@posthog/agent 2.3.388 → 2.3.398
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/claude/conversion/tool-use-to-acp.js.map +1 -1
- package/dist/adapters/claude/mcp/tool-metadata.d.ts +24 -0
- package/dist/adapters/claude/mcp/tool-metadata.js +165 -0
- package/dist/adapters/claude/mcp/tool-metadata.js.map +1 -0
- package/dist/adapters/claude/tools.js.map +1 -1
- package/dist/agent.js +113 -3
- package/dist/agent.js.map +1 -1
- package/dist/index.d.ts +7 -9
- package/dist/index.js.map +1 -1
- package/dist/posthog-api.js +5 -1
- package/dist/posthog-api.js.map +1 -1
- package/dist/server/agent-server.js +113 -3
- package/dist/server/agent-server.js.map +1 -1
- package/dist/server/bin.cjs +113 -3
- package/dist/server/bin.cjs.map +1 -1
- package/package.json +6 -2
- package/src/adapters/claude/claude-agent.ts +5 -0
- package/src/adapters/claude/mcp/tool-metadata.test.ts +93 -0
- package/src/adapters/claude/mcp/tool-metadata.ts +33 -0
- package/src/adapters/claude/permissions/permission-handlers.test.ts +165 -0
- package/src/adapters/claude/permissions/permission-handlers.ts +105 -0
- package/src/adapters/claude/session/instructions.ts +9 -1
- package/src/adapters/claude/types.ts +2 -0
package/dist/server/bin.cjs
CHANGED
|
@@ -8729,7 +8729,7 @@ var import_zod3 = require("zod");
|
|
|
8729
8729
|
// package.json
|
|
8730
8730
|
var package_default = {
|
|
8731
8731
|
name: "@posthog/agent",
|
|
8732
|
-
version: "2.3.
|
|
8732
|
+
version: "2.3.398",
|
|
8733
8733
|
repository: "https://github.com/PostHog/code",
|
|
8734
8734
|
description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
|
|
8735
8735
|
exports: {
|
|
@@ -8781,6 +8781,10 @@ var package_default = {
|
|
|
8781
8781
|
types: "./dist/adapters/reasoning-effort.d.ts",
|
|
8782
8782
|
import: "./dist/adapters/reasoning-effort.js"
|
|
8783
8783
|
},
|
|
8784
|
+
"./adapters/claude/mcp/tool-metadata": {
|
|
8785
|
+
types: "./dist/adapters/claude/mcp/tool-metadata.d.ts",
|
|
8786
|
+
import: "./dist/adapters/claude/mcp/tool-metadata.js"
|
|
8787
|
+
},
|
|
8784
8788
|
"./execution-mode": {
|
|
8785
8789
|
types: "./dist/execution-mode.d.ts",
|
|
8786
8790
|
import: "./dist/execution-mode.js"
|
|
@@ -13776,10 +13780,12 @@ async function fetchMcpToolMetadata(q, logger = new Logger({ debug: false, prefi
|
|
|
13776
13780
|
for (const tool of server.tools) {
|
|
13777
13781
|
const toolKey = buildToolKey(server.name, tool.name);
|
|
13778
13782
|
const readOnly = tool.annotations?.readOnly === true;
|
|
13783
|
+
const existing = mcpToolMetadataCache.get(toolKey);
|
|
13779
13784
|
mcpToolMetadataCache.set(toolKey, {
|
|
13780
13785
|
readOnly,
|
|
13781
13786
|
name: tool.name,
|
|
13782
|
-
description: tool.description
|
|
13787
|
+
description: tool.description,
|
|
13788
|
+
approvalState: existing?.approvalState
|
|
13783
13789
|
});
|
|
13784
13790
|
if (readOnly) readOnlyCount++;
|
|
13785
13791
|
}
|
|
@@ -13821,6 +13827,23 @@ function getConnectedMcpServerNames() {
|
|
|
13821
13827
|
}
|
|
13822
13828
|
return [...names];
|
|
13823
13829
|
}
|
|
13830
|
+
function getMcpToolApprovalState(toolName) {
|
|
13831
|
+
return mcpToolMetadataCache.get(toolName)?.approvalState;
|
|
13832
|
+
}
|
|
13833
|
+
function setMcpToolApprovalStates(approvals) {
