@actagent/acpx 2026.6.2

package/src/codex-trust-config.ts

@@ -0,0 +1,304 @@
+/**
+ * Builds isolated Codex config for ACPX sessions. It preserves safe inherited
+ * runtime options while rendering only trusted project entries for the session.
+ */
+import path from "node:path";
+
+function stripTomlComment(line: string): string {
+  let quote: "'" | '"' | null = null;
+  let escaping = false;
+  for (let index = 0; index < line.length; index += 1) {
+    const ch = line[index];
+    if (escaping) {
+      escaping = false;
+      continue;
+    }
+    if (quote === '"' && ch === "\\") {
+      escaping = true;
+      continue;
+    }
+    if (quote) {
+      if (ch === quote) {
+        quote = null;
+      }
+      continue;
+    }
+    if (ch === "'" || ch === '"') {
+      quote = ch;
+      continue;
+    }
+    if (ch === "#") {
+      return line.slice(0, index);
+    }
+  }
+  return line;
+}
+
+function parseTomlString(value: string): string | undefined {
+  const trimmed = value.trim();
+  if (trimmed.startsWith('"') && trimmed.endsWith('"')) {
+    try {
+      return JSON.parse(trimmed) as string;
+    } catch {
+      return undefined;
+    }
+  }
+  if (trimmed.startsWith("'") && trimmed.endsWith("'")) {
+    return trimmed.slice(1, -1);
+  }
+  return undefined;
+}
+
+function parseTomlDottedKey(value: string): string[] {
+  const parts: string[] = [];
+  let current = "";
+  let quote: "'" | '"' | null = null;
+  let escaping = false;
+
+  for (const ch of value.trim()) {
+    if (escaping) {
+      current += ch;
+      escaping = false;
+      continue;
+    }
+    if (quote === '"' && ch === "\\") {
+      current += ch;
+      escaping = true;
+      continue;
+    }
+    if (quote) {
+      current += ch;
+      if (ch === quote) {
+        quote = null;
+      }
+      continue;
+    }
+    if (ch === "'" || ch === '"') {
+      quote = ch;
+      current += ch;
+      continue;
+    }
+    if (ch === ".") {
+      parts.push(current.trim());
+      current = "";
+      continue;
+    }
+    current += ch;
+  }
+  if (current.trim()) {
+    parts.push(current.trim());
+  }
+  return parts.map((part) => parseTomlString(part) ?? part);
+}
+
+function parseProjectHeader(line: string): string | undefined {
+  const trimmed = line.trim();
+  if (!trimmed.startsWith("[") || !trimmed.endsWith("]") || trimmed.startsWith("[[")) {
+    return undefined;
+  }
+  const parts = parseTomlDottedKey(trimmed.slice(1, -1));
+  return parts.length === 2 && parts[0] === "projects" ? parts[1] : undefined;
+}
+
+function parseTrustedInlineProjectEntries(value: string): string[] {
+  const trusted: string[] = [];
+  const entryPattern =
+    /(?<key>"(?:\\.|[^"\\])*"|'[^']*'|[A-Za-z0-9_\-/.~:]+)\s*=\s*\{(?<body>[^{}]*(?:\{[^{}]*\}[^{}]*)*)\}/g;
+  for (const match of value.matchAll(entryPattern)) {
+    const key = match.groups?.key;
+    const body = match.groups?.body;
+    if (!key || !body || !/\btrust_level\s*=\s*["']trusted["']/.test(body)) {
+      continue;
+    }
+    const projectPath = parseTomlString(key) ?? key.trim();
+    if (projectPath) {
+      trusted.push(projectPath);
+    }
+  }
+  return trusted;
+}
+
+/** Extract trusted project paths from Codex TOML config. */
+export function extractTrustedCodexProjectPaths(configToml: string): string[] {
+  const trusted = new Set<string>();
+  let currentProjectPath: string | undefined;
+  let inProjectsTable = false;
