@openape/ape-agent 2.8.15 → 2.9.1

package/dist/bridge.mjs

@@ -1398,117 +1398,9 @@ function createHeuristicDetector() {
 import { decodeJwt } from "jose";
 import WebSocket from "ws";
 
-// src/chat-api.ts
-import { ofetch as ofetch6 } from "ofetch";
-var MAX_BODY = 1e4;
-var ChatApi = class {
-  constructor(endpoint, bearer) {
-    this.endpoint = endpoint;
-    this.bearer = bearer;
-  }
-  endpoint;
-  bearer;
-  async postMessage(roomId, body, opts = {}) {
-    const bodyForServer = opts.streaming ? body : clamp(body, MAX_BODY);
-    const url = `${this.endpoint}/api/rooms/${encodeURIComponent(roomId)}/messages`;
-    const payload = { body: bodyForServer };
-    if (opts.replyTo) payload.reply_to = opts.replyTo;
-    if (opts.threadId) payload.thread_id = opts.threadId;
-    if (opts.streaming) payload.streaming = true;
-    const result = await ofetch6(url, {
-      method: "POST",
-      headers: { Authorization: await this.bearer() },
-      body: payload
-    });
-    return result;
-  }
-  /**
-   * Fetch the most recent `limit` messages in a thread, oldest-first.
-   * Used by ThreadSession to seed `history` so the agent has the
-   * full conversation context after a bridge restart — otherwise it
-   * only sees messages that arrived via WS since the process boot.
-   */
-  async listMessages(roomId, threadId, limit = 50) {
-    const url = `${this.endpoint}/api/rooms/${encodeURIComponent(roomId)}/messages?thread_id=${encodeURIComponent(threadId)}&limit=${limit}`;
-    return await ofetch6(url, {
-      method: "GET",
-      headers: { Authorization: await this.bearer() }
-    });
-  }
-  async requestContact(peerEmail) {
-    const url = `${this.endpoint}/api/contacts`;
-    return await ofetch6(url, {
-      method: "POST",
-      headers: { Authorization: await this.bearer() },
-      body: { email: peerEmail }
-    });
-  }
-  async listContacts() {
-    const url = `${this.endpoint}/api/contacts`;
-    return await ofetch6(url, {
-      method: "GET",
-      headers: { Authorization: await this.bearer() }
-    });
-  }
-  async acceptContact(peerEmail) {
-    const url = `${this.endpoint}/api/contacts/${encodeURIComponent(peerEmail)}/accept`;
-    return await ofetch6(url, {
-      method: "POST",
-      headers: { Authorization: await this.bearer() }
-    });
-  }
-  /**
-   * Create a named thread in a room. Used by the cron-runner to drop
-   * each task's runs into its own thread so the chat sidebar shows
-   * one thread per task instead of all task DMs piling into the
-   * main thread.
-   */
-  async createThread(roomId, name) {
-    const url = `${this.endpoint}/api/rooms/${encodeURIComponent(roomId)}/threads`;
-    return await ofetch6(url, {
-      method: "POST",
-      headers: { Authorization: await this.bearer() },
-      body: { name: name.slice(0, 100) }
-    });
-  }
-  /**
-   * Update an in-flight or completed message. The server differentiates
-   * three modes via the message's current `streaming` state and the
-   * `streaming` field in this call:
-   *
-   *   - Stream tick: pass `body` only (current accumulated text).
-   *     Server keeps streaming=true and does NOT bump edited_at.
-   *   - Stream end: pass `body` + `streaming: false`. Server clears
-   *     the streaming flag and triggers the user-facing push.
-   *   - Tool-call status: pass `streamingStatus` only (no body).
-   *     Renders as "🔧 time.now" in the typing-subtitle.
-   *   - Tool-call cleared: pass `streamingStatus: null`.
