event.message === '') {
|
||||
this.host.showStatus('Interrupted by user', 'error');
|
||||
} else {
|
||||
this.host.showError(event.message);
|
||||
}
|
||||
this.host.showStatus('Interrupted by user', 'error');
|
||||
return;
|
||||
}
|
||||
this.host.showError(
|
||||
|
|
|
|||
|
|
@ -202,7 +202,7 @@ function describeApproval(display: ToolInputDisplay, action: string): string {
|
|||
return `search: ${display.query ?? ''}`.trim();
|
||||
case 'todo_list':
|
||||
return `update todo list (${String(display.items?.length ?? 0)} items)`;
|
||||
case 'task':
|
||||
case 'background_task':
|
||||
return `${display.status ?? 'background'} task ${display.task_id ?? ''}: ${
|
||||
display.description ?? ''
|
||||
}`.trim();
|
||||
|
|
@ -334,7 +334,7 @@ function adaptDisplay(display: ToolInputDisplay): DisplayBlock[] {
|
|||
return [];
|
||||
case 'todo_list':
|
||||
return [];
|
||||
case 'task':
|
||||
case 'background_task':
|
||||
return [];
|
||||
default:
|
||||
return [];
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
import { isKimiError } from '@moonshot-ai/kimi-code-sdk';
|
||||
import {
|
||||
isKimiError,
|
||||
type KimiErrorPayload,
|
||||
} from '@moonshot-ai/kimi-code-sdk';
|
||||
|
||||
import {
|
||||
STREAMING_ARGS_FIELD_RE,
|
||||
|
|
@ -100,13 +103,9 @@ export function formatErrorMessage(error: unknown): string {
|
|||
return error instanceof Error ? error.message : String(error);
|
||||
}
|
||||
|
||||
interface ErrorPayloadLike {
|
||||
readonly code: string;
|
||||
readonly message: string;
|
||||
readonly details?: Record<string, unknown>;
|
||||
}
|
||||
|
||||
export function formatErrorPayload(error: ErrorPayloadLike): string {
|
||||
export function formatErrorPayload(
|
||||
error: Pick<KimiErrorPayload, 'code' | 'message' | 'details'>,
|
||||
): string {
|
||||
const filteredMessage = formatProviderFilteredMessage(error.details);
|
||||
if (filteredMessage !== undefined) return `[${error.code}] ${filteredMessage}`;
|
||||
return `[${error.code}] ${error.message}`;
|
||||
|
|
|
|||
|
|
@ -92,7 +92,6 @@ const mocks = vi.hoisted(() => {
|
|||
getStatus: vi.fn(async () => ({ permission: 'auto', model: 'k2' })),
|
||||
createGoal: vi.fn(async () => snapshot({ status: 'active' })),
|
||||
getGoal: vi.fn(async () => ({ goal: snapshot({ status: 'complete' }) })),
|
||||
getCronTasks: vi.fn(async () => ({ tasks: [] })),
|
||||
onEvent: vi.fn((handler: (event: any) => void) => {
|
||||
eventHandlers.add(handler);
|
||||
return () => eventHandlers.delete(handler);
|
||||
|
|
@ -176,7 +175,6 @@ describe('runPrompt headless goal mode', () => {
|
|||
mocks.session.waitForBackgroundTasksOnPrint.mockClear();
|
||||
mocks.session.getStatus.mockResolvedValue({ permission: 'auto', model: 'k2' } as never);
|
||||
mocks.session.getGoal.mockResolvedValue({ goal: snapshot({ status: 'complete' }) } as never);
|
||||
mocks.session.getCronTasks.mockResolvedValue({ tasks: [] } as never);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ import { describe, expect, it } from 'vitest';
|
|||
|
||||
import { createProgram } from '#/cli/commands';
|
||||
import type { CLIOptions } from '#/cli/options';
|
||||
import { OptionConflictError, OUTPUT_FORMAT_ENV, resolveOutputFormat, validateOptions } from '#/cli/options';
|
||||
import { OptionConflictError, validateOptions } from '#/cli/options';
|
||||
|
||||
function parse(argv: string[]): CLIOptions {
|
||||
let captured: CLIOptions | undefined;
|
||||
|
|
@ -303,84 +303,6 @@ describe('CLI options parsing', () => {
|
|||
});
|
||||
});
|
||||
|
||||
describe('KIMI_MODEL_OUTPUT_FORMAT', () => {
|
||||
it('defaults to text when unset in prompt mode', () => {
|
||||
expect(resolveOutputFormat({ prompt: 'run this', outputFormat: undefined }, {})).toBe('text');
|
||||
});
|
||||
|
||||
it('uses stream-json from the env in prompt mode', () => {
|
||||
expect(
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'stream-json' },
|
||||
),
|
||||
).toBe('stream-json');
|
||||
});
|
||||
|
||||
it('uses text from the env in prompt mode', () => {
|
||||
expect(
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'text' },
|
||||
),
|
||||
).toBe('text');
|
||||
});
|
||||
|
||||
it('trims surrounding whitespace from the env value', () => {
|
||||
expect(
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: ' stream-json ' },
|
||||
),
|
||||
).toBe('stream-json');
|
||||
});
|
||||
|
||||
it('lets the --output-format flag override the env', () => {
|
||||
expect(
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: 'text' },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'stream-json' },
|
||||
),
|
||||
).toBe('text');
|
||||
});
|
||||
|
||||
it('ignores the env outside prompt mode', () => {
|
||||
expect(
|
||||
resolveOutputFormat(
|
||||
{ prompt: undefined, outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'stream-json' },
|
||||
),
|
||||
).toBe('text');
|
||||
});
|
||||
|
||||
it('rejects an invalid env value', () => {
|
||||
expect(() =>
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'json' },
|
||||
),
|
||||
).toThrow(OptionConflictError);
|
||||
expect(() =>
|
||||
resolveOutputFormat(
|
||||
{ prompt: 'run this', outputFormat: undefined },
|
||||
{ [OUTPUT_FORMAT_ENV]: 'json' },
|
||||
),
|
||||
).toThrow('Invalid KIMI_MODEL_OUTPUT_FORMAT value "json"');
|
||||
});
|
||||
|
||||
it('fails validation fast for an invalid env value in prompt mode', () => {
|
||||
const opts = parse(['-p', 'run this']);
|
||||
expect(() => validateOptions(opts, { [OUTPUT_FORMAT_ENV]: 'json' })).toThrow(
|
||||
OptionConflictError,
|
||||
);
|
||||
});
|
||||
|
||||
it('does not validate the env outside prompt mode', () => {
|
||||
const opts = parse([]);
|
||||
expect(() => validateOptions(opts, { [OUTPUT_FORMAT_ENV]: 'json' })).not.toThrow();
|
||||
});
|
||||
});
|
||||
|
||||
describe('--skills-dir', () => {
|
||||
it('collects repeated skill directories', () => {
|
||||
expect(parse(['--skills-dir', '/one', '--skills-dir=/two']).skillsDirs).toEqual([
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
import type { createKimiDeviceId as createKimiDeviceIdFn } from '@moonshot-ai/kimi-code-oauth';
|
||||
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
|
||||
import { afterEach, describe, expect, it, vi } from 'vitest';
|
||||
|
||||
import { runPrompt } from '#/cli/run-prompt';
|
||||
import { PROMPT_CLEANUP_TIMEOUT_MS } from '#/constant/app';
|
||||
|
|
@ -40,9 +40,6 @@ const mocks = vi.hoisted(() => {
|
|||
}
|
||||
}),
|
||||
waitForBackgroundTasksOnPrint: vi.fn(async () => {}),
|
||||
getGoal: vi.fn(async () => ({ goal: null })),
|
||||
getCronTasks: vi.fn(async () => ({ tasks: [] })),
|
||||
handlePrintMainTurnCompleted: vi.fn(async (): Promise<'finish' | 'continue'> => 'finish'),
|
||||
};
|
||||
|
||||
return {
|
||||
|
|
@ -67,42 +64,6 @@ const mocks = vi.hoisted(() => {
|
|||
harnessClose: vi.fn(),
|
||||
harnessTrack: vi.fn(),
|
||||
harnessGetCachedAccessToken: vi.fn(),
|
||||
runV2Print: vi.fn(
|
||||
async (
|
||||
opts: { readonly outputFormat?: string },
|
||||
version: string,
|
||||
io?: {
|
||||
readonly stdout?: { write(chunk: string): boolean };
|
||||
readonly stderr?: { write(chunk: string): boolean };
|
||||
},
|
||||
) => {
|
||||
// Mirror the native runner's output protocol so the version-banner
|
||||
// assertions stay meaningful: version first, then the assistant
|
||||
// message, then the resume hint — in the active output format.
|
||||
const stdout = io?.stdout ?? process.stdout;
|
||||
const stderr = io?.stderr ?? process.stderr;
|
||||
const outputFormat = opts?.outputFormat ?? 'text';
|
||||
if (outputFormat === 'stream-json') {
|
||||
stdout.write(
|
||||
`${JSON.stringify({ role: 'meta', type: 'system.version', version })}\n`,
|
||||
);
|
||||
stdout.write(`${JSON.stringify({ role: 'assistant', content: 'hello world' })}\n`);
|
||||
stdout.write(
|
||||
`${JSON.stringify({
|
||||
role: 'meta',
|
||||
type: 'session.resume_hint',
|
||||
session_id: 'ses_prompt',
|
||||
command: 'kimi -r ses_prompt',
|
||||
content: 'To resume this session: kimi -r ses_prompt',
|
||||
})}\n`,
|
||||
);
|
||||
return;
|
||||
}
|
||||
stderr.write(`kimi version ${version}\n`);
|
||||
stdout.write('• hello world\n\n');
|
||||
stderr.write('To resume this session: kimi -r ses_prompt\n');
|
||||
},
|
||||
),
|
||||
initializeTelemetry: vi.fn(),
|
||||
setCrashPhase: vi.fn(),
|
||||
shutdownTelemetry: vi.fn(),
|
||||
|
|
@ -165,14 +126,6 @@ vi.mock('@moonshot-ai/kimi-telemetry', () => ({
|
|||
withTelemetryContext: mocks.withTelemetryContext,
|
||||
}));
|
||||
|
||||
// The experimental v2 engine is loaded via a dynamic import from run-prompt.ts
|
||||
// when KIMI_CODE_EXPERIMENTAL_FLAG is set. Mock the native v2 runner so tests
|
||||
// that flip that flag can exercise the dispatch without pulling in the real
|
||||
// agent-core-v2 graph.
|
||||
vi.mock('../../src/cli/v2/run-v2-print', () => ({
|
||||
runV2Print: mocks.runV2Print,
|
||||
}));
|
||||
|
||||
function opts(overrides: Partial<Parameters<typeof runPrompt>[0]> = {}) {
|
||||
return {
|
||||
session: undefined,
|
||||
|
|
@ -232,17 +185,8 @@ async function waitForAssertion(assertion: () => void): Promise<void> {
|
|||
}
|
||||
|
||||
describe('runPrompt', () => {
|
||||
beforeEach(() => {
|
||||
// Pin the experimental engine flag off so the default v1 path is
|
||||
// deterministic regardless of the host environment. Tests that exercise the
|
||||
// experimental path opt back in explicitly with `vi.stubEnv(..., '1')`.
|
||||
vi.stubEnv('KIMI_CODE_EXPERIMENTAL_FLAG', '');
|
||||
vi.stubEnv('KIMI_MODEL_OUTPUT_FORMAT', '');
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
vi.clearAllMocks();
|
||||
vi.unstubAllEnvs();
|
||||
mocks.eventHandlers.clear();
|
||||
mocks.createKimiDeviceId.mockImplementation(() => 'device-1');
|
||||
mocks.resolveKimiHome.mockImplementation(
|
||||
|
|
@ -722,59 +666,6 @@ describe('runPrompt', () => {
|
|||
);
|
||||
});
|
||||
|
||||
it('emits a stream-json meta line on retry and discards the failed attempt output', async () => {
|
||||
mocks.session.prompt.mockImplementationOnce(async () => {
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(mocks.mainEvent({ type: 'turn.started', turnId: 10, origin: { kind: 'user' } }));
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 10, delta: 'partial attempt' }));
|
||||
handler(
|
||||
mocks.mainEvent({
|
||||
type: 'turn.step.retrying',
|
||||
turnId: 10,
|
||||
step: 1,
|
||||
stepId: 'step-uuid',
|
||||
failedAttempt: 1,
|
||||
nextAttempt: 2,
|
||||
maxAttempts: 3,
|
||||
delayMs: 300,
|
||||
errorName: 'APIProviderRateLimitError',
|
||||
errorMessage: 'llmproxy/openai/responses/resp_abc.json status_code=429',
|
||||
statusCode: 429,
|
||||
}),
|
||||
);
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 10, delta: 'final answer' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 10, reason: 'completed' }));
|
||||
}
|
||||
});
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
|
||||
await runPrompt(opts({ outputFormat: 'stream-json' }), '1.2.3-test', { stdout, stderr });
|
||||
|
||||
const retryMeta = JSON.stringify({
|
||||
role: 'meta',
|
||||
type: 'turn.step.retrying',
|
||||
failed_attempt: 1,
|
||||
next_attempt: 2,
|
||||
max_attempts: 3,
|
||||
delay_ms: 300,
|
||||
error_name: 'APIProviderRateLimitError',
|
||||
error_message: 'llmproxy/openai/responses/resp_abc.json status_code=429',
|
||||
status_code: 429,
|
||||
});
|
||||
expect(stdout.text()).toBe(
|
||||
[
|
||||
retryMeta,
|
||||
'{"role":"assistant","content":"final answer"}',
|
||||
'{"role":"meta","type":"session.resume_hint","session_id":"ses_prompt","command":"kimi -r ses_prompt","content":"To resume this session: kimi -r ses_prompt"}',
|
||||
'',
|
||||
].join('\n'),
|
||||
);
|
||||
// The failed attempt's partial text must not leak as an assistant line.
|
||||
expect(stdout.text()).not.toContain('partial attempt');
|
||||
expect(stderr.text()).toBe('');
|
||||
});
|
||||
|
||||
it('flushes stream-json assistant output before waiting for background tasks', async () => {
|
||||
let releaseWait: () => void = () => {};
|
||||
const waitGate = new Promise<void>((resolve) => {
|
||||
|
|
@ -806,56 +697,6 @@ describe('runPrompt', () => {
|
|||
await runPromise;
|
||||
});
|
||||
|
||||
it('follows a background-steered second main turn before finishing in steer mode', async () => {
|
||||
// First end-of-turn: stay alive (a background task is still pending).
|
||||
// Second end-of-turn: finish.
|
||||
mocks.session.handlePrintMainTurnCompleted
|
||||
.mockResolvedValueOnce('continue')
|
||||
.mockResolvedValueOnce('finish');
|
||||
|
||||
mocks.session.prompt.mockImplementationOnce(async () => {
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(mocks.mainEvent({ type: 'turn.started', turnId: 10, origin: { kind: 'user' } }));
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 10, delta: 'first' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 10, reason: 'completed' }));
|
||||
}
|
||||
});
|
||||
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
const runPromise = runPrompt(opts({ outputFormat: 'stream-json' }), '1.2.3-test', {
|
||||
stdout,
|
||||
stderr,
|
||||
});
|
||||
|
||||
// The first turn's assistant message must be flushed and the end-of-turn
|
||||
// policy consulted, while the run stays alive (action === 'continue').
|
||||
await waitForAssertion(() => {
|
||||
expect(mocks.session.handlePrintMainTurnCompleted).toHaveBeenCalledTimes(1);
|
||||
expect(stdout.text()).toContain('{"role":"assistant","content":"first"}');
|
||||
});
|
||||
|
||||
// Simulate a background-task completion steering the main agent into a new
|
||||
// turn (the runtime does this via turn.steer; here we drive the events
|
||||
// directly to verify the driver follows and finishes only after it).
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(
|
||||
mocks.mainEvent({
|
||||
type: 'turn.started',
|
||||
turnId: 11,
|
||||
origin: { kind: 'background_task' },
|
||||
}),
|
||||
);
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 11, delta: 'second' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 11, reason: 'completed' }));
|
||||
}
|
||||
|
||||
await runPromise;
|
||||
|
||||
expect(mocks.session.handlePrintMainTurnCompleted).toHaveBeenCalledTimes(2);
|
||||
expect(stdout.text()).toContain('{"role":"assistant","content":"second"}');
|
||||
});
|
||||
|
||||
it('resumes a concrete session without a configured default model', async () => {
|
||||
mocks.harnessGetConfig.mockResolvedValueOnce({ providers: {}, telemetry: true });
|
||||
mocks.session.getStatus.mockResolvedValueOnce({ permission: 'manual', model: 'saved-model' });
|
||||
|
|
@ -1147,13 +988,7 @@ describe('runPrompt', () => {
|
|||
mocks.mainEvent({
|
||||
type: 'turn.ended',
|
||||
turnId: 2,
|
||||
reason: 'failed',
|
||||
error: {
|
||||
code: 'provider.filtered',
|
||||
message: 'Provider safety policy blocked the response.',
|
||||
name: 'ProviderFilteredError',
|
||||
retryable: false,
|
||||
},
|
||||
reason: 'filtered',
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
|
@ -1189,213 +1024,4 @@ describe('runPrompt', () => {
|
|||
const handler = mocks.session.setQuestionHandler.mock.calls[0]![0] as () => unknown;
|
||||
expect(handler()).toBeNull();
|
||||
});
|
||||
|
||||
it('emits the version first in text mode when the experimental flag is enabled', async () => {
|
||||
vi.stubEnv('KIMI_CODE_EXPERIMENTAL_FLAG', '1');
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
|
||||
await runPrompt(opts(), '1.2.3-test', { stdout, stderr });
|
||||
|
||||
// The experimental engine is selected and the version banner is the very
|
||||
// first write, ahead of any assistant output or the resume hint.
|
||||
expect(mocks.runV2Print).toHaveBeenCalled();
|
||||
expect(mocks.kimiHarnessConstructor).not.toHaveBeenCalled();
|
||||
expect(stderr.write).toHaveBeenNthCalledWith(1, 'kimi version 1.2.3-test\n');
|
||||
expect(stderr.text().startsWith('kimi version 1.2.3-test\n')).toBe(true);
|
||||
expect(stdout.text()).toBe('• hello world\n\n');
|
||||
});
|
||||
|
||||
it('emits the version first in stream-json mode when the experimental flag is enabled', async () => {
|
||||
vi.stubEnv('KIMI_CODE_EXPERIMENTAL_FLAG', '1');
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
|
||||
await runPrompt(opts({ outputFormat: 'stream-json' }), '1.2.3-test', {
|
||||
stdout,
|
||||
stderr,
|
||||
});
|
||||
|
||||
expect(mocks.runV2Print).toHaveBeenCalled();
|
||||
expect(mocks.kimiHarnessConstructor).not.toHaveBeenCalled();
|
||||
const lines = stdout.text().split('\n');
|
||||
expect(lines[0]).toBe(
|
||||
'{"role":"meta","type":"system.version","version":"1.2.3-test"}',
|
||||
);
|
||||
expect(stderr.text()).toBe('');
|
||||
});
|
||||
|
||||
it('does not emit the version when the experimental flag is disabled', async () => {
|
||||
vi.stubEnv('KIMI_CODE_EXPERIMENTAL_FLAG', '0');
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
|
||||
await runPrompt(opts(), '1.2.3-test', { stdout, stderr });
|
||||
|
||||
expect(mocks.runV2Print).not.toHaveBeenCalled();
|
||||
expect(mocks.kimiHarnessConstructor).toHaveBeenCalled();
|
||||
expect(stderr.text()).not.toContain('kimi version');
|
||||
});
|
||||
|
||||
it('does not settle on end_turn while a goal is still active', async () => {
|
||||
mocks.session.prompt.mockImplementationOnce(async () => {
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(mocks.mainEvent({ type: 'turn.started', turnId: 1, origin: { kind: 'user' } }));
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 1, delta: 'created a goal' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 1, reason: 'completed' }));
|
||||
}
|
||||
});
|
||||
// First evaluation (after turn 1) sees an active goal; the continuation
|
||||
// turn's evaluation sees the goal gone (completed → record cleared).
|
||||
mocks.session.getGoal.mockResolvedValueOnce({ goal: { status: 'active' } } as never);
|
||||
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
let settled = false;
|
||||
const run = runPrompt(opts(), '1.2.3-test', { stdout, stderr }).then(() => {
|
||||
settled = true;
|
||||
});
|
||||
|
||||
await waitForAssertion(() => {
|
||||
expect(mocks.session.getGoal).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
expect(settled).toBe(false);
|
||||
|
||||
// The goal driver launches the continuation turn on its own; the run
|
||||
// streams it and settles only once no goal is active anymore.