+
+  for (const rawLine of configToml.split(/\r?\n/)) {
+    const line = stripTomlComment(rawLine).trim();
+    if (!line) {
+      continue;
+    }
+    if (line.startsWith("[")) {
+      currentProjectPath = parseProjectHeader(line);
+      inProjectsTable = line === "[projects]";
+      continue;
+    }
+
+    if (currentProjectPath && /^trust_level\s*=\s*["']trusted["']\s*$/.test(line)) {
+      trusted.add(currentProjectPath);
+      continue;
+    }
+
+    const assignment =
+      /^(?<key>"(?:\\.|[^"\\])*"|'[^']*'|[A-Za-z0-9_\-/.~:]+)\s*=\s*(?<value>.+)$/.exec(line);
+    if (!assignment?.groups) {
+      continue;
+    }
+
+    const key = parseTomlString(assignment.groups.key) ?? assignment.groups.key;
+    const value = assignment.groups.value.trim();
+    if (inProjectsTable && /^\{.*\}$/.test(value)) {
+      if (/\btrust_level\s*=\s*["']trusted["']/.test(value) && key) {
+        trusted.add(key);
+      }
+      continue;
+    }
+    if (key === "projects" || inProjectsTable) {
+      for (const projectPath of parseTrustedInlineProjectEntries(value)) {
+        trusted.add(projectPath);
+      }
+    }
+  }
+
+  return Array.from(trusted);
+}
+
+const INHERITED_TOP_LEVEL_CODEX_CONFIG_KEYS = new Set([
+  "model",
+  "model_provider",
+  "model_reasoning_effort",
+  "sandbox_mode",
+]);
+
+const INHERITED_MODEL_PROVIDER_CONFIG_KEYS = new Set([
+  "name",
+  "base_url",
+  "wire_api",
+  "env_key",
+  "env_key_instructions",
+  "requires_openai_auth",
+  "request_max_retries",
+  "stream_max_retries",
+  "stream_idle_timeout_ms",
+]);
+
+function parseTableHeader(line: string): string[] | undefined {
+  const trimmed = line.trim();
+  if (!trimmed.startsWith("[") || !trimmed.endsWith("]") || trimmed.startsWith("[[")) {
+    return undefined;
+  }
+  return parseTomlDottedKey(trimmed.slice(1, -1));
+}
+
+function isInheritedModelProviderTable(parts: string[] | undefined): boolean {
+  return parts?.[0] === "model_providers" && parts.length === 2;
+}
+
+function parseTopLevelAssignmentKey(line: string): string | undefined {
+  const assignment = /^(?<key>[A-Za-z0-9_-]+)\s*=\s*(?<value>.+)$/.exec(line);
+  return assignment?.groups?.key;
+}
+
+function extractInheritedCodexRuntimeConfig(configToml: string): string {
+  const inheritedLines: string[] = [];
+  let inAnyTable = false;
+  let inInheritedTable = false;
+  let pendingInheritedTableHeader = "";
+
+  function flushInheritedTableHeader(): void {
+    if (!pendingInheritedTableHeader) {
+      return;
+    }
+    if (inheritedLines.length > 0 && inheritedLines[inheritedLines.length - 1] !== "") {
+      inheritedLines.push("");
+    }
+    inheritedLines.push(pendingInheritedTableHeader);
+    pendingInheritedTableHeader = "";
+  }
+
+  for (const rawLine of configToml.split(/\r?\n/)) {
+    const trimmedLine = rawLine.trim();
+    const semanticLine = stripTomlComment(rawLine).trim();
+
+    if (trimmedLine.startsWith("[")) {
+      const tableParts = parseTableHeader(trimmedLine);
+      inAnyTable = true;
+      inInheritedTable = isInheritedModelProviderTable(tableParts);
+      if (inInheritedTable) {
+        pendingInheritedTableHeader = rawLine.trimEnd();
+      } else {
+        pendingInheritedTableHeader = "";
+      }
+      continue;
+    }
+
+    if (inInheritedTable) {
+      if (!semanticLine) {
+        continue;
+      }
+      const key = parseTopLevelAssignmentKey(semanticLine);
