@agent-native/core 0.22.17 → 0.22.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client/agent-chat.d.ts.map +1 -1
- package/dist/client/agent-chat.js +19 -6
- package/dist/client/agent-chat.js.map +1 -1
- package/dist/client/embed-auth.d.ts +5 -0
- package/dist/client/embed-auth.d.ts.map +1 -1
- package/dist/client/embed-auth.js +100 -13
- package/dist/client/embed-auth.js.map +1 -1
- package/dist/client/frame.d.ts.map +1 -1
- package/dist/client/frame.js +1 -0
- package/dist/client/frame.js.map +1 -1
- package/dist/client/index.d.ts +1 -1
- package/dist/client/index.d.ts.map +1 -1
- package/dist/client/index.js +1 -1
- package/dist/client/index.js.map +1 -1
- package/dist/client/mcp-app-host.d.ts +5 -0
- package/dist/client/mcp-app-host.d.ts.map +1 -1
- package/dist/client/mcp-app-host.js +267 -2
- package/dist/client/mcp-app-host.js.map +1 -1
- package/dist/client/theme.js +1 -1
- package/dist/client/theme.js.map +1 -1
- package/dist/client/vite-dev-recovery-script.d.ts.map +1 -1
- package/dist/client/vite-dev-recovery-script.js +9 -0
- package/dist/client/vite-dev-recovery-script.js.map +1 -1
- package/dist/index.browser.d.ts +1 -1
- package/dist/index.browser.d.ts.map +1 -1
- package/dist/index.browser.js +1 -1
- package/dist/index.browser.js.map +1 -1
- package/dist/mcp/build-server.d.ts.map +1 -1
- package/dist/mcp/build-server.js +63 -9
- package/dist/mcp/build-server.js.map +1 -1
- package/dist/mcp/embed-app.d.ts.map +1 -1
- package/dist/mcp/embed-app.js +332 -34
- package/dist/mcp/embed-app.js.map +1 -1
- package/dist/server/open-route.d.ts.map +1 -1
- package/dist/server/open-route.js +7 -2
- package/dist/server/open-route.js.map +1 -1
- package/docs/content/client.md +6 -3
- package/docs/content/external-agents.md +34 -16
- package/docs/content/mcp-protocol.md +17 -7
- package/package.json +1 -1
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { EMBED_MODE_QUERY_PARAM, EMBED_TOKEN_QUERY_PARAM, } from "../shared/embed-auth.js";
|
|
1
2
|
/**
|
|
2
3
|
* Synchronous dev-only browser recovery for Vite optimized-dependency races.
|
|
3
4
|
*
|
|
@@ -6,8 +7,16 @@
|
|
|
6
7
|
* `head-prepend` for HTML that does pass through transformIndexHtml.
|
|
7
8
|
*/
|
|
8
9
|
export function getViteDevRecoveryScript() {
|
|
10
|
+
const embedModeParam = JSON.stringify(EMBED_MODE_QUERY_PARAM);
|
|
11
|
+
const embedTokenParam = JSON.stringify(EMBED_TOKEN_QUERY_PARAM);
|
|
9
12
|
return `
|
|
10
13
|
(function() {
|
|
14
|
+
try {
|
|
15
|
+
var params = new URLSearchParams(window.location.search || "");
|
|
16
|
+
var embedded = params.get(${embedModeParam});
|
|
17
|
+
if (params.has(${embedTokenParam}) || embedded === "1" || embedded === "true") return;
|
|
18
|
+
} catch (e) {}
|
|
19
|
+
|
|
11
20
|
var RELOAD_KEY = "__an_optimize_reload";
|
|
12
21
|
var MAX_RELOADS = 3;
|
|
13
22
|
var RESET_AFTER_MS = 8000;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vite-dev-recovery-script.js","sourceRoot":"","sources":["../../src/client/vite-dev-recovery-script.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB;IACtC,OAAO
|
|
1
|
+
{"version":3,"file":"vite-dev-recovery-script.js","sourceRoot":"","sources":["../../src/client/vite-dev-recovery-script.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,sBAAsB,EACtB,uBAAuB,GACxB,MAAM,yBAAyB,CAAC;AAEjC;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB;IACtC,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;IAC9D,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;IAEhE,OAAO;;;;gCAIuB,cAAc;qBACzB,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA0L9B,CAAC;AACP,CAAC;AAED,MAAM,UAAU,iCAAiC;IAC/C,MAAM,OAAO,GACX,MAAM,CAAC,IAGR,CAAC,GAAG,CAAC;IACN,IACE,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,CAAC,GAAG,EAAE,QAAQ,KAAK,YAAY,EACtC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,EAAE,IAAI,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IACzC,IAAI,OAAO,EAAE,GAAG,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IACvC,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import {\n EMBED_MODE_QUERY_PARAM,\n EMBED_TOKEN_QUERY_PARAM,\n} from \"../shared/embed-auth.js\";\n\n/**\n * Synchronous dev-only browser recovery for Vite optimized-dependency races.