@octocodeai/octocode-tools-core 16.3.0 → 16.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +564 -0
- package/dist/config.d.ts +7 -0
- package/dist/direct.js +39 -41
- package/dist/errors/pathUtils.d.ts +1 -1
- package/dist/github/directoryFetch.d.ts +2 -1
- package/dist/github/githubAPI.d.ts +32 -1
- package/dist/github/history.d.ts +3 -0
- package/dist/github/prTransformation.d.ts +1 -1
- package/dist/github/repoStructureRecursive.d.ts +6 -0
- package/dist/index.d.ts +16 -30
- package/dist/index.js +44 -46
- package/dist/oql/adapters/compile.d.ts +25 -0
- package/dist/oql/adapters/github.d.ts +3 -0
- package/dist/oql/adapters/local.d.ts +7 -0
- package/dist/oql/adapters/materialize.d.ts +11 -0
- package/dist/oql/adapters/pagination.d.ts +21 -0
- package/dist/oql/adapters/researchTargets.d.ts +50 -0
- package/dist/oql/adapters/resultMap.d.ts +20 -0
- package/dist/oql/adapters/ruleYaml.d.ts +11 -0
- package/dist/oql/adapters/runner.d.ts +14 -0
- package/dist/oql/adapters/v2.d.ts +32 -0
- package/dist/oql/capabilities.d.ts +31 -0
- package/dist/oql/defaults.d.ts +26 -0
- package/dist/oql/diagnostics.d.ts +25 -0
- package/dist/oql/diffLanes.d.ts +29 -0
- package/dist/oql/envelope.d.ts +19 -0
- package/dist/oql/features.d.ts +7 -0
- package/dist/oql/index.d.ts +26 -0
- package/dist/oql/index.js +49 -0
- package/dist/oql/normalize.d.ts +5 -0
- package/dist/oql/planner.d.ts +7 -0
- package/dist/oql/research/analyze.d.ts +134 -0
- package/dist/oql/research/packets.d.ts +80 -0
- package/dist/oql/run.d.ts +32 -0
- package/dist/oql/schema.d.ts +1018 -0
- package/dist/oql/schemeText.d.ts +138 -0
- package/dist/oql/shorthand.d.ts +177 -0
- package/dist/oql/targetParams.d.ts +20 -0
- package/dist/oql/transformers/contract.d.ts +19 -0
- package/dist/oql/transformers/github/code.d.ts +17 -0
- package/dist/oql/transformers/github/common.d.ts +8 -0
- package/dist/oql/transformers/language.d.ts +1 -0
- package/dist/oql/transformers/registry.d.ts +16 -0
- package/dist/oql/transformers/types.d.ts +11 -0
- package/dist/oql/types.d.ts +633 -0
- package/dist/oql/v2params.d.ts +22 -0
- package/dist/providers/providerQueries.d.ts +9 -0
- package/dist/providers/providerResults.d.ts +2 -0
- package/dist/providers/types.d.ts +1 -1
- package/dist/schema.d.ts +13 -0
- package/dist/schema.js +8 -0
- package/dist/scheme/coreSchemas.d.ts +5 -5
- package/dist/scheme/fields.d.ts +6 -6
- package/dist/serverConfig.d.ts +1 -2
- package/dist/session.d.ts +2 -24
- package/dist/shared/config/defaults.d.ts +14 -0
- package/dist/shared/config/index.d.ts +9 -0
- package/dist/shared/config/index.js +9 -0
- package/dist/shared/config/loader.d.ts +7 -0
- package/dist/shared/config/resolver.d.ts +2 -0
- package/dist/shared/config/resolverCache.d.ts +12 -0
- package/dist/shared/config/resolverSections.d.ts +10 -0
- package/dist/shared/config/runtimeSurface.d.ts +21 -0
- package/dist/shared/config/schemas.d.ts +11 -0
- package/dist/shared/config/types.d.ts +92 -0
- package/dist/shared/config/validator.d.ts +2 -0
- package/dist/shared/credentials/constants.d.ts +2 -0
- package/dist/shared/credentials/credentialCache.d.ts +13 -0
- package/dist/shared/credentials/credentialEncryption.d.ts +10 -0
- package/dist/shared/credentials/credentialUtils.d.ts +4 -0
- package/dist/shared/credentials/envTokens.d.ts +9 -0
- package/dist/shared/credentials/ghCli.d.ts +1 -0
- package/dist/shared/credentials/index.d.ts +3 -0
- package/dist/shared/credentials/index.js +8 -0
- package/dist/shared/credentials/schemas.d.ts +22 -0
- package/dist/shared/credentials/storage.d.ts +30 -0
- package/dist/shared/credentials/testing.d.ts +2 -0
- package/dist/shared/credentials/testing.js +8 -0
- package/dist/shared/credentials/tokenRefresh.d.ts +24 -0
- package/dist/shared/credentials/tokenResolution.d.ts +30 -0
- package/dist/shared/credentials/types.d.ts +28 -0
- package/dist/shared/fs-utils.d.ts +2 -0
- package/dist/shared/fs-utils.js +8 -0
- package/dist/shared/index.d.ts +6 -0
- package/dist/shared/languageSelectors.d.ts +23 -0
- package/dist/shared/paths.d.ts +31 -0
- package/dist/shared/paths.js +8 -0
- package/dist/shared/platform/index.d.ts +1 -0
- package/dist/shared/platform/index.js +8 -0
- package/dist/shared/platform/platform.d.ts +8 -0
- package/dist/shared/session/index.d.ts +5 -0
- package/dist/shared/session/index.js +8 -0
- package/dist/shared/session/schemas.d.ts +103 -0
- package/dist/shared/session/sessionCache.d.ts +9 -0
- package/dist/shared/session/sessionDiskIO.d.ts +6 -0
- package/dist/shared/session/statsDefaults.d.ts +4 -0
- package/dist/shared/session/storage.d.ts +20 -0
- package/dist/shared/session/types.d.ts +53 -0
- package/dist/tools/directToolCatalog.d.ts +15 -56
- package/dist/tools/directToolCatalog.exec.d.ts +11 -0
- package/dist/tools/directToolCatalog.meta.d.ts +82 -0
- package/dist/tools/github_clone_repo/cache.d.ts +5 -1
- package/dist/tools/github_clone_repo/scheme.d.ts +56 -9
- package/dist/tools/github_clone_repo/types.d.ts +3 -1
- package/dist/tools/github_fetch_content/scheme.d.ts +112 -4
- package/dist/tools/github_fetch_content/types.d.ts +39 -0
- package/dist/tools/github_search_code/scheme.d.ts +6 -6
- package/dist/tools/github_search_pull_requests/contentResponse.d.ts +0 -1
- package/dist/tools/github_search_pull_requests/execution.d.ts +1 -11
- package/dist/tools/github_search_pull_requests/scheme.d.ts +6 -2
- package/dist/tools/github_search_repos/scheme.d.ts +7 -6
- package/dist/tools/github_view_repo_structure/execution.d.ts +0 -9
- package/dist/tools/github_view_repo_structure/scheme.d.ts +10 -6
- package/dist/tools/local_binary_inspect/archiveOps.d.ts +2 -0
- package/dist/tools/local_binary_inspect/binaryInspector.d.ts +48 -7
- package/dist/tools/local_binary_inspect/binaryOps.d.ts +16 -7
- package/dist/tools/local_binary_inspect/scheme.d.ts +10 -7
- package/dist/tools/local_fetch_content/scheme.d.ts +2 -2
- package/dist/tools/local_find_files/scheme.d.ts +2 -2
- package/dist/tools/local_ripgrep/lspBoost.d.ts +54 -0
- package/dist/tools/local_ripgrep/rankingProfile.d.ts +113 -0
- package/dist/tools/local_ripgrep/ripgrepResultBuilder.d.ts +10 -1
- package/dist/tools/local_ripgrep/scheme.d.ts +29 -4
- package/dist/tools/local_ripgrep/structuralSearch.d.ts +3 -4
- package/dist/tools/local_view_structure/scheme.d.ts +2 -2
- package/dist/tools/local_view_structure/structureFilters.d.ts +1 -3
- package/dist/tools/local_view_structure/structureResponse.d.ts +1 -0
- package/dist/tools/lsp/semantic_content/scheme.d.ts +174 -10
