@posthog/agent 2.3.74 → 2.3.81
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.js +45 -5
- package/dist/agent.js.map +1 -1
- package/dist/posthog-api.js +1 -1
- package/dist/posthog-api.js.map +1 -1
- package/dist/server/agent-server.d.ts +1 -0
- package/dist/server/agent-server.js +46 -5
- package/dist/server/agent-server.js.map +1 -1
- package/dist/server/bin.cjs +52 -6
- package/dist/server/bin.cjs.map +1 -1
- package/package.json +1 -1
- package/src/adapters/claude/claude-agent.ts +11 -2
- package/src/adapters/claude/permissions/permission-handlers.ts +35 -1
- package/src/adapters/claude/types.ts +1 -0
- package/src/server/agent-server.ts +1 -0
- package/src/server/bin.ts +12 -0
- package/src/server/types.ts +1 -0
package/dist/server/bin.cjs
CHANGED
|
@@ -904,7 +904,7 @@ var import_hono = require("hono");
|
|
|
904
904
|
// package.json
|
|
905
905
|
var package_default = {
|
|
906
906
|
name: "@posthog/agent",
|
|
907
|
-
version: "2.3.
|
|
907
|
+
version: "2.3.81",
|
|
908
908
|
repository: "https://github.com/PostHog/code",
|
|
909
909
|
description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
|
|
910
910
|
exports: {
|
|
@@ -3376,8 +3376,37 @@ function handlePlanFileException(context) {
|
|
|
3376
3376
|
updatedInput: toolInput
|
|
3377
3377
|
};
|
|
3378
3378
|
}
|
|
3379
|
+
function extractDomainFromUrl(url) {
|
|
3380
|
+
try {
|
|
3381
|
+
return new URL(url).hostname;
|
|
3382
|
+
} catch {
|
|
3383
|
+
return null;
|
|
3384
|
+
}
|
|
3385
|
+
}
|
|
3386
|
+
function isDomainAllowed(hostname, allowedDomains) {
|
|
3387
|
+
return allowedDomains.some((pattern) => {
|
|
3388
|
+
if (pattern.startsWith("*.")) {
|
|
3389
|
+
const suffix = pattern.slice(1);
|
|
3390
|
+
return hostname === pattern.slice(2) || hostname.endsWith(suffix);
|
|
3391
|
+
}
|
|
3392
|
+
return hostname === pattern;
|
|
3393
|
+
});
|
|
3394
|
+
}
|
|
3379
3395
|
async function canUseTool(context) {
|
|
3380
|
-
const { toolName, toolInput, session } = context;
|
|
3396
|
+
const { toolName, toolInput, session, allowedDomains } = context;
|
|
3397
|
+
if (allowedDomains && allowedDomains.length > 0) {
|
|
3398
|
+
if (toolName === "WebFetch" || toolName === "WebSearch") {
|
|
3399
|
+
const url = toolInput.url;
|
|
3400
|
+
if (url) {
|
|
3401
|
+
const hostname = extractDomainFromUrl(url);
|
|
3402
|
+
if (hostname && !isDomainAllowed(hostname, allowedDomains)) {
|
|
3403
|
+
const message = `Domain "${hostname}" is not in the allowed list: ${allowedDomains.join(", ")}`;
|
|
3404
|
+
await emitToolDenial(context, message);
|
|
3405
|
+
return { behavior: "deny", message, interrupt: false };
|
|
3406
|
+
}
|
|
3407
|
+
}
|
|
3408
|
+
}
|
|
3409
|
+
}
|
|
3381
3410
|
if (isToolAllowedForMode(toolName, session.permissionMode)) {
|
|
3382
3411
|
return {
|
|
3383
3412
|
behavior: "allow",
|
|
@@ -3467,6 +3496,13 @@ var GATEWAY_TO_SDK_MODEL = {
|
|
|
3467
3496
|
function toSdkModelId(modelId) {
|
|
3468
3497
|
return GATEWAY_TO_SDK_MODEL[modelId] ?? modelId;
|
|
3469
3498
|
}
|
|
3499
|
+
var MODELS_WITH_1M_CONTEXT = /* @__PURE__ */ new Set([
|
|
3500
|
+
"claude-opus-4-6",
|
|
3501
|
+
"claude-sonnet-4-6"
|
|
3502
|
+
]);
|
|
3503
|
+
function supports1MContext(modelId) {
|
|
3504
|
+
return MODELS_WITH_1M_CONTEXT.has(modelId);
|
|
3505
|
+
}
|
|
3470
3506
|
var MODELS_WITH_EFFORT = /* @__PURE__ */ new Set([
|
|
3471
3507
|
"claude-opus-4-5",
|
|
3472
3508
|
"claude-opus-4-6",
|
|
@@ -4545,7 +4581,7 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4545
4581
|
cwd,
|
|
4546
4582
|
mcpServers,
|
|
4547
4583
|
permissionMode,
|
|
4548
|
-