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(
|
||||
mocks.mainEvent({
|
||||
type: 'turn.started',
|
||||
turnId: 2,
|
||||
origin: { kind: 'system_trigger' },
|
||||
}),
|
||||
);
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 2, delta: 'goal work' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 2, reason: 'completed' }));
|
||||
}
|
||||
|
||||
await run;
|
||||
expect(settled).toBe(true);
|
||||
expect(stdout.text()).toContain('goal work');
|
||||
});
|
||||
|
||||
it('settles when the goal reaches a terminal state between turns with no trailing turn.ended', async () => {
|
||||
mocks.session.prompt.mockImplementationOnce(async () => {
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(mocks.mainEvent({ type: 'turn.started', turnId: 1, origin: { kind: 'user' } }));
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 1, delta: 'working' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 1, reason: 'completed' }));
|
||||
}
|
||||
});
|
||||
// Turn 1's evaluation sees the goal still active; the terminal
|
||||
// goal.updated (e.g. the driver blocked it on a hard budget) arrives with
|
||||
// no further turn.ended and must settle the run itself.
|
||||
mocks.session.getGoal
|
||||
.mockResolvedValueOnce({ goal: { status: 'active' } } as never)
|
||||
.mockResolvedValue({ goal: { status: 'blocked' } } as never);
|
||||
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
let settled = false;
|
||||
const run = runPrompt(opts(), '1.2.3-test', { stdout, stderr }).then(() => {
|
||||
settled = true;
|
||||
});
|
||||
|
||||
await waitForAssertion(() => {
|
||||
expect(mocks.session.getGoal).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
expect(settled).toBe(false);
|
||||
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(
|
||||
mocks.mainEvent({
|
||||
type: 'goal.updated',
|
||||
snapshot: { status: 'blocked' },
|
||||
change: { kind: 'blocked' },
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
||||
await run;
|
||||
expect(settled).toBe(true);
|
||||
});
|
||||
|
||||
it('does not settle on end_turn while a cron task is pending, then lets the fire drive a turn', async () => {
|
||||
mocks.session.prompt.mockImplementationOnce(async () => {
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(mocks.mainEvent({ type: 'turn.started', turnId: 1, origin: { kind: 'user' } }));
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 1, delta: 'scheduled a reminder' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 1, reason: 'completed' }));
|
||||
}
|
||||
});
|
||||
// Turn 1 leaves a pending one-shot cron task; its fire steers turn 2, and
|
||||
// by turn 2's evaluation the task has fired and been removed.
|
||||
mocks.session.getCronTasks
|
||||
.mockResolvedValueOnce({
|
||||
tasks: [
|
||||
{
|
||||
id: '3f9a1c2e',
|
||||
cron: '*/5 * * * *',
|
||||
recurring: false,
|
||||
createdAt: 1,
|
||||
lastFiredAt: undefined,
|
||||
nextFireAt: Date.now() + 60_000,
|
||||
},
|
||||
],
|
||||
} as never)
|
||||
.mockResolvedValue({ tasks: [] } as never);
|
||||
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
let settled = false;
|
||||
const run = runPrompt(opts(), '1.2.3-test', { stdout, stderr }).then(() => {
|
||||
settled = true;
|
||||
});
|
||||
|
||||
await waitForAssertion(() => {
|
||||
expect(mocks.session.getCronTasks).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
expect(settled).toBe(false);
|
||||
|
||||
// The cron fire steers a fresh turn; the run streams it and settles once
|
||||
// no pending tasks remain.
|
||||
for (const handler of mocks.eventHandlers) {
|
||||
handler(
|
||||
mocks.mainEvent({
|
||||
type: 'turn.started',
|
||||
turnId: 2,
|
||||
origin: { kind: 'cron_job' },
|
||||
}),
|
||||
);
|
||||
handler(mocks.mainEvent({ type: 'assistant.delta', turnId: 2, delta: 'cron ran' }));
|
||||
handler(mocks.mainEvent({ type: 'turn.ended', turnId: 2, reason: 'completed' }));
|
||||
}
|
||||
|
||||
await run;
|
||||
expect(settled).toBe(true);
|
||||
expect(stdout.text()).toContain('cron ran');
|
||||
});
|
||||
|
||||
it('does not wait for cron tasks whose expression has no future fire', async () => {
|
||||
mocks.session.getCronTasks.mockResolvedValue({
|
||||
tasks: [
|
||||
{
|
||||
id: '3f9a1c2e',
|
||||
cron: '0 0 31 2 *',
|
||||
recurring: true,
|
||||
createdAt: 1,
|
||||
lastFiredAt: undefined,
|
||||
nextFireAt: null,
|
||||
},
|
||||
],
|
||||
} as never);
|
||||
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
await runPrompt(opts(), '1.2.3-test', { stdout, stderr });
|
||||
|
||||
expect(stdout.text()).toBe('• hello world\n\n');
|
||||
expect(mocks.harnessClose).toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -671,36 +671,6 @@ describe('shared parsers stay strict', () => {
|
|||
});
|
||||
});
|
||||
|
||||
describe('server-v2 routing (KIMI_CODE_EXPERIMENTAL_FLAG)', () => {
|
||||
it('is off when the env is unset or blank', async () => {
|
||||
const { isServerV2Enabled } = await import('#/cli/sub/server/run');
|
||||
expect(isServerV2Enabled({})).toBe(false);
|
||||
expect(isServerV2Enabled({ KIMI_CODE_EXPERIMENTAL_FLAG: '' })).toBe(false);
|
||||
expect(isServerV2Enabled({ KIMI_CODE_EXPERIMENTAL_FLAG: ' ' })).toBe(false);
|
||||
});
|
||||
|
||||
it('is on for the documented truthy values (case-insensitive)', async () => {
|
||||
const { isServerV2Enabled } = await import('#/cli/sub/server/run');
|
||||
for (const value of ['1', 'true', 'yes', 'on', 'TRUE', 'Yes', 'ON']) {
|
||||
expect(isServerV2Enabled({ KIMI_CODE_EXPERIMENTAL_FLAG: value })).toBe(true);
|
||||
}
|
||||
});
|
||||
|
||||
it('is off for explicit falsey values and arbitrary strings', async () => {
|
||||
const { isServerV2Enabled } = await import('#/cli/sub/server/run');
|
||||
for (const value of ['0', 'false', 'no', 'off', '2', 'server-v2']) {
|
||||
expect(isServerV2Enabled({ KIMI_CODE_EXPERIMENTAL_FLAG: value })).toBe(false);
|
||||
}
|
||||
});
|
||||
|
||||
it('is the canonical experimental-v2 gate', async () => {
|
||||
const { isServerV2Enabled } = await import('#/cli/sub/server/run');
|
||||
const { isKimiV2Enabled, KIMI_V2_ENV } = await import('#/cli/experimental-v2');
|
||||
expect(KIMI_V2_ENV).toBe('KIMI_CODE_EXPERIMENTAL_FLAG');
|
||||
expect(isServerV2Enabled).toBe(isKimiV2Enabled);
|
||||
});
|
||||
});
|
||||
|
||||
describe('server web asset directory resolution', () => {
|
||||
it('uses extracted SEA web assets when available', async () => {
|
||||
const { resolveServerWebAssetsDir } = await import('#/cli/sub/server/run');
|
||||
|
|
|
|||
|
|
@ -1,239 +0,0 @@
|
|||
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
|
||||
|
||||
import {
|
||||
IAgentGoalService,
|
||||
IAgentLifecycleService,
|
||||
IAgentPermissionModeService,
|
||||
IAgentProfileService,
|
||||
IAgentPromptService,
|
||||
IAgentTaskService,
|
||||
IAuthSummaryService,
|
||||
IBootstrapService,
|
||||
IConfigService,
|
||||
IEventBus,
|
||||
IFileSystemStorageService,
|
||||
IOAuthToolkit,
|
||||
ISessionIndex,
|
||||
ISessionLifecycleService,
|
||||
ITelemetryService,
|
||||
type DomainEvent,
|
||||
} from '@moonshot-ai/agent-core-v2';
|
||||
|
||||
import { runV2Print } from '../../src/cli/v2/run-v2-print';
|
||||
|
||||
const mocks = vi.hoisted(() => ({
|
||||
bootstrap: vi.fn(),
|
||||
ensureMainAgent: vi.fn(),
|
||||
createKimiDefaultHeaders: vi.fn(() => ({})),
|
||||
resolveKimiHome: vi.fn((homeDir?: string) => homeDir ?? '/tmp/kimi-code-test-home'),
|
||||
createKimiDeviceId: vi.fn(() => 'device-1'),
|
||||
}));
|
||||
|
||||
vi.mock('@moonshot-ai/agent-core-v2', async (importOriginal) => {
|
||||
const actual = await importOriginal<typeof import('@moonshot-ai/agent-core-v2')>();
|
||||
return {
|
||||
...actual,
|
||||
bootstrap: mocks.bootstrap,
|
||||
ensureMainAgent: mocks.ensureMainAgent,
|
||||
};
|
||||
});
|
||||
|
||||
vi.mock('@moonshot-ai/kimi-code-oauth', async () => {
|
||||
const actual = await vi.importActual<typeof import('@moonshot-ai/kimi-code-oauth')>(
|
||||
'@moonshot-ai/kimi-code-oauth',
|
||||
);
|
||||
return {
|
||||
...actual,
|
||||
createKimiDefaultHeaders: mocks.createKimiDefaultHeaders,
|
||||
createKimiDeviceId: mocks.createKimiDeviceId,
|
||||
};
|
||||
});
|
||||
|
||||
vi.mock('@moonshot-ai/kimi-code-sdk', async (importOriginal) => {
|
||||
const actual = await importOriginal<typeof import('@moonshot-ai/kimi-code-sdk')>();
|
||||
return {
|
||||
...actual,
|
||||
resolveKimiHome: mocks.resolveKimiHome,
|
||||
};
|
||||
});
|
||||
|
||||
vi.mock('@moonshot-ai/kimi-telemetry', () => ({
|
||||
initializeTelemetry: vi.fn(),
|
||||
setCrashPhase: vi.fn(),
|
||||
shutdownTelemetry: vi.fn(),
|
||||
track: vi.fn(),
|
||||
setTelemetryContext: vi.fn(),
|
||||
withTelemetryContext: vi.fn(() => ({ track: vi.fn() })),
|
||||
}));
|
||||
|
||||
interface FakeScope {
|
||||
readonly id: string;
|
||||
readonly accessor: { readonly get: (token: unknown) => unknown };
|
||||
readonly dispose: ReturnType<typeof vi.fn>;
|
||||
}
|
||||
|
||||
function fakeScope(id: string, services: Map<unknown, unknown>): FakeScope {
|
||||
return {
|
||||
id,
|
||||
accessor: {
|
||||
get: (token: unknown) => {
|
||||
if (!services.has(token)) throw new Error(`unexpected service request: ${String(token)}`);
|
||||
return services.get(token);
|
||||
},
|
||||
},
|
||||
dispose: vi.fn(),
|
||||
};
|
||||
}
|
||||
|
||||
function writer() {
|
||||
let text = '';
|
||||
return {
|
||||
write: vi.fn((chunk: string) => {
|
||||
text += chunk;
|
||||
return true;
|
||||
}),
|
||||
text: () => text,
|
||||
};
|
||||
}
|
||||
|
||||
function opts(overrides: Record<string, unknown> = {}) {
|
||||
return {
|
||||
session: undefined,
|
||||
continue: false,
|
||||
yolo: false,
|
||||
auto: false,
|
||||
plan: false,
|
||||
model: undefined,
|
||||
outputFormat: undefined,
|
||||
prompt: 'say hello',
|
||||
skillsDirs: [],
|
||||
addDirs: [],
|
||||
...overrides,
|
||||
} as const;
|
||||
}
|
||||
|
||||
describe('runV2Print', () => {
|
||||
beforeEach(() => {
|
||||
vi.stubEnv('KIMI_CODE_EXPERIMENTAL_FLAG', '1');
|
||||
vi.stubEnv('KIMI_MODEL_OUTPUT_FORMAT', '');
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
vi.clearAllMocks();
|
||||
vi.unstubAllEnvs();
|
||||
});
|
||||
|
||||
it('submits a prompt, renders native events, awaits completion, and drains', async () => {
|
||||
const stdout = writer();
|
||||
const stderr = writer();
|
||||
|
||||
// Native event listeners registered on the main agent's IEventBus; the turn
|
||||
// emits a streaming assistant delta before completing.
|
||||
const eventListeners = new Set<(event: DomainEvent) => void>();
|
||||
|
||||
const agentServices = new Map<unknown, unknown>([
|
||||
[IAgentProfileService, { setModel: vi.fn(async () => ({ model: 'k2' })), getModel: () => 'k2' }],
|
||||
[IAgentPermissionModeService, { mode: 'auto', setMode: vi.fn() }],
|
||||
[IAuthSummaryService, { ensureReady: vi.fn(async () => {}) }],
|
||||
[
|
||||
IEventBus,
|
||||
{
|
||||
subscribe: vi.fn((handler: (event: DomainEvent) => void) => {
|
||||
eventListeners.add(handler);
|
||||
return { dispose: () => eventListeners.delete(handler) };
|
||||
}),
|
||||
},
|
||||
],
|
||||
[
|
||||
IAgentPromptService,
|
||||
{
|
||||
enqueue: vi.fn(async () => {
|
||||
// Emit a native assistant delta on the main agent bus, then complete.
|
||||
for (const listener of [...eventListeners]) {
|
||||
listener({ type: 'assistant.delta', turnId: 1, delta: 'hello world' } as DomainEvent);
|
||||
}
|
||||
return {
|
||||
launched: Promise.resolve({
|
||||
id: 1,
|
||||
result: Promise.resolve({ type: 'completed' }),
|
||||
}),
|
||||
};
|
||||
}),
|
||||
},
|
||||
],
|
||||
[IAgentTaskService, { list: vi.fn(() => []) }],
|
||||
[IAgentGoalService, { createGoal: vi.fn(), getGoal: vi.fn() }],
|
||||
]);
|
||||
const agent = fakeScope('main', agentServices);
|
||||
|
||||
const sessionServices = new Map<unknown, unknown>([
|
||||
// drain enumerates agents; empty → no background work to wait on.
|
||||
[IAgentLifecycleService, { list: vi.fn(() => []) }],
|
||||
]);
|
||||
const session = fakeScope('ses_v2', sessionServices);
|
||||
|
||||
const appServices = new Map<unknown, unknown>([
|
||||
[
|
||||
IConfigService,
|
||||
{
|
||||
ready: Promise.resolve(),
|
||||
get: vi.fn((section: string) => (section === 'defaultModel' ? 'k2' : undefined)),
|
||||
diagnostics: vi.fn(() => []),
|
||||
},
|
||||
],
|
||||
[
|
||||
ISessionLifecycleService,
|
||||
{
|
||||
create: vi.fn(async () => session),
|
||||
resume: vi.fn(async () => session),
|
||||
},
|
||||
],
|
||||
[ISessionIndex, { list: vi.fn(async () => ({ items: [] })) }],
|
||||
[
|
||||
IBootstrapService,
|
||||
{
|
||||
platform: 'linux',
|
||||
arch: 'x64',
|
||||
clientVersion: '1.2.3-test',
|
||||
getEnv: () => undefined,
|
||||
},
|
||||
],
|
||||
[IOAuthToolkit, { getCachedAccessToken: vi.fn(async () => undefined) }],
|
||||
[IFileSystemStorageService, {}],
|
||||
[
|
||||
ITelemetryService,
|
||||
(() => {
|
||||
const svc = {
|
||||
setAppender: vi.fn(),
|
||||
setContext: vi.fn(),
|
||||
track: vi.fn(),
|
||||
track2: vi.fn(),
|
||||
shutdown: vi.fn(async () => {}),
|
||||
withContext: vi.fn(() => svc),
|
||||
};
|
||||
return svc;
|
||||
})(),
|
||||
],
|
||||
]);
|
||||
const app = fakeScope('app', appServices);
|
||||
|
||||
mocks.bootstrap.mockReturnValue({ app });
|
||||
mocks.ensureMainAgent.mockResolvedValue(agent);
|
||||
|
||||
await runV2Print(opts() as never, '1.2.3-test', { stdout, stderr });
|
||||
|
||||
const promptService = agentServices.get(IAgentPromptService) as { enqueue: ReturnType<typeof vi.fn> };
|
||||
expect(promptService.enqueue).toHaveBeenCalledWith({
|
||||
message: {
|
||||
role: 'user',
|
||||
content: [{ type: 'text', text: 'say hello' }],
|
||||
toolCalls: [],
|
||||
origin: { kind: 'user' },
|
||||
},
|
||||
});
|
||||
// Version banner is first, then the rendered assistant output.
|
||||
expect(stderr.write).toHaveBeenNthCalledWith(1, 'kimi version 1.2.3-test\n');
|
||||
expect(stdout.text()).toContain('hello world');
|
||||
expect(app.dispose).toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
|
@ -313,7 +313,7 @@ describe('plugins selector dialogs', () => {
|
|||
panel.handleInput('\r');
|
||||
expect(onSelect).toHaveBeenCalledWith({
|
||||
kind: 'open-url',
|
||||
url: 'https://www.kimi.com/features/webbridge#local-agent',
|
||||
url: 'https://www.kimi.com/features/webbridge',
|
||||
label: 'Kimi WebBridge',
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@ describe('clipboard image paste compression', () => {
|
|||
// the submitted image both read from these bytes, so they cannot diverge.
|
||||
const dims = parseImageMeta(att.bytes);
|
||||
expect(dims).not.toBeNull();
|
||||
expect(Math.max(dims!.width, dims!.height)).toBeLessThanOrEqual(3000);
|
||||
expect(Math.max(dims!.width, dims!.height)).toBeLessThanOrEqual(2000);
|
||||
});
|
||||
|
||||
it('honors the harness [image] max_edge_px when pasting', async () => {
|
||||
|
|
|
|||
|
|
@ -2931,45 +2931,6 @@ command = "vim"
|
|||
expect(transcript).not.toContain('/export-debug-zip');
|
||||
});
|
||||
|
||||
it('shows a programmatic abort reason instead of reporting a user interruption', async () => {
|
||||
const { driver } = await makeDriver();
|
||||
|
||||
driver.sessionEventHandler.handleEvent(
|
||||
{
|
||||
type: 'turn.step.interrupted',
|
||||
agentId: 'main',
|
||||
sessionId: 'ses-1',
|
||||
turnId: 1,
|
||||
step: 1,
|
||||
reason: 'aborted',
|
||||
message: 'Tool execution timed out',
|
||||
} as Event,
|
||||
vi.fn(),
|
||||
);
|
||||
|
||||
const transcript = stripSgr(renderTranscript(driver));
|
||||
expect(transcript).toContain('Error: Tool execution timed out');
|
||||
expect(transcript).not.toContain('Interrupted by user');
|
||||
});
|
||||
|
||||
it('keeps unmessaged aborted events compatible with user interruptions', async () => {
|
||||
const { driver } = await makeDriver();
|
||||
|
||||
driver.sessionEventHandler.handleEvent(
|
||||
{
|
||||
type: 'turn.step.interrupted',
|
||||
agentId: 'main',
|
||||
sessionId: 'ses-1',
|
||||
turnId: 1,
|
||||
step: 1,
|
||||
reason: 'aborted',
|
||||
} as Event,
|
||||
vi.fn(),
|
||||
);
|
||||
|
||||
expect(stripSgr(renderTranscript(driver))).toContain('Interrupted by user');
|
||||
});
|
||||
|
||||
it('appends the /export-debug-zip hint beneath session error messages', async () => {
|
||||
const { driver } = await makeDriver();
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ import { resolve } from 'node:path';
|
|||
|
||||
import { defineConfig } from 'tsdown';
|
||||
|
||||
import { hashImportsPlugin } from '../../build/hash-imports-plugin.mjs';
|
||||
import { rawTextPlugin } from '../../build/raw-text-plugin.mjs';
|
||||
import { BUILT_IN_CATALOG_DEFINE, builtInCatalogDefine } from './scripts/built-in-catalog.mjs';
|
||||
|
||||
|
|
@ -24,7 +23,7 @@ export default defineConfig({
|
|||
'const __dirname = __cjsShimDirname(__filename);',
|
||||
].join('\n'),
|
||||
},
|
||||
plugins: [hashImportsPlugin(), rawTextPlugin()],
|
||||
plugins: [rawTextPlugin()],
|
||||
alias: {
|
||||
'@': resolve(appRoot, 'src'),
|
||||
},
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ import { resolve } from 'node:path';
|
|||
|
||||
import { defineConfig } from 'tsdown';
|
||||
|
||||
import { hashImportsPlugin } from '../../build/hash-imports-plugin.mjs';
|
||||
import { rawTextPlugin } from '../../build/raw-text-plugin.mjs';
|
||||
import { BUILT_IN_CATALOG_DEFINE, builtInCatalogDefine } from './scripts/built-in-catalog.mjs';
|
||||
|
||||
|
|
@ -43,7 +42,7 @@ export default defineConfig({
|
|||
platform: 'node',
|
||||
target: 'node24',
|
||||
banner: { js: '#!/usr/bin/env node' },
|
||||
plugins: [hashImportsPlugin(), rawTextPlugin()],
|
||||
plugins: [rawTextPlugin()],
|
||||
alias: {
|
||||
'@': resolve(appRoot, 'src'),
|
||||
},
|
||||
|
|
|
|||
|
|
@ -46,13 +46,10 @@ import Icon from './components/ui/Icon.vue';
|
|||
import InternalBuildBanner from './components/InternalBuildBanner.vue';
|
||||
import { isMacosDesktop } from './lib/desktopFlag';
|
||||
|
||||
// Hydrate the server-transport credential (fragment token or localStorage)
|
||||
// Hydrate the server-transport credential (fragment token or sessionStorage)
|
||||
// BEFORE the client connects, so the first REST/WS calls already carry it.
|
||||
initServerAuth();
|
||||
// Stays false until the server actually rejects us with 401/40101. Starting
|
||||
// from "no credential ⇒ prompt" flashed the token dialog for a frame in
|
||||
// `--dangerous-bypass-auth` mode, before /meta had advertised the bypass.
|
||||
const authRequired = ref(false);
|
||||
const hasServerCredential = initServerAuth();
|
||||
const authRequired = ref(!hasServerCredential);
|
||||
let offAuthRequired: (() => void) | null = null;
|
||||
|
||||
const client = useKimiWebClient();
|
||||
|
|
@ -113,8 +110,10 @@ usePageTitle({ running, showAuthGate });
|
|||
// segment for the active model (effort models cycle through their declared
|
||||
// levels; boolean models flip on/off; unsupported stays off).
|
||||
function nextThinkingLevel(current: ThinkingLevel): ThinkingLevel {
|
||||
// Identity is the model id — display/model names can collide across providers.
|
||||
const model = client.models.value.find((m) => m.id === client.status.value.modelId);
|
||||
const raw = client.status.value.modelId ?? client.status.value.model ?? '';
|
||||
const model = client.models.value.find(
|
||||
(m) => m.id === raw || m.model === raw || m.displayName === client.status.value.model,
|
||||
);
|
||||
const segs = segmentsFor(model);
|
||||
// Coerce the stored level against the active model before indexing, so a
|
||||
// stale value (e.g. 'on' from a boolean model) doesn't resolve to index -1
|
||||
|
|
@ -137,19 +136,17 @@ function openOnboarding(): void {
|
|||
}
|
||||
|
||||
onMounted(() => {
|
||||
// Register the 401 listener before the first requests go out, so a token
|
||||
// rejection during the initial load() can never be missed.
|
||||
void client.load();
|
||||
loadSidebarCollapsed();
|
||||
// Capture-phase so Escape closes the side detail layer BEFORE the
|
||||
// conversation pane's bubble-phase handler interrupts a running prompt.
|
||||
document.addEventListener('keydown', onGlobalKeydown, true);
|
||||
offAuthRequired = onAuthRequired(() => {
|
||||
authRequired.value = true;
|
||||
// The server now demands a token, so any cached "bypass" state from a
|
||||
// previous mode is stale — drop it so the token prompt can show.
|
||||
client.clearDangerousBypassAuth();
|
||||
});
|
||||
void client.load();
|
||||
loadSidebarCollapsed();
|
||||
// Capture-phase so Escape closes the side detail layer BEFORE the
|
||||
// conversation pane's bubble-phase handler interrupts a running prompt.
|
||||
document.addEventListener('keydown', onGlobalKeydown, true);
|
||||
});
|
||||
|
||||
onUnmounted(() => {
|
||||
|
|
@ -990,14 +987,12 @@ function openPr(url: string): void {
|
|||
|
||||
<!-- Global connecting splash on first load (until the daemon round-trips) -->
|
||||
<Transition name="gload-fade">
|
||||
<GlobalLoading v-if="!client.initialized.value" :issue="client.connectIssue.value" />
|
||||
<GlobalLoading v-if="!client.initialized.value" />
|
||||
</Transition>
|
||||
|
||||
<!-- First-run onboarding overlay (language + welcome greeting). Held back
|
||||
until the first load settled so it can't cover the connecting splash
|
||||
(it teleports to <body> and would float above the retry error). -->
|
||||
<!-- First-run onboarding overlay (language + welcome greeting) -->
|
||||
<Onboarding
|
||||
v-if="client.initialized.value && showOnboarding && !showAuthGate"
|
||||
v-if="showOnboarding && !showAuthGate"
|
||||
@complete="completeOnboarding"
|
||||
@skip="completeOnboarding"
|
||||
/>
|
||||
|
|
|
|||
|
|
@ -499,11 +499,10 @@ export interface AgentProjector {
|
|||
/**
|
||||
* Seed mid-turn state from a session snapshot's `in_flight_turn` (v2 sync):
|
||||
* resets per-session state, builds the partially-streamed assistant message
|
||||
* (thinking + text + running tool_use parts), and returns the messageCreated
|
||||
* AppEvent to apply to the reducer. Live deltas continue appending; their
|
||||
* wire `offset` aligns against the seeded text so the overlap window around
|
||||
* snapshot/subscribe is exact. Session status is NOT seeded here — the REST
|
||||
* snapshot's `session.status` is the authoritative value.
