@ottocode/server 0.1.173

package/src/runtime/tools/approval.ts

@@ -0,0 +1,180 @@
+import { publish } from '../../events/bus.ts';
+import { debugLog } from '../debug/index.ts';
+
+export type ToolApprovalMode = 'auto' | 'dangerous' | 'all';
+
+export const DANGEROUS_TOOLS = new Set([
+	'bash',
+	'write',
+	'apply_patch',
+	'terminal',
+	'edit',
+	'git_commit',
+	'git_push',
+]);
+
+export const SAFE_TOOLS = new Set([
+	'finish',
+	'progress_update',
+	'update_todos',
+]);
+
+export interface PendingApproval {
+	callId: string;
+	toolName: string;
+	args: unknown;
+	sessionId: string;
+	messageId: string;
+	resolve: (approved: boolean) => void;
+	createdAt: number;
+}
+
+const pendingApprovals = new Map<string, PendingApproval>();
+
+export function requiresApproval(
+	toolName: string,
+	mode: ToolApprovalMode,
+): boolean {
+	if (SAFE_TOOLS.has(toolName)) return false;
+	if (mode === 'auto') return false;
+	if (mode === 'all') return true;
+	if (mode === 'dangerous') return DANGEROUS_TOOLS.has(toolName);
+	return false;
+}
+
+export async function requestApproval(
+	sessionId: string,
+	messageId: string,
+	callId: string,
+	toolName: string,
+	args: unknown,
+	timeoutMs = 120000,
+): Promise<boolean> {
+	debugLog('[approval] requestApproval called', {
+		sessionId,
+		messageId,
+		callId,
+		toolName,
+	});
+	return new Promise((resolve) => {
+		const approval: PendingApproval = {
+			callId,
+			toolName,
+			args,
+			sessionId,
+			messageId,
+			resolve,
+			createdAt: Date.now(),
+		};
+
+		pendingApprovals.set(callId, approval);
+		debugLog(
+			'[approval] Added to pendingApprovals, count:',
+			pendingApprovals.size,
+		);
+
+		publish({
+			type: 'tool.approval.required',
+			sessionId,
+			payload: {
+				callId,
+				toolName,
+				args,
+				messageId,
+			},
+		});
+
+		setTimeout(() => {
+			if (pendingApprovals.has(callId)) {
+				pendingApprovals.delete(callId);
+				resolve(false);
+				publish({
+					type: 'tool.approval.resolved',
+					sessionId,
+					payload: {
+						callId,
+						toolName,
+						approved: false,
+						reason: 'timeout',
+					},
+				});
+			}
+		}, timeoutMs);
+	});
+}
+
+export function resolveApproval(
+	callId: string,
+	approved: boolean,
+): { ok: boolean; error?: string } {
+	debugLog('[approval] resolveApproval called', {
+		callId,
+		approved,
+		pendingCount: pendingApprovals.size,
+		pendingIds: [...pendingApprovals.keys()],
+	});
+	const approval = pendingApprovals.get(callId);
+	if (!approval) {
+		debugLog('[approval] No pending approval found for callId:', callId);
+		return { ok: false, error: 'No pending approval found for this callId' };
+	}
+
+	pendingApprovals.delete(callId);
+	approval.resolve(approved);
+
+	publish({
+		type: 'tool.approval.resolved',
+		sessionId: approval.sessionId,
+		payload: {
+			callId,
+			toolName: approval.toolName,
+			approved,
+			reason: approved ? 'user_approved' : 'user_rejected',
+		},
+	});
+
+	return { ok: true };
+}
+
+export function getPendingApproval(
+	callId: string,
+): PendingApproval | undefined {
+	return pendingApprovals.get(callId);
+}
+
+export function updateApprovalArgs(callId: string, args: unknown): boolean {
+	const approval = pendingApprovals.get(callId);
+	if (!approval) return false;
+
+	approval.args = args;
+
+	publish({
+		type: 'tool.approval.updated',
+		sessionId: approval.sessionId,
+		payload: {
+			callId,
+			toolName: approval.toolName,
+			args,
+			messageId: approval.messageId,
+		},
+	});
+
+	return true;
+}
+
+export function getPendingApprovalsForSession(
+	sessionId: string,
+): PendingApproval[] {
+	return Array.from(pendingApprovals.values()).filter(
+		(a) => a.sessionId === sessionId,
+	);
+}
+
+export function clearPendingApprovalsForSession(sessionId: string): void {
+	for (const [callId, approval] of pendingApprovals) {
+		if (approval.sessionId === sessionId) {
+			approval.resolve(false);
+			pendingApprovals.delete(callId);
+		}
+	}
+}

