codeep 1.3.42 → 2.0.1

package/dist/utils/mcpConfig.js

@@ -0,0 +1,177 @@
+/**
+ * On-disk MCP server config — the `mcpServers` array that ACP clients
+ * usually pass over the wire, but loaded straight from JSON so direct CLI
+ * users (and our VS Code extension) don't have to roll their own config UI.
+ *
+ * Lookup precedence:
+ *   1. `<workspace>/.codeep/mcp_servers.json` (project — committed with repo)
+ *   2. `~/.codeep/mcp_servers.json`           (global — user's machine)
+ * Project entries shadow global entries with the same server name.
+ *
+ * File format mirrors what Claude Code accepts so existing user configs can
+ * be reused verbatim:
+ *
+ *   {
+ *     "mcpServers": {
+ *       "fs": {
+ *         "command": "npx",
+ *         "args": ["@modelcontextprotocol/server-filesystem", "/some/path"],
+ *         "env": { "READ_ONLY": "1" }
+ *       },
+ *       "gh": { ... }
+ *     }
+ *   }
+ *
+ * A flat array form (`{"mcpServers": [{...}, ...]}`) is also accepted because
+ * that's the shape ACP passes over JSON-RPC.
+ */
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs';
+import { join, dirname } from 'path';
+import { homedir } from 'os';
+const PROJECT_CONFIG_PATH = '.codeep/mcp_servers.json';
+const GLOBAL_CONFIG_PATH = '.codeep/mcp_servers.json';
+function parseEntries(raw, source) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        // A broken config file shouldn't kill the agent startup — just warn
+        // and move on. The user will notice via /mcp showing no servers.
+        process.stderr.write(`[codeep-mcp] Failed to parse ${source}: invalid JSON\n`);
+        return [];
+    }
+    const servers = parsed.mcpServers;
+    if (!servers)
+        return [];
+    if (Array.isArray(servers)) {
+        // Defensively filter — any entry needs name + either command or url.
+        return servers.filter(s => s && typeof s.name === 'string' && (typeof s.command === 'string' || typeof s.url === 'string'));
+    }
+    return Object.entries(servers).flatMap(([name, cfg]) => {
+        if (!cfg)
+            return [];
+        // Either `command` (stdio) or `url` (HTTP) — at least one required.
+        const hasStdio = typeof cfg.command === 'string';
+        const hasHttp = typeof cfg.url === 'string';
+        if (!hasStdio && !hasHttp)
+            return [];
+        return [{
+                name,
+                command: hasStdio ? cfg.command : undefined,
+                args: Array.isArray(cfg.args) ? cfg.args.filter(a => typeof a === 'string') : [],
+                env: cfg.env && typeof cfg.env === 'object' ? cfg.env : undefined,
+                url: hasHttp ? cfg.url : undefined,
+                headers: cfg.headers && typeof cfg.headers === 'object'
+                    ? cfg.headers
+                    : undefined,
+            }];
+    });
+}
+function loadFromFile(path) {
+    if (!existsSync(path))
+        return [];
+    try {
+        const raw = readFileSync(path, 'utf-8');
+        return parseEntries(raw, path);
+    }
+    catch {
+        return [];
+    }
+}
+/**
+ * Load MCP server definitions for a workspace. Project entries shadow
+ * global entries with the same server name. Workspace-less calls
+ * (TUI without project) return only the global config.
+ */
+export function loadMcpServerConfig(workspaceRoot) {
+    const globalServers = loadFromFile(join(homedir(), GLOBAL_CONFIG_PATH));
+    const projectServers = workspaceRoot
+        ? loadFromFile(join(workspaceRoot, PROJECT_CONFIG_PATH))
+        : [];
+    // Project wins on name collisions.
+    const byName = new Map();
+    for (const s of globalServers)
+        byName.set(s.name, s);
+    for (const s of projectServers)
+        byName.set(s.name, s);
+    return [...byName.values()];
+}
+/**
+ * Merge two server lists: ACP-provided + on-disk. ACP wins on collisions
+ * — the client knows its own config, so a Zed-passed server overrides a
+ * project file entry of the same name (and we never have to teach Zed to
+ * "skip" file-based ones).
+ */
+export function mergeMcpServers(fromConfig, fromAcp) {
+    const byName = new Map();
+    for (const s of fromConfig)
+        byName.set(s.name, s);
+    for (const s of fromAcp ?? [])
+        byName.set(s.name, s);
+    return [...byName.values()];
+}
+/**
+ * Add or replace a server entry in the project config file. Used by the
+ * interactive `/mcp add` command. Project file is created if missing.