\n *\n * Keep this script dependency-free and non-module-safe: React Router SSR roots\n * inline it before `<Scripts />`, and the Vite plugin injects it at\n * `head-prepend` for HTML that does pass through transformIndexHtml.\n */\nexport function getViteDevRecoveryScript(): string {\n const embedModeParam = JSON.stringify(EMBED_MODE_QUERY_PARAM);\n const embedTokenParam = JSON.stringify(EMBED_TOKEN_QUERY_PARAM);\n\n return `\n(function() {\n try {\n var params = new URLSearchParams(window.location.search || \"\");\n var embedded = params.get(${embedModeParam});\n if (params.has(${embedTokenParam}) || embedded === \"1\" || embedded === \"true\") return;\n } catch (e) {}\n\n var RELOAD_KEY = \"__an_optimize_reload\";\n var MAX_RELOADS = 3;\n var RESET_AFTER_MS = 8000;\n\n var reloadTimer = null;\n var overlayShown = false;\n\n // Track recent reloads in sessionStorage. If we reload too many times\n // in a short window, stop and show a manual-refresh message instead of\n // looping forever.\n function readReloadHistory() {\n try {\n var raw = sessionStorage.getItem(RELOAD_KEY);\n if (!raw) return [];\n var arr = JSON.parse(raw);\n var cutoff = Date.now() - 30000;\n return Array.isArray(arr) ? arr.filter(function(t) { return t > cutoff; }) : [];\n } catch (e) { return []; }\n }\n function recordReload() {\n try {\n var history = readReloadHistory();\n history.push(Date.now());\n sessionStorage.setItem(RELOAD_KEY, JSON.stringify(history));\n } catch (e) {}\n }\n // Reset the counter after a stable period (page didn't fail again).\n setTimeout(function() {\n try { sessionStorage.removeItem(RELOAD_KEY); } catch (e) {}\n }, RESET_AFTER_MS);\n\n function showOverlay(title, subtitle) {\n if (overlayShown) return;\n overlayShown = true;\n var mount = function() {\n if (!document.body) { setTimeout(mount, 16); return; }\n var el = document.createElement(\"div\");\n el.id = \"__an-reload-overlay\";\n el.style.cssText = [\n \"position:fixed\",\"inset:0\",\"z-index:2147483647\",\n \"display:flex\",\"align-items:center\",\"justify-content:center\",\n \"background:rgba(0,0,0,0.6)\",\"backdrop-filter:blur(8px)\",\n \"-webkit-backdrop-filter:blur(8px)\",\n \"font-family:-apple-system,BlinkMacSystemFont,system-ui,sans-serif\",\n \"color:#fff\",\"font-size:14px\"\n ].join(\";\");\n el.innerHTML =\n '<div style=\"background:#171717;padding:20px 24px;border-radius:12px;' +\n 'border:1px solid rgba(255,255,255,0.1);max-width:340px;text-align:center;' +\n 'box-shadow:0 20px 60px rgba(0,0,0,0.5)\">' +\n '<div style=\"font-weight:600;margin-bottom:6px\">' + title + '</div>' +\n '<div style=\"font-size:12px;opacity:0.7\">' + subtitle + '</div>' +\n '</div>';\n document.body.appendChild(el);\n };\n mount();\n }\n\n function scheduleReload(reason) {\n if (reloadTimer) return;\n var history = readReloadHistory();\n if (history.length >= MAX_RELOADS) {\n console.warn(\"[agent-native] Dev server keeps re-bundling. Manual refresh needed.\", reason);\n showOverlay(\n \"Dev server out of sync\",\n \"Auto-reload gave up after \" + MAX_RELOADS + \" tries. Refresh the page (\\\\u2318R / Ctrl+R).\"\n );\n return;\n }\n console.log(\"[agent-native] Vite re-bundled deps (\" + reason + \"), reloading\\\\u2026\");\n recordReload();\n // First reload is silent. One refresh almost always fixes it and the\n // overlay flash is more disruptive than the reload itself. Only show\n // the overlay starting on the second attempt, when something is clearly\n // taking longer than expected.\n if (history.length >= 1) {\n showOverlay(\"Updating dev server\\\\u2026\", \"Reloading the page\");\n }\n reloadTimer = setTimeout(function() { window.location.reload(); }, 300);\n }\n\n function looksLikeViteFailureMessage(message) {\n if (!message) return false;\n return message.indexOf(\"Failed to fetch dynamically imported module\") !== -1\n || message.indexOf(\"error loading dynamically imported module\") !