RubyGems - elelem - Versions diffs - 0.9.1 → 0.10.0 - Mend

elelem 0.9.1 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +34 -0
data/README.md +93 -16
data/Rakefile +0 -11
data/exe/elelem +2 -79
data/lib/elelem/agent.rb +33 -124
data/lib/elelem/commands.rb +33 -0
data/lib/elelem/conversation.rb +25 -0
data/lib/elelem/mcp/oauth.rb +217 -0
data/lib/elelem/mcp/token_storage.rb +60 -0
data/lib/elelem/mcp.rb +164 -17
data/lib/elelem/net/claude.rb +6 -4
data/lib/elelem/net/ollama.rb +5 -2
data/lib/elelem/net/openai.rb +6 -4
data/lib/elelem/net.rb +0 -3
data/lib/elelem/permissions.rb +45 -0
data/lib/elelem/plugins/builtins.rb +96 -0
data/lib/elelem/plugins/edit.rb +3 -3
data/lib/elelem/plugins/eval.rb +4 -4
data/lib/elelem/plugins/execute.rb +5 -5
data/lib/elelem/plugins/git.rb +20 -0
data/lib/elelem/plugins/glob.rb +13 -0
data/lib/elelem/plugins/grep.rb +21 -0
data/lib/elelem/plugins/list.rb +14 -0
data/lib/elelem/plugins/mcp.rb +14 -8
data/lib/elelem/plugins/permissions.json +6 -0
data/lib/elelem/plugins/read.rb +6 -6
data/lib/elelem/plugins/task.rb +14 -0
data/lib/elelem/plugins/tools.rb +13 -0
data/lib/elelem/plugins/verify.rb +4 -4
data/lib/elelem/plugins/write.rb +17 -6
data/lib/elelem/plugins/zz_confirm.rb +9 -0
data/lib/elelem/plugins.rb +6 -6
data/lib/elelem/system_prompt.rb +123 -29
data/lib/elelem/terminal.rb +7 -1
data/lib/elelem/tool.rb +6 -15
data/lib/elelem/toolbox.rb +13 -4
data/lib/elelem/version.rb +1 -1
data/lib/elelem.rb +96 -5
metadata +99 -3
data/lib/elelem/plugins/confirm.rb +0 -12
data/lib/elelem/templates/system_prompt.erb +0 -53