package/src/runtime/tools/context.ts

@@ -0,0 +1,83 @@
+import { eq } from 'drizzle-orm';
+import type { DB } from '@ottocode/database';
+import { messageParts } from '@ottocode/database/schema';
+import type { ToolApprovalMode } from './approval.ts';
+import { publish } from '../../events/bus.ts';
+
+export type StepExecutionState = {
+	chain: Promise<void>;
+	failed: boolean;
+	failedToolName?: string;
+};
+
+export type ToolAdapterContext = {
+	sessionId: string;
+	messageId: string;
+	assistantPartId: string;
+	db: DB;
+	agent: string;
+	provider: string;
+	model: string;
+	projectRoot: string;
+	nextIndex: () => number | Promise<number>;
+	stepIndex?: number;
+	onFirstToolCall?: () => void;
+	stepExecution?: {
+		states: Map<number, StepExecutionState>;
+	};
+	toolApprovalMode?: ToolApprovalMode;
+};
+
+export function extractFinishText(input: unknown): string | undefined {
+	if (typeof input === 'string') return input;
+	if (!input || typeof input !== 'object') return undefined;
+	const obj = input as Record<string, unknown>;
+	if (typeof obj.text === 'string') return obj.text;
+	if (
+		obj.input &&
+		typeof (obj.input as Record<string, unknown>).text === 'string'
+	)
+		return String((obj.input as Record<string, unknown>).text);
+	return undefined;
+}
+
+export async function appendAssistantText(
+	ctx: ToolAdapterContext,
+	text: string,
+): Promise<void> {
+	try {
+		const rows = await ctx.db
+			.select()
+			.from(messageParts)
+			.where(eq(messageParts.id, ctx.assistantPartId));
+		let previous = '';
+		if (rows.length) {
+			try {
+				const parsed = JSON.parse(rows[0]?.content ?? '{}');
+				if (parsed && typeof parsed.text === 'string') previous = parsed.text;
+			} catch {}
+		}
+		const addition = text.startsWith(previous)
+			? text.slice(previous.length)
+			: text;
+		if (addition.length) {
+			const payload: Record<string, unknown> = {
+				messageId: ctx.messageId,
+				partId: ctx.assistantPartId,
+				delta: addition,
+			};
+			if (ctx.stepIndex !== undefined) payload.stepIndex = ctx.stepIndex;
+			publish({
+				type: 'message.part.delta',
+				sessionId: ctx.sessionId,
+				payload,
+			});
+		}
+		await ctx.db
+			.update(messageParts)
+			.set({ content: JSON.stringify({ text }) })
+			.where(eq(messageParts.id, ctx.assistantPartId));
+	} catch {
+		// ignore to keep run alive if we can't persist the text
+	}
+}

