agent-harness 0.7.1 → 0.7.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 840999010c09f5e1b70d3dd0a1631cf76e15a13738954cb2f259149f7e0df9c3
-  data.tar.gz: 79f321a55d661a7f1a018372b8fea6b1c0f55ce659bfeb62a4937c2fd5852976
+  metadata.gz: 3e879475ab73c89cd1dd1a107ce769e355426cee936e95df377ec242312cec4b
+  data.tar.gz: 492ed111e0b70703f5f55d2a448259450132515a614bc597310ddecea775a313
 SHA512:
-  metadata.gz: a2092406f7f5f75623eea7e3b4bc3c78c9fd7ffcd6f85b1e90a2e20bdc59f4b5f4bab5d7e9e8dee7fdf8772881e311c02cec7e555ce797c01b1ec7c3f482e023
-  data.tar.gz: 3670198c4053fb94c3ec4e990cc4649b19977ccf5d7a5a6b3a95f1acb077f53c50055cd57098eda54b0fa1afaab0d1edff3429d4d0a55c3abf8137c4d846cda2
+  metadata.gz: 02c690080d6dc6c39275c5188493c6e6a7a29303af35d1435d249ef996234235fddedb767489d429f0d98283429ec57dc8a033367aea7ca89278596ddf34d452
+  data.tar.gz: 4a5be3565b1c35b73abc61abc2238b6a5d41416d736162624a0db14fe30e96e01029eb687e35916ecd81cefbbe2d0397113339a80ee3965dcb9b943415223745

data/.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "0.7.1"
+  ".": "0.7.3"
 }

data/CHANGELOG.md

@@ -1,5 +1,20 @@
 ## [Unreleased]
 
+## [0.7.3](https://github.com/viamin/agent-harness/compare/agent-harness/v0.7.2...agent-harness/v0.7.3) (2026-04-15)
+
+
+### Bug Fixes
+
+* 114: feat: add text-only transport that bypasses the CLI ([a6be68a](https://github.com/viamin/agent-harness/commit/a6be68aa03b0202492caeb24233104cd1b814d88))
+* 98: feat: add token usage extraction for remaining providers (cursor, gemini, aider, opencode, copilot, mistral_vibe) ([#105](https://github.com/viamin/agent-harness/issues/105)) ([b090748](https://github.com/viamin/agent-harness/commit/b090748b5d528ab864e94754c0992bc060669540))
+
+## [0.7.2](https://github.com/viamin/agent-harness/compare/agent-harness/v0.7.1...agent-harness/v0.7.2) (2026-04-15)
+
+
+### Bug Fixes
+
+* 113: [P1] feat: support disabling tools for text-only send_message calls ([#115](https://github.com/viamin/agent-harness/issues/115)) ([62bc66a](https://github.com/viamin/agent-harness/commit/62bc66a3d34a889de65ba7c4951b8bdb1f388fa9))
+
 ## [0.7.1](https://github.com/viamin/agent-harness/compare/agent-harness/v0.7.0...agent-harness/v0.7.1) (2026-04-15)
 
 

data/lib/agent_harness/errors.rb

@@ -59,6 +59,13 @@ module AgentHarness
     end
   end
 
+  # Auth mismatch errors — raised when the requested transport mode
+  # requires credentials that differ from the caller's current auth mode.
+  # For example, requesting HTTP text mode with only OAuth/subscription
+  # credentials (no API key) would silently shift billing from
+  # subscription to API-metered usage.
+  class AuthMismatchError < AuthenticationError; end
+
   # Configuration errors
   class ConfigurationError < Error; end
 

data/lib/agent_harness/providers/adapter.rb

@@ -257,6 +257,11 @@ module AgentHarness
                 :supported_mcp_transports,
                 default: default_supported_mcp_transports
               ),
+              supports_token_counting: provider_metadata_value(
+                provider,
+                :supports_token_counting?,
+                default: default_supports_token_counting
+              ),
               supports_sessions: provider_metadata_value(
                 provider,
                 :supports_sessions?,
@@ -601,6 +606,10 @@ module AgentHarness
           false
         end
 
