Agent & model refactor (#478)
* agent & model refactor with ASKPASS git auth, UI restructure, clerk v7 Made-with: Cursor * fix stale agent/effort refs, add tests for askpass + model resolution - reviewCleanup.ts: payload.agent -> payload.model, remove effort - selectMode.ts PlanEdit: remove delegation/subagent/effort references - pullfrog.yml.ts: update env vars (drop GOOGLE_API_KEY/CURSOR_API_KEY, add GOOGLE_GENERATIVE_AI_API_KEY/XAI_API_KEY/MOONSHOT_API_KEY/OPENCODE_API_KEY) - FlagsSettings/RepoInstructionsSection: remove stale effort/timeout copy - new: gitAuthServer.test.ts (10 tests — lifecycle, token delivery, tamper detection, script gen) - new: agent.test.ts (4 tests — default opentoad, AGENT_OVERRIDE, invalid override) - new: models.test.ts (19 tests — parseModel, resolution, registry invariants) - update models.dev snapshot Made-with: Cursor * fix changed-agents.sh to filter legacy agent files from CI matrix legacy agent files (claude.ts, codex.ts, etc.) are @ts-nocheck and not exported from index.ts. changed-agents.sh now reads index.ts imports to build the active agent set and treats changes to inactive files as non-agent changes (opentoad canary only). Made-with: Cursor * remove MCP file tools, old agent harnesses, and obsolete security tests ASKPASS-based git auth makes the old MCP file tool security layer unnecessary: - token never in subprocess env, so symlink/gitattributes/hook attacks can't exfiltrate it - agents now use native file tools (OpenCode builtin read/edit) deleted: - action/mcp/file.ts (file_read, file_write, file_edit, file_delete, list_directory) - action/mcp/index.ts (dead re-export) - agent harnesses: claude.ts, codex.ts, cursor.ts, gemini.ts, opencode.ts - opencode-runner.ts (inlined into opentoad.ts) - security tests that validated MCP file tool restrictions - commented-out three-step review flow (~300 lines) - sanitizeSchema/wrapSchema dead code from mcp/shared.ts - OPENCODE_MODEL_MINI/MAX env vars (effort-level model overrides removed) updated test prompts to use generic file ops instead of MCP tool names. restored pkg-json-scripts + requirements-txt-attack (test --ignore-scripts defense). Made-with: Cursor * bump actions/checkout v4 → v6 (node 24) node 20 actions deprecated june 2, 2026. Made-with: Cursor * temporarily disable fail-fast on agnostic tests to debug checkout@v6 Made-with: Cursor * re-enable fail-fast on agnostic tests Made-with: Cursor * fix test token mismatch: mint OIDC tokens scoped to target repo CI tests override GITHUB_REPOSITORY to pullfrog/test-repo but inherit the runner's GITHUB_TOKEN (scoped to pullfrog/app), causing 401s on every run-context fetch. Clear GITHUB_TOKEN in the test subprocess so ensureGitHubToken() mints a properly scoped token via OIDC. Also centralizes the default GITHUB_REPOSITORY in runAgentStreaming instead of repeating it in every test file, and fixes preview-cleanup to remove workers from all queues (not just name-matching ones). Made-with: Cursor * fix ensureGitHubToken to try OIDC when app credentials are absent ensureGitHubToken only attempted token minting when GITHUB_APP_ID and GITHUB_PRIVATE_KEY were set. In CI, OIDC is available but app creds aren't exposed — so the guard prevented minting entirely. Made-with: Cursor * dead code cleanup: remove remnants of deleted agents, file tools, effort system remove unused @anthropic-ai/claude-agent-sdk and @openai/codex-sdk deps, orphaned file-tool security tests, dead GEMINI_MODEL passthrough, stale opencode-runner wiki refs, deleted test file references, and MCP file tool docs. rename docs/effort → docs/models. fix vitest setup: move dotenv to globalSetup (runs once before forks instead of per-file, 19s → 200ms). Made-with: Cursor * address review feedback: remove dead code, update stale references - remove AGENT_OVERRIDE (only opentoad exists) - remove shellToolName plumbing (always restricted shell) - bump action version to 0.0.179 - remove CURSOR_API_KEY from all workflows/configs - remove OPENCODE_MODEL_MINI/MAX from workflows/docs - delete wiki/effort.md, rewrite docs/effort.mdx as "Models" - rewrite wiki/modes.md: orchestrator/subagent → single agent - simplify flag system: drop builtin flag extraction (debug, effort, timeout, agent), keep custom flag replacement only - reserve all legacy flag names to prevent custom flag conflicts Made-with: Cursor * regenerate lockfile after removing claude-agent-sdk and codex-sdk Made-with: Cursor * fix import ordering, add lockfile check to pre-push hook Made-with: Cursor * remove dead debug payload field, stale packageExtensions Made-with: Cursor * merge proc-sandbox and token-exfil into a single test proc-sandbox and token-exfil were duplicative — both tested that SANDBOX_TEST_TOKEN couldn't be exfiltrated. consolidated into token-exfil with shell:restricted (which actually exercises filterEnv) and the /proc attack vector hints from proc-sandbox. Made-with: Cursor * fix wiki adversarial.md to match actual tokenExfil validator Made-with: Cursor
This commit is contained in:
committed by
pullfrog[bot]
parent
5bcfae990a
commit
6d25adfd1a
@@ -1,341 +0,0 @@
|
||||
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
|
||||
// changes to tool permissions should be reflected in wiki/granular-tools.md
|
||||
// changes to web search configuration should be reflected in wiki/websearch.md
|
||||
import { mkdirSync, writeFileSync } from "node:fs";
|
||||
import { join } from "node:path";
|
||||
import type { SDKMessage } from "@anthropic-ai/claude-agent-sdk";
|
||||
import type { Effort } from "../external.ts";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import packageJson from "../package.json" with { type: "json" };
|
||||
import { markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromNpmTarball } from "../utils/install.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
|
||||
|
||||
// model selection based on effort level
|
||||
// these are aliases that always resolve to the latest version
|
||||
const claudeEffortModels: Record<Effort, string> = {
|
||||
mini: "sonnet",
|
||||
auto: "opus",
|
||||
max: "opus",
|
||||
};
|
||||
|
||||
// Claude Code CLI --effort level per pullfrog effort
|
||||
// null = use default (high). "max" is Opus 4.6 only.
|
||||
const claudeEffortLevels: Record<Effort, string | null> = {
|
||||
mini: null,
|
||||
auto: null,
|
||||
max: "max",
|
||||
};
|
||||
|
||||
/**
|
||||
* Build disallowedTools list from payload permissions.
|
||||
*/
|
||||
function buildDisallowedTools(ctx: AgentRunContext): string[] {
|
||||
const disallowed: string[] = [];
|
||||
if (ctx.payload.web === "disabled") disallowed.push("WebFetch");
|
||||
if (ctx.payload.search === "disabled") disallowed.push("WebSearch");
|
||||
// both "disabled" and "restricted" block native shell
|
||||
// "restricted" means use MCP shell tool instead
|
||||
const shell = ctx.payload.shell;
|
||||
if (shell !== "enabled") disallowed.push("Bash");
|
||||
// always block native file tools (use MCP file_read/file_write instead)
|
||||
disallowed.push("Read", "Write", "Edit", "MultiEdit");
|
||||
// block built-in subagent spawning — delegation is handled by gh_pullfrog/delegate
|
||||
disallowed.push("Task");
|
||||
return disallowed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Write MCP config file for Claude CLI.
|
||||
* Returns the path to the config file.
|
||||
*/
|
||||
function writeMcpConfig(ctx: AgentRunContext): string {
|
||||
const configDir = join(ctx.tmpdir, ".claude");
|
||||
mkdirSync(configDir, { recursive: true });
|
||||
const configPath = join(configDir, "mcp.json");
|
||||
|
||||
const mcpConfig = {
|
||||
mcpServers: {
|
||||
[ghPullfrogMcpName]: { type: "http", url: ctx.mcpServerUrl },
|
||||
},
|
||||
};
|
||||
|
||||
writeFileSync(configPath, JSON.stringify(mcpConfig, null, 2), "utf-8");
|
||||
log.debug(`» MCP config written to ${configPath}`);
|
||||
return configPath;
|
||||
}
|
||||
|
||||
async function installClaude(): Promise<string> {
|
||||
const versionRange = packageJson.dependencies["@anthropic-ai/claude-agent-sdk"] || "latest";
|
||||
return await installFromNpmTarball({
|
||||
packageName: "@anthropic-ai/claude-agent-sdk",
|
||||
version: versionRange,
|
||||
executablePath: "cli.js",
|
||||
});
|
||||
}
|
||||
|
||||
export const claude = agent({
|
||||
name: "claude",
|
||||
install: installClaude,
|
||||
run: async (ctx) => {
|
||||
// install CLI at start of run
|
||||
const cliPath = await installClaude();
|
||||
|
||||
// select model and effort level
|
||||
const model = claudeEffortModels[ctx.payload.effort];
|
||||
const effortLevel = claudeEffortLevels[ctx.payload.effort];
|
||||
log.info(`» model: ${model}${effortLevel ? ` (effort: ${effortLevel})` : ""}`);
|
||||
|
||||
// build disallowedTools based on tool permissions
|
||||
const disallowedTools = buildDisallowedTools(ctx);
|
||||
if (disallowedTools.length > 0) {
|
||||
log.debug(`» disallowed built-ins: ${JSON.stringify(disallowedTools)}`);
|
||||
}
|
||||
|
||||
// write MCP config file
|
||||
const mcpConfigPath = writeMcpConfig(ctx);
|
||||
|
||||
// build CLI args
|
||||
// claude -p "prompt" --dangerously-skip-permissions --mcp-config ./mcp.json --model opus --output-format stream-json --verbose
|
||||
const args: string[] = [
|
||||
cliPath,
|
||||
"-p",
|
||||
ctx.instructions.full,
|
||||
"--dangerously-skip-permissions",
|
||||
"--mcp-config",
|
||||
mcpConfigPath,
|
||||
"--model",
|
||||
model,
|
||||
"--output-format",
|
||||
"stream-json",
|
||||
"--verbose",
|
||||
];
|
||||
|
||||
// add --effort flag if specified (e.g. "max" for Opus 4.6)
|
||||
if (effortLevel) {
|
||||
args.push("--effort", effortLevel);
|
||||
}
|
||||
|
||||
// add disallowed tools if any
|
||||
if (disallowedTools.length > 0) {
|
||||
args.push("--disallowedTools");
|
||||
args.push(...disallowedTools);
|
||||
}
|
||||
|
||||
log.info("» running Claude CLI...");
|
||||
|
||||
let stdoutBuffer = "";
|
||||
let finalOutput = "";
|
||||
const usageContainer: UsageContainer = { value: null };
|
||||
|
||||
// track shell tool IDs to identify when shell tool results come back
|
||||
const shellToolIds = new Set<string>();
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
const result = await spawn({
|
||||
cmd: "node",
|
||||
args,
|
||||
cwd: process.cwd(),
|
||||
env: process.env,
|
||||
stdio: ["ignore", "pipe", "pipe"],
|
||||
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
|
||||
onStdout: async (chunk) => {
|
||||
finalOutput += chunk;
|
||||
markActivity(); // reset activity timeout on any CLI output
|
||||
|
||||
// buffer incomplete lines across chunks (NDJSON format)
|
||||
stdoutBuffer += chunk;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
|
||||
// keep the last element (may be incomplete) in the buffer
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) continue;
|
||||
|
||||
try {
|
||||
const message = JSON.parse(trimmed) as SDKMessage;
|
||||
markActivity(); // reset activity timeout on every event
|
||||
log.debug(JSON.stringify(message, null, 2));
|
||||
|
||||
const handler = messageHandlers[message.type];
|
||||
if (handler) {
|
||||
await handler(message as never, shellToolIds, thinkingTimer, usageContainer);
|
||||
}
|
||||
} catch {
|
||||
// ignore parse errors - might be non-JSON output
|
||||
log.debug(`[claude] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
|
||||
}
|
||||
}
|
||||
},
|
||||
onStderr: (chunk) => {
|
||||
const trimmed = chunk.trim();
|
||||
if (trimmed) {
|
||||
log.info(`[claude stderr] ${trimmed}`);
|
||||
finalOutput += trimmed + "\n";
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
if (result.exitCode !== 0) {
|
||||
const errorMessage =
|
||||
result.stderr ||
|
||||
finalOutput ||
|
||||
result.stdout ||
|
||||
"Unknown error - no output from Claude CLI";
