@blogic-cz/agent-tools 0.14.15 → 0.14.21

package/README.md

@@ -383,6 +383,39 @@ Secrets are **never** stored in the config file. The `db-tool` config references
 }
 ```
 
+Database VPN prerequisites can be set at the database profile or environment level. If an environment declares `vpn` or `prerequisites`, that environment config replaces the profile prerequisites; `prerequisites: []` explicitly disables inherited VPN setup. DB commands try the query directly first and only connect VPN prerequisites if direct access fails.
+
+```json5
+{
+  vpns: {
+    officeVpn: { name: "OfficeVPN" },
+    prodVpn: { name: "ProdVPN" },
+  },
+  database: {
+    default: {
+      vpn: "officeVpn",
+      environments: {
+        local: {
+          host: "127.0.0.1",
+          port: 5432,
+          user: "app",
+          database: "app",
+          prerequisites: [], // no VPN for local/direct access
+        },
+        prod: {
+          host: "db.prod.internal",
+          port: 5432,
+          user: "readonly",
+          database: "app",
+          passwordEnvVar: "AGENT_TOOLS_DB_PROD_PASSWORD",
+          vpn: "prodVpn", // overrides database.default.vpn
+        },
+      },
+    },
+  },
+}
+```
+
 Set the values in your shell:
 
 ```bash

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blogic-cz/agent-tools",
-  "version": "0.14.15",
+  "version": "0.14.21",
   "description": "CLI tools for AI coding agent workflows — GitHub, database, Kubernetes, Azure DevOps, logs, sessions, and audit",
   "keywords": [
     "agent",

package/schemas/agent-tools.schema.json

@@ -185,6 +185,17 @@
         "passwordEnvVar": {
           "description": "Name of the environment variable holding the database password.",
           "type": "string"
+        },
+        "prerequisites": {
+          "description": "Ordered prerequisite references for this database environment. Declaring this or vpn overrides profile-level database prerequisites; an empty array explicitly disables inherited prerequisites.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Prerequisite"
+          }
+        },
+        "vpn": {
+          "type": "string",
+          "description": "Convenience sugar for this database environment's VPN prerequisite key. Declaring this or prerequisites overrides profile-level database prerequisites."
         }
       },
       "required": ["host", "port", "user", "database"]

package/src/config/loader.ts

@@ -91,6 +91,8 @@ const DbEnvConfigSchema = Schema.Struct({
   database: Schema.String,
   password: Schema.optionalKey(Schema.String),
   passwordEnvVar: Schema.optionalKey(Schema.String),
+  prerequisites: Schema.optionalKey(PrerequisitesSchema),
+  vpn: Schema.optionalKey(Schema.String),
 });
 
 const DatabaseConfigSchema = Schema.Struct({

package/src/config/types.ts

@@ -74,7 +74,7 @@ export type K8sConfig = ProfilePrerequisites & {
 };
 
 /** Single database environment connection details */
-export type DbEnvConfig = {
+export type DbEnvConfig = ProfilePrerequisites & {
   host: string;
   port: number;
   user: string;

package/src/db-tool/service.ts

@@ -6,6 +6,7 @@ import type { DbConfig, DbMutationOperation, QueryResult, SchemaMode } from "./t
 import { ConfigService } from "#config";
 import { isPrerequisiteRunError } from "#shared/prerequisites/errors";
 import { resolveEnvTemplate } from "#shared/env-template";
+import { resolveEnvironmentScopedPrerequisites } from "#shared/prerequisites/config";
 import { runWithProfilePrerequisites } from "#shared/prerequisites/runtime";
 import { DbConfigService, DbConfigServiceLayer, TUNNEL_CHECK_INTERVAL_MS } from "./config-service";
 import {
@@ -228,13 +229,15 @@ export class DbService extends Context.Service<
 