+        def default_supports_token_counting
+          false
+        end
+
         def default_supports_dangerous_mode
           false
         end
@@ -717,6 +726,13 @@ module AgentHarness
       # @option options [Integer] :timeout timeout in seconds
       # @option options [String] :session session identifier
       # @option options [Boolean] :dangerous_mode skip permission checks
+      # @option options [Symbol, Array<String>, nil] :tools tool access control.
+      #   Pass +:none+ to disable all tool access (pure text-in/text-out mode).
+      #   Pass an Array of tool name strings to selectively disable specific
+      #   tools via the provider's disallowed-tools mechanism. Defaults to +nil+
+      #   (tools enabled, provider default behavior).
+      #   Providers that do not support tool control will emit a warning and
+      #   ignore this option — it is never a hard failure.
       # @option options [ProviderRuntime, Hash, nil] :provider_runtime per-request
       #   runtime overrides (model, base_url, api_provider, env, flags, metadata).
       #   For providers that delegate to Providers::Base#send_message, a plain Hash
@@ -839,6 +855,24 @@ module AgentHarness
         end
       end
 
+      # Check if provider supports tool access control (disabling tools)
+      #
+      # @return [Boolean] true if the provider supports the tools: option
+      def supports_tool_control?
+        false
+      end
+
+      # Check if provider supports text-only mode via direct HTTP transport.
+      #
+      # Providers that return +true+ will route +mode: :text+ requests
+      # through their REST API instead of the CLI. Providers that return
+      # +false+ fall back to the CLI path with tools forcibly disabled.
+      #
+      # @return [Boolean] true if the provider has an HTTP text transport
+      def supports_text_mode?
+        false
+      end
+
       # Check if provider supports dangerous mode
       #
       # @return [Boolean] true if dangerous mode is supported
@@ -868,6 +902,13 @@ module AgentHarness
         []
       end
 
+      # Whether this provider can extract token usage from CLI output
+      #
+      # @return [Boolean] true if the provider returns token counts
+      def supports_token_counting?
+        false
+      end
+
       # Validate provider configuration
       #
       # @return [Hash] with :valid, :errors keys

data/lib/agent_harness/providers/aider.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "json"
 require "securerandom"
 require "shellwords"
 require "tmpdir"
@@ -10,6 +11,8 @@ module AgentHarness
     #
     # Provides integration with the Aider CLI tool.
     class Aider < Base
+      include TokenUsageParsing
+
       UV_VERSION = "0.8.17"
       SUPPORTED_CLI_VERSION = "0.86.2"
       SUPPORTED_CLI_REQUIREMENT = Gem::Requirement.new(">= #{SUPPORTED_CLI_VERSION}", "< 0.87.0").freeze
@@ -196,6 +199,10 @@ module AgentHarness
         ["--restore-chat-history", session_id]
       end
 
+      def supports_token_counting?
+        true
+      end
+
       def send_message(prompt:, **options)
         log_debug("send_message_start", prompt_length: prompt.length, options: options.keys)
 
@@ -205,15 +212,19 @@ module AgentHarness
         options = normalize_mcp_servers(options)
         validate_mcp_servers!(options[:mcp_servers]) if options[:mcp_servers]&.any?
 
-        llm_history_path = generate_llm_history_path
-        command = build_command(prompt, options.merge(llm_history_path: llm_history_path))
-        preparation = build_execution_preparation(options)
         timeout = options[:timeout] || @config.timeout || default_timeout
+        raise TimeoutError, "Command timed out before execution started" if timeout <= 0
 
         start_time = Time.now
+        llm_history_path = prepare_llm_history_file!
+        command = build_command(prompt, options.merge(llm_history_path: llm_history_path))
+        preparation = build_execution_preparation(options)
+        remaining_timeout = timeout - (Time.now - start_time)
+        raise TimeoutError, "Command timed out before execution started" if remaining_timeout <= 0
+
         result = execute_with_timeout(
           command,
-          timeout: timeout,
+          timeout: remaining_timeout,
           env: build_env(options),
           preparation: preparation,
           **command_execution_options(options)
@@ -221,13 +232,14 @@ module AgentHarness
         duration = Time.now - start_time
 
         response = parse_response(result, duration: duration, llm_history_path: llm_history_path)
-        if runtime&.model
+        effective_runtime_model = normalized_model_name(runtime&.model)
+        if effective_runtime_model
           response = Response.new(
             output: response.output,
             exit_code: response.exit_code,
             duration: response.duration,
             provider: response.provider,
-            model: runtime.model,
+            model: effective_runtime_model,
             tokens: response.tokens,
             metadata: response.metadata,
             error: response.error
@@ -259,10 +271,8 @@ module AgentHarness
           cmd += ["--llm-history-file", options[:llm_history_path]]
         end
 
