zero-config-cli-bridge 2.1.0 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/approval.d.ts +41 -11
- package/dist/approval.d.ts.map +1 -1
- package/dist/approval.js +90 -68
- package/dist/approval.js.map +1 -1
- package/dist/index.js +79 -10
- package/dist/index.js.map +1 -1
- package/dist/schema.d.ts.map +1 -1
- package/dist/schema.js +18 -4
- package/dist/schema.js.map +1 -1
- package/dist/security.d.ts +1 -1
- package/dist/security.js +1 -1
- package/package.json +1 -1
package/dist/approval.d.ts
CHANGED
|
@@ -1,16 +1,46 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* Non-blocking HITL gate for headless MCP environments.
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
7
|
-
* 2. Opens the system browser to the approval page.
|
|
8
|
-
* 3. Blocks until the human clicks Approve or Deny — the MCP response
|
|
9
|
-
* is held pending; the agent receives nothing in the meantime.
|
|
10
|
-
* 4. Denies by default on timeout (2 min) or server error.
|
|
4
|
+
* Immediately returns { approvalId, url } so the agent can show the URL in
|
|
5
|
+
* the chat UI. The HTTP approval server keeps running in the background.
|
|
6
|
+
* The human clicks the URL at their own pace; no MCP response is held open.
|
|
11
7
|
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
8
|
+
* Both the gh args array and the tool name are frozen at Phase 1 and stored
|
|
9
|
+
* server-side. Phase 2 retrieves and executes those frozen values — the agent
|
|
10
|
+
* cannot substitute different arguments or redirect approval to a different
|
|
11
|
+
* tool after the human has granted it.
|
|
12
|
+
*
|
|
13
|
+
* TTL: if Phase 2 is never called, the slot self-destructs when the timeout
|
|
14
|
+
* fires, preventing unbounded memory growth from orphaned approvals.
|
|
15
|
+
*
|
|
16
|
+
* Browser open is attempted as a convenience but failure is non-fatal —
|
|
17
|
+
* the URL is always returned to the agent regardless of browser state.
|
|
18
|
+
*/
|
|
19
|
+
export declare function startApproval(preview: string, frozenArgs: string[], frozenToolName: string): Promise<{
|
|
20
|
+
approvalId: string;
|
|
21
|
+
url: string;
|
|
22
|
+
}>;
|
|
23
|
+
/**
|
|
24
|
+
* Consumes an approval slot and returns the frozen execution context.
|
|
25
|
+
*
|
|
26
|
+
* Returns:
|
|
27
|
+
* { status: 'approved', frozenArgs, frozenToolName } — human approved
|
|
28
|
+
* { status: 'denied' } — human denied / timed out
|
|
29
|
+
* { status: 'unknown' } — slot not found or already consumed
|
|
30
|
+
*
|
|
31
|
+
* Exactly-once guarantee: the slot is removed from the registry BEFORE the
|
|
32
|
+
* async wait, so concurrent Phase 2 calls with the same approvalId will find
|
|
33
|
+
* an empty slot and receive 'unknown' rather than executing twice.
|
|
34
|
+
*
|
|
35
|
+
* Node.js is single-threaded: the get-then-delete sequence between the first
|
|
36
|
+
* line and the await is atomic with respect to other event-loop callbacks.
|
|
14
37
|
*/
|
|
15
|
-
export
|
|
38
|
+
export type ApprovalResult = {
|
|
39
|
+
status: 'approved';
|
|
40
|
+
frozenArgs: string[];
|
|
41
|
+
frozenToolName: string;
|
|
42
|
+
} | {
|
|
43
|
+
status: 'denied' | 'unknown';
|
|
44
|
+
};
|
|
45
|
+
export declare function waitForApproval(approvalId: string): Promise<ApprovalResult>;
|
|
16
46
|
//# sourceMappingURL=approval.d.ts.map
|
package/dist/approval.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"approval.d.ts","sourceRoot":"","sources":["../src/approval.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"approval.d.ts","sourceRoot":"","sources":["../src/approval.ts"],"names":[],"mappings":"AAmIA;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAAE,EACpB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAC,CAwE9C;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,cAAc,GACtB;IAAE,MAAM,EAAE,UAAU,CAAC;IAAC,UAAU,EAAE,MAAM,EAAE,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,GACpE;IAAE,MAAM,EAAE,QAAQ,GAAG,SAAS,CAAA;CAAE,CAAC;AAErC,wBAAsB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAajF"}
|
package/dist/approval.js
CHANGED
|
@@ -2,7 +2,7 @@ import { createServer } from 'http';
|
|
|
2
2
|
import { exec } from 'child_process';
|
|
3
3
|
import { randomBytes } from 'crypto';
|
|
4
4
|
import { readFileSync } from 'fs';
|
|
5
|
-
const APPROVAL_TIMEOUT_MS =
|
|
5
|
+
const APPROVAL_TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes — deny on timeout
|
|
6
6
|
function detectPlatform() {
|
|
7
7
|
if (process.platform === 'darwin')
|
|
8
8
|
return 'mac';
|
|
@@ -18,7 +18,7 @@ function detectPlatform() {
|
|
|
18
18
|
}
|
|
19
19
|
function openBrowser(url) {
|
|
20
20
|
const p = detectPlatform();
|
|
21
|
-
//
|
|
21
|
+
// Best-effort only — failure is non-fatal; URL is returned to agent anyway.