package/src/runtime/tools/mapping.ts

@@ -0,0 +1,154 @@
+/**
+ * Tool name mapping for Claude Code OAuth compatibility.
+ *
+ * Claude Code OAuth requires PascalCase tool names but does NOT whitelist
+ * specific tools. Any tool with a PascalCase name is accepted.
+ *
+ * This module provides bidirectional mapping between otto's canonical
+ * snake_case names and the PascalCase format required for OAuth.
+ */
+
+export type ToolNamingConvention = 'canonical' | 'claude-code';
+
+/**
+ * Mapping from otto canonical names to PascalCase names.
+ * Includes ALL otto tools for complete OAuth compatibility.
+ */
+export const CANONICAL_TO_PASCAL: Record<string, string> = {
+	// File system operations
+	read: 'Read',
+	write: 'Write',
+	ls: 'Ls',
+	tree: 'Tree',
+	cd: 'Cd',
+	pwd: 'Pwd',
+
+	// Search operations
+	glob: 'Glob',
+	ripgrep: 'Grep', // Maps to Grep for Claude Code compatibility
+	grep: 'Grep',
+
+	// Execution
+	bash: 'Bash',
+	terminal: 'Terminal',
+
+	// Git operations
+	git_status: 'GitStatus',
+	git_diff: 'GitDiff',
+	git_commit: 'GitCommit',
+
+	// Patch/edit
+	apply_patch: 'ApplyPatch',
+
+	// Task management
+	update_todos: 'UpdateTodos',
+	progress_update: 'ProgressUpdate',
+	finish: 'Finish',
+
+	// Web operations
+	websearch: 'WebSearch',
+};
+
+/**
+ * Reverse mapping from PascalCase names to canonical.
+ * Built to handle the many-to-one ripgrep/grep → Grep mapping.
+ */
+export const PASCAL_TO_CANONICAL: Record<string, string> = {
+	// File system operations
+	Read: 'read',
+	Write: 'write',
+	Ls: 'ls',
+	Tree: 'tree',
+	Cd: 'cd',
+	Pwd: 'pwd',
+
+	// Search operations
+	Glob: 'glob',
+	Grep: 'ripgrep', // Maps back to ripgrep (primary search tool)
+
+	// Execution
+	Bash: 'bash',
+	Terminal: 'terminal',
+
+	// Git operations
+	GitStatus: 'git_status',
+	GitDiff: 'git_diff',
+	GitCommit: 'git_commit',
+
+	// Patch/edit
+	ApplyPatch: 'apply_patch',
+
+	// Task management
+	UpdateTodos: 'update_todos',
+	ProgressUpdate: 'progress_update',
+	Finish: 'finish',
+
+	// Web operations
+	WebSearch: 'websearch',
+};
+
+/**
+ * Convert a canonical tool name to PascalCase format.
+ */
+export function toClaudeCodeName(canonical: string): string {
+	if (CANONICAL_TO_PASCAL[canonical]) {
+		return CANONICAL_TO_PASCAL[canonical];
+	}
+	// Default: convert snake_case to PascalCase
+	return canonical
+		.split('_')
+		.map((part) => part.charAt(0).toUpperCase() + part.slice(1))
+		.join('');
+}
+
+/**
+ * Convert a PascalCase tool name to canonical format.
+ */
+export function toCanonicalName(pascalCase: string): string {
+	if (PASCAL_TO_CANONICAL[pascalCase]) {
+		return PASCAL_TO_CANONICAL[pascalCase];
+	}
+	// Default: convert PascalCase to snake_case
+	return pascalCase
+		.replace(/([A-Z])/g, '_$1')
+		.toLowerCase()
+		.replace(/^_/, '');
+}
+
+/**
+ * Check if the current provider/auth combo requires PascalCase naming.
+ */
+export function requiresClaudeCodeNaming(
+	provider: string,
+	authType?: string,
+): boolean {
+	return provider === 'anthropic' && authType === 'oauth';
+}
+
+/**
+ * Transform a tool definition for Claude Code OAuth.
+ * Returns a new object with the transformed name.
+ */
+export function transformToolForClaudeCode<T extends { name: string }>(
+	tool: T,
+): T {
+	return {
+		...tool,
+		name: toClaudeCodeName(tool.name),
+	};
+}
+
+/**
+ * Transform tool call arguments to canonical names.
+ * Used when receiving tool calls from Claude Code OAuth.
+ */
+export function normalizeToolCall<T extends { name: string }>(
+	call: T,
+	fromClaudeCode: boolean,
+): T {
+	if (!fromClaudeCode) return call;
+	return {
+		...call,
+		name: toCanonicalName(call.name),
+	};
+}

