npm - @x-code-cli/core - Versions diffs - 0.2.9 → 0.3.0 - Mend

@x-code-cli/core 0.2.9 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (255) hide show

package/dist/agent/compression.d.ts +12 -2
package/dist/agent/compression.d.ts.map +1 -1
package/dist/agent/compression.js +51 -2
package/dist/agent/compression.js.map +1 -1
package/dist/agent/file-ingest.js +2 -2
package/dist/agent/file-ingest.js.map +1 -1
package/dist/agent/loop-state.d.ts +3 -2
package/dist/agent/loop-state.d.ts.map +1 -1
package/dist/agent/loop-state.js.map +1 -1
package/dist/agent/loop.d.ts.map +1 -1
package/dist/agent/loop.js +140 -9
package/dist/agent/loop.js.map +1 -1
package/dist/agent/memory-extractor.js +5 -5
package/dist/agent/memory-extractor.js.map +1 -1
package/dist/agent/plan-storage.js +1 -1
package/dist/agent/plan-storage.js.map +1 -1
package/dist/agent/sub-agents/index.d.ts +2 -1
package/dist/agent/sub-agents/index.d.ts.map +1 -1
package/dist/agent/sub-agents/index.js +1 -1
package/dist/agent/sub-agents/index.js.map +1 -1
package/dist/agent/sub-agents/loader.d.ts +13 -3
package/dist/agent/sub-agents/loader.d.ts.map +1 -1
package/dist/agent/sub-agents/loader.js +36 -9
package/dist/agent/sub-agents/loader.js.map +1 -1
package/dist/agent/sub-agents/registry.d.ts +18 -1
package/dist/agent/sub-agents/registry.d.ts.map +1 -1
package/dist/agent/sub-agents/registry.js +38 -5
package/dist/agent/sub-agents/registry.js.map +1 -1
package/dist/agent/sub-agents/runner.d.ts.map +1 -1
package/dist/agent/sub-agents/runner.js +45 -1
package/dist/agent/sub-agents/runner.js.map +1 -1
package/dist/agent/sub-agents/types.d.ts +4 -1
package/dist/agent/sub-agents/types.d.ts.map +1 -1
package/dist/agent/system-prompt.d.ts +21 -0
package/dist/agent/system-prompt.d.ts.map +1 -1
package/dist/agent/system-prompt.js +68 -2
package/dist/agent/system-prompt.js.map +1 -1
package/dist/agent/tool-execution.d.ts.map +1 -1
package/dist/agent/tool-execution.js +220 -1
package/dist/agent/tool-execution.js.map +1 -1
package/dist/commands/index.d.ts +6 -0
package/dist/commands/index.d.ts.map +1 -0
package/dist/commands/index.js +3 -0
package/dist/commands/index.js.map +1 -0
package/dist/commands/loader.d.ts +13 -0
package/dist/commands/loader.d.ts.map +1 -0
package/dist/commands/loader.js +93 -0
package/dist/commands/loader.js.map +1 -0
package/dist/commands/registry.d.ts +44 -0
package/dist/commands/registry.d.ts.map +1 -0
package/dist/commands/registry.js +102 -0
package/dist/commands/registry.js.map +1 -0
package/dist/commands/types.d.ts +23 -0
package/dist/commands/types.d.ts.map +1 -0
package/dist/commands/types.js +26 -0
package/dist/commands/types.js.map +1 -0
package/dist/config/index.d.ts +9 -0
package/dist/config/index.d.ts.map +1 -1
package/dist/config/index.js +12 -10
package/dist/config/index.js.map +1 -1
package/dist/hooks/bus.d.ts +54 -0
package/dist/hooks/bus.d.ts.map +1 -0
package/dist/hooks/bus.js +165 -0
package/dist/hooks/bus.js.map +1 -0
package/dist/hooks/config-schema.d.ts +854 -0
package/dist/hooks/config-schema.d.ts.map +1 -0
package/dist/hooks/config-schema.js +79 -0
package/dist/hooks/config-schema.js.map +1 -0
package/dist/hooks/executor.d.ts +16 -0
package/dist/hooks/executor.d.ts.map +1 -0
package/dist/hooks/executor.js +183 -0
package/dist/hooks/executor.js.map +1 -0
package/dist/hooks/index.d.ts +10 -0
package/dist/hooks/index.d.ts.map +1 -0
package/dist/hooks/index.js +6 -0
package/dist/hooks/index.js.map +1 -0
package/dist/hooks/registry.d.ts +23 -0
package/dist/hooks/registry.d.ts.map +1 -0
package/dist/hooks/registry.js +49 -0
package/dist/hooks/registry.js.map +1 -0