- package/dist/tools/lsp/shared/callHierarchyTraversal.d.ts +2 -2
- package/dist/tools/lsp/shared/resolveSymbolAnchor.d.ts +2 -2
- package/dist/tools/lsp/shared/semanticTypes.d.ts +36 -6
- package/dist/tools/oql_search/execution.d.ts +7 -0
- package/dist/tools/package_search/execution.d.ts +10 -0
- package/dist/tools/package_search/scheme.d.ts +9 -7
- package/dist/tools/providerMappers.d.ts +24 -5
- package/dist/tools/toolConfig.d.ts +1 -0
- package/dist/tools/toolMetadata/proxies.d.ts +0 -6
- package/dist/tools/toolNames.d.ts +2 -0
- package/dist/tools/utils.d.ts +3 -7
- package/dist/types/bulk.d.ts +0 -2
- package/dist/types/execution.d.ts +1 -2
- package/dist/types/server.d.ts +0 -1
- package/dist/types/session.d.ts +0 -19
- package/dist/types/toolResults.d.ts +2 -3
- package/dist/utils/contextUtils.d.ts +49 -2
- package/dist/utils/core/lines.d.ts +16 -0
- package/dist/utils/core/types.d.ts +12 -1
- package/dist/utils/file/filters.d.ts +2 -11
- package/dist/utils/markdownOutline.d.ts +10 -0
- package/dist/utils/parsers/diff.d.ts +18 -0
- package/dist/utils/response/error.d.ts +38 -4
- package/dist/utils/response/groupedFinalizer.d.ts +0 -25
- package/package.json +51 -14
- package/dist/commands/BaseCommandBuilder.d.ts +0 -14
- package/dist/commands/FindCommandBuilder.d.ts +0 -23
- package/dist/commands/LsCommandBuilder.d.ts +0 -15
- package/dist/commands/RipgrepCommandBuilder.d.ts +0 -27
- package/dist/hints/dynamic.d.ts +0 -6
- package/dist/hints/index.d.ts +0 -2
- package/dist/hints/types.d.ts +0 -1
- package/dist/tools/github_clone_repo/hints.d.ts +0 -2
- package/dist/tools/github_fetch_content/hints.d.ts +0 -2
- package/dist/tools/github_search_code/hints.d.ts +0 -2
- package/dist/tools/github_search_pull_requests/hints.d.ts +0 -2
- package/dist/tools/github_search_repos/hints.d.ts +0 -2
- package/dist/tools/github_view_repo_structure/hints.d.ts +0 -2
- package/dist/tools/local_fetch_content/hints.d.ts +0 -2
- package/dist/tools/local_find_files/hints.d.ts +0 -2
- package/dist/tools/local_ripgrep/grepFallbackExecutor.d.ts +0 -3
- package/dist/tools/local_ripgrep/hints.d.ts +0 -2
- package/dist/tools/local_ripgrep/ripgrepParser.d.ts +0 -9
- package/dist/tools/local_view_structure/hints.d.ts +0 -2
- package/dist/tools/local_view_structure/structureParser.d.ts +0 -3
- package/dist/tools/local_view_structure/structureWalker.d.ts +0 -24
- package/dist/tools/lsp/semantic_content/hints.d.ts +0 -4
- package/dist/tools/package_search/hints.d.ts +0 -2
- package/dist/types/metadata.d.ts +0 -69
- package/dist/utils/exec/commandAvailability.d.ts +0 -19
- package/dist/utils/exec/ripgrepBinary.d.ts +0 -3
- package/dist/utils/pagination/outputSizeLimit.d.ts +0 -16
- package/dist/utils/response/structuredPagination.d.ts +0 -9
package/README.md
ADDED
|
@@ -0,0 +1,564 @@
|
|
|
1
|
+
# Octocode - Agentic Research Platform
|
|
2
|
+
|
|
3
|
+
<div align="center">
|
|
4
|
+
<img src="https://github.com/bgauryy/octocode/raw/main/packages/octocode-mcp/assets/logo_white.png" width="400px" alt="Octocode Logo">
|
|
5
|
+
|
|
6
|
+
[](https://github.com/modelcontextprotocol/servers)
|
|
7
|
+
[](https://deepwiki.com/bgauryy/octocode)
|
|
8
|
+
[](https://octocode.ai)
|
|
9
|
+
[](https://www.youtube.com/@Octocode-ai)
|
|
10
|
+
|
|
11
|
+
</div>
|
|
12
|
+
|
|
13
|
+
**Evidence-first code research for AI agents and developers.**
|
|
14
|
+
|
|
15
|
+
Octocode gives an agent the full context it needs to change, review, or explain code: real evidence from your **local workspace** and from **external** sources (GitHub repositories, pull requests, and npm packages). One toolset covers all of it: ripgrep and AST structural search, repository tree browsing, precise content fetching, LSP semantic navigation, and binary inspection.
|
|
16
|
+
|
|
17
|
+
Run it as a **CLI** or an **MCP server**. A **Rust engine** keeps every call fast and token-efficient, minifying and skeletonizing code so an agent reads the shape of a file instead of every byte, from a single file to a mega-repo. It is also the best tool for **cross-repository research and exploration across millions of repositories**.
|
|
18
|
+
|
|
19
|
+
---
|
|
20
|
+
|
|
21
|
+
## Table of Contents
|
|
22
|
+
|
|
23
|
+
- [Why Octocode](#why-octocode)
|
|
24
|
+
- [What You Can Do](#what-you-can-do)
|
|
25
|
+
- [Tools](#tools)
|
|
26
|
+
- [MCP](#mcp)
|
|
27
|
+
- [CLI](#cli)
|
|
28
|
+
- [Configuration](#configuration)
|
|
29
|
+
- [Authentication Methods](#authentication-methods)
|
|
30
|
+
- [Security](#security)
|
|
31
|
+
- [Language Support](#language-support)
|
|
32
|
+
- [Skills](#skills)
|
|
33
|
+
- [Architecture](#architecture)
|
|
34
|
+
- [Documentation](#documentation)
|
|
35
|
+
|
|
36
|
+
---
|
|
37
|
+
|
|
38
|
+
## Why Octocode
|
|
39
|
+
|
|
40
|
+
Agents write better code from evidence than from assumptions. Octocode turns *guess-driven* work into **research-driven** work. Before an agent changes, reviews, or explains code, it gathers real evidence from your local workspace **and** from GitHub repositories, pull requests, and npm packages, then hands it back as compact, citable context. *Code is truth; context is the map.*
|
|
41
|
+
|
|
42
|
+
Most tools cover one slice: searching the web, or grepping your repo. Octocode covers the **whole research flow, end to end**:
|
|
43
|
+
|
|
44
|
+
- **Built for scale.** In organizations with thousands of repositories and endless code, Octocode is the solution: spot a pattern in one repo, follow it through the pull request that introduced it, then trace the same shape across other repos and your own files without leaving the conversation. Clone any repo and study it locally, on any machine.
|
|
45
|
+
- **Smart GitHub workflows.** Parallel bulk queries and built-in **next-step hints** keep the agent on the cheapest path: search broadly, read narrowly, trace semantically. Each result points to the natural follow-up.
|
|
46
|
+
- **No GitHub required.** Even without GitHub, clone any repository locally and point Octocode's local tools (search, structural AST, LSP, content) at it for the same evidence-first research.
|
|
47
|
+
- **Reads the shape, not the noise.** Code is minified and skeletonized on the fly across 70+ languages, so an agent grasps a 100 KB file in a few hundred tokens instead of spending its context on boilerplate.
|
|
48
|
+
- **Fast and self-contained.** Search, parsing, semantic navigation, and redaction run in one prebuilt **Rust engine**: quick on a laptop or a mega-repo, with no extra toolchain to install.