package/src/runtime/tools/setup.ts

@@ -0,0 +1,44 @@
+import type { getDb } from '@ottocode/database';
+import { time } from '../debug/index.ts';
+import type { ToolAdapterContext } from '../../tools/adapter.ts';
+import type { RunOpts } from '../session/queue.ts';
+
+export type RunnerToolContext = ToolAdapterContext & { stepIndex: number };
+
+/**
+ * Sets up the shared tool context for a run, including the index counter
+ * and first tool call tracking.
+ */
+export async function setupToolContext(
+	opts: RunOpts,
+	db: Awaited<ReturnType<typeof getDb>>,
+) {
+	const firstToolTimer = time('runner:first-tool-call');
+	let firstToolSeen = false;
+
+	// Simple counter starting at 0 - first event gets 0, second gets 1, etc.
+	let currentIndex = 0;
+	const nextIndex = () => currentIndex++;
+
+	const sharedCtx: RunnerToolContext = {
+		nextIndex,
+		stepIndex: 0,
+		sessionId: opts.sessionId,
+		messageId: opts.assistantMessageId,
+		assistantPartId: '', // Will be set by runner when first text part is created
+		db,
+		agent: opts.agent,
+		provider: opts.provider,
+		model: opts.model,
+		projectRoot: opts.projectRoot,
+		stepExecution: { states: new Map() },
+		toolApprovalMode: opts.toolApprovalMode,
+		onFirstToolCall: () => {
+			if (firstToolSeen) return;
+			firstToolSeen = true;
+			firstToolTimer.end();
+		},
+	};
+
+	return { sharedCtx, firstToolTimer, firstToolSeen: () => firstToolSeen };
+}

package/src/runtime/topup/manager.ts

@@ -0,0 +1,110 @@
+import { logger } from '@ottocode/sdk';
+
+export type TopupMethod = 'crypto' | 'fiat';
+
+export interface PendingTopup {
+	sessionId: string;
+	messageId: string;
+	amountUsd: number;
+	currentBalance: number;
+	resolve: (method: TopupMethod) => void;
+	reject: (error: Error) => void;
+	createdAt: number;
+}
+
+const TOPUP_TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
+
+const pendingTopups = new Map<string, PendingTopup>();
+const timeoutIds = new Map<string, ReturnType<typeof setTimeout>>();
+
+export function waitForTopupMethodSelection(
+	sessionId: string,
+	messageId: string,
+	amountUsd: number,
+	currentBalance: number,
+): Promise<TopupMethod> {
+	return new Promise((resolve, reject) => {
+		const existing = pendingTopups.get(sessionId);
+		if (existing) {
+			existing.reject(new Error('Superseded by new topup request'));
+			clearPendingTopup(sessionId);
+		}
+
+		const pending: PendingTopup = {
+			sessionId,
+			messageId,
+			amountUsd,
+			currentBalance,
+			resolve,
+			reject,
+			createdAt: Date.now(),
+		};
+
+		pendingTopups.set(sessionId, pending);
+
+		const timeoutId = setTimeout(() => {
+			const p = pendingTopups.get(sessionId);
+			if (p) {
+				logger.warn(`Topup selection timeout for session ${sessionId}`);
+				p.reject(new Error('Topup selection timeout'));
+				clearPendingTopup(sessionId);
+			}
+		}, TOPUP_TIMEOUT_MS);
+
+		timeoutIds.set(sessionId, timeoutId);
+	});
+}
+
+export function resolveTopupMethodSelection(
+	sessionId: string,
+	method: TopupMethod,
+): boolean {
+	const pending = pendingTopups.get(sessionId);
+	if (!pending) {
+		logger.warn(
+			`No pending topup found for session ${sessionId} when trying to resolve`,
+		);
+		return false;
+	}
+
+	pending.resolve(method);
+	clearPendingTopup(sessionId);
+	return true;
+}
+
+export function rejectTopupSelection(
+	sessionId: string,
+	reason: string,
+): boolean {
+	const pending = pendingTopups.get(sessionId);
+	if (!pending) {
+		return false;
+	}
+
+	pending.reject(new Error(reason));
+	clearPendingTopup(sessionId);
+	return true;
+}
+
+export function getPendingTopup(sessionId: string): PendingTopup | undefined {
+	return pendingTopups.get(sessionId);
+}
+
+export function hasPendingTopup(sessionId: string): boolean {
+	return pendingTopups.has(sessionId);
+}
+
+export function clearPendingTopup(sessionId: string): void {
+	const timeoutId = timeoutIds.get(sessionId);
+	if (timeoutId) {
+		clearTimeout(timeoutId);
+		timeoutIds.delete(sessionId);
+	}
+	pendingTopups.delete(sessionId);
+}
+
+export function clearAllPendingTopups(): void {
+	for (const sessionId of pendingTopups.keys()) {
+		clearPendingTopup(sessionId);
+	}
+}

