npm - @vm0/cli - Versions diffs - 9.142.1 → 9.144.0 - Mend

@vm0/cli 9.142.1 → 9.144.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/{chunk-MB6EHK2G.js → chunk-75VR4R5J.js} +157 -32
package/{chunk-MB6EHK2G.js.map → chunk-75VR4R5J.js.map} +1 -1
package/index.js +11 -11
package/index.js.map +1 -1
package/package.json +1 -1
package/zero.js +219 -69
package/zero.js.map +1 -1

package/{chunk-MB6EHK2G.js → chunk-75VR4R5J.js} RENAMED Viewed

@@ -74083,7 +74083,7 @@ if (DSN) {
   init2({
     dsn: DSN,
     environment: process.env.SENTRY_ENVIRONMENT ?? "production",
-    release: "9.142.1",
+    release: "9.144.0",
     sendDefaultPii: false,
     tracesSampleRate: 0,
     shutdownTimeout: 500,
@@ -74102,7 +74102,7 @@ if (DSN) {
     }
   });
   setContext("cli", {
-    version: "9.142.1",
+    version: "9.144.0",
     command: process.argv.slice(2).join(" ")
   });
   setContext("runtime", {
@@ -97355,10 +97355,10 @@ var openai = {
   }
 };
-// ../../packages/connectors/src/connectors/chatgpt-oauth.ts
+// ../../packages/connectors/src/connectors/codex-oauth.ts
 init_esm_shims();
-var chatgptOauth = {
-  "chatgpt-oauth": {
+var codexOauth = {
+  "codex-oauth": {
     label: "ChatGPT (OAuth)",
     category: "ai-general-models",
     environmentMapping: {
@@ -100266,7 +100266,7 @@ var CONNECTOR_TYPES_DEF = {
   ...stripe,
   ...onyx,
   ...openai,
-  ...chatgptOauth,
+  ...codexOauth,
   ...similarweb,
   ...perplexity,
   ...pipedrive,
@@ -100716,8 +100716,7 @@ var logsListContract = c7.router({
     headers: authHeadersSchema,
     query: listQuerySchema.extend({
       search: external_exports.string().optional(),
-      agent: external_exports.string().uuid().optional(),
-      // canonical Zero agent ID
+      agentId: external_exports.string().uuid().optional(),
       name: external_exports.string().optional(),
       since: external_exports.coerce.number().optional(),
       status: logStatusSchema.optional(),
@@ -101351,8 +101350,7 @@ var logsSearchContract = c9.router({
     headers: authHeadersSchema,
     query: external_exports.object({
       keyword: external_exports.string().min(1),
-      agent: external_exports.string().uuid().optional(),
-      // canonical Zero agent ID
+      agentId: external_exports.string().uuid().optional(),
       runId: external_exports.string().optional(),
       since: external_exports.coerce.number().optional(),
       limit: external_exports.coerce.number().min(1).max(50).default(20),
@@ -101726,7 +101724,7 @@ var webhookCompleteContract = c11.router({
 var webhookCheckpointsContract = c11.router({
   /**
    * POST /api/webhooks/agent/checkpoints
-   * Create checkpoint for completed agent run
+   * Create a recoverable checkpoint for an agent run.
    */
   create: {
     method: "POST",
@@ -102233,8 +102231,7 @@ var zeroLogsSearchContract = c12.router({
     headers: authHeadersSchema,
     query: external_exports.object({
       keyword: external_exports.string().min(1),
-      agent: external_exports.string().uuid().optional(),
-      // canonical Zero agent ID
+      agentId: external_exports.string().uuid().optional(),
       runId: external_exports.string().optional(),
       since: external_exports.coerce.number().optional(),
       limit: external_exports.coerce.number().min(1).max(50).default(20),
@@ -102535,14 +102532,33 @@ var MODEL_PROVIDER_TYPES = {
     ],
     defaultModel: "gpt-5.5"
   },
-  "chatgpt-oauth-token": {
+  "codex-oauth-token": {
     framework: "codex",
-    label: "ChatGPT (Sign in)",
-    helpText: "Sign in with ChatGPT (Plus / Pro / Business / Edu / Enterprise). Workspace selection happens on auth.openai.com.",
+    label: "ChatGPT (Codex)",
+    helpText: "Run `codex login` on your machine, then paste the resulting ~/.codex/auth.json contents to authorize ChatGPT (Plus / Pro / Business / Edu / Enterprise) for Codex.",
     authMethods: {
-      oauth: {
-        label: "Sign in with ChatGPT",
+      // Paste-based auth: client posts CODEX_AUTH_JSON, server parses it via
+      // codex-auth-json-parser.ts and persists the four derived CHATGPT_*
+      // fields. The raw blob is NEVER stored. The wire-shape secret
+      // (CODEX_AUTH_JSON) is declared optional+serverOnly so the contract
+      // accepts it on POST without persisting; the four CHATGPT_* fields are
+      // the canonical stored secrets and the firewall layer reads from those.
