@cyber-dash-tech/revela 0.17.10 → 0.17.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +17 -3
  2. package/README.zh-CN.md +17 -3
  3. package/lib/refine/prompt-bridge.ts +31 -1
  4. package/package.json +1 -1
  5. package/plugins/revela/.codex-plugin/plugin.json +1 -1
  6. package/plugins/revela/.mcp.json +1 -1
package/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  **English** | [中文](README.zh-CN.md)
4
4
 
5
- [![npm version](https://img.shields.io/npm/v/@cyber-dash-tech/revela)](https://www.npmjs.com/package/@cyber-dash-tech/revela) [![license](https://img.shields.io/npm/l/@cyber-dash-tech/revela)](LICENSE) [![tests](https://img.shields.io/badge/tests-615%20passing-brightgreen)](tests/) [![OpenCode plugin](https://img.shields.io/badge/OpenCode-plugin-blue)](https://opencode.ai) [![Bun](https://img.shields.io/badge/Bun-%E2%89%A51.0-orange)](https://bun.sh)
5
+ [![npm version](https://img.shields.io/npm/v/@cyber-dash-tech/revela)](https://www.npmjs.com/package/@cyber-dash-tech/revela) [![license](https://img.shields.io/npm/l/@cyber-dash-tech/revela)](LICENSE) [![tests](https://img.shields.io/badge/tests-617%20passing-brightgreen)](tests/) [![OpenCode plugin](https://img.shields.io/badge/OpenCode-plugin-blue)](https://opencode.ai) [![Bun](https://img.shields.io/badge/Bun-%E2%89%A51.0-orange)](https://bun.sh)
6
6
 
7
7
  <p align="center">
8
8
  <img src="assets/img/logo.png" alt="Revela" width="560" />
@@ -31,14 +31,28 @@ To install globally, add the same entry to `~/.config/opencode/opencode.json`.
31
31
 
32
32
  ### Codex
33
33
 
34
+ Requirements:
35
+
36
+ - The Codex CLI must be installed and the `codex` command must be available in your shell.
37
+ - Your environment must be able to run `npx`; Revela uses `npx -y @cyber-dash-tech/revela@0.17.12 mcp` to start the MCP server.
38
+ - For interactive Review actions, `codex exec` must also work because the Review UI uses it for Insight and Comment/Apply Fix requests.
39
+
40
+ Optional preflight:
41
+
42
+ ```bash
43
+ codex --version
44
+ codex exec --help
45
+ npx --version
46
+ ```
47
+
34
48
  Install Revela through the Codex Git marketplace:
35
49
 
36
50
  ```bash
37
- codex plugin marketplace add https://github.com/cyber-dash-tech/revela --ref v0.17.10
51
+ codex plugin marketplace add https://github.com/cyber-dash-tech/revela --ref v0.17.12
38
52
  codex plugin add revela@revela
39
53
  ```
40
54
 
41
- The Git marketplace install provides the Codex plugin shell, skills, hooks, and MCP configuration. When Codex starts the Revela MCP server for the first time, it runs `npx -y @cyber-dash-tech/revela@0.17.10 mcp` so npm can fetch the published package and its dependencies.
55
+ The Git marketplace install provides the Codex plugin shell, skills, hooks, and MCP configuration. When Codex starts the Revela MCP server for the first time, it runs `npx -y @cyber-dash-tech/revela@0.17.12 mcp` so npm can fetch the published package and its dependencies.
42
56
 
43
57
  You do not need to run `bun install` inside the Codex marketplace clone.
44
58
 
package/README.zh-CN.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  [English](README.md) | **中文**
4
4
 