-        model = runtime&.model || @config.model
-        if model && !model.empty?
-          cmd += ["--model", model]
-        end
+        model = effective_model_name(runtime)
+        cmd += ["--model", model] if model
 
         if options[:session]
           cmd += session_flags(options[:session])
@@ -316,11 +326,11 @@ module AgentHarness
       COMMON_SHELL_COMMAND_PATTERN =
         /\A(?:git|bundle|ruby|python\d*(?:\.\d+)?|uv|npm|yarn|pnpm|node|bash|sh|zsh|make|rake|rspec|rails|go|pytest|bin\/[\w.-]+|sed|rg|grep|find|ls|cat|cp|mv|rm|mkdir|touch|chmod|chown|docker|kubectl)\z/
       EXECUTOR_LLM_HISTORY_TIMEOUT = 10
-
+      HistoryFileHandle = Struct.new(:path)
       def generate_llm_history_path
-        return "/tmp/aider_llm_history_#{Process.pid}_#{SecureRandom.hex(8)}" if sandboxed_environment?
+        return "/tmp/aider_llm_history_#{SecureRandom.hex(8)}.json" if sandboxed_environment?
 
-        File.join(Dir.tmpdir, "aider_llm_history_#{Process.pid}_#{SecureRandom.hex(8)}")
+        File.join(Dir.tmpdir, "aider_llm_history_#{Process.pid}_#{SecureRandom.hex(8)}.json")
       end
 
       def parse_token_usage(result, llm_history_path:)
@@ -328,11 +338,18 @@ module AgentHarness
         # Prefer the request-local history file when it includes a token report,
         # but fall back to captured command output because the usage summary is
         # printed there during normal runs.
-        parse_token_usage_text(safe_read_llm_history(llm_history_path), source: :history) ||
+        parse_token_usage_history_content(safe_read_llm_history(llm_history_path)) ||
           parse_token_usage_text(result.stdout, source: :output) ||
           parse_token_usage_text(result.stderr, source: :output)
       end
 
+      def parse_token_usage_history_content(content)
+        return nil if content.nil? || content.strip.empty?
+
+        aggregate_token_counts(parse_history_entries(content)) ||
+          parse_token_usage_text(content, source: :history)
+      end
+
       def read_llm_history(path)
         return read_executor_llm_history(path) if sandboxed_environment?
         return nil unless path && File.exist?(path) && !File.zero?(path)
@@ -362,10 +379,67 @@ module AgentHarness
 
         input = parse_token_count(match[:input])
         output = parse_token_count(match[:output])
+        return nil if input.negative? || output.negative?
 
         {input: input, output: output, total: input + output}
       end
 
+      def parse_history_entries(content)
+        parsed = JSON.parse(content)
+        case parsed
+        when Array
+          parsed
+        when Hash
+          [parsed]
+        end
+      rescue JSON::ParserError
+        parsed_lines = []
+
+        content.each_line do |line|
+          next if line.strip.empty?
+
+          parsed_lines << JSON.parse(line)
+        rescue JSON::ParserError
+          return nil
+        end
+
+        parsed_lines.empty? ? nil : parsed_lines
+      end
+
+      def aggregate_token_counts(entries)
+        return nil unless entries&.any?
+
+        total_input = 0
+        total_output = 0
+        found = false
+
+        entries.each do |entry|
+          usage = find_usage_in_entry(entry)
+          next unless usage
+
+          input = token_count_for(usage, "prompt_tokens", "input_tokens", "promptTokens", "inputTokens")
+          output = token_count_for(usage, "completion_tokens", "output_tokens", "completionTokens", "outputTokens")
+          next if input.nil? && output.nil?
+
+          total_input += input || 0
+          total_output += output || 0
+          found = true
+        end
+
+        return nil unless found
+
+        {input: total_input, output: total_output, total: total_input + total_output}
+      end
+
+      def find_usage_in_entry(entry)
+        return nil unless entry.is_a?(Hash)
+
+        select_best_usage_payload([
+          entry["usage"],
+          nested_hash_value(entry, "response", "usage")
+        ])
+      end
+
       def extract_history_token_usage_match(content)
         lines = content.lines
 
