npm - @gotgenes/pi-permission-system - Versions diffs - 0.7.0 - Mend

@gotgenes/pi-permission-system 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/CHANGELOG.md +384 -0
package/LICENSE +21 -0
package/README.md +606 -0
package/config/config.example.json +27 -0
package/index.ts +3 -0
package/package.json +85 -0
package/schemas/permissions.schema.json +88 -0
package/src/bash-filter.ts +51 -0
package/src/before-agent-start-cache.ts +44 -0
package/src/common.ts +88 -0
package/src/config-modal.ts +282 -0
package/src/config-reporter.ts +26 -0
package/src/extension-config.ts +203 -0
package/src/index.ts +1983 -0
package/src/logging.ts +118 -0
package/src/model-option-compatibility.ts +182 -0
package/src/permission-dialog.ts +89 -0
package/src/permission-forwarding.ts +126 -0
package/src/permission-manager.ts +989 -0
package/src/skill-prompt-sanitizer.ts +344 -0
package/src/status.ts +35 -0
package/src/system-prompt-sanitizer.ts +210 -0
package/src/tool-registry.ts +139 -0
package/src/types.ts +50 -0
package/src/wildcard-matcher.ts +84 -0
package/src/yolo-mode.ts +29 -0
package/src/zellij-modal.ts +1117 -0
package/tests/config-modal.test.ts +248 -0
package/tests/config-reporter.test.ts +139 -0
package/tests/extension-config.test.ts +120 -0
package/tests/permission-system.test.ts +2356 -0
package/tests/session-start.test.ts +139 -0

package/src/logging.ts ADDED Viewed

@@ -0,0 +1,118 @@
+import { appendFileSync } from "node:fs";
+import {
+  DEBUG_LOG_PATH,
+  EXTENSION_ID,
+  ensurePermissionSystemLogsDirectory,
+  LOGS_DIR,
+  PERMISSION_REVIEW_LOG_PATH,
+  type PermissionSystemExtensionConfig,
+} from "./extension-config.js";
+export function safeJsonStringify(value: unknown): string | undefined {
+  const seen = new WeakSet<object>();
+  return JSON.stringify(value, (_key, currentValue) => {
+    if (currentValue instanceof Error) {
+      return {
+        name: currentValue.name,
+        message: currentValue.message,
+        stack: currentValue.stack,
+      };
+    }
+    if (typeof currentValue === "bigint") {
+      return currentValue.toString();
+    }
+    if (typeof currentValue === "object" && currentValue !== null) {
+      if (seen.has(currentValue)) {
+        return "[Circular]";
+      }
+      seen.add(currentValue);
+    }
+    return currentValue;
+  });
+}
+export interface PermissionSystemLogger {
+  debug: (
+    event: string,
+    details?: Record<string, unknown>,
+  ) => string | undefined;
+  review: (
+    event: string,
+    details?: Record<string, unknown>,
+  ) => string | undefined;
+}
+interface PermissionSystemLoggerOptions {
+  getConfig: () => PermissionSystemExtensionConfig;
+  debugLogPath?: string;
+  reviewLogPath?: string;
+  ensureLogsDirectory?: () => string | undefined;
+}
+export function createPermissionSystemLogger(
+  options: PermissionSystemLoggerOptions,
+): PermissionSystemLogger {
+  const debugLogPath = options.debugLogPath ?? DEBUG_LOG_PATH;
+  const reviewLogPath = options.reviewLogPath ?? PERMISSION_REVIEW_LOG_PATH;
+  const ensureLogsDirectory =
+    options.ensureLogsDirectory ??
+    (() => ensurePermissionSystemLogsDirectory(LOGS_DIR));
+  const writeLine = (
+    stream: "debug" | "review",
+    path: string,
+    event: string,
+    details: Record<string, unknown>,
+  ): string | undefined => {
+    const directoryError = ensureLogsDirectory();
+    if (directoryError) {
+      return directoryError;
+    }
+    try {
+      const line = safeJsonStringify({
+        timestamp: new Date().toISOString(),
+        extension: EXTENSION_ID,
+        stream,
+        event,
+        ...details,
+      });
+      if (!line) {
+        return `Failed to write permission-system ${stream} log '${path}': event could not be serialized.`;
+      }
+      appendFileSync(path, `${line}\n`, "utf-8");
+      return undefined;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      return `Failed to write permission-system ${stream} log '${path}': ${message}`;
+    }
+  };
+  const debug = (
+    event: string,
+    details: Record<string, unknown> = {},
+  ): string | undefined => {
+    if (!options.getConfig().debugLog) {
+      return undefined;
+    }
+    return writeLine("debug", debugLogPath, event, details);
+  };
+  const review = (
+    event: string,
+    details: Record<string, unknown> = {},
+  ): string | undefined => {
+    if (!options.getConfig().permissionReviewLog) {
+      return undefined;
+    }
+    return writeLine("review", reviewLogPath, event, details);
+  };
+  return { debug, review };
+}

