comisai 1.0.34 → 1.0.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/node_modules/@comis/agent/dist/background/auto-background-middleware.d.ts +11 -1
- package/node_modules/@comis/agent/dist/background/auto-background-middleware.js +21 -4
- package/node_modules/@comis/agent/dist/background/background-task-manager.d.ts +2 -2
- package/node_modules/@comis/agent/dist/background/background-task-manager.js +61 -20
- package/node_modules/@comis/agent/dist/background/background-task-persistence.js +10 -3
- package/node_modules/@comis/agent/dist/background/background-task-types.d.ts +10 -3
- package/node_modules/@comis/agent/dist/background/background-task-types.js +1 -1
- package/node_modules/@comis/agent/dist/background/completion-formatter.d.ts +39 -0
- package/node_modules/@comis/agent/dist/background/completion-formatter.js +77 -0
- package/node_modules/@comis/agent/dist/background/completion-runner.d.ts +53 -0
- package/node_modules/@comis/agent/dist/background/completion-runner.js +151 -0
- package/node_modules/@comis/agent/dist/background/index.d.ts +4 -0
- package/node_modules/@comis/agent/dist/background/index.js +2 -0
- package/node_modules/@comis/agent/dist/bridge/bridge-metrics.d.ts +17 -2
- package/node_modules/@comis/agent/dist/bridge/bridge-metrics.js +14 -2
- package/node_modules/@comis/agent/dist/bridge/pi-event-bridge.d.ts +23 -23
- package/node_modules/@comis/agent/dist/bridge/pi-event-bridge.js +72 -60
- package/node_modules/@comis/agent/dist/bridge/thinking-block-hash-invariant.d.ts +6 -7
- package/node_modules/@comis/agent/dist/bridge/thinking-block-hash-invariant.js +24 -25
- package/node_modules/@comis/agent/dist/budget/cost-tracker.d.ts +1 -1
- package/node_modules/@comis/agent/dist/context-engine/constants.d.ts +5 -5
- package/node_modules/@comis/agent/dist/context-engine/constants.js +12 -12
- package/node_modules/@comis/agent/dist/context-engine/context-engine.js +13 -4
- package/node_modules/@comis/agent/dist/context-engine/dag-annotator.d.ts +1 -2
- package/node_modules/@comis/agent/dist/context-engine/dag-annotator.js +1 -2
- package/node_modules/@comis/agent/dist/context-engine/llm-compaction.js +20 -16
- package/node_modules/@comis/agent/dist/context-engine/rehydration.js +6 -6
- package/node_modules/@comis/agent/dist/context-engine/signature-replay-scrubber.d.ts +12 -12
- package/node_modules/@comis/agent/dist/context-engine/signature-replay-scrubber.js +36 -22
- package/node_modules/@comis/agent/dist/context-engine/types-core.d.ts +15 -0
- package/node_modules/@comis/agent/dist/executor/cache-break-detection.d.ts +6 -6
- package/node_modules/@comis/agent/dist/executor/cache-break-detection.js +8 -8
- package/node_modules/@comis/agent/dist/executor/executor-context-engine-setup.d.ts +16 -0
- package/node_modules/@comis/agent/dist/executor/executor-context-engine-setup.js +46 -5
- package/node_modules/@comis/agent/dist/executor/executor-post-execution.d.ts +30 -0
- package/node_modules/@comis/agent/dist/executor/executor-post-execution.js +17 -1
- package/node_modules/@comis/agent/dist/executor/executor-prompt-runner.js +1 -1
- package/node_modules/@comis/agent/dist/executor/executor-response-filter.d.ts +7 -6
- package/node_modules/@comis/agent/dist/executor/executor-response-filter.js +9 -42
- package/node_modules/@comis/agent/dist/executor/executor-tool-assembly.js +2 -3
- package/node_modules/@comis/agent/dist/executor/gemini-cache-injector.d.ts +2 -2
- package/node_modules/@comis/agent/dist/executor/gemini-cache-injector.js +4 -4
- package/node_modules/@comis/agent/dist/executor/phase-filter.d.ts +2 -2
- package/node_modules/@comis/agent/dist/executor/phase-filter.js +5 -7
- package/node_modules/@comis/agent/dist/executor/pi-executor.d.ts +13 -0
- package/node_modules/@comis/agent/dist/executor/pi-executor.js +71 -6
- package/node_modules/@comis/agent/dist/executor/post-batch-continuation.js +7 -7
- package/node_modules/@comis/agent/dist/executor/stream-wrappers/request-body-injector.d.ts +1 -1
- package/node_modules/@comis/agent/dist/executor/stream-wrappers/request-body-injector.js +1 -1
- package/node_modules/@comis/agent/dist/executor/tool-deferral.d.ts +2 -2
- package/node_modules/@comis/agent/dist/executor/tool-deferral.js +7 -7
- package/node_modules/@comis/agent/dist/index.d.ts +17 -0
- package/node_modules/@comis/agent/dist/index.js +32 -11
- package/node_modules/@comis/agent/dist/model/auth-provider.d.ts +25 -2
- package/node_modules/@comis/agent/dist/model/auth-provider.js +6 -0
- package/node_modules/@comis/agent/dist/model/compaction-model-resolver.d.ts +3 -3
- package/node_modules/@comis/agent/dist/model/compaction-model-resolver.js +3 -3
- package/node_modules/@comis/agent/dist/model/oauth-credential-store-file.d.ts +37 -0
- package/node_modules/@comis/agent/dist/model/oauth-credential-store-file.js +279 -0
- package/node_modules/@comis/agent/dist/model/oauth-credential-store-selector.d.ts +49 -0
- package/node_modules/@comis/agent/dist/model/oauth-credential-store-selector.js +50 -0
- package/node_modules/@comis/agent/dist/model/oauth-device-code.d.ts +57 -0
- package/node_modules/@comis/agent/dist/model/oauth-device-code.js +302 -0
- package/node_modules/@comis/agent/dist/model/oauth-env.d.ts +33 -0
- package/node_modules/@comis/agent/dist/model/oauth-env.js +38 -0
- package/node_modules/@comis/agent/dist/model/oauth-errors.d.ts +41 -0
- package/node_modules/@comis/agent/dist/model/oauth-errors.js +88 -0
- package/node_modules/@comis/agent/dist/model/oauth-identity.d.ts +53 -0
- package/node_modules/@comis/agent/dist/model/oauth-identity.js +141 -0
- package/node_modules/@comis/agent/dist/model/oauth-login-runner.d.ts +99 -0
- package/node_modules/@comis/agent/dist/model/oauth-login-runner.js +374 -0
- package/node_modules/@comis/agent/dist/model/oauth-tls-preflight.d.ts +58 -0
- package/node_modules/@comis/agent/dist/model/oauth-tls-preflight.js +82 -0
- package/node_modules/@comis/agent/dist/model/oauth-token-manager.d.ts +86 -16
- package/node_modules/@comis/agent/dist/model/oauth-token-manager.js +961 -66
- package/node_modules/@comis/agent/dist/model/operation-model-defaults.d.ts +9 -4
- package/node_modules/@comis/agent/dist/model/operation-model-defaults.js +36 -9
- package/node_modules/@comis/agent/dist/model/resolve-provider-api-key.d.ts +48 -0
- package/node_modules/@comis/agent/dist/model/resolve-provider-api-key.js +66 -0
- package/node_modules/@comis/agent/dist/provider/capabilities.d.ts +5 -5
- package/node_modules/@comis/agent/dist/provider/capabilities.js +10 -23
- package/node_modules/@comis/agent/dist/safety/tool-output-safety.js +3 -3
- package/node_modules/@comis/agent/dist/session/comis-session-manager.d.ts +1 -1
- package/node_modules/@comis/agent/dist/session/comis-session-manager.js +1 -1
- package/node_modules/@comis/agent/dist/spawn/narrative-caster.d.ts +10 -0
