npm - gsd-pi - Versions diffs - 2.70.1-dev.3e19108 → 2.70.1-dev.7d1d9d3 - Mend

gsd-pi 2.70.1-dev.3e19108 → 2.70.1-dev.7d1d9d3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (106) hide show

package/src/resources/extensions/claude-code-cli/stream-adapter.ts CHANGED Viewed

@@ -60,6 +60,8 @@ interface SdkElicitationFieldSchema {
 	type?: string;
 	title?: string;
 	description?: string;
+	format?: string;
+	writeOnly?: boolean;
 	oneOf?: SdkElicitationRequestOption[];
 	items?: {
 		anyOf?: SdkElicitationRequestOption[];
@@ -73,6 +75,7 @@ interface SdkElicitationRequest {
 	requestedSchema?: {
 		type?: string;
 		properties?: Record<string, SdkElicitationFieldSchema>;
+		required?: string[];
 	};
 }
@@ -85,7 +88,16 @@ interface ParsedElicitationQuestion extends Question {
 	noteFieldId?: string;
 }
+interface ParsedTextInputField {
+	id: string;
+	title: string;
+	description: string;
+	required: boolean;
+	secure: boolean;
+}
 const OTHER_OPTION_LABEL = "None of the above";
+const SENSITIVE_FIELD_PATTERN = /(password|passphrase|secret|token|api[_\s-]*key|private[_\s-]*key|credential)/i;
 // ---------------------------------------------------------------------------
 // Stream factory
@@ -274,6 +286,67 @@ export function parseAskUserQuestionsElicitation(
 	return questions.length > 0 ? questions : null;
 }
+function isSecureElicitationField(
+	requestMessage: string,
+	fieldId: string,
+	field: SdkElicitationFieldSchema,
+): boolean {
+	if (field.format === "password") return true;
+	if (field.writeOnly === true) return true;
+	const rawField = field as Record<string, unknown>;
+	if (rawField.sensitive === true || rawField["x-sensitive"] === true) return true;
+	const haystack = [
+		requestMessage,
+		fieldId.replace(/[_-]+/g, " "),
+		typeof field.title === "string" ? field.title : "",
+		typeof field.description === "string" ? field.description : "",
+	]
+		.join(" ")
+		.toLowerCase();
+	return SENSITIVE_FIELD_PATTERN.test(haystack);
+}
+export function parseTextInputElicitation(
+	request: Pick<SdkElicitationRequest, "message" | "mode" | "requestedSchema">,
+): ParsedTextInputField[] | null {
+	if (request.mode && request.mode !== "form") return null;
+	const schema = request.requestedSchema as
+		| ({ properties?: Record<string, SdkElicitationFieldSchema>; keys?: Record<string, SdkElicitationFieldSchema> } & Record<string, unknown>)
+		| undefined;
+	const fieldsSource = schema?.properties && typeof schema.properties === "object"
+		? schema.properties
+		: schema?.keys && typeof schema.keys === "object"
+			? schema.keys
+			: undefined;
+	if (!fieldsSource) return null;
+	const requiredSet = new Set(
+		Array.isArray(request.requestedSchema?.required)
+			? request.requestedSchema.required.filter((value): value is string => typeof value === "string")
+			: [],
+	);
+	const fields: ParsedTextInputField[] = [];
+	for (const [fieldId, field] of Object.entries(fieldsSource)) {
+		if (!field || typeof field !== "object") continue;
+		if (field.type !== "string") continue;
+		if (Array.isArray(field.oneOf) && field.oneOf.length > 0) continue;
+		fields.push({
+			id: fieldId,
+			title: typeof field.title === "string" && field.title.length > 0 ? field.title : fieldId,
+			description: typeof field.description === "string" ? field.description : "",
+			required: requiredSet.has(fieldId),
+			secure: isSecureElicitationField(request.message, fieldId, field),
+		});
+	}
+	return fields.length > 0 ? fields : null;
+}
 export function roundResultToElicitationContent(
 	questions: ParsedElicitationQuestion[],
 	result: RoundResult,
@@ -355,6 +428,52 @@ async function promptElicitationWithDialogs(
 	return { action: "accept", content };
