npm - @posthog/agent - Versions diffs - 2.1.131 → 2.1.137 - Mend

@posthog/agent 2.1.131 → 2.1.137

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/adapters/claude/conversion/tool-use-to-acp.d.ts +14 -28
package/dist/adapters/claude/conversion/tool-use-to-acp.js +116 -164
package/dist/adapters/claude/conversion/tool-use-to-acp.js.map +1 -1
package/dist/adapters/claude/permissions/permission-options.js +33 -0
package/dist/adapters/claude/permissions/permission-options.js.map +1 -1
package/dist/adapters/claude/tools.js +21 -11
package/dist/adapters/claude/tools.js.map +1 -1
package/dist/agent.js +1251 -606
package/dist/agent.js.map +1 -1
package/dist/posthog-api.js +2 -2
package/dist/posthog-api.js.map +1 -1
package/dist/server/agent-server.js +1300 -655
package/dist/server/agent-server.js.map +1 -1
package/dist/server/bin.cjs +1278 -635
package/dist/server/bin.cjs.map +1 -1
package/package.json +2 -2
package/src/adapters/base-acp-agent.ts +6 -3
package/src/adapters/claude/UPSTREAM.md +63 -0
package/src/adapters/claude/claude-agent.ts +682 -421
package/src/adapters/claude/conversion/sdk-to-acp.ts +249 -85
package/src/adapters/claude/conversion/tool-use-to-acp.ts +174 -149
package/src/adapters/claude/hooks.ts +53 -1
package/src/adapters/claude/permissions/permission-handlers.ts +39 -21
package/src/adapters/claude/session/commands.ts +13 -9
package/src/adapters/claude/session/mcp-config.ts +2 -5
package/src/adapters/claude/session/options.ts +58 -6
package/src/adapters/claude/session/settings.ts +326 -0
package/src/adapters/claude/tools.ts +1 -0
package/src/adapters/claude/types.ts +38 -0
package/src/execution-mode.ts +26 -10
package/src/server/agent-server.test.ts +41 -1
package/src/utils/common.ts +1 -1

