npm - openbot - Versions diffs - 0.3.6 → 0.4.2 - Mend

openbot 0.3.6 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

package/README.md +15 -16
package/dist/app/agent-ids.js +4 -0
package/dist/app/cli.js +1 -1
package/dist/app/config.js +10 -19
package/dist/app/server.js +208 -17
package/dist/bus/services.js +34 -124
package/dist/harness/agent-invoke-run.js +44 -0
package/dist/harness/agent-turn.js +99 -0
package/dist/harness/channel-participants.js +40 -0
package/dist/harness/constants.js +2 -0
package/dist/harness/context-meter.js +97 -0
package/dist/harness/context.js +95 -47
package/dist/harness/dispatch.js +144 -0
package/dist/harness/dispatcher.js +45 -156
package/dist/harness/history.js +177 -0
package/dist/harness/index.js +109 -0
package/dist/harness/orchestration.js +88 -0
package/dist/harness/participants.js +22 -0
package/dist/harness/run-harness.js +154 -0
package/dist/harness/run.js +98 -0
package/dist/harness/runtime-factory.js +0 -34
package/dist/harness/runtime.js +57 -0
package/dist/harness/todo-dispatch.js +51 -0
package/dist/harness/todos.js +5 -0
package/dist/harness/turn.js +79 -0
package/dist/plugins/approval/index.js +120 -149
package/dist/plugins/bash/index.js +195 -0
package/dist/plugins/delegation/index.js +121 -32
package/dist/plugins/memory/index.js +103 -14
package/dist/plugins/memory/service.js +152 -0
package/dist/plugins/openbot/context.js +125 -0
package/dist/plugins/openbot/history.js +144 -0
package/dist/plugins/openbot/index.js +71 -0
package/dist/plugins/openbot/runtime.js +381 -0
package/dist/plugins/openbot/system-prompt.js +25 -0
package/dist/plugins/plugin-manager/index.js +189 -0
package/dist/plugins/shell/index.js +2 -1
package/dist/plugins/storage/files.js +67 -0
package/dist/plugins/storage/index.js +750 -0
package/dist/plugins/storage/service.js +1316 -0
package/dist/plugins/storage-tools/index.js +2 -2
package/dist/plugins/thread-namer/index.js +72 -0
package/dist/plugins/thread-naming/generate-title.js +44 -0
package/dist/plugins/thread-naming/index.js +103 -0
package/dist/plugins/threads/index.js +114 -0
package/dist/plugins/todo/index.js +24 -25
package/dist/plugins/ui/index.js +109 -180
package/dist/registry/plugins.js +3 -9
package/dist/services/abort.js +43 -0
package/dist/services/plugins/domain.js +1 -0
package/dist/services/plugins/plugin-cache.js +9 -0
package/dist/services/plugins/registry.js +112 -0
package/dist/services/plugins/service.js +232 -0
package/dist/services/plugins/types.js +1 -0
package/dist/services/process.js +29 -0
package/dist/services/storage.js +11 -10
package/dist/services/thread-naming.js +81 -0
package/docs/agents.md +15 -12
package/docs/architecture.md +2 -2
package/docs/plugins.md +29 -17
package/docs/templates/AGENT.example.md +8 -14
package/package.json +1 -2
package/src/app/agent-ids.ts +5 -0
package/src/app/cli.ts +1 -1
package/src/app/config.ts +14 -31
package/src/app/server.ts +243 -19
package/src/app/types.ts +331 -187
package/src/harness/index.ts +166 -0
package/src/plugins/approval/index.ts +107 -188
package/src/plugins/bash/index.ts +232 -0
package/src/plugins/delegation/index.ts +139 -39
package/src/plugins/memory/index.ts +112 -15
package/src/{services/memory.ts → plugins/memory/service.ts} +1 -1
package/src/plugins/openbot/context.ts +140 -0
package/src/plugins/openbot/history.ts +158 -0
package/src/plugins/openbot/index.ts +79 -0
package/src/plugins/openbot/runtime.ts +478 -0
package/src/plugins/openbot/system-prompt.ts +27 -0
package/src/plugins/plugin-manager/index.ts +224 -0
package/src/plugins/storage/files.ts +81 -0
package/src/plugins/storage/index.ts +823 -0
package/src/{services/storage.ts → plugins/storage/service.ts} +485 -105
package/src/plugins/ui/index.ts +117 -221
package/src/services/abort.ts +46 -0
package/src/{bus/types.ts → services/plugins/domain.ts} +50 -8
