caplets 0.14.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +41 -5
  2. package/dist/index.js +31425 -33638
  3. package/package.json +2 -2
package/README.md CHANGED
@@ -103,6 +103,39 @@ The Claude Code and Codex commands install from this GitHub repository through e
103
103
  plugin marketplace flow; users do not need to clone the repository manually. Plugin MCP
104
104
  configs run `caplets serve` directly, so install the Caplets CLI globally first.
105
105
 
106
+ ### Remote Caplets service
107
+
108
+ OpenCode and Pi can use native `caplets_<id>` tools backed by a remote Caplets HTTP service. Codex, Claude Code, and any MCP client can connect to the same remote MCP endpoint directly.
109
+
110
+ Start a local HTTP service. `--path` is the service base path; Caplets mounts MCP,
111
+ control, and health endpoints underneath it:
112
+
113
+ ```sh
114
+ CAPLETS_SERVER_URL=http://127.0.0.1:5387/caplets \
115
+ CAPLETS_SERVER_PASSWORD=... \
116
+ caplets serve --transport http
117
+ ```
118
+
119
+ With `CAPLETS_SERVER_URL=http://127.0.0.1:5387/caplets`, the derived endpoints are:
120
+
121
+ - MCP: `http://127.0.0.1:5387/caplets/mcp`
122
+ - Control: `http://127.0.0.1:5387/caplets/control`
123
+ - Health: `http://127.0.0.1:5387/caplets/healthz`
124
+
125
+ `caplets serve --transport http` serves plain HTTP. For non-loopback or network access, expose it only through HTTPS/TLS (for example, a reverse proxy or secure tunnel) and enable Basic Auth; Basic Auth over plain HTTP exposes credentials. Keep credentials out of plugin manifests.
126
+
127
+ Native integrations and remote-capable CLI commands read remote client settings from environment variables:
128
+
129
+ ```sh
130
+ CAPLETS_MODE=remote \
131
+ CAPLETS_SERVER_URL=https://caplets.example.com/caplets \
132
+ CAPLETS_SERVER_USER=caplets \
133
+ CAPLETS_SERVER_PASSWORD=... \
134
+ opencode
135
+ ```
136
+
137
+ For MCP-backed Codex or Claude Code configs, point the agent's MCP server entry at the derived `/mcp` URL using that agent's supported HTTP MCP configuration. If Basic Auth is needed, use the agent's secure secret or environment interpolation mechanism rather than hardcoding credentials.
138
+
106
139
  ## Convert Existing Tooling
107
140
 
108
141
  Caplets is designed to convert what you already use into agent-friendly capability domains.
@@ -778,11 +811,14 @@ For headless terminals:
778
811
  caplets auth login <server> --no-open
779
812
  ```
780
813
 
781
- OAuth/OIDC tokens are stored under `${XDG_STATE_HOME:-~/.local/state}/caplets/auth/<server>.json`
782
- on Unix-like platforms and `%LOCALAPPDATA%\caplets\auth\<server>.json` on Windows.
783
- Token files use owner-only file permissions where the platform supports them. Caplets supports
784
- well-known OAuth/OIDC discovery and dynamic client registration when advertised. When a token expires,
785
- run `caplets auth login <server>` again.
814
+ In local mode, OAuth/OIDC tokens are stored under
815
+ `${XDG_STATE_HOME:-~/.local/state}/caplets/auth/<server>.json` on Unix-like platforms and
816
+ `%LOCALAPPDATA%\caplets\auth\<server>.json` on Windows. Token files use owner-only file
817
+ permissions where the platform supports them. In `CAPLETS_MODE=remote`, `caplets auth list`,
818
+ `caplets auth login <server>`, and `caplets auth logout <server>` operate on the configured Caplets
819
+ server instead. Downstream OAuth/OIDC credentials are stored server-side and are not returned to the
820
+ local client. Caplets supports well-known OAuth/OIDC discovery and dynamic client registration when
821
+ advertised. When a token expires, run `caplets auth login <server>` again.
786
822
 
787
823
  To inspect or remove stored OAuth credentials:
788
824