@agi-cli/server 0.1.140 → 0.1.141

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@agi-cli/server",
-	"version": "0.1.140",
+	"version": "0.1.141",
 	"description": "HTTP API server for AGI CLI",
 	"type": "module",
 	"main": "./src/index.ts",
@@ -29,8 +29,8 @@
 		"typecheck": "tsc --noEmit"
 	},
 	"dependencies": {
-		"@agi-cli/sdk": "0.1.140",
-		"@agi-cli/database": "0.1.140",
+		"@agi-cli/sdk": "0.1.141",
+		"@agi-cli/database": "0.1.141",
 		"drizzle-orm": "^0.44.5",
 		"hono": "^4.9.9",
 		"zod": "^4.1.8"

package/src/events/types.ts

@@ -1,4 +1,6 @@
 export type AGIEventType =
+	| 'tool.approval.required'
+	| 'tool.approval.resolved'
 	| 'solforge.payment.required'
 	| 'solforge.payment.signing'
 	| 'solforge.payment.complete'

package/src/index.ts

@@ -16,6 +16,7 @@ import { registerTerminalsRoutes } from './routes/terminals.ts';
 import { registerSessionFilesRoutes } from './routes/session-files.ts';
 import { registerBranchRoutes } from './routes/branch.ts';
 import { registerResearchRoutes } from './routes/research.ts';
+import { registerSessionApprovalRoute } from './routes/session-approval.ts';
 import { registerSolforgeRoutes } from './routes/solforge.ts';
 import type { AgentConfigEntry } from './runtime/agent/registry.ts';
 
@@ -59,6 +60,7 @@ function initApp() {
 	registerRootRoutes(app);
 	registerOpenApiRoute(app);
 	registerSessionsRoutes(app);
+	registerSessionApprovalRoute(app);
 	registerSessionMessagesRoutes(app);
 	registerSessionStreamRoute(app);
 	registerAskRoutes(app);
@@ -128,6 +130,7 @@ export function createStandaloneApp(_config?: StandaloneAppConfig) {
 	registerRootRoutes(honoApp);
 	registerOpenApiRoute(honoApp);
 	registerSessionsRoutes(honoApp);
+	registerSessionApprovalRoute(honoApp);
 	registerSessionMessagesRoutes(honoApp);
 	registerSessionStreamRoute(honoApp);
 	registerAskRoutes(honoApp);
@@ -225,6 +228,7 @@ export function createEmbeddedApp(config: EmbeddedAppConfig = {}) {
 	registerRootRoutes(honoApp);
 	registerOpenApiRoute(honoApp);
 	registerSessionsRoutes(honoApp);
+	registerSessionApprovalRoute(honoApp);
 	registerSessionMessagesRoutes(honoApp);
 	registerSessionStreamRoute(honoApp);
 	registerAskRoutes(honoApp);

package/src/routes/config/defaults.ts

@@ -11,6 +11,7 @@ export function registerDefaultsRoute(app: Hono) {
 				agent?: string;
 				provider?: string;
 				model?: string;
+				toolApproval?: 'auto' | 'dangerous' | 'all';
 				scope?: 'global' | 'local';
 			}>();
 
@@ -19,11 +20,13 @@ export function registerDefaultsRoute(app: Hono) {
 				agent: string;
 				provider: string;
 				model: string;
+				toolApproval: 'auto' | 'dangerous' | 'all';
 			}> = {};
 
 			if (body.agent) updates.agent = body.agent;
 			if (body.provider) updates.provider = body.provider;
 			if (body.model) updates.model = body.model;
+			if (body.toolApproval) updates.toolApproval = body.toolApproval;
 
 			await setConfig(scope, updates, projectRoot);
 

package/src/routes/config/main.ts

@@ -52,6 +52,11 @@ export function registerMainConfigRoute(app: Hono) {
 					embeddedConfig?.defaults?.model,
 					cfg.defaults.model,
 				),
+				toolApproval: getDefault(
+					undefined,
+					embeddedConfig?.defaults?.toolApproval,
+					cfg.defaults.toolApproval,
+				) as 'auto' | 'dangerous' | 'all',
 			};
 
