opencode-a2a 0.5.0__tar.gz → 0.6.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.github/workflows/ci.yml +13 -10
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.github/workflows/dependency-health.yml +3 -5
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.github/workflows/publish.yml +10 -7
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.gitignore +1 -0
- opencode_a2a-0.6.0/CODE_OF_CONDUCT.md +29 -0
- {opencode_a2a-0.5.0/src/opencode_a2a.egg-info → opencode_a2a-0.6.0}/PKG-INFO +23 -6
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/README.md +21 -5
- opencode_a2a-0.6.0/SUPPORT.md +26 -0
- opencode_a2a-0.6.0/docs/extension-specifications.md +122 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/docs/guide.md +387 -30
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/pyproject.toml +1 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/README.md +1 -1
- opencode_a2a-0.6.0/scripts/dependency_health.sh +19 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/cli.py +8 -17
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/agent_card.py +2 -1
- opencode_a2a-0.6.0/src/opencode_a2a/client/auth.py +38 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/client.py +94 -8
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/config.py +95 -0
- opencode_a2a-0.6.0/src/opencode_a2a/client/polling.py +68 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/request_context.py +18 -7
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/config.py +11 -9
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/contracts/extensions.py +549 -47
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/executor.py +93 -24
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/request_context.py +8 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/session_manager.py +12 -2
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/stream_runtime.py +6 -1
- opencode_a2a-0.6.0/src/opencode_a2a/invocation.py +30 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/application.py +238 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/dispatch.py +211 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/jsonrpc/error_responses.py +23 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/__init__.py +1 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/common.py +351 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/interrupt_callbacks.py +223 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/interrupt_queries.py +64 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/provider_discovery.py +154 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/session_control.py +272 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/session_lifecycle.py +572 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/session_queries.py +176 -0
- opencode_a2a-0.6.0/src/opencode_a2a/jsonrpc/handlers/workspace_control.py +239 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/jsonrpc/methods.py +141 -5
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/jsonrpc/params.py +132 -2
- opencode_a2a-0.6.0/src/opencode_a2a/opencode_upstream_client.py +893 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/parts/mapping.py +1 -9
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/profile/runtime.py +22 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/runtime_state.py +2 -0
- opencode_a2a-0.6.0/src/opencode_a2a/server/agent_card.py +568 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/server/application.py +291 -39
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/server/openapi.py +254 -4
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/server/request_parsing.py +11 -3
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/server/state_store.py +100 -13
- opencode_a2a-0.6.0/src/opencode_a2a/server/task_store.py +210 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0/src/opencode_a2a.egg-info}/PKG-INFO +23 -6
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a.egg-info/SOURCES.txt +21 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a.egg-info/requires.txt +1 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/test_agent_card.py +14 -0
- opencode_a2a-0.6.0/tests/client/test_client_config.py +81 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/test_client_facade.py +181 -1
- opencode_a2a-0.6.0/tests/client/test_polling.py +33 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/test_request_context.py +25 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/config/test_settings.py +6 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/contracts/test_extension_contract_consistency.py +80 -3
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_agent_errors.py +98 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_metrics.py +2 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_opencode_agent_session_binding.py +147 -2
- opencode_a2a-0.6.0/tests/execution/test_session_lock_lifecycle.py +33 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_streaming_output_contract_interrupts.py +13 -0
- opencode_a2a-0.6.0/tests/jsonrpc/test_dispatch_registry.py +126 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_error_responses.py +23 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_jsonrpc_params.py +55 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_opencode_session_extension_commands.py +34 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_opencode_session_extension_interrupts.py +81 -6