         const runWithVpnPrerequisites = <E>(
           port: number,
+          prerequisiteConfig: DbConfig,
           effect: Effect.Effect<QueryResult, E>,
         ): Effect.Effect<QueryResult, E | DbTunnelError> =>
           runWithProfilePrerequisites(
             agentToolsConfig ?? {},
-            dbConfig,
+            prerequisiteConfig,
             (command, _label) => executeShellCommand(command),
             effect,
+            { tryWithoutPrerequisites: true },
           ).pipe(
             Effect.mapError((error) =>
               isPrerequisiteRunError(error)
@@ -655,6 +658,7 @@ export class DbService extends Context.Service<
             database: envConfig.database,
             password: envConfig.password,
             passwordEnvVar: envConfig.passwordEnvVar,
+            ...resolveEnvironmentScopedPrerequisites(dbConfig, envConfig),
             port: envConfig.port,
             needsTunnel: accessMode.needsTunnel,
             allowMutations: accessMode.allowMutations,
@@ -696,6 +700,7 @@ export class DbService extends Context.Service<
 
           return yield* runWithVpnPrerequisites(
             resolvedConfig.port,
+            resolvedConfig,
             runQueryWithOptionalTunnel(resolvedConfig, queryEffect),
           );
         });
@@ -752,6 +757,7 @@ export class DbService extends Context.Service<
 
           const result = yield* runWithVpnPrerequisites(
             resolvedConfig.port,
+            resolvedConfig,
             runQueryWithOptionalTunnel(resolvedConfig, queryEffect),
           );
 

package/src/db-tool/types.ts

@@ -1,4 +1,5 @@
 import type { DbMutationOperation } from "#config";
+import type { ProfilePrerequisites } from "#config/types";
 import type { Environment, OutputFormat } from "#shared";
 
 export type { DbMutationOperation };
@@ -6,7 +7,7 @@ export type { Environment, OutputFormat };
 
 export type SchemaMode = "tables" | "columns" | "full" | "relationships";
 
-export type DbConfig = {
+export type DbConfig = ProfilePrerequisites & {
   host: string;
   user: string;
   database: string;

package/src/gh-tool/pr/commands.ts

@@ -119,6 +119,7 @@ export const prCreateCommand = Command.make(
 export const prEditCommand = Command.make(
   "edit",
   {
+    base: Flag.string("base").pipe(Flag.withDescription("New base branch"), Flag.optional),
     body: Flag.string("body").pipe(Flag.withDescription("New PR body/description"), Flag.optional),
     bodyFile: Flag.string("body-file").pipe(
       Flag.withDescription("Read PR body from a file path or '-' for stdin"),
@@ -128,7 +129,7 @@ export const prEditCommand = Command.make(
     pr: Flag.integer("pr").pipe(Flag.withDescription("PR number to edit")),
     title: Flag.string("title").pipe(Flag.withDescription("New PR title"), Flag.optional),
   },
-  ({ body, bodyFile, format, pr, title }) =>
+  ({ base, body, bodyFile, format, pr, title }) =>
     Effect.gen(function* () {
       const resolvedBody = yield* resolveOptionalTextInput(
         "gh-tool pr edit",
@@ -143,6 +144,7 @@ export const prEditCommand = Command.make(
         pr,
         title: Option.getOrNull(title),
         body: resolvedBody,
+        base: Option.getOrNull(base),
       });
       yield* logFormatted(info, format);
     }),

package/src/gh-tool/pr/core.ts

@@ -632,14 +632,15 @@ export const editPR = Effect.fn("pr.editPR")(function* (opts: {
   pr: number;
   title: string | null;
   body: string | null;
+  base: string | null;
 }) {
-  if (!opts.title && !opts.body) {
+  if (!opts.title && !opts.body && !opts.base) {
     return yield* Effect.fail(
       new GitHubCommandError({
         command: "pr edit",
         exitCode: 1,
-        stderr: "At least one of --title or --body must be provided",
-        message: "At least one of --title or --body must be provided",
+        stderr: "At least one of --title, --body, or --base must be provided",
+        message: "At least one of --title, --body, or --base must be provided",
       }),
     );
   }
@@ -654,6 +655,9 @@ export const editPR = Effect.fn("pr.editPR")(function* (opts: {
   if (opts.body) {
     editArgs.push("--body", opts.body);
   }
+  if (opts.base) {
+    editArgs.push("--base", opts.base);
+  }
 
   yield* gh.runGh(editArgs);
 

