@opencoven/coven-code 0.0.1 → 0.0.2

package/src/commands/permissions-eval.mjs

@@ -0,0 +1,122 @@
+import { spawnSync } from 'node:child_process';
+import { readEffectiveSettings } from '../settings/load.mjs';
+import { globMatch } from '../util/glob.mjs';
+import {
+  COMMAND_ALLOWLIST_SETTING,
+  DANGEROUSLY_ALLOW_ALL_SETTING,
+  GUARDED_FILES_ALLOWLIST_SETTING,
+  PERMISSIONS_SETTING,
+  builtinPermissionRules,
+  commandAllowlistPermissionRules,
+  isUndefinedMatchValue,
+  loadUserPermissionRules,
+} from './permissions-rules.mjs';
+
+export function evaluatePermission(tool, toolArgs, parsed = {}, options = {}) {
+  const ruleGroups = [
+    { source: 'user', rules: loadUserPermissionRules(parsed) },
+    { source: 'command-allowlist', rules: commandAllowlistPermissionRules(parsed) },
+    {
+      source: 'built-in',
+      rules: builtinPermissionRules(),
+    },
+  ];
+
+  for (const group of ruleGroups) {
+    for (const [index, rule] of group.rules.entries()) {
+      if (!globMatch(rule.tool, tool)) continue;
+      if (!matchesContext(rule.context, options.context ?? 'thread')) continue;
+      if (!matchesArguments(rule.matches, toolArgs)) continue;
+      return {
+        action: rule.action,
+        to: rule.to,
+        message: rule.message,
+        matchedRule: index,
+        source: group.source,
+      };
+    }
+  }
+
+  return { action: 'reject', source: 'default' };
+}
+
+export function resolvePermissionDecision(tool, toolArgs, parsed = {}, options = {}) {
+  const settings = readEffectiveSettings(parsed);
+  if (isDangerouslyAllowAll(parsed, settings)) return { action: 'allow', source: 'dangerously-allow-all' };
+  if (!legacyPermissionsConfigured(settings)) return { action: 'allow', source: 'default-no-approval' };
+  const decision = evaluatePermission(tool, toolArgs, parsed, options);
+  if (decision.action !== 'delegate') return decision;
+  if (!decision.to) {
+    return { ...decision, action: 'reject', message: 'Delegate permission rule is missing a target program' };
+  }
+
+  const result = spawnSync(decision.to, {
+    input: `${JSON.stringify(toolArgs)}\n`,
+    env: {
+      ...process.env,
+      AGENT: 'coven-code',
+      AGENT_TOOL_NAME: tool,
+      COVEN_CODE_THREAD_ID: options.threadId ?? '',
+      AGENT_THREAD_ID: options.threadId ?? '',
+    },
+    encoding: 'utf8',
+    shell: false,
+  });
+
+  if (result.status === 0) return { ...decision, action: 'allow', delegatedAction: 'allow' };
+  if (result.status === 1) return { ...decision, action: 'ask', delegatedAction: 'ask' };
+  return {
+    ...decision,
+    action: 'reject',
+    delegatedAction: 'reject',
+    message: result.stderr.trim() || result.error?.message || `Permission delegate ${decision.to} rejected the tool call`,
+  };
+}
+
+function isDangerouslyAllowAll(parsed = {}, settings = readEffectiveSettings(parsed)) {
+  if (parsed.dangerouslyAllowAll) return true;
+  return settings[DANGEROUSLY_ALLOW_ALL_SETTING] === true;
+}
+
+function legacyPermissionsConfigured(settings = {}) {
+  return Object.hasOwn(settings, PERMISSIONS_SETTING)
+    || Object.hasOwn(settings, GUARDED_FILES_ALLOWLIST_SETTING)
+    || Object.hasOwn(settings, COMMAND_ALLOWLIST_SETTING)
+    || settings[DANGEROUSLY_ALLOW_ALL_SETTING] === false;
+}
+
+function matchesContext(ruleContext, actualContext) {
+  return !ruleContext || ruleContext === actualContext;
+}
+
+function matchesArguments(matches, toolArgs) {
+  if (!matches || Object.keys(matches).length === 0) return true;
+  for (const [key, pattern] of Object.entries(matches)) {
+    const actual = valueAtPath(toolArgs, key);
+    if (!matchesPattern(pattern, actual)) return false;
+  }
+  return true;
+}
+
+function matchesPattern(pattern, actual) {
+  if (isUndefinedMatchValue(pattern)) return actual === undefined;
+  if (Array.isArray(pattern)) return pattern.some((entry) => matchesPattern(entry, actual));
+  if (pattern && typeof pattern === 'object') {
+    if (!actual || typeof actual !== 'object') return false;
+    return Object.entries(pattern).every(([key, value]) => matchesPattern(value, valueAtPath(actual, key)));
+  }
+  if (typeof pattern === 'string') {
+    if (typeof actual !== 'string') return false;
+    if (isRegexPattern(pattern)) return new RegExp(pattern.slice(1, -1)).test(actual);
+    return globMatch(pattern, actual);
+  }
+  return Object.is(pattern, actual);
+}
+
+function isRegexPattern(value) {
+  return value.length >= 2 && value.startsWith('/') && value.endsWith('/');
+}
+
+function valueAtPath(value, key) {
+  return key.split('.').reduce((current, part) => current?.[part], value);
+}