== -1\n || message.indexOf(\"Importing a module script failed\") !== -1\n || message.indexOf(\"Outdated Optimize Dep\") !== -1\n || message.indexOf(\"Optimize Deps Processing Error\") !== -1\n || (message.indexOf(\"504\") !== -1 && (\n message.indexOf(\".vite/deps\") !== -1 ||\n message.indexOf(\"/node_modules/.vite/deps/\") !== -1\n ));\n }\n\n function looksLikeViteDep(url) {\n if (!url) return false;\n // Only treat same-origin URLs as Vite deps. Do not reload the page\n // because some third-party CDN script 404'd.\n try {\n var u = new URL(url, window.location.href);\n if (u.origin !== window.location.origin) return false;\n } catch (e) { return false; }\n return url.indexOf(\"/node_modules/.vite/deps/\") !== -1\n || url.indexOf(\"/@fs/\") !== -1\n || url.indexOf(\"/@id/\") !== -1\n || url.indexOf(\"?v=\") !== -1\n || url.indexOf(\"?import\") !== -1\n || /\\\\.(m?js|ts|tsx|jsx)(\\\\?|$)/.test(url);\n }\n\n // 1) <script type=\"module\"> / <link> 504. These fire on the element, not\n // window, so use capture phase to catch resource load errors.\n window.addEventListener(\"error\", function(e) {\n var t = e.target;\n if (!t || t === window) {\n var message = String(e.message || \"\");\n if (looksLikeViteFailureMessage(message)) {\n scheduleReload(\"window error\");\n }\n return;\n }\n var tag = t.tagName;\n if (tag !== \"SCRIPT\" && tag !== \"LINK\") return;\n var url = t.src || t.href || \"\";\n if (looksLikeViteDep(url)) {\n var name = url.split(\"/\").pop();\n scheduleReload(\"script 504: \" + name);\n }\n }, true);\n\n // Vite's documented hook for failed dynamic-import preloads. This mostly\n // targets production chunk skew, but it also fires for some dev optimizer\n // races, so wire it into the same guarded reload path.\n window.addEventListener(\"vite:preloadError\", function(e) {\n var payload = e && e.payload;\n var msg = String((payload && (payload.message || payload)) || \"\");\n if (!msg || looksLikeViteFailureMessage(msg)) {\n if (e.preventDefault) e.preventDefault();\n scheduleReload(\"preload error\");\n }\n });\n\n // 2) Dynamic import failures (React Router code splitting, lazy components).\n window.addEventListener(\"unhandledrejection\", function(e) {\n var msg = String((e.reason && (e.reason.message || e.reason)) || \"\");\n if (looksLikeViteFailureMessage(msg)) {\n scheduleReload(\"dynamic import\");\n }\n });\n\n // Static module-graph fetch failures for child imports don't always surface\n // as element errors or rejections. Chrome exposes the HTTP status via\n // Resource Timing; when available, use it as a final safety net.\n var seenResources = {};\n function checkResourceEntry(entry) {\n var url = entry && entry.name;\n if (!url || seenResources[url]) return;\n seenResources[url] = true;\n if (!looksLikeViteDep(url)) return;\n if (entry.responseStatus === 504) {\n var name = url.split(\"/\").pop();\n scheduleReload(\"resource 504: \" + name);\n }\n }\n function checkExistingResources() {\n try {\n var entries = performance.getEntriesByType(\"resource\") || [];\n for (var i = 0; i < entries.length; i++) checkResourceEntry(entries[i]);\n } catch (e) {}\n }\n if (window.PerformanceObserver) {\n try {\n var observer = new PerformanceObserver(function(list) {\n var entries = list.getEntries();\n for (var i = 0; i < entries.length; i++) checkResourceEntry(entries[i]);\n });\n observer.observe({ type: \"resource\", buffered: true });\n } catch (e) {\n setTimeout(checkExistingResources, 0);\n }\n } else {\n setTimeout(checkExistingResources, 0);\n }\n})();`;\n}\n\nexport function shouldInlineViteDevRecoveryScript(): boolean {\n const viteEnv = (\n import.meta as ImportMeta & {\n env?: { DEV?: boolean; PROD?: boolean };\n }\n ).env;\n if (\n typeof process !== \"undefined\" &&\n process.env?.NODE_ENV === \"production\"\n ) {\n return false;\n }\n if (viteEnv?.PROD === true) return false;\n if (viteEnv?.DEV === true) return true;\n return true;\n}\n"]}
|
