@poncho-ai/harness 0.7.0 → 0.7.2

package/.turbo/turbo-build.log

@@ -1,14 +1,14 @@
 
-> @poncho-ai/harness@0.7.0 build /Users/cesar/Dev/latitude/poncho-ai/packages/harness
+> @poncho-ai/harness@0.7.2 build /Users/cesar/Dev/latitude/poncho-ai/packages/harness
 > tsup src/index.ts --format esm --dts
 
-CLI Building entry: src/index.ts
-CLI Using tsconfig: tsconfig.json
-CLI tsup v8.5.1
-CLI Target: es2022
-ESM Build start
-ESM dist/index.js 115.52 KB
-ESM ⚡️ Build success in 56ms
-DTS Build start
-DTS ⚡️ Build success in 2668ms
-DTS dist/index.d.ts 16.10 KB
+CLI Building entry: src/index.ts
+CLI Using tsconfig: tsconfig.json
+CLI tsup v8.5.1
+CLI Target: es2022
+ESM Build start
+ESM dist/index.js 119.54 KB
+ESM ⚡️ Build success in 32ms
+DTS Build start
+DTS ⚡️ Build success in 3824ms
+DTS dist/index.d.ts 16.21 KB

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @poncho-ai/harness
 
+## 0.7.1
+
+### Patch Changes
+
+- Persist pending approvals on conversation state and add SSE reconnect endpoint so Web UI approvals survive page refresh and stream responses in real-time.
+
 ## 0.7.0
 
 ### Minor Changes

package/dist/index.d.ts

@@ -22,6 +22,10 @@ interface AgentFrontmatter {
         mcp?: string[];
         scripts?: string[];
     };
+    approvalRequired?: {
+        mcp?: string[];
+        scripts?: string[];
+    };
 }
 interface ParsedAgent {
     frontmatter: AgentFrontmatter;
@@ -55,6 +59,12 @@ interface Conversation {
     title: string;
     messages: Message[];
     runtimeRunId?: string;
+    pendingApprovals?: Array<{
+        approvalId: string;
+        runId: string;
+        tool: string;
+        input: Record<string, unknown>;
+    }>;
     ownerId: string;
     tenantId: string | null;
     createdAt: number;
@@ -134,19 +144,6 @@ declare const createMemoryTools: (store: MemoryStore, options?: {
     maxRecallConversations?: number;
 }) => ToolDefinition[];
 
-type RuntimeEnvironment = "development" | "staging" | "production";
-type ToolPolicyMode = "all" | "allowlist" | "denylist";
-interface ToolPatternPolicy {
-    mode?: ToolPolicyMode;
-    include?: string[];
-    exclude?: string[];
-    byEnvironment?: {
-        development?: Omit<ToolPatternPolicy, "byEnvironment">;
-        staging?: Omit<ToolPatternPolicy, "byEnvironment">;
-        production?: Omit<ToolPatternPolicy, "byEnvironment">;
-    };
-}
-
 interface RemoteMcpServerConfig {
     name?: string;
     url: string;
@@ -155,7 +152,6 @@ interface RemoteMcpServerConfig {
         type: "bearer";
         tokenEnv?: string;
     };
-    tools?: ToolPatternPolicy;
     timeoutMs?: number;
     reconnectAttempts?: number;
     reconnectDelayMs?: number;
@@ -170,7 +166,6 @@ declare class LocalMcpBridge {
     private readonly unavailableServers;
     private readonly authFailedServers;
     constructor(config: McpConfig | undefined);
-    private validatePolicy;
     private getServerName;
     private log;
     discoverTools(): Promise<void>;
@@ -186,7 +181,7 @@ declare class LocalMcpBridge {
     toSerializableConfig(): McpConfig;
     getLocalServers(): never[];
     listDiscoveredTools(serverName?: string): string[];
-    loadTools(requestedPatterns: string[], environment?: RuntimeEnvironment): Promise<ToolDefinition[]>;
+    loadTools(requestedPatterns: string[]): Promise<ToolDefinition[]>;
     private toToolDefinitions;
 }
 
