@ubiquity-os/plugin-sdk 3.8.1 → 3.9.0

package/dist/index.mjs

@@ -2,7 +2,6 @@
 import * as core from "@actions/core";
 import { Value as Value3 } from "@sinclair/typebox/value";
 import { Logs } from "@ubiquity-os/ubiquity-os-logger";
-import { config } from "dotenv";
 
 // src/error.ts
 import { LogReturn } from "@ubiquity-os/ubiquity-os-logger";
@@ -219,6 +218,57 @@ function getPluginOptions(options) {
 }
 
 // src/comment.ts
+var COMMAND_RESPONSE_KIND = "command-response";
+var COMMAND_RESPONSE_MARKER = `"commentKind": "${COMMAND_RESPONSE_KIND}"`;
+var COMMAND_RESPONSE_COMMENT_LIMIT = 50;
+var RECENT_COMMENTS_QUERY = (
+  /* GraphQL */
+  `
+  query ($owner: String!, $repo: String!, $number: Int!, $last: Int!) {
+    repository(owner: $owner, name: $repo) {
+      issueOrPullRequest(number: $number) {
+        __typename
+        ... on Issue {
+          comments(last: $last) {
+            nodes {
+              id
+              body
+              isMinimized
+              minimizedReason
+              author {
+                login
+              }
+            }
+          }
+        }
+        ... on PullRequest {
+          comments(last: $last) {
+            nodes {
+              id
+              body
+              isMinimized
+              minimizedReason
+              author {
+                login
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+`
+);
+var MINIMIZE_COMMENT_MUTATION = `
+  mutation($id: ID!, $classifier: ReportedContentClassifiers!) {
+    minimizeComment(input: { subjectId: $id, classifier: $classifier }) {
+      minimizedComment {
+        isMinimized
+        minimizedReason
+      }
+    }
+  }
+`;
 function logByStatus2(logger, message, status, metadata) {
   const payload = { ...metadata, ...status ? { status } : {} };
   if (status && status >= 500) return logger.error(message, payload);
@@ -231,6 +281,7 @@ function logByStatus2(logger, message, status, metadata) {
 var CommentHandler = class _CommentHandler {
   static HEADER_NAME = "UbiquityOS";
   _lastCommentId = { reviewCommentId: null, issueCommentId: null };
+  _commandResponsePolicyApplied = false;
   async _updateIssueComment(context, params) {
     if (!this._lastCommentId.issueCommentId) {
       throw context.logger.error("issueCommentId is missing");
@@ -285,6 +336,11 @@ var CommentHandler = class _CommentHandler {
   _getCommentId(context) {
     return "pull_request" in context.payload && "comment" in context.payload ? context.payload.comment.id : void 0;
   }
+  _getCommentNodeId(context) {
+    const payload = context.payload;
+    const nodeId = payload.comment?.node_id;
+    return typeof nodeId === "string" && nodeId.trim() ? nodeId : null;
+  }
   _extractIssueContext(context) {
     if (!("repository" in context.payload) || !context.payload.repository?.owner?.login) {
       return null;
@@ -298,6 +354,85 @@ var CommentHandler = class _CommentHandler {
       repo: context.payload.repository.name
     };
   }
+  _extractIssueLocator(context) {
+    if (!("issue" in context.payload) && !("pull_request" in context.payload)) {
+      return null;
+    }
+    const issueContext = this._extractIssueContext(context);
+    if (!issueContext) return null;
+    return {
+      owner: issueContext.owner,
+      repo: issueContext.repo,
+      issueNumber: issueContext.issueNumber
+    };
+  }
+  _shouldApplyCommandResponsePolicy(context) {
+    return Boolean(context.command);
+  }
+  _isCommandResponseComment(body) {
+    return typeof body === "string" && body.includes(COMMAND_RESPONSE_MARKER);
+  }
+  _getGraphqlClient(context) {
+    const graphql = context.octokit.graphql;
+    return typeof graphql === "function" ? graphql : null;
+  }
+  async _fetchRecentComments(context, locator, last = COMMAND_RESPONSE_COMMENT_LIMIT) {
+    const graphql = this._getGraphqlClient(context);
