extensionpkg

package
v0.0.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2026 License: MIT Imports: 59 Imported by: 0

Documentation

Overview

Package extension enforces capability grants for extension security checks.

Package extension loads and validates declarative extension manifests.

Index

Constants

View Source 
const (
	// HostAPIRateLimitedCode is the protocol code for per-extension backpressure.
	HostAPIRateLimitedCode = -32002
	// HostAPIUnavailableCode reports a temporarily unavailable Host API resource.
	HostAPIUnavailableCode = -32005
	// HostAPINotFoundCode reports a missing Host API resource.
	HostAPINotFoundCode = -32006
	// HostAPIInvalidParamsCode is the JSON-RPC invalid params code used for bad request payloads.
	HostAPIInvalidParamsCode = -32602
	// HostAPIMethodNotFoundCode is the JSON-RPC method-not-found code for unknown Host API methods.
	HostAPIMethodNotFoundCode = -32601
)
View Source 
const (
	// MarketplaceUpdateStatusCurrent reports that no remote update is available.
	MarketplaceUpdateStatusCurrent = "current"
	// MarketplaceUpdateStatusAvailable reports that a remote update exists but was not applied.
	MarketplaceUpdateStatusAvailable = "available"
	// MarketplaceUpdateStatusUpdated reports that a remote update was applied.
	MarketplaceUpdateStatusUpdated = "updated"
)
View Source 
const (
	ExtensionInstalledFromMarketplace = "marketplace_registry"
	ExtensionInstalledFromLocalPath   = "local_path"
	ExtensionInstalledFromGitURL      = "git_url"

	ExtensionRegistryTierOfficial   = "official"
	ExtensionRegistryTierCommunity  = "community"
	ExtensionRegistryTierUnverified = "unverified"

	ExtensionTrustDecisionVerified          = "verified"
	ExtensionTrustDecisionAllowedUnverified = "allowed_unverified"
	ExtensionTrustDecisionBlocked           = "blocked"
)
View Source 
const (
	// CapabilityDeniedCode is the protocol-equivalent code for denied extension
	// capabilities and Host API actions.
	CapabilityDeniedCode = -32001
)

Variables

View Source 
var (
	// ErrContextRequired reports that a manager operation requires a non-nil context.
	ErrContextRequired = errors.New("extension: context is required")
	// ErrManagerRequired reports that a manager-backed operation was invoked on a nil manager.
	ErrManagerRequired = errors.New("extension: manager is required")
	// ErrRegistryRequired reports that a manager operation requires a configured registry.
	ErrRegistryRequired = errors.New("extension: registry is required")
	// ErrBridgeRuntimeResolverRequired reports that a bridge-capable extension cannot start
	// without a bridge runtime resolver.
	ErrBridgeRuntimeResolverRequired = errors.New("extension: bridge runtime resolver is required")
	// ErrPathEscapesExtensionRoot reports that a requested resource path resolves outside the
	// extension root.
	ErrPathEscapesExtensionRoot = errors.New("extension: path escapes extension root")
	// ErrBridgeRuntimeDeferred reports that a bridge-capable extension is
	// installed and registered, but no enabled bridge instance exists yet for
	// the runtime launch handshake.
	ErrBridgeRuntimeDeferred = errors.New("extension: bridge runtime deferred")
)
View Source 
var (
	// ErrManifestNotFound reports that an extension directory does not contain
	// either supported manifest file.
	ErrManifestNotFound = errors.New("extension: manifest not found")
	// ErrManifestInvalid reports that the manifest schema or content is invalid.
	ErrManifestInvalid = errors.New("extension: invalid manifest")
	// ErrManifestIncompatible reports that the manifest requires a newer daemon
	// version than the current build provides.
	ErrManifestIncompatible = errors.New("extension: incompatible manifest")
)
View Source 
var (
	// ErrMemoryProviderNotFound reports that no registered memory provider matched a lookup.
	ErrMemoryProviderNotFound = errors.New("extension: memory provider not found")
	// ErrMemoryProviderCollision reports a deterministic memory provider registration collision.
	ErrMemoryProviderCollision = errors.New("extension: memory provider collision")
)
View Source 
var (
	// ErrExtensionNotFound reports that no installed extension matched the lookup.
	ErrExtensionNotFound = errors.New("extension: extension not found")
	// ErrExtensionExists reports that an extension name is already installed.
	ErrExtensionExists = errors.New("extension: extension already exists")
	// ErrExtensionChecksumMismatch reports that the provided checksum does not
	// match the on-disk extension artifact.
	ErrExtensionChecksumMismatch = errors.New("extension: checksum mismatch")
	// ErrExtensionHasActiveBundles reports that the extension lifecycle is
	// blocked by one or more active bundle activations.
	ErrExtensionHasActiveBundles = errors.New("extension: extension has active bundle activations")
)
View Source 
var (
	// ErrBundleInvalid reports invalid extension bundle resources.
	ErrBundleInvalid = errors.New("extension: invalid bundle")
)
View Source 
var ErrExtensionChecksumUnverified = errors.New("extension: checksum is unverified")
View Source 
var ErrMarketplaceSourceUnavailable = errors.New("extension: marketplace source unavailable")

ErrMarketplaceSourceUnavailable reports that a marketplace source cannot be resolved or used.

Functions

func ComputeDirectoryChecksum 

func ComputeDirectoryChecksum(path string) (string, error)

ComputeDirectoryChecksum returns a deterministic SHA-256 checksum for an installed extension directory payload.

func DescribeExtension 

func DescribeExtension(ext *Extension, daemonRunning bool, now time.Time) contract.ExtensionPayload

DescribeExtension projects one extension snapshot into the shared CLI/API payload.

func InstallLocalManaged 

func InstallLocalManaged(
	homePaths aghconfig.HomePaths,
	registry managedInstallRegistry,
	manifest *Manifest,
	sourceDir string,
	checksum string,
	opts ...InstallOption,
) (err error)

InstallLocalManaged copies one local extension into the managed install root and persists the registry record there.

func InstalledExtensionDir 

func InstalledExtensionDir(info ExtensionInfo) (string, error)

InstalledExtensionDir returns the root directory for a persisted extension registry row after validating the manifest path shape.

func LoadMarketplaceSources 

func LoadMarketplaceSources(
	ctx context.Context,
	loader MarketplaceSourceLoader,
	sourceFilter string,
) ([]registrypkg.Source, error)

LoadMarketplaceSources resolves and filters marketplace sources, closing rejected sources on every error path.

func ManagedInstallPath 

func ManagedInstallPath(homePaths aghconfig.HomePaths, name string) string

ManagedInstallPath returns the AGH-managed directory for one installed extension.

func ManagedInstallPathChecked 

func ManagedInstallPathChecked(homePaths aghconfig.HomePaths, name string) (string, error)

ManagedInstallPathChecked returns the contained managed directory for one installed extension.

func ManagedInstallRoot 

func ManagedInstallRoot(homePaths aghconfig.HomePaths) string

ManagedInstallRoot returns the AGH-managed root directory for installed extensions.

func NewExtensionModelSources 

func NewExtensionModelSources(registry *Registry, resolver ModelSourceRuntimeResolver) ([]modelcatalog.Source, error)

NewExtensionModelSources creates sources for installed extensions that provide model.source.

func NewManagedInstallStagingDir 

func NewManagedInstallStagingDir(homePaths aghconfig.HomePaths) (string, error)

NewManagedInstallStagingDir creates an empty staging directory under the managed extension root.

func ReconcileManifestToolRuntime 

func ReconcileManifestToolRuntime(
	manifest *ManifestToolDescriptor,
	runtime *toolspkg.ExtensionToolRuntimeDescriptor,
	state ExtensionToolRuntimeState,
) toolspkg.Availability

ReconcileManifestToolRuntime reports whether a manifest-authoritative extension tool is executable.

func ResolveManifestMCPServerResources 

func ResolveManifestMCPServerResources(
	rootDir string,
	manifest *Manifest,
	getenv func(string) string,
) ([]aghconfig.MCPServer, error)

ResolveManifestMCPServerResources converts manifest MCP declarations into MCP server specs.

func ResolveManifestToolResources 

func ResolveManifestToolResources(manifest *Manifest) ([]toolspkg.Tool, error)

ResolveManifestToolResources converts manifest tool declarations into tool specs.

func SearchMarketplaceExtensions 

func SearchMarketplaceExtensions(
	ctx context.Context,
	loader MarketplaceSourceLoader,
	query string,
	sourceFilter string,
	limit int,
) (_ []registrypkg.Listing, err error)

SearchMarketplaceExtensions searches configured extension marketplace sources with the extension package type filter applied.

