stk-codegen 1.2.0 → 1.2.2

package/README.md

@@ -3,6 +3,7 @@
 CLI interativa (TUI com Ink/React) para se conectar a um agente CodeGen via HTTP/WebSocket.
 
 - [Execução da CLI](#execução-da-cli)
+- [Configurações e Permissões (User Settings)](#configurações-e-permissões-user-settings)
 - [Configuração do backend](#configuração-do-backend)
   - [Endpoints esperados](#endpoints-esperados)
 - [Rodando a CLI em modo de desenvolvimento](#rodando-a-cli-em-modo-desenvolvimento)
@@ -14,6 +15,33 @@ CLI interativa (TUI com Ink/React) para se conectar a um agente CodeGen via HTTP
 
 ## Execução da CLI
 
+### Autenticação
+
+A CLI suporta dois modos de autenticação:
+
+1. **Interativo (device flow)**: solicitado quando não há sessão autenticada e as variáveis de client-credentials não estão configuradas.
+2. **Não-interativo (client credentials via env vars)**: quando as variáveis abaixo estiverem configuradas, a CLI autentica automaticamente sem prompt.
+
+Variáveis de ambiente (client credentials):
+
+- `STK_CODEGEN_IAM_REALM` (ex.: `stackspot`)
+- `STK_CODEGEN_IAM_CLIENT_ID`
+- `STK_CODEGEN_IAM_CLIENT_SECRET`
+
+Opcional:
+
+- `AUTH_DEVICE_URL` (default: `https://auth.stackspot.com`)
+
+Exemplo:
+
+```bash
+export STK_CODEGEN_IAM_REALM=stackspot
+export STK_CODEGEN_IAM_CLIENT_ID=your-client-id
+export STK_CODEGEN_IAM_CLIENT_SECRET=your-client-secret
+
+stk-codegen
+```
+
 **Pré‑requisitos**
 
 - [Node.js](https://nodejs.org/) (versão LTS recomendada > 22.x)
@@ -62,6 +90,17 @@ pnpm dev
 
 ---
 
+## Configurações e Permissões (User Settings)
+
+O CodeGen CLI possui um sistema de permissões baseado em arquivos YAML que permite controlar quais ferramentas o agente pode executar.
+
+Para saber mais, consulte:
+
+- [Guia do Usuário](./docs/USER_SETTINGS.md): Como configurar o `settings.yaml` e gerenciar permissões.
+- [Documentação Técnica](./docs/TECHNICAL_USER_SETTINGS.md): Detalhes sobre a arquitetura do sistema de permissões.
+
+---
+
 **Passos para executar localmente (apontando para backend local)**
 
