@ax0l0tl/agent-governance-opencode 4.0.1 → 4.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +3 -4
- package/src/index.mjs +13 -9
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ax0l0tl/agent-governance-opencode",
|
|
3
|
-
"version": "4.0.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "4.0.2",
|
|
4
|
+
"description": "Public Preview — OpenCode CLI governance plugin for Agent Governance Toolkit developer protection policies",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "src/index.mjs",
|
|
7
7
|
"exports": {
|
|
@@ -43,9 +43,8 @@
|
|
|
43
43
|
"homepage": "https://github.com/microsoft/agent-governance-toolkit/tree/main/agent-governance-opencode",
|
|
44
44
|
"dependencies": {
|
|
45
45
|
"@microsoft/agent-governance-sdk": "3.7.0",
|
|
46
|
-
"@opencode-ai/plugin": "
|
|
46
|
+
"@opencode-ai/plugin": "1.17.1"
|
|
47
47
|
},
|
|
48
|
-
"devDependencies": {},
|
|
49
48
|
"engines": {
|
|
50
49
|
"node": ">=22.0.0"
|
|
51
50
|
}
|
package/src/index.mjs
CHANGED
|
@@ -17,7 +17,7 @@ import {
|
|
|
17
17
|
* Loads the AGT policy once per OpenCode process and wires it into the
|
|
18
18
|
* OpenCode plugin contract:
|
|
19
19
|
*
|
|
20
|
-
* - session.created
|
|
20
|
+
* - session.created — log AGT governance status at session start
|
|
21
21
|
* - event (chat.params/start) — scan submitted prompts; throw to block
|
|
22
22
|
* - tool.execute.before — enforce policy; throw to deny, mark args
|
|
23
23
|
* for OpenCode's permission prompt on review
|
|
@@ -55,8 +55,6 @@ export const AgtGovernance = async (ctx) => {
|
|
|
55
55
|
}
|
|
56
56
|
|
|
57
57
|
return {
|
|
58
|
-
// Bug 1 fixed: session.start is not a valid OpenCode hook; use session.created.
|
|
59
|
-
// The additionalContext return value is also not part of the OpenCode contract.
|
|
60
58
|
"session.created": async () => {
|
|
61
59
|
try {
|
|
62
60
|
const state = await getState();
|
|
@@ -81,6 +79,18 @@ export const AgtGovernance = async (ctx) => {
|
|
|
81
79
|
// OpenCode emits a wide range of events. Only inspect prompt-bearing
|
|
82
80
|
// events; ignore the rest cheaply.
|
|
83
81
|
const prompt = extractPromptFromEvent(event);
|
|
82
|
+
// TODO(temporary): remove after verifying which event types reach this hook.
|
|
83
|
+
try {
|
|
84
|
+
if (typeof ctx?.client?.app?.log === "function") {
|
|
85
|
+
await ctx.client.app.log({
|
|
86
|
+
body: {
|
|
87
|
+
service: "agt-governance",
|
|
88
|
+
level: "info",
|
|
89
|
+
message: `[AGT] event type=${event?.type ?? "unknown"} covered=${Boolean(prompt)}`,
|
|
90
|
+
},
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
} catch { /* best-effort */ }
|
|
84
94
|
if (!prompt) {
|
|
85
95
|
return;
|
|
86
96
|
}
|
|
@@ -94,8 +104,6 @@ export const AgtGovernance = async (ctx) => {
|
|
|
94
104
|
throw new Error(result.reason || "AGT governance blocked the submitted prompt.");
|
|
95
105
|
}
|
|
96
106
|
},
|
|
97
|
-
|
|
98
|
-
// Bug 2 fixed: OpenCode expects flat string keys, not nested objects.
|
|
99
107
|
"tool.execute.before": async (input, output) => {
|
|
100
108
|
const state = await getState();
|
|
101
109
|
const result = await evaluateOpenCodeTool(state, {
|
|
@@ -142,10 +150,6 @@ export const AgtGovernance = async (ctx) => {
|
|
|
142
150
|
}
|
|
143
151
|
},
|
|
144
152
|
|
|
145
|
-
// Bug 3 fixed: `tool` (singular) with `args` (not `tools` with `parameters`).
|
|
146
|
-
// Bug 4 fixed: execute returns a plain string, not an MCP { content: [...] } envelope.
|
|
147
|
-
// tool.schema (Zod) is provided by @opencode-ai/plugin (devDependency), which OpenCode
|
|
148
|
-
// always makes available in its plugin runtime environment.
|
|
149
153
|
tool: {
|
|
150
154
|
agt_policy_status: {
|
|
151
155
|
description: "Return the active AGT OpenCode governance policy status and source.",
|