salmon-loop 0.3.0 → 0.3.1

package/dist/core/mcp/client/lifecycle.js

@@ -0,0 +1,13 @@
+export async function withMcpConnections(manager, fn) {
+    await manager.startAll();
+    try {
+        return await fn();
+    }
+    finally {
+        await manager.stopAll();
+    }
+}
+export async function stopMcpConnections(manager) {
+    await manager.stopAll();
+}
+//# sourceMappingURL=lifecycle.js.map

package/dist/core/mcp/client/transport-factory.js

@@ -0,0 +1,168 @@
+import { PassThrough } from 'node:stream';
+import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
+import { ReadBuffer, serializeMessage } from '@modelcontextprotocol/sdk/shared/stdio.js';
+import { spawnInteractiveProcess } from '../../runtime/process-runner.js';
+export function buildStrictStdioEnvironment(env) {
+    return { ...env };
+}
+export class StrictStdioClientTransport {
+    server;
+    child;
+    readBuffer = new ReadBuffer();
+    stderrStream = new PassThrough();
+    onclose;
+    onerror;
+    onmessage;
+    constructor(server) {
+        this.server = server;
+    }
+    get stderr() {
+        return this.stderrStream;
+    }
+    get pid() {
+        return this.child?.pid ?? null;
+    }
+    async start() {
+        if (this.child) {
+            throw new Error('StrictStdioClientTransport already started');
+        }
+        await new Promise((resolve, reject) => {
+            let settled = false;
+            const child = spawnInteractiveProcess({
+                command: this.server.command,
+                args: this.server.args,
+                cwd: this.server.cwd,
+                env: buildStrictStdioEnvironment(this.server.env),
+                windowsHide: true,
+            });
+            this.child = child;
+            const failStart = (error) => {
+                const normalizedError = error instanceof Error ? error : new Error(String(error));
+                if (!settled) {
+                    settled = true;
+                    reject(normalizedError);
+                }
+                this.onerror?.(normalizedError);
+            };
+            child.once('error', failStart);
+            child.once('spawn', () => {
+                if (!settled) {
+                    settled = true;
+                    resolve();
+                }
+            });
+            child.once('close', () => {
+                this.child = undefined;
+                this.onclose?.();
+            });
+            if (!child.stdin || !child.stdout) {
+                failStart(new Error('MCP stdio transport failed to open stdio streams'));
+                return;
+            }
+            child.stdin?.on?.('error', (error) => this.onerror?.(error instanceof Error ? error : new Error(String(error))));
+            child.stdout.on('data', (chunk) => {
+                this.readBuffer.append(chunk);
+                this.processReadBuffer();
+            });
+            child.stdout.on('error', (error) => this.onerror?.(error instanceof Error ? error : new Error(String(error))));
+            child.stderr?.pipe(this.stderrStream, { end: false });
+        });
+    }
+    async close() {
+        const child = this.child;
+        if (!child) {
+            this.readBuffer.clear();
+            return;
+        }
+        this.child = undefined;
+        const closePromise = new Promise((resolve) => {
+            child.once('close', () => resolve());
+        });
+        try {
+            child.stdin?.end?.();
+        }
+        catch {
+            // best-effort shutdown
+        }
+        await Promise.race([closePromise, unrefTimeout(2_000)]);
+        if (child.exitCode === null) {
+            try {
+                child.kill('SIGTERM');
+            }
+            catch {
+                // best-effort shutdown
+            }
+            await Promise.race([closePromise, unrefTimeout(2_000)]);
+        }
+        if (child.exitCode === null) {
+            try {
+                child.kill('SIGKILL');
+            }
+            catch {
+                // best-effort shutdown
+            }
+        }
+        this.readBuffer.clear();
+    }
+    async send(message) {
+        const child = this.child;
+        if (!child)
+            throw new Error('MCP stdio transport is not connected');
+        const stdin = child.stdin;
+        if (!stdin)
+            throw new Error('MCP stdio transport stdin is not available');
+        await new Promise((resolve, reject) => {
+            const onError = (error) => {
+                stdin.off?.('error', onError);
+                reject(error);
+            };
+            stdin.once?.('error', onError);
+            if (stdin.write?.(serializeMessage(message))) {
+                stdin.off?.('error', onError);
+                resolve();
+                return;
+            }
+            stdin.once?.('drain', () => {
+                stdin.off?.('error', onError);
+                resolve();
+            });
+        });
+    }
+    processReadBuffer() {
+        while (true) {
+            try {
+                const message = this.readBuffer.readMessage();
+                if (message === null)
+                    break;
+                this.onmessage?.(message);
+            }
+            catch (error) {
+                this.onerror?.(error instanceof Error ? error : new Error(String(error)));
+            }
+        }
+    }
+}
+export function createMcpTransport(server) {
+    if (server.transport.type === 'http') {
+        return new StreamableHTTPClientTransport(new URL(server.transport.url), {
+            requestInit: {
+                headers: server.transport.headers,
+            },
+        });
+    }
+    const transport = new StrictStdioClientTransport({
+        command: server.transport.command,
+        args: server.transport.args,
+        env: server.transport.env,
+        cwd: server.transport.cwd,
+    });
+    transport.stderr.on('data', () => { });
+    return transport;
+}
+function unrefTimeout(ms) {
+    return new Promise((resolve) => {
+        const timer = setTimeout(resolve, ms);
+        timer.unref?.();
+    });
+}
+//# sourceMappingURL=transport-factory.js.map