package/src/commands/permissions-rules.mjs

@@ -0,0 +1,53 @@
+import { BUILTIN_PERMISSIONS } from '../constants.mjs';
+import { readEffectiveSettings } from '../settings/load.mjs';
+
+export const PERMISSIONS_SETTING = 'covenCode.permissions';
+export const COMMAND_ALLOWLIST_SETTING = 'covenCode.commands.allowlist';
+export const DANGEROUSLY_ALLOW_ALL_SETTING = 'covenCode.dangerouslyAllowAll';
+export const GUARDED_FILES_ALLOWLIST_SETTING = 'covenCode.guardedFiles.allowlist';
+
+export const UNDEFINED_MATCH_VALUE = Object.freeze({ __covenCodeLiteral: 'undefined' });
+
+export function isUndefinedMatchValue(value) {
+  return Boolean(
+    value
+      && typeof value === 'object'
+      && !Array.isArray(value)
+      && value.__covenCodeLiteral === 'undefined'
+      && Object.keys(value).length === 1,
+  );
+}
+
+export function loadUserPermissionRules(parsed = {}) {
+  const settings = readEffectiveSettings(parsed);
+  return Array.isArray(settings[PERMISSIONS_SETTING]) ? settings[PERMISSIONS_SETTING] : [];
+}
+
+export function builtinPermissionRules() {
+  return BUILTIN_PERMISSIONS.map(([action, builtinTool, cmd]) => ({
+    action,
+    tool: builtinTool,
+    matches: builtinTool === 'Bash' ? { cmd: `${cmd}*` } : undefined,
+  }));
+}
+
+export function commandAllowlistPermissionRules(parsed = {}) {
+  const allowlist = readEffectiveSettings(parsed)[COMMAND_ALLOWLIST_SETTING];
+  if (!Array.isArray(allowlist)) return [];
+  return allowlist
+    .map((command) => String(command).trim())
+    .filter(Boolean)
+    .map((command) => ({
+      action: 'allow',
+      tool: 'Bash',
+      matches: { cmd: commandAllowlistPattern(command) },
+    }));
+}
+
+function commandAllowlistPattern(command) {
+  return `/^${escapeRegex(command)}(?:\\s|$).*/`;
+}
+
+function escapeRegex(value) {
+  return String(value).replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}

