@posthog/agent 2.3.388 → 2.3.398
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/claude/conversion/tool-use-to-acp.js.map +1 -1
- package/dist/adapters/claude/mcp/tool-metadata.d.ts +24 -0
- package/dist/adapters/claude/mcp/tool-metadata.js +165 -0
- package/dist/adapters/claude/mcp/tool-metadata.js.map +1 -0
- package/dist/adapters/claude/tools.js.map +1 -1
- package/dist/agent.js +113 -3
- package/dist/agent.js.map +1 -1
- package/dist/index.d.ts +7 -9
- package/dist/index.js.map +1 -1
- package/dist/posthog-api.js +5 -1
- package/dist/posthog-api.js.map +1 -1
- package/dist/server/agent-server.js +113 -3
- package/dist/server/agent-server.js.map +1 -1
- package/dist/server/bin.cjs +113 -3
- package/dist/server/bin.cjs.map +1 -1
- package/package.json +6 -2
- package/src/adapters/claude/claude-agent.ts +5 -0
- package/src/adapters/claude/mcp/tool-metadata.test.ts +93 -0
- package/src/adapters/claude/mcp/tool-metadata.ts +33 -0
- package/src/adapters/claude/permissions/permission-handlers.test.ts +165 -0
- package/src/adapters/claude/permissions/permission-handlers.ts +105 -0
- package/src/adapters/claude/session/instructions.ts +9 -1
- package/src/adapters/claude/types.ts +2 -0
package/dist/agent.js
CHANGED
|
@@ -4030,7 +4030,7 @@ import { v7 as uuidv7 } from "uuid";
|
|
|
4030
4030
|
// package.json
|
|
4031
4031
|
var package_default = {
|
|
4032
4032
|
name: "@posthog/agent",
|
|
4033
|
-
version: "2.3.
|
|
4033
|
+
version: "2.3.398",
|
|
4034
4034
|
repository: "https://github.com/PostHog/code",
|
|
4035
4035
|
description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
|
|
4036
4036
|
exports: {
|
|
@@ -4082,6 +4082,10 @@ var package_default = {
|
|
|
4082
4082
|
types: "./dist/adapters/reasoning-effort.d.ts",
|
|
4083
4083
|
import: "./dist/adapters/reasoning-effort.js"
|
|
4084
4084
|
},
|
|
4085
|
+
"./adapters/claude/mcp/tool-metadata": {
|
|
4086
|
+
types: "./dist/adapters/claude/mcp/tool-metadata.d.ts",
|
|
4087
|
+
import: "./dist/adapters/claude/mcp/tool-metadata.js"
|
|
4088
|
+
},
|
|
4085
4089
|
"./execution-mode": {
|
|
4086
4090
|
types: "./dist/execution-mode.d.ts",
|
|
4087
4091
|
import: "./dist/execution-mode.js"
|
|
@@ -8868,10 +8872,12 @@ async function fetchMcpToolMetadata(q, logger = new Logger({ debug: false, prefi
|
|
|
8868
8872
|
for (const tool of server.tools) {
|
|
8869
8873
|
const toolKey = buildToolKey(server.name, tool.name);
|
|
8870
8874
|
const readOnly = tool.annotations?.readOnly === true;
|
|
8875
|
+
const existing = mcpToolMetadataCache.get(toolKey);
|
|
8871
8876
|
mcpToolMetadataCache.set(toolKey, {
|
|
8872
8877
|
readOnly,
|
|
8873
8878
|
name: tool.name,
|
|
8874
|
-
description: tool.description
|
|
8879
|
+
description: tool.description,
|
|
8880
|
+
approvalState: existing?.approvalState
|
|
8875
8881
|
});
|
|
8876
8882
|
if (readOnly) readOnlyCount++;
|
|
8877
8883
|
}
|
|
@@ -8913,6 +8919,23 @@ function getConnectedMcpServerNames() {
|
|
|
8913
8919
|
}
|
|
8914
8920
|
return [...names];
|
|
8915
8921
|
}
|
|
8922
|
+
function getMcpToolApprovalState(toolName) {
|
|
8923
|
+
return mcpToolMetadataCache.get(toolName)?.approvalState;
|
|
8924
|
+
}
|
|
8925
|
+
function setMcpToolApprovalStates(approvals) {
|
|
