@corbat-tech/coco 2.25.3 → 2.25.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/index.js +78 -19
- package/dist/cli/index.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +10 -4
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/cli/index.js
CHANGED
|
@@ -3764,6 +3764,8 @@ var init_openai = __esm({
|
|
|
3764
3764
|
"o3",
|
|
3765
3765
|
"o3-mini",
|
|
3766
3766
|
"o4-mini",
|
|
3767
|
+
"gpt-5",
|
|
3768
|
+
"codex",
|
|
3767
3769
|
"kimi-k2.5",
|
|
3768
3770
|
"kimi-k2-0324",
|
|
3769
3771
|
"kimi-latest"
|
|
@@ -4458,12 +4460,13 @@ var init_openai = __esm({
|
|
|
4458
4460
|
try {
|
|
4459
4461
|
const model = options?.model ?? this.config.model ?? DEFAULT_MODEL2;
|
|
4460
4462
|
const { input, instructions } = this.convertToResponsesInput(messages, options?.system);
|
|
4463
|
+
const supportsTemp = this.supportsTemperature(model);
|
|
4461
4464
|
const response = await this.client.responses.create({
|
|
4462
4465
|
model,
|
|
4463
4466
|
input,
|
|
4464
4467
|
instructions: instructions ?? void 0,
|
|
4465
4468
|
max_output_tokens: options?.maxTokens ?? this.config.maxTokens ?? 8192,
|
|
4466
|
-
temperature: options?.temperature ?? this.config.temperature ?? 0,
|
|
4469
|
+
...supportsTemp && { temperature: options?.temperature ?? this.config.temperature ?? 0 },
|
|
4467
4470
|
store: false
|
|
4468
4471
|
});
|
|
4469
4472
|
return {
|
|
@@ -4491,13 +4494,14 @@ var init_openai = __esm({
|
|
|
4491
4494
|
const model = options?.model ?? this.config.model ?? DEFAULT_MODEL2;
|
|
4492
4495
|
const { input, instructions } = this.convertToResponsesInput(messages, options?.system);
|
|
4493
4496
|
const tools = this.convertToolsForResponses(options.tools);
|
|
4497
|
+
const supportsTemp = this.supportsTemperature(model);
|
|
4494
4498
|
const response = await this.client.responses.create({
|
|
4495
4499
|
model,
|
|
4496
4500
|
input,
|
|
4497
4501
|
instructions: instructions ?? void 0,
|
|
4498
4502
|
tools,
|
|
4499
4503
|
max_output_tokens: options?.maxTokens ?? this.config.maxTokens ?? 8192,
|
|
4500
|
-
temperature: options?.temperature ?? this.config.temperature ?? 0,
|
|
4504
|
+
...supportsTemp && { temperature: options?.temperature ?? this.config.temperature ?? 0 },
|
|
4501
4505
|
store: false
|
|
4502
4506
|
});
|
|
4503
4507
|
let content = "";
|
|
@@ -4542,12 +4546,13 @@ var init_openai = __esm({
|
|
|
4542
4546
|
try {
|
|
4543
4547
|
const model = options?.model ?? this.config.model ?? DEFAULT_MODEL2;
|
|
4544
4548
|
const { input, instructions } = this.convertToResponsesInput(messages, options?.system);
|
|
4549
|
+
const supportsTemp = this.supportsTemperature(model);
|
|
4545
4550
|
const stream = await this.client.responses.create({
|
|
4546
4551
|
model,
|
|
4547
4552
|
input,
|
|
4548
4553
|
instructions: instructions ?? void 0,
|
|
4549
4554
|
max_output_tokens: options?.maxTokens ?? this.config.maxTokens ?? 8192,
|
|
4550
|
-
temperature: options?.temperature ?? this.config.temperature ?? 0,
|
|
4555
|
+
...supportsTemp && { temperature: options?.temperature ?? this.config.temperature ?? 0 },
|
|
4551
4556
|
store: false,
|
|
4552
4557
|
stream: true
|
|
4553
4558
|
});
|
|
@@ -4604,12 +4609,13 @@ var init_openai = __esm({
|
|
|
4604
4609
|
const model = options?.model ?? this.config.model ?? DEFAULT_MODEL2;
|
|
4605
4610
|
const { input, instructions } = this.convertToResponsesInput(messages, options?.system);
|
|
4606
4611
|
const tools = options.tools.length > 0 ? this.convertToolsForResponses(options.tools) : void 0;
|
|
4612
|
+
const supportsTemp = this.supportsTemperature(model);