package/src/session-tool/codex.ts

@@ -0,0 +1,237 @@
+import { Glob } from "bun";
+import { Effect } from "effect";
+
+import type { MessageSummary } from "./types";
+
+import { SessionReadError, SessionStorageNotFoundError, type SessionError } from "./errors";
+
+export type CodexContentBlock =
+  | { type: "input_text"; text: string }
+  | { type: "output_text"; text: string }
+  | { type: string; text?: string };
+
+export type CodexRecord =
+  | {
+      type: "session_meta";
+      timestamp: string;
+      payload: { id: string; cwd?: string; timestamp?: string };
+    }
+  | {
+      type: "event_msg";
+      timestamp: string;
+      payload: { type: "thread_name_updated"; thread_name: string };
+    }
+  | {
+      type: "response_item";
+      timestamp: string;
+      payload: {
+        type: "message";
+        role: "user" | "assistant" | "developer" | string;
+        content: ReadonlyArray<CodexContentBlock>;
+      };
+    };
+
+const isRecord = (value: unknown): value is Record<string, unknown> =>
+  typeof value === "object" && value !== null;
+
+export const parseCodexLine = (line: string): CodexRecord | null => {
+  let parsed: unknown;
+  try {
+    parsed = JSON.parse(line);
+  } catch {
+    return null;
+  }
+
+  if (
+    !isRecord(parsed) ||
+    typeof parsed.type !== "string" ||
+    typeof parsed.timestamp !== "string"
+  ) {
+    return null;
+  }
+
+  const payload = parsed.payload;
+  if (!isRecord(payload)) {
+    return null;
+  }
+
+  if (parsed.type === "session_meta" && typeof payload.id === "string") {
+    return {
+      type: "session_meta",
+      timestamp: parsed.timestamp,
+      payload: {
+        id: payload.id,
+        cwd: typeof payload.cwd === "string" ? payload.cwd : undefined,
+        timestamp: typeof payload.timestamp === "string" ? payload.timestamp : undefined,
+      },
+    };
+  }
+
+  if (
+    parsed.type === "event_msg" &&
+    payload.type === "thread_name_updated" &&
+    typeof payload.thread_name === "string"
+  ) {
+    return {
+      type: "event_msg",
+      timestamp: parsed.timestamp,
+      payload: { type: "thread_name_updated", thread_name: payload.thread_name },
+    };
+  }
+
+  if (
+    parsed.type === "response_item" &&
+    payload.type === "message" &&
+    typeof payload.role === "string" &&
+    Array.isArray(payload.content)
+  ) {
+    return {
+      type: "response_item",
+      timestamp: parsed.timestamp,
+      payload: {
+        type: "message",
+        role: payload.role,
+        content: (payload.content as unknown[]).filter(
+          (item): item is CodexContentBlock =>
+            isRecord(item) && typeof (item as Record<string, unknown>).type === "string",
+        ),
+      },
+    };
+  }
+
+  return null;
+};
+
+export const extractCodexText = (content: ReadonlyArray<CodexContentBlock>): string =>
+  content
+    .filter(
+      (block): block is CodexContentBlock & { text: string } =>
+        (block.type === "input_text" || block.type === "output_text") &&
+        typeof block.text === "string",
+    )
+    .map((block) => block.text)
+    .join("\n");
+
+export const extractCodexTitle = (records: ReadonlyArray<CodexRecord>): string => {
+  const named = records.find((record) => record.type === "event_msg");
+  if (named !== undefined && named.type === "event_msg") {
+    return named.payload.thread_name;
+  }
+
+  const firstUser = records.find(
+    (record) => record.type === "response_item" && record.payload.role === "user",
+  );
+  if (firstUser !== undefined && firstUser.type === "response_item") {
+    return extractCodexText(firstUser.payload.content).slice(0, 100);
+  }
+
+  return "Untitled session";
+};
+
+const getSessionIdFromFile = (filePath: string): string => {
+  const fileName = filePath.split("/").pop() ?? "";
+  const match =
+    /rollout-.*?-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\.jsonl$/u.exec(
+      fileName,
+    );
+  return match?.[1] ?? fileName.replace(/\.jsonl$/u, "");
+};
+
+export const getCodexSessionId = getSessionIdFromFile;
+
+const walkSessionFiles = (basePath: string): Promise<string[]> => {
+  const glob = new Glob("*/*/*/rollout-*.jsonl");
+  return Array.fromAsync(glob.scan({ cwd: basePath, absolute: true }));
+};
+
+const readSessionMeta = async (
+  sessionFile: string,
+): Promise<{ id: string; cwd?: string } | null> => {
+  try {
+    const text = await Bun.file(sessionFile).text();
+    const firstLine = text.split("\n")[0] ?? "";
+    const record = parseCodexLine(firstLine);
+    if (record !== null && record.type === "session_meta") {
+      return { id: record.payload.id, cwd: record.payload.cwd };
+    }
+    return null;
+  } catch {
+    return null;
+  }
+};
+
+export const getCodexSessions = (
+  basePath: string,
+  projectDir: string | null,
+): Effect.Effect<string[], SessionError> =>
+  Effect.tryPromise({
+    try: async () => {
+      const allFiles = await walkSessionFiles(basePath);
+      if (projectDir === null) {
+        return allFiles;
+      }
+
+      const metas = await Promise.all(allFiles.map((file) => readSessionMeta(file)));
+      return allFiles.filter((_, i) => metas[i] !== null && metas[i]?.cwd === projectDir);
+    },
+    catch: (error) =>
+      new SessionStorageNotFoundError({
+        message: error instanceof Error ? error.message : "Codex storage directory not found",
+        path: basePath,
+      }),
+  });
+
+export const readCodexMessages = (
+  sessionFiles: string[],
+): Effect.Effect<MessageSummary[], SessionError> =>
+  Effect.tryPromise({
+    try: async () => {
+      const summaries: MessageSummary[] = [];
+
+      for (const sessionFile of sessionFiles) {
+        let fileContent: string;
+        try {
+          // eslint-disable-next-line eslint/no-await-in-loop -- sequential file read keeps memory bounded
+          fileContent = await Bun.file(sessionFile).text();
+        } catch {
+          continue;
+        }
+
+        const records = fileContent
+          .split(/\r?\n/u)
+          .map((line) => line.trim())
+          .filter((line) => line.length > 0)
+          .map(parseCodexLine)
+          .filter((record): record is CodexRecord => record !== null);
+
+        const title = extractCodexTitle(records);
+        const sessionID = getSessionIdFromFile(sessionFile);
+
+        for (const record of records) {
+          if (record.type !== "response_item") continue;
+          if (record.payload.role !== "user" && record.payload.role !== "assistant") continue;
+
+          const body = extractCodexText(record.payload.content);
+          if (body.length === 0) continue;
+
+          const createdTimestamp = new Date(record.timestamp).getTime();
+          summaries.push({
+            sessionID,
+            id: `${sessionID}:${record.timestamp}`,
+            title,
+            body,
+            created: Number.isFinite(createdTimestamp) ? createdTimestamp : 0,
+            role: record.payload.role,
+            source: "codex",
+          });
+        }
+      }
+
+      return summaries.toSorted((left, right) => right.created - left.created);
+    },
+    catch: (error) =>
+      new SessionReadError({
+        message: error instanceof Error ? error.message : "Failed to read Codex sessions",
+        source: "codex",
+      }),
+  });

