@posthog/agent 2.3.281 → 2.3.282

package/dist/server/bin.cjs

@@ -5805,7 +5805,7 @@ var import_hono = require("hono");
 // package.json
 var package_default = {
   name: "@posthog/agent",
-  version: "2.3.281",
+  version: "2.3.282",
   repository: "https://github.com/PostHog/code",
   description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
   exports: {
@@ -7926,9 +7926,16 @@ var CODE_EXECUTION_MODES = [
   // "dontAsk",
   "bypassPermissions"
 ];
+function isCodeExecutionMode(mode) {
+  return CODE_EXECUTION_MODES.includes(mode);
+}
 function getAvailableModes() {
   return IS_ROOT ? availableModes.filter((m) => m.id !== "bypassPermissions") : availableModes;
 }
+var CODEX_NATIVE_MODES = ["auto", "read-only", "full-access"];
+function isCodexNativeMode(mode) {
+  return CODEX_NATIVE_MODES.includes(mode);
+}
 var codexModes = [
   {
     id: "read-only",
@@ -9891,10 +9898,24 @@ var AUTO_APPROVED_KINDS = {
     "fetch",
     "switch_mode",
     "other"
+  ]),
+  auto: /* @__PURE__ */ new Set(["read", "search", "fetch", "think"]),
+  "read-only": /* @__PURE__ */ new Set(["read", "search", "fetch", "think"]),
+  "full-access": /* @__PURE__ */ new Set([
+    "read",
+    "edit",
+    "delete",
+    "move",
+    "search",
+    "execute",
+    "think",
+    "fetch",
+    "switch_mode",
+    "other"
   ])
 };
 function shouldAutoApprove(mode, kind) {
-  if (mode === "bypassPermissions") return true;
+  if (mode === "bypassPermissions" || mode === "full-access") return true;
   if (!kind) return false;
   return AUTO_APPROVED_KINDS[mode]?.has(kind) ?? false;
 }
@@ -10001,7 +10022,7 @@ function createSessionState(sessionId, cwd, opts) {
   return {
     sessionId,
     cwd,
-    modeId: opts?.modeId ?? "default",
+    modeId: opts?.modeId ?? "auto",
     modelId: opts?.modelId,
     configOptions: [],
     accumulatedUsage: {
@@ -10010,7 +10031,7 @@ function createSessionState(sessionId, cwd, opts) {
       cachedReadTokens: 0,
       cachedWriteTokens: 0
     },
-    permissionMode: opts?.permissionMode ?? "default",
+    permissionMode: opts?.permissionMode ?? "auto",
     taskRunId: opts?.taskRunId,
     taskId: opts?.taskId
   };
@@ -10205,18 +10226,33 @@ function spawnCodexProcess(options) {
 }
 