 ## Configuração do backend

package/dist/327.index.js

@@ -0,0 +1,117 @@
+export const id = 327;
+export const ids = [327];
+export const modules = {
+
+/***/ 5327:
+/***/ ((__unused_webpack_module, __webpack_exports__, __webpack_require__) => {
+
+
+// EXPORTS
+__webpack_require__.d(__webpack_exports__, {
+  runHeadless: () => (/* binding */ runHeadless)
+});
+
+// EXTERNAL MODULE: ./src/services/websocketClient.ts
+var websocketClient = __webpack_require__(2435);
+;// CONCATENATED MODULE: ./src/core/agent/approvalStrategy.ts
+class AutoApprovalStrategy {
+    async approveShell(_pending) {
+        return true;
+    }
+    async approveDiff(_review) {
+        return ['accepted', undefined];
+    }
+}
+
+// EXTERNAL MODULE: ./src/core/agent/toolExecutor.ts
+var agent_toolExecutor = __webpack_require__(7035);
+;// CONCATENATED MODULE: ./src/headless/HeadlessRunner.ts
+
+
+
+async function runHeadless(prompt, effort) {
+    const approvalStrategy = new AutoApprovalStrategy();
+    const toolExecutor = new agent_toolExecutor/* ToolExecutor */.K(approvalStrategy, {
+        onStateEvent: (eventType, data) => {
+            if (process.env['STK_DEBUG_AGENT_STREAM'] === '1') {
+                process.stderr.write(`[headless] ${eventType} ${JSON.stringify(data ?? {})}\n`);
+            }
+        }
+    });
+    const currentToolIds = new Set();
+    let resolved = false;
+    return new Promise((resolve, reject) => {
+        const finalize = (err) => {
+            if (resolved)
+                return;
+            resolved = true;
+            if (err)
+                reject(err);
+            else
+                resolve();
+        };
+        const handleMessage = (data) => {
+            if (data.type === 'agent_error') {
+                const message = data.payload?.message || 'Agent error';
+                process.stderr.write(`Error: ${message}\n`);
+                finalize(new Error(message));
+                return;
+            }
+            if (data.type === 'agent_message') {
+                const content = data.payload?.content || '';
+                process.stdout.write(content);
+                if (!content.endsWith('\n'))
+                    process.stdout.write('\n');
+                finalize();
+                return;
+            }
+            if (data.type === 'agent_message_delta') {
+                const content = data.payload?.content || '';
+                process.stdout.write(content);
+                return;
+            }
+            if (data.type === 'agent_thought') {
+                if (process.env['STK_DEBUG_AGENT_STREAM'] === '1') {
+                    process.stderr.write(`[thought] ${data.payload?.content || ''}\n`);
+                }
+                return;
+            }
+            if (data.type === 'agent_finished') {
+                process.stdout.write('\n');
+                finalize();
+                return;
+            }
+            if (data.type === 'run_tool') {
+                const { tool_id } = data.payload;
+                if (currentToolIds.has(tool_id))
+                    return;
+                currentToolIds.add(tool_id);
+                Promise.resolve().then(() => toolExecutor.execute(data.payload));
+                return;
+            }
+            if (data.type === 'agent_generation_cancelled') {
+                process.stderr.write('Agent generation was cancelled.\n');
+                finalize();
+            }
+        };
+        websocketClient/* websocketClient */.V
+            .connect(handleMessage, (status) => {
+            if (process.env['STK_DEBUG_WS'] === '1') {
+                process.stderr.write(`[ws] status: ${status}\n`);
+            }
+        })
+            .then(() => {
+            websocketClient/* websocketClient */.V.send({
+                type: 'user_message',
+                payload: { prompt },
+                effort: effort
+            });
+        })
+            .catch(finalize);
+    });
+}
+
+
+/***/ })
+
+};