|
|
22
22
|
const cmd = p === 'mac' ? `open '${url}'` :
|
|
23
23
|
p === 'windows' ? `start "" "${url}"` :
|
|
24
24
|
p === 'wsl' ? `explorer.exe '${url}'` :
|
|
@@ -88,7 +88,7 @@ function approvalPage(preview, token) {
|
|
|
88
88
|
}
|
|
89
89
|
function donePage(approved) {
|
|
90
90
|
const [icon, color, msg] = approved
|
|
91
|
-
? ['✓', '#16a34a', 'Approved —
|
|
91
|
+
? ['✓', '#16a34a', 'Approved — the agent will now execute the operation.']
|
|
92
92
|
: ['✗', '#dc2626', 'Denied — operation was cancelled.'];
|
|
93
93
|
return `<!DOCTYPE html><html><head><meta charset="utf-8"><title>Done</title></head>
|
|
94
94
|
<body style="font-family:system-ui;text-align:center;padding:60px;color:${color}">
|
|
@@ -97,78 +97,100 @@ function donePage(approved) {
|
|
|
97
97
|
<p style="color:#64748b">You can close this tab.</p>
|
|
98
98
|
</body></html>`;
|
|
99
99
|
}
|
|
100
|
+
// Keyed by approvalId (opaque hex string handed to the agent).
|
|
101
|
+
const slots = new Map();
|
|
100
102
|
// ── Public API ──────────────────────────────────────────────────────────────
|
|
101
103
|
/**
|
|
102
|
-
*
|
|
104
|
+
* Non-blocking HITL gate for headless MCP environments.
|
|
103
105
|
*
|
|
104
|
-
*
|
|
105
|
-
*
|
|
106
|
-
*
|
|
107
|
-
* 2. Opens the system browser to the approval page.
|
|
108
|
-
* 3. Blocks until the human clicks Approve or Deny — the MCP response
|
|
109
|
-
* is held pending; the agent receives nothing in the meantime.
|
|
110
|
-
* 4. Denies by default on timeout (2 min) or server error.
|
|
106
|
+
* Immediately returns { approvalId, url } so the agent can show the URL in
|
|
107
|
+
* the chat UI. The HTTP approval server keeps running in the background.
|
|
108
|
+
* The human clicks the URL at their own pace; no MCP response is held open.
|
|
111
109
|
*
|
|
112
|
-
*
|
|
113
|
-
*
|
|
110
|
+
* Both the gh args array and the tool name are frozen at Phase 1 and stored
|
|
111
|
+
* server-side. Phase 2 retrieves and executes those frozen values — the agent
|
|
112
|
+
* cannot substitute different arguments or redirect approval to a different
|
|
113
|
+
* tool after the human has granted it.
|
|
114
|
+
*
|
|
115
|
+
* TTL: if Phase 2 is never called, the slot self-destructs when the timeout
|
|
116
|
+
* fires, preventing unbounded memory growth from orphaned approvals.
|
|
117
|
+
*
|
|
118
|
+
* Browser open is attempted as a convenience but failure is non-fatal —
|
|
119
|
+
* the URL is always returned to the agent regardless of browser state.
|
|
114
120
|
*/
|
|
115
|
-
export async function
|
|
121
|
+
export async function startApproval(preview, frozenArgs, frozenToolName) {
|
|
116
122
|
const token = randomBytes(24).toString('hex');
|
|
123
|
+
const approvalId = randomBytes(12).toString('hex');
|
|
117
124
|
const port = await findFreePort();
|
|
118
|
-
const
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
`Opening browser for approval…\n` +
|
|
158
|
-
`If the browser does not open, visit:\n \x1b[36m${url}\x1b[0m\n` +
|
|
159
|
-
`Waiting (timeout 2 min — deny on timeout)…\n`);
|
|
160
|
-
openBrowser(url);
|
|
161
|
-
});
|
|
162
|
-
server.on('error', (err) => {
|
|
163
|
-
process.stderr.write(`Approval server error: ${err.message}\n`);
|
|
164
|
-
settle(false);
|
|
165
|
-
});
|
|
166
|
-
setTimeout(() => {
|
|
167
|
-
if (!settled) {
|
|
168
|
-
process.stderr.write('\x1b[31mApproval timed out — denied by default.\x1b[0m\n');
|
|
169
|
-
settle(false);
|
|
170
|
-
}
|
|
171
|
-
}, APPROVAL_TIMEOUT_MS);
|
|
125
|
+
const url = `http://127.0.0.1:${port}/${token}`;
|
|
126
|
+
let resolveApproval;
|
|
127
|
+
const promise = new Promise((res) => { resolveApproval = res; });
|
|
128
|
+
let settled = false;
|
|
129
|
+
const settle = (approved, res) => {
|
|
130
|
+
if (settled)
|
|
131
|
+
return;
|
|
132
|
+
settled = true;
|
|
133
|
+
if (res) {
|
|
134
|
+
res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
|
|
135
|
+
res.end(donePage(approved));
|
|
136
|
+
}
|
|
137
|
+
setTimeout(() => httpServer.close(), 500);
|
|
138
|
+
process.stderr.write(approved
|
|
139
|
+
? '\x1b[32m✓ Approved — agent will execute write operation.\x1b[0m\n\n'
|
|
140
|
+
: '\x1b[31m✗ Denied — write operation cancelled.\x1b[0m\n\n');
|
|
141
|
+
resolveApproval(approved);
|
|
142
|
+
};
|
|
143
|
+
const httpServer = createServer((req, res) => {
|
|
144
|
+
if (req.method === 'GET' && req.url === `/${token}`) {
|
|
145
|
+
res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
|
|
146
|
+
res.end(approvalPage(preview, token));
|
|
147
|
+
return;
|
|
148
|
+
}
|
|
149
|
+
if (req.method === 'POST' && req.url === `/approve/${token}`) {
|
|
150
|
+
settle(true, res);
|
|
151
|
+
return;
|
|
152
|
+
}
|
|
153
|
+
if (req.method === 'POST' && req.url === `/deny/${token}`) {
|
|
154
|
+
settle(false, res);
|
|
155
|
+
return;
|
|
156
|
+
}
|
|
157
|
+
res.writeHead(404);
|
|
158
|
+
res.end();
|
|
159
|
+
});
|
|
160
|
+
// Await bind so the port is guaranteed open before we return the URL.