|
||||
log.error(`Claude CLI exited with code ${result.exitCode}: ${errorMessage}`);
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: finalOutput || result.stdout || "",
|
||||
usage: usageContainer.value ?? undefined,
|
||||
};
|
||||
}
|
||||
|
||||
log.info("» Claude CLI completed successfully");
|
||||
|
||||
return {
|
||||
success: true,
|
||||
output: finalOutput || result.stdout || "",
|
||||
usage: usageContainer.value ?? undefined,
|
||||
};
|
||||
},
|
||||
});
|
||||
|
||||
// run-local usage container — passed to handlers via closure for parallel-safe runs
|
||||
type UsageContainer = { value: AgentUsage | null };
|
||||
|
||||
type SDKMessageType = SDKMessage["type"];
|
||||
|
||||
type SDKMessageHandler<type extends SDKMessageType = SDKMessageType> = (
|
||||
data: Extract<SDKMessage, { type: type }>,
|
||||
shellToolIds: Set<string>,
|
||||
thinkingTimer: ThinkingTimer,
|
||||
usageContainer: UsageContainer
|
||||
) => void | Promise<void>;
|
||||
|
||||
type SDKMessageHandlers = {
|
||||
[type in SDKMessageType]: SDKMessageHandler<type>;
|
||||
};
|
||||
|
||||
const messageHandlers: SDKMessageHandlers = {
|
||||
assistant: (data, shellToolIds, thinkingTimer, _usageContainer) => {
|
||||
if (data.message?.content) {
|
||||
for (const content of data.message.content) {
|
||||
if (content.type === "text" && content.text?.trim()) {
|
||||
log.box(content.text.trim(), { title: "Claude" });
|
||||
} else if (content.type === "tool_use") {
|
||||
// track shell tool IDs (Claude's native tool is named "bash")
|
||||
if (content.name === "bash" && content.id) {
|
||||
shellToolIds.add(content.id);
|
||||
}
|
||||
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({
|
||||
toolName: content.name,
|
||||
input: content.input,
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
user: (data, shellToolIds, thinkingTimer, _usageContainer) => {
|
||||
if (data.message?.content) {
|
||||
for (const content of data.message.content) {
|
||||
if (typeof content === "string") {
|
||||
continue;
|
||||
}
|
||||
if (content.type === "tool_result") {
|
||||
thinkingTimer.markToolResult();
|
||||
|
||||
const toolUseId = content.tool_use_id;
|
||||
const isShellTool = toolUseId && shellToolIds.has(toolUseId);
|
||||
|
||||
const outputContent =
|
||||
typeof content.content === "string"
|
||||
? content.content
|
||||
: Array.isArray(content.content)
|
||||
? content.content
|
||||
.map((entry: unknown) =>
|
||||
typeof entry === "string"
|
||||
? entry
|
||||
: typeof entry === "object" && entry !== null && "text" in entry
|
||||
? String(entry.text)
|
||||
: JSON.stringify(entry)
|
||||
)
|
||||
.join("\n")
|
||||
: String(content.content);
|
||||
|
||||
if (isShellTool) {
|
||||
// Log shell output in a collapsed group
|
||||
log.startGroup(`shell output`);
|
||||
if (content.is_error) {
|
||||
log.info(outputContent);
|
||||
} else {
|
||||
log.info(outputContent);
|
||||
}
|
||||
log.endGroup();
|
||||
// Clean up the tracked ID
|
||||
shellToolIds.delete(toolUseId);
|
||||
} else if (content.is_error) {
|
||||
log.info(`Tool error: ${outputContent}`);
|
||||
} else {
|
||||
// log successful non-shell tool result at debug level
|
||||
log.debug(`tool output: ${outputContent}`);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
result: async (data, _shellToolIds, _thinkingTimer, usageContainer) => {
|
||||
if (data.subtype === "success") {
|
||||
const usage = data.usage;
|
||||
const inputTokens = usage?.input_tokens || 0;
|
||||
const cacheRead = usage?.cache_read_input_tokens || 0;
|
||||
const cacheWrite = usage?.cache_creation_input_tokens || 0;
|
||||
const outputTokens = usage?.output_tokens || 0;
|
||||
const totalInput = inputTokens + cacheRead + cacheWrite;
|
||||
|
||||
usageContainer.value = {
|
||||
agent: "claude",
|
||||
inputTokens: totalInput,
|
||||
outputTokens,
|
||||
cacheReadTokens: cacheRead,
|
||||
cacheWriteTokens: cacheWrite,
|
||||
costUsd: data.total_cost_usd ?? undefined,
|
||||
};
|
||||
|
||||
log.table([
|
||||
[
|
||||
{ data: "Cost", header: true },
|
||||
{ data: "Input", header: true },
|
||||
{ data: "Cache Read", header: true },
|
||||
{ data: "Cache Write", header: true },
|
||||
{ data: "Output", header: true },
|
||||
],
|
||||
[
|
||||
`$${data.total_cost_usd?.toFixed(4) || "0.0000"}`,
|
||||
String(totalInput),
|
||||
String(cacheRead),
|
||||
String(cacheWrite),
|
||||
String(outputTokens),
|
||||
],
|
||||
]);
|
||||
} else if (data.subtype === "error_max_turns") {
|
||||
log.info(`Max turns reached: ${JSON.stringify(data)}`);
|
||||
} else if (data.subtype === "error_during_execution") {
|
||||
log.info(`Execution error: ${JSON.stringify(data)}`);
|
||||
} else {
|
||||
log.info(`Failed: ${JSON.stringify(data)}`);
|
||||
}
|
||||
},
|
||||
system: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
|
||||
stream_event: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
|
||||
tool_progress: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
|
||||
tool_use_summary: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
|
||||
auth_status: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
|
||||
};
|
||||
-412
@@ -1,412 +0,0 @@
|
||||
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
|
||||
// changes to tool permissions should be reflected in wiki/granular-tools.md
|
||||
// changes to web search configuration should be reflected in wiki/websearch.md
|
||||
import { mkdirSync, writeFileSync } from "node:fs";
|
||||
import { join } from "node:path";
|
||||
import type { ThreadEvent } from "@openai/codex-sdk";
|
||||
import type { Effort } from "../external.ts";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import { markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromNpmTarball } from "../utils/install.ts";
|
||||
import { filterEnv } from "../utils/secrets.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
|
||||
|
||||
// pinned CLI version — no 1-1 package.json dependency for the CLI package
|
||||
// (package.json has @openai/codex-sdk which is the SDK, not the CLI)
|
||||
const CODEX_CLI_VERSION = "0.101.0";
|
||||
|
||||
// configuration based on effort level
|
||||
// https://developers.openai.com/codex/models/
|
||||
type ModelReasoningEffort = "minimal" | "low" | "medium" | "high" | "xhigh";
|
||||
type CodexEffortConfig = { model: string; reasoningEffort?: ModelReasoningEffort };
|
||||
|
||||
// preferred model for auto/max — falls back to gpt-5.2-codex if API key lacks access
|
||||
const PREFERRED_MODEL = "gpt-5.3-codex";
|
||||
const FALLBACK_MODEL = "gpt-5.2-codex";
|
||||
|
||||
function getCodexEffortConfig(model: string): Record<Effort, CodexEffortConfig> {
|
||||
return {
|
||||
mini: { model: "gpt-5.2-codex", reasoningEffort: "low" },
|
||||
auto: { model },
|
||||
max: { model, reasoningEffort: "high" },
|
||||
};
|
||||
}
|
||||
|
||||
// check if a model is available for the given API key via GET /v1/models
|
||||
async function isModelAvailable(ctx: { apiKey: string; model: string }): Promise<boolean> {
|
||||
try {
|
||||
const response = await fetch("https://api.openai.com/v1/models", {
|
||||
headers: { Authorization: `Bearer ${ctx.apiKey}` },
|
||||
signal: AbortSignal.timeout(10_000),
|
||||
});
|
||||
if (!response.ok) {
|
||||
log.info(
|
||||
`failed to list models (HTTP ${response.status}), falling back to ${FALLBACK_MODEL}`
|
||||
);
|
||||
return false;
|
||||
}
|
||||
const body = (await response.json()) as { data: Array<{ id: string }> };
|
||||
return body.data.some((m) => m.id === ctx.model);
|
||||
} catch (err) {
|
||||
log.info(`failed to list models: ${err}, falling back to ${FALLBACK_MODEL}`);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// resolve the best available model for auto/max effort levels
|
||||
async function resolveModel(apiKey: string): Promise<string> {
|
||||
const available = await isModelAvailable({ apiKey, model: PREFERRED_MODEL });
|
||||
if (available) {
|
||||
log.info(`» ${PREFERRED_MODEL} is available for this API key`);
|
||||
return PREFERRED_MODEL;
|
||||
}
|
||||
log.info(`» ${PREFERRED_MODEL} not available, using ${FALLBACK_MODEL}`);
|
||||
return FALLBACK_MODEL;
|
||||
}
|
||||
|
||||
function writeCodexConfig(ctx: AgentRunContext): string {
|
||||
const codexDir = join(ctx.tmpdir, ".codex");
|
||||
mkdirSync(codexDir, { recursive: true });
|
||||
const configPath = join(codexDir, "config.toml");
|
||||
|
||||
// build MCP servers section
|
||||
log.info(`» adding MCP server '${ghPullfrogMcpName}' at ${ctx.mcpServerUrl}`);
|
||||
const mcpServerSections = [`[mcp_servers.${ghPullfrogMcpName}]\nurl = "${ctx.mcpServerUrl}"`];
|
||||
|
||||
// build features section for tool control
|
||||
// disable native shell if shell is "disabled" or "restricted"
|
||||
// when "restricted", agent uses MCP shell tool which filters secrets
|
||||
const shell = ctx.payload.shell;
|
||||
const features: string[] = [];
|
||||
if (shell !== "enabled") {
|
||||
features.push("shell_tool = false");
|
||||
features.push("unified_exec = false");
|
||||
}
|
||||
// note: there is no Codex feature flag to disable the native apply_patch tool.
|
||||
// apply_patch_freeform only controls the freeform variant and defaults to false.
|
||||
// native file tools are steered to MCP via instructions, and the sandbox (workspace-write
|
||||
// or read-only) constrains what the native tool can access even if the agent ignores instructions.
|
||||
const featuresSection = features.length > 0 ? `[features]\n${features.join("\n")}` : "";
|
||||
|
||||
// trust the project so codex loads repo-level .codex/config.toml
|
||||
const cwd = process.cwd();
|
||||
const projectTrustSection = `[projects."${cwd}"]\ntrust_level = "trusted"`;
|
||||
|
||||
// set approval_policy = "never" so we can avoid --dangerously-bypass-approvals-and-sandbox.
|
||||
// this keeps sandbox enforcement active while still running non-interactively.
|
||||
// the sandbox (workspace-write or read-only) constrains native file tool access.
|
||||
const approvalSection = `approval_policy = "never"`;
|
||||
|
||||
writeFileSync(
|
||||
configPath,
|
||||
`# written by pullfrog
|
||||
${approvalSection}
|
||||
|
||||
${featuresSection}
|
||||
|
||||
${projectTrustSection}
|
||||
|
||||
${mcpServerSections.join("\n\n")}
|
||||
`.trim() + "\n"
|
||||
);
|
||||
|
||||
log.info(
|
||||
`» Codex config written to ${configPath} (shell: ${shell === "enabled" ? "enabled" : "disabled"}, project trusted: ${cwd})`
|
||||
);
|
||||
|
||||
return codexDir;
|
||||
}
|
||||
|
||||
async function installCodex(): Promise<string> {
|
||||
return await installFromNpmTarball({
|
||||
packageName: "@openai/codex",
|
||||
version: CODEX_CLI_VERSION,
|
||||
executablePath: "bin/codex.js",
|
||||
installDependencies: true,
|
||||
});
|
||||
}
|
||||
|
||||
export const codex = agent({
|
||||
name: "codex",
|
||||
install: installCodex,
|
||||
run: async (ctx) => {
|
||||
// validate API key first
|
||||
const apiKey = process.env.OPENAI_API_KEY;
|
||||
if (!apiKey) {
|
||||
throw new Error("OPENAI_API_KEY is required for codex agent");
|
||||
}
|
||||
|
||||
// install CLI and resolve model concurrently
|
||||
const [cliPath, model] = await Promise.all([installCodex(), resolveModel(apiKey)]);
|
||||
|
||||
// write config file (creates ~/.codex/config.toml)
|
||||
const codexDir = writeCodexConfig(ctx);
|
||||
|
||||
// get model and reasoning effort based on effort level
|
||||
const effortConfig = getCodexEffortConfig(model)[ctx.payload.effort];
|
||||
log.info(
|
||||
`» model: ${effortConfig.model}${effortConfig.reasoningEffort ? ` (reasoningEffort: ${effortConfig.reasoningEffort})` : ""}`
|
||||
);
|
||||
|
||||
// determine sandbox mode based on push permission
|
||||
// push: "disabled" → read-only sandbox, otherwise workspace-write.