package/src/services/plugins/plugin-cache.ts +13 -0
package/src/{registry/plugins.ts → services/plugins/registry.ts} +28 -28
package/src/services/plugins/service.ts +318 -0
package/src/{bus/plugin.ts → services/plugins/types.ts} +7 -3
package/src/bus/services.ts +0 -954
package/src/harness/context.ts +0 -365
package/src/harness/dispatcher.ts +0 -379
package/src/harness/mcp.ts +0 -78
package/src/harness/runtime-factory.ts +0 -129
package/src/harness/todo-advance.ts +0 -128
package/src/plugins/ai-sdk/index.ts +0 -41
package/src/plugins/ai-sdk/runtime.ts +0 -468
package/src/plugins/ai-sdk/system-prompt.ts +0 -18
package/src/plugins/mcp/index.ts +0 -128
package/src/plugins/shell/index.ts +0 -123
package/src/plugins/storage-tools/index.ts +0 -90
package/src/plugins/todo/index.ts +0 -64
package/src/services/plugins.ts +0 -133
/package/src/{harness → services}/process.ts +0 -0

package/src/harness/index.ts ADDED Viewed

@@ -0,0 +1,166 @@
+import { melony } from 'melony';
+import { OpenBotEvent, OpenBotState } from '../app/types.js';
+import { ensureEventId } from '../app/utils.js';
+import { storageService } from '../plugins/storage/service.js';
+import { STATE_AGENT_ID, ORCHESTRATOR_AGENT_ID } from '../app/agent-ids.js';
+import { resolvePlugin } from '../services/plugins/registry.js';
+import { ToolDefinition } from '../services/plugins/types.js';
+import { abortRegistry, abortKey } from '../services/abort.js';
+import { loadConfig } from '../app/config.js';
+import { getPublicBaseUrl } from '../plugins/storage/files.js';
+export { STATE_AGENT_ID, ORCHESTRATOR_AGENT_ID };
+export interface RunAgentOptions {
+  runId: string;
+  agentId: string;
+  event: OpenBotEvent;
+  channelId: string;
+  threadId?: string;
+  persistEvents?: boolean;
+  /** Resolved public base URL for the server. */
+  publicBaseUrl?: string;
+  onEvent: (event: OpenBotEvent, state?: OpenBotState) => Promise<void>;
+}
+async function emitEvent(
+  chunk: OpenBotEvent,
+  state: OpenBotState | undefined,
+  {
+    persistEvents,
+    channelId,
+    threadId,
+    onEvent,
+    parentAgentId,
+    parentToolCallId,
+  }: {
+    persistEvents: boolean;
+    channelId: string;
+    threadId?: string;
+    onEvent: RunAgentOptions['onEvent'];
+    parentAgentId?: string;
+    parentToolCallId?: string;
+  },
+): Promise<void> {
+  ensureEventId(chunk);
+  // Enrich event with parent metadata if not already present
+  if (parentAgentId || parentToolCallId) {
+    chunk.meta = {
+      ...chunk.meta,
+      parentAgentId: chunk.meta?.parentAgentId || parentAgentId,
+      parentToolCallId: chunk.meta?.parentToolCallId || parentToolCallId,
+    };
+  }
+  if (persistEvents) {
+    await storageService.storeEvent({
+      channelId: state?.channelId || channelId,
+      threadId: state?.threadId || threadId,
+      event: chunk,
+    });
+  }
+  await onEvent(chunk, state);
+}
+/**
+ * Runs a single agent turn.
+ * Fire and forget.
+ */
+export async function runAgent(options: RunAgentOptions): Promise<void> {
+  const { runId, agentId, event, channelId, threadId, onEvent } = options;
+  const persistEvents = options.persistEvents !== false;
+  let publicBaseUrl = options.publicBaseUrl;
+  if (!publicBaseUrl) {
+    const config = loadConfig();
+    const port = Number(config.port ?? process.env.PORT ?? 4132);
+    publicBaseUrl = getPublicBaseUrl(port, config.publicUrl);
+  }
+  const parentAgentId = event.meta?.parentAgentId;
+  const parentToolCallId = event.meta?.parentToolCallId;
+  const agentDetails = await storageService.getAgentDetails({ agentId });
+  const state = await storageService.getOpenBotState({
+    runId,
+    agentId,
+    channelId,
+    threadId,
+    event,
+  });
+  // Shared per-thread abort signal so a stop request cancels this run and any
+  // delegated sub-agent runs (which execute in the same channel/thread).