+    if (!graphql) return [];
+    try {
+      const data = await graphql(RECENT_COMMENTS_QUERY, {
+        owner: locator.owner,
+        repo: locator.repo,
+        number: locator.issueNumber,
+        last
+      });
+      const nodes = data.repository?.issueOrPullRequest?.comments?.nodes ?? [];
+      return nodes.filter((node) => Boolean(node));
+    } catch (error) {
+      context.logger.debug("Failed to fetch recent comments (non-fatal)", { err: error });
+      return [];
+    }
+  }
+  _findPreviousCommandResponseComment(comments, currentCommentId) {
+    for (let idx = comments.length - 1; idx >= 0; idx -= 1) {
+      const comment = comments[idx];
+      if (!comment) continue;
+      if (currentCommentId && comment.id === currentCommentId) continue;
+      if (this._isCommandResponseComment(comment.body)) {
+        return comment;
+      }
+    }
+    return null;
+  }
+  async _minimizeComment(context, commentNodeId, classifier = "RESOLVED") {
+    const graphql = this._getGraphqlClient(context);
+    if (!graphql) return;
+    try {
+      await graphql(MINIMIZE_COMMENT_MUTATION, {
+        id: commentNodeId,
+        classifier
+      });
+    } catch (error) {
+      context.logger.debug("Failed to minimize comment (non-fatal)", { err: error, commentNodeId });
+    }
+  }
+  async _applyCommandResponsePolicy(context) {
+    if (this._commandResponsePolicyApplied) return;
+    this._commandResponsePolicyApplied = true;
+    if (!this._shouldApplyCommandResponsePolicy(context)) return;
+    const locator = this._extractIssueLocator(context);
+    const commentNodeId = this._getCommentNodeId(context);
+    const comments = locator ? await this._fetchRecentComments(context, locator) : [];
+    const current = commentNodeId ? comments.find((comment) => comment.id === commentNodeId) : null;
+    const isCurrentMinimized = current?.isMinimized ?? false;
+    if (commentNodeId && !isCurrentMinimized) {
+      await this._minimizeComment(context, commentNodeId);
+    }
+    const previous = this._findPreviousCommandResponseComment(comments, commentNodeId);
+    if (previous && !previous.isMinimized) {
+      await this._minimizeComment(context, previous.id);
+    }
+  }
   _processMessage(context, message) {
     if (message instanceof Error) {
       const metadata2 = {
@@ -349,7 +484,9 @@ var CommentHandler = class _CommentHandler {
   }
   _createCommentBody(context, message, options) {
     const { metadata, logMessage } = this._processMessage(context, message);
-    const { header, jsonPretty } = this._createMetadataContent(context, metadata);
+    const shouldTagCommandResponse = options?.commentKind && typeof metadata === "object" && !("commentKind" in metadata);
+    const metadataWithKind = shouldTagCommandResponse ? { ...metadata, commentKind: options?.commentKind } : metadata;
+    const { header, jsonPretty } = this._createMetadataContent(context, metadataWithKind);
     const metadataContent = this._formatMetadataContent(logMessage, header, jsonPretty);
     return `${options?.raw ? logMessage?.raw : logMessage?.diff}
 
@@ -357,12 +494,17 @@ ${metadataContent}
 `;
   }
   async postComment(context, message, options = { updateComment: true, raw: false }) {
+    await this._applyCommandResponsePolicy(context);
     const issueContext = this._extractIssueContext(context);
     if (!issueContext) {
       context.logger.warn("Cannot post comment: missing issue context in payload");
       return null;
     }
-    const body = this._createCommentBody(context, message, options);
+    const shouldTagCommandResponse = this._shouldApplyCommandResponsePolicy(context);
+    const body = this._createCommentBody(context, message, {
+      ...options,
+      commentKind: options.commentKind ?? (shouldTagCommandResponse ? COMMAND_RESPONSE_KIND : void 0)
+    });