- opencode_a2a-0.6.0/tests/jsonrpc/test_opencode_session_extension_lifecycle.py +373 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_opencode_session_extension_prompt_async.py +83 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_opencode_session_extension_queries.py +388 -1
- opencode_a2a-0.6.0/tests/jsonrpc/test_opencode_workspace_control_extension.py +199 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/profile/test_profile_runtime.py +6 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_a2a_client_manager.py +7 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_agent_card.py +320 -16
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_app_behaviors.py +149 -4
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_cli.py +10 -18
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_database_app_persistence.py +42 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_state_store.py +48 -16
- opencode_a2a-0.6.0/tests/server/test_task_store_factory.py +294 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_transport_contract.py +98 -6
- opencode_a2a-0.6.0/tests/support/helpers.py +832 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/support/streaming_output.py +12 -1
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/upstream/test_opencode_upstream_client_params.py +327 -3
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/uv.lock +5 -3
- opencode_a2a-0.5.0/scripts/dependency_health.sh +0 -13
- opencode_a2a-0.5.0/src/opencode_a2a/jsonrpc/application.py +0 -925
- opencode_a2a-0.5.0/src/opencode_a2a/opencode_upstream_client.py +0 -497
- opencode_a2a-0.5.0/src/opencode_a2a/server/agent_card.py +0 -288
- opencode_a2a-0.5.0/src/opencode_a2a/server/task_store.py +0 -116
- opencode_a2a-0.5.0/tests/client/test_client_config.py +0 -44
- opencode_a2a-0.5.0/tests/server/test_task_store_factory.py +0 -78
- opencode_a2a-0.5.0/tests/support/helpers.py +0 -397
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.pre-commit-config.yaml +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/.secrets.baseline +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/AGENTS.md +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/CONTRIBUTING.md +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/LICENSE +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/SECURITY.md +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/check_coverage.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/doctor.sh +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/health_common.sh +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/lint.sh +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/scripts/smoke_test_built_cli.sh +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/setup.cfg +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/error_mapping.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/errors.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/client/payload_text.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/contracts/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/event_helpers.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/stream_events.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/stream_state.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/tool_error_mapping.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/execution/upstream_error_translator.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/jsonrpc/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/parts/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/parts/text.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/profile/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/sandbox_policy.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/server/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a/upstream_taxonomy.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a.egg-info/dependency_links.txt +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a.egg-info/entry_points.txt +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/src/opencode_a2a.egg-info/top_level.txt +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/test_error_mapping.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/client/test_payload_text.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/config/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/conftest.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/contracts/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_agent_helpers.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_cancellation.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_directory_validation.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_multipart_input.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_session_ownership.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_streaming_output_contract_blocks.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_streaming_output_contract_core.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/execution/test_streaming_output_contract_logging.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_jsonrpc_methods.