package/src/adapters/claude/session/options.ts CHANGED Viewed

@@ -3,6 +3,7 @@ import * as fs from "node:fs";
 import * as os from "node:os";
 import * as path from "node:path";
 import type {
+  CanUseTool,
   McpServerConfig,
   Options,
   SpawnedProcess,
@@ -10,8 +11,14 @@ import type {
 } from "@anthropic-ai/claude-agent-sdk";
 import { IS_ROOT } from "../../../utils/common.js";
 import type { Logger } from "../../../utils/logger.js";
-import { createPostToolUseHook, type OnModeChange } from "../hooks.js";
+import {
+  createPostToolUseHook,
+  createPreToolUseHook,
+  type OnModeChange,
+} from "../hooks.js";
 import type { TwigExecutionMode } from "../tools.js";
+import { DEFAULT_MODEL } from "./models.js";
+import type { SettingsManager } from "./settings.js";
 export interface ProcessSpawnedInfo {
   pid: number;
@@ -23,13 +30,16 @@ export interface BuildOptionsParams {
   cwd: string;
   mcpServers: Record<string, McpServerConfig>;
   permissionMode: TwigExecutionMode;
-  canUseTool: Options["canUseTool"];
+  canUseTool: CanUseTool;
   logger: Logger;
   systemPrompt?: Options["systemPrompt"];
   userProvidedOptions?: Options;
   sessionId: string;
   isResume: boolean;
+  forkSession?: boolean;
   additionalDirectories?: string[];
+  disableBuiltInTools?: boolean;
+  settingsManager: SettingsManager;
   onModeChange?: OnModeChange;
   onProcessSpawned?: (info: ProcessSpawnedInfo) => void;
   onProcessExited?: (pid: number) => void;
@@ -95,14 +105,22 @@ function buildEnvironment(): Record<string, string> {
 function buildHooks(
   userHooks: Options["hooks"],
-  onModeChange?: OnModeChange,
+  onModeChange: OnModeChange | undefined,
+  settingsManager: SettingsManager,
+  logger: Logger,
 ): Options["hooks"] {
   return {
     ...userHooks,
     PostToolUse: [
       ...(userHooks?.PostToolUse || []),
       {
-        hooks: [createPostToolUseHook({ onModeChange })],
+        hooks: [createPostToolUseHook({ onModeChange, logger })],
+      },
+    ],
+    PreToolUse: [
+      ...(userHooks?.PreToolUse || []),
+      {
+        hooks: [createPreToolUseHook(settingsManager, logger)],
       },
     ],
   };
@@ -214,12 +232,22 @@ export function buildSessionOptions(params: BuildOptionsParams): Options {
     permissionMode: params.permissionMode,
     canUseTool: params.canUseTool,
     executable: "node",
+    tools: { type: "preset", preset: "claude_code" },
+    extraArgs: {
+      ...params.userProvidedOptions?.extraArgs,
+      "replay-user-messages": "",
+    },
     mcpServers: buildMcpServers(
       params.userProvidedOptions?.mcpServers,
       params.mcpServers,
     ),
     env: buildEnvironment(),
-    hooks: buildHooks(params.userProvidedOptions?.hooks, params.onModeChange),
+    hooks: buildHooks(
+      params.userProvidedOptions?.hooks,
+      params.onModeChange,
+      params.settingsManager,
+      params.logger,
+    ),
     abortController: getAbortController(
       params.userProvidedOptions?.abortController,
     ),
@@ -238,15 +266,39 @@ export function buildSessionOptions(params: BuildOptionsParams): Options {
   if (params.isResume) {
     options.resume = params.sessionId;
-    options.forkSession = false;
+    options.forkSession = params.forkSession ?? false;
   } else {
     options.sessionId = params.sessionId;
+    options.model = DEFAULT_MODEL;
   }
   if (params.additionalDirectories) {
     options.additionalDirectories = params.additionalDirectories;
   }
+  if (params.disableBuiltInTools) {
+    const builtInTools = [
+      "Read",
+      "Write",
+      "Edit",
+      "Bash",
+      "Glob",
+      "Grep",
+      "Task",
+      "TodoWrite",
+      "ExitPlanMode",
+      "WebSearch",
+      "WebFetch",
+      "SlashCommand",
+      "Skill",
+      "NotebookEdit",
+    ];
+    options.disallowedTools = [
+      ...(options.disallowedTools ?? []),
+      ...builtInTools,
+    ];
+  }
   clearStatsigCache();
   return options;
 }

