reasonix 0.11.2 → 0.11.3

package/dist/cli/index.js

@@ -70,6 +70,29 @@ function addProjectShellAllowed(rootDir, prefix, path5 = defaultConfigPath()) {
   cfg.projects[rootDir].shellAllowed = [...existing, trimmed];
   writeConfig(cfg, path5);
 }
+function removeProjectShellAllowed(rootDir, prefix, path5 = defaultConfigPath()) {
+  const trimmed = prefix.trim();
+  if (!trimmed) return false;
+  const cfg = readConfig(path5);
+  const existing = cfg.projects?.[rootDir]?.shellAllowed ?? [];
+  if (!existing.includes(trimmed)) return false;
+  const next = existing.filter((p) => p !== trimmed);
+  if (!cfg.projects) cfg.projects = {};
+  if (!cfg.projects[rootDir]) cfg.projects[rootDir] = {};
+  cfg.projects[rootDir].shellAllowed = next;
+  writeConfig(cfg, path5);
+  return true;
+}
+function clearProjectShellAllowed(rootDir, path5 = defaultConfigPath()) {
+  const cfg = readConfig(path5);
+  const existing = cfg.projects?.[rootDir]?.shellAllowed ?? [];
+  if (existing.length === 0) return 0;
+  if (!cfg.projects) cfg.projects = {};
+  if (!cfg.projects[rootDir]) cfg.projects[rootDir] = {};
+  cfg.projects[rootDir].shellAllowed = [];
+  writeConfig(cfg, path5);
+  return existing.length;
+}
 function loadEditMode(path5 = defaultConfigPath()) {
   const v = readConfig(path5).editMode;
   return v === "auto" ? "auto" : "review";
@@ -6760,6 +6783,159 @@ var SseTransport = class {
   }
 };
 
+// src/mcp/streamable-http.ts
+import { createParser as createParser3 } from "eventsource-parser";
+var SESSION_HEADER = "mcp-session-id";
+var StreamableHttpTransport = class {
+  url;
+  extraHeaders;
+  queue = [];
+  waiters = [];
+  controller = new AbortController();
+  /** Session id minted by server on (typically) the initialize response. */
+  sessionId = null;
+  closed = false;
+  /** Background SSE read-loops kicked off by send(); awaited on close(). */
+  streams = /* @__PURE__ */ new Set();
+  constructor(opts) {
+    this.url = opts.url;
+    this.extraHeaders = opts.headers ?? {};
+  }
+  async send(message) {
+    if (this.closed) throw new Error("MCP Streamable HTTP transport is closed");
+    const headers = {
+      "content-type": "application/json",
+      // Both accepted — server picks. application/json first signals a
+      // mild preference for the simpler shape when the response is a
+      // single message.
+      accept: "application/json, text/event-stream",
+      ...this.extraHeaders
+    };
+    if (this.sessionId !== null) headers["mcp-session-id"] = this.sessionId;
+    let res;
+    try {
+      res = await fetch(this.url, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(message),
+        signal: this.controller.signal
+      });
+    } catch (err) {
+      throw new Error(`MCP Streamable HTTP POST ${this.url} failed: ${err.message}`);
+    }
+    const serverSessionId = res.headers.get(SESSION_HEADER);
+    if (serverSessionId && this.sessionId === null) {
+      this.sessionId = serverSessionId;
+    }
+    if (res.status === 404 && this.sessionId !== null) {
+      await res.body?.cancel().catch(() => void 0);
+      throw new Error(
+        `MCP Streamable HTTP session expired (server returned 404 with Mcp-Session-Id "${this.sessionId}"). Reinitialize the client.`
+      );
+    }
+    if (!res.ok) {
+      const body = await res.text().catch(() => "");
+      throw new Error(
+        `MCP Streamable HTTP POST ${this.url} \u2192 ${res.status} ${res.statusText}${body ? `: ${body}` : ""}`
+      );
+    }
+    if (res.status === 202) {
+      await res.body?.cancel().catch(() => void 0);
+      return;
+    }
+    const ct = (res.headers.get("content-type") ?? "").toLowerCase();
+    if (ct.includes("application/json")) {
+      let parsed;
+      try {
+        parsed = await res.json();
+      } catch (err) {
+        throw new Error(`MCP Streamable HTTP body wasn't valid JSON: ${err.message}`);
+      }
+      if (Array.isArray(parsed)) {
+        for (const item of parsed) this.pushMessage(item);
+      } else {