|
|
161
|
+
await new Promise((resolve, reject) => {
|
|
162
|
+
httpServer.listen(port, '127.0.0.1', resolve);
|
|
163
|
+
httpServer.on('error', reject);
|
|
172
164
|
});
|
|
165
|
+
process.stderr.write(`\n\x1b[33m━━━ APPROVAL REQUIRED ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m\n` +
|
|
166
|
+
`\x1b[1m${preview}\x1b[0m\n\n` +
|
|
167
|
+
`Approval URL:\n \x1b[36m${url}\x1b[0m\n` +
|
|
168
|
+
`Server port: ${port} token found: true\n`);
|
|
169
|
+
openBrowser(url);
|
|
170
|
+
// TTL: on timeout, deny AND remove the slot from the registry so orphaned
|
|
171
|
+
// approvals don't accumulate in memory if Phase 2 is never called.
|
|
172
|
+
setTimeout(() => {
|
|
173
|
+
if (!settled) {
|
|
174
|
+
process.stderr.write('\x1b[31mApproval timed out — denied by default.\x1b[0m\n');
|
|
175
|
+
settle(false);
|
|
176
|
+
}
|
|
177
|
+
// Always GC the slot after timeout regardless of whether Phase 2 consumed it.
|
|
178
|
+
slots.delete(approvalId);
|
|
179
|
+
}, APPROVAL_TIMEOUT_MS);
|
|
180
|
+
slots.set(approvalId, { promise, url, frozenArgs, frozenToolName });
|
|
181
|
+
return { approvalId, url };
|
|
182
|
+
}
|
|
183
|
+
export async function waitForApproval(approvalId) {
|
|
184
|
+
const slot = slots.get(approvalId);
|
|
185
|
+
if (!slot)
|
|
186
|
+
return { status: 'unknown' };
|
|
187
|
+
// Consume immediately — before the await — so any concurrent Phase 2 call
|
|
188
|
+
// arriving while we wait for the human's click sees an empty slot ('unknown').
|
|
189
|
+
// This is the exactly-once enforcement point.
|
|
190
|
+
slots.delete(approvalId);
|
|
191
|
+
const approved = await slot.promise;
|
|
192
|
+
return approved
|
|
193
|
+
? { status: 'approved', frozenArgs: slot.frozenArgs, frozenToolName: slot.frozenToolName }
|
|
194
|
+
: { status: 'denied' };
|
|
173
195
|
}
|
|
174
196
|
//# sourceMappingURL=approval.js.map
|
package/dist/approval.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"approval.js","sourceRoot":"","sources":["../src/approval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAmC,MAAM,MAAM,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAElC,MAAM,mBAAmB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,8BAA8B;AAMzE,SAAS,cAAc;IACrB,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,SAAS,CAAC;IACnD,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/D,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC,CAAC,oCAAoC,CAAC,CAAC;IAChD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,MAAM,CAAC,GAAG,cAAc,EAAE,CAAC;IAC3B,
|
|
1
|
+
{"version":3,"file":"approval.js","sourceRoot":"","sources":["../src/approval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAmC,MAAM,MAAM,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAElC,MAAM,mBAAmB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,8BAA8B;AAMzE,SAAS,cAAc;IACrB,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,SAAS,CAAC;IACnD,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/D,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC,CAAC,oCAAoC,CAAC,CAAC;IAChD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,MAAM,CAAC,GAAG,cAAc,EAAE,CAAC;IAC3B,4EAA4E;IAC5E,MAAM,GAAG,GACP,CAAC,KAAK,KAAK,CAAK,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC;QACnC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC;YACvC,CAAC,KAAK,KAAK,CAAK,CAAC,CAAC,iBAAiB,GAAG,GAAG,CAAC,CAAC;gBACzB,aAAa,GAAG,0BAA0B,GAAG,GAAG,CAAC;IACrE,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE;QAChB,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACjF,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+EAA+E;AAE/E,SAAS,YAAY;IACnB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,YAAY,EAAE,CAAC;QACzB,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;YAC5B,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YACjE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;gBACX,IAAI,IAAI;oBAAE,OAAO,CAAC,IAAI,CAAC,CAAC;;oBACnB,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+EAA+E;AAE/E,SAAS,YAAY,CAAC,OAAe,EAAE,KAAa;IAClD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAClE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;SAwBA,IAAI;;;2CAG8B,KAAK;;;wCAGR,KAAK;;;;;QAKrC,CAAC;AACT,CAAC;AAED,SAAS,QAAQ,CAAC,QAAiB;IACjC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,GAAG,QAAQ;QACjC,CAAC,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,sDAAsD,CAAC;QAC1E,CAAC,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,mCAAmC,CAAC,CAAC;IAC1D,OAAO;0EACiE,KAAK;sCACzC,IAAI;4BACd,GAAG;;eAEhB,CAAC;AAChB,CAAC;AAqBD,+DAA+D;AAC/D,MAAM,KAAK,GAAG,IAAI,GAAG,EAAwB,CAAC;AAE9C,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,UAAoB,EACpB,cAAsB;IAEtB,MAAM,KAAK,GAAQ,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACnD,MAAM,IAAI,GAAS,MAAM,YAAY,EAAE,CAAC;IACxC,MAAM,GAAG,GAAU,oBAAoB,IAAI,IAAI,KAAK,EAAE,CAAC;IAEvD,IAAI,eAA6C,CAAC;IAClD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAU,CAAC,GAAG,EAAE,EAAE,GAAG,eAAe,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAE1E,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,MAAM,MAAM,GAAG,CAAC,QAAiB,EAAE,GAAoB,EAAE,EAAE;QACzD,IAAI,OAAO;YAAE,OAAO;QACpB,OAAO,GAAG,IAAI,CAAC;QACf,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;YACnE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC9B,CAAC;QACD,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,QAAQ;YACN,CAAC,CAAC,qEAAqE;YACvE,CAAC,CAAC,0DAA0D,CAC/D,CAAC;QACF,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;QAC5E,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,IAAI,KAAK,EAAE,EAAE,CAAC;YACpD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;YACnE,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,YAAY,KAAK,EAAE,EAAE,CAAC;YAC7D,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAClB,OAAO;QACT,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,KAAK,EAAE,EAAE,CAAC;YAC1D,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YACnB,OAAO;QACT,CAAC;QACD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;IAEH,sEAAsE;IACtE,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;QAC9C,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,6EAA6E;QAC7E,UAAU,OAAO,aAAa;QAC9B,4BAA4B,GAAG,WAAW;QAC1C,gBAAgB,IAAI,sBAAsB,CAC3C,CAAC;IAEF,WAAW,CAAC,GAAG,CAAC,CAAC;IAEjB,0EAA0E;IAC1E,mEAAmE;IACnE,UAAU,CAAC,GAAG,EAAE;QACd,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,CAAC,CAAC;YACjF,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC;QACD,8EAA8E;QAC9E,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC3B,CAAC,EAAE,mBAAmB,CAAC,CAAC;IAExB,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC,CAAC;IACpE,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;AAC7B,CAAC;AAqBD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,UAAkB;IACtD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAExC,0EAA0E;IAC1E,+EAA+E;IAC/E,8CAA8C;IAC9C,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;IACpC,OAAO,QAAQ;QACb,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE;QAC1F,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;AAC3B,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -5,7 +5,7 @@ import { CallToolRequestSchema, ListToolsRequestSchema, } from '@modelcontextpro
|
|
|
5
5
|
import { executeCommand } from './executor.js';
|
|
6
6
|
import { getOperationTier, validateArgs } from './security.js';
|
|
7
7
|
import { buildToolDefinitions, buildGhArgs, buildCommandPreview } from './schema.js';
|
|
8
|
-
import {
|
|
8
|
+
import { startApproval, waitForApproval } from './approval.js';
|
|
9
9
|
const MAX_JSON_ITEMS = 30;
|
|
10
10
|
const MAX_SERIALISED_CHARS = 200_000;
|
|
11
11
|
/**
|
|
@@ -66,7 +66,7 @@ function errorEnvelope(message) {
|
|
|
66
66
|
// Tool registry populated synchronously at startup — no subprocess overhead.
|
|
67
67
|
const tools = buildToolDefinitions();
|
|
68
68
|
const toolRegistry = new Map(tools.map((t) => [t.name, t]));
|
|
69
|
-
const server = new Server({ name: 'zero-config-cli-bridge', version: '2.
|
|
69
|
+
const server = new Server({ name: 'zero-config-cli-bridge', version: '2.2.0' }, { capabilities: { tools: {} } });
|
|
70
70
|
server.setRequestHandler(ListToolsRequestSchema, async () => ({
|
|
71
71
|
tools: Array.from(toolRegistry.values()).map(({ name, description, inputSchema }) => ({
|
|
72
72
|
name,
|
|
@@ -80,10 +80,14 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
|
80
80
|
const tool = toolRegistry.get(toolName);
|
|
81
81
|
if (!tool)
|
|
82
82
|
return errorEnvelope(`Unknown tool "${toolName}".`);
|
|
83
|
+
// Extract _approvalId before validation/execution — it is a meta-arg, not a gh flag.
|
|
84
|
+
const approvalId = typeof args['_approvalId'] === 'string' ? args['_approvalId'] : null;
|
|
85
|
+
const ghArgs = { ...args };
|
|
86
|
+
delete ghArgs['_approvalId'];
|
|
83
87
|
// Security: verify subcommand is in allow-list and get its tier
|
|
84
88
|
let tier;
|
|
85
89
|
try {
|
|
86
|
-
validateArgs(
|
|
90
|
+
validateArgs(ghArgs);
|
|
87
91
|
tier = getOperationTier(tool.subcommand.join(' '));
|
|
88
92
|
}
|
|
89
93
|
catch (err) {
|
|
@@ -93,19 +97,84 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
|
93
97
|
if (tier === 3) {
|
|
94
98
|
return errorEnvelope('Irreversible operations are not permitted.');
|
|
95
99
|
}
|
|
96
|
-
// Tier 2:
|
|
100
|
+
// Tier 2: two-phase human approval
|
|
101
|
+
//
|
|
102
|
+
// TOCTOU prevention: gh args are built and frozen in Phase 1, stored server-side.
|
|
103
|
+
// Phase 2 retrieves the frozen args — the agent cannot substitute different
|
|
104
|
+
// arguments after approval is granted.