 }
+function buildTextInputPromptTitle(request: SdkElicitationRequest, field: ParsedTextInputField): string {
+	const parts = [
+		request.serverName ? `[${request.serverName}]` : "",
+		field.title,
+		field.description,
+	].filter((part) => typeof part === "string" && part.trim().length > 0);
+	return parts.join("\n\n");
+}
+function buildTextInputPlaceholder(field: ParsedTextInputField): string | undefined {
+	const desc = field.description.trim();
+	if (!desc) return field.required ? "Required" : "Leave empty to skip";
+	const formatLine = desc
+		.split(/\r?\n/)
+		.map((line) => line.trim())
+		.find((line) => /^format:/i.test(line));
+	if (!formatLine) return field.required ? "Required" : "Leave empty to skip";
+	const hint = formatLine.replace(/^format:\s*/i, "").trim();
+	return hint.length > 0 ? hint : field.required ? "Required" : "Leave empty to skip";
+}
+async function promptTextInputElicitation(
+	request: SdkElicitationRequest,
+	fields: ParsedTextInputField[],
+	ui: ExtensionUIContext,
+	signal: AbortSignal,
+): Promise<SdkElicitationResult> {
+	const content: Record<string, string | string[]> = {};
+	for (const field of fields) {
+		const value = await ui.input(
+			buildTextInputPromptTitle(request, field),
+			buildTextInputPlaceholder(field),
+			{ signal, ...(field.secure ? { secure: true } : {}) },
+		);
+		if (value === undefined) {
+			return { action: "cancel" };
+		}
+		content[field.id] = value;
+	}
+	return { action: "accept", content };
+}
 export function createClaudeCodeElicitationHandler(
 	ui: ExtensionUIContext | undefined,
 ): ((request: SdkElicitationRequest, options: { signal: AbortSignal }) => Promise<SdkElicitationResult>) | undefined {
@@ -366,19 +485,24 @@ export function createClaudeCodeElicitationHandler(
 		}
 		const questions = parseAskUserQuestionsElicitation(request);
-		if (!questions) {
-			return { action: "decline" };
+		if (questions) {
+			const interviewResult = await showInterviewRound(questions, { signal }, { ui } as any).catch(() => undefined);
+			if (interviewResult && Object.keys(interviewResult.answers).length > 0) {
+				return {
+					action: "accept",
+					content: roundResultToElicitationContent(questions, interviewResult),
+				};
+			}
+			return promptElicitationWithDialogs(request, questions, ui, signal);
 		}
-		const interviewResult = await showInterviewRound(questions, { signal }, { ui } as any).catch(() => undefined);
-		if (interviewResult && Object.keys(interviewResult.answers).length > 0) {
-			return {
-				action: "accept",
-				content: roundResultToElicitationContent(questions, interviewResult),
-			};
+		const textFields = parseTextInputElicitation(request);
+		if (textFields) {
+			return promptTextInputElicitation(request, textFields, ui, signal);
 		}
-		return promptElicitationWithDialogs(request, questions, ui, signal);
+		return { action: "decline" };
 	};
 }
@@ -508,15 +632,15 @@ export function extractToolResultsFromSdkUserMessage(message: SDKUserMessage): A
 	return extracted;
 }
-function attachExternalResultsToToolCalls(
-	toolCalls: AssistantMessage["content"],
+function attachExternalResultsToToolBlocks(
+	toolBlocks: AssistantMessage["content"],
 	toolResultsById: ReadonlyMap<string, ExternalToolResultPayload>,
 ): void {
-	for (const block of toolCalls) {
-		if (block.type !== "toolCall") continue;
+	for (const block of toolBlocks) {
+		if (block.type !== "toolCall" && block.type !== "serverToolUse") continue;
 		const externalResult = toolResultsById.get(block.id);
 		if (!externalResult) continue;
-		(block as ToolCallWithExternalResult).externalResult = externalResult;