|
||||
* (thinking + text + running tool_use parts), and returns the AppEvents
|
||||
* (sessionStatusChanged + messageCreated) to apply to the reducer. Live
|
||||
* deltas continue appending; their wire `offset` aligns against the seeded
|
||||
* text so the overlap window around snapshot/subscribe is exact.
|
||||
*/
|
||||
seedInFlight(sessionId: string, turn: AppInFlightTurn): AppEvent[];
|
||||
/** Reset all per-session state (call on re-subscribe / resync). */
|
||||
|
|
@ -575,7 +574,16 @@ export function createAgentProjector(): AgentProjector {
|
|||
s.turnTextLen = turn.assistantText.length;
|
||||
s.turnThinkLen = turn.thinkingText.length;
|
||||
|
||||
return [{ type: 'messageCreated', message: cloneMessage(msg) }];
|
||||
return [
|
||||
{
|
||||
type: 'sessionStatusChanged',
|
||||
sessionId,
|
||||
status: 'running',
|
||||
previousStatus: 'idle',
|
||||
currentPromptId: promptId,
|
||||
},
|
||||
{ type: 'messageCreated', message: cloneMessage(msg) },
|
||||
];
|
||||
}
|
||||
|
||||
function project(
|
||||
|
|
@ -693,12 +701,6 @@ export function createAgentProjector(): AgentProjector {
|
|||
// -----------------------------------------------------------------------
|
||||
case 'turn.started': {
|
||||
// Bind turnId → promptId. Generate a synthetic one if none was pre-bound.
|
||||
// Session status is intentionally NOT projected here — the daemon's
|
||||
// `event.session.status_changed` is the single source of status
|
||||
// transitions (it carries the authoritative previousStatus /
|
||||
// currentPromptId and dedupes per real transition); projecting a
|
||||
// second running/idle event per turn from the raw stream made every
|
||||
// turn-end consumer (notifications, sounds) fire twice.
|
||||
const turnId: number = p?.turnId;
|
||||
const existingPromptId = s.currentPromptId ?? ulid('pr_');
|
||||
s.currentPromptId = existingPromptId;
|
||||
|
|
@ -708,6 +710,14 @@ export function createAgentProjector(): AgentProjector {
|
|||
// Fresh turn → fresh per-turn stream offsets.
|
||||
s.turnTextLen = 0;
|
||||
s.turnThinkLen = 0;
|
||||
|
||||
out.push({
|
||||
type: 'sessionStatusChanged',
|
||||
sessionId,
|
||||
status: 'running',
|
||||
previousStatus: 'idle',
|
||||
currentPromptId: existingPromptId,
|
||||
});
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -953,7 +963,7 @@ export function createAgentProjector(): AgentProjector {
|
|||
sessionId,
|
||||
messageId: msgId,
|
||||
content: msg.content.map((c) => ({ ...c })),
|
||||
status: reason === 'failed' || reason === 'blocked' ? 'error' : 'completed',
|
||||
status: reason === 'failed' || reason === 'filtered' ? 'error' : 'completed',
|
||||
durationMs,
|
||||
});
|
||||
}
|
||||
|
|
@ -963,8 +973,14 @@ export function createAgentProjector(): AgentProjector {
|
|||
const usageSnapshot = buildUsageSnapshot(s);
|
||||
out.push({ type: 'sessionUsageUpdated', sessionId, usage: usageSnapshot });
|
||||
|
||||
// No sessionStatusChanged here — see turn.started. The daemon's
|
||||
// `event.session.status_changed` flips the session to idle/aborted.
|
||||
const newStatus =
|
||||
reason === 'cancelled' || reason === 'failed' || reason === 'filtered' ? 'aborted' : 'idle';
|
||||
out.push({
|
||||
type: 'sessionStatusChanged',
|
||||
sessionId,
|
||||
status: newStatus,
|
||||
previousStatus: 'running',
|
||||
});
|
||||
|
||||
// Clear per-turn state. Reset the stream offsets too so a stale length
|
||||
// from this turn can't wedge the next turn's delta alignment into a
|
||||
|
|
@ -1092,10 +1108,10 @@ export function createAgentProjector(): AgentProjector {
|
|||
}
|
||||
|
||||
// -----------------------------------------------------------------------
|
||||
// Tasks (e.g. a detached Bash command). Real daemon shape:
|
||||
// Background tasks (e.g. a backgrounded Bash command). Real daemon shape:
|
||||
// payload.info = { taskId, description, status, startedAt(ms), endedAt,
|
||||
// kind:'process', command, pid, exitCode }.
|
||||
case 'task.started': {
|
||||
case 'background.task.started': {
|
||||
const info = (p?.info ?? {}) as Record<string, unknown>;
|
||||
const startedAt =
|
||||
typeof info.startedAt === 'number' ? new Date(info.startedAt).toISOString() : undefined;
|
||||
|
|
@ -1129,7 +1145,7 @@ export function createAgentProjector(): AgentProjector {
|
|||
});
|
||||
break;
|
||||
}
|
||||
case 'task.terminated': {
|
||||
case 'background.task.terminated': {
|
||||
const info = (p?.info ?? {}) as Record<string, unknown>;
|
||||
const failed =
|
||||
info.status === 'failed' ||
|
||||
|
|
@ -1317,8 +1333,6 @@ const KNOWN_AGENT_CORE_TYPES = new Set([
|
|||
'subagent.suspended',
|
||||
'subagent.completed',
|
||||
'subagent.failed',
|
||||
'task.started',
|
||||
'task.terminated',
|
||||
'background.task.started',
|
||||
'background.task.terminated',
|
||||
'cron.fired',
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ import type {
|
|||
KimiEventConnection,
|
||||
KimiEventHandlers,
|
||||
KimiWebApi,
|
||||
OAuthLoginStartResult,
|
||||
Page,
|
||||
PageRequest,
|
||||
PromptSubmission,
|
||||
|
|
@ -56,7 +55,7 @@ import {
|
|||
} from './mappers';
|
||||
import type {
|
||||
WireAuthResult,
|
||||
WireTask,
|
||||
WireBackgroundTask,
|
||||
WireConfig,
|
||||
WireEvent,
|
||||
WireFileMeta,
|
||||
|
|
@ -662,7 +661,7 @@ export class DaemonKimiWebApi implements KimiWebApi {
|
|||
const query: Record<string, string | undefined> = {
|
||||
status: status,
|
||||
};
|
||||
const data = await this.http.get<{ items: WireTask[] }>(
|
||||
const data = await this.http.get<{ items: WireBackgroundTask[] }>(
|
||||
`/sessions/${encodeURIComponent(sessionId)}/tasks`,
|
||||
query,
|
||||
);
|
||||
|
|
@ -678,7 +677,7 @@ export class DaemonKimiWebApi implements KimiWebApi {
|
|||
with_output: input?.withOutput,
|
||||
output_bytes: input?.outputBytes,
|
||||
};
|
||||
const data = await this.http.get<WireTask>(
|
||||
const data = await this.http.get<WireBackgroundTask>(
|
||||
`/sessions/${encodeURIComponent(sessionId)}/tasks/${encodeURIComponent(taskId)}`,
|
||||
query,
|
||||
);
|
||||
|
|
@ -1185,24 +1184,27 @@ export class DaemonKimiWebApi implements KimiWebApi {
|
|||
};
|
||||
}
|
||||
|
||||
async startOAuthLogin(): Promise<OAuthLoginStartResult> {
|
||||
async startOAuthLogin(): Promise<{
|
||||
flowId: string;
|
||||
provider: string;
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
status: 'pending';
|
||||
expiresAt: string;
|
||||
}> {
|
||||
const data = await this.http.post<WireOAuthLoginStartResult>('/oauth/login', {});
|
||||
if (data.status === 'authenticated') {
|
||||
return {
|
||||
flowId: data.flow_id,
|
||||
provider: data.provider,
|
||||
status: 'authenticated',
|
||||
};
|
||||
}
|
||||
return {
|
||||
flowId: data.flow_id,
|
||||
provider: data.provider,
|
||||
status: 'pending',
|
||||
verificationUri: data.verification_uri,
|
||||
verificationUriComplete: data.verification_uri_complete,
|
||||
userCode: data.user_code,
|
||||
expiresIn: data.expires_in,
|
||||
interval: data.interval,
|
||||
status: data.status,
|
||||
expiresAt: data.expires_at,
|
||||
};
|
||||
}
|
||||
|
|
@ -1353,12 +1355,11 @@ export class DaemonKimiWebApi implements KimiWebApi {
|
|||
},
|
||||
seedSnapshot(sessionId: string, snapshot: AppSessionSnapshot): void {
|
||||
// Rebuild the projector's mid-turn state from the snapshot. The
|
||||
// resulting AppEvent (the partially-streamed assistant message) flows
|
||||
// through the SAME onEvent path as live events, so the rendering layer
|
||||
// needs no special handling; session status comes from the snapshot's
|
||||
// authoritative session record. When there is no in-flight turn we
|
||||
// only reset, so stale turn state can't leak into the freshly-loaded
|
||||
// message list.
|
||||
// resulting AppEvents (running status + partially-streamed assistant
|
||||
// message) flow through the SAME onEvent path as live events, so the
|
||||
// rendering layer needs no special handling. When there is no
|
||||
// in-flight turn we only reset, so stale turn state can't leak into
|
||||
// the freshly-loaded message list.
|
||||
if (snapshot.inFlightTurn === null) {
|
||||
projector.reset(sessionId);
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ const BODY_PREVIEW_LIMIT = 500;
|
|||
|
||||
// Server-transport auth failure envelope code (see packages/server
|
||||
// middleware/auth.ts AUTH_ERROR_CODE). Distinct from provider-auth 40110–40113.
|
||||
export const SERVER_AUTH_UNAUTHORIZED_CODE = 40101;
|
||||
const SERVER_AUTH_UNAUTHORIZED_CODE = 40101;
|
||||
|
||||
export interface DaemonHttpClientIdentity {
|
||||
readonly clientId: string;
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ import type {
|
|||
import type {
|
||||
WireApprovalRequest,
|
||||
WireApprovalResponse,
|
||||
WireTask,
|
||||
WireBackgroundTask,
|
||||
WireFsEntry,
|
||||
WireImageSource,
|
||||
WireMessage,
|
||||
|
|
@ -364,7 +364,7 @@ export function toWireQuestionResponse(input: QuestionResponse): WireQuestionRes
|
|||
// Task mapper
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
export function toAppTask(wire: WireTask): AppTask {
|
||||
export function toAppTask(wire: WireBackgroundTask): AppTask {
|
||||
return {
|
||||
id: wire.id,
|
||||
sessionId: wire.session_id,
|
||||
|
|
@ -647,7 +647,7 @@ export function toAppEvent(wire: WireEvent): AppEvent {
|
|||
dismissedAt: w.payload.dismissed_at,
|
||||
};
|
||||
|
||||
// ----- Tasks -----
|
||||
// ----- Background tasks -----
|
||||
case 'event.task.created':
|
||||
return {
|
||||
type: 'taskCreated',
|
||||
|
|
|
|||
|
|
@ -9,24 +9,15 @@
|
|||
// does not linger in history or screenshots.
|
||||
// 2. From a token the user types into the ServerAuthDialog modal.
|
||||
//
|
||||
// The credential is held in memory and mirrored to localStorage for up to 7
|
||||
// days so it survives tab close and browser restarts without becoming a
|
||||
// permanent browser-profile secret. The token is already persisted server-side
|
||||
// at <KIMI_CODE_HOME>/server.token and handed to the browser in the launch URL.
|
||||
// `kimi server rotate-token` invalidates a stale copy, and the next 401 clears
|
||||
// it here.
|
||||
// The credential is held in memory and mirrored to sessionStorage so a page
|
||||
// refresh keeps working without re-prompting (sessionStorage is tab-scoped and
|
||||
// cleared when the tab closes — we deliberately do NOT use localStorage, since
|
||||
// the credential authenticates as the server).
|
||||
|
||||
const STORAGE_KEY = 'kimi-web.server-credential';
|
||||
const FRAGMENT_PARAM = 'token';
|
||||
const CREDENTIAL_TTL_MS = 7 * 24 * 60 * 60 * 1000;
|
||||
|
||||
interface StoredCredential {
|
||||
version: 1;
|
||||
credential: string;
|
||||
expiresAt: number;
|
||||
}
|
||||
|
||||
let memory: StoredCredential | undefined;
|
||||
let memory: string | undefined;
|
||||
|
||||
type AuthRequiredListener = () => void;
|
||||
const listeners = new Set<AuthRequiredListener>();
|
||||
|
|
@ -50,117 +41,9 @@ function readFragmentToken(): string | undefined {
|
|||
return token;
|
||||
}
|
||||
|
||||
function createStoredCredential(credential: string): StoredCredential {
|
||||
return {
|
||||
version: 1,
|
||||
credential,
|
||||
expiresAt: Date.now() + CREDENTIAL_TTL_MS,
|
||||
};
|
||||
}
|
||||
|
||||
function encodeStoredCredential(stored: StoredCredential): string {
|
||||
return JSON.stringify(stored);
|
||||
}
|
||||
|
||||
function decodeStoredCredential(raw: string): StoredCredential | undefined {
|
||||
function loadStored(): string | undefined {
|
||||
try {
|
||||
const parsed = JSON.parse(raw) as unknown;
|
||||
if (typeof parsed !== 'object' || parsed === null) return undefined;
|
||||
const record = parsed as Record<string, unknown>;
|
||||
if (
|
||||
record['version'] !== 1 ||
|
||||
typeof record['credential'] !== 'string' ||
|
||||
record['credential'].length === 0 ||
|
||||
typeof record['expiresAt'] !== 'number' ||
|
||||
!Number.isFinite(record['expiresAt'])
|
||||
) {
|
||||
return undefined;
|
||||
}
|
||||
return {
|
||||
version: 1,
|
||||
credential: record['credential'],
|
||||
expiresAt: record['expiresAt'],
|
||||
};
|
||||
} catch {
|
||||
return undefined;
|
||||
}
|
||||
}
|
||||
|
||||
function persistCredential(stored: StoredCredential): void {
|
||||
globalThis.localStorage?.setItem(
|
||||
STORAGE_KEY,
|
||||
encodeStoredCredential(stored),
|
||||
);
|
||||
}
|
||||
|
||||
function loadStored(): StoredCredential | undefined {
|
||||
try {
|
||||
const raw = globalThis.localStorage?.getItem(STORAGE_KEY);
|
||||
if (raw) {
|
||||
const stored = decodeStoredCredential(raw);
|
||||
if (stored === undefined) {
|
||||
// Upgrade values written by the initial localStorage implementation,
|
||||
// before persisted credentials carried an expiry timestamp.
|
||||
const migrated = createStoredCredential(raw);
|
||||
let migrationRecorded = false;
|
||||
try {
|
||||
persistCredential(migrated);
|
||||
migrationRecorded = true;
|
||||
} catch {
|
||||
// If the expiring record cannot be written, remove the undated value
|
||||
// so a reload cannot grant it a fresh 7-day window again.
|
||||
}
|
||||
if (!migrationRecorded) {
|
||||
try {
|
||||
if (globalThis.localStorage?.getItem(STORAGE_KEY) === raw) {
|
||||
globalThis.localStorage?.removeItem(STORAGE_KEY);
|
||||
}
|
||||
migrationRecorded = true;
|
||||
} catch {
|
||||
// Neither persisting nor removing succeeded; do not use a value
|
||||
// whose lifetime cannot be bounded.
|
||||
}
|
||||
}
|
||||
try {
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
} catch {
|
||||
// The local migration result above still determines whether it is safe.
|
||||
}
|
||||
return migrationRecorded ? migrated : undefined;
|
||||
}
|
||||
if (stored.expiresAt > Date.now()) return stored;
|
||||
// Do not revive an expired local credential from a leftover legacy
|
||||
// sessionStorage copy. Clear that tab-local copy first; if it cannot be
|
||||
// removed, keep the expired local record as a tombstone that prevents
|
||||
// the legacy value from receiving a new 7-day window on reload.
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
if (globalThis.localStorage?.getItem(STORAGE_KEY) === raw) {
|
||||
globalThis.localStorage?.removeItem(STORAGE_KEY);
|
||||
}
|
||||
return undefined;
|
||||
}
|
||||
// One-time upgrade: older builds kept the credential in sessionStorage
|
||||
// (tab-scoped). Adopt it into localStorage so the update itself does not
|
||||
// force the re-entry this change is meant to eliminate.
|
||||
const legacy = globalThis.sessionStorage?.getItem(STORAGE_KEY);
|
||||
if (legacy) {
|
||||
const migrated = createStoredCredential(legacy);
|
||||
let migrationRecorded = false;
|
||||
try {
|
||||
persistCredential(migrated);
|
||||
migrationRecorded = true;
|
||||
} catch {
|
||||
// Fall through and try to discard the undated session copy instead.
|
||||
}
|
||||
try {
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
migrationRecorded = true;
|
||||
} catch {
|
||||
// If both operations fail, its lifetime cannot be bounded.
|
||||
}
|
||||
return migrationRecorded ? migrated : undefined;
|
||||
}
|
||||
return undefined;
|
||||
return globalThis.sessionStorage?.getItem(STORAGE_KEY) ?? undefined;
|
||||
} catch {
|
||||
return undefined;
|
||||
}
|
||||
|
|
@ -181,79 +64,25 @@ export function initServerAuth(): boolean {
|
|||
return memory !== undefined;
|
||||
}
|
||||
|
||||
/** Current unexpired credential, or undefined if none is available. */
|
||||
/** Current credential, or undefined if none has been provided yet. */
|
||||
export function getCredential(): string | undefined {
|
||||
if (memory === undefined) return undefined;
|
||||
if (memory.expiresAt <= Date.now()) {
|
||||
clearExpiredCredential(memory);
|
||||
return undefined;
|
||||
}
|
||||
return memory.credential;
|
||||
return memory;
|
||||
}
|
||||
|
||||
function clearExpiredCredential(expired: StoredCredential): void {
|
||||
memory = undefined;
|
||||
try {
|
||||
// Keep the expired local record as a tombstone if the legacy session copy
|
||||
// cannot be cleared; otherwise a reload could migrate it into a fresh TTL.
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
const raw = globalThis.localStorage?.getItem(STORAGE_KEY);
|
||||
const stored = raw === null || raw === undefined
|
||||
? undefined
|
||||
: decodeStoredCredential(raw);
|
||||
const matchesExpired = stored === undefined
|
||||
? raw === expired.credential
|
||||
: stored.credential === expired.credential &&
|
||||
stored.expiresAt === expired.expiresAt;
|
||||
if (matchesExpired) {
|
||||
globalThis.localStorage?.removeItem(STORAGE_KEY);
|
||||
}
|
||||
} catch {
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
|
||||
/** Store a credential in memory and in localStorage for up to 7 days. */
|
||||
/** Store a credential (memory + sessionStorage) for subsequent requests. */
|
||||
export function setCredential(value: string): void {
|
||||
const stored = createStoredCredential(value);
|
||||
memory = stored;
|
||||
memory = value;
|
||||
try {
|
||||
persistCredential(stored);
|
||||
globalThis.sessionStorage?.setItem(STORAGE_KEY, value);
|
||||
} catch {
|
||||
// Storage may be unavailable (private mode) — memory still works.
|
||||
}
|
||||
try {
|
||||
// Drop any legacy sessionStorage copy so the two stores cannot diverge.
|
||||
// Best-effort even when localStorage is blocked — otherwise a stale
|
||||
// session-scoped value left behind gets re-migrated (and 401s) on the
|
||||
// next reload.