package/dist/hooks/types.d.ts +165 -0
package/dist/hooks/types.d.ts.map +1 -0
package/dist/hooks/types.js +25 -0
package/dist/hooks/types.js.map +1 -0
package/dist/hooks/variables.d.ts +22 -0
package/dist/hooks/variables.d.ts.map +1 -0
package/dist/hooks/variables.js +80 -0
package/dist/hooks/variables.js.map +1 -0
package/dist/index.d.ts +56 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +37 -1
package/dist/index.js.map +1 -1
package/dist/knowledge/auto-memory.d.ts +1 -1
package/dist/knowledge/auto-memory.d.ts.map +1 -1
package/dist/knowledge/auto-memory.js +10 -10
package/dist/knowledge/auto-memory.js.map +1 -1
package/dist/knowledge/loader.js +12 -12
package/dist/knowledge/loader.js.map +1 -1
package/dist/mcp/arg-parser.d.ts +49 -0
package/dist/mcp/arg-parser.d.ts.map +1 -0
package/dist/mcp/arg-parser.js +357 -0
package/dist/mcp/arg-parser.js.map +1 -0
package/dist/mcp/client.d.ts +73 -0
package/dist/mcp/client.d.ts.map +1 -0
package/dist/mcp/client.js +376 -0
package/dist/mcp/client.js.map +1 -0
package/dist/mcp/config-schema.d.ts +64 -0
package/dist/mcp/config-schema.d.ts.map +1 -0
package/dist/mcp/config-schema.js +86 -0
package/dist/mcp/config-schema.js.map +1 -0
package/dist/mcp/config-writer.d.ts +41 -0
package/dist/mcp/config-writer.d.ts.map +1 -0
package/dist/mcp/config-writer.js +138 -0
package/dist/mcp/config-writer.js.map +1 -0
package/dist/mcp/env-safety.d.ts +12 -0
package/dist/mcp/env-safety.d.ts.map +1 -0
package/dist/mcp/env-safety.js +80 -0
package/dist/mcp/env-safety.js.map +1 -0
package/dist/mcp/expand-env.d.ts +14 -0
package/dist/mcp/expand-env.d.ts.map +1 -0
package/dist/mcp/expand-env.js +52 -0
package/dist/mcp/expand-env.js.map +1 -0
package/dist/mcp/loader.d.ts +81 -0
package/dist/mcp/loader.d.ts.map +1 -0
package/dist/mcp/loader.js +223 -0
package/dist/mcp/loader.js.map +1 -0
package/dist/mcp/name-mangling.d.ts +11 -0
package/dist/mcp/name-mangling.d.ts.map +1 -0
package/dist/mcp/name-mangling.js +82 -0
package/dist/mcp/name-mangling.js.map +1 -0
package/dist/mcp/oauth/callback-server.d.ts +25 -0
package/dist/mcp/oauth/callback-server.d.ts.map +1 -0
package/dist/mcp/oauth/callback-server.js +118 -0
package/dist/mcp/oauth/callback-server.js.map +1 -0
package/dist/mcp/oauth/provider.d.ts +80 -0
package/dist/mcp/oauth/provider.d.ts.map +1 -0
package/dist/mcp/oauth/provider.js +292 -0
package/dist/mcp/oauth/provider.js.map +1 -0
package/dist/mcp/oauth/token-storage.d.ts +42 -0
package/dist/mcp/oauth/token-storage.d.ts.map +1 -0
package/dist/mcp/oauth/token-storage.js +121 -0
package/dist/mcp/oauth/token-storage.js.map +1 -0
package/dist/mcp/permissions.d.ts +28 -0
package/dist/mcp/permissions.d.ts.map +1 -0
package/dist/mcp/permissions.js +105 -0
package/dist/mcp/permissions.js.map +1 -0
package/dist/mcp/registry.d.ts +150 -0
package/dist/mcp/registry.d.ts.map +1 -0
package/dist/mcp/registry.js +334 -0
package/dist/mcp/registry.js.map +1 -0
package/dist/mcp/resources.d.ts +7 -0
package/dist/mcp/resources.d.ts.map +1 -0
package/dist/mcp/resources.js +40 -0
package/dist/mcp/resources.js.map +1 -0
package/dist/mcp/tool-bridge.d.ts +16 -0
package/dist/mcp/tool-bridge.d.ts.map +1 -0
package/dist/mcp/tool-bridge.js +56 -0
package/dist/mcp/tool-bridge.js.map +1 -0
package/dist/mcp/trust.d.ts +31 -0
package/dist/mcp/trust.d.ts.map +1 -0
package/dist/mcp/trust.js +103 -0
package/dist/mcp/trust.js.map +1 -0
package/dist/mcp/types.d.ts +73 -0
package/dist/mcp/types.d.ts.map +1 -0
package/dist/mcp/types.js +13 -0
package/dist/mcp/types.js.map +1 -0
package/dist/permissions/session-store.d.ts +13 -2
package/dist/permissions/session-store.d.ts.map +1 -1