package/src/adapters/claude/session/settings.ts ADDED Viewed

@@ -0,0 +1,326 @@
+import * as fs from "node:fs";
+import * as os from "node:os";
+import * as path from "node:path";
+import { minimatch } from "minimatch";
+const ACP_TOOL_NAME_PREFIX = "mcp__acp__";
+const acpToolNames = {
+  read: `${ACP_TOOL_NAME_PREFIX}Read`,
+  edit: `${ACP_TOOL_NAME_PREFIX}Edit`,
+  write: `${ACP_TOOL_NAME_PREFIX}Write`,
+  bash: `${ACP_TOOL_NAME_PREFIX}Bash`,
+};
+const SHELL_OPERATORS = ["&&", "||", ";", "|", "$(", "`", "\n"];
+function containsShellOperator(str: string): boolean {
+  return SHELL_OPERATORS.some((op) => str.includes(op));
+}
+const FILE_EDITING_TOOLS = [acpToolNames.edit, acpToolNames.write];
+const FILE_READING_TOOLS = [acpToolNames.read];
+const TOOL_ARG_ACCESSORS: Record<
+  string,
+  (input: Record<string, unknown>) => string | undefined
+> = {
+  [acpToolNames.read]: (input) => input?.file_path as string | undefined,
+  [acpToolNames.edit]: (input) => input?.file_path as string | undefined,
+  [acpToolNames.write]: (input) => input?.file_path as string | undefined,
+  [acpToolNames.bash]: (input) => input?.command as string | undefined,
+};
+interface ParsedRule {
+  toolName: string;
+  argument?: string;
+  isWildcard?: boolean;
+}
+function parseRule(rule: string): ParsedRule {
+  const match = rule.match(/^(\w+)(?:\((.+)\))?$/);
+  if (!match) {
+    return { toolName: rule };
+  }
+  const toolName = match[1] ?? rule;
+  const argument = match[2];
+  if (argument?.endsWith(":*")) {
+    return {
+      toolName,
+      argument: argument.slice(0, -2),
+      isWildcard: true,
+    };
+  }
+  return { toolName, argument };
+}
+function normalizePath(filePath: string, cwd: string): string {
+  let resolved = filePath;
+  if (resolved.startsWith("~/")) {
+    resolved = path.join(os.homedir(), resolved.slice(2));
+  } else if (resolved.startsWith("./")) {
+    resolved = path.join(cwd, resolved.slice(2));
+  } else if (!path.isAbsolute(resolved)) {
+    resolved = path.join(cwd, resolved);
+  }
+  return path.normalize(resolved).replace(/\\/g, "/");
+}
+function matchesGlob(pattern: string, filePath: string, cwd: string): boolean {
+  const normalizedPattern = normalizePath(pattern, cwd);
+  const normalizedPath = normalizePath(filePath, cwd);
+  return minimatch(normalizedPath, normalizedPattern, {
+    dot: true,
+    matchBase: false,
+    nocase: process.platform === "win32",
+  });
+}
+function matchesRule(
+  rule: ParsedRule,
+  toolName: string,
+  toolInput: unknown,
+  cwd: string,
+): boolean {
+  const ruleAppliesToTool =
+    (rule.toolName === "Bash" && toolName === acpToolNames.bash) ||
+    (rule.toolName === "Edit" && FILE_EDITING_TOOLS.includes(toolName)) ||
+    (rule.toolName === "Read" && FILE_READING_TOOLS.includes(toolName));
+  if (!ruleAppliesToTool) {
+    return false;
+  }
+  if (!rule.argument) {
+    return true;
+  }
+  const argAccessor = TOOL_ARG_ACCESSORS[toolName];
+  if (!argAccessor) {
+    return true;
+  }
+  const actualArg = argAccessor(toolInput as Record<string, unknown>);
+  if (!actualArg) {
+    return false;
+  }
+  if (toolName === acpToolNames.bash) {
+    if (rule.isWildcard) {
+      if (!actualArg.startsWith(rule.argument)) {
+        return false;
+      }
+      const remainder = actualArg.slice(rule.argument.length);
+      if (containsShellOperator(remainder)) {
+        return false;
+      }
+      return true;
+    }
+    return actualArg === rule.argument;
+  }
+  return matchesGlob(rule.argument, actualArg, cwd);
+}
+async function loadSettingsFile(
+  filePath: string | undefined,
+): Promise<ClaudeCodeSettings> {
+  if (!filePath) {
+    return {};
+  }
+  try {
+    const content = await fs.promises.readFile(filePath, "utf-8");
+    return JSON.parse(content) as ClaudeCodeSettings;
+  } catch {
+    return {};
+  }
+}
+export interface PermissionSettings {
+  allow?: string[];
+  deny?: string[];
+  ask?: string[];
+  additionalDirectories?: string[];
+  defaultMode?: string;
+}
+export interface ClaudeCodeSettings {
+  permissions?: PermissionSettings;
+  env?: Record<string, string>;
+  model?: string;
+}
+export type PermissionDecision = "allow" | "deny" | "ask";
+export interface PermissionCheckResult {
+  decision: PermissionDecision;
+  rule?: string;
+  source?: "allow" | "deny" | "ask";
+}
+export function getManagedSettingsPath(): string {
+  switch (process.platform) {
+    case "darwin":
+      return "/Library/Application Support/ClaudeCode/managed-settings.json";
+    case "linux":
+      return "/etc/claude-code/managed-settings.json";