|
||||
// we avoid danger-full-access because it completely disables the sandbox,
|
||||
// which would let native file tools (apply_patch) write anywhere unrestricted.
|
||||
// workspace-write constrains native file access to the working directory.
|
||||
const sandboxMode = ctx.payload.push === "disabled" ? "read-only" : "workspace-write";
|
||||
|
||||
// determine network and search permissions
|
||||
// web: "disabled" → no network access, otherwise enabled
|
||||
const networkAccessEnabled = ctx.payload.web !== "disabled";
|
||||
// search: "disabled" → no web search, otherwise enabled
|
||||
const webSearchEnabled = ctx.payload.search !== "disabled";
|
||||
|
||||
// note: we intentionally do NOT use --dangerously-bypass-approvals-and-sandbox.
|
||||
// that flag bypasses both approvals AND the sandbox. instead, we set
|
||||
// approval_policy = "never" in config.toml and keep the sandbox active.
|
||||
// this ensures native file tools (apply_patch) are constrained by the sandbox
|
||||
// even if the agent ignores MCP-only instructions.
|
||||
const args: string[] = [
|
||||
cliPath,
|
||||
"exec",
|
||||
ctx.instructions.full,
|
||||
"--model",
|
||||
effortConfig.model,
|
||||
"--sandbox",
|
||||
sandboxMode,
|
||||
"--json",
|
||||
"--config",
|
||||
`sandbox_workspace_write.network_access=${networkAccessEnabled}`,
|
||||
"--config",
|
||||
`features.web_search_request=${webSearchEnabled}`,
|
||||
];
|
||||
|
||||
if (effortConfig.reasoningEffort) {
|
||||
args.push("--config", `model_reasoning_effort="${effortConfig.reasoningEffort}"`);
|
||||
}
|
||||
|
||||
log.info(
|
||||
`» Codex options: sandboxMode=${sandboxMode}, networkAccess=${networkAccessEnabled}, webSearch=${webSearchEnabled}`
|
||||
);
|
||||
log.info("» running Codex CLI...");
|
||||
const runState: CodexRunState = { usage: null };
|
||||
const messageHandlers = createMessageHandlers();
|
||||
|
||||
let stdoutBuffer = "";
|
||||
let finalOutput = "";
|
||||
|
||||
// Track command execution IDs to identify when command results come back
|
||||
const commandExecutionIds = new Set<string>();
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
// when shell is restricted/disabled, filter sensitive env vars from the codex process.
|
||||
// defense-in-depth: codex 0.99.0's shell_command_tool feature flag is unreliable,
|
||||
// so native shell commands may still run. filtering the process env ensures secrets
|
||||
// (matching *_TOKEN, *_KEY, *_SECRET, etc.) are not accessible even if native shell
|
||||
// bypasses the MCP shell tool's filterEnv.
|
||||
// API key is explicitly re-added since codex needs it for API calls.
|
||||
const baseEnv = ctx.payload.shell === "enabled" ? process.env : filterEnv();
|
||||
const env: NodeJS.ProcessEnv = {
|
||||
...baseEnv,
|
||||
CODEX_HOME: codexDir,
|
||||
CODEX_API_KEY: apiKey,
|
||||
OPENAI_API_KEY: apiKey,
|
||||
};
|
||||
|
||||
const result = await spawn({
|
||||
cmd: "node",
|
||||
args,
|
||||
cwd: process.cwd(),
|
||||
env,
|
||||
stdio: ["ignore", "pipe", "pipe"],
|
||||
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
|
||||
onStdout: async (chunk) => {
|
||||
finalOutput += chunk;
|
||||
markActivity(); // reset activity timeout on any CLI output
|
||||
|
||||
// buffer incomplete lines across chunks (NDJSON format)
|
||||
stdoutBuffer += chunk;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
|
||||
// keep the last element (may be incomplete) in the buffer
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) continue;
|
||||
|
||||
try {
|
||||
const event = JSON.parse(trimmed) as ThreadEvent;
|
||||
markActivity(); // reset activity timeout on every event
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
|
||||
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
|
||||
if (handler) {
|
||||
await handler(event as never, commandExecutionIds, thinkingTimer, runState);
|
||||
}
|
||||
} catch {
|
||||
// ignore parse errors - might be non-JSON output
|
||||
log.debug(`[codex] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
|
||||
}
|
||||
}
|
||||
},
|
||||
onStderr: (chunk) => {
|
||||
const trimmed = chunk.trim();
|
||||
if (trimmed) {
|
||||
log.info(`[codex stderr] ${trimmed}`);
|
||||
finalOutput += trimmed + "\n";
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
if (result.exitCode !== 0) {
|
||||
const errorMessage =
|
||||
result.stderr || finalOutput || result.stdout || "Unknown error - no output from Codex CLI";
|
||||
log.error(`Codex CLI exited with code ${result.exitCode}: ${errorMessage}`);
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: finalOutput || result.stdout || "",
|
||||
usage: runState.usage ?? undefined,
|
||||
};
|
||||
}
|
||||
|
||||
log.info("» Codex CLI completed successfully");
|
||||
|
||||
return {
|
||||
success: true,
|
||||
output: finalOutput || result.stdout || "",
|
||||
usage: runState.usage ?? undefined,
|
||||
};
|
||||
},
|
||||
});
|
||||
|
||||
// run-local usage accumulator — passed to handlers via closure for parallel-safe runs.
|
||||
// codex fires turn.completed per-turn (not once at the end like claude/gemini),
|
||||
// so we must accumulate rather than overwrite.
|
||||
type CodexRunState = { usage: AgentUsage | null };
|
||||
|
||||
type ThreadEventHandler<type extends ThreadEvent["type"]> = (
|
||||
event: Extract<ThreadEvent, { type: type }>,
|
||||
commandExecutionIds: Set<string>,
|
||||
thinkingTimer: ThinkingTimer,
|
||||
runState: CodexRunState
|
||||
) => void | Promise<void>;
|
||||
|
||||
function createMessageHandlers(): {
|
||||
[type in ThreadEvent["type"]]: ThreadEventHandler<type>;
|
||||
} {
|
||||
return {
|
||||
"thread.started": () => {
|
||||
// No logging needed
|
||||
},
|
||||
"turn.started": () => {
|
||||
// No logging needed
|
||||
},
|
||||
"turn.completed": async (event, _commandExecutionIds, _thinkingTimer, runState) => {
|
||||
const inputTokens = event.usage.input_tokens ?? 0;
|
||||
const cachedInputTokens = event.usage.cached_input_tokens ?? 0;
|
||||
const outputTokens = event.usage.output_tokens ?? 0;
|
||||
|
||||
// accumulate across turns (codex fires turn.completed per-turn, not once at end).
|
||||
// note: openai's input_tokens already includes cached tokens (unlike claude's API),
|
||||
// so we do not add cachedInputTokens to inputTokens — that would double-count.
|
||||
if (runState.usage) {
|
||||
runState.usage.inputTokens += inputTokens;
|
||||
runState.usage.outputTokens += outputTokens;
|
||||
runState.usage.cacheReadTokens = (runState.usage.cacheReadTokens ?? 0) + cachedInputTokens;
|
||||
} else {
|
||||
runState.usage = {
|
||||
agent: "codex",
|
||||
inputTokens,
|
||||
outputTokens,
|
||||
cacheReadTokens: cachedInputTokens,
|
||||
};
|
||||
}
|
||||
|
||||
log.table([
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Cached Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
],
|
||||
[String(inputTokens), String(cachedInputTokens), String(outputTokens)],
|
||||
]);
|
||||
},
|
||||
"turn.failed": (event) => {
|
||||
log.info(`Turn failed: ${event.error.message}`);
|
||||
},
|
||||
"item.started": (event, commandExecutionIds, thinkingTimer) => {
|
||||
const item = event.item;
|
||||
if (item.type === "command_execution") {
|
||||
commandExecutionIds.add(item.id);
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({
|
||||
toolName: item.command,
|
||||
input: (item as any).args || {},
|
||||
});
|
||||
} else if (item.type === "agent_message") {
|
||||
// Will be handled on completion
|
||||
} else if (item.type === "mcp_tool_call") {
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({
|
||||
toolName: item.tool,
|
||||
input: {
|
||||
server: item.server,
|
||||
...((item as any).arguments || {}),
|
||||
},
|
||||
});
|
||||
}
|
||||
// Reasoning items are handled on completion for better readability
|
||||
},
|
||||
"item.updated": (event) => {
|
||||
const item = event.item;
|
||||
if (item.type === "command_execution") {
|
||||
if (item.status === "in_progress" && item.aggregated_output) {
|
||||
// Command is still running, could show progress if needed
|
||||
}
|
||||
}
|
||||
},
|
||||
"item.completed": (event, commandExecutionIds, thinkingTimer) => {
|
||||
const item = event.item;
|
||||
if (item.type === "agent_message") {
|
||||
log.box(item.text.trim(), { title: "Codex" });
|
||||
} else if (item.type === "command_execution") {
|
||||
const isTracked = commandExecutionIds.has(item.id);
|
||||
if (isTracked) {
|
||||
thinkingTimer.markToolResult();
|
||||
log.startGroup(`shell output`);
|
||||
if (item.status === "failed" || (item.exit_code !== undefined && item.exit_code !== 0)) {
|
||||
log.info(item.aggregated_output || "Command failed");
|
||||
} else {
|
||||
log.info(item.aggregated_output || "");
|
||||
}
|
||||
log.endGroup();
|
||||
commandExecutionIds.delete(item.id);
|
||||
}
|
||||
} else if (item.type === "mcp_tool_call") {
|
||||
thinkingTimer.markToolResult();
|
||||
if (item.status === "failed" && item.error) {
|
||||
log.info(`MCP tool call failed: ${item.error.message}`);
|
||||
} else if ((item as any).output) {
|
||||
// log successful MCP tool call output so it appears in captured output
|
||||
const output = (item as any).output;
|
||||
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
|
||||
log.debug(`tool output: ${outputStr}`);
|
||||
}
|
||||
} else if (item.type === "reasoning") {
|
||||
// Display reasoning in a human-readable format
|
||||
const reasoningText = item.text.trim();
|
||||
// Remove markdown bold markers if present for cleaner output
|
||||
const cleanText = reasoningText.replace(/\*\*/g, "");
|
||||
log.box(cleanText, { title: "Codex" });
|
||||
}
|
||||
},
|
||||
error: (event) => {
|
||||
log.info(`Error: ${event.message}`);
|
||||
},
|
||||
};
|
||||
}
|
||||
@@ -1,447 +0,0 @@
|
||||
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
|
||||
// changes to tool permissions should be reflected in wiki/granular-tools.md
|
||||
// changes to web search configuration should be reflected in wiki/websearch.md
|
||||
import { spawn } from "node:child_process";
|
||||
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
|
||||
import { homedir } from "node:os";
|
||||
import { join } from "node:path";
|
||||
import { performance } from "node:perf_hooks";
|
||||
import type { Effort } from "../external.ts";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import { markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromDirectTarball } from "../utils/install.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { type AgentRunContext, agent } from "./shared.ts";
|
||||
|
||||
// pinned CLI version — cursor-agent is downloaded as a tarball from downloads.cursor.com.