- package/node_modules/@comis/agent/dist/spawn/narrative-caster.js +5 -1
- package/node_modules/@comis/agent/package.json +1 -1
- package/node_modules/@comis/channels/dist/email/email-adapter.js +6 -6
- package/node_modules/@comis/channels/dist/email/imap-lifecycle.js +7 -7
- package/node_modules/@comis/channels/dist/shared/deliver-to-channel.js +12 -10
- package/node_modules/@comis/channels/dist/telegram/telegram-adapter.js +1 -1
- package/node_modules/@comis/channels/package.json +1 -1
- package/node_modules/@comis/cli/dist/cli.js +2 -0
- package/node_modules/@comis/cli/dist/commands/agent.d.ts +3 -3
- package/node_modules/@comis/cli/dist/commands/agent.js +46 -3
- package/node_modules/@comis/cli/dist/commands/auth.d.ts +37 -0
- package/node_modules/@comis/cli/dist/commands/auth.js +433 -0
- package/node_modules/@comis/cli/dist/commands/doctor.d.ts +4 -1
- package/node_modules/@comis/cli/dist/commands/doctor.js +20 -5
- package/node_modules/@comis/cli/dist/doctor/checks/oauth-health.d.ts +39 -0
- package/node_modules/@comis/cli/dist/doctor/checks/oauth-health.js +399 -0
- package/node_modules/@comis/cli/dist/doctor/types.d.ts +19 -0
- package/node_modules/@comis/cli/dist/index.d.ts +1 -0
- package/node_modules/@comis/cli/dist/index.js +10 -4
- package/node_modules/@comis/cli/dist/output/relative-time.d.ts +23 -0
- package/node_modules/@comis/cli/dist/output/relative-time.js +36 -0
- package/node_modules/@comis/cli/dist/wizard/non-interactive.js +17 -8
- package/node_modules/@comis/cli/dist/wizard/steps/03-provider.js +2 -1
- package/node_modules/@comis/cli/dist/wizard/steps/04-credentials.js +223 -34
- package/node_modules/@comis/cli/dist/wizard/steps/10-write-config.js +14 -0
- package/node_modules/@comis/cli/dist/wizard/steps/11-daemon-start.js +3 -3
- package/node_modules/@comis/cli/dist/wizard/types.d.ts +7 -0
- package/node_modules/@comis/cli/package.json +1 -1
- package/node_modules/@comis/core/dist/bootstrap.d.ts +1 -1
- package/node_modules/@comis/core/dist/config/env-substitution.d.ts +66 -0
- package/node_modules/@comis/core/dist/config/env-substitution.js +115 -0
- package/node_modules/@comis/core/dist/config/index.d.ts +3 -1
- package/node_modules/@comis/core/dist/config/index.js +2 -1
- package/node_modules/@comis/core/dist/config/loader.js +61 -0
- package/node_modules/@comis/core/dist/config/managed-sections.d.ts +3 -3
- package/node_modules/@comis/core/dist/config/managed-sections.js +10 -5
- package/node_modules/@comis/core/dist/config/schema-agent.d.ts +4 -0
- package/node_modules/@comis/core/dist/config/schema-agent.js +16 -1
- package/node_modules/@comis/core/dist/config/schema-background-tasks.d.ts +7 -0
- package/node_modules/@comis/core/dist/config/schema-background-tasks.js +7 -0
- package/node_modules/@comis/core/dist/config/schema-delivery.d.ts +2 -0
- package/node_modules/@comis/core/dist/config/schema-delivery.js +2 -0
- package/node_modules/@comis/core/dist/config/schema-gemini-cache.d.ts +0 -2
- package/node_modules/@comis/core/dist/config/schema-gemini-cache.js +0 -2
- package/node_modules/@comis/core/dist/config/schema-oauth.d.ts +23 -0
- package/node_modules/@comis/core/dist/config/schema-oauth.js +19 -0
- package/node_modules/@comis/core/dist/config/schema-skills.d.ts +6 -8
- package/node_modules/@comis/core/dist/config/schema-skills.js +3 -4
- package/node_modules/@comis/core/dist/config/schema.d.ts +10 -0
- package/node_modules/@comis/core/dist/config/schema.js +3 -0
- package/node_modules/@comis/core/dist/domain/background-task-origin.d.ts +39 -0
- package/node_modules/@comis/core/dist/domain/background-task-origin.js +39 -0
- package/node_modules/@comis/core/dist/event-bus/events-infra.d.ts +71 -2
- package/node_modules/@comis/core/dist/exports/config.d.ts +2 -2
- package/node_modules/@comis/core/dist/exports/config.js +1 -1
- package/node_modules/@comis/core/dist/exports/domain.d.ts +2 -0
- package/node_modules/@comis/core/dist/exports/domain.js +1 -0
- package/node_modules/@comis/core/dist/exports/ports.d.ts +2 -2
- package/node_modules/@comis/core/dist/exports/ports.js +1 -1
- package/node_modules/@comis/core/dist/ports/delivery-queue.d.ts +23 -0
- package/node_modules/@comis/core/dist/ports/delivery-queue.js +2 -0
- package/node_modules/@comis/core/dist/ports/index.d.ts +2 -0
- package/node_modules/@comis/core/dist/ports/index.js +1 -0
- package/node_modules/@comis/core/dist/ports/oauth-credential-store.d.ts +64 -0
- package/node_modules/@comis/core/dist/ports/oauth-credential-store.js +37 -0
- package/node_modules/@comis/core/dist/tool-metadata.d.ts +20 -0
- package/node_modules/@comis/core/package.json +1 -1
- package/node_modules/@comis/daemon/dist/daemon-types.d.ts +23 -3
- package/node_modules/@comis/daemon/dist/daemon.js +82 -19
- package/node_modules/@comis/daemon/dist/index.d.ts +2 -0
- package/node_modules/@comis/daemon/dist/index.js +5 -0
- package/node_modules/@comis/daemon/dist/observability/channel-health-logger.js +3 -3
- package/node_modules/@comis/daemon/dist/observability/delivery-queue-logger.js +1 -1
- package/node_modules/@comis/daemon/dist/rpc/agent-handlers.d.ts +22 -1
- package/node_modules/@comis/daemon/dist/rpc/agent-handlers.js +84 -21
- package/node_modules/@comis/daemon/dist/rpc/agent-inline-workspace.js +2 -2
- package/node_modules/@comis/daemon/dist/rpc/config-handlers.d.ts +9 -1
- package/node_modules/@comis/daemon/dist/rpc/config-handlers.js +104 -23
- package/node_modules/@comis/daemon/dist/rpc/credential-resolver.d.ts +30 -1
- package/node_modules/@comis/daemon/dist/rpc/credential-resolver.js +74 -11
- package/node_modules/@comis/daemon/dist/rpc/mcp-handlers.d.ts +8 -0
- package/node_modules/@comis/daemon/dist/rpc/mcp-handlers.js +22 -8
- package/node_modules/@comis/daemon/dist/rpc/provider-handlers.js +9 -12
- package/node_modules/@comis/daemon/dist/rpc/rpc-dispatch.d.ts +1 -0
- package/node_modules/@comis/daemon/dist/rpc/rpc-dispatch.js +27 -2
- package/node_modules/@comis/daemon/dist/setup-docker-restart-warn.js +0 -1
- package/node_modules/@comis/daemon/dist/wiring/index.d.ts +2 -0
- package/node_modules/@comis/daemon/dist/wiring/index.js +1 -0
- package/node_modules/@comis/daemon/dist/wiring/oauth-preflight.d.ts +21 -0
- package/node_modules/@comis/daemon/dist/wiring/oauth-preflight.js +134 -0
- package/node_modules/@comis/daemon/dist/wiring/setup-agents.d.ts +46 -1
- package/node_modules/@comis/daemon/dist/wiring/setup-agents.js +127 -3
- package/node_modules/@comis/daemon/dist/wiring/setup-background-completion-runner.d.ts +39 -0
- package/node_modules/@comis/daemon/dist/wiring/setup-background-completion-runner.js +32 -0
- package/node_modules/@comis/daemon/dist/wiring/setup-background-tasks.d.ts +10 -3
- package/node_modules/@comis/daemon/dist/wiring/setup-background-tasks.js +11 -5