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/jsonrpc/test_jsonrpc_unsupported_method.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/package/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/package/test_version.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/parts/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/parts/test_parts_text.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/profile/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/scripts/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/scripts/test_script_health_contract.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_call_context_builder.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/server/test_cancel_contract.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/support/__init__.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/support/session_extensions.py +0 -0
- {opencode_a2a-0.5.0 → opencode_a2a-0.6.0}/tests/upstream/__init__.py +0 -0
|
@@ -8,8 +8,6 @@ on:
|
|
|
8
8
|
|
|
9
9
|
permissions:
|
|
10
10
|
contents: read
|
|
11
|
-
env:
|
|
12
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
|
|
13
11
|
|
|
14
12
|
jobs:
|
|
15
13
|
quality-gate:
|
|
@@ -17,15 +15,15 @@ jobs:
|
|
|
17
15
|
|
|
18
16
|
steps:
|
|
19
17
|
- name: Checkout
|
|
20
|
-
uses: actions/checkout@
|
|
18
|
+
uses: actions/checkout@v6
|
|
21
19
|
|
|
22
20
|
- name: Setup Python
|
|
23
|
-
uses: actions/setup-python@
|
|
21
|
+
uses: actions/setup-python@v6
|
|
24
22
|
with:
|
|
25
23
|
python-version: "3.13"
|
|
26
24
|
|
|
27
25
|
- name: Setup uv
|
|
28
|
-
uses: astral-sh/setup-uv@
|
|
26
|
+
uses: astral-sh/setup-uv@v7
|
|
29
27
|
with:
|
|
30
28
|
enable-cache: false
|
|
31
29
|
|
|
@@ -41,8 +39,13 @@ jobs:
|
|
|
41
39
|
- name: Enforce coverage policy
|
|
42
40
|
run: uv run python ./scripts/check_coverage.py
|
|
43
41
|
|
|
44
|
-
- name:
|
|
45
|
-
run:
|
|
42
|
+
- name: Export runtime requirements for vulnerability audit
|
|
43
|
+
run: >
|
|
44
|
+
uv export --format requirements.txt --no-dev --locked --no-emit-project
|
|
45
|
+
--output-file /tmp/runtime-requirements.txt >/dev/null
|
|
46
|
+
|
|
47
|
+
- name: Run runtime dependency vulnerability audit
|
|
48
|
+
run: uv run pip-audit --requirement /tmp/runtime-requirements.txt
|
|
46
49
|
|
|
47
50
|
- name: Clean previous build artifacts
|
|
48
51
|
run: rm -rf build dist
|
|
@@ -65,15 +68,15 @@ jobs:
|
|
|
65
68
|
|
|
66
69
|
steps:
|
|
67
70
|
- name: Checkout
|
|
68
|
-
uses: actions/checkout@
|
|
71
|
+
uses: actions/checkout@v6
|
|
69
72
|
|
|
70
73
|
- name: Setup Python
|
|
71
|
-
uses: actions/setup-python@
|
|
74
|
+
uses: actions/setup-python@v6
|
|
72
75
|
with:
|
|
73
76
|
python-version: ${{ matrix.python-version }}
|
|
74
77
|
|
|
75
78
|
- name: Setup uv
|
|
76
|
-
uses: astral-sh/setup-uv@
|
|
79
|
+
uses: astral-sh/setup-uv@v7
|
|
77
80
|
with:
|
|
78
81
|
enable-cache: false
|
|
79
82
|
|
|
@@ -8,8 +8,6 @@ on:
|
|
|
8
8
|
|
|
9
9
|
permissions:
|
|
10
10
|
contents: read
|
|
11
|
-
env:
|
|
12
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
|
|
13
11
|
|
|
14
12
|
jobs:
|
|
15
13
|
dependency-health:
|
|
@@ -17,15 +15,15 @@ jobs:
|
|
|
17
15
|
|
|
18
16
|
steps:
|
|
19
17
|
- name: Checkout
|
|
20
|
-
uses: actions/checkout@
|
|
18
|
+
uses: actions/checkout@v6
|
|
21
19
|
|
|
22
20
|
- name: Setup Python
|
|
23
|
-
uses: actions/setup-python@
|
|
21
|
+
uses: actions/setup-python@v6
|
|
24
22
|
with:
|
|
25
23
|
python-version: "3.13"
|
|
26
24
|
|
|
27
25
|
- name: Setup uv
|
|
28
|
-
uses: astral-sh/setup-uv@
|
|
26
|
+
uses: astral-sh/setup-uv@v7
|
|
29
27
|
with:
|
|
30
28
|
enable-cache: false
|
|
31
29
|
|
|
@@ -9,8 +9,6 @@ on:
|
|
|
9
9
|
permissions:
|
|
10
10
|
contents: write
|
|
11
11
|
id-token: write
|
|
12
|
-
env:
|
|
13
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
|
|
14
12
|
|
|
15
13
|
jobs:
|
|
16
14
|
publish:
|
|
@@ -18,25 +16,30 @@ jobs:
|
|
|
18
16
|
|
|
19
17
|
steps:
|
|
20
18
|
- name: Checkout
|
|
21
|
-
uses: actions/checkout@
|
|
19
|
+
uses: actions/checkout@v6
|
|
22
20
|
with:
|
|
23
21
|
fetch-depth: 0
|
|
24
22
|
|
|
25
23
|
- name: Setup Python
|
|
26
|
-
uses: actions/setup-python@
|
|
24
|
+
uses: actions/setup-python@v6
|
|
27
25
|
with:
|
|
28
26
|
python-version: "3.13"
|
|
29
27
|
|
|
30
28
|
- name: Setup uv
|
|
31
|
-
uses: astral-sh/setup-uv@
|
|
29
|
+
uses: astral-sh/setup-uv@v7
|
|
32
30
|
with:
|
|
33
31
|
enable-cache: false
|
|
34
32
|
|
|
35
33
|
- name: Run regression baseline
|
|
36
34
|
run: bash ./scripts/doctor.sh
|
|
37
35
|
|
|
38
|
-
- name:
|
|
39
|
-
run:
|
|
36
|
+
- name: Export runtime requirements for vulnerability audit
|
|
37
|
+
run: >
|
|
38
|
+
uv export --format requirements.txt --no-dev --locked --no-emit-project
|
|
39
|
+
--output-file /tmp/runtime-requirements.txt >/dev/null
|
|
40
|
+
|
|
41
|
+
- name: Run runtime dependency vulnerability audit
|
|
42
|
+
run: uv run pip-audit --requirement /tmp/runtime-requirements.txt
|
|
40
43
|
|
|
41
44
|
- name: Clean previous build artifacts
|
|
42
45
|
run: rm -rf build dist
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Code of Conduct
|
|
2
|
+
|
|
3
|
+
This project expects respectful, technically focused collaboration.
