@caplets/core 0.26.0 → 0.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/attach/api.d.ts +2 -1
- package/dist/caplet-files-bundle.d.ts +1 -0
- package/dist/caplet-source.js +39 -3
- package/dist/cli/inspection.d.ts +2 -1
- package/dist/cli.d.ts +5 -0
- package/dist/code-mode/types.d.ts +1 -1
- package/dist/{completion-DaYL-XQN.js → completion-1wDjwHkC.js} +4 -3
- package/dist/config/validation.d.ts +2 -0
- package/dist/config-runtime.d.ts +6 -1
- package/dist/config-runtime.js +34 -3
- package/dist/config.d.ts +10 -1
- package/dist/daemon/host-path.d.ts +8 -0
- package/dist/errors.d.ts +1 -1
- package/dist/exposure/namespace.d.ts +39 -0
- package/dist/index.js +830 -173
- package/dist/native/remote.d.ts +2 -1
- package/dist/native/service.d.ts +2 -2
- package/dist/native.js +1 -1
- package/dist/project-binding/errors.d.ts +1 -1
- package/dist/remote/profile-store.d.ts +2 -0
- package/dist/remote/profiles.d.ts +2 -0
- package/dist/remote/server-credential-store.d.ts +100 -1
- package/dist/remote/server-credentials.d.ts +18 -0
- package/dist/serve/http.d.ts +5 -0
- package/dist/{service-rvZ7z6FI.js → service-BGGiZLHa.js} +413 -47
- package/dist/{validation-C4tYXw6G.js → validation-CWzd2gtn.js} +4 -1
- package/package.json +1 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { A as safeParseAsync$1, C as toJSONSchema, D as parse$3, E as $ZodType, F as NEVER, M as defineLazy, N as normalizeParams, O as parseAsync, P as $constructor, S as datetime, T as $ZodObject, _ as record, a as any, b as unknown, c as custom, d as literal, f as looseObject, g as preprocess, h as optional, i as _null, j as clone, k as safeParse$1, l as discriminatedUnion, m as object$1, o as array, p as number$1, r as _enum, s as boolean, t as ZodNumber$1, u as intersection, v as string, w as _coercedNumber, x as url, y as union } from "./schemas-BoqMu4MG.js";
|
|
2
|
-
import { a as
|
|
2
|
+
import { a as SERVER_ID_PATTERN, c as isUrl, d as CapletsError, f as errorResult, i as NAMESPACE_ALIAS_LABEL_PATTERN, l as validateHttpActionHeaders, m as toSafeError, n as HEADER_NAME_PATTERN, o as isAllowedHttpBaseUrl, p as redactSecrets, r as HTTP_BASE_URL_PATTERN, s as isAllowedRemoteUrl, t as FORBIDDEN_HEADERS } from "./validation-CWzd2gtn.js";
|
|
3
3
|
import { generatedToolInputJsonSchema, generatedToolInputJsonSchemaForCaplet, generatedToolInputSchemaForCaplet, mcpOperations, operations } from "./generated-tool-input-schema.js";
|
|
4
4
|
import { f as observedOutputShapeKey, i as observeOutputShape, r as normalizedObservableValue, t as usefulOutputSchema, u as FileObservedOutputShapeStore } from "./observed-output-shapes-DuP7mJQf.js";
|
|
5
5
|
import { createRequire } from "node:module";
|
|
@@ -26005,7 +26005,11 @@ const capletExposureSchema = _enum([
|
|
|
26005
26005
|
"direct_and_code_mode",
|
|
26006
26006
|
"progressive_and_code_mode"
|
|
26007
26007
|
]).describe("How this Caplet is exposed to agents.");
|
|
26008
|
-
const capletShadowingSchema = _enum([
|
|
26008
|
+
const capletShadowingSchema = _enum([
|
|
26009
|
+
"forbid",
|
|
26010
|
+
"allow",
|
|
26011
|
+
"namespace"
|
|
26012
|
+
]).describe("Whether attached local Caplets may shadow this remote Caplet ID.");
|
|
26009
26013
|
const capletEndpointAuthSchema = discriminatedUnion("type", [
|
|
26010
26014
|
object$1({ type: literal("none") }).strict(),
|
|
26011
26015
|
object$1({
|
|
@@ -27288,7 +27292,33 @@ const exposureSchema = _enum([
|
|
|
27288
27292
|
"direct_and_code_mode",
|
|
27289
27293
|
"progressive_and_code_mode"
|
|
27290
27294
|
]).describe("How this Caplet is exposed to agents.");
|
|
27291
|
-
const shadowingSchema = _enum([
|
|
27295
|
+
const shadowingSchema = _enum([
|
|
27296
|
+
"forbid",
|
|
27297
|
+
"allow",
|
|
27298
|
+
"namespace"
|
|
27299
|
+
]).default("forbid").describe("Whether attached local Caplets may shadow this remote Caplet ID.");
|
|
27300
|
+
const namespaceAliasLabelSchema = string().regex(NAMESPACE_ALIAS_LABEL_PATTERN, "namespace alias labels must be lowercase DNS-style labels using letters, numbers, or hyphens").describe("Namespace label used when qualifying colliding Caplet IDs.");
|
|
27301
|
+
const namespaceAliasesSchema = object$1({
|
|
27302
|
+
local: namespaceAliasLabelSchema.optional(),
|
|
27303
|
+
upstreams: record(string().trim().min(1), namespaceAliasLabelSchema).default({}).describe("Namespace aliases keyed by durable upstream source identity.")
|
|
27304
|
+
}).strict().default({ upstreams: {} }).superRefine((aliases, ctx) => {
|
|
27305
|
+
const seen = /* @__PURE__ */ new Map();
|
|
27306
|
+
const addAlias = (value, path) => {
|
|
27307
|
+
if (!value) return;
|
|
27308
|
+
const existing = seen.get(value);
|
|
27309
|
+
if (existing) {
|
|
27310
|
+
ctx.addIssue({
|
|
27311
|
+
code: "custom",
|
|
27312
|
+
path,
|
|
27313
|
+
message: `namespace alias '${value}' is already used at ${existing.join(".")}`
|
|
27314
|
+
});
|
|
27315
|
+
return;
|
|
27316
|
+
}
|
|
27317
|
+
seen.set(value, path);
|
|
27318
|
+
};
|
|
27319
|
+
addAlias(aliases.local, ["local"]);
|
|
27320
|
+
for (const [selector, alias] of Object.entries(aliases.upstreams)) addAlias(alias, ["upstreams", selector]);
|
|
27321
|
+
}).describe("Source-level namespace aliases for hash-qualified Caplet IDs.");
|
|
27292
27322
|
const publicServerSchema = object$1({
|
|
27293
27323
|
name: string().trim().min(1).max(80).describe("Human-readable server display name."),
|
|
27294
27324
|
description: string().describe("Capability description shown to agents before downstream tools are disclosed.").refine((value) => value.trim().length >= 10, "description must contain at least 10 non-whitespace characters").refine((value) => value.length <= 1500, "description must be at most 1500 characters"),
|
|
@@ -27545,6 +27575,7 @@ function configSchemaFor(serverValueSchema, openApiEndpointValueSchema, googleDi
|
|
|
27545
27575
|
exposureDiscoveryTimeoutMs: 15e3,
|
|
27546
27576
|
exposureDiscoveryConcurrency: 4
|
|
27547
27577
|
}).describe("Global Caplets runtime options."),
|
|
27578
|
+
namespaceAliases: namespaceAliasesSchema,
|
|
27548
27579
|
mcpServers: record(string().regex(SERVER_ID_PATTERN), serverValueSchema).default({}).describe("Downstream MCP servers keyed by stable server ID."),
|
|
27549
27580
|
openapiEndpoints: record(string().regex(SERVER_ID_PATTERN), openApiEndpointValueSchema).default({}).describe("OpenAPI endpoints keyed by stable Caplet ID."),
|
|
27550
27581
|
googleDiscoveryApis: record(string().regex(SERVER_ID_PATTERN), googleDiscoveryApiValueSchema).default({}).describe("Google Discovery APIs keyed by stable Caplet ID."),
|
|
@@ -28321,6 +28352,7 @@ function mergeConfigInputs(...inputs) {
