npm - teamcopilot - Versions diffs - 0.0.1 - Mend

teamcopilot 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (209) hide show

package/dist/workspace_files/.opencode/plugins/listAvailableWorkflows.ts ADDED Viewed

@@ -0,0 +1,93 @@
+import { type Plugin, tool } from "@opencode-ai/plugin"
+function getApiBaseUrl(): string {
+  const port = process.env.TEAMCOPILOT_PORT?.trim()
+  if (!port) {
+    throw new Error("TEAMCOPILOT_PORT must be set.")
+  }
+  return `http://localhost:${port}`
+}
+interface WorkflowSummary {
+  slug: string
+  name: string
+  intent_summary: string
+  is_approved: boolean
+  can_edit: boolean
+}
+async function readErrorMessageFromResponse(
+  response: Response,
+  fallbackMessage: string
+): Promise<string> {
+  try {
+    const text = await response.text()
+    if (!text) return fallbackMessage
+    try {
+      const parsed: unknown = JSON.parse(text)
+      if (parsed && typeof parsed === "object" && "message" in parsed) {
+        const msg = (parsed as { message?: unknown }).message
+        if (typeof msg === "string" && msg.trim().length > 0) return msg
+      }
+    } catch {
+      // fall back to plain text
+    }
+    return text.trim().length > 0 ? text : fallbackMessage
+  } catch {
+    return fallbackMessage
+  }
+}
+export const ListAvailableWorkflowsPlugin: Plugin = async (_ctx) => {
+  return {
+    tool: {
+      listAvailableWorkflows: tool({
+        description:
+          "List workflows that are available for this user to use. Returns all workflows the current user can access, including those pending approval.",
+        args: {},
+        async execute(_args, context) {
+          const { sessionID } = context
+          const response = await fetch(`${getApiBaseUrl()}/api/workflows`, {
+            headers: {
+              Authorization: `Bearer ${sessionID}`,
+            },
+          })
+          if (!response.ok) {
+            const errorMessage = await readErrorMessageFromResponse(
+              response,
+              `Failed to list workflows (HTTP ${response.status})`
+            )
+            throw new Error(errorMessage)
+          }
+          const payload = (await response.json()) as {
+            workflows?: WorkflowSummary[]
+          }
+          const availableWorkflows = (payload.workflows ?? [])
+            .map((workflow) => ({
+              slug: workflow.slug,
+              name: workflow.name,
+              intent_summary: workflow.intent_summary,
+              is_approved: workflow.is_approved,
+            }))
+          return JSON.stringify(
+            {
+              workflows: availableWorkflows,
+              total: availableWorkflows.length,
+            },
+            null,
+            2
+          )
+        },
+      }),
+    },
+  }
+}
+export default ListAvailableWorkflowsPlugin