@@ -245,7 +240,6 @@ interface PonchoConfig extends McpConfig {
         handler?: (event: unknown) => Promise<void> | void;
     };
     skills?: Record<string, Record<string, unknown>>;
-    scripts?: ToolPatternPolicy;
     /** Extra directories (relative to project root) to scan for skills.
      *  `skills/` and `.poncho/skills/` are always scanned. */
     skillPaths?: string[];
@@ -311,15 +305,19 @@ declare class AgentHarness {
     private registerConfiguredBuiltInTools;
     private shouldEnableWriteTool;
     constructor(options?: HarnessOptions);
-    private runtimeEnvironment;
     private listActiveSkills;
     private getAgentMcpIntent;
     private getAgentScriptIntent;
+    private getAgentMcpApprovalPatterns;
+    private getAgentScriptApprovalPatterns;
     private getRequestedMcpPatterns;
     private getRequestedScriptPatterns;
+    private getRequestedMcpApprovalPatterns;
+    private getRequestedScriptApprovalPatterns;
     private isScriptAllowedByPolicy;
+    private isRootScriptAllowedByPolicy;
+    private requiresApprovalForToolCall;
     private refreshMcpTools;
-    private validateScriptPolicyConfig;
     initialize(): Promise<void>;
     shutdown(): Promise<void>;
     listTools(): ToolDefinition[];
@@ -395,6 +393,10 @@ interface SkillMetadata {
         mcp: string[];
         scripts: string[];
     };
+    approvalRequired: {
+        mcp: string[];
+        scripts: string[];
+    };
     /** Absolute path to the skill directory. */
     skillDir: string;
     /** Absolute path to the SKILL.md file. */
@@ -422,11 +424,14 @@ declare const loadSkillContext: (workingDir: string) => Promise<SkillContextEntr
  * - `run_skill_script` — executes a JavaScript/TypeScript module under scripts/
  */
 declare const createSkillTools: (skills: SkillMetadata[], options?: {
+    workingDir?: string;
     onActivateSkill?: (name: string) => Promise<string[]> | string[];
     onDeactivateSkill?: (name: string) => Promise<string[]> | string[];
     onListActiveSkills?: () => string[];
     isScriptAllowed?: (skill: string, scriptPath: string) => boolean;
+    isRootScriptAllowed?: (scriptPath: string) => boolean;
 }) => ToolDefinition[];
+declare const normalizeScriptPolicyPath: (relativePath: string) => string;
 
 interface TelemetryConfig {
     enabled?: boolean;
@@ -470,4 +475,4 @@ declare class ToolDispatcher {
     executeBatch(calls: ToolCall[], context: ToolContext): Promise<ToolExecutionResult[]>;
 }
 
-export { type AgentFrontmatter, AgentHarness, type AgentLimitsConfig, type AgentModelConfig, type BuiltInToolToggles, type Conversation, type ConversationState, type ConversationStore, type HarnessOptions, type HarnessRunOutput, InMemoryConversationStore, InMemoryStateStore, LatitudeCapture, type LatitudeCaptureConfig, LocalMcpBridge, type MainMemory, type McpConfig, type MemoryConfig, type MemoryStore, type ModelProviderFactory, type ParsedAgent, type PonchoConfig, type RemoteMcpServerConfig, type RuntimeRenderContext, type SkillContextEntry, type SkillMetadata, type StateConfig, type StateProviderName, type StateStore, type StorageConfig, type TelemetryConfig, TelemetryEmitter, type ToolCall, ToolDispatcher, type ToolExecutionResult, buildSkillContextWindow, createConversationStore, createDefaultTools, createMemoryStore, createMemoryTools, createModelProvider, createSkillTools, createStateStore, createWriteTool, jsonSchemaToZod, loadPonchoConfig, loadSkillContext, loadSkillInstructions, loadSkillMetadata, parseAgentFile, parseAgentMarkdown, readSkillResource, renderAgentPrompt, resolveMemoryConfig, resolveSkillDirs, resolveStateConfig };
+export { type AgentFrontmatter, AgentHarness, type AgentLimitsConfig, type AgentModelConfig, type BuiltInToolToggles, type Conversation, type ConversationState, type ConversationStore, type HarnessOptions, type HarnessRunOutput, InMemoryConversationStore, InMemoryStateStore, LatitudeCapture, type LatitudeCaptureConfig, LocalMcpBridge, type MainMemory, type McpConfig, type MemoryConfig, type MemoryStore, type ModelProviderFactory, type ParsedAgent, type PonchoConfig, type RemoteMcpServerConfig, type RuntimeRenderContext, type SkillContextEntry, type SkillMetadata, type StateConfig, type StateProviderName, type StateStore, type StorageConfig, type TelemetryConfig, TelemetryEmitter, type ToolCall, ToolDispatcher, type ToolExecutionResult, buildSkillContextWindow, createConversationStore, createDefaultTools, createMemoryStore, createMemoryTools, createModelProvider, createSkillTools, createStateStore, createWriteTool, jsonSchemaToZod, loadPonchoConfig, loadSkillContext, loadSkillInstructions, loadSkillMetadata, normalizeScriptPolicyPath, parseAgentFile, parseAgentMarkdown, readSkillResource, renderAgentPrompt, resolveMemoryConfig, resolveSkillDirs, resolveStateConfig };