+		(block as ToolCallWithExternalResult & { id: string }).externalResult = externalResult;
 	}
 }
@@ -554,8 +678,8 @@ async function pumpSdkMessages(
 	/** Track the last text content seen across all assistant turns for the final message. */
 	let lastTextContent = "";
 	let lastThinkingContent = "";
-	/** Collect tool calls from intermediate SDK turns for tool_execution events. */
-	const intermediateToolCalls: AssistantMessage["content"] = [];
+	/** Collect tool blocks from intermediate SDK turns for tool execution rendering. */
+	const intermediateToolBlocks: AssistantMessage["content"] = [];
 	/** Preserve real external tool results from Claude Code's synthetic user messages. */
 	const toolResultsById = new Map<string, ExternalToolResultPayload>();
@@ -666,9 +790,9 @@ async function pumpSdkMessages(
 								lastTextContent = block.text;
 							} else if (block.type === "thinking" && block.thinking) {
 								lastThinkingContent = block.thinking;
-							} else if (block.type === "toolCall") {
-								// Collect tool calls for externalToolExecution rendering
-								intermediateToolCalls.push(block);
+							} else if (block.type === "toolCall" || block.type === "serverToolUse") {
+								// Collect tool blocks for externalToolExecution rendering
+								intermediateToolBlocks.push(block);
 							}
 						}
 					}
@@ -678,24 +802,33 @@ async function pumpSdkMessages(
 					for (const { toolUseId, result } of extractToolResultsFromSdkUserMessage(msg as SDKUserMessage)) {
 						toolResultsById.set(toolUseId, result);
 					}
-					attachExternalResultsToToolCalls(intermediateToolCalls, toolResultsById);
+					attachExternalResultsToToolBlocks(intermediateToolBlocks, toolResultsById);
 					// Push a synthetic toolcall_end for each tool call from this turn
 					// so the TUI can render tool results in real-time during the SDK
 					// session instead of waiting until the entire session completes.
 					if (builder) {
 						for (const block of builder.message.content) {
-							if (block.type !== "toolCall") continue;
 							const extResult = (block as ToolCallWithExternalResult).externalResult;
 							if (!extResult) continue;
-							// Push a toolcall_end with result attached so the chat-controller
-							// can call updateResult on the pending ToolExecutionComponent.
-							stream.push({
-								type: "toolcall_end",
-								contentIndex: builder.message.content.indexOf(block),
-								toolCall: block,
-								partial: builder.message,
-							});
+							const contentIndex = builder.message.content.indexOf(block);
+							if (contentIndex < 0) continue;
+							// Push synthetic completion events with result attached so the
+							// chat-controller can update pending ToolExecutionComponents.
+							if (block.type === "toolCall") {
+								stream.push({
+									type: "toolcall_end",
+									contentIndex,
+									toolCall: block,
+									partial: builder.message,
+								});
+							} else if (block.type === "serverToolUse") {
+								stream.push({
+									type: "server_tool_use",
+									contentIndex,
+									partial: builder.message,
+								});
+							}
 						}
 					}
@@ -713,8 +846,8 @@ async function pumpSdkMessages(
 					const finalContent: AssistantMessage["content"] = [];
 					// Add tool calls from intermediate turns first (renders above text)
-					attachExternalResultsToToolCalls(intermediateToolCalls, toolResultsById);
-					finalContent.push(...intermediateToolCalls);
+					attachExternalResultsToToolBlocks(intermediateToolBlocks, toolResultsById);
+					finalContent.push(...intermediateToolBlocks);
 					// Add text/thinking from the last turn
 					if (builder && builder.message.content.length > 0) {