+        this.pushMessage(parsed);
+      }
+      return;
+    }
+    if (ct.includes("text/event-stream")) {
+      if (!res.body) {
+        throw new Error("MCP Streamable HTTP SSE response had no body");
+      }
+      const stream = this.consumeStream(res.body);
+      this.streams.add(stream);
+      stream.finally(() => this.streams.delete(stream));
+      return;
+    }
+    await res.body?.cancel().catch(() => void 0);
+  }
+  async *messages() {
+    while (true) {
+      if (this.queue.length > 0) {
+        yield this.queue.shift();
+        continue;
+      }
+      if (this.closed) return;
+      const next = await new Promise((resolve12) => {
+        this.waiters.push(resolve12);
+      });
+      if (next === null) return;
+      yield next;
+    }
+  }
+  async close() {
+    if (this.closed) return;
+    this.closed = true;
+    while (this.waiters.length > 0) this.waiters.shift()(null);
+    try {
+      this.controller.abort();
+    } catch {
+    }
+    await Promise.allSettled(Array.from(this.streams));
+  }
+  /** Visible for tests — confirm session header round-trip. */
+  getSessionId() {
+    return this.sessionId;
+  }
+  // ---------- internals ----------
+  async consumeStream(body) {
+    const parser = createParser3({
+      onEvent: (ev) => {
+        const type = ev.event ?? "message";
+        if (type !== "message") return;
+        try {
+          const parsed = JSON.parse(ev.data);
+          this.pushMessage(parsed);
+        } catch {
+        }
+      }
+    });
+    const decoder = new TextDecoder();
+    try {
+      for await (const chunk of body) {
+        if (this.closed) break;
+        parser.feed(decoder.decode(chunk, { stream: true }));
+      }
+    } catch (err) {
+      if (!this.closed) {
+        this.pushMessage({
+          jsonrpc: "2.0",
+          id: null,
+          error: {
+            code: -32e3,
+            message: `Streamable HTTP stream error: ${err.message}`
+          }
+        });
+      }
+    }
+  }
+  pushMessage(msg) {
+    const waiter = this.waiters.shift();
+    if (waiter) waiter(msg);
+    else this.queue.push(msg);
+  }
+};
+
 // src/mcp/shell-split.ts
 function shellSplit(input) {
   const tokens = [];
@@ -6812,6 +6988,7 @@ function shellSplit(input) {
 // src/mcp/spec.ts
 var NAME_PREFIX = /^([a-zA-Z_][a-zA-Z0-9_]*)=(.*)$/;
 var HTTP_URL = /^https?:\/\//i;
+var STREAMABLE_PREFIX = /^streamable\+(https?:\/\/.+)$/i;
 function parseMcpSpec(input) {
   const trimmed = input.trim();
   if (!trimmed) {
@@ -6823,6 +7000,10 @@ function parseMcpSpec(input) {
   if (!body) {
     throw new Error(`MCP spec has name but no command: ${input}`);
   }
+  const streamMatch = STREAMABLE_PREFIX.exec(body);
+  if (streamMatch) {
+    return { transport: "streamable-http", name, url: streamMatch[1] };
+  }
   if (HTTP_URL.test(body)) {
     return { transport: "sse", name, url: body };
   }
@@ -11579,6 +11760,12 @@ var SLASH_COMMANDS = [
     argsHint: "[reload]",
     summary: "list active hooks (settings.json under .reasonix/) \xB7 reload re-reads from disk"
   },
+  {
+    cmd: "permissions",
+    argsHint: "[list|add <prefix>|remove <prefix|N>|clear confirm]",
+    summary: "show / edit shell allowlist (builtin read-only \xB7 per-project: ~/.reasonix/config.json)",
+    argCompleter: ["list", "add", "remove", "clear"]
+  },
   {
     cmd: "cwd",
     argsHint: "<path>",
@@ -13130,6 +13317,150 @@ var handlers9 = {
   compact
 };
 
+// src/cli/ui/slash/handlers/permissions.ts
+var permissions = (args, _loop, ctx) => {
+  const sub = (args[0] ?? "").toLowerCase();
+  const root = ctx.codeRoot;
+  const mode2 = ctx.editMode ?? null;
+  if (sub === "" || sub === "list" || sub === "ls") {
+    return { info: renderListing(root, mode2) };
+  }
+  if (!root) {
+    return {
+      info: "/permissions add / remove / clear are only available inside `reasonix code` \u2014 they edit the project-scoped allowlist (`~/.reasonix/config.json` projects[<root>].shellAllowed)."