- package/node_modules/@comis/daemon/dist/wiring/setup-channels.js +20 -1
- package/node_modules/@comis/daemon/dist/wiring/setup-cross-session.js +1 -1
- package/node_modules/@comis/daemon/dist/wiring/setup-delivery.d.ts +14 -5
- package/node_modules/@comis/daemon/dist/wiring/setup-delivery.js +52 -19
- package/node_modules/@comis/daemon/dist/wiring/setup-schedulers.js +4 -0
- package/node_modules/@comis/daemon/package.json +1 -1
- package/node_modules/@comis/gateway/dist/index.d.ts +2 -0
- package/node_modules/@comis/gateway/dist/index.js +2 -0
- package/node_modules/@comis/gateway/dist/oauth/oauth-callback-route.d.ts +66 -0
- package/node_modules/@comis/gateway/dist/oauth/oauth-callback-route.js +212 -0
- package/node_modules/@comis/gateway/dist/server/hono-server.d.ts +14 -0
- package/node_modules/@comis/gateway/dist/server/hono-server.js +10 -0
- package/node_modules/@comis/gateway/package.json +1 -1
- package/node_modules/@comis/infra/dist/logging/log-fields.d.ts +23 -0
- package/node_modules/@comis/infra/package.json +1 -1
- package/node_modules/@comis/memory/dist/compaction.d.ts +3 -5
- package/node_modules/@comis/memory/dist/compaction.js +2 -3
- package/node_modules/@comis/memory/dist/delivery-queue-adapter.d.ts +2 -2
- package/node_modules/@comis/memory/dist/delivery-queue-adapter.js +49 -1
- package/node_modules/@comis/memory/dist/index.d.ts +2 -0
- package/node_modules/@comis/memory/dist/index.js +3 -0
- package/node_modules/@comis/memory/dist/memory-api.d.ts +1 -1
- package/node_modules/@comis/memory/dist/memory-api.js +1 -1
- package/node_modules/@comis/memory/dist/oauth-profile-schema.d.ts +17 -0
- package/node_modules/@comis/memory/dist/oauth-profile-schema.js +33 -0
- package/node_modules/@comis/memory/dist/oauth-profile-store-encrypted.d.ts +27 -0
- package/node_modules/@comis/memory/dist/oauth-profile-store-encrypted.js +144 -0
- package/node_modules/@comis/memory/dist/session-store.d.ts +1 -1
- package/node_modules/@comis/memory/dist/session-store.js +1 -1
- package/node_modules/@comis/memory/dist/sqlite-secret-store.d.ts +29 -3
- package/node_modules/@comis/memory/dist/sqlite-secret-store.js +11 -3
- package/node_modules/@comis/memory/package.json +1 -1
- package/node_modules/@comis/scheduler/dist/execution/execution-lock.d.ts +13 -0
- package/node_modules/@comis/scheduler/dist/execution/execution-lock.js +1 -1
- package/node_modules/@comis/scheduler/dist/execution/index.d.ts +2 -0
- package/node_modules/@comis/scheduler/dist/execution/index.js +2 -0
- package/node_modules/@comis/scheduler/dist/heartbeat/agent-heartbeat-source.js +1 -1
- package/node_modules/@comis/scheduler/dist/index.d.ts +2 -0
- package/node_modules/@comis/scheduler/dist/index.js +2 -0
- package/node_modules/@comis/scheduler/package.json +1 -1
- package/node_modules/@comis/shared/package.json +1 -1
- package/node_modules/@comis/skills/dist/bridge/schema-validator.d.ts +38 -0
- package/node_modules/@comis/skills/dist/bridge/schema-validator.js +169 -0
- package/node_modules/@comis/skills/dist/bridge/tool-metadata-enforcement.js +12 -0
- package/node_modules/@comis/skills/dist/bridge/tool-metadata-registry.js +130 -0
- package/node_modules/@comis/skills/dist/builtin/exec-diagnostics.d.ts +32 -0
- package/node_modules/@comis/skills/dist/builtin/exec-diagnostics.js +127 -0
- package/node_modules/@comis/skills/dist/builtin/exec-security.js +38 -0
- package/node_modules/@comis/skills/dist/builtin/exec-tool.js +9 -0
- package/node_modules/@comis/skills/dist/builtin/file-tools/grep-tool.js +6 -6
- package/node_modules/@comis/skills/dist/builtin/platform/agents-manage-tool.d.ts +5 -4
- package/node_modules/@comis/skills/dist/builtin/platform/agents-manage-tool.js +38 -27
- package/node_modules/@comis/skills/dist/builtin/platform/background-tasks-tool.d.ts +4 -1
- package/node_modules/@comis/skills/dist/builtin/platform/background-tasks-tool.js +3 -3
- package/node_modules/@comis/skills/dist/builtin/platform/cron-tool.js +1 -1
- package/node_modules/@comis/skills/dist/builtin/platform/gateway-tool.js +6 -6
- package/node_modules/@comis/skills/dist/builtin/platform/mcp-manage-tool.d.ts +1 -1
- package/node_modules/@comis/skills/dist/builtin/platform/mcp-manage-tool.js +9 -9
- package/node_modules/@comis/skills/dist/builtin/sandbox/bwrap-provider.d.ts +11 -0
- package/node_modules/@comis/skills/dist/builtin/sandbox/bwrap-provider.js +114 -1
- package/node_modules/@comis/skills/dist/builtin/sandbox/detect-provider.js +40 -15
- package/node_modules/@comis/skills/dist/media/ssrf-fetcher.d.ts +7 -0
- package/node_modules/@comis/skills/dist/media/ssrf-fetcher.js +9 -2
- package/node_modules/@comis/skills/package.json +1 -1
- package/node_modules/@comis/web/dist/assets/{agent-detail-71BSbSfD.js → agent-detail-q8t1NB7w.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{agent-editor-CTSDZhwT.js → agent-editor-B46io5gv.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{agent-list-BEhni2ea.js → agent-list-DQ6g2Rcx.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{billing-view-DVP1IvVs.js → billing-view-IWPR8LgF.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{channel-detail-N_YK74xC.js → channel-detail-DlNNZuuC.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{channel-list-DRk6ZJaF.js → channel-list-DhGwxiMc.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{chat-console-Dm-GtSf9.js → chat-console-Nv6fM3Rc.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{config-editor-CIferYX6.js → config-editor-BYKuJF76.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{context-dag-browser-CL84rXXM.js → context-dag-browser-ClNEtzYE.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{context-engine-B1HOTEZv.js → context-engine-BZJ6HChd.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{delivery-view-Y6JKYVFw.js → delivery-view-Cb7I3vGu.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{diagnostics-view-DWV1UQjz.js → diagnostics-view-9u9Lyu5a.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{ic-chat-message-DfSERzzg.js → ic-chat-message-BFt3cVpx.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{ic-connection-dot-CXyhlJup.js → ic-connection-dot-y77LZ3Gu.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{ic-tool-call-DNmwTjek.js → ic-tool-call-qt6w1NQl.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{index-CBr0Tm9_.js → index-8Tg9oc-C.js} +2 -2
- package/node_modules/@comis/web/dist/assets/{mcp-management-BaH2-vox.js → mcp-management-69dtH_kY.js} +2 -2