-   */
-  async patchMessage(messageId, opts = {}) {
-    const url = `${this.endpoint}/api/messages/${encodeURIComponent(messageId)}`;
-    const payload = {};
-    if (opts.body !== void 0) {
-      payload.body = opts.streaming === false && opts.body.trim().length === 0 ? clamp(opts.body, MAX_BODY) : opts.body.length <= MAX_BODY ? opts.body : `${opts.body.slice(0, MAX_BODY - 1)}\u2026`;
-    }
-    if (opts.streaming !== void 0) payload.streaming = opts.streaming;
-    if (opts.streamingStatus !== void 0) payload.streaming_status = opts.streamingStatus;
-    if (Object.keys(payload).length === 0) return;
-    await ofetch6(url, {
-      method: "PATCH",
-      headers: { Authorization: await this.bearer() },
-      body: payload
-    });
-  }
-};
-function clamp(s2, max) {
-  if (s2.trim().length === 0) return "\u2026";
-  if (s2.length <= max) return s2;
-  return `${s2.slice(0, max - 1)}\u2026`;
-}
-
 // src/troop-chat-api.ts
-import { ofetch as ofetch7 } from "ofetch";
-var MAX_BODY2 = 64 * 1024;
+import { ofetch as ofetch6 } from "ofetch";
+var MAX_BODY = 64 * 1024;
 var SYNTHETIC_THREAD_ID = "main";
 function asHistory(msg, agentEmail, ownerEmail) {
   return {
@@ -1542,7 +1434,7 @@ var TroopChatApi = class {
   /** Resolve + cache the agent's chat row (lazy fetch on first use). */
   async getBootstrap() {
     if (this.bootstrap) return this.bootstrap;
-    this.bootstrap = await ofetch7(`${this.endpoint}/api/agents/me/chat`, {
+    this.bootstrap = await ofetch6(`${this.endpoint}/api/agents/me/chat`, {
       method: "GET",
       headers: { Authorization: await this.bearer() }
     });
@@ -1557,11 +1449,11 @@ var TroopChatApi = class {
     void roomId;
     void opts.threadId;
     const payload = {
-      body: body.length > MAX_BODY2 ? `${body.slice(0, MAX_BODY2 - 1)}\u2026` : body
+      body: body.length > MAX_BODY ? `${body.slice(0, MAX_BODY - 1)}\u2026` : body
     };
     if (opts.replyTo) payload.reply_to = opts.replyTo;
     if (opts.streaming) payload.streaming = true;
-    const msg = await ofetch7(`${this.endpoint}/api/agents/me/chat/messages`, {
+    const msg = await ofetch6(`${this.endpoint}/api/agents/me/chat/messages`, {
       method: "POST",
       headers: { Authorization: await this.bearer() },
       body: payload
@@ -1572,7 +1464,7 @@ var TroopChatApi = class {
     void roomId;
     void threadId;
     void limit;
-    const fresh = await ofetch7(`${this.endpoint}/api/agents/me/chat`, {
+    const fresh = await ofetch6(`${this.endpoint}/api/agents/me/chat`, {
       method: "GET",
       headers: { Authorization: await this.bearer() }
     });
@@ -1582,12 +1474,12 @@ var TroopChatApi = class {
   async patchMessage(messageId, opts = {}) {
     const payload = {};
     if (opts.body !== void 0) {
-      payload.body = opts.body.length > MAX_BODY2 ? `${opts.body.slice(0, MAX_BODY2 - 1)}\u2026` : opts.body;
+      payload.body = opts.body.length > MAX_BODY ? `${opts.body.slice(0, MAX_BODY - 1)}\u2026` : opts.body;
     }
     if (opts.streaming !== void 0) payload.streaming = opts.streaming;
     if (opts.streamingStatus !== void 0) payload.streaming_status = opts.streamingStatus;
     if (Object.keys(payload).length === 0) return;
-    await ofetch7(`${this.endpoint}/api/agents/me/chat/messages/${encodeURIComponent(messageId)}`, {
+    await ofetch6(`${this.endpoint}/api/agents/me/chat/messages/${encodeURIComponent(messageId)}`, {
       method: "PATCH",
       headers: { Authorization: await this.bearer() },
       body: payload