|
|
97
105
|
if (tier === 2) {
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
106
|
+
if (!approvalId) {
|
|
107
|
+
// ── Phase 1: build args, freeze them, start approval server ─────────
|
|
108
|
+
// The MCP call returns right away — no blocking.
|
|
109
|
+
const frozenArgs = buildGhArgs(tool, ghArgs);
|
|
110
|
+
const preview = buildCommandPreview(tool, ghArgs);
|
|
111
|
+
let approvalData;
|
|
112
|
+
try {
|
|
113
|
+
approvalData = await startApproval(preview, frozenArgs, tool.name);
|
|
114
|
+
}
|
|
115
|
+
catch (err) {
|
|
116
|
+
return errorEnvelope(`Failed to start approval server: ${err instanceof Error ? err.message : String(err)}`);
|
|
117
|
+
}
|
|
118
|
+
return envelopeResponse({
|
|
119
|
+
data: {
|
|
120
|
+
approvalId: approvalData.approvalId,
|
|
121
|
+
approvalUrl: approvalData.url,
|
|
122
|
+
},
|
|
123
|
+
meta: {
|
|
124
|
+
truncated: false,
|
|
125
|
+
pending: true,
|
|
126
|
+
note: `⚠️ Write operation requires human approval.\n` +
|
|
127
|
+
`Please ask the user to visit: ${approvalData.url}\n` +
|
|
128
|
+
`After they approve, call this tool again with ONLY _approvalId="${approvalData.approvalId}". ` +
|
|
129
|
+
`All other arguments are ignored in Phase 2 — the server executes exactly ` +
|
|
130
|
+
`what the human approved.`,
|
|
131
|
+
},
|
|
132
|
+
}, false);
|
|
133
|
+
}
|
|
134
|
+
// ── Phase 2: await the human's click, execute frozen args if approved ─
|
|
135
|
+
// Any args the agent sent beyond _approvalId are discarded here.
|
|
136
|
+
let approvalResult;
|
|
137
|
+
try {
|
|
138
|
+
approvalResult = await waitForApproval(approvalId);
|
|
139
|
+
}
|
|
140
|
+
catch (err) {
|
|
141
|
+
return errorEnvelope(`Approval check failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
142
|
+
}
|
|
143
|
+
if (approvalResult.status === 'unknown') {
|
|
144
|
+
return errorEnvelope('Approval ID not found or already consumed. ' +
|
|
145
|
+
'Call this tool without _approvalId to request a new approval URL.');
|
|
146
|
+
}
|
|
147
|
+
if (approvalResult.status === 'denied') {
|
|
101
148
|
return errorEnvelope('Operation denied by human operator.');
|
|
102
149
|
}
|
|
150
|
+
// TypeScript discriminated union: only 'approved' branch reaches here.
|
|
151
|
+
if (approvalResult.status !== 'approved') {
|
|
152
|
+
return errorEnvelope('Unexpected approval state.');
|
|
153
|
+
}
|
|
154
|
+
// Validate that this approvalId was issued for the same tool being called.
|
|
155
|
+
// Prevents using a comment approvalId on pr_create, etc.
|
|
156
|
+
if (approvalResult.frozenToolName !== tool.name) {
|
|
157
|
+
return errorEnvelope(`Approval mismatch: this approvalId was issued for "${approvalResult.frozenToolName}", ` +
|
|
158
|
+
`not "${tool.name}". Call this tool without _approvalId to request a new approval.`);
|
|
159
|
+
}
|
|
160
|
+
// Approved — execute using the args frozen at Phase 1, never Phase 2 args.
|
|
161
|
+
let result;
|
|
162
|
+
try {
|
|
163
|
+
result = await executeCommand('gh', approvalResult.frozenArgs);
|
|
164
|
+
}
|
|
165
|
+
catch (err) {
|
|
166
|
+
return errorEnvelope(`Execution error: ${err instanceof Error ? err.message : String(err)}`);
|
|
167
|
+
}
|
|
168
|
+
if (result.exitCode !== 0) {
|
|
169
|
+
return envelopeResponse(stderrToEnvelope(result.stderr, result.stdout), true);
|
|
170
|
+
}
|
|
171
|
+
return envelopeResponse(stdoutToEnvelope(result.stdout), false);
|
|
103
172
|
}
|
|
104
|
-
//
|
|
105
|
-
const
|
|
173
|
+
// Tier 0: execute immediately — direct spawn, no shell
|
|
174
|
+
const finalArgs = buildGhArgs(tool, ghArgs);
|
|
106
175
|
let result;
|
|
107
176
|
try {
|
|
108
|
-
result = await executeCommand('gh',
|
|
177
|
+
result = await executeCommand('gh', finalArgs);
|
|
109
178
|
}
|
|
110
179
|
catch (err) {
|
|
111
180
|
return errorEnvelope(`Execution error: ${err instanceof Error ? err.message : String(err)}`);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,mBAAmB,EAAkB,MAAM,aAAa,CAAC;AACrG,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,mBAAmB,EAAkB,MAAM,aAAa,CAAC;AACrG,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAE/D,MAAM,cAAc,GAAG,EAAE,CAAC;AAC1B,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAarC;;;GAGG;AACH,SAAS,gBAAgB,CAAC,MAAc;IACtC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE;SACzF,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,GAAG,cAAc,CAAC;QACjD,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAClE,OAAO;YACL,IAAI;YACJ,IAAI,EAAE;gBACJ,SAAS;gBACT,aAAa,EAAE,IAAI,CAAC,MAAM;gBAC1B,GAAG,CAAC,SAAS;oBACX,CAAC,CAAC,EAAE,IAAI,EAAE,iBAAiB,cAAc,mDAAmD,EAAE;oBAC9F,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC;IACJ,CAAC;IAED,8DAA8D;IAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC1C,IAAI,UAAU,CAAC,MAAM,GAAG,oBAAoB,EAAE,CAAC;QAC7C,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,uBAAuB,UAAU,CAAC,MAAM,UAAU,EAAE;SACrF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,CAAC;AACtD,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;IACtD,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