+    };
+  }
+  if (sub === "add") {
+    const prefix = args.slice(1).join(" ").trim();
+    if (!prefix) {
+      return {
+        info: 'usage: /permissions add <prefix>   (multi-token OK: /permissions add "git push origin")'
+      };
+    }
+    const before = loadProjectShellAllowed(root);
+    if (before.includes(prefix)) {
+      return { info: `\u25B8 already allowed: ${prefix}` };
+    }
+    if (BUILTIN_ALLOWLIST.includes(prefix)) {
+      return {
+        info: `\u25B8 \`${prefix}\` is already in the builtin allowlist \u2014 no per-project entry needed. (Builtin entries are always on.)`
+      };
+    }
+    addProjectShellAllowed(root, prefix);
+    return {
+      info: `\u25B8 added: ${prefix}
+  \u2192 next \`${prefix}\` invocation runs without prompting in this project.`
+    };
+  }
+  if (sub === "remove" || sub === "rm" || sub === "delete") {
+    const target = args.slice(1).join(" ").trim();
+    if (!target) {
+      return {
+        info: "usage: /permissions remove <prefix-or-index>   (e.g. /permissions remove 3, or /permissions remove npm)"
+      };
+    }
+    const existing = loadProjectShellAllowed(root);
+    let prefix = null;
+    if (/^\d+$/.test(target)) {
+      const idx = Number.parseInt(target, 10);
+      if (idx < 1 || idx > existing.length) {
+        return {
+          info: existing.length === 0 ? "\u25B8 no project allowlist entries to remove." : `\u25B8 index out of range: ${idx} (project list has ${existing.length} entries)`
+        };
+      }
+      prefix = existing[idx - 1] ?? null;
+    } else {
+      prefix = target;
+    }
+    if (prefix === null) return { info: "\u25B8 nothing to remove." };
+    if (BUILTIN_ALLOWLIST.includes(prefix) && !existing.includes(prefix)) {
+      return {
+        info: `\u25B8 \`${prefix}\` is in the builtin allowlist (read-only). Builtin entries can't be removed at runtime \u2014 they're baked into the binary.`
+      };
+    }
+    const ok = removeProjectShellAllowed(root, prefix);
+    return {
+      info: ok ? `\u25B8 removed: ${prefix}` : `\u25B8 no such project entry: ${prefix}   (try /permissions list to see what's stored)`
+    };
+  }
+  if (sub === "clear") {
+    if ((args[1] ?? "").toLowerCase() !== "confirm") {
+      const count = loadProjectShellAllowed(root).length;
+      return {
+        info: count === 0 ? "\u25B8 project allowlist is already empty." : `about to drop ${count} project allowlist entr${count === 1 ? "y" : "ies"} for ${root}. Re-run with the word 'confirm' to proceed: /permissions clear confirm`
+      };
+    }
+    const dropped = clearProjectShellAllowed(root);
+    return {
+      info: dropped === 0 ? "\u25B8 project allowlist was already empty \u2014 nothing changed." : `\u25B8 cleared ${dropped} project allowlist entr${dropped === 1 ? "y" : "ies"}.`
+    };
+  }
+  return {
+    info: [
+      "usage: /permissions [list]                   show current state",
+      '       /permissions add <prefix>            persist (e.g. "npm run build")',
+      "       /permissions remove <prefix-or-N>    drop one entry",
+      "       /permissions clear confirm           wipe every project entry"
+    ].join("\n")
+  };
+};
+function renderListing(root, mode2) {
+  const lines = [];
+  if (mode2 === "yolo") {
+    lines.push(
+      "\u25B8 edit mode: YOLO  \u2014 every shell command auto-runs, allowlist is bypassed. /mode review to re-enable prompts."
+    );
+  } else if (mode2 === "auto") {
+    lines.push(
+      "\u25B8 edit mode: auto  \u2014 edits auto-apply, shell still gated by allowlist (or ShellConfirm prompt for non-allowlisted)."
+    );
+  } else if (mode2 === "review") {
+    lines.push(
+      "\u25B8 edit mode: review \u2014 both edits and non-allowlisted shell commands ask before running."