5
- [![npm version](https://img.shields.io/npm/v/@cyber-dash-tech/revela)](https://www.npmjs.com/package/@cyber-dash-tech/revela) [![license](https://img.shields.io/npm/l/@cyber-dash-tech/revela)](LICENSE) [![tests](https://img.shields.io/badge/tests-615%20passing-brightgreen)](tests/) [![OpenCode plugin](https://img.shields.io/badge/OpenCode-plugin-blue)](https://opencode.ai) [![Bun](https://img.shields.io/badge/Bun-%E2%89%A51.0-orange)](https://bun.sh)
5
+ [![npm version](https://img.shields.io/npm/v/@cyber-dash-tech/revela)](https://www.npmjs.com/package/@cyber-dash-tech/revela) [![license](https://img.shields.io/npm/l/@cyber-dash-tech/revela)](LICENSE) [![tests](https://img.shields.io/badge/tests-617%20passing-brightgreen)](tests/) [![OpenCode plugin](https://img.shields.io/badge/OpenCode-plugin-blue)](https://opencode.ai) [![Bun](https://img.shields.io/badge/Bun-%E2%89%A51.0-orange)](https://bun.sh)
6
6
 
7
7
  <p align="center">
8
8
  <img src="assets/img/logo.png" alt="Revela" width="560" />
@@ -31,14 +31,28 @@ Revela 可在 [OpenCode](https://opencode.ai) 和 Codex 中使用,把来源材
31
31
 
32
32
  ### Codex
33
33
 
34
+ 环境要求:
35
+
36
+ - 需要已安装 Codex CLI,并且 shell 中可以执行 `codex`。
37
+ - 环境中需要可以执行 `npx`;Revela 会用 `npx -y @cyber-dash-tech/revela@0.17.12 mcp` 启动 MCP server。
38
+ - 如果使用 Review UI 的 Insight、Comment 或 Apply Fix,需要 `codex exec` 可用。
39
+
40
+ 可选的安装前检查:
41
+
42
+ ```bash
43
+ codex --version
44
+ codex exec --help
45
+ npx --version
46
+ ```
47
+
34
48
  通过 Codex Git marketplace 安装 Revela:
35
49
 
36
50
  ```bash
37
- codex plugin marketplace add https://github.com/cyber-dash-tech/revela --ref v0.17.10
51
+ codex plugin marketplace add https://github.com/cyber-dash-tech/revela --ref v0.17.12
38
52
  codex plugin add revela@revela
39
53
  ```
40
54
 
41
- Git marketplace 安装的是 Codex plugin 壳、skills、hooks 和 MCP 配置。Codex 第一次启动 Revela MCP server 时,会运行 `npx -y @cyber-dash-tech/revela@0.17.10 mcp`,由 npm 获取已发布 package 及其 dependencies。
55
+ Git marketplace 安装的是 Codex plugin 壳、skills、hooks 和 MCP 配置。Codex 第一次启动 Revela MCP server 时,会运行 `npx -y @cyber-dash-tech/revela@0.17.12 mcp`,由 npm 获取已发布 package 及其 dependencies。
42
56
 
43
57
  不需要在 Codex marketplace clone 里运行 `bun install`。
44
58
 
package/lib/refine/prompt-bridge.ts CHANGED
@@ -29,9 +29,12 @@ export interface CodexExecRunResult {
29
29
  }
30
30
 
31
31
  export type CodexExecRunner = (input: {
32
+ action: ReviewPromptAction
32
33
  prompt: string
33
34
  workspaceRoot: string
34
35
  timeoutMs: number
36
+ sandboxMode: "read-only" | "workspace-write"
37
+ skipGitRepoCheck: boolean
35
38
  }) => Promise<CodexExecRunResult>
36
39
 