|
||||
// the version format is {date}-{commit_hash}. update by inspecting the install script:
|
||||
// curl -fsSL https://cursor.com/install | grep DOWNLOAD_URL
|
||||
const CURSOR_CLI_VERSION = "2026.01.28-fd13201";
|
||||
|
||||
// effort configuration for Cursor
|
||||
// only "max" overrides the model; mini/auto use default ("auto")
|
||||
const cursorEffortModels: Record<Effort, string | null> = {
|
||||
mini: null, // use default (auto)
|
||||
auto: null, // use default (auto)
|
||||
max: "opus-4.5-thinking",
|
||||
} as const;
|
||||
|
||||
// cursor cli event types inferred from stream-json output
|
||||
interface CursorSystemEvent {
|
||||
type: "system";
|
||||
subtype?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface CursorUserEvent {
|
||||
type: "user";
|
||||
message?: {
|
||||
role: string;
|
||||
content: Array<{ type: string; text?: string }>;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface CursorThinkingEvent {
|
||||
type: "thinking";
|
||||
subtype: "delta" | "completed";
|
||||
text?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface CursorAssistantEvent {
|
||||
type: "assistant";
|
||||
model_call_id?: string;
|
||||
message?: {
|
||||
role: string;
|
||||
content: Array<{ type: string; text?: string }>;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface CursorToolCallEvent {
|
||||
type: "tool_call";
|
||||
subtype: "started" | "completed";
|
||||
call_id?: string;
|
||||
tool_call?: {
|
||||
mcpToolCall?: {
|
||||
args?: {
|
||||
name?: string;
|
||||
args?: unknown;
|
||||
toolName?: string;
|
||||
providerIdentifier?: string;
|
||||
};
|
||||
result?: {
|
||||
success?: {
|
||||
content?: Array<{ text?: { text?: string } }>;
|
||||
isError?: boolean;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface CursorResultEvent {
|
||||
type: "result";
|
||||
subtype: "success" | "error";
|
||||
result?: string;
|
||||
duration_ms?: number;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
type CursorEvent =
|
||||
| CursorSystemEvent
|
||||
| CursorUserEvent
|
||||
| CursorThinkingEvent
|
||||
| CursorAssistantEvent
|
||||
| CursorToolCallEvent
|
||||
| CursorResultEvent;
|
||||
|
||||
async function installCursor(): Promise<string> {
|
||||
const os = process.platform === "darwin" ? "darwin" : "linux";
|
||||
const arch = process.arch === "arm64" ? "arm64" : "x64";
|
||||
return await installFromDirectTarball({
|
||||
url: `https://downloads.cursor.com/lab/${CURSOR_CLI_VERSION}/${os}/${arch}/agent-cli-package.tar.gz`,
|
||||
executablePath: "cursor-agent",
|
||||
stripComponents: 1,
|
||||
});
|
||||
}
|
||||
|
||||
export const cursor = agent({
|
||||
name: "cursor",
|
||||
install: installCursor,
|
||||
run: async (ctx) => {
|
||||
// validate API key exists for headless/CI authentication
|
||||
const apiKey = process.env.CURSOR_API_KEY;
|
||||
if (!apiKey) {
|
||||
throw new Error("CURSOR_API_KEY is required for cursor agent");
|
||||
}
|
||||
|
||||
// install CLI at start of run
|
||||
const cliPath = await installCursor();
|
||||
|
||||
configureCursorMcpServers(ctx);
|
||||
configureCursorTools(ctx);
|
||||
|
||||
// determine model based on effort level
|
||||
// respect project's .cursor/cli.json if it specifies a model
|
||||
const projectCliConfigPath = join(process.cwd(), ".cursor", "cli.json");
|
||||
let modelOverride: string | null = null;
|
||||
|
||||
if (existsSync(projectCliConfigPath)) {
|
||||
try {
|
||||
const projectConfig = JSON.parse(readFileSync(projectCliConfigPath, "utf-8"));
|
||||
if (projectConfig.model) {
|
||||
log.info(`» model: ${projectConfig.model} (from .cursor/cli.json)`);
|
||||
} else {
|
||||
modelOverride = cursorEffortModels[ctx.payload.effort];
|
||||
}
|
||||
} catch {
|
||||
modelOverride = cursorEffortModels[ctx.payload.effort];
|
||||
}
|
||||
} else {
|
||||
modelOverride = cursorEffortModels[ctx.payload.effort];
|
||||
}
|
||||
|
||||
if (modelOverride) {
|
||||
log.info(`» model: ${modelOverride}`);
|
||||
} else if (!existsSync(projectCliConfigPath)) {
|
||||
log.info(`» model: default`);
|
||||
}
|
||||
|
||||
// track logged model_call_ids to avoid duplicates
|
||||
// cursor emits each assistant message twice: once without model_call_id, then again with it
|
||||
const loggedModelCallIds = new Set<string>();
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
const messageHandlers = {
|
||||
system: (_event: CursorSystemEvent) => {
|
||||
// system init events - no logging needed
|
||||
},
|
||||
user: (_event: CursorUserEvent) => {
|
||||
// user messages already logged in prompt box
|
||||
},
|
||||
thinking: (_event: CursorThinkingEvent) => {
|
||||
// thinking events are internal - no logging needed
|
||||
},
|
||||
assistant: (event: CursorAssistantEvent) => {
|
||||
const text = event.message?.content?.[0]?.text?.trim();
|
||||
if (!text) return;
|
||||
|
||||
if (event.model_call_id) {
|
||||
// complete message with model_call_id - log it if we haven't seen this id before
|
||||
// cursor emits each message twice: first without model_call_id, then with it
|
||||
// we deduplicate by model_call_id to avoid logging the same message twice
|
||||
if (!loggedModelCallIds.has(event.model_call_id)) {
|
||||
loggedModelCallIds.add(event.model_call_id);
|
||||
log.box(text, { title: "Cursor" });
|
||||
}
|
||||
} else {
|
||||
// message without model_call_id - log it immediately
|
||||
// this handles cases where:
|
||||
// 1. the final summary message might only be emitted without model_call_id
|
||||
// 2. messages that don't get re-emitted with model_call_id
|
||||
// without this, the final comprehensive summary wouldn't print (as we discovered)
|
||||
log.box(text, { title: "Cursor" });
|
||||
}
|
||||
},
|
||||
tool_call: (event: CursorToolCallEvent) => {
|
||||
if (event.subtype === "started") {
|
||||
// handle both MCP tools and built-in tools (shell, WebFetch, etc)
|
||||
const mcpToolCall = event.tool_call?.mcpToolCall;
|
||||
const builtinToolCall = (event.tool_call as any)?.builtinToolCall;
|
||||
|
||||
thinkingTimer.markToolCall();
|
||||
if (mcpToolCall?.args?.toolName && mcpToolCall?.args?.args) {
|
||||
log.toolCall({
|
||||
toolName: mcpToolCall.args.toolName,
|
||||
input: mcpToolCall.args.args,
|
||||
});
|
||||
} else if (builtinToolCall?.args?.name && builtinToolCall?.args?.args) {
|
||||
log.toolCall({
|
||||
toolName: builtinToolCall.args.name,
|
||||
input: builtinToolCall.args.args,
|
||||
});
|
||||
}
|
||||
} else if (event.subtype === "completed") {
|
||||
thinkingTimer.markToolResult();
|
||||
const result = event.tool_call?.mcpToolCall?.result?.success;
|
||||
const isError = result?.isError;
|
||||
if (isError) {
|
||||
log.info("Tool call failed");
|
||||
} else {
|
||||
// log successful tool result so it appears in output
|
||||
// handle both formats: { text: string } or { text: { text: string } }
|
||||
const contentItem = result?.content?.[0];
|
||||
const textValue = contentItem?.text;
|
||||
const text = typeof textValue === "string" ? textValue : textValue?.text;
|
||||
if (text) {
|
||||
log.debug(`tool output: ${text}`);
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
result: async (event: CursorResultEvent) => {
|
||||
if (event.subtype === "success" && event.duration_ms) {
|
||||
const durationSec = (event.duration_ms / 1000).toFixed(1);
|
||||
log.debug(`Cursor completed in ${durationSec}s`);
|
||||
// note: we don't log event.result here because it contains the full conversation
|
||||
// concatenated together, which would duplicate all the individual assistant
|
||||
// messages we've already logged. the individual assistant events are sufficient.
|
||||
}
|
||||
},
|
||||
};
|
||||
|
||||
try {
|
||||
// build CLI args
|
||||
// IMPORTANT: prompt is a POSITIONAL argument and must come LAST
|
||||
// --print is a FLAG (not an option that takes a value)
|
||||
const baseArgs = [
|
||||
"--print",
|
||||
"--output-format",
|
||||
"stream-json",
|
||||
"--approve-mcps",
|
||||
"--api-key",
|
||||
apiKey,
|
||||
];
|
||||
|
||||
// add model flag if we have an override
|
||||
if (modelOverride) {
|
||||
baseArgs.push("--model", modelOverride);
|
||||
}
|
||||
|
||||
// always use --force since permissions are controlled via cli-config.json
|
||||
// prompt MUST be last as a positional argument
|
||||
const cursorArgs = [...baseArgs, "--force", ctx.instructions.full];
|
||||
|
||||
log.info("» running Cursor CLI...");
|
||||
|
||||
const startTime = performance.now();
|
||||
|
||||
// create env without XDG_CONFIG_HOME so CLI uses $HOME/.cursor/ where we wrote config
|
||||
const cliEnv = Object.fromEntries(
|
||||
Object.entries(process.env).filter(([key]) => key !== "XDG_CONFIG_HOME")
|
||||
);
|
||||
|
||||
return new Promise((resolve) => {
|
||||
const child = spawn(cliPath, cursorArgs, {
|
||||
cwd: process.cwd(),
|
||||
env: cliEnv,
|
||||
stdio: ["ignore", "pipe", "pipe"],
|
||||
});
|
||||
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
let stdoutBuffer = "";
|
||||
|
||||
child.on("spawn", () => {
|
||||
log.debug("Cursor CLI process spawned");
|
||||
});
|
||||
|
||||
child.stdout?.on("data", async (data) => {
|
||||
const text = data.toString();
|
||||
stdout += text;
|
||||
markActivity(); // reset activity timeout on any CLI output
|
||||
|
||||
// buffer incomplete lines across chunks (NDJSON format)
|
||||
stdoutBuffer += text;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
|
||||
// keep the last element (may be incomplete) in the buffer
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) continue;
|
||||
|
||||
try {
|
||||
const event = JSON.parse(trimmed) as CursorEvent;
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
|
||||
// skip empty thinking deltas
|
||||
if (event.type === "thinking" && event.subtype === "delta" && !event.text) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// route to appropriate handler
|
||||
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
|
||||
if (handler) {
|
||||
await handler(event as never);
|
||||
}
|
||||
} catch {
|
||||
// ignore parse errors - might be formatted tool call logs from cursor cli
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
child.stderr?.on("data", (data) => {
|
||||
const text = data.toString();
|
||||
stderr += text;
|
||||
process.stderr.write(text);
|
||||
log.info(text);
|
||||
});
|
||||
|
||||
child.on("close", async (code, signal) => {
|
||||
if (signal) {
|
||||
log.info(`Cursor CLI terminated by signal: ${signal}`);
|
||||
}
|
||||
|
||||
const duration = ((performance.now() - startTime) / 1000).toFixed(1);
|
||||
|
||||
if (code === 0) {
|
||||
log.success(`Cursor CLI completed successfully in ${duration}s`);
|
||||
resolve({
|
||||
success: true,
|
||||
output: stdout.trim(),
|
||||
});
|
||||
} else {
|
||||
const errorMessage = stderr || `Cursor CLI exited with code ${code}`;
|
||||
log.error(`Cursor CLI failed after ${duration}s: ${errorMessage}`);
|
||||
resolve({
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: stdout.trim(),
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
child.on("error", (error) => {
|
||||
const duration = ((performance.now() - startTime) / 1000).toFixed(1);
|
||||
const errorMessage = error.message || String(error);
|
||||
log.error(`Cursor CLI execution failed after ${duration}s: ${errorMessage}`);
|
||||
resolve({
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: stdout.trim(),
|
||||
});
|
||||
});
|
||||
});
|
||||
} catch (error) {
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
log.error(`Cursor execution failed: ${errorMessage}`);
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: "",
|
||||
};
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
// get the cursor config directory
|
||||
// always use $HOME/.cursor/ for consistency
|
||||
// when spawning the CLI, we unset XDG_CONFIG_HOME so it looks here too
|
||||
function getCursorConfigDir(): string {
|
||||
return join(homedir(), ".cursor");
|
||||
}
|
||||
|
||||
// There was an issue on macOS when you set HOME to a temp directory
|
||||
// it was unable to find the macOS keychain and would fail
|
||||
// temp solution is to stick with the actual $HOME
|
||||
function configureCursorMcpServers(ctx: AgentRunContext): void {
|
||||
const cursorConfigDir = getCursorConfigDir();
|
||||
const mcpConfigPath = join(cursorConfigDir, "mcp.json");
|
||||
mkdirSync(cursorConfigDir, { recursive: true });
|
||||
|
||||
const mcpServers = {
|
||||
[ghPullfrogMcpName]: { type: "http", url: ctx.mcpServerUrl },
|
||||
};
|
||||
writeFileSync(mcpConfigPath, JSON.stringify({ mcpServers }, null, 2), "utf-8");
|
||||
log.info(`» MCP config written to ${mcpConfigPath}`);
|
||||
}
|
||||
|
||||
interface CursorCliConfig {
|
||||
permissions: {
|
||||
allow: string[];
|
||||
deny: string[];
|
||||
};
|
||||
sandbox?: {
|
||||
mode: "enabled" | "disabled";
|
||||
networkAccess?: "allowlist" | "full";
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Configure Cursor CLI tool permissions via cli-config.json.