,MAAM,IAAI,+BAA+B,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3E,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC;AAC3D,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAsB,EAAE,OAAgB;IAChE,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO;KACR,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACpC,OAAO,gBAAgB,CACrB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAC1D,IAAI,CACL,CAAC;AACJ,CAAC;AAED,6EAA6E;AAC7E,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAC;AACrC,MAAM,YAAY,GAAG,IAAI,GAAG,CAAyB,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAEpF,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,OAAO,EAAE,EACpD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;AAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;QACpF,IAAI;QACJ,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;IAExD,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,CAAC,IAAI;QAAE,OAAO,aAAa,CAAC,iBAAiB,QAAQ,IAAI,CAAC,CAAC;IAE/D,qFAAqF;IACrF,MAAM,UAAU,GAAG,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxF,MAAM,MAAM,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;IAC3B,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC;IAE7B,gEAAgE;IAChE,IAAI,IAAe,CAAC;IACpB,IAAI,CAAC;QACH,YAAY,CAAC,MAAM,CAAC,CAAC;QACrB,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,aAAa,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,uEAAuE;IACvE,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QACf,OAAO,aAAa,CAAC,4CAA4C,CAAC,CAAC;IACrE,CAAC;IAED,mCAAmC;IACnC,EAAE;IACF,kFAAkF;IAClF,4EAA4E;IAC5E,uCAAuC;IACvC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QACf,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,uEAAuE;YACvE,iDAAiD;YACjD,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC7C,MAAM,OAAO,GAAM,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACrD,IAAI,YAAiD,CAAC;YACtD,IAAI,CAAC;gBACH,YAAY,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YACrE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,aAAa,CAClB,oCAAoC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACvF,CAAC;YACJ,CAAC;YACD,OAAO,gBAAgB,CACrB;gBACE,IAAI,EAAE;oBACJ,UAAU,EAAE,YAAY,CAAC,UAAU;oBACnC,WAAW,EAAE,YAAY,CAAC,GAAG;iBAC9B;gBACD,IAAI,EAAE;oBACJ,SAAS,EAAE,KAAK;oBAChB,OAAO,EAAE,IAAI;oBACb,IAAI,EACF,+CAA+C;wBAC/C,iCAAiC,YAAY,CAAC,GAAG,IAAI;wBACrD,mEAAmE,YAAY,CAAC,UAAU,KAAK;wBAC/F,2EAA2E;wBAC3E,0BAA0B;iBAC7B;aACF,EACD,KAAK,CACN,CAAC;QACJ,CAAC;QAED,yEAAyE;QACzE,iEAAiE;QACjE,IAAI,cAA2D,CAAC;QAChE,IAAI,CAAC;YACH,cAAc,GAAG,MAAM,eAAe,CAAC,UAAU,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,aAAa,CAClB,0BAA0B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAC7E,CAAC;QACJ,CAAC;QAED,IAAI,cAAc,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YACxC,OAAO,aAAa,CAClB,6CAA6C;gBAC7C,mEAAmE,CACpE,CAAC;QACJ,CAAC;QACD,IAAI,cAAc,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YACvC,OAAO,aAAa,CAAC,qCAAqC,CAAC,CAAC;QAC9D,CAAC;QACD,uEAAuE;QACvE,IAAI,cAAc,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACzC,OAAO,aAAa,CAAC,4BAA4B,CAAC,CAAC;QACrD,CAAC;QAED,2EAA2E;QAC3E,yDAAyD;QACzD,IAAI,cAAc,CAAC,cAAc,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC;YAChD,OAAO,aAAa,CAClB,sDAAsD,cAAc,CAAC,cAAc,KAAK;gBACxF,QAAQ,IAAI,CAAC,IAAI,kEAAkE,CACpF,CAAC;QACJ,CAAC;QAED,2EAA2E;QAC3E,IAAI,MAAM,CAAC;QACX,IAAI,CAAC;YACH,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,aAAa,CAAC,oBAAoB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC/F,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,gBAAgB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;QAChF,CAAC;QACD,OAAO,gBAAgB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;IAClE,CAAC;IAED,uDAAuD;IACvD,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC5C,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,aAAa,CAAC,oBAAoB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC/F,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,gBAAgB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IAChF,CAAC;IAED,OAAO,gBAAgB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;AAClE,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/schema.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;IACF,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,IAAI,EAAE,aAAa,CAAC;IACpB,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAwBD,wBAAgB,oBAAoB,IAAI,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;IACF,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,IAAI,EAAE,aAAa,CAAC;IACpB,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAwBD,wBAAgB,oBAAoB,IAAI,cAAc,EAAE,CAwHvD;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,EAAE,CAkDzF;AAED,wEAAwE;AACxE,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAE/F"}
|
package/dist/schema.js
CHANGED
|
@@ -57,11 +57,18 @@ export function buildToolDefinitions() {
|
|
|
57
57
|
},
|
|
58
58
|
},
|
|
59
59
|
},
|
|
60
|
-
// ── Tier 2: Write (requires human
|
|
60
|
+
// ── Tier 2: Write (requires two-phase human approval) ───────────────────
|
|
61
|
+
//
|
|
62
|
+
// Phase 1 (no _approvalId): returns { approvalId, approvalUrl } immediately.