+  const runKey = abortKey(channelId, threadId);
+  const abortSignal = abortRegistry.acquire(runKey);
+  await emitEvent(
+    {
+      type: 'agent:run:start',
+      data: { runId, agentId, channelId, threadId },
+    } as OpenBotEvent,
+    state,
+    { persistEvents, channelId, threadId, onEvent, parentAgentId, parentToolCallId },
+  );
+  try {
+    const pluginRefs = agentDetails.pluginRefs ?? [];
+    const tools: Record<string, ToolDefinition> = {};
+    for (const ref of pluginRefs) {
+      const plugin = await resolvePlugin(ref.id);
+      if (plugin?.toolDefinitions) {
+        Object.assign(tools, plugin.toolDefinitions);
+      }
+    }
+    const builder = melony<OpenBotState, OpenBotEvent>().initialState(state);
+    for (const ref of pluginRefs) {
+      const plugin = await resolvePlugin(ref.id);
+      if (!plugin) continue;
+      builder.use(
+        plugin.factory({
+          agentId,
+          agentDetails,
+          config: ref.config ?? {},
+          storage: storageService,
+          tools,
+          publicBaseUrl,
+          abortSignal,
+        }),
+      );
+    }
+    const runtime = builder.build();
+    const generator = runtime.run(event, { runId, state });
+    for await (const outputEvent of generator) {
+      if (abortSignal.aborted) break;
+      await emitEvent(outputEvent, state, {
+        persistEvents,
+        channelId,
+        threadId,
+        onEvent,
+        parentAgentId,
+        parentToolCallId,
+      });
+    }
+  } catch (error) {
+    console.error(`[harness] Error running agent ${agentId}:`, error);
+  } finally {
+    abortRegistry.release(runKey);
+    await emitEvent(
+      {
+        type: 'agent:run:end',
+        data: { runId, agentId, channelId, threadId },
+      } as OpenBotEvent,
+      state,
+      { persistEvents, channelId, threadId, onEvent, parentAgentId, parentToolCallId },
+    );
+  }
+}

package/src/plugins/approval/index.ts CHANGED Viewed

@@ -1,228 +1,147 @@
-import { MelonyPlugin } from 'melony';
-import type { Plugin } from '../../bus/plugin.js';
-import { OpenBotEvent, OpenBotState } from '../../app/types.js';
-import { storageService } from '../../services/storage.js';
+import { randomUUID } from 'node:crypto';
+import type { Plugin } from '../../services/plugins/types.js';
+import { OpenBotEvent } from '../../app/types.js';
 /**
  * `approval` — gates protected tool calls behind a UI confirmation widget.
- *
- * Configuration is read from the per-agent plugin config in AGENT.md:
- * ```yaml
- * plugins:
- *   - id: approval
- *     config:
- *       rules:
- *         - action: action:shell_exec
- *           message: The agent wants to run a terminal command.
- *           detailKeys: [command, cwd, shell, timeoutMs]
- * ```
+ *
+ * This is a simplified version that intercepts specified actions (default: bash)
+ * and requires user approval before they are allowed to proceed.
  */
-export type ApprovalRule = {
-  action: string;
-  message?: string;
-  detailKeys?: string[];
-  hiddenKeys?: string[];
-  executeEvent?: string;
-  denyEvent?: string;
-  denyData?: Record<string, unknown>;
-};
+// In-memory tracking for pending approval IDs with TTL (shared across plugin instances)
+const pendingApprovals = new Map<string, number>();
+const TTL_MS = 4 * 60 * 60 * 1000; // 4 hours
-export const DEFAULT_APPROVAL_RULES: ApprovalRule[] = [
-  {
-    action: 'action:shell_exec',
-    denyEvent: 'action:shell_exec:result',
-    message: 'The agent wants to run a terminal command.',
-    detailKeys: ['command', 'cwd', 'shell', 'timeoutMs'],
-    hiddenKeys: ['env'],
-    denyData: {
-      exitCode: null,
-      stdout: '',
-      stderr: 'Command execution was denied by the user.',
-      timedOut: false,
-    },
-  },
-];
-type PendingApproval = {
-  id: string;
-  action: string;
-  executeEvent: string;
-  denyEvent: string;
-  denyData: Record<string, unknown>;
-  payload: Record<string, unknown>;
-  meta?: Record<string, unknown>;
-  message: string;
-  createdAt: string;
-  status: 'pending' | 'approved' | 'denied';
-};
+export const approvalPlugin: Plugin = {
+  id: 'approval',
+  name: 'Approval',
+  description: 'Gate protected tool calls behind a UI confirmation widget.',
+  factory: ({ config, storage }) => (builder) => {
+    // Actions that require approval. Defaults to bash.