package/src/model-option-compatibility.ts ADDED Viewed

@@ -0,0 +1,182 @@
+import {
+  type Api,
+  type AssistantMessageEventStream,
+  getApiProvider,
+  type Context as LlmContext,
+  type Model,
+  type SimpleStreamOptions,
+} from "@mariozechner/pi-ai";
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+const GUARDED_TEMPERATURE_APIS = [
+  "openai-codex-responses",
+  "openai-responses",
+  "azure-openai-responses",
+] as const satisfies readonly Api[];
+const OPENAI_RESPONSES_APIS = new Set<Api>([
+  "openai-responses",
+  "azure-openai-responses",
+]);
+const TEMPERATURE_UNSUPPORTED_APIS = new Set<Api>(["openai-codex-responses"]);
+const TEMPERATURE_UNSUPPORTED_PROVIDERS = new Set<string>(["openai-codex"]);
+export type ApiStreamSimpleDelegate = (
+  model: Model<Api>,
+  context: LlmContext,
+  options?: SimpleStreamOptions,
+) => AssistantMessageEventStream;
+type GlobalWithPermissionSystemProviderGuard = typeof globalThis & {
+  __piPermissionSystemModelOptionBaseStreams?: Map<
+    string,
+    ApiStreamSimpleDelegate
+  >;
+  __piPermissionSystemModelOptionGuardedApis?: Set<string>;
+};
+function getBaseApiStreams(): Map<string, ApiStreamSimpleDelegate> {
+  const globalScope = globalThis as GlobalWithPermissionSystemProviderGuard;
+  if (!globalScope.__piPermissionSystemModelOptionBaseStreams) {
+    globalScope.__piPermissionSystemModelOptionBaseStreams = new Map<
+      string,
+      ApiStreamSimpleDelegate
+    >();
+  }
+  return globalScope.__piPermissionSystemModelOptionBaseStreams;
+}
+function getGuardedApis(): Set<string> {
+  const globalScope = globalThis as GlobalWithPermissionSystemProviderGuard;
+  if (!globalScope.__piPermissionSystemModelOptionGuardedApis) {
+    globalScope.__piPermissionSystemModelOptionGuardedApis = new Set<string>();
+  }
+  return globalScope.__piPermissionSystemModelOptionGuardedApis;
+}
+function normalizeIdentifier(value: string | undefined): string {
+  return (value ?? "").trim().toLowerCase();
+}
+function hasModelToken(modelId: string, token: string): boolean {
+  return normalizeIdentifier(modelId)
+    .split(/[^a-z0-9]+/)
+    .includes(token);
+}
+export function getUnsupportedTemperatureReason(
+  model: Pick<Model<Api>, "api" | "id" | "provider" | "reasoning">,
+): string | undefined {
+  if (TEMPERATURE_UNSUPPORTED_APIS.has(model.api)) {
+    return `api '${model.api}' does not support temperature`;
+  }
+  const provider = normalizeIdentifier(model.provider);
+  if (TEMPERATURE_UNSUPPORTED_PROVIDERS.has(provider)) {
+    return `provider '${model.provider}' does not support temperature`;
+  }
+  if (
+    OPENAI_RESPONSES_APIS.has(model.api) &&
+    hasModelToken(model.id, "codex")
+  ) {
+    return `model '${model.id}' does not support temperature`;
+  }
+  if (OPENAI_RESPONSES_APIS.has(model.api) && model.reasoning) {
+    return `reasoning model '${model.id}' accepts only the provider default temperature`;
+  }
+  return undefined;
+}
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+export function stripUnsupportedTemperatureFromPayload(
+  payload: unknown,
+): unknown {
+  if (!isRecord(payload) || !("temperature" in payload)) {
+    return payload;
+  }
+  const { temperature: _temperature, ...rest } = payload;
+  return rest;
+}
+function composeTemperatureSanitizer(
+  options: SimpleStreamOptions | undefined,
+  model: Model<Api>,
+): SimpleStreamOptions | undefined {
+  const reason = getUnsupportedTemperatureReason(model);
+  if (!reason && options?.temperature === undefined) {
+    return options;
+  }
+  if (!reason) {
+    return options;
+  }
+  const existingOnPayload = options?.onPayload;
+  const nextOptions: SimpleStreamOptions = options
+    ? { ...options, temperature: undefined }
+    : {};
+  nextOptions.onPayload = async (payload, payloadModel) => {
+    const transformedPayload = existingOnPayload
+      ? await existingOnPayload(payload, payloadModel)
+      : undefined;
+    return stripUnsupportedTemperatureFromPayload(
+      transformedPayload ?? payload,
+    );
+  };
+  return nextOptions;
+}
+function ensureModelOptionGuardForApi(pi: ExtensionAPI, api: Api): boolean {
+  const guardedApis = getGuardedApis();
+  if (guardedApis.has(api)) {
+    return true;
+  }
+  const baseStreams = getBaseApiStreams();
+  let baseStream = baseStreams.get(api);
+  if (!baseStream) {
+    const currentProvider = getApiProvider(api);
+    if (!currentProvider) {
+      return false;
+    }
+    baseStream = currentProvider.streamSimple as ApiStreamSimpleDelegate;
+    baseStreams.set(api, baseStream);
+  }
+  const providerName = `pi-permission-system-model-option-compatibility-${api.replace(/[^a-z0-9]+/gi, "-").toLowerCase()}`;
+  pi.registerProvider(providerName, {
+    api,
+    streamSimple: (model, context, options) => {
+      const typedModel = model as Model<Api>;
+      const delegate = baseStreams.get(typedModel.api);
+      if (!delegate) {
+        throw new Error(
+          `No base stream provider available for api '${typedModel.api}'.`,
+        );
+      }
+      return delegate(
+        typedModel,
+        context,
+        composeTemperatureSanitizer(options, typedModel),
+      );
+    },
+  });
+  guardedApis.add(api);
+  return true;
+}
+export function registerModelOptionCompatibilityGuard(pi: ExtensionAPI): void {
+  for (const api of GUARDED_TEMPERATURE_APIS) {
+    ensureModelOptionGuardForApi(pi, api);
+  }
+}

