@codeflyai/codefly 0.24.0 → 0.24.2

package/bundle/docs/tools/database-schema.md

@@ -0,0 +1,231 @@
+# Database Schema Tool
+
+The Database Schema Tool (`get_database_schema`) allows Codefly to retrieve
+database table structures and column information from MySQL or PostgreSQL
+databases. This tool is essential for understanding database schemas, generating
+ORMs, creating migrations, and working with database-driven applications.
+
+## Overview
+
+The Database Schema Tool connects to a MySQL or PostgreSQL database and
+retrieves comprehensive schema information including:
+
+- Table names
+- Column names and data types
+- Nullable constraints
+- Primary keys and indexes (MySQL)
+
+## How to use
+
+### Basic usage
+
+Ask Codefly to fetch database schema information:
+
+```
+> Get the schema for the MySQL database 'myapp_db' on localhost with user 'root'
+```
+
+```
+> Fetch the PostgreSQL database schema from host db.example.com, database 'production_db', user 'admin'
+```
+
+### Common use cases
+
+#### Understanding database structure
+
+```
+> What tables exist in the MySQL database 'shop_db' on localhost?
+```
+
+#### Generating ORM models
+
+```
+> Get the schema from the PostgreSQL database 'app_db' and generate TypeScript TypeORM entities
+```
+
+#### Creating database documentation
+
+```
+> Fetch the schema from MySQL database 'inventory_db' and create markdown documentation for all tables
+```
+
+#### Database migration planning
+
+```
+> Get the current schema from the dev database and suggest migrations to match the production schema structure
+```
+
+## Tool parameters
+
+The `get_database_schema` tool accepts the following parameters:
+
+- **`type`** (required): Database type
+  - `mysql`: For MySQL or MariaDB databases
+  - `postgres`: For PostgreSQL databases
+
+- **`host`** (required): Database host address
+  - Examples: `localhost`, `127.0.0.1`, `db.example.com`
+
+- **`user`** (required): Username for database connection
+
+- **`database`** (required): Name of the database to query
+
+- **`password`** (optional): Password for database connection
+  - If not provided, will attempt connection without password
+
+- **`port`** (optional): Port number
+  - Defaults to `3306` for MySQL
+  - Defaults to `5432` for PostgreSQL
+
+## Output format
+
+The tool returns a formatted list of tables and their columns:
+
+```
+Table: users
+- id (int) [PRI]
+- username (varchar)
+- email (varchar)
+- created_at (timestamp) NULL
+
+Table: orders
+- id (int) [PRI]
+- user_id (int) [MUL]
+- total (decimal)
+- status (varchar)
+- created_at (timestamp)
+```
+
+For each column, the output includes:
+
+- Column name
+- Data type
+- NULL/NOT NULL constraint
+- Index information (for MySQL: PRI for primary key, MUL for indexed, etc.)
+
+## Dependencies
+
+The Database Schema Tool requires database client libraries:
+
+### For MySQL/MariaDB
+
+```bash
+npm install mysql2
+```
+
+### For PostgreSQL
+
+```bash
+npm install pg
+```
+
+If the required package is not installed, the tool will ask you to install it.
+
+## Security considerations
+
+- **Credentials**: Be cautious when providing database passwords. Consider using
+  environment variables or secure credential storage
+- **Read-only access**: The tool only reads schema information and does not
+  modify data
+- **Network security**: Ensure database connections are made over secure
+  networks
+- **Least privilege**: Use database accounts with minimal required permissions
+  (e.g., `SHOW TABLES`, `DESCRIBE` for MySQL, or `pg_catalog` read access for
+  PostgreSQL)
+
+## Examples
+
+### Example 1: Local development database
+
+```
+> Get the schema from MySQL database 'dev_db' on localhost with user 'root' and no password
+```
+
+### Example 2: Remote PostgreSQL database
+
+```
+> Connect to PostgreSQL at db.example.com:5432, database 'production_db', user 'readonly', and fetch the complete schema
+```
+
+### Example 3: Generating TypeORM entities
+
+```
+> Get the schema from MySQL database 'app_db' on localhost and generate TypeORM entities for all tables
+```
+
+Codefly will fetch the schema and generate TypeScript classes with appropriate
+decorators.
+
+### Example 4: Creating database documentation
+
+```
+> Fetch the schema from PostgreSQL database 'analytics_db' and create a comprehensive markdown document describing all tables, their relationships, and fields
+```
+
+### Example 5: Schema comparison
+
+```
+> Get schemas from both the dev and production databases and show me the differences
+```
+
+## Troubleshooting
+
+### "The 'mysql2' package is required"
+
+For MySQL databases, install the mysql2 package:
+
+```bash
+npm install mysql2
+```
+
+### "The 'pg' package is required"
+
+For PostgreSQL databases, install the pg package:
+
+```bash
+npm install pg
+```
+
+### "Connection failed"
+
+Common connection issues:
+
+- **Wrong host/port**: Verify the database server address and port
+- **Authentication failed**: Check username and password
+- **Database doesn't exist**: Ensure the database name is correct
+- **Network issues**: Verify firewall rules and network connectivity
+- **Permissions**: Ensure the user has permission to access schema information
+
+### "Access denied"
+
+The database user needs appropriate permissions:
+
+For MySQL:
+
+```sql
+GRANT SELECT ON information_schema.* TO 'username'@'host';
+```
+
+For PostgreSQL:
+
+```sql
+GRANT CONNECT ON DATABASE dbname TO username;
+GRANT USAGE ON SCHEMA public TO username;
+```
+
+## Best practices
+
+1. **Use read-only credentials**: Create database users with minimal required
+   permissions
+2. **Protect passwords**: Avoid hardcoding passwords in prompts; use environment
+   variables when possible
+3. **Test connections**: Verify connectivity with a simple query before running
+   complex operations
+4. **Document schema changes**: Use this tool to track schema evolution over
+   time
+
+## See also
+
+- [Swagger Schema Tool](./swagger-schema.md) - For retrieving API schemas
+- [File System Tools](./file-system.md) - For working with local schema files
+- [Shell Tool](./shell.md) - For running database migration commands