@@ -513,6 +587,16 @@ module AgentHarness
         (normalized.to_f * multiplier).round
       end
 
+      def prepare_llm_history_file!
+        if sandboxed_environment?
+          @aider_history_path = generate_llm_history_path
+        else
+          path = reserve_local_llm_history_path
+          @aider_history_tempfile = HistoryFileHandle.new(path)
+          path
+        end
+      end
+
       def cleanup_llm_history_file!(path)
         return unless path
 
@@ -522,6 +606,9 @@ module AgentHarness
       rescue => e
         log_debug("llm_history_cleanup_error", error: e.message)
         nil
+      ensure
+        clear_local_history_handle!(path)
+        clear_executor_history_path!(path)
       end
 
       def validate_runtime_flags!(flags)
@@ -573,6 +660,37 @@ module AgentHarness
         log_debug("llm_history_cleanup_error", error: e.message)
         nil
       end
+
+      MAX_HISTORY_PATH_ATTEMPTS = 10
+
+      def reserve_local_llm_history_path
+        MAX_HISTORY_PATH_ATTEMPTS.times do
+          path = generate_llm_history_path
+
+          begin
+            File.open(path, File::WRONLY | File::CREAT | File::EXCL, 0o600, &:close)
+            return path
+          rescue Errno::EEXIST
+            next
+          end
+        end
+
+        raise "failed to reserve unique LLM history path after #{MAX_HISTORY_PATH_ATTEMPTS} attempts"
+      end
+
+      def clear_local_history_handle!(path)
+        return unless defined?(@aider_history_tempfile)
+        return unless @aider_history_tempfile&.path == path
+
+        @aider_history_tempfile = nil
+      end
+
+      def clear_executor_history_path!(path)
+        return unless defined?(@aider_history_path)
+        return unless @aider_history_path == path
+
+        @aider_history_path = nil
+      end
     end
   end
 end

data/lib/agent_harness/providers/anthropic.rb

@@ -297,6 +297,10 @@ module AgentHarness
       end
 
       def send_message(prompt:, **options)
+        if options[:mode] == :text
+          return send_text_message(prompt, **options.except(:mode))
+        end
+
         super
       ensure
         cleanup_mcp_tempfiles!
@@ -317,6 +321,14 @@ module AgentHarness
         ["--mcp-config", config_path]
       end
 
+      def supports_tool_control?
+        true
+      end
+
+      def supports_text_mode?
+        true
+      end
+
       def dangerous_mode_flags
         ["--dangerously-skip-permissions"]
       end
@@ -325,6 +337,10 @@ module AgentHarness
         :oauth
       end
 
+      def supports_token_counting?
+        true
+      end
+
       def execution_semantics
         {
           prompt_delivery: :arg,
@@ -401,6 +417,22 @@ module AgentHarness
 
       protected
 
+      # All tools the Claude CLI exposes by default.
+      # Used to build the --disallowedTools list when tools: :none is requested.
+      ALL_CLI_TOOLS = %w[
+        Agent
+        Bash
+        Read
+        Edit
+        Write
+        Grep
+        Glob
+        WebFetch
+        WebSearch
+        TodoWrite
+        NotebookEdit
+      ].freeze
+
       def build_command(prompt, options)
         cmd = [self.class.binary_name]
 
@@ -411,6 +443,14 @@ module AgentHarness
           cmd += ["--model", @config.model]
         end
 