|
||||
*
|
||||
* Config path: $HOME/.cursor/cli-config.json
|
||||
*/
|
||||
function configureCursorTools(ctx: AgentRunContext): void {
|
||||
const cursorConfigDir = getCursorConfigDir();
|
||||
const cliConfigPath = join(cursorConfigDir, "cli-config.json");
|
||||
mkdirSync(cursorConfigDir, { recursive: true });
|
||||
|
||||
// build deny list based on tool permissions
|
||||
const shell = ctx.payload.shell;
|
||||
const deny: string[] = [];
|
||||
if (ctx.payload.search === "disabled") deny.push("WebSearch");
|
||||
// both "disabled" and "restricted" block native shell
|
||||
if (shell !== "enabled") deny.push("Shell(*)");
|
||||
// always block native file tools (use MCP file_read/file_write instead)
|
||||
deny.push("Read(*)", "Write(*)", "StrReplace(*)", "EditNotebook(*)", "Delete(*)");
|
||||
// block built-in subagent spawning — delegation is handled by gh_pullfrog/delegate
|
||||
deny.push("Task(*)");
|
||||
|
||||
const config: CursorCliConfig = {
|
||||
permissions: {
|
||||
allow: [],
|
||||
deny,
|
||||
},
|
||||
};
|
||||
|
||||
// web: "disabled" requires sandbox with network blocking
|
||||
// sandbox.networkAccess: "allowlist" blocks network in shell subprocesses via seatbelt
|
||||
if (ctx.payload.web === "disabled") {
|
||||
config.sandbox = {
|
||||
mode: "enabled",
|
||||
networkAccess: "allowlist",
|
||||
};
|
||||
}
|
||||
|
||||
writeFileSync(cliConfigPath, JSON.stringify(config, null, 2), "utf-8");
|
||||
log.info(`» CLI config written to ${cliConfigPath}`);
|
||||
log.debug(`» disallowed built-ins: ${JSON.stringify(deny)}`);
|
||||
log.debug(`» CLI config contents: ${JSON.stringify(config, null, 2)}`);
|
||||
}
|
||||
@@ -1,440 +0,0 @@
|
||||
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
|
||||
// changes to tool permissions should be reflected in wiki/granular-tools.md
|
||||
// changes to web search configuration should be reflected in wiki/websearch.md
|
||||
import { mkdirSync, readFileSync, writeFileSync } from "node:fs";
|
||||
import { homedir } from "node:os";
|
||||
import { join } from "node:path";
|
||||
import type { Effort } from "../external.ts";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import { markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromGithub } from "../utils/install.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { getGitHubInstallationToken } from "../utils/token.ts";
|
||||
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
|
||||
|
||||
// effort configuration: model + thinking level
|
||||
// thinkingLevel is set via settings.json modelConfig.generateContentConfig.thinkingConfig
|
||||
// see: https://ai.google.dev/gemini-api/docs/thinking#thinking-levels
|
||||
// latest models:
|
||||
const geminiEffortConfig: Record<Effort, { model: string; thinkingLevel: string }> = {
|
||||
// https://ai.google.dev/gemini-api/docs/models
|
||||
// the docs mention needing to enable preview features for these models but if you
|
||||
// pass the model directly it works if we ever did need to do something like this,
|
||||
// we could write to .gemini/settings.json
|
||||
mini: { model: "gemini-3-flash-preview", thinkingLevel: "LOW" },
|
||||
auto: { model: "gemini-3-pro-preview", thinkingLevel: "HIGH" },
|
||||
max: { model: "gemini-3-pro-preview", thinkingLevel: "HIGH" },
|
||||
} as const;
|
||||
|
||||
// gemini cli event types inferred from stream-json output (NDJSON format)
|
||||
interface GeminiInitEvent {
|
||||
type: "init";
|
||||
timestamp?: string;
|
||||
session_id?: string;
|
||||
model?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface GeminiMessageEvent {
|
||||
type: "message";
|
||||
timestamp?: string;
|
||||
role?: "user" | "assistant";
|
||||
content?: string;
|
||||
delta?: boolean;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface GeminiToolUseEvent {
|
||||
type: "tool_use";
|
||||
timestamp?: string;
|
||||
tool_name?: string;
|
||||
tool_id?: string;
|
||||
parameters?: unknown;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface GeminiToolResultEvent {
|
||||
type: "tool_result";
|
||||
timestamp?: string;
|
||||
tool_id?: string;
|
||||
status?: "success" | "error";
|
||||
output?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface GeminiResultEvent {
|
||||
type: "result";
|
||||
timestamp?: string;
|
||||
status?: "success" | "error";
|
||||
stats?: {
|
||||
total_tokens?: number;
|
||||
input_tokens?: number;
|
||||
output_tokens?: number;
|
||||
duration_ms?: number;
|
||||
tool_calls?: number;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
type GeminiEvent =
|
||||
| GeminiInitEvent
|
||||
| GeminiMessageEvent
|
||||
| GeminiToolUseEvent
|
||||
| GeminiToolResultEvent
|
||||
| GeminiResultEvent;
|
||||
|
||||
// pinned CLI version — gemini-cli is installed from GitHub releases, not npm
|
||||
const GEMINI_CLI_VERSION = "v0.28.2";
|
||||
|
||||
// transient API error patterns that warrant a retry.
|
||||
// these are server-side issues, not client errors.
|
||||
const TRANSIENT_ERROR_PATTERNS = [
|
||||
"INTERNAL",
|
||||
"status: 500",
|
||||
"status: 503",
|
||||
"UNAVAILABLE",
|
||||
"RESOURCE_EXHAUSTED",
|
||||
];
|
||||
|
||||
function isTransientApiError(output: string): boolean {
|
||||
return TRANSIENT_ERROR_PATTERNS.some((pattern) => output.includes(pattern));
|
||||
}
|
||||
|
||||
const MAX_ATTEMPTS = 2;
|
||||
const RETRY_DELAY_MS = 5_000;
|
||||
|
||||
// run-local state container — passed to handlers via closure for parallel-safe runs
|
||||
type GeminiRunState = {
|
||||
assistantMessageBuffer: string;
|
||||
usage: AgentUsage | null;
|
||||
};
|
||||
|
||||
function createMessageHandlers(runState: GeminiRunState) {
|
||||
return {
|
||||
init: (_event: GeminiInitEvent) => {
|
||||
log.debug(JSON.stringify(_event, null, 2));
|
||||
// initialization event - no logging needed
|
||||
runState.assistantMessageBuffer = "";
|
||||
},
|
||||
message: (event: GeminiMessageEvent) => {
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
if (event.role === "assistant" && event.content?.trim()) {
|
||||
if (event.delta) {
|
||||
// accumulate delta messages
|
||||
runState.assistantMessageBuffer += event.content;
|
||||
} else {
|
||||
// final message - log it
|
||||
const message = event.content.trim();
|
||||
if (message) {
|
||||
log.box(message, { title: "Gemini" });
|
||||
}
|
||||
runState.assistantMessageBuffer = "";
|
||||
}
|
||||
} else if (
|
||||
event.role === "assistant" &&
|
||||
!event.delta &&
|
||||
runState.assistantMessageBuffer.trim()
|
||||
) {
|
||||
// if we have buffered content and get a non-delta message, log the buffer
|
||||
log.box(runState.assistantMessageBuffer.trim(), { title: "Gemini" });
|
||||
runState.assistantMessageBuffer = "";
|
||||
}
|
||||
},
|
||||
tool_use: (event: GeminiToolUseEvent, thinkingTimer: ThinkingTimer) => {
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
if (event.tool_name) {
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({
|
||||
toolName: event.tool_name,
|
||||
input: event.parameters || {},
|
||||
});
|
||||
}
|
||||
},
|
||||
tool_result: (event: GeminiToolResultEvent, thinkingTimer: ThinkingTimer) => {
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
thinkingTimer.markToolResult();
|
||||
if (event.status === "error") {
|
||||
const errorMsg =
|
||||
typeof event.output === "string" ? event.output : JSON.stringify(event.output);
|
||||
log.info(`Tool call failed: ${errorMsg}`);
|
||||
} else if (event.output) {
|
||||
// log successful tool result so it appears in output
|
||||
const outputStr =
|
||||
typeof event.output === "string" ? event.output : JSON.stringify(event.output);
|
||||
log.debug(`tool output: ${outputStr}`);
|
||||
}
|
||||
},
|
||||
result: async (event: GeminiResultEvent) => {
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
// log any remaining buffered assistant message
|
||||
if (runState.assistantMessageBuffer.trim()) {
|
||||
log.box(runState.assistantMessageBuffer.trim(), { title: "Gemini" });
|
||||
runState.assistantMessageBuffer = "";
|
||||
}
|
||||
|
||||
if (event.status === "success" && event.stats) {
|
||||
const stats = event.stats;
|
||||
|
||||
runState.usage = {
|
||||
agent: "gemini",
|
||||
inputTokens: stats.input_tokens ?? 0,
|
||||
outputTokens: stats.output_tokens ?? 0,
|
||||
};
|
||||
|
||||
const rows: Array<Array<{ data: string; header?: boolean } | string>> = [
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
{ data: "Total Tokens", header: true },
|
||||
{ data: "Tool Calls", header: true },
|
||||
{ data: "Duration (ms)", header: true },
|
||||
],
|
||||
[
|
||||
String(stats.input_tokens || 0),
|
||||
String(stats.output_tokens || 0),
|
||||
String(stats.total_tokens || 0),
|
||||
String(stats.tool_calls || 0),
|
||||
String(stats.duration_ms || 0),
|
||||
],
|
||||
];
|
||||
log.table(rows);
|
||||
} else if (event.status === "error") {
|
||||
log.error(`Gemini CLI failed: ${JSON.stringify(event)}`);
|
||||
}
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
async function installGemini(githubInstallationToken?: string): Promise<string> {
|
||||
return await installFromGithub({
|
||||
owner: "google-gemini",
|
||||
repo: "gemini-cli",
|
||||
tag: GEMINI_CLI_VERSION,
|
||||
assetName: "gemini.js",
|
||||
...(githubInstallationToken && { githubInstallationToken }),
|
||||
});
|
||||
}
|
||||
|
||||
export const gemini = agent({
|
||||
name: "gemini",
|
||||
install: installGemini,
|
||||
run: async (ctx) => {
|
||||
// install CLI at start of run - use token for GitHub API rate limiting
|
||||
const cliPath = await installGemini(getGitHubInstallationToken());
|
||||
|
||||
const model = configureGeminiSettings(ctx);
|
||||
|
||||
if (!process.env.GOOGLE_API_KEY && !process.env.GEMINI_API_KEY) {
|
||||
throw new Error("GOOGLE_API_KEY or GEMINI_API_KEY is required for gemini agent");
|
||||
}
|
||||
|
||||
// build CLI args - --yolo for auto-approval
|
||||
// tool restrictions handled via settings.json tools.exclude
|
||||
const args = [
|
||||
"--model",
|
||||
model,
|
||||
"--yolo",
|
||||
"--output-format=stream-json",
|
||||
"-p",
|
||||
ctx.instructions.full,
|
||||
];
|
||||
|
||||
for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
|
||||
let finalOutput = "";
|
||||
let stdoutBuffer = "";
|
||||
const runState: GeminiRunState = { assistantMessageBuffer: "", usage: null };
|
||||
const messageHandlers = createMessageHandlers(runState);
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
try {
|
||||
const result = await spawn({
|
||||
cmd: "node",
|
||||
args: [cliPath, ...args],
|
||||
env: process.env,
|
||||
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
|
||||
onStdout: async (chunk) => {
|
||||
const text = chunk.toString();
|
||||
finalOutput += text;
|
||||
markActivity(); // reset activity timeout on any CLI output
|
||||
|
||||
// buffer incomplete lines across chunks (NDJSON format)
|
||||
stdoutBuffer += text;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
|
||||
// keep the last element (may be incomplete) in the buffer
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) continue;
|
||||
|
||||
log.debug(`[gemini stdout] ${trimmed}`);
|
||||
|
||||
try {
|
||||
const event = JSON.parse(trimmed) as GeminiEvent;
|
||||
markActivity(); // reset activity timeout on every event
|
||||
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
|
||||
if (handler) {
|
||||
await handler(event as never, thinkingTimer);
|
||||
}
|
||||
} catch {
|
||||
// ignore parse errors - might be non-JSON output from gemini cli
|
||||
log.debug(`[gemini] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
|
||||
}
|
||||
}
|
||||
},
|
||||
onStderr: (chunk) => {
|
||||
const trimmed = chunk.trim();
|
||||
if (trimmed) {
|
||||
log.info(`[gemini stderr] ${trimmed}`);
|
||||
finalOutput += trimmed + "\n";
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
if (result.exitCode !== 0) {
|
||||
const errorMessage =
|
||||
result.stderr ||
|
||||
finalOutput ||
|
||||
result.stdout ||
|
||||
"Unknown error - no output from Gemini CLI";
|
||||
|
||||
// retry on transient API errors (500, 503, INTERNAL, etc.)