+ */
+export function addProjectMcpServer(workspaceRoot, server) {
+    const path = join(workspaceRoot, PROJECT_CONFIG_PATH);
+    let parsed = { mcpServers: {} };
+    if (existsSync(path)) {
+        try {
+            parsed = JSON.parse(readFileSync(path, 'utf-8'));
+        }
+        catch {
+            // Overwrite a broken file — user can recover from git if they care.
+            parsed = { mcpServers: {} };
+        }
+    }
+    // Normalize to map form for the on-disk file. Easier to edit by hand.
+    let map;
+    if (Array.isArray(parsed.mcpServers)) {
+        map = {};
+        for (const s of parsed.mcpServers) {
+            const { name: n, ...rest } = s;
+            map[n] = rest;
+        }
+    }
+    else {
+        map = parsed.mcpServers ?? {};
+    }
+    const { name, ...rest } = server;
+    map[name] = rest;
+    parsed.mcpServers = map;
+    mkdirSync(dirname(path), { recursive: true });
+    writeFileSync(path, JSON.stringify(parsed, null, 2) + '\n');
+}
+/**
+ * Remove a server entry from the project config file. Returns true if a
+ * server with that name was actually removed.
+ */
+export function removeProjectMcpServer(workspaceRoot, name) {
+    const path = join(workspaceRoot, PROJECT_CONFIG_PATH);
+    if (!existsSync(path))
+        return false;
+    let parsed;
+    try {
+        parsed = JSON.parse(readFileSync(path, 'utf-8'));
+    }
+    catch {
+        return false;
+    }
+    if (Array.isArray(parsed.mcpServers)) {
+        const before = parsed.mcpServers.length;
+        parsed.mcpServers = parsed.mcpServers.filter(s => s.name !== name);
+        if (parsed.mcpServers.length === before)
+            return false;
+    }
+    else if (parsed.mcpServers && parsed.mcpServers[name]) {
+        delete parsed.mcpServers[name];
+    }
+    else {
+        return false;
+    }
+    writeFileSync(path, JSON.stringify(parsed, null, 2) + '\n');
+    return true;
+}

package/dist/utils/mcpMarketplace.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Curated catalog of popular MCP servers. Lets users discover and install
+ * server entries via `/mcp browse` and `/mcp install <id>` without having
+ * to know the right `command` / `args` incantation.
+ *
+ * Maintenance:
+ *   - Keep this list short (< 30 entries). The point is curation, not
+ *     completeness — anything more exhaustive belongs on the website.
+ *   - Each entry's `args` should be the **invocation-without-runtime-args**
+ *     so `/mcp install` can prompt for the things that vary per user
+ *     (paths, tokens, etc.) via `argHints`.
+ *   - Prefer official `@modelcontextprotocol/*` packages over third-party.
+ */
+import type { McpServer } from '../acp/protocol.js';
+export interface MarketplaceEntry {
+    /** Short id used by `/mcp install <id>` and shown in the catalog. */
+    id: string;
+    /** Human-readable display name. */
+    name: string;
+    /** One-line description shown in the marketplace listing. */
+    description: string;
+    /** Skeleton server config. `args` includes the package name; users
+     *  may need to add path/argument args via `argHints`. */
+    server: Omit<McpServer, 'name'>;
+    /** Per-arg prompts shown by `/mcp install` so the user supplies the
+     *  variable bits (file paths, db URLs, etc.). */
+    argHints?: {
+        description: string;
+        placeholder?: string;
+        required?: boolean;
+    }[];
+    /** Env vars that should be set (e.g. API tokens). Surfaced as a note. */
+    envNotes?: {
+        name: string;
+        description: string;
+        required?: boolean;
+    }[];
+    /** Homepage / docs URL for the curious. */
+    url?: string;
+}
+export declare const MCP_MARKETPLACE: MarketplaceEntry[];
+export declare function findMarketplaceEntry(id: string): MarketplaceEntry | null;
+/**
+ * Render the catalog as Markdown for `/mcp browse`. Compact: id + name +
+ * one-line description. Full details (env vars, args) on `/mcp install`.