package/bundle/docs/tools/index.md

@@ -86,10 +86,17 @@ Gemini CLI's built-in tools can be broadly categorized as follows:
   information across sessions.
 - **[Todo Tool](./todos.md) (`write_todos`):** For managing subtasks of complex
   requests.
+- **[Database Schema Tool](./database-schema.md) (`get_database_schema`):** For
+  retrieving database table structures from MySQL or PostgreSQL databases.
+- **[Swagger Schema Tool](./swagger-schema.md) (`get_swagger_schema`):** For
+  fetching and parsing Swagger/OpenAPI schema definitions from URLs.
 
 Additionally, these tools incorporate:
 
 - **[MCP servers](./mcp-server.md)**: MCP servers act as a bridge between the
   Gemini model and your local environment or other services like APIs.
+- **[Agent Skills](../cli/skills.md)**: (Experimental) On-demand expertise
+  packages that are activated via the `activate_skill` tool to provide
+  specialized guidance and resources.
 - **[Sandboxing](../cli/sandbox.md)**: Sandboxing isolates the model and its
   changes from your environment to reduce potential risk.

package/bundle/docs/tools/mcp-server.md

@@ -722,7 +722,8 @@ The MCP integration tracks several states:
 
 ### Debugging tips
 
-1. **Enable debug mode:** Run the CLI with `--debug` for verbose output
+1. **Enable debug mode:** Run the CLI with `--debug` for verbose output (use F12
+   to open debug console in interactive mode)
 2. **Check stderr:** MCP server stderr is captured and logged (INFO messages
    filtered)
 3. **Test isolation:** Test your MCP server independently before integrating
@@ -732,7 +733,7 @@ The MCP integration tracks several states:
 
 ## Important notes
 
-### Security sonsiderations
+### Security considerations
 
 - **Trust settings:** The `trust` option bypasses all confirmation dialogs. Use
   cautiously and only for servers you completely control
@@ -1037,6 +1038,29 @@ gemini mcp remove my-server
 This will find and delete the "my-server" entry from the `mcpServers` object in
 the appropriate `settings.json` file based on the scope (`-s, --scope`).
 
+### Enabling/disabling a server (`gemini mcp enable`, `gemini mcp disable`)
+
+Temporarily disable an MCP server without removing its configuration, or
+re-enable a previously disabled server.
+
+**Commands:**
+
+```bash
+gemini mcp enable <name> [--session]
+gemini mcp disable <name> [--session]
+```
+
+**Options (flags):**
+
+- `--session`: Apply change only for this session (not persisted to file).
+
+Disabled servers appear in `/mcp` status as "Disabled" but won't connect or
+provide tools. Enablement state is stored in
+`~/.gemini/mcp-server-enablement.json`.
+
+The same commands are available as slash commands during an active session:
+`/mcp enable <name>` and `/mcp disable <name>`.
+
 ## Instructions
 
 Gemini CLI supports

package/bundle/docs/tools/shell.md

@@ -135,7 +135,7 @@ user input, such as text editors (`vim`, `nano`), terminal-based UIs (`htop`),
 and interactive version control operations (`git rebase -i`).
 