|
|
|
28321
28352
|
merged = {
|
|
28322
28353
|
...merged,
|
|
28323
28354
|
...input,
|
|
28355
|
+
namespaceAliases: mergeNamespaceAliases(merged?.namespaceAliases, input.namespaceAliases),
|
|
28324
28356
|
mcpServers: {
|
|
28325
28357
|
...merged?.mcpServers,
|
|
28326
28358
|
...input.mcpServers
|
|
@@ -28353,6 +28385,23 @@ function mergeConfigInputs(...inputs) {
|
|
|
28353
28385
|
}
|
|
28354
28386
|
return merged;
|
|
28355
28387
|
}
|
|
28388
|
+
function mergeNamespaceAliases(left, right) {
|
|
28389
|
+
if (right !== void 0 && !isPlainObject$5(right)) return right;
|
|
28390
|
+
if (left !== void 0 && !isPlainObject$5(left)) return left;
|
|
28391
|
+
if (!isPlainObject$5(left) && !isPlainObject$5(right)) return;
|
|
28392
|
+
const leftRecord = isPlainObject$5(left) ? left : void 0;
|
|
28393
|
+
const rightRecord = isPlainObject$5(right) ? right : void 0;
|
|
28394
|
+
const leftUpstreams = isPlainObject$5(leftRecord?.upstreams) ? leftRecord.upstreams : void 0;
|
|
28395
|
+
const rightUpstreams = isPlainObject$5(rightRecord?.upstreams) ? rightRecord.upstreams : void 0;
|
|
28396
|
+
return stripUndefined({
|
|
28397
|
+
...leftRecord,
|
|
28398
|
+
...rightRecord,
|
|
28399
|
+
upstreams: {
|
|
28400
|
+
...leftUpstreams,
|
|
28401
|
+
...rightUpstreams
|
|
28402
|
+
}
|
|
28403
|
+
});
|
|
28404
|
+
}
|
|
28356
28405
|
function mergeConfigInputsWithSources(...inputs) {
|
|
28357
28406
|
let merged = {};
|
|
28358
28407
|
const sources = {};
|
|
@@ -28477,6 +28526,10 @@ function parseConfig(input, options = {}) {
|
|
|
28477
28526
|
exposureDiscoveryConcurrency: parsed.data.options.exposureDiscoveryConcurrency,
|
|
28478
28527
|
completion: parsed.data.completion
|
|
28479
28528
|
},
|
|
28529
|
+
namespaceAliases: stripUndefined({
|
|
28530
|
+
local: parsed.data.namespaceAliases.local,
|
|
28531
|
+
upstreams: parsed.data.namespaceAliases.upstreams
|
|
28532
|
+
}),
|
|
28480
28533
|
mcpServers: servers,
|
|
28481
28534
|
openapiEndpoints,
|
|
28482
28535
|
googleDiscoveryApis,
|
|
@@ -64028,7 +64081,7 @@ var CapletsEngine = class {
|
|
|
64028
64081
|
}
|
|
64029
64082
|
}
|
|
64030
64083
|
async completeCliWords(words) {
|
|
64031
|
-
const { completeCliWords } = await import("./completion-
|
|
64084
|
+
const { completeCliWords } = await import("./completion-1wDjwHkC.js").then((n) => n.r);
|
|
64032
64085
|
return await completeCliWords(words, {
|
|
64033
64086
|
config: this.registry.config,
|
|
64034
64087
|
managers: {
|
|
@@ -81409,7 +81462,7 @@ function primitiveInvokeInput(capletId, operation, input) {
|
|
|
81409
81462
|
function toolsFromManifest(manifest) {
|
|
81410
81463
|
const codeModeCaplets = manifest.codeModeCaplets ?? [];
|
|
81411
81464
|
const codeModeMarker = attachCodeModeMarker(codeModeCaplets);
|
|
81412
|
-
const codeModeShadowing = codeModeCaplets.some((entry) => entry.shadowing === "forbid") ? "forbid" : "allow";
|
|
81465
|
+
const codeModeShadowing = codeModeCaplets.some((entry) => entry.shadowing === "forbid") ? "forbid" : codeModeCaplets.some((entry) => entry.shadowing === "namespace") ? "namespace" : "allow";
|
|
81413
81466
|
return [
|
|
81414
81467
|
...manifest.caplets.map((entry) => ({
|
|
81415
81468
|
name: entry.capletId,
|
|
@@ -81700,13 +81753,129 @@ function isAuthFailure(error) {
|
|
|
81700
81753
|
}
|
|
81701
81754
|
function isPermanentRemoteCredentialsError(error) {
|
|
81702
81755
|
const candidate = error;
|
|
81703
|
-
if (candidate?.projectBindingCode
|
|
81756
|
+
if (isPermanentRemoteCredentialsCode(candidate?.projectBindingCode)) return true;
|
|
81704
81757
|
if (isPlainObject(candidate?.details)) {
|
|
81705
81758
|
const code = candidate.details.code;
|
|
81706
|
-
if (code
|
|
81759
|
+
if (isPermanentRemoteCredentialsCode(code)) return true;
|
|
81707
81760
|
}
|
|
81708
81761
|
return isAuthFailure(error);
|
|
81709
81762
|
}
|
|
81763
|
+
function isPermanentRemoteCredentialsCode(code) {
|
|
81764
|
+
return code === "remote_credentials_required" || code === "remote_credentials_revoked" || code === "remote_auth_failed";
|
|
81765
|
+
}
|
|
81766
|
+
//#endregion
|
|
81767
|
+
//#region src/exposure/namespace.ts
|
|
81768
|
+
function resolveNamespaceExposure(entries, options = {}) {
|
|
81769
|
+
const hashLength = options.hashLength ?? 4;
|
|
81770
|
+
const maxHashLength = options.maxHashLength ?? 8;
|
|
81771
|
+
const groups = groupByBaseId(entries);
|
|
81772
|
+
const visibleRecords = [];
|
|
81773
|
+
const suppressedBareIds = /* @__PURE__ */ new Map();
|
|
81774
|
+
const unavailableDiagnostics = [];
|
|
81775
|
+
const reservedBareIds = new Set(groups.keys());
|
|
81776
|
+
for (const [baseId, group] of groups) {
|
|
81777
|
+
if (group.length === 1) {
|
|
81778
|
+
visibleRecords.push(visibleRecord(group[0], baseId, false));
|
|
81779
|
+
continue;
|
|
81780
|
+
}
|
|
81781
|
+
if (!isNamespaceCollisionGroup(group)) {
|
|
81782
|
+
visibleRecords.push(visibleRecord(nonNamespaceWinner(group), baseId, false));
|
|
81783
|
+
continue;
|
|
81784
|
+
}
|
|
81785
|
+
const diagnostics = validateNamespaceGroup(baseId, group);
|
|
81786
|
+
if (diagnostics.length > 0) {
|
|
81787
|
+
unavailableDiagnostics.push(...diagnostics);
|
|
81788
|
+
continue;
|
|
81789
|
+
}
|
|
81790
|
+
const resolved = qualifyNamespaceGroup(group, {
|
|
81791
|
+
baseId,
|
|
81792
|
+
hashLength,
|
|
81793
|
+
maxHashLength,
|
|
81794
|
+
reservedBareIds
|
|
81795
|
+
});
|
|
81796
|
+
if ("diagnostic" in resolved) {
|
|
81797
|
+
unavailableDiagnostics.push(resolved.diagnostic);
|
|
81798
|
+
continue;
|
|
81799
|
+
}
|
|
81800
|
+
visibleRecords.push(...resolved.records);
|
|
81801
|
+
suppressedBareIds.set(baseId, diagnostic(baseId, "namespace_collision", group, resolved.records.map((record) => record.id)));
|
|
81802
|
+
}
|
|
81803
|
+
return {
|
|
81804
|
+
visibleRecords,
|
|
81805
|
+
routes: new Map(visibleRecords.map((record) => [record.id, record.route])),
|
|
81806
|
+
suppressedBareIds,
|
|
81807
|
+
unavailableDiagnostics
|
|
81808
|
+
};
|
|
81809
|
+
}
|
|
81810
|
+
function groupByBaseId(entries) {
|
|
81811
|
+
const groups = /* @__PURE__ */ new Map();
|
|
81812
|
+
for (const entry of entries) groups.set(entry.baseId, [...groups.get(entry.baseId) ?? [], entry]);
|
|
81813
|
+
return groups;
|
|
81814
|
+
}
|
|
81815
|
+
function isNamespaceCollisionGroup(group) {
|
|
81816
|
+
const upstreams = group.filter((entry) => entry.sourceKind === "upstream");
|
|
81817
|
+
return upstreams.length > 0 && upstreams.every((entry) => entry.shadowing === "namespace");
|
|
81818
|
+
}
|
|
81819
|
+
function nonNamespaceWinner(group) {
|
|
81820
|
+