|
|
4
|
+
|
|
5
|
+
## Expected Behavior
|
|
6
|
+
|
|
7
|
+
- Assume good intent and communicate directly.
|
|
8
|
+
- Keep discussions specific, evidence-based, and relevant to the repository.
|
|
9
|
+
- Use welcoming language in public issues, pull requests, and review comments.
|
|
10
|
+
- Respect maintainers' time by providing reproducible reports and clear context.
|
|
11
|
+
|
|
12
|
+
## Unacceptable Behavior
|
|
13
|
+
|
|
14
|
+
- Harassment, discrimination, or personal attacks.
|
|
15
|
+
- Doxxing, threats, or sustained hostile behavior.
|
|
16
|
+
- Repeated spam, bad-faith disruption, or intentionally misleading reports.
|
|
17
|
+
- Sharing secrets, tokens, or private data in public threads.
|
|
18
|
+
|
|
19
|
+
## Reporting
|
|
20
|
+
|
|
21
|
+
For normal collaboration problems, open an issue or discussion with enough
|
|
22
|
+
context to review the situation. For security-sensitive or private concerns,
|
|
23
|
+
follow the disclosure path in [SECURITY.md](SECURITY.md).
|
|
24
|
+
|
|
25
|
+
## Enforcement
|
|
26
|
+
|
|
27
|
+
Repository maintainers may edit, hide, lock, or remove content that violates
|
|
28
|
+
this policy, and may restrict participation when needed to keep collaboration
|
|
29
|
+
safe and productive.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: opencode-a2a
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.6.0
|
|
4
4
|
Summary: OpenCode A2A runtime
|
|
5
5
|
Author: liujuanjuan1984@Intelligent-Internet
|
|
6
6
|
License-Expression: Apache-2.0
|
|
@@ -25,6 +25,7 @@ Requires-Dist: fastapi<1.0,>=0.110
|
|
|
25
25
|
Requires-Dist: httpx<1.0,>=0.27
|
|
26
26
|
Requires-Dist: pydantic<3.0,>=2.6
|
|
27
27
|
Requires-Dist: pydantic-settings<3.0,>=2.2
|
|
28
|
+
Requires-Dist: requests<3.0,>=2.33.0
|
|
28
29
|
Requires-Dist: sqlalchemy<3.0,>=2.0
|
|
29
30
|
Requires-Dist: sse-starlette<4.0,>=2.1
|
|
30
31
|
Requires-Dist: uvicorn<1.0,>=0.29
|
|
@@ -113,6 +114,7 @@ Then start `opencode-a2a` against that upstream:
|
|
|
113
114
|
```bash
|
|
114
115
|
A2A_BEARER_TOKEN=dev-token \
|
|
115
116
|
OPENCODE_BASE_URL=http://127.0.0.1:4096 \
|
|
117
|
+
A2A_TASK_STORE_DATABASE_URL=sqlite+aiosqlite:///./opencode-a2a.db \
|
|
116
118
|
A2A_HOST=127.0.0.1 \
|
|
117
119
|
A2A_PORT=8000 \
|
|
118
120
|
A2A_PUBLIC_URL=http://127.0.0.1:8000 \
|
|
@@ -131,6 +133,8 @@ curl http://127.0.0.1:8000/.well-known/agent-card.json
|
|
|
131
133
|
- A2A HTTP+JSON endpoints such as `/v1/message:send` and
|
|
132
134
|
`/v1/message:stream`
|
|
133
135
|
- A2A JSON-RPC support on `POST /`
|
|
136
|
+
- SDK-owned A2A task surfaces such as `GET /v1/tasks`, task push notification
|
|
137
|
+
config routes, and JSON-RPC `agent/getAuthenticatedExtendedCard`
|
|
134
138
|
- Peering capabilities: can act as a client via `opencode-a2a call`
|
|
135
139
|
- Autonomous tool execution: supports `a2a_call` tool for outbound agent-to-agent communication
|
|
136
140
|
- SSE streaming with normalized `text`, `reasoning`, and `tool_call` blocks
|
|
@@ -146,19 +150,30 @@ curl http://127.0.0.1:8000/.well-known/agent-card.json
|
|
|
146
150
|
Interact with other A2A agents directly from the command line:
|
|
147
151
|
|
|
148
152
|
```bash
|
|
149
|
-
|
|
153
|
+
# Using the target peer agent's Bearer token via environment injection
|
|
154
|
+
A2A_CLIENT_BEARER_TOKEN=your-outbound-token \
|
|
155
|
+
opencode-a2a call http://other-agent:8000 "How are you?"