package/dist/workspace_files/.opencode/plugins/python-protection.ts ADDED Viewed

@@ -0,0 +1,184 @@
+import type { Plugin } from "@opencode-ai/plugin"
+import type { Dirent } from "node:fs"
+import fs from "node:fs/promises"
+import path from "node:path"
+const pythonInterpreterPattern =
+    /(^|[\s;|&()])(?:\/[\w./-]*python(?:\d+(?:\.\d+)*)?|python(?:\d+(?:\.\d+)*)?|py|pypy)(?=$|[\s;|&()])/i
+const tokenizeCommand = (command: string): string[] => {
+    const tokens = command.match(/"[^"]*"|'[^']*'|&&|\|\||[;|]|[^\s]+/g) ?? []
+    return tokens.map((token) => {
+        if (
+            (token.startsWith("\"") && token.endsWith("\"")) ||
+            (token.startsWith("'") && token.endsWith("'"))
+        ) {
+            return token.slice(1, -1)
+        }
+        return token
+    })
+}
+const isPythonInterpreterToken = (token: string): boolean => {
+    const base = path.basename(token)
+    return /^(?:python(?:\d+(?:\.\d+)*)?|py|pypy)$/i.test(base)
+}
+const CONTROL_TOKENS = new Set(["&&", "||", ";", "|"])
+const resolveCommandCwd = (rawCwd: unknown, fallbackDirectory: string): string => {
+    if (typeof rawCwd !== "string" || rawCwd.trim() === "") {
+        return fallbackDirectory
+    }
+    return path.isAbsolute(rawCwd) ? rawCwd : path.resolve(fallbackDirectory, rawCwd)
+}
+const resolveRunPyTarget = (command: string, executionCwd: string): string | null => {
+    const tokens = tokenizeCommand(command)
+    let currentCwd = executionCwd
+    for (let i = 0; i < tokens.length; i += 1) {
+        const token = tokens[i]
+        if (token === "cd") {
+            const destination = tokens[i + 1]
+            if (destination && !CONTROL_TOKENS.has(destination)) {
+                currentCwd = path.resolve(currentCwd, destination)
+                i += 1
+            }
+            continue
+        }
+        if (!isPythonInterpreterToken(token)) {
+            continue
+        }
+        for (let j = i + 1; j < tokens.length; j += 1) {
+            const nextToken = tokens[j]
+            if (CONTROL_TOKENS.has(nextToken)) {
+                break
+            }
+            if (nextToken === "-m" || nextToken === "-c" || nextToken === "-") {
+                break
+            }
+            if (nextToken.startsWith("-")) {
+                continue
+            }
+            if (path.basename(nextToken) === "run.py") {
+                return path.resolve(currentCwd, nextToken)
+            }
+            break
+        }
+    }
+    return null
+}
+const getWorkflowRunPyFilesFromDir = async (workflowsDir: string): Promise<string[]> => {
+    let entries: Dirent[]
+    try {
+        entries = await fs.readdir(workflowsDir, { withFileTypes: true })
+    } catch {
+        return []
+    }
+    return entries.filter((entry) => entry.isDirectory()).map((entry) => path.join(workflowsDir, entry.name, "run.py"))
+}
+const getWorkflowRunPyFiles = async (roots: string[]): Promise<string[]> => {
+    const all = new Set<string>()
+    for (const root of roots) {
+        const candidates = [
+            path.join(root, "workflows"),
+            path.join(root, "src", "workspace_files", "workflows"),
+        ]
+        for (const workflowsDir of candidates) {
+            const files = await getWorkflowRunPyFilesFromDir(workflowsDir)
+            for (const file of files) {
+                all.add(file)
+            }
+        }
+    }
+    return Array.from(all)
+}
+const shouldBlockByContentMatch = async (targetRunPy: string, roots: string[]): Promise<boolean> => {
+    let targetContent: string
+    try {
+        targetContent = await fs.readFile(targetRunPy, "utf8")
+    } catch {
+        return false
+    }
+    const workflowRunPyFiles = await getWorkflowRunPyFiles(roots)
+    for (const workflowRunPy of workflowRunPyFiles) {
+        try {
+            const workflowContent = await fs.readFile(workflowRunPy, "utf8")
+            if (workflowContent === targetContent) {
+                return true
+            }
+        } catch {
+            // Ignore missing/unreadable workflow run.py files.
+        }
+    }
+    return false
+}
+export const PythonProtection: Plugin = async ({ directory, worktree }) => {
+    const checkCommand = async (command: string, rawCwd?: unknown): Promise<void> => {
+        if (!pythonInterpreterPattern.test(command)) {
+            return
+        }
+        const commandCwd = resolveCommandCwd(rawCwd, directory)
+        let targetRunPy = resolveRunPyTarget(command, commandCwd)
+        if (!targetRunPy && /(^|[\/\s])run\.py($|[\s;|&()])/.test(command)) {
+            targetRunPy = path.resolve(commandCwd, "run.py")
+        }
+        if (!targetRunPy) {
+            return
+        }
+        const roots = Array.from(new Set([
+            directory,
+            worktree,
+            path.resolve(directory, ".."),
+            path.resolve(directory, "../.."),
+            path.resolve(commandCwd, ".."),
+            path.resolve(commandCwd, "../.."),
+        ].filter(Boolean)))
+        if (await shouldBlockByContentMatch(targetRunPy, roots)) {
+            throw new Error("Direct workflow execution via Python is not allowed. Use the runWorkflow tool instead.")
+        }
+    }
+    return {
+        "command.execute.before": async (input) => {
+            const command = [input.command, input.arguments].filter(Boolean).join(" ").trim()
+            if (!command) {
+                return
+            }
+            await checkCommand(command, directory)
+        },
+        "tool.execute.before": async (input, output) => {
+            const commandCandidates: unknown[] = [
+                output.args?.command,
+                output.args?.cmd,
+                output.args?.arguments,
+                output.args?.script,
+                (input as { args?: { command?: string; cmd?: string; arguments?: string; script?: string } }).args?.command,
+                (input as { args?: { command?: string; cmd?: string; arguments?: string; script?: string } }).args?.cmd,
+                (input as { args?: { command?: string; cmd?: string; arguments?: string; script?: string } }).args?.arguments,
+                (input as { args?: { command?: string; cmd?: string; arguments?: string; script?: string } }).args?.script,
+            ]
+            const commandValue = commandCandidates.find((value) => typeof value === "string" && value.trim() !== "")
+            if (typeof commandValue !== "string") {
+                return
+            }
+            const commandCwd = output.args?.workdir ?? output.args?.cwd ?? input.args?.workdir ?? input.args?.cwd
+            await checkCommand(commandValue, commandCwd)
+        },
+    }
+}

