@mandipadk7/kavi 0.1.0 → 0.1.1

package/README.md

@@ -44,7 +44,8 @@ node --experimental-strip-types --test src/**/*.test.ts
 ```
 
 Notes:
-- The current managed task runners use the installed `codex` and `claude` CLIs directly.
+- Codex runs through `codex app-server` in managed mode, so Codex-side approvals now land in the same Kavi inbox as Claude hook approvals.
+- Claude still runs through the installed `claude` CLI with Kavi-managed hooks and approval decisions.
 - The dashboard uses a file-backed control loop instead of local sockets so it can run in restricted shells and sandboxes.
 
 Local install options:
@@ -63,17 +64,24 @@ npm link
 Publishing for testers:
 
 ```bash
+# interactive publish flow: prompts for version, defaults to the next patch,
+# runs release checks, then publishes the beta tag
+npm run publish
+
 # authenticate once
 npm login
 
 # verify the package before publish
 npm run release:check
 
-# publish a beta that friends can install immediately
+# prompt for version and publish beta explicitly
 npm run publish:beta
 
-# later, publish the stable tag
+# prompt for version and publish stable
 npm run publish:latest
+
+# test the publish flow without sending anything to npm
+npm run publish -- --dry-run
 ```
 
 Install commands for testers:
@@ -89,6 +97,7 @@ npx @mandipadk7/kavi@beta help
 Notes on publish:
 - The package name is scoped as `@mandipadk7/kavi` to match the npm user `mandipadk7`.
 - The publish flow now builds a compiled `dist/` directory first, and the installed CLI prefers `dist/main.js`. Source mode remains available for local development.
+- Hook commands now invoke the compiled entrypoint directly when `dist/` is present, and only use `--experimental-strip-types` in source mode.
 - `prepublishOnly` runs the release checks automatically during publish.
 
 User-local config example:

package/dist/adapters/claude.js

@@ -1,6 +1,7 @@
 import fs from "node:fs/promises";
-import { buildEnvelopeInstruction, buildPeerMessages, buildSharedContext, extractJsonObject } from "./shared.js";
+import { buildAgentInstructions, buildPeerMessages, buildTaskPrompt, extractJsonObject } from "./shared.js";
 import { runCommand } from "../process.js";
+import { loadAgentPrompt } from "../prompts.js";
 import { buildKaviShellCommand } from "../runtime.js";
 function findWorktree(session, agent) {
     const worktree = session.worktrees.find((item)=>item.agent === agent);
@@ -90,12 +91,11 @@ export async function runClaudeTask(session, task, paths) {
     const worktree = findWorktree(session, "claude");
     const claudeSessionId = `${session.id}-claude`;
     await writeClaudeSettings(paths, session);
+    const repoPrompt = await loadAgentPrompt(paths, "claude");
     const prompt = [
-        buildSharedContext(session, task, "claude"),
+        buildAgentInstructions("claude", worktree.path, repoPrompt),
         "",
-        `User goal or prompt:\n${task.prompt}`,
-        "",
-        buildEnvelopeInstruction("claude", worktree.path)
+        buildTaskPrompt(session, task, "claude")
     ].join("\n");
     const result = await runCommand(session.runtime.claudeExecutable, [
         "-p",

package/dist/adapters/codex.js

@@ -1,7 +1,82 @@
-import path from "node:path";
-import fs from "node:fs/promises";
-import { runCommand } from "../process.js";
-import { buildEnvelopeInstruction, buildPeerMessages, buildSharedContext, extractJsonObject } from "./shared.js";
+import { createApprovalRequest, describeCodexApprovalRequest, findApprovalRule, waitForApprovalDecision } from "../approvals.js";
+import { CodexAppServerClient } from "../codex-app-server.js";
+import { loadAgentPrompt } from "../prompts.js";
+import { recordEvent } from "../session.js";
+import { buildAgentInstructions, buildPeerMessages, buildTaskPrompt, extractJsonObject } from "./shared.js";
+const ENVELOPE_OUTPUT_SCHEMA = {
+    type: "object",
+    additionalProperties: false,
+    required: [
+        "summary",
+        "status",
+        "blockers",
+        "nextRecommendation",
+        "peerMessages"
+    ],
+    properties: {
+        summary: {
+            type: "string"
+        },
+        status: {
+            type: "string",
+            enum: [
+                "completed",
+                "blocked",
+                "needs_review"
+            ]
+        },
+        blockers: {
+            type: "array",
+            items: {
+                type: "string"
+            }
+        },
+        nextRecommendation: {
+            type: [
+                "string",
+                "null"
+            ]
+        },
+        peerMessages: {
+            type: "array",
+            items: {
+                type: "object",
+                additionalProperties: false,
+                required: [
+                    "to",
+                    "intent",
+                    "subject",
+                    "body"
+                ],
+                properties: {
+                    to: {
+                        type: "string",
+                        enum: [
+                            "codex",