Types

type ActionsConfig 

type ActionsConfig struct {
	Requires []string `toml:"requires,omitempty" json:"requires,omitempty"`
}

ActionsConfig declares Host API methods the extension wants to call.

type BridgeConfig 

type BridgeConfig struct {
	Platform     string                                `toml:"platform,omitempty"      json:"platform,omitempty"`
	DisplayName  string                                `toml:"display_name,omitempty"  json:"display_name,omitempty"`
	SecretSlots  []bridgepkg.BridgeSecretSlot          `toml:"secret_slots,omitempty"  json:"secret_slots,omitempty"`
	ConfigSchema *bridgepkg.BridgeProviderConfigSchema `toml:"config_schema,omitempty" json:"config_schema,omitempty"`
}

BridgeConfig declares provider metadata for bridge-capable extensions.

type BridgeDeliveryNotifier 

type BridgeDeliveryNotifier struct {
	// contains filtered or unexported fields
}

BridgeDeliveryNotifier projects prompt-time ACP events into the bridge delivery broker while preserving an optional downstream notifier chain.

func NewBridgeDeliveryNotifier 

func NewBridgeDeliveryNotifier(broker *bridgepkg.Broker, downstream session.Notifier) *BridgeDeliveryNotifier

NewBridgeDeliveryNotifier wraps the provided downstream notifier with session-to-bridge delivery projection.

func (*BridgeDeliveryNotifier) OnAgentEvent 

func (n *BridgeDeliveryNotifier) OnAgentEvent(ctx context.Context, sessionID string, payload any)

OnAgentEvent projects ACP runtime output into the delivery broker before forwarding.

func (*BridgeDeliveryNotifier) OnAgentEventForSession 

func (n *BridgeDeliveryNotifier) OnAgentEventForSession(
	ctx context.Context,
	sess *session.Session,
	payload any,
)

OnAgentEventForSession preserves the richer session-aware notifier path when the downstream chain supports it.

func (*BridgeDeliveryNotifier) OnSessionCreated 

func (n *BridgeDeliveryNotifier) OnSessionCreated(ctx context.Context, sess *session.Session)

OnSessionCreated forwards the lifecycle callback unchanged.

func (*BridgeDeliveryNotifier) OnSessionStopped 

func (n *BridgeDeliveryNotifier) OnSessionStopped(ctx context.Context, sess *session.Session)

OnSessionStopped fails unfinished bridge deliveries before forwarding the lifecycle callback.

type BridgeRuntimeResolver 

type BridgeRuntimeResolver interface {
	ResolveBridgeRuntime(ctx context.Context, extensionName string) (*subprocess.InitializeBridgeRuntime, error)
}

BridgeRuntimeResolver resolves one provider-scoped bridge launch payload for a bridge-capable extension session.

type BridgeTelemetrySink 

type BridgeTelemetrySink interface {
	RecordBridgeAuthFailure(bridgeInstanceID string)
	RecordBridgeRuntimeIssue(bridgeInstanceID string, status bridgepkg.BridgeStatus, message string)
	ClearBridgeRuntimeIssue(bridgeInstanceID string)
}

BridgeTelemetrySink records live bridge runtime/auth telemetry for per-instance observability surfaces.

type BundleAgent 

type BundleAgent struct {
	Path      string              `toml:"path,omitempty" json:"path,omitempty"`
	Agent     aghconfig.AgentDef  `toml:"-"              json:"agent"`
	Soul      *BundleAgentSidecar `toml:"-"              json:"soul,omitempty"`
	Heartbeat *BundleAgentSidecar `toml:"-"              json:"heartbeat,omitempty"`
}

BundleAgent declares one activation-scoped agent packaged by a bundle profile.

type BundleAgentSidecar 

type BundleAgentSidecar struct {
	SourcePath string `toml:"-" json:"source_path"`
	Body       string `toml:"-" json:"body"`
}

BundleAgentSidecar stores immutable packaged authored-context content.

type BundleBridgePreset 

type BundleBridgePreset struct {
	Name             string                   `toml:"name"                        json:"name"`
	ExtensionName    string                   `toml:"extension_name,omitempty"    json:"extension_name,omitempty"`
	Platform         string                   `toml:"platform,omitempty"          json:"platform,omitempty"`
	DisplayName      string                   `toml:"display_name"                json:"display_name"`
	RoutingPolicy    bridgepkg.RoutingPolicy  `toml:"routing_policy"              json:"routing_policy"`
	DeliveryDefaults json.RawMessage          `toml:"delivery_defaults,omitempty" json:"delivery_defaults,omitempty"`
	SecretSlots      []BundleBridgeSecretSlot `toml:"secret_slots,omitempty"      json:"secret_slots,omitempty"`
}

BundleBridgePreset declares one package-managed bridge instance template.

func (BundleBridgePreset) Validate 

func (b BundleBridgePreset) Validate(bundleName string, profileName string, manifest *Manifest) error

Validate ensures one bundle bridge preset is internally consistent.

type BundleBridgeSecretSlot 

type BundleBridgeSecretSlot struct {
	Name        string `toml:"name"                  json:"name"`
	Kind        string `toml:"kind"                  json:"kind"`
	Description string `toml:"description,omitempty" json:"description,omitempty"`
}

BundleBridgeSecretSlot declares one required bridge secret binding.

type BundleChannel 

type BundleChannel struct {
	Name        string `toml:"name"                  json:"name"`
	Description string `toml:"description,omitempty" json:"description,omitempty"`
}

BundleChannel describes one declared network channel bundled by a profile.

type BundleChannelsConfig 

type BundleChannelsConfig struct {
	Primary string          `toml:"primary,omitempty" json:"primary,omitempty"`
	Items   []BundleChannel `toml:"items,omitempty"   json:"items,omitempty"`
}

BundleChannelsConfig declares the canonical channels packaged by a profile.

type BundleJob 

type BundleJob struct {
	Name      string                        `toml:"name"                 json:"name"`
	AgentName string                        `toml:"agent"                json:"agent"`
	Prompt    string                        `toml:"prompt"               json:"prompt"`
	Schedule  automationpkg.ScheduleSpec    `toml:"schedule"             json:"schedule"`
	Task      *automationpkg.JobTaskConfig  `toml:"task,omitempty"       json:"task,omitempty"`
	Enabled   bool                          `toml:"enabled"              json:"enabled"`
	Retry     automationpkg.RetryConfig     `toml:"retry,omitempty"      json:"retry"`
	FireLimit automationpkg.FireLimitConfig `toml:"fire_limit,omitempty" json:"fire_limit"`
}

BundleJob declares one package-managed automation job template.

func (BundleJob) Validate 

func (j BundleJob) Validate(bundleName string, profileName string, channelNames map[string]struct{}) error

Validate ensures one bundle job is internally consistent.

type BundleProfile 

type BundleProfile struct {
	Name        string               `toml:"name"                  json:"name"`
	Description string               `toml:"description,omitempty" json:"description,omitempty"`
	Channels    BundleChannelsConfig `toml:"channels"              json:"channels"`
	Agents      []BundleAgent        `toml:"agents,omitempty"      json:"agents,omitempty"`
	Jobs        []BundleJob          `toml:"jobs,omitempty"        json:"jobs,omitempty"`
	Triggers    []BundleTrigger      `toml:"triggers,omitempty"    json:"triggers,omitempty"`
	Bridges     []BundleBridgePreset `toml:"bridges,omitempty"     json:"bridges,omitempty"`
}

BundleProfile declares one activatable resource profile for a bundle.

func (BundleProfile) Validate 

func (p BundleProfile) Validate(bundleName string, manifest *Manifest) error

Validate ensures one bundle profile is internally consistent.

type BundleSpec 

type BundleSpec struct {
	Name        string          `toml:"name"                  json:"name"`
	Description string          `toml:"description,omitempty" json:"description,omitempty"`
	Profiles    []BundleProfile `toml:"profiles"              json:"profiles"`
}

BundleSpec declares one team/product package shipped by an extension.

func LoadBundleSpecs 

func LoadBundleSpecs(ctx context.Context, rootDir string, manifest *Manifest) ([]BundleSpec, error)