package/dist/permissions/session-store.js +264 -62
package/dist/permissions/session-store.js.map +1 -1
package/dist/plugins/consent.d.ts +87 -0
package/dist/plugins/consent.d.ts.map +1 -0
package/dist/plugins/consent.js +181 -0
package/dist/plugins/consent.js.map +1 -0
package/dist/plugins/enable-state.d.ts +34 -0
package/dist/plugins/enable-state.d.ts.map +1 -0
package/dist/plugins/enable-state.js +159 -0
package/dist/plugins/enable-state.js.map +1 -0
package/dist/plugins/installer.d.ts +64 -0
package/dist/plugins/installer.d.ts.map +1 -0
package/dist/plugins/installer.js +416 -0
package/dist/plugins/installer.js.map +1 -0
package/dist/plugins/integration.d.ts +91 -0
package/dist/plugins/integration.d.ts.map +1 -0
package/dist/plugins/integration.js +233 -0
package/dist/plugins/integration.js.map +1 -0
package/dist/plugins/loader.d.ts +69 -0
package/dist/plugins/loader.d.ts.map +1 -0
package/dist/plugins/loader.js +243 -0
package/dist/plugins/loader.js.map +1 -0
package/dist/plugins/manifest.d.ts +23 -0
package/dist/plugins/manifest.d.ts.map +1 -0
package/dist/plugins/manifest.js +143 -0
package/dist/plugins/manifest.js.map +1 -0
package/dist/plugins/marketplace.d.ts +100 -0
package/dist/plugins/marketplace.d.ts.map +1 -0
package/dist/plugins/marketplace.js +529 -0
package/dist/plugins/marketplace.js.map +1 -0
package/dist/plugins/paths.d.ts +44 -0
package/dist/plugins/paths.d.ts.map +1 -0
package/dist/plugins/paths.js +89 -0
package/dist/plugins/paths.js.map +1 -0
package/dist/plugins/refresh.d.ts +61 -0
package/dist/plugins/refresh.d.ts.map +1 -0
package/dist/plugins/refresh.js +98 -0
package/dist/plugins/refresh.js.map +1 -0
package/dist/plugins/registry.d.ts +40 -0
package/dist/plugins/registry.d.ts.map +1 -0
package/dist/plugins/registry.js +80 -0
package/dist/plugins/registry.js.map +1 -0
package/dist/plugins/types.d.ts +225 -0
package/dist/plugins/types.d.ts.map +1 -0
package/dist/plugins/types.js +16 -0
package/dist/plugins/types.js.map +1 -0
package/dist/plugins/user-config.d.ts +22 -0
package/dist/plugins/user-config.d.ts.map +1 -0
package/dist/plugins/user-config.js +96 -0
package/dist/plugins/user-config.js.map +1 -0
package/dist/providers/cache-control.d.ts +9 -0
package/dist/providers/cache-control.d.ts.map +1 -1
package/dist/providers/cache-control.js +31 -4
package/dist/providers/cache-control.js.map +1 -1
package/dist/skills/loader.d.ts +19 -0
package/dist/skills/loader.d.ts.map +1 -0
package/dist/skills/loader.js +197 -0
package/dist/skills/loader.js.map +1 -0
package/dist/skills/registry.d.ts +74 -0
package/dist/skills/registry.d.ts.map +1 -0
package/dist/skills/registry.js +136 -0
package/dist/skills/registry.js.map +1 -0
package/dist/skills/settings.d.ts +13 -0
package/dist/skills/settings.d.ts.map +1 -0
package/dist/skills/settings.js +100 -0
package/dist/skills/settings.js.map +1 -0
package/dist/tools/activate-skill.d.ts +5 -0
package/dist/tools/activate-skill.d.ts.map +1 -0
package/dist/tools/activate-skill.js +33 -0
package/dist/tools/activate-skill.js.map +1 -0
package/dist/tools/index.d.ts +1 -1
package/dist/tools/todo-write.d.ts +1 -1
package/dist/tools/web-fetch.d.ts.map +1 -1
package/dist/tools/web-fetch.js +2 -1
package/dist/tools/web-fetch.js.map +1 -1
package/dist/types/index.d.ts +46 -1
package/dist/types/index.d.ts.map +1 -1
package/dist/types/index.js.map +1 -1
package/dist/utils.d.ts +23 -2
package/dist/utils.d.ts.map +1 -1
package/dist/utils.js +76 -20
package/dist/utils.js.map +1 -1
package/dist/version.d.ts +2 -0
package/dist/version.d.ts.map +1 -0
package/dist/version.js +47 -0
package/dist/version.js.map +1 -0
package/package.json +2 -1

