melony 0.1.19 → 0.1.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/plugins/require-approval.js +48 -21
  2. package/dist/plugins/require-approval.js.map +1 -1
  3. package/package.json +1 -1
package/dist/plugins/require-approval.js CHANGED
@@ -6,27 +6,48 @@ var requireApproval = (options = {}) => {
6
6
  return plugin({
7
7
  name: "require-approval",
8
8
  /**
9
- * Step 1: Handle the resumption when the user clicks "Approve".
9
+ * Step 1: Handle the resumption when the user clicks "Approve" or "Cancel".
10
+ * We verify the one-time-use approvalId to prevent replay attacks or double-clicks.
10
11
  */
11
12
  onBeforeRun: async ({ event }, context) => {
12
- if (event.type === "action-approved") {
13
- const { action, params, token, ...rest } = event.data;
14
- if (options.secret) {
15
- const expectedToken = await signPayload(
16
- { action, params },
17
- options.secret
18
- );
19
- if (token !== expectedToken) {
20
- return {
21
- type: "error",
22
- data: {
23
- message: "Security Warning: Approval token mismatch. Execution blocked."
24
- }
25
- };
13
+ if (event.type === "action-approved" || event.type === "action-rejected") {
14
+ const { action, params, token, approvalId, ...rest } = event.data;
15
+ const pending = context.state.__pending_approvals?.[approvalId];
16
+ if (!pending) {
17
+ context.suspend();
18
+ return {
19
+ type: "error",
20
+ data: {
21
+ message: "Security Error: This approval request is invalid or has already been used."
22
+ }
23
+ };
24
+ }
25
+ delete context.state.__pending_approvals[approvalId];
26
+ if (event.type === "action-approved") {
27
+ if (options.secret) {
28
+ const expectedToken = await signPayload(
29
+ { action, params, approvalId },
30
+ options.secret
31
+ );
32
+ if (token !== expectedToken) {
33
+ return {
34
+ type: "error",
35
+ data: {
36
+ message: "Security Warning: Approval token mismatch. Execution blocked."
37
+ }
38
+ };
39
+ }
26
40
  }
41
+ context.state.__approved_action = { action, params };
42
+ return { action, params, ...rest };
27
43
  }
28
- context.state.__approved_action = { action, params };
29
- return { action, params, ...rest };
44
+ context.suspend();
45
+ return {
46
+ type: "error",
47
+ data: {
48
+ message: `Action '${action}' was rejected by the user.`
49
+ }
50
+ };
30
51
  }
31
52
  },
32
53
  /**
@@ -49,11 +70,17 @@ var requireApproval = (options = {}) => {
49
70
  return;
50
71
  }
51
72
  context.suspend();
52
- const token = options.secret ? await signPayload({ action: action.name, params }, options.secret) : void 0;
73
+ const approvalId = Math.random().toString(36).substring(2, 15);
74
+ context.state.__pending_approvals = context.state.__pending_approvals || {};
75
+ context.state.__pending_approvals[approvalId] = true;
76
+ const token = options.secret ? await signPayload(
77
+ { action: action.name, params, approvalId },
78
+ options.secret
79
+ ) : void 0;
53
80
  const message = typeof options.message === "function" ? options.message(action.name, params) : options.message || `The agent wants to execute **${action.name}**. Do you approve?`;
54
81
  return {
55
82
  type: "hitl-required",
56
- data: { ...nextAction, token },