data/lib/elelem/mcp/oauth.rb ADDED Viewed

@@ -0,0 +1,217 @@
+# frozen_string_literal: true
+module Elelem
+  class MCP
+    class OAuth
+      CALLBACK_PORT = 18273
+      REDIRECT_URI = "http://127.0.0.1:#{CALLBACK_PORT}/callback"
+      def initialize(resource_url, http: Elelem::Net.http)
+        @resource_url = resource_url
+        @http = http
+        @storage = TokenStorage.new
+      end
+      def token
+        stored = @storage.load(@resource_url)
+        return stored[:access_token] if stored && !expired?(stored)
+        return refresh(stored[:refresh_token]) if stored&.dig(:refresh_token)
+        authorize
+      end
+      private
+      def expired?(stored)
+        return false unless stored[:expires_at]
+        Time.now.to_i >= stored[:expires_at] - 60
+      end
+      def authorize
+        metadata = discover_auth_server
+        client = load_or_register_client(metadata)
+        verifier, challenge = generate_pkce
+        state = SecureRandom.hex(16)
+        auth_url = build_auth_url(metadata, client, challenge, state)
+        open_browser(auth_url)
+        code = wait_for_callback(state)
+        tokens = exchange_code(metadata, client, code, verifier)
+        @storage.save(
+          @resource_url,
+          access_token: tokens["access_token"],
+          refresh_token: tokens["refresh_token"],
+          expires_in: tokens["expires_in"]
+        )
+        tokens["access_token"]
+      end
+      def refresh(refresh_token)
+        metadata = discover_auth_server
+        client = load_or_register_client(metadata)
+        uri = URI.parse(metadata["token_endpoint"])
+        body = {
+          grant_type: "refresh_token",
+          refresh_token: refresh_token,
+          client_id: client[:client_id]
+        }
+        response = post_form(uri, body)
+        tokens = JSON.parse(response.body)
+        @storage.save(
+          @resource_url,
+          access_token: tokens["access_token"],
+          refresh_token: tokens["refresh_token"] || refresh_token,
+          expires_in: tokens["expires_in"]
+        )
+        tokens["access_token"]
+      rescue StandardError => e
+        warn "Token refresh failed: #{e.message}"
+        authorize
+      end
+      def discover_auth_server
+        resource_uri = URI.parse(@resource_url)
+        metadata_url = "#{resource_uri.scheme}://#{resource_uri.host}/.well-known/oauth-protected-resource"
+        resource_metadata = fetch_json(metadata_url)
+        auth_server_url = resource_metadata["authorization_servers"]&.first
+        raise "No authorization server found" unless auth_server_url
+        auth_metadata_url = "#{auth_server_url}/.well-known/oauth-authorization-server"
+        fetch_json(auth_metadata_url)
+      end
+      def load_or_register_client(metadata)
+        stored = @storage.load_client(@resource_url)
+        return stored if stored
+        client = register_client(metadata)
+        @storage.save_client(@resource_url, client)
+        @storage.load_client(@resource_url)
+      end
+      def register_client(metadata)
+        endpoint = metadata["registration_endpoint"]
+        raise "Dynamic registration not supported" unless endpoint
+        body = {
+          client_name: "elelem",
+          redirect_uris: [REDIRECT_URI],
+          grant_types: %w[authorization_code refresh_token],
+          response_types: ["code"],
+          token_endpoint_auth_method: "none"
+        }
+        response = post_json(endpoint, body)
+        JSON.parse(response.body)
+      end
+      def generate_pkce
+        verifier = SecureRandom.urlsafe_base64(32)
+        challenge = Base64.urlsafe_encode64(
+          Digest::SHA256.digest(verifier),
+          padding: false
+        )
+        [verifier, challenge]
+      end
+      def build_auth_url(metadata, client, challenge, state)
+        params = {
+          response_type: "code",
+          client_id: client[:client_id],
+          redirect_uri: REDIRECT_URI,
+          scope: metadata["scopes_supported"]&.join(" ") || "openid",
+          state: state,
+          code_challenge: challenge,
+          code_challenge_method: "S256"
+        }
+        "#{metadata["authorization_endpoint"]}?#{URI.encode_www_form(params)}"
+      end
+      def open_browser(url)
+        commands = ["xdg-open", "open", "start"]
+        commands.each do |cmd|
+          return if system(cmd, url, out: File::NULL, err: File::NULL)
+        end
+        warn "Open this URL in your browser: #{url}"
+      end
+      def wait_for_callback(expected_state)
+        code = nil
+        @server = WEBrick::HTTPServer.new(
+          Port: CALLBACK_PORT,
+          Logger: WEBrick::Log.new(File::NULL),
+          AccessLog: []
+        )
+        at_exit { @server&.shutdown }
+        @server.mount_proc("/callback") do |req, res|
+          state = req.query["state"]
+          raise "State mismatch" unless state == expected_state
+          code = req.query["code"]
+          res.content_type = "text/html"
+          res.body = "<html><body><h1>Authorization complete</h1><p>You can close this window.</p></body></html>"
+          @server.shutdown
+        end
+        Timeout.timeout(120) { @server.start }
+        code
+      rescue Timeout::Error
+        @server.shutdown
+        raise "OAuth callback timed out"
+      end
+      def exchange_code(metadata, client, code, verifier)
+        uri = URI.parse(metadata["token_endpoint"])
+        body = {
+          grant_type: "authorization_code",
+          code: code,
+          redirect_uri: REDIRECT_URI,
+          client_id: client[:client_id],
+          code_verifier: verifier
+        }
+        response = post_form(uri, body)
+        JSON.parse(response.body)
+      end
+      def fetch_json(url)
+        response = nil
+        @http.get(url) { |r| response = r }
+        JSON.parse(response.body)
+      end
+      def post_json(url, body)
+        response = nil
+        @http.post(
+          url,
+          headers: { "Content-Type" => "application/json" },
+          body: body.to_json
+        ) { |r| response = r }
+        response
+      end
+      def post_form(uri, body)
+        response = nil
+        @http.post(
+          uri.to_s,
+          headers: { "Content-Type" => "application/x-www-form-urlencoded" },
+          body: URI.encode_www_form(body)
+        ) { |r| response = r }
+        response
+      end
+    end
+  end
+end