const forbiddingUpstream = group.find((entry) => entry.sourceKind === "upstream" && entry.shadowing === "forbid");
|
|
81821
|
+
if (forbiddingUpstream) return forbiddingUpstream;
|
|
81822
|
+
const local = group.find((entry) => entry.sourceKind === "local");
|
|
81823
|
+
if (local) return local;
|
|
81824
|
+
return group.find((entry) => entry.sourceKind === "upstream") ?? group[0];
|
|
81825
|
+
}
|
|
81826
|
+
function validateNamespaceGroup(baseId, group) {
|
|
81827
|
+
const diagnostics = [];
|
|
81828
|
+
for (const entry of group) {
|
|
81829
|
+
if (!entry.durableSourceIdentity) {
|
|
81830
|
+
diagnostics.push(diagnostic(baseId, "missing_durable_source_identity", group, []));
|
|
81831
|
+
break;
|
|
81832
|
+
}
|
|
81833
|
+
if (entry.namespaceAlias && !NAMESPACE_ALIAS_LABEL_PATTERN.test(entry.namespaceAlias)) {
|
|
81834
|
+
diagnostics.push(diagnostic(baseId, "namespace_alias_invalid", group, []));
|
|
81835
|
+
break;
|
|
81836
|
+
}
|
|
81837
|
+
}
|
|
81838
|
+
return diagnostics;
|
|
81839
|
+
}
|
|
81840
|
+
function qualifyNamespaceGroup(group, options) {
|
|
81841
|
+
const ids = group.map((entry) => qualifiedId(entry, options.baseId, options.hashLength));
|
|
81842
|
+
if (!(new Set(ids).size !== ids.length || ids.some((id) => options.reservedBareIds.has(id) || !SERVER_ID_PATTERN.test(id)))) return { records: group.map((entry, index) => visibleRecord(entry, ids[index], true)) };
|
|
81843
|
+
return { diagnostic: diagnostic(options.baseId, "generated_id_collision", group, []) };
|
|
81844
|
+
}
|
|
81845
|
+
function qualifiedId(entry, baseId, hashLength) {
|
|
81846
|
+
return `${namespaceLabel(entry)}-${createHash("sha256").update(entry.durableSourceIdentity ?? "").digest("hex").slice(0, hashLength)}__${baseId}`;
|
|
81847
|
+
}
|
|
81848
|
+
function visibleRecord(entry, id, namespaced) {
|
|
81849
|
+
return {
|
|
81850
|
+
...entry,
|
|
81851
|
+
id,
|
|
81852
|
+
label: namespaceLabel(entry),
|
|
81853
|
+
namespaced
|
|
81854
|
+
};
|
|
81855
|
+
}
|
|
81856
|
+
function namespaceLabel(entry) {
|
|
81857
|
+
return entry.namespaceAlias ?? entry.sourceLabel ?? entry.sourceKind;
|
|
81858
|
+
}
|
|
81859
|
+
function diagnostic(requestedId, reason, group, alternatives) {
|
|
81860
|
+
return {
|
|
81861
|
+
requestedId,
|
|
81862
|
+
reason,
|
|
81863
|
+
alternatives,
|
|
81864
|
+
sources: group.map((entry) => ({
|
|
81865
|
+
sourceKind: entry.sourceKind,
|
|
81866
|
+
label: namespaceLabel(entry),
|
|
81867
|
+
...entry.durableSourceIdentity ? { durableSourceIdentity: entry.durableSourceIdentity } : {}
|
|
81868
|
+
})),
|
|
81869
|
+
hint: diagnosticHint(requestedId, reason, alternatives)
|
|
81870
|
+
};
|
|
81871
|
+
}
|
|
81872
|
+
function diagnosticHint(requestedId, reason, alternatives) {
|
|
81873
|
+
if (reason === "namespace_collision") return `Caplet '${requestedId}' is unavailable because namespace shadowing exposes qualified alternatives: ${alternatives.join(", ")}.`;
|
|
81874
|
+
if (reason === "missing_durable_source_identity") return `Caplet '${requestedId}' could not be namespaced because at least one source has no durable identity.`;
|
|
81875
|
+
if (reason === "namespace_alias_invalid") return `Caplet '${requestedId}' could not be namespaced because an alias label is invalid.`;
|
|
81876
|
+
if (reason === "unsupported_protocol") return `Caplet '${requestedId}' could not be namespaced because a source protocol cannot represent namespace metadata.`;
|
|
81877
|
+
return `Caplet '${requestedId}' could not be namespaced because generated qualified IDs were not unique.`;
|
|
81878
|
+
}
|
|
81710
81879
|
//#endregion
|
|
81711
81880
|
//#region src/cloud-auth/errors.ts
|
|
81712
81881
|
const SECRET_PATTERN = /(cap_access_[a-z0-9._~+/=-]+|cap_refresh_[a-z0-9._~+/=-]+|one_time_code_[a-z0-9._~+/=-]+|Bearer\s+)[^\s"]*/giu;
|
|
@@ -81869,6 +82038,7 @@ const PROJECT_BINDING_ERROR_CODES = [
|
|
|
81869
82038
|
"subscription_past_due",
|
|
81870
82039
|
"email_verification_required",
|
|
81871
82040
|
"remote_credentials_required",
|
|
82041
|
+
"remote_credentials_revoked",
|
|
81872
82042
|
"remote_auth_failed"
|
|
81873
82043
|
];
|
|
81874
82044
|
var ProjectBindingError = class extends CapletsError {
|
|
@@ -81902,6 +82072,7 @@ function recoveryCommandFor(code) {
|
|
|
81902
82072
|
case "workspace_switch_required": return "caplets remote login <cloud-url> --workspace <workspace>";
|
|
81903
82073
|
case "sync_size_limit_exceeded": return "Add exclusions to .capletsignore or upgrade the workspace plan.";
|
|
81904
82074
|
case "remote_credentials_required":
|
|
82075
|
+
case "remote_credentials_revoked":
|
|
81905
82076
|
case "remote_auth_failed": return "caplets remote login <url>";
|
|
81906
82077
|
case "endpoint_unavailable":
|
|
81907
82078
|
case "websocket_upgrade_required": return "caplets doctor";
|
|
@@ -82079,6 +82250,7 @@ function remoteProfileStatus(input) {
|
|
|
82079
82250
|
kind: input.kind,
|
|
82080
82251
|
key,
|
|
82081
82252
|
hostUrl,
|
|
82253
|
+
...input.hostIdentity ? { hostIdentity: input.hostIdentity } : {},
|
|
82082
82254
|
...input.workspaceId ? { workspaceId: input.workspaceId } : {},
|
|
82083
82255
|
...input.workspaceSlug ? { workspaceSlug: input.workspaceSlug } : {},
|
|
82084
82256
|
...input.clientId ? { clientId: input.clientId } : {},
|
|
@@ -82136,7 +82308,9 @@ var FileRemoteProfileStore = class {
|
|
|
82136
82308
|
kind: "self-hosted",
|
|
82137
82309
|
hostUrl: normalizeRemoteProfileHostUrl(input.hostUrl)
|
|
82138
82310
|
});
|
|
82139
|
-
|
|
82311
|
+
const status = await this.statusByKey(key, false);
|
|
82312
|
+
assertHostIdentityMatches(status, input.hostIdentity);
|
|
82313
|
+
return status;
|
|
82140
82314
|
}
|
|
82141
82315
|
async logoutSelfHostedProfile(input) {
|
|
82142
82316
|
return await this.withMutationLock(async () => {
|
|
@@ -82205,7 +82379,7 @@ var FileRemoteProfileStore = class {
|
|
|
82205
82379
|
}
|
|
82206
82380
|
const selected = this.readSelectedWorkspace(hostUrl);
|
|
82207
82381
|
if (selected) return this.statusByKey(selected.profileKey, true);
|
|
82208
|
-
if (this.listProfilesForHost(hostUrl).length > 0) throw
|
|
82382
|
+
if (this.listProfilesForHost(hostUrl).length > 0) throw cloudWorkspaceAmbiguityError();
|
|
82209
82383
|
return this.migrateLegacyCloudProfile(hostUrl);
|
|
82210
82384
|
}
|
|
82211
82385
|
async listCloudProfileStatuses(hostUrlInput) {
|
|
@@ -82233,7 +82407,7 @@ var FileRemoteProfileStore = class {
|
|
|
82233
82407
|
let key;
|
|
82234
82408
|
if (workspace) key = this.listProfilesForHost(hostUrl).find((profile) => profileMatchesWorkspace(profile, workspace))?.key;
|
|
82235
82409
|
else if (selected) key = selected.profileKey;