package/dist/core/mcp/config/index.js

@@ -0,0 +1,32 @@
+import { expandHome, resolveRepoRelative, resolveUserRelative } from '../../extensions/paths.js';
+export { McpCapabilitiesV2Schema, McpConfigV2Schema, McpServerEntryV2Schema, } from './schema-v2.js';
+function resolvePathForScope(value, scope, repoRoot) {
+    if (!value)
+        return undefined;
+    const expanded = expandHome(value);
+    return scope === 'repo' ? resolveRepoRelative(repoRoot, expanded) : resolveUserRelative(expanded);
+}
+function defaultEnabled(scope) {
+    return scope === 'repo';
+}
+export function buildResolvedMcpServersV2(entries, repoRoot) {
+    return entries.map((entry) => {
+        const source = entry.entry;
+        const transport = source.transport.type === 'stdio'
+            ? {
+                ...source.transport,
+                cwd: resolvePathForScope(source.transport.cwd, entry.scope, repoRoot),
+            }
+            : source.transport;
+        return {
+            name: entry.key,
+            enabled: source.enabled ?? defaultEnabled(entry.scope),
+            transport,
+            auth: source.auth,
+            trust: source.trust,
+            capabilities: source.capabilities,
+            scope: entry.scope,
+        };
+    });
+}
+//# sourceMappingURL=index.js.map