+    case "win32":
+      return "C:\\Program Files\\ClaudeCode\\managed-settings.json";
+    default:
+      return "/etc/claude-code/managed-settings.json";
+  }
+}
+export class SettingsManager {
+  private cwd: string;
+  private userSettings: ClaudeCodeSettings = {};
+  private projectSettings: ClaudeCodeSettings = {};
+  private localSettings: ClaudeCodeSettings = {};
+  private enterpriseSettings: ClaudeCodeSettings = {};
+  private mergedSettings: ClaudeCodeSettings = {};
+  private initialized = false;
+  constructor(cwd: string) {
+    this.cwd = cwd;
+  }
+  async initialize(): Promise<void> {
+    if (this.initialized) {
+      return;
+    }
+    await this.loadAllSettings();
+    this.initialized = true;
+  }
+  private getUserSettingsPath(): string {
+    const configDir =
+      process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), ".claude");
+    return path.join(configDir, "settings.json");
+  }
+  private getProjectSettingsPath(): string {
+    return path.join(this.cwd, ".claude", "settings.json");
+  }
+  private getLocalSettingsPath(): string {
+    return path.join(this.cwd, ".claude", "settings.local.json");
+  }
+  private async loadAllSettings(): Promise<void> {
+    const [userSettings, projectSettings, localSettings, enterpriseSettings] =
+      await Promise.all([
+        loadSettingsFile(this.getUserSettingsPath()),
+        loadSettingsFile(this.getProjectSettingsPath()),
+        loadSettingsFile(this.getLocalSettingsPath()),
+        loadSettingsFile(getManagedSettingsPath()),
+      ]);
+    this.userSettings = userSettings;
+    this.projectSettings = projectSettings;
+    this.localSettings = localSettings;
+    this.enterpriseSettings = enterpriseSettings;
+    this.mergeAllSettings();
+  }
+  private mergeAllSettings(): void {
+    const allSettings = [
+      this.userSettings,
+      this.projectSettings,
+      this.localSettings,
+      this.enterpriseSettings,
+    ];
+    const permissions: PermissionSettings = {
+      allow: [],
+      deny: [],
+      ask: [],
+    };
+    const merged: ClaudeCodeSettings = { permissions };
+    for (const settings of allSettings) {
+      if (settings.permissions) {
+        if (settings.permissions.allow) {
+          permissions.allow?.push(...settings.permissions.allow);
+        }
+        if (settings.permissions.deny) {
+          permissions.deny?.push(...settings.permissions.deny);
+        }
+        if (settings.permissions.ask) {
+          permissions.ask?.push(...settings.permissions.ask);
+        }
+        if (settings.permissions.additionalDirectories) {
+          permissions.additionalDirectories = [
+            ...(permissions.additionalDirectories || []),
+            ...settings.permissions.additionalDirectories,
+          ];
+        }
+        if (settings.permissions.defaultMode) {
+          permissions.defaultMode = settings.permissions.defaultMode;
+        }
+      }
+      if (settings.env) {
+        merged.env = { ...merged.env, ...settings.env };
+      }
+      if (settings.model) {
+        merged.model = settings.model;
+      }
+    }
+    this.mergedSettings = merged;
+  }
+  checkPermission(toolName: string, toolInput: unknown): PermissionCheckResult {
+    if (!toolName.startsWith(ACP_TOOL_NAME_PREFIX)) {
+      return { decision: "ask" };
+    }
+    const permissions = this.mergedSettings.permissions;
+    if (!permissions) {
+      return { decision: "ask" };
+    }
+    for (const rule of permissions.deny || []) {
+      const parsed = parseRule(rule);
+      if (matchesRule(parsed, toolName, toolInput, this.cwd)) {
+        return { decision: "deny", rule, source: "deny" };
+      }
+    }
+    for (const rule of permissions.allow || []) {
+      const parsed = parseRule(rule);
+      if (matchesRule(parsed, toolName, toolInput, this.cwd)) {
+        return { decision: "allow", rule, source: "allow" };
+      }
+    }
+    for (const rule of permissions.ask || []) {
+      const parsed = parseRule(rule);
+      if (matchesRule(parsed, toolName, toolInput, this.cwd)) {
+        return { decision: "ask", rule, source: "ask" };
+      }
+    }
+    return { decision: "ask" };
+  }
+  getSettings(): ClaudeCodeSettings {
+    return this.mergedSettings;
+  }
+  getCwd(): string {
+    return this.cwd;
+  }
+  async setCwd(cwd: string): Promise<void> {
+    if (this.cwd === cwd) {
+      return;
+    }
+    this.dispose();
+    this.cwd = cwd;
+    this.initialized = false;
+    await this.initialize();
+  }
+  dispose(): void {
+    this.initialized = false;
+  }
+}

