@posthog/agent 2.3.73 → 2.3.80
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.js +36 -5
- package/dist/agent.js.map +1 -1
- package/dist/posthog-api.js +1 -1
- package/dist/posthog-api.js.map +1 -1
- package/dist/server/agent-server.d.ts +1 -0
- package/dist/server/agent-server.js +37 -5
- package/dist/server/agent-server.js.map +1 -1
- package/dist/server/bin.cjs +43 -6
- package/dist/server/bin.cjs.map +1 -1
- package/package.json +1 -1
- package/src/adapters/claude/claude-agent.ts +6 -2
- package/src/adapters/claude/permissions/permission-handlers.ts +35 -1
- package/src/adapters/claude/session/options.ts +1 -0
- package/src/adapters/claude/types.ts +1 -0
- package/src/server/agent-server.ts +1 -0
- package/src/server/bin.ts +12 -0
- package/src/server/types.ts +1 -0
package/dist/server/bin.cjs
CHANGED
|
@@ -904,7 +904,7 @@ var import_hono = require("hono");
|
|
|
904
904
|
// package.json
|
|
905
905
|
var package_default = {
|
|
906
906
|
name: "@posthog/agent",
|
|
907
|
-
version: "2.3.
|
|
907
|
+
version: "2.3.80",
|
|
908
908
|
repository: "https://github.com/PostHog/code",
|
|
909
909
|
description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
|
|
910
910
|
exports: {
|
|
@@ -3376,8 +3376,37 @@ function handlePlanFileException(context) {
|
|
|
3376
3376
|
updatedInput: toolInput
|
|
3377
3377
|
};
|
|
3378
3378
|
}
|
|
3379
|
+
function extractDomainFromUrl(url) {
|
|
3380
|
+
try {
|
|
3381
|
+
return new URL(url).hostname;
|
|
3382
|
+
} catch {
|
|
3383
|
+
return null;
|
|
3384
|
+
}
|
|
3385
|
+
}
|
|
3386
|
+
function isDomainAllowed(hostname, allowedDomains) {
|
|
3387
|
+
return allowedDomains.some((pattern) => {
|
|
3388
|
+
if (pattern.startsWith("*.")) {
|
|
3389
|
+
const suffix = pattern.slice(1);
|
|
3390
|
+
return hostname === pattern.slice(2) || hostname.endsWith(suffix);
|
|
3391
|
+
}
|
|
3392
|
+
return hostname === pattern;
|
|
3393
|
+
});
|
|
3394
|
+
}
|
|
3379
3395
|
async function canUseTool(context) {
|
|
3380
|
-
const { toolName, toolInput, session } = context;
|
|
3396
|
+
const { toolName, toolInput, session, allowedDomains } = context;
|
|
3397
|
+
if (allowedDomains && allowedDomains.length > 0) {
|
|
3398
|
+
if (toolName === "WebFetch" || toolName === "WebSearch") {
|
|
3399
|
+
const url = toolInput.url;
|
|
3400
|
+
if (url) {
|
|
3401
|
+
const hostname = extractDomainFromUrl(url);
|
|
3402
|
+
if (hostname && !isDomainAllowed(hostname, allowedDomains)) {
|
|
3403
|
+
const message = `Domain "${hostname}" is not in the allowed list: ${allowedDomains.join(", ")}`;
|
|
3404
|
+
await emitToolDenial(context, message);
|
|
3405
|
+
return { behavior: "deny", message, interrupt: false };
|
|
3406
|
+
}
|
|
3407
|
+
}
|
|
3408
|
+
}
|
|
3409
|
+
}
|
|
3381
3410
|
if (isToolAllowedForMode(toolName, session.permissionMode)) {
|
|
3382
3411
|
return {
|
|
3383
3412
|
behavior: "allow",
|
|
@@ -3707,6 +3736,7 @@ function buildSessionOptions(params) {
|
|
|
3707
3736
|
const tools = params.userProvidedOptions?.tools ?? (params.disableBuiltInTools ? [] : { type: "preset", preset: "claude_code" });
|
|
3708
3737
|
const options = {
|
|
3709
3738
|
...params.userProvidedOptions,
|
|
3739
|
+
betas: ["context-1m-2025-08-07"],
|
|
3710
3740
|
systemPrompt: params.systemPrompt ?? buildSystemPrompt(),
|
|
3711
3741
|
settingSources: ["user", "project", "local"],
