npm - openbot - Versions diffs - 0.1.27 → 0.1.28 - Mend

openbot 0.1.27 → 0.1.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/agents/os-agent.js +9 -1
package/dist/cli.js +1 -1
package/dist/open-bot.js +7 -0
package/dist/plugins/approval/index.js +99 -0
package/dist/registry/plugin-loader.js +1 -1
package/dist/ui/settings.js +2 -2
package/package.json +2 -2

package/dist/agents/os-agent.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { llmPlugin } from "../plugins/llm/index.js";
 import { shellPlugin, shellToolDefinitions } from "../plugins/shell/index.js";
 import { fileSystemPlugin, fileSystemToolDefinitions } from "../plugins/file-system/index.js";
+import approvalPlugin from "../plugins/approval/index.js";
 const DEFAULT_SYSTEM_PROMPT = `You are an OS Agent with access to the shell and file system.
 Your job is to help the user with file operations and command execution.
 You can read, write, list, and delete files, as well as execute shell commands.
@@ -11,12 +12,19 @@ export const osAgent = (options) => (builder) => {
     builder
         .use(shellPlugin({ cwd }))
         .use(fileSystemPlugin({ baseDir: "/" }))
+        .use(approvalPlugin({
+        rules: [
+            { action: "action:executeCommand", message: "The agent wants to execute a terminal command. Please review carefully." },
+            { action: "action:writeFile", message: "The agent wants to write to a file." },
+            { action: "action:deleteFile", message: "The agent wants to delete a file." },
+        ],
+    }))
         .use(llmPlugin({
         model,
         system: systemPrompt,
         toolDefinitions: {
             ...shellToolDefinitions,
-            ...fileSystemToolDefinitions,
+            ...fileSystemToolDefinitions
         },
         promptInputType: "agent:os:input",
         actionResultInputType: "agent:os:result",

package/dist/cli.js CHANGED Viewed

@@ -13,7 +13,7 @@ const program = new Command();
 program
     .name("openbot")
     .description("OpenBot CLI - Secure and easy configuration")
-    .version("0.1.26");
+    .version("0.1.28");
 /**
  * Check if a GitHub repository exists.
  */

package/dist/open-bot.js CHANGED Viewed

@@ -14,6 +14,7 @@ import { z } from "zod";
 // Plugin imports for the registry
 import { shellPlugin, shellToolDefinitions } from "./plugins/shell/index.js";
 import { fileSystemPlugin, fileSystemToolDefinitions } from "./plugins/file-system/index.js";
+import { approvalPlugin } from "./plugins/approval/index.js";
 // Registry
 import { PluginRegistry, AgentRegistry, discoverYamlAgents, loadPluginsFromDir } from "./registry/index.js";
 /**
@@ -45,6 +46,12 @@ export async function createOpenBot(options) {
         toolDefinitions: fileSystemToolDefinitions,
         factory: () => fileSystemPlugin({ baseDir: "/" }),
     });
+    pluginRegistry.register({
+        name: "approval",
+        description: "Require user approval for specific actions",
+        toolDefinitions: {},
+        factory: (options) => approvalPlugin(options),
+    });
     // ─── Shared Plugins ──────────────────────────────────────────────
     // Load community/user plugins from ~/.openbot/plugins/
     const sharedPlugins = await loadPluginsFromDir(path.join(resolvedBaseDir, "plugins"));