LoadBundleSpecs resolves and validates bundle resources declared by a manifest.

func (BundleSpec) Validate 

func (b BundleSpec) Validate(manifest *Manifest) error

Validate ensures the bundle spec is internally consistent for the owning manifest.

type BundleTrigger 

type BundleTrigger struct {
	Name         string                        `toml:"name"                    json:"name"`
	AgentName    string                        `toml:"agent"                   json:"agent"`
	Prompt       string                        `toml:"prompt"                  json:"prompt"`
	Event        string                        `toml:"event"                   json:"event"`
	Filter       map[string]string             `toml:"filter,omitempty"        json:"filter,omitempty"`
	Enabled      bool                          `toml:"enabled"                 json:"enabled"`
	Retry        automationpkg.RetryConfig     `toml:"retry,omitempty"         json:"retry"`
	FireLimit    automationpkg.FireLimitConfig `toml:"fire_limit,omitempty"    json:"fire_limit"`
	EndpointSlug string                        `toml:"endpoint_slug,omitempty" json:"endpoint_slug,omitempty"`
}

BundleTrigger declares one package-managed automation trigger template.

func (BundleTrigger) Validate 

func (t BundleTrigger) Validate(bundleName string, profileName string) error

Validate ensures one bundle trigger is internally consistent.

type CapabilitiesConfig 

type CapabilitiesConfig struct {
	Provides []string `toml:"provides,omitempty" json:"provides,omitempty"`
}

CapabilitiesConfig declares the runtime interfaces the extension provides.

type CapabilityChecker 

type CapabilityChecker struct {
	// contains filtered or unexported fields
}

CapabilityChecker tracks effective grants per extension and evaluates capability checks for hook dispatch and Host API calls.

func (*CapabilityChecker) Check 

func (c *CapabilityChecker) Check(extName, capability string) error

Check reports whether extName has the requested security capability.

func (*CapabilityChecker) CheckHostAPI 

func (c *CapabilityChecker) CheckHostAPI(extName, method string) error

CheckHostAPI reports whether extName may call the Host API method under both the granted_actions and granted_security gates.

func (*CapabilityChecker) Grant 

func (c *CapabilityChecker) Grant(extName string) EffectiveGrant

Grant returns the stored effective grant snapshot for one extension.

func (*CapabilityChecker) Register 

func (c *CapabilityChecker) Register(extName string, source ExtensionSource, manifest *Manifest)

Register records one extension's effective grants by applying the source-tier ceiling before intersecting it with the manifest requests.

func (*CapabilityChecker) RegisterForSession 

func (c *CapabilityChecker) RegisterForSession(
	extName string,
	source ExtensionSource,
	manifest *Manifest,
	sessionMaxScope resources.ResourceScopeKind,
) (EffectiveGrant, error)

RegisterForSession records one extension's effective grants for the supplied session scope ceiling.

func (*CapabilityChecker) Resolve 

func (c *CapabilityChecker) Resolve(
	source ExtensionSource,
	manifest *Manifest,
	sessionMaxScope resources.ResourceScopeKind,
) (EffectiveGrant, error)

Resolve computes one daemon-derived grant snapshot without storing it.

func (*CapabilityChecker) SetResourcePolicy 

func (c *CapabilityChecker) SetResourcePolicy(policy aghconfig.ExtensionsResourcesConfig)

SetResourcePolicy installs the operator-configured extension resource policy.

func (*CapabilityChecker) Unregister 

func (c *CapabilityChecker) Unregister(extName string)

Unregister removes any effective grants tracked for one extension.

type CapabilityDeniedData 

type CapabilityDeniedData struct {
	Method   string   `json:"method"`
	Required []string `json:"required"`
	Granted  []string `json:"granted"`
}

CapabilityDeniedData is the structured data for capability-denied failures.

type Duration 

type Duration time.Duration

Duration stores time.Duration values while decoding TOML strings and JSON strings consistently.

func (Duration) IsZero 

func (d Duration) IsZero() bool

IsZero reports whether the duration is unset.

func (Duration) MarshalJSON 

func (d Duration) MarshalJSON() ([]byte, error)

MarshalJSON emits the duration as a quoted duration string.

func (Duration) MarshalText 

func (d Duration) MarshalText() ([]byte, error)

MarshalText emits the duration as text.

func (Duration) String 

func (d Duration) String() string

String returns the canonical duration string.

func (*Duration) UnmarshalJSON 

func (d *Duration) UnmarshalJSON(data []byte) error

UnmarshalJSON accepts duration strings and integer nanoseconds.

func (*Duration) UnmarshalText 

func (d *Duration) UnmarshalText(text []byte) error

UnmarshalText parses duration strings like "30s".

type EffectiveGrant 

type EffectiveGrant struct {
	Actions        []string
	Security       []string
	ResourceKinds  []resources.ResourceKind
	ResourceScopes []resources.ResourceScopeKind
}

EffectiveGrant is the daemon-derived grant snapshot for one extension session.

type ErrCapabilityDenied 

type ErrCapabilityDenied struct {
	Data CapabilityDeniedData
}

ErrCapabilityDenied reports that an extension attempted a method or capability outside its effective grants.

func (*ErrCapabilityDenied) Code 

func (e *ErrCapabilityDenied) Code() int

Code returns the protocol-equivalent error code for capability denials.

func (*ErrCapabilityDenied) Error 

func (e *ErrCapabilityDenied) Error() string

Error returns the protocol-aligned capability denied message.

type Extension 

type Extension struct {
	Info                  ExtensionInfo
	Manifest              *Manifest
	RootDir               string
	Hooks                 []hookspkg.HookDecl
	Agents                []aghconfig.AgentDef
	Bundles               []BundleSpec
	Skills                []*skillspkg.Skill
	GrantedActions        []string
	GrantedSecurity       []string
	GrantedResourceKinds  []resources.ResourceKind
	GrantedResourceScopes []resources.ResourceScopeKind
	InitializeResult      *subprocess.InitializeResponse
	Status                ExtensionStatus
}

Extension is the manager-visible snapshot for one installed extension.

type ExtensionChecksumMismatchError 

type ExtensionChecksumMismatchError struct {
	ExpectedChecksum string
	ActualChecksum   string
}

ExtensionChecksumMismatchError describes a checksum verification failure.

func (*ExtensionChecksumMismatchError) Error 

func (e *ExtensionChecksumMismatchError) Error() string

Error returns the typed checksum mismatch message.

func (*ExtensionChecksumMismatchError) Is 

func (e *ExtensionChecksumMismatchError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type ExtensionExistsError 

type ExtensionExistsError struct {
	Name string
}

ExtensionExistsError describes a duplicate extension install attempt.

func (*ExtensionExistsError) Error 

func (e *ExtensionExistsError) Error() string

Error returns the typed duplicate-extension message.

func (*ExtensionExistsError) Is 

func (e *ExtensionExistsError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type ExtensionInfo 

type ExtensionInfo struct {
	Name          string
	Version       string
	Source        ExtensionSource
	Enabled       bool
	ManifestPath  string
	InstalledAt   time.Time
	Capabilities  CapabilitiesConfig
	Actions       ActionsConfig
	Checksum      string
	RegistrySlug  *string
	RegistryName  *string
	RemoteVersion *string
	Provenance    ExtensionProvenance
}

ExtensionInfo is one persisted extension registry row.

func InstallMarketplaceManaged 

func InstallMarketplaceManaged(
	ctx context.Context,
	homePaths aghconfig.HomePaths,
	registry LifecycleRegistry,
	loader MarketplaceSourceLoader,
	req MarketplaceInstallRequest,
) (_ *ExtensionInfo, err error)

InstallMarketplaceManaged installs one extension through the configured marketplace registry into the managed extension root and records marketplace provenance in the installed-extension registry.

type ExtensionNotFoundError 

type ExtensionNotFoundError struct {
	Name string
}

ExtensionNotFoundError describes a missing extension registry row.

func (*ExtensionNotFoundError) Error 

func (e *ExtensionNotFoundError) Error() string

Error returns the typed missing-extension message.

func (*ExtensionNotFoundError) Is 

func (e *ExtensionNotFoundError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type ExtensionPhase 

type ExtensionPhase string

ExtensionPhase names one lifecycle phase or supervisor state for an extension. 