package/src/adapters/claude/tools.ts CHANGED Viewed

@@ -39,6 +39,7 @@ const AUTO_ALLOWED_TOOLS: Record<string, Set<string>> = {
   default: new Set(BASE_ALLOWED_TOOLS),
   acceptEdits: new Set([...BASE_ALLOWED_TOOLS, ...WRITE_TOOLS]),
   plan: new Set(BASE_ALLOWED_TOOLS),
+  // dontAsk: new Set(BASE_ALLOWED_TOOLS),
 };
 export function isToolAllowedForMode(

package/src/adapters/claude/types.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import type {
+  SessionConfigOption,
   TerminalHandle,
   TerminalOutputResponse,
 } from "@agentclientprotocol/sdk";
@@ -9,8 +10,16 @@ import type {
 } from "@anthropic-ai/claude-agent-sdk";
 import type { Pushable } from "../../utils/streams.js";
 import type { BaseSession } from "../base-acp-agent.js";
+import type { SettingsManager } from "./session/settings.js";
 import type { TwigExecutionMode } from "./tools.js";
+export type AccumulatedUsage = {
+  inputTokens: number;
+  outputTokens: number;
+  cachedReadTokens: number;
+  cachedWriteTokens: number;
+};
 export type BackgroundTerminal =
   | {
       handle: TerminalHandle;
@@ -22,15 +31,26 @@ export type BackgroundTerminal =
       pendingOutput: TerminalOutputResponse;
     };
+export type PendingMessage = {
+  resolve: (cancelled: boolean) => void;
+  order: number;
+};
 export type Session = BaseSession & {
   query: Query;
   input: Pushable<SDKUserMessage>;
+  settingsManager: SettingsManager;
   permissionMode: TwigExecutionMode;
   modelId?: string;
   cwd: string;
   taskRunId?: string;
   lastPlanFilePath?: string;
   lastPlanContent?: string;
+  configOptions: SessionConfigOption[];
+  accumulatedUsage: AccumulatedUsage;
+  promptRunning: boolean;
+  pendingMessages: Map<string, PendingMessage>;
+  nextPendingOrder: number;
 };
 export type ToolUseCache = {
@@ -42,12 +62,30 @@ export type ToolUseCache = {
   };
 };
+export type TerminalInfo = {
+  terminal_id: string;
+};
+export type TerminalOutput = {
+  terminal_id: string;
+  data: string;
+};
+export type TerminalExit = {
+  terminal_id: string;
+  exit_code: number | null;
+  signal: string | null;
+};
 export type ToolUpdateMeta = {
   claudeCode?: {
     toolName: string;
     toolResponse?: unknown;
     parentToolCallId?: string;
   };
+  terminal_info?: TerminalInfo;
+  terminal_output?: TerminalOutput;
+  terminal_exit?: TerminalExit;
 };
 export type NewSessionMeta = {

