@posthog/agent 2.3.351 → 2.3.354

package/dist/server/bin.cjs

@@ -8688,6 +8688,32 @@ async function getCurrentBranch(baseDir, options) {
     return branch === "HEAD" ? null : branch;
   }, { signal: options?.abortSignal });
 }
+async function listWorktrees(baseDir, options) {
+  const manager = getGitOperationManager();
+  return manager.executeRead(baseDir, async (git) => {
+    const output = await git.raw(["worktree", "list", "--porcelain"]);
+    const worktrees = [];
+    let current2 = {};
+    for (const line of output.split("\n")) {
+      if (line.startsWith("worktree ")) {
+        if (current2.path) {
+          worktrees.push(current2);
+        }
+        current2 = { path: line.slice(9), branch: null };
+      } else if (line.startsWith("HEAD ")) {
+        current2.head = line.slice(5);
+      } else if (line.startsWith("branch ")) {
+        current2.branch = line.slice(7).replace("refs/heads/", "");
+      } else if (line === "detached") {
+        current2.branch = null;
+      }
+    }
+    if (current2.path) {
+      worktrees.push(current2);
+    }
+    return worktrees;
+  }, { signal: options?.abortSignal });
+}
 async function getHeadSha(baseDir, options) {
   const manager = getGitOperationManager();
   return manager.executeRead(baseDir, (git) => git.revparse(["HEAD"]), {
@@ -8697,11 +8723,12 @@ async function getHeadSha(baseDir, options) {
 
 // src/server/agent-server.ts
 var import_hono = require("hono");
+var import_zod3 = require("zod");
 
 // package.json
 var package_default = {
   name: "@posthog/agent",
-  version: "2.3.351",
+  version: "2.3.354",
   repository: "https://github.com/PostHog/code",
   description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
   exports: {
@@ -13857,6 +13884,17 @@ async function handleSystemMessage(message, context) {
       break;
   }
 }
+function classifyAgentError(result) {
+  if (!result) return "agent_error";
+  const text2 = result.trim();
+  if (/API Error:\s*terminated\b/i.test(text2)) {
+    return "upstream_stream_terminated";
+  }
+  if (/API Error:\s*Connection error\b/i.test(text2)) {
+    return "upstream_connection_error";
+  }
+  return "agent_error";
+}
 function handleResultMessage(message) {
   const usage = extractUsageFromResult(message);
   switch (message.subtype) {
@@ -13872,9 +13910,13 @@ function handleResultMessage(message) {
         return { shouldStop: true, stopReason: "max_tokens", usage };
       }
       if (message.is_error) {
+        const classification = classifyAgentError(message.result);
         return {
           shouldStop: true,
-          error: import_sdk.RequestError.internalError(void 0, message.result),
+          error: import_sdk.RequestError.internalError(
+            { classification, result: message.result },
+            message.result
+          ),
           usage
         };
       }
@@ -14231,16 +14273,16 @@ function permissionOptions(allowAlwaysLabel) {
     }
   ];
 }
-function buildPermissionOptions(toolName, toolInput, cwd, suggestions) {
+function buildPermissionOptions(toolName, toolInput, repoRoot, suggestions) {
   if (BASH_TOOLS.has(toolName)) {
     const rawRuleContent = suggestions?.flatMap((s) => "rules" in s ? s.rules : []).find((r) => r.toolName === "Bash" && r.ruleContent)?.ruleContent;
     const ruleContent = rawRuleContent?.replace(/:?\*$/, "");
     const command = toolInput?.command;
     const cmdName = command?.split(/\s+/)[0] ?? "this command";
-    const cwdLabel = cwd ? ` in ${cwd}` : "";
+    const scopeLabel = repoRoot ? ` in ${repoRoot}` : "";
     const label = ruleContent ?? `\`${cmdName}\` commands`;
     return permissionOptions(
-      `Yes, and don't ask again for ${label}${cwdLabel}`
+      `Yes, and don't ask again for ${label}${scopeLabel}`