package/src/permission-dialog.ts ADDED Viewed

@@ -0,0 +1,89 @@
+export type PermissionDecisionState =
+  | "approved"
+  | "denied"
+  | "denied_with_reason";
+export type PermissionPromptDecision = {
+  approved: boolean;
+  state: PermissionDecisionState;
+  denialReason?: string;
+};
+export interface PermissionDecisionUi {
+  select(title: string, options: string[]): Promise<string | undefined>;
+  input(title: string, placeholder?: string): Promise<string | undefined>;
+}
+const APPROVE_OPTION = "Yes";
+const DENY_OPTION = "No";
+const DENY_WITH_REASON_OPTION = "No, provide reason";
+const PERMISSION_DECISION_OPTIONS = [
+  APPROVE_OPTION,
+  DENY_OPTION,
+  DENY_WITH_REASON_OPTION,
+] as const;
+export function normalizePermissionDenialReason(
+  value: unknown,
+): string | undefined {
+  if (typeof value !== "string") {
+    return undefined;
+  }
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : undefined;
+}
+export function createDeniedPermissionDecision(
+  denialReason?: string,
+): PermissionPromptDecision {
+  const normalizedReason = normalizePermissionDenialReason(denialReason);
+  return normalizedReason
+    ? {
+        approved: false,
+        state: "denied_with_reason",
+        denialReason: normalizedReason,
+      }
+    : {
+        approved: false,
+        state: "denied",
+      };
+}
+export function isPermissionDecisionState(
+  value: unknown,
+): value is PermissionDecisionState {
+  return (
+    value === "approved" || value === "denied" || value === "denied_with_reason"
+  );
+}
+export async function requestPermissionDecisionFromUi(
+  ui: PermissionDecisionUi,
+  title: string,
+  message: string,
+): Promise<PermissionPromptDecision> {
+  const selected = await ui.select(`${title}\n${message}`, [
+    ...PERMISSION_DECISION_OPTIONS,
+  ]);
+  if (selected === APPROVE_OPTION) {
+    return {
+      approved: true,
+      state: "approved",
+    };
+  }
+  if (selected === DENY_WITH_REASON_OPTION) {
+    const denialReason = normalizePermissionDenialReason(
+      await ui.input(
+        `${title}\nShare why this request was denied (optional).`,
+        "Reason shown back to the agent",
+      ),
+    );
+    return createDeniedPermissionDecision(denialReason);
+  }
+  return createDeniedPermissionDecision();
+}