83
+ data: { ...nextAction, token, approvalId },
57
84
  ui: ui.card({
58
85
  title: "Approval Required",
59
86
  children: [
@@ -74,7 +101,7 @@ var requireApproval = (options = {}) => {
74
101
  onClickAction: {
75
102
  role: "user",
76
103
  type: "action-approved",
77
- data: { ...nextAction, token },
104
+ data: { ...nextAction, token, approvalId },
78
105
  ui: ui.text("Approval granted")
79
106
  }
80
107
  }),
@@ -83,7 +110,7 @@ var requireApproval = (options = {}) => {
83
110
  variant: "outline",
84
111
  onClickAction: {
85
112
  type: "action-rejected",
86
- data: { action: action.name }
113
+ data: { action: action.name, approvalId }
87
114
  }
88
115
  })
89
116
  ]
package/dist/plugins/require-approval.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/plugins/require-approval.ts"],"names":[],"mappings":";;;;AAqCO,IAAM,eAAA,GAAkB,CAAC,OAAA,GAAkC,EAAC,KAAM;AACvE,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,IAAA,EAAM,kBAAA;AAAA;AAAA;AAAA;AAAA,IAKN,WAAA,EAAa,OAAO,EAAE,KAAA,IAAS,OAAA,KAAY;AACzC,MAAA,IAAI,KAAA,CAAM,SAAS,iBAAA,EAAmB;AACpC,QAAA,MAAM,EAAE,MAAA,EAAQ,MAAA,EAAQ,OAAO,GAAG,IAAA,KAAS,KAAA,CAAM,IAAA;AAGjD,QAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,UAAA,MAAM,gBAAgB,MAAM,WAAA;AAAA,YAC1B,EAAE,QAAQ,MAAA,EAAO;AAAA,YACjB,OAAA,CAAQ;AAAA,WACV;AACA,UAAA,IAAI,UAAU,aAAA,EAAe;AAC3B,YAAA,OAAO;AAAA,cACL,IAAA,EAAM,OAAA;AAAA,cACN,IAAA,EAAM;AAAA,gBACJ,OAAA,EACE;AAAA;AACJ,aACF;AAAA,UACF;AAAA,QACF;AAGA,QAAA,OAAA,CAAQ,KAAA,CAAM,iBAAA,GAAoB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAGnD,QAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,GAAG,IAAA,EAAK;AAAA,MACnC;AAAA,IACF,CAAA;AAAA;AAAA;AAAA;AAAA,IAKA,gBAAgB,OAAO,EAAE,QAAQ,MAAA,EAAQ,UAAA,IAAc,OAAA,KAAY;AAEjE,MAAA,MAAM,cAAA,GACJ,CAAC,OAAA,CAAQ,OAAA,IAAW,QAAQ,OAAA,CAAQ,QAAA,CAAS,OAAO,IAAI,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AAErB,MAAA,IAAI,QAAQ,aAAA,EAAe;AACzB,QAAA,MAAM,aAAA,GAAgB,MAAM,OAAA,CAAQ,aAAA;AAAA,UAClC,MAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,CAAC,aAAA,EAAe;AAAA,MACtB;AAGA,MAAA,MAAM,QAAA,GAAW,QAAQ,KAAA,CAAM,iBAAA;AAC/B,MAAA,IACE,QAAA,IACA,QAAA,CAAS,MAAA,KAAW,MAAA,CAAO,IAAA,IAC3B,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,MAAM,CAAA,KAAM,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA,EACzD;AACA,QAAA,OAAO,QAAQ,KAAA,CAAM,iBAAA;AACrB,QAAA;AAAA,MACF;AAGA,MAAA,OAAA,CAAQ,OAAA,EAAQ;AAEhB,MAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,GAClB,MAAM,WAAA,CAAY,EAAE,MAAA,EAAQ,MAAA,CAAO,IAAA,EAAM,MAAA,EAAO,EAAG,OAAA,CAAQ,MAAM,CAAA,GACjE,MAAA;AAEJ,MAAA,MAAM,OAAA,GACJ,OAAO,OAAA,CAAQ,OAAA,KAAY,aACvB,OAAA,CAAQ,OAAA,CAAQ,MAAA,CAAO,IAAA,EAAM,MAAM,CAAA,GACnC,OAAA,CAAQ,OAAA,IACR,CAAA,6BAAA,EAAgC,OAAO,IAAI,CAAA,mBAAA,CAAA;AAEjD,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,eAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAG,UAAA,EAAY,KAAA,EAAM;AAAA,QAC7B,EAAA,EAAI,GAAG,IAAA,CAAK;AAAA,UACV,KAAA,EAAO,mBAAA;AAAA,UACP,QAAA,EAAU;AAAA,YACR,EAAA,CAAG,KAAK,OAAO,CAAA;AAAA,YACf,GAAG,GAAA,CAAI;AAAA,cACL,OAAA,EAAS,IAAA;AAAA,cACT,UAAA,EAAY,OAAA;AAAA,cACZ,QAAA,EAAU;AAAA,gBACR,EAAA,CAAG,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,IAAA,EAAM,CAAC,CAAA,EAAG,EAAE,IAAA,EAAM,IAAA,EAAM;AAAA;AACzD,aACD,CAAA;AAAA,YACD,GAAG,GAAA,CAAI;AAAA,cACL,GAAA,EAAK,IAAA;AAAA,cACL,QAAA,EAAU;AAAA,gBACR,GAAG,MAAA,CAAO;AAAA,kBACR,KAAA,EAAO,SAAA;AAAA,kBACP,OAAA,EAAS,SAAA;AAAA,kBACT,aAAA,EAAe;AAAA,oBACb,IAAA,EAAM,MAAA;AAAA,oBACN,IAAA,EAAM,iBAAA;AAAA,oBACN,IAAA,EAAM,EAAE,GAAG,UAAA,EAAY,KAAA,EAAM;AAAA,oBAC7B,EAAA,EAAI,EAAA,CAAG,IAAA,CAAK,kBAAkB;AAAA;AAChC,iBACD,CAAA;AAAA,gBACD,GAAG,MAAA,CAAO;AAAA,kBACR,KAAA,EAAO,QAAA;AAAA,kBACP,OAAA,EAAS,SAAA;AAAA,kBACT,aAAA,EAAe;AAAA,oBACb,IAAA,EAAM,iBAAA;AAAA,oBACN,IAAA,EAAM,EAAE,MAAA,EAAQ,MAAA,CAAO,IAAA;AAAK;AAC9B,iBACD;AAAA;AACH,aACD;AAAA;AACH,SACD;AAAA,OACH;AAAA,IACF;AAAA,GACD,CAAA;AACH;AAKA,eAAe,WAAA,CAAY,MAAW,MAAA,EAAiC;AACrE,EAAA,MAAM,GAAA,GAAM,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAC/B,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,MAAM,CAAA;AACrC,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,MAAA,CAAO,GAAG,CAAA;AAErC,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AAEA,EAAA,MAAM,YAAY,MAAM,MAAA,CAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,KAAK,UAAU,CAAA;AAClE,EAAA,OAAO,IAAA,CAAK,OAAO,YAAA,CAAa,GAAG,IAAI,UAAA,CAAW,SAAS,CAAC,CAAC,CAAA;AAC/D","file":"require-approval.js","sourcesContent":["import { plugin } from \"../runtime\";\nimport { ui } from \"../types\";\nimport type { Action, RuntimeContext } from \"../types\";\n\nexport interface RequireApprovalOptions {\n /**\n * List of action names that require explicit approval.\n * If not provided, all actions will require approval.\n */\n actions?: string[];\n\n /**\n * Optional secret to sign the approval payload.\n * If provided, the plugin will verify that the parameters haven't been\n * tampered with between the request and the approval.\n */\n secret?: string;\n\n /**\n * Custom message to show in the approval card.\n */\n message?: string | ((action: string, params: any) => string);\n\n /**\n * Optional condition to check if approval is needed dynamically.\n */\n shouldApprove?: (\n action: Action<any>,\n params: any,\n context: RuntimeContext\n ) => boolean | Promise<boolean>;\n}\n\n/**\n * A plugin that intercepts actions and requires human approval before execution.\n * It uses SDUI to prompt the user and handles the resumption of the agentic loop.\n */\nexport const requireApproval = (options: RequireApprovalOptions = {}) => {\n return plugin({\n name: \"require-approval\",\n\n /**\n * Step 1: Handle the resumption when the user clicks \"Approve\".\n */\n onBeforeRun: async ({ event }, context) => {\n if (event.type === \"action-approved\") {\n const { action, params, token, ...rest } = event.data;\n\n // Security: Verify the token if a secret was provided\n if (options.secret) {\n const expectedToken = await signPayload(\n { action, params },\n options.secret\n );\n if (token !== expectedToken) {\n return {\n type: \"error\",\n data: {\n message:\n \"Security Warning: Approval token mismatch. Execution blocked.\",\n },\n };\n }\n }\n\n // Store approval in ephemeral state for the upcoming action execution\n context.state.__approved_action = { action, params };\n\n // Return the action to jump-start the loop exactly where we left off\n return { action, params, ...rest };\n }\n },\n\n /**\n * Step 2: Intercept actions that require approval.