+                            "claude"
+                        ]
+                    },
+                    intent: {
+                        type: "string",
+                        enum: [
+                            "question",
+                            "handoff",
+                            "review_request",
+                            "blocked",
+                            "context_share"
+                        ]
+                    },
+                    subject: {
+                        type: "string"
+                    },
+                    body: {
+                        type: "string"
+                    }
+                }
+            }
+        }
+    }
+};
 function findWorktree(session, agent) {
     const worktree = session.worktrees.find((item)=>item.agent === agent);
     if (!worktree) {
@@ -9,35 +84,165 @@ function findWorktree(session, agent) {
     }
     return worktree;
 }
+function asObject(value) {
+    return value && typeof value === "object" && !Array.isArray(value) ? value : {};
+}
+function asString(value) {
+    return typeof value === "string" ? value : null;
+}
+function supportsSessionApproval(params) {
+    return Array.isArray(params.availableDecisions) ? params.availableDecisions.some((value)=>value === "acceptForSession") : false;
+}
+function buildPermissionsGrant(params) {
+    const requested = asObject(params.permissions);
+    const granted = {};
+    if (requested.network !== null && requested.network !== undefined) {
+        granted.network = requested.network;
+    }
+    if (requested.fileSystem !== null && requested.fileSystem !== undefined) {
+        granted.fileSystem = requested.fileSystem;
+    }
+    return granted;
+}
+function buildApprovalResponse(method, params, approved, remember) {
+    switch(method){
+        case "item/commandExecution/requestApproval":
+            return {
+                decision: approved ? remember && supportsSessionApproval(params) ? "acceptForSession" : "accept" : "decline"
+            };
+        case "item/fileChange/requestApproval":
+            return {
+                decision: approved ? remember ? "acceptForSession" : "accept" : "decline"
+            };
+        case "item/permissions/requestApproval":
+            return {
+                permissions: approved ? buildPermissionsGrant(params) : {},
+                scope: remember ? "session" : "turn"
+            };
+        case "execCommandApproval":
+        case "applyPatchApproval":
+            return {
+                decision: approved ? remember ? "approved_for_session" : "approved" : "denied"
+            };
+        default:
+            throw new Error(`Unsupported Codex approval request: ${method}`);
+    }
+}
+function buildThreadParams(session, worktree, developerInstructions) {
+    const configuredModel = session.config.agents.codex.model.trim();
+    return {
+        cwd: worktree.path,
+        approvalPolicy: "on-request",
+        approvalsReviewer: "user",
+        sandbox: "workspace-write",
+        baseInstructions: "You are Codex inside Kavi. Operate inside the assigned worktree and keep work task-scoped.",
+        developerInstructions,
+        model: configuredModel || null,
+        ephemeral: false,
+        experimentalRawEvents: false,
+        persistExtendedHistory: true
+    };
+}
+async function ensureThread(client, session, paths, worktree, developerInstructions) {
+    const threadParams = buildThreadParams(session, worktree, developerInstructions);
+    const existingThreadId = session.agentStatus.codex.sessionId;
+    if (existingThreadId) {
+        try {
+            return await client.resumeThread({
+                threadId: existingThreadId,
+                ...threadParams
+            });
+        } catch (error) {
+            await recordEvent(paths, session.id, "codex.thread_resume_failed", {
+                threadId: existingThreadId,
+                error: error instanceof Error ? error.message : String(error)
+            });
+        }
+    }
+    return await client.startThread(threadParams);
+}
+async function handleCodexApproval(session, paths, request) {
+    const descriptor = describeCodexApprovalRequest(request.method, request.params);
+    const rule = await findApprovalRule(paths, {
+        repoRoot: session.repoRoot,
+        agent: "codex",
+        toolName: descriptor.toolName,
+        matchKey: descriptor.matchKey
+    });
+    if (rule) {
+        await recordEvent(paths, session.id, "approval.auto_decided", {
+            agent: "codex",
+            requestId: request.id,
+            method: request.method,
+            toolName: descriptor.toolName,
+            summary: descriptor.summary,
+            decision: rule.decision
+        });
+        return buildApprovalResponse(request.method, request.params, rule.decision === "allow", true);
+    }
+    const approval = await createApprovalRequest(paths, {
+        sessionId: session.id,
+        repoRoot: session.repoRoot,
+        agent: "codex",
+        hookEvent: request.method,
+        payload: request.params,