+ */
+export declare function formatMarketplaceList(): string;
+/** Render install instructions for a single entry (without writing config). */
+export declare function formatMarketplaceEntry(entry: MarketplaceEntry): string;

package/dist/utils/mcpMarketplace.js

@@ -0,0 +1,175 @@
+/**
+ * Curated catalog of popular MCP servers. Lets users discover and install
+ * server entries via `/mcp browse` and `/mcp install <id>` without having
+ * to know the right `command` / `args` incantation.
+ *
+ * Maintenance:
+ *   - Keep this list short (< 30 entries). The point is curation, not
+ *     completeness — anything more exhaustive belongs on the website.
+ *   - Each entry's `args` should be the **invocation-without-runtime-args**
+ *     so `/mcp install` can prompt for the things that vary per user
+ *     (paths, tokens, etc.) via `argHints`.
+ *   - Prefer official `@modelcontextprotocol/*` packages over third-party.
+ */
+export const MCP_MARKETPLACE = [
+    {
+        id: 'filesystem',
+        name: 'Filesystem',
+        description: 'Read, list, and (optionally) write files in a sandbox directory.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-filesystem'] },
+        argHints: [
+            { description: 'Absolute path to expose to the agent (one or more — pass several to allow several roots).', placeholder: '/Users/you/projects/notes', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/filesystem',
+    },
+    {
+        id: 'github',
+        name: 'GitHub',
+        description: 'Browse repositories, issues, PRs, and commits via the GitHub API.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-github'] },
+        envNotes: [
+            { name: 'GITHUB_PERSONAL_ACCESS_TOKEN', description: 'Token with the `repo` scope (or `public_repo` if you only need public).', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/github',
+    },
+    {
+        id: 'gitlab',
+        name: 'GitLab',
+        description: 'Read repos, issues, MRs, and pipelines on GitLab (cloud or self-hosted).',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-gitlab'] },
+        envNotes: [
+            { name: 'GITLAB_PERSONAL_ACCESS_TOKEN', description: 'Token with `read_api` scope.', required: true },
+            { name: 'GITLAB_API_URL', description: 'Override for self-hosted GitLab (default: https://gitlab.com/api/v4).' },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/gitlab',
+    },
+    {
+        id: 'git',
+        name: 'Git (local repo)',
+        description: 'Inspect commits, blame, diffs, branches in a local git repository.',
+        server: { command: 'uvx', args: ['mcp-server-git'] },
+        argHints: [
+            { description: 'Path to a git repository (omit to use the current workspace).', placeholder: '/path/to/repo' },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/git',
+    },
+    {
+        id: 'postgres',
+        name: 'PostgreSQL',
+        description: 'Read-only SQL access to a Postgres database — schema introspection + query.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-postgres'] },
+        argHints: [
+            { description: 'Postgres connection URI.', placeholder: 'postgresql://user:pass@localhost/dbname', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/postgres',
+    },
+    {
+        id: 'sqlite',
+        name: 'SQLite',
+        description: 'Query a SQLite database file with full SQL.',
+        server: { command: 'uvx', args: ['mcp-server-sqlite'] },
+        argHints: [
+            { description: 'Path to the .sqlite/.db file.', placeholder: '/path/to/data.db', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/sqlite',
+    },
+    {
+        id: 'fetch',
+        name: 'Fetch (web)',
+        description: 'Fetch arbitrary URLs and return the markdown-converted contents.',
+        server: { command: 'uvx', args: ['mcp-server-fetch'] },
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/fetch',
+    },
+    {
+        id: 'brave-search',
+        name: 'Brave Search',
+        description: 'Web search via the Brave Search API.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-brave-search'] },
+        envNotes: [
+            { name: 'BRAVE_API_KEY', description: 'Get a free key at brave.com/search/api/.', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/brave-search',
+    },
+    {
+        id: 'slack',
+        name: 'Slack',
+        description: 'Read channels, post messages, look up users and threads.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-slack'] },
+        envNotes: [
+            { name: 'SLACK_BOT_TOKEN', description: 'xoxb-… bot token.', required: true },
+            { name: 'SLACK_TEAM_ID', description: 'Numeric workspace id.', required: true },
+        ],
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/slack',
+    },
+    {
+        id: 'memory',
+        name: 'Memory (knowledge graph)',
+        description: 'Persistent knowledge graph the agent reads/writes across sessions.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-memory'] },
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/memory',
+    },
+    {
+        id: 'time',
+        name: 'Time / timezones',
+        description: 'Current time, timezone conversion, IANA timezone lookup.',
+        server: { command: 'uvx', args: ['mcp-server-time'] },
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/time',
+    },
+    {
+        id: 'puppeteer',
+        name: 'Puppeteer (browser)',
+        description: 'Headless Chromium for navigating, screenshotting, and scraping pages.',
+        server: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-puppeteer'] },
+        url: 'https://github.com/modelcontextprotocol/servers/tree/main/src/puppeteer',
+    },
+];
+export function findMarketplaceEntry(id) {
+    const lower = id.toLowerCase();
+    return MCP_MARKETPLACE.find(e => e.id === lower) ?? null;
+}
+/**
+ * Render the catalog as Markdown for `/mcp browse`. Compact: id + name +
+ * one-line description. Full details (env vars, args) on `/mcp install`.