data/lib/elelem/mcp/token_storage.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+module Elelem
+  class MCP
+    class TokenStorage
+      STORAGE_DIR = File.expand_path("~/.config/elelem/tokens")
+      def initialize
+        FileUtils.mkdir_p(STORAGE_DIR, mode: 0o700)
+      end
+      def save(resource_url, access_token:, refresh_token: nil, expires_in: nil)
+        data = {
+          access_token: access_token,
+          refresh_token: refresh_token,
+          expires_at: expires_in ? Time.now.to_i + expires_in : nil
+        }
+        path = token_path(resource_url)
+        File.write(path, data.to_json)
+        File.chmod(0o600, path)
+      end
+      def load(resource_url)
+        path = token_path(resource_url)
+        return nil unless File.exist?(path)
+        JSON.parse(File.read(path), symbolize_names: true)
+      rescue JSON::ParserError
+        nil
+      end
+      def save_client(resource_url, client_data)
+        path = client_path(resource_url)
+        File.write(path, client_data.to_json)
+        File.chmod(0o600, path)
+      end
+      def load_client(resource_url)
+        path = client_path(resource_url)
+        return nil unless File.exist?(path)
+        JSON.parse(File.read(path), symbolize_names: true)
+      rescue JSON::ParserError
+        nil
+      end
+      private
+      def token_path(resource_url)
+        hash = Digest::SHA256.hexdigest(resource_url)[0, 16]
+        File.join(STORAGE_DIR, "#{hash}.json")
+      end
+      def client_path(resource_url)
+        hash = Digest::SHA256.hexdigest(resource_url)[0, 16]
+        File.join(STORAGE_DIR, "#{hash}_client.json")
+      end
+    end
+  end
+end