+      if (!key || !INHERITED_MODEL_PROVIDER_CONFIG_KEYS.has(key)) {
+        continue;
+      }
+      flushInheritedTableHeader();
+      inheritedLines.push(rawLine.trimEnd());
+      continue;
+    }
+
+    if (inAnyTable) {
+      continue;
+    }
+
+    const key = parseTopLevelAssignmentKey(semanticLine);
+    if (!key) {
+      continue;
+    }
+    if (!INHERITED_TOP_LEVEL_CODEX_CONFIG_KEYS.has(key)) {
+      continue;
+    }
+    inheritedLines.push(rawLine.trimEnd());
+  }
+
+  while (inheritedLines.length > 0 && inheritedLines[inheritedLines.length - 1] === "") {
+    inheritedLines.pop();
+  }
+  return inheritedLines.join("\n");
+}
+
+/** Render a session-local Codex config with inherited runtime settings and trust entries. */
+export function renderIsolatedCodexConfig(params: {
+  sourceConfigToml?: string;
+  projectPaths: string[];
+}): string {
+  const normalized = Array.from(
+    new Set(
+      params.projectPaths
+        .map((projectPath) => projectPath.trim())
+        .filter(Boolean)
+        .map((projectPath) => path.resolve(projectPath)),
+    ),
+  ).toSorted((left, right) => left.localeCompare(right));
+
+  const inheritedConfig = params.sourceConfigToml
+    ? extractInheritedCodexRuntimeConfig(params.sourceConfigToml)
+    : "";
+
+  return [
+    "# Generated by ACTAgent for Codex ACP sessions.",
+    inheritedConfig,
+    ...normalized.flatMap((projectPath) => [
+      "",
+      `[projects.${JSON.stringify(projectPath)}]`,
+      'trust_level = "trusted"',
+    ]),
+    "",
+  ]
+    .filter((line, index, lines) => !(line === "" && lines[index - 1] === ""))
+    .join("\n");
+}
+
+/** Render only the project trust section for a session-local Codex config. */
+export function renderIsolatedCodexProjectTrustConfig(projectPaths: string[]): string {
+  return renderIsolatedCodexConfig({ projectPaths });
+}

package/src/command-line.ts

@@ -0,0 +1,56 @@
+/**
+ * Small shell-command helpers for ACPX-launched processes. Splitting supports
+ * simple quoted command strings from config without invoking a shell parser.
+ */
+/** Quote one command argument for display or config serialization. */
+export function quoteCommandPart(value: string): string {
+  return JSON.stringify(value);
+}
+
+/** Split a command string into argv-like parts using simple quote/backslash rules. */
+export function splitCommandParts(value: string): string[] {
+  const parts: string[] = [];
+  let current = "";
+  let quote: "'" | '"' | null = null;
+  let escaping = false;
+
+  for (const ch of value) {
+    if (escaping) {
+      current += ch;
+      escaping = false;
+      continue;
+    }
+    if (ch === "\\" && quote !== "'") {
+      escaping = true;
+      continue;
+    }
+    if (quote) {
+      if (ch === quote) {
+        quote = null;
+      } else {
+        current += ch;
+      }
+      continue;
+    }
+    if (ch === "'" || ch === '"') {
+      quote = ch;
+      continue;
+    }
+    if (/\s/.test(ch)) {
+      if (current) {
+        parts.push(current);
+        current = "";
+      }
+      continue;
+    }
+    current += ch;
+  }
+
+  if (escaping) {
+    current += "\\";
+  }
+  if (current) {
+    parts.push(current);
+  }
+  return parts;
+}

package/src/config-schema.ts

@@ -0,0 +1,130 @@
+/**
+ * ACPX plugin configuration schema and public config types. Runtime setup uses
+ * this file as the single source of truth for validation and defaulting.