- package/node_modules/@comis/web/dist/assets/{media-config-CZLshJoN.js → media-config-BdjLj5c1.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{media-test-C9NUWgo_.js → media-test-DuPqrixi.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{memory-inspector-D_fmTcRN.js → memory-inspector-B-Pepbq-.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{message-center-BBFlNCZn.js → message-center-B7l0yNYY.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{models-BytGLm99.js → models-JHFHuv5S.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{observe-view-VXtHqaqq.js → observe-view-r8mqhy4O.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{pipeline-builder-CfXczlfJ.js → pipeline-builder-XjkiZRcR.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{pipeline-history-CPmXFnbe.js → pipeline-history-CZqJv_Hj.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{pipeline-history-detail-DcueTMs9.js → pipeline-history-detail-BEFGMoDy.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{pipeline-list-B-xG5WZh.js → pipeline-list-B6q5LvO1.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{pipeline-monitor-pnIOYaSY.js → pipeline-monitor-BNomXjVL.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{scheduler-BtUIFHhA.js → scheduler-BJEjcGKA.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{security-C8mWRq2y.js → security-2G1jhBfV.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{session-detail-DgdkO5ka.js → session-detail-DmVPzFBR.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{session-list-DcylcfTn.js → session-list-CsqMQoHs.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{setup-wizard-BP5yjsuL.js → setup-wizard-CAdM-gSP.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{skills-DXt1bX8Z.js → skills-2ODqKaWr.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{subagents-C7YbUHXY.js → subagents-BFlwfTbD.js} +1 -1
- package/node_modules/@comis/web/dist/assets/{workspace-manager-DP6pW4wa.js → workspace-manager--CbOx_dI.js} +1 -1
- package/node_modules/@comis/web/dist/index.html +1 -1
- package/node_modules/@comis/web/package.json +1 -1
- package/package.json +17 -16
|
@@ -148,22 +148,22 @@ function buildRipgrepArgs(pattern, outputMode, options = {}) {
|
|
|
148
148
|
}
|
|
149
149
|
// Pattern (use -e to avoid pattern being confused with flags)
|
|
150
150
|
args.push("-e", pattern);
|
|
151
|
-
//
|
|
151
|
+
// Filtering
|
|
152
152
|
if (options.glob)
|
|
153
153
|
args.push("--glob", options.glob);
|
|
154
154
|
if (options.type)
|
|
155
155
|
args.push("--type", options.type);
|
|
156
|
-
//
|
|
156
|
+
// Case-insensitive
|
|
157
157
|
if (options.caseInsensitive)
|
|
158
158
|
args.push("-i");
|
|
159
159
|
// Literal mode (fixed-strings)
|
|
160
160
|
if (options.literal) {
|
|
161
161
|
args.push("--fixed-strings");
|
|
162
162
|
}
|
|
163
|
-
//
|
|
163
|
+
// Multiline
|
|
164
164
|
if (options.multiline)
|
|
165
165
|
args.push("-U", "--multiline-dotall");
|
|
166
|
-
//
|
|
166
|
+
// Context lines (content mode only -- ignored for other modes)
|
|
167
167
|
if (outputMode === "content") {
|
|
168
168
|
if (options.afterContext !== undefined)
|
|
169
169
|
args.push("-A", String(options.afterContext));
|
|
@@ -172,7 +172,7 @@ function buildRipgrepArgs(pattern, outputMode, options = {}) {
|
|
|
172
172
|
if (options.context !== undefined)
|
|
173
173
|
args.push("-C", String(options.context));
|
|
174
174
|
}
|
|
175
|
-
//
|
|
175
|
+
// Per-file match limit for pagination efficiency (content mode only)
|
|
176
176
|
if (outputMode === "content") {
|
|
177
177
|
const headLimit = options.headLimit ?? 250;
|
|
178
178
|
const offset = options.offset ?? 0;
|
|
@@ -327,7 +327,7 @@ export function createComisGrepTool(workspacePath, logger, readOnlyPaths, shared
|
|
|
327
327
|
const outputMode = outputModeRaw && OUTPUT_MODES.includes(outputModeRaw)
|
|
328
328
|
? outputModeRaw
|
|
329
329
|
: "content";
|
|
330
|
-
//
|
|
330
|
+
// Optional filter / formatting parameters
|
|
331
331
|
const glob = readStringParam(params, "glob", false);
|
|
332
332
|
const type = readStringParam(params, "type", false);
|
|
333
333
|
const caseInsensitive = readBooleanParam(params, "-i", false) ?? false;
|
|
@@ -42,6 +42,7 @@ export declare const AgentsManageToolParams: Type.TObject<{
|
|
|
42
42
|
browser: Type.TOptional<Type.TBoolean>;
|
|
43
43
|
}>>;
|
|
44
44
|
}>>;
|
|
45
|
+
oauthProfiles: Type.TOptional<Type.TRecord<"^.*$", Type.TString>>;
|
|
45
46
|
}>, Type.TString]>>;
|
|
46
47
|
}>;
|
|
47
48
|
export interface AgentInlineWritesValue {
|
|
@@ -68,13 +69,13 @@ export interface AgentInlineWritesError {
|
|
|
68
69
|
* Pure string composition. No I/O, no Result<T,E> needed (per AGENTS.md
|
|
69
70
|
* §2.1: Result is for fallible paths only; this is infallible).
|
|
70
71
|
*
|
|
71
|
-
* Three branches keyed on `inlineWritesResult
|
|
72
|
+
* Three branches keyed on `inlineWritesResult`:
|
|
72
73
|
* - BOTH written → SHORT contract: "No further setup needed — agent is
|
|
73
74
|
* operationally ready". Skips the post-create write() roundtrip.
|
|
74
75
|
* - PARTIAL (only one of role/identity written) → mixed contract pointing
|
|
75
76
|
* only at the still-template file with a single "Next required action".
|
|
76
|
-
* - NEITHER (or write failure / undefined) → existing
|
|
77
|
-
*
|
|
77
|
+
* - NEITHER (or write failure / undefined) → existing 2-step contract
|
|
78
|
+
* verbatim, telling the LLM to call write() for ROLE.md.
|
|
78
79
|
*
|
|
79
80
|
* Case B (workspaceDir absent — defensive fallback): shorter form pinning
|
|
80
81
|
* "Customize {agentId}'s workspace ROLE.md and IDENTITY.md before using."
|
|
@@ -94,7 +95,7 @@ export declare function buildCreateContract(agentId: string, workspaceDir: strin
|
|
|
94
95
|
*
|
|
95
96
|
* @param rpcCall - RPC call function for delegating to the daemon backend
|
|
96
97
|
* @param logger - Required structured logger. Used to emit a per-create
|
|
97
|
-
* INFO log pinning the next-step contract emission
|
|
98
|
+
* INFO log pinning the next-step contract emission.
|
|
98
99
|
* Mirrors the gateway-tool required-logger position; no overload-with-
|
|
99
100
|
* default-logger compat shim (per `feedback_no_backward_compat.md`).
|
|
100
101
|
* @param approvalGate - Optional approval gate for create/delete actions
|
|
@@ -48,19 +48,19 @@ export const AgentsManageToolParams = Type.Object({
|
|
|
48
48
|
"Default: full. Can be changed later via update action. " +
|
|
49
49
|
"Alternative shape: nested workspace.profile (see `workspace` field).",
|
|
50
50
|
})),
|
|
51
|
-
//
|
|
52
|
-
//
|
|
53
|
-
//
|
|
54
|
-
//
|
|
55
|
-
//
|
|
56
|
-
//
|
|
51
|
+
// Declare nested workspace shape explicitly. The LLM sometimes
|
|
52
|
+
// emits `workspace: {profile: "specialist"}` directly (mirroring
|
|
53
|
+
// the downstream Zod schema-agent.ts:733-738 shape). Without this
|
|
54
|
+
// declaration, the unknown nested object slipped past TypeBox
|
|
55
|
+
// structurally but the enum was never validated -- invalid values
|
|
56
|
+
// would only be caught later at the Zod layer with a less
|
|
57
57
|
// actionable error path. Declaring it here makes both shapes
|
|
58
58
|
// first-class and gates the enum at the tool-validation boundary.