+    const actionsToApprove = (config.actions as string[]) || ['action:bash'];
-const asRecord = (value: unknown): Record<string, unknown> =>
-  value && typeof value === 'object' && !Array.isArray(value)
-    ? (value as Record<string, unknown>)
-    : {};
+    for (const action of actionsToApprove) {
+      builder.intercept(action as OpenBotEvent['type'], (event, context) => {
+        // If already approved in this flow, let it pass to the actual handler
+        if (event.meta?.approvalStatus === 'approved') return event;
-const getApprovalsFromState = (state: OpenBotState): Record<string, PendingApproval> => {
-  const source = state.threadDetails?.state ?? state.channelDetails?.state;
-  const stateRecord = asRecord(source);
-  return asRecord(stateRecord.approvals) as Record<string, PendingApproval>;
-};
+        // Otherwise, intercept and ask for approval via a UI widget
+        const displayData = JSON.stringify((event as any)?.data) || '';
-const persistApprovals = async (
-  state: OpenBotState,
-  approvals: Record<string, PendingApproval>,
-): Promise<void> => {
-  if (state.threadId) {
-    await storageService.patchThreadState({
-      channelId: state.channelId,
-      threadId: state.threadId,
-      state: { approvals },
-    });
-    return;
-  }
-  await storageService.patchChannelState({
-    channelId: state.channelId,
-    state: { approvals },
-  });
-};
-const buildApprovalPlugin =
-  (rules: ApprovalRule[]): MelonyPlugin<OpenBotState, OpenBotEvent> =>
-  (builder) => {
-    for (const rule of rules) {
-      builder.on(rule.action as OpenBotEvent['type'], async function* (event, context) {
-        const meta = asRecord(event.meta);
-        if (meta.approvalStatus === 'approved') return;
-        const eventData = asRecord((event as { data?: unknown }).data);
-        const eventMeta = meta;
-        const approvalId = `approval_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
-        const widgetId = `widget_${approvalId}`;
-        const executeEvent = rule.executeEvent || rule.action;
-        const denyEvent = rule.denyEvent || `${rule.action}:result`;
-        const denyData = rule.denyData || {};
-        const hiddenKeys = new Set(rule.hiddenKeys || []);
-        const detailKeys = rule.detailKeys || Object.keys(eventData);
-        const details = detailKeys
-          .filter((key) => !hiddenKeys.has(key))
-          .map((key) => `- ${key}: ${String(eventData[key] ?? '')}`)
-          .join('\n');
-        const pendingApprovals = getApprovalsFromState(context.state);
-        pendingApprovals[approvalId] = {
-          id: approvalId,
-          action: rule.action,
-          executeEvent,
-          denyEvent,
-          denyData,
-          payload: eventData,
-          meta: eventMeta,
-          message: rule.message || `Approval required for ${rule.action}.`,
-          createdAt: new Date().toISOString(),
-          status: 'pending',
-        };
-        await persistApprovals(context.state, pendingApprovals);
+        const widgetId = randomUUID();
+        pendingApprovals.set(widgetId, Date.now());
-        yield {
+        return {
           type: 'client:ui:widget',
           data: {
-            kind: 'choice',
             widgetId,
-            title: 'Approval Required',
-            body: `${rule.message || 'A protected action requires approval.'}${
-              details ? `\n\n${details}` : ''
-            }`,
-            metadata: { type: 'approval:request', approvalId, action: rule.action },
+            kind: 'message',
+            title: `The agent wants to perform \`${action}\``,
+            body: displayData,
+            metadata: {
+              type: 'approval:request',
+              originalEvent: event,
+            },
             actions: [
               { id: 'approve', label: 'Approve', variant: 'primary' },
               { id: 'deny', label: 'Deny', variant: 'danger' },
             ],
           },
-          meta: { ...(event.meta || {}), agentId: context.state.agentId },
-        } as OpenBotEvent;
-        yield {
-          type: 'agent:output',
-          data: { content: `Waiting for approval before running \`${rule.action}\`.` },
-          meta: { ...(event.meta || {}), agentId: context.state.agentId },
+          meta: { agentId: context.state.agentId, threadId: context.state.threadId },
         } as OpenBotEvent;
-        context.suspend();
       });
     }
+    // Handle the user's response from the UI widget
     builder.on('client:ui:widget:response', async function* (event, context) {
-      const metadata = asRecord(event.data?.metadata);
-      if (metadata.type !== 'approval:request') return;
+      const { widgetId, actionId } = event.data;
+      const metadata = event.data?.metadata;
+      if (metadata?.type !== 'approval:request') return;
-      const approvalId = String(metadata.approvalId || '');