+        # Add permission mode for tool-disabled requests (belt-and-suspenders)
+        if options[:tools]
+          # Skip --permission-mode plan when dangerous_mode is active, since
+          # --dangerously-skip-permissions would override it anyway.
+          # The --disallowedTools flags still provide the primary protection.
+          cmd += build_tool_control_flags(options[:tools], skip_permission_mode: options[:dangerous_mode])
+        end
+
         # Add dangerous mode if requested
         if options[:dangerous_mode] && supports_dangerous_mode?
           cmd += dangerous_mode_flags
@@ -463,6 +503,67 @@ module AgentHarness
 
       private
 
+      def send_text_message(prompt, **options)
+        api_key = resolve_text_mode_api_key
+        model = options[:model] || @config.model
+        timeout = options[:timeout] || @config.timeout || default_timeout
+        max_tokens = options[:max_tokens]
+
+        transport = TextTransport.new(api_key: api_key, logger: @logger)
+
+        kwargs = {model: model, timeout: timeout}
+        kwargs[:max_tokens] = max_tokens if max_tokens
+
+        response = transport.send_message(prompt, **kwargs)
+
+        # Apply runtime model override if present
+        runtime = options[:provider_runtime]
+        runtime = ProviderRuntime.wrap(runtime) if runtime.is_a?(Hash)
+        if runtime&.model
+          response = Response.new(
+            output: response.output,
+            exit_code: response.exit_code,
+            duration: response.duration,
+            provider: response.provider,
+            model: runtime.model,
+            tokens: response.tokens,
+            metadata: response.metadata,
+            error: response.error
+          )
+        end
+
+        track_tokens(response) if response.tokens
+
+        log_debug("send_text_message_complete",
+          duration: response.duration,
+          tokens: response.tokens,
+          transport: :http)
+
+        response
+      end
+
+      # Resolve the API key for text mode, validating that the caller's
+      # credentials support direct API access without silently shifting
+      # billing from subscription to API-metered usage.
+      #
+      # @return [String] the API key
+      # @raise [AuthMismatchError] if no API key is available
+      def resolve_text_mode_api_key
+        api_key = ENV["ANTHROPIC_API_KEY"]
+
+        if api_key.nil? || api_key.strip.empty?
+          raise AuthMismatchError.new(
+            "Text mode requires an ANTHROPIC_API_KEY for direct API access. " \
+            "OAuth/subscription credentials cannot be used for HTTP transport " \
+            "because it would silently shift billing to API-metered usage. " \
+            "Set ANTHROPIC_API_KEY or use the default CLI mode instead.",
+            provider: :claude
+          )
+        end
+
+        api_key.strip
+      end
+
       def parse_json_output(output)
         return nil if output.nil? || output.empty?
 
@@ -612,6 +713,23 @@ module AgentHarness
         end
       end
 
+      def build_tool_control_flags(tools_option, skip_permission_mode: false)
+        tool_names = case tools_option
+        when :none
+          ALL_CLI_TOOLS
+        when Array
+          tools_option
+        else
+          return []
+        end
+
+        return [] if tool_names.empty?
+
+        flags = tool_names.flat_map { |tool| ["--disallowedTools", tool] }
+        flags = ["--permission-mode", "plan"] + flags unless skip_permission_mode
+        flags
+      end
+
       def log_debug(action, **context)
         @logger&.debug("[AgentHarness::Anthropic] #{action}: #{context.inspect}")
       end

data/lib/agent_harness/providers/base.rb

@@ -104,6 +104,26 @@ module AgentHarness
       def send_message(prompt:, **options)
         log_debug("send_message_start", prompt_length: prompt.length, options: options.keys)
 
+        # Text mode: fall back to CLI with tools disabled when the provider
+        # does not have an HTTP text transport.  Providers that support text
+        # mode (e.g. Anthropic) override send_message to intercept this
+        # before reaching Base.
+        if options[:mode] == :text && !supports_text_mode?
+          log_debug("text_mode_cli_fallback", provider: self.class.provider_name)
+          options = options.except(:mode).merge(tools: :none)
+        end
+
+        # Warn when tools option is passed to a provider that doesn't support it
+        if options[:tools] && !supports_tool_control?
+          log_debug("tools_option_unsupported",
+            provider: self.class.provider_name,
+            tools: options[:tools])
+          @logger&.warn(
+            "[AgentHarness::#{self.class.provider_name}] tools option is not supported " \
+            "by this provider and will be ignored"
+          )
+        end
+
         # Coerce provider_runtime from Hash if needed
         options = normalize_provider_runtime(options)