|
|
49
|
+
- **Safe by default.** Every byte returned to the model is scanned and secrets redacted first (see [Security](#security)).
|
|
50
|
+
|
|
51
|
+
## What You Can Do
|
|
52
|
+
|
|
53
|
+
Octocode is useful whenever the next coding step depends on finding and proving context, not guessing it.
|
|
54
|
+
|
|
55
|
+
| Need | Use Octocode to |
|
|
56
|
+
|------|-----------------|
|
|
57
|
+
| **Codebase questions** | Search local or GitHub code, read exact regions, browse trees, and carry file/line anchors into the answer. |
|
|
58
|
+
| **Implementation research** | Compare patterns across repositories, npm packages, pull requests, commits, and local files before changing code. |
|
|
59
|
+
| **Semantic navigation** | Resolve definitions, references, callers/callees, call hierarchy, hovers, symbols, diagnostics, and type relationships through LSP. |
|
|
60
|
+
| **Structural matching** | Run AST-shaped searches with patterns or YAML rules so comments and strings do not become false positives. |
|
|
61
|
+
| **Large-file context** | Minify, skeletonize, or paginate code so agents spend tokens on relevant structure instead of boilerplate. |
|
|
62
|
+
| **Binary or archive inspection** | Inspect archives, compressed streams, native binaries, and strings without leaving the research flow. |
|
|
63
|
+
| **Agent workflows** | Expose the same engine through MCP, CLI, OQL, and Agent Skills so assistants and humans use one evidence model. |
|
|
64
|
+
|
|
65
|
+
### Get Started
|
|
66
|
+
|
|
67
|
+
Add Octocode to an AI assistant with MCP, or run the same tools directly from
|
|
68
|
+
your terminal with the CLI.
|
|
69
|
+
|
|
70
|
+
**MCP fast install:**
|
|
71
|
+
|
|
72
|
+
[<img src="https://cursor.com/deeplink/mcp-install-dark.svg" alt="Install in Cursor">](https://cursor.com/en/install-mcp?name=octocode&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyJvY3RvY29kZS1tY3BAbGF0ZXN0Il19) [<img src="https://img.shields.io/badge/VS_Code-VS_Code?style=flat-square&label=Install%20Server&color=0098FF" alt="Install in VS Code">](https://insiders.vscode.dev/redirect?url=vscode%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522octocode%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522octocode-mcp%2540latest%255D%257D) [<img alt="Install in VS Code Insiders" src="https://img.shields.io/badge/VS_Code_Insiders-VS_Code_Insiders?style=flat-square&label=Install%20Server&color=24bfa5">](https://insiders.vscode.dev/redirect?url=vscode-insiders%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522octocode%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522octocode-mcp%2540latest%255D%257D)
|
|
73
|
+
|
|
74
|
+
```bash
|
|
75
|
+
# Interactive installer for Cursor, Claude Code, Codex, VS Code, and more
|
|
76
|
+
npx octocode install
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
**CLI fast install:**
|
|
80
|
+
|
|
81
|
+
```bash
|
|
82
|
+
npx octocode
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
Authenticate GitHub when you want private repositories or higher API limits:
|
|
86
|
+
|
|
87
|
+
```bash
|
|
88
|
+
npx octocode login
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
### Benchmarks
|
|
92
|
+
|
|
93
|
+
Latest benchmark output:
|
|
94
|
+
[packages/octocode-benchmark/output](https://github.com/bgauryy/octocode/tree/main/packages/octocode-benchmark/output/).
|
|
95
|
+
|
|
96
|
+
#### ast-grep Structural Comparison
|
|
97
|
+
|
|
98
|
+
Bars show relative throughput. Higher is better; lower `ms` is better.
|
|
99
|
+
|
|
100
|
+
What we tested: ast-grep CLI and Octocode structural grep on the same real
|
|
101
|
+
repository files, using the same broad AST node-kind searches
|
|
102
|
+
(`call_expression`, `call`, `method_invocation`). The goal was to check
|
|
103
|
+
structural AST grep compatibility by match count, then measure where time is
|
|
104
|
+
spent across Octocode's raw matcher, agent tool path, and public CLI.
|
|
105
|
+
|
|
106
|
+
This benchmark does not test text grep, LSP navigation, rewriting, or the full
|
|
107
|
+
ast-grep rule language. Those are separate capabilities.
|
|
108
|
+
|
|
109
|
+
```text
|
|
110
|
+
Octocode raw native ████████████████████ 17.1 ms median │ 2.0x faster │ 6/6 matched
|
|
111
|
+
ast-grep CLI ██████████░░░░░░░░░░ 34.6 ms median │ baseline │ 6/6 matched
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
`Octocode raw native` means the direct Rust/NAPI `structuralSearchFiles`
|
|
115
|
+
matcher: parse and match only, with no tool validation, sanitizer, pagination,
|
|
116
|
+
JSON shaping, or Node CLI startup. The agent-facing `localSearchCode` and public
|
|
117
|
+
`octocode search --pattern/--rule` paths are intentionally slower because they include those safety
|
|
118
|
+
and DX layers.
|
|
119
|
+
|
|
120
|
+
What was checked: we took ast-grep's benchmark scenario repo list, picked one
|
|
121
|
+
deterministic file from each supported repo, asked both tools to find the same
|
|
122
|
+
AST node kind in that file, verified identical match counts, then timed the
|
|
123
|
+
median run.
|
|
124
|
+
|
|
125
|
+
Benchmark files:
|
|
126
|
+
[runner](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/ast-grep/compare-upstream-scenarios.mjs) ·
|
|
127
|
+
[scenario manifest](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/ast-grep/upstream-outline-scenarios.json) ·
|
|
128
|
+
[latest output](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/output/comparison.md) ·
|
|
129
|
+
[unified CLI/tool/OQL eval](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/octocode/README.md) ·
|
|
130
|
+
[agent runbook](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/recipes/agent-benchmark-runbook.md)
|
|
131
|
+
|
|
132
|
+
---
|
|
133
|
+
|
|
134
|
+
## Tools
|
|
135
|
+
|
|
136
|
+
Octocode ships **14 research tools**; the same implementations run identically over [MCP](#mcp) and the [CLI](#cli). `ghCloneRepo` is opt-in for MCP (`ENABLE_CLONE=true`) and enabled by default for CLI; local tools require `ENABLE_LOCAL` (CLI default: on, MCP default: off). All flags: [Configuration Reference](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CONFIGURATION.md).
|
|
137
|
+
|
|
138
|
+
**Token knobs.** `concise:true` returns path/title-only lists. `minify` controls file read density: `symbols` = skeleton with line numbers, `standard` = comments/blanks stripped (default), `none` = exact bytes.