|
|
4607
4613
|
const requestParams = {
|
|
4608
4614
|
model,
|
|
4609
4615
|
input,
|
|
4610
4616
|
instructions: instructions ?? void 0,
|
|
4611
4617
|
max_output_tokens: options?.maxTokens ?? this.config.maxTokens ?? 8192,
|
|
4612
|
-
temperature: options?.temperature ?? this.config.temperature ?? 0,
|
|
4618
|
+
...supportsTemp && { temperature: options?.temperature ?? this.config.temperature ?? 0 },
|
|
4613
4619
|
store: false,
|
|
4614
4620
|
stream: true
|
|
4615
4621
|
};
|
|
@@ -21112,15 +21118,23 @@ async function authenticateMcpOAuth(params) {
|
|
|
21112
21118
|
`MCP server '${params.serverName}' requires interactive OAuth in a TTY session. Run Coco in a terminal, or use mcp-remote (e.g. npx -y mcp-remote@latest ${resource}) for IDE bridge workflows.`
|
|
21113
21119
|
);
|
|
21114
21120
|
}
|
|
21115
|
-
|
|
21116
|
-
|
|
21117
|
-
|
|
21118
|
-
|
|
21119
|
-
|
|
21120
|
-
|
|
21121
|
-
|
|
21121
|
+
let authorizationServer;
|
|
21122
|
+
let authorizationMetadata;
|
|
21123
|
+
try {
|
|
21124
|
+
const protectedMetadata = await discoverProtectedResourceMetadata(
|
|
21125
|
+
resource,
|
|
21126
|
+
params.wwwAuthenticateHeader
|
|
21127
|
+
);
|
|
21128
|
+
authorizationServer = protectedMetadata.authorization_servers?.[0];
|
|
21129
|
+
if (authorizationServer) {
|
|
21130
|
+
authorizationMetadata = await discoverAuthorizationServerMetadata(authorizationServer);
|
|
21131
|
+
}
|
|
21132
|
+
} catch {
|
|
21122
21133
|
}
|
|
21123
|
-
|
|
21134
|
+
if (!authorizationMetadata) {
|
|
21135
|
+
authorizationMetadata = await discoverAuthorizationServerMetadata(resource);
|
|
21136
|
+
}
|
|
21137
|
+
authorizationServer = authorizationServer ?? authorizationMetadata.issuer ?? new URL(resource).origin;
|
|
21124
21138
|
if (stored && isTokenExpired2(stored) && stored.refreshToken && stored.clientId) {
|
|
21125
21139
|
try {
|
|
21126
21140
|
const refreshed = await refreshAccessToken2({
|
|
@@ -21295,12 +21309,29 @@ var init_http = __esm({
|
|
|
21295
21309
|
});
|
|
21296
21310
|
let response = await doFetch();
|
|
21297
21311
|
if (response.status !== 401 || !this.shouldAttemptOAuth()) {
|
|
21312
|
+
if (this.shouldAttemptOAuth() && !this.oauthToken && response.headers.get("www-authenticate")) {
|
|
21313
|
+
await this.ensureOAuthToken(response.headers.get("www-authenticate"));
|
|
21314
|
+
response = await doFetch();
|
|
21315
|
+
}
|
|
21298
21316
|
return response;
|
|
21299
21317
|
}
|
|
21300
21318
|
await this.ensureOAuthToken(response.headers.get("www-authenticate"));
|
|
21301
21319
|
response = await doFetch();
|
|
21302
21320
|
return response;
|
|
21303
21321
|
}
|
|
21322
|
+
looksLikeAuthErrorMessage(message) {
|
|
21323
|
+
if (!message) return false;
|
|
21324
|
+
const msg = message.toLowerCase();
|
|
21325
|
+
const hasStrongAuthSignal = msg.includes("unauthorized") || msg.includes("unauthorised") || msg.includes("authentication") || msg.includes("oauth") || msg.includes("access token") || msg.includes("bearer") || msg.includes("not authenticated") || msg.includes("not logged") || msg.includes("login") || msg.includes("generate") && msg.includes("token");
|
|
21326
|
+
const hasVendorHint = msg.includes("gemini cli") || msg.includes("jira") || msg.includes("confluence") || msg.includes("atlassian");
|
|
21327
|
+
const hasWeakAuthSignal = msg.includes("authenticate") || msg.includes("token") || msg.includes("authorization");
|
|
21328
|
+
return hasStrongAuthSignal || // Vendor-specific hints alone are not enough; require an auth-related token too.