const (
	ExtensionPhaseDiscover   ExtensionPhase = "discover"
	ExtensionPhaseParse      ExtensionPhase = "parse"
	ExtensionPhaseValidate   ExtensionPhase = "validate"
	ExtensionPhaseRegister   ExtensionPhase = "register"
	ExtensionPhaseInitialize ExtensionPhase = "initialize"
	ExtensionPhaseActivate   ExtensionPhase = "activate"
	ExtensionPhaseRecover    ExtensionPhase = "recover"
	ExtensionPhaseStop       ExtensionPhase = "stop"
)

type ExtensionProvenance 

type ExtensionProvenance struct {
	Slug             string                    `json:"slug,omitempty"`
	InstalledFrom    string                    `json:"installed_from"`
	SourceURL        string                    `json:"source_url,omitempty"`
	ChecksumSHA256   string                    `json:"checksum_sha256"`
	ChecksumVerified bool                      `json:"checksum_verified"`
	RegistryTier     string                    `json:"registry_tier"`
	Permissions      []string                  `json:"permissions,omitempty"`
	InstalledAt      time.Time                 `json:"installed_at"`
	InstalledBy      string                    `json:"installed_by"`
	AllowUnverified  bool                      `json:"allow_unverified"`
	Warnings         []contract.DiagnosticItem `json:"warnings,omitempty"`
}

ExtensionProvenance records one installed extension's source and trust state.

func LocalPathProvenance 

func LocalPathProvenance(
	manifest *Manifest,
	sourcePath string,
	checksum string,
	installedAt time.Time,
	allowUnverified bool,
) ExtensionProvenance

LocalPathProvenance records an explicit trust decision for a local install.

type ExtensionSource 

type ExtensionSource int

ExtensionSource identifies where an extension was installed from. 

const (
	// SourceBundled identifies built-in extensions shipped with the daemon.
	SourceBundled ExtensionSource = iota
	// SourceUser identifies user-installed extensions trusted by the operator.
	SourceUser
	// SourceWorkspace identifies workspace-scoped extensions trusted by the project.
	SourceWorkspace
	// SourceMarketplace identifies marketplace-installed extensions subject to
	// restricted default grants until an explicit allowlist exists.
	SourceMarketplace
)

func (ExtensionSource) String 

func (s ExtensionSource) String() string

String returns the persisted text form for one extension source tier.

type ExtensionStatus 

type ExtensionStatus struct {
	Name                string
	Version             string
	Source              ExtensionSource
	Enabled             bool
	MissingEnv          []string
	MissingEnvChecked   bool
	Registered          bool
	Active              bool
	Phase               ExtensionPhase
	PID                 int
	Healthy             bool
	HealthMessage       string
	HealthLastCheckedAt time.Time
	ConsecutiveFailures int
	RestartBackoff      time.Duration
	LastError           string
	LastStartedAt       time.Time
	LastExitedAt        time.Time
}

ExtensionStatus captures the runtime state exposed to health/observer code.

type ExtensionToolProvider 

type ExtensionToolProvider struct {
	// contains filtered or unexported fields
}

ExtensionToolProvider lists manifest-authored extension tools and resolves executable handles through the live subprocess runtime.

func NewExtensionToolProvider 

func NewExtensionToolProvider(
	registry *Registry,
	runtime ExtensionToolRuntimeResolver,
	opts ...ExtensionToolProviderOption,
) (*ExtensionToolProvider, error)

NewExtensionToolProvider creates the extension_host provider for the central tool registry.

func (*ExtensionToolProvider) ID 

func (p *ExtensionToolProvider) ID() toolspkg.SourceRef

ID returns the aggregate extension-provider provenance.

func (*ExtensionToolProvider) List 

func (p *ExtensionToolProvider) List(ctx context.Context, _ toolspkg.Scope) ([]toolspkg.Descriptor, error)

List returns manifest-authoritative extension-host tool descriptors.

func (*ExtensionToolProvider) Resolve 

func (p *ExtensionToolProvider) Resolve(
	ctx context.Context,
	scope toolspkg.Scope,
	id toolspkg.ToolID,
) (toolspkg.Handle, bool, error)

Resolve returns a handle that reconciles one manifest descriptor against the live extension runtime before allowing execution.

type ExtensionToolProviderOption 

type ExtensionToolProviderOption func(*ExtensionToolProvider)

ExtensionToolProviderOption configures an extension-host tool provider.

type ExtensionToolRuntime 

type ExtensionToolRuntime interface {
	Get(name string) (*Extension, error)
	toolspkg.ExtensionToolInvoker
}

ExtensionToolRuntime is the live runtime surface needed by extension-host tool handles.

type ExtensionToolRuntimeResolver 

type ExtensionToolRuntimeResolver func() ExtensionToolRuntime

ExtensionToolRuntimeResolver returns the current live extension runtime.

type ExtensionToolRuntimeState 

type ExtensionToolRuntimeState struct {
	Enabled              bool
	Active               bool
	Healthy              bool
	ProvidedCapabilities []string
}

ExtensionToolRuntimeState captures extension lifecycle state needed for manifest/runtime reconciliation.

type ExtensionTrustError 

type ExtensionTrustError struct {
	Slug   string
	Source string
	Item   contract.DiagnosticItem
}

ExtensionTrustError carries the canonical diagnostic for a denied extension trust decision.

func NewExtensionChecksumUnverifiedError 

func NewExtensionChecksumUnverifiedError(slug string, source string) *ExtensionTrustError

NewExtensionChecksumUnverifiedError returns the canonical trust-gate error.

func (*ExtensionTrustError) DiagnosticItem 

func (e *ExtensionTrustError) DiagnosticItem() contract.DiagnosticItem

func (*ExtensionTrustError) Error 

func (e *ExtensionTrustError) Error() string

func (*ExtensionTrustError) Unwrap 

func (e *ExtensionTrustError) Unwrap() error

type HookConfig 

type HookConfig struct {
	Name      string             `toml:"name"                 json:"name"`
	Event     string             `toml:"event"                json:"event"`
	Mode      string             `toml:"mode,omitempty"       json:"mode,omitempty"`
	Required  bool               `toml:"required,omitempty"   json:"required,omitempty"`
	Priority  *int               `toml:"priority,omitempty"   json:"priority,omitempty"`
	Timeout   Duration           `toml:"timeout,omitempty"    json:"timeout,omitempty"`
	Matcher   HookMatcherConfig  `toml:"matcher,omitempty"    json:"matcher"`
	Command   string             `toml:"command,omitempty"    json:"command,omitempty"`
	Args      []string           `toml:"args,omitempty"       json:"args,omitempty"`
	Env       map[string]string  `toml:"env,omitempty"        json:"env,omitempty"`
	SecretEnv map[string]string  `toml:"secret_env,omitempty" json:"secret_env,omitempty"`
	Executor  HookExecutorConfig `toml:"executor,omitempty"   json:"executor"`
}

HookConfig mirrors the hook declaration shape accepted from extension manifests.

type HookExecutorConfig 

type HookExecutorConfig struct {
	Kind      string            `toml:"kind,omitempty"       json:"kind,omitempty"`
	Command   string            `toml:"command,omitempty"    json:"command,omitempty"`
	Args      []string          `toml:"args,omitempty"       json:"args,omitempty"`
	Env       map[string]string `toml:"env,omitempty"        json:"env,omitempty"`
	SecretEnv map[string]string `toml:"secret_env,omitempty" json:"secret_env,omitempty"`
}

HookExecutorConfig selects the hook execution boundary and command.