@@ -1649,7 +1541,62 @@ import { basename, join as join22 } from "path";
 
 // ../../packages/core/dist/index.js
 import * as jose from "jose";
+import { lookup } from "dns/promises";
+import { isIP } from "net";
 var HKDF_INFO = new TextEncoder().encode("openape-sealed-box-v1");
+function isBlockedAddress(ip) {
+  const fam = isIP(ip);
+  if (fam === 4) {
+    const o3 = ip.split(".");
+    const a2 = Number(o3[0]);
+    const b2 = Number(o3[1]);
+    if (a2 === 0) return true;
+    if (a2 === 127) return true;
+    if (a2 === 10) return true;
+    if (a2 === 172 && b2 >= 16 && b2 <= 31) return true;
+    if (a2 === 192 && b2 === 168) return true;
+    if (a2 === 169 && b2 === 254) return true;
+    if (a2 === 100 && b2 >= 64 && b2 <= 127) return true;
+    return false;
+  }
+  const low = ip.toLowerCase().replace(/^\[|\]$/g, "");
+  if (low === "::" || low === "::1") return true;
+  if (low.startsWith("fe80")) return true;
+  if (low.startsWith("fc") || low.startsWith("fd")) return true;
+  const mapped = low.match(/^::ffff:(\d{1,3}(?:\.\d{1,3}){3})$/);
+  if (mapped) return isBlockedAddress(mapped[1]);
+  return false;
+}
+async function assertPublicUrl(rawUrl, opts = {}) {
+  let url;
+  try {
+    url = new URL(rawUrl);
+  } catch {
+    throw new Error(`Invalid URL: ${rawUrl}`);
+  }
+  const allowedSchemes = opts.allowHttp === true ? /* @__PURE__ */ new Set(["https:", "http:"]) : /* @__PURE__ */ new Set(["https:"]);
+  if (!allowedSchemes.has(url.protocol)) {
+    const expected = opts.allowHttp === true ? "http(s)" : "https";
+    throw new Error(`URL must use ${expected}:// (got ${url.protocol}//) \u2014 ${rawUrl}`);
+  }
+  const host = url.hostname.replace(/^\[|\]$/g, "");
+  const addresses = [];
+  if (isIP(host)) {
+    addresses.push(host);
+  } else {
+    const results = await lookup(host, { all: true });
+    for (const r3 of results) addresses.push(r3.address);
+  }
+  if (addresses.length === 0) {
+    throw new Error(`Host did not resolve: ${host}`);
+  }
+  for (const addr of addresses) {
+    if (isBlockedAddress(addr)) {
+      throw new Error(`Refusing to fetch a private/loopback address (${addr}) for ${rawUrl}`);
+    }
+  }
+  return url;
+}
 
 // ../../packages/grants/dist/index.js
 function normalizeSelector(selector) {
@@ -3198,8 +3145,6 @@ import { dirname, normalize, resolve } from "path";
 import { homedir as homedir23 } from "os";
 import { resolve as resolve2 } from "path";
 import process2 from "process";
-import { lookup } from "dns/promises";
-import { isIP } from "net";
 import { execFileSync } from "child_process";
 import { execFileSync as execFileSync2 } from "child_process";
 var DEFAULT_TIMEOUT_MS = 5 * 60 * 1e3;
@@ -3692,59 +3637,10 @@ var gitWorktreeTools = [
     }
   }
 ];
-function isBlockedAddress(ip) {
-  const fam = isIP(ip);
-  if (fam === 4) {
-    const o3 = ip.split(".");
-    const a2 = Number(o3[0]);
-    const b2 = Number(o3[1]);
-    if (a2 === 0) return true;
-    if (a2 === 127) return true;
-    if (a2 === 10) return true;
-    if (a2 === 172 && b2 >= 16 && b2 <= 31) return true;
-    if (a2 === 192 && b2 === 168) return true;
-    if (a2 === 169 && b2 === 254) return true;
-    if (a2 === 100 && b2 >= 64 && b2 <= 127) return true;
-    return false;
-  }
-  const low = ip.toLowerCase().replace(/^\[|\]$/g, "");
-  if (low === "::" || low === "::1") return true;
-  if (low.startsWith("fe80")) return true;
-  if (low.startsWith("fc") || low.startsWith("fd")) return true;
-  const mapped = low.match(/^::ffff:(\d{1,3}(?:\.\d{1,3}){3})$/);