|
|
139
|
+
|
|
140
|
+
### GitHub Tools
|
|
141
|
+
|
|
142
|
+
| Tool | What it does | Knob |
|
|
143
|
+
|------|--------------|------|
|
|
144
|
+
| `ghSearchCode` | Code and path search across GitHub by owner, repo, path, filename, extension, and match filters. Accepts 1 to 5 parallel queries. | `concise` |
|
|
145
|
+
| `ghGetFileContent` | Read a GitHub file or region: full file, line range, match slice, or paginated chars. | `minify` |
|
|
146
|
+
| `ghViewRepoStructure` | Browse a GitHub repository's directory tree before reading files. | |
|
|
147
|
+
| `ghSearchRepos` | Discover repositories by keywords, owner, topic, language, stars, forks, size, dates, license, visibility. | `concise` |
|
|
148
|
+
| `ghHistoryResearch` | Search PR history, or deep-read one PR: files, patches, comments, reviews, commits. | `concise` |
|
|
149
|
+
| `ghCloneRepo` | Clone a repo or sparse subtree into the local cache for local/LSP analysis. **Opt-in** (`ENABLE_CLONE=true`). | `sparsePath` |
|
|
150
|
+
|
|
151
|
+
### Local Tools
|
|
152
|
+
|
|
153
|
+
| Tool | What it does | Knob |
|
|
154
|
+
|------|--------------|------|
|
|
155
|
+
| `localSearchCode` | Local code/text search returning file and line anchors. `mode:"structural"` runs Octocode AST shape queries (`pattern` or `rule`). | `mode` |
|
|
156
|
+
| `localViewStructure` | Browse a local directory tree: depth, filters, pagination, metadata. | `concise` |
|
|
157
|
+
| `localFindFiles` | Find local files and directories by name, path, regex, extension, size, time, permissions, type. | |
|
|
158
|
+
| `localGetFileContent` | Read a local file or region: exact slice, match string, line range, or paginated chars. | `minify` |
|
|
159
|
+
| `localBinaryInspect` | Inspect archives, compressed streams, and native binaries: inspect (format/symbols/imports/deps), list, extract, decompress, strings. | |
|
|
160
|
+
|
|
161
|
+
### Package Search
|
|
162
|
+
|
|
163
|
+
| Tool | What it does | Knob |
|
|
164
|
+
|------|--------------|------|
|
|
165
|
+
| `npmSearch` | npm package lookup and keyword search; returns metadata and the source repository for GitHub handoff. | `concise` |
|
|
166
|
+
|
|
167
|
+
### LSP
|
|
168
|
+
|
|
169
|
+
| Tool | What it does |
|
|
170
|
+
|------|--------------|
|
|
171
|
+
| `lspGetSemantics` | Typed semantic navigation. Raw tools support `definition`, `references`, `callers`, `callees`, `callHierarchy`, `hover`, `documentSymbols`, `typeDefinition`, `implementation`, `workspaceSymbol`, `supertypes`, `subtypes`, and `diagnostic`. The CLI uses `octocode search <file> --op <type>` for semantics and `octocode search <file> --symbols` for file or directory symbol outlines. Navigation runs through installed language servers (see the [LSP Tools Reference](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/LSP_TOOLS.md)). |
|
|
172
|
+
|
|
173
|
+
### OQL Search
|
|
174
|
+
|
|
175
|
+
| Tool | What it does |
|
|
176
|
+
|------|--------------|
|
|
177
|
+
| `oqlSearch` | Runs typed OQL queries across code, content, structure, files, semantics, repositories, packages, pull requests, commits, artifacts, diff, research, graph, and materialization targets. |
|
|
178
|
+
|
|
179
|
+
**Per-tool references** (full schemas, fields, and examples) live in **[`docs/mcp`](https://github.com/bgauryy/octocode/tree/main/docs/mcp)**:
|
|
180
|
+
- [GitHub Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/GITHUB_TOOLS.md)
|
|
181
|
+
- [Local Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/LOCAL_TOOLS.md)
|
|
182
|
+
- [Binary Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/BINARY_TOOLS.md)
|
|
183
|
+
- [LSP Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/LSP_TOOLS.md)
|
|
184
|
+
- [Tool Behavior Guide](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/TOOL_BEHAVIOR.md)
|
|
185
|
+
|
|
186
|
+
---
|
|
187
|
+
|
|
188
|
+
## MCP
|
|
189
|
+
|
|
190
|
+
The MCP server exposes the Octocode tool catalog directly to your AI assistant over stdio. Install once; the assistant calls tools automatically.
|
|
191
|
+
|
|
192
|
+
### Install
|
|
193
|
+
|
|
194
|
+
**Fast install:**
|
|
195
|
+
|
|
196
|
+
[<img src="https://cursor.com/deeplink/mcp-install-dark.svg" alt="Install in Cursor">](https://cursor.com/en/install-mcp?name=octocode&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyJvY3RvY29kZS1tY3BAbGF0ZXN0Il19) [<img src="https://img.shields.io/badge/VS_Code-VS_Code?style=flat-square&label=Install%20Server&color=0098FF" alt="Install in VS Code">](https://insiders.vscode.dev/redirect?url=vscode%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522octocode%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522octocode-mcp%2540latest%255D%257D) [<img alt="Install in VS Code Insiders" src="https://img.shields.io/badge/VS_Code_Insiders-VS_Code_Insiders?style=flat-square&label=Install%20Server&color=24bfa5">](https://insiders.vscode.dev/redirect?url=vscode-insiders%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522octocode%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522octocode-mcp%2540latest%255D%257D)
|
|
197
|
+
|
|
198
|
+
**Or use the installer (detects your installed clients):**
|
|
199
|
+
|
|
200
|
+
```bash
|
|
201
|
+
# Interactive: detects your installed clients
|
|
202
|
+
npx octocode install
|
|
203
|
+
|
|
204
|
+
# Non-interactive
|
|
205
|
+
octocode install --ide cursor
|
|
206
|
+
octocode install --ide claude-code
|
|
207
|
+
```
|
|
208
|
+
|
|
209
|
+
https://github.com/user-attachments/assets/de8d14c0-2ead-46ed-895e-09144c9b5071
|
|
210
|
+
|
|
211
|
+
### Manual Configuration
|
|
212
|
+
|
|
213
|
+
Add to your MCP client config file:
|
|
214
|
+
|
|
215
|
+
```json
|
|
216
|
+
{
|
|
217
|
+
"mcpServers": {
|
|
218
|
+
"octocode": {
|
|
219
|
+
"command": "npx",
|
|
220
|
+
"args": ["octocode-mcp@latest"]
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
```
|
|
225
|
+
|
|
226
|
+
For GitHub auth, add a token under `env` (see [Authentication Methods](#authentication-methods)).
|
|
227
|
+
|
|
228
|
+
### Configuration
|
|
229
|
+
|
|
230
|
+
Set tokens and options as `env` entries here, or machine-wide in `.octocoderc`. See [Configuration](#configuration) for every setting, the home-folder layout, and precedence.
|
|
231
|
+
|
|
232
|
+
---
|
|
233
|
+
|
|
234
|
+
## CLI
|
|
235
|
+
|
|
236
|
+
The CLI exposes the same research engine without an MCP client. Use quick commands for humans, or call raw tools from scripts and CI. It is agent-friendly by design: `npx octocode --help`, `npx octocode context`, and `npx octocode tools <name> --scheme` publish the research protocol, tool descriptions, and exact schemas, while command output returns compact anchors, pagination, and follow-up hints that guide agents through evidence-first research.
|
|
237
|
+
|
|
238
|
+
### Install
|
|
239
|
+
|
|
240
|
+
```bash
|
|
241
|
+
npx octocode
|
|
242
|
+
```
|
|
243
|
+
|
|
244
|
+
```bash
|
|
245
|
+
npx octocode login
|
|
246
|
+
npx octocode status
|
|
247
|
+
```
|
|
248
|
+
|
|
249
|
+
### All Commands
|
|
250
|
+
|
|
251
|
+
Local paths route to local tools; `owner/repo[/path]` targets route to GitHub tools.