|
||||
if (attempt < MAX_ATTEMPTS && isTransientApiError(errorMessage)) {
|
||||
log.info(
|
||||
`» transient Gemini API error on attempt ${attempt}/${MAX_ATTEMPTS}, retrying in ${RETRY_DELAY_MS / 1000}s...`
|
||||
);
|
||||
await new Promise((resolve) => setTimeout(resolve, RETRY_DELAY_MS));
|
||||
continue;
|
||||
}
|
||||
|
||||
log.error(`Gemini CLI exited with code ${result.exitCode}: ${errorMessage}`);
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: finalOutput || result.stdout || "",
|
||||
usage: runState.usage ?? undefined,
|
||||
};
|
||||
}
|
||||
|
||||
finalOutput = finalOutput || result.stdout || "Gemini CLI completed successfully.";
|
||||
log.info("» Gemini CLI completed successfully");
|
||||
|
||||
return {
|
||||
success: true,
|
||||
output: finalOutput,
|
||||
usage: runState.usage ?? undefined,
|
||||
};
|
||||
} catch (error) {
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
|
||||
// retry on transient API errors from spawn exceptions too
|
||||
if (attempt < MAX_ATTEMPTS && isTransientApiError(errorMessage)) {
|
||||
log.info(
|
||||
`» transient Gemini API error on attempt ${attempt}/${MAX_ATTEMPTS}, retrying in ${RETRY_DELAY_MS / 1000}s...`
|
||||
);
|
||||
await new Promise((resolve) => setTimeout(resolve, RETRY_DELAY_MS));
|
||||
continue;
|
||||
}
|
||||
|
||||
log.error(`Failed to run Gemini CLI: ${errorMessage}`);
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
output: finalOutput || "",
|
||||
usage: runState.usage ?? undefined,
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
// should never reach here, but satisfy TypeScript
|
||||
return { success: false, error: "exhausted all retry attempts", output: "" };
|
||||
},
|
||||
});
|
||||
|
||||
/**
|
||||
* Configure Gemini CLI settings by writing to settings.json.
|
||||
* Returns the model to use for CLI args.
|
||||
*
|
||||
* See: https://github.com/google-gemini/gemini-cli/blob/main/docs/get-started/configuration.md
|
||||
*/
|
||||
function configureGeminiSettings(ctx: AgentRunContext): string {
|
||||
const effortConfig = geminiEffortConfig[ctx.payload.effort];
|
||||
// allow env var override for tests (e.g., to avoid flash RPD quota limits)
|
||||
const model = process.env.GEMINI_MODEL ?? effortConfig.model;
|
||||
const thinkingLevel = effortConfig.thinkingLevel;
|
||||
log.info(`» model: ${model} (thinkingLevel: ${thinkingLevel})`);
|
||||
|
||||
const realHome = homedir();
|
||||
const geminiConfigDir = join(realHome, ".gemini");
|
||||
const settingsPath = join(geminiConfigDir, "settings.json");
|
||||
mkdirSync(geminiConfigDir, { recursive: true });
|
||||
|
||||
// read existing settings if present
|
||||
let existingSettings: Record<string, unknown> = {};
|
||||
try {
|
||||
const content = readFileSync(settingsPath, "utf-8");
|
||||
existingSettings = JSON.parse(content);
|
||||
} catch {
|
||||
// file doesn't exist or is invalid - start fresh
|
||||
}
|
||||
|
||||
// convert to Gemini's expected format (httpUrl for HTTP transport, no type field)
|
||||
interface GeminiMcpServerConfig {
|
||||
command?: string;
|
||||
args?: string[];
|
||||
env?: Record<string, string>;
|
||||
cwd?: string;
|
||||
url?: string;
|
||||
httpUrl?: string;
|
||||
headers?: Record<string, string>;
|
||||
timeout?: number;
|
||||
trust?: boolean;
|
||||
description?: string;
|
||||
includeTools?: string[];
|
||||
excludeTools?: string[];
|
||||
}
|
||||
log.info(`» adding MCP server '${ghPullfrogMcpName}' at ${ctx.mcpServerUrl}...`);
|
||||
const geminiMcpServers: Record<string, GeminiMcpServerConfig> = {
|
||||
[ghPullfrogMcpName]: {
|
||||
httpUrl: ctx.mcpServerUrl,
|
||||
trust: true, // trust our own MCP server to avoid confirmation prompts
|
||||
},
|
||||
};
|
||||
|
||||
// build tools.exclude based on permissions (v0.3.0+ nested format)
|
||||
const shell = ctx.payload.shell;
|
||||
const exclude: string[] = [];
|
||||
if (shell !== "enabled") exclude.push("run_shell_command");
|
||||
if (ctx.payload.web === "disabled") exclude.push("web_fetch");
|
||||
if (ctx.payload.search === "disabled") exclude.push("google_web_search");
|
||||
// always block native file tools (use MCP file_read/file_write instead)
|
||||
exclude.push("read_file", "write_file", "list_directory");
|
||||
|
||||
// merge with existing settings, overwriting mcpServers and modelConfig
|
||||
const newSettings: Record<string, unknown> = {
|
||||
...existingSettings,
|
||||
mcpServers: geminiMcpServers,
|
||||
// configure thinking level via modelConfig
|
||||
// see: https://ai.google.dev/api/generate-content (ThinkingConfig)
|
||||
modelConfig: {
|
||||
generateContentConfig: {
|
||||
thinkingConfig: {
|
||||
thinkingLevel,
|
||||
},
|
||||
},
|
||||
},
|
||||
// v0.3.0+ nested format
|
||||
...(exclude.length > 0 && { tools: { exclude } }),
|
||||
};
|
||||
|
||||
writeFileSync(settingsPath, JSON.stringify(newSettings, null, 2), "utf-8");
|
||||
log.info(`» Gemini settings written to ${settingsPath}`);
|
||||
if (exclude.length > 0) {
|
||||
log.debug(`» disallowed built-ins: ${JSON.stringify(exclude)}`);
|
||||
}
|
||||
|
||||
return model;
|
||||
}
|
||||
+2
-13
@@ -1,17 +1,6 @@
|
||||
import type { AgentName } from "../external.ts";
|
||||
import { claude } from "./claude.ts";
|
||||
import { codex } from "./codex.ts";
|
||||
import { cursor } from "./cursor.ts";
|
||||
import { gemini } from "./gemini.ts";
|
||||
import { opencode } from "./opencode.ts";
|
||||
import { opentoad } from "./opentoad.ts";
|
||||
import type { Agent } from "./shared.ts";
|
||||
|
||||
export type { Agent, AgentUsage } from "./shared.ts";
|
||||
|
||||
export const agents = {
|
||||
claude,
|
||||
codex,
|
||||
cursor,
|
||||
gemini,
|
||||
opencode,
|
||||
} satisfies Record<AgentName, Agent>;
|
||||
export const agents = { opentoad } satisfies Record<string, Agent>;
|
||||
|
||||
@@ -1,875 +0,0 @@
|
||||
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
|
||||
// changes to tool permissions should be reflected in wiki/granular-tools.md
|
||||
// changes to web search configuration should be reflected in wiki/websearch.md
|
||||
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
|
||||
import { join } from "node:path";
|
||||
import { performance } from "node:perf_hooks";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import { getIdleMs, markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromNpmTarball } from "../utils/install.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
|
||||
|
||||
// pinned CLI version — no 1-1 package.json dependency for the CLI package
|
||||
// (package.json has @opencode-ai/sdk which is the SDK, not the CLI)
|
||||
const OPENCODE_CLI_VERSION = "1.1.56";
|
||||
|
||||
// known provider error patterns in stderr (from --print-logs output).
|
||||
// when OpenCode encounters these, it often goes silent on stdout (Issue #752),
|
||||
// so we surface them prominently instead of burying them in debug warnings.
|
||||
const PROVIDER_ERROR_PATTERNS = [
|
||||
{ pattern: "429", label: "rate limited (429)" },
|
||||
{ pattern: "RESOURCE_EXHAUSTED", label: "quota exhausted" },
|
||||
{ pattern: "quota", label: "quota error" },
|
||||
{ pattern: "status: 500", label: "provider 500 error" },
|
||||
{ pattern: "INTERNAL", label: "provider internal error" },
|
||||
{ pattern: "status: 503", label: "provider unavailable (503)" },
|
||||
{ pattern: "UNAVAILABLE", label: "provider unavailable" },
|
||||
{ pattern: "rate limit", label: "rate limited" },
|
||||
{ pattern: "limit: 0", label: "zero quota" },
|
||||
];
|
||||
|
||||
function detectProviderError(text: string): string | null {
|
||||
for (const entry of PROVIDER_ERROR_PATTERNS) {
|
||||
if (text.includes(entry.pattern)) return entry.label;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
type OpenCodeConfig = {
|
||||
mcp?: Record<string, unknown>;
|
||||
permission?: Record<string, unknown>;
|
||||
provider?: Record<string, unknown>;
|
||||
model?: string;
|
||||
enabled_providers?: string[];
|
||||
[key: string]: unknown;
|
||||
};
|
||||
|
||||
type RecordPropertyContext = {
|
||||
value: unknown;
|
||||
key: string;
|
||||
};
|
||||
|
||||
type RepoConfigLoadContext = {
|
||||
repoConfigPath: string;
|
||||
};
|
||||
|
||||
type ProviderFromModelContext = {
|
||||
model: string;
|
||||
};
|
||||
|
||||
type InlineConfigOverrideContext = {
|
||||
model: string;
|
||||
};
|
||||
|
||||
type InlineConfigOverride = {
|
||||
providerId: string;
|
||||
content: string;
|
||||
};
|
||||
|
||||
type ModelOverrideResolutionContext = {
|
||||
effort: AgentRunContext["payload"]["effort"];
|
||||
env: NodeJS.ProcessEnv;
|
||||
};
|
||||
|
||||
type ModelOverrideResolution = {
|
||||
model: string;
|
||||
source: "OPENCODE_MODEL_MINI" | "OPENCODE_MODEL_MAX" | "OPENCODE_MODEL";
|
||||
};
|
||||
|
||||
function isRecord(value: unknown): value is Record<string, unknown> {
|
||||
return typeof value === "object" && value !== null && !Array.isArray(value);
|
||||
}
|
||||
|
||||
function getRecordProperty(ctx: RecordPropertyContext): Record<string, unknown> | undefined {
|
||||
if (!isRecord(ctx.value)) {
|
||||
return undefined;
|
||||
}
|
||||
const propertyValue = ctx.value[ctx.key];
|
||||
if (!isRecord(propertyValue)) {
|
||||
return undefined;
|
||||
}
|
||||
return propertyValue;
|
||||
}
|
||||
|
||||
function loadRepoOpenCodeConfig(ctx: RepoConfigLoadContext): OpenCodeConfig | undefined {
|
||||
if (!existsSync(ctx.repoConfigPath)) {
|
||||
log.info(`» repo opencode.json not found at ${ctx.repoConfigPath}`);
|
||||
return undefined;
|
||||
}
|
||||
|
||||
try {
|
||||
const rawConfig = readFileSync(ctx.repoConfigPath, "utf-8");
|
||||
const parsedConfig = JSON.parse(rawConfig);
|
||||
if (!isRecord(parsedConfig)) {
|
||||
log.warning(`» repo opencode.json is not an object: ${ctx.repoConfigPath}`);
|
||||
return undefined;
|
||||
}
|
||||
|
||||
const providerConfig = getRecordProperty({ value: parsedConfig, key: "provider" });
|
||||
if (providerConfig) {
|
||||
const providerNames = Object.keys(providerConfig);
|
||||
log.info(`» repo opencode provider config detected: ${providerNames.join(", ")}`);
|
||||
}
|
||||
|
||||
const result: OpenCodeConfig = parsedConfig;
|
||||
log.info(`» loaded repo opencode.json from ${ctx.repoConfigPath}`);
|
||||
return result;
|
||||
} catch (error) {
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
log.warning(`» failed to parse repo opencode.json at ${ctx.repoConfigPath}: ${errorMessage}`);
|
||||
return undefined;
|
||||
}
|
||||
}
|
||||
|
||||
function parseProviderFromModel(ctx: ProviderFromModelContext): string | undefined {
|
||||
const trimmedModel = ctx.model.trim();
|
||||
const slashIndex = trimmedModel.indexOf("/");
|
||||
if (slashIndex <= 0) {
|
||||
return undefined;
|
||||
}
|
||||
const providerId = trimmedModel.slice(0, slashIndex).trim().toLowerCase();
|
||||
if (!providerId) {
|
||||
return undefined;
|
||||
}
|
||||
return providerId;
|
||||
}
|
||||
|
||||
function buildInlineConfigOverride(
|
||||
ctx: InlineConfigOverrideContext
|
||||
): InlineConfigOverride | undefined {
|
||||
const providerId = parseProviderFromModel({ model: ctx.model });
|
||||
if (!providerId) {
|
||||
return undefined;
|
||||
}
|
||||
const inlineConfig: OpenCodeConfig = {
|
||||
model: ctx.model,
|
||||
enabled_providers: [providerId],
|
||||
};
|
||||
return {
|
||||
providerId,
|
||||
content: JSON.stringify(inlineConfig),
|
||||
};
|
||||
}
|
||||
|
||||
function readNonEmptyEnvVar(ctx: { env: NodeJS.ProcessEnv; name: string }): string | undefined {
|
||||
const value = ctx.env[ctx.name];
|
||||
if (!value) {
|
||||
return undefined;
|
||||
}
|
||||
const trimmed = value.trim();
|
||||
if (!trimmed) {
|
||||
return undefined;
|
||||
}
|
||||
return trimmed;
|
||||
}
|
||||
|
||||
function resolveModelOverride(
|
||||
ctx: ModelOverrideResolutionContext
|
||||
): ModelOverrideResolution | undefined {
|
||||
if (ctx.effort === "mini") {
|
||||
const miniModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL_MINI" });
|
||||
if (miniModel) {
|
||||
return { model: miniModel, source: "OPENCODE_MODEL_MINI" };
|
||||
}
|
||||
}
|
||||
|
||||
if (ctx.effort === "max") {
|
||||
const maxModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL_MAX" });
|
||||
if (maxModel) {
|
||||
return { model: maxModel, source: "OPENCODE_MODEL_MAX" };
|
||||
}
|
||||
}
|
||||
|
||||
const baseModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL" });
|
||||
if (!baseModel) {
|
||||
return undefined;
|
||||
}
|
||||
|
||||
return { model: baseModel, source: "OPENCODE_MODEL" };
|
||||
}
|
||||
|
||||
async function installOpencode(): Promise<string> {
|
||||
return await installFromNpmTarball({
|
||||
packageName: "opencode-ai",
|
||||
version: OPENCODE_CLI_VERSION,
|
||||
executablePath: "bin/opencode",
|
||||
installDependencies: true,
|
||||
});
|
||||
}
|
||||
|
||||
export const opencode = agent({
|
||||
name: "opencode",
|
||||
install: installOpencode,
|
||||
run: async (ctx) => {
|
||||
// install CLI at start of run
|
||||
const cliPath = await installOpencode();
|
||||
|
||||
// 1. configure home/config directory
|
||||
const tempHome = ctx.tmpdir;
|
||||
const configDir = join(tempHome, ".config", "opencode");
|
||||
mkdirSync(configDir, { recursive: true });
|
||||
|
||||
configureOpenCode(ctx);
|
||||
|
||||
// message positional must come right after "run", before flags.