-  if (mapped) return isBlockedAddress(mapped[1]);
-  return false;
-}
-async function assertPublicUrl(rawUrl) {
-  let url;
-  try {
-    url = new URL(rawUrl);
-  } catch {
-    throw new Error(`Invalid URL: ${rawUrl}`);
-  }
-  if (url.protocol !== "https:" && url.protocol !== "http:") {
-    throw new Error(`url must be http(s) (got ${url.protocol})`);
-  }
-  const host = url.hostname.replace(/^\[|\]$/g, "");
-  const addresses = [];
-  if (isIP(host)) {
-    addresses.push(host);
-  } else {
-    const results = await lookup(host, { all: true });
-    for (const r3 of results) addresses.push(r3.address);
-  }
-  if (addresses.length === 0) throw new Error(`Host did not resolve: ${host}`);
-  for (const addr of addresses) {
-    if (isBlockedAddress(addr)) {
-      throw new Error(`Refusing to fetch a private/loopback address (${addr}) for ${rawUrl}`);
-    }
-  }
-  return url;
-}
 async function safeFetch(rawUrl, init2 = {}, maxRedirects = 5) {
   let current = rawUrl;
   for (let hop = 0; hop <= maxRedirects; hop += 1) {
-    await assertPublicUrl(current);
+    await assertPublicUrl(current, { allowHttp: true });
     const res = await fetch(current, { ...init2, redirect: "manual" });
     if (res.status >= 300 && res.status < 400) {
       const location = res.headers.get("location");
@@ -5014,7 +4910,7 @@ function resolveTools(envFallback) {
   }
   return envFallback;
 }
-var DEFAULT_ENDPOINT = "https://chat.openape.ai";
+var DEFAULT_ENDPOINT = "https://troop.openape.ai";
 var DEFAULT_APES_BIN = "apes";
 var DEFAULT_MAX_STEPS = 10;
 var DEFAULT_SYSTEM_PROMPT = `You are a helpful assistant in a 1:1 chat. Be concise and friendly. When asked for facts, say "I don't know" rather than guess.`;
@@ -5022,28 +4918,7 @@ var PING_INTERVAL_MS = 3e4;
 var RECONNECT_BASE_MS = 1e3;
 var RECONNECT_MAX_MS = 3e4;
 var ALLOWLIST_POLL_INTERVAL_MS = 3e4;
-function loadBridgeEnvFile() {
-  const path = join8(homedir9(), "Library", "Application Support", "openape", "bridge", ".env");
-  if (!existsSync6(path)) return;
-  try {
-    const raw = readFileSync8(path, "utf8");
-    for (const line of raw.split(/\r?\n/)) {
-      const trimmed = line.trim();
-      if (!trimmed || trimmed.startsWith("#")) continue;
-      const eq = trimmed.indexOf("=");
-      if (eq < 0) continue;
-      const key = trimmed.slice(0, eq).trim();
-      const value = trimmed.slice(eq + 1).trim().replace(/^["']|["']$/g, "");
-      if (!key) continue;
-      if (process3.env[key] === void 0) {
-        process3.env[key] = value;
-      }
-    }
-  } catch {
-  }
-}
 function readConfig() {
-  loadBridgeEnvFile();
   const toolsRaw = process3.env.APE_CHAT_BRIDGE_TOOLS ?? "";
   const tools = toolsRaw.split(",").map((s2) => s2.trim()).filter(Boolean);
   const maxStepsRaw = process3.env.APE_CHAT_BRIDGE_MAX_STEPS;
@@ -5051,20 +4926,17 @@ function readConfig() {
   const model = process3.env.APE_CHAT_BRIDGE_MODEL;
   if (!model) {
     throw new Error(
-      "APE_CHAT_BRIDGE_MODEL is not set. Set it in the bridge .env (usually `~/Library/Application Support/openape/bridge/.env` on macOS) or globally in `~/litellm/.env` so resolveBridgeConfig picks it up at spawn time. Common values: `gpt-5.4` (ChatGPT-only LiteLLM proxy), `claude-haiku-4-5` (Anthropic-only)."
+      "APE_CHAT_BRIDGE_MODEL is not set. Set it in the container env (compose environment: block) or globally in `~/litellm/.env`. Common values: `gpt-5.4` (ChatGPT-only LiteLLM proxy), `claude-haiku-4-5` (Anthropic-only)."