package/src/commands/permissions-text.mjs

@@ -0,0 +1,112 @@
+import { UsageError } from '../cli/parse.mjs';
+import { shellQuote, splitShellWords } from '../util/shell.mjs';
+import { UNDEFINED_MATCH_VALUE, isUndefinedMatchValue } from './permissions-rules.mjs';
+
+export function formatPermissionRule(rule) {
+  const parts = [rule.action];
+  for (const key of ['context', 'to', 'message']) {
+    if (rule[key] !== undefined) parts.push(`--${key}`, formatPermissionToken(rule[key]));
+  }
+  parts.push(formatPermissionToken(rule.tool));
+  for (const [key, value] of flattenMatches(rule.matches)) {
+    parts.push(`--${key}`, formatPermissionToken(value));
+  }
+  return parts.join(' ');
+}
+
+function flattenMatches(matches, prefix = '') {
+  if (!matches) return [];
+  const entries = [];
+  for (const [key, value] of Object.entries(matches)) {
+    const fullKey = prefix ? `${prefix}.${key}` : key;
+    if (Array.isArray(value)) {
+      for (const entry of value) entries.push(...flattenMatchValue(fullKey, entry));
+    } else {
+      entries.push(...flattenMatchValue(fullKey, value));
+    }
+  }
+  return entries;
+}
+
+function flattenMatchValue(key, value) {
+  if (isUndefinedMatchValue(value)) return [[key, value]];
+  if (value && typeof value === 'object' && !Array.isArray(value)) return flattenMatches(value, key);
+  return [[key, value]];
+}
+
+function formatPermissionToken(value) {
+  if (isUndefinedMatchValue(value)) return 'undefined';
+  if (value === null) return 'null';
+  if (value === undefined) return 'undefined';
+  if (typeof value === 'boolean' || typeof value === 'number') return String(value);
+  const text = String(value);
+  return /^[A-Za-z0-9_./:@=-]+$/.test(text) ? text : shellQuote(text);
+}
+
+export function parsePermissionText(input) {
+  return input
+    .split(/\r?\n/)
+    .map((line) => line.trim())
+    .filter((line) => line && !line.startsWith('#'))
+    .map((line) => parsePermissionRule(splitShellWords(line)));
+}
+
+export function parsePermissionRule(tokens) {
+  const [action] = tokens;
+  const { flags: actionArgs, index: toolIndex } = parseActionArgs(tokens, 1);
+  const tool = tokens[toolIndex];
+  const rest = tokens.slice(toolIndex + 1);
+  if (!action || !tool) throw new UsageError('permission rules require: <action> <tool>');
+  const rule = { action, tool, ...actionArgs };
+  const matches = parseFlagMatches(rest, { undefinedPattern: true });
+  if (Object.keys(matches).length > 0) rule.matches = matches;
+  if (matches.to) {
+    rule.to = matches.to;
+    delete rule.matches.to;
+    if (Object.keys(rule.matches).length === 0) delete rule.matches;
+  }
+  return rule;
+}
+
+function parseActionArgs(tokens, startIndex) {
+  const flags = {};
+  let index = startIndex;
+  while (tokens[index]?.startsWith('--')) {
+    const key = tokens[index].slice(2);
+    flags[key] = parsePermissionValue(tokens[index + 1] ?? '');
+    index += 2;
+  }
+  return { flags, index };
+}
+
+export function parseFlagMatches(tokens, options = {}) {
+  const matches = {};
+  for (let index = 0; index < tokens.length; index += 1) {
+    const token = tokens[index];
+    if (!token.startsWith('--')) continue;
+    const key = token.slice(2);
+    const value = parsePermissionValue(tokens[index + 1] ?? '', options);
+    index += 1;
+    setMatchValue(matches, key, value);
+  }
+  return matches;
+}
+
+function parsePermissionValue(value, options = {}) {
+  if (value === 'undefined') return options.undefinedPattern ? { ...UNDEFINED_MATCH_VALUE } : undefined;
+  if (/^(?:true|false|null|-?\d+(?:\.\d+)?)$/.test(value)) return JSON.parse(value);
+  return value;
+}
+
+function setMatchValue(target, key, value) {
+  const parts = key.split('.').filter(Boolean);
+  let current = target;
+  for (const part of parts.slice(0, -1)) {
+    if (!current[part] || typeof current[part] !== 'object' || Array.isArray(current[part])) current[part] = {};
+    current = current[part];
+  }
+  const finalKey = parts.at(-1) ?? key;
+  if (!Object.hasOwn(current, finalKey)) current[finalKey] = value;
+  else if (Array.isArray(current[finalKey])) current[finalKey].push(value);
+  else current[finalKey] = [current[finalKey], value];
+}