package/dist/index.browser.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { sendToAgentChat, useAgentChatGenerating, useDevMode, useSendToAgentChat, AGENT_NATIVE_MCP_APP_HOST_MESSAGE_TYPES, getMcpAppHostContext, openMcpAppHostLink, requestMcpAppDisplayMode, updateMcpAppModelContext, useMcpAppHostContext, CodeRequiredDialog, useDbSync, useFileWatcher, useSession, cn, ApiKeySettings, type AgentChatMessage, type AgentNativeMcpAppHostMessageType, type McpAppDisplayMode, type McpAppHostCapabilities, type McpAppHostContext, type McpAppHostContextSnapshot, type McpAppModelContextContentPart, type McpAppModelContextUpdate, type CodeRequiredDialogProps, type AuthSession, } from "./client/index.js";
|
|
1
|
+
export { sendToAgentChat, useAgentChatGenerating, useDevMode, useSendToAgentChat, AGENT_NATIVE_MCP_APP_HOST_MESSAGE_TYPES, getMcpAppHostContext, openMcpAppHostLink, requestMcpAppDisplayMode, sendMcpAppHostMessage, updateMcpAppModelContext, useMcpAppHostContext, CodeRequiredDialog, useDbSync, useFileWatcher, useSession, cn, ApiKeySettings, type AgentChatMessage, type AgentNativeMcpAppHostMessageType, type McpAppDisplayMode, type McpAppHostChatMessage, type McpAppHostCapabilities, type McpAppHostContext, type McpAppHostContextSnapshot, type McpAppModelContextContentPart, type McpAppModelContextUpdate, type CodeRequiredDialogProps, type AuthSession, } from "./client/index.js";
|
|
2
2
|
export { agentChat } from "./shared/index.js";
|
|
3
3
|
export { parseArgs, camelCaseArgs } from "./scripts/parse-args.js";
|
|
4
4
|
export { defineAction, AgentActionStopError, isAgentActionStopError, type ActionHttpConfig, type AgentActionStopOptions, MCP_APP_EXTENSION_ID, MCP_APP_MIME_TYPE, MCP_APP_RESOURCE_URI_META_KEY, type ActionMcpAppConfig, type ActionMcpAppCsp, type ActionMcpAppHtmlBuilder, type ActionMcpAppPermissions, type ActionMcpAppResourceConfig, type ActionMcpAppResourceMeta, } from "./action.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.browser.d.ts","sourceRoot":"","sources":["../src/index.browser.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,UAAU,EACV,kBAAkB,EAClB,uCAAuC,EACvC,oBAAoB,EACpB,kBAAkB,EAClB,wBAAwB,EACxB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EAClB,SAAS,EACT,cAAc,EACd,UAAU,EACV,EAAE,EACF,cAAc,EACd,KAAK,gBAAgB,EACrB,KAAK,gCAAgC,EACrC,KAAK,iBAAiB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,KAAK,6BAA6B,EAClC,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAC5B,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAG9C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAGnE,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,sBAAsB,EAC3B,oBAAoB,EACpB,iBAAiB,EACjB,6BAA6B,EAC7B,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,EAC5B,KAAK,0BAA0B,EAC/B,KAAK,wBAAwB,GAC9B,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,QAAQ,EACR,iCAAiC,EACjC,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,UAAU,EACV,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,GACtB,MAAM,sBAAsB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.browser.d.ts","sourceRoot":"","sources":["../src/index.browser.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,UAAU,EACV,kBAAkB,EAClB,uCAAuC,EACvC,oBAAoB,EACpB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EAClB,SAAS,EACT,cAAc,EACd,UAAU,EACV,EAAE,EACF,cAAc,EACd,KAAK,gBAAgB,EACrB,KAAK,gCAAgC,EACrC,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,KAAK,6BAA6B,EAClC,KAAK,wBAAwB,EAC7B,KAAK,uBAAuB,EAC5B,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAG9C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAGnE,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,sBAAsB,EAC3B,oBAAoB,EACpB,iBAAiB,EACjB,6BAA6B,EAC7B,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,EAC5B,KAAK,0BAA0B,EAC/B,KAAK,wBAAwB,GAC9B,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,QAAQ,EACR,iCAAiC,EACjC,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,UAAU,EACV,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,GACtB,MAAM,sBAAsB,CAAC"}
|
package/dist/index.browser.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
// Browser-safe entry — only client & shared exports (no Node/Express/chokidar).
