npm - kiosapi - Versions diffs - 0.1.17 → 0.1.18 - Mend

kiosapi 0.1.17 → 0.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/agent/run.js CHANGED Viewed

@@ -89,8 +89,27 @@ export function loadCheckpoint() {
         return null;
     try {
         const data = JSON.parse(readFileSync(CHECKPOINT_PATH, 'utf8'));
+        // Sanitize messages from older checkpoint formats:
+        //  - Strip extra system messages (index > 0): pre-v0.1.17 auto-inject pushed a second
+        //    {role:'system'} that some providers reject when they appear mid-conversation.
+        //  - Null out content when tool_calls are present: strict OpenAI-compat providers (DeepSeek
+        //    etc.) require content:null on assistant tool-call turns; old checkpoints stored the
+        //    prefacing text alongside tool_calls which caused HTTP 400 on the next API call.
+        const [sys0, ...rest] = data.messages ?? [];
+        const sanitized = [
+            ...(sys0 ? [sys0] : []),
+            ...rest
+                .filter((m) => m.role !== 'system')
+                .map((m) => {
+                if (m.role === 'assistant' && m.tool_calls?.length) {
+                    return { ...m, content: null };
+                }
+                return m;
+            }),
+        ];
         return {
             ...data,
+            messages: sanitized,
             teamModels: data.teamModels ?? {},
             totalTokens: data.totalTokens ?? 0,
         };
@@ -373,22 +392,28 @@ export function undoLastTurn(s) {
  * agent's final text (last answer or the `selesai` summary) — useful for chaining agents in a team.
  */
 export async function runTurn(s, userText) {
-    // On the very first turn of a fresh session, append project metadata to the existing system
-    // message so the model starts oriented without needing daftar_file(".") for basic orientation.
-    // We APPEND (not push a new system message) because some providers reject requests that have
-    // more than one system-role message — a second {role:'system'} at index 1 causes HTTP 400.
+    // On the very first turn of a fresh session, append a compact project snapshot to the
+    // existing system message so the model starts oriented without calling daftar_file(".").
+    // DESIGN CONSTRAINTS:
+    //  - APPEND, never push a second system message (some providers reject role:'system' at idx>0)
+    //  - Keep total injected content small: free-tier models (Workers AI llama etc.) have 8K token
+    //    context windows; a fat system message plus a few tool results fills it up fast, causing the
+    //    upstream to return HTTP 400. Depth-2 tree (~1-2KB) is enough for high-level orientation.
     if (s.messages.filter((m) => m.role === 'user').length === 0) {
         const snippets = [];
+        // Depth 2 (not 3): shows top-level dirs + their immediate contents — enough to orient without
+        // producing 300 lines that consume half a small model's context window.
         try {
-            snippets.push(`<root-directory>\n${daftarFile('.')}\n</root-directory>`);
+            snippets.push(`<root-directory>\n${daftarFile('.', 2)}\n</root-directory>`);
         }
         catch { /* ignore */ }
-        for (const f of ['package.json', 'pyproject.toml', 'Cargo.toml', 'go.mod', 'README.md']) {
+        for (const f of ['package.json', 'pyproject.toml', 'Cargo.toml', 'go.mod']) {
             const abs = join(process.cwd(), f);
             if (existsSync(abs)) {
                 try {
                     const content = readFileSync(abs, 'utf8');
-                    snippets.push(`<file path="${f}">\n${content.slice(0, 4000)}\n</file>`);
+                    // 1500 chars: enough for name/scripts/deps, not the full lockfile prose
+                    snippets.push(`<file path="${f}">\n${content.slice(0, 1_500)}\n</file>`);
                 }
                 catch { /* unreadable — skip */ }
             }
@@ -396,8 +421,11 @@ export async function runTurn(s, userText) {
         if (snippets.length > 0) {
             const sysMsg = s.messages[0];
             if (sysMsg?.role === 'system') {
+                // Hard cap: keep total injected context under 5KB so the system message stays manageable.
+                const joined = snippets.join('\n\n');
+                const capped = joined.length > 5_000 ? `${joined.slice(0, 5_000)}\n…` : joined;
                 sysMsg.content +=
-                    `\n\n## Konteks Proyek (auto-injected — jangan panggil daftar_file(".") lagi)\n${snippets.join('\n\n')}`;
+                    `\n\n## Konteks Proyek\n${capped}`;
             }
         }
     }
@@ -527,11 +555,19 @@ export async function runTurn(s, userText) {
                 continue;
             }
             const result = await runTool(call, s.otomatis, s.model);
-            s.messages.push({ role: 'tool', content: result.output, tool_call_id: call.id });
+            // Cap what goes into the conversation history: full output can be 300 lines of directory
+            // listing or 100 KB of file content, which quickly overflows small-context-window models
+            // (Workers AI llama has ~8K token limit). The full result is already returned by runTool;
+            // truncating only the *stored* copy keeps the API payload manageable without losing info.
+            const MAX_STORED_RESULT = 5_000;
+            const stored = result.output.length > MAX_STORED_RESULT
+                ? `${result.output.slice(0, MAX_STORED_RESULT)}\n…[dipotong — gunakan path/range spesifik jika perlu lebih]`
+                : result.output;
+            s.messages.push({ role: 'tool', content: stored, tool_call_id: call.id });
             if (result.modifiedPath)
                 stepModified.add(result.modifiedPath);
             if (READ_ONLY_TOOLS.has(call.function.name))
-                toolCache.set(sig, result.output);
+                toolCache.set(sig, stored);
             if (result.done) {
                 if (stepModified.size > 0)
                     console.log(dim(`  ✎ ${[...stepModified].join(' · ')}`));

package/dist/agent/schemas.js CHANGED Viewed

@@ -198,7 +198,8 @@ Direktori kerja: ${process.cwd()}
 OS: ${osName} · ${shellNote}
 Aturan:
 - Bekerja langkah demi langkah: pakai tool untuk membaca sebelum mengubah.
-- Strategi eksplorasi: daftar_file(".") sudah tersedia di konteks awal — identifikasi file yang relevan LANGSUNG, lalu baca dengan baca_file. Jangan ulangi daftar_file pada path yang sama.
+- Strategi eksplorasi: struktur root tersedia di konteks awal — identifikasi subfolder relevan LANGSUNG, lalu baca dengan baca_file. Jangan ulangi daftar_file pada path yang sama.
+- Kedalaman daftar_file: gunakan kedalaman=2 (default) untuk subfolder besar. Kedalaman=3 hanya jika kamu sudah tahu folder itu kecil. JANGAN gunakan kedalaman=4+ kecuali diminta eksplisit.
 - JANGAN memanggil tool APAPUN dengan argumen identik lebih dari 1× dalam satu sesi. Jika tool mengembalikan peringatan cache "⚠", langsung ganti ke path atau argumen BERBEDA.
 - Path selalu relatif ke direktori kerja; akses ke luar ditolak.
 - Gunakan hapus_file/pindah_file untuk menghapus/memindahkan file (lebih aman dari jalankan del/rm).

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "kiosapi",
-  "version": "0.1.17",
+  "version": "0.1.18",
   "type": "module",
   "description": "CLI Kiosapi.id berbahasa Indonesia — bangun aplikasimu pakai API key Kiosapi (agen + multimodal).",
   "keywords": [