+      auth_json: {
+        label: "Codex auth.json",
+        helpText: "Run `codex login` locally, then paste the contents of ~/.codex/auth.json below.",
         secrets: {
+          CODEX_AUTH_JSON: {
+            label: "auth.json contents",
+            required: false,
+            serverOnly: true,
+            placeholder: '{"OPENAI_API_KEY":null,"tokens":{...}}',
+            helpText: "Paste the entire contents of ~/.codex/auth.json"
+          },
+          // CHATGPT_ACCESS_TOKEN and CHATGPT_ACCOUNT_ID reach the sandbox env
+          // as placeholder values (substituted by the firewall token-replacement
+          // layer at egress) — keeping them non-serverOnly preserves the
+          // placeholder injection path. CHATGPT_REFRESH_TOKEN and
+          // CHATGPT_ID_TOKEN stay serverOnly per the #7365 invariant.
           CHATGPT_ACCESS_TOKEN: {
             label: "CHATGPT_ACCESS_TOKEN",
             required: true
@@ -102564,7 +102580,7 @@ var MODEL_PROVIDER_TYPES = {
         }
       }
     },
-    defaultAuthMethod: "oauth",
+    defaultAuthMethod: "auth_json",
     environmentMapping: {
       CHATGPT_ACCESS_TOKEN: "$secrets.CHATGPT_ACCESS_TOKEN",
       CHATGPT_ACCOUNT_ID: "$secrets.CHATGPT_ACCOUNT_ID",
@@ -102699,7 +102715,7 @@ function getSelectableProviderTypes() {
 }
 var ANTHROPIC_API_BASE = "https://api.anthropic.com";
 function getFirewallBaseUrl(type) {
-  if (type === "chatgpt-oauth-token") {
+  if (type === "codex-oauth-token") {
     return "https://chatgpt.com/backend-api/codex";
   }
   if (getFrameworkForType(type) === "codex") {
@@ -102808,8 +102824,8 @@ var MODEL_PROVIDER_FIREWALL_CONFIGS = {
   // here only needs to be a stable, non-empty string the firewall can match
   // and substitute. Account-id placeholder still equals #11877's literal
   // since the architectural relationship across the two surfaces matters.
-  "chatgpt-oauth-token": {
-    name: "model-provider:chatgpt-oauth-token",
+  "codex-oauth-token": {
+    name: "model-provider:codex-oauth-token",
     apis: [
       {
         base: "https://chatgpt.com/backend-api/codex",
@@ -102847,7 +102863,7 @@ var modelProviderTypeSchema = external_exports.enum([
   "zai-api-key",
   "vercel-ai-gateway",
   "openai-api-key",
-  "chatgpt-oauth-token",
+  "codex-oauth-token",
   "azure-foundry",
   "aws-bedrock",
   "vm0"
@@ -102916,9 +102932,9 @@ var modelProviderResponseSchema = external_exports.object({
   selectedModel: external_exports.string().nullable(),
   createdAt: external_exports.string(),
   updatedAt: external_exports.string(),
-  // ChatGPT-only metadata populated by the chatgpt-oauth-token callback.
+  // ChatGPT-only metadata populated by the codex-oauth-token callback.
   // Other provider types omit these. Mirrors the server-side connector
-  // shape in apps/web/src/lib/zero/connector/providers/chatgpt-oauth.ts.
+  // shape in apps/web/src/lib/zero/connector/providers/codex-oauth.ts.