\n */\n onBeforeAction: async ({ action, params, nextAction }, context) => {\n // 1. Check if this action needs approval\n const isTargetAction =\n !options.actions || options.actions.includes(action.name);\n if (!isTargetAction) return;\n\n if (options.shouldApprove) {\n const needsApproval = await options.shouldApprove(\n action,\n params,\n context\n );\n if (!needsApproval) return;\n }\n\n // 2. Check if it was ALREADY approved in this run\n const approval = context.state.__approved_action;\n if (\n approval &&\n approval.action === action.name &&\n JSON.stringify(approval.params) === JSON.stringify(params)\n ) {\n delete context.state.__approved_action;\n return; // Proceed to execution\n }\n\n // 3. Suspend and request approval\n context.suspend();\n\n const token = options.secret\n ? await signPayload({ action: action.name, params }, options.secret)\n : undefined;\n\n const message =\n typeof options.message === \"function\"\n ? options.message(action.name, params)\n : options.message ||\n `The agent wants to execute **${action.name}**. Do you approve?`;\n\n return {\n type: \"hitl-required\",\n data: { ...nextAction, token },\n ui: ui.card({\n title: \"Approval Required\",\n children: [\n ui.text(message),\n ui.box({\n padding: \"md\",\n background: \"muted\",\n children: [\n ui.text(JSON.stringify(params, null, 2), { size: \"xs\" }),\n ],\n }),\n ui.row({\n gap: \"md\",\n children: [\n ui.button({\n label: \"Approve\",\n variant: \"success\",\n onClickAction: {\n role: \"user\",\n type: \"action-approved\",\n data: { ...nextAction, token },\n ui: ui.text(\"Approval granted\"),\n },\n }),\n ui.button({\n label: \"Cancel\",\n variant: \"outline\",\n onClickAction: {\n type: \"action-rejected\",\n data: { action: action.name },\n },\n }),\n ],\n }),\n ],\n }),\n };\n },\n });\n};\n\n/**\n * Simple HMAC signing using the Web Crypto API (supported in Node 16+ and Browsers).\n */\nasync function signPayload(data: any, secret: string): Promise<string> {\n const msg = JSON.stringify(data);\n const encoder = new TextEncoder();\n const keyData = encoder.encode(secret);\n const dataToSign = encoder.encode(msg);\n\n const key = await crypto.subtle.importKey(\n \"raw\",\n keyData,\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n\n const signature = await crypto.subtle.sign(\"HMAC\", key, dataToSign);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n"]}
1
+ {"version":3,"sources":["../../src/plugins/require-approval.ts"],"names":[],"mappings":";;;;AAqCO,IAAM,eAAA,GAAkB,CAAC,OAAA,GAAkC,EAAC,KAAM;AACvE,EAAA,OAAO,MAAA,CAAO;AAAA,IACZ,IAAA,EAAM,kBAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMN,WAAA,EAAa,OAAO,EAAE,KAAA,IAAS,OAAA,KAAY;AACzC,MAAA,IACE,KAAA,CAAM,IAAA,KAAS,iBAAA,IACf,KAAA,CAAM,SAAS,iBAAA,EACf;AACA,QAAA,MAAM,EAAE,QAAQ,MAAA,EAAQ,KAAA,EAAO,YAAY,GAAG,IAAA,KAAS,KAAA,CAAM,IAAA;AAG7D,QAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,KAAA,CAAM,mBAAA,GAAsB,UAAU,CAAA;AAC9D,QAAA,IAAI,CAAC,OAAA,EAAS;AACZ,UAAA,OAAA,CAAQ,OAAA,EAAQ;AAChB,UAAA,OAAO;AAAA,YACL,IAAA,EAAM,OAAA;AAAA,YACN,IAAA,EAAM;AAAA,cACJ,OAAA,EACE;AAAA;AACJ,WACF;AAAA,QACF;AAGA,QAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,mBAAA,CAAoB,UAAU,CAAA;AAEnD,QAAA,IAAI,KAAA,CAAM,SAAS,iBAAA,EAAmB;AAEpC,UAAA,IAAI,QAAQ,MAAA,EAAQ;AAClB,YAAA,MAAM,gBAAgB,MAAM,WAAA;AAAA,cAC1B,EAAE,MAAA,EAAQ,MAAA,EAAQ,UAAA,EAAW;AAAA,cAC7B,OAAA,CAAQ;AAAA,aACV;AACA,YAAA,IAAI,UAAU,aAAA,EAAe;AAC3B,cAAA,OAAO;AAAA,gBACL,IAAA,EAAM,OAAA;AAAA,gBACN,IAAA,EAAM;AAAA,kBACJ,OAAA,EACE;AAAA;AACJ,eACF;AAAA,YACF;AAAA,UACF;AAGA,UAAA,OAAA,CAAQ,KAAA,CAAM,iBAAA,GAAoB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAGnD,UAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,GAAG,IAAA,EAAK;AAAA,QACnC;AAGA,QAAA,OAAA,CAAQ,OAAA,EAAQ;AAChB,QAAA,OAAO;AAAA,UACL,IAAA,EAAM,OAAA;AAAA,UACN,IAAA,EAAM;AAAA,YACJ,OAAA,EAAS,WAAW,MAAM,CAAA,2BAAA;AAAA;AAC5B,SACF;AAAA,MACF;AAAA,IACF,CAAA;AAAA;AAAA;AAAA;AAAA,IAKA,gBAAgB,OAAO,EAAE,QAAQ,MAAA,EAAQ,UAAA,IAAc,OAAA,KAAY;AAEjE,MAAA,MAAM,cAAA,GACJ,CAAC,OAAA,CAAQ,OAAA,IAAW,QAAQ,OAAA,CAAQ,QAAA,CAAS,OAAO,IAAI,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AAErB,MAAA,IAAI,QAAQ,aAAA,EAAe;AACzB,QAAA,MAAM,aAAA,GAAgB,MAAM,OAAA,CAAQ,aAAA;AAAA,UAClC,MAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,CAAC,aAAA,EAAe;AAAA,MACtB;AAGA,MAAA,MAAM,QAAA,GAAW,QAAQ,KAAA,CAAM,iBAAA;AAC/B,MAAA,IACE,QAAA,IACA,QAAA,CAAS,MAAA,KAAW,MAAA,CAAO,IAAA,IAC3B,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,MAAM,CAAA,KAAM,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA,EACzD;AACA,QAAA,OAAO,QAAQ,KAAA,CAAM,iBAAA;AACrB,QAAA;AAAA,MACF;AAGA,MAAA,OAAA,CAAQ,OAAA,EAAQ;AAEhB,MAAA,MAAM,UAAA,GAAa,KAAK,MAAA,EAAO,CAAE,SAAS,EAAE,CAAA,CAAE,SAAA,CAAU,CAAA,EAAG,EAAE,CAAA;AAC7D,MAAA,OAAA,CAAQ,KAAA,CAAM,mBAAA,GACZ,OAAA,CAAQ,KAAA,CAAM,uBAAuB,EAAC;AACxC,MAAA,OAAA,CAAQ,KAAA,CAAM,mBAAA,CAAoB,UAAU,CAAA,GAAI,IAAA;AAEhD,MAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,MAAA,GAClB,MAAM,WAAA;AAAA,QACJ,EAAE,MAAA,EAAQ,MAAA,CAAO,IAAA,EAAM,QAAQ,UAAA,EAAW;AAAA,QAC1C,OAAA,CAAQ;AAAA,OACV,GACA,MAAA;AAEJ,MAAA,MAAM,OAAA,GACJ,OAAO,OAAA,CAAQ,OAAA,KAAY,aACvB,OAAA,CAAQ,OAAA,CAAQ,MAAA,CAAO,IAAA,EAAM,MAAM,CAAA,GACnC,OAAA,CAAQ,OAAA,IACR,CAAA,6BAAA,EAAgC,OAAO,IAAI,CAAA,mBAAA,CAAA;AAEjD,MAAA,OAAO;AAAA,QACL,IAAA,EAAM,eAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAG,UAAA,EAAY,OAAO,UAAA,EAAW;AAAA,QACzC,EAAA,EAAI,GAAG,IAAA,CAAK;AAAA,UACV,KAAA,EAAO,mBAAA;AAAA,UACP,QAAA,EAAU;AAAA,YACR,EAAA,CAAG,KAAK,OAAO,CAAA;AAAA,YACf,GAAG,GAAA,CAAI;AAAA,cACL,OAAA,EAAS,IAAA;AAAA,cACT,UAAA,EAAY,OAAA;AAAA,cACZ,QAAA,EAAU;AAAA,gBACR,EAAA,CAAG,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,IAAA,EAAM,CAAC,CAAA,EAAG,EAAE,IAAA,EAAM,IAAA,EAAM;AAAA;AACzD,aACD,CAAA;AAAA,YACD,GAAG,GAAA,CAAI;AAAA,cACL,GAAA,EAAK,IAAA;AAAA,cACL,QAAA,EAAU;AAAA,gBACR,GAAG,MAAA,CAAO;AAAA,kBACR,KAAA,EAAO,SAAA;AAAA,kBACP,OAAA,EAAS,SAAA;AAAA,kBACT,aAAA,EAAe;AAAA,oBACb,IAAA,EAAM,MAAA;AAAA,oBACN,IAAA,EAAM,iBAAA;AAAA,oBACN,IAAA,EAAM,EAAE,GAAG,UAAA,EAAY,OAAO,UAAA,EAAW;AAAA,oBACzC,EAAA,EAAI,EAAA,CAAG,IAAA,CAAK,kBAAkB;AAAA;AAChC,iBACD,CAAA;AAAA,gBACD,GAAG,MAAA,CAAO;AAAA,kBACR,KAAA,EAAO,QAAA;AAAA,kBACP,OAAA,EAAS,SAAA;AAAA,kBACT,aAAA,EAAe;AAAA,oBACb,IAAA,EAAM,iBAAA;AAAA,oBACN,IAAA,EAAM,EAAE,MAAA,EAAQ,MAAA,CAAO,MAAM,UAAA;AAAW;AAC1C,iBACD;AAAA;AACH,aACD;AAAA;AACH,SACD;AAAA,OACH;AAAA,IACF