npm - clementine-agent - Versions diffs - 1.11.0 → 1.11.2 - Mend

clementine-agent 1.11.0 → 1.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/cli/dashboard.js +4 -4
package/dist/integrations/composio/client.js +36 -30
package/dist/integrations/composio/mcp-bridge.js +13 -19
package/package.json +1 -1

package/dist/cli/dashboard.js CHANGED Viewed

@@ -25849,9 +25849,10 @@ async function saveComposioApiKey() {
 async function connectComposio(slug) {
   try {
-    var res = await fetch('/api/composio/toolkits/' + encodeURIComponent(slug) + '/authorize', {
+    // Use apiFetch (not raw fetch) so the Authorization: Bearer header is
+    // attached — the /api/* middleware rejects unauth'd POSTs with 401.
+    var res = await apiFetch('/api/composio/toolkits/' + encodeURIComponent(slug) + '/authorize', {
       method: 'POST',
-      credentials: 'same-origin',
       headers: { 'content-type': 'application/json' },
       body: JSON.stringify({}),
     });
@@ -25884,9 +25885,8 @@ async function connectComposio(slug) {
 async function disconnectComposio(slug, connectionId) {
   if (!confirm('Disconnect this ' + slug + ' account?')) return;
   try {
-    var res = await fetch('/api/composio/toolkits/' + encodeURIComponent(slug) + '/disconnect', {
+    var res = await apiFetch('/api/composio/toolkits/' + encodeURIComponent(slug) + '/disconnect', {
       method: 'POST',
-      credentials: 'same-origin',
       headers: { 'content-type': 'application/json' },
       body: JSON.stringify({ connectionId: connectionId }),
     });

package/dist/integrations/composio/client.js CHANGED Viewed

@@ -98,11 +98,11 @@ export async function getPreferredUserId() {
 // calls have to pass *some* user_id, and we want it to match whatever the
 // user already has if possible. detectPreferredUserId() picks the user_id
 // with the most existing connections, falling back to this constant.
-// Empty string matches Composio's web-UI default user_id (verified by
-// probing — connections created via dashboard.composio.dev land under '').
-// Using the same value here keeps Clementine-authorized connections in the
-// same bucket as anything the user already has from the web UI.
-const DEFAULT_NEW_CONNECTION_USER_ID = '';
+// Used only when there are no existing connections to learn from. The real
+// path is detectPreferredUserId() reading the user_id off existing records
+// via the raw client — that's how we match Composio's web-UI auto-generated
+// IDs like `pg-test-<uuid>`.
+const DEFAULT_NEW_CONNECTION_USER_ID = 'default';
 export function clementineUserId() {
     return readComposioEnv('COMPOSIO_USER_ID') || DEFAULT_NEW_CONNECTION_USER_ID;
 }
@@ -114,35 +114,41 @@ async function detectPreferredUserId(composio) {
         return explicit;
     if (detectedPreferredUserId !== null)
         return detectedPreferredUserId;
-    // The list response doesn't expose userId on records (verified empirically),
-    // so we can't read it from the data. Instead, probe each candidate user_id
-    // with a filtered list and pick whichever returns connections. This matches
-    // however the connections were originally created — including empty string,
-    // which is what Composio's web UI uses by default for new accounts.
-    const candidates = ['', 'default', 'user', 'me'];
-    let totalUnscoped = 0;
+    // The high-level wrapper's list() drops the snake_case `user_id` field
+    // during its camelCase transformation, so connections look like they have
+    // no user_id. Use the raw client (snake_case shape) to actually read the
+    // user_id Composio's web UI assigned (typically `pg-test-<uuid>` for
+    // dashboard-created connections). Without this, we'd default to "default"
+    // and composio.create() / toolkits.authorize() would never see existing
+    // connections — every tool call would 401.
     try {
-        const all = await composio.connectedAccounts.list({ limit: 1 });
-        totalUnscoped = all.items.length;
-    }
-    catch { /* non-fatal */ }
-    if (totalUnscoped > 0) {
-        for (const uid of candidates) {
-            try {
-                const resp = await composio.connectedAccounts.list({ userIds: [uid], limit: 1 });
-                if (resp.items.length > 0) {
-                    logger.info({ userId: uid }, 'Detected Composio user_id via probe');
-                    detectedPreferredUserId = uid;
-                    return uid;
-                }
+        const rawClient = composio.client;
+        const resp = await rawClient.connectedAccounts.list({});
+        const items = (resp?.items ?? []);
+        const counts = new Map();
+        for (const it of items) {
+            // Prefer ACTIVE connections — expired ones often outnumber active ones
+            // (3 outlooks: 1 ACTIVE + 2 EXPIRED in real data).
+            if (it.status === 'ACTIVE' && typeof it.user_id === 'string' && it.user_id.length > 0) {
+                counts.set(it.user_id, (counts.get(it.user_id) ?? 0) + 2); // weight active higher
+            }
+            else if (typeof it.user_id === 'string' && it.user_id.length > 0) {
+                counts.set(it.user_id, (counts.get(it.user_id) ?? 0) + 1);
             }
-            catch { /* try next */ }
         }
+        if (counts.size > 0) {
+            const top = [...counts.entries()].sort((a, b) => b[1] - a[1])[0][0];
+            logger.info({ userId: top, candidates: counts.size }, 'Detected Composio user_id from existing connections');
+            detectedPreferredUserId = top;
+            return top;
+        }
+    }
+    catch (err) {
+        logger.warn({ err }, 'Raw client user_id probe failed — using fallback');
     }
-    // No connections yet, or none of the common user_ids match. Fall back to
-    // empty string, which is what Composio's web UI uses by default — keeps
-    // future Clementine-authorized connections in the same bucket as anything
-    // the user creates in Composio's dashboard.
+    // No existing connections. Fall back to "default" — composio.create()
+    // requires a non-empty string, and "default" is the conventional
+    // single-tenant value that Composio's quickstart uses.
     detectedPreferredUserId = DEFAULT_NEW_CONNECTION_USER_ID;
     return DEFAULT_NEW_CONNECTION_USER_ID;
 }