package/dist/mcp/trust.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+export declare function isProjectTrusted(projectPath: string): Promise<boolean>;
+export declare function trustProject(projectPath: string): Promise<void>;
+export type TrustChoice = 'trust' | 'skip' | 'exit';
+/** Ask the user whether to trust the project's MCP config.
+ *
+ *  Caller passes a generic askUser callback (the same one the agent loop
+ *  uses for askUser tool calls) so trust prompts render in the same dialog
+ *  style as the rest of the UI. We show the actual command strings so the
+ *  user can audit what would run.
+ *
+ *  Returns:
+ *    'trust' — user accepted; caller should persist via trustProject(...)
+ *    'skip'  — load only user-level mcpServers
+ *    'exit'  — caller should terminate the CLI */
+export declare function promptForTrust(projectPath: string, serverSummaries: Array<{
+    name: string;
+    preview: string;
+}>, askUser: (question: string, options: Array<{
+    label: string;
+    description: string;
+}>) => Promise<string>): Promise<TrustChoice>;
+/** Build the one-line preview shown for each server in the trust dialog.
+ *  Stdio servers expose their full command + args; HTTP servers show the
+ *  URL. We intentionally don't truncate — the user needs to see the whole
+ *  thing to make an informed call. */
+export declare function buildServerPreview(config: {
+    command?: string;
+    args?: string[];
+    url?: string;
+}): string;
+//# sourceMappingURL=trust.d.ts.map