package/dist/core/mcp/config/schema-v2.js

@@ -0,0 +1,129 @@
+import { z } from 'zod';
+import { Phase } from '../../types/runtime.js';
+const phases = Object.values(Phase);
+const transportSchema = z.discriminatedUnion('type', [
+    z
+        .object({
+        type: z.literal('stdio'),
+        command: z.string().min(1),
+        args: z.array(z.string()).optional().default([]),
+        env: z.record(z.string(), z.string()),
+        cwd: z.string().optional(),
+    })
+        .strict(),
+    z
+        .object({
+        type: z.literal('http'),
+        url: z.string().url(),
+        headers: z.record(z.string(), z.string()).optional().default({}),
+    })
+        .strict(),
+]);
+const authSchema = z
+    .object({
+    type: z.enum(['none', 'oauth']).optional().default('none'),
+    scopes: z.array(z.string()).optional().default([]),
+})
+    .strict()
+    .default({ type: 'none', scopes: [] });
+const toolsCapabilitySchema = z
+    .object({
+    exposeToModel: z.boolean().optional().default(false),
+    allow: z.array(z.string()).optional().default([]),
+    phases: z.array(z.enum(phases)).optional().default([]),
+    approval: z
+        .enum(['never', 'ask', 'write_requires_confirmation'])
+        .optional()
+        .default('ask'),
+    sideEffectOverrides: z
+        .record(z.string(), z.array(z.enum([
+        'none',
+        'fs_read',
+        'fs_write',
+        'runtime_write',
+        'process',
+        'network',
+        'git_read',
+        'git_write',
+        'snapshot_mutate',
+    ])))
+        .optional(),
+})
+    .strict();
+const resourcesCapabilitySchema = z
+    .object({
+    allowUris: z.array(z.string()).optional().default([]),
+    autoInclude: z.boolean().optional().default(false),
+    subscribe: z.boolean().optional().default(false),
+    maxBytes: z.number().int().positive().optional().default(64_000),
+    ttlMs: z.number().int().nonnegative().optional().default(30_000),
+})
+    .strict();
+const promptsCapabilitySchema = z
+    .object({
+    exposeAs: z
+        .enum(['slash', 'recipe', 'none'])
+        .optional()
+        .default('none'),
+    allow: z.array(z.string()).optional().default([]),
+})
+    .strict();
+const rootsCapabilitySchema = z
+    .object({
+    mode: z
+        .enum(['none', 'repo', 'worktree'])
+        .optional()
+        .default('none'),
+})
+    .strict();
+const samplingCapabilitySchema = z
+    .object({
+    enabled: z.boolean().optional().default(false),
+    maxTokens: z.number().int().nonnegative().optional().default(0),
+    maxDepth: z.number().int().nonnegative().optional().default(0),
+})
+    .strict();
+const elicitationCapabilitySchema = z
+    .object({
+    enabled: z.boolean().optional().default(false),
+})
+    .strict();
+export const McpCapabilitiesV2Schema = z
+    .object({
+    tools: toolsCapabilitySchema.optional(),
+    resources: resourcesCapabilitySchema.optional(),
+    prompts: promptsCapabilitySchema.optional(),
+    roots: rootsCapabilitySchema.optional(),
+    sampling: samplingCapabilitySchema.optional(),
+    elicitation: elicitationCapabilitySchema.optional(),
+})
+    .strict()
+    .optional()
+    .transform((value) => ({
+    tools: toolsCapabilitySchema.parse(value?.tools ?? {}),
+    resources: resourcesCapabilitySchema.parse(value?.resources ?? {}),
+    prompts: promptsCapabilitySchema.parse(value?.prompts ?? {}),
+    roots: rootsCapabilitySchema.parse(value?.roots ?? {}),
+    sampling: samplingCapabilitySchema.parse(value?.sampling ?? {}),
+    elicitation: elicitationCapabilitySchema.parse(value?.elicitation ?? {}),
+}));
+export const McpServerEntryV2Schema = z
+    .object({
+    enabled: z.boolean().optional(),
+    transport: transportSchema,
+    auth: authSchema,
+    trust: z.enum(['local', 'remote']).optional(),
+    capabilities: McpCapabilitiesV2Schema,
+})
+    .strict()
+    .transform((value) => ({
+    ...value,
+    trust: value.trust ?? (value.transport.type === 'stdio' ? 'local' : 'remote'),
+}));
+export const McpConfigV2Schema = z
+    .object({
+    version: z.literal(2),
+    servers: z.record(z.string(), McpServerEntryV2Schema).optional().default({}),
+})
+    .strict();
+//# sourceMappingURL=schema-v2.js.map