|
|
59
59
|
workspace: Type.Optional(Type.Object({
|
|
60
60
|
profile: Type.Union([Type.Literal("full"), Type.Literal("specialist")], {
|
|
61
61
|
description: "Workspace profile (alternative to flat workspace_profile). Valid: full | specialist ONLY. NO other values accepted.",
|
|
62
62
|
}),
|
|
63
|
-
//
|
|
63
|
+
// Inline ROLE.md / IDENTITY.md content. The tool
|
|
64
64
|
// handler strips these from the config payload BEFORE the RPC
|
|
65
65
|
// and forwards them as a separate top-level `inlineContent`
|
|
66
66
|
// param. The daemon writes them as files (write-once side-
|
|
@@ -95,6 +95,17 @@ export const AgentsManageToolParams = Type.Object({
|
|
|
95
95
|
browser: Type.Optional(Type.Boolean({ description: "Enable headless browser control" })),
|
|
96
96
|
}, { description: "Built-in tool toggles (true=enabled, false=disabled)" })),
|
|
97
97
|
}, { description: "Skills and tool configuration" })),
|
|
98
|
+
// Per-agent OAuth profile preference. Map of provider → profile-id
|
|
99
|
+
// (e.g. { "openai-codex": "openai-codex:user@example.com" }).
|
|
100
|
+
// The downstream Zod schema (PerAgentConfigSchema) is the
|
|
101
|
+
// canonical format gate via `validateProfileId`; the daemon-side
|
|
102
|
+
// `agents.update` handler additionally rejects unknown profile IDs
|
|
103
|
+
// via `OAuthCredentialStore.has()`.
|
|
104
|
+
oauthProfiles: Type.Optional(Type.Record(Type.String(), Type.String({
|
|
105
|
+
description: "<provider>:<identity> profile ID. Run `comis auth list` first to discover stored profiles.",
|
|
106
|
+
}), {
|
|
107
|
+
description: "OAuth profile preferences per provider (e.g., openai-codex). Each value must match an existing stored profile ID — the daemon rejects nonexistent IDs with a 'not found in store' error.",
|
|
108
|
+
})),
|
|
98
109
|
}, { description: "Agent configuration for create/update actions" }),
|
|
99
110
|
Type.String({
|
|
100
111
|
description: "Agent configuration as a JSON string (fallback when the LLM stringifies the object). " +
|
|
@@ -110,9 +121,9 @@ const VALID_ACTIONS = ["create", "get", "update", "delete", "suspend", "resume",
|
|
|
110
121
|
* Map flat workspace_profile param to nested workspace.profile config.
|
|
111
122
|
* Mutates config in place.
|
|
112
123
|
*
|
|
113
|
-
*
|
|
114
|
-
*
|
|
115
|
-
*
|
|
124
|
+
* Precedence is "flat wins" -- when both flat workspace_profile and nested
|
|
125
|
+
* workspace.profile are present, the flat field overwrites the nested one.
|
|
126
|
+
* This matches the existing spread semantics
|
|
116
127
|
* (`{...existing, profile}`) and keeps a single deterministic rule. When only
|
|
117
128
|
* nested is present (no `workspace_profile` key), this is a no-op and the
|
|
118
129
|
* nested shape flows through unchanged to the downstream Zod validator.
|
|
@@ -145,13 +156,13 @@ function mapWorkspaceProfile(config) {
|
|
|
145
156
|
* Pure string composition. No I/O, no Result<T,E> needed (per AGENTS.md
|
|
146
157
|
* §2.1: Result is for fallible paths only; this is infallible).
|
|
147
158
|
*
|
|
148
|
-
* Three branches keyed on `inlineWritesResult
|
|
159
|
+
* Three branches keyed on `inlineWritesResult`:
|
|
149
160
|
* - BOTH written → SHORT contract: "No further setup needed — agent is
|
|
150
161
|
* operationally ready". Skips the post-create write() roundtrip.
|
|
151
162
|
* - PARTIAL (only one of role/identity written) → mixed contract pointing
|
|
152
163
|
* only at the still-template file with a single "Next required action".
|
|
153
|
-
* - NEITHER (or write failure / undefined) → existing
|
|
154
|
-
*
|
|
164
|
+
* - NEITHER (or write failure / undefined) → existing 2-step contract
|
|
165
|
+
* verbatim, telling the LLM to call write() for ROLE.md.
|
|
155
166
|
*
|
|
156
167
|
* Case B (workspaceDir absent — defensive fallback): shorter form pinning
|
|
157
168
|
* "Customize {agentId}'s workspace ROLE.md and IDENTITY.md before using."
|
|
@@ -179,7 +190,7 @@ export function buildCreateContract(agentId, workspaceDir, inlineWritesResult) {
|
|
|
179
190
|
].join("\n");
|
|
180
191
|
}
|
|
181
192
|
// NEITHER (no inlineContent supplied, write failure, or undefined): fall
|
|
182
|
-
// through to the existing
|
|
193
|
+
// through to the existing 2-step contract verbatim.
|
|
183
194
|
if (workspaceDir !== undefined) {
|
|
184
195
|
return [
|
|
185
196
|
`✓ Agent ${agentId} created at ${workspaceDir}.`,
|
|
@@ -222,7 +233,7 @@ function coerceConfig(p) {
|
|
|
222
233
|
*
|
|
223
234
|
* @param rpcCall - RPC call function for delegating to the daemon backend
|
|
224
235
|
* @param logger - Required structured logger. Used to emit a per-create
|
|
225
|
-
* INFO log pinning the next-step contract emission
|
|
236
|
+
* INFO log pinning the next-step contract emission.
|
|
226
237
|
* Mirrors the gateway-tool required-logger position; no overload-with-
|
|
227
238
|
* default-logger compat shim (per `feedback_no_backward_compat.md`).
|
|
228
239
|
* @param approvalGate - Optional approval gate for create/delete actions
|
|
@@ -260,16 +271,16 @@ export function createAgentsManageTool(rpcCall, logger, approvalGate, callbacks)
|
|
|
260
271
|
}
|
|
261
272
|
}
|
|
262
273
|
}
|
|
263
|
-
//
|
|
264
|
-
//
|
|
265
|
-
//
|
|
266
|
-
//
|
|
274
|
+
// Strip workspace.role / workspace.identity from the config
|
|
275
|
+
// payload BEFORE the RPC and forward them as a separate top-level
|
|
276
|
+
// `inlineContent` parameter. Rationale: the downstream Zod schema
|
|
277
|
+
// (PerAgentConfigSchema.workspace at
|
|
267
278
|
// packages/core/src/config/schema-agent.ts) is z.strictObject —
|
|
268
279
|
// unknown keys would trigger Zod `unrecognized_keys` rejection.
|
|
269
280
|
// role/identity are write-once side-effects (ROLE.md / IDENTITY.md
|
|
270
281
|
// file writes), NOT durable state — they MUST NOT leak into
|
|
271
|
-
// config.yaml.
|
|
272
|
-
//
|
|
282
|
+
// config.yaml. Extending the Zod schema instead would persist
|
|
283
|
+
// them and was rejected.
|
|
273
284
|
let inlineContent;
|
|
274
285
|
if (config && typeof config === "object") {
|
|
275
286
|
const ws = config.workspace;
|
|
@@ -295,11 +306,11 @@ export function createAgentsManageTool(rpcCall, logger, approvalGate, callbacks)
|
|
|
295
306
|
const aid = agentId;
|
|
296
307
|
const workspaceDir = result?.workspaceDir;
|
|
297
308
|
const inlineWritesResult = result?.inlineWritesResult;
|
|
298
|
-
//
|
|
299
|
-
//
|
|
300
|
-
//
|
|
301
|
-
//
|
|
302
|
-
//
|
|
309
|
+
// Emit the next-step contract on the freshest, uncached surface
|
|
310
|
+
// the LLM reads each turn (the tool_result text). The contract
|
|
311
|
+
// has 3 branches keyed on inlineWritesResult (see
|
|
312
|
+
// buildCreateContract). One structured INFO log pins this
|
|
313
|
+
// happened.