|
|
252
|
+
|
|
253
|
+
| Command | Use it for |
|
|
254
|
+
|---------|------------|
|
|
255
|
+
| `octocode search <term> <path\|owner/repo>` | Text/regex search, file discovery with `--search path` / `--target files`, AST structural search with `--pattern` / `--rule`, and full OQL with `--query`. Use `--lang` for language/extension scope. |
|
|
256
|
+
| `octocode search <path\|owner/repo> --tree` | Browse local or GitHub structure |
|
|
257
|
+
| `octocode search <file>` | Read content, line ranges, and matched slices; add `--content-view exact|compact|symbols` or `--raw` |
|
|
258
|
+
| `octocode search <file> --symbols` | Show a symbol outline for a file or source tree |
|
|
259
|
+
| `octocode search <owner/repo[#N]\|PR-URL> --target pullRequests` | Search or deep-read pull requests |
|
|
260
|
+
| `octocode search <owner/repo[/path]> --target commits` | Inspect commit history for a repo, directory, or file |
|
|
261
|
+
| `octocode search <keywords...> --target repositories` | Discover GitHub repositories |
|
|
262
|
+
| `octocode search <package\|keywords> --target packages` | Search npm and hand off to source repositories |
|
|
263
|
+
| `octocode search <file> --op <type> [--symbol <name>] [--line <n>]` | Trace `definition`, `references`, `callers`, `callees`, `callHierarchy`, `hover`, `typeDefinition`, `implementation`, `workspaceSymbol`, `supertypes`, `subtypes`, and `diagnostic`; `documentSymbols` outlines a file directly |
|
|
264
|
+
| `octocode search <file> --target artifacts` | Inspect archives, compressed files, and native binaries with `--inspect`, `--list`, `--extract`, `--decompress`, or `--strings` |
|
|
265
|
+
| `octocode unzip <archive>` | Unpack an archive to `<octocode-home>/tmp/unzip/<name>-<timestamp>/`, then use local `search --tree`, `search`, and `search <file>` |
|
|
266
|
+
| `octocode clone <owner/repo[/path][@branch]>` | Clone a repo or subtree to `<octocode-home>/tmp/clone/` for local/LSP analysis (`ENABLE_CLONE=true`) |
|
|
267
|
+
| `octocode cache fetch <owner/repo[@ref]> [path] [--depth file\|tree\|clone]` | Materialize remote content locally and return the absolute `localPath`; reuses the cache or force-refreshes with `--force-refresh` |
|
|
268
|
+
| `octocode cache status` | Show size and entry count of clone/tree/binary/unzip cache buckets |
|
|
269
|
+
| `octocode cache clear [--clone\|--repos\|--tree\|--binary\|--unzip\|--all]` | Remove cached materialization data |
|
|
270
|
+
| `octocode search --query <oql-json>` | Route typed OQL across code, content, structure, files, semantics, repositories, packages, pull requests, commits, artifacts, diff, research, graph, and materialization targets |
|
|
271
|
+
| `octocode tools` | List tools, read schemas, or run any MCP tool directly from the terminal |
|
|
272
|
+
| `octocode context` | Print agent-facing protocol, system prompt, tool descriptions, and schemas |
|
|
273
|
+
| `octocode skill --add <github-folder> --platform <common\|cursor\|claude\|codex\|all>` | Install one GitHub Agent Skill folder into deterministic agent destinations; full flags, no prompt |
|
|
274
|
+
| `octocode install` | Configure Octocode in MCP clients |
|
|
275
|
+
| `octocode auth` | Manage GitHub authentication with `login`, `logout`, `refresh`, or read-only `status` |
|
|
276
|
+
| `octocode login` / `octocode logout` | Open the interactive auth picker or clear stored GitHub credentials |
|
|
277
|
+
| `octocode status` | Check token presence, auth identity, MCP installs, sync state, and cache paths |
|
|
278
|
+
|
|
279
|
+
Full command syntax, flags, examples, and exit codes live in the [CLI Reference](https://github.com/bgauryy/octocode/blob/main/docs/cli/REFERENCE.md).
|
|
280
|
+
|
|
281
|
+
---
|
|
282
|
+
|
|
283
|
+
## Configuration
|
|
284
|
+
|
|
285
|
+
Everything is optional; Octocode runs on sensible defaults. Settings resolve from three sources, in priority order:
|
|
286
|
+
|
|
287
|
+
```text
|
|
288
|
+
environment variables > <octocode-home>/.octocoderc > built-in defaults
|
|
289
|
+
```
|
|
290
|
+
|
|
291
|
+
1. **MCP / environment variables** (highest): per client or per project, set in your MCP config `env` or your shell.
|
|
292
|
+
2. **Global config**: `<octocode-home>/.octocoderc`, machine-wide defaults read by **both the CLI and the MCP server**.
|
|
293
|
+
3. **Built-in defaults**: used when neither is set.
|
|
294
|
+
|
|
295
|
+
**Octocode home** (`<octocode-home>`) holds the global config, encrypted credentials, sessions, stats, and tmp materialization caches. Its location is fixed per platform (there is no override):
|
|
296
|
+
|
|
297
|
+
| Platform | Location |
|
|
298
|
+
|----------|----------|
|
|
299
|
+
| macOS | `~/.octocode` |
|
|
300
|
+
| Linux | `${XDG_CONFIG_HOME:-~/.config}/.octocode` |
|
|
301
|
+
| Windows | `%APPDATA%\.octocode` |
|
|
302
|
+
|
|
303
|
+
**Set in MCP** (env entries; these win over `.octocoderc`):
|
|
304
|
+
|
|
305
|
+
```json
|
|
306
|
+
{
|
|
307
|
+
"mcpServers": {
|
|
308
|
+
"octocode": {
|
|
309
|
+
"command": "npx",
|
|
310
|
+
"args": ["octocode-mcp@latest"],
|
|
311
|
+
"env": {
|
|
312
|
+
"GITHUB_TOKEN": "ghp_xxxxxxxx",
|
|
313
|
+
"ENABLE_LOCAL": "true",
|
|
314
|
+
"ENABLE_CLONE": "false"
|
|
315
|
+
}
|
|
316
|
+
}
|
|
317
|
+
}
|
|
318
|
+
}
|
|
319
|
+
```
|
|
320
|
+
|
|
321
|
+
**Set globally** for both the CLI and MCP in `<octocode-home>/.octocoderc` (JSON, comments and trailing commas tolerated; never put tokens here). See the ready-to-copy [example below](#example-octocoderc).
|
|
322
|
+
|
|
323
|
+
### Common settings
|
|
324
|
+
|
|
325
|
+
The **Scope** column shows where a setting applies: `Both`, or `MCP` (the CLI ignores it).
|
|
326
|
+
|
|
327
|
+
| Env var | `.octocoderc` key | Default | Scope | What it does |
|
|
328
|
+
|---------|-------------------|---------|-------|--------------|
|
|
329
|
+
| `OCTOCODE_TOKEN` / `GH_TOKEN` / `GITHUB_TOKEN` | env only | unset | Both | GitHub token, in priority order. Tokens stay in env, never in `.octocoderc`. |
|
|
330
|
+
| `GITHUB_API_URL` | `github.apiUrl` | `https://api.github.com` | Both | API endpoint; use `/api/v3` for GitHub Enterprise. |
|
|
331
|
+
| `ENABLE_LOCAL` | `local.enabled` | CLI `true`, MCP `false` | Both | Turns local filesystem + LSP tools on/off. |
|
|
332
|
+
| `ENABLE_CLONE` | `local.enableClone` | CLI `true`, MCP `false` | Both | `ghCloneRepo` and directory fetch. Default differs by surface; set `false` to disable in either. |
|
|
333
|
+
| `WORKSPACE_ROOT` | `local.workspaceRoot` | `cwd` | Both | Absolute root for resolving relative local paths. |
|
|
334
|
+
| `ALLOWED_PATHS` | `local.allowedPaths` | `[]` | Both | Extra path allowlist for local access; empty means home directory only after validation. |
|
|
335
|
+
| `TOOLS_TO_RUN` / `ENABLE_TOOLS` / `DISABLE_TOOLS` | `tools.*` | unset | **MCP** | Whitelist, add to, or remove from the registered tool set. The CLI exposes every tool. |
|
|
336
|
+
| `REQUEST_TIMEOUT` | `network.timeout` | `30000` | Both | Request timeout in ms (clamped `5000..300000`). |
|
|
337
|
+
| `MAX_RETRIES` | `network.maxRetries` | `3` | Both | Retry attempts (clamped `0..10`). |
|
|
338
|
+
| `OCTOCODE_OUTPUT_FORMAT` | `output.format` | `yaml` | Both | Response format: `yaml` or `json`. |
|
|
339
|
+
|
|
340
|
+
> **Local and clone defaults differ by surface.** The **CLI** honors `ENABLE_LOCAL` and defaults local tools on; clone is enabled by default. The **MCP server** honors `ENABLE_LOCAL` and defaults local tools and clone off, so a deployment can control what an assistant may touch. Explicit env or `.octocoderc` values override those defaults.