package/dist/mcp/trust.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"trust.d.ts","sourceRoot":"","sources":["../../src/mcp/trust.ts"],"names":[],"mappings":"AA8DA,wBAAsB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAI5E;AAED,wBAAsB,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAMrE;AAED,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,CAAA;AAEnD;;;;;;;;;;kDAUkD;AAClD,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,eAAe,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,EACzD,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,GACrG,OAAO,CAAC,WAAW,CAAC,CAiBtB;AAED;;;sCAGsC;AACtC,wBAAgB,kBAAkB,CAAC,MAAM,EAAE;IAAE,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAOtG"}

package/dist/mcp/trust.js ADDED Viewed

@@ -0,0 +1,103 @@
+// @x-code-cli/core — MCP project-level trust gate
+//
+// A `.x-code/config.json` checked into a git repo can declare MCP servers
+// with arbitrary `command` strings — i.e. cloning a hostile repo and
+// launching the CLI would silently spawn whatever that command says.
+// Before honouring any project-level mcpServers block, we therefore
+// require an explicit consent step keyed to the absolute project path.
+//
+// Persistence file: ~/.x-code/trusted-projects.json (mode 0600).
+// Format: { trusted: [{ path: <absolute>, trustedAt: <ISO> }, ...] }
+//
+// User config (~/.x-code/config.json) is NOT subject to this gate —
+// the user wrote it themselves; trust is implicit.
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { userXcodeDir } from '../utils.js';
+function trustedFile() {
+    return path.join(userXcodeDir(), 'trusted-projects.json');
+}
+/** Normalise a path for stable comparison across platforms.
+ *  Absolute + resolved + lowercased on Windows (case-insensitive FS),
+ *  preserved case on macOS/Linux. */
+function normalize(p) {
+    const resolved = path.resolve(p);
+    return process.platform === 'win32' ? resolved.toLowerCase() : resolved;
+}
+async function readStore() {
+    try {
+        const raw = await fs.readFile(trustedFile(), 'utf-8');
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed === 'object' && Array.isArray(parsed.trusted)) {
+            return parsed;
+        }
+    }
+    catch {
+        // missing file or malformed — start fresh
+    }
+    return { trusted: [] };
+}
+async function writeStore(store) {
+    await fs.mkdir(userXcodeDir(), { recursive: true });
+    // Atomic write: tmp + rename. Avoids a half-written file if the process
+    // is killed mid-write (the trust file is small but the principle holds —
+    // we never want a corrupted JSON to lock the user out of MCP).
+    const tmp = trustedFile() + '.tmp';
+    await fs.writeFile(tmp, JSON.stringify(store, null, 2) + '\n', { encoding: 'utf-8', mode: 0o600 });
+    await fs.rename(tmp, trustedFile());
+}
+export async function isProjectTrusted(projectPath) {
+    const normalized = normalize(projectPath);
+    const store = await readStore();
+    return store.trusted.some((e) => normalize(e.path) === normalized);
+}
+export async function trustProject(projectPath) {
+    const normalized = normalize(projectPath);
+    const store = await readStore();
+    if (store.trusted.some((e) => normalize(e.path) === normalized))
+        return;
+    store.trusted.push({ path: path.resolve(projectPath), trustedAt: new Date().toISOString() });
+    await writeStore(store);
+}
+/** Ask the user whether to trust the project's MCP config.
+ *
+ *  Caller passes a generic askUser callback (the same one the agent loop
+ *  uses for askUser tool calls) so trust prompts render in the same dialog
+ *  style as the rest of the UI. We show the actual command strings so the
+ *  user can audit what would run.
+ *
+ *  Returns:
+ *    'trust' — user accepted; caller should persist via trustProject(...)
+ *    'skip'  — load only user-level mcpServers
+ *    'exit'  — caller should terminate the CLI */
+export async function promptForTrust(projectPath, serverSummaries, askUser) {
+    const lines = serverSummaries.map((s) => `  • ${s.name}: ${s.preview}`).join('\n');
+    const question = `This project wants to load ${serverSummaries.length} MCP server(s):\n` +
+        lines +
+        `\n\nThese commands will run on your machine. Trust only if you trust this project.`;
+    const answer = await askUser(question, [
+        { label: 'Trust this project', description: 'Remember this choice. The project MCP servers will load.' },
+        { label: 'Skip project MCP', description: 'Use only user-level mcpServers for this session. No write to disk.' },
+        { label: 'Exit X-Code', description: 'Close the CLI without loading any MCP servers.' },
+    ]);
+    const lower = answer.toLowerCase();
+    if (lower.startsWith('trust'))
+        return 'trust';
+    if (lower.startsWith('exit'))
+        return 'exit';
+    return 'skip';
+}
+/** Build the one-line preview shown for each server in the trust dialog.
+ *  Stdio servers expose their full command + args; HTTP servers show the
+ *  URL. We intentionally don't truncate — the user needs to see the whole
+ *  thing to make an informed call. */
+export function buildServerPreview(config) {
+    if (config.url)
+        return config.url;
+    if (config.command) {
+        const parts = [config.command, ...(config.args ?? [])];
+        return parts.join(' ');
+    }
+    return '(invalid config)';
+}
+//# sourceMappingURL=trust.js.map

package/dist/mcp/trust.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"trust.js","sourceRoot":"","sources":["../../src/mcp/trust.ts"],"names":[],"mappings":"AAAA,kDAAkD;AAClD,EAAE;AACF,0EAA0E;AAC1E,qEAAqE;AACrE,qEAAqE;AACrE,oEAAoE;AACpE,uEAAuE;AACvE,EAAE;AACF,iEAAiE;AACjE,qEAAqE;AACrE,EAAE;AACF,oEAAoE;AACpE,mDAAmD;AACnD,OAAO,EAAE,MAAM,kBAAkB,CAAA;AACjC,OAAO,IAAI,MAAM,WAAW,CAAA;AAE5B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAE1C,SAAS,WAAW;IAClB,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,uBAAuB,CAAC,CAAA;AAC3D,CAAC;AAWD;;qCAEqC;AACrC,SAAS,SAAS,CAAC,CAAS;IAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;IAChC,OAAO,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAA;AACzE,CAAC;AAED,KAAK,UAAU,SAAS;IACtB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAA;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAA;QACzC,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAE,MAAuB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5F,OAAO,MAAsB,CAAA;QAC/B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,0CAA0C;IAC5C,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,CAAA;AACxB,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,KAAmB;IAC3C,MAAM,EAAE,CAAC,KAAK,CAAC,YAAY,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IACnD,wEAAwE;IACxE,yEAAyE;IACzE,+DAA+D;IAC/D,MAAM,GAAG,GAAG,WAAW,EAAE,GAAG,MAAM,CAAA;IAClC,MAAM,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;IAClG,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,WAAW,EAAE,CAAC,CAAA;AACrC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,WAAmB;IACxD,MAAM,UAAU,GAAG,SAAS,CAAC,WAAW,CAAC,CAAA;IACzC,MAAM,KAAK,GAAG,MAAM,SAAS,EAAE,CAAA;IAC/B,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,UAAU,CAAC,CAAA;AACpE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,WAAmB;IACpD,MAAM,UAAU,GAAG,SAAS,CAAC,WAAW,CAAC,CAAA;IACzC,MAAM,KAAK,GAAG,MAAM,SAAS,EAAE,CAAA;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,UAAU,CAAC;QAAE,OAAM;IACvE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;IAC5F,MAAM,UAAU,CAAC,KAAK,CAAC,CAAA;AACzB,CAAC;AAID;;;;;;;;;;kDAUkD;AAClD,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,WAAmB,EACnB,eAAyD,EACzD,OAAsG;IAEtG,MAAM,KAAK,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAClF,MAAM,QAAQ,GACZ,8BAA8B,eAAe,CAAC,MAAM,mBAAmB;QACvE,KAAK;QACL,oFAAoF,CAAA;IAEtF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE;QACrC,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,0DAA0D,EAAE;QACxG,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,oEAAoE,EAAE;QAChH,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,gDAAgD,EAAE;KACxF,CAAC,CAAA;IAEF,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAA;IAClC,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAA;IAC7C,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAA;IAC3C,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;sCAGsC;AACtC,MAAM,UAAU,kBAAkB,CAAC,MAA2D;IAC5F,IAAI,MAAM,CAAC,GAAG;QAAE,OAAO,MAAM,CAAC,GAAG,CAAA;IACjC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAA;QACtD,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IACD,OAAO,kBAAkB,CAAA;AAC3B,CAAC"}

package/dist/mcp/types.d.ts ADDED Viewed

@@ -0,0 +1,73 @@
+/** stdio-based MCP server (local subprocess). */
+export interface McpStdioServerConfig {
+    command: string;
+    args?: string[];
+    env?: Record<string, string>;
+    cwd?: string;
+    /** First-connect timeout in ms. Default 30_000. */
+    timeout?: number;
+    /** Default true. Setting to false skips the server entirely. */
+    enabled?: boolean;
+}
+/** Streamable HTTP MCP server (remote). */
+export interface McpHttpServerConfig {
+    url: string;
+    /** Static headers attached to every request (e.g. `X-Custom: foo`).
+     *  OAuth `Authorization: Bearer ...` is added automatically — do NOT put
+     *  the access token here, store it via the OAuth flow instead. */
+    headers?: Record<string, string>;
+    timeout?: number;
+    enabled?: boolean;
+}
+export type McpServerConfig = McpStdioServerConfig | McpHttpServerConfig;
+/** Discriminator: tells stdio vs http servers apart at runtime. */
+export declare function isStdioConfig(c: McpServerConfig): c is McpStdioServerConfig;
+export declare function isHttpConfig(c: McpServerConfig): c is McpHttpServerConfig;
+/** Per-server runtime status. UI reads this via /mcp list. */
+export type McpServerStatus = {
+    kind: 'disabled';
+} | {
+    kind: 'connecting';
+} | {
+    kind: 'connected';
+    toolCount: number;
+    resourceCount: number;
+} | {
+    kind: 'needs_auth';
+    authUrl?: string;
+} | {
+    kind: 'failed';
+    error: string;
+};
+/** One MCP tool, after name-mangling.
+ *
+ *  callableName is the model-facing name (<server>__<tool>);
+ *  rawName is what we pass back to client.callTool — MCP servers don't
+ *  know about our prefix scheme. */
+export interface McpToolEntry {
+    callableName: string;
+    rawName: string;
+    serverName: string;
+    description: string;
+    /** JSON Schema as received from the server. We pass it directly to the
+     *  AI SDK via `jsonSchema(...)` — no zod conversion. */
+    inputSchema: Record<string, unknown>;
+}
+/** One MCP resource (data the server lets us pull). */
+export interface McpResourceEntry {
+    uri: string;
+    name: string;
+    description?: string;
+    mimeType?: string;
+    serverName: string;
+}
+/** Result of calling an MCP tool — flattened from MCP's content-blocks
+ *  into something we can shove into a tool_result message. The raw blocks
+ *  are kept on the side in case a future UI wants images/audio. */
+export interface McpCallResult {
+    /** Text representation suitable for tool_result. */
+    text: string;
+    /** True iff the server marked the call as an error (MCP `isError` flag). */
+    isError: boolean;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/mcp/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/mcp/types.ts"],"names":[],"mappings":"AAMA,iDAAiD;AACjD,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,mDAAmD;IACnD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gEAAgE;IAChE,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,2CAA2C;AAC3C,MAAM,WAAW,mBAAmB;IAClC,GAAG,EAAE,MAAM,CAAA;IACX;;sEAEkE;IAClE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAChC,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,MAAM,eAAe,GAAG,oBAAoB,GAAG,mBAAmB,CAAA;AAExE,mEAAmE;AACnE,wBAAgB,aAAa,CAAC,CAAC,EAAE,eAAe,GAAG,CAAC,IAAI,oBAAoB,CAE3E;AACD,wBAAgB,YAAY,CAAC,CAAC,EAAE,eAAe,GAAG,CAAC,IAAI,mBAAmB,CAEzE;AAED,8DAA8D;AAC9D,MAAM,MAAM,eAAe,GACvB;IAAE,IAAI,EAAE,UAAU,CAAA;CAAE,GACpB;IAAE,IAAI,EAAE,YAAY,CAAA;CAAE,GACtB;IAAE,IAAI,EAAE,WAAW,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,GAC/D;IAAE,IAAI,EAAE,YAAY,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,GACxC;IAAE,IAAI,EAAE,QAAQ,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAA;AAErC;;;;oCAIoC;AACpC,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,MAAM,CAAA;IACnB;4DACwD;IACxD,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACrC;AAED,uDAAuD;AACvD,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;mEAEmE;AACnE,MAAM,WAAW,aAAa;IAC5B,oDAAoD;IACpD,IAAI,EAAE,MAAM,CAAA;IACZ,4EAA4E;IAC5E,OAAO,EAAE,OAAO,CAAA;CACjB"}

package/dist/mcp/types.js ADDED Viewed

@@ -0,0 +1,13 @@
+// @x-code-cli/core — MCP public types
+//
+// Shared shapes used across the mcp/ subsystem. Kept dependency-free so the
+// loader/registry/UI layers can import without circular hops back into the
+// agent loop or CLI.
+/** Discriminator: tells stdio vs http servers apart at runtime. */
+export function isStdioConfig(c) {
+    return 'command' in c;
+}
+export function isHttpConfig(c) {
+    return 'url' in c;
+}
+//# sourceMappingURL=types.js.map

package/dist/mcp/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/mcp/types.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,EAAE;AACF,4EAA4E;AAC5E,2EAA2E;AAC3E,qBAAqB;AA2BrB,mEAAmE;AACnE,MAAM,UAAU,aAAa,CAAC,CAAkB;IAC9C,OAAO,SAAS,IAAI,CAAC,CAAA;AACvB,CAAC;AACD,MAAM,UAAU,YAAY,CAAC,CAAkB;IAC7C,OAAO,KAAK,IAAI,CAAC,CAAA;AACnB,CAAC"}

package/dist/permissions/session-store.d.ts CHANGED Viewed

@@ -5,12 +5,20 @@ export interface AllowRule {
 }
 /**
  * Extract a command prefix suitable for prefix-match rules.
- * Returns `null` when no meaningful prefix can be derived.
+ * Returns `null` when no meaningful prefix can be safely derived —
+ * callers fall back to exact-match.
  *
  *   'git commit -m "fix"'                                    → 'git commit'
+ *   'git -C /tmp commit -m fix'                              → 'git commit'
+ *   'docker -H tcp://host:2375 ps'                           → 'docker ps'
+ *   'kubectl -n prod get pods'                               → 'kubectl get'
+ *   'cargo +nightly build --release'                         → 'cargo build'
  *   'pnpm run build'                                         → 'pnpm run'
  *   'npm install lodash'                                     → 'npm install'
  *   'NODE_ENV=prod npm run dev'                              → 'npm run'
+ *   'FOO=1 git status'                                       → null   (unsafe env)
+ *   'sudo npm install'                                       → null   (wrapper)
+ *   'bash -c "git status"'                                   → null   (wrapper)
  *   'powershell -Command "Get-CimInstance ..."'              → 'Get-CimInstance'
  *   'powershell -NoProfile -Command "Get-CimInstance ..."'   → 'Get-CimInstance'
  *   'powershell -ExecutionPolicy Bypass -c "git status"'     → 'git'
@@ -32,8 +40,11 @@ export declare function extractCommandPrefix(command: string): string | null;
  *   the prefix regex; without this fallback the user gets only Yes/No
  *   forever for repeated identical commands).
  * Write tools (writeFile / edit): `all edits this session` (session-only)
+ * MCP tools (isMcp=true):         `this MCP tool` (persisted to disk via
+ *   McpPermissionStore — the label matches that posture, unlike write
+ *   tools which fall back to session-only).
  */
-export declare function suggestRuleLabel(toolName: string, input: Record<string, unknown>): string | null;
+export declare function suggestRuleLabel(toolName: string, input: Record<string, unknown>, isMcp?: boolean): string | null;
 /**
  * Build the AllowRule for a "don't ask again" approval.
  *

package/dist/permissions/session-store.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../src/permissions/session-store.ts"],"names":[],"mappings":"AAWA,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAA;CAClC;~~AAgBD;;;;;;;;;;;;;;;GAeG~~;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,~~CA0DnE~~;~~AAED;;;;;;;;;;;;GAYG~~;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,GAAG,IAAI,~~CAShG~~;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC7B;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,~~CAc9C~~;~~AA2ED~~,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAEzD;AAED,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAE3F;AAED,wBAAgB,iBAAiB,IAAI,IAAI,CAExC;AAID;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAoBpD;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CA+B9D"}
1	+ {"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../src/permissions/session-store.ts"],"names":[],"mappings":"AAWA,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAA;CAClC;AA4ID;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CA+CnE;AAyED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,UAAQ,GAAG,MAAM,GAAG,IAAI,CAU/G;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC7B;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,CAgB9C;AA8ED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,SAAS,GAAG,IAAI,CAEzD;AAED,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAE3F;AAED,wBAAgB,iBAAiB,IAAI,IAAI,CAExC;AAID;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAoBpD;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,GAAG,IAAI,CA+B9D"}