|
|
156
|
+
|
|
157
|
+
# Using the target peer agent's Basic auth via environment injection
|
|
158
|
+
# Accepts raw user:pass or its base64-encoded value
|
|
159
|
+
A2A_CLIENT_BASIC_AUTH="user:pass" \
|
|
160
|
+
opencode-a2a call http://other-agent:8000 "How are you?"
|
|
150
161
|
```
|
|
151
162
|
|
|
152
163
|
### Outbound Agent Calls (Tools)
|
|
153
164
|
The server can autonomously execute `a2a_call(url, message)` tool calls emitted by the OpenCode runtime. Results are fetched via A2A and returned to the model as tool results, enabling multi-agent orchestration.
|
|
154
165
|
|
|
155
|
-
When the target peer requires bearer auth, configure
|
|
156
|
-
for server-side outbound calls.
|
|
157
|
-
`
|
|
166
|
+
When the target peer agent requires bearer auth, configure
|
|
167
|
+
`A2A_CLIENT_BEARER_TOKEN` for server-side outbound calls. When the target peer
|
|
168
|
+
agent requires Basic auth, use `A2A_CLIENT_BASIC_AUTH`.
|
|
169
|
+
These outbound credentials apply to the peer specified by `opencode-a2a call`
|
|
170
|
+
or `a2a_call(url, message)`, not to this service's inbound `A2A_BEARER_TOKEN`.
|
|
171
|
+
The CLI intentionally reads outbound credentials from environment variables only,
|
|
172
|
+
so secrets do not appear in shell history or process arguments.
|
|
158
173
|
|
|
159
174
|
Server-side outbound client settings are fully wired through runtime config:
|
|
160
175
|
`A2A_CLIENT_TIMEOUT_SECONDS`, `A2A_CLIENT_CARD_FETCH_TIMEOUT_SECONDS`,
|
|
161
|
-
`A2A_CLIENT_USE_CLIENT_PREFERENCE`, `A2A_CLIENT_BEARER_TOKEN`, and
|
|
176
|
+
`A2A_CLIENT_USE_CLIENT_PREFERENCE`, `A2A_CLIENT_BEARER_TOKEN`, `A2A_CLIENT_BASIC_AUTH`, and
|
|
162
177
|
`A2A_CLIENT_SUPPORTED_TRANSPORTS`.