     const { issueNumber, commentId, owner, repo } = issueContext;
     const params = { owner, repo, body, issueNumber };
     if (options.updateComment) {
@@ -499,7 +641,6 @@ var inputSchema = T2.Object({
 });
 
 // src/actions.ts
-config();
 async function handleError(context, pluginOptions, error) {
   console.error(error);
   const loggerError = transformError(context, error);
@@ -508,68 +649,90 @@ async function handleError(context, pluginOptions, error) {
     await context.commentHandler.postComment(context, loggerError);
   }
 }
-async function createActionsPlugin(handler, options) {
-  const pluginOptions = getPluginOptions(options);
-  const pluginGithubToken = process.env.PLUGIN_GITHUB_TOKEN;
-  if (!pluginGithubToken) {
+function getDispatchTokenOrFail(pluginOptions) {
+  if (!pluginOptions.returnDataToKernel) return null;
+  const token = process.env.PLUGIN_GITHUB_TOKEN;
+  if (!token) {
     core.setFailed("Error: PLUGIN_GITHUB_TOKEN env is not set");
-    return;
+    return null;
   }
+  return token;
+}
+async function getInputsOrFail(pluginOptions) {
   const githubContext = getGithubContext();
   const body = githubContext.payload.inputs;
   const inputSchemaErrors = [...Value3.Errors(inputSchema, body)];
   if (inputSchemaErrors.length) {
     console.dir(inputSchemaErrors, { depth: null });
     core.setFailed(`Error: Invalid inputs payload: ${inputSchemaErrors.map((o) => o.message).join(", ")}`);
-    return;
-  }
-  const signature = body.signature;
-  if (!pluginOptions.bypassSignatureVerification && !await verifySignature(pluginOptions.kernelPublicKey, body, signature)) {
-    core.setFailed(`Error: Invalid signature`);
-    return;
+    return null;
   }
-  const inputs = Value3.Decode(inputSchema, body);
-  let config2;
-  if (pluginOptions.settingsSchema) {
-    try {
-      config2 = Value3.Decode(pluginOptions.settingsSchema, Value3.Default(pluginOptions.settingsSchema, inputs.settings));
-    } catch (e) {
-      console.dir(...Value3.Errors(pluginOptions.settingsSchema, inputs.settings), { depth: null });
-      core.setFailed(`Error: Invalid settings provided.`);
-      throw e;
+  if (!pluginOptions.bypassSignatureVerification) {
+    const signature = typeof body.signature === "string" ? body.signature : "";
+    if (!signature) {
+      core.setFailed("Error: Missing signature");
+      return null;
     }
-  } else {
-    config2 = inputs.settings;
-  }
-  let env;
-  if (pluginOptions.envSchema) {
-    try {
-      env = Value3.Decode(pluginOptions.envSchema, Value3.Default(pluginOptions.envSchema, process.env));
-    } catch (e) {
-      console.dir(...Value3.Errors(pluginOptions.envSchema, process.env), { depth: null });
-      core.setFailed(`Error: Invalid environment provided.`);
-      throw e;
+    const isValid = await verifySignature(pluginOptions.kernelPublicKey, body, signature);
+    if (!isValid) {
+      core.setFailed("Error: Invalid signature");
+      return null;
     }
-  } else {
-    env = process.env;
   }
-  const command = getCommand(inputs, pluginOptions);
+  return Value3.Decode(inputSchema, body);
+}
+function decodeWithSchema(schema, value, errorMessage) {
+  if (!schema) {
+    return { value };
+  }
+  try {
+    return { value: Value3.Decode(schema, Value3.Default(schema, value)) };
+  } catch (error) {
+    console.dir(...Value3.Errors(schema, value), { depth: null });
+    const err = new Error(errorMessage);
+    err.cause = error;
+    return { value: null, error: err };
+  }
+}
+async function createActionsPlugin(handler, options) {
+  const pluginOptions = getPluginOptions(options);
+  const pluginGithubToken = getDispatchTokenOrFail(pluginOptions);
+  if (pluginOptions.returnDataToKernel && !pluginGithubToken) {
+    return;
+  }
+  const inputs = await getInputsOrFail(pluginOptions);
+  if (!inputs) {
+    return;