|
|
13834
|
+
for (const [toolKey, approvalState] of Object.entries(approvals)) {
|
|
13835
|
+
const existing = mcpToolMetadataCache.get(toolKey);
|
|
13836
|
+
if (existing) {
|
|
13837
|
+
existing.approvalState = approvalState;
|
|
13838
|
+
} else {
|
|
13839
|
+
mcpToolMetadataCache.set(toolKey, {
|
|
13840
|
+
readOnly: false,
|
|
13841
|
+
name: toolKey,
|
|
13842
|
+
approvalState
|
|
13843
|
+
});
|
|
13844
|
+
}
|
|
13845
|
+
}
|
|
13846
|
+
}
|
|
13824
13847
|
|
|
13825
13848
|
// src/adapters/claude/conversion/tool-use-to-acp.ts
|
|
13826
13849
|
var SYSTEM_REMINDER_REGEX = /\s*<system-reminder>[\s\S]*?<\/system-reminder>/g;
|
|
@@ -15516,6 +15539,72 @@ async function handleDefaultPermissionFlow(context) {
|
|
|
15516
15539
|
return { behavior: "deny", message, interrupt: !feedback };
|
|
15517
15540
|
}
|
|
15518
15541
|
}
|
|
15542
|
+
function parseMcpToolName(toolName) {
|
|
15543
|
+
const parts2 = toolName.split("__");
|
|
15544
|
+
return {
|
|
15545
|
+
serverName: parts2[1] ?? toolName,
|
|
15546
|
+
tool: parts2.slice(2).join("__") || toolName
|
|
15547
|
+
};
|
|
15548
|
+
}
|
|
15549
|
+
async function handleMcpApprovalFlow(context) {
|
|
15550
|
+
const { toolName, toolInput, toolUseID, client, sessionId } = context;
|
|
15551
|
+
const { serverName, tool: displayTool } = parseMcpToolName(toolName);
|
|
15552
|
+
const metadata2 = getMcpToolMetadata(toolName);
|
|
15553
|
+
const description = metadata2?.description ? `
|
|
15554
|
+
|
|
15555
|
+
${metadata2.description}` : "";
|
|
15556
|
+
const response = await client.requestPermission({
|
|
15557
|
+
options: [
|
|
15558
|
+
{ kind: "allow_once", name: "Yes", optionId: "allow" },
|
|
15559
|
+
{
|
|
15560
|
+
kind: "allow_always",
|
|
15561
|
+
name: "Yes, always allow",
|
|
15562
|
+
optionId: "allow_always"
|
|
15563
|
+
},
|
|
15564
|
+
{
|
|
15565
|
+
kind: "reject_once",
|
|
15566
|
+
name: "Type here to tell the agent what to do differently",
|
|
15567
|
+
optionId: "reject",
|
|
15568
|
+
_meta: { customInput: true }
|
|
15569
|
+
}
|
|
15570
|
+
],
|
|
15571
|
+
sessionId,
|
|
15572
|
+
toolCall: {
|
|
15573
|
+
toolCallId: toolUseID,
|
|
15574
|
+
title: `The agent wants to call ${displayTool} (${serverName})`,
|
|
15575
|
+
kind: "other",
|
|
15576
|
+
content: description ? [{ type: "content", content: text(description) }] : [],
|
|
15577
|
+
rawInput: { ...toolInput, toolName }
|
|
15578
|
+
}
|
|
15579
|
+
});
|
|
15580
|
+
if (context.signal?.aborted || response.outcome?.outcome === "cancelled") {
|
|
15581
|
+
throw new Error("Tool use aborted");
|
|
15582
|
+
}
|
|
15583
|
+
if (response.outcome?.outcome === "selected" && (response.outcome.optionId === "allow" || response.outcome.optionId === "allow_always")) {
|
|
15584
|
+
if (response.outcome.optionId === "allow_always") {
|
|
15585
|
+
return {
|
|
15586
|
+
behavior: "allow",
|
|
15587
|
+
updatedInput: toolInput,
|
|
15588
|
+
updatedPermissions: [
|
|
15589
|
+
{
|
|
15590
|
+
type: "addRules",
|
|
15591
|
+
rules: [{ toolName }],
|
|
15592
|
+
behavior: "allow",
|
|
15593
|
+
destination: "localSettings"
|
|
15594
|
+
}
|
|
15595
|
+
]
|
|
15596
|
+
};
|
|
15597
|
+
}
|
|
15598
|
+
return {
|
|
15599
|
+
behavior: "allow",
|
|