|
|
63
|
+
// → Show approvalUrl to the user and ask them to click it.
|
|
64
|
+
// Phase 2 (with _approvalId): awaits the click, then executes if approved.
|
|
65
|
+
// → Call this tool again with the same args plus _approvalId.
|
|
61
66
|
{
|
|
62
67
|
name: 'gh_issue_create',
|
|
63
68
|
description: 'Create a GitHub issue. ' +
|
|
64
|
-
'⚠️ WRITE OPERATION —
|
|
69
|
+
'⚠️ WRITE OPERATION — requires two-phase human approval. ' +
|
|
70
|
+
'First call (no _approvalId) returns an approvalUrl to show the user. ' +
|
|
71
|
+
'Second call (with _approvalId) executes after the user approves. ' +
|
|
65
72
|
'Uses local `gh` authentication. Requires title.',
|
|
66
73
|
subcommand: ['issue', 'create'],
|
|
67
74
|
tier: 2,
|
|
@@ -74,6 +81,7 @@ export function buildToolDefinitions() {
|
|
|
74
81
|
repo: { type: 'string', description: 'OWNER/REPO. Omit to use current directory.' },
|
|
75
82
|
label: { type: 'string', description: 'Label name to apply.' },
|
|
76
83
|
assignee: { type: 'string', description: 'Assignee login.' },
|
|
84
|
+
_approvalId: { type: 'string', description: 'Approval token from Phase 1 response. Omit on first call.' },
|
|
77
85
|
},
|
|
78
86
|
required: ['title'],
|
|
79
87
|
},
|
|
@@ -81,7 +89,9 @@ export function buildToolDefinitions() {
|
|
|
81
89
|
{
|
|
82
90
|
name: 'gh_pr_create',
|
|
83
91
|
description: 'Create a GitHub pull request. ' +
|
|
84
|
-
'⚠️ WRITE OPERATION —
|
|
92
|
+
'⚠️ WRITE OPERATION — requires two-phase human approval. ' +
|
|
93
|
+
'First call (no _approvalId) returns an approvalUrl to show the user. ' +
|
|
94
|
+
'Second call (with _approvalId) executes after the user approves. ' +
|
|
85
95
|
'Uses local `gh` authentication. Requires title.',
|
|
86
96
|
subcommand: ['pr', 'create'],
|
|
87
97
|
tier: 2,
|
|
@@ -95,6 +105,7 @@ export function buildToolDefinitions() {
|
|
|
95
105
|
head: { type: 'string', description: 'Head branch (default: current branch).' },
|
|
96
106
|
repo: { type: 'string', description: 'OWNER/REPO. Omit to use current directory.' },
|
|
97
107
|
draft: { type: 'boolean', description: 'Open as draft PR.' },
|
|
108
|
+
_approvalId: { type: 'string', description: 'Approval token from Phase 1 response. Omit on first call.' },
|
|
98
109
|
},
|
|
99
110
|
required: ['title'],
|
|
100
111
|
},
|
|
@@ -102,7 +113,9 @@ export function buildToolDefinitions() {
|
|
|
102
113
|
{
|
|
103
114
|
name: 'gh_issue_comment',
|
|
104
115
|
description: 'Add a comment to a GitHub issue. ' +
|
|
105
|
-
'⚠️ WRITE OPERATION —
|
|
116
|
+
'⚠️ WRITE OPERATION — requires two-phase human approval. ' +
|
|
117
|
+
'First call (no _approvalId) returns an approvalUrl to show the user. ' +
|
|
118
|
+
'Second call (with _approvalId) executes after the user approves. ' +
|
|
106
119
|
'Uses local `gh` authentication. Requires issue number and body.',
|
|
107
120
|
subcommand: ['issue', 'comment'],
|
|
108
121
|
tier: 2,
|
|
@@ -113,6 +126,7 @@ export function buildToolDefinitions() {
|
|
|
113
126
|
issue: { type: 'number', description: 'Issue number (required).' },
|
|
114
127
|
body: { type: 'string', description: 'Comment text (required).' },
|
|
115
128
|
repo: { type: 'string', description: 'OWNER/REPO. Omit to use current directory.' },
|
|
129
|
+
_approvalId: { type: 'string', description: 'Approval token from Phase 1 response. Omit on first call.' },
|
|
116
130
|
},
|
|
117
131
|
required: ['issue', 'body'],
|
|
118
132
|
},
|
package/dist/schema.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAgBA,0EAA0E;AAC1E,yEAAyE;AACzE,MAAM,WAAW,GAA6B;IAC5C,YAAY,EAAE;QACZ,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,UAAU,EAAE,WAAW;KACxB;IACD,SAAS,EAAE;QACT,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,gBAAgB;KACtE;CACF,CAAC;AAEF,+EAA+E;AAC/E,MAAM,qBAAqB,GAA6B;IACtD,cAAc,EAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC;IACpD,WAAW,EAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,aAAa,CAAC;IAClF,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;CACjC,CAAC;AAEF,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,2EAA2E;QAC3E;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,yCAAyC;gBACzC,oDAAoD;YACtD,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;YAC7B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,WAAW,CAAC,YAAY,CAAC;YACrC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;oBACjF,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;oBAClE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,gDAAgD;gBAChD,oDAAoD;YACtD,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;YAC1B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,WAAW,CAAC,SAAS,CAAC;YAClC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;oBACpF,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;oBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QAED,
|
|
1
|
+