+  }
   const context = {
     eventName: inputs.eventName,
     payload: inputs.eventPayload,
-    command,
+    command: null,
     authToken: inputs.authToken,
     ubiquityKernelToken: inputs.ubiquityKernelToken,
     octokit: new customOctokit({ auth: inputs.authToken }),
-    config: config2,
-    env,
+    config: inputs.settings,
+    env: process.env,
     logger: new Logs(pluginOptions.logLevel),
     commentHandler: new CommentHandler()
   };
+  const configResult = decodeWithSchema(pluginOptions.settingsSchema, inputs.settings, "Error: Invalid settings provided.");
+  if (!configResult.value) {
+    await handleError(context, pluginOptions, configResult.error ?? new Error("Error: Invalid settings provided."));
+    return;
+  }
+  context.config = configResult.value;
+  const envResult = decodeWithSchema(pluginOptions.envSchema, process.env, "Error: Invalid environment provided.");
+  if (!envResult.value) {
+    await handleError(context, pluginOptions, envResult.error ?? new Error("Error: Invalid environment provided."));
+    return;
+  }
+  context.env = envResult.value;
   try {
+    context.command = getCommand(inputs, pluginOptions);
     const result = await handler(context);
     core.setOutput("result", result);
-    if (pluginOptions?.returnDataToKernel) {
+    if (pluginOptions.returnDataToKernel && pluginGithubToken) {
       await returnDataToKernel(pluginGithubToken, inputs.stateId, result);
     }
   } catch (error) {
@@ -678,16 +841,16 @@ function createPlugin(handler, manifest, options) {
       throw new HTTPException(400, { message: "Invalid signature" });
     }
     const inputs = Value4.Decode(inputSchema, body);
-    let config2;
+    let config;
     if (pluginOptions.settingsSchema) {
       try {
-        config2 = Value4.Decode(pluginOptions.settingsSchema, Value4.Default(pluginOptions.settingsSchema, inputs.settings));
+        config = Value4.Decode(pluginOptions.settingsSchema, Value4.Default(pluginOptions.settingsSchema, inputs.settings));
       } catch (e) {
         console.dir(...Value4.Errors(pluginOptions.settingsSchema, inputs.settings), { depth: null });
         throw e;
       }
     } else {
-      config2 = inputs.settings;
+      config = inputs.settings;
     }
     let env;
     const honoEnvironment = honoEnv(ctx);
@@ -711,7 +874,7 @@ function createPlugin(handler, manifest, options) {
       authToken: inputs.authToken,
       ubiquityKernelToken: inputs.ubiquityKernelToken,
       octokit: new customOctokit({ auth: inputs.authToken }),
-      config: config2,
+      config,
       env,
       logger: new Logs2(pluginOptions.logLevel),
       commentHandler: new CommentHandler()
@@ -747,26 +910,49 @@ function getEnvString(name) {
   if (typeof process === "undefined" || !process?.env) return EMPTY_STRING;
   return String(process.env[name] ?? EMPTY_STRING).trim();
 }
+function normalizeToken(value) {
+  return typeof value === "string" ? value.trim() : EMPTY_STRING;
+}
+function isGitHubToken(token) {
+  return token.trim().startsWith("gh");
+}
+function getEnvTokenFromInput(input) {
+  if ("env" in input) {
+    const envValue = input.env;
+    if (envValue && typeof envValue === "object") {
+      const token = normalizeToken(envValue.UOS_AI_TOKEN);
+      if (token) return token;
+    }
+  }
+  return getEnvString("UOS_AI_TOKEN");
+}
+function resolveAuthToken(input, aiAuthToken) {
+  const explicit = normalizeToken(aiAuthToken);
+  if (explicit) return { token: explicit, isGitHub: isGitHubToken(explicit) };
+  const envToken = getEnvTokenFromInput(input);
+  if (envToken) return { token: envToken, isGitHub: isGitHubToken(envToken) };
+  const fallback = normalizeToken(input.authToken);
+  if (!fallback) {
+    const err = new Error("Missing auth token; set UOS_AI_TOKEN, pass aiAuthToken, or provide authToken in input");