canUseTool: this.createCanUseTool(sessionId),
|
|
4584
|
+
canUseTool: this.createCanUseTool(sessionId, meta?.allowedDomains),
|
|
4549
4585
|
logger: this.logger,
|
|
4550
4586
|
systemPrompt,
|
|
4551
4587
|
userProvidedOptions: meta?.claudeCode?.options,
|
|
@@ -4637,6 +4673,9 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4637
4673
|
if (!isResume && resolvedSdkModel !== DEFAULT_MODEL) {
|
|
4638
4674
|
await this.session.query.setModel(resolvedSdkModel);
|
|
4639
4675
|
}
|
|
4676
|
+
if (supports1MContext(resolvedModelId)) {
|
|
4677
|
+
options.betas = ["context-1m-2025-08-07"];
|
|
4678
|
+
}
|
|
4640
4679
|
const availableModes2 = getAvailableModes();
|
|
4641
4680
|
const modes = {
|
|
4642
4681
|
currentModeId: permissionMode,
|
|
@@ -4675,7 +4714,7 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4675
4714
|
);
|
|
4676
4715
|
return { sessionId, modes, models, configOptions };
|
|
4677
4716
|
}
|
|
4678
|
-
createCanUseTool(sessionId) {
|
|
4717
|
+
createCanUseTool(sessionId, allowedDomains) {
|
|
4679
4718
|
return async (toolName, toolInput, { suggestions, toolUseID, signal }) => canUseTool({
|
|
4680
4719
|
session: this.session,
|
|
4681
4720
|
toolName,
|
|
@@ -4687,7 +4726,8 @@ var ClaudeAcpAgent = class extends BaseAcpAgent {
|
|
|
4687
4726
|
sessionId,
|
|
4688
4727
|
fileContentCache: this.fileContentCache,
|
|
4689
4728
|
logger: this.logger,
|
|
4690
|
-
updateConfigOption: (configId, value) => this.updateConfigOption(configId, value)
|
|
4729
|
+
updateConfigOption: (configId, value) => this.updateConfigOption(configId, value),
|
|
4730
|
+
allowedDomains
|
|
4691
4731
|
});
|
|
4692
4732
|
}
|
|
4693
4733
|
createOnModeChange() {
|
|
@@ -12221,6 +12261,7 @@ You MUST NOT create a new branch, close the existing PR, or create a new PR.`
|
|
|
12221
12261
|
sessionId: payload.run_id,
|
|
12222
12262
|
taskRunId: payload.run_id,
|
|
12223
12263
|
systemPrompt: this.buildSessionSystemPrompt(prUrl),
|
|
12264
|
+
allowedDomains: this.config.allowedDomains,
|
|
12224
12265
|
...this.config.claudeCode?.plugins?.length && {
|
|
12225
12266
|
claudeCode: {
|
|
12226
12267
|
options: {
|
|
@@ -12909,6 +12950,9 @@ program.name("agent-server").description("PostHog cloud agent server - runs in s
|
|
|
12909
12950
|
).option("--baseBranch <branch>", "Base branch for PR creation").option(
|
|
12910
12951
|
"--claudeCodeConfig <json>",
|
|
12911
12952
|
"Claude Code config as JSON (systemPrompt, systemPromptAppend, plugins)"
|
|
12953
|
+
).option(
|
|
12954
|
+
"--allowedDomains <domains>",
|
|
12955
|
+
"Comma-separated list of domains allowed for web tools (WebFetch, WebSearch)"
|
|
12912
12956
|
).action(async (options) => {
|
|
12913
12957
|
const envResult = envSchema.safeParse(process.env);
|
|
12914
12958
|
if (!envResult.success) {
|
|
@@ -12929,6 +12973,7 @@ ${errors}`);
|
|
|
12929
12973
|
claudeCodeConfigSchema,
|
|
12930
12974
|
"--claudeCodeConfig"
|
|
12931
12975
|
);
|
|
12976
|
+
const allowedDomains = options.allowedDomains ? options.allowedDomains.split(",").map((d) => d.trim()).filter(Boolean) : void 0;
|
|
12932
12977
|
const server = new AgentServer({
|
|
12933
12978
|
port: parseInt(options.port, 10),
|
|
12934
12979
|
jwtPublicKey: env.JWT_PUBLIC_KEY,
|
|
@@ -12941,7 +12986,8 @@ ${errors}`);
|
|
|
12941
12986
|
runId: options.runId,
|
|
12942
12987
|
mcpServers,
|
|
12943
12988
|
baseBranch: options.baseBranch,
|
|
12944
|
-
claudeCode
|
|
12989
|
+
claudeCode,
|
|
12990
|
+
allowedDomains
|
|
12945
12991
|
});
|
|
12946
12992
|
process.on("SIGINT", async () => {
|
|
12947
12993
|
await server.stop();
|