-      if (!approvalId) return;
+      // Verify the widget is still pending and hasn't expired
+      if (!widgetId || !pendingApprovals.has(widgetId)) {
+        console.warn(`[approval] Received response for unknown or already handled widget: ${widgetId}`);
+        return;
+      }
-      const approvals = getApprovalsFromState(context.state);
-      const approval = approvals[approvalId];
-      if (!approval || approval.status !== 'pending') {
-        yield {
-          type: 'agent:output',
-          data: { content: 'Approval request not found or already resolved.' },
-          meta: { ...(event.meta || {}), agentId: context.state.agentId },
-        } as OpenBotEvent;
+      const timestamp = pendingApprovals.get(widgetId)!;
+      if (Date.now() - timestamp > TTL_MS) {
+        pendingApprovals.delete(widgetId);
+        console.warn(`[approval] Received response for expired widget: ${widgetId}`);
         return;
       }
-      const approved = event.data.actionId === 'approve';
-      approvals[approvalId] = {
-        ...approval,
-        status: approved ? 'approved' : 'denied',
-      };
-      await persistApprovals(context.state, approvals);
+      // Mark as handled
+      pendingApprovals.delete(widgetId);
+      const originalEvent = metadata.originalEvent as OpenBotEvent;
+      const approved = actionId === 'approve';
+      const displayData = JSON.stringify((event as any)?.data) || '';
+      // Yield a "responded" widget update to the UI
+      yield {
+        type: 'client:ui:widget',
+        data: {
+          widgetId,
+          kind: 'message',
+          title: `Action ${approved ? 'Approved' : 'Denied'}`,
+          body: displayData,
+          state: approved ? 'submitted' : 'cancelled',
+          display: 'collapsed',
+          disabled: true,
+          actions: [], // Clear actions to disable buttons in UI
+        },
+        meta: { agentId: context.state.agentId, threadId: context.state.threadId },
+      } as OpenBotEvent;
       if (approved) {
+        // Re-emit the original event with approved status so the actual handler can run
         yield {
-          type: approval.executeEvent as OpenBotEvent['type'],
-          data: approval.payload,
+          ...originalEvent,
           meta: {
-            ...(approval.meta || {}),
-            approvalId,
+            ...(originalEvent.meta || {}),
             approvalStatus: 'approved',
           },
+        };
+      } else {
+        // Manually store the original event with denied status so it's recorded in history
+        // but NOT re-emitted to the pipeline (to avoid actual execution).
+        if (storage) {
+          await storage.storeEvent({
+            channelId: context.state.channelId,
+            threadId: context.state.threadId,
+            event: {
+              ...originalEvent,
+              meta: {
+                ...(originalEvent.meta || {}),
+                approvalStatus: 'denied',
+              },
+            },
+          });
+        }
+        // Emit a failure result event for the denied action to clear the pending tool batch
+        yield {
+          type: `${originalEvent.type}:result` as OpenBotEvent['type'],
+          data: {
+            success: false,
+            error: 'Action denied by user.',
+            stderr: 'Action denied by user.',
+            output: 'Action denied by user.',
+          },
+          meta: originalEvent.meta,
         } as OpenBotEvent;
-        return;
-      }
-      yield {
-        type: approval.denyEvent as OpenBotEvent['type'],
-        data: {
-          success: false,
-          approved: false,
-          error: 'Action denied by user approval.',
-          ...approval.denyData,
-        },
-        meta: { ...(approval.meta || {}), approvalId },
-      } as OpenBotEvent;
-      yield {
-        type: 'agent:output',
-        data: { content: 'Action denied by user approval.' },
-        meta: { ...(event.meta || {}), agentId: context.state.agentId },
-      } as OpenBotEvent;
+        yield {
+          type: 'agent:output',
+          data: { content: `Action \`${originalEvent.type}\` was denied.` },
+          meta: { agentId: context.state.agentId },
+        } as OpenBotEvent;
+      }
     });
-  };
-const readRules = (config: Record<string, unknown>): ApprovalRule[] => {
-  const raw = config.rules;
-  if (!Array.isArray(raw)) return DEFAULT_APPROVAL_RULES;
-  return raw.filter(
-    (entry): entry is ApprovalRule =>
-      !!entry && typeof entry === 'object' && typeof (entry as { action?: unknown }).action === 'string',
-  );
-};
-export const approvalPlugin: Plugin = {
-  id: 'approval',
-  name: 'Approval',
-  description: 'Gate protected tool calls (e.g. shell_exec) behind a UI confirmation prompt.',
-  factory: ({ config }) => buildApprovalPlugin(readRules(config)),
+  },
 };
 export default approvalPlugin;