type HookMatcherConfig 

type HookMatcherConfig struct {
	AgentName          string `toml:"agent_name,omitempty"          json:"agent_name,omitempty"`
	AgentType          string `toml:"agent_type,omitempty"          json:"agent_type,omitempty"`
	WorkspaceID        string `toml:"workspace_id,omitempty"        json:"workspace_id,omitempty"`
	WorkspaceRoot      string `toml:"workspace_root,omitempty"      json:"workspace_root,omitempty"`
	SessionType        string `toml:"session_type,omitempty"        json:"session_type,omitempty"`
	InputClass         string `toml:"input_class,omitempty"         json:"input_class,omitempty"`
	ACPEventType       string `toml:"acp_event_type,omitempty"      json:"acp_event_type,omitempty"`
	TurnID             string `toml:"turn_id,omitempty"             json:"turn_id,omitempty"`
	ToolID             string `toml:"tool_id,omitempty"             json:"tool_id,omitempty"`
	ToolName           string `toml:"tool_name,omitempty"           json:"tool_name,omitempty"`
	ToolReadOnly       *bool  `toml:"tool_read_only,omitempty"      json:"tool_read_only,omitempty"`
	DecisionClass      string `toml:"decision_class,omitempty"      json:"decision_class,omitempty"`
	MessageRole        string `toml:"message_role,omitempty"        json:"message_role,omitempty"`
	MessageDeltaType   string `toml:"message_delta_type,omitempty"  json:"message_delta_type,omitempty"`
	Channel            string `toml:"channel,omitempty"             json:"channel,omitempty"`
	Surface            string `toml:"surface,omitempty"             json:"surface,omitempty"`
	Kind               string `toml:"kind,omitempty"                json:"kind,omitempty"`
	Direction          string `toml:"direction,omitempty"           json:"direction,omitempty"`
	WorkState          string `toml:"work_state,omitempty"          json:"work_state,omitempty"`
	CompactionReason   string `toml:"compaction_reason,omitempty"   json:"compaction_reason,omitempty"`
	CompactionStrategy string `toml:"compaction_strategy,omitempty" json:"compaction_strategy,omitempty"`
}

HookMatcherConfig narrows when a hook is eligible to run.

type HostAPIAutomationManager 

type HostAPIAutomationManager interface {
	ListJobs(ctx context.Context, query automationpkg.JobListQuery) ([]automationpkg.Job, error)
	GetJob(ctx context.Context, id string) (automationpkg.Job, error)
	CreateJob(ctx context.Context, job automationpkg.Job) (automationpkg.Job, error)
	UpdateJob(ctx context.Context, job automationpkg.Job) (automationpkg.Job, error)
	DeleteJob(ctx context.Context, id string) error
	TriggerJob(ctx context.Context, id string) (automationpkg.Run, error)
	TriggerJobWithPayload(ctx context.Context, id string, payload map[string]any) (automationpkg.Run, error)
	ListTriggers(ctx context.Context, query automationpkg.TriggerListQuery) ([]automationpkg.Trigger, error)
	GetTrigger(ctx context.Context, id string) (automationpkg.Trigger, error)
	CreateTrigger(
		ctx context.Context,
		trigger automationpkg.Trigger,
		webhookSecret automationpkg.WebhookSecretWrite,
	) (automationpkg.Trigger, error)
	UpdateTrigger(
		ctx context.Context,
		trigger automationpkg.Trigger,
		webhookSecret *automationpkg.WebhookSecretWrite,
	) (automationpkg.Trigger, error)
	DeleteTrigger(ctx context.Context, id string) error
	ListRuns(ctx context.Context, query automationpkg.RunQuery) ([]automationpkg.Run, error)
	SetJobEnabled(ctx context.Context, id string, enabled bool) (automationpkg.Job, error)
	SetTriggerEnabled(ctx context.Context, id string, enabled bool) (automationpkg.Trigger, error)
	FireExtensionTrigger(
		ctx context.Context,
		request automationpkg.ExtensionTriggerRequest,
	) (automationpkg.TriggerResult, error)
}

HostAPIAutomationManager is the automation surface exposed to the extension Host API.

type HostAPIHandler 

type HostAPIHandler struct {
	// contains filtered or unexported fields
}

HostAPIHandler handles extension -> AGH Host API JSON-RPC requests.

func NewHostAPIHandler 

func NewHostAPIHandler(
	sessions hostAPISessionManager,
	memoryStore *memory.Store,
	observer hostAPIObserver,
	skillsRegistry hostAPISkillsRegistry,
	opts ...HostAPIOption,
) *HostAPIHandler

NewHostAPIHandler constructs a Host API handler with sensible defaults.

func (*HostAPIHandler) Handle 

func (h *HostAPIHandler) Handle(
	ctx context.Context,
	extName string,
	method string,
	params json.RawMessage,
) (any, error)

Handle dispatches one Host API request for the named extension.

func (*HostAPIHandler) HandleMethod 

func (h *HostAPIHandler) HandleMethod(method string) subprocess.HandlerFunc

HandleMethod returns a subprocess-compatible handler for one Host API method.

func (*HostAPIHandler) MethodHandlers 

func (h *HostAPIHandler) MethodHandlers() map[string]subprocess.HandlerFunc

MethodHandlers returns the subprocess-compatible handler set for every Host API method.

type HostAPIOption 

type HostAPIOption func(*HostAPIHandler)

HostAPIOption customizes a HostAPIHandler.

func WithHostAPIAutomationGetter 

func WithHostAPIAutomationGetter(getter func() HostAPIAutomationManager) HostAPIOption

WithHostAPIAutomationGetter injects a lazy automation lookup used when the runtime boots after extensions.

func WithHostAPIAutomationManager 

func WithHostAPIAutomationManager(manager HostAPIAutomationManager) HostAPIOption

WithHostAPIAutomationManager injects the automation manager used for automation Host API methods.

func WithHostAPIBridgeDedupStore 

func WithHostAPIBridgeDedupStore(store hostAPIBridgeDedupStore) HostAPIOption

WithHostAPIBridgeDedupStore injects the dedup persistence used by inbound bridge ingest.

func WithHostAPIBridgeIngressConfig 

func WithHostAPIBridgeIngressConfig(dedupTTL time.Duration, cleanupInterval time.Duration) HostAPIOption

WithHostAPIBridgeIngressConfig overrides dedup TTL and cleanup cadence for bridge ingest.

func WithHostAPIBridgeRegistry 

func WithHostAPIBridgeRegistry(registry hostAPIBridgeRegistry) HostAPIOption

WithHostAPIBridgeRegistry injects the bridge registry used by bridge Host API methods.

func WithHostAPICapabilityChecker 

func WithHostAPICapabilityChecker(checker *CapabilityChecker) HostAPIOption

WithHostAPICapabilityChecker injects the capability checker used for Host API authorization.

func WithHostAPIDeliveryBroker 

func WithHostAPIDeliveryBroker(broker hostAPIDeliveryBroker) HostAPIOption

WithHostAPIDeliveryBroker injects the session-to-bridge delivery projection broker.

func WithHostAPIHeartbeatAuthoring 

func WithHostAPIHeartbeatAuthoring(service hostAPIHeartbeatAuthoringService) HostAPIOption

WithHostAPIHeartbeatAuthoring injects managed HEARTBEAT.md mutation support.

func WithHostAPIHeartbeatStatus 

func WithHostAPIHeartbeatStatus(service hostAPIHeartbeatStatusService) HostAPIOption

WithHostAPIHeartbeatStatus injects managed Heartbeat status support.

func WithHostAPIHeartbeatWake 

func WithHostAPIHeartbeatWake(service hostAPIHeartbeatWakeService) HostAPIOption

WithHostAPIHeartbeatWake injects managed Heartbeat wake support.

func WithHostAPIHeartbeatWakeEvents 

func WithHostAPIHeartbeatWakeEvents(reader hostAPIHeartbeatWakeEventReader) HostAPIOption

WithHostAPIHeartbeatWakeEvents injects retained wake audit reads.

func WithHostAPIMemoryProviderRegistry 

func WithHostAPIMemoryProviderRegistry(registry *MemoryProviderRegistry) HostAPIOption

WithHostAPIMemoryProviderRegistry injects MemoryProvider registration state.

func WithHostAPIModelCatalogService 

func WithHostAPIModelCatalogService(service modelcatalog.Service) HostAPIOption

WithHostAPIModelCatalogService injects daemon-owned model catalog projections.

func WithHostAPINetworkService 

func WithHostAPINetworkService(service hostAPINetworkService) HostAPIOption

WithHostAPINetworkService injects the network runtime used by network Host API methods.

func WithHostAPINetworkStore 

func WithHostAPINetworkStore(networkStore store.NetworkConversationStore) HostAPIOption

WithHostAPINetworkStore injects the durable conversation store used by network Host API methods.

func WithHostAPINow 

func WithHostAPINow(now func() time.Time) HostAPIOption

WithHostAPINow overrides the handler clock, mainly for tests.

func WithHostAPIRateLimit 

func WithHostAPIRateLimit(limit int, burst int) HostAPIOption

WithHostAPIRateLimit overrides the per-extension Host API token bucket settings.

func WithHostAPIResourceCodecRegistry 

func WithHostAPIResourceCodecRegistry(registry *resources.CodecRegistry) HostAPIOption

WithHostAPIResourceCodecRegistry injects resource codecs used to validate and canonicalize snapshot specs before persistence.