package/dist/plugins/approval/index.js ADDED Viewed

@@ -0,0 +1,99 @@
+import { generateId } from "melony";
+import { ui } from "@melony/ui-kit/server";
+/**
+ * Approval Plugin for OpenBot.
+ * Intercepts specific actions and requires user approval before proceeding.
+ * Optimized using the new melony intercept() feature.
+ */
+export const approvalPlugin = (options) => (builder) => {
+    const { rules = [] } = options;
+    // Register an interceptor that runs before any handlers.
+    // This is the correct way to handle HITL/Approval in Melony.
+    builder.intercept(async (event, { state, suspend }) => {
+        // Skip if already approved or if it's an internal approval event
+        // We cast event to any to access the meta property which is used for internal state tracking
+        const meta = event.meta;
+        if (meta?.approved ||
+            event.type === "action:approve" ||
+            event.type === "action:deny" ||
+            event.type === "ui" ||
+            event.type.endsWith(":status")) {
+            return;
+        }
+        const rule = rules.find(r => event.type.startsWith(r.action));
+        if (!rule)
+            return;
+        const approvalId = `approve_${generateId()}`;
+        if (!state.pendingApprovals) {
+            state.pendingApprovals = {};
+        }
+        state.pendingApprovals[approvalId] = event;
+        // Use suspend(event) to emit the UI and halt execution of any handlers for this event.
+        // This effectively "pauses" the run for user input.
+        suspend(ui.event(ui.card({
+            title: "Approval Required",
+            description: rule.message || `Approval required for: ${event.type}`,
+        }, [
+            ui.text(JSON.stringify(event.data, null, 2), { size: "xs" }),
+            ui.row({ gap: "sm" }, [
+                ui.button({
+                    label: "Approve",
+                    variant: "primary",
+                    onClickAction: {
+                        type: "action:approve",
+                        data: { id: approvalId }
+                    }
+                }),
+                ui.button({
+                    label: "Deny",
+                    variant: "outline",
+                    onClickAction: {
+                        type: "action:deny",
+                        data: { id: approvalId }
+                    }
+                }),
+            ]),
+        ])));
+    });
+    // Handle Approval response from user
+    builder.on("action:approve", async function* (event, { state }) {
+        const { id } = event.data;
+        const originalEvent = state.pendingApprovals?.[id];
+        if (originalEvent) {
+            delete state.pendingApprovals[id];
+            yield ui.event(ui.status("Action approved", "success"));
+            // Re-emit the original event with approved: true.
+            // The interceptor will see it, but bypass because of meta.approved.
+            // Then the appropriate handlers for the event will finally run.
+            yield {
+                ...originalEvent,
+                meta: {
+                    ...originalEvent.meta,
+                    approved: true,
+                },
+            };
+        }
+    });
+    // Handle Denial response from user
+    builder.on("action:deny", async function* (event, { state }) {
+        const { id } = event.data;
+        const originalEvent = state.pendingApprovals?.[id];
+        if (originalEvent) {
+            delete state.pendingApprovals[id];
+            yield ui.event(ui.status("Action denied", "error"));
+            // If it was a tool call (action:*), return a taskResult error so the LLM knows it failed
+            if (originalEvent.data?.toolCallId) {
+                yield {
+                    type: "action:taskResult",
+                    data: {
+                        action: originalEvent.type.replace("action:", ""),
+                        toolCallId: originalEvent.data.toolCallId,
+                        result: { error: "Action denied by user" },
+                        success: false,
+                    },
+                };
+            }
+        }
+    });
+};
+export default approvalPlugin;

package/dist/registry/plugin-loader.js CHANGED Viewed

@@ -39,7 +39,7 @@ export async function ensurePluginReady(pluginDir) {
         // 1. Install dependencies if node_modules is missing
         if (!hasNodeModules) {
             console.log(`[plugins] Installing dependencies for ${path.basename(pluginDir)}...`);
-            execSync("npm install --production", { cwd: pluginDir, stdio: "inherit" });
+            execSync("npm install", { cwd: pluginDir, stdio: "inherit" });
         }
         // 2. Run build if dist is missing but build script exists
         const distPath = path.join(pluginDir, "dist");

package/dist/ui/settings.js CHANGED Viewed

@@ -32,9 +32,9 @@ export const settingsUI = async () => {
                         ui.heading("Model Configuration", 4),
                         ui.col({ gap: "sm" }, [
                             ui.input("model", undefined, {
-                                placeholder: "e.g. gpt-4o-mini",
+                                placeholder: "provider/model (e.g. openai/gpt-4o)",
                                 width: "full",
-                                defaultValue: config.model || "gpt-4o-mini"
+                                defaultValue: config.model || "openai/gpt-4o-mini"
                             }),
                         ]),
                     ]),

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openbot",
-  "version": "0.1.27",
+  "version": "0.1.28",
   "private": false,
   "type": "module",
   "bin": {
@@ -18,7 +18,7 @@
     "express": "^4.19.2",
     "gray-matter": "^4.0.3",
     "js-yaml": "^4.1.1",
-    "melony": "^0.2.8",
+    "melony": "^0.2.9",
     "zod": "^4.3.5"
   },
   "devDependencies": {