8926
|
+
for (const [toolKey, approvalState] of Object.entries(approvals)) {
|
|
8927
|
+
const existing = mcpToolMetadataCache.get(toolKey);
|
|
8928
|
+
if (existing) {
|
|
8929
|
+
existing.approvalState = approvalState;
|
|
8930
|
+
} else {
|
|
8931
|
+
mcpToolMetadataCache.set(toolKey, {
|
|
8932
|
+
readOnly: false,
|
|
8933
|
+
name: toolKey,
|
|
8934
|
+
approvalState
|
|
8935
|
+
});
|
|
8936
|
+
}
|
|
8937
|
+
}
|
|
8938
|
+
}
|
|
8916
8939
|
|
|
8917
8940
|
// src/adapters/claude/conversion/tool-use-to-acp.ts
|
|
8918
8941
|
var SYSTEM_REMINDER_REGEX = /\s*<system-reminder>[\s\S]*?<\/system-reminder>/g;
|
|
@@ -10608,6 +10631,72 @@ async function handleDefaultPermissionFlow(context) {
|
|
|
10608
10631
|
return { behavior: "deny", message, interrupt: !feedback };
|
|
10609
10632
|
}
|
|
10610
10633
|
}
|
|
10634
|
+
function parseMcpToolName(toolName) {
|
|
10635
|
+
const parts2 = toolName.split("__");
|
|
10636
|
+
return {
|
|
10637
|
+
serverName: parts2[1] ?? toolName,
|
|
10638
|
+
tool: parts2.slice(2).join("__") || toolName
|
|
10639
|
+
};
|
|
10640
|
+
}
|
|
10641
|
+
async function handleMcpApprovalFlow(context) {
|
|
10642
|
+
const { toolName, toolInput, toolUseID, client, sessionId } = context;
|
|
10643
|
+
const { serverName, tool: displayTool } = parseMcpToolName(toolName);
|
|
10644
|
+
const metadata2 = getMcpToolMetadata(toolName);
|
|
10645
|
+
const description = metadata2?.description ? `
|
|
10646
|
+
|
|
10647
|
+
${metadata2.description}` : "";
|
|
10648
|
+
const response = await client.requestPermission({
|
|
10649
|
+
options: [
|
|
10650
|
+
{ kind: "allow_once", name: "Yes", optionId: "allow" },
|
|
10651
|
+
{
|
|
10652
|
+
kind: "allow_always",
|
|
10653
|
+
name: "Yes, always allow",
|
|
10654
|
+
optionId: "allow_always"
|
|
10655
|
+
},
|
|
10656
|
+
{
|
|
10657
|
+
kind: "reject_once",
|
|
10658
|
+
name: "Type here to tell the agent what to do differently",
|
|
10659
|
+
optionId: "reject",
|
|
10660
|
+
_meta: { customInput: true }
|
|
10661
|
+
}
|
|
10662
|
+
],
|
|
10663
|
+
sessionId,
|
|
10664
|
+
toolCall: {
|
|
10665
|
+
toolCallId: toolUseID,
|
|
10666
|
+
title: `The agent wants to call ${displayTool} (${serverName})`,
|
|
10667
|
+
kind: "other",
|
|
10668
|
+
content: description ? [{ type: "content", content: text(description) }] : [],
|
|
10669
|
+
rawInput: { ...toolInput, toolName }
|
|
10670
|
+
}
|
|
10671
|
+
});
|
|
10672
|
+
if (context.signal?.aborted || response.outcome?.outcome === "cancelled") {
|
|
10673
|
+
throw new Error("Tool use aborted");
|
|
10674
|
+
}
|
|
10675
|
+
if (response.outcome?.outcome === "selected" && (response.outcome.optionId === "allow" || response.outcome.optionId === "allow_always")) {
|
|
10676
|
+
if (response.outcome.optionId === "allow_always") {
|
|
10677
|
+
return {
|
|
10678
|
+
behavior: "allow",
|
|
10679
|
+
updatedInput: toolInput,
|
|
10680
|
+
updatedPermissions: [
|
|
10681
|
+
{
|
|
10682
|
+
type: "addRules",
|
|
10683
|
+
rules: [{ toolName }],
|
|
10684
|
+
behavior: "allow",
|
|
10685
|
+
destination: "localSettings"
|
|
10686
|
+
}
|
|
10687
|
+
]
|
|
10688
|
+
};
|
|
10689
|
+
}
|
|
10690
|
+
return {
|
|
10691
|
+
behavior: "allow",
|
|
10692
|
+