|
|
21329
|
+
hasVendorHint && hasWeakAuthSignal;
|
|
21330
|
+
}
|
|
21331
|
+
isJsonRpcAuthError(payload) {
|
|
21332
|
+
if (!payload.error) return false;
|
|
21333
|
+
return this.looksLikeAuthErrorMessage(payload.error.message);
|
|
21334
|
+
}
|
|
21304
21335
|
/**
|
|
21305
21336
|
* Connect to the HTTP transport
|
|
21306
21337
|
*/
|
|
@@ -21364,6 +21395,22 @@ var init_http = __esm({
|
|
|
21364
21395
|
throw new MCPTransportError(`HTTP error ${response.status}: ${response.statusText}`);
|
|
21365
21396
|
}
|
|
21366
21397
|
const data = await response.json();
|
|
21398
|
+
if (this.shouldAttemptOAuth() && this.isJsonRpcAuthError(data)) {
|
|
21399
|
+
await this.ensureOAuthToken(response.headers.get("www-authenticate"));
|
|
21400
|
+
const retryResponse = await this.sendRequestWithOAuthRetry(
|
|
21401
|
+
"POST",
|
|
21402
|
+
JSON.stringify(message),
|
|
21403
|
+
abortController.signal
|
|
21404
|
+
);
|
|
21405
|
+
if (!retryResponse.ok) {
|
|
21406
|
+
throw new MCPTransportError(
|
|
21407
|
+
`HTTP error ${retryResponse.status}: ${retryResponse.statusText}`
|
|
21408
|
+
);
|
|
21409
|
+
}
|
|
21410
|
+
const retryData = await retryResponse.json();
|
|
21411
|
+
this.messageCallback?.(retryData);
|
|
21412
|
+
return;
|
|
21413
|
+
}
|
|
21367
21414
|
this.messageCallback?.(data);
|
|
21368
21415
|
return;
|
|
21369
21416
|
} catch (error) {
|
|
@@ -38211,9 +38258,6 @@ async function savePermissionPreference(key, value) {
|
|
|
38211
38258
|
}
|
|
38212
38259
|
async function shouldShowPermissionSuggestion() {
|
|
38213
38260
|
const prefs = await loadPermissionPreferences();
|
|
38214
|
-
if (prefs.recommendedAllowlistPrompted) {
|
|
38215
|
-
return false;
|
|
38216
|
-
}
|
|
38217
38261
|
if (prefs.recommendedAllowlistDismissed) {
|
|
38218
38262
|
return false;
|
|
38219
38263
|
}
|
|
@@ -38229,7 +38273,6 @@ async function applyRecommendedPermissions() {
|
|
|
38229
38273
|
await savePermissionPreference("recommendedAllowlistApplied", true);
|
|
38230
38274
|
}
|
|
38231
38275
|
async function showPermissionSuggestion() {
|
|
38232
|
-
await savePermissionPreference("recommendedAllowlistPrompted", true);
|
|
38233
38276
|
console.log();
|
|
38234
38277
|
console.log(chalk.magenta.bold(" \u{1F4CB} Recommended Permissions"));
|
|
38235
38278
|
console.log();
|
|
@@ -38256,6 +38299,7 @@ async function showPermissionSuggestion() {
|
|
|
38256
38299
|
return;
|
|
38257
38300
|
}
|
|
38258
38301
|
if (action === "dismiss") {
|
|
38302
|
+
await savePermissionPreference("recommendedAllowlistPrompted", true);
|
|
38259
38303
|
await savePermissionPreference("recommendedAllowlistDismissed", true);
|
|
38260
38304
|
console.log(chalk.dim(" Won't show again. Use /permissions to apply later."));
|
|
38261
38305
|
return;
|
|
@@ -38271,6 +38315,7 @@ async function showPermissionSuggestion() {
|
|
|
38271
38315
|
}
|
|
38272
38316
|
}
|
|
38273
38317
|
await applyRecommendedPermissions();
|
|
38318
|
+