func WithHostAPIResourceStore 

func WithHostAPIResourceStore(store resources.RawStore) HostAPIOption

WithHostAPIResourceStore injects the canonical raw resource store used by the extension resource Host API methods.

func WithHostAPIResourceTrigger 

func WithHostAPIResourceTrigger(
	trigger func(context.Context, resources.ResourceKind, resources.ReconcileReason) error,
) HostAPIOption

WithHostAPIResourceTrigger injects the reconcile trigger used after successful snapshot writes.

func WithHostAPISessionHealth 

func WithHostAPISessionHealth(reader hostAPISessionHealthReader) HostAPIOption

WithHostAPISessionHealth injects metadata-only session health reads.

func WithHostAPISoulAuthoring 

func WithHostAPISoulAuthoring(service hostAPISoulAuthoringService) HostAPIOption

WithHostAPISoulAuthoring injects managed SOUL.md read and mutation support.

func WithHostAPISoulRefresher 

func WithHostAPISoulRefresher(refresher hostAPISoulRefresher) HostAPIOption

WithHostAPISoulRefresher injects managed session Soul refresh support.

func WithHostAPITaskManager 

func WithHostAPITaskManager(manager hostAPITaskManager) HostAPIOption

WithHostAPITaskManager injects the task manager used for task Host API methods.

func WithHostAPIWorkspaceResolver 

func WithHostAPIWorkspaceResolver(resolver workspacepkg.RuntimeResolver) HostAPIOption

WithHostAPIWorkspaceResolver injects workspace resolution for workspace-scoped Host API methods.

type InstallOption 

type InstallOption func(*installConfig)

InstallOption customizes one extension registry install operation.

func WithInstallProvenance 

func WithInstallProvenance(provenance ExtensionProvenance) InstallOption

WithInstallProvenance records the explicit source and trust evidence for one install.

func WithInstallRegistryMetadata 

func WithInstallRegistryMetadata(slug string, registryName string, remoteVersion string) InstallOption

WithInstallRegistryMetadata records remote registry provenance for one install.

func WithInstallReplaceExisting 

func WithInstallReplaceExisting() InstallOption

WithInstallReplaceExisting allows an install to overwrite an existing row.

func WithInstallSource 

func WithInstallSource(source ExtensionSource) InstallOption

WithInstallSource overrides the persisted source tier for one install.

type LifecycleRegistry 

type LifecycleRegistry interface {
	Get(name string) (*ExtensionInfo, error)
	List() ([]ExtensionInfo, error)
	Install(manifest *Manifest, path string, checksum string, opts ...InstallOption) error
	Disable(name string) error
	Uninstall(name string) error
}

LifecycleRegistry is the installed-extension persistence surface required by managed lifecycle helpers.

type MCPServerConfig 

type MCPServerConfig struct {
	Command   string            `toml:"command"              json:"command"`
	Args      []string          `toml:"args,omitempty"       json:"args,omitempty"`
	Env       map[string]string `toml:"env,omitempty"        json:"env,omitempty"`
	SecretEnv map[string]string `toml:"secret_env,omitempty" json:"secret_env,omitempty"`
}

MCPServerConfig declares one MCP server bundled by the extension.

type ManagedRemoveResult 

type ManagedRemoveResult struct {
	Name   string `json:"name"`
	Path   string `json:"path"`
	Status string `json:"status"`
}

ManagedRemoveResult describes one removed managed extension.

func RemoveManagedExtension 

func RemoveManagedExtension(
	ctx context.Context,
	registry LifecycleRegistry,
	name string,
	reload MutationReload,
) (_ ManagedRemoveResult, err error)

RemoveManagedExtension removes one installed extension and rolls back the registry and on-disk state if the caller's reload hook fails.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager orchestrates extension loading, subprocess lifecycle, and resource registration.

func NewManager 

func NewManager(registry *Registry, opts ...Option) *Manager

NewManager constructs an extension manager with sensible defaults.

func (*Manager) AgentDefinitions 

func (m *Manager) AgentDefinitions() []aghconfig.AgentDef

AgentDefinitions returns the currently registered extension agent definitions.

func (*Manager) BridgeTargetSnapshots 

func (m *Manager) BridgeTargetSnapshots(
	ctx context.Context,
	extensionName string,
	req bridgepkg.BridgeTargetSnapshotRequest,
) ([]bridgepkg.BridgeTargetSnapshot, error)

BridgeTargetSnapshots calls the negotiated bridge target snapshot service on the named bridge-capable extension runtime.

func (*Manager) CallTool 

func (m *Manager) CallTool(
	ctx context.Context,
	extensionName string,
	req toolspkg.ExtensionToolCallRequest,
) (toolspkg.ToolResult, error)

CallTool invokes one reconciled extension-host tool through the existing subprocess JSON-RPC transport.

func (*Manager) DeliverBridge 

func (m *Manager) DeliverBridge(
	ctx context.Context,
	extensionName string,
	req bridgepkg.DeliveryRequest,
) (bridgepkg.DeliveryAck, error)

DeliverBridge calls the negotiated `bridges/deliver` service on the named bridge-capable extension runtime.

func (*Manager) Get 

func (m *Manager) Get(name string) (*Extension, error)

Get returns the current snapshot for one installed extension.

func (*Manager) HookDeclarations 

func (m *Manager) HookDeclarations(ctx context.Context) ([]hookspkg.HookDecl, error)

HookDeclarations returns the manifest-declared hook resources from loaded extensions.

func (*Manager) List 

func (m *Manager) List() []ExtensionInfo

List returns every currently known registry row in name order.

func (*Manager) ListModelSourceRows 

func (m *Manager) ListModelSourceRows(
	ctx context.Context,
	extensionName string,
	params extensioncontract.ModelSourceListParams,
) ([]extensioncontract.ModelSourceRow, error)

ListModelSourceRows calls one extension's negotiated models/list service.

func (*Manager) ProvideTools 

func (m *Manager) ProvideTools(
	ctx context.Context,
	extensionName string,
) ([]toolspkg.ExtensionToolRuntimeDescriptor, error)

ProvideTools calls the negotiated runtime descriptor endpoint for one tool-provider extension.

func (*Manager) Reload 

func (m *Manager) Reload(ctx context.Context) error

Reload restarts the manager from the current registry state.

func (*Manager) Start 

func (m *Manager) Start(ctx context.Context) error

Start loads every enabled extension through the six-phase pipeline.

func (*Manager) Statuses 

func (m *Manager) Statuses() []ExtensionStatus

Statuses returns the current runtime health snapshot for every known extension.

func (*Manager) Stop 

func (m *Manager) Stop(ctx context.Context) error

Stop gracefully drains all active extension subprocesses.

type Manifest 

type Manifest struct {
	Name          string             `toml:"name"                   json:"name"`
	Version       string             `toml:"version"                json:"version"`
	Description   string             `toml:"description,omitempty"  json:"description,omitempty"`
	MinAGHVersion string             `toml:"min_agh_version"        json:"min_agh_version"`
	RequiresEnv   []string           `toml:"requires_env,omitempty" json:"requires_env,omitempty"`
	Resources     ResourcesConfig    `toml:"resources"              json:"resources"`
	Capabilities  CapabilitiesConfig `toml:"capabilities"           json:"capabilities"`
	Actions       ActionsConfig      `toml:"actions"                json:"actions"`
	Subprocess    SubprocessConfig   `toml:"subprocess"             json:"subprocess"`
	Security      SecurityConfig     `toml:"security"               json:"security"`
	Bridge        BridgeConfig       `toml:"bridge"                 json:"bridge"`
}

Manifest describes one extension without executing any extension code.

func LoadManifest 

func LoadManifest(dir string) (*Manifest, error)

LoadManifest reads one extension manifest from dir, preferring TOML over JSON.

func (*Manifest) MissingEnv 

func (m *Manifest) MissingEnv(getenv func(string) string) []string

MissingEnv returns manifest-required environment variable names that are unset or empty.

func (*Manifest) Validate 

func (m *Manifest) Validate() error

Validate checks the manifest schema and daemon compatibility.

type ManifestCompatibilityError 

type ManifestCompatibilityError struct {
	CurrentVersion string
	MinVersion     string
}

ManifestCompatibilityError describes a daemon-version compatibility failure.

func (*ManifestCompatibilityError) Error 

func (e *ManifestCompatibilityError) Error() string

Error returns the daemon-version compatibility message.