37
40
  export function createOpenCodeReviewPromptBridge(client: any, sessionID: string): ReviewPromptBridge {
@@ -65,10 +68,14 @@ export function createCodexExecReviewPromptBridge(options: {
65
68
  return {
66
69
  kind: "codex-exec",
67
70
  async send(input) {
71
+ const sandboxMode = input.action === "comment" ? "workspace-write" : "read-only"
68
72
  const output = await runner({
73
+ action: input.action,
69
74
  prompt: input.prompt,
70
75
  workspaceRoot: input.workspaceRoot,
71
76
  timeoutMs: input.timeoutMs ?? timeoutMs,
77
+ sandboxMode,
78
+ skipGitRepoCheck: true,
72
79
  })
73
80
  const raw = [output.stdout, output.stderr].filter(Boolean).join("\n")
74
81
  if (output.exitCode !== 0) {
@@ -79,6 +86,14 @@ export function createCodexExecReviewPromptBridge(options: {
79
86
  raw,
80
87
  }
81
88
  }
89
+ if (input.action === "comment" && isCodexWriteBlocked(raw)) {
90
+ return {
91
+ ok: false,
92
+ status: "failed",
93
+ error: "codex exec could not write the deck because its sandbox blocked file changes.",
94
+ raw,
95
+ }
96
+ }
82
97
  if (input.action === "comment") return { ok: true, status: "completed", raw }
83
98
  const result = extractInspectionResult(output.stdout)
84
99
  if (!result) {
@@ -95,12 +110,18 @@ export function createCodexExecReviewPromptBridge(options: {
95
110
  }
96
111
 
97
112
  async function runCodexExec(input: {
113
+ action: ReviewPromptAction
98
114
  prompt: string
99
115
  workspaceRoot: string
100
116
  timeoutMs: number
117
+ sandboxMode: "read-only" | "workspace-write"
118
+ skipGitRepoCheck: boolean
101
119
  }): Promise<CodexExecRunResult> {
102
120
  return new Promise((resolve) => {
103
- const child = spawn("codex", ["exec", "--json", "--ephemeral", "-C", input.workspaceRoot, input.prompt], {
121
+ const args = ["exec", "--json", "--ephemeral"]
122
+ if (input.skipGitRepoCheck) args.push("--skip-git-repo-check")
123
+ args.push("--sandbox", input.sandboxMode, "-C", input.workspaceRoot, input.prompt)
124
+ const child = spawn("codex", args, {
104
125
  stdio: ["ignore", "pipe", "pipe"],
105
126
  })
106
127
  let stdout = ""
@@ -130,6 +151,15 @@ async function runCodexExec(input: {
130
151
  })
131
152
  }
132
153
 
154
+ function isCodexWriteBlocked(raw: string): boolean {
155
+ const text = raw.toLowerCase()
156
+ return (
157
+ (text.includes("patch rejected") && text.includes("read-only sandbox")) ||
158
+ text.includes("writing is blocked by read-only sandbox") ||
159
+ text.includes("blocked by read-only sandbox")
160
+ )
161
+ }
162
+
133
163
  function extractInspectionResult(stdout: string): InspectionResult | undefined {
134
164
  const direct = parseJson(stdout)
135
165
  const fromDirect = findInspectionResult(direct)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cyber-dash-tech/revela",
3
- "version": "0.17.10",
3
+ "version": "0.17.12",
4
4
  "description": "OpenCode plugin for trusted narrative artifacts from local sources, research, and evidence",
5
5
  "type": "module",
6
6
  "main": "./index.ts",
package/plugins/revela/.codex-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "revela",
3
- "version": "0.1.0+codex.20260524121829",
3
+ "version": "0.1.0+codex.20260524164007",
4
4
  "description": "Use Revela in Codex to build trusted, traceable narrative decision artifacts from local sources and research.",
5
5
  "author": {
6
6
  "name": "cyber-dash-tech",
package/plugins/revela/.mcp.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "mcpServers": {
3
3
  "revela": {
4
4
  "command": "npx",
5
- "args": ["-y", "@cyber-dash-tech/revela@0.17.10", "mcp"]
5
+ "args": ["-y", "@cyber-dash-tech/revela@0.17.12", "mcp"]
6
6
  }
7
7
  }
8
8
  }