+        toolName: descriptor.toolName,
+        summary: descriptor.summary,
+        matchKey: descriptor.matchKey
+    });
+    await recordEvent(paths, session.id, "approval.requested", {
+        requestId: approval.id,
+        agent: "codex",
+        method: request.method,
+        toolName: approval.toolName,
+        summary: approval.summary
+    });
+    const resolved = await waitForApprovalDecision(paths, approval.id);
+    const approved = resolved?.status === "approved";
+    const remember = resolved?.remember ?? false;
+    await recordEvent(paths, session.id, "approval.completed", {
+        requestId: approval.id,
+        agent: "codex",
+        method: request.method,
+        outcome: approved ? "approved" : resolved?.status === "denied" ? "denied" : "expired"
+    });
+    return buildApprovalResponse(request.method, request.params, approved, remember);
+}
 export async function runCodexTask(session, task, paths) {
     const worktree = findWorktree(session, "codex");
-    const outputFile = path.join(paths.runtimeDir, `codex-${task.id}.txt`);
-    const prompt = [
-        buildSharedContext(session, task, "codex"),
-        "",
-        `User goal or prompt:\n${task.prompt}`,
-        "",
-        buildEnvelopeInstruction("codex", worktree.path)
-    ].join("\n");
-    const result = await runCommand(session.runtime.codexExecutable, [
-        "exec",
-        "--skip-git-repo-check",
-        "--cd",
-        worktree.path,
-        "--sandbox",
-        "workspace-write",
-        "--output-last-message",
-        outputFile,
-        prompt
-    ], {
-        cwd: session.repoRoot
+    const repoPrompt = await loadAgentPrompt(paths, "codex");
+    const developerInstructions = buildAgentInstructions("codex", worktree.path, repoPrompt);
+    const client = new CodexAppServerClient(session.runtime, session.repoRoot, async (request)=>{
+        return await handleCodexApproval(session, paths, request);
     });
-    const rawOutput = result.code === 0 ? await fs.readFile(outputFile, "utf8") : `${result.stdout}\n${result.stderr}`;
-    const envelope = extractJsonObject(rawOutput);
-    return {
-        envelope,
-        raw: rawOutput
-    };
+    try {
+        await client.initialize();
+        const threadId = await ensureThread(client, session, paths, worktree, developerInstructions);
+        const result = await client.runTurn({
+            threadId,
+            cwd: worktree.path,
+            approvalPolicy: "on-request",
+            approvalsReviewer: "user",
+            model: session.config.agents.codex.model.trim() || null,
+            outputSchema: ENVELOPE_OUTPUT_SCHEMA,
+            input: [
+                {
+                    type: "text",
+                    text: buildTaskPrompt(session, task, "codex"),
+                    text_elements: []
+                }
+            ]
+        });
+        const rawOutput = `${result.assistantMessage}${result.stderr ? `\n\n[stderr]\n${result.stderr}` : ""}`;
+        const envelope = extractJsonObject(result.assistantMessage);
+        return {
+            envelope,
+            raw: rawOutput,
+            threadId
+        };
+    } finally{
+        await client.close();
+    }
 }
 export { buildPeerMessages };
 

package/dist/adapters/shared.js

@@ -36,15 +36,28 @@ export function buildPeerMessages(envelope, from, taskId) {
 export function buildSharedContext(session, task, agent) {
     const inbox = session.peerMessages.filter((message)=>message.to === agent).slice(-session.config.messageLimit).map((message)=>`- [${message.intent}] ${message.subject}: ${message.body}`).join("\n");
     const tasks = session.tasks.map((item)=>`- ${item.id} | ${item.owner} | ${item.status} | ${item.title}`).join("\n");
+    const decisions = session.decisions.slice(-6).map((decision)=>`- [${decision.kind}] ${decision.summary}`).join("\n");
+    const claims = session.pathClaims.filter((claim)=>claim.status === "active").slice(-6).map((claim)=>`- ${claim.agent} | ${claim.paths.join(", ")}`).join("\n");
     return [
         `Session goal: ${session.goal ?? "No goal recorded."}`,
         `Current task: ${task.title}`,
         "Task board:",
         tasks || "- none",
+        "Decision ledger:",
+        decisions || "- empty",
+        "Active path claims:",
+        claims || "- empty",
         `Peer inbox for ${agent}:`,
         inbox || "- empty"
     ].join("\n");
 }
+export function buildTaskPrompt(session, task, agent) {
+    return [
+        buildSharedContext(session, task, agent),
+        "",
+        `User goal or prompt:\n${task.prompt}`
+    ].join("\n");
+}
 export function buildEnvelopeInstruction(agent, worktreePath) {
     const peer = agent === "codex" ? "claude" : "codex";
     const focus = agent === "codex" ? "Focus on planning, architecture, backend concerns, codebase structure, and implementation risks." : "Focus on intent, user experience, frontend structure, and interaction quality.";
@@ -64,6 +77,12 @@ export function buildEnvelopeInstruction(agent, worktreePath) {
         "Do not wrap the JSON in Markdown."