package/dist/integrations/composio/mcp-bridge.js CHANGED Viewed

@@ -48,29 +48,23 @@ export async function buildComposioMcpServers(slugs) {
     }
     return out;
 }
-async function buildOne(composio, slug, connected) {
-    // If 2+ active connections for this toolkit, force Composio to require
-    // explicit account selection per tool call — otherwise it silently picks
-    // the default (newest) account.
-    const activeCount = connected.filter(c => c.slug === slug && c.status === 'ACTIVE').length;
-    // Look up auth config explicitly. Without this, composio.create() tries to
-    // auto-create one and 400s for BYO toolkits (Twitter etc.) that don't have
-    // a managed OAuth app available.
-    const authConfig = (await composio.authConfigs.list({ toolkit: slug })).items[0];
+async function buildOne(composio, slug, _connected) {
+    // composio.tools.get() returns the FLAT toolkit tools (OUTLOOK_LIST_MESSAGES,
+    // GMAIL_SEND_EMAIL, …) — exactly the namespacing the agent expects as
+    // mcp__outlook__OUTLOOK_LIST_MESSAGES. The alternative, composio.create()
+    // + session.tools(), uses Composio's tool-router pattern and only returns
+    // 5 meta-tools (COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, …),
+    // which doesn't match what the agent calls. Verified empirically:
+    // tools.get returns 50+ actual Outlook tools.
     const userId = await getPreferredUserId();
-    const session = await composio.create(userId, {
-        toolkits: [slug],
-        manageConnections: false,
-        ...(authConfig ? { authConfigs: { [slug]: authConfig.id } } : {}),
-        ...(activeCount >= 2
-            ? { multiAccount: { enable: true, requireExplicitSelection: true } }
-            : {}),
-    });
-    const tools = await session.tools();
+    const toolsRaw = await composio.tools.get(userId, { toolkits: [slug], limit: 200 });
+    // tools.get can return an array OR an object depending on provider; normalise.
+    const toolsArr = Array.isArray(toolsRaw) ? toolsRaw : Object.values(toolsRaw);
+    const tools = toolsArr.filter((t) => t && typeof t.name === 'string' && typeof t.handler === 'function');
     return createSdkMcpServer({
         name: slug,
         version: '0.1.0',
-        tools,
+        tools: tools,
     });
 }
 //# sourceMappingURL=mcp-bridge.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.11.0",
+  "version": "1.11.2",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",