|
|
163
178
|
|
|
164
179
|
Detailed protocol contracts, examples, and extension docs live in
|
|
@@ -201,6 +216,8 @@ Read before deployment:
|
|
|
201
216
|
|
|
202
217
|
- [SECURITY.md](SECURITY.md)
|
|
203
218
|
- [docs/guide.md](docs/guide.md)
|
|
219
|
+
- [SUPPORT.md](SUPPORT.md)
|
|
220
|
+
- [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)
|
|
204
221
|
|
|
205
222
|
## Further Reading
|
|
206
223
|
|
|
@@ -73,6 +73,7 @@ Then start `opencode-a2a` against that upstream:
|
|
|
73
73
|
```bash
|
|
74
74
|
A2A_BEARER_TOKEN=dev-token \
|
|
75
75
|
OPENCODE_BASE_URL=http://127.0.0.1:4096 \
|
|
76
|
+
A2A_TASK_STORE_DATABASE_URL=sqlite+aiosqlite:///./opencode-a2a.db \
|
|
76
77
|
A2A_HOST=127.0.0.1 \
|
|
77
78
|
A2A_PORT=8000 \
|
|
78
79
|
A2A_PUBLIC_URL=http://127.0.0.1:8000 \
|
|
@@ -91,6 +92,8 @@ curl http://127.0.0.1:8000/.well-known/agent-card.json
|
|
|
91
92
|
- A2A HTTP+JSON endpoints such as `/v1/message:send` and
|
|
92
93
|
`/v1/message:stream`
|
|
93
94
|
- A2A JSON-RPC support on `POST /`
|
|
95
|
+
- SDK-owned A2A task surfaces such as `GET /v1/tasks`, task push notification
|
|
96
|
+
config routes, and JSON-RPC `agent/getAuthenticatedExtendedCard`
|
|
94
97
|
- Peering capabilities: can act as a client via `opencode-a2a call`
|
|
95
98
|
- Autonomous tool execution: supports `a2a_call` tool for outbound agent-to-agent communication
|
|
96
99
|
- SSE streaming with normalized `text`, `reasoning`, and `tool_call` blocks
|
|
@@ -106,19 +109,30 @@ curl http://127.0.0.1:8000/.well-known/agent-card.json
|
|
|
106
109
|
Interact with other A2A agents directly from the command line:
|
|
107
110
|
|
|
108
111
|
```bash
|
|
109
|
-
|
|
112
|
+
# Using the target peer agent's Bearer token via environment injection
|
|
113
|
+
A2A_CLIENT_BEARER_TOKEN=your-outbound-token \
|
|
114
|
+
opencode-a2a call http://other-agent:8000 "How are you?"
|
|
115
|
+
|
|
116
|
+
# Using the target peer agent's Basic auth via environment injection
|
|
117
|
+
# Accepts raw user:pass or its base64-encoded value
|
|
118
|
+
A2A_CLIENT_BASIC_AUTH="user:pass" \
|
|
119
|
+
opencode-a2a call http://other-agent:8000 "How are you?"
|
|
110
120
|
```
|
|
111
121
|
|
|
112
122
|
### Outbound Agent Calls (Tools)
|
|
113
123
|
The server can autonomously execute `a2a_call(url, message)` tool calls emitted by the OpenCode runtime. Results are fetched via A2A and returned to the model as tool results, enabling multi-agent orchestration.
|
|
114
124
|
|
|
115
|
-
When the target peer requires bearer auth, configure
|
|
116
|
-
for server-side outbound calls.
|
|
117
|
-
`
|
|
125
|
+
When the target peer agent requires bearer auth, configure
|
|
126
|
+
`A2A_CLIENT_BEARER_TOKEN` for server-side outbound calls. When the target peer
|
|
127
|
+
agent requires Basic auth, use `A2A_CLIENT_BASIC_AUTH`.
|
|
128
|
+
These outbound credentials apply to the peer specified by `opencode-a2a call`
|
|
129
|
+
or `a2a_call(url, message)`, not to this service's inbound `A2A_BEARER_TOKEN`.
|
|
130
|
+
The CLI intentionally reads outbound credentials from environment variables only,
|
|
131
|
+
so secrets do not appear in shell history or process arguments.
|
|
118
132
|
|
|
119
133
|
Server-side outbound client settings are fully wired through runtime config:
|
|
120
134
|
`A2A_CLIENT_TIMEOUT_SECONDS`, `A2A_CLIENT_CARD_FETCH_TIMEOUT_SECONDS`,
|
|
121
|
-
`A2A_CLIENT_USE_CLIENT_PREFERENCE`, `A2A_CLIENT_BEARER_TOKEN`, and
|
|
135
|
+
`A2A_CLIENT_USE_CLIENT_PREFERENCE`, `A2A_CLIENT_BEARER_TOKEN`, `A2A_CLIENT_BASIC_AUTH`, and
|
|
122
136
|
`A2A_CLIENT_SUPPORTED_TRANSPORTS`.