package/src/commands/permissions.mjs

@@ -1,15 +1,19 @@
-import { spawnSync } from 'node:child_process';
-import { BUILTIN_PERMISSIONS } from '../constants.mjs';
-import { readSettings, readEffectiveSettings, writeSettings } from '../settings/load.mjs';
-import { globMatch } from '../util/glob.mjs';
-import { shellQuote, splitShellWords } from '../util/shell.mjs';
 import { UsageError } from '../cli/parse.mjs';
-
-const PERMISSIONS_SETTING = 'covenCode.permissions';
-const COMMAND_ALLOWLIST_SETTING = 'covenCode.commands.allowlist';
-const DANGEROUSLY_ALLOW_ALL_SETTING = 'covenCode.dangerouslyAllowAll';
-const GUARDED_FILES_ALLOWLIST_SETTING = 'covenCode.guardedFiles.allowlist';
-const UNDEFINED_MATCH_VALUE = Object.freeze({ __covenCodeLiteral: 'undefined' });
+import { readSettings, writeSettings } from '../settings/load.mjs';
+import { evaluatePermission, resolvePermissionDecision } from './permissions-eval.mjs';
+import {
+  PERMISSIONS_SETTING,
+  builtinPermissionRules,
+  loadUserPermissionRules,
+} from './permissions-rules.mjs';
+import {
+  formatPermissionRule,
+  parseFlagMatches,
+  parsePermissionRule,
+  parsePermissionText,
+} from './permissions-text.mjs';
+
+export { resolvePermissionDecision };
 
 export async function runPermissions(args, stdin = '', parsed = {}) {
   const subcommand = args[0] ?? 'list';
@@ -56,273 +60,3 @@ export async function runPermissions(args, stdin = '', parsed = {}) {
 