     );
   }
   if (toolName === "BashOutput") {
@@ -14526,7 +14568,7 @@ async function handleDefaultPermissionFlow(context) {
   const options = buildPermissionOptions(
     toolName,
     toolInput,
-    session?.cwd,
+    session.settingsManager.getRepoRoot(),
     suggestions
   );
   const response = await client.requestPermission({
@@ -14546,17 +14588,19 @@ async function handleDefaultPermissionFlow(context) {
   }
   if (response.outcome?.outcome === "selected" && (response.outcome.optionId === "allow" || response.outcome.optionId === "allow_always")) {
     if (response.outcome.optionId === "allow_always") {
+      const rules = extractAllowRules(suggestions, toolName);
+      try {
+        await session.settingsManager.addAllowRules(rules);
+      } catch (error) {
+        context.logger.warn(
+          "[canUseTool] Failed to persist allow rules to repository settings",
+          { error: error instanceof Error ? error.message : String(error) }
+        );
+      }
       return {
         behavior: "allow",
         updatedInput: toolInput,
-        updatedPermissions: suggestions ?? [
-          {
-            type: "addRules",
-            rules: [{ toolName }],
-            behavior: "allow",
-            destination: "localSettings"
-          }
-        ]
+        updatedPermissions: buildSessionPermissions(suggestions, rules)
       };
     }
     return {
@@ -14589,6 +14633,26 @@ function handlePlanFileException(context) {
     updatedInput: toolInput
   };
 }
+function extractAllowRules(suggestions, toolName) {
+  if (!suggestions || suggestions.length === 0) {
+    return [{ toolName }];
+  }
+  return suggestions.filter(
+    (update) => update.type === "addRules" && update.behavior === "allow"
+  ).flatMap((update) => "rules" in update ? update.rules : []);
+}
+function buildSessionPermissions(suggestions, rules) {
+  const passthrough = (suggestions ?? []).filter(
+    (update) => !(update.type === "addRules" && update.behavior === "allow")
+  ).map((update) => ({ ...update, destination: "session" }));
+  if (rules.length === 0) {
+    return passthrough;
+  }
+  return [
+    { type: "addRules", rules, behavior: "allow", destination: "session" },
+    ...passthrough
+  ];
+}
 function extractDomainFromUrl(url) {
   try {
     return new URL(url).hostname;
@@ -14991,6 +15055,47 @@ var fs7 = __toESM(require("fs"), 1);
 var os3 = __toESM(require("os"), 1);
 var path9 = __toESM(require("path"), 1);
 var import_minimatch = require("minimatch");
+
+// src/utils/async-mutex.ts
+var AsyncMutex = class {
+  locked = false;
+  queue = [];
+  async acquire() {
+    if (!this.locked) {
+      this.locked = true;
+      return;
+    }
+    return new Promise((resolve4) => {
+      this.queue.push(resolve4);
+    });
+  }
+  release() {
+    const next = this.queue.shift();
+    if (next) {
+      next();
+    } else {
+      this.locked = false;
+    }
+  }
+  isLocked() {
+    return this.locked;
+  }
+  get queueLength() {
+    return this.queue.length;
+  }
+};
+
+// src/adapters/claude/session/repo-path.ts
+async function resolveMainRepoPath(cwd) {
+  try {
+    const worktrees = await listWorktrees(cwd);
+    return worktrees[0]?.path ?? cwd;
+  } catch {
+    return cwd;
+  }
+}
+
+// src/adapters/claude/session/settings.ts
 var ACP_TOOL_NAME_PREFIX = "mcp__acp__";
 var acpToolNames = {
   read: `${ACP_TOOL_NAME_PREFIX}Read`,
@@ -15047,7 +15152,7 @@ function matchesGlob(pattern, filePath, cwd) {
   });
 }
 function matchesRule(rule, toolName, toolInput, cwd) {
-  const ruleAppliesToTool = rule.toolName === "Bash" && toolName === acpToolNames.bash || rule.toolName === "Edit" && FILE_EDITING_TOOLS.includes(toolName) || rule.toolName === "Read" && FILE_READING_TOOLS.includes(toolName);