   // The corresponding server route lands in #11909; declared here so the
   // platform UI does not have to bypass schema validation to read them.
   workspaceName: external_exports.string().nullable().optional(),
@@ -102990,6 +103006,21 @@ var persistedAttachmentSchema = external_exports.object({
   contentType: external_exports.string(),
   size: external_exports.number()
 });
+var pendingMessageSchema = external_exports.object({
+  content: external_exports.string().nullable(),
+  attachments: external_exports.array(persistedAttachmentSchema).nullable(),
+  createdAt: external_exports.string(),
+  updatedAt: external_exports.string()
+});
+var appendPendingMessageBodySchema = external_exports.object({
+  content: external_exports.string().min(1).optional(),
+  attachments: external_exports.array(persistedAttachmentSchema).min(1).optional()
+}).refine(
+  (body) => {
+    return body.content !== void 0 || body.attachments !== void 0;
+  },
+  { message: "content or attachments is required" }
+);
 var chatThreadListItemSchema = external_exports.object({
   id: external_exports.string(),
   title: external_exports.string().nullable(),
@@ -103089,6 +103120,7 @@ var chatThreadDetailSchema = external_exports.object({
   updatedAt: external_exports.string(),
   draftContent: external_exports.string().nullable().optional(),
   draftAttachments: external_exports.array(persistedAttachmentSchema).nullable().optional(),
+  pendingMessage: pendingMessageSchema.nullable().optional(),
   /**
    * Per-thread model override. Both fields set together or both null.
    * When set, the send route uses this combination (overriding the agent
@@ -103249,6 +103281,56 @@ var chatThreadRenameContract = c13.router({
     summary: "Rename a chat thread (suppresses automated title generation)"
   }
 });
+var chatThreadPendingMessageAppendContract = c13.router({
+  append: {
+    method: "POST",
+    path: "/api/zero/chat-threads/:id/pending-message/append",
+    headers: authHeadersSchema,
+    pathParams: external_exports.object({ id: external_exports.string() }),
+    body: appendPendingMessageBodySchema,
+    responses: {
+      200: external_exports.object({ pendingMessage: pendingMessageSchema }),
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Append submitted content to a chat thread pending message"
+  }
+});
+var chatThreadPendingMessageDeleteContract = c13.router({
+  delete: {
+    method: "DELETE",
+    path: "/api/zero/chat-threads/:id/pending-message",
+    headers: authHeadersSchema,
+    pathParams: external_exports.object({ id: external_exports.string() }),
+    body: c13.noBody(),
+    responses: {
+      204: c13.noBody(),
+      401: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Discard a chat thread pending message"
+  }
+});
+var chatThreadPendingMessageRecallContract = c13.router({
+  recall: {
+    method: "POST",
+    path: "/api/zero/chat-threads/:id/pending-message/recall",
+    headers: authHeadersSchema,
+    pathParams: external_exports.object({ id: external_exports.string() }),
+    body: c13.noBody(),
+    responses: {
+      200: external_exports.object({
+        draftContent: external_exports.string().nullable(),
+        draftAttachments: external_exports.array(persistedAttachmentSchema).nullable(),
+        pendingMessage: external_exports.null()
+      }),
+      401: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Recall a chat thread pending message back into the draft"
+  }
+});
 var chatMessagesContract = c13.router({
   send: {
     method: "POST",
@@ -103326,7 +103408,7 @@ var chatSearchContract = c13.router({
     headers: authHeadersSchema,
     query: external_exports.object({
       keyword: external_exports.string().min(1),
-      agent: external_exports.string().optional(),
+      agentId: external_exports.string().uuid().optional(),
       since: external_exports.coerce.number().optional(),
       limit: external_exports.coerce.number().min(1).max(50).default(20),
       before: external_exports.coerce.number().min(0).max(10).default(0),
@@ -103421,7 +103503,7 @@ async function searchZeroChat(options) {
   const result = await client.search({
     query: {
       keyword: options.keyword,
-      agent: options.agent,