 // src/adapters/codex/codex-agent.ts
-function toCodeExecutionMode(mode) {
-  if (mode && CODE_EXECUTION_MODES.includes(mode)) {
+function toCodexPermissionMode(mode) {
+  if (mode && (isCodexNativeMode(mode) || isCodeExecutionMode(mode))) {
     return mode;
   }
-  return "default";
+  return "auto";
 }
 var CODEX_NATIVE_MODE = {
-  default: "default",
-  acceptEdits: "default",
-  plan: "plan",
-  bypassPermissions: "default"
+  default: "auto",
+  acceptEdits: "auto",
+  plan: "read-only",
+  bypassPermissions: "full-access"
 };
+function toCodexNativeMode(mode) {
+  if (mode && isCodexNativeMode(mode)) {
+    return mode;
+  }
+  if (mode && isCodeExecutionMode(mode)) {
+    return CODEX_NATIVE_MODE[mode];
+  }
+  return "auto";
+}
+function getCurrentPermissionMode(currentModeId, fallbackMode) {
+  if (currentModeId && isCodexNativeMode(currentModeId)) {
+    return currentModeId;
+  }
+  return toCodexPermissionMode(fallbackMode);
+}
 var CodexAcpAgent = class extends BaseAcpAgent {
   adapterName = "codex";
   codexProcess;
@@ -10276,16 +10312,22 @@ var CodexAcpAgent = class extends BaseAcpAgent {
   }
   async newSession(params) {
     const meta = params._meta;
+    const requestedPermissionMode = toCodexPermissionMode(meta?.permissionMode);
     const response = await this.codexConnection.newSession(params);
     this.sessionState = createSessionState(response.sessionId, params.cwd, {
       taskRunId: meta?.taskRunId,
       taskId: meta?.taskId ?? meta?.persistence?.taskId,
-      modeId: response.modes?.currentModeId ?? "default",
+      modeId: response.modes?.currentModeId ?? "auto",
       modelId: response.models?.currentModelId,
-      permissionMode: toCodeExecutionMode(meta?.permissionMode)
+      permissionMode: requestedPermissionMode
     });
     this.sessionId = response.sessionId;
     this.sessionState.configOptions = response.configOptions ?? [];
+    await this.applyInitialPermissionMode(
+      response.sessionId,
+      meta?.permissionMode,
+      response.modes?.currentModeId
+    );
     if (meta?.taskRunId) {
       await this.client.extNotification(POSTHOG_NOTIFICATIONS.SDK_SESSION, {
         taskRunId: meta.taskRunId,
@@ -10302,8 +10344,13 @@ var CodexAcpAgent = class extends BaseAcpAgent {
   async loadSession(params) {
     const response = await this.codexConnection.loadSession(params);
     const meta = params._meta;
+    const currentPermissionMode = getCurrentPermissionMode(
+      response.modes?.currentModeId,
+      meta?.permissionMode
+    );
     this.sessionState = createSessionState(params.sessionId, params.cwd, {
-      permissionMode: toCodeExecutionMode(meta?.permissionMode)
+      modeId: response.modes?.currentModeId ?? "auto",
+      permissionMode: currentPermissionMode
     });
     this.sessionId = params.sessionId;
     this.sessionState.configOptions = response.configOptions ?? [];
@@ -10316,10 +10363,15 @@ var CodexAcpAgent = class extends BaseAcpAgent {
       mcpServers: params.mcpServers ?? []
     });
     const meta = params._meta;
+    const currentPermissionMode = getCurrentPermissionMode(
+      loadResponse.modes?.currentModeId,
+      meta?.permissionMode
+    );
     this.sessionState = createSessionState(params.sessionId, params.cwd, {
       taskRunId: meta?.taskRunId,
       taskId: meta?.taskId ?? meta?.persistence?.taskId,
-      permissionMode: toCodeExecutionMode(meta?.permissionMode)
+      modeId: loadResponse.modes?.currentModeId ?? "auto",
+      permissionMode: currentPermissionMode
     });
     this.sessionId = params.sessionId;
     this.sessionState.configOptions = loadResponse.configOptions ?? [];
@@ -10343,15 +10395,39 @@ var CodexAcpAgent = class extends BaseAcpAgent {
       _meta: params._meta
     });
     const meta = params._meta;
+    const requestedPermissionMode = toCodexPermissionMode(meta?.permissionMode);
     this.sessionState = createSessionState(newResponse.sessionId, params.cwd, {
       taskRunId: meta?.taskRunId,
       taskId: meta?.taskId ?? meta?.persistence?.taskId,
-      permissionMode: toCodeExecutionMode(meta?.permissionMode)
+      modeId: newResponse.modes?.currentModeId ?? "auto",
+      permissionMode: requestedPermissionMode
     });
     this.sessionId = newResponse.sessionId;
     this.sessionState.configOptions = newResponse.configOptions ?? [];
+    await this.applyInitialPermissionMode(
+      newResponse.sessionId,
+      meta?.permissionMode,
+      newResponse.modes?.currentModeId
+    );
     return newResponse;
   }
+  async applyInitialPermissionMode(sessionId, permissionMode, currentModeId) {
+    if (!permissionMode) {
+      return;
+    }
+    const nativeMode = toCodexNativeMode(permissionMode);
+    if (nativeMode === currentModeId) {
+      this.sessionState.modeId = nativeMode;
+      this.sessionState.permissionMode = toCodexPermissionMode(permissionMode);
+      return;
+    }
+    await this.codexConnection.setSessionMode({
+      sessionId,
+      modeId: nativeMode
+    });
+    this.sessionState.modeId = nativeMode;
+    this.sessionState.permissionMode = toCodexPermissionMode(permissionMode);
+  }
   async listSessions(params) {
     return this.codexConnection.listSessions(params);
   }
@@ -10397,8 +10473,8 @@ var CodexAcpAgent = class extends BaseAcpAgent {
     });
   }
   async setSessionMode(params) {
-    const requestedMode = toCodeExecutionMode(params.modeId);
-    const nativeMode = CODEX_NATIVE_MODE[requestedMode];
+    const requestedMode = toCodexPermissionMode(params.modeId);
+    const nativeMode = toCodexNativeMode(params.modeId);
     const response = await this.codexConnection.setSessionMode({
       ...params,
       modeId: nativeMode
@@ -12445,7 +12521,13 @@ var AgentServer = class _AgentServer {
     return payload.mode ?? this.config.mode;
   }
   getSessionPermissionMode() {
-    return this.session?.permissionMode ?? "default";
+    if (this.session?.permissionMode) {
+      return this.session.permissionMode;
+    }
+    return this.getRuntimeAdapter() === "codex" ? "auto" : "default";
+  }
+  shouldRelayPermissionToClient(mode) {
+    return mode === "default" || mode === "auto";
   }
   createApp() {
     const app = new import_hono.Hono();
@@ -12900,7 +12982,7 @@ var AgentServer = class _AgentServer {
       clientCapabilities: {}
     });
     const runState = preTaskRun?.state;
-    const initialPermissionMode = typeof runState?.initial_permission_mode === "string" ? runState.initial_permission_mode : "bypassPermissions";
+    const initialPermissionMode = typeof runState?.initial_permission_mode === "string" ? runState.initial_permission_mode : runtimeAdapter === "codex" ? "auto" : "bypassPermissions";
     const sessionResponse = await clientConnection.newSession({
       cwd: this.config.repositoryPath ?? "/tmp/workspace",
       mcpServers: this.config.mcpServers ?? [],
@@ -13469,7 +13551,7 @@ ${attributionInstructions}
         {
           const isQuestion = codeToolKind === "question";
           const sessionPermissionMode = this.getSessionPermissionMode();
-          const needsRelay = isQuestion || isPlanApproval || sessionPermissionMode === "default";
+          const needsRelay = isQuestion || isPlanApproval || this.shouldRelayPermissionToClient(sessionPermissionMode);
           if (needsRelay && this.session?.hasDesktopConnected) {
             this.logger.info("Relaying permission to connected client", {
               kind: params.toolCall?.kind,