   throw new UsageError(`Unknown permissions command: ${subcommand}`);
 }
-
-export function loadUserPermissionRules(parsed = {}) {
-  const settings = readEffectiveSettings(parsed);
-  return Array.isArray(settings[PERMISSIONS_SETTING]) ? settings[PERMISSIONS_SETTING] : [];
-}
-
-function formatPermissionRule(rule) {
-  const parts = [rule.action];
-  for (const key of ['context', 'to', 'message']) {
-    if (rule[key] !== undefined) parts.push(`--${key}`, formatPermissionToken(rule[key]));
-  }
-  parts.push(formatPermissionToken(rule.tool));
-  for (const [key, value] of flattenMatches(rule.matches)) {
-    parts.push(`--${key}`, formatPermissionToken(value));
-  }
-  return parts.join(' ');
-}
-
-function flattenMatches(matches, prefix = '') {
-  if (!matches) return [];
-  const entries = [];
-  for (const [key, value] of Object.entries(matches)) {
-    const fullKey = prefix ? `${prefix}.${key}` : key;
-    if (Array.isArray(value)) {
-      for (const entry of value) entries.push(...flattenMatchValue(fullKey, entry));
-    } else {
-      entries.push(...flattenMatchValue(fullKey, value));
-    }
-  }
-  return entries;
-}
-
-function flattenMatchValue(key, value) {
-  if (isUndefinedMatchValue(value)) return [[key, value]];
-  if (value && typeof value === 'object' && !Array.isArray(value)) return flattenMatches(value, key);
-  return [[key, value]];
-}
-
-function formatPermissionToken(value) {
-  if (isUndefinedMatchValue(value)) return 'undefined';
-  if (value === null) return 'null';
-  if (value === undefined) return 'undefined';
-  if (typeof value === 'boolean' || typeof value === 'number') return String(value);
-  const text = String(value);
-  return /^[A-Za-z0-9_./:@=-]+$/.test(text) ? text : shellQuote(text);
-}
-
-function parsePermissionText(input) {
-  return input
-    .split(/\r?\n/)
-    .map((line) => line.trim())
-    .filter((line) => line && !line.startsWith('#'))
-    .map((line) => parsePermissionRule(splitShellWords(line)));
-}
-
-function parsePermissionRule(tokens) {
-  const [action] = tokens;
-  const { flags: actionArgs, index: toolIndex } = parseActionArgs(tokens, 1);
-  const tool = tokens[toolIndex];
-  const rest = tokens.slice(toolIndex + 1);
-  if (!action || !tool) throw new UsageError('permission rules require: <action> <tool>');
-  const rule = { action, tool, ...actionArgs };
-  const matches = parseFlagMatches(rest, { undefinedPattern: true });
-  if (Object.keys(matches).length > 0) rule.matches = matches;
-  if (matches.to) {
-    rule.to = matches.to;
-    delete rule.matches.to;
-    if (Object.keys(rule.matches).length === 0) delete rule.matches;
-  }
-  return rule;
-}
-
-function parseActionArgs(tokens, startIndex) {
-  const flags = {};
-  let index = startIndex;
-  while (tokens[index]?.startsWith('--')) {
-    const key = tokens[index].slice(2);
-    flags[key] = parsePermissionValue(tokens[index + 1] ?? '');
-    index += 2;
-  }
-  return { flags, index };
-}
-
-export function parseFlagMatches(tokens, options = {}) {
-  return parseFlagMatchesWithOptions(tokens, options);
-}
-
-function parseFlagMatchesWithOptions(tokens, options = {}) {
-  const matches = {};
-  for (let index = 0; index < tokens.length; index += 1) {
-    const token = tokens[index];
-    if (!token.startsWith('--')) continue;
-    const key = token.slice(2);
-    const value = parsePermissionValue(tokens[index + 1] ?? '', options);
-    index += 1;
-    setMatchValue(matches, key, value);
-  }
-  return matches;
-}
-
-function parsePermissionValue(value, options = {}) {
-  if (value === 'undefined') return options.undefinedPattern ? { ...UNDEFINED_MATCH_VALUE } : undefined;
-  if (/^(?:true|false|null|-?\d+(?:\.\d+)?)$/.test(value)) return JSON.parse(value);
-  return value;
-}
-
-function setMatchValue(target, key, value) {
-  const parts = key.split('.').filter(Boolean);
-  let current = target;
-  for (const part of parts.slice(0, -1)) {
-    if (!current[part] || typeof current[part] !== 'object' || Array.isArray(current[part])) current[part] = {};
-    current = current[part];
-  }
-  const finalKey = parts.at(-1) ?? key;
-  if (!hasOwn(current, finalKey)) current[finalKey] = value;
-  else if (Array.isArray(current[finalKey])) current[finalKey].push(value);
-  else current[finalKey] = [current[finalKey], value];
-}
-
-export function evaluatePermission(tool, toolArgs, parsed = {}, options = {}) {
-  const ruleGroups = [
-    { source: 'user', rules: loadUserPermissionRules(parsed) },
-    { source: 'command-allowlist', rules: commandAllowlistPermissionRules(parsed) },
-    {
-      source: 'built-in',
-      rules: builtinPermissionRules(),
-    },
-  ];
-
-  for (const group of ruleGroups) {
-    for (const [index, rule] of group.rules.entries()) {
-      if (!globMatch(rule.tool, tool)) continue;