+ */
+import { z } from "zod";
+
+const ACPX_PERMISSION_MODES = ["approve-all", "approve-reads", "deny-all"] as const;
+/** Permission policy applied to interactive ACPX tool requests. */
+export type AcpxPermissionMode = (typeof ACPX_PERMISSION_MODES)[number];
+
+const ACPX_NON_INTERACTIVE_POLICIES = ["deny", "fail"] as const;
+/** Permission policy applied when ACPX cannot ask a human for approval. */
+export type AcpxNonInteractivePermissionPolicy = (typeof ACPX_NON_INTERACTIVE_POLICIES)[number];
+
+/** Default session timeout for ACPX runtime turns. */
+export const DEFAULT_ACPX_TIMEOUT_SECONDS = 120;
+
+/** Raw MCP server command config accepted from plugin configuration. */
+export type McpServerConfig = {
+  command: string;
+  args?: string[];
+  env?: Record<string, string>;
+};
+
+/** Normalized MCP server config emitted to the ACPX runtime process. */
+export type AcpxMcpServer = {
+  name: string;
+  command: string;
+  args: string[];
+  env: Array<{ name: string; value: string }>;
+};
+
+/** User-provided ACPX plugin configuration before defaults are resolved. */
+export type AcpxPluginConfig = {
+  cwd?: string;
+  stateDir?: string;
+  probeAgent?: string;
+  permissionMode?: AcpxPermissionMode;
+  nonInteractivePermissions?: AcpxNonInteractivePermissionPolicy;
+  pluginToolsMcpBridge?: boolean;
+  actAgentToolsMcpBridge?: boolean;
+  strictWindowsCmdWrapper?: boolean;
+  timeoutSeconds?: number;
+  queueOwnerTtlSeconds?: number;
+  mcpServers?: Record<string, McpServerConfig>;
+  agents?: Record<string, { command: string; args?: string[] }>;
+};
+
+/** Fully resolved ACPX config consumed by the runtime service. */
+export type ResolvedAcpxPluginConfig = {
+  cwd: string;
+  stateDir: string;
+  probeAgent?: string;
+  permissionMode: AcpxPermissionMode;
+  nonInteractivePermissions: AcpxNonInteractivePermissionPolicy;
+  pluginToolsMcpBridge: boolean;
+  actAgentToolsMcpBridge: boolean;
+  strictWindowsCmdWrapper: boolean;
+  timeoutSeconds?: number;
+  queueOwnerTtlSeconds: number;
+  legacyCompatibilityConfig: {
+    strictWindowsCmdWrapper?: boolean;
+    queueOwnerTtlSeconds?: number;
+  };
+  mcpServers: Record<string, McpServerConfig>;
+  agents: Record<string, string>;
+};
+
+const nonEmptyTrimmedString = (message: string) =>
+  z.string({ error: message }).trim().min(1, { error: message });
+
+const McpServerConfigSchema = z.object({
+  command: nonEmptyTrimmedString("command must be a non-empty string").describe(
+    "Command to run the MCP server",
+  ),
+  args: z
+    .array(z.string({ error: "args must be an array of strings" }), {
+      error: "args must be an array of strings",
+    })
+    .optional()
+    .describe("Arguments to pass to the command"),
+  env: z
+    .record(z.string(), z.string({ error: "env values must be strings" }), {
+      error: "env must be an object of strings",
+    })
+    .optional()
+    .describe("Environment variables for the MCP server"),
+});
+
+/** Zod schema for validating raw ACPX plugin config from ACTAgent config. */
+export const AcpxPluginConfigSchema = z.strictObject({
+  cwd: nonEmptyTrimmedString("cwd must be a non-empty string").optional(),
+  stateDir: nonEmptyTrimmedString("stateDir must be a non-empty string").optional(),
+  probeAgent: nonEmptyTrimmedString("probeAgent must be a non-empty string").optional(),
+  permissionMode: z
+    .enum(ACPX_PERMISSION_MODES, {
+      error: `permissionMode must be one of: ${ACPX_PERMISSION_MODES.join(", ")}`,
+    })
+    .optional(),
+  nonInteractivePermissions: z
+    .enum(ACPX_NON_INTERACTIVE_POLICIES, {
+      error: `nonInteractivePermissions must be one of: ${ACPX_NON_INTERACTIVE_POLICIES.join(", ")}`,
+    })
+    .optional(),
+  pluginToolsMcpBridge: z.boolean({ error: "pluginToolsMcpBridge must be a boolean" }).optional(),
+  actAgentToolsMcpBridge: z
+    .boolean({ error: "actAgentToolsMcpBridge must be a boolean" })
+    .optional(),
+  strictWindowsCmdWrapper: z
+    .boolean({ error: "strictWindowsCmdWrapper must be a boolean" })
+    .optional(),
+  timeoutSeconds: z
+    .number({ error: "timeoutSeconds must be a number >= 0.001" })
+    .min(0.001, { error: "timeoutSeconds must be a number >= 0.001" })
+    .default(DEFAULT_ACPX_TIMEOUT_SECONDS),
+  queueOwnerTtlSeconds: z
+    .number({ error: "queueOwnerTtlSeconds must be a number >= 0" })
+    .min(0, { error: "queueOwnerTtlSeconds must be a number >= 0" })
+    .optional(),
+  mcpServers: z.record(z.string(), McpServerConfigSchema).optional(),
+  agents: z
+    .record(
+      z.string(),
+      z.strictObject({
+        command: nonEmptyTrimmedString("agents.<id>.command must be a non-empty string"),
+        args: z.array(z.string({ error: "args must be an array of strings" })).optional(),
+      }),
+    )
+    .optional(),
+});