+    err.status = 401;
+    throw err;
+  }
+  return { token: fallback, isGitHub: isGitHubToken(fallback) };
+}
 function getAiBaseUrl(options) {
   if (typeof options.baseUrl === "string" && options.baseUrl.trim()) {
     return normalizeBaseUrl(options.baseUrl);
   }
-  const envBaseUrl = getEnvString("UOS_AI_URL") || getEnvString("UOS_AI_BASE_URL");
+  const envBaseUrl = getEnvString("UOS_AI_URL");
   if (envBaseUrl) return normalizeBaseUrl(envBaseUrl);
-  return "https://ai-ubq-fi.deno.dev";
+  return "https://ai.ubq.fi";
 }
 async function callLlm(options, input) {
-  const authToken = String(input.authToken ?? EMPTY_STRING).trim();
-  if (!authToken) {
-    const err = new Error("Missing authToken in input");
-    err.status = 401;
-    throw err;
-  }
+  const { baseUrl, model, stream: isStream, messages, aiAuthToken, ...rest } = options;
+  const { token: authToken, isGitHub } = resolveAuthToken(input, aiAuthToken);
   const kernelToken = "ubiquityKernelToken" in input ? input.ubiquityKernelToken : void 0;
   const payload = getPayload(input);
   const { owner, repo, installationId } = getRepoMetadata(payload);
-  ensureKernelToken(authToken, kernelToken);
-  const { baseUrl, model, stream: isStream, messages, ...rest } = options;
   ensureMessages(messages);
   const url = buildAiUrl(options, baseUrl);
   const body = JSON.stringify({
@@ -779,7 +965,7 @@ async function callLlm(options, input) {
     owner,
     repo,
     installationId,
-    ubiquityKernelToken: kernelToken
+    ubiquityKernelToken: isGitHub ? kernelToken : void 0
   });
   const response = await fetchWithRetry(url, { method: "POST", headers, body }, MAX_LLM_RETRIES);
   if (isStream) {
@@ -788,14 +974,16 @@ async function callLlm(options, input) {
     }
     return parseSseStream(response.body);
   }
-  return response.json();
-}
-function ensureKernelToken(authToken, kernelToken) {
-  const isKernelTokenRequired = authToken.startsWith("gh");
-  if (isKernelTokenRequired && !kernelToken) {
-    const err = new Error("Missing ubiquityKernelToken in input (kernel attestation is required for GitHub auth)");
-    err.status = 401;
-    throw err;
+  const rawText = await response.text();
+  try {
+    return JSON.parse(rawText);
+  } catch (err) {
+    const preview = rawText ? rawText.slice(0, 1e3) : EMPTY_STRING;
+    const message = "LLM API error: failed to parse JSON response from server" + (preview ? `; response body (truncated): ${preview}` : EMPTY_STRING);
+    const error = new Error(message);
+    error.cause = err;
+    error.status = response.status;
+    throw error;
   }
 }
 function ensureMessages(messages) {
@@ -815,28 +1003,33 @@ async function fetchWithRetry(url, options, maxRetries) {
     try {
       const response = await fetch(url, options);
       if (response.ok) return response;
-      const errText = await response.text();
-      if (response.status >= 500 && attempt < maxRetries) {
-        await sleep(getRetryDelayMs(attempt));
-        attempt += 1;
-        continue;
-      }
-      const error = new Error(`LLM API error: ${response.status} - ${errText}`);
-      error.status = response.status;
-      throw error;
+      throw await buildResponseError(response);
     } catch (error) {
       lastError = error;
-      const status = typeof error.status === "number" ? error.status : void 0;
-      if (typeof status === "number" && status < 500) {
-        throw error;
-      }
-      if (attempt >= maxRetries) throw error;
+      if (!shouldRetryError(error, attempt, maxRetries)) throw error;
       await sleep(getRetryDelayMs(attempt));
       attempt += 1;
     }
   }
   throw lastError ?? new Error("LLM API error: request failed after retries");
 }
+async function buildResponseError(response) {
+  const errText = await response.text();
+  const error = new Error(`LLM API error: ${response.status} - ${errText}`);