|
|
303
314
|
const contractText = buildCreateContract(aid, workspaceDir, inlineWritesResult);
|
|
304
315
|
// Distinguish the 3 inline-write outcomes for observability.
|
|
305
316
|
// "none" — caller did not supply inlineContent
|
|
@@ -311,7 +322,7 @@ export function createAgentsManageTool(rpcCall, logger, approvalGate, callbacks)
|
|
|
311
322
|
? "written"
|
|
312
323
|
: "failed";
|
|
313
324
|
logger.info({
|
|
314
|
-
|
|
325
|
+
submodule: "skill.agents-manage",
|
|
315
326
|
action: "create",
|
|
316
327
|
agentId: aid,
|
|
317
328
|
workspaceDir: workspaceDir ?? null,
|
|
@@ -14,13 +14,16 @@ type TaskStatus = "running" | "completed" | "failed" | "cancelled";
|
|
|
14
14
|
/** Minimal task shape used by this tool. */
|
|
15
15
|
interface TaskInfo {
|
|
16
16
|
id: string;
|
|
17
|
-
agentId: string;
|
|
18
17
|
toolName: string;
|
|
19
18
|
status: TaskStatus;
|
|
20
19
|
startedAt: number;
|
|
21
20
|
completedAt?: number;
|
|
22
21
|
result?: string;
|
|
23
22
|
error?: string;
|
|
23
|
+
/** agentId is nested under origin.agentId */
|
|
24
|
+
origin: {
|
|
25
|
+
agentId: string;
|
|
26
|
+
};
|
|
24
27
|
}
|
|
25
28
|
/** Subset of BackgroundTaskManager consumed by this tool. */
|
|
26
29
|
export interface BackgroundTaskManagerLike {
|
|
@@ -72,7 +72,7 @@ export function createBackgroundTasksTool(deps) {
|
|
|
72
72
|
case "get": {
|
|
73
73
|
const taskId = readStringParam(p, "taskId");
|
|
74
74
|
const task = deps.manager.getTask(taskId);
|
|
75
|
-
if (!task || task.agentId !== deps.agentId) {
|
|
75
|
+
if (!task || task.origin.agentId !== deps.agentId) {
|
|
76
76
|
return {
|
|
77
77
|
content: [{ type: "text", text: `Error: Task not found: ${taskId}` }],
|
|
78
78
|
details: null,
|
|
@@ -96,7 +96,7 @@ export function createBackgroundTasksTool(deps) {
|
|
|
96
96
|
case "cancel": {
|
|
97
97
|
const taskId = readStringParam(p, "taskId");
|
|
98
98
|
const task = deps.manager.getTask(taskId);
|
|
99
|
-
if (!task || task.agentId !== deps.agentId) {
|
|
99
|
+
if (!task || task.origin.agentId !== deps.agentId) {
|
|
100
100
|
return {
|
|
101
101
|
content: [{ type: "text", text: `Error: Task not found: ${taskId}` }],
|
|
102
102
|
details: null,
|
|
@@ -117,7 +117,7 @@ export function createBackgroundTasksTool(deps) {
|
|
|
117
117
|
case "read_output": {
|
|
118
118
|
const taskId = readStringParam(p, "taskId");
|
|
119
119
|
const task = deps.manager.getTask(taskId);
|
|
120
|
-
if (!task || task.agentId !== deps.agentId) {
|
|
120
|
+
if (!task || task.origin.agentId !== deps.agentId) {
|
|
121
121
|
return {
|
|
122
122
|
content: [{ type: "text", text: `Error: Task not found: ${taskId}` }],
|
|
123
123
|
details: null,
|
|
@@ -39,7 +39,7 @@ const CronToolParams = Type.Object({
|
|
|
39
39
|
payload_text: Type.Optional(Type.String({ description: "Payload text or message content" })),
|
|
40
40
|
// session strategy params
|
|
41
41
|
session_strategy: Type.Optional(Type.Union([Type.Literal("fresh"), Type.Literal("rolling"), Type.Literal("accumulate")], {
|
|
42
|
-
description: "Session history strategy for recurring jobs. Valid values: fresh (new session each run), rolling (keep last N turns), accumulate (keep all history). Default: fresh",
|
|
42
|
+
description: "Session history strategy for recurring jobs. Valid values: fresh (new session each run; default and STRONGLY PREFERRED for cadences ≥ 10 minutes), rolling (keep last N turns; ONLY use when cadence < 5 minutes), accumulate (keep all history; rarely correct, leaks across runs). Rationale: cron uses a 5-minute prompt cache TTL, so any cadence longer than that wastes cache-write spend on rolling/accumulate — the cache is always cold by the next tick. Pick fresh unless cross-tick session memory is essential and cadence is < 5 minutes. Default: fresh",
|
|
43
43
|
})),
|
|
44
44
|
max_history_turns: Type.Optional(Type.Integer({ description: "Number of recent turns to keep for rolling strategy (default 3)" })),
|
|
45
45
|
model: Type.Optional(Type.String({
|
|
@@ -165,16 +165,16 @@ export function createGatewayTool(rpcCall, logger) {
|
|
|
165
165
|
hint: "Ask the user to confirm this restart, then call again with _confirmed: true.",
|
|
166
166
|
};
|
|
167
167
|
}
|
|
168
|
-
//
|
|
169
|
-
//
|
|
170
|
-
//
|
|
171
|
-
//
|
|
172
|
-
//
|
|
168
|
+
// Inside Docker the restart relies entirely on the container's
|
|
169
|
+
// restart policy to bring the daemon back. Surface a structured
|
|
170
|
+
// WARN so the operator gets a breadcrumb in `docker logs`
|
|
171
|
+
// pointing at `--restart unless-stopped`. Tool result schema
|
|
172
|
+
// unchanged (Pino-only -- no extra content blocks).