await savePermissionPreference("recommendedAllowlistPrompted", true);
|
|
38274
38319
|
console.log(chalk.green(" \u2713 Recommended permissions applied"));
|
|
38275
38320
|
console.log(chalk.dim(" Use /permissions to review or modify anytime."));
|
|
38276
38321
|
}
|
|
@@ -52795,10 +52840,12 @@ async function startRepl(options = {}) {
|
|
|
52795
52840
|
const mcpRegistry = new MCPRegistryImpl2();
|
|
52796
52841
|
await mcpRegistry.load();
|
|
52797
52842
|
const registryServers = mcpRegistry.listEnabledServers();
|
|
52798
|
-
const { loadProjectMCPFile: loadProjectMCPFile2, mergeMCPConfigs: mergeMCPConfigs2 } = await Promise.resolve().then(() => (init_config_loader(), config_loader_exports));
|
|
52799
|
-
const projectServers = await loadProjectMCPFile2(
|
|
52843
|
+
const { loadProjectMCPFile: loadProjectMCPFile2, loadMCPServersFromCOCOConfig: loadMCPServersFromCOCOConfig2, mergeMCPConfigs: mergeMCPConfigs2 } = await Promise.resolve().then(() => (init_config_loader(), config_loader_exports));
|
|
52844
|
+
const projectServers = await loadProjectMCPFile2(projectPath);
|
|
52845
|
+
const cocoConfigServers = await loadMCPServersFromCOCOConfig2();
|
|
52800
52846
|
const enabledServers = mergeMCPConfigs2(
|
|
52801
52847
|
registryServers,
|
|
52848
|
+
cocoConfigServers.filter((s) => s.enabled !== false),
|
|
52802
52849
|
projectServers.filter((s) => s.enabled !== false)
|
|
52803
52850
|
);
|
|
52804
52851
|
if (enabledServers.length > 0) {
|
|
@@ -52819,7 +52866,12 @@ async function startRepl(options = {}) {
|
|
|
52819
52866
|
}
|
|
52820
52867
|
for (const connection of connections.values()) {
|
|
52821
52868
|
try {
|
|
52822
|
-
await registerMCPTools2(toolRegistry, connection.name, connection.client);
|
|
52869
|
+
const wrapped = await registerMCPTools2(toolRegistry, connection.name, connection.client);
|
|
52870
|
+
if (wrapped.length === 0) {
|
|
52871
|
+
logger2.warn(
|
|
52872
|
+
`[MCP] Server '${connection.name}' connected but exposed 0 tools (check server auth/scopes).`
|
|
52873
|
+
);
|
|
52874
|
+
}
|
|
52823
52875
|
} catch (toolError) {
|
|
52824
52876
|
logger2.warn(
|
|
52825
52877
|
`[MCP] Failed to register tools for server '${connection.name}': ${toolError instanceof Error ? toolError.message : String(toolError)}`
|
|
@@ -52830,6 +52882,13 @@ async function startRepl(options = {}) {
|
|
|
52830
52882
|
if (activeCount > 0) {
|
|
52831
52883
|
logger2.info(`[MCP] ${activeCount} MCP server(s) active`);
|
|
52832
52884
|
}
|
|
52885
|
+
const failedServers = enabledServers.map((s) => s.name).filter((name) => !connections.has(name));
|
|
52886
|
+
if (failedServers.length > 0) {
|
|
52887
|
+
p26.log.warn(
|
|
52888
|
+
`MCP startup check: ${failedServers.length} server(s) failed to connect: ${failedServers.join(", ")}`
|
|
52889
|
+
);
|
|
52890
|
+
p26.log.message(chalk.dim("Run /mcp health <name> to inspect details."));
|
|
52891
|
+
}
|
|
52833
52892
|
}
|
|
52834
52893
|
} catch (mcpError) {
|
|
52835
52894
|
logger2.warn(
|