|
|
341
|
+
|
|
342
|
+
### Example `.octocoderc`
|
|
343
|
+
|
|
344
|
+
Drop this at `<octocode-home>/.octocoderc` for machine-wide defaults shared by the CLI and the MCP server. Every field is optional; keep only what you want to change. **Tokens never go here** (use env or `octocode login`).
|
|
345
|
+
|
|
346
|
+
```jsonc
|
|
347
|
+
{
|
|
348
|
+
// GitHub Enterprise users: point at your API endpoint.
|
|
349
|
+
"github": { "apiUrl": "https://api.github.com" },
|
|
350
|
+
|
|
351
|
+
"local": {
|
|
352
|
+
"enabled": true, // overrides the surface default for CLI and MCP
|
|
353
|
+
"enableClone": false, // false disables ghCloneRepo for CLI and MCP
|
|
354
|
+
"workspaceRoot": "~/code", // base for relative local paths (absolute or ~)
|
|
355
|
+
"allowedPaths": [] // extra dirs the local tools may read
|
|
356
|
+
},
|
|
357
|
+
|
|
358
|
+
"network": { "timeout": 30000, "maxRetries": 3 },
|
|
359
|
+
|
|
360
|
+
"output": { "format": "yaml" } // "yaml" or "json"
|
|
361
|
+
}
|
|
362
|
+
```
|
|
363
|
+
|
|
364
|
+
Per-project overrides and custom LSP servers live in a workspace `.octocode/` folder (for example `.octocode/lsp-servers.json`). For every variable, the full `.octocoderc` schema, clone-cache tuning, GitHub Enterprise setup, local-state paths, and precedence details, see the [Configuration Reference](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CONFIGURATION.md).
|
|
365
|
+
|
|
366
|
+
---
|
|
367
|
+
|
|
368
|
+
## Authentication Methods
|
|
369
|
+
|
|
370
|
+
GitHub-backed tools require authentication. Any one method is enough. Full details: [Authentication Setup](https://github.com/bgauryy/octocode/blob/main/docs/mcp/AUTHENTICATION.md).
|
|
371
|
+
|
|
372
|
+
### Option 1: Octocode CLI (Recommended)
|
|
373
|
+
|
|
374
|
+
```bash
|
|
375
|
+
npx octocode login
|
|
376
|
+
npx octocode status # verify the active token source
|
|
377
|
+
```
|
|
378
|
+
|
|
379
|
+
Interactive login lets you choose Octocode browser OAuth or `gh auth login`. Octocode OAuth credentials are stored encrypted on disk.
|
|
380
|
+
|
|
381
|
+
### Option 2: GitHub CLI (also supported)
|
|
382
|
+
|
|
383
|
+
```bash
|
|
384
|
+
gh auth login
|
|
385
|
+
```
|
|
386
|
+
|
|
387
|
+
Octocode reads the `gh` token automatically — no further config needed.
|
|
388
|
+
|
|
389
|
+
### Option 3: Personal Access Token (also supported)
|
|
390
|
+
|
|
391
|
+
Set `OCTOCODE_TOKEN`, `GH_TOKEN`, or `GITHUB_TOKEN` in your shell. Required scopes: `repo`, `read:user`, `read:org`.
|
|
392
|
+
|
|
393
|
+
Create a token at [github.com/settings/tokens](https://github.com/settings/tokens).
|
|
394
|
+
|
|
395
|
+
> **Security tip**: Never commit tokens to version control. Use environment variables or secure secret management.
|
|
396
|
+
|
|
397
|
+
---
|
|
398
|
+
|
|
399
|
+
## Security
|
|
400
|
+
|
|
401
|
+
**Every byte that reaches the model is scanned and redacted first.** All content (local files, GitHub and npm responses, error messages, and tool outputs) passes through the Rust engine's secret scanner on the way *in* (tool inputs) and on the way *out* (results), so secrets never reach the LLM. The same enforcement runs identically under MCP and the CLI.
|
|
402
|
+
|
|
403
|
+
- **Secret redaction, in and out.** 300+ provider credential patterns (AWS, Azure, GCP, GitHub, OpenAI, Anthropic, Stripe, Slack, 1Password, and more) plus generic JWTs, PEM/private keys, bearer tokens, database connection strings, and high-entropy strings. Masked values surface a redaction warning so the agent knows.
|
|
404
|
+
- **Content sanitized at the source.** Local reads (`localGetFileContent`, ripgrep, structural search, binary, file discovery, structure) and external fetches (GitHub code/files, npm) are scanned as they are read, not only at the boundary.
|
|
405
|
+
- **Path safety.** Relative inputs resolve from `WORKSPACE_ROOT` / config / `cwd`, then local reads are bounded to the engine's allowed roots (home by default, plus `ALLOWED_PATHS` and Octocode-registered roots). Symlinks are resolved and the real target is **re-validated**, so a link cannot escape into a blocked location.
|
|
406
|
+
- **Sensitive files and directories are blocked by default.** Octocode refuses to read known secret-bearing files and folders wherever they live, returning a redacted error instead of contents. Blocked patterns include:
|
|
407
|
+
- **Keys and certs:** `*.pem`, `*.key`, `*.crt`/`*.cer`/`*.csr`, `*.p12`/`*.pfx`/`*.jks`/`*.keystore`, and SSH keys (`id_rsa`, `*_ed25519`, `authorized_keys`, `known_hosts`, `.ssh/`).
|
|
408
|
+
- **Credentials and tokens:** `.env` / `.env.*`, `.netrc`, `.npmrc`, `.pgpass`, `.git-credentials`, `*_token` / `.token`, `client_secret*.json`, `*service-account*.json`, `auth.json`, `.htpasswd`.
|
|
409
|
+
- **Cloud and infra:** `.aws/`, `.azure/`, `.config/gcloud/`, `.kube/` / `kubeconfig`, `.docker/`, `.terraform/` and `*.tfstate`.
|
|
410
|
+
- **OS and app secret stores:** `.git/`, `secrets/`, `private/`, browser login data (Chrome/Firefox), OS keychains, password managers (`*.kdbx`), shell history files, and crypto wallets.
|
|
411
|
+
- **Command safety.** Normal local search runs in-process inside `octocode-engine`. External helpers are fixed per lane, command/argument allowlisted, and run via `spawn` with argument arrays: no shell strings, no injection.
|
|
412
|
+
- **Schema validation** runs before any tool executes; untrusted input size and shape are bounded.
|
|
413
|
+
- **Credentials.** GitHub auth via env tokens, AES-256-GCM-encrypted on-disk OAuth, or the `gh` CLI; tokens are never logged.
|
|
414
|
+
|
|
415
|
+
**Full security model, pipeline, and threat coverage: [SECURITY.md](https://github.com/bgauryy/octocode/blob/main/docs/SECURITY.md).** Related: [Authentication](https://github.com/bgauryy/octocode/blob/main/docs/mcp/AUTHENTICATION.md) · [Configuration](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CONFIGURATION.md) · [Credentials](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CREDENTIALS.md)
|
|
416
|
+
|
|
417
|
+
---
|
|
418
|
+
|
|
419
|
+
## Language Support
|
|
420
|
+
|
|
421
|
+
Four code-intelligence axes; three are native to the Rust engine and need no external tooling:
|
|
422
|
+
|
|
423
|
+
| Axis | What it does | How to use it |
|
|
424
|
+
|------|--------------|---------------|
|
|
425
|
+
| **Structural AST** | Tree-sitter shape queries (`pattern` or YAML `rule`) across 33 grammars. | `localSearchCode mode:"structural"` · CLI `search --pattern`/`--rule` |
|
|
426
|
+
| **Signature outline** | Body-free skeleton with line numbers from real tree-sitter parsing, no heuristics. An anti-growth guard returns the real file when a skeleton wouldn't be smaller. | `minify:"symbols"` · CLI `search <file> --content-view symbols` |
|
|
427
|
+
| **Content minification** | Comment/whitespace stripping for 70+ languages and config formats; HTML/Vue/Svelte also minify embedded `<style>`/`<script>`. | `minify:"standard"` (default) |
|
|
428
|
+
| **LSP navigation** | definition, references, callers/callees, callHierarchy, hover, typeDefinition, implementation, documentSymbols, via an installed language server; JS/TS also have a native, no-server path. | `lspGetSemantics` · CLI `search --op` / `search --symbols` |
|
|
429
|
+
|
|
430
|
+
📋 **Full support matrix:** every extension with its exact AST, signature, LSP, and minify capability, machine-generated from the shipped binary, lives in **[`benchmark/SUPPORT.md`](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/SUPPORT.md)** (150 extensions: 61 AST, 47 signature, 56 LSP, 89 minify-only). Regenerate or verify with `yarn workspace @octocodeai/octocode-benchmark matrix:check`.