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAgBA,0EAA0E;AAC1E,yEAAyE;AACzE,MAAM,WAAW,GAA6B;IAC5C,YAAY,EAAE;QACZ,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,UAAU,EAAE,WAAW;KACxB;IACD,SAAS,EAAE;QACT,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,gBAAgB;KACtE;CACF,CAAC;AAEF,+EAA+E;AAC/E,MAAM,qBAAqB,GAA6B;IACtD,cAAc,EAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC;IACpD,WAAW,EAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,aAAa,CAAC;IAClF,eAAe,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;CACjC,CAAC;AAEF,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,2EAA2E;QAC3E;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,yCAAyC;gBACzC,oDAAoD;YACtD,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;YAC7B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,WAAW,CAAC,YAAY,CAAC;YACrC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;oBACjF,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;oBAClE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,gDAAgD;gBAChD,oDAAoD;YACtD,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;YAC1B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,WAAW,CAAC,SAAS,CAAC;YAClC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;oBACpF,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;oBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QAED,2EAA2E;QAC3E,EAAE;QACF,6EAA6E;QAC7E,6DAA6D;QAC7D,2EAA2E;QAC3E,gEAAgE;QAChE;YACE,IAAI,EAAE,iBAAiB;YACvB,WAAW,EACT,yBAAyB;gBACzB,2DAA2D;gBAC3D,uEAAuE;gBACvE,mEAAmE;gBACnE,iDAAiD;YACnD,UAAU,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;YAC/B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,qBAAqB,CAAC,cAAc,CAAC;YACjD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,KAAK,EAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yBAAyB,EAAE;oBACvE,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;oBAChE,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4CAA4C,EAAE;oBAC1F,KAAK,EAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE;oBACpE,QAAQ,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;oBAC/D,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE;iBAC1G;gBACD,QAAQ,EAAE,CAAC,OAAO,CAAC;aACpB;SACF;QACD;YACE,IAAI,EAAE,cAAc;YACpB,WAAW,EACT,gCAAgC;gBAChC,2DAA2D;gBAC3D,uEAAuE;gBACvE,mEAAmE;gBACnE,iDAAiD;YACnD,UAAU,EAAE,CAAC,IAAI,EAAE,QAAQ,CAAC;YAC5B,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,qBAAqB,CAAC,WAAW,CAAC;YAC9C,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,KAAK,EAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE;oBACpE,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;oBAC7D,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE;oBAC3F,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wCAAwC,EAAE;oBACtF,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4CAA4C,EAAE;oBAC1F,KAAK,EAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,mBAAmB,EAAE;oBAClE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE;iBAC1G;gBACD,QAAQ,EAAE,CAAC,OAAO,CAAC;aACpB;SACF;QACD;YACE,IAAI,EAAE,kBAAkB;YACxB,WAAW,EACT,mCAAmC;gBACnC,2DAA2D;gBAC3D,uEAAuE;gBACvE,mEAAmE;gBACnE,iEAAiE;YACnE,UAAU,EAAE,CAAC,OAAO,EAAE,SAAS,CAAC;YAChC,IAAI,EAAE,CAAC;YACP,UAAU,EAAE,qBAAqB,CAAC,eAAe,CAAC;YAClD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,KAAK,EAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0BAA0B,EAAE;oBACxE,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0BAA0B,EAAE;oBACxE,IAAI,EAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4CAA4C,EAAE;oBAC1F,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE;iBAC1G;gBACD,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;aAC5B;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAoB,EAAE,IAA6B;IAC7E,MAAM,KAAK,GAAa,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAE7C,yDAAyD;IACzD,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClD,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,KAAK,eAAe;YAClB,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAM,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,UAAU,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3E,MAAM;QAER,KAAK,YAAY;YACf,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAM,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAM,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,IAAI,CAAC,UAAU,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3E,MAAM;QAER,KAAK,iBAAiB;YACpB,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/C,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAM,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAM,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAK,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YACrE,IAAI,IAAI,CAAC,UAAU,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3E,MAAM;QAER,KAAK,cAAc;YACjB,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/C,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAG,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAG,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAG,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAG,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACzC,MAAM;QAER,KAAK,kBAAkB;YACrB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAC7C,IAAI,IAAI,CAAC,MAAM,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/D,MAAM;IACV,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,mBAAmB,CAAC,IAAoB,EAAE,IAA6B;IACrF,OAAO,KAAK,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnD,CAAC"}
|
package/dist/security.d.ts
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
*
|
|
10
10
|
* Tiers:
|
|
11
11
|
* 0 READ — executes immediately, no approval
|
|
12
|
-
* 2 WRITE —
|
|
12
|
+
* 2 WRITE — two-phase: returns URL, then executes after human approves
|
|
13
13
|
* 3 IRREVERSIBLE — never executes; not exposed as tools
|
|
14
14
|
*/
|
|
15
15
|
export type OperationTier = 0 | 2 | 3;
|
package/dist/security.js
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
*
|
|
10
10
|
* Tiers:
|
|
11
11
|
* 0 READ — executes immediately, no approval
|
|
12
|
-
* 2 WRITE —
|
|
12
|
+
* 2 WRITE — two-phase: returns URL, then executes after human approves
|
|
13
13
|
* 3 IRREVERSIBLE — never executes; not exposed as tools
|
|
14
14
|
*/
|
|
15
15
|
const SUBCOMMAND_TIERS = new Map([
|