package/src/resources/extensions/claude-code-cli/tests/stream-adapter.test.ts CHANGED Viewed

@@ -11,6 +11,7 @@ import {
 	extractToolResultsFromSdkUserMessage,
 	getClaudeLookupCommand,
 	parseAskUserQuestionsElicitation,
+	parseTextInputElicitation,
 	parseClaudeLookupOutput,
 	roundResultToElicitationContent,
 } from "../stream-adapter.ts";
@@ -514,6 +515,117 @@ describe("stream-adapter — MCP elicitation bridge", () => {
 			},
 		});
 	});
+	test("parseTextInputElicitation recognizes secure free-text MCP forms", () => {
+		const request = {
+			serverName: "gsd-workflow",
+			message: "Enter values for environment variables.",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				properties: {
+					TEST_PASSWORD: {
+						type: "string",
+						title: "TEST_PASSWORD",
+						description: "Format: min 8 characters\nLeave empty to skip.",
+					},
+					PROJECT_NAME: {
+						type: "string",
+						title: "PROJECT_NAME",
+						description: "Human-readable project name.",
+					},
+				},
+			},
+		};
+		const parsed = parseTextInputElicitation(request as any);
+		assert.deepEqual(parsed, [
+			{
+				id: "TEST_PASSWORD",
+				title: "TEST_PASSWORD",
+				description: "Format: min 8 characters\nLeave empty to skip.",
+				required: false,
+				secure: true,
+			},
+			{
+				id: "PROJECT_NAME",
+				title: "PROJECT_NAME",
+				description: "Human-readable project name.",
+				required: false,
+				secure: false,
+			},
+		]);
+	});
+	test("parseTextInputElicitation accepts legacy keys schema and skips unsupported fields", () => {
+		const request = {
+			serverName: "gsd-workflow",
+			message: "Enter secure values",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				keys: {
+					API_TOKEN: {
+						type: "string",
+						title: "API_TOKEN",
+						description: "Leave empty to skip.",
+					},
+					META: {
+						type: "object",
+						title: "metadata",
+					},
+				},
+			},
+		};
+		const parsed = parseTextInputElicitation(request as any);
+		assert.deepEqual(parsed, [
+			{
+				id: "API_TOKEN",
+				title: "API_TOKEN",
+				description: "Leave empty to skip.",
+				required: false,
+				secure: true,
+			},
+		]);
+	});
+	test("createClaudeCodeElicitationHandler collects secure_env_collect fields through input dialogs", async () => {
+		const secureRequest = {
+			serverName: "gsd-workflow",
+			message: "Enter values for environment variables.",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				properties: {
+					TEST_PASSWORD: {
+						type: "string",
+						title: "TEST_PASSWORD",
+						description: "Format: Your secure testing password\nLeave empty to skip.",
+					},
+				},
+			},
+		};
+		const inputCalls: Array<{ opts?: { secure?: boolean } }> = [];
+		const handler = createClaudeCodeElicitationHandler({
+			input: async (_title: string, _placeholder?: string, opts?: { secure?: boolean }) => {
+				inputCalls.push({ opts });
+				return "super-secret";
+			},
+		} as any);
+		assert.ok(handler);
+		const result = await handler!(secureRequest as any, { signal: new AbortController().signal });
+		assert.deepEqual(result, {
+			action: "accept",
+			content: {
+				TEST_PASSWORD: "super-secret",
+			},
+		});
+		assert.equal(inputCalls.length, 1);
+		assert.equal(inputCalls[0]?.opts?.secure, true, "secure_env_collect fields should request secure input");
+	});
 });
 describe("stream-adapter — Windows Claude path lookup (#3770)", () => {

package/src/resources/extensions/get-secrets-from-user.ts CHANGED Viewed

@@ -126,7 +126,7 @@ async function collectOneSecret(
 ): Promise<string | null> {
 	if (!ctx.hasUI) return null;
-	return ctx.ui.custom((tui: any, theme: any, _kb: any, done: (r: string | null) => void) => {
+	const customResult = await ctx.ui.custom((tui: any, theme: any, _kb: any, done: (r: string | null) => void) => {
 		let value = "";
 		let cachedLines: string[] | undefined;
@@ -223,6 +223,29 @@ async function collectOneSecret(
 			handleInput,
 		};
 	});
+	// RPC/web surfaces may not implement ctx.ui.custom(). Fall back to a
+	// standard input prompt so users can still provide the secret.
+	if (customResult !== undefined) {
+		return customResult;
+	}
+	if (typeof ctx.ui?.input !== "function") {
+		return null;
+	}
+	const inputTitle = `Secure value for ${keyName} (${pageIndex + 1}/${totalPages})`;
+	const inputPlaceholder = hint || "Enter secret value";
+	const inputResult = await ctx.ui.input(
+		inputTitle,
+		inputPlaceholder,
+		{ secure: true },
+	);
+	if (typeof inputResult !== "string") {
+		return null;
+	}
+	const trimmed = inputResult.trim();
+	return trimmed.length > 0 ? trimmed : null;
 }
 /**