+ */
+export function formatMarketplaceList() {
+    const lines = [
+        '## MCP marketplace',
+        '',
+        `${MCP_MARKETPLACE.length} curated servers. Install with \`/mcp install <id>\`.`,
+        '',
+        '| id | name | what it does |',
+        '|---|---|---|',
+    ];
+    for (const e of MCP_MARKETPLACE) {
+        lines.push(`| \`${e.id}\` | ${e.name} | ${e.description} |`);
+    }
+    return lines.join('\n');
+}
+/** Render install instructions for a single entry (without writing config). */
+export function formatMarketplaceEntry(entry) {
+    const lines = [
+        `## ${entry.name} — \`${entry.id}\``,
+        '',
+        entry.description,
+        '',
+        `**Command:** \`${entry.server.command ?? entry.server.url} ${(entry.server.args ?? []).join(' ')}\``,
+    ];
+    if (entry.argHints?.length) {
+        lines.push('', '**Additional arguments needed:**');
+        for (const h of entry.argHints) {
+            const req = h.required ? ' (required)' : '';
+            const placeholder = h.placeholder ? ` _e.g._ \`${h.placeholder}\`` : '';
+            lines.push(`- ${h.description}${req}${placeholder}`);
+        }
+    }
+    if (entry.envNotes?.length) {
+        lines.push('', '**Environment variables:**');
+        for (const e of entry.envNotes) {
+            const req = e.required ? ' (required)' : '';
+            lines.push(`- \`${e.name}\`${req} — ${e.description}`);
+        }
+    }
+    if (entry.url)
+        lines.push('', `_Docs: ${entry.url}_`);
+    return lines.join('\n');
+}

package/dist/utils/mcpRegistry.d.ts

@@ -0,0 +1,129 @@
+/**
+ * Per-session registry of MCP servers.
+ *
+ * `acp/server.ts handleSessionNew/Load/Resume` receives an optional
+ * `mcpServers: McpServer[]` from the ACP client. We spawn each one via
+ * `McpClient`, list its tools, and surface them under a flat namespace so
+ * the agent can call them like any built-in tool.
+ *
+ * Naming: tools are surfaced as `<serverName>__<toolName>` to avoid
+ * collisions across servers and with built-in agent tools. Underscores are
+ * legal in MCP tool names; `__` is rare enough in practice to serve as a
+ * delimiter without escaping.
+ */
+import { SamplingCreateMessageParams, SamplingCreateMessageResult } from './mcpClient.js';
+import type { McpServer } from '../acp/protocol.js';
+/**
+ * Virtual-tool suffixes for the resource/prompt wrappers we generate per
+ * server. Keep these in lockstep with the dispatch switch in
+ * toolExecution.ts — adding a new wrapper requires both ends.
+ */
+export declare const VIRTUAL_TOOL_SUFFIXES: {
+    readonly resourceList: "resource_list";
+    readonly resourceRead: "resource_read";
+    readonly promptList: "prompt_list";
+    readonly promptGet: "prompt_get";
+};
+export interface RegisteredTool {
+    /** Prefixed name as exposed to the agent (`server__tool`). */
+    agentName: string;
+    /** Original tool name on the server. */
+    toolName: string;
+    serverName: string;
+    description?: string;
+    inputSchema?: Record<string, unknown>;
+}
+/**
+ * Spawn the given servers and discover their tools. Failures on individual
+ * servers are reported in the result but don't abort the whole registration
+ * (one broken server shouldn't kill the rest).
+ *
+ * Idempotent: calling twice for the same sessionId disposes the prior set
+ * first.