|
|
82236
|
-
else if (this.listProfilesForHost(hostUrl).length > 0) throw
|
|
82410
|
+
else if (this.listProfilesForHost(hostUrl).length > 0) throw cloudWorkspaceAmbiguityError();
|
|
82237
82411
|
if (!key) return false;
|
|
82238
82412
|
const profile = this.readProfile(key);
|
|
82239
82413
|
await this.credentials.delete(key);
|
|
@@ -82273,7 +82447,7 @@ var FileRemoteProfileStore = class {
|
|
|
82273
82447
|
else {
|
|
82274
82448
|
const selected = this.readSelectedWorkspace(hostUrl);
|
|
82275
82449
|
if (selected) status = await this.statusByKey(selected.profileKey, true);
|
|
82276
|
-
else if (this.listProfilesForHost(hostUrl).length > 0) throw
|
|
82450
|
+
else if (this.listProfilesForHost(hostUrl).length > 0) throw cloudWorkspaceAmbiguityError();
|
|
82277
82451
|
}
|
|
82278
82452
|
if (!status) return void 0;
|
|
82279
82453
|
const credential = await this.credentials.load(status.key);
|
|
@@ -82326,6 +82500,7 @@ var FileRemoteProfileStore = class {
|
|
|
82326
82500
|
kind: profile.kind,
|
|
82327
82501
|
key: profile.key,
|
|
82328
82502
|
hostUrl: profile.hostUrl,
|
|
82503
|
+
hostIdentity: profile.hostIdentity,
|
|
82329
82504
|
workspaceId: profile.workspaceId,
|
|
82330
82505
|
workspaceSlug: profile.workspaceSlug,
|
|
82331
82506
|
clientId: profile.clientId,
|
|
@@ -82346,11 +82521,13 @@ var FileRemoteProfileStore = class {
|
|
|
82346
82521
|
});
|
|
82347
82522
|
const now = (input.now ?? /* @__PURE__ */ new Date()).toISOString();
|
|
82348
82523
|
const existing = this.readProfile(key);
|
|
82524
|
+
const hostIdentity = input.hostIdentity ?? existing?.hostIdentity;
|
|
82349
82525
|
const profile = {
|
|
82350
82526
|
version: 1,
|
|
82351
82527
|
kind: "self-hosted",
|
|
82352
82528
|
key,
|
|
82353
82529
|
hostUrl,
|
|
82530
|
+
...hostIdentity ? { hostIdentity } : {},
|
|
82354
82531
|
clientId: input.clientId,
|
|
82355
82532
|
...input.clientLabel ? { clientLabel: input.clientLabel } : {},
|
|
82356
82533
|
createdAt: existing?.createdAt ?? now,
|
|
@@ -82523,6 +82700,14 @@ function legacyCredential(credentials) {
|
|
|
82523
82700
|
...credentials.tokenType ? { tokenType: credentials.tokenType } : {}
|
|
82524
82701
|
};
|
|
82525
82702
|
}
|
|
82703
|
+
function assertHostIdentityMatches(status, expectedHostIdentity) {
|
|
82704
|
+
if (!status || !expectedHostIdentity || !status.hostIdentity) return;
|
|
82705
|
+
if (status.hostIdentity === expectedHostIdentity) return;
|
|
82706
|
+
throw new CapletsError("AUTH_FAILED", "Remote Profile belongs to a different host identity.");
|
|
82707
|
+
}
|
|
82708
|
+
function cloudWorkspaceAmbiguityError() {
|
|
82709
|
+
return new CapletsError("REQUEST_INVALID", "Cloud Remote Profile requires a selected or explicit workspace.", { reason: "cloud_workspace_ambiguous" });
|
|
82710
|
+
}
|
|
82526
82711
|
function parseStoredRemoteProfile(value) {
|
|
82527
82712
|
if (!isRecord$1(value)) return void 0;
|
|
82528
82713
|
if (value.version !== 1) return void 0;
|
|
@@ -82535,6 +82720,7 @@ function parseStoredRemoteProfile(value) {
|
|
|
82535
82720
|
kind: value.kind,
|
|
82536
82721
|
key: value.key,
|
|
82537
82722
|
hostUrl: value.hostUrl,
|
|
82723
|
+
...typeof value.hostIdentity === "string" ? { hostIdentity: value.hostIdentity } : {},
|
|
82538
82724
|
...typeof value.workspaceId === "string" ? { workspaceId: value.workspaceId } : {},
|
|
82539
82725
|
...typeof value.workspaceSlug === "string" ? { workspaceSlug: value.workspaceSlug } : {},
|
|
82540
82726
|
...typeof value.clientId === "string" ? { clientId: value.clientId } : {},
|
|
@@ -82621,11 +82807,11 @@ async function resolveRemoteSelection(input = {}, env = process.env) {
|
|
|
82621
82807
|
const explicitWorkspace = input.workspace ?? (workspaceFromRemoteUrl ? void 0 : env.CAPLETS_REMOTE_WORKSPACE);
|
|
82622
82808
|
const profileWorkspace = workspaceFromRemoteUrl ?? explicitWorkspace;
|
|
82623
82809
|
const normalizedRemoteUrl = normalizeRemoteProfileHostUrl(remoteUrl);
|
|
82624
|
-
let status = await store
|
|
82810
|
+
let status = await getCloudProfileStatusForSelection(store, {
|
|
82625
82811
|
hostUrl: normalizedRemoteUrl,
|
|
82626
82812
|
workspace: profileWorkspace
|
|
82627
82813
|
});
|
|
82628
|
-
if (!status && profileWorkspace) status = await store
|
|
82814
|
+
if (!status && profileWorkspace) status = await getCloudProfileStatusForSelection(store, { hostUrl: normalizedRemoteUrl });
|
|
82629
82815
|
let credential = status ? await store.credentials.load(status.key) : void 0;
|
|
82630
82816
|
if (!status || !credential?.accessToken) throw projectBindingError("cloud_auth_required");
|
|
82631
82817
|
let credentials = cloudCredentialsFromRemoteProfile(status, credential);
|
|
@@ -82703,7 +82889,7 @@ async function refreshSelfHostedCredentials(remoteUrl, refreshToken, options) {
|
|
|
82703
82889
|
}
|
|
82704
82890
|
async function selfHostedRefreshError(remoteUrl, response) {
|
|
82705
82891
|
const summary = await parseSelfHostedRefreshError(response);
|
|
82706
|
-
if (response.status === 401 || summary?.code === "AUTH_FAILED") return remoteLoginRequired(remoteUrl);
|
|
82892
|
+
if (response.status === 401 || summary?.code === "AUTH_FAILED" || summary?.code === "REMOTE_CREDENTIALS_REVOKED") return selfHostedRefreshLooksRevoked(summary) ? remoteLoginRevoked(remoteUrl) : remoteLoginRequired(remoteUrl);
|
|
82707
82893
|
if (response.status === 503 || summary?.code === "SERVER_UNAVAILABLE") return new CapletsError("SERVER_UNAVAILABLE", summary?.message ?? "Remote credential refresh is temporarily unavailable.");
|
|
82708
82894
|
return new CapletsError("AUTH_REFRESH_FAILED", summary?.message ?? `Remote credential refresh failed with HTTP ${response.status}.`);
|
|
82709
82895
|
}
|
|
@@ -82749,6 +82935,30 @@ function remoteLoginRequired(remoteUrl) {
|
|
|
82749
82935
|
recoveryCommand: `caplets remote login ${normalizeRemoteProfileHostUrl(remoteUrl)}`
|
|
82750
82936
|
});
|
|
82751
82937
|
}
|
|
82938
|
+
function remoteLoginRevoked(remoteUrl) {
|
|
82939
|
+
const normalizedUrl = normalizeRemoteProfileHostUrl(remoteUrl);
|
|
82940
|
+
return new ProjectBindingError({
|
|
82941
|
+
code: "remote_credentials_revoked",
|
|
82942
|
+
message: `Remote credentials for ${normalizedUrl} were revoked or rejected. Run Remote Login again and ask the server operator to approve the pending login.`,
|
|
82943
|
+
recoveryCommand: `caplets remote login ${normalizedUrl}`
|
|
82944
|
+
});
|
|
82945
|
+
}
|
|
82946
|
+
function selfHostedRefreshLooksRevoked(summary) {
|
|
82947
|
+
if (summary?.code === "REMOTE_CREDENTIALS_REVOKED") return true;
|
|
82948
|
+
return /revoked|rejected|stale/iu.test(summary?.message ?? "");