+  const ruleAppliesToTool = rule.toolName === "Bash" && toolName === acpToolNames.bash || rule.toolName === "Edit" && FILE_EDITING_TOOLS.includes(toolName) || rule.toolName === "Read" && FILE_READING_TOOLS.includes(toolName) || rule.toolName === toolName && !rule.argument;
   if (!ruleAppliesToTool) {
     return false;
   }
@@ -15077,6 +15182,19 @@ function matchesRule(rule, toolName, toolInput, cwd) {
   }
   return matchesGlob(rule.argument, actualArg, cwd);
 }
+function formatRule(rule) {
+  return rule.ruleContent ? `${rule.toolName}(${rule.ruleContent})` : rule.toolName;
+}
+async function writeFileAtomic(filePath, data) {
+  const tmpPath = `${filePath}.${process.pid}.${Date.now()}.tmp`;
+  await fs7.promises.writeFile(tmpPath, data);
+  try {
+    await fs7.promises.rename(tmpPath, filePath);
+  } catch (error) {
+    await fs7.promises.rm(tmpPath, { force: true });
+    throw error;
+  }
+}
 async function loadSettingsFile(filePath) {
   if (!filePath) {
     return {};
@@ -15095,6 +15213,17 @@ async function loadSettingsFile(filePath) {
     return {};
   }
 }
+async function readSettingsFileForUpdate(filePath) {
+  try {
+    const content = await fs7.promises.readFile(filePath, "utf-8");
+    return JSON.parse(content);
+  } catch (error) {
+    if (error instanceof Error && "code" in error && error.code === "ENOENT") {
+      return {};
+    }
+    throw error;
+  }
+}
 function getManagedSettingsPath() {
   switch (process.platform) {
     case "darwin":
@@ -15109,6 +15238,7 @@ function getManagedSettingsPath() {
 }
 var SettingsManager = class {
   cwd;
+  repoRoot;
   userSettings = {};
   projectSettings = {};
   localSettings = {};
@@ -15116,8 +15246,10 @@ var SettingsManager = class {
   mergedSettings = {};
   initialized = false;
   initPromise = null;
+  writeMutex = new AsyncMutex();
   constructor(cwd) {
     this.cwd = cwd;
+    this.repoRoot = cwd;
   }
   async initialize() {
     if (this.initialized) return;
@@ -15135,10 +15267,16 @@ var SettingsManager = class {
   getProjectSettingsPath() {
     return path9.join(this.cwd, ".claude", "settings.json");
   }
+  /**
+   * Local settings are anchored to the primary worktree so every worktree of
+   * the same repository shares a single `.claude/settings.local.json`. This
+   * avoids re-prompting for the same permission in every worktree.
+   */
   getLocalSettingsPath() {
-    return path9.join(this.cwd, ".claude", "settings.local.json");
+    return path9.join(this.repoRoot, ".claude", "settings.local.json");
   }
   async loadAllSettings() {
+    this.repoRoot = await resolveMainRepoPath(this.cwd);
     const [userSettings, projectSettings, localSettings, enterpriseSettings] = await Promise.all([
       loadSettingsFile(this.getUserSettingsPath()),
       loadSettingsFile(this.getProjectSettingsPath()),
@@ -15195,9 +15333,6 @@ var SettingsManager = class {
     this.mergedSettings = merged;
   }
   checkPermission(toolName, toolInput) {
-    if (!toolName.startsWith(ACP_TOOL_NAME_PREFIX)) {
-      return { decision: "ask" };
-    }
     const permissions = this.mergedSettings.permissions;
     if (!permissions) {
       return { decision: "ask" };
@@ -15228,6 +15363,43 @@ var SettingsManager = class {
   getCwd() {
     return this.cwd;
   }
+  getRepoRoot() {
+    return this.repoRoot;
+  }
+  /**
+   * Persists allow rules to `<primary-worktree>/.claude/settings.local.json`.
+   * Because local settings are resolved against the primary worktree, every
+   * worktree of the same repository picks up the new rule on next load.
+   *
+   * Writes are serialised via `writeMutex` to prevent concurrent callers from
+   * clobbering each other, and use a temp-file + rename to keep the file
+   * consistent if the process dies mid-write.