|
|
3712
3742
|
stderr: (err) => params.logger.error(err),
|
|
@@ -4544,7 +4574,7 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4544
4574
|
cwd,
|
|
4545
4575
|
mcpServers,
|
|
4546
4576
|
permissionMode,
|
|
4547
|
-
canUseTool: this.createCanUseTool(sessionId),
|
|
4577
|
+
canUseTool: this.createCanUseTool(sessionId, meta?.allowedDomains),
|
|
4548
4578
|
logger: this.logger,
|
|
4549
4579
|
systemPrompt,
|
|
4550
4580
|
userProvidedOptions: meta?.claudeCode?.options,
|
|
@@ -4674,7 +4704,7 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4674
4704
|
);
|
|
4675
4705
|
return { sessionId, modes, models, configOptions };
|
|
4676
4706
|
}
|
|
4677
|
-
createCanUseTool(sessionId) {
|
|
4707
|
+
createCanUseTool(sessionId, allowedDomains) {
|
|
4678
4708
|
return async (toolName, toolInput, { suggestions, toolUseID, signal }) => canUseTool({
|
|
4679
4709
|
session: this.session,
|
|
4680
4710
|
toolName,
|
|
@@ -4686,7 +4716,8 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4686
4716
|
sessionId,
|
|
4687
4717
|
fileContentCache: this.fileContentCache,
|
|
4688
4718
|
logger: this.logger,
|
|
4689
|
-
updateConfigOption: (configId, value) => this.updateConfigOption(configId, value)
|
|
4719
|
+
updateConfigOption: (configId, value) => this.updateConfigOption(configId, value),
|
|
4720
|
+
allowedDomains
|
|
4690
4721
|
});
|
|
4691
4722
|
}
|
|
4692
4723
|
createOnModeChange() {
|
|
@@ -12220,6 +12251,7 @@ You MUST NOT create a new branch, close the existing PR, or create a new PR.`
|
|
|
12220
12251
|
sessionId: payload.run_id,
|
|
12221
12252
|
taskRunId: payload.run_id,
|
|
12222
12253
|
systemPrompt: this.buildSessionSystemPrompt(prUrl),
|
|
12254
|
+
allowedDomains: this.config.allowedDomains,
|
|
12223
12255
|
...this.config.claudeCode?.plugins?.length && {
|
|
12224
12256
|
claudeCode: {
|
|
12225
12257
|
options: {
|
|
@@ -12908,6 +12940,9 @@ program.name("agent-server").description("PostHog cloud agent server - runs in s
|
|
|
12908
12940
|
).option("--baseBranch <branch>", "Base branch for PR creation").option(
|
|
12909
12941
|
"--claudeCodeConfig <json>",
|
|
12910
12942
|
"Claude Code config as JSON (systemPrompt, systemPromptAppend, plugins)"
|
|
12943
|
+
).option(
|
|
12944
|
+
"--allowedDomains <domains>",
|
|
12945
|
+
"Comma-separated list of domains allowed for web tools (WebFetch, WebSearch)"
|
|
12911
12946
|
).action(async (options) => {
|
|
12912
12947
|
const envResult = envSchema.safeParse(process.env);
|
|
12913
12948
|
if (!envResult.success) {
|
|
@@ -12928,6 +12963,7 @@ ${errors}`);
|
|
|
12928
12963
|
claudeCodeConfigSchema,
|
|
12929
12964
|
"--claudeCodeConfig"
|
|
12930
12965
|
);
|
|
12966
|
+
const allowedDomains = options.allowedDomains ? options.allowedDomains.split(",").map((d) => d.trim()).filter(Boolean) : void 0;
|
|
12931
12967
|
const server = new AgentServer({
|
|
12932
12968
|
port: parseInt(options.port, 10),
|
|
12933
12969
|
jwtPublicKey: env.JWT_PUBLIC_KEY,
|
|
@@ -12940,7 +12976,8 @@ ${errors}`);
|
|
|
12940
12976
|
runId: options.runId,
|
|
12941
12977
|
mcpServers,
|
|
12942
12978
|
baseBranch: options.baseBranch,
|
|
12943
|
-
claudeCode
|
|
12979
|
+
claudeCode,
|
|
12980
|
+
allowedDomains
|
|
12944
12981
|
});
|
|
12945
12982
|
process.on("SIGINT", async () => {
|
|
12946
12983
|
await server.stop();
|