+ */
+export declare function registerSessionServers(sessionId: string, servers: McpServer[], opts?: {
+    workspaceRoot?: string;
+    /**
+     * Host LLM callback wired to the `sampling/createMessage` server request.
+     * Receives the originating server name so the host can rate-limit /
+     * budget-cap per server.
+     */
+    onSamplingRequest?: (params: SamplingCreateMessageParams, serverName: string) => Promise<SamplingCreateMessageResult>;
+}): Promise<{
+    registered: RegisteredTool[];
+    errors: {
+        server: string;
+        error: string;
+    }[];
+}>;
+/**
+ * Wait for any in-flight `registerSessionServers` for this session to
+ * finish. No-op once registration has completed. Lets `callSessionTool`
+ * be tolerant of the race between session/new returning and the user
+ * sending their first prompt.
+ */
+export declare function awaitSessionReady(sessionId: string): Promise<void>;
+/** Return spawn errors recorded for a session, for the /mcp inspector. */
+export declare function getSessionRegistrationErrors(sessionId: string): {
+    server: string;
+    error: string;
+}[];
+/**
+ * Atomically read + clear the catalog-dirty flags for a session.
+ * Called by the agent loop between iterations: if any flag is set,
+ * the relevant cached lists (tools / resources / prompts) should be
+ * re-fetched before the next dispatch. Returns the set of dirty kinds.
+ */
+export declare function consumeSessionCatalogChanges(sessionId: string): Set<'tools' | 'resources' | 'prompts'>;
+/** Return all tools registered for a session (built from cached server tool lists). */
+export declare function getSessionTools(sessionId: string): Promise<RegisteredTool[]>;
+/**
+ * Build the set of virtual tools that wrap the resource/prompt primitives
+ * for every server in the session. The agent calls these like normal
+ * `<server>__<tool>` entries; toolExecution.ts dispatches them through
+ * `callSessionResourceTool` below.
+ *
+ * We only emit a wrapper when the server actually exposes resources or
+ * prompts (probed via `listResources`/`listPrompts`) — no point teaching
+ * the model about a `read_resource` tool that always returns "no such
+ * resource".
+ */
+export declare function getSessionVirtualTools(sessionId: string): Promise<RegisteredTool[]>;
+/**
+ * Dispatch a virtual MCP tool (resource_list, resource_read, prompt_list,
+ * prompt_get) and return a JSON-serialised string the agent can consume.
+ * Throws if the tool name doesn't match a virtual wrapper.
+ */
+export declare function callSessionVirtualTool(sessionId: string, agentName: string, args: Record<string, unknown>): Promise<string>;
+/** Return true if a tool name matches one of the four virtual wrappers. */
+export declare function isVirtualMcpToolName(name: string): boolean;
+/** Return resources advertised by all session servers, grouped by server. */
+export declare function getSessionResources(sessionId: string): Promise<{
+    serverName: string;
+    resources: import('./mcpClient.js').McpResource[];
+}[]>;
+/** Read a resource URI from any session server that advertises it. */
+export declare function readSessionResource(sessionId: string, uri: string): Promise<import('./mcpClient.js').McpResourceContent[]>;
+/** Return prompts advertised by all session servers, grouped by server. */
+export declare function getSessionPrompts(sessionId: string): Promise<{
+    serverName: string;
+    prompts: import('./mcpClient.js').McpPrompt[];
+}[]>;
+/** Resolve a `<server>__<name>` prompt reference, returning the materialised messages. */
+export declare function getSessionPrompt(sessionId: string, serverName: string, name: string, args?: Record<string, unknown>): Promise<{
+    description?: string;
+    messages: import('./mcpClient.js').McpPromptMessage[];
+}>;
+/** Forward a tool call to the right MCP server. Returns the tool's text output. */
+export declare function callSessionTool(sessionId: string, agentName: string, args: Record<string, unknown>): Promise<string>;
+/** True when an agent tool name looks like an MCP-prefixed tool. */
+export declare function isMcpToolName(name: string): boolean;
+/** Stop all MCP clients for a session and drop the registry entry. */
+export declare function disposeSession(sessionId: string): Promise<void>;
+/**
+ * Tear down every active MCP session. Wired up as a SIGINT/SIGTERM handler
+ * in `acp/server.ts` so killing the CLI doesn't leave orphan child processes.
+ */
+export declare function disposeAllSessions(): Promise<void>;
+/** For tests / debugging — how many sessions have active MCP clients. */
+export declare function sessionCount(): number;