updatedInput: toolInput
|
|
10693
|
+
};
|
|
10694
|
+
}
|
|
10695
|
+
const feedback = response._meta?.customInput?.trim();
|
|
10696
|
+
const message = feedback ? `User refused permission to run tool with feedback: ${feedback}` : "User refused permission to run tool";
|
|
10697
|
+
await emitToolDenial(context, message);
|
|
10698
|
+
return { behavior: "deny", message, interrupt: !feedback };
|
|
10699
|
+
}
|
|
10611
10700
|
function handlePlanFileException(context) {
|
|
10612
10701
|
const { session, toolName, toolInput } = context;
|
|
10613
10702
|
if (session.permissionMode !== "plan" || !WRITE_TOOLS.has(toolName)) {
|
|
@@ -10678,6 +10767,17 @@ async function canUseTool(context) {
|
|
|
10678
10767
|
}
|
|
10679
10768
|
}
|
|
10680
10769
|
}
|
|
10770
|
+
if (toolName.startsWith("mcp__")) {
|
|
10771
|
+
const approvalState = getMcpToolApprovalState(toolName);
|
|
10772
|
+
if (approvalState === "do_not_use") {
|
|
10773
|
+
const message = "This tool has been blocked. To re-enable it, go to Settings > MCP Servers in PostHog Code.";
|
|
10774
|
+
await emitToolDenial(context, message);
|
|
10775
|
+
return { behavior: "deny", message, interrupt: false };
|
|
10776
|
+
}
|
|
10777
|
+
if (approvalState === "needs_approval") {
|
|
10778
|
+
return handleMcpApprovalFlow(context);
|
|
10779
|
+
}
|
|
10780
|
+
}
|
|
10681
10781
|
if (isToolAllowedForMode(toolName, session.permissionMode)) {
|
|
10682
10782
|
return {
|
|
10683
10783
|
behavior: "allow",
|
|
@@ -10890,7 +10990,14 @@ Only enter plan mode (EnterPlanMode) when the user is requesting a significant c
|
|
|
10890
10990
|
|
|
10891
10991
|
When in doubt, continue executing and incorporate the feedback inline.
|
|
10892
10992
|
`;
|
|
10893
|
-
var
|
|
10993
|
+
var MCP_TOOLS = `
|
|
10994
|
+
# MCP Tool Access
|
|
10995
|
+
|
|
10996
|
+
If an MCP tool call is explicitly denied with a message, relay that denial message to the user exactly as given. Do NOT suggest checking "Claude Code settings."
|
|
10997
|
+
|
|
10998
|
+
If an MCP tool call returns an error, treat it as a normal tool error \u2014 troubleshoot, retry, or inform the user about the specific error. Do NOT assume it is a permissions issue and do NOT direct the user to any settings page.
|
|
10999
|
+
`;
|
|
11000
|
+
var APPENDED_INSTRUCTIONS = BRANCH_NAMING + PLAN_MODE + MCP_TOOLS;
|
|
10894
11001
|
|
|
10895
11002
|
// src/adapters/claude/session/options.ts
|
|
10896
11003
|
function buildSystemPrompt(customPrompt) {
|
|
@@ -17010,6 +17117,9 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
17010
17117
|
const earlyModelId = settingsManager.getSettings().model || meta?.model || "";
|
|
17011
17118
|
const mcpServers = supportsMcpInjection(earlyModelId) ? parseMcpServers(params) : {};
|
|
17012
17119
|
const systemPrompt = buildSystemPrompt(meta?.systemPrompt);
|
|
17120
|
+
if (meta?.mcpToolApprovals) {
|
|
17121
|
+
setMcpToolApprovalStates(meta.mcpToolApprovals);
|
|
17122
|
+
}
|
|
17013
17123
|
const outputFormat = meta?.jsonSchema && this.options?.onStructuredOutput ? { type: "json_schema", schema: meta.jsonSchema } : void 0;
|
|
17014
17124
|
this.logger.debug(isResume ? "Resuming session" : "Creating new session", {
|
|
17015
17125
|
sessionId,
|