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
} catch {
|
||||
// ignore
|
||||
// sessionStorage may be unavailable (private mode) — memory still works.
|
||||
}
|
||||
}
|
||||
|
||||
/** Drop the credential (memory + localStorage). */
|
||||
/** Drop the credential (memory + sessionStorage). */
|
||||
export function clearCredential(): void {
|
||||
const rejected = memory;
|
||||
memory = undefined;
|
||||
try {
|
||||
// Only clear the persisted copy when it still holds the credential this
|
||||
// tab was using. localStorage is shared across tabs, so an unconditional
|
||||
// removal would let a stale tab erase a newer token another tab stored
|
||||
// (e.g. right after `kimi server rotate-token`).
|
||||
const raw = globalThis.localStorage?.getItem(STORAGE_KEY);
|
||||
const stored = raw === null || raw === undefined
|
||||
? undefined
|
||||
: decodeStoredCredential(raw);
|
||||
const persistedCredential = stored?.credential ?? raw;
|
||||
const matchesRejected = rejected !== undefined &&
|
||||
persistedCredential === rejected.credential;
|
||||
if (matchesRejected) {
|
||||
globalThis.localStorage?.removeItem(STORAGE_KEY);
|
||||
}
|
||||
// sessionStorage is tab-scoped (legacy store) — clearing it cannot
|
||||
// affect other tabs.
|
||||
globalThis.sessionStorage?.removeItem(STORAGE_KEY);
|
||||
} catch {
|
||||
// ignore
|
||||
|
|
|
|||
|
|
@ -287,12 +287,12 @@ export interface WireQuestionResponse {
|
|||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// Task
|
||||
// Background Task
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
export type WireTaskStatus = 'running' | 'completed' | 'failed' | 'cancelled';
|
||||
|
||||
export interface WireTask {
|
||||
export interface WireBackgroundTask {
|
||||
id: string;
|
||||
session_id: string;
|
||||
kind: 'subagent' | 'bash' | 'tool';
|
||||
|
|
@ -413,35 +413,18 @@ export interface WireAuthResult {
|
|||
managed_provider: WireManagedProvider | null;
|
||||
}
|
||||
|
||||
// `POST /oauth/login` returns one of two shapes, discriminated by `status`:
|
||||
// - `pending`: a real device-code flow was started; all device fields are
|
||||
// populated so the client can render the device-code step and poll.
|
||||
// - `authenticated`: the toolkit already had a usable token and short-
|
||||
// circuited via its `ensureFresh` fast path, so no device code was
|
||||
// issued; the client can skip the device-code step and treat the login
|
||||
// as already complete.
|
||||
interface WireOAuthLoginStartPending {
|
||||
export interface WireOAuthLoginStartResult {
|
||||
flow_id: string;
|
||||
provider: string;
|
||||
status: 'pending';
|
||||
verification_uri: string;
|
||||
verification_uri_complete: string;
|
||||
user_code: string;
|
||||
expires_in: number;
|
||||
interval: number;
|
||||
status: 'pending';
|
||||
expires_at: string;
|
||||
}
|
||||
|
||||
interface WireOAuthLoginStartAuthenticated {
|
||||
flow_id: string;
|
||||
provider: string;
|
||||
status: 'authenticated';
|
||||
}
|
||||
|
||||
export type WireOAuthLoginStartResult =
|
||||
| WireOAuthLoginStartPending
|
||||
| WireOAuthLoginStartAuthenticated;
|
||||
|
||||
export interface WireOAuthLoginPollResult {
|
||||
flow_id: string;
|
||||
status: 'pending' | 'authenticated' | 'expired' | 'cancelled';
|
||||
|
|
@ -756,8 +739,8 @@ type WireEventQuestionDismissed = WireEventBase<'event.question.dismissed', {
|
|||
dismissed_by: string;
|
||||
dismissed_at: string;
|
||||
}>;
|
||||
// Tasks
|
||||
type WireEventTaskCreated = WireEventBase<'event.task.created', { task: WireTask }>;
|
||||
// Background tasks
|
||||
type WireEventTaskCreated = WireEventBase<'event.task.created', { task: WireBackgroundTask }>;
|
||||
type WireEventTaskProgress = WireEventBase<'event.task.progress', {
|
||||
task_id: string;
|
||||
output_chunk: string;
|
||||
|
|
@ -828,7 +811,7 @@ export type WireEvent =
|
|||
| WireEventQuestionRequested
|
||||
| WireEventQuestionAnswered
|
||||
| WireEventQuestionDismissed
|
||||
// Tasks
|
||||
// Background tasks
|
||||
| WireEventTaskCreated
|
||||
| WireEventTaskProgress
|
||||
| WireEventTaskCompleted
|
||||
|
|
|
|||
|
|
@ -747,7 +747,17 @@ export interface KimiWebApi {
|
|||
defaultModel: string | null;
|
||||
managedProvider: { status: string } | null;
|
||||
}>;
|
||||
startOAuthLogin(): Promise<OAuthLoginStartResult>;
|
||||
startOAuthLogin(): Promise<{
|
||||
flowId: string;
|
||||
provider: string;
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
status: 'pending';
|
||||
expiresAt: string;
|
||||
}>;
|
||||
pollOAuthLogin(): Promise<{
|
||||
flowId: string;
|
||||
status: 'pending' | 'authenticated' | 'expired' | 'cancelled';
|
||||
|
|
@ -756,22 +766,3 @@ export interface KimiWebApi {
|
|||
cancelOAuthLogin(): Promise<{ cancelled: boolean; status: string }>;
|
||||
logout(): Promise<{ loggedOut: boolean }>;
|
||||
}
|
||||
|
||||
/** Result of `startOAuthLogin()`, mirroring the wire discriminated union. */
|
||||
export type OAuthLoginStartResult =
|
||||
| {
|
||||
flowId: string;
|
||||
provider: string;
|
||||
status: 'pending';
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
expiresAt: string;
|
||||
}
|
||||
| {
|
||||
flowId: string;
|
||||
provider: string;
|
||||
status: 'authenticated';
|
||||
};
|
||||
|
|
|
|||
|
|
@ -7,9 +7,6 @@
|
|||
<script setup lang="ts">
|
||||
import { useI18n } from 'vue-i18n';
|
||||
import Spinner from './ui/Spinner.vue';
|
||||
/** Last connection error from the first-load auth gate's retry loop, shown so
|
||||
* a "cannot connect" state is diagnosable instead of a bare spinner. */
|
||||
defineProps<{ issue?: string | null }>();
|
||||
const { t } = useI18n();
|
||||
</script>
|
||||
|
||||
|
|
@ -24,10 +21,6 @@ const { t } = useI18n();
|
|||
</svg>
|
||||
<Spinner size="md" :label="t('app.connecting')" />
|
||||
<div class="gload-text">{{ t('app.connecting') }}</div>
|
||||
<div v-if="issue" class="gload-issue">
|
||||
<div>{{ t('app.connectRetrying') }}</div>
|
||||
<div class="gload-issue-detail">{{ issue }}</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
|
|
@ -70,24 +63,6 @@ const { t } = useI18n();
|
|||
color: var(--muted);
|
||||
letter-spacing: 0.04em;
|
||||
}
|
||||
.gload-issue {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
align-items: center;
|
||||
gap: var(--space-2);
|
||||
max-width: min(480px, 80vw);
|
||||
font-family: var(--sans);
|
||||
font-size: var(--text-sm);
|
||||
color: var(--muted);
|
||||
text-align: center;
|
||||
}
|
||||
.gload-issue-detail {
|
||||
font-family: var(--mono);
|
||||
font-size: var(--text-xs);
|
||||
color: var(--muted);
|
||||
opacity: 0.8;
|
||||
word-break: break-word;
|
||||
}
|
||||
@keyframes gload-pop {
|
||||
from { opacity: 0; transform: translateY(6px) scale(0.96); }
|
||||
to { opacity: 1; transform: translateY(0) scale(1); }
|
||||
|
|
|
|||
|
|
@ -74,9 +74,7 @@ function onKeydown(e: KeyboardEvent): void {
|
|||
.server-auth-overlay {
|
||||
position: fixed;
|
||||
inset: 0;
|
||||
/* Above the connecting splash (--z-toast): on a 401 during first load the
|
||||
splash stays up, and this prompt must remain reachable on top of it. */
|
||||
z-index: var(--z-max);
|
||||
z-index: var(--z-modal);
|
||||
display: flex;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
|
|
|
|||
|
|
@ -1032,33 +1032,6 @@ function isStreamingRenderBlock(turn: ChatTurn, block: { sourceIndex: number }):
|
|||
color: var(--color-accent-hover);
|
||||
}
|
||||
|
||||
/* ===================== Wide tables (desktop) ===================== */
|
||||
/* 760px corresponds to --p-content-max. Container-query conditions cannot
|
||||
reference CSS custom properties directly. */
|
||||
@container (min-width: 760px) {
|
||||
/* markstream's content-visibility:auto implies paint containment, which can
|
||||
clip a table that breaks out of the normal Markdown width. Disable it only
|
||||
for renderers that actually contain a table. Keep contain:layout intact. */
|
||||
.a-msg .msg :deep(.markstream-vue.markdown-renderer:has(.table-node-wrapper)) {
|
||||
content-visibility: visible;
|
||||
}
|
||||
|
||||
/* Let a table grow naturally beyond the reading column, centred within the
|
||||
conversation pane. The first-stage overflow-x:auto continues to handle
|
||||
content wider than this wrapper. */
|
||||
.a-msg .msg :deep(.table-node-wrapper) {
|
||||
position: relative;
|
||||
left: 50%;
|
||||
width: max-content;
|
||||
min-width: 100%;
|
||||
max-width: min(
|
||||
var(--p-table-max),
|
||||
calc(100cqi - var(--space-5) - var(--space-5))
|
||||
) !important;
|
||||
transform: translateX(-50%);
|
||||
}
|
||||
}
|
||||
|
||||
.u-imgs {
|
||||
display: flex;
|
||||
flex-wrap: wrap;
|
||||
|
|
|
|||
|
|
@ -606,10 +606,14 @@ const ctxTooltip = computed(() => {
|
|||
const showCompact = computed(() => pct.value >= 80);
|
||||
|
||||
// Thinking toggle
|
||||
// Identity is the model id — display/model names can collide across providers.
|
||||
const currentModel = computed(() =>
|
||||
props.models?.find((m) => m.id === props.status?.modelId),
|
||||
);
|
||||
const currentModel = computed(() => {
|
||||
const raw = props.status?.modelId ?? props.status?.model ?? '';
|
||||
return props.models?.find((m) =>
|
||||
m.id === raw ||
|
||||
m.model === raw ||
|
||||
m.displayName === props.status?.model,
|
||||
);
|
||||
});
|
||||
const thinkingAvailability = computed(() => modelThinkingAvailability(currentModel.value));
|
||||
const thinkingSegments = computed(() => segmentsFor(currentModel.value));
|
||||
// The persisted level can be stale relative to the active model (e.g. a
|
||||
|
|
@ -1156,7 +1160,7 @@ function selectModel(modelId: string): void {
|
|||
role="menuitem"
|
||||
@click="selectModel(m.id)"
|
||||
>
|
||||
<span class="md-check"><Icon v-if="m.id === status.modelId" name="check" size="sm" /></span>
|
||||
<span class="md-check"><Icon v-if="m.id === status.model || m.model === status.model || m.displayName === status.model" name="check" size="sm" /></span>
|
||||
<span class="md-name">{{ m.displayName ?? m.model }}</span>
|
||||
<span class="md-provider">{{ m.provider }}</span>
|
||||
<Icon class="md-star" name="star" size="sm" />
|
||||
|
|
@ -1174,7 +1178,7 @@ function selectModel(modelId: string): void {
|
|||
role="menuitem"
|
||||
@click="selectModel(m.id)"
|
||||
>
|
||||
<span class="md-check"><Icon v-if="m.id === status.modelId" name="check" size="sm" /></span>
|
||||
<span class="md-check"><Icon v-if="m.id === status.model || m.model === status.model || m.displayName === status.model" name="check" size="sm" /></span>
|
||||
<span class="md-name">{{ m.displayName ?? m.model }}</span>
|
||||
<Icon v-if="isStarred(m.id)" class="md-star" name="star" size="sm" />
|
||||
</button>
|
||||
|
|
|
|||
|
|
@ -405,61 +405,6 @@ function updateActiveTocQuery(): void {
|
|||
activeTurnId.value = bestId ?? items[0]!.id;
|
||||
}
|
||||
|
||||
// --- TOC occlusion by wide tables -------------------------------------------
|
||||
// Wide markdown tables (up to --p-table-max) can extend past the TOC rail,
|
||||
// which stays anchored to the reading-column edge. While a table actually
|
||||
// covers the rail we hide the TOC temporarily so the table stays fully
|
||||
// interactive (clicks, text selection, horizontal scroll). The user's TOC
|
||||
// setting is untouched and the rail returns as soon as the table scrolls away.
|
||||
const tocOccludedByTable = ref(false);
|
||||
let tocHitTestRaf = 0;
|
||||
|
||||
function scheduleTocTableHitTest(): void {
|
||||
if (tocHitTestRaf) return;
|
||||
tocHitTestRaf = raf(() => {
|
||||
tocHitTestRaf = 0;
|
||||
updateTocTableOcclusion();
|
||||
});
|
||||
}
|
||||
|
||||
function updateTocTableOcclusion(): void {
|
||||
const pane = panesRef.value;
|
||||
const toc =
|
||||
!props.mobile && props.conversationToc && pane
|
||||
? pane.closest('.con')?.querySelector<HTMLElement>('.conversation-toc')
|
||||
: null;
|
||||
// The hit x is the centre of the fixed rail bar: `.toc-bar` keeps a stable x
|
||||
// even when hover expands the labels rightward, so hovering the TOC itself
|
||||
// never flips the state (the nav centre would).
|
||||
const bar = toc?.querySelector<HTMLElement>('.toc-bar');
|
||||
let covered = false;
|
||||
if (pane && toc && bar) {
|
||||
const barRect = bar.getBoundingClientRect();
|
||||
const tocRect = toc.getBoundingClientRect();
|
||||
const railX = barRect.left + barRect.width / 2;
|
||||
// Plain geometric overlap: the rail paints above the content, so any table
|
||||
// wrapper that covers the bar's x AND overlaps the rail vertically would
|
||||
// have its pointer events intercepted by the rail — hide the TOC until the
|
||||
// table scrolls away. Rect overlap is exact (no sampling gap) and ignores
|
||||
// paint-order quirks. Only wrappers inside THIS pane count; other panes
|
||||
// (side chat, preview) are outside `pane`.
|
||||
covered = Array.from(
|
||||
pane.querySelectorAll<HTMLElement>('.table-node-wrapper'),
|
||||
).some((wrapper) => {
|
||||
const rect = wrapper.getBoundingClientRect();
|
||||
return (
|
||||
rect.left <= railX &&
|
||||
railX <= rect.right &&
|
||||
rect.top < tocRect.bottom &&
|
||||
rect.bottom > tocRect.top
|
||||
);
|
||||
});
|
||||
}
|
||||
if (tocOccludedByTable.value !== covered) {
|
||||
tocOccludedByTable.value = covered;
|
||||
}
|
||||
}
|
||||
|
||||
// The first pending question (if any)
|
||||
const pendingQuestion = computed<UIQuestion | undefined>(() =>
|
||||
props.questions && props.questions.length > 0 ? props.questions[0] : undefined,
|
||||
|
|
@ -582,7 +527,6 @@ function hasUserActionFollowLock(): boolean {
|
|||
}
|
||||
|
||||
function onPanesScroll(): void {
|
||||
scheduleTocTableHitTest();
|
||||
const el = panesRef.value;
|
||||
if (!el) return;
|
||||
const top = el.scrollTop;
|
||||
|
|
@ -634,67 +578,18 @@ function scrollToBottom(smooth = false): void {
|
|||
lastScrollTop = el.scrollTop;
|
||||
}
|
||||
|
||||
type ScrollAnchor = { kind: 'turn' | 'tool'; id: string; top: number };
|
||||
|
||||
function scrollAnchorTop(container: HTMLElement, node: HTMLElement): number {
|
||||
// Tool calls inside a collapsed group still exist under an inert, clipped
|
||||
// body. Anchor them to the visible group row so hidden content cannot create
|
||||
// a fake layout delta while the stable tool id remains usable.
|
||||
const inert = node.closest<HTMLElement>('[inert]');
|
||||
const positionNode = inert?.closest<HTMLElement>('.tool-group') ?? node;
|
||||
return (
|
||||
positionNode.getBoundingClientRect().top -
|
||||
container.getBoundingClientRect().top +
|
||||
container.scrollTop
|
||||
);
|
||||
}
|
||||
|
||||
function findTopAnchors(
|
||||
function findTopAnchor(
|
||||
container: HTMLElement,
|
||||
scrollTop: number,
|
||||
): ScrollAnchor[] {
|
||||
const anchors = Array.from(
|
||||
container.querySelectorAll<HTMLElement>('.turn-anchor[data-turn-id], [data-scroll-anchor-id]'),
|
||||
).map((node) => ({ node, top: scrollAnchorTop(container, node) }));
|
||||
const firstAfterTop = anchors.findIndex((anchor) => anchor.top >= scrollTop);
|
||||
const start = firstAfterTop < 0 ? Math.max(0, anchors.length - 1) : firstAfterTop;
|
||||
// The first id can be rebuilt when a page boundary splits an assistant turn;
|
||||
// a nearby turn or tool call retains a stable fallback.
|
||||
return anchors.slice(start, start + 2).flatMap((anchor) => {
|
||||
const toolId = anchor.node.dataset.scrollAnchorId;
|
||||
const id = toolId ?? anchor.node.dataset.turnId;
|
||||
return id ? [{ kind: toolId ? 'tool' : 'turn', id, top: anchor.top }] : [];
|
||||
});
|
||||
}
|
||||
|
||||
type HistoryScrollSnapshot = {
|
||||
anchors: ScrollAnchor[];
|
||||
oldHeight: number;
|
||||
};
|
||||
|
||||
const pendingHistoryRestoreBySession = new Map<string, HistoryScrollSnapshot>();
|
||||
|
||||
function historyScrollDelta(container: HTMLElement, snapshot: HistoryScrollSnapshot): number {
|
||||
for (const anchor of snapshot.anchors) {
|
||||
const attr = anchor.kind === 'tool' ? 'data-scroll-anchor-id' : 'data-turn-id';
|
||||
const newAnchor = container.querySelector<HTMLElement>(
|
||||
`[${attr}="${attrEscape(anchor.id)}"]`,
|
||||
);
|
||||
if (newAnchor) return scrollAnchorTop(container, newAnchor) - anchor.top;
|
||||
): { id: string; top: number } | null {
|
||||
const anchors = container.querySelectorAll<HTMLElement>('.turn-anchor');
|
||||
for (const anchor of anchors) {
|
||||
if (anchor.offsetTop >= scrollTop) {
|
||||
const id = anchor.dataset.turnId;
|
||||
if (id) return { id, top: anchor.offsetTop };
|
||||
}
|
||||
}
|
||||
// If the page boundary split an assistant/tool turn, messagesToTurns may
|
||||
// rebuild that turn with a new id. Fall back to the overall height delta.
|
||||
return container.scrollHeight - snapshot.oldHeight;
|
||||
}
|
||||
|
||||
function restoreHistoryScroll(
|
||||
container: HTMLElement,
|
||||
snapshot: HistoryScrollSnapshot,
|
||||
currentTop = container.scrollTop,
|
||||
): number {
|
||||
container.scrollTop = currentTop + historyScrollDelta(container, snapshot);
|
||||
lastScrollTop = container.scrollTop;
|
||||
return container.scrollTop;
|
||||
return null;
|
||||
}
|
||||
|
||||
async function handleLoadOlderMessages(): Promise<void> {
|
||||
|
|
@ -702,7 +597,6 @@ async function handleLoadOlderMessages(): Promise<void> {
|
|||
!props.sessionId ||
|
||||
!props.loadOlderMessages ||
|
||||
props.loadingMore ||
|
||||
historyLoadInProgress.value ||
|
||||
!props.hasMoreMessages
|
||||
) {
|
||||
return;
|
||||
|
|
@ -710,43 +604,41 @@ async function handleLoadOlderMessages(): Promise<void> {
|
|||
const requestedSessionId = props.sessionId;
|
||||
const el = panesRef.value;
|
||||
const oldTop = el?.scrollTop ?? 0;
|
||||
const snapshot: HistoryScrollSnapshot = {
|
||||
anchors: el ? findTopAnchors(el, oldTop) : [],
|
||||
oldHeight: el?.scrollHeight ?? 0,
|
||||
};
|
||||
const oldHeight = el?.scrollHeight ?? 0;
|
||||
const oldAnchor = el ? findTopAnchor(el, oldTop) : null;
|
||||
|
||||
setHistoryLoadInProgress(requestedSessionId, true);
|
||||
cancelScheduledFollow();
|
||||
historyLoadInProgress.value = true;
|
||||
try {
|
||||
// Flush the class that disables native scroll anchoring before Vue prepends
|
||||
// history. The explicit delta restoration below owns this one mutation;
|
||||
// native anchoring resumes afterwards for late Markdown/media layout shifts.
|
||||
await nextTick();
|
||||
await props.loadOlderMessages(requestedSessionId);
|
||||
await nextTick();
|
||||
|
||||
// If the user switched sessions while the request was in flight, do not
|
||||
// restore the newly selected pane. Save the original anchor so the deferred
|
||||
// per-session scroll state can be adjusted when this session mounts again.
|
||||
if (props.sessionId !== requestedSessionId) {
|
||||
pendingHistoryRestoreBySession.set(requestedSessionId, snapshot);
|
||||
return;
|
||||
}
|
||||
|
||||
const el2 = panesRef.value;
|
||||
if (!el2) return;
|
||||
|
||||
// Restore scroll position using a stable anchor near the old viewport top.
|
||||
// This isolates height inserted above the anchor and ignores any new bottom
|
||||
// content (e.g. streaming assistant turns) that arrived during the request.
|
||||
// Apply the delta to the CURRENT scrollTop, not the pre-fetch oldTop: the
|
||||
// user may have kept scrolling (e.g. trackpad momentum) while the request
|
||||
// was in flight, and snapping back to oldTop would yank the viewport down.
|
||||
restoreHistoryScroll(el2, snapshot);
|
||||
pendingHistoryRestoreBySession.delete(requestedSessionId);
|
||||
} finally {
|
||||
setHistoryLoadInProgress(requestedSessionId, false);
|
||||
historyLoadInProgress.value = false;
|
||||
}
|
||||
|
||||
// If the user switched sessions while the request was in flight, do not
|
||||
// restore scroll position on the newly selected session's pane.
|
||||
if (props.sessionId !== requestedSessionId) return;
|
||||
|
||||
const el2 = panesRef.value;
|
||||
if (!el2) return;
|
||||
|
||||
// Restore scroll position using a stable anchor near the old viewport top.
|
||||
// This isolates height inserted above the anchor and ignores any new bottom
|
||||
// content (e.g. streaming assistant turns) that arrived during the request.
|
||||
let delta = 0;
|
||||
if (oldAnchor) {
|
||||
const newAnchor = el2.querySelector<HTMLElement>(
|
||||
`.turn-anchor[data-turn-id="${attrEscape(oldAnchor.id)}"]`,
|
||||
);
|
||||
if (newAnchor) {
|
||||
delta = newAnchor.offsetTop - oldAnchor.top;
|
||||
}
|
||||
}
|
||||
// If the page boundary split an assistant/tool turn, messagesToTurns may
|
||||
// rebuild that turn with a new id. Fall back to the overall height delta so
|
||||
// the viewport does not jump into the inserted history.
|
||||
if (delta === 0) delta = el2.scrollHeight - oldHeight;
|
||||
el2.scrollTop = oldTop + delta;
|
||||
}
|
||||
|
||||
function attrEscape(value: string): string {
|
||||
|
|
@ -759,7 +651,6 @@ function scrollToTurn(turnId: string): void {
|
|||
if (!el) return;
|
||||
const target = el.querySelector<HTMLElement>(`.turn-anchor[data-turn-id="${attrEscape(turnId)}"]`);
|
||||
if (!target) return;
|
||||
cancelActiveScrollWrites();
|
||||
following.value = false;
|
||||
showPill.value = distanceFromBottom() > BOTTOM_THRESHOLD;
|
||||
target.scrollIntoView({ behavior: 'smooth', block: 'center' });
|
||||
|
|
@ -937,20 +828,13 @@ watch(
|
|||
if (oldKey && el) {
|
||||
scrollStateBySession.set(String(oldKey), { top: el.scrollTop, following: following.value });
|
||||
}
|
||||
cancelActiveScrollWrites();
|
||||
await nextTick();
|
||||
const el2 = panesRef.value;
|
||||
const saved = newKey ? scrollStateBySession.get(String(newKey)) : undefined;
|
||||
if (saved && el2) {
|
||||
const pendingRestore = pendingHistoryRestoreBySession.get(String(newKey));
|
||||
const top = pendingRestore
|
||||
? restoreHistoryScroll(el2, pendingRestore, saved.top)
|
||||
: saved.top;
|
||||
if (pendingRestore) pendingHistoryRestoreBySession.delete(String(newKey));
|
||||
following.value = saved.following;
|
||||
el2.scrollTop = top;
|
||||
lastScrollTop = el2.scrollTop;
|
||||
showPill.value = !saved.following && distanceFromBottom() > 1;
|
||||
el2.scrollTop = saved.top;
|
||||
lastScrollTop = saved.top;
|
||||
if (saved.following) {
|
||||
scheduleStableFollow();
|
||||
}
|
||||
|
|
@ -1052,128 +936,24 @@ let observedDock: HTMLElement | null = null;
|
|||
let lastObservedScrollHeight = 0;
|
||||
let lastObservedClientHeight = 0;
|
||||
let scrollRaf = 0;
|
||||
const historyLoadingSessions = ref<ReadonlySet<string>>(new Set());
|
||||
const historyLoadInProgress = computed(
|
||||
() => !!props.sessionId && historyLoadingSessions.value.has(props.sessionId),
|
||||
);
|
||||
let pillEligible = false;
|
||||
const historyLoadInProgress = ref(false);
|
||||
|
||||
function setHistoryLoadInProgress(sessionId: string, inProgress: boolean): void {
|
||||
const next = new Set(historyLoadingSessions.value);
|
||||
if (inProgress) next.add(sessionId);
|
||||
else next.delete(sessionId);
|
||||
historyLoadingSessions.value = next;
|
||||
}
|
||||
|
||||
function scheduleFollow(): void {
|
||||
function scheduleFollow(allowPill: boolean): void {
|
||||
// Prepending older history changes turns.length but is not new bottom content;
|
||||
// suppress the "new messages" pill until the scroll position is restored.