package/dist/i18n/en_US.yaml

@@ -16,6 +16,19 @@ STK_MESSAGE_OUTPUT_ERROR_INVALID_COMMAND: '`{command}` is not a valid command.'
 STK_MESSAGE_OUTPUT_INFO_USE_HELP_TO_SEE_AVAILABLE_COMMANDS: Use --help to see available commands.
 STK_MESSAGE_OUTPUT_SUCCESS_LOGIN_PERFORMED_SUCCESSFULLY_WITH_EMAIL: Login performed successfully using e-mail {email}!
 STK_MESSAGE_OUTPUT_SUCCESS_LOGOUT_PERFORMED_SUCCESSFULLY: Logout performed successfully.
+
+# Shortcuts table (/help, /?)
+STK_MESSAGE_UI_SHORTCUTS_TITLE: Shortcuts
+STK_MESSAGE_UI_SHORTCUTS_COLUMN_KEYS: Keys
+STK_MESSAGE_UI_SHORTCUTS_COLUMN_ACTION: Action
+STK_MESSAGE_UI_SHORTCUTS_ROW_CTRL_T: toggle AUTO / APPROVAL mode
+STK_MESSAGE_UI_SHORTCUTS_ROW_ESC: cancel agent response (when thinking/streaming)
+STK_MESSAGE_UI_SHORTCUTS_ROW_ESC_ESC: clear current input
+STK_MESSAGE_UI_SHORTCUTS_ROW_CTRL_C: exit (press Ctrl+C again to confirm)
+STK_MESSAGE_UI_SHORTCUTS_ROW_CTRL_V: paste image from clipboard (attaches as [IMG#n])
+STK_MESSAGE_UI_SHORTCUTS_ROW_CTRL_S: view full diff in static mode (when applicable)
+STK_MESSAGE_UI_SHORTCUTS_ROW_ARROWS: prompt history (or move between lines in multiline)
+
 STK_MESSAGE_UI_LOGIN_TITLE: Authentication
 STK_MESSAGE_UI_LOGIN_EMAIL_LABEL: 'Login e-mail:'
 STK_MESSAGE_UI_LOGIN_HINT_ENTER_TO_START: Type your e-mail and press Enter to start.
@@ -25,8 +38,25 @@ STK_MESSAGE_BUSINESS_EXCEPTION_LOGIN_MAX_RETRIES: Couldn't possible confirm the
 STK_MESSAGE_BUSINESS_EXCEPTION_AUTH_CREATE_SESSION_FILE: Couldn't create session file at {sessionFile}
 STK_MESSAGE_BUSINESS_EXCEPTION_AUTH_GET_SESSION_FILE: Couldn't read session file at {sessionFile}. Please login again.
 STK_MESSAGE_BUSINESS_EXCEPTION_AUTH_GET_URLS_AND_DEVICE: An error occurred while retrieving URLS and device model. Check the logs for more details.
+STK_MESSAGE_BUSINESS_EXCEPTION_AUTH_CLIENT_CREDENTIALS: An error occurred while authenticating using client credentials. Check your realm/client id/client secret and try again.
+STK_MESSAGE_OUTPUT_ERROR_AUTH_CLIENT_CREDENTIALS_ENV_INCOMPLETE: 'Client-credentials auth is partially configured. Missing environment variables: {missing}'
 STK_MESSAGE_BUSINESS_EXCEPTION_FETCH_WELL_KNOWN_DATA_ERROR: An error occurred while fetching for login urls.
 STK_MESSAGE_BUSINESS_EXCEPTION_RENEW_SESSION_TOKEN_ERROR: 'An error occurred while renewing the session token. Check the logs for more details.'
 STK_MESSAGE_BUSINESS_EXCEPTION_REVOKE_SESSION_TOKEN_ERROR: 'An error occurred while revoking the current session token. Check the logs for more details.'
 STK_MESSAGE_OUTPUT_ERROR_BROWSER_OPEN_FAILED: Could not open your default browser automatically. Please open the URL manually
 STK_MESSAGE_OUTPUT_ERROR_AUTH_VERIFICATION_URL_NOT_AVAILABLE: Could not start authentication because the verification URL was not provided by the identity provider.
+STK_MESSAGE_OUTPUT_ERROR_UNEXPECTED_ERROR: 'Unexpected error during authentication: {message}'
+STK_MESSAGE_OUTPUT_ERROR_TOOL_NOT_FOUND: "Error: Tool '{toolName}' not found."
+STK_MESSAGE_OUTPUT_ERROR_USER_REJECTED_COMMAND_EXECUTION: User rejected command execution.
+STK_MESSAGE_OUTPUT_ERROR_USER_REJECTED_CHANGES: User rejected changes.
+STK_MESSAGE_OUTPUT_ERROR_HEADLESS_SESSION_ERROR: 'Headless session error: {message}'
+STK_MESSAGE_OUTPUT_INFO_SHELL_REJECTED_BY_USER: '· Shell: {command} (rejected by user)'
+STK_MESSAGE_OUTPUT_ERROR_SHELL_SIGINT_FAILED: 'Failed to send SIGINT to shell process: {error}'
+STK_MESSAGE_OUTPUT_ERROR_INVALID_EFFORT: 'Invalid value for flag effort: {effort}.'
+
+# User Settings
+STK_MESSAGE_OUTPUT_ERROR_USER_SETTINGS_INVALID_FORMAT: 'Invalid {filePath} format:'
+STK_MESSAGE_OUTPUT_ERROR_USER_SETTINGS_READ_ERROR: 'Error reading {filePath}: {error}'
+STK_MESSAGE_OUTPUT_ERROR_USER_SETTINGS_INVALID_RULE: "Invalid rule format. Expected 'ToolName' or 'ToolName(argument)'"
+STK_MESSAGE_OUTPUT_ERROR_USER_SETTINGS_DENIED_BY_LOCAL_SETTINGS: "Error: Tool '{toolName}' denied by local user settings (Rule: {rule})."
+STK_MESSAGE_OUTPUT_ERROR_USER_SETTINGS_DENIED_BY_LOCAL_SETTINGS_NO_RULE: "Error: Tool '{toolName}' denied by local user settings."