data/lib/elelem/mcp.rb CHANGED Viewed

@@ -1,9 +1,18 @@
 # frozen_string_literal: true
+require_relative "mcp/token_storage"
+require_relative "mcp/oauth"
 module Elelem
+  # https://modelcontextprotocol.io/specification/2025-11-25/server/tools.md
   class MCP
-    def initialize(config_path = ".mcp.json")
-      @config = File.exist?(config_path) ? JSON.parse(IO.read(config_path)) : {}
+    CONFIG_PATHS = [
+      "~/.elelem/mcp.json",
+      ".elelem/mcp.json"
+    ].freeze
+    def initialize(configurations = CONFIG_PATHS)
+      @config = load_config(configurations)
       @servers = {}
     end
@@ -29,44 +38,83 @@ module Elelem
     private
+    def load_config(configurations)
+      configurations.each_with_object({}) do |path, merged|
+        file = File.expand_path(path)
+        next unless File.exist?(file)
+        config = JSON.parse(IO.read(file))
+        servers = config.fetch("mcpServers", {})
+        merged["mcpServers"] = (merged["mcpServers"] || {}).merge(servers)
+      end
+    end
     def server(name)
-      @servers[name] ||= Server.new(**@config.dig("mcpServers", name).transform_keys(&:to_sym))
+      @servers[name] ||= build_server(@config.dig("mcpServers", name))
     end
-    class Server
-      def initialize(command:, args: [], env: {})
-        resolved_env = env.transform_values { |v| v.gsub(/\$\{(\w+)\}/) { ENV[$1] } }
-        @stdin, @stdout, @stderr, @wait = Open3.popen3(resolved_env, command, *args)
-        @id = 0
-        initialize!
+    def build_server(config)
+      if config["type"] == "http"
+        HttpServer.new(url: config["url"], headers: config["headers"] || {})
+      else
+        Server.new(**config.transform_keys(&:to_sym))
       end
+    end
+    module ServerInterface
       def tools
         request("tools/list")["tools"]
       end
       def call(name, args)
         result = request("tools/call", { name: name, arguments: args })
-        { content: result["content"]&.map { |c| c["text"] }&.join("\n") }
+        logger.info({ tool: name, args: args, result: result }.to_json)
+        content = extract_content(result)
+        result["isError"] ? { error: content } : { content: content }
       end
-      def close
-        @stdin.close rescue nil
-        @stdout.close rescue nil
-        @stderr.close rescue nil
-        @wait.kill rescue nil
+      def extract_content(result)
+        if (structured = result["structuredContent"])
+          structured
+        else
+          result["content"]&.map { |c| c["text"] }&.join("\n")
+        end
+      end
+      def logger
+        @logger ||= Logger.new(File.expand_path("~/.elelem/mcp.log"))
       end
       private
-      def initialize!
+      def handshake!
         request("initialize", {
-          protocolVersion: "2024-11-05",
+          protocolVersion: "2025-06-18",
           capabilities: {},
           clientInfo: { name: "elelem", version: VERSION }
         })
         notify("notifications/initialized")
       end
+    end
+    class Server
+      include ServerInterface
+      def initialize(command:, args: [], env: {})
+        resolved_env = env.transform_values do |v|
+          v.gsub(/\$\{(\w+)\}/) { ENV[$1] || raise("Missing environment variable: #{$1}") }
+        end
+        @stdin, @stdout, @stderr, @wait = Open3.popen3(resolved_env, command, *args)
+        @id = 0
+        handshake!
+      end
+      def close
+        [@stdin, @stdout, @stderr].each { |io| io.close rescue nil }
+        @wait.kill rescue nil
+      end
+      private
       def request(method, params = {})
         send_msg(id: @id += 1, method: method, params: params)
@@ -92,5 +140,104 @@ module Elelem
         end
       end
     end
+    class HttpServer
+      include ServerInterface
+      def initialize(url:, headers: {}, http: Elelem::Net.http)
+        @url = url
+        @headers = resolve_headers(headers)
+        @http = http
+        @id = 0
+        @session_id = nil
+        @access_token = nil
+        handshake!
+      end
+      def close
+      end
+      private
+      def resolve_headers(headers)
+        headers.transform_values do |v|
+          v.gsub(/\$\{(\w+)\}/) do
+            ENV[$1] || raise("Missing environment variable: #{$1}")
+          end
+        end
+      end
+      def request(method, params = {})
+        msg = { jsonrpc: "2.0", id: @id += 1, method: method, params: params }
+        response = post(msg)
+        raise response["error"]["message"] if response["error"]
+        response["result"]
+      end
+      def notify(method, params = {})
+        msg = { jsonrpc: "2.0", method: method, params: params }
+        post(msg)
+      end
+      def post(msg, retry_auth: true)
+        result = nil
+        needs_auth = false
+        error = nil
+        @http.post(@url, headers: request_headers, body: msg) do |response|
+          case response
+          when ::Net::HTTPSuccess
+            @session_id ||= response["Mcp-Session-Id"]
+            result = parse_response(response)
+          when ::Net::HTTPUnauthorized
+            needs_auth = true
+          else
+            error = "HTTP #{response.code}: #{response.body}"
+          end
+        end
+        raise error if error
+        if needs_auth
+          raise "Authorization failed" unless retry_auth
+          @access_token = OAuth.new(@url, http: @http).token
+          return post(msg, retry_auth: false)
+        end
+        result
+      end
+      def request_headers
+        base = { "Accept" => "application/json, text/event-stream" }
+        base["Mcp-Session-Id"] = @session_id if @session_id
+        base["Authorization"] = "Bearer #{@access_token}" if @access_token
+        @headers.merge(base)
+      end
+      def parse_response(response)
+        if response.content_type&.include?("text/event-stream")
+          parse_sse(response)
+        elsif response.body && !response.body.empty?
+          JSON.parse(response.body)
+        end
+      end
+      def parse_sse(response)
+        buffer = String.new
+        result = nil
+        response.read_body do |chunk|
+          buffer << chunk
+          while (index = buffer.index("\n"))
+            line = buffer.slice!(0, index + 1).strip
+            next unless line.start_with?("data: ")
+            result = JSON.parse(line.delete_prefix("data: "))
+          end
+        end
+        result
+      end
+    end
   end
 end