|
||||
if (historyLoadInProgress.value) return;
|
||||
pillEligible = pillEligible || allowPill;
|
||||
if (scrollRaf) return;
|
||||
scrollRaf = raf(() => {
|
||||
const schedule = typeof requestAnimationFrame === 'function' ? requestAnimationFrame : (cb: () => void) => setTimeout(cb, 16) as unknown as number;
|
||||
scrollRaf = schedule(() => {
|
||||
scrollRaf = 0;
|
||||
if (historyLoadInProgress.value) return;
|
||||
const wantPill = pillEligible;
|
||||
pillEligible = false;
|
||||
if (isPinned()) return;
|
||||
if (following.value || hasUserActionFollowLock()) scrollToBottom(false);
|
||||
});
|
||||
}
|
||||
|
||||
function cancelScheduledFollow(): void {
|
||||
stableFollowToken++;
|
||||
if (stableFollowRaf) {
|
||||
cancelRaf(stableFollowRaf);
|
||||
stableFollowRaf = 0;
|
||||
}
|
||||
if (scrollRaf) {
|
||||
cancelRaf(scrollRaf);
|
||||
scrollRaf = 0;
|
||||
}
|
||||
}
|
||||
|
||||
function cancelActiveScrollWrites(): void {
|
||||
const el = panesRef.value;
|
||||
|
||||
userActionFollowUntil = 0;
|
||||
cancelScheduledFollow();
|
||||
pinUntil = 0;
|
||||
pinEl = null;
|
||||
|
||||
if (el) {
|
||||
const top = el.scrollTop;
|
||||
if (typeof el.scrollTo === 'function') el.scrollTo({ top, behavior: 'auto' });
|
||||
else el.scrollTop = top;
|
||||
}
|
||||
smoothScrollUntil = 0;
|
||||
lastSmoothScroll = Number.NEGATIVE_INFINITY;
|
||||
if (el) lastScrollTop = el.scrollTop;
|
||||
}
|
||||
|
||||
// Wheel, touch, and scrollbar input arrive before the browser dispatches
|
||||
// `scroll`. Stop queued writers before they can overwrite the user's movement.
|
||||
function stopFollowingForUserIntent(): void {
|
||||
const el = panesRef.value;
|
||||
if (!el || (el.scrollHeight - el.clientHeight <= 1 && !props.hasMoreMessages)) return;
|
||||
|
||||
following.value = false;
|
||||
cancelActiveScrollWrites();
|
||||
if (el.scrollHeight - el.clientHeight > 1) showPill.value = true;
|
||||
}
|
||||
|
||||
function nestedScrollerCanMoveUp(event: Event): boolean {
|
||||
const pane = panesRef.value;
|
||||
if (!pane) return false;
|
||||
for (const target of event.composedPath()) {
|
||||
if (target === pane) return false;
|
||||
if (
|
||||
target instanceof HTMLElement &&
|
||||
target.scrollHeight > target.clientHeight + 1 &&
|
||||
target.scrollTop > 1
|
||||
) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function onPanesWheel(event: WheelEvent): void {
|
||||
if (
|
||||
event.defaultPrevented ||
|
||||
event.ctrlKey ||
|
||||
event.shiftKey ||
|
||||
event.deltaY >= 0 ||
|
||||
nestedScrollerCanMoveUp(event)
|
||||
) {
|
||||
return;
|
||||
}
|
||||
stopFollowingForUserIntent();
|
||||
}
|
||||
|
||||
function onPanesPointerDown(event: PointerEvent): void {
|
||||
const el = panesRef.value;
|
||||
if (!el || event.defaultPrevented || event.button !== 0 || event.pointerType === 'touch') return;
|
||||
const rect = el.getBoundingClientRect();
|
||||
const gutterWidth = el.offsetWidth - el.clientWidth;
|
||||
const hitWidth = gutterWidth > 0 ? gutterWidth : 12;
|
||||
if (event.target === el && event.clientX >= rect.right - hitWidth) {
|
||||
stopFollowingForUserIntent();
|
||||
}
|
||||
}
|
||||
|
||||
let lastTouchY: number | null = null;
|
||||
|
||||
function onPanesTouchStart(event: TouchEvent): void {
|
||||
lastTouchY = event.touches.length === 1 ? event.touches[0]!.clientY : null;
|
||||
}
|
||||
|
||||
function onPanesTouchMove(event: TouchEvent): void {
|
||||
const y = event.touches.length === 1 ? event.touches[0]!.clientY : null;
|
||||
// The finger moving down means the scroll container is moving up.
|
||||
if (
|
||||
y !== null &&
|
||||
lastTouchY !== null &&
|
||||
y > lastTouchY + 2 &&
|
||||
!nestedScrollerCanMoveUp(event)
|
||||
) {
|
||||
stopFollowingForUserIntent();
|
||||
}
|
||||
lastTouchY = y;
|
||||
else if (wantPill) showPill.value = true;
|
||||
}) as unknown as number;
|
||||
}
|
||||
|
||||
function ensureContentObserved(): void {
|
||||
|
|
@ -1211,13 +991,11 @@ function rebindScrollObservers(): void {
|
|||
}
|
||||
lastObservedScrollHeight = el?.scrollHeight ?? 0;
|
||||
lastObservedClientHeight = el?.clientHeight ?? 0;
|
||||
scheduleTocTableHitTest();
|
||||
}
|
||||
|
||||
function onContentMutated(): void {
|
||||
ensureContentObserved();
|
||||
scheduleFollow();
|
||||
scheduleTocTableHitTest();
|
||||
scheduleFollow(true);
|
||||
}
|
||||
|
||||
function onVisibilityChange(): void {
|
||||
|
|
@ -1261,7 +1039,6 @@ onMounted(() => {
|
|||
}
|
||||
if (typeof ResizeObserver === 'function') {
|
||||
resizeObserver = new ResizeObserver(() => {
|
||||
scheduleTocTableHitTest();
|
||||
updatePanesScrollbarWidth();
|
||||
const el = panesRef.value;
|
||||
if (!el) return;
|
||||
|
|
@ -1275,7 +1052,7 @@ onMounted(() => {
|
|||
// viewport (composer dock growing and hiding the last message). While a tool
|
||||
// row/group is being toggled (the pinned window) suppress follow entirely,
|
||||
// so the row opens downward / collapses upward without moving the viewport.
|
||||
if (!isPinned() && (grew || viewportShrank)) scheduleFollow();
|
||||
if (!isPinned() && (grew || viewportShrank)) scheduleFollow(false);
|
||||
});
|
||||
}
|
||||
rebindScrollObservers();
|
||||
|
|
@ -1291,10 +1068,9 @@ onMounted(() => {
|
|||
onUnmounted(() => {
|
||||
if (contentObserver) contentObserver.disconnect();
|
||||
if (resizeObserver) resizeObserver.disconnect();
|
||||
if (scrollRaf) cancelRaf(scrollRaf);
|
||||
if (scrollRaf && typeof cancelAnimationFrame === 'function') cancelAnimationFrame(scrollRaf);
|
||||
if (stableFollowRaf) cancelRaf(stableFollowRaf);
|
||||
if (pinRaf) cancelRaf(pinRaf);
|
||||
if (tocHitTestRaf) cancelRaf(tocHitTestRaf);
|
||||
if (abortToastTimer !== null) clearTimeout(abortToastTimer);
|
||||
if (copyConversationCopiedTimer !== null) {
|
||||
clearTimeout(copyConversationCopiedTimer);
|
||||
|
|
@ -1348,7 +1124,6 @@ defineExpose({ loadComposerForEdit, focusComposer });
|
|||
:active-turn-id="activeTurnId"
|
||||
:mobile="mobile"
|
||||
:session-loading="sessionLoading"
|
||||
:occluded="tocOccludedByTable"
|
||||
@select="scrollToTurn"
|
||||
/>
|
||||
|
||||
|
|
@ -1356,15 +1131,7 @@ defineExpose({ loadComposerForEdit, focusComposer });
|
|||
<div
|
||||
:ref="bindChatPane"
|
||||
class="panes chat-scroll"
|
||||
:class="{
|
||||
'is-following': following,
|
||||
'history-prepending': historyLoadInProgress,
|
||||
}"
|
||||
@scroll.passive="onPanesScroll"
|
||||
@wheel.passive="onPanesWheel"
|
||||
@pointerdown.passive="onPanesPointerDown"
|
||||
@touchstart.passive="onPanesTouchStart"
|
||||
@touchmove.passive="onPanesTouchMove"
|
||||
>
|
||||
<div ref="contentWrapRef" class="content-wrap" :class="[mobile ? 'align-mobile' : 'align-center']">
|
||||
<template v-if="turns.length === 0 && !sessionLoading">
|
||||
|
|
@ -1625,15 +1392,8 @@ defineExpose({ loadComposerForEdit, focusComposer });
|
|||
flex: 1;
|
||||
min-height: 0;
|
||||
overflow-y: auto;
|
||||
/* Keep the visible message stable while the user browses history. Bottom
|
||||
following and history prepend use explicit scroll writes, so they opt out. */
|
||||
overflow-anchor: auto;
|
||||
scrollbar-gutter: stable;
|
||||
}
|
||||
|
||||
.panes.is-following,
|
||||
.panes.history-prepending {
|
||||
overflow-anchor: none;
|
||||
scrollbar-gutter: stable;
|
||||
}
|
||||
|
||||
/* Chat tab layout: the message list scrolls, while the dock stays as the
|
||||
|
|
|
|||
|
|
@ -17,10 +17,6 @@ const props = defineProps<{
|
|||
activeTurnId: string | null;
|
||||
mobile?: boolean;
|
||||
sessionLoading?: boolean;
|
||||
/** Temporarily hidden while a wide table actually covers the rail. Kept out
|
||||
of `visible` on purpose: the nav must stay mounted so the occlusion can
|
||||
be measured and lifted again. Never touches the user's TOC setting. */
|
||||
occluded?: boolean;
|
||||
}>();
|
||||
|
||||
const emit = defineEmits<{
|
||||
|
|
@ -99,9 +95,9 @@ onBeforeUnmount(() => {
|
|||
v-if="visible"
|
||||
ref="navRef"
|
||||
class="conversation-toc"
|
||||
:class="{ 'toc-clipped': !fits || occluded }"
|
||||
:class="{ 'toc-clipped': !fits }"
|
||||
:aria-label="t('conversation.toc')"
|
||||
:aria-hidden="fits && !occluded ? undefined : true"
|
||||
:aria-hidden="fits ? undefined : true"
|
||||
>
|
||||
<div class="toc-scroll">
|
||||
<button
|
||||
|
|
@ -125,15 +121,7 @@ onBeforeUnmount(() => {
|
|||
z-index: var(--z-sticky);
|
||||
top: 50%;
|
||||
transform: translateY(-50%);
|
||||
/* Anchor to the reading-column edge, the rail's original position. Tables
|
||||
that grow past it (up to --p-table-max) temporarily hide the rail via the
|
||||
occlusion hit-test in ConversationPane, so proximity is safe again.
|
||||
The cqi cap keeps the rail inside narrow containers. */
|
||||
--toc-content-max: min(
|
||||
var(--p-content-max),
|
||||
calc(100cqi - var(--space-5) - var(--space-5))
|
||||
);
|
||||
left: calc(50% + (var(--toc-content-max) / 2) + 14px);
|
||||
left: calc(50% + (var(--read-max) / 2) + 14px);
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: center;
|
||||
|
|
@ -142,18 +130,15 @@ onBeforeUnmount(() => {
|
|||
}
|
||||
/* Invisible hover bridge: the collapsed rail is only a few px wide, so this
|
||||
extends the hover target on both sides to make the outline easy to open and
|
||||
forgiving to stay within. The left side covers only the 14px gap to the
|
||||
content edge — a table wide enough to reach past the gap also covers the
|
||||
bar, which hides the rail (pointer-events: none) before the bridge can
|
||||
steal its events. Kept at z-index 0 so it sits behind the rows (which are
|
||||
raised to z-index 1) — otherwise the bridge, as a positioned pseudo-element,
|
||||
paints above the in-flow rows and swallows their clicks. */
|
||||
forgiving to stay within. Kept at z-index 0 so it sits behind the rows
|
||||
(which are raised to z-index 1) — otherwise the bridge, as a positioned
|
||||
pseudo-element, paints above the in-flow rows and swallows their clicks. */
|
||||
.conversation-toc::before {
|
||||
content: "";
|
||||
position: absolute;
|
||||
top: 0;
|
||||
bottom: 0;
|
||||
left: -14px;
|
||||
left: -48px;
|
||||
right: -48px;
|
||||
z-index: 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -723,35 +723,34 @@ function copyDiff(code: string, idx: number) {
|
|||
font-weight: var(--weight-medium);
|
||||
}
|
||||
|
||||
/* Markdown tables — wide tables scroll horizontally INSIDE the table's own
|
||||
wrapper instead of squeezing into (or overflowing) the reading column.
|
||||
The wrapper is a fixed-width local scroll container: it stays pinned to the
|
||||
message width (`width:100%`, `min-width:0` so it can shrink inside flex
|
||||
tracks) and clips any overflow behind its own `overflow-x:auto` scrollbar —
|
||||
the chat pane and the page never scroll sideways. The table itself grows to
|
||||
its content width (`width:max-content`, `max-width:none`,
|
||||
`table-layout:auto`), so many-column or long-cell tables keep their natural
|
||||
layout and only the excess scrolls within the wrapper. `min-width:100%` keeps
|
||||
narrow tables stretched to fill the wrapper exactly as before. `!important`
|
||||
beats markstream's scoped `.table-node[data-v-…]` rules regardless of
|
||||
injection order. */
|
||||
.md :deep(.table-node-wrapper) {
|
||||
width: 100%;
|
||||
max-width: 100% !important;
|
||||
min-width: 0;
|
||||
overflow-x: auto !important;
|
||||
}
|
||||
|
||||
/* Markdown tables. markstream-vue pins these to the message width
|
||||
(`width:100%` + `table-layout:fixed`), squeezing wide content into narrow
|
||||
columns. Instead we size columns to their content (`width:auto` +
|
||||
`table-layout:auto`) and let cells WRAP, so a wide table fills the reading
|
||||
column and wraps its text rather than being crushed or scrolling. (An earlier
|
||||
attempt to break the table out into a *wider* column than the prose — via
|
||||
container units and then fixed @container caps — is parked; see the handover
|
||||
doc.) `!important` beats markstream's scoped `.table-node[data-v-…]` rules
|
||||
regardless of injection order. */
|
||||
.md :deep(.table-node) {
|
||||
--table-border: var(--color-line);
|
||||
--table-header-bg: var(--color-surface);
|
||||
font-size: var(--text-lg);
|
||||
margin: 0.5em 0;
|
||||
width: max-content !important;
|
||||
min-width: 100%;
|
||||
max-width: none !important;
|
||||
width: auto !important;
|
||||
max-width: 100% !important;
|
||||
table-layout: auto !important;
|
||||
}
|
||||
/* Default: the table stays inside the reading column and its cells wrap to fit
|
||||
— markstream's own cell default is already `white-space:normal`, so a wide
|
||||
table simply wraps into the column instead of forcing a horizontal scroll.
|
||||
`max-content` + `max-width:100%` sizes columns to their content up to the
|
||||
column width; `overflow-x:auto` is a safety net for an unbreakable cell. */
|
||||
.md :deep(.table-node-wrapper) {
|
||||
width: max-content;
|
||||
max-width: 100% !important;
|
||||
overflow-x: auto !important;
|
||||
}
|
||||
.md :deep(.table-node th),
|
||||
.md :deep(.table-node td) {
|
||||
text-align: left;
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@ const Renderer = computed(() => resolveToolRenderer(props.tool));
|
|||
:mobile="mobile"
|
||||
:stack-position="stackPosition"
|
||||
:tool-diff-panel="toolDiffPanel"
|
||||
:data-scroll-anchor-id="tool.id"
|
||||
@open-media="emit('openMedia', $event)"
|
||||
@open-file="emit('openFile', $event)"
|
||||
@open-tool-diff="emit('openToolDiff', $event)"
|
||||
|
|
|
|||
|
|
@ -1,26 +1,18 @@
|
|||
<!-- apps/kimi-web/src/components/dialogs/AddWorkspaceDialog.vue -->
|
||||
<!-- Daemon-driven folder browser for adding a workspace: starts at the path -->
|
||||
<!-- kimi-web is working in, with a clickable breadcrumb and the folder list -->
|
||||
<!-- (fs:browse). "Open this folder" adds the current path. The search box -->
|
||||
<!-- doubles as an absolute-path entry: absolute-looking input (POSIX, "~", -->
|
||||
<!-- Windows drive or UNC) is validated live and the browser follows valid -->
|
||||
<!-- paths, so the existing "Open this folder" button submits them. When the -->
|
||||
<!-- daemon can't browse, the same box is the only way to add a path. -->
|
||||
<!-- Built on the design-system Dialog / Button / IconButton primitives. -->
|
||||
<!-- Daemon-driven folder browser for adding a workspace: starts at $HOME -->
|
||||
<!-- (fs:home), shows recent roots as quick-picks, a clickable breadcrumb, and -->
|
||||
<!-- the folder list (fs:browse). "Open this folder" adds the current path. -->
|
||||
<!-- Falls back to a paste-path escape hatch when the daemon can't browse. -->
|
||||
<!-- Built on the design-system Dialog / Field / Input / Button primitives. -->
|
||||
<script setup lang="ts">
|
||||
import { computed, onMounted, onUnmounted, ref, watch } from 'vue';
|
||||
import { useI18n } from 'vue-i18n';
|
||||
import type { FsBrowseEntry, FsBrowseResult } from '../../api/types';
|
||||
import {
|
||||
currentValidatedWorkspacePath,
|
||||
isWorkspacePathInput,
|
||||
joinWorkspacePathCandidate,
|
||||
parseWorkspacePathInput,
|
||||
type WorkspacePathSeparator,
|
||||
} from '../../lib/workspacePathInput';
|
||||
import Dialog from '../ui/Dialog.vue';
|
||||
import Button from '../ui/Button.vue';
|
||||
import IconButton from '../ui/IconButton.vue';
|
||||
import Input from '../ui/Input.vue';
|
||||
import Field from '../ui/Field.vue';
|
||||
import Spinner from '../ui/Spinner.vue';
|
||||
import Badge from '../ui/Badge.vue';
|
||||
import Icon from '../ui/Icon.vue';
|
||||
|
|
@ -68,32 +60,6 @@ const isSearching = computed(() => filter.value.trim().length > 0);
|
|||
let searchToken = 0;
|
||||
let searchTimer: ReturnType<typeof setTimeout> | null = null;
|
||||
|
||||
// Absolute-path entry shares the same box: absolute-looking input switches
|
||||
// from fuzzy search to path mode — POSIX ("/x"), home ("~" / "~/x"), Windows
|
||||
// drive ("C:\x" / "C:/x") and UNC ("\\srv\x"). A valid path live-follows (the
|
||||
// browser jumps to it, so "Open this folder" submits it); an invalid one
|
||||
// shows a specific error plus prefix-matched candidates in the list.
|
||||
const isPathMode = computed(() => isWorkspacePathInput(filter.value));
|
||||
type PathState = 'idle' | 'checking' | 'valid' | 'not-found' | 'bad-parent';
|
||||
const pathState = ref<PathState>('idle');
|
||||
const pathParent = ref('');
|
||||
const pathSeparator = ref<WorkspacePathSeparator>('/');
|
||||
const pathCandidates = ref<FsBrowseEntry[]>([]);
|
||||
/** $HOME for expanding "~" — fetched eagerly on mount. */
|
||||
const homePath = ref('');
|
||||
const filterEl = ref<HTMLInputElement | null>(null);
|
||||
/** The lexical path the user typed, kept for the add action: the daemon's
|
||||
* browse result is canonicalized (realpath), but workspace ids are based on
|
||||
* the lexical root, so a typed symlink path must not be submitted as its
|
||||
* resolved target. Null outside path mode or when the input isn't valid. */
|
||||
const typedAddPath = ref<string | null>(null);
|
||||
const validatedAddPath = computed(() => {
|
||||
if (pathState.value !== 'valid') return null;
|
||||
return currentValidatedWorkspacePath(filter.value, homePath.value, typedAddPath.value);
|
||||
});
|
||||
let pathToken = 0;
|
||||
let pathTimer: ReturnType<typeof setTimeout> | null = null;
|
||||
|
||||
/** Subsequence fuzzy match (query chars appear in order). */
|
||||
function fuzzyMatch(query: string, text: string): boolean {
|
||||
const q = query.toLowerCase();
|
||||
|
|
@ -149,122 +115,19 @@ async function runSearch(query: string): Promise<void> {
|
|||
|
||||
watch(filter, (q) => {
|
||||
if (searchTimer) clearTimeout(searchTimer);
|
||||
if (pathTimer) clearTimeout(pathTimer);
|
||||
// Invalidate the previous path immediately, before the next debounced check.
|
||||
// This also makes any in-flight response stale and prevents Enter/Open from
|
||||
// submitting the last valid path while the input already shows a new one.
|
||||
pathToken++;
|
||||
pathState.value = 'idle';
|
||||
pathCandidates.value = [];
|
||||
typedAddPath.value = null;
|
||||
const t = q.trim();
|
||||
if (t === '') {
|
||||
if (q.trim() === '') {
|
||||
searchToken++; // cancel any in-flight walk
|
||||
searchResults.value = [];
|
||||
searching.value = false;
|
||||
return;
|
||||
}
|
||||
if (isWorkspacePathInput(t)) {
|
||||
// Path mode — fuzzy search is off; validate unless browsing is down (then
|
||||
// the box is format-only and Enter adds directly).