|
|
82949
|
+
}
|
|
82950
|
+
async function getCloudProfileStatusForSelection(store, input) {
|
|
82951
|
+
try {
|
|
82952
|
+
return await store.getCloudProfileStatus(input);
|
|
82953
|
+
} catch (error) {
|
|
82954
|
+
if (isCloudWorkspaceAmbiguity(error)) throw projectBindingError("workspace_switch_required", "Cloud Remote Profile requires a selected or explicit workspace.");
|
|
82955
|
+
throw error;
|
|
82956
|
+
}
|
|
82957
|
+
}
|
|
82958
|
+
function isCloudWorkspaceAmbiguity(error) {
|
|
82959
|
+
const details = error instanceof CapletsError ? error.details : void 0;
|
|
82960
|
+
return error instanceof CapletsError && error.code === "REQUEST_INVALID" && typeof details === "object" && details !== null && !Array.isArray(details) && details.reason === "cloud_workspace_ambiguous";
|
|
82961
|
+
}
|
|
82752
82962
|
async function parseSelfHostedRefreshCredentials(response) {
|
|
82753
82963
|
const parsed = await response.json();
|
|
82754
82964
|
if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) throw new CapletsError("DOWNSTREAM_PROTOCOL_ERROR", "Remote refresh response must be an object.");
|
|
@@ -83153,7 +83363,7 @@ function createLocalOverlayService(options) {
|
|
|
83153
83363
|
}
|
|
83154
83364
|
function createCompositeRemoteService(remoteOptions, local, options, authKind) {
|
|
83155
83365
|
const { remote, presence } = createCompositeRemoteParts(remoteOptions, local, options, authKind);
|
|
83156
|
-
return new CompositeNativeCapletsService(remote, local, options, presence);
|
|
83366
|
+
return new CompositeNativeCapletsService(remote, local, options, remoteOptions.url.toString(), presence);
|
|
83157
83367
|
}
|
|
83158
83368
|
function createCompositeRemoteParts(remoteOptions, local, options, authKind, resolveRuntimeRemoteOptions) {
|
|
83159
83369
|
const remote = new RemoteNativeCapletsService({
|
|
@@ -83245,7 +83455,7 @@ var ProfileBackedNativeCapletsService = class {
|
|
|
83245
83455
|
const signature = remoteOptionsSignature(remoteOptions);
|
|
83246
83456
|
if (!this.delegate) {
|
|
83247
83457
|
const { remote, presence } = createCompositeRemoteParts(remoteOptions, this.local, this.options, this.authKind, () => this.resolveProfileRemoteOptions());
|
|
83248
|
-
this.delegate = new CompositeNativeCapletsService(remote, this.local, this.options, presence);
|
|
83458
|
+
this.delegate = new CompositeNativeCapletsService(remote, this.local, this.options, remoteOptions.url.toString(), presence);
|
|
83249
83459
|
this.unsubscribeDelegate = this.delegate.onToolsChanged((tools) => this.emit(tools));
|
|
83250
83460
|
this.remoteSignature = signature;
|
|
83251
83461
|
this.credentialExpiresAt = remoteOptions.credentialExpiresAt;
|
|
@@ -83257,7 +83467,7 @@ var ProfileBackedNativeCapletsService = class {
|
|
|
83257
83467
|
await Promise.all([remote.close(), presence?.close()]);
|
|
83258
83468
|
return;
|
|
83259
83469
|
}
|
|
83260
|
-
await this.delegate.replaceRemote(remote, presence);
|
|
83470
|
+
await this.delegate.replaceRemote(remote, remoteOptions.url.toString(), presence);
|
|
83261
83471
|
this.remoteSignature = signature;
|
|
83262
83472
|
this.credentialExpiresAt = remoteOptions.credentialExpiresAt;
|
|
83263
83473
|
} catch (error) {
|
|
@@ -83342,23 +83552,30 @@ var CompositeNativeCapletsService = class {
|
|
|
83342
83552
|
remote;
|
|
83343
83553
|
local;
|
|
83344
83554
|
options;
|
|
83555
|
+
remoteIdentity;
|
|
83345
83556
|
presence;
|
|
83346
83557
|
listeners = /* @__PURE__ */ new Set();
|
|
83347
83558
|
unsubscribeRemote;
|
|
83348
83559
|
unsubscribeLocal;
|
|
83349
83560
|
warnedShadowedLocalCaplets = /* @__PURE__ */ new Set();
|
|
83350
83561
|
tools = [];
|
|
83562
|
+
routes = /* @__PURE__ */ new Map();
|
|
83563
|
+
namespaceDiagnostics = /* @__PURE__ */ new Map();
|
|
83351
83564
|
closed = false;
|
|
83352
83565
|
batchingReload = false;
|
|
83353
83566
|
codeModeSessions = new CodeModeSessionManager();
|
|
83354
|
-
constructor(remote, local, options, presence) {
|
|
83567
|
+
constructor(remote, local, options, remoteIdentity, presence) {
|
|
83355
83568
|
this.remote = remote;
|
|
83356
83569
|
this.local = local;
|
|
83357
83570
|
this.options = options;
|
|
83571
|
+
this.remoteIdentity = remoteIdentity;
|
|
83358
83572
|
this.presence = presence;
|
|
83359
83573
|
this.unsubscribeRemote = this.remote.onToolsChanged(() => this.updateMergedTools());
|
|
83360
83574
|
this.unsubscribeLocal = this.local.onToolsChanged(() => this.updateMergedTools());
|
|
83361
|
-
|
|
83575
|
+
const merged = this.mergeTools();
|
|
83576
|
+
this.tools = merged.tools;
|
|
83577
|
+
this.routes = merged.routes;
|
|
83578
|
+
this.namespaceDiagnostics = merged.namespaceDiagnostics;
|
|
83362
83579
|
this.startPresence();
|
|
83363
83580
|
}
|
|
83364
83581
|
listTools() {
|
|
@@ -83366,7 +83583,11 @@ var CompositeNativeCapletsService = class {
|
|
|
83366
83583
|
}
|
|
83367
83584
|
async execute(capletId, request) {
|
|
83368
83585
|
if (capletId === "code_mode") return await executeCodeModeRunNative(this, request, this.codeModeSessions);
|
|
83369
|
-
|
|
83586
|
+
const route = this.routes.get(capletId);
|
|
83587
|
+
if (route?.service === "local") return await this.local.execute(route.capletId, request);
|
|
83588
|
+
if (route?.service === "remote") return await this.remote.execute(route.capletId, request);
|
|
83589
|
+
const diagnostic = this.namespaceDiagnostics.get(capletId);
|
|
83590
|
+
if (diagnostic) throw new CapletsError("CAPLET_NAMESPACE_COLLISION", diagnostic.hint, diagnostic);
|
|
83370
83591
|
return await this.remote.execute(capletId, request);
|
|
83371
83592
|
}
|
|
83372
83593
|
codeModeService() {
|
|
@@ -83407,16 +83628,19 @@ var CompositeNativeCapletsService = class {
|
|
|
83407
83628
|
this.presence?.close()
|
|
83408
83629
|
]);
|
|
83409
83630
|
}
|
|
83410
|
-
async replaceRemote(remote, presence) {
|
|
83631
|
+
async replaceRemote(remote, remoteIdentityOrPresence, presence) {
|
|
83632
|
+
const remoteIdentity = typeof remoteIdentityOrPresence === "string" ? remoteIdentityOrPresence : this.remoteIdentity;
|
|
83633
|
+
const nextPresence = typeof remoteIdentityOrPresence === "string" ? presence : remoteIdentityOrPresence;
|
|
83411
83634
|
if (this.closed) {
|
|
83412
|
-
await Promise.all([remote.close(),
|
|
83635
|
+
await Promise.all([remote.close(), nextPresence?.close()]);
|
|
83413
83636
|
return;
|
|
83414
83637
|
}
|
|
83415
83638
|
const previousRemote = this.remote;
|
|
83416
83639
|
const previousPresence = this.presence;
|
|
83417
83640
|
this.unsubscribeRemote();
|
|
83418
83641
|
this.remote = remote;
|
|
83419
|
-
this.