package/dist/core/mcp/host/elicitation-provider.js

@@ -0,0 +1,209 @@
+import { redactSensitiveValue } from '../../security/redaction.js';
+function isElicitationOptions(value) {
+    return Boolean(value &&
+        typeof value === 'object' &&
+        'userInputProvider' in value &&
+        !('decideElicitation' in value));
+}
+function option(label, description) {
+    return { label, description: description || label };
+}
+function enumValues(schema) {
+    if (Array.isArray(schema.enum) && schema.enum.every((value) => typeof value === 'string')) {
+        return schema.enum;
+    }
+    if (Array.isArray(schema.oneOf) &&
+        schema.oneOf.every((value) => value &&
+            typeof value === 'object' &&
+            typeof value.const === 'string')) {
+        return schema.oneOf.map((value) => String(value.const));
+    }
+    return undefined;
+}
+function arrayEnumValues(schema) {
+    if (schema.type !== 'array' || !schema.items || typeof schema.items !== 'object') {
+        return undefined;
+    }
+    const items = schema.items;
+    if (Array.isArray(items.enum) && items.enum.every((value) => typeof value === 'string')) {
+        return items.enum;
+    }
+    if (Array.isArray(items.anyOf) &&
+        items.anyOf.every((value) => value &&
+            typeof value === 'object' &&
+            typeof value.const === 'string')) {
+        return items.anyOf.map((value) => String(value.const));
+    }
+    return undefined;
+}
+function questionHeader(key, schema) {
+    return String(schema.title || key);
+}
+function questionText(key, schema, required) {
+    const description = typeof schema.description === 'string' ? schema.description : '';
+    const suffix = required ? '' : ' (optional)';
+    return description || `${questionHeader(key, schema)}${suffix}`;
+}
+function buildQuestionForProperty(key, schema, required) {
+    if (schema.type === 'boolean') {
+        return {
+            question: questionText(key, schema, required),
+            header: questionHeader(key, schema),
+            options: [option('true', 'Yes'), option('false', 'No')],
+            multiSelect: false,
+        };
+    }
+    const values = schema.type === 'array' ? arrayEnumValues(schema) : enumValues(schema);
+    if (values && values.length >= 2 && values.length <= 4) {
+        return {
+            question: questionText(key, schema, required),
+            header: questionHeader(key, schema),
+            options: values.map((value) => option(value)),
+            multiSelect: schema.type === 'array',
+        };
+    }
+    return undefined;
+}
+function buildFormQuestions(params) {
+    const required = new Set(params.requestedSchema.required ?? []);
+    const questions = [];
+    const keyByQuestion = new Map();
+    for (const [key, schema] of Object.entries(params.requestedSchema.properties)) {
+        const question = buildQuestionForProperty(key, schema, required.has(key));
+        if (!question)
+            return undefined;
+        questions.push(question);
+        keyByQuestion.set(question.question, key);
+    }
+    if (questions.length === 0)
+        return undefined;
+    return { input: { questions }, keyByQuestion };
+}
+function buildUrlQuestion(params) {
+    const question = {
+        question: params.message,
+        header: 'MCP URL request',
+        options: [option('accept', params.url), option('decline', 'Decline')],
+        multiSelect: false,
+    };
+    return {
+        input: { questions: [question] },
+        keyByQuestion: new Map([[question.question, 'url']]),
+    };
+}
+function responseContent(output, keyByQuestion) {
+    const content = {};
+    for (const [question, answer] of Object.entries(output.answers)) {
+        const key = keyByQuestion.get(question);
+        if (!key)
+            continue;
+        if (answer.includes(',')) {
+            content[key] = answer
+                .split(',')
+                .map((part) => part.trim())
+                .filter(Boolean);
+        }
+        else if (answer === 'true') {
+            content[key] = true;
+        }
+        else if (answer === 'false') {
+            content[key] = false;
+        }
+        else {
+            content[key] = answer;
+        }
+    }
+    return content;
+}
+async function askUser(provider, input, options = {}) {
+    return provider.askUser(input, { signal: options.signal });
+}
+export class McpElicitationProvider {
+    policy;
+    userInputProvider;
+    constructor(optionsOrPolicy, userInputProvider) {
+        if (isElicitationOptions(optionsOrPolicy) || !optionsOrPolicy) {
+            this.userInputProvider = optionsOrPolicy?.userInputProvider;
+            return;
+        }
+        this.policy = optionsOrPolicy;
+        this.userInputProvider = userInputProvider;
+    }
+    async ask(input) {
+        if (!this.policy)
+            throw new Error('MCP_ELICITATION_POLICY_UNAVAILABLE');
+        const decision = this.policy.decideElicitation(input.server);
+        if (!decision.allowed)
+            throw new Error(decision.denyReason ?? 'MCP_ELICITATION_DENIED');
+        if (!this.userInputProvider)
+            throw new Error('MCP_ELICITATION_UNAVAILABLE');
+        const questions = input.questions.map((question) => ({
+            question: question.id,
+            header: question.label,
+            options: [option('answer', question.label), option('skip', 'Skip')],
+            multiSelect: false,
+        }));
+        const response = await askUser(this.userInputProvider, { questions });
+        return {
+            answers: response.answers,
+            audit: {
+                server: input.server,
+                questionCount: input.questions.length,
+                answeredCount: Object.keys(response.answers).length,
+            },
+        };
+    }
+    async elicit(params, options = {}) {
+        const mode = params.mode === 'url' ? 'url' : 'form';
+        const sanitizedRequest = redactSensitiveValue(params).value;
+        if (!this.userInputProvider) {
+            return {
+                result: { action: 'decline' },
+                audit: {
+                    event: 'mcp.elicitation.create',
+                    mode,
+                    action: 'decline',
+                    questionCount: 0,
+                    request: sanitizedRequest,
+                    deniedReason: 'provider_unavailable',
+                },
+            };
+        }
+        const built = mode === 'url'
+            ? buildUrlQuestion(params)
+            : buildFormQuestions(params);
+        if (!built) {
+            return {
+                result: { action: 'decline' },
+                audit: {
+                    event: 'mcp.elicitation.create',
+                    mode,
+                    action: 'decline',
+                    questionCount: 0,
+                    request: sanitizedRequest,
+                    deniedReason: 'unsupported_schema',
+                },
+            };
+        }
+        const output = await askUser(this.userInputProvider, built.input, { signal: options.signal });
+        const content = responseContent(output, built.keyByQuestion);
+        const action = mode === 'url' && content.url === 'decline'
+            ? 'decline'
+            : Object.keys(content).length > 0
+                ? 'accept'
+                : 'cancel';
+        const result = action === 'accept' ? { action, content: mode === 'url' ? undefined : content } : { action };
+        return {
+            result,
+            audit: {
+                event: 'mcp.elicitation.create',
+                mode,
+                action,
+                questionCount: built.input.questions.length,
+                request: sanitizedRequest,
+                response: redactSensitiveValue(result).value,
+            },
+        };
+    }
+}
+//# sourceMappingURL=elicitation-provider.js.map