     ].join("\n");
 }
+export function buildAgentInstructions(agent, worktreePath, repoPrompt) {
+    return [
+        repoPrompt.trim(),
+        buildEnvelopeInstruction(agent, worktreePath)
+    ].filter(Boolean).join("\n\n");
+}
 
 
 //# sourceURL=adapters/shared.ts

package/dist/approvals.js

@@ -59,6 +59,73 @@ export function describeToolUse(payload) {
         matchKey: `${toolName}:${normalized.toLowerCase()}`
     };
 }
+export function describeCodexApprovalRequest(method, params) {
+    const reason = readString(params, "reason") ?? "";
+    switch(method){
+        case "item/commandExecution/requestApproval":
+            {
+                const command = normalizeWhitespace(readString(params, "command") ?? "");
+                const detail = command || normalizeWhitespace(reason) || safeJson(params);
+                return {
+                    toolName: "CommandExecution",
+                    summary: `CommandExecution: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `CommandExecution:${detail.toLowerCase()}`
+                };
+            }
+        case "item/fileChange/requestApproval":
+            {
+                const grantRoot = normalizeWhitespace(readString(params, "grantRoot") ?? "");
+                const detail = grantRoot || normalizeWhitespace(reason) || safeJson(params);
+                return {
+                    toolName: "FileChange",
+                    summary: `FileChange: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `FileChange:${detail.toLowerCase()}`
+                };
+            }
+        case "item/permissions/requestApproval":
+            {
+                const permissions = readObject(params, "permissions");
+                const detail = normalizeWhitespace([
+                    reason,
+                    safeJson(permissions)
+                ].filter(Boolean).join(" "));
+                return {
+                    toolName: "Permissions",
+                    summary: `Permissions: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `Permissions:${detail.toLowerCase()}`
+                };
+            }
+        case "execCommandApproval":
+            {
+                const command = Array.isArray(params.command) ? normalizeWhitespace(params.command.map((part)=>String(part)).join(" ")) : normalizeWhitespace(readString(params, "command") ?? "");
+                const detail = command || normalizeWhitespace(reason) || safeJson(params);
+                return {
+                    toolName: "ExecCommand",
+                    summary: `ExecCommand: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `ExecCommand:${detail.toLowerCase()}`
+                };
+            }
+        case "applyPatchApproval":
+            {
+                const grantRoot = normalizeWhitespace(readString(params, "grantRoot") ?? "");
+                const detail = grantRoot || normalizeWhitespace(reason) || safeJson(params);
+                return {
+                    toolName: "ApplyPatch",
+                    summary: `ApplyPatch: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `ApplyPatch:${detail.toLowerCase()}`
+                };
+            }
+        default:
+            {
+                const detail = normalizeWhitespace(reason) || safeJson(params);
+                return {
+                    toolName: method,
+                    summary: `${method}: ${truncate(detail || "(no details)", 140)}`,
+                    matchKey: `${method}:${detail.toLowerCase()}`
+                };
+            }
+    }
+}
 async function loadRequests(paths) {
     if (!await fileExists(paths.approvalsFile)) {
         return [];
@@ -74,7 +141,11 @@ export async function listApprovalRequests(paths, options = {}) {
     return filtered.sort((left, right)=>left.createdAt.localeCompare(right.createdAt));
 }
 export async function createApprovalRequest(paths, input) {
-    const descriptor = describeToolUse(input.payload);
+    const descriptor = input.toolName && input.summary && input.matchKey ? {
+        toolName: input.toolName,
+        summary: input.summary,
+        matchKey: input.matchKey
+    } : describeToolUse(input.payload);
     const timestamp = nowIso();
     const request = {
         id: randomUUID(),