data/lib/elelem/net/claude.rb CHANGED Viewed

@@ -38,7 +38,7 @@ module Elelem
           handle_event(event, tool_calls, &block)
         end
-        finalize_tool_calls(tool_calls)
+        finalize_tool_calls(tool_calls, &block)
       end
       private
@@ -72,19 +72,21 @@ module Elelem
         case delta["type"]
         when "text_delta"
-          block.call(content: delta["text"], thinking: nil)
+          block.call(type: "saying", text: delta["text"])
         when "thinking_delta"
-          block.call(content: nil, thinking: delta["thinking"])
+          block.call(type: "thinking", text: delta["thinking"])
         when "input_json_delta"
           tool_calls.last[:args] << delta["partial_json"].to_s if tool_calls.any?
         end
       end
-      def finalize_tool_calls(tool_calls)
+      def finalize_tool_calls(tool_calls, &block)
         tool_calls.each do |tool_call|
           args = tool_call.delete(:args)
           tool_call[:arguments] = args.empty? ? {} : JSON.parse(args)
+          block.call(type: "tool_call", id: tool_call[:id], name: tool_call[:name], arguments: tool_call[:arguments])
         end
+        tool_calls
       end
       def stream(messages, system_prompt, tools)

data/lib/elelem/net/ollama.rb CHANGED Viewed

@@ -35,11 +35,14 @@ module Elelem
         message = event["message"] || {}
         unless event["done"]
-          block.call(content: message["content"], thinking: message["thinking"])
+          block.call(type: "saying", text: message["content"]) if message["content"]
+          block.call(type: "thinking", text: message["thinking"]) if message["thinking"]
         end
         if message["tool_calls"]
-          tool_calls.concat(parse_tool_calls(message["tool_calls"]))
+          parsed = parse_tool_calls(message["tool_calls"])
+          parsed.each { |tc| block.call(type: "tool_call", **tc) }
+          tool_calls.concat(parsed)
         end
       end

data/lib/elelem/net/openai.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module Elelem
           handle_event(event, tool_calls, &block)
         end
-        finalize_tool_calls(tool_calls)
+        finalize_tool_calls(tool_calls, &block)
       end
       private
@@ -30,7 +30,7 @@ module Elelem
       def handle_event(event, tool_calls, &block)
         delta = event.dig("choices", 0, "delta") || {}
-        block.call(content: delta["content"], thinking: nil) if delta["content"]
+        block.call(type: "saying", text: delta["content"]) if delta["content"]
         accumulate_tool_calls(delta["tool_calls"], tool_calls) if delta["tool_calls"]
       end
@@ -72,13 +72,15 @@ module Elelem
         end
       end
-      def finalize_tool_calls(tool_calls)
+      def finalize_tool_calls(tool_calls, &block)
         tool_calls.values.map do |tool_call|
-          {
+          result = {
             id: tool_call[:id],
             name: tool_call[:name],
             arguments: JSON.parse(tool_call[:args])
           }
+          block.call(type: "tool_call", **result)
+          result
         end
       end
     end

data/lib/elelem/net.rb CHANGED Viewed

@@ -1,8 +1,5 @@
 # frozen_string_literal: true
-require "net/hippie"
-require "json"
 require_relative "net/ollama"
 require_relative "net/openai"
 require_relative "net/claude"

data/lib/elelem/permissions.rb ADDED Viewed

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+module Elelem
+  class Permissions
+    LOAD_PATHS = [
+      File.expand_path("plugins/permissions.json", __dir__),
+      "~/.elelem/permissions.json",
+      ".elelem/permissions.json"
+    ].freeze
+    def initialize
+      @rules = LOAD_PATHS.reduce({}) do |rules, path|
+        rules.merge(load_config(File.expand_path(path)))
+      end
+    end
+    def check(tool_name, args, terminal:)
+      policy = @rules[tool_name.to_sym] || :ask
+      case policy
+      when :allow then true
+      when :deny then raise "Permission denied: #{tool_name}"
+      when :ask then prompt(tool_name, args, terminal)
+      end
+    end
+    private
+    def load_config(path)
+      return {} unless File.exist?(path)
+      JSON.parse(File.read(path)).transform_keys(&:to_sym).transform_values(&:to_sym)
+    rescue JSON::ParserError
+      {}
+    end
+    def prompt(tool_name, args, terminal)
+      return true unless $stdin.tty?
+      answer = terminal.ask("  Allow? [Y/n] > ")&.downcase
+      raise "User denied permission: #{tool_name}" if answer == "n"
+      true
+    end
+  end
+end