+  error.status = response.status;
+  return error;
+}
+function shouldRetryError(error, attempt, maxRetries) {
+  if (attempt >= maxRetries) return false;
+  const status = getErrorStatus2(error);
+  if (typeof status === "number") {
+    return status >= 500;
+  }
+  return true;
+}
+function getErrorStatus2(error) {
+  return typeof error?.status === "number" ? error.status : void 0;
+}
 function getPayload(input) {
   if ("payload" in input) {
     return input.payload;

package/dist/llm.d.mts

@@ -1,5 +1,5 @@
 import { ChatCompletionMessageParam, ChatCompletionCreateParamsNonStreaming, ChatCompletion, ChatCompletionChunk } from 'openai/resources/chat/completions';
-import { C as Context } from './context-Ckj1HMjz.mjs';
+import { C as Context } from './context-Dwl3aRX-.mjs';
 import { PluginInput } from './signature.mjs';
 import '@octokit/webhooks';
 import '@ubiquity-os/ubiquity-os-logger';
@@ -17,6 +17,7 @@ type LlmCallOptions = {
     model?: string;
     stream?: boolean;
     messages: ChatCompletionMessageParam[];
+    aiAuthToken?: string;
 } & Partial<Omit<ChatCompletionCreateParamsNonStreaming, "model" | "messages" | "stream">>;
 declare function callLlm(options: LlmCallOptions, input: PluginInput | Context): Promise<ChatCompletion | AsyncIterable<ChatCompletionChunk>>;
 

package/dist/llm.d.ts

@@ -1,5 +1,5 @@
 import { ChatCompletionMessageParam, ChatCompletionCreateParamsNonStreaming, ChatCompletion, ChatCompletionChunk } from 'openai/resources/chat/completions';
-import { C as Context } from './context-BE4WjJZf.js';
+import { C as Context } from './context-zLHgu52i.js';
 import { PluginInput } from './signature.js';
 import '@octokit/webhooks';
 import '@ubiquity-os/ubiquity-os-logger';
@@ -17,6 +17,7 @@ type LlmCallOptions = {
     model?: string;
     stream?: boolean;
     messages: ChatCompletionMessageParam[];
+    aiAuthToken?: string;
 } & Partial<Omit<ChatCompletionCreateParamsNonStreaming, "model" | "messages" | "stream">>;
 declare function callLlm(options: LlmCallOptions, input: PluginInput | Context): Promise<ChatCompletion | AsyncIterable<ChatCompletionChunk>>;
 

package/dist/llm.js

@@ -43,26 +43,49 @@ function getEnvString(name) {
   if (typeof process === "undefined" || !process?.env) return EMPTY_STRING;
   return String(process.env[name] ?? EMPTY_STRING).trim();
 }
+function normalizeToken(value) {
+  return typeof value === "string" ? value.trim() : EMPTY_STRING;
+}
+function isGitHubToken(token) {
+  return token.trim().startsWith("gh");
+}
+function getEnvTokenFromInput(input) {
+  if ("env" in input) {
+    const envValue = input.env;
+    if (envValue && typeof envValue === "object") {
+      const token = normalizeToken(envValue.UOS_AI_TOKEN);
+      if (token) return token;
+    }
+  }
+  return getEnvString("UOS_AI_TOKEN");
+}
+function resolveAuthToken(input, aiAuthToken) {
+  const explicit = normalizeToken(aiAuthToken);
+  if (explicit) return { token: explicit, isGitHub: isGitHubToken(explicit) };
+  const envToken = getEnvTokenFromInput(input);
+  if (envToken) return { token: envToken, isGitHub: isGitHubToken(envToken) };
+  const fallback = normalizeToken(input.authToken);
+  if (!fallback) {
+    const err = new Error("Missing auth token; set UOS_AI_TOKEN, pass aiAuthToken, or provide authToken in input");
+    err.status = 401;
+    throw err;
+  }
+  return { token: fallback, isGitHub: isGitHubToken(fallback) };
+}
 function getAiBaseUrl(options) {
   if (typeof options.baseUrl === "string" && options.baseUrl.trim()) {
     return normalizeBaseUrl(options.baseUrl);
   }
-  const envBaseUrl = getEnvString("UOS_AI_URL") || getEnvString("UOS_AI_BASE_URL");
+  const envBaseUrl = getEnvString("UOS_AI_URL");
   if (envBaseUrl) return normalizeBaseUrl(envBaseUrl);
-  return "https://ai-ubq-fi.deno.dev";