 			return c.json({

package/src/routes/session-approval.ts

@@ -0,0 +1,53 @@
+import type { Hono } from 'hono';
+import {
+	resolveApproval,
+	getPendingApprovalsForSession,
+} from '../runtime/tools/approval.ts';
+
+export function registerSessionApprovalRoute(app: Hono) {
+	app.post('/v1/sessions/:id/approval', async (c) => {
+		const sessionId = c.req.param('id');
+		const body = await c.req.json<{
+			callId: string;
+			approved: boolean;
+		}>();
+
+		if (!body.callId) {
+			return c.json({ ok: false, error: 'callId is required' }, 400);
+		}
+
+		if (typeof body.approved !== 'boolean') {
+			return c.json({ ok: false, error: 'approved must be a boolean' }, 400);
+		}
+
+		console.log('[approval-route] Received approval request', {
+			sessionId,
+			callId: body.callId,
+			approved: body.approved,
+		});
+
+		const result = resolveApproval(body.callId, body.approved);
+
+		if (!result.ok) {
+			return c.json(result, 404);
+		}
+
+		return c.json({ ok: true, callId: body.callId, approved: body.approved });
+	});
+
+	app.get('/v1/sessions/:id/approval/pending', async (c) => {
+		const sessionId = c.req.param('id');
+		const pending = getPendingApprovalsForSession(sessionId);
+
+		return c.json({
+			ok: true,
+			pending: pending.map((p) => ({
+				callId: p.callId,
+				toolName: p.toolName,
+				args: p.args,
+				messageId: p.messageId,
+				createdAt: p.createdAt,
+			})),
+		});
+	});
+}

package/src/runtime/message/service.ts

@@ -171,6 +171,9 @@ export async function dispatchAssistantMessage(
 		);
 	}
 
+	// Read tool approval mode from config
+	const toolApprovalMode = cfg.defaults.toolApproval ?? 'auto';
+
 	enqueueAssistantRun(
 		{
 			sessionId,
@@ -184,6 +187,7 @@ export async function dispatchAssistantMessage(
 			reasoningText,
 			isCompactCommand: isCompact,
 			compactionContext,
+			toolApprovalMode,
 		},
 		runSessionLoop,
 	);

package/src/runtime/provider/index.ts

@@ -6,6 +6,7 @@ import { resolveOpenRouterModel } from './openrouter.ts';
 import { resolveSolforgeModel } from './solforge.ts';
 import { getZaiInstance, getZaiCodingInstance } from './zai.ts';
 import { resolveOpencodeModel } from './opencode.ts';
+import { getMoonshotInstance } from './moonshot.ts';
 
 export type ProviderName = ProviderId;
 
@@ -42,5 +43,8 @@ export async function resolveModel(
 	if (provider === 'zai-coding') {
 		return getZaiCodingInstance(cfg, model);
 	}
+	if (provider === 'moonshot') {
+		return getMoonshotInstance(cfg, model);
+	}
 	throw new Error(`Unsupported provider: ${provider}`);
 }

package/src/runtime/provider/moonshot.ts

@@ -0,0 +1,8 @@
+import type { AGIConfig } from '@agi-cli/sdk';
+import { getAuth, createMoonshotModel } from '@agi-cli/sdk';
+
+export async function getMoonshotInstance(cfg: AGIConfig, model: string) {
+	const auth = await getAuth('moonshot', cfg.projectRoot);
+	const apiKey = auth?.type === 'api' ? auth.key : undefined;
+	return createMoonshotModel(model, { apiKey });
+}

package/src/runtime/session/queue.ts

@@ -1,5 +1,6 @@
 import type { ProviderName } from '../provider/index.ts';
 import { publish } from '../../events/bus.ts';
+import type { ToolApprovalMode } from '../tools/approval.ts';
 
 export type RunOpts = {
 	sessionId: string;
@@ -14,6 +15,7 @@ export type RunOpts = {
 	abortSignal?: AbortSignal;
 	isCompactCommand?: boolean;
 	compactionContext?: string;
+	toolApprovalMode?: ToolApprovalMode;
 };
 