|
||||
searchToken++;
|
||||
searchResults.value = [];
|
||||
searching.value = false;
|
||||
if (browseFailed.value) return;
|
||||
pathState.value = 'checking';
|
||||
pathTimer = setTimeout(() => void validatePathInput(t), 150);
|
||||
return;
|
||||
}
|
||||
searchTimer = setTimeout(() => void runSearch(q), 220);
|
||||
});
|
||||
|
||||
/**
|
||||
* Debounced validation for path-mode input. `browseFs` defensively returns an
|
||||
* empty path on failure, so a miss means "doesn't exist"; we then browse the
|
||||
* parent for prefix-matched candidates. On a hit the browser live-follows.
|
||||
*/
|
||||
async function validatePathInput(raw: string): Promise<void> {
|
||||
const token = ++pathToken;
|
||||
pathState.value = 'checking';
|
||||
typedAddPath.value = null;
|
||||
const parsed = parseWorkspacePathInput(raw, homePath.value);
|
||||
const { target } = parsed;
|
||||
try {
|
||||
const res = await props.browseFs(target);
|
||||
if (token !== pathToken) return;
|
||||
if (res.path) {
|
||||
pathState.value = 'valid';
|
||||
pathCandidates.value = [];
|
||||
typedAddPath.value = target;
|
||||
// Display follows the canonical target; the add action uses typedAddPath.
|
||||
currentPath.value = res.path;
|
||||
parentPath.value = res.parent;
|
||||
entries.value = res.entries;
|
||||
browseFailed.value = false;
|
||||
return;
|
||||
}
|
||||
} catch {
|
||||
// fall through to the not-found handling below
|
||||
}
|
||||
if (token !== pathToken) return;
|
||||
const base = parsed.base.toLowerCase();
|
||||
pathParent.value = parsed.parent;
|
||||
pathSeparator.value = parsed.separator;
|
||||
try {
|
||||
const res = await props.browseFs(parsed.parent);
|
||||
if (token !== pathToken) return;
|
||||
if (res.path) {
|
||||
pathCandidates.value = res.entries.filter(
|
||||
(e) => e.isDir && e.name.toLowerCase().startsWith(base),
|
||||
);
|
||||
pathState.value = 'not-found';
|
||||
return;
|
||||
}
|
||||
} catch {
|
||||
// fall through to bad-parent
|
||||
}
|
||||
if (token !== pathToken) return;
|
||||
pathCandidates.value = [];
|
||||
pathState.value = 'bad-parent';
|
||||
}
|
||||
|
||||
/** Accept a completion candidate while preserving the lexical parent path. */
|
||||
function pickCandidate(name: string): void {
|
||||
filter.value = joinWorkspacePathCandidate(pathParent.value, name, pathSeparator.value);
|
||||
filterEl.value?.focus();
|
||||
}
|
||||
|
||||
const filterPlaceholder = computed(() =>
|
||||
browseFailed.value ? t('workspace.degradedPlaceholder') : t('workspace.searchPlaceholder'),
|
||||
);
|
||||
|
||||
const footerHint = computed(() => {
|
||||
if (browseFailed.value) return t('workspace.degradedHint');
|
||||
if (isPathMode.value && pathState.value === 'valid') return t('workspace.pathFollowHint');
|
||||
return t('workspace.browseHint');
|
||||
});
|
||||
|
||||
function handleFilterKeydown(event: KeyboardEvent): void {
|
||||
if (event.key === 'Escape') {
|
||||
// First Esc clears the box (back to browsing); a second closes the dialog.
|
||||
if (filter.value) filter.value = '';
|
||||
else emit('close');
|
||||
return;
|
||||
}
|
||||
if (event.key !== 'Enter') return;
|
||||
const text = filter.value.trim();
|
||||
if (!isWorkspacePathInput(text)) return; // fuzzy search: Enter keeps doing nothing
|
||||
event.preventDefault();
|
||||
if (browseFailed.value) {
|
||||
const { target } = parseWorkspacePathInput(text, homePath.value);
|
||||
if (target) emit('add', target);
|
||||
return;
|
||||
}
|
||||
if (pathState.value === 'valid') openThisFolder();
|
||||
else if (pathState.value === 'not-found' && pathCandidates.value[0]) {
|
||||
pickCandidate(pathCandidates.value[0].name);
|
||||
}
|
||||
}
|
||||
// Paste-path escape hatch — collapsed into a secondary "enter path" affordance.
|
||||
const pasteOpen = ref(false);
|
||||
const pathInput = ref('');
|
||||
const pathTrimmed = computed(() => pathInput.value.trim());
|
||||
|
||||
/** Split the current absolute path into clickable breadcrumb segments. */
|
||||
const crumbs = computed<{ label: string; path: string }[]>(() => {
|
||||
|
|
@ -280,21 +143,14 @@ const crumbs = computed<{ label: string; path: string }[]>(() => {
|
|||
return out;
|
||||
});
|
||||
|
||||
const canOpen = computed(() => {
|
||||
if (currentPath.value.length === 0) return false;
|
||||
// In path mode only a validated target may be opened — otherwise the button
|
||||
// would submit the stale prefix the browser last followed to.
|
||||
if (isPathMode.value && validatedAddPath.value === null) return false;
|
||||
return true;
|
||||
});
|
||||
const canOpen = computed(() => currentPath.value.length > 0);
|
||||
|
||||
async function navigate(path?: string): Promise<void> {
|
||||
loading.value = true;
|
||||
try {
|
||||
const result = await props.browseFs(path);
|
||||
// A result with no path back means the daemon can't browse → degraded
|
||||
// mode, where the input box is the only way to add a path (the adapter
|
||||
// returns { path: '', parent: null, [] } on error).
|
||||
// A result with no path back means the daemon can't browse → fall back to
|
||||
// the paste field (the adapter returns { path: '', parent: null, [] } on error).
|
||||
if (!result.path) {
|
||||
browseFailed.value = true;
|
||||
return;
|
||||
|
|
@ -322,24 +178,25 @@ function goUp(): void {
|
|||
|
||||
function openThisFolder(): void {
|
||||
if (!canOpen.value) return;
|
||||
// Path mode submits the typed lexical root; browsing submits the (canonical)
|
||||
// folder the browser sits in — matching the removed paste field's semantics.
|
||||
emit('add', validatedAddPath.value ?? currentPath.value);
|
||||
emit('add', currentPath.value);
|
||||
}
|
||||
|
||||
function handlePasteAdd(): void {
|
||||
if (pathTrimmed.value.length === 0) return;
|
||||
emit('add', pathTrimmed.value);
|
||||
}
|
||||
|
||||
onMounted(async () => {
|
||||
loading.value = true;
|
||||
try {
|
||||
// $HOME up-front: needed for "~" expansion and as the browse fallback.
|
||||
const home = await props.getFsHome().catch(() => ({ home: '', recentRoots: [] as string[] }));
|
||||
if (home.home) homePath.value = home.home;
|
||||
// Default to the path kimi-web is working in; fall back to $HOME.
|
||||
if (props.defaultPath) {
|
||||
await navigate(props.defaultPath);
|
||||
if (!browseFailed.value) return;
|
||||
}
|
||||
if (homePath.value) {
|
||||
await navigate(homePath.value);
|
||||
const home = await props.getFsHome();
|
||||
if (home.home) {
|
||||
await navigate(home.home);
|
||||
} else {
|
||||
browseFailed.value = true;
|
||||
}
|
||||
|
|
@ -352,125 +209,122 @@ onMounted(async () => {
|
|||
|
||||
onUnmounted(() => {
|
||||
if (searchTimer) clearTimeout(searchTimer);
|
||||
if (pathTimer) clearTimeout(pathTimer);
|
||||
});
|
||||
</script>
|
||||
|
||||
<template>
|
||||
<Dialog v-model:open="open" :title="t('workspace.addTitle')" size="lg" height="fixed" @close="emit('close')">
|
||||
<div class="aw">
|
||||
<!-- Breadcrumb + up (hidden when the daemon can't browse) -->
|
||||
<div v-if="!browseFailed" class="crumbbar">
|
||||
<IconButton
|
||||
size="sm"
|
||||
:disabled="!parentPath"
|
||||
:label="t('workspace.up')"
|
||||
@click="goUp"
|
||||
>
|
||||
<Icon name="arrow-up" size="md" />
|
||||
</IconButton>
|
||||
<div class="crumbs">
|
||||
<template v-for="(c, i) in crumbs" :key="c.path">
|
||||
<!-- crumbs[0] is the root "/" itself, so skip the separator before crumbs[1]. -->
|
||||
<span v-if="i > 1" class="crumb-sep">/</span>
|
||||
<button class="crumb" :class="{ last: i === crumbs.length - 1 }" @click="navigate(c.path)">{{ c.label }}</button>
|
||||
</template>
|
||||
<!-- Folder browser -->
|
||||
<template v-if="!browseFailed">
|
||||
<!-- Breadcrumb + up -->
|
||||
<div class="crumbbar">
|
||||
<IconButton
|
||||
size="sm"
|
||||
:disabled="!parentPath"
|
||||
:label="t('workspace.up')"
|
||||
@click="goUp"
|
||||
>
|
||||
<Icon name="arrow-up" size="md" />
|
||||
</IconButton>
|
||||
<div class="crumbs">
|
||||
<template v-for="(c, i) in crumbs" :key="c.path">
|
||||
<!-- crumbs[0] is the root "/" itself, so skip the separator before crumbs[1]. -->
|
||||
<span v-if="i > 1" class="crumb-sep">/</span>
|
||||
<button class="crumb" :class="{ last: i === crumbs.length - 1 }" @click="navigate(c.path)">{{ c.label }}</button>
|
||||
</template>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- One box for everything: fuzzy search across the whole current folder
|
||||
normally; absolute-path entry when the input looks absolute (POSIX,
|
||||
"~", Windows drive or UNC). Always visible — when the daemon can't
|
||||
browse it's the only way. -->
|
||||
<div
|
||||
v-if="!loading || browseFailed"
|
||||
class="filterbar"
|
||||
:class="{ 'has-error': pathState === 'not-found' || pathState === 'bad-parent' }"
|
||||
>
|
||||
<Icon class="filter-icon" name="search" size="md" />
|
||||
<input
|
||||
ref="filterEl"
|
||||
v-model="filter"
|
||||
class="filter-input"
|
||||
type="text"
|
||||
:placeholder="filterPlaceholder"
|
||||
autocomplete="off"
|
||||
spellcheck="false"
|
||||
@keydown.stop="handleFilterKeydown"
|
||||
/>
|
||||
<Spinner v-if="searching || pathState === 'checking'" size="sm" />
|
||||
</div>
|
||||
<!-- fzf search across the whole current folder (recursive, fuzzy) -->
|
||||
<div v-if="!loading" class="filterbar">
|
||||
<Icon class="filter-icon" name="search" size="md" />
|
||||
<input
|
||||
v-model="filter"
|
||||
class="filter-input"
|
||||
type="text"
|
||||
:placeholder="t('workspace.searchPlaceholder')"
|
||||
autocomplete="off"
|
||||
spellcheck="false"
|
||||
@keydown.stop
|
||||
/>
|
||||
<Spinner v-if="searching" size="sm" />
|
||||
</div>
|
||||
|
||||
<!-- Folder list. Fixed height → the dialog never resizes while searching. -->
|
||||
<div v-if="!browseFailed" class="folder-list">
|
||||
<div v-if="loading" class="fl-loading">{{ t('workspace.browsing') }}</div>
|
||||
<!-- Folder list. Fixed height → the dialog never resizes while searching. -->
|
||||
<div class="folder-list">
|
||||
<div v-if="loading" class="fl-loading">{{ t('workspace.browsing') }}</div>
|
||||
|
||||
<!-- Path mode: validation states. A valid path live-follows, so it falls
|
||||
through to the browse rows below. -->
|
||||
<template v-else-if="isPathMode && pathState !== 'valid'">
|
||||
<div v-if="pathState === 'checking'" class="fl-loading">{{ t('workspace.checkingPath') }}</div>
|
||||
<template v-else-if="pathState === 'not-found'">
|
||||
<div v-if="pathCandidates.length > 0" class="fl-note">{{ t('workspace.pathPickHint') }}</div>
|
||||
<!-- Search mode: recursive fuzzy hits (relative paths) -->
|
||||
<template v-else-if="isSearching">
|
||||
<button
|
||||
v-for="c in pathCandidates"
|
||||
:key="c.path"
|
||||
v-for="hit in searchResults"
|
||||
:key="hit.path"
|
||||
class="folder-row"
|
||||
@click="pickCandidate(c.name)"
|
||||
@click="navigate(hit.path)"
|
||||
>
|
||||
<Icon class="dir-icon" name="folder-closed" size="sm" />
|
||||
<span class="folder-name">{{ c.name }}</span>
|
||||
<Badge v-if="c.isGitRepo" variant="info" size="sm">
|
||||
{{ t('workspace.gitTag') }}<span v-if="c.branch" class="git-branch"> {{ c.branch }}</span>
|
||||
<span class="folder-name search-rel">{{ hit.rel }}</span>
|
||||
<Badge v-if="hit.isGitRepo" variant="info" size="sm">
|
||||
{{ t('workspace.gitTag') }}<span v-if="hit.branch" class="git-branch"> {{ hit.branch }}</span>
|
||||
</Badge>
|
||||
</button>
|
||||
<div v-if="pathCandidates.length === 0" class="fl-empty fl-error">
|
||||
{{ t('workspace.noPathMatch', { parent: pathParent }) }}
|
||||
</div>
|
||||
<div v-if="!searching && searchResults.length === 0" class="fl-empty">{{ t('workspace.noFilterMatch', { q: filter.trim() }) }}</div>
|
||||
<div v-else-if="searching && searchResults.length === 0" class="fl-loading">{{ t('workspace.searching') }}</div>
|
||||
</template>
|
||||
<div v-else-if="pathState === 'bad-parent'" class="fl-empty fl-error">
|
||||
{{ t('workspace.badParent', { parent: pathParent }) }}
|
||||
|
||||
<!-- Browse mode: the current folder's subfolders -->
|
||||
<template v-else>
|
||||
<button
|
||||
v-for="entry in entries"
|
||||
:key="entry.path"
|
||||
class="folder-row"
|
||||
@click="openEntry(entry)"
|
||||
>
|
||||
<Icon class="dir-icon" name="folder-closed" size="sm" />
|
||||
<span class="folder-name">{{ entry.name }}</span>
|
||||
<Badge v-if="entry.isGitRepo" variant="info" size="sm">
|
||||
{{ t('workspace.gitTag') }}<span v-if="entry.branch" class="git-branch"> {{ entry.branch }}</span>
|
||||
</Badge>
|
||||
</button>
|
||||
<div v-if="entries.length === 0" class="fl-empty">{{ t('workspace.noSubfolders') }}</div>
|
||||
</template>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
<!-- Paste an absolute path — secondary, collapsed behind a toggle (always
|
||||
expanded when the daemon can't browse, since it's then the only way). -->
|
||||
<div class="paste-section" :class="{ 'paste-only': browseFailed }">
|
||||
<Button
|
||||
v-if="!browseFailed && !pasteOpen"
|
||||
variant="ghost"
|
||||
size="sm"
|
||||
@click="pasteOpen = true"
|
||||
>
|
||||
{{ t('workspace.pasteToggle') }}
|
||||
</Button>
|
||||
<Field v-else :label="t('workspace.pathLabel')">
|
||||
<div class="paste-row">
|
||||
<div class="paste-input-wrap">
|
||||
<Input
|
||||
v-model="pathInput"
|
||||
:placeholder="t('workspace.pathPlaceholder')"
|
||||
autocomplete="off"
|
||||
spellcheck="false"
|
||||
@keydown.enter.stop="handlePasteAdd"
|
||||
/>
|
||||
</div>
|
||||
<IconButton
|
||||
:disabled="pathTrimmed.length === 0"
|
||||
:label="t('workspace.add')"
|
||||
@click="handlePasteAdd"
|
||||
>
|
||||
<Icon name="plus" size="md" />
|
||||
</IconButton>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
<!-- Search mode: recursive fuzzy hits (relative paths) -->
|
||||
<template v-else-if="isSearching && !isPathMode">
|
||||
<button
|
||||
v-for="hit in searchResults"
|
||||
:key="hit.path"
|
||||
class="folder-row"
|
||||
@click="navigate(hit.path)"
|
||||
>
|
||||
<Icon class="dir-icon" name="folder-closed" size="sm" />
|
||||
<span class="folder-name search-rel">{{ hit.rel }}</span>
|
||||
<Badge v-if="hit.isGitRepo" variant="info" size="sm">
|
||||
{{ t('workspace.gitTag') }}<span v-if="hit.branch" class="git-branch"> {{ hit.branch }}</span>
|
||||
</Badge>
|
||||
</button>
|
||||
<div v-if="!searching && searchResults.length === 0" class="fl-empty">{{ t('workspace.noFilterMatch', { q: filter.trim() }) }}</div>
|
||||
<div v-else-if="searching && searchResults.length === 0" class="fl-loading">{{ t('workspace.searching') }}</div>
|
||||
</template>
|
||||
|
||||
<!-- Browse mode: the current folder's subfolders -->
|
||||
<template v-else>
|
||||
<button
|
||||
v-for="entry in entries"
|
||||
:key="entry.path"
|
||||
class="folder-row"
|
||||
@click="openEntry(entry)"
|
||||
>
|
||||
<Icon class="dir-icon" name="folder-closed" size="sm" />
|
||||
<span class="folder-name">{{ entry.name }}</span>
|
||||
<Badge v-if="entry.isGitRepo" variant="info" size="sm">
|
||||
{{ t('workspace.gitTag') }}<span v-if="entry.branch" class="git-branch"> {{ entry.branch }}</span>
|
||||
</Badge>
|
||||
</button>
|
||||
<div v-if="entries.length === 0" class="fl-empty">{{ t('workspace.noSubfolders') }}</div>
|
||||
</template>
|
||||
</Field>
|
||||
</div>
|
||||
|
||||
<!-- Degraded: the daemon can't browse — the box above is the only way. -->
|
||||
<div v-else class="degraded-hint">{{ t('workspace.degradedHint') }}</div>
|
||||
|
||||
<!-- Inline error from a failed add attempt. Shown inside the dialog so it
|
||||
is visible above the backdrop and persists until the next attempt. -->
|
||||
<div v-if="error" class="add-error" role="alert">{{ error }}</div>
|
||||
|
|
@ -488,7 +342,7 @@ onUnmounted(() => {
|
|||
<Button variant="secondary" @click="emit('close')">{{ t('workspace.cancel') }}</Button>
|
||||
</div>
|
||||
|
||||
<div class="footer-hint">{{ footerHint }}</div>
|
||||
<div class="footer-hint">{{ t('workspace.browseHint') }}</div>
|
||||
</div>
|
||||
</Dialog>
|
||||
</template>
|
||||
|
|
@ -555,10 +409,6 @@ onUnmounted(() => {
|
|||
.filter-input::placeholder { color: var(--color-text-muted); }
|
||||
.search-rel { color: var(--color-text); }
|
||||
|
||||
/* Path-mode error: tint the shared box's border + icon. */
|
||||
.filterbar.has-error { border-bottom-color: var(--color-danger); }
|
||||
.filterbar.has-error .filter-icon { color: var(--color-danger); }
|
||||
|
||||
/* Folder list */
|
||||
.folder-list {
|
||||
height: 300px;
|
||||
|
|
@ -571,12 +421,6 @@ onUnmounted(() => {
|
|||
color: var(--color-text-muted);
|
||||
font-size: var(--text-sm);
|
||||
}
|
||||
.fl-note {
|
||||
padding: var(--space-2) var(--space-4);
|
||||
font-size: var(--text-sm);
|
||||
color: var(--color-text-muted);
|
||||
}
|
||||
.fl-error { color: var(--color-danger); }
|
||||
.folder-row {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
|
|
@ -605,13 +449,18 @@ onUnmounted(() => {
|
|||
}
|
||||
.git-branch { color: var(--color-text-muted); }
|
||||
|
||||
/* Degraded mode (daemon can't browse): compact hint under the input box. */
|
||||
.degraded-hint {
|
||||
padding: var(--space-6) var(--space-5);
|
||||
text-align: center;
|
||||
color: var(--color-text-muted);
|
||||
font-size: var(--text-sm);
|
||||
/* Paste-path escape hatch */
|
||||
.paste-section {
|
||||
padding: var(--space-3) var(--space-5);
|
||||
border-top: 1px solid var(--color-line);
|
||||
}
|
||||
.paste-section.paste-only { border-top: none; }
|
||||
.paste-row {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
gap: var(--space-2);
|
||||
}
|
||||
.paste-input-wrap { flex: 1; min-width: 0; }
|
||||
|
||||
/* Actions */
|
||||
.add-error {
|
||||
|
|
|
|||
|
|
@ -33,25 +33,17 @@ const emit = defineEmits<{
|
|||
// -------------------------------------------------------------------------
|
||||
|
||||
const props = defineProps<{
|
||||
onStartOAuthLogin: () => Promise<
|
||||
| {
|
||||
flowId: string;
|
||||
provider: string;
|
||||
status: 'pending';
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
expiresAt: string;
|
||||
}
|
||||
| {
|
||||
flowId: string;
|
||||
provider: string;
|
||||
status: 'authenticated';
|
||||
}
|
||||
| null
|
||||
>;
|
||||
onStartOAuthLogin: () => Promise<{
|
||||
flowId: string;
|
||||
provider: string;
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
status: 'pending';
|
||||
expiresAt: string;
|
||||
} | null>;
|
||||
onPollOAuthLogin: () => Promise<{
|
||||
flowId: string;
|
||||
status: 'pending' | 'authenticated' | 'expired' | 'cancelled';
|
||||
|
|
@ -115,19 +107,6 @@ async function startFlow(): Promise<void> {
|
|||
return;
|
||||
}
|
||||
|
||||
// Already-authenticated fast path: the server had a usable cached token and
|
||||
// did not issue a device code. Skip the device-code UI entirely and surface
|
||||
// the success state — the poller is irrelevant here.
|
||||
if (result.status === 'authenticated') {
|
||||
stopTimers();
|
||||
step.value = 'success';
|
||||
setTimeout(() => {
|
||||
emit('success');
|
||||
emit('close');
|
||||
}, 800);
|
||||
return;
|
||||
}
|
||||
|
||||
flow.value = {
|
||||
flowId: result.flowId,
|
||||
verificationUri: result.verificationUri,
|
||||
|
|
|
|||
|
|
@ -72,10 +72,12 @@ function onColorScheme(v: string): void {
|
|||
|
||||
const PERM_MODES: PermissionMode[] = ['manual', 'auto', 'yolo'];
|
||||
|
||||
// Identity is the model id — display/model names can collide across providers.