|
|
431
|
+
|
|
432
|
+
---
|
|
433
|
+
|
|
434
|
+
## Skills
|
|
435
|
+
|
|
436
|
+
> [Agent Skills](https://agentskills.io/what-are-skills) are a lightweight, open format for extending AI agent capabilities.
|
|
437
|
+
> Browse and install on [**skills.sh/bgauryy/octocode-mcp**](https://www.skills.sh/bgauryy/octocode-mcp) · Skills index: [skills/README.md](https://github.com/bgauryy/octocode/blob/main/skills/README.md)
|
|
438
|
+
|
|
439
|
+
These are the skills the Octocode team itself uses to build Octocode. **9 skills** live under [`skills/`](https://github.com/bgauryy/octocode/tree/main/skills); the table mirrors the [Skills Index](https://github.com/bgauryy/octocode/blob/main/skills/README.md). ⭐ **[Engineer](https://www.skills.sh/bgauryy/octocode-mcp/octocode-engineer)** is the recommended starting skill.
|
|
440
|
+
|
|
441
|
+
Install any GitHub skill folder directly from the Octocode CLI:
|
|
442
|
+
|
|
443
|
+
```bash
|
|
444
|
+
# Shared cross-agent location: ~/.agents/skills
|
|
445
|
+
npx octocode skill --add bgauryy/octocode-mcp/skills/octocode-engineer --platform common
|
|
446
|
+
|
|
447
|
+
# Agent-safe install for multiple clients; never prompts
|
|
448
|
+
npx octocode skill --add https://github.com/bgauryy/octocode-mcp/tree/main/skills/octocode-engineer --platform cursor,codex --mode copy --json
|
|
449
|
+
```
|
|
450
|
+
|
|
451
|
+
Platforms: `common` (`~/.agents/skills`), `cursor`, `claude` (Claude Code + Claude Desktop), `codex`, or `all`. Use `--mode symlink` to keep each agent pointed at the Octocode-managed source cache. Full guide: [Skills Guide](https://github.com/bgauryy/octocode/blob/main/docs/SKILLS_GUIDE.md).
|
|
452
|
+
|
|
453
|
+
| Skill | Directory | Use it when |
|
|
454
|
+
|-------|-----------|-------------|
|
|
455
|
+
| [**CLI**](https://www.skills.sh/bgauryy/octocode-mcp/octocode) | `octocode/` | You want to research code from the terminal without MCP: local, GitHub, npm, file, repo, PR, or package lookup. |
|
|
456
|
+
| ⭐ [**Engineer**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-engineer) | `octocode-engineer/` | You need to understand, implement, review, refactor, or audit code. The default for "work on this code." |
|
|
457
|
+
| [**Loop**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-loop) | `octocode-loop/` | The goal and research path are clear and the work needs grounded Act -> Observe -> Learn -> Repeat loops until evidence converges. |
|
|
458
|
+
| [**Brainstorming**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-brainstorming) | `octocode-brainstorming/` | The idea is fuzzy: validate prior art, check whether something is worth building, or produce a decision brief. |
|
|
459
|
+
| [**RFC Generator**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-rfc-generator) | `octocode-rfc-generator/` | You need a design doc, RFC, architecture proposal, migration plan, or rollout plan before coding. |
|
|
460
|
+
| [**Roast**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-roast) | `octocode-roast/` | You want brutal but actionable code critique with severity-ranked findings and fixes. |
|
|
461
|
+
| [**Skills**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-skills) | `octocode-skills/` | You are working on Agent Skills themselves: find, evaluate, install, lint, create, or update `SKILL.md` folders. |
|
|
462
|
+
| [**Awareness**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-awareness) | `octocode-awareness/` | You need memory, file locks, or verify-before-conclude across runs or concurrent agents in a shared/dirty repo. |
|
|
463
|
+
| [**Stats**](https://www.skills.sh/bgauryy/octocode-mcp/octocode-stats) | `octocode-stats/` | You want to visualize Octocode usage: tokens/chars saved, cache hits, errors, and rate limits from `stats.json`. |
|
|
464
|
+
|
|
465
|
+
---
|
|
466
|
+
|
|
467
|
+
## Architecture
|
|
468
|
+
|
|
469
|
+
A yarn-workspaces monorepo. The **MCP server** and the **CLI** are thin front-ends over one shared TypeScript tool core, which delegates every CPU-heavy path to a single **Rust engine** (compiled via [napi-rs](https://napi.rs) to prebuilt `.node` binaries). One tool catalog, one security layer, one response shaper, reached two ways.
|
|
470
|
+
|
|
471
|
+
```mermaid
|
|
472
|
+
graph LR
|
|
473
|
+
CLI["octocode<br/>CLI"]
|
|
474
|
+
MCP["octocode-mcp<br/>MCP server, stdio"]
|
|
475
|
+
VSC["VS Code extension<br/>OAuth + install"]
|
|
476
|
+
CORE["octocode-tools-core<br/>tools, GitHub client, auth, pagination, security bridge"]
|
|
477
|
+
ENGINE["octocode-engine (Rust)<br/>secrets, minify, AST, signatures, ripgrep/diff/YAML, LSP"]
|
|
478
|
+
EXT["GitHub API, local FS + ripgrep, language servers"]
|
|
479
|
+
|
|
480
|
+
CLI --> CORE
|
|
481
|
+
MCP --> CORE
|
|
482
|
+
VSC -. starts .-> MCP
|
|
483
|
+
CORE --> ENGINE
|
|
484
|
+
CORE --> EXT
|
|
485
|
+
ENGINE --> EXT
|
|
486
|
+
|
|
487
|
+
style ENGINE fill:#1a1a2e,stroke:#e75d2a,color:#fff
|
|
488
|
+
```
|
|
489
|
+
|
|
490
|
+
**Request flow** is identical whether a call arrives over MCP or the CLI:
|
|
491
|
+
|
|
492
|
+
```text
|
|
493
|
+
client → sanitize inputs (Rust) → run tool (GitHub / FS / LSP) → sanitize + YAML-serialize + paginate (Rust) → result + next-step hints
|
|
494
|
+
```
|
|
495
|
+
|
|
496
|
+
**One Rust engine** owns secret detection, sanitization, path/command validation, minification (70+ languages), signature extraction, structural AST search, ripgrep parsing, diff filtering, YAML serialization, and LSP, so the Node event loop stays unblocked and there is no duplicate native loader. It ships prebuilt for darwin (arm64/x64), linux (arm64/x64, gnu + musl), and win32-x64; no Rust toolchain is needed at runtime.