 export type QueuedMessage = {

package/src/runtime/stream/step-finish.ts

@@ -47,7 +47,7 @@ export function createStepFinishHandler(
 			try {
 				await updateSessionTokensIncrementalFn(
 					step.usage,
-					step.experimental_providerMetadata,
+					step.providerMetadata,
 					opts,
 					db,
 				);
@@ -56,7 +56,7 @@ export function createStepFinishHandler(
 			try {
 				await updateMessageTokensIncrementalFn(
 					step.usage,
-					step.experimental_providerMetadata,
+					step.providerMetadata,
 					opts,
 					db,
 				);

package/src/runtime/stream/types.ts

@@ -4,7 +4,7 @@ export type StepFinishEvent = {
 	usage?: UsageData;
 	finishReason?: string;
 	response?: unknown;
-	experimental_providerMetadata?: ProviderMetadata;
+	providerMetadata?: ProviderMetadata;
 };
 
 export type FinishEvent = {

package/src/runtime/tools/approval.ts

@@ -0,0 +1,179 @@
+import { publish } from '../../events/bus.ts';
+
+export type ToolApprovalMode = 'auto' | 'dangerous' | 'all';
+
+export const DANGEROUS_TOOLS = new Set([
+	'bash',
+	'write',
+	'apply_patch',
+	'terminal',
+	'edit',
+	'git_commit',
+	'git_push',
+]);
+
+export const SAFE_TOOLS = new Set([
+	'finish',
+	'progress_update',
+	'update_todos',
+]);
+
+export interface PendingApproval {
+	callId: string;
+	toolName: string;
+	args: unknown;
+	sessionId: string;
+	messageId: string;
+	resolve: (approved: boolean) => void;
+	createdAt: number;
+}
+
+const pendingApprovals = new Map<string, PendingApproval>();
+
+export function requiresApproval(
+	toolName: string,
+	mode: ToolApprovalMode,
+): boolean {
+	if (SAFE_TOOLS.has(toolName)) return false;
+	if (mode === 'auto') return false;
+	if (mode === 'all') return true;
+	if (mode === 'dangerous') return DANGEROUS_TOOLS.has(toolName);
+	return false;
+}
+
+export async function requestApproval(
+	sessionId: string,
+	messageId: string,
+	callId: string,
+	toolName: string,
+	args: unknown,
+	timeoutMs = 120000,
+): Promise<boolean> {
+	console.log('[approval] requestApproval called', {
+		sessionId,
+		messageId,
+		callId,
+		toolName,
+	});
+	return new Promise((resolve) => {
+		const approval: PendingApproval = {
+			callId,
+			toolName,
+			args,
+			sessionId,
+			messageId,
+			resolve,
+			createdAt: Date.now(),
+		};
+
+		pendingApprovals.set(callId, approval);
+		console.log(
+			'[approval] Added to pendingApprovals, count:',
+			pendingApprovals.size,
+		);
+
+		publish({
+			type: 'tool.approval.required',
+			sessionId,
+			payload: {
+				callId,
+				toolName,
+				args,
+				messageId,
+			},
+		});
+
+		setTimeout(() => {
+			if (pendingApprovals.has(callId)) {
+				pendingApprovals.delete(callId);
+				resolve(false);
+				publish({
+					type: 'tool.approval.resolved',
+					sessionId,
+					payload: {
+						callId,
+						toolName,
+						approved: false,
+						reason: 'timeout',
+					},
+				});
+			}
+		}, timeoutMs);
+	});
+}
+
+export function resolveApproval(
+	callId: string,
+	approved: boolean,
+): { ok: boolean; error?: string } {
+	console.log('[approval] resolveApproval called', {
+		callId,
+		approved,
+		pendingCount: pendingApprovals.size,
+		pendingIds: [...pendingApprovals.keys()],
+	});
+	const approval = pendingApprovals.get(callId);
+	if (!approval) {
+		console.log('[approval] No pending approval found for callId:', callId);
+		return { ok: false, error: 'No pending approval found for this callId' };
+	}
+
+	pendingApprovals.delete(callId);
+	approval.resolve(approved);
+
+	publish({
+		type: 'tool.approval.resolved',
+		sessionId: approval.sessionId,
+		payload: {
+			callId,
+			toolName: approval.toolName,
+			approved,
+			reason: approved ? 'user_approved' : 'user_rejected',
+		},
+	});
+
+	return { ok: true };
+}
+
+export function getPendingApproval(
+	callId: string,
+): PendingApproval | undefined {
+	return pendingApprovals.get(callId);
+}
+
+export function updateApprovalArgs(callId: string, args: unknown): boolean {
+	const approval = pendingApprovals.get(callId);
+	if (!approval) return false;
+
+	approval.args = args;
+
+	publish({
+		type: 'tool.approval.updated',
+		sessionId: approval.sessionId,
+		payload: {
+			callId,
+			toolName: approval.toolName,
+			args,
+			messageId: approval.messageId,
+		},
+	});
+
+	return true;
+}
+
+export function getPendingApprovalsForSession(
+	sessionId: string,
+): PendingApproval[] {
+	return Array.from(pendingApprovals.values()).filter(
+		(a) => a.sessionId === sessionId,
+	);
+}
+
+export function clearPendingApprovalsForSession(sessionId: string): void {
+	for (const [callId, approval] of pendingApprovals) {
+		if (approval.sessionId === sessionId) {
+			approval.resolve(false);
+			pendingApprovals.delete(callId);
+		}
+	}
+}