|
|
83642
|
+
this.remoteIdentity = remoteIdentity;
|
|
83643
|
+
this.presence = nextPresence;
|
|
83420
83644
|
this.unsubscribeRemote = this.remote.onToolsChanged(() => this.updateMergedTools());
|
|
83421
83645
|
await Promise.all([previousRemote.close(), previousPresence?.close()]);
|
|
83422
83646
|
if (this.closed) return;
|
|
@@ -83425,9 +83649,15 @@ var CompositeNativeCapletsService = class {
|
|
|
83425
83649
|
}
|
|
83426
83650
|
updateMergedTools() {
|
|
83427
83651
|
if (this.closed || this.batchingReload) return;
|
|
83428
|
-
const
|
|
83429
|
-
if (JSON.stringify(tools) === JSON.stringify(this.tools))
|
|
83430
|
-
|
|
83652
|
+
const merged = this.mergeTools();
|
|
83653
|
+
if (JSON.stringify(merged.tools) === JSON.stringify(this.tools)) {
|
|
83654
|
+
this.routes = merged.routes;
|
|
83655
|
+
this.namespaceDiagnostics = merged.namespaceDiagnostics;
|
|
83656
|
+
return;
|
|
83657
|
+
}
|
|
83658
|
+
this.tools = merged.tools;
|
|
83659
|
+
this.routes = merged.routes;
|
|
83660
|
+
this.namespaceDiagnostics = merged.namespaceDiagnostics;
|
|
83431
83661
|
for (const listener of this.listeners) try {
|
|
83432
83662
|
listener(this.listTools());
|
|
83433
83663
|
} catch (error) {
|
|
@@ -83439,16 +83669,89 @@ var CompositeNativeCapletsService = class {
|
|
|
83439
83669
|
const allRemoteTools = this.remote.listTools();
|
|
83440
83670
|
const remoteCodeModeTools = remoteCodeModeCallableNativeTools(allRemoteTools);
|
|
83441
83671
|
const remoteIds = remoteSuppressedCapletIds(allRemoteTools, remoteCodeModeTools);
|
|
83442
|
-
const
|
|
83672
|
+
const unsuppressedLocalTools = allLocalTools.filter((tool) => tool.codeModeRun !== true && !remoteIds.has(tool.sourceCaplet ?? tool.caplet));
|
|
83443
83673
|
this.warnShadowedLocalCaplets(allLocalTools, remoteIds);
|
|
83444
|
-
const
|
|
83445
|
-
const
|
|
83446
|
-
const
|
|
83447
|
-
|
|
83674
|
+
const unsuppressedLocalCodeModeTools = codeModeCallableNativeTools(allLocalTools, { fallbackToVisible: false }).filter((tool) => !remoteIds.has(tool.caplet));
|
|
83675
|
+
const remoteTools = allRemoteTools.filter((tool) => tool.codeModeRun !== true);
|
|
83676
|
+
const resolved = this.resolveVisibleToolIds(remoteTools, unsuppressedLocalTools, remoteCodeModeTools, unsuppressedLocalCodeModeTools);
|
|
83677
|
+
const codeModeTools = [...resolved.remoteCodeModeTools, ...resolved.localCodeModeTools];
|
|
83678
|
+
return {
|
|
83679
|
+
tools: [
|
|
83680
|
+
...resolved.remoteTools,
|
|
83681
|
+
...resolved.localTools,
|
|
83682
|
+
...codeModeTools.length > 0 ? [codeModeRunNativeTool(codeModeTools)] : []
|
|
83683
|
+
],
|
|
83684
|
+
routes: resolved.routes,
|
|
83685
|
+
namespaceDiagnostics: resolved.namespaceDiagnostics
|
|
83686
|
+
};
|
|
83448
83687
|
}
|
|
83449
|
-
|
|
83450
|
-
const
|
|
83451
|
-
|
|
83688
|
+
resolveVisibleToolIds(remoteTools, localTools, remoteCodeModeTools, localCodeModeTools) {
|
|
83689
|
+
const resolution = resolveNamespaceExposure(nativeNamespaceEntries([{
|
|
83690
|
+
service: "remote",
|
|
83691
|
+
tools: [...remoteTools, ...remoteCodeModeTools]
|
|
83692
|
+
}, {
|
|
83693
|
+
service: "local",
|
|
83694
|
+
tools: [...localTools, ...localCodeModeTools]
|
|
83695
|
+
}], {
|
|
83696
|
+
...nativeNamespaceContext(this.options),
|
|
83697
|
+
remoteIdentity: this.remoteIdentity
|
|
83698
|
+
}));
|
|
83699
|
+
const namespacedRecords = resolution.visibleRecords.filter((record) => record.namespaced);
|
|
83700
|
+
const namespacedBaseIds = new Set(namespacedRecords.map((record) => record.baseId));
|
|
83701
|
+
const diagnosticBaseIds = new Set(resolution.unavailableDiagnostics.map((diagnostic) => diagnostic.requestedId));
|
|
83702
|
+
const routes = /* @__PURE__ */ new Map();
|
|
83703
|
+
const namespaceDiagnostics = new Map(resolution.suppressedBareIds);
|
|
83704
|
+
for (const diagnostic of resolution.unavailableDiagnostics) namespaceDiagnostics.set(diagnostic.requestedId, diagnostic);
|
|
83705
|
+
const alternativesByBaseId = /* @__PURE__ */ new Map();
|
|
83706
|
+
const staleIdsByBaseId = /* @__PURE__ */ new Map();
|
|
83707
|
+
const setRoute = (visibleCapletId, route, overwrite) => {
|
|
83708
|
+
if (overwrite || !routes.has(visibleCapletId)) routes.set(visibleCapletId, route);
|
|
83709
|
+
};
|
|
83710
|
+
const rewrite = (service, tools, overwrite) => {
|
|
83711
|
+
const rewritten = [];
|
|
83712
|
+
for (const tool of tools) {
|
|
83713
|
+
const baseId = sourceBaseId(tool);
|
|
83714
|
+
if (diagnosticBaseIds.has(baseId)) continue;
|
|
83715
|
+
if (!namespacedBaseIds.has(baseId)) {
|
|
83716
|
+
rewritten.push(tool);
|
|
83717
|
+
setRoute(tool.caplet, {
|
|
83718
|
+
service,
|
|
83719
|
+
capletId: tool.caplet
|
|
83720
|
+
}, overwrite);
|
|
83721
|
+
continue;
|
|
83722
|
+
}
|
|
83723
|
+
const record = namespacedRecords.find((candidate) => candidate.baseId === baseId && candidate.route.service === service);
|
|
83724
|
+
if (!record) continue;
|
|
83725
|
+
const visibleTool = renameNativeTool(tool, record.id);
|
|
83726
|
+
rewritten.push(visibleTool);
|
|
83727
|
+
addMapSetValue(alternativesByBaseId, baseId, visibleTool.caplet);
|
|
83728
|
+
if (tool.caplet !== visibleTool.caplet) addMapSetValue(staleIdsByBaseId, baseId, tool.caplet);
|
|
83729
|
+
setRoute(visibleTool.caplet, {
|
|
83730
|
+
service,
|
|
83731
|
+
capletId: tool.caplet
|
|
83732
|
+
}, overwrite);
|
|
83733
|
+
}
|
|
83734
|
+
return rewritten;
|
|
83735
|
+
};
|
|
83736
|
+
const remoteVisibleTools = rewrite("remote", remoteTools, false);