|
||||
// --print-logs makes OpenCode write internal logs to stderr (otherwise they only go to a log file).
|
||||
// this is critical for debugging since opencode run suppresses errors by default (Issue #752).
|
||||
const args = ["run", ctx.instructions.full, "--format", "json", "--print-logs"];
|
||||
|
||||
// resolve model override from environment.
|
||||
// precedence:
|
||||
// 1) effort-specific overrides (OPENCODE_MODEL_MINI / OPENCODE_MODEL_MAX)
|
||||
// 2) OPENCODE_MODEL fallback
|
||||
// 3) OpenCode auto-select
|
||||
const modelOverride = resolveModelOverride({
|
||||
effort: ctx.payload.effort,
|
||||
env: process.env,
|
||||
});
|
||||
if (modelOverride) {
|
||||
args.push("--model", modelOverride.model);
|
||||
log.info(`» model: ${modelOverride.model} (override via ${modelOverride.source})`);
|
||||
} else {
|
||||
log.info(`» model: auto-selected by OpenCode`);
|
||||
}
|
||||
|
||||
process.env.HOME = tempHome;
|
||||
|
||||
// XDG_CONFIG_HOME must be set because GitHub Actions sets it to a different path,
|
||||
// and OpenCode follows XDG spec (checks XDG_CONFIG_HOME before falling back to $HOME/.config)
|
||||
const env: NodeJS.ProcessEnv = {
|
||||
...process.env,
|
||||
HOME: tempHome,
|
||||
XDG_CONFIG_HOME: join(tempHome, ".config"),
|
||||
// set GOOGLE_GENERATIVE_AI_API_KEY alias for Google provider compatibility (if not already set)
|
||||
GOOGLE_GENERATIVE_AI_API_KEY:
|
||||
process.env.GOOGLE_GENERATIVE_AI_API_KEY || process.env.GEMINI_API_KEY,
|
||||
};
|
||||
|
||||
if (modelOverride) {
|
||||
const inlineOverride = buildInlineConfigOverride({ model: modelOverride.model });
|
||||
if (inlineOverride) {
|
||||
env.OPENCODE_CONFIG_CONTENT = inlineOverride.content;
|
||||
log.info(
|
||||
`» OpenCode inline config override enabled: provider=${inlineOverride.providerId}, model=${modelOverride.model}`
|
||||
);
|
||||
} else {
|
||||
log.warning(
|
||||
`» skipping OpenCode inline config override: unable to parse provider from model "${modelOverride.model}"`
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
const hasOpenRouterKey = Boolean(env.OPENROUTER_API_KEY);
|
||||
const hasAnthropicKey = Boolean(env.ANTHROPIC_API_KEY);
|
||||
const hasOpenAiKey = Boolean(env.OPENAI_API_KEY);
|
||||
const hasGoogleKey = Boolean(
|
||||
env.GOOGLE_API_KEY || env.GEMINI_API_KEY || env.GOOGLE_GENERATIVE_AI_API_KEY
|
||||
);
|
||||
log.info(
|
||||
`» provider key presence: OPENROUTER=${hasOpenRouterKey ? "set" : "unset"}, ANTHROPIC=${hasAnthropicKey ? "set" : "unset"}, OPENAI=${hasOpenAiKey ? "set" : "unset"}, GOOGLE=${hasGoogleKey ? "set" : "unset"}`
|
||||
);
|
||||
|
||||
// OpenCode doesn't support GitHub App installation tokens
|
||||
delete env.GITHUB_TOKEN;
|
||||
|
||||
// run OpenCode in the repository directory (process.cwd() is set to GITHUB_WORKSPACE or repo dir)
|
||||
const repoDir = process.cwd();
|
||||
|
||||
log.debug(`» starting OpenCode: ${cliPath} ${args.join(" ")}`);
|
||||
log.debug(`» working directory: ${repoDir}`);
|
||||
log.debug(`» HOME: ${env.HOME}`);
|
||||
log.debug(`» XDG_CONFIG_HOME: ${env.XDG_CONFIG_HOME}`);
|
||||
|
||||
const startTime = performance.now();
|
||||
let eventCount = 0;
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
// reset module-level state before each run (same pattern as claude/codex/gemini).
|
||||
// without this, a failed subprocess that never emits an init event would
|
||||
// carry stale token counts or output from a prior delegation run.
|
||||
finalOutput = "";
|
||||
accumulatedTokens = { input: 0, output: 0 };
|
||||
tokensLogged = false;
|
||||
|
||||
// track recent stderr lines for provider error diagnosis.
|
||||
// when OpenCode goes silent on stdout, these are the only clue.
|
||||
const recentStderr: string[] = [];
|
||||
const MAX_STDERR_LINES = 20;
|
||||
let lastProviderError: string | null = null;
|
||||
|
||||
let output = "";
|
||||
let stdoutBuffer = ""; // buffer for incomplete lines across chunks
|
||||
|
||||
try {
|
||||
const result = await spawn({
|
||||
cmd: cliPath,
|
||||
args,
|
||||
cwd: repoDir,
|
||||
env,
|
||||
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
|
||||
stdio: ["ignore", "pipe", "pipe"],
|
||||
onStdout: async (chunk) => {
|
||||
const text = chunk.toString();
|
||||
output += text;
|
||||
markActivity(); // reset activity timeout on any CLI output
|
||||
|
||||
// buffer incomplete lines across chunks (NDJSON format)
|
||||
stdoutBuffer += text;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
|
||||
// keep the last element (may be incomplete) in the buffer
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) {
|
||||
continue;
|
||||
}
|
||||
|
||||
try {
|
||||
const event = JSON.parse(trimmed) as OpenCodeEvent;
|
||||
eventCount++;
|
||||
|
||||
// debug log all events to diagnose ordering and missing MCP/shell tool calls
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
|
||||
const timeSinceLastActivity = getIdleMs();
|
||||
if (timeSinceLastActivity > 10000) {
|
||||
const activeToolCalls = toolCallTimings.size;
|
||||
const toolCallInfo =
|
||||
activeToolCalls > 0
|
||||
? ` (waiting for ${activeToolCalls} tool call${activeToolCalls > 1 ? "s" : ""})`
|
||||
: " (OpenCode may be processing internally - LLM calls, planning, etc.)";
|
||||
log.info(
|
||||
`» no activity for ${(timeSinceLastActivity / 1000).toFixed(1)}s${toolCallInfo} (${eventCount} events processed so far)`
|
||||
);
|
||||
}
|
||||
markActivity(); // reset activity timeout on every event
|
||||
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
|
||||
if (handler) {
|
||||
await handler(event as never, thinkingTimer);
|
||||
} else {
|
||||
// log unhandled event types for visibility
|
||||
log.info(
|
||||
`» OpenCode event (unhandled): type=${event.type}, data=${JSON.stringify(event).substring(0, 500)}`
|
||||
);
|
||||
}
|
||||
} catch {
|
||||
// non-JSON lines are ignored (might be debug output from opencode)
|
||||
log.debug(`» non-JSON stdout line: ${trimmed.substring(0, 200)}`);
|
||||
}
|
||||
}
|
||||
},
|
||||
onStderr: (chunk) => {
|
||||
const trimmed = chunk.trim();
|
||||
if (!trimmed) return;
|
||||
|
||||
// track recent stderr for diagnosis
|
||||
recentStderr.push(trimmed);
|
||||
if (recentStderr.length > MAX_STDERR_LINES) recentStderr.shift();
|
||||
|
||||
// detect provider errors and surface them prominently
|
||||
const providerError = detectProviderError(trimmed);
|
||||
if (providerError) {
|
||||
lastProviderError = providerError;
|
||||
log.info(`» provider error detected (${providerError}): ${trimmed.substring(0, 500)}`);
|
||||
} else {
|
||||
//agent OpenCode's --print-logs output goes to stderr. demote internal
|
||||
// INFO/DEBUG bus traffic to debug so it doesn't drown out tool
|
||||
// call logs in the GitHub Actions step output.