package/src/runtime/tools/context.ts

@@ -1,6 +1,7 @@
 import { eq } from 'drizzle-orm';
 import type { DB } from '@agi-cli/database';
 import { messageParts } from '@agi-cli/database/schema';
+import type { ToolApprovalMode } from './approval.ts';
 import { publish } from '../../events/bus.ts';
 
 export type StepExecutionState = {
@@ -24,6 +25,7 @@ export type ToolAdapterContext = {
 	stepExecution?: {
 		states: Map<number, StepExecutionState>;
 	};
+	toolApprovalMode?: ToolApprovalMode;
 };
 
 export function extractFinishText(input: unknown): string | undefined {

package/src/runtime/tools/setup.ts

@@ -32,6 +32,7 @@ export async function setupToolContext(
 		model: opts.model,
 		projectRoot: opts.projectRoot,
 		stepExecution: { states: new Map() },
+		toolApprovalMode: opts.toolApprovalMode,
 		onFirstToolCall: () => {
 			if (firstToolSeen) return;
 			firstToolSeen = true;

package/src/tools/adapter.ts

@@ -13,6 +13,10 @@ import {
 	toClaudeCodeName,
 	requiresClaudeCodeNaming,
 } from '../runtime/tools/mapping.ts';
+import {
+	requiresApproval,
+	requestApproval,
+} from '../runtime/tools/approval.ts';
 
 export type { ToolAdapterContext } from '../runtime/tools/context.ts';
 
@@ -33,6 +37,7 @@ type PendingCallMeta = {
 	startTs: number;
 	stepIndex?: number;
 	args?: unknown;
+	approvalPromise?: Promise<boolean>;
 };
 
 function getPendingQueue(
@@ -294,6 +299,19 @@ export function adaptTools(
 						toolCallId: callId,
 					});
 				} catch {}
+				// Start approval request with full args
+				if (
+					ctx.toolApprovalMode &&
+					requiresApproval(name, ctx.toolApprovalMode)
+				) {
+					meta.approvalPromise = requestApproval(
+						ctx.sessionId,
+						ctx.messageId,
+						callId,
+						name,
+						args,
+					);
+				}
 				if (typeof base.onInputAvailable === 'function') {
 					// biome-ignore lint/suspicious/noExplicitAny: AI SDK types are complex
 					await base.onInputAvailable(options as any);
@@ -324,6 +342,16 @@ export function adaptTools(
 
 				const executeWithGuards = async (): Promise<ToolExecuteReturn> => {
 					try {
+						// Await approval if it was requested in onInputAvailable
+						if (meta?.approvalPromise) {
+							const approved = await meta.approvalPromise;
+							if (!approved) {
+								return {
+									ok: false,
+									error: 'Tool execution rejected by user',
+								} as ToolExecuteReturn;
+							}
+						}
 						// Handle session-relative paths and cwd tools
 						let res: ToolExecuteReturn | { cwd: string } | null | undefined;
 						const cwd = getCwd(ctx.sessionId);

package/sst-env.d.ts

@@ -2,9 +2,7 @@
 /* tslint:disable */
 /* eslint-disable */
 /* deno-fmt-ignore-file */
-/* biome-ignore-all lint: auto-generated */
 
 /// <reference path="../../sst-env.d.ts" />
 
 import 'sst';
-export {};