-      if (!matchesContext(rule.context, options.context ?? 'thread')) continue;
-      if (!matchesArguments(rule.matches, toolArgs)) continue;
-      return {
-        action: rule.action,
-        to: rule.to,
-        message: rule.message,
-        matchedRule: index,
-        source: group.source,
-      };
-    }
-  }
-
-  return { action: 'reject', source: 'default' };
-}
-
-function builtinPermissionRules() {
-  return BUILTIN_PERMISSIONS.map(([action, builtinTool, cmd]) => ({
-    action,
-    tool: builtinTool,
-    matches: builtinTool === 'Bash' ? { cmd: `${cmd}*` } : undefined,
-  }));
-}
-
-function commandAllowlistPermissionRules(parsed = {}) {
-  const allowlist = readEffectiveSettings(parsed)[COMMAND_ALLOWLIST_SETTING];
-  if (!Array.isArray(allowlist)) return [];
-  return allowlist
-    .map((command) => String(command).trim())
-    .filter(Boolean)
-    .map((command) => ({
-      action: 'allow',
-      tool: 'Bash',
-      matches: { cmd: commandAllowlistPattern(command) },
-    }));
-}
-
-function commandAllowlistPattern(command) {
-  return `/^${escapeRegex(command)}(?:\\s|$).*/`;
-}
-
-function escapeRegex(value) {
-  return String(value).replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-}
-
-export function resolvePermissionDecision(tool, toolArgs, parsed = {}, options = {}) {
-  const settings = readEffectiveSettings(parsed);
-  if (isDangerouslyAllowAll(parsed, settings)) return { action: 'allow', source: 'dangerously-allow-all' };
-  if (!legacyPermissionsConfigured(settings)) return { action: 'allow', source: 'default-no-approval' };
-  const decision = evaluatePermission(tool, toolArgs, parsed, options);
-  if (decision.action !== 'delegate') return decision;
-  if (!decision.to) {
-    return { ...decision, action: 'reject', message: 'Delegate permission rule is missing a target program' };
-  }
-
-  const result = spawnSync(decision.to, {
-    input: `${JSON.stringify(toolArgs)}\n`,
-    env: {
-      ...process.env,
-      AGENT: 'coven-code',
-      AGENT_TOOL_NAME: tool,
-      COVEN_CODE_THREAD_ID: options.threadId ?? '',
-      AGENT_THREAD_ID: options.threadId ?? '',
-    },
-    encoding: 'utf8',
-    shell: false,
-  });
-
-  if (result.status === 0) return { ...decision, action: 'allow', delegatedAction: 'allow' };
-  if (result.status === 1) return { ...decision, action: 'ask', delegatedAction: 'ask' };
-  return {
-    ...decision,
-    action: 'reject',
-    delegatedAction: 'reject',
-    message: result.stderr.trim() || result.error?.message || `Permission delegate ${decision.to} rejected the tool call`,
-  };
-}
-
-function isDangerouslyAllowAll(parsed = {}, settings = readEffectiveSettings(parsed)) {
-  if (parsed.dangerouslyAllowAll) return true;
-  return settings[DANGEROUSLY_ALLOW_ALL_SETTING] === true;
-}
-
-function legacyPermissionsConfigured(settings = {}) {
-  return hasOwn(settings, PERMISSIONS_SETTING)
-    || hasOwn(settings, GUARDED_FILES_ALLOWLIST_SETTING)
-    || hasOwn(settings, COMMAND_ALLOWLIST_SETTING)
-    || settings[DANGEROUSLY_ALLOW_ALL_SETTING] === false;
-}
-
-function hasOwn(value, key) {
-  return Object.prototype.hasOwnProperty.call(value, key);
-}
-
-function matchesContext(ruleContext, actualContext) {
-  return !ruleContext || ruleContext === actualContext;
-}
-
-function matchesArguments(matches, toolArgs) {
-  if (!matches || Object.keys(matches).length === 0) return true;
-  for (const [key, pattern] of Object.entries(matches)) {
-    const actual = valueAtPath(toolArgs, key);
-    if (!matchesPattern(pattern, actual)) return false;
-  }
-  return true;
-}
-
-function matchesPattern(pattern, actual) {
-  if (isUndefinedMatchValue(pattern)) return actual === undefined;
-  if (Array.isArray(pattern)) return pattern.some((entry) => matchesPattern(entry, actual));
-  if (pattern && typeof pattern === 'object') {
-    if (!actual || typeof actual !== 'object') return false;
-    return Object.entries(pattern).every(([key, value]) => matchesPattern(value, valueAtPath(actual, key)));
-  }
-  if (typeof pattern === 'string') {
-    if (typeof actual !== 'string') return false;
-    if (isRegexPattern(pattern)) return new RegExp(pattern.slice(1, -1)).test(actual);
-    return globMatch(pattern, actual);
-  }
-  return Object.is(pattern, actual);
-}
-
-function isRegexPattern(value) {
-  return value.length >= 2 && value.startsWith('/') && value.endsWith('/');
-}
-
-function valueAtPath(value, key) {
-  return key.split('.').reduce((current, part) => current?.[part], value);
-}
-
-function isUndefinedMatchValue(value) {
-  return Boolean(
-    value
-      && typeof value === 'object'
-      && !Array.isArray(value)
-      && value.__covenCodeLiteral === 'undefined'
-      && Object.keys(value).length === 1,
-  );
-}