;AAAA,GACD,CAAA;AACH;AAKA,eAAe,WAAA,CAAY,MAAW,MAAA,EAAiC;AACrE,EAAA,MAAM,GAAA,GAAM,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAC/B,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,MAAM,CAAA;AACrC,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,MAAA,CAAO,GAAG,CAAA;AAErC,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,OAAA;AAAA,IACA,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AAEA,EAAA,MAAM,YAAY,MAAM,MAAA,CAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,KAAK,UAAU,CAAA;AAClE,EAAA,OAAO,IAAA,CAAK,OAAO,YAAA,CAAa,GAAG,IAAI,UAAA,CAAW,SAAS,CAAC,CAAC,CAAA;AAC/D","file":"require-approval.js","sourcesContent":["import { plugin } from \"../runtime\";\nimport { ui } from \"../types\";\nimport type { Action, RuntimeContext } from \"../types\";\n\nexport interface RequireApprovalOptions {\n /**\n * List of action names that require explicit approval.\n * If not provided, all actions will require approval.\n */\n actions?: string[];\n\n /**\n * Optional secret to sign the approval payload.\n * If provided, the plugin will verify that the parameters haven't been\n * tampered with between the request and the approval.\n */\n secret?: string;\n\n /**\n * Custom message to show in the approval card.\n */\n message?: string | ((action: string, params: any) => string);\n\n /**\n * Optional condition to check if approval is needed dynamically.\n */\n shouldApprove?: (\n action: Action<any>,\n params: any,\n context: RuntimeContext\n ) => boolean | Promise<boolean>;\n}\n\n/**\n * A plugin that intercepts actions and requires human approval before execution.\n * It uses SDUI to prompt the user and handles the resumption of the agentic loop.\n */\nexport const requireApproval = (options: RequireApprovalOptions = {}) => {\n return plugin({\n name: \"require-approval\",\n\n /**\n * Step 1: Handle the resumption when the user clicks \"Approve\" or \"Cancel\".\n * We verify the one-time-use approvalId to prevent replay attacks or double-clicks.\n */\n onBeforeRun: async ({ event }, context) => {\n if (\n event.type === \"action-approved\" ||\n event.type === \"action-rejected\"\n ) {\n const { action, params, token, approvalId, ...rest } = event.data;\n\n // 1. Check if this specific request exists and hasn't been used\n const pending = context.state.__pending_approvals?.[approvalId];\n if (!pending) {\n context.suspend();\n return {\n type: \"error\",\n data: {\n message:\n \"Security Error: This approval request is invalid or has already been used.\",\n },\n };\n }\n\n // 2. Consume the token immediately (Destroy after usage)\n delete context.state.__pending_approvals[approvalId];\n\n if (event.type === \"action-approved\") {\n // 3. Security: Verify the token if a secret was provided\n if (options.secret) {\n const expectedToken = await signPayload(\n { action, params, approvalId },\n options.secret\n );\n if (token !== expectedToken) {\n return {\n type: \"error\",\n data: {\n message:\n \"Security Warning: Approval token mismatch. Execution blocked.\",\n },\n };\n }\n }\n\n // 4. Store approval in ephemeral state for the upcoming action execution\n context.state.