     );
   }
-  const targetRaw = (process3.env.OPENAPE_BRIDGE_TARGET ?? "chat").toLowerCase();
-  const target = targetRaw === "troop" ? "troop" : "chat";
   return {
-    endpoint: (process3.env.APE_CHAT_ENDPOINT ?? DEFAULT_ENDPOINT).replace(/\/$/, ""),
+    endpoint: (process3.env.OPENAPE_TROOP_URL ?? DEFAULT_ENDPOINT).replace(/\/$/, ""),
     apesBin: process3.env.APE_CHAT_BRIDGE_APES_BIN ?? DEFAULT_APES_BIN,
     model,
     systemPrompt: process3.env.APE_CHAT_BRIDGE_SYSTEM_PROMPT ?? DEFAULT_SYSTEM_PROMPT,
     tools,
     maxSteps: Number.isFinite(maxSteps) && maxSteps > 0 ? maxSteps : DEFAULT_MAX_STEPS,
-    roomFilter: process3.env.APE_CHAT_BRIDGE_ROOM,
-    target
+    roomFilter: process3.env.APE_CHAT_BRIDGE_ROOM
   };
 }
 async function getIdentity() {
@@ -5100,13 +4972,13 @@ var Bridge = class {
       const idp = await ensureFreshIdpAuth();
       return `Bearer ${idp.access_token}`;
     };
-    this.chat = this.cfg.target === "troop" ? new TroopChatApi(this.cfg.endpoint, this.bearer) : new ChatApi(this.cfg.endpoint, this.bearer);
+    this.chat = new TroopChatApi(this.cfg.endpoint, this.bearer);
     this.cron = new CronRunner({
       runtimeConfig: this.runtimeConfig(),
       chat: this.chat,
       ownerEmail: this.ownerEmail,
       log,
-      troopUrl: (process3.env.OPENAPE_TROOP_URL ?? "https://troop.openape.ai").replace(/\/$/, ""),
+      troopUrl: this.cfg.endpoint,
       bearer: this.bearer
     });
     this.cron.start();
@@ -5118,11 +4990,6 @@ var Bridge = class {
   // its own message history and calls @openape/apes' runLoop directly
   // (no stdio JSON-RPC subprocess — see thread-session.ts).
   threads = /* @__PURE__ */ new Map();
-  // ChatApi and TroopChatApi expose the same surface (postMessage /
-  // listMessages / patchMessage / listContacts / requestContact /
-  // acceptContact / createThread) so the rest of the bridge calls
-  // through a structurally-typed reference without caring which
-  // backend is in play. Picked at construction time from cfg.target.
   chat;
   bearer;
   cron;
@@ -5268,8 +5135,7 @@ var Bridge = class {
   }
   async pumpOnce() {
     const bearer = await this.bearer();
-    const wsPath = this.cfg.target === "troop" ? "/_ws/chat" : "/api/ws";
-    const wsUrl = `${this.cfg.endpoint.replace(/^http/, "ws")}${wsPath}?token=${encodeURIComponent(bearer.replace(/^Bearer\s+/i, ""))}`;
+    const wsUrl = `${this.cfg.endpoint.replace(/^http/, "ws")}/_ws/chat?token=${encodeURIComponent(bearer.replace(/^Bearer\s+/i, ""))}`;
     const ws = new WebSocket(wsUrl);
     return new Promise((resolve4, reject) => {
       let pingTimer;
@@ -5299,7 +5165,7 @@ var Bridge = class {
           return;
         }
         if (frame.type !== "message" || !frame.payload) return;
-        const msg = this.cfg.target === "troop" ? this.translateTroopPayload(frame.chat_id ?? "", frame.payload) : frame.payload;
+        const msg = this.translateTroopPayload(frame.chat_id ?? "", frame.payload);
         void this.handleInbound(msg);
       });
       ws.on("close", () => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openape/ape-agent",
-  "version": "2.8.15",
+  "version": "2.9.1",
   "description": "OpenApe agent runtime: per-agent process that connects to chat.openape.ai, runs the LLM loop with tools + cron tasks, and streams replies back to owners.",
   "type": "module",
   "license": "MIT",
@@ -23,9 +23,9 @@
     "ofetch": "^1.4.1",
     "ws": "^8.18.0",
     "yaml": "^2.8.0",
-    "@openape/apes": "1.29.0",
-    "@openape/prompt-injection-detector": "0.1.0",
-    "@openape/cli-auth": "0.5.0"
+    "@openape/apes": "1.29.1",
+    "@openape/cli-auth": "0.5.0",
+    "@openape/prompt-injection-detector": "0.1.0"
   },
   "devDependencies": {
     "@antfu/eslint-config": "^7.6.1",