package/src/commands/usage.mjs

@@ -1,5 +1,5 @@
 import { listThreads } from '../threads/store.mjs';
-import { estimateTokenCount } from '../agent/local.mjs';
+import { estimateTokenCount } from '../agent/fixture.mjs';
 import { readEffectiveSettings } from '../settings/load.mjs';
 
 export function runUsage(parsed = {}) {

package/src/constants.mjs

@@ -1,4 +1,10 @@
-export const VERSION = '0.0.0-recreate';
+import { readFileSync } from 'node:fs';
+
+const packageJson = JSON.parse(
+  readFileSync(new URL('../package.json', import.meta.url), 'utf8'),
+);
+
+export const VERSION = packageJson.version;
 export const PRODUCT_NAME = 'Coven Code';
 export const CLI_NAME = 'coven-code';
 export const PACKAGE_NAME = '@opencoven/coven-code';

package/src/mcp/local.mjs

@@ -0,0 +1,55 @@
+import { spawnSync } from 'node:child_process';
+import { parseMcpCallOutput, parseMcpResourceOutput, parseMcpToolsOutput } from './parsers.mjs';
+
+export function queryLocalMcpTools(config = {}) {
+  return parseMcpToolsOutput(queryLocalMcpToolsResult(config).stdout ?? '');
+}
+
+export function queryLocalMcpToolsResult(config = {}) {
+  if (!config.command) return [];
+  return spawnSync(config.command, config.args ?? [], {
+    input: localMcpRequestInput('tools/list', {}),
+    env: { ...process.env, ...(config.env ?? {}) },
+    encoding: 'utf8',
+    timeout: 1500,
+  });
+}
+
+export function callLocalMcpTool(config = {}, name, args = {}) {
+  if (!config.command) return '';
+  const result = spawnSync(config.command, config.args ?? [], {
+    input: localMcpRequestInput('tools/call', { name, arguments: args }),
+    env: { ...process.env, ...(config.env ?? {}) },
+    encoding: 'utf8',
+    timeout: 1500,
+  });
+  return parseMcpCallOutput(result.stdout);
+}
+
+export function readLocalMcpResource(config = {}, uri) {
+  if (!config.command) return '';
+  const result = spawnSync(config.command, config.args ?? [], {
+    input: localMcpRequestInput('resources/read', { uri }),
+    env: { ...process.env, ...(config.env ?? {}) },
+    encoding: 'utf8',
+    timeout: 1500,
+  });
+  return parseMcpResourceOutput(result.stdout);
+}
+
+function localMcpRequestInput(method, params = {}) {
+  return [
+    {
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'initialize',
+      params: {
+        protocolVersion: '2025-06-18',
+        capabilities: {},
+        clientInfo: { name: 'coven-code', version: '0.0.0' },
+      },
+    },
+    { jsonrpc: '2.0', method: 'notifications/initialized' },
+    { jsonrpc: '2.0', id: 2, method, params },
+  ].map((message) => JSON.stringify(message)).join('\n') + '\n';
+}