package/src/runtime/utils/cwd.ts

@@ -0,0 +1,69 @@
+const cwdMap = new Map<string, string>();
+
+export function getCwd(sessionId: string): string {
+	return cwdMap.get(sessionId) ?? '.';
+}
+
+export function setCwd(sessionId: string, cwd: string) {
+	cwdMap.set(sessionId, cwd || '.');
+}
+
+// normalize relative path like './a/../b' -> 'b', never escapes above '.'
+export function normalizeRelative(path: string): string {
+	const parts = path.replace(/\\/g, '/').split('/');
+	const stack: string[] = [];
+	for (const part of parts) {
+		if (!part || part === '.') continue;
+		if (part === '..') {
+			if (stack.length > 0) stack.pop();
+			continue;
+		}
+		stack.push(part);
+	}
+	return stack.length ? stack.join('/') : '.';
+}
+
+export function joinRelative(base: string, p: string): string {
+	if (!p || p === '.') return base || '.';
+
+	// Expand tilde to home directory if present
+	const home = process.env.HOME || process.env.USERPROFILE || '';
+	if (p === '~' && home) p = home;
+	else if (p.startsWith('~/') && home) p = `${home}/${p.slice(2)}`;
+
+	// If target is absolute, preserve it as absolute
+	if (p.startsWith('/')) {
+		// Canonicalize: collapse //, resolve . and .. without escaping above root
+		const parts = p.replace(/\\/g, '/').split('/');
+		const stack: string[] = [];
+		for (const part of parts) {
+			if (!part || part === '.') continue;
+			if (part === '..') {
+				if (stack.length > 0) stack.pop();
+				continue;
+			}
+			stack.push(part);
+		}
+		return `/${stack.join('/')}` || '/';
+	}
+
+	// If base is absolute, join and return absolute
+	const baseIsAbs = Boolean(base) && base.startsWith('/');
+	if (baseIsAbs) {
+		const joined = `${base.replace(/\/$/, '')}/${p}`;
+		const parts = joined.replace(/\\/g, '/').split('/');
+		const stack: string[] = [];
+		for (const part of parts) {
+			if (!part || part === '.') continue;
+			if (part === '..') {
+				if (stack.length > 0) stack.pop();
+				continue;
+			}
+			stack.push(part);
+		}
+		return `/${stack.join('/')}` || '/';
+	}
+
+	// Relative -> Relative join
+	return normalizeRelative(`${base || '.'}/${p}`);
+}

package/src/runtime/utils/token.ts

@@ -0,0 +1,35 @@
+import { catalog } from '@ottocode/sdk';
+import { debugLog } from '../debug/index.ts';
+import type { ProviderName } from '../provider/index.ts';
+
+/**
+ * Gets the maximum output tokens allowed for a given provider/model combination.
+ * Returns undefined if the information is not available in the catalog.
+ */
+export function getMaxOutputTokens(
+	provider: ProviderName,
+	modelId: string,
+): number | undefined {
+	try {
+		const providerCatalog = catalog[provider];
+		if (!providerCatalog) {
+			debugLog(`[maxOutputTokens] No catalog found for provider: ${provider}`);
+			return undefined;
+		}
+		const modelInfo = providerCatalog.models.find((m) => m.id === modelId);
+		if (!modelInfo) {
+			debugLog(
+				`[maxOutputTokens] No model info found for: ${modelId} in provider: ${provider}`,
+			);
+			return undefined;
+		}
+		const outputLimit = modelInfo.limit?.output;
+		debugLog(
+			`[maxOutputTokens] Provider: ${provider}, Model: ${modelId}, Limit: ${outputLimit}`,
+		);
+		return outputLimit;
+	} catch (err) {
+		debugLog(`[maxOutputTokens] Error looking up limit: ${err}`);
+		return undefined;
+	}
+}