func (*ManifestCompatibilityError) Is 

func (e *ManifestCompatibilityError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type ManifestNotFoundError 

type ManifestNotFoundError struct {
	Dir   string
	Paths []string
}

ManifestNotFoundError describes a missing manifest directory.

func (*ManifestNotFoundError) Error 

func (e *ManifestNotFoundError) Error() string

Error returns the typed missing-manifest message.

func (*ManifestNotFoundError) Is 

func (e *ManifestNotFoundError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type ManifestToolDescriptor 

type ManifestToolDescriptor struct {
	Name              string
	Tool              toolspkg.Tool
	RuntimeDescriptor toolspkg.ExtensionToolRuntimeDescriptor
}

ManifestToolDescriptor is a manifest-authoritative cold descriptor plus runtime proof metadata.

func ResolveManifestToolDescriptors 

func ResolveManifestToolDescriptors(manifest *Manifest) ([]ManifestToolDescriptor, error)

ResolveManifestToolDescriptors converts manifest tool declarations into cold specs and digest proofs.

type ManifestValidationError 

type ManifestValidationError struct {
	Field   string
	Value   string
	Message string
}

ManifestValidationError describes an invalid manifest field.

func (*ManifestValidationError) Error 

func (e *ManifestValidationError) Error() string

Error returns the field-specific validation message.

func (*ManifestValidationError) Is 

func (e *ManifestValidationError) Is(target error) bool

Is matches sentinel errors for errors.Is.

type MarketplaceInstallRequest 

type MarketplaceInstallRequest struct {
	Slug            string
	SourceFilter    string
	Version         string
	Asset           string
	AllowUnverified bool
	InstalledBy     string
}

MarketplaceInstallRequest describes one marketplace-backed extension install.

type MarketplaceSourceLoader 

type MarketplaceSourceLoader func(context.Context) ([]registrypkg.Source, error)

MarketplaceSourceLoader resolves configured marketplace sources. The optional source filter is an already-normalized operator/tool input.

type MarketplaceUpdateRequest 

type MarketplaceUpdateRequest struct {
	Names           []string
	All             bool
	CheckOnly       bool
	Version         string
	AllowUnverified bool
	InstalledBy     string
}

MarketplaceUpdateRequest describes one marketplace update batch.

type MarketplaceUpdateResult 

type MarketplaceUpdateResult struct {
	Name           string `json:"name"`
	Slug           string `json:"slug"`
	Registry       string `json:"registry"`
	CurrentVersion string `json:"current_version,omitempty"`
	LatestVersion  string `json:"latest_version,omitempty"`
	Path           string `json:"path"`
	Status         string `json:"status"`
}

MarketplaceUpdateResult describes one marketplace update outcome.

func UpdateMarketplaceManaged 

func UpdateMarketplaceManaged(
	ctx context.Context,
	homePaths aghconfig.HomePaths,
	registry LifecycleRegistry,
	loader MarketplaceSourceLoader,
	req MarketplaceUpdateRequest,
	reload MutationReload,
) ([]MarketplaceUpdateResult, error)

UpdateMarketplaceManaged updates one or more marketplace-installed extensions and rolls back each changed extension if the reload hook rejects the new state.

type MemoryProviderCollisionError 

type MemoryProviderCollisionError struct {
	Name              string
	ExistingExtension string
	IncomingExtension string
	Reason            string
	ToolName          string
}

MemoryProviderCollisionError describes a rejected provider registration.

func (*MemoryProviderCollisionError) Error 

func (e *MemoryProviderCollisionError) Error() string

Error returns the provider collision message.

func (*MemoryProviderCollisionError) Is 

func (e *MemoryProviderCollisionError) Is(target error) bool

Is matches sentinel errors for provider collisions.

type MemoryProviderNotFoundError 

type MemoryProviderNotFoundError struct {
	Name string
}

MemoryProviderNotFoundError describes a missing provider lookup.

func (*MemoryProviderNotFoundError) Error 

func (e *MemoryProviderNotFoundError) Error() string

Error returns the provider lookup message.

func (*MemoryProviderNotFoundError) Is 

func (e *MemoryProviderNotFoundError) Is(target error) bool

Is matches sentinel errors for missing providers.

type MemoryProviderRegistration 

type MemoryProviderRegistration struct {
	Name          string
	Version       string
	ExtensionName string
	Provider      memcontract.MemoryProvider
	ToolNames     []string
	Bundled       bool
}

MemoryProviderRegistration describes one registered memory provider implementation.

type MemoryProviderRegistry 

type MemoryProviderRegistry struct {
	// contains filtered or unexported fields
}

MemoryProviderRegistry owns MemoryProvider registration and workspace selection.

func NewMemoryProviderRegistry 

func NewMemoryProviderRegistry(opts ...MemoryProviderRegistryOption) *MemoryProviderRegistry

NewMemoryProviderRegistry constructs an in-memory provider registry.

func (*MemoryProviderRegistry) List 

func (r *MemoryProviderRegistry) List() []MemoryProviderRegistration

List returns registered providers ordered by canonical name.

func (*MemoryProviderRegistry) Register 

func (r *MemoryProviderRegistry) Register(ctx context.Context, registration MemoryProviderRegistration) error

Register adds one provider unless its name or tool names collide.

func (*MemoryProviderRegistry) Select 

func (r *MemoryProviderRegistry) Select(
	ctx context.Context,
	workspaceID string,
	name string,
) (MemoryProviderRegistration, error)

Select returns the requested provider, or the active/default provider for a workspace.

func (*MemoryProviderRegistry) SetActive 

func (r *MemoryProviderRegistry) SetActive(ctx context.Context, workspaceID string, name string) error

SetActive selects one registered provider for a workspace.

type MemoryProviderRegistryOption 

type MemoryProviderRegistryOption func(*MemoryProviderRegistry)

MemoryProviderRegistryOption customizes MemoryProviderRegistry.

func WithMemoryProviderEventSummaryStore 

func WithMemoryProviderEventSummaryStore(writer memoryProviderEventWriter) MemoryProviderRegistryOption

WithMemoryProviderEventSummaryStore records provider collisions into observability.

func WithMemoryProviderRegistryClock 

func WithMemoryProviderRegistryClock(now func() time.Time) MemoryProviderRegistryOption

WithMemoryProviderRegistryClock injects a deterministic event timestamp.

func WithMemoryProviderReservedTools 

func WithMemoryProviderReservedTools(names ...string) MemoryProviderRegistryOption

WithMemoryProviderReservedTools reserves built-in tool names against provider claims.

type ModelSource 

type ModelSource struct {
	// contains filtered or unexported fields
}

ModelSource adapts one extension into a daemon-owned model catalog source.

func NewExtensionModelSource 

func NewExtensionModelSource(info ExtensionInfo, resolver ModelSourceRuntimeResolver) (*ModelSource, error)

NewExtensionModelSource creates a daemon model catalog source for one extension.

func (*ModelSource) ID 

func (s *ModelSource) ID() string

ID returns the stable extension source id.

func (*ModelSource) Kind 

func (s *ModelSource) Kind() modelcatalog.SourceKind

Kind returns extension.

func (*ModelSource) ListModels 

func (s *ModelSource) ListModels(ctx context.Context, opts modelcatalog.ListOptions) ([]modelcatalog.ModelRow, error)

ListModels calls the extension models/list service and validates rows before persistence.

func (*ModelSource) Priority 

func (s *ModelSource) Priority() int

Priority returns the extension merge priority.

type ModelSourceRuntime 

type ModelSourceRuntime interface {
	ListModelSourceRows(
		ctx context.Context,
		extensionName string,
		params extensioncontract.ModelSourceListParams,
	) ([]extensioncontract.ModelSourceRow, error)
}

ModelSourceRuntime calls AGH-to-extension model source services.

type ModelSourceRuntimeResolver 

type ModelSourceRuntimeResolver func() ModelSourceRuntime

ModelSourceRuntimeResolver returns the current extension runtime.

type MutationReload 

type MutationReload func(context.Context) error

MutationReload is called after a registry/on-disk mutation and before the lifecycle helper commits any staged filesystem backup.

type Option 

type Option func(*Manager)

Option customizes an extension manager.

func WithBridgeRuntimeResolver 

func WithBridgeRuntimeResolver(resolver BridgeRuntimeResolver) Option

WithBridgeRuntimeResolver injects the bridge launch material resolver used for bridge-capable extension sessions.