|
|
2
2
|
// Client
|
|
3
|
-
export { sendToAgentChat, useAgentChatGenerating, useDevMode, useSendToAgentChat, AGENT_NATIVE_MCP_APP_HOST_MESSAGE_TYPES, getMcpAppHostContext, openMcpAppHostLink, requestMcpAppDisplayMode, updateMcpAppModelContext, useMcpAppHostContext, CodeRequiredDialog, useDbSync, useFileWatcher, useSession, cn, ApiKeySettings, } from "./client/index.js";
|
|
3
|
+
export { sendToAgentChat, useAgentChatGenerating, useDevMode, useSendToAgentChat, AGENT_NATIVE_MCP_APP_HOST_MESSAGE_TYPES, getMcpAppHostContext, openMcpAppHostLink, requestMcpAppDisplayMode, sendMcpAppHostMessage, updateMcpAppModelContext, useMcpAppHostContext, CodeRequiredDialog, useDbSync, useFileWatcher, useSession, cn, ApiKeySettings, } from "./client/index.js";
|
|
4
4
|
// Shared (isomorphic)
|
|
5
5
|
export { agentChat } from "./shared/index.js";
|
|
6
6
|
// Pure utilities (no Node.js deps — safe for browser and SSR)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.browser.js","sourceRoot":"","sources":["../src/index.browser.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAEhF,SAAS;AACT,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,UAAU,EACV,kBAAkB,EAClB,uCAAuC,EACvC,oBAAoB,EACpB,kBAAkB,EAClB,wBAAwB,EACxB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EAClB,SAAS,EACT,cAAc,EACd,UAAU,EACV,EAAE,EACF,cAAc,
|
|
1
|
+
{"version":3,"file":"index.browser.js","sourceRoot":"","sources":["../src/index.browser.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAEhF,SAAS;AACT,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,UAAU,EACV,kBAAkB,EAClB,uCAAuC,EACvC,oBAAoB,EACpB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EAClB,SAAS,EACT,cAAc,EACd,UAAU,EACV,EAAE,EACF,cAAc,GAYf,MAAM,mBAAmB,CAAC;AAE3B,sBAAsB;AACtB,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,8DAA8D;AAC9D,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAEnE,2DAA2D;AAC3D,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,sBAAsB,EAGtB,oBAAoB,EACpB,iBAAiB,EACjB,6BAA6B,GAO9B,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,QAAQ,EACR,iCAAiC,GAElC,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,UAAU,GAKX,MAAM,sBAAsB,CAAC","sourcesContent":["// Browser-safe entry — only client & shared exports (no Node/Express/chokidar).\n\n// Client\nexport {\n sendToAgentChat,\n useAgentChatGenerating,\n useDevMode,\n useSendToAgentChat,\n AGENT_NATIVE_MCP_APP_HOST_MESSAGE_TYPES,\n getMcpAppHostContext,\n openMcpAppHostLink,\n requestMcpAppDisplayMode,\n sendMcpAppHostMessage,\n updateMcpAppModelContext,\n useMcpAppHostContext,\n CodeRequiredDialog,\n useDbSync,\n useFileWatcher,\n useSession,\n cn,\n ApiKeySettings,\n type AgentChatMessage,\n type AgentNativeMcpAppHostMessageType,\n type McpAppDisplayMode,\n type McpAppHostChatMessage,\n type McpAppHostCapabilities,\n type McpAppHostContext,\n type McpAppHostContextSnapshot,\n type McpAppModelContextContentPart,\n type McpAppModelContextUpdate,\n type CodeRequiredDialogProps,\n type AuthSession,\n} from \"./client/index.js\";\n\n// Shared (isomorphic)\nexport { agentChat } from \"./shared/index.js\";\n\n// Pure utilities (no Node.js deps — safe for browser and SSR)\nexport { parseArgs, camelCaseArgs } from \"./scripts/parse-args.js\";\n\n// defineAction — used by template actions, no Node.js deps\nexport {\n defineAction,\n AgentActionStopError,\n isAgentActionStopError,\n type ActionHttpConfig,\n type AgentActionStopOptions,\n MCP_APP_EXTENSION_ID,\n MCP_APP_MIME_TYPE,\n MCP_APP_RESOURCE_URI_META_KEY,\n type ActionMcpAppConfig,\n type ActionMcpAppCsp,\n type ActionMcpAppHtmlBuilder,\n type ActionMcpAppPermissions,\n type