+   */
+  async addAllowRules(rules) {
+    if (rules.length === 0) return;
+    if (!this.initialized) await this.initialize();
+    await this.writeMutex.acquire();
+    try {
+      const filePath = this.getLocalSettingsPath();
+      const existing = await readSettingsFileForUpdate(filePath);
+      const permissions = {
+        ...existing.permissions ?? {}
+      };
+      const current2 = new Set(permissions.allow ?? []);
+      for (const rule of rules) {
+        current2.add(formatRule(rule));
+      }
+      permissions.allow = Array.from(current2);
+      const next = { ...existing, permissions };
+      await fs7.promises.mkdir(path9.dirname(filePath), { recursive: true });
+      await writeFileAtomic(filePath, `${JSON.stringify(next, null, 2)}
+`);
+      this.localSettings = next;
+      this.mergeAllSettings();
+    } finally {
+      this.writeMutex.release();
+    }
+  }
   async setCwd(cwd) {
     if (this.cwd === cwd) return;
     if (this.initPromise) await this.initPromise;
@@ -18813,35 +18985,6 @@ var SessionLogWriter = class _SessionLogWriter {
   }
 };
 
-// src/utils/async-mutex.ts
-var AsyncMutex = class {
-  locked = false;
-  queue = [];
-  async acquire() {
-    if (!this.locked) {
-      this.locked = true;
-      return;
-    }
-    return new Promise((resolve4) => {
-      this.queue.push(resolve4);
-    });
-  }
-  release() {
-    const next = this.queue.shift();
-    if (next) {
-      next();
-    } else {
-      this.locked = false;
-    }
-  }
-  isLocked() {
-    return this.locked;
-  }
-  get queueLength() {
-    return this.queue.length;
-  }
-};
-
 // src/server/cloud-prompt.ts
 function normalizeCloudPromptContent(content) {
   if (typeof content === "string") {
@@ -18987,6 +19130,14 @@ function validateCommandParams(method, params) {
 }
 
 // src/server/agent-server.ts
+var agentErrorClassificationSchema = import_zod3.z.enum([
+  "upstream_stream_terminated",
+  "upstream_connection_error",
+  "agent_error"
+]);
+var errorWithClassificationSchema = import_zod3.z.object({
+  data: import_zod3.z.object({ classification: agentErrorClassificationSchema })
+});
 var NdJsonTap = class {
   constructor(onMessage) {
     this.onMessage = onMessage;
@@ -19689,6 +19840,23 @@ var AgentServer = class _AgentServer {
     );
     await this.sendInitialTaskMessage(payload, preTaskRun);
   }
+  extractErrorClassification(error) {
+    const message = error instanceof Error ? error.message : String(error ?? "");
+    const parsed = errorWithClassificationSchema.safeParse(error);
+    if (parsed.success) {
+      return { classification: parsed.data.data.classification, message };
+    }
+    return { classification: classifyAgentError(message), message };
+  }
+  classifyAndSignalFailure(payload, phase, error) {
+    const { classification, message } = this.extractErrorClassification(error);
+    const errorMessage = classification === "upstream_stream_terminated" ? "Upstream LLM stream terminated" : classification === "upstream_connection_error" ? "Upstream LLM connection error" : message || "Agent error";
+    this.logger.error(`send_${phase}_task_message_failed`, {
+      classification,
+      message
+    });
+    return this.signalTaskComplete(payload, "error", errorMessage);
+  }
   async sendInitialTaskMessage(payload, prefetchedRun) {
     if (!this.session) return;
     let taskRun = prefetchedRun ?? null;
@@ -19781,7 +19949,7 @@ var AgentServer = class _AgentServer {
       if (this.session) {
         await this.session.logWriter.flushAll();
       }
-      await this.signalTaskComplete(payload, "error");
+      await this.classifyAndSignalFailure(payload, "initial", error);
     }
   }
   async sendResumeMessage(payload, taskRun) {
@@ -19855,7 +20023,7 @@ Continue from where you left off. The user is waiting for your response.`
       if (this.session) {
         await this.session.logWriter.flushAll();
       }
-      await this.signalTaskComplete(payload, "error");
+      await this.classifyAndSignalFailure(payload, "resume", error);
     }
   }
   static RESUME_HISTORY_TOKEN_BUDGET = 5e4;
@@ -20213,7 +20381,7 @@ ${attributionInstructions}
       });
     }
   }
-  async signalTaskComplete(payload, stopReason) {
+  async signalTaskComplete(payload, stopReason, errorMessage) {
     if (this.session?.payload.run_id === payload.run_id) {
       try {
         await this.session.logWriter.flush(payload.run_id, {
@@ -20237,7 +20405,7 @@ ${attributionInstructions}
     try {
       await this.posthogAPI.updateTaskRun(payload.task_id, payload.run_id, {
         status,
-        error_message: stopReason === "error" ? "Agent error" : void 0
+        error_message: errorMessage ?? "Agent error"
       });
       this.logger.info("Task completion signaled", { status, stopReason });
     } catch (error) {