 When an interactive command is running, you can send input to it from the Gemini
-CLI. To focus on the interactive shell, press `ctrl+f`. The terminal output,
+CLI. To focus on the interactive shell, press `Tab`. The terminal output,
 including complex TUIs, will be rendered correctly.
 
 ## Important notes

package/bundle/docs/tools/swagger-schema.md

@@ -0,0 +1,236 @@
+# Swagger Schema Tool
+
+The Swagger Schema Tool (`get_swagger_schema`) allows Codefly to fetch and parse
+Swagger/OpenAPI schema definitions from URLs. This tool is particularly useful
+for understanding API structures, generating API clients, documenting endpoints,
+and integrating with external services.
+
+## Overview
+
+The Swagger Schema Tool retrieves Swagger/OpenAPI specifications from a given
+URL and can return them in different formats:
+
+- **Summary format** (default): A human-readable overview of the API including
+  endpoints, parameters, and models
+- **JSON format**: The complete schema in JSON format
+- **YAML format**: The complete schema in YAML format
+
+## How to use
+
+### Basic usage
+
+Simply ask Codefly to fetch a Swagger schema:
+
+```
+> Fetch the Swagger schema from https://api.example.com/swagger.json
+```
+
+### Specify output format
+
+You can request a specific format:
+
+```
+> Get the Swagger schema from https://petstore.swagger.io/v2/swagger.json in JSON format
+```
+
+```
+> Show me a summary of the API endpoints from https://api.example.com/v2/api-docs
+```
+
+### Common use cases
+
+#### Understanding an API structure
+
+```
+> What endpoints are available in the API at https://api.github.com/swagger.json?
+```
+
+#### Generating API documentation
+
+```
+> Fetch the Swagger schema from https://api.example.com/swagger.json and create a markdown documentation file
+```
+
+#### Comparing API versions
+
+```
+> Compare the endpoints between https://api.example.com/v1/swagger.json and https://api.example.com/v2/swagger.json
+```
+
+#### Creating API clients
+
+```
+> Get the Swagger schema from https://api.example.com/swagger.json and generate a TypeScript client for it
+```
+
+## Tool parameters
+
+The `get_swagger_schema` tool accepts the following parameters:
+
+- **`url`** (required): The URL of the Swagger/OpenAPI schema file
+  - Examples:
+    - `https://api.example.com/swagger.json`
+    - `https://api.example.com/v2/api-docs`
+    - `https://petstore.swagger.io/v2/swagger.yaml`
+
+- **`format`** (optional): The output format
+  - `summary` (default): Human-readable overview with endpoints and models
+  - `json`: Full schema in JSON format
+  - `yaml`: Full schema in YAML format
+
+## Output format
+
+### Summary format
+
+The summary format provides:
+
+- API title, version, and description
+- OpenAPI/Swagger version
+- Server URLs or base paths
+- List of endpoints with:
+  - HTTP method and path
+  - Summary and description
+  - Operation ID
+  - Tags
+  - Parameters (name, location, type, required status)
+  - Request body information
+  - Response codes
+- List of model/schema definitions
+
+Example output:
+
+```
+API: Petstore API
+Version: 1.0.0
+Description: This is a sample server Petstore server.
+
+OpenAPI/Swagger Version: 3.0.0
+Servers:
+  - https://petstore.swagger.io/v2
+
+Endpoints:
+
+GET /pets
+  Summary: List all pets
+  Operation ID: listPets
+  Tags: pets
+  Parameters:
+    - limit (query, integer)
+  Responses: 200, default
+
+POST /pets
+  Summary: Create a pet
+  Operation ID: createPets
+  Tags: pets
+  Request Body (required)
+  Responses: 201
+
+Models/Schemas:
+  - Pet
+  - Error
+```
+
+### JSON/YAML formats
+
+These formats return the complete Swagger/OpenAPI specification as-is, which is
+useful for:
+
+- Importing into API development tools
+- Generating code
+- Detailed schema analysis
+- Integration with other tools
+
+## Supported formats
+
+The tool supports both Swagger 2.0 and OpenAPI 3.x specifications in:
+
+- JSON format (`.json` files or `application/json` content type)
+- YAML format (`.yaml` or `.yml` files, or `application/x-yaml`/`text/yaml`
+  content types)
+
+The tool automatically detects the format based on the content type header or
+file extension.
+
+## Dependencies
+
+The Swagger Schema Tool uses the following optional dependencies:
+
+- **`node-fetch`**: For fetching schemas from URLs (built-in)
+- **`js-yaml`**: For parsing YAML format schemas (optional)
+
+If a YAML schema is encountered and `js-yaml` is not installed, the tool will
+ask you to install it:
+
+```bash
+npm install js-yaml
+```
+
+## Security considerations
+
+- The tool fetches schemas from remote URLs, so ensure you trust the source
+- Review the fetched schema before using it to generate code or make API calls
+- The tool does not execute any code from the fetched schema, it only parses and
+  displays the structure
+
+## Examples
+
+### Example 1: Exploring a public API
+
+```
+> Fetch the Swagger schema from https://petstore.swagger.io/v2/swagger.json and tell me what endpoints are available
+```
+
+Codefly will fetch the schema, parse it, and provide a summary of all available
+endpoints.
+
+### Example 2: Generating API client code
+
+```
+> Get the Swagger schema from https://api.example.com/v2/api-docs in JSON format, then generate a Python client using the requests library
+```
+
+Codefly will fetch the schema in JSON format and use it to generate a Python
+client.
+
+### Example 3: API documentation
+
+```
+> Fetch the Swagger schema from https://api.example.com/swagger.json and create comprehensive API documentation in markdown format, including all endpoints, parameters, and response schemas
+```
+
+Codefly will analyze the schema and generate human-readable documentation.
+
+## Troubleshooting
+
+### "Failed to fetch Swagger schema: 404 Not Found"
+
+The URL you provided does not point to a valid Swagger schema. Common
+Swagger/OpenAPI endpoint paths include:
+
+- `/swagger.json`
+- `/swagger.yaml`
+- `/v2/api-docs` (Springfox/SpringDoc)
+- `/openapi.json`
+- `/api-docs`
+
+### "Failed to parse Swagger schema"
+
+The content at the URL is not a valid JSON or YAML document. Ensure:
+
+- The URL returns a proper Swagger/OpenAPI specification
+- The content type is correct
+- The file is not corrupted
+
+### "The 'js-yaml' package is required"
+
+If you're fetching a YAML schema, you need to install js-yaml:
+
+```bash
+npm install js-yaml
+```
+
+## See also
+
+- [Database Schema Tool](./database-schema.md) - For retrieving database schemas
+- [Web Fetch Tool](./web-fetch.md) - For fetching general web content
+- [File System Tools](./file-system.md) - For working with local files