|
|
83737
|
+
const localVisibleTools = rewrite("local", localTools, true);
|
|
83738
|
+
const remoteVisibleCodeModeTools = rewrite("remote", remoteCodeModeTools, false);
|
|
83739
|
+
const localVisibleCodeModeTools = rewrite("local", localCodeModeTools, true);
|
|
83740
|
+
for (const [baseId, alternatives] of alternativesByBaseId) {
|
|
83741
|
+
const baseDiagnostic = resolution.suppressedBareIds.get(baseId);
|
|
83742
|
+
if (!baseDiagnostic) continue;
|
|
83743
|
+
const alternativeList = [...alternatives];
|
|
83744
|
+
namespaceDiagnostics.set(baseId, namespaceDiagnosticWithAlternatives(baseId, baseDiagnostic, alternativeList));
|
|
83745
|
+
for (const staleId of staleIdsByBaseId.get(baseId) ?? []) namespaceDiagnostics.set(staleId, namespaceDiagnosticWithAlternatives(staleId, baseDiagnostic, alternativeList));
|
|
83746
|
+
}
|
|
83747
|
+
return {
|
|
83748
|
+
remoteTools: remoteVisibleTools,
|
|
83749
|
+
localTools: localVisibleTools,
|
|
83750
|
+
remoteCodeModeTools: remoteVisibleCodeModeTools,
|
|
83751
|
+
localCodeModeTools: localVisibleCodeModeTools,
|
|
83752
|
+
routes,
|
|
83753
|
+
namespaceDiagnostics
|
|
83754
|
+
};
|
|
83452
83755
|
}
|
|
83453
83756
|
warnShadowedLocalCaplets(localTools, remoteIds) {
|
|
83454
83757
|
const localIds = /* @__PURE__ */ new Set([...localTools.filter((tool) => tool.codeModeRun !== true).map((tool) => tool.sourceCaplet ?? tool.caplet), ...codeModeCallableNativeTools(localTools, { fallbackToVisible: false }).map((tool) => tool.caplet)]);
|
|
@@ -83473,22 +83776,85 @@ var CompositeNativeCapletsService = class {
|
|
|
83473
83776
|
});
|
|
83474
83777
|
}
|
|
83475
83778
|
};
|
|
83476
|
-
function
|
|
83477
|
-
|
|
83779
|
+
function addMapSetValue(map, key, value) {
|
|
83780
|
+
let values = map.get(key);
|
|
83781
|
+
if (!values) {
|
|
83782
|
+
values = /* @__PURE__ */ new Set();
|
|
83783
|
+
map.set(key, values);
|
|
83784
|
+
}
|
|
83785
|
+
values.add(value);
|
|
83478
83786
|
}
|
|
83479
|
-
function
|
|
83480
|
-
return
|
|
83787
|
+
function namespaceDiagnosticWithAlternatives(requestedId, diagnostic, alternatives) {
|
|
83788
|
+
return {
|
|
83789
|
+
...diagnostic,
|
|
83790
|
+
requestedId,
|
|
83791
|
+
alternatives,
|
|
83792
|
+
hint: `Caplet '${requestedId}' is unavailable because namespace shadowing exposes qualified alternatives: ${alternatives.join(", ")}.`
|
|
83793
|
+
};
|
|
83481
83794
|
}
|
|
83482
|
-
function
|
|
83483
|
-
const
|
|
83484
|
-
|
|
83485
|
-
|
|
83486
|
-
|
|
83487
|
-
|
|
83795
|
+
function nativeNamespaceContext(options) {
|
|
83796
|
+
const configPath = options.configPath ?? resolveConfigPath();
|
|
83797
|
+
const projectConfigPath = options.projectConfigPath ?? resolveProjectConfigPath();
|
|
83798
|
+
let namespaceAliases = parseConfig({}).namespaceAliases;
|
|
83799
|
+
try {
|
|
83800
|
+
namespaceAliases = loadLocalOverlayConfigWithSources(configPath, projectConfigPath).config.namespaceAliases;
|
|
83801
|
+
} catch {}
|
|
83802
|
+
return {
|
|
83803
|
+
localIdentity: `local:${configPath}\0${projectConfigPath}`,
|
|
83804
|
+
namespaceAliases
|
|
83805
|
+
};
|
|
83806
|
+
}
|
|
83807
|
+
function nativeNamespaceEntries(groups, identities) {
|
|
83808
|
+
const entries = /* @__PURE__ */ new Map();
|
|
83809
|
+
for (const group of groups) {
|
|
83810
|
+
const byBaseId = /* @__PURE__ */ new Map();
|
|
83811
|
+
for (const tool of group.tools) {
|
|
83812
|
+
const baseId = sourceBaseId(tool);
|
|
83813
|
+
byBaseId.set(baseId, [...byBaseId.get(baseId) ?? [], tool]);
|
|
83814
|
+
}
|
|
83815
|
+
for (const [baseId, tools] of byBaseId) {
|
|
83816
|
+
const service = group.service;
|
|
83817
|
+
entries.set(`${service}:${baseId}`, {
|
|
83818
|
+
baseId,
|
|
83819
|
+
sourceKind: service === "local" ? "local" : "upstream",
|
|
83820
|
+
sourceLabel: service === "local" ? "local" : "remote",
|
|
83821
|
+
namespaceAlias: service === "local" ? identities.namespaceAliases.local : identities.namespaceAliases.upstreams[identities.remoteIdentity],
|
|
83822
|
+
durableSourceIdentity: service === "local" ? identities.localIdentity : identities.remoteIdentity,
|
|
83823
|
+
shadowing: aggregateShadowing(tools),
|
|
83824
|
+
route: {
|
|
83825
|
+
service,
|
|
83826
|
+
baseId
|
|
83827
|
+
}
|
|
83828
|
+
});
|
|
83488
83829
|
}
|
|
83489
|
-
if (tool.caplet === capletId || tool.sourceCaplet === capletId) keys.push(tool.sourceCaplet ?? tool.caplet);
|
|
83490
83830
|
}
|
|
83491
|
-
return
|
|
83831
|
+
return [...entries.values()];
|
|
83832
|
+
}
|
|
83833
|
+
function aggregateShadowing(tools) {
|
|
83834
|
+
if (tools.some((tool) => (tool.shadowing ?? "forbid") === "forbid")) return "forbid";
|
|
83835
|
+
if (tools.some((tool) => tool.shadowing === "namespace")) return "namespace";
|
|
83836
|
+
return "allow";
|
|
83837
|
+
}
|
|
83838
|
+
function sourceBaseId(tool) {
|
|
83839
|
+
return tool.sourceCaplet ?? tool.caplet;
|
|
83840
|
+
}
|
|
83841
|
+
function renameNativeTool(tool, visibleBaseId) {
|
|
83842
|
+
const baseId = sourceBaseId(tool);
|
|
83843
|
+
const visibleCapletId = tool.sourceCaplet && tool.caplet.startsWith(`${baseId}__`) ? `${visibleBaseId}${tool.caplet.slice(baseId.length)}` : visibleBaseId;
|
|
83844
|
+
const operationName = tool.sourceCaplet && tool.caplet.startsWith(`${baseId}__`) ? tool.caplet.slice(baseId.length + 2) : void 0;
|
|
83845
|
+
const toolName = operationName ? nativeDirectToolName(visibleBaseId, operationName) : nativeCapletToolName(visibleCapletId);
|
|
83846
|
+
return {
|
|
83847
|