|
|
173
173
|
if (isDocker()) {
|
|
174
174
|
logger.warn({
|
|
175
175
|
hint: "Container must have --restart unless-stopped (or compose restart: unless-stopped) for the restart to bring it back. Otherwise run 'docker restart <name>' from your host after the daemon exits.",
|
|
176
176
|
errorKind: "config",
|
|
177
|
-
|
|
177
|
+
submodule: "skill.gateway",
|
|
178
178
|
}, "Daemon restart requested inside Docker container — relies on container restart policy");
|
|
179
179
|
}
|
|
180
180
|
return rpcCall("gateway.restart", { _trustLevel });
|
|
@@ -13,7 +13,7 @@ import type { ApprovalGate } from "@comis/core";
|
|
|
13
13
|
import type { RpcCall } from "./cron-tool.js";
|
|
14
14
|
declare const McpManageToolParams: Type.TObject<{
|
|
15
15
|
action: Type.TUnion<[Type.TLiteral<"list">, Type.TLiteral<"status">, Type.TLiteral<"connect">, Type.TLiteral<"disconnect">, Type.TLiteral<"reconnect">]>;
|
|
16
|
-
|
|
16
|
+
server_name: Type.TOptional<Type.TString>;
|
|
17
17
|
transport: Type.TOptional<Type.TString>;
|
|
18
18
|
command: Type.TOptional<Type.TString>;
|
|
19
19
|
args: Type.TOptional<Type.TArray<Type.TString>>;
|
|
@@ -22,7 +22,7 @@ const McpManageToolParams = Type.Object({
|
|
|
22
22
|
Type.Literal("disconnect"),
|
|
23
23
|
Type.Literal("reconnect"),
|
|
24
24
|
], { description: "MCP server management action. Valid values: list (all servers with status), status (detailed single server info), connect (add new server), disconnect (remove server), reconnect (restart server connection)" }),
|
|
25
|
-
|
|
25
|
+
server_name: Type.Optional(Type.String({
|
|
26
26
|
description: "MCP server name. Required for status/connect/disconnect/reconnect.",
|
|
27
27
|
})),
|
|
28
28
|
transport: Type.Optional(Type.String({
|
|
@@ -72,14 +72,14 @@ export function createMcpManageTool(rpcCall, approvalGate) {
|
|
|
72
72
|
return rpcCall("mcp.list", { _trustLevel: ctx.trustLevel });
|
|
73
73
|
},
|
|
74
74
|
async status(p, rpcCall, ctx) {
|
|
75
|
-
const name = readStringParam(p, "
|
|
76
|
-
return rpcCall("mcp.status", { name, _trustLevel: ctx.trustLevel });
|
|
75
|
+
const name = readStringParam(p, "server_name");
|
|
76
|
+
return rpcCall("mcp.status", { server_name: name, _trustLevel: ctx.trustLevel });
|
|
77
77
|
},
|
|
78
78
|
async connect(p, rpcCall, ctx) {
|
|
79
|
-
const name = readStringParam(p, "
|
|
79
|
+
const name = readStringParam(p, "server_name");
|
|
80
80
|
const transport = readStringParam(p, "transport");
|
|
81
81
|
return rpcCall("mcp.connect", {
|
|
82
|
-
name,
|
|
82
|
+
server_name: name,
|
|
83
83
|
transport,
|
|
84
84
|
command: p.command,
|
|
85
85
|
args: p.args,
|
|
@@ -89,13 +89,13 @@ export function createMcpManageTool(rpcCall, approvalGate) {
|
|
|
89
89
|
});
|
|
90
90
|
},
|
|
91
91
|
async disconnect(p, rpcCall, ctx) {
|
|
92
|
-
const name = readStringParam(p, "
|
|
93
|
-
return rpcCall("mcp.disconnect", { name, _trustLevel: ctx.trustLevel });
|
|
92
|
+
const name = readStringParam(p, "server_name");
|
|
93
|
+
return rpcCall("mcp.disconnect", { server_name: name, _trustLevel: ctx.trustLevel });
|
|
94
94
|
},
|
|
95
95
|
async reconnect(p, rpcCall, ctx) {
|
|
96
|
-
const name = readStringParam(p, "
|
|
96
|
+
const name = readStringParam(p, "server_name");
|
|
97
97
|
return rpcCall("mcp.reconnect", {
|
|
98
|
-
name,
|
|
98
|
+
server_name: name,
|
|
99
99
|
transport: p.transport,
|
|
100
100
|
command: p.command,
|
|
101
101
|
args: p.args,
|
|
@@ -7,6 +7,17 @@
|
|
|
7
7
|
* @module
|
|
8
8
|
*/
|
|
9
9
|
import type { SandboxOptions, SandboxProvider } from "./types.js";
|
|
10
|
+
/**
|
|
11
|
+
* System paths to bind read-only. Filtered by existsSync once at
|
|
12
|
+
* first buildArgs() call and cached for the provider's lifetime.
|
|
13
|
+
*
|
|
14
|
+
* Exported so the bwrap smoke test in detect-provider.ts consumes the
|
|
15
|
+
* same list — drift between smoke and production binds caused a real
|
|
16
|
+
* false-negative on usrmerge x86-64 hosts (smoke test missed /lib64
|
|
17
|
+
* → /bin/true's dynamic linker unreachable → smoke EPERMs while the
|
|
18
|
+
* production sandbox actually works fine).
|
|
19
|
+
*/
|
|
20
|
+
export declare const SYSTEM_RO_PATHS: readonly ["/usr", "/bin", "/sbin", "/lib", "/lib64", "/lib32", "/etc/resolv.conf", "/etc/hosts", "/etc/hostname", "/etc/ssl", "/etc/ca-certificates", "/etc/pki", "/etc/ld.so.cache", "/etc/ld.so.conf", "/etc/ld.so.conf.d", "/etc/alternatives", "/etc/localtime", "/etc/passwd", "/etc/group", "/etc/nsswitch.conf"];
|
|
10
21
|
export declare class BwrapProvider implements SandboxProvider {
|
|
11
22
|
readonly name = "bwrap";
|
|
12
23
|
private bwrapPath;
|
|
@@ -14,8 +14,14 @@ import path from "node:path";
|
|
|
14
14
|
/**
|
|
15
15
|
* System paths to bind read-only. Filtered by existsSync once at
|
|
16
16
|
* first buildArgs() call and cached for the provider's lifetime.
|
|
17
|
+
*
|
|
18
|
+
* Exported so the bwrap smoke test in detect-provider.ts consumes the
|
|
19
|
+
* same list — drift between smoke and production binds caused a real
|
|
20
|
+
* false-negative on usrmerge x86-64 hosts (smoke test missed /lib64
|
|
21
|
+
* → /bin/true's dynamic linker unreachable → smoke EPERMs while the
|
|
22
|
+
* production sandbox actually works fine).
|
|
17
23
|
*/
|
|
18
|
-
const SYSTEM_RO_PATHS = [
|
|
24
|
+
export const SYSTEM_RO_PATHS = [
|
|
19
25
|
"/usr",
|
|
20
26
|
"/bin",
|
|
21
27
|
"/sbin",
|
|
@@ -73,6 +79,40 @@ function getClaudeCodeRwPaths(home) {
|
|
|
73
79
|
/* eslint-enable no-restricted-syntax */
|
|
74
80
|
].filter((p) => existsSync(p));
|
|
75
81
|
}
|
|
82
|
+
/**
|
|
83
|
+
* Per-user XDG paths that need read-write access for language package managers.
|
|
84
|
+
*
|
|
85
|
+
* These paths MUST match the systemd ReadWritePaths in
|
|
86
|
+
* packages/daemon/systemd/comis.service.template. Without RW access here,
|
|
87
|
+
* package managers writing to standard XDG paths (npm, uv, pipx, cargo, go,
|
|
88
|
+
* deno, bun) fail with EROFS at the bwrap mount layer even when the outer
|
|
89
|
+
* systemd sandbox permits the write.
|
|
90
|
+
*
|
|
91
|
+
* Why these specific paths:
|
|
92
|
+
* - ~/.npm -- npm/npx default cache + global modules root.
|
|
93
|
+
* - ~/.cache -- XDG_CACHE_HOME default; uv archives, deno cache, bun cache,
|
|
94
|
+
* pip wheel cache, cargo registry cache, go module cache.
|
|
95
|
+
* wrapEnv() also redirects most caches into the workspace, but
|
|
96
|
+
* some tools (e.g. uv's archive cache) still touch ~/.cache
|
|
97
|
+
* during early bootstrap before env vars take effect.
|
|
98
|
+
* - ~/.local/share -- XDG_DATA_HOME default; uvx tool installs, pipx venvs,
|
|
99
|
+
* rustup toolchains, generic XDG_DATA consumers.
|
|
100
|
+
*
|
|
101
|
+
* Note: this returns a subset of paths bound RO by getUserRoPaths
|
|
102
|
+
* (specifically ~/.local). The RW bind is emitted AFTER the RO bind in
|
|
103
|
+
* buildArgs, which causes bwrap to apply the more-permissive RW mount on
|
|
104
|
+
* top of the RO mount for the ~/.local/share subpath. ~/.local itself
|
|
105
|
+
* remains RO; only ~/.local/share becomes RW.