package/bundle/docs/troubleshooting.md

@@ -28,6 +28,16 @@ topics on:
     - **Organizational Users:** Contact your Google Cloud administrator to be
       added to your organization's Gemini Code Assist subscription.
 
+- **Error:
+  `Failed to login. Message: Your current account is not eligible... because it is not currently available in your location.`**
+  - **Cause:** Gemini CLI does not currently support your location. For a full
+    list of supported locations, see the following pages:
+    - Gemini Code Assist for individuals:
+      [Available locations](https://developers.google.com/gemini-code-assist/resources/available-locations#americas)
+    - Google AI Pro and Ultra where Gemini Code Assist (and Gemini CLI) is also
+      available:
+      [Available locations](https://developers.google.com/gemini-code-assist/resources/locations-pro-ultra)
+
 - **Error: `Failed to login. Message: Request contains an invalid argument`**
   - **Cause:** Users with Google Workspace accounts or Google Cloud accounts
     associated with their Gmail accounts may not be able to activate the free
@@ -43,9 +53,15 @@ topics on:
   - **Cause:** You may be on a corporate network with a firewall that intercepts
     and inspects SSL/TLS traffic. This often requires a custom root CA
     certificate to be trusted by Node.js.
-  - **Solution:** Set the `NODE_EXTRA_CA_CERTS` environment variable to the
-    absolute path of your corporate root CA certificate file.
-    - Example: `export NODE_EXTRA_CA_CERTS=/path/to/your/corporate-ca.crt`
+  - **Solution:** First try setting `NODE_USE_SYSTEM_CA`; if that does not
+    resolve the issue, set `NODE_EXTRA_CA_CERTS`.
+    - Set the `NODE_USE_SYSTEM_CA=1` environment variable to tell Node.js to use
+      the operating system's native certificate store (where corporate
+      certificates are typically already installed).
+      - Example: `export NODE_USE_SYSTEM_CA=1`
+    - Set the `NODE_EXTRA_CA_CERTS` environment variable to the absolute path of
+      your corporate root CA certificate file.
+      - Example: `export NODE_EXTRA_CA_CERTS=/path/to/your/corporate-ca.crt`
 