15600
|
+
updatedInput: toolInput
|
|
15601
|
+
};
|
|
15602
|
+
}
|
|
15603
|
+
const feedback = response._meta?.customInput?.trim();
|
|
15604
|
+
const message = feedback ? `User refused permission to run tool with feedback: ${feedback}` : "User refused permission to run tool";
|
|
15605
|
+
await emitToolDenial(context, message);
|
|
15606
|
+
return { behavior: "deny", message, interrupt: !feedback };
|
|
15607
|
+
}
|
|
15519
15608
|
function handlePlanFileException(context) {
|
|
15520
15609
|
const { session, toolName, toolInput } = context;
|
|
15521
15610
|
if (session.permissionMode !== "plan" || !WRITE_TOOLS.has(toolName)) {
|
|
@@ -15586,6 +15675,17 @@ async function canUseTool(context) {
|
|
|
15586
15675
|
}
|
|
15587
15676
|
}
|
|
15588
15677
|
}
|
|
15678
|
+
if (toolName.startsWith("mcp__")) {
|
|
15679
|
+
const approvalState = getMcpToolApprovalState(toolName);
|
|
15680
|
+
if (approvalState === "do_not_use") {
|
|
15681
|
+
const message = "This tool has been blocked. To re-enable it, go to Settings > MCP Servers in PostHog Code.";
|
|
15682
|
+
await emitToolDenial(context, message);
|
|
15683
|
+
return { behavior: "deny", message, interrupt: false };
|
|
15684
|
+
}
|
|
15685
|
+
if (approvalState === "needs_approval") {
|
|
15686
|
+
return handleMcpApprovalFlow(context);
|
|
15687
|
+
}
|
|
15688
|
+
}
|
|
15589
15689
|
if (isToolAllowedForMode(toolName, session.permissionMode)) {
|
|
15590
15690
|
return {
|
|
15591
15691
|
behavior: "allow",
|
|
@@ -15691,7 +15791,14 @@ Only enter plan mode (EnterPlanMode) when the user is requesting a significant c
|
|
|
15691
15791
|
|
|
15692
15792
|
When in doubt, continue executing and incorporate the feedback inline.
|
|
15693
15793
|
`;
|
|
15694
|
-
var
|
|
15794
|
+
var MCP_TOOLS = `
|
|
15795
|
+
# MCP Tool Access
|
|
15796
|
+
|
|
15797
|
+
If an MCP tool call is explicitly denied with a message, relay that denial message to the user exactly as given. Do NOT suggest checking "Claude Code settings."
|
|
15798
|
+
|
|
15799
|
+
If an MCP tool call returns an error, treat it as a normal tool error \u2014 troubleshoot, retry, or inform the user about the specific error. Do NOT assume it is a permissions issue and do NOT direct the user to any settings page.
|
|
15800
|
+
`;
|
|
15801
|
+
var APPENDED_INSTRUCTIONS = BRANCH_NAMING + PLAN_MODE + MCP_TOOLS;
|
|
15695
15802
|
|
|
15696
15803
|
// src/adapters/claude/session/options.ts
|
|
15697
15804
|
function buildSystemPrompt(customPrompt) {
|
|
@@ -17020,6 +17127,9 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
17020
17127
|
const earlyModelId = settingsManager.getSettings().model || meta?.model || "";
|
|
17021
17128
|
const mcpServers = supportsMcpInjection(earlyModelId) ? parseMcpServers(params) : {};
|
|
17022
17129
|
const systemPrompt = buildSystemPrompt(meta?.systemPrompt);
|
|
17130
|
+
if (meta?.mcpToolApprovals) {
|
|
17131
|
+
setMcpToolApprovalStates(meta.mcpToolApprovals);
|
|
17132
|
+
}
|
|
17023
17133
|
const outputFormat = meta?.jsonSchema && this.options?.onStructuredOutput ? { type: "json_schema", schema: meta.jsonSchema } : void 0;
|
|
17024
17134
|
this.logger.debug(isResume ? "Resuming session" : "Creating new session", {
|
|
17025
17135
|
sessionId,
|