|
|
106
|
+
*/
|
|
107
|
+
function getDevToolRwPaths(home) {
|
|
108
|
+
/* eslint-disable no-restricted-syntax -- Trusted: constant subpaths of homedir, no user input */
|
|
109
|
+
return [
|
|
110
|
+
path.join(home, ".npm"),
|
|
111
|
+
path.join(home, ".cache"),
|
|
112
|
+
path.join(home, ".local", "share"),
|
|
113
|
+
/* eslint-enable no-restricted-syntax */
|
|
114
|
+
].filter((p) => existsSync(p));
|
|
115
|
+
}
|
|
76
116
|
export class BwrapProvider {
|
|
77
117
|
name = "bwrap";
|
|
78
118
|
bwrapPath = null;
|
|
@@ -124,6 +164,14 @@ export class BwrapProvider {
|
|
|
124
164
|
for (const cp of getClaudeCodeRwPaths(os.homedir())) {
|
|
125
165
|
args.push("--bind", cp, cp);
|
|
126
166
|
}
|
|
167
|
+
// -- Dev tool RW paths (read-write) --
|
|
168
|
+
// MUST come after getUserRoPaths above so the RW bind for ~/.local/share
|
|
169
|
+
// overrides the RO bind for ~/.local. MUST come before the discovery
|
|
170
|
+
// readOnlyPaths loop below so caller-supplied RO can't shadow these.
|
|
171
|
+
// Mirror of systemd ReadWritePaths in comis.service.template.
|
|
172
|
+
for (const dp of getDevToolRwPaths(os.homedir())) {
|
|
173
|
+
args.push("--bind", dp, dp);
|
|
174
|
+
}
|
|
127
175
|
// -- Read-only paths (discovery paths, custom) --
|
|
128
176
|
for (const ro of opts.readOnlyPaths) {
|
|
129
177
|
if (existsSync(ro)) {
|
|
@@ -139,6 +187,24 @@ export class BwrapProvider {
|
|
|
139
187
|
wrapEnv(env, workspacePath) {
|
|
140
188
|
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
141
189
|
const cacheDir = path.join(workspacePath, ".cache");
|
|
190
|
+
// Workspace-rooted bin dirs that hold CLIs installed by sandboxed package
|
|
191
|
+
// managers. Prepended to PATH so a binary installed by `cargo install <crate>`
|
|
192
|
+
// (or pipx, go install, bun add -g, deno install, pnpm add -g) on one exec
|
|
193
|
+
// call is invocable on the NEXT exec call. Ordering: highest-frequency first.
|
|
194
|
+
const toolBinPaths = [
|
|
195
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
196
|
+
path.join(workspacePath, ".local", "bin"), // PYTHONUSERBASE/bin + PIPX_BIN_DIR
|
|
197
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
198
|
+
path.join(cacheDir, "cargo", "bin"), // cargo install
|
|
199
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
200
|
+
path.join(cacheDir, "go", "bin"), // go install
|
|
201
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
202
|
+
path.join(cacheDir, "bun", "bin"), // bun add -g
|
|
203
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
204
|
+
path.join(cacheDir, "pnpm"), // pnpm global (PNPM_HOME itself is the bin dir)
|
|
205
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
206
|
+
path.join(cacheDir, "deno", "bin"), // deno install
|
|
207
|
+
];
|
|
142
208
|
return {
|
|
143
209
|
...env,
|
|
144
210
|
// Temp files: heredocs, wheel builds, etc.
|
|
@@ -150,6 +216,15 @@ export class BwrapProvider {
|
|
|
150
216
|
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
151
217
|
PIP_CACHE_DIR: path.join(cacheDir, "pip"),
|
|
152
218
|
XDG_CACHE_HOME: cacheDir,
|
|
219
|
+
// XDG_STATE_HOME (~/.local/state by default): pipx logs, some Python
|
|
220
|
+
// tools, runtime state. The ~/.local parent bind is RO (getUserRoPaths)
|
|
221
|
+
// and getDevToolRwPaths only carves out ~/.local/share, so anything
|
|
222
|
+
// defaulting to ~/.local/state would EROFS without this redirect.
|
|
223
|
+
// pipx happens to survive (PIPX_HOME captures all pipx state) but other
|
|
224
|
+
// XDG-state-using tools would not. Defensive belt-and-suspenders matching
|
|
225
|
+
// the existing XDG_CACHE_HOME pattern.
|
|
226
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
227
|
+
XDG_STATE_HOME: path.join(workspacePath, ".local", "state"),
|
|
153
228
|
// Python: redirect user packages into workspace.
|
|
154
229
|
// PYTHONNOUSERSITE is NOT set — sandbox read paths cover dirs that
|
|
155
230
|
// pip needs to scan. Removing it lets Python find packages installed
|
|
@@ -176,6 +251,44 @@ export class BwrapProvider {
|
|
|
176
251
|
GEM_HOME: path.join(cacheDir, "gems"),
|
|
177
252
|
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
178
253
|
BUNDLE_PATH: path.join(cacheDir, "bundle"),
|
|
254
|
+
// Rust: rustup multiplexer needs RUSTUP_HOME to locate the toolchain.
|
|
255
|
+
// Pointed at the system rustup install (written by install.sh's
|
|
256
|
+
// install_rust at /usr/local/rustup). A workspace-rooted RUSTUP_HOME
|
|
257
|
+
// would be empty on first call, breaking `cargo install <crate>` with
|
|
258
|
+
// "rustup could not choose a version of cargo to run, because no default
|
|
259
|
+
// is configured" — confirmed on a real VPS during the dev-sandbox matrix
|
|
260
|
+
// test. CARGO_HOME stays workspace-rooted (above) so `cargo install`
|
|
261
|
+
// outputs land in <workspace>/.cache/cargo/bin and survive.
|
|
262
|
+
// Tradeoff: agent loses the ability to `rustup install <toolchain>` from
|
|
263
|
+
// inside exec (would need RW to /usr/local/rustup). Acceptable — the
|
|
264
|
+
// canonical use case is `cargo install <crate>`, which works.
|
|
265
|
+
RUSTUP_HOME: "/usr/local/rustup",
|
|
266
|
+
// uv: tool install dir for `uvx` / `uv tool install` (paired with UV_PYTHON_INSTALL_DIR above).
|
|
267
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
268
|
+
UV_TOOL_DIR: path.join(cacheDir, "uv", "tools"),
|
|
269
|
+
// pipx: venvs root + bin dir. PIPX_BIN_DIR aligns with PYTHONUSERBASE/bin
|
|
270
|
+
// (PYTHONUSERBASE = workspace/.local) so user-installed and pipx-installed
|
|
271
|
+
// CLIs share a single PATH entry: workspace/.local/bin.
|
|
272
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
273
|
+
PIPX_HOME: path.join(cacheDir, "pipx"),
|
|
274
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
275
|
+
PIPX_BIN_DIR: path.join(workspacePath, ".local", "bin"),
|
|
276
|
+
// pnpm global store + bin dir (PNPM_HOME is on PATH below).
|
|
277
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
278
|
+
PNPM_HOME: path.join(cacheDir, "pnpm"),
|
|
279
|
+
// bun: install root; binaries land in $BUN_INSTALL/bin.
|
|
280
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
281
|
+
BUN_INSTALL: path.join(cacheDir, "bun"),
|
|
282
|
+
// deno: cache + installed CLI dir ($DENO_DIR/bin via `deno install`).
|
|
283
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
284
|
+
DENO_DIR: path.join(cacheDir, "deno"),
|
|
285
|
+
// yarn cache; mirrors the others for completeness even though yarn is rare in agent flows.
|
|
286
|
+
// eslint-disable-next-line no-restricted-syntax -- Trusted: workspace path is daemon-controlled, constant subpaths
|
|
287
|
+
YARN_CACHE_FOLDER: path.join(cacheDir, "yarn"),
|
|
288
|
+
// PATH augmentation MUST come after the spread above so it overrides
|
|
289
|
+
// any PATH carried in `env`. Empty entries are filtered to avoid
|
|
290
|
+
// trailing/duplicate colons when env.PATH is undefined.
|
|
291
|
+
PATH: [...toolBinPaths, env.PATH ?? ""].filter(Boolean).join(":"),
|
|
179
292
|
};
|
|
180
293
|
}
|
|
181
294
|
}
|