__approved_action = { action, params };\n\n // Return the action to jump-start the loop exactly where we left off\n return { action, params, ...rest };\n }\n\n // Handle Rejection\n context.suspend();\n return {\n type: \"error\",\n data: {\n message: `Action '${action}' was rejected by the user.`,\n },\n };\n }\n },\n\n /**\n * Step 2: Intercept actions that require approval.\n */\n onBeforeAction: async ({ action, params, nextAction }, context) => {\n // 1. Check if this action needs approval\n const isTargetAction =\n !options.actions || options.actions.includes(action.name);\n if (!isTargetAction) return;\n\n if (options.shouldApprove) {\n const needsApproval = await options.shouldApprove(\n action,\n params,\n context\n );\n if (!needsApproval) return;\n }\n\n // 2. Check if it was ALREADY approved in this run\n const approval = context.state.__approved_action;\n if (\n approval &&\n approval.action === action.name &&\n JSON.stringify(approval.params) === JSON.stringify(params)\n ) {\n delete context.state.__approved_action;\n return; // Proceed to execution\n }\n\n // 3. Suspend and request approval with a one-time-use nonce\n context.suspend();\n\n const approvalId = Math.random().toString(36).substring(2, 15);\n context.state.__pending_approvals =\n context.state.__pending_approvals || {};\n context.state.__pending_approvals[approvalId] = true;\n\n const token = options.secret\n ? await signPayload(\n { action: action.name, params, approvalId },\n options.secret\n )\n : undefined;\n\n const message =\n typeof options.message === \"function\"\n ? options.message(action.name, params)\n : options.message ||\n `The agent wants to execute **${action.name}**. Do you approve?`;\n\n return {\n type: \"hitl-required\",\n data: { ...nextAction, token, approvalId },\n ui: ui.card({\n title: \"Approval Required\",\n children: [\n ui.text(message),\n ui.box({\n padding: \"md\",\n background: \"muted\",\n children: [\n ui.text(JSON.stringify(params, null, 2), { size: \"xs\" }),\n ],\n }),\n ui.row({\n gap: \"md\",\n children: [\n ui.button({\n label: \"Approve\",\n variant: \"success\",\n onClickAction: {\n role: \"user\",\n type: \"action-approved\",\n data: { ...nextAction, token, approvalId },\n ui: ui.text(\"Approval granted\"),\n },\n }),\n ui.button({\n label: \"Cancel\",\n variant: \"outline\",\n onClickAction: {\n type: \"action-rejected\",\n data: { action: action.name, approvalId },\n },\n }),\n ],\n }),\n ],\n }),\n };\n },\n });\n};\n\n/**\n * Simple HMAC signing using the Web Crypto API (supported in Node 16+ and Browsers).\n */\nasync function signPayload(data: any, secret: string): Promise<string> {\n const msg = JSON.stringify(data);\n const encoder = new TextEncoder();\n const keyData = encoder.encode(secret);\n const dataToSign = encoder.encode(msg);\n\n const key = await crypto.subtle.importKey(\n \"raw\",\n keyData,\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n\n const signature = await crypto.subtle.sign(\"HMAC\", key, dataToSign);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "melony",
3
- "version": "0.1.19",
3
+ "version": "0.1.20",
4
4
  "main": "dist/index.js",
5
5
  "type": "module",
6
6
  "sideEffects": false,