ActionMcpAppResourceConfig,\n type ActionMcpAppResourceMeta,\n} from \"./action.js\";\nexport {\n embedApp,\n MCP_APP_REQUEST_ORIGIN_CSP_SOURCE,\n type EmbedAppOptions,\n} from \"./mcp/embed-app.js\";\nexport {\n embedRoute,\n type EmbedRouteContext,\n type EmbedRouteOptions,\n type EmbedRoutePathBuilder,\n type EmbedRouteResult,\n} from \"./mcp/embed-route.js\";\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-server.d.ts","sourceRoot":"","sources":["../../src/mcp/build-server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAuBhE,MAAM,WAAW,SAAS;IACxB,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;OAOG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mDAAmD;IACnD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC;;;;;;;;;;;OAWG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAChD,qEAAqE;IACrE,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD;;;;;;OAMG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,gEAAgE;IAChE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,gEAAgE;IAChE,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;kEAGkE;AAClE,MAAM,WAAW,cAAc;IAC7B,+DAA+D;IAC/D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,UAAU,CAAC;IAC5C;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;
|
|
1
|
+
{"version":3,"file":"build-server.d.ts","sourceRoot":"","sources":["../../src/mcp/build-server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAuBhE,MAAM,WAAW,SAAS;IACxB,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;OAOG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,mDAAmD;IACnD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACrC;;;;;;;;;;;OAWG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAChD,qEAAqE;IACrE,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD;;;;;;OAMG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,gEAAgE;IAChE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,gEAAgE;IAChE,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;kEAGkE;AAClE,MAAM,WAAW,cAAc;IAC7B,+DAA+D;IAC/D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,UAAU,CAAC;IAC5C;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAiHD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,WAAW,EAClB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,GAAG,EACX,IAAI,EAAE,cAAc,GAAG,SAAS,GAC/B;IACD,KAAK,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IACvC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC,CAyBA;AAmTD;;;;;;;GAOG;AACH,wBAAsB,yBAAyB,CAC7C,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,iBAAiB,GAAG,SAAS,EACvC,WAAW,CAAC,EAAE,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAgY7B;AAOD,wBAAgB,eAAe,IAAI,MAAM,EAAE,CAc1C;AAyCD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,UAAU,CAC9B,UAAU,EAAE,MAAM,GAAG,SAAS,EAC9B,gBAAgB,CAAC,EAAE,MAAM,GAAG,SAAS,EACrC,OAAO,GAAE;IAAE,YAAY,CAAC,EAAE,OAAO,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAO,GAC7D,OAAO,CAAC;IACT,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B;;;;;;OAMG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC,CAmHD;AAED,wBAAsB,sBAAsB,CAC1C,SAAS,EAAE,MAAM,GAAG,SAAS,GAC5B,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAS7B"}
|
package/dist/mcp/build-server.js
CHANGED
|
@@ -82,18 +82,33 @@ async function isKnownMcpAppOAuthClient(identity) {
|
|
|
82
82
|
try {
|
|
83
83
|
const { getOAuthClient } = await import("./oauth-store.js");
|
|
84
84
|
const client = await getOAuthClient(clientId);
|
|
85
|
+
// If the token carries an OAuth client id but its registration is missing,
|
|
86
|
+
// keep the model on the compact MCP Apps surface instead of exposing every
|
|
87
|
+
// private action/schema.