package/src/resources/extensions/gsd/custom-workflow-engine.ts CHANGED Viewed

@@ -34,6 +34,7 @@ import {
 import { injectContext } from "./context-injector.js";
 import type { WorkflowDefinition, StepDefinition } from "./definition-loader.js";
 import { parseUnitId } from "./unit-id.js";
+import { withFileLock } from "./file-lock.js";
 /** Read and parse the frozen DEFINITION.yaml from a run directory. */
 export function readFrozenDefinition(runDir: string): WorkflowDefinition {
@@ -179,24 +180,28 @@ export class CustomWorkflowEngine implements WorkflowEngine {
     state: EngineState,
     completedStep: CompletedStep,
   ): Promise<ReconcileResult> {
-    // Re-read the graph from disk so we do not overwrite concurrent
-    // workflow edits with a stale in-memory snapshot from deriveState().
-    const graph = readGraph(this.runDir);
+    const graphPath = join(this.runDir, "GRAPH.yaml");
-    // Extract stepId from "<workflowName>/<stepId>"
-    const { milestone, slice, task } = parseUnitId(completedStep.unitId);
-    const stepId = task ?? slice ?? milestone;
+    return await withFileLock(graphPath, () => {
+      // Re-read the graph from disk so we do not overwrite concurrent
+      // workflow edits with a stale in-memory snapshot from deriveState().
+      const graph = readGraph(this.runDir);
-    const updatedGraph = markStepComplete(graph, stepId);
-    writeGraph(this.runDir, updatedGraph);
+      // Extract stepId from "<workflowName>/<stepId>"
+      const { milestone, slice, task } = parseUnitId(completedStep.unitId);
+      const stepId = task ?? slice ?? milestone;
-    const allDone = updatedGraph.steps.every(
-      (s) => s.status === "complete" || s.status === "expanded",
-    );
+      const updatedGraph = markStepComplete(graph, stepId);
+      writeGraph(this.runDir, updatedGraph);
-    return {
-      outcome: allDone ? "milestone-complete" : "continue",
-    };
+      const allDone = updatedGraph.steps.every(
+        (s) => s.status === "complete" || s.status === "expanded",
+      );
+      return {
+        outcome: allDone ? "milestone-complete" : "continue",
+      };
+    });
   }
   /**

package/src/resources/extensions/gsd/file-lock.ts ADDED Viewed

@@ -0,0 +1,59 @@
+import { existsSync } from "node:fs";
+function _require(name: string) {
+  try {
+    return require(name);
+  } catch {
+    try {
+      const gsdPiRequire = require("module").createRequire(
+        require("path").join(process.cwd(), "node_modules", "gsd-pi", "index.js")
+      );
+      return gsdPiRequire(name);
+    } catch {
+      return null;
+    }
+  }
+}
+export function withFileLockSync<T>(filePath: string, fn: () => T): T {
+  const lockfile = _require("proper-lockfile");
+  if (!lockfile) return fn();
+  if (!existsSync(filePath)) return fn();
+  try {
+    const release = lockfile.lockSync(filePath, { retries: 5, stale: 10000 });
+    try {
+      return fn();
+    } finally {
+      release();
+    }
+  } catch (err: any) {
+    if (err.code === "ELOCKED") {
+      // Could not get lock after retries, let's fallback to un-locked instead of crashing the whole state machine
+      return fn();
+    }
+    throw err;
+  }
+}
+export async function withFileLock<T>(filePath: string, fn: () => Promise<T> | T): Promise<T> {
+  const lockfile = _require("proper-lockfile");
+  if (!lockfile) return await fn();
+  if (!existsSync(filePath)) return await fn();
+  try {
+    const release = await lockfile.lock(filePath, { retries: 5, stale: 10000 });
+    try {
+      return await fn();
+    } finally {
+      await release();
+    }
+  } catch (err: any) {
+    if (err.code === "ELOCKED") {
+      return await fn();
+    }
+    throw err;
+  }
+}