|
|
497
|
+
|
|
498
|
+
### Packages
|
|
499
|
+
|
|
500
|
+
| Directory | npm package | Role |
|
|
501
|
+
|-----------|-------------|------|
|
|
502
|
+
| [`packages/octocode`](https://github.com/bgauryy/octocode/tree/main/packages/octocode) | `octocode` | CLI: quick commands, raw tool runner, skill installs, auth/login/logout, install, status, context. |
|
|
503
|
+
| [`packages/octocode-mcp`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-mcp) | `octocode-mcp` | MCP server (stdio) that registers the tool catalog for AI assistants. |
|
|
504
|
+
| [`packages/octocode-tools-core`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-tools-core) | `@octocodeai/octocode-tools-core` | Shared tool core: implementations, GitHub client, credentials and token resolution, session, pagination, security bridge. |
|
|
505
|
+
| [`packages/octocode-engine`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-engine) | `@octocodeai/octocode-engine` | Rust/napi native engine: security scanning, minification, signatures, structural AST, ripgrep/diff/YAML, LSP. |
|
|
506
|
+
| [`packages/octocode-vscode`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-vscode) | `octocode-mcp-vscode` | VS Code extension: GitHub OAuth + multi-editor MCP install. |
|
|
507
|
+
|
|
508
|
+
---
|
|
509
|
+
|
|
510
|
+
## Documentation
|
|
511
|
+
|
|
512
|
+
Website: **[octocode.ai](https://octocode.ai)** · Product docs: **[github.com/bgauryy/octocode/tree/main/docs](https://github.com/bgauryy/octocode/tree/main/docs)** · Index: **[docs/README.md](https://github.com/bgauryy/octocode/blob/main/docs/README.md)**. Product documentation lives in [`docs/`](https://github.com/bgauryy/octocode/tree/main/docs); benchmark methodology, evals, and run artifacts live in [`packages/octocode-benchmark`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-benchmark).
|
|
513
|
+
|
|
514
|
+
**Docs map**
|
|
515
|
+
- [`docs/mcp/`](https://github.com/bgauryy/octocode/tree/main/docs/mcp): MCP server configuration, authentication, tools, workflows, architecture
|
|
516
|
+
- [`docs/cli/`](https://github.com/bgauryy/octocode/tree/main/docs/cli): CLI commands, flags, and reference material
|
|
517
|
+
- [`docs/`](https://github.com/bgauryy/octocode/tree/main/docs): guides for development, security, and Pi setup
|
|
518
|
+
- [`packages/octocode-benchmark/`](https://github.com/bgauryy/octocode/tree/main/packages/octocode-benchmark): benchmark methodology, support matrix, unified eval, recipes, output schema, and run artifacts
|
|
519
|
+
|
|
520
|
+
**Setup**
|
|
521
|
+
- [Authentication Setup](https://github.com/bgauryy/octocode/blob/main/docs/mcp/AUTHENTICATION.md)
|
|
522
|
+
- [Configuration Reference](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CONFIGURATION.md)
|
|
523
|
+
- [Using octocode-mcp with Pi](https://github.com/bgauryy/octocode/blob/main/docs/PI/PI_SETUP_GUIDE.md)
|
|
524
|
+
|
|
525
|
+
**Tool References**
|
|
526
|
+
- [GitHub Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/GITHUB_TOOLS.md)
|
|
527
|
+
- [Local Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/LOCAL_TOOLS.md)
|
|
528
|
+
- [Binary Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/BINARY_TOOLS.md)
|
|
529
|
+
- [LSP Tools](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/LSP_TOOLS.md)
|
|
530
|
+
- [Clone & Local Workflow](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CLONE_WORKFLOW.md)
|
|
531
|
+
- [Tool Behavior Guide](https://github.com/bgauryy/octocode/blob/main/docs/mcp/tools/TOOL_BEHAVIOR.md)
|
|
532
|
+
|
|
533
|
+
**Benchmarks & Evals**
|
|
534
|
+
- [Benchmark Summary](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/BENCHMARK.md)
|
|
535
|
+
- [Unified CLI/Tool/OQL Eval](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/octocode/README.md)
|
|
536
|
+
- [Benchmark Runbook](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/recipes/agent-benchmark-runbook.md)
|
|
537
|
+
- [Support Matrix](https://github.com/bgauryy/octocode/blob/main/packages/octocode-benchmark/benchmark/SUPPORT.md)
|
|
538
|
+
|
|
539
|
+
**Security, CLI & Skills**
|
|
540
|
+
- [Security Model](https://github.com/bgauryy/octocode/blob/main/docs/SECURITY.md)
|
|
541
|
+
- [CLI Reference](https://github.com/bgauryy/octocode/blob/main/docs/cli/REFERENCE.md)
|
|
542
|
+
- [Skills Guide](https://github.com/bgauryy/octocode/blob/main/docs/SKILLS_GUIDE.md)
|
|
543
|
+
- [Skills Index](https://github.com/bgauryy/octocode/blob/main/skills/README.md)
|
|
544
|
+
|
|
545
|
+
**Shared Internals**
|
|
546
|
+
- [Credentials Architecture](https://github.com/bgauryy/octocode/blob/main/docs/mcp/CREDENTIALS.md) · [Session Persistence](https://github.com/bgauryy/octocode/blob/main/docs/mcp/SESSION.md)
|
|
547
|
+
|
|
548
|
+
### Recommended dev mode: Pi + Octocode
|
|
549
|
+
|
|
550
|
+
[Pi](https://github.com/earendil-works/pi) is a fast, local-first coding agent whose stated philosophy is *"CLI tools with READMEs (Skills) over MCP."* Pairing it with Octocode gives a lean, evidence-driven dev loop — **Pi edits, Octocode researches**. Two routes, pick by how much surface you need:
|
|
551
|
+
|
|
552
|
+
- **Skill route — recommended, leanest.** Drop the [`octocode-engineer`](https://www.skills.sh/bgauryy/octocode-mcp/octocode-engineer) skill into Pi's global skills dir. It drives the Octocode **CLI** directly — no MCP transport, minimal token overhead — and Pi auto-discovers it:
|
|
553
|
+
|
|
554
|
+
```bash
|
|
555
|
+
npx octocode skill --add bgauryy/octocode-mcp/skills/octocode-engineer --platform common
|
|
556
|
+
```
|
|
557
|
+
|
|
558
|
+
- **Adapter route — full tool surface.** Install [`pi-mcp-adapter`](https://github.com/nicobailon/pi-mcp-adapter) to expose all 14 Octocode MCP tools behind a single ~200-token proxy tool, so servers stay disconnected until a tool is actually called. Enable clone tools with `ENABLE_CLONE=true`.
|
|
559
|
+
|
|
560
|
+
Tune Pi's behavior with an `APPEND_SYSTEM.md` (a compact starter lives at [`docs/PI/APPEND_SYSTEM.md`](https://github.com/bgauryy/octocode/blob/main/docs/PI/APPEND_SYSTEM.md)). The full walkthrough — adapter install, MCP config scopes, skills, system-prompt tuning, and custom models — is in the [**Pi Setup Guide**](https://github.com/bgauryy/octocode/blob/main/docs/PI/PI_SETUP_GUIDE.md).
|
|
561
|
+
|
|
562
|
+
### The Manifest
|
|
563
|
+
|
|
564
|
+
**"Code is Truth, but Context is the Map."** Read the [Manifest of Octocode for Research Driven Development](https://github.com/bgauryy/octocode/blob/main/MANIFEST.md) to understand the philosophy behind Octocode.
|
package/dist/config.d.ts
CHANGED
|
@@ -14,3 +14,10 @@ export declare const MAX_CONTEXT_LINES = 100;
|
|
|
14
14
|
export declare const MAX_CHAR_LENGTH = 50000;
|
|
15
15
|
export declare const GITHUB_FILE_CONTENT_DEFAULT_CHAR_LENGTH = 8000;
|
|
16
16
|
export declare const MAX_MATCH_CONTENT_LENGTH = 100000;
|
|
17
|
+
/**
|
|
18
|
+
* Default per-match snippet length (Unicode scalars). Mirrors the Rust engine's
|
|
19
|
+
* `DEFAULT_MAX_SNIPPET_CHARS` so GitHub code-search fragments are bounded by the
|
|
20
|
+
* same rule that bounds local ripgrep snippets — char-safe truncation with `...`.
|
|
21
|
+
* The render layer must not re-truncate; this is the single data-layer bound.
|
|
22
|
+
*/
|
|
23
|
+
export declare const DEFAULT_MATCH_SNIPPET_CHARS = 500;
|