|
|
85
88
|
if (!client)
|
|
86
|
-
return
|
|
89
|
+
return true;
|
|
87
90
|
if (isKnownAppClientName(client.clientName))
|
|
88
91
|
return true;
|
|
89
92
|
if (isKnownNonAppClientName(client.clientName))
|
|
90
93
|
return false;
|
|
91
|
-
|
|
94
|
+
if (client.redirectUris.some(isKnownMcpAppRedirectUri))
|
|
95
|
+
return true;
|
|
96
|
+
// Most OAuth hosts are UI-oriented MCP clients. Preserve the full catalog
|
|
97
|
+
// only for known code/CLI clients so unknown browser hosts cannot trigger
|
|
98
|
+
// massive resources/list payloads.
|
|
99
|
+
return true;
|
|
92
100
|
}
|
|
93
101
|
catch {
|
|
94
|
-
|
|
102
|
+
// On metadata lookup errors, fail compact instead of falling back to the
|
|
103
|
+
// full action surface; ChatGPT/Claude old tokens otherwise get huge lists.
|
|
104
|
+
return true;
|
|
95
105
|
}
|
|
96
106
|
}
|
|
107
|
+
function metadataObject(value) {
|
|
108
|
+
return value && typeof value === "object" && !Array.isArray(value)
|
|
109
|
+
? value
|
|
110
|
+
: {};
|
|
111
|
+
}
|
|
97
112
|
/**
|
|
98
113
|
* Build the deep-link content block + structured `_meta` for a tool result.
|
|
99
114
|
* Best-effort: any throw / nullish link is swallowed so a bad `link` builder
|
|
@@ -157,11 +172,36 @@ function safeUiSegment(value, fallback) {
|
|
|
157
172
|
.replace(/^-+|-+$/g, "");
|
|
158
173
|
return normalized || fallback;
|
|
159
174
|
}
|
|
160
|
-
|
|
175
|
+
// ChatGPT and Claude cache MCP App resource HTML by `ui://` URI. Bump this
|
|
176
|
+
// when the shared shell changes in a way that must invalidate host caches.
|
|
177
|
+
const MCP_APP_RESOURCE_SHELL_VERSION = "shell-v3";
|
|
178
|
+
function legacyDefaultMcpAppUri(config, actionName) {
|
|
161
179
|
const app = safeUiSegment(config.appId ?? config.name, "agent-native");
|
|
162
180
|
const action = safeUiSegment(actionName, "tool");
|
|
163
181
|
return `ui://${app}/${action}`;
|
|
164
182
|
}
|
|
183
|
+
function versionMcpAppResourceUri(rawUri) {
|
|
184
|
+
const uri = rawUri.trim();
|
|
185
|
+
if (!uri.startsWith("ui://"))
|
|
186
|
+
return null;
|
|
187
|
+
const versionSuffix = `/${MCP_APP_RESOURCE_SHELL_VERSION}`;
|
|
188
|
+
let versionedUri;
|
|
189
|
+
try {
|
|
190
|
+
const parsed = new URL(uri);
|
|
191
|
+
const path = parsed.pathname.replace(/\/+$/g, "");
|
|
192
|
+
parsed.pathname = /\/shell-v\d+$/.test(path)
|
|
193
|
+
? path.replace(/\/shell-v\d+$/, versionSuffix)
|
|
194
|
+
: `${path}${versionSuffix}`;
|
|
195
|
+
versionedUri = parsed.toString();
|
|
196
|
+
}
|
|
197
|
+
catch {
|
|
198
|
+
return null;
|
|
199
|
+
}
|
|
200
|
+
return {
|
|
201
|
+
uri: versionedUri,
|
|
202
|
+
...(versionedUri !== uri ? { legacyUris: [uri] } : {}),
|
|
203
|
+
};
|
|
204
|
+
}
|
|
165
205
|
function expandRequestOriginSources(sources, requestMeta) {
|
|
166
206
|
if (!sources)
|
|
167
207
|
return undefined;
|
|
@@ -228,13 +268,15 @@ function resolveMcpAppResource(config, actionName, entry, requestMeta) {
|
|
|
228
268
|
const resource = entry.mcpApp?.resource;
|
|
229
269
|
if (!resource)
|
|
230
270
|
return null;
|
|
231
|
-
const
|
|
232
|
-
|
|
271
|
+
const baseUri = resource.uri?.trim() || legacyDefaultMcpAppUri(config, actionName);
|
|
272
|
+
const resolvedUri = versionMcpAppResourceUri(baseUri);
|
|
273
|
+
if (!resolvedUri)
|