func WithBridgeTelemetrySink 

func WithBridgeTelemetrySink(sink BridgeTelemetrySink) Option

WithBridgeTelemetrySink injects the sink used to publish per-instance runtime degradation/error signals into observability surfaces.

func WithCapabilityChecker 

func WithCapabilityChecker(checker *CapabilityChecker) Option

WithCapabilityChecker injects the grant evaluator used for Host API authorization.

func WithDefaultHookTimeout 

func WithDefaultHookTimeout(timeout time.Duration) Option

WithDefaultHookTimeout overrides the negotiated default hook timeout.

func WithGetenv 

func WithGetenv(getenv func(string) string) Option

WithGetenv overrides environment lookup used for manifest template expansion.

func WithHealthCheckTimeout 

func WithHealthCheckTimeout(timeout time.Duration) Option

WithHealthCheckTimeout overrides the negotiated health probe timeout.

func WithHostMethodHandler 

func WithHostMethodHandler(method string, handler subprocess.HandlerFunc) Option

WithHostMethodHandler registers one Host API method handler for launched extensions.

func WithInitializeTimeout 

func WithInitializeTimeout(timeout time.Duration) Option

WithInitializeTimeout overrides the initialize handshake timeout.

func WithLogger 

func WithLogger(logger *slog.Logger) Option

WithLogger injects the logger used for extension diagnostics.

func WithNow 

func WithNow(now func() time.Time) Option

WithNow overrides the manager clock, mainly for tests.

func WithProcessRegistry 

func WithProcessRegistry(registry *toolruntime.Registry) Option

WithProcessRegistry injects shared tool process ownership tracking.

func WithSecretResolver 

func WithSecretResolver(resolver SecretRefResolver) Option

WithSecretResolver injects the daemon vault resolver used for extension secret env bindings.

func WithSourceSessionManager 

func WithSourceSessionManager(manager resources.SourceSessionManager) Option

WithSourceSessionManager injects the resource source-session manager used to activate extension nonces for snapshot publication.

func WithSubprocessSignalGrace 

func WithSubprocessSignalGrace(timeout time.Duration) Option

WithSubprocessSignalGrace overrides the SIGTERM -> SIGKILL grace interval.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry persists installed extension metadata in the global SQLite database.

func NewRegistry 

func NewRegistry(db *sql.DB) *Registry

NewRegistry constructs a registry over an existing SQLite connection.

func (*Registry) DB 

func (r *Registry) DB() *sql.DB

DB exposes the backing SQLite handle for composition-root integrations that need to build additional stores over the same registry database.

func (*Registry) Disable 

func (r *Registry) Disable(name string) error

Disable marks one installed extension as disabled.

func (*Registry) Enable 

func (r *Registry) Enable(name string) error

Enable marks one installed extension as enabled.

func (*Registry) Get 

func (r *Registry) Get(name string) (*ExtensionInfo, error)

Get returns one installed extension by name.

func (*Registry) Install 

func (r *Registry) Install(manifest *Manifest, path string, checksum string, opts ...InstallOption) error

Install verifies the extension artifact checksum and persists the install as a user-sourced extension.

func (*Registry) List 

func (r *Registry) List() (extensions []ExtensionInfo, err error)

List returns every installed extension ordered by name.

func (*Registry) Uninstall 

func (r *Registry) Uninstall(name string) error

Uninstall removes one extension from the registry.

type ResourceGrantRequest 

type ResourceGrantRequest struct {
	Families []string                    `toml:"families,omitempty"  json:"families,omitempty"`
	MaxScope resources.ResourceScopeKind `toml:"max_scope,omitempty" json:"max_scope,omitempty"`
}

ResourceGrantRequest declares the resource families and scope ceiling an extension requests.

type ResourcesConfig 

type ResourcesConfig struct {
	Skills     []string                   `toml:"skills,omitempty"      json:"skills,omitempty"`
	Agents     []string                   `toml:"agents,omitempty"      json:"agents,omitempty"`
	Bundles    []string                   `toml:"bundles,omitempty"     json:"bundles,omitempty"`
	Hooks      []HookConfig               `toml:"hooks,omitempty"       json:"hooks,omitempty"`
	Tools      map[string]ToolConfig      `toml:"tools,omitempty"       json:"tools,omitempty"`
	MCPServers map[string]MCPServerConfig `toml:"mcp_servers,omitempty" json:"mcp_servers,omitempty"`
	Publish    ResourceGrantRequest       `toml:"publish,omitempty"     json:"publish"`
}

ResourcesConfig declares static assets bundled with an extension.

type SecretRefResolver 

type SecretRefResolver interface {
	ResolveRef(context.Context, string) (string, error)
}

SecretRefResolver resolves env: and vault: refs for extension launch bindings.

type SecurityConfig 

type SecurityConfig struct {
	Capabilities []string `toml:"capabilities,omitempty" json:"capabilities,omitempty"`
}

SecurityConfig declares the security grants the extension requests.

type SubprocessConfig 

type SubprocessConfig struct {
	Command             string            `toml:"command,omitempty"               json:"command,omitempty"`
	Args                []string          `toml:"args,omitempty"                  json:"args,omitempty"`
	Env                 map[string]string `toml:"env,omitempty"                   json:"env,omitempty"`
	SecretEnv           map[string]string `toml:"secret_env,omitempty"            json:"secret_env,omitempty"`
	HealthCheckInterval Duration          `toml:"health_check_interval,omitempty" json:"health_check_interval,omitempty"`
	ShutdownTimeout     Duration          `toml:"shutdown_timeout,omitempty"      json:"shutdown_timeout,omitempty"`
}

SubprocessConfig describes how to launch and monitor the extension process.

type ToolBackendConfig 

type ToolBackendConfig struct {
	Kind    string `toml:"kind,omitempty"    json:"kind,omitempty"`
	Handler string `toml:"handler,omitempty" json:"handler,omitempty"`
	Server  string `toml:"server,omitempty"  json:"server,omitempty"`
	Tool    string `toml:"tool,omitempty"    json:"tool,omitempty"`
}

ToolBackendConfig binds a manifest tool to its backend metadata.

type ToolConfig 

type ToolConfig struct {
	ID                   string            `toml:"id,omitempty"                    json:"id,omitempty"`
	DisplayTitle         string            `toml:"display_title,omitempty"         json:"display_title,omitempty"`
	Description          string            `toml:"description,omitempty"           json:"description,omitempty"`
	Handler              string            `toml:"handler,omitempty"               json:"handler,omitempty"`
	Backend              ToolBackendConfig `toml:"backend,omitempty"               json:"backend"`
	InputSchema          json.RawMessage   `toml:"input_schema,omitempty"          json:"input_schema,omitempty"`
	OutputSchema         json.RawMessage   `toml:"output_schema,omitempty"         json:"output_schema,omitempty"`
	Risk                 string            `toml:"risk,omitempty"                  json:"risk,omitempty"`
	ReadOnly             bool              `toml:"read_only,omitempty"             json:"read_only,omitempty"`
	Destructive          bool              `toml:"destructive,omitempty"           json:"destructive,omitempty"`
	OpenWorld            bool              `toml:"open_world,omitempty"            json:"open_world,omitempty"`
	RequiresInteraction  bool              `toml:"requires_interaction,omitempty"  json:"requires_interaction,omitempty"`
	ConcurrencySafe      bool              `toml:"concurrency_safe,omitempty"      json:"concurrency_safe,omitempty"`
	MaxResultBytes       int64             `toml:"max_result_bytes,omitempty"      json:"max_result_bytes,omitempty"`
	Toolsets             []string          `toml:"toolsets,omitempty"              json:"toolsets,omitempty"`
	Tags                 []string          `toml:"tags,omitempty"                  json:"tags,omitempty"`
	SearchHints          []string          `toml:"search_hints,omitempty"          json:"search_hints,omitempty"`
	RequiresEnv          []string          `toml:"requires_env,omitempty"          json:"requires_env,omitempty"`
	RequiredCapabilities []string          `toml:"required_capabilities,omitempty" json:"required_capabilities,omitempty"`
	Visibility           string            `toml:"visibility,omitempty"            json:"visibility,omitempty"`
}

ToolConfig declares one static tool bundled by the extension.

Source Files

View all Source files

Directories

Path Synopsis
Package surfaces defines the static extension resource surface policy.
 Package surfaces defines the static extension resource surface policy.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.