+  return "https://ai.ubq.fi";
 }
 async function callLlm(options, input) {
-  const authToken = String(input.authToken ?? EMPTY_STRING).trim();
-  if (!authToken) {
-    const err = new Error("Missing authToken in input");
-    err.status = 401;
-    throw err;
-  }
+  const { baseUrl, model, stream: isStream, messages, aiAuthToken, ...rest } = options;
+  const { token: authToken, isGitHub } = resolveAuthToken(input, aiAuthToken);
   const kernelToken = "ubiquityKernelToken" in input ? input.ubiquityKernelToken : void 0;
   const payload = getPayload(input);
   const { owner, repo, installationId } = getRepoMetadata(payload);
-  ensureKernelToken(authToken, kernelToken);
-  const { baseUrl, model, stream: isStream, messages, ...rest } = options;
   ensureMessages(messages);
   const url = buildAiUrl(options, baseUrl);
   const body = JSON.stringify({
@@ -75,7 +98,7 @@ async function callLlm(options, input) {
     owner,
     repo,
     installationId,
-    ubiquityKernelToken: kernelToken
+    ubiquityKernelToken: isGitHub ? kernelToken : void 0
   });
   const response = await fetchWithRetry(url, { method: "POST", headers, body }, MAX_LLM_RETRIES);
   if (isStream) {
@@ -84,14 +107,16 @@ async function callLlm(options, input) {
     }
     return parseSseStream(response.body);
   }
-  return response.json();
-}
-function ensureKernelToken(authToken, kernelToken) {
-  const isKernelTokenRequired = authToken.startsWith("gh");
-  if (isKernelTokenRequired && !kernelToken) {
-    const err = new Error("Missing ubiquityKernelToken in input (kernel attestation is required for GitHub auth)");
-    err.status = 401;
-    throw err;
+  const rawText = await response.text();
+  try {
+    return JSON.parse(rawText);
+  } catch (err) {
+    const preview = rawText ? rawText.slice(0, 1e3) : EMPTY_STRING;
+    const message = "LLM API error: failed to parse JSON response from server" + (preview ? `; response body (truncated): ${preview}` : EMPTY_STRING);
+    const error = new Error(message);
+    error.cause = err;
+    error.status = response.status;
+    throw error;
   }
 }
 function ensureMessages(messages) {
@@ -111,28 +136,33 @@ async function fetchWithRetry(url, options, maxRetries) {
     try {
       const response = await fetch(url, options);
       if (response.ok) return response;
-      const errText = await response.text();
-      if (response.status >= 500 && attempt < maxRetries) {
-        await sleep(getRetryDelayMs(attempt));
-        attempt += 1;
-        continue;
-      }
-      const error = new Error(`LLM API error: ${response.status} - ${errText}`);
-      error.status = response.status;
-      throw error;
+      throw await buildResponseError(response);
     } catch (error) {
       lastError = error;
-      const status = typeof error.status === "number" ? error.status : void 0;
-      if (typeof status === "number" && status < 500) {
-        throw error;
-      }
-      if (attempt >= maxRetries) throw error;
+      if (!shouldRetryError(error, attempt, maxRetries)) throw error;
       await sleep(getRetryDelayMs(attempt));
       attempt += 1;
     }
   }
   throw lastError ?? new Error("LLM API error: request failed after retries");
 }
+async function buildResponseError(response) {
+  const errText = await response.text();
+  const error = new Error(`LLM API error: ${response.status} - ${errText}`);
+  error.status = response.status;
+  return error;
+}
+function shouldRetryError(error, attempt, maxRetries) {
+  if (attempt >= maxRetries) return false;
+  const status = getErrorStatus(error);
+  if (typeof status === "number") {
+    return status >= 500;
+  }
+  return true;
+}
+function getErrorStatus(error) {
+  return typeof error?.status === "number" ? error.status : void 0;
+}
 function getPayload(input) {
   if ("payload" in input) {
     return input.payload;