package/dist/workspace_files/.opencode/plugins/runWorkflow.ts ADDED Viewed

@@ -0,0 +1,168 @@
+import { type Plugin, tool } from "@opencode-ai/plugin"
+function getApiBaseUrl(): string {
+  const port = process.env.TEAMCOPILOT_PORT?.trim()
+  if (!port) {
+    throw new Error("TEAMCOPILOT_PORT must be set.")
+  }
+  return `http://localhost:${port}`
+}
+function extractMessageId(context: unknown): string | null {
+  if (!context || typeof context !== "object") {
+    return null
+  }
+  const candidate = (context as { messageID?: unknown; messageId?: unknown; message_id?: unknown })
+  const raw = candidate.messageID ?? candidate.messageId ?? candidate.message_id
+  if (typeof raw === "string" && raw.trim().length > 0) {
+    return raw
+  }
+  if (typeof raw === "number" && Number.isFinite(raw)) {
+    return String(raw)
+  }
+  return null
+}
+function extractCallId(context: unknown): string | null {
+  if (!context || typeof context !== "object") {
+    return null
+  }
+  const candidate = (context as { callID?: unknown; callId?: unknown; call_id?: unknown })
+  const raw = candidate.callID ?? candidate.callId ?? candidate.call_id
+  if (typeof raw === "string" && raw.trim().length > 0) {
+    return raw
+  }
+  return null
+}
+async function readErrorMessageFromResponse(
+  response: Response,
+  fallbackMessage: string
+): Promise<string> {
+  try {
+    const text = await response.text()
+    if (!text) return fallbackMessage
+    try {
+      const parsed: unknown = JSON.parse(text)
+      if (parsed && typeof parsed === "object" && "message" in parsed) {
+        const msg = (parsed as { message?: unknown }).message
+        if (typeof msg === "string" && msg.trim().length > 0) return msg
+      }
+    } catch {
+      // fall back to text
+    }
+    return text.trim().length > 0 ? text : fallbackMessage
+  } catch {
+    return fallbackMessage
+  }
+}
+function sleep(ms: number): Promise<void> {
+  return new Promise((resolve) => setTimeout(resolve, ms))
+}
+export const RunWorkflowPlugin: Plugin = async (_ctx) => {
+  return {
+    tool: {
+      runWorkflow: tool({
+        description:
+          "Execute a workflow with the provided inputs. Validates inputs against the workflow's schema defined in workflow.json, runs the workflow's venv Python with run.py and appropriate arguments, streams output in real-time, and enforces the timeout defined in workflow.json.",
+        args: {
+          slug: tool.schema
+            .string()
+            .describe(
+              "The workflow slug (folder name under workflows/)"
+            ),
+          inputs: tool.schema
+            .record(tool.schema.string(), tool.schema.unknown())
+            .optional()
+            .default({})
+            .describe(
+              "Key-value pairs matching the workflow's input schema from workflow.json"
+            ),
+        },
+        async execute(args, context) {
+          const { sessionID } = context
+          const { slug, inputs = {} } = args
+          const messageId = extractMessageId(context)
+          const callId = extractCallId(context)
+          if (!messageId) {
+            throw new Error("Could not determine message id from tool context.")
+          }
+          if (!callId) {
+            throw new Error("Could not determine call id from tool context.")
+          }
+          const startResponse = await fetch(`${getApiBaseUrl()}/api/workflows/execute`, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              Authorization: `Bearer ${sessionID}`,
+            },
+            body: JSON.stringify({
+              slug,
+              inputs,
+              message_id: messageId,
+              call_id: callId,
+            }),
+          })
+          if (!startResponse.ok) {
+            const errorMessage = await readErrorMessageFromResponse(
+              startResponse,
+              `Failed to execute workflow (HTTP ${startResponse.status})`
+            )
+            throw new Error(errorMessage)
+          }
+          const startedPayload = (await startResponse.json()) as {
+            execution_id?: unknown
+          }
+          const executionId = startedPayload.execution_id
+          if (typeof executionId !== "string" || executionId.trim().length === 0) {
+            throw new Error("Workflow execute start response did not include execution_id.")
+          }
+          while (true) {
+            const resultResponse = await fetch(
+              `${getApiBaseUrl()}/api/workflows/execute/${encodeURIComponent(executionId)}`,
+              {
+                method: "GET",
+                headers: {
+                  Authorization: `Bearer ${sessionID}`,
+                },
+              }
+            )
+            if (!resultResponse.ok) {
+              const errorMessage = await readErrorMessageFromResponse(
+                resultResponse,
+                `Failed to fetch workflow execution result (HTTP ${resultResponse.status})`
+              )
+              throw new Error(errorMessage)
+            }
+            const resultPayload = (await resultResponse.json()) as {
+              status?: unknown
+            }
+            if (resultPayload.status === "running") {
+              await sleep(500)
+              continue
+            }
+            if (resultPayload.status !== "success") {
+              throw new Error(JSON.stringify(resultPayload))
+            }
+            return JSON.stringify(resultPayload)
+          }
+        },
+      }),
+    },
+  }
+}
+export default RunWorkflowPlugin

package/dist/workspace_files/.opencode/tsconfig.json ADDED Viewed

@@ -0,0 +1,16 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "strict": false,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "declaration": true,
+    "outDir": "./dist",
+    "rootDir": "./plugins"
+  },
+  "include": ["plugins/**/*.ts"],
+  "exclude": ["node_modules", "dist"]
+}