|
233
274
|
return null;
|
|
234
275
|
const description = resource.description ?? entry.tool.description;
|
|
235
276
|
const resourceMeta = mcpAppUiMeta(resource, requestMeta, description);
|
|
236
277
|
return {
|
|
237
|
-
uri,
|
|
278
|
+
uri: resolvedUri.uri,
|
|
279
|
+
...(resolvedUri.legacyUris ? { legacyUris: resolvedUri.legacyUris } : {}),
|
|
238
280
|
name: resource.name?.trim() || actionName,
|
|
239
281
|
...(resource.title ? { title: resource.title } : {}),
|
|
240
282
|
...(description ? { description } : {}),
|
|
@@ -261,20 +303,30 @@ function renderMcpAppHtml(resource, actionName, config, requestMeta) {
|
|
|
261
303
|
}
|
|
262
304
|
function openAiToolDescriptorMeta(resource) {
|
|
263
305
|
const label = resource.title ?? resource.name;
|
|
306
|
+
const widgetCsp = metadataObject(resource._meta?.["openai/widgetCSP"]);
|
|
264
307
|
return {
|
|
265
308
|
"openai/outputTemplate": resource.uri,
|
|
266
309
|
"openai/toolInvocation/invoking": `Opening ${label}`,
|
|
267
310
|
"openai/toolInvocation/invoked": `${label} ready`,
|
|
268
311
|
"openai/widgetAccessible": true,
|
|
312
|
+
...(Object.keys(widgetCsp).length > 0
|
|
313
|
+
? { "openai/widgetCSP": widgetCsp }
|
|
314
|
+
: {}),
|
|
269
315
|
};
|
|
270
316
|
}
|
|
271
317
|
function openAiToolResultMeta(resource) {
|
|
272
318
|
const label = resource.title ?? resource.name;
|
|
319
|
+
const ui = metadataObject(resource._meta?.ui);
|
|
320
|
+
const widgetCsp = metadataObject(resource._meta?.["openai/widgetCSP"]);
|
|
273
321
|
return {
|
|
274
322
|
"openai/outputTemplate": resource.uri,
|
|
275
323
|
"openai/toolInvocation/invoking": `Opening ${label}`,
|
|
276
324
|
"openai/toolInvocation/invoked": `${label} ready`,
|
|
277
325
|
"openai/widgetAccessible": true,
|
|
326
|
+
...(Object.keys(ui).length > 0 ? { ui } : {}),
|
|
327
|
+
...(Object.keys(widgetCsp).length > 0
|
|
328
|
+
? { "openai/widgetCSP": widgetCsp }
|
|
329
|
+
: {}),
|
|
278
330
|
};
|
|
279
331
|
}
|
|
280
332
|
function primitiveValue(value) {
|
|
@@ -430,6 +482,7 @@ export async function createMCPServerForRequest(config, identity, requestMeta) {
|
|
|
430
482
|
...openAiToolDescriptorMeta(mcpAppResource),
|
|
431
483
|
[MCP_APP_RESOURCE_URI_META_KEY]: mcpAppResource.uri,
|
|
432
484
|
ui: {
|
|
485
|
+
...metadataObject(mcpAppResource._meta?.ui),
|
|
433
486
|
...(rawToolMeta.ui &&
|
|
434
487
|
typeof rawToolMeta.ui === "object" &&
|
|
435
488
|
!Array.isArray(rawToolMeta.ui)
|
|
@@ -622,14 +675,15 @@ export async function createMCPServerForRequest(config, identity, requestMeta) {
|
|
|
622
675
|
actionName: name,
|
|
623
676
|
resource: resolveMcpAppResource(config, name, entry, requestMeta),
|
|
624
677
|
}))
|
|
625
|
-
.find((candidate) => candidate.resource?.uri === uri
|
|
678
|
+
.find((candidate) => candidate.resource?.uri === uri ||
|
|
679
|
+
candidate.resource?.legacyUris?.includes(uri));
|
|
626
680
|
if (!found?.resource) {
|
|
627
681
|
throw new Error(`MCP App resource not found: ${uri}`);
|
|
628
682
|
}
|
|
629
683
|
return {
|
|
630
684
|
contents: [
|
|
631
685
|
{
|
|
632
|
-
uri
|
|
686
|
+
uri,
|
|
633
687
|
mimeType: found.resource.mimeType,
|
|
634
688
|
text: renderMcpAppHtml(found.resource, found.actionName, config, requestMeta),
|
|
635
689
|
...(found.resource._meta
|