+
...tool,
|
|
83848
|
+
caplet: visibleCapletId,
|
|
83849
|
+
...tool.sourceCaplet ? { sourceCaplet: visibleBaseId } : {},
|
|
83850
|
+
toolName
|
|
83851
|
+
};
|
|
83852
|
+
}
|
|
83853
|
+
function remoteCodeModeCallableNativeTools(tools) {
|
|
83854
|
+
return codeModeCallableNativeTools(tools, { fallbackToVisible: true });
|
|
83855
|
+
}
|
|
83856
|
+
function remoteSuppressedCapletIds(allRemoteTools, remoteCodeModeTools = remoteCodeModeCallableNativeTools(allRemoteTools)) {
|
|
83857
|
+
return new Set([...allRemoteTools.filter((tool) => tool.codeModeRun !== true && (tool.shadowing ?? "forbid") === "forbid").map((tool) => tool.sourceCaplet ?? tool.caplet), ...remoteCodeModeTools.filter((tool) => (tool.shadowing ?? "forbid") === "forbid").map((tool) => tool.caplet)].filter((caplet) => caplet !== nativeCodeModeToolId));
|
|
83492
83858
|
}
|
|
83493
83859
|
function createProjectBindingSessionManager(cloud, local, options) {
|
|
83494
83860
|
if (!cloud) return;
|
|
@@ -83547,4 +83913,4 @@ function errorMessage(error) {
|
|
|
83547
83913
|
return error instanceof Error ? error.message : String(error);
|
|
83548
83914
|
}
|
|
83549
83915
|
//#endregion
|
|
83550
|
-
export { resolveExposure as $,
|
|
83916
|
+
export { resolveExposure as $, mergeCapabilities as $t, nativeCapletPromptGuidance as A, isJSONRPCRequest as An, runOAuthFlow as At, CodeModeSessionManager as B, safeParse as Bn, defaultConfigBaseDir as Bt, resolveHostedCloudRemote as C, ReadResourceRequestSchema as Cn, validateCapletFile as Ct, isLoopbackHost as D, assertCompleteRequestResourceTemplate as Dn, markdownStructuredContent as Dt, controlUrlForBase as E, assertCompleteRequestPrompt as En, markdownCallToolResultContent as Et, nativeCodeModeToolName as F, getSchemaDescription as Fn, readTokenBundle as Ft, CodeModeJournalStore as G, resolveProjectCapletsRoot as Gt, diagnoseCodeModeTypeScript as H, __exportAll as Hn, defaultStateBaseDir as Ht, codeModeRunInputSchema as I, isSchemaOptional as In, DEFAULT_AUTH_DIR as It, codeModeDeclarationHash as J, serializeMessage as Jt, CodeModeLogStore as K, resolveProjectConfigPath as Kt, codeModeRunParamsSchema as L, isZ4Schema as Ln, DEFAULT_COMPLETION_CACHE_DIR as Lt, nativeCapletToolName as M, getLiteralValue as Mn, startOAuthFlow as Mt, nativeCapletsSystemGuidance as N, getObjectShape as Nn, deleteTokenBundle as Nt, parseServerBaseUrl as O, isInitializeRequest as On, refreshOAuthTokenBundle as Ot, nativeCodeModeToolId as P, getParseErrorMessage as Pn, isTokenBundleExpired as Pt, CapletsEngine as Q, Protocol as Qt, emptyCodeModeRunMeta as R, normalizeObjectSchema as Rn, DEFAULT_OBSERVED_OUTPUT_SHAPE_CACHE_DIR as Rt, resolveCapletsRemote as S, McpError as Sn, discoverCapletFiles as St, appendBasePath as T, SetLevelRequestSchema as Tn, hasRenderableStructuredContent as Tt, createCodeModeCapletsApi as U, resolveCapletsRoot as Ut, QuickJsCodeModeSandbox as V, safeParseAsync as Vn, defaultConfigPath as Vt, listCodeModeCallableCaplets as W, resolveConfigPath as Wt, generateCodeModeRunToolDescription as X, assertToolsCallTaskCapability as Xt, generateCodeModeDeclarations as Y, assertClientRequestTaskCapability as Yt, minifyCodeModeDeclarationText as Z, AjvJsonSchemaValidator as Zt, CapletsCloudClient as _, ListResourceTemplatesRequestSchema as _n, FileVaultStore as _t, CloudAuthStore as a, CreateMessageResultWithToolsSchema as an, ServerRegistry as at, isCapletsCloudUrl as b, ListToolsRequestSchema as bn, decryptVaultValue as bt, redactedCloudAuthStatus as c, ElicitResultSchema as cn, loadConfig as ct, projectBindingError as d, GetPromptRequestSchema as dn, loadLocalOverlayConfigWithSources as dt, toJsonSchemaCompat as en, decodeDirectResourceUri as et, projectBindingRecovery as f, InitializeRequestSchema as fn, loadProjectConfig as ft, buildProjectSyncManifest as g, ListPromptsRequestSchema as gn, vaultStoreForAuthDir as gt, createSdkRemoteCapletsClient as h, LATEST_PROTOCOL_VERSION as hn, vaultResolverForAuthDir as ht, createRemoteProfileStore as i, CreateMessageResultSchema as in, handleServerTool as it, nativeCapletToolDescription as j, isJSONRPCResultResponse as jn, startGenericOAuthFlow as jt, resolveCapletsServer as k, isJSONRPCErrorResponse as kn, runGenericOAuthFlow as kt, PROJECT_BINDING_ERROR_CODES as l, EmptyResultSchema as ln, loadConfigWithSources as lt, RemoteNativeCapletsService as m, JSONRPCMessageSchema as mn, vaultBootstrapResolver as mt, resolveRemoteSelection as n, CallToolResultSchema as nn, findProjectRoot as nt, cloudAuthPath as o, CreateTaskResultSchema as on, capabilityDescription as ot, CloudAuthClient as p, InitializedNotificationSchema as pn, parseConfig as pt, redactCodeModeLogText as q, ReadBuffer as qt, cloudCredentialsFromRemoteProfile as r, CompleteRequestSchema as rn, fingerprintProjectRoot as rt, migrateCredentials as s, DEFAULT_NEGOTIATED_PROTOCOL_VERSION as sn, GoogleDiscoveryManager as st, createNativeCapletsService as t, CallToolRequestSchema as tn, directResourceUriMatchesTemplate as tt, ProjectBindingError as u, ErrorCode as un, loadGlobalConfig as ut, resolveNativeCapletsServiceOptions as v, ListResourcesRequestSchema as vn, VAULT_MAX_VALUE_BYTES as vt, resolveRemoteMode as w, SUPPORTED_PROTOCOL_VERSIONS as wn, loadCapletFilesFromMap as wt, normalizeRemoteProfileHostUrl as x, LoggingLevelSchema as xn, encryptVaultValue as xt, hostedCloudWorkspaceFromRemoteUrl as y, ListRootsResultSchema as yn, validateVaultKeyName as yt, runCodeMode as z, objectFromShape as zn, defaultCacheBaseDir as zt };
|