package/src/execution-mode.ts CHANGED Viewed

@@ -6,38 +6,54 @@ export interface ModeInfo {
   description: string;
 }
-const MODES: ModeInfo[] = [
+// Helper constant that can easily be toggled for env/feature flag/etc
+const ALLOW_BYPASS = !IS_ROOT;
+const availableModes: ModeInfo[] = [
   {
     id: "default",
-    name: "Always Ask",
-    description: "Prompts for permission on first use of each tool",
+    name: "Default",
+    description: "Standard behavior, prompts for dangerous operations",
   },
   {
     id: "acceptEdits",
     name: "Accept Edits",
-    description: "Automatically accepts file edit permissions for the session",
+    description: "Auto-accept file edit operations",
   },
   {
     id: "plan",
     name: "Plan Mode",
-    description: "Claude can analyze but not modify files or execute commands",
+    description: "Planning mode, no actual tool execution",
   },
-  {
+  // {
+  //   id: "dontAsk",
+  //   name: "Don't Ask",
+  //   description: "Don't prompt for permissions, deny if not pre-approved",
+  // },
+];
+if (ALLOW_BYPASS) {
+  availableModes.push({
     id: "bypassPermissions",
     name: "Bypass Permissions",
-    description: "Skips all permission prompts",
-  },
-];
+    description: "Bypass all permission checks",
+  });
+}
+// Expose execution mode IDs in type-safe order for type checks
 export const TWIG_EXECUTION_MODES = [
   "default",
   "acceptEdits",
   "plan",
+  // "dontAsk",
   "bypassPermissions",
 ] as const;
 export type TwigExecutionMode = (typeof TWIG_EXECUTION_MODES)[number];
 export function getAvailableModes(): ModeInfo[] {
-  return IS_ROOT ? MODES.filter((m) => m.id !== "bypassPermissions") : MODES;
+  // When IS_ROOT, do not allow bypassPermissions
+  return IS_ROOT
+    ? availableModes.filter((m) => m.id !== "bypassPermissions")
+    : availableModes;
 }

package/src/server/agent-server.test.ts CHANGED Viewed

@@ -1,6 +1,14 @@
 import jwt from "jsonwebtoken";
 import { type SetupServerApi, setupServer } from "msw/node";
-import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import {
+  afterAll,
+  afterEach,
+  beforeAll,
+  beforeEach,
+  describe,
+  expect,
+  it,
+} from "vitest";
 import { createTestRepo, type TestRepo } from "../test/fixtures/api.js";
 import { createPostHogHandlers } from "../test/mocks/msw-handlers.js";
 import type { TaskRun } from "../types.js";
@@ -14,6 +22,38 @@ interface TestableServer {
   buildCloudSystemPrompt(prUrl?: string | null): string;
 }
+// The Claude Agent SDK has an internal readMessages() loop that rejects with
+// "Query closed before response received" during cleanup. The SDK starts this
+// promise in the constructor without a .catch() handler, so the rejection is
+// unhandled. We suppress it here to prevent vitest from failing the suite.
+type Listener = (...args: unknown[]) => void;
+const originalListeners: Listener[] = [];
+beforeAll(() => {
+  originalListeners.push(
+    ...process.rawListeners("unhandledRejection").map((l) => l as Listener),
+  );
+  process.removeAllListeners("unhandledRejection");
+  process.on("unhandledRejection", (reason: unknown) => {
+    if (
+      reason instanceof Error &&
+      reason.message === "Query closed before response received"
+    ) {
+      return;
+    }
+    for (const listener of originalListeners) {
+      listener(reason);
+    }
+  });
+});
+afterAll(() => {
+  process.removeAllListeners("unhandledRejection");
+  for (const listener of originalListeners) {
+    process.on("unhandledRejection", listener);
+  }
+});
 function createTestJwt(
   payload: JwtPayload,
   privateKey: string,

package/src/utils/common.ts CHANGED Viewed

@@ -28,7 +28,7 @@ export function unreachable(value: never, logger: Logger): void {
   try {
     valueAsString = JSON.stringify(value);
   } catch {
-    valueAsString = value;
+    valueAsString = String(value);
   }
   logger.error(`Unexpected case: ${valueAsString}`);
 }