 ## Common error messages and solutions
 
@@ -124,13 +140,15 @@ This is especially useful for scripting and automation.
 ## Debugging tips
 
 - **CLI debugging:**
-  - Use the `--debug` flag for more detailed output.
+  - Use the `--debug` flag for more detailed output. In interactive mode, press
+    F12 to view the debug console.
   - Check the CLI logs, often found in a user-specific configuration or cache
     directory.
 
 - **Core debugging:**
   - Check the server console output for error messages or stack traces.
-  - Increase log verbosity if configurable.
+  - Increase log verbosity if configurable. For example, set the `DEBUG_MODE`
+    environment variable to `true` or `1`.
   - Use Node.js debugging tools (e.g., `node --inspect`) if you need to step
     through server-side code.
 

package/bundle/policies/agent.toml

@@ -27,5 +27,5 @@
 
 [[rule]]
 toolName = "delegate_to_agent"
-decision = "allow"
+decision = "ask_user"
 priority = 50

package/bundle/policies/plan.toml

@@ -0,0 +1,70 @@
+# Priority system for policy rules:
+# - Higher priority numbers win over lower priority numbers
+# - When multiple rules match, the highest priority rule is applied
+# - Rules are evaluated in order of priority (highest first)
+#
+# Priority bands (tiers):
+# - Default policies (TOML): 1 + priority/1000 (e.g., priority 100 → 1.100)
+# - User policies (TOML): 2 + priority/1000 (e.g., priority 100 → 2.100)
+# - Admin policies (TOML): 3 + priority/1000 (e.g., priority 100 → 3.100)
+#
+# This ensures Admin > User > Default hierarchy is always preserved,
+# while allowing user-specified priorities to work within each tier.
+#
+# Settings-based and dynamic rules (all in user tier 2.x):
+#   2.95: Tools that the user has selected as "Always Allow" in the interactive UI
+#   2.9:  MCP servers excluded list (security: persistent server blocks)
+#   2.4:  Command line flag --exclude-tools (explicit temporary blocks)
+#   2.3:  Command line flag --allowed-tools (explicit temporary allows)
+#   2.2:  MCP servers with trust=true (persistent trusted servers)
+#   2.1:  MCP servers allowed list (persistent general server allows)
+#
+# TOML policy priorities (before transformation):
+#   10: Write tools default to ASK_USER (becomes 1.010 in default tier)
+#   20: Plan mode catch-all DENY override (becomes 1.020 in default tier)
+#   50: Read-only tools (becomes 1.050 in default tier)
+#   999: YOLO mode allow-all (becomes 1.999 in default tier)
+
+# Catch-All: Deny everything by default in Plan mode.
+
+[[rule]]
+decision = "deny"
+priority = 20
+modes = ["plan"]
+
+# Explicitly Allow Read-Only Tools in Plan mode.
+
+[[rule]]
+toolName = "glob"
+decision = "allow"
+priority = 50
+modes = ["plan"]
+
+[[rule]]
+toolName = "search_file_content"
+decision = "allow"
+priority = 50
+modes = ["plan"]
+
+[[rule]]
+toolName = "list_directory"
+decision = "allow"
+priority = 50
+modes = ["plan"]
+
+[[rule]]
+toolName = "read_file"
+decision = "allow"
+priority = 50
+modes = ["plan"]
+
+[[rule]]
+toolName = "google_web_search"
+decision = "allow"
+priority = 50
+modes = ["plan"]
+
+[[rule]]
+toolName = "SubagentInvocation"
+decision = "allow"
+priority = 50

package/bundle/policies/read-only.toml

@@ -45,11 +45,6 @@ toolName = "read_file"
 decision = "allow"
 priority = 50
 
-[[rule]]
-toolName = "read_many_files"
-decision = "allow"
-priority = 50
-
 [[rule]]
 toolName = "google_web_search"
 decision = "allow"

package/bundle/policies/yolo.toml

@@ -29,3 +29,4 @@
 decision = "allow"
 priority = 999
 modes = ["yolo"]
+allow_redirection = true