package/src/session-tool/config.ts

@@ -44,6 +44,7 @@ export class ResolvedPaths extends Context.Service<
     readonly messagesPath: string;
     readonly sessionsPath: string;
     readonly claudeCodePath: string | null;
+    readonly codexPath: string | null;
   }
 >()("@agent-tools/ResolvedPaths") {}
 
@@ -54,6 +55,8 @@ export const ResolvedPathsLayer = Layer.effect(
     const sessionsPath = yield* resolveSessionsPath;
     const claudeCodeBasePath = join(homedir(), ".claude/projects");
     const claudeCodePath = existsSync(claudeCodeBasePath) ? claudeCodeBasePath : null;
-    return { messagesPath, sessionsPath, claudeCodePath };
+    const codexBasePath = join(homedir(), ".codex/sessions");
+    const codexPath = existsSync(codexBasePath) ? codexBasePath : null;
+    return { messagesPath, sessionsPath, claudeCodePath, codexPath };
   }),
 );

package/src/session-tool/index.ts

@@ -22,7 +22,7 @@ import { formatDate, SessionService, SessionServiceLayer, truncate } from "./ser
 const AppLayer = SessionServiceLayer.pipe(Layer.provideMerge(ResolvedPathsLayer));
 
 const sourceOption = Flag.string("source").pipe(
-  Flag.withDescription("Filter by source: all, opencode, claude-code"),
+  Flag.withDescription("Filter by source: all, opencode, claude-code, codex"),
   Flag.withDefault("all"),
 );