|
||||
const currentModel = computed<AppModel | undefined>(() =>
|
||||
props.models?.find((m) => m.id === props.status?.modelId),
|
||||
);
|
||||
const currentModel = computed<AppModel | undefined>(() => {
|
||||
const raw = props.status?.modelId ?? props.status?.model ?? '';
|
||||
return props.models?.find(
|
||||
(m) => m.id === raw || m.model === raw || m.displayName === props.status?.model,
|
||||
);
|
||||
});
|
||||
const thinkingAvailability = computed(() => modelThinkingAvailability(currentModel.value));
|
||||
const thinkingSegments = computed(() => segmentsFor(currentModel.value));
|
||||
// The persisted level can be stale relative to the active model (e.g. 'on'
|
||||
|
|
|
|||
|
|
@ -7,18 +7,9 @@
|
|||
|
||||
import { ref, type ComputedRef } from 'vue';
|
||||
import { getKimiWebApi } from '../../api';
|
||||
import type {
|
||||
AppMessage,
|
||||
AppModel,
|
||||
AppProvider,
|
||||
AppSession,
|
||||
AppSkill,
|
||||
OAuthLoginStartResult,
|
||||
ThinkingLevel,
|
||||
} from '../../api/types';
|
||||
import type { AppMessage, AppModel, AppProvider, AppSession, AppSkill, ThinkingLevel } from '../../api/types';
|
||||
import { safeGetString, safeSetString, STORAGE_KEYS } from '../../lib/storage';
|
||||
import { coerceThinkingForModel, thinkingLevelForModelSwitch } from '../../lib/modelThinking';
|
||||
import { beginLocalTurn, settleLocalTurn } from './useWorkspaceState';
|
||||
import { coerceThinkingForModel } from '../../lib/modelThinking';
|
||||
import type { ActivityState } from '../../types';
|
||||
import type { ExtendedState } from '../useKimiWebClient';
|
||||
|
||||
|
|
@ -111,26 +102,14 @@ export function useModelProviderState(
|
|||
|
||||
function modelById(modelId: string | null | undefined): AppModel | undefined {
|
||||
if (modelId === undefined || modelId === null || modelId.length === 0) return undefined;
|
||||
// Prefer the exact id — model names can collide across providers.
|
||||
return (
|
||||
models.value.find((m) => m.id === modelId) ??
|
||||
models.value.find((m) => m.model === modelId)
|
||||
);
|
||||
}
|
||||
|
||||
function currentModelId(): string | undefined {
|
||||
const activeSession = rawState.activeSessionId
|
||||
? rawState.sessions.find((s) => s.id === rawState.activeSessionId)
|
||||
: undefined;
|
||||
const rawModel =
|
||||
activeSession === undefined
|
||||
? draftModel.value ?? rawState.defaultModel
|
||||
: activeSession.model || rawState.defaultModel;
|
||||
return modelById(rawModel)?.id ?? rawModel ?? undefined;
|
||||
return models.value.find((m) => m.id === modelId || m.model === modelId);
|
||||
}
|
||||
|
||||
function activeThinkingModel(): AppModel | undefined {
|
||||
return modelById(currentModelId());
|
||||
const activeSession = rawState.activeSessionId
|
||||
? rawState.sessions.find((s) => s.id === rawState.activeSessionId)
|
||||
: undefined;
|
||||
return modelById(activeSession?.model ?? draftModel.value ?? rawState.defaultModel);
|
||||
}
|
||||
|
||||
function applyThinkingLevel(level: ThinkingLevel): ThinkingLevel {
|
||||
|
|
@ -209,13 +188,8 @@ export function useModelProviderState(
|
|||
*/
|
||||
async function setModel(modelId: string): Promise<boolean> {
|
||||
const sid = rawState.activeSessionId;
|
||||
const targetModel = modelById(modelId);
|
||||
const nextThinking = coerceThinkingForModel(modelById(modelId), rawState.thinking);
|
||||
const prevThinking = rawState.thinking;
|
||||
const prevSessionModel = sid
|
||||
? rawState.sessions.find((s) => s.id === sid)?.model
|
||||
: undefined;
|
||||
const isSwitch = currentModelId() !== (targetModel?.id ?? modelId);
|
||||
const nextThinking = thinkingLevelForModelSwitch(targetModel, prevThinking, isSwitch);
|
||||
if (!sid) {
|
||||
// New-session draft (onboarding composer): no backend session to update.
|
||||
// Remember the pick — startSessionAndSendPrompt applies it at create time.
|
||||
|
|
@ -225,6 +199,7 @@ export function useModelProviderState(
|
|||
}
|
||||
// Optimistic: show the chosen model immediately, but remember the previous
|
||||
// one so we can roll back if the switch never reaches the daemon.
|
||||
const prevModel = rawState.sessions.find((s) => s.id === sid)?.model;
|
||||
updateSession(sid, (s) => ({ ...s, model: modelId }));
|
||||
if (nextThinking !== prevThinking) {
|
||||
rawState.thinking = nextThinking;
|
||||
|
|
@ -240,7 +215,7 @@ export function useModelProviderState(
|
|||
// not fail it — but when the daemon is unreachable the request throws here.
|
||||
// Roll the picker back to the real model so the UI can't keep showing the
|
||||
// new one as if the switch succeeded, then surface the failure.
|
||||
updateSession(sid, (s) => ({ ...s, model: prevSessionModel ?? s.model }));
|
||||
updateSession(sid, (s) => ({ ...s, model: prevModel ?? s.model }));
|
||||
if (nextThinking !== prevThinking) {
|
||||
rawState.thinking = prevThinking;
|
||||
saveThinkingToStorage(prevThinking);
|
||||
|
|
@ -282,10 +257,7 @@ export function useModelProviderState(
|
|||
const guarded = activity.value === 'idle' && !inFlightPromptSessions.has(sid);
|
||||
const tempId = `msg_skill_opt_${Date.now().toString(36)}`;
|
||||
|
||||
const localTurnToken = guarded ? beginLocalTurn(sid) : undefined;
|
||||
if (guarded) {
|
||||
// Share the local-turn-start lifecycle with prompt submits: a racing
|
||||
// terminal snapshot must not clear this skill's turn either.
|
||||
inFlightPromptSessions.add(sid);
|
||||
rawState.sendingBySession = { ...rawState.sendingBySession, [sid]: true };
|
||||
const optimisticMsg: AppMessage = {
|
||||
|
|
@ -316,10 +288,6 @@ export function useModelProviderState(
|
|||
updateSessionMessages(sid, (msgs) => msgs.filter((m) => m.id !== tempId));
|
||||
}
|
||||
pushOperationFailure('activateSkill', err, { sessionId: sid });
|
||||
} finally {
|
||||
// The daemon answered the activation (accepted or rejected) — the
|
||||
// pending window in which a snapshot can't reflect this turn is over.
|
||||
if (localTurnToken !== undefined) settleLocalTurn(sid, localTurnToken);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -381,7 +349,17 @@ export function useModelProviderState(
|
|||
}
|
||||
|
||||
/** Start managed Kimi OAuth device flow. Returns flow data or null on error. */
|
||||
async function startOAuthLogin(): Promise<OAuthLoginStartResult | null> {
|
||||
async function startOAuthLogin(): Promise<{
|
||||
flowId: string;
|
||||
provider: string;
|
||||
verificationUri: string;
|
||||
verificationUriComplete: string;
|
||||
userCode: string;
|
||||
expiresIn: number;
|
||||
interval: number;
|
||||
status: 'pending';
|
||||
expiresAt: string;
|
||||
} | null> {
|
||||
try {
|
||||
const api = getKimiWebApi();
|
||||
return await api.startOAuthLogin();
|
||||
|
|
|
|||
|
|
@ -12,13 +12,10 @@ import { getKimiWebApi } from '../../api';
|
|||
import { i18n } from '../../i18n';
|
||||
import { useConfirmDialog } from '../useConfirmDialog';
|
||||
import { isDaemonApiError } from '../../api/errors';
|
||||
import { SERVER_AUTH_UNAUTHORIZED_CODE } from '../../api/daemon/http';
|
||||
import type {
|
||||
AppConfig,
|
||||
AppInFlightTurn,
|
||||
AppMessage,
|
||||
AppSession,
|
||||
AppSessionStatus,
|
||||
AppWorkspace,
|
||||
ApprovalDecision,
|
||||
ApprovalResponse,
|
||||
|
|
@ -60,10 +57,6 @@ const WORKSPACE_NOT_FOUND_CODE = 40410;
|
|||
// duplicate submit is reported as a conflict even though the desired end
|
||||
// state (resolved) is already reached. We treat it as a benign no-op.
|
||||
const ALREADY_RESOLVED_CODE = 40902;
|
||||
// First load polls /auth until it gives a definitive answer (see load()).
|
||||
const FIRST_LOAD_AUTH_RETRY_MS = 2000;
|
||||
|
||||
type AuthCheckResult = 'proceed' | 'retry' | 'server-auth-required';
|
||||
|
||||
function isAlreadyResolvedError(err: unknown): boolean {
|
||||
return isDaemonApiError(err) && err.code === ALREADY_RESOLVED_CODE;
|
||||
|
|
@ -101,82 +94,6 @@ const pendingTaskCancellations = reactive<Record<string, true>>({});
|
|||
*/
|
||||
const startingFirstPromptWorkspaces = reactive(new Set<string>());
|
||||
|
||||
/**
|
||||
* Per-session local-turn-start lifecycle, shared by EVERY entry point that
|
||||
* starts a turn locally (prompt submit/steer in this module, skill activation
|
||||
* in useModelProviderState). Two pieces of state:
|
||||
* - generation: bumped synchronously at every local turn start, so a
|
||||
* snapshot requested BEFORE the start can tell it predates the turn;
|
||||
* - pending: set while the start request (POST /prompts or skill
|
||||
* activation) has not been acknowledged by the daemon — a snapshot
|
||||
* requested in that window cannot reflect the turn server-side either.
|
||||
* Module-level singleton — matches `inFlightPromptSessions` in the facade.
|
||||
*/
|
||||
const promptGenerationBySession = new Map<string, number>();
|
||||
const pendingLocalTurnStarts = new Map<string, Set<number>>();
|
||||
const afterLocalTurnsSettled = new Map<string, () => void>();
|
||||
let nextLocalTurnToken = 0;
|
||||
|
||||
export interface LocalTurnStartState {
|
||||
generation: number;
|
||||
pending: boolean;
|
||||
}
|
||||
|
||||
/** Snapshot of the local-turn-start state, captured BEFORE an async snapshot
|
||||
* fetch so the caller can reject a snapshot that predates a local turn. */
|
||||
export function localTurnStartState(sid: string): LocalTurnStartState {
|
||||
return {
|
||||
generation: promptGenerationBySession.get(sid) ?? 0,
|
||||
pending: (pendingLocalTurnStarts.get(sid)?.size ?? 0) > 0,
|
||||
};
|
||||
}
|
||||
|
||||
/** Shared "a local turn just started" lifecycle: bumps the generation and
|
||||
* marks the start request pending. Call synchronously before the first
|
||||
* await of every local turn entry point. */
|
||||
export function beginLocalTurn(sid: string): number {
|
||||
const token = ++nextLocalTurnToken;
|
||||
promptGenerationBySession.set(sid, token);
|
||||
const pending = pendingLocalTurnStarts.get(sid) ?? new Set<number>();
|
||||
pending.add(token);
|
||||
pendingLocalTurnStarts.set(sid, pending);
|
||||
return token;
|
||||
}
|
||||
|
||||
/** The daemon acknowledged (or rejected) the turn-start request. */
|
||||
export function settleLocalTurn(sid: string, token: number): void {
|
||||
const pending = pendingLocalTurnStarts.get(sid);
|
||||
if (pending === undefined) return;
|
||||
pending.delete(token);
|
||||
if (pending.size > 0) return;
|
||||
pendingLocalTurnStarts.delete(sid);
|
||||
const callback = afterLocalTurnsSettled.get(sid);
|
||||
afterLocalTurnsSettled.delete(sid);
|
||||
callback?.();
|
||||
}
|
||||
|
||||
/** Drop lifecycle state with the rest of a forgotten session. */
|
||||
export function forgetLocalTurnState(sid: string): void {
|
||||
promptGenerationBySession.delete(sid);
|
||||
pendingLocalTurnStarts.delete(sid);
|
||||
afterLocalTurnsSettled.delete(sid);
|
||||
}
|
||||
|
||||
/** Whether a snapshot request can still be applied without overwriting a
|
||||
* local turn that started before or during the request. */
|
||||
export function isLocalTurnSnapshotCurrent(sid: string, atRequest: LocalTurnStartState): boolean {
|
||||
return !atRequest.pending && atRequest.generation === (promptGenerationBySession.get(sid) ?? 0);
|
||||
}
|
||||
|
||||
/** Coalesce a skipped snapshot into one retry after local turn-start requests settle. */
|
||||
export function afterLocalTurnStartsSettle(sid: string, callback: () => void): void {
|
||||
if ((pendingLocalTurnStarts.get(sid)?.size ?? 0) === 0) {
|
||||
callback();
|
||||
return;
|
||||
}
|
||||
afterLocalTurnsSettled.set(sid, callback);
|
||||
}
|
||||
|
||||
type SyncSessionResult = 'ok' | 'not-found' | 'failed';
|
||||
|
||||
export interface PersistSessionProfilePatch {
|
||||
|
|
@ -239,9 +156,6 @@ export interface UseWorkspaceStateDeps {
|
|||
goalErrorMessage: (err: unknown) => string | undefined;
|
||||
resetFastMoon: () => void;
|
||||
initialized: Ref<boolean>;
|
||||
/** Diagnostic for the connecting splash, set by checkAuth on transient
|
||||
* failures and cleared once a check gets through. */
|
||||
connectIssue: Ref<string | null>;
|
||||
selectedDiffPath: Ref<string | null>;
|
||||
fileDiffLines: Ref<DiffViewLine[]>;
|
||||
fileDiffLoading: Ref<boolean>;
|
||||
|
|
@ -287,7 +201,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
goalErrorMessage,
|
||||
resetFastMoon,
|
||||
initialized,
|
||||
connectIssue,
|
||||
selectedDiffPath,
|
||||
fileDiffLines,
|
||||
fileDiffLoading,
|
||||
|
|
@ -390,61 +303,16 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
}
|
||||
}
|
||||
|
||||
/** Fetch auth readiness from GET /api/v1/auth. Defensive — never throws.
|
||||
* The web bundle always ships paired with its daemon, so this endpoint is
|
||||
* guaranteed to exist — every failure is either a credential rejection or
|
||||
* a transient error worth retrying:
|
||||
* - 'proceed' — response received; rawState reflects it (ready
|
||||
* or not)
|
||||
* - 'server-auth-required' — the daemon rejected our server credential
|
||||
* (401/40101); the ServerAuthDialog owns recovery
|
||||
* (it reloads once the token is entered)
|
||||
* - 'retry' — transient failure (network, timeout, 5xx); the
|
||||
* caller should retry instead of treating it as
|
||||
* "not signed in" */
|
||||
async function checkAuth(): Promise<AuthCheckResult> {
|
||||
/** Fetch auth readiness from GET /api/v1/auth. Defensive — never throws. */
|
||||
async function checkAuth(): Promise<void> {
|
||||
try {
|
||||
const api = getKimiWebApi();
|
||||
const result = await api.getAuth();
|
||||
rawState.authReady = result.ready;
|
||||
rawState.defaultModel = result.defaultModel;
|
||||
rawState.managedProviderStatus = result.managedProvider?.status ?? null;
|
||||
connectIssue.value = null;
|
||||
return 'proceed';
|
||||
} catch (err) {
|
||||
if (
|
||||
isDaemonApiError(err) &&
|
||||
(err.code === 401 || err.code === SERVER_AUTH_UNAUTHORIZED_CODE)
|
||||
) {
|
||||
// The ServerAuthDialog explains this one — nothing to surface.
|
||||
connectIssue.value = null;
|
||||
return 'server-auth-required';
|
||||
}
|
||||
// Surface the reason on the splash so "cannot connect" is diagnosable
|
||||
// instead of an unexplained spinner.
|
||||
connectIssue.value = (err instanceof Error ? err.message : String(err)).slice(0, 140);
|
||||
return 'retry';
|
||||
}
|
||||
}
|
||||
|
||||
/** Poll /auth until the daemon gives a definitive outcome, waiting
|
||||
* FIRST_LOAD_AUTH_RETRY_MS between transient failures. Never resolves with
|
||||
* 'retry'. Used only by the first load. */
|
||||
async function waitForFirstAuth(): Promise<AuthCheckResult> {
|
||||
let firstRetry = true;
|
||||
for (;;) {
|
||||
const result = await checkAuth();
|
||||
if (result !== 'retry') return result;
|
||||
// Keep the first quick failure silent — a single blip right after page
|
||||
// load shouldn't flash an error. Surface it from the 2nd failed attempt
|
||||
// (~2s in) onward, so a genuinely stuck connection stays diagnosable.
|
||||
if (firstRetry) {
|
||||
connectIssue.value = null;
|
||||
firstRetry = false;
|
||||
}
|
||||
await new Promise((resolve) => {
|
||||
setTimeout(resolve, FIRST_LOAD_AUTH_RETRY_MS);
|
||||
});
|
||||
} catch {
|
||||
// Daemon may not have this endpoint yet; leave defaults (authReady: false)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -679,19 +547,7 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
|
||||
async function load(): Promise<void> {
|
||||
rawState.loading = true;
|
||||
// The very first load gates on /auth before anything else: a transient
|
||||
// failure there (daemon still booting, network blip, 5xx) must NOT be read
|
||||
// as "not signed in" — that bounced users to /login until a manual refresh.
|
||||
// Keep the connecting splash up and poll /auth until a definitive outcome.
|
||||
// A 401/40101 means the server wants a token: stop and let the
|
||||
// ServerAuthDialog take over (it reloads once the token is entered).
|
||||
const firstLoad = !initialized.value;
|
||||
let authResolved = true;
|
||||
try {
|
||||
if (firstLoad && (await waitForFirstAuth()) === 'server-auth-required') {
|
||||
authResolved = false;
|
||||
return;
|
||||
}
|
||||
const api = getKimiWebApi();
|
||||
// Parallel: health + meta + models
|
||||
await Promise.all([
|
||||
|
|
@ -705,7 +561,7 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
]);
|
||||
|
||||
// Check auth readiness and global config (separate calls — defensive)
|
||||
if (!firstLoad) await checkAuth();
|
||||
await checkAuth();
|
||||
await loadConfig();
|
||||
|
||||
// Load workspaces first (registered + derived, each with a session_count),
|
||||
|
|
@ -751,9 +607,7 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
// Do not re-throw — app stays mounted with empty sessions
|
||||
} finally {
|
||||
rawState.loading = false;
|
||||
// Without a definitive /auth outcome the splash stays up (retry loop or
|
||||
// ServerAuthDialog is handling it) — never expose the half-loaded app.
|
||||
if (authResolved) initialized.value = true;
|
||||
initialized.value = true;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1279,10 +1133,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
async function submitPromptInternal(sid: string, text: string, attachments?: PromptAttachment[]): Promise<boolean> {
|
||||
// Mark this session as having a prompt in flight BEFORE any await, so a racing
|
||||
// sendPrompt sees it and enqueues. Cleared when activity returns to idle.
|
||||
// beginLocalTurn also bumps the snapshot generation and marks the submit
|
||||
// pending, so a racing terminal snapshot can't clear this prompt (see
|
||||
// handleSessionSnapshot).
|
||||
const localTurnToken = beginLocalTurn(sid);
|
||||
inFlightPromptSessions.add(sid);
|
||||
rawState.sendingBySession = { ...rawState.sendingBySession, [sid]: true };
|
||||
const tempId = nextOptimisticMsgId();
|
||||
|
|
@ -1375,10 +1225,9 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
});
|
||||
|
||||
// Bind the real daemon prompt_id into the event projector so the upcoming
|
||||
// turn.started stamps this turn's messages with it (instead of a synthetic
|
||||
// pr_ id the daemon rejects on :abort). Stop's authoritative prompt_id
|
||||
// comes from the submit response above and the daemon's
|
||||
// event.session.status_changed — this binding is for transcript grouping.
|
||||
// turn.started uses it (instead of synthesizing a random one). This is what
|
||||
// makes Stop work on the real daemon: session.currentPromptId then matches
|
||||
// the prompt_id the REST :abort endpoint expects.
|
||||
getEventConn()?.bindNextPromptId(sid, result.promptId);
|
||||
|
||||
// NOTE: we no longer set a local auto-title here. The daemon generates a
|
||||
|
|
@ -1399,10 +1248,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
);
|
||||
pushOperationFailure('sendPrompt', err, { sessionId: sid });
|
||||
return false;
|
||||
} finally {
|
||||
// The daemon answered the submit (accepted or rejected) — the pending
|
||||
// window in which a snapshot can't reflect this turn is over.
|
||||
settleLocalTurn(sid, localTurnToken);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1475,7 +1320,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
};
|
||||
updateSessionMessages(sid, (msgs) => [...msgs, optimisticMsg]);
|
||||
|
||||
const localTurnToken = beginLocalTurn(sid);
|
||||
try {
|
||||
const api = getKimiWebApi();
|
||||
const promptSession = rawState.sessions.find((s) => s.id === sid);
|
||||
|
|
@ -1523,8 +1367,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
// a delivered-looking message the daemon never received.
|
||||
updateSessionMessages(sid, (msgs) => msgs.filter((m) => m.id !== tempId));
|
||||
pushOperationFailure('steer', err, { sessionId: sid });
|
||||
} finally {
|
||||
settleLocalTurn(sid, localTurnToken);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1554,74 +1396,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared prompt-finish cleanup, used by BOTH the WS idle/aborted event path
|
||||
* (facade `onSessionIdle`) and the authoritative-snapshot path
|
||||
* (handleSessionSnapshot below). Returns whether this call actually flipped
|
||||
* an in-flight prompt to finished.
|
||||
*
|
||||
* Clears the local in-flight/sending/prompt-id state and drains exactly ONE
|
||||
* queued message — the resubmitted prompt re-arms the in-flight flag, and
|
||||
* its own finish drains the following one. Repeat calls (e.g. a late
|
||||
* duplicate idle event) therefore cannot drain more than one message per
|
||||
* real turn end. Callers layer their own side effects (notify, sound,
|
||||
* unread) on top; the snapshot path deliberately adds none.
|
||||
*/
|
||||
function finishPromptLocal(sid: string): boolean {
|
||||
const wasInFlight = inFlightPromptSessions.delete(sid);
|
||||
rawState.sendingBySession = { ...rawState.sendingBySession, [sid]: false };
|
||||
// Drop any cached prompt_id so a later skill activation (which has no
|
||||
// prompt_id) doesn't accidentally reuse this stale id for :abort.
|
||||
if (rawState.promptIdBySession[sid] !== undefined) {
|
||||
const nextPromptIds = { ...rawState.promptIdBySession };
|
||||
delete nextPromptIds[sid];
|
||||
rawState.promptIdBySession = nextPromptIds;
|
||||
}
|
||||
if (sid === rawState.activeSessionId) {
|
||||
resetFastMoon();
|
||||
}
|
||||
|
||||
const queue = rawState.queuedBySession[sid] ?? [];
|
||||
if (queue.length > 0) {
|
||||
const [next, ...rest] = queue;
|
||||
rawState.queuedBySession = { ...rawState.queuedBySession, [sid]: rest };
|
||||
// Flush the first queued message; on failure put it back at the head so
|
||||
// a transient error doesn't silently drop the prompt.