package/dist/core/mcp/host/roots-provider.js

@@ -0,0 +1,70 @@
+import { pathToFileURL } from 'node:url';
+const WRITE_MODES = new Set(['patch', 'debug', 'autopilot']);
+function rootName(kind, flowMode) {
+    if (kind === 'worktreeRoot')
+        return flowMode ? `${flowMode}-worktree` : 'worktree';
+    return 'repository';
+}
+function toRoot(path, kind, flowMode) {
+    return {
+        uri: pathToFileURL(path).toString(),
+        name: rootName(kind, flowMode),
+        _meta: {
+            kind,
+            flowMode,
+        },
+    };
+}
+function mapMode(input) {
+    if (input.mode === 'none')
+        return 'none';
+    if (input.mode === 'worktree')
+        return 'write';
+    if (input.mode === 'repo') {
+        return WRITE_MODES.has(input.flowMode ?? 'patch') ? 'write' : 'read-only';
+    }
+    return input.mode ?? 'none';
+}
+function buildResult(input) {
+    const mode = mapMode(input);
+    const audit = {
+        event: 'mcp.roots.list',
+        mode,
+        flowMode: input.flowMode,
+        exposed: [],
+    };
+    if (mode === 'none') {
+        audit.deniedReason = 'none_mode';
+        return { roots: [], _meta: { audit } };
+    }
+    if (mode === 'read-only') {
+        audit.exposed.push('repoRoot');
+        return {
+            roots: [toRoot(input.repoRoot, 'repoRoot', input.flowMode)],
+            _meta: { audit },
+        };
+    }
+    if (!input.worktreeRoot) {
+        audit.deniedReason = 'missing_worktree_root';
+        return { roots: [], _meta: { audit } };
+    }
+    audit.exposed.push('worktreeRoot');
+    return {
+        roots: [toRoot(input.worktreeRoot, 'worktreeRoot', input.flowMode)],
+        _meta: { audit },
+    };
+}
+export class McpRootsProvider {
+    options;
+    constructor(options) {
+        this.options = options;
+    }
+    listRoots(input) {
+        if (input)
+            return buildResult(input).roots;
+        if (!this.options)
+            return buildResult({ repoRoot: '', mode: 'none' });
+        return buildResult(this.options);
+    }
+}
+//# sourceMappingURL=roots-provider.js.map