|
|
123
137
|
|
|
124
138
|
Detailed protocol contracts, examples, and extension docs live in
|
|
@@ -161,6 +175,8 @@ Read before deployment:
|
|
|
161
175
|
|
|
162
176
|
- [SECURITY.md](SECURITY.md)
|
|
163
177
|
- [docs/guide.md](docs/guide.md)
|
|
178
|
+
- [SUPPORT.md](SUPPORT.md)
|
|
179
|
+
- [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)
|
|
164
180
|
|
|
165
181
|
## Further Reading
|
|
166
182
|
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# Support
|
|
2
|
+
|
|
3
|
+
## When To Open An Issue
|
|
4
|
+
|
|
5
|
+
Open a GitHub issue when you can provide:
|
|
6
|
+
|
|
7
|
+
- a clear problem statement
|
|
8
|
+
- the command, request, or configuration involved
|
|
9
|
+
- expected behavior versus actual behavior
|
|
10
|
+
- relevant logs or payload snippets with secrets removed
|
|
11
|
+
|
|
12
|
+
## Before You Ask
|
|
13
|
+
|
|
14
|
+
- Read [README.md](README.md) for scope and deployment expectations.
|
|
15
|
+
- Read [docs/guide.md](docs/guide.md) for protocol contracts and examples.
|
|
16
|
+
- Read [SECURITY.md](SECURITY.md) before reporting auth, deployment, or secret-related concerns.
|
|
17
|
+
|
|
18
|
+
## Security Concerns
|
|
19
|
+
|
|
20
|
+
Do not post active secrets, bearer tokens, or sensitive workspace data in a
|
|
21
|
+
public issue. Use the disclosure guidance in [SECURITY.md](SECURITY.md).
|
|
22
|
+
|
|
23
|
+
## Commercial Or SLA Support
|
|
24
|
+
|
|
25
|
+
This repository does not currently advertise a separate SLA or managed support
|
|
26
|
+
channel. GitHub issues are the default public support path.
|
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
# Extension Specifications
|
|
2
|
+
|
|
3
|
+
This document is the stable specification surface referenced by the extension
|
|
4
|
+
URIs published in the Agent Card.
|
|
5
|
+
It is intentionally a compact URI/spec index, not the main consumer guide. For
|
|
6
|
+
runtime behavior, request/response examples, and client integration guidance,
|
|
7
|
+
see [`guide.md`](./guide.md).
|
|
8
|
+
|
|
9
|
+
## SDK Compatibility Note
|
|
10
|
+
|
|
11
|
+
The current A2A prose specification references an extended-card availability
|
|
12
|
+
flag as `AgentCard.capabilities.extendedAgentCard` in some sections.
|
|
13
|
+
|
|
14
|
+
The current official JSON schema and SDK types expose the supported field as
|
|
15
|
+
top-level `supportsAuthenticatedExtendedCard`.
|
|
16
|
+
|
|
17
|
+
`opencode-a2a` follows the shipped JSON schema and SDK surface, so Agent Card
|
|
18
|
+
payloads emitted by this project use `supportsAuthenticatedExtendedCard`.
|
|
19
|
+
|
|
20
|
+
## Shared Session Binding v1
|
|
21
|
+
|
|
22
|
+
URI:
|
|
23
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#shared-session-binding-v1`
|
|
24
|
+
|
|
25
|
+
- Scope: shared A2A request metadata for rebinding to an existing upstream session
|
|
26
|
+
- Public Agent Card: capability declaration plus minimal routing metadata
|
|
27
|
+
- Authenticated extended card: full profile, notes, and detailed contract metadata
|
|
28
|
+
- Runtime field: `metadata.shared.session.id`
|
|
29
|
+
|
|
30
|
+
## Shared Model Selection v1
|
|
31
|
+
|
|
32
|
+
URI:
|
|
33
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#shared-model-selection-v1`
|
|
34
|
+
|
|
35
|
+
- Scope: shared request-scoped model override on the main chat path
|
|
36
|
+
- Public Agent Card: capability declaration plus required metadata fields
|
|
37
|
+
- Authenticated extended card: full profile, notes, and detailed contract metadata
|
|
38
|
+
- Runtime field: `metadata.shared.model`
|
|
39
|
+
|
|
40
|
+
## Shared Stream Hints v1
|
|
41
|
+
|
|
42
|
+
URI:
|
|
43
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#shared-stream-hints-v1`
|
|
44
|
+
|
|
45
|
+
- Scope: shared canonical metadata for block, usage, interrupt, and session hints
|
|
46
|
+
- Public Agent Card: metadata roots plus the minimum discoverability fields for
|
|
47
|
+
block identity, progress status, interrupt lifecycle, session identity, and
|
|
48
|
+
basic token usage
|
|
49
|
+
- Authenticated extended card: full shared stream contract including detailed
|
|
50
|
+
block payload mappings and extended usage metadata
|
|
51
|
+
- Runtime fields: `metadata.shared.stream`, `metadata.shared.usage`,
|
|
52
|
+
`metadata.shared.interrupt`, `metadata.shared.session`
|
|
53
|
+
|
|
54
|
+
## OpenCode Session Query v1
|
|
55
|
+
|
|
56
|
+
URI:
|
|
57
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#opencode-session-query-v1`
|
|
58
|
+
|
|
59
|
+
- Scope: provider-private OpenCode session lifecycle, history, and low-risk control methods
|
|
60
|
+
- Public Agent Card: capability declaration only
|
|
61
|
+
- Authenticated extended card: full method matrix, pagination rules, errors, and context semantics
|
|
62
|
+
- Transport: A2A JSON-RPC extension methods
|
|
63
|
+
|
|
64
|
+
## OpenCode Provider Discovery v1
|
|
65
|
+
|
|
66
|
+
URI:
|
|
67
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#opencode-provider-discovery-v1`
|
|
68
|
+
|
|
69
|
+
- Scope: provider-private provider and model discovery methods
|
|
70
|
+
- Public Agent Card: capability declaration only
|
|
71
|
+
- Authenticated extended card: full method contracts, error surface, and routing metadata
|
|
72
|
+
- Transport: A2A JSON-RPC extension methods
|
|
73
|
+
|
|
74
|
+
## Shared Interactive Interrupt v1
|
|
75
|
+
|
|
76
|
+
URI:
|
|
77
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#shared-interactive-interrupt-v1`
|
|
78
|
+
|
|
79
|
+
- Scope: shared interrupt callback reply methods
|
|
80
|
+
- Public Agent Card: capability declaration, supported interrupt events, and request ID field
|
|
81
|
+
- Authenticated extended card: full callback contract, errors, and routing metadata
|
|
82
|
+
- Transport: A2A JSON-RPC extension methods
|
|
83
|
+
|
|
84
|
+
## OpenCode Interrupt Recovery v1
|
|
85
|
+
|
|
86
|
+
URI:
|
|
87
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#opencode-interrupt-recovery-v1`
|
|
88
|
+
|
|
89
|
+
- Scope: provider-private recovery methods for pending local interrupt bindings
|
|
90
|
+
- Public Agent Card: capability declaration only
|
|
91
|
+
- Authenticated extended card: full method contracts, error surface, and local-registry notes
|
|
92
|
+
- Transport: A2A JSON-RPC extension methods
|
|
93
|
+
|
|
94
|
+
## OpenCode Workspace Control v1
|
|
95
|
+
|
|
96
|
+
URI:
|
|
97
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#opencode-workspace-control-v1`
|
|
98
|
+
|
|
99
|
+
- Scope: provider-private project, workspace, and worktree control-plane methods
|
|
100
|
+
- Public Agent Card: capability declaration only
|
|
101
|
+
- Authenticated extended card: full method contracts, error surface, and routing notes
|
|
102
|
+
- Transport: A2A JSON-RPC extension methods
|
|
103
|
+
|
|
104
|
+
## A2A Compatibility Profile v1
|
|
105
|
+
|
|
106
|
+
URI:
|
|
107
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#a2a-compatibility-profile-v1`
|
|
108
|
+
|
|
109
|
+
- Scope: compatibility profile describing core baselines, extension retention, and service behaviors
|
|
110
|
+
- Public Agent Card: capability declaration only
|
|
111
|
+
- Authenticated extended card: full compatibility profile payload
|
|
112
|
+
- Transport: Agent Card extension params
|
|
113
|
+
|
|
114
|
+
## A2A Wire Contract v1
|
|
115
|
+
|
|
116
|
+
URI:
|
|
117
|
+
`https://github.com/Intelligent-Internet/opencode-a2a/blob/main/docs/extension-specifications.md#a2a-wire-contract-v1`
|
|
118
|
+
|
|
119
|
+
- Scope: wire-level contract for supported methods, endpoints, and error semantics
|
|
120
|
+
- Public Agent Card: capability declaration only
|
|
121
|
+
- Authenticated extended card: full wire contract payload
|
|
122
|
+
- Transport: Agent Card extension params
|