+    );
+  }
+  lines.push("");
+  if (root) {
+    const project = loadProjectShellAllowed(root);
+    lines.push(`Project allowlist (${project.length}) \u2014 ${root}`);
+    if (project.length === 0) {
+      lines.push('  (none \u2014 pick "always allow" on a ShellConfirm prompt to add one,');
+      lines.push("   or `/permissions add <prefix>` directly.)");
+    } else {
+      project.forEach((p, i) => {
+        lines.push(`  ${String(i + 1).padStart(2)}. ${p}`);
+      });
+    }
+  } else {
+    lines.push("Project allowlist \u2014 (no project root; chat mode shows builtin entries only)");
+  }
+  lines.push("");
+  lines.push(`Builtin allowlist (${BUILTIN_ALLOWLIST.length}) \u2014 read-only, baked in`);
+  const grouped = /* @__PURE__ */ new Map();
+  for (const entry of BUILTIN_ALLOWLIST) {
+    const head = entry.split(" ")[0] ?? entry;
+    if (!grouped.has(head)) grouped.set(head, []);
+    grouped.get(head).push(entry);
+  }
+  for (const [head, items] of grouped) {
+    if (items.length === 1 && items[0] === head) {
+      lines.push(`  \xB7 ${head}`);
+    } else {
+      const tail = items.map((i) => i.slice(head.length).trim() || "(bare)").join(", ");
+      lines.push(`  \xB7 ${head}: ${tail}`);
+    }
+  }
+  lines.push("");
+  lines.push(
+    "Subcommands: /permissions add <prefix> \xB7 /permissions remove <prefix-or-N> \xB7 /permissions clear confirm"
+  );
+  return lines.join("\n");
+}
+var handlers10 = {
+  permissions,
+  perms: permissions
+};
+
 // src/cli/ui/slash/handlers/plans.ts
 import { basename } from "path";
 var plans = (_args, loop2) => {
@@ -13209,7 +13540,7 @@ var replay = (args, loop2) => {
     }
   };
 };
-var handlers10 = {
+var handlers11 = {
   plans,
   replay
 };
@@ -13582,7 +13913,7 @@ async function readIndexMeta(rootDir) {
     return null;
   }
 }
-var handlers11 = {
+var handlers12 = {
   semantic
 };
 
@@ -13617,7 +13948,7 @@ var forget = (_args, loop2) => {
     info: ok ? `\u25B8 deleted session "${name}" \u2014 current screen still shows the conversation, but next launch starts fresh` : `could not delete session "${name}" (already gone?)`
   };
 };
-var handlers12 = {
+var handlers13 = {
   sessions,
   forget
 };
@@ -13693,7 +14024,7 @@ ${found.body}${argsLine}`;
     resubmit: payload
   };
 };
-var handlers13 = {
+var handlers14 = {
   skill,
   skills: skill
 };
@@ -13712,7 +14043,8 @@ var HANDLERS = {
   ...handlers10,
   ...handlers11,
   ...handlers12,
-  ...handlers13
+  ...handlers13,
+  ...handlers14
 };
 function handleSlash(cmd, args, loop2, ctx = {}) {
   const h = HANDLERS[cmd];
@@ -16513,7 +16845,7 @@ async function chatCommand(opts) {
       try {
         const spec = parseMcpSpec(raw);
         const prefix = spec.name ? `${spec.name}_` : requestedSpecs.length === 1 && opts.mcpPrefix ? opts.mcpPrefix : "";
-        const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
+        const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : spec.transport === "streamable-http" ? new StreamableHttpTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
         const mcp3 = new McpClient({ transport });
         await mcp3.initialize();
         const bridge = await bridgeMcpTools(mcp3, {
@@ -16535,7 +16867,7 @@ async function chatCommand(opts) {
           };
         }
         const label = spec.name ?? "anon";
-        const source = spec.transport === "sse" ? spec.url : `${spec.command} ${spec.args.join(" ")}`;
+        const source = spec.transport === "sse" || spec.transport === "streamable-http" ? spec.url : `${spec.command} ${spec.args.join(" ")}`;
         process.stderr.write(
           `\u25B8 MCP[${label}]: ${bridge.registeredNames.length} tool(s) from ${source}
 `
@@ -17664,7 +17996,7 @@ function makeTtyWriter() {
 // src/cli/commands/mcp-inspect.ts
 async function mcpInspectCommand(opts) {
   const spec = parseMcpSpec(opts.spec);
-  const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
+  const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : spec.transport === "streamable-http" ? new StreamableHttpTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
   const client = new McpClient({ transport });
   try {
     await client.initialize();
@@ -17996,11 +18328,11 @@ async function runCommand2(opts) {
       try {
         const spec = parseMcpSpec(raw);
         const prefix2 = spec.name ? `${spec.name}_` : requestedSpecs.length === 1 && opts.mcpPrefix ? opts.mcpPrefix : "";
-        const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
+        const transport = spec.transport === "sse" ? new SseTransport({ url: spec.url }) : spec.transport === "streamable-http" ? new StreamableHttpTransport({ url: spec.url }) : new StdioTransport({ command: spec.command, args: spec.args });
         const mcp3 = new McpClient({ transport });
         await mcp3.initialize();
         const bridge = await bridgeMcpTools(mcp3, { registry: tools, namePrefix: prefix2 });
-        const source = spec.transport === "sse" ? spec.url : `${spec.command} ${spec.args.join(" ")}`;
+        const source = spec.transport === "sse" || spec.transport === "streamable-http" ? spec.url : `${spec.command} ${spec.args.join(" ")}`;
         process.stderr.write(
           `\u25B8 MCP[${spec.name ?? "anon"}]: ${bridge.registeredNames.length} tool(s) from ${source}
 `