|
||||
if (next !== undefined) {
|
||||
void submitPromptInternal(sid, next.text, next.attachments).then((ok) => {
|
||||
if (!ok) {
|
||||
const current = rawState.queuedBySession[sid] ?? [];
|
||||
rawState.queuedBySession = {
|
||||
...rawState.queuedBySession,
|
||||
[sid]: [next, ...current],
|
||||
};
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
return wasInFlight;
|
||||
}
|
||||
|
||||
/**
|
||||
* Snapshot-driven finish. An authoritative snapshot replaces the event
|
||||
* stream on resync (buffer overflow / epoch change / delta gap): no
|
||||
* sessionStatusChanged event arrives in that case, so without this the
|
||||
* local in-flight flag would stick forever — the moon keeps spinning and
|
||||
* the next prompt queues behind a turn that already ended.
|
||||
*
|
||||
* Unlike the WS path this adds NO completion side effects (no notification,
|
||||
* sound, or unread): opening a historical session must not cry wolf.
|
||||
*/
|
||||
function handleSessionSnapshot(
|
||||
sid: string,
|
||||
snapshot: { inFlightTurn: AppInFlightTurn | null; status: AppSessionStatus },
|
||||
): void {
|
||||
if (snapshot.inFlightTurn !== null) return;
|
||||
if (snapshot.status !== 'idle' && snapshot.status !== 'aborted') return;
|
||||
finishPromptLocal(sid);
|
||||
}
|
||||
|
||||
async function abortCurrentPrompt(): Promise<void> {
|
||||
const sid = rawState.activeSessionId;
|
||||
if (!sid) return;
|
||||
|
|
@ -1630,12 +1404,11 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
// 1. Authoritative id captured at submit time.
|
||||
let promptId = rawState.promptIdBySession[sid];
|
||||
|
||||
// 2. Fallback to projector-derived id only when it is a real daemon prompt_id.
|
||||
// The v1 daemon uses `prompt_...`, server-v2 legacy uses `msg_...`;
|
||||
// only local synthetic `pr_...` ids are rejected by the daemon.
|
||||
// 2. Fallback to projector-derived id only when it is a real daemon prompt_id
|
||||
// (synthetic `pr_...` ids are rejected by the daemon).
|
||||
if (promptId === undefined) {
|
||||
const candidate = session?.currentPromptId;
|
||||
if (candidate !== undefined && candidate.length > 0 && !candidate.startsWith('pr_')) {
|
||||
if (candidate?.startsWith('prompt_')) {
|
||||
promptId = candidate;
|
||||
}
|
||||
}
|
||||
|
|
@ -2404,11 +2177,6 @@ export function useWorkspaceState(rawState: ExtendedState, deps: UseWorkspaceSta
|
|||
bindSessionRoute,
|
||||
selectSession,
|
||||
submitPromptInternal,
|
||||
finishPromptLocal,
|
||||
localTurnStartState,
|
||||
isLocalTurnSnapshotCurrent,
|
||||
afterLocalTurnStartsSettle,
|
||||
handleSessionSnapshot,
|
||||
sendPrompt,
|
||||
steerPrompt,
|
||||
uploadImage,
|
||||
|
|
|
|||
|
|
@ -25,24 +25,6 @@ const USER_MEDIA_PATH_TAG_RE = /^<(image|video|audio)\s+path="([^"]+)">(?:<\/\1>
|
|||
const SYSTEM_MIME_RE = /Mime type:\s*([^.\s]+)/i;
|
||||
const SYSTEM_SIZE_RE = /Size:\s*(\d+)\s*bytes/i;
|
||||
const SYSTEM_DIMENSIONS_RE = /Original dimensions:\s*(\d+)x(\d+)\s*pixels/i;
|
||||
// agent-core inlines a single model-facing `<system>` caption next to a
|
||||
// compressed image upload (buildImageCompressionCaption), which rides along as
|
||||
// a text part of the persisted user message. That one caption is harness
|
||||
// metadata, not something the user typed, and its raw markup must never reach
|
||||
// the bubble (or the edit/preview text derived from `turn.text`). The TUI and
|
||||
// agent-core strip ONLY that caption — anchored on its fixed opening
|
||||
// `<system>Image compressed to fit model limits:` (see
|
||||
// extractImageCompressionCaptions in agent-core) — and reroute it through the
|
||||
// hidden system-reminder injection. Mirror that narrow targeting here: a
|
||||
// literal `<system>…</system>` the user pasted themselves (e.g. an XML / prompt
|
||||
// example) is their own text, not harness metadata, so it survives untouched.
|
||||
const CAPTION_OPENING = '<system>Image compressed to fit model limits:';
|
||||
const CAPTION_PATTERN = /<system>Image compressed to fit model limits:[\s\S]*?<\/system>/g;
|
||||
|
||||
function stripImageCompressionCaptions(text: string): string {
|
||||
if (!text.includes(CAPTION_OPENING)) return text;
|
||||
return text.replace(CAPTION_PATTERN, '');
|
||||
}
|
||||
|
||||
function unescapeAttr(value: string): string {
|
||||
// & last so a doubly-escaped value isn't decoded twice.
|
||||
|
|
@ -716,9 +698,7 @@ export function messagesToTurns(
|
|||
continue;
|
||||
}
|
||||
}
|
||||
const stripped = stripImageCompressionCaptions(c.text);
|
||||
if (stripped !== c.text && stripped.trim().length === 0) continue;
|
||||
textParts.push(stripped);
|
||||
textParts.push(c.text);
|
||||
}
|
||||
}
|
||||
const media = resolveMediaUrl(c);
|
||||
|
|
|
|||
|
|
@ -35,11 +35,7 @@ import { useSoundNotification } from './client/useSoundNotification';
|
|||
import { useTaskPoller } from './client/useTaskPoller';
|
||||
import { useModelProviderState } from './client/useModelProviderState';
|
||||
import { useSideChat } from './client/useSideChat';
|
||||
import {
|
||||
forgetLocalTurnState,
|
||||
SESSIONS_INITIAL_PAGE_SIZE,
|
||||
useWorkspaceState,
|
||||
} from './client/useWorkspaceState';
|
||||
import { SESSIONS_INITIAL_PAGE_SIZE, useWorkspaceState } from './client/useWorkspaceState';
|
||||
|
||||
const appearance = useAppearance();
|
||||
const notification = useNotification();
|
||||
|
|
@ -503,10 +499,6 @@ if (typeof document !== 'undefined') {
|
|||
}
|
||||
});
|
||||
}
|
||||
if (typeof window !== 'undefined') {
|
||||
window.addEventListener('focus', recoverStaleConnection);
|
||||
window.addEventListener('online', recoverStaleConnection);
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// rawState.activeSessionId — single mutation funnel.
|
||||
|
|
@ -575,15 +567,12 @@ function forgetSession(sessionId: string): void {
|
|||
delete rawState.messagesHasMoreBySession[sessionId];
|
||||
delete rawState.messagesLoadMoreErrorBySession[sessionId];
|
||||
delete epochBySession[sessionId];
|
||||
sessionsRequiringSnapshot.delete(sessionId);
|
||||
sessionsRetryingStaleSnapshot.delete(sessionId);
|
||||
sessionsKnownEmpty.delete(sessionId);
|
||||
// In-flight / queued prompt state: drop these too so a queued follow-up
|
||||
// can't be submitted to a session that was just archived when its turn later
|
||||
// goes idle (onSessionIdle drains queuedBySession[sid] without re-checking
|
||||
// that the session still exists).
|
||||
inFlightPromptSessions.delete(sessionId);
|
||||
forgetLocalTurnState(sessionId);
|
||||
delete rawState.queuedBySession[sessionId];
|
||||
delete rawState.promptIdBySession[sessionId];
|
||||
delete rawState.sendingBySession[sessionId];
|
||||
|
|
@ -610,10 +599,6 @@ const fileDiffLoading = ref(false);
|
|||
// False until the very first load() settles (success OR failure). Gates the
|
||||
// global connecting-splash so a page refresh doesn't flash a half-empty app.
|
||||
const initialized = ref(false);
|
||||
// Short diagnostic shown on the connecting splash while the first-load /auth
|
||||
// gate keeps retrying (e.g. the daemon's error message). Null when no attempt
|
||||
// has failed yet or the last attempt got through.
|
||||
const connectIssue = ref<string | null>(null);
|
||||
|
||||
/**
|
||||
* Fetch GET /sessions/{id}/status and fold the live model + context usage back
|
||||
|
|
@ -812,11 +797,6 @@ function applyEvent(event: ReturnType<typeof toAppEvent>, sessionId: string, seq
|
|||
type PendingEvent = { appEvent: AppEvent; meta: { sessionId: string; seq: number } };
|
||||
|
||||
function processEvent(appEvent: AppEvent, meta: { sessionId: string; seq: number }): void {
|
||||
// Capture BEFORE applyEvent advances lastSeqBySession: turn-end side
|
||||
// effects below only run when this event actually moves the durable cursor
|
||||
// forward. A late duplicate idle (e.g. replayed after a snapshot already
|
||||
// advanced past it) must not drain a second queued message.
|
||||
const prevSeq = rawState.lastSeqBySession[meta.sessionId] ?? 0;
|
||||
// meta carries wire-level seq/sessionId so the reducer can advance
|
||||
// lastSeqBySession[sessionId] = seq. Compaction completion appends a
|
||||
// persistent divider marker in the reducer (TUI parity: the scrollback
|
||||
|
|
@ -866,13 +846,9 @@ function processEvent(appEvent: AppEvent, meta: { sessionId: string; seq: number
|
|||
// Turn-end: both 'idle' and 'aborted' mean the prompt is no longer in
|
||||
// flight, so both must flush in-flight/queued state. (Awaiting-* is still
|
||||
// in flight — it's waiting on the user — and must NOT flush.)
|
||||
// Gated on the durable cursor advancing: a late duplicate of an idle we
|
||||
// already consumed (directly or via a snapshot past it) must not run the
|
||||
// side effects again — above all, it must not drain another queued message.
|
||||
if (
|
||||
appEvent.type === 'sessionStatusChanged' &&
|
||||
(appEvent.status === 'idle' || appEvent.status === 'aborted') &&
|
||||
meta.seq > prevSeq
|
||||
(appEvent.status === 'idle' || appEvent.status === 'aborted')
|
||||
) {
|
||||
onSessionIdle(appEvent.sessionId, appEvent.status);
|
||||
}
|
||||
|
|
@ -937,12 +913,10 @@ function connectEventsIfNeeded(): void {
|
|||
// so they are applied to the pre-snapshot array too rather than on top
|
||||
// of the fresh snapshot (which would duplicate text / tool output).
|
||||
enqueueEvent.flush();
|
||||
// The server-announced cursor is only a hint; keep the previous epoch
|
||||
// until the snapshot arrives so seq values from two epochs are never
|
||||
// compared with each other.
|
||||
// The server-announced cursor is only a hint; the snapshot fetch
|
||||
// returns the authoritative {asOfSeq, epoch} and re-subscribes.
|
||||
if (epoch !== undefined) epochBySession[sessionId] = epoch;
|
||||
void currentSeq;
|
||||
void epoch;
|
||||
sessionsRequiringSnapshot.add(sessionId);
|
||||
snapshotSyncRunner.request(sessionId);
|
||||
},
|
||||
|
||||
|
|
@ -973,12 +947,6 @@ function connectEventsIfNeeded(): void {
|
|||
// Journal epoch per session, learned from snapshots / resync frames. Not
|
||||
// reactive — only consulted when building the subscribe cursor.
|
||||
const epochBySession: Record<string, string> = {};
|
||||
// onResync resets the event projector, so that path must apply a snapshot even
|
||||
// if a newer global event advances the local cursor while the GET is in flight.
|
||||
const sessionsRequiringSnapshot = new Set<string>();
|
||||
// A normal foreground refresh may race one newer event. Retry once with a
|
||||
// fresh snapshot so volatile text missed during sleep is still restored.
|
||||
const sessionsRetryingStaleSnapshot = new Set<string>();
|
||||
|
||||
// Sessions created locally in this client instance are known to be empty until
|
||||
// they receive their first message. This is more reliable than the daemon's
|
||||
|
|
@ -1208,12 +1176,9 @@ async function pullSessionWarnings(sessionId: string): Promise<void> {
|
|||
}
|
||||
|
||||
async function syncSessionFromSnapshot(sessionId: string): Promise<SyncSessionResult> {
|
||||
// A snapshot that races a local turn start must not overwrite that turn.
|
||||
const turnStartAtRequest = workspaceState.localTurnStartState(sessionId);
|
||||
try {
|
||||
const api = getKimiWebApi();
|
||||
const snap = await api.getSessionSnapshot(sessionId);
|
||||
if (!rawState.sessions.some((session) => session.id === sessionId)) return 'ok';
|
||||
|
||||
// Drain any queued streaming deltas before the snapshot replaces
|
||||
// messagesBySession[sessionId]. The snapshot is authoritative (it already
|
||||
|
|
@ -1222,32 +1187,6 @@ async function syncSessionFromSnapshot(sessionId: string): Promise<SyncSessionRe
|
|||
// the pre-snapshot array, which the snapshot then overwrites.
|
||||
enqueueEvent.flush();
|
||||
|
||||
// Do not let an old snapshot overwrite state that moved forward while the
|
||||
// request was in flight. Retry once to recover volatile text at a fresh
|
||||
// cursor; resync/LRU rebuilds must always apply because their projector or
|
||||
// subscription was deliberately reset.
|
||||
const currentSeq = rawState.lastSeqBySession[sessionId] ?? 0;
|
||||
const knownEpoch = epochBySession[sessionId];
|
||||
const mustApplySnapshot =
|
||||
sessionsRequiringSnapshot.has(sessionId) || sessionsWithStaleCursor.has(sessionId);
|
||||
if (
|
||||
!mustApplySnapshot &&
|
||||
knownEpoch !== undefined &&
|
||||
knownEpoch === snap.epoch &&
|
||||
currentSeq > snap.asOfSeq
|
||||
) {
|
||||
if (sessionsRetryingStaleSnapshot.delete(sessionId)) return 'ok';
|
||||
sessionsRetryingStaleSnapshot.add(sessionId);
|
||||
snapshotSyncRunner.request(sessionId);
|
||||
return 'ok';
|
||||
}
|
||||
if (!workspaceState.isLocalTurnSnapshotCurrent(sessionId, turnStartAtRequest)) {
|
||||
workspaceState.afterLocalTurnStartsSettle(sessionId, () => {
|
||||
snapshotSyncRunner.request(sessionId);
|
||||
});
|
||||
return 'ok';
|
||||
}
|
||||
|
||||
updateSession(sessionId, (s) => ({
|
||||
...snap.session,
|
||||
model:
|
||||
|
|
@ -1292,15 +1231,6 @@ async function syncSessionFromSnapshot(sessionId: string): Promise<SyncSessionRe
|
|||
[sessionId]: snap.asOfSeq,
|
||||
};
|
||||
epochBySession[sessionId] = snap.epoch;
|
||||
sessionsRequiringSnapshot.delete(sessionId);
|
||||
sessionsRetryingStaleSnapshot.delete(sessionId);
|
||||
|
||||
// Resync replaces the missed event stream, so a terminal snapshot must
|
||||
// also clear the local sending flag that normally ends on a WS idle event.
|
||||
workspaceState.handleSessionSnapshot(
|
||||
sessionId,
|
||||
{ inFlightTurn: snap.inFlightTurn, status: snap.session.status },
|
||||
);
|
||||
|
||||
connectEventsIfNeeded();
|
||||
if (eventConn) {
|
||||
|
|
@ -1417,10 +1347,10 @@ async function reopenSession(sessionId: string): Promise<SyncSessionResult> {
|
|||
running task is its BTW side-channel agent should not look busy. When tasks
|
||||
have not been loaded yet — e.g. right after a page refresh — we trust the
|
||||
daemon-reported `running` status rather than hiding the spinner. */
|
||||
function isSessionEffectivelyRunning(session: AppSession | undefined): boolean {
|
||||
function isSessionEffectivelyRunning(sessionId: string): boolean {
|
||||
const session = rawState.sessions.find((s) => s.id === sessionId);
|
||||
if (!session) return false;
|
||||
if (session.status !== 'running') return false;
|
||||
const sessionId = session.id;
|
||||
const hiddenBtwAgentId = sideChat.sideChatTargetBySession.value[sessionId]?.agentId;
|
||||
const tasks = rawState.tasksBySession[sessionId] ?? [];
|
||||
const runningTasks = tasks.filter((t) => t.status === 'running');
|
||||
|
|
@ -1734,7 +1664,7 @@ const sessions = computed<Session[]>(() => {
|
|||
title: s.title,
|
||||
time: formatTime(s.updatedAt, s.status),
|
||||
status: s.status,
|
||||
busy: isSessionEffectivelyRunning(s),
|
||||
busy: isSessionEffectivelyRunning(s.id),
|
||||
}));
|
||||
});
|
||||
|
||||
|
|
@ -1945,8 +1875,7 @@ const activity = computed<ActivityState>(() => {
|
|||
const questionList = rawState.questionsBySession[sid] ?? [];
|
||||
if (questionList.length > 0) return 'awaiting-question';
|
||||
|
||||
const activeSession = rawState.sessions.find((s) => s.id === sid);
|
||||
if (isSessionEffectivelyRunning(activeSession)) {
|
||||
if (isSessionEffectivelyRunning(sid)) {
|
||||
return 'running';
|
||||
}
|
||||
|
||||
|
|
@ -2020,11 +1949,7 @@ const status = computed<ConversationStatus>(() => {
|
|||
|
||||
// Use the friendly displayName from the models list; fall back to stripping
|
||||
// the provider prefix (e.g. "moonshot/moonshot-v1-128k" → "moonshot-v1-128k").
|
||||
// Prefer the exact id — model names can collide across providers, so a
|
||||
// name-only match may resolve to the wrong provider's entry.
|
||||
const matched =
|
||||
modelProvider.models.value.find((m) => m.id === rawModel) ??
|
||||
modelProvider.models.value.find((m) => m.model === rawModel);
|
||||
const matched = modelProvider.models.value.find((m) => m.id === rawModel || m.model === rawModel);
|
||||
const displayModel =
|
||||
matched?.displayName ||
|
||||
matched?.model ||
|
||||
|
|
@ -2223,7 +2148,7 @@ const sessionsForView = computed<Session[]>(() => {
|
|||
title: s.title,
|
||||
time: formatTime(s.updatedAt, s.status),
|
||||
status: s.status,
|
||||
busy: isSessionEffectivelyRunning(s),
|
||||
busy: isSessionEffectivelyRunning(s.id),
|
||||
lastPrompt: s.lastPrompt,
|
||||
workspaceId,
|
||||
workspaceName: nameByWorkspaceId.get(workspaceId),
|
||||
|
|
@ -2245,7 +2170,7 @@ const workspaceGroups = computed<WorkspaceGroup[]>(() => {
|
|||
title: s.title,
|
||||
time: formatTime(s.updatedAt, s.status),
|
||||
status: s.status,
|
||||
busy: isSessionEffectivelyRunning(s),
|
||||
busy: isSessionEffectivelyRunning(s.id),
|
||||
updatedAt: s.updatedAt,
|
||||
};
|
||||
const list = byId.get(wid) ?? [];
|
||||
|
|
@ -2395,7 +2320,6 @@ const workspaceState = useWorkspaceState(rawState, {
|
|||
goalErrorMessage,
|
||||
resetFastMoon: appearance.resetFastMoon,
|
||||
initialized,
|
||||
connectIssue,
|
||||
selectedDiffPath,
|
||||
fileDiffLines,
|
||||
fileDiffLoading,
|
||||
|
|
@ -2416,18 +2340,24 @@ function isUserWatching(sid: string): boolean {
|
|||
}
|
||||
|
||||
function onSessionIdle(sid: string, status: 'idle' | 'aborted'): void {
|
||||
// Capture before finishPromptLocal drops it — it keys the completion
|
||||
// The turn finished — this session no longer has a prompt in flight.
|
||||
inFlightPromptSessions.delete(sid);
|
||||
rawState.sendingBySession = { ...rawState.sendingBySession, [sid]: false };
|
||||
// Capture before the cleanup below drops it — it keys the completion
|
||||
// notification's dedup tag so each finished turn alerts once.
|
||||
const finishedPromptId = rawState.promptIdBySession[sid];
|
||||
// Shared finish cleanup: clears in-flight/sending/prompt-id and drains one
|
||||
// queued message. The notification/sound/unread side effects below stay
|
||||
// WS-event-only — the snapshot path (handleSessionSnapshot) must not cry
|
||||
// wolf when opening a historical session.
|
||||
workspaceState.finishPromptLocal(sid);
|
||||
// Drop any cached prompt_id so a later skill activation (which has no
|
||||
// prompt_id) doesn't accidentally reuse this stale id for :abort.
|
||||
if (rawState.promptIdBySession[sid] !== undefined) {
|
||||
const next = { ...rawState.promptIdBySession };
|
||||
delete next[sid];
|
||||
rawState.promptIdBySession = next;
|
||||
}
|
||||
|
||||
// For the session on screen, refresh git status (edits the agent just made)
|
||||
// and runtime status (model/context usage may have changed this turn).
|
||||
if (sid === rawState.activeSessionId) {
|
||||
appearance.resetFastMoon();
|
||||
void workspaceState.loadGitStatus(sid);
|
||||
void refreshSessionStatus(sid);
|
||||
} else if (status === 'idle') {
|
||||
|
|
@ -2460,6 +2390,25 @@ function onSessionIdle(sid: string, status: 'idle' | 'aborted'): void {
|
|||
if (status === 'idle') {
|
||||
sound.maybePlayCompletionSound();
|
||||
}
|
||||
|
||||
const queue = rawState.queuedBySession[sid] ?? [];
|
||||
if (queue.length === 0) return;
|
||||
|
||||
const [next, ...rest] = queue;
|
||||
rawState.queuedBySession = { ...rawState.queuedBySession, [sid]: rest };
|
||||
// Flush the first queued message; on failure put it back at the head so a
|
||||
// transient error doesn't silently drop the prompt.
|
||||
if (next !== undefined) {
|
||||
void workspaceState.submitPromptInternal(sid, next.text, next.attachments).then((ok) => {
|
||||
if (!ok) {
|
||||
const current = rawState.queuedBySession[sid] ?? [];
|
||||
rawState.queuedBySession = {
|
||||
...rawState.queuedBySession,
|
||||
[sid]: [next, ...current],
|
||||
};
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
function onQuestionRequested(sid: string, question: AppQuestionRequest): void {
|
||||
|
|
@ -2566,7 +2515,6 @@ export function useKimiWebClient() {
|
|||
dangerousBypassAuth,
|
||||
clearDangerousBypassAuth,
|
||||
initialized,
|
||||
connectIssue,
|
||||
permission,
|
||||
thinking,
|
||||
planMode,
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue