augure 0.7.1 → 0.8.0

package/dist/bin.js

@@ -276,6 +276,10 @@ var AppConfigSchema = z.object({
     runtime: z.enum(["vm", "docker", "auto"]).default("auto"),
     timeout: z.number().int().positive().default(30),
     memoryLimit: z.number().int().positive().default(128)
+  }).optional(),
+  approval: z.object({
+    enabled: z.boolean(),
+    timeoutMs: z.number().int().positive().default(12e4)
   }).optional()
 });
 function interpolateEnvVars(raw) {
@@ -622,7 +626,7 @@ var VmExecutor = class {
 
 // ../code-mode/dist/docker-sandbox.js
 var DOCKER_HARNESS = `
-import { readFile } from "node:fs/promises";
+import { readFile, writeFile, unlink } from "node:fs/promises";
 
 const __logs = [];
 const __originalLog = console.log;
@@ -631,12 +635,28 @@ console.warn = (...args) => __logs.push("[warn] " + args.map(String).join(" "));
 console.error = (...args) => __logs.push("[error] " + args.map(String).join(" "));
 
 let __toolCalls = 0;
+let __reqId = 0;
 
+const __BRIDGE_TIMEOUT = 120_000;
 const api = new Proxy({}, {
   get: (_target, toolName) => {
-    return async () => {
+    return async (args) => {
       __toolCalls++;
-      return { success: false, output: "Tool calls not yet supported in Docker executor" };
+      const id = String(++__reqId);
+      const reqPath = \`/workspace/.bridge-req-\${id}.json\`;
+      const respPath = \`/workspace/.bridge-resp-\${id}.json\`;
+      await writeFile(reqPath, JSON.stringify({ id, tool: String(toolName), args }));
+      const deadline = Date.now() + __BRIDGE_TIMEOUT;
+      while (Date.now() < deadline) {
+        try {
+          const data = await readFile(respPath, "utf-8");
+          await unlink(respPath);
+          return JSON.parse(data);
+        } catch {
+          await new Promise(r => setTimeout(r, 50));
+        }
+      }
+      throw new Error(\`Bridge timeout: tool "\${String(toolName)}" did not respond within \${__BRIDGE_TIMEOUT}ms\`);
     };
   }
 });
@@ -663,11 +683,37 @@ try {
   }));
 }
 `;
+function sleep(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
+function parseFiles(stdout) {
+  return stdout.split("\n").map((l) => l.trim()).filter((l) => l.startsWith("/workspace/.bridge-req-") && l.endsWith(".json"));
+}
 var DockerExecutor = class {
   config;
   constructor(config) {
     this.config = config;
   }
+  async pollBridge(container, abortSignal) {
+    while (!abortSignal.aborted) {
+      try {
+        const ls = await container.exec("ls /workspace/.bridge-req-*.json 2>/dev/null || true");
+        const files = parseFiles(ls.stdout);
+        for (const reqFile of files) {
+          const reqJson = await container.exec(`cat ${reqFile}`);
+          const req = JSON.parse(reqJson.stdout);
+          const result = await this.config.registry.execute(req.tool, req.args);
+          const respFile = reqFile.replace("bridge-req", "bridge-resp");
+          const respB64 = Buffer.from(JSON.stringify(result)).toString("base64");
+          const tmpFile = `${respFile}.tmp`;
+          await container.exec(`sh -c 'echo "${respB64}" | base64 -d > ${tmpFile} && mv ${tmpFile} ${respFile}'`);
+          await container.exec(`rm ${reqFile}`);
+        }
+      } catch {
+      }
+      await sleep(100);
+    }
+  }
   async execute(code) {
     const start = Date.now();
     let container;
@@ -694,10 +740,14 @@ var DockerExecutor = class {
       await container.exec(`sh -c 'echo "${codeB64}" | base64 -d > /workspace/user-code.js'`);
       const harnessB64 = Buffer.from(DOCKER_HARNESS).toString("base64");
       await container.exec(`sh -c 'echo "${harnessB64}" | base64 -d > /workspace/harness.ts'`);
+      const abortController = new AbortController();
+      const bridgePromise = this.pollBridge(container, abortController.signal);
       const execResult = await container.exec("npx tsx /workspace/harness.ts", {
         timeout: this.config.timeout,
         cwd: "/workspace"
       });
+      abortController.abort();
+      await bridgePromise;
       if (execResult.exitCode === 0 && execResult.stdout.trim()) {
         try {
           const lastLine = execResult.stdout.trim().split("\n").pop();
@@ -952,6 +1002,18 @@ var Agent = class {
       for (const toolCall of response.toolCalls) {
         const toolStart = Date.now();
         this.log.debug(`Tool: ${toolCall.name}`);
+        const registeredTool = this.config.tools.get(toolCall.name);
+        if (registeredTool?.riskLevel === "high" && this.config.approvalGate) {
+          const approved = await this.config.approvalGate.request(incoming.userId, toolCall.name, toolCall.arguments);
+          if (!approved) {
+            history.push({
+              role: "tool",
+              content: "Tool call rejected by user.",
+              toolCallId: toolCall.id
+            });
+            continue;
+          }
+        }
         let result;
         if (codeModeTool && toolCall.name === "execute_code") {
           result = await codeModeTool.execute(toolCall.arguments, {});
@@ -1166,6 +1228,60 @@ var ContextGuard = class {
   }
 };
 
+// ../core/dist/approval.js
+import { randomUUID } from "crypto";
+var ApprovalGate = class {
+  pending = /* @__PURE__ */ new Map();
+  channel;
+  timeoutMs;
+  log;
+  constructor(config) {
+    this.channel = config.channel;
+    this.timeoutMs = config.timeoutMs ?? 12e4;
+    this.log = config.logger ?? noopLogger;
+    if (this.channel.onApprovalResponse) {
+      this.channel.onApprovalResponse((response) => {
+        const entry = this.pending.get(response.requestId);
+        if (entry) {
+          this.pending.delete(response.requestId);
+          entry.resolve(response.approved);
+        }
+      });
+    }
+  }
+  async request(userId, toolName, args) {
+    if (!this.channel.sendApprovalRequest) {
+      this.log.warn(`Channel does not support approval requests \u2014 auto-approving ${toolName}`);
+      return true;
+    }
+    const requestId = randomUUID();
+    const argsStr = JSON.stringify(args, null, 2);
+    const text = `Tool "${toolName}" requires approval.
+
+Arguments:
+${argsStr}`;
+    const buttons = [
+      { label: "Approve", callbackData: `approve:${requestId}` },
+      { label: "Reject", callbackData: `reject:${requestId}` }
+    ];
+    const resultPromise = new Promise((resolve5) => {
+      const timer = setTimeout(() => {
+        this.pending.delete(requestId);
+        this.log.warn(`Approval timed out for ${toolName} (request ${requestId})`);
+        resolve5(false);
+      }, this.timeoutMs);
+      this.pending.set(requestId, {
+        resolve: (approved) => {
+          clearTimeout(timer);
+          resolve5(approved);
+        }
+      });
+    });
+    await this.channel.sendApprovalRequest(userId, text, buttons, requestId);
+    return resultPromise;
+  }
+};
+
 // ../core/dist/logger.js
 import { styleText } from "util";
 var LEVELS = {
@@ -1217,7 +1333,7 @@ function createLogger(opts = {}) {
 }
 
 // ../channels/dist/telegram/telegram.js
-import { Bot } from "grammy";
+import { Bot, InlineKeyboard } from "grammy";
 
 // ../channels/dist/pipeline.js
 function createOutgoingPipeline(middlewares, send) {
@@ -1435,6 +1551,7 @@ var TelegramChannel = class {
   bot;
   allowedUsers;
   handlers = [];
+  approvalHandlers = [];
   sendPipeline;
   log;
   constructor(config) {
@@ -1463,6 +1580,31 @@ var TelegramChannel = class {
       }
     });
     registerMediaHandlers(this.bot, (id) => this.isUserAllowed(id), this.handlers, (userId, ts) => this.handleRejected(userId, Math.floor(ts.getTime() / 1e3), config.rejectMessage));
+    this.bot.on("callback_query:data", async (ctx) => {
+      if (!this.isUserAllowed(ctx.from.id)) {
+        await ctx.answerCallbackQuery({ text: "Not authorized" });
+        return;
+      }
+      const data = ctx.callbackQuery.data;
+      const match = /^(approve|reject):(.+)$/.exec(data);
+      if (!match)
+        return;
+      const [, action, requestId] = match;
+      const approved = action === "approve";
+      const userId = String(ctx.from.id);
+      await ctx.answerCallbackQuery({ text: approved ? "Approved" : "Rejected" });
+      try {
+        await ctx.editMessageReplyMarkup({ reply_markup: void 0 });
+        const originalText = ctx.callbackQuery.message && "text" in ctx.callbackQuery.message ? ctx.callbackQuery.message.text ?? "" : "";
+        await ctx.editMessageText(`${originalText}
+
+${approved ? "Approved" : "Rejected"}`);
+      } catch {
+      }
+      for (const handler2 of this.approvalHandlers) {
+        handler2({ requestId, approved, userId });
+      }
+    });
     const convertAndSend = async (msg) => {
       const htmlText = markdownToTelegramHtml(msg.text);
       const replyOpts = msg.replyTo ? { reply_parameters: { message_id: Number(msg.replyTo) } } : {};
@@ -1500,6 +1642,18 @@ var TelegramChannel = class {
   async send(message) {
     await this.sendPipeline(message);
   }
+  async sendApprovalRequest(userId, text, buttons, _requestId) {
+    const keyboard = new InlineKeyboard();
+    for (const btn of buttons) {
+      keyboard.text(btn.label, btn.callbackData);
+    }
+    await this.bot.api.sendMessage(Number(userId), text, {
+      reply_markup: keyboard
+    });
+  }
+  onApprovalResponse(handler2) {
+    this.approvalHandlers.push(handler2);
+  }
 };
 
 // ../tools/dist/registry.js
@@ -2207,6 +2361,7 @@ var emailTool = {
 var sandboxExecTool = {
   name: "sandbox_exec",
   description: "Execute a shell command in an isolated Docker container. Returns stdout, stderr, and exit code.",
+  riskLevel: "high",
   parameters: {
     type: "object",
     properties: {
@@ -2280,6 +2435,7 @@ function shellEscape(s) {
 var opencodeTool = {
   name: "opencode",
   description: "Run a code agent (claude-code, opencode, codex CLI) in a Docker container to perform a coding task.",
+  riskLevel: "high",
   configCheck: (ctx) => ctx.config.sandbox.codeAgent ? null : "This tool requires sandbox.codeAgent configuration. See https://augure.dev/docs/sandbox",
   parameters: {
     type: "object",
@@ -8351,6 +8507,7 @@ function createSkillTools(deps) {
   const manageSkillTool = {
     name: "manage_skill",
     description: "Manage a skill: pause, resume, or delete it",
+    riskLevel: "high",
     parameters: {
       type: "object",
       properties: {
@@ -8904,6 +9061,15 @@ async function startAgent(configPath, opts) {
     reservedForOutput: config.llm.default.maxTokens ?? 8192
   });
   const systemPrompt = config.skills ? BASE_SYSTEM_PROMPT + SKILLS_PROMPT : BASE_SYSTEM_PROMPT;
+  const activeChannel = telegram;
+  const approvalGate = config.approval?.enabled && activeChannel ? new ApprovalGate({
+    channel: activeChannel,
+    timeoutMs: config.approval.timeoutMs,
+    logger: log.child("approval")
+  }) : void 0;
+  if (approvalGate) {
+    log.info(`Approval gate enabled (timeout: ${config.approval.timeoutMs ?? 12e4}ms)`);
+  }
   const agent = new Agent({
     llm,
     tools,
@@ -8915,8 +9081,51 @@ async function startAgent(configPath, opts) {
     guard,
     modelName: config.llm.default.model,
     logger: log.child("agent"),
-    codeModeExecutor
+    codeModeExecutor,
+    approvalGate
   });
+  const heartbeatIntervalMs = parseInterval(config.scheduler.heartbeatInterval);
+  const heartbeat = new Heartbeat({
+    llm: monitoringLLM,
+    memory,
+    intervalMs: heartbeatIntervalMs,
+    logger: log.child("heartbeat"),
+    onAction: async (action) => {
+      log.info(`Heartbeat action: ${action}`);
+      const response = await agent.handleMessage({
+        id: `heartbeat-${Date.now()}`,
+        channelType: "system",
+        userId: "system",
+        text: `[Heartbeat] ${action}`,
+        timestamp: /* @__PURE__ */ new Date()
+      });
+      log.debug(`Heartbeat response: ${response.slice(0, 200)}`);
+    }
+  });
+  scheduler.onJobTrigger(async (job) => {
+    log.info(`Job triggered: ${job.id}`);
+    const response = await agent.handleMessage({
+      id: `job-${job.id}-${Date.now()}`,
+      channelType: "system",
+      userId: "system",
+      text: job.prompt,
+      timestamp: /* @__PURE__ */ new Date()
+    });
+    if (telegram && config.channels.telegram?.enabled) {
+      const userId = config.channels.telegram.allowedUsers[0];
+      if (userId !== void 0) {
+        await telegram.send({
+          channelType: "telegram",
+          userId: String(userId),
+          text: response
+        });
+      }
+    }
+    log.debug(`Job ${job.id} completed`);
+  });
+  scheduler.start();
+  heartbeat.start();
+  log.info(`Scheduler started: ${scheduler.listJobs().length} jobs, heartbeat every ${config.scheduler.heartbeatInterval}`);
   if (config.channels.telegram?.enabled) {
     const telegramLog = log.child("telegram");
     telegram = new TelegramChannel({
@@ -8964,51 +9173,8 @@ async function startAgent(configPath, opts) {
         });
       }
     });
-    await tg.start();
-    log.info("Telegram bot started");
+    log.info("Telegram bot starting...");
   }
-  const heartbeatIntervalMs = parseInterval(config.scheduler.heartbeatInterval);
-  const heartbeat = new Heartbeat({
-    llm: monitoringLLM,
-    memory,
-    intervalMs: heartbeatIntervalMs,
-    logger: log.child("heartbeat"),
-    onAction: async (action) => {
-      log.info(`Heartbeat action: ${action}`);
-      const response = await agent.handleMessage({
-        id: `heartbeat-${Date.now()}`,
-        channelType: "system",
-        userId: "system",
-        text: `[Heartbeat] ${action}`,
-        timestamp: /* @__PURE__ */ new Date()
-      });
-      log.debug(`Heartbeat response: ${response.slice(0, 200)}`);
-    }
-  });
-  scheduler.onJobTrigger(async (job) => {
-    log.info(`Job triggered: ${job.id}`);
-    const response = await agent.handleMessage({
-      id: `job-${job.id}-${Date.now()}`,
-      channelType: "system",
-      userId: "system",
-      text: job.prompt,
-      timestamp: /* @__PURE__ */ new Date()
-    });
-    if (telegram && config.channels.telegram?.enabled) {
-      const userId = config.channels.telegram.allowedUsers[0];
-      if (userId !== void 0) {
-        await telegram.send({
-          channelType: "telegram",
-          userId: String(userId),
-          text: response
-        });
-      }
-    }
-    log.debug(`Job ${job.id} completed`);
-  });
-  scheduler.start();
-  heartbeat.start();
-  log.info(`Scheduler started: ${scheduler.listJobs().length} jobs, heartbeat every ${config.scheduler.heartbeatInterval}`);
   const updateTimers = [];
   if (skillUpdater && config.updates?.skills?.checkInterval) {
     const su = skillUpdater;
@@ -9070,6 +9236,9 @@ Run: \`npm update -g augure\``
   };
   process.on("SIGINT", shutdown);
   process.on("SIGTERM", shutdown);
+  if (telegram) {
+    await telegram.start();
+  }
 }
 
 // src/commands/start.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "augure",
-  "version": "0.7.1",
+  "version": "0.8.0",
   "description": "Augure — your proactive AI agent",
   "type": "module",
   "bin": {
@@ -29,14 +29,14 @@
     "@types/dockerode": "^4.0.1",
     "@types/node-cron": "^3.0.11",
     "tsup": "^8.5.1",
-    "@augure/channels": "0.1.4",
-    "@augure/core": "0.7.0",
-    "@augure/sandbox": "0.1.3",
-    "@augure/scheduler": "0.1.3",
-    "@augure/memory": "0.0.6",
-    "@augure/skills": "0.1.4",
-    "@augure/tools": "0.4.0",
-    "@augure/types": "0.4.0"
+    "@augure/channels": "0.2.0",
+    "@augure/core": "0.8.0",
+    "@augure/memory": "0.0.7",
+    "@augure/scheduler": "0.1.5",
+    "@augure/sandbox": "0.1.4",
+    "@augure/skills": "0.1.5",
+    "@augure/tools": "0.4.1",
+    "@augure/types": "0.5.0"
   },
   "keywords": [
     "ai",