+      agentId: options.agentId,
       since: options.since,
       limit: options.limit,
       before: options.before,
@@ -103504,7 +103586,7 @@ async function searchLogs(options) {
   const result = await client.searchLogs({
     query: {
       keyword: options.keyword,
-      agent: options.agent,
+      agentId: options.agentId,
       runId: options.runId,
       since: options.since,
       limit: options.limit,
@@ -105134,7 +105216,7 @@ async function listZeroLogs(options) {
   const client = initClient(logsListContract, config4);
   const result = await client.list({
     query: {
-      agent: options?.agent,
+      agentId: options?.agentId,
       status: options?.status,
       since: options?.since,
       limit: options?.limit,
@@ -105150,7 +105232,7 @@ async function searchZeroLogs(options) {
   const result = await client.searchLogs({
     query: {
       keyword: options.keyword,
-      agent: options.agent,
+      agentId: options.agentId,
       runId: options.runId,
       since: options.since,
       limit: options.limit,
@@ -105506,6 +105588,43 @@ async function generateWebVoice(options) {
   }
   return await response.json();
 }
+async function generateWebImage(options) {
+  const baseUrl = await getBaseUrl();
+  const token = await getActiveToken();
+  if (!token) {
+    throw new ApiRequestError("Not authenticated", "UNAUTHORIZED", 401);
+  }
+  const headers = {
+    Authorization: `Bearer ${token}`,
+    "Content-Type": "application/json"
+  };
+  const bypassSecret = process.env.VERCEL_AUTOMATION_BYPASS_SECRET;
+  if (bypassSecret) {
+    headers["x-vercel-protection-bypass"] = bypassSecret;
+  }
+  const response = await fetch(
+    new URL("/api/zero/image-io/generate", baseUrl),
+    {
+      method: "POST",
+      headers,
+      body: JSON.stringify({
+        prompt: options.prompt,
+        ...options.size ? { size: options.size } : {},
+        ...options.quality ? { quality: options.quality } : {},
+        ...options.background ? { background: options.background } : {},
+        ...options.outputFormat ? { outputFormat: options.outputFormat } : {}
+      })
+    }
+  );
+  if (!response.ok) {
+    const { message, code } = await parseErrorBody(
+      response,
+      "Failed to generate image"
+    );
+    throw new ApiRequestError(message, code, response.status);
+  }
+  return await response.json();
+}
 // src/lib/utils/prompt-utils.ts
 init_esm_shims();
@@ -120310,6 +120429,11 @@ var FEATURE_SWITCHES = {
     description: "Show an icon button in assistant message group actions that scrolls back to the start of that message group.",
     enabled: false
   },
+  ["queueMessage" /* QueueMessage */]: {
+    maintainer: "linghan@vm0.ai",
+    description: "Allow keyboard sends during an active chat thread run to append the draft to that thread's pending message queue.",
+    enabled: false
+  },
   ["chatThreadPin" /* ChatThreadPin */]: {
     maintainer: "ethan@vm0.ai",
     description: "Replace the sidebar's per-thread trash button with a kebab/pin menu that exposes Pin/Unpin and Delete. Pinned threads sort to the top of the agent's chat list. Mobile shows the menu trigger always; desktop shows it on hover.",
@@ -120373,7 +120497,7 @@ var FEATURE_SWITCHES = {
     enabled: false,
     enabledOrgIdHashes: STAFF_ORG_ID_HASHES
   },
-  ["chatgptOauthProvider" /* ChatgptOauthProvider */]: {
+  ["codexOauthProvider" /* CodexOauthProvider */]: {
     maintainer: "lancy@vm0.ai",
     description: "Gate the ChatGPT-OAuth model provider in zero web (Epic #11872). When off, the 'Connect ChatGPT' tile is hidden in the add-provider dialog, server routes that initiate the OAuth dance return 404, and stale-provider UX is bypassed. Staff-only during rollout; per-user toggle via Lab.",
     enabled: false,
@@ -121717,6 +121841,7 @@ export {
   downloadWebFile,
   uploadWebFile,
   generateWebVoice,
+  generateWebImage,
   getInstructionsStorageName,
   parseGitHubUrl,
   getInstructionsFilename,
@@ -121763,4 +121888,4 @@ undici/lib/web/fetch/body.js:
 undici/lib/web/websocket/frame.js:
   (*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
 */
-//# sourceMappingURL=chunk-MB6EHK2G.js.map
+//# sourceMappingURL=chunk-75VR4R5J.js.map