package/src/permission-forwarding.ts ADDED Viewed

@@ -0,0 +1,126 @@
+import { join } from "node:path";
+import type { PermissionDecisionState } from "./permission-dialog.js";
+export const PERMISSION_FORWARDING_POLL_INTERVAL_MS = 250;
+export const PERMISSION_FORWARDING_TIMEOUT_MS = 10 * 60 * 1000;
+export const SUBAGENT_ENV_HINT_KEYS = [
+  "PI_IS_SUBAGENT",
+  "PI_SUBAGENT_SESSION_ID",
+  "PI_AGENT_ROUTER_SUBAGENT",
+] as const;
+export const SUBAGENT_PARENT_SESSION_ENV_KEY =
+  "PI_AGENT_ROUTER_PARENT_SESSION_ID";
+const SESSION_FORWARDING_ROOT_DIRECTORY_NAME = "sessions";
+const SESSION_FORWARDING_REQUESTS_DIRECTORY_NAME = "requests";
+const SESSION_FORWARDING_RESPONSES_DIRECTORY_NAME = "responses";
+export type ForwardedPermissionRequest = {
+  id: string;
+  createdAt: number;
+  requesterSessionId: string;
+  targetSessionId: string;
+  requesterAgentName: string;
+  message: string;
+};
+export type ForwardedPermissionResponse = {
+  approved: boolean;
+  state: PermissionDecisionState;
+  denialReason?: string;
+  responderSessionId: string;
+  respondedAt: number;
+};
+export type PermissionForwardingLocation = {
+  sessionId: string;
+  sessionRootDir: string;
+  requestsDir: string;
+  responsesDir: string;
+  label: "primary";
+};
+export function normalizePermissionForwardingSessionId(
+  value: unknown,
+): string | null {
+  if (typeof value !== "string") {
+    return null;
+  }
+  const trimmed = value.trim();
+  if (!trimmed || trimmed.toLowerCase() === "unknown") {
+    return null;
+  }
+  return trimmed;
+}
+function encodeSessionIdForPath(sessionId: string): string {
+  return encodeURIComponent(sessionId);
+}
+export function createPermissionForwardingLocation(
+  forwardingRootDir: string,
+  sessionId: string,
+): PermissionForwardingLocation {
+  const normalizedSessionId = normalizePermissionForwardingSessionId(sessionId);
+  if (!normalizedSessionId) {
+    throw new Error(
+      "Permission forwarding session id must be a non-empty string.",
+    );
+  }
+  const sessionRootDir = join(
+    forwardingRootDir,
+    SESSION_FORWARDING_ROOT_DIRECTORY_NAME,
+    encodeSessionIdForPath(normalizedSessionId),
+  );
+  return {
+    sessionId: normalizedSessionId,
+    sessionRootDir,
+    requestsDir: join(
+      sessionRootDir,
+      SESSION_FORWARDING_REQUESTS_DIRECTORY_NAME,
+    ),
+    responsesDir: join(
+      sessionRootDir,
+      SESSION_FORWARDING_RESPONSES_DIRECTORY_NAME,
+    ),
+    label: "primary",
+  };
+}
+export function resolvePermissionForwardingTargetSessionId(options: {
+  hasUI: boolean;
+  isSubagent: boolean;
+  currentSessionId?: string | null;
+  env?: NodeJS.ProcessEnv;
+}): string | null {
+  if (options.hasUI) {
+    return normalizePermissionForwardingSessionId(options.currentSessionId);
+  }
+  if (!options.isSubagent) {
+    return null;
+  }
+  return normalizePermissionForwardingSessionId(
+    options.env?.[SUBAGENT_PARENT_SESSION_ENV_KEY],
+  );
+}
+export function isForwardedPermissionRequestForSession(
+  request: Pick<ForwardedPermissionRequest, "targetSessionId">,
+  sessionId: string | null | undefined,
+): boolean {
+  const normalizedRequestSessionId = normalizePermissionForwardingSessionId(
+    request.targetSessionId,
+  );
+  const normalizedSessionId = normalizePermissionForwardingSessionId(sessionId);
+  return (
+    normalizedRequestSessionId !== null &&
+    normalizedRequestSessionId === normalizedSessionId
+  );
+}