|
||||
log.debug(trimmed);
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
const duration = performance.now() - startTime;
|
||||
log.info(
|
||||
`» OpenCode CLI completed in ${Math.round(duration)}ms with exit code ${result.exitCode}`
|
||||
);
|
||||
|
||||
// if zero events processed, something went wrong - surface stderr context
|
||||
if (eventCount === 0) {
|
||||
const stderrContext = recentStderr.join("\n");
|
||||
const diagnosis = lastProviderError
|
||||
? `provider error: ${lastProviderError}`
|
||||
: "unknown cause (no stdout events received)";
|
||||
log.info(`» OpenCode produced 0 events (${diagnosis})`);
|
||||
if (stderrContext) {
|
||||
log.info(`» last stderr output:\n${stderrContext}`);
|
||||
}
|
||||
}
|
||||
|
||||
// log tokens if they weren't logged yet (fallback if result event wasn't emitted)
|
||||
if (!tokensLogged && (accumulatedTokens.input > 0 || accumulatedTokens.output > 0)) {
|
||||
const totalTokens = accumulatedTokens.input + accumulatedTokens.output;
|
||||
log.table([
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
{ data: "Total Tokens", header: true },
|
||||
],
|
||||
[String(accumulatedTokens.input), String(accumulatedTokens.output), String(totalTokens)],
|
||||
]);
|
||||
}
|
||||
|
||||
const usage = buildOpenCodeUsage();
|
||||
|
||||
// return result
|
||||
if (result.exitCode !== 0) {
|
||||
const errorContext = lastProviderError ? ` (${lastProviderError})` : "";
|
||||
const errorMessage =
|
||||
result.stderr ||
|
||||
result.stdout ||
|
||||
`unknown error - no output from OpenCode CLI${errorContext}`;
|
||||
log.error(
|
||||
`OpenCode CLI exited with code ${result.exitCode}${errorContext}: ${errorMessage}`
|
||||
);
|
||||
log.debug(`OpenCode stdout: ${result.stdout?.substring(0, 500)}`);
|
||||
log.debug(`OpenCode stderr: ${result.stderr?.substring(0, 500)}`);
|
||||
return {
|
||||
success: false,
|
||||
output: finalOutput || output,
|
||||
error: errorMessage,
|
||||
usage,
|
||||
};
|
||||
}
|
||||
|
||||
if (eventCount === 0 && lastProviderError) {
|
||||
return {
|
||||
success: false,
|
||||
output: finalOutput || output,
|
||||
error: `provider error: ${lastProviderError}`,
|
||||
usage,
|
||||
};
|
||||
}
|
||||
|
||||
return {
|
||||
success: true,
|
||||
output: finalOutput || output,
|
||||
usage,
|
||||
};
|
||||
} catch (error) {
|
||||
// activity timeout or process timeout - surface the real cause
|
||||
const duration = performance.now() - startTime;
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
const isActivityTimeout = errorMessage.includes("activity timeout");
|
||||
|
||||
// build a diagnostic message that includes provider context
|
||||
const stderrContext = recentStderr.slice(-10).join("\n");
|
||||
const diagnosis = lastProviderError
|
||||
? `likely cause: ${lastProviderError}`
|
||||
: eventCount === 0
|
||||
? "OpenCode produced 0 stdout events - check if the model provider is reachable"
|
||||
: `${eventCount} events were processed before the hang`;
|
||||
|
||||
log.info(
|
||||
`» OpenCode ${isActivityTimeout ? "hung" : "failed"} after ${(duration / 1000).toFixed(1)}s: ${errorMessage}`
|
||||
);
|
||||
log.info(`» diagnosis: ${diagnosis}`);
|
||||
if (stderrContext) {
|
||||
log.info(
|
||||
`» recent stderr (last ${Math.min(recentStderr.length, 10)} lines):\n${stderrContext}`
|
||||
);
|
||||
}
|
||||
|
||||
return {
|
||||
success: false,
|
||||
output: finalOutput || output,
|
||||
error: `${errorMessage} [${diagnosis}]`,
|
||||
usage: buildOpenCodeUsage(),
|
||||
};
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
/**
|
||||
* Configure OpenCode via opencode.json config file.
|
||||
* Builds complete config with MCP servers and permissions in a single write to avoid race conditions.
|
||||
*/
|
||||
function configureOpenCode(ctx: AgentRunContext): void {
|
||||
const configDir = join(ctx.tmpdir, ".config", "opencode");
|
||||
mkdirSync(configDir, { recursive: true });
|
||||
const configPath = join(configDir, "opencode.json");
|
||||
const repoConfigPath = join(process.cwd(), "opencode.json");
|
||||
const repoConfig = loadRepoOpenCodeConfig({ repoConfigPath });
|
||||
if (repoConfig?.model) {
|
||||
log.info(`» repo opencode model configured: ${repoConfig.model}`);
|
||||
}
|
||||
|
||||
// build MCP servers config
|
||||
const opencodeMcpServers: Record<string, unknown> = {};
|
||||
const repoMcpServers = getRecordProperty({ value: repoConfig, key: "mcp" });
|
||||
if (repoMcpServers) {
|
||||
Object.assign(opencodeMcpServers, repoMcpServers);
|
||||
}
|
||||
opencodeMcpServers[ghPullfrogMcpName] = { type: "remote" as const, url: ctx.mcpServerUrl };
|
||||
|
||||
// build permission object based on tool permissions
|
||||
// note: OpenCode has no built-in web search tool
|
||||
const shell = ctx.payload.shell;
|
||||
const permission: Record<string, unknown> = {};
|
||||
const repoPermission = getRecordProperty({ value: repoConfig, key: "permission" });
|
||||
if (repoPermission) {
|
||||
Object.assign(permission, repoPermission);
|
||||
}
|
||||
permission.edit = "deny";
|
||||
permission.read = "deny";
|
||||
permission.bash = shell !== "enabled" ? "deny" : "allow";
|
||||
permission.webfetch = ctx.payload.web === "disabled" ? "deny" : "allow";
|
||||
permission.external_directory = "deny";
|
||||
|
||||
// build complete config in one object
|
||||
const config: OpenCodeConfig = {};
|
||||
if (repoConfig) {
|
||||
Object.assign(config, repoConfig);
|
||||
}
|
||||
config.mcp = opencodeMcpServers;
|
||||
config.permission = permission;
|
||||
|
||||
const configJson = JSON.stringify(config, null, 2);
|
||||
try {
|
||||
writeFileSync(configPath, configJson, "utf-8");
|
||||
} catch (error) {
|
||||
log.error(
|
||||
`failed to write OpenCode config to ${configPath}: ${error instanceof Error ? error.message : String(error)}`
|
||||
);
|
||||
throw error;
|
||||
}
|
||||
|
||||
log.info(`» OpenCode config written to ${configPath}`);
|
||||
log.debug(`» disallowed built-ins: ${JSON.stringify(permission)}`);
|
||||
log.debug(`OpenCode config contents:\n${configJson}`);
|
||||
}
|
||||
|
||||
////////////////////////////////////////////
|
||||
//////////// EVENT HANDLERS ////////////
|
||||
////////////////////////////////////////////
|
||||
|
||||
// opencode cli event types inferred from json output format
|
||||
interface OpenCodeInitEvent {
|
||||
type: "init";
|
||||
timestamp?: string;
|
||||
session_id?: string;
|
||||
model?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeMessageEvent {
|
||||
type: "message";
|
||||
timestamp?: string;
|
||||
role?: "user" | "assistant";
|
||||
content?: string;
|
||||
delta?: boolean;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeTextEvent {
|
||||
type: "text";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
type?: string;
|
||||
text?: string;
|
||||
[key: string]: unknown;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeStepStartEvent {
|
||||
type: "step_start";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
type?: string;
|
||||
[key: string]: unknown;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeStepFinishEvent {
|
||||
type: "step_finish";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
type?: string;
|
||||
reason?: string;
|
||||
cost?: number;
|
||||
tokens?: {
|
||||
input?: number;
|
||||
output?: number;
|
||||
reasoning?: number;
|
||||
cache?: {
|
||||
read?: number;
|
||||
write?: number;
|
||||
};
|
||||
};
|
||||
[key: string]: unknown;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeToolUseEvent {
|
||||
type: "tool_use";
|
||||
timestamp?: number;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
callID?: string;
|
||||
tool?: string;
|
||||
state?: {
|
||||
status?: string;
|
||||
input?: unknown;
|
||||
output?: string;
|
||||
};
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeToolResultEvent {
|
||||
type: "tool_result";
|
||||
timestamp?: number;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
callID?: string;
|
||||
state?: {
|
||||
status?: string;
|
||||
output?: string;
|
||||
};
|
||||
};
|
||||
// fallback fields for older format
|
||||
tool_id?: string;
|
||||
status?: "success" | "error";
|
||||
output?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeResultEvent {
|
||||
type: "result";
|
||||
timestamp?: string;
|
||||
status?: "success" | "error";
|
||||
stats?: {
|
||||
total_tokens?: number;
|
||||
input_tokens?: number;
|
||||
output_tokens?: number;
|
||||
duration_ms?: number;
|
||||
tool_calls?: number;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeErrorEvent {
|
||||
type: "error";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
error?: {
|
||||
name?: string;
|
||||
message?: string;
|
||||
data?: unknown;
|
||||
[key: string]: unknown;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
type OpenCodeEvent =
|
||||
| OpenCodeInitEvent
|
||||
| OpenCodeMessageEvent
|
||||
| OpenCodeTextEvent
|
||||
| OpenCodeStepStartEvent
|
||||
| OpenCodeStepFinishEvent
|
||||
| OpenCodeToolUseEvent
|
||||
| OpenCodeToolResultEvent
|
||||
| OpenCodeResultEvent
|
||||
| OpenCodeErrorEvent;
|
||||
|
||||
let finalOutput = "";
|
||||
let accumulatedTokens: { input: number; output: number } = { input: 0, output: 0 };
|
||||
let tokensLogged = false;
|
||||
|
||||
function buildOpenCodeUsage(): AgentUsage | undefined {
|
||||
return accumulatedTokens.input > 0 || accumulatedTokens.output > 0
|
||||
? {
|
||||
agent: "opencode",
|
||||
inputTokens: accumulatedTokens.input,
|
||||
outputTokens: accumulatedTokens.output,
|
||||
}
|
||||
: undefined;
|
||||
}
|
||||
|
||||
const toolCallTimings = new Map<string, number>();
|
||||
let currentStepId: string | null = null;
|
||||
let currentStepType: string | null = null;
|
||||
let stepHistory: Array<{ stepId: string; stepType: string; toolCalls: string[] }> = [];
|
||||
|
||||
const messageHandlers = {
|
||||
init: (event: OpenCodeInitEvent) => {
|
||||
// initialization event - reset state
|
||||
log.debug(
|
||||
`» OpenCode init: session_id=${event.session_id || "unknown"}, model=${event.model || "unknown"}`
|
||||
);
|
||||
log.debug(`» OpenCode init event (full): ${JSON.stringify(event)}`);
|
||||
finalOutput = "";
|
||||
accumulatedTokens = { input: 0, output: 0 };
|
||||
tokensLogged = false;
|
||||
},
|
||||
message: (event: OpenCodeMessageEvent) => {
|
||||
if (event.role === "assistant" && event.content?.trim()) {
|
||||
const message = event.content.trim();
|
||||
if (message) {
|
||||
if (event.delta) {
|
||||
// delta messages are streaming thoughts/reasoning
|
||||
log.debug(
|
||||
`» OpenCode thinking: ${message.substring(0, 300)}${message.length > 300 ? "..." : ""}`
|
||||
);
|
||||
} else {
|
||||
// complete messages
|
||||
log.debug(
|
||||
`» OpenCode message (${event.role}): ${message.substring(0, 100)}${message.length > 100 ? "..." : ""}`
|
||||
);
|
||||
finalOutput = message;
|
||||
}
|
||||
}
|
||||
} else if (event.role === "user") {
|
||||
log.debug(
|
||||
`» OpenCode message (${event.role}): ${event.content?.substring(0, 100) || ""}${event.content && event.content.length > 100 ? "..." : ""}`
|
||||
);
|
||||
}
|
||||
},
|
||||
text: (event: OpenCodeTextEvent) => {
|
||||
// log from text events only to avoid duplicates
|
||||
if (event.part?.text?.trim()) {
|
||||
const message = event.part.text.trim();
|
||||
log.box(message, { title: "OpenCode" });
|
||||
finalOutput = message;
|
||||
}
|
||||
},
|
||||
step_start: (event: OpenCodeStepStartEvent) => {
|
||||
const stepType = event.part?.type || "unknown";
|
||||
const stepId = event.part?.id || "unknown";
|
||||
currentStepId = stepId;
|
||||
currentStepType = stepType;
|
||||
stepHistory.push({ stepId, stepType, toolCalls: [] });
|
||||
},
|
||||
step_finish: async (event: OpenCodeStepFinishEvent) => {
|
||||
const stepId = event.part?.id || "unknown";
|
||||
|
||||
// accumulate tokens from step_finish events (they come here, not in result)
|
||||
const eventTokens = event.part?.tokens;
|
||||
if (eventTokens) {
|
||||
const inputTokens = eventTokens.input || 0;
|
||||
const outputTokens = eventTokens.output || 0;
|
||||
|
||||
// accumulate tokens (don't log yet - wait for result event)
|
||||
accumulatedTokens.input += inputTokens;
|
||||
accumulatedTokens.output += outputTokens;
|
||||
}
|
||||
|
||||
// clear current step
|
||||
if (currentStepId === stepId) {
|
||||
currentStepId = null;
|
||||
currentStepType = null;
|
||||
}
|
||||
},
|
||||
tool_use: (event: OpenCodeToolUseEvent, thinkingTimer: ThinkingTimer) => {
|
||||
const toolName = event.part?.tool;
|
||||
const toolId = event.part?.callID;
|
||||
const parameters = event.part?.state?.input;
|
||||
const status = event.part?.state?.status;
|
||||
const output = event.part?.state?.output;
|
||||
|
||||
if (!toolName || !toolId) {
|
||||
// surface dropped tool_use events visibly so missing tool calls are diagnosable
|
||||
log.info(
|
||||
`» tool_use event missing toolName or toolId: ${JSON.stringify(event).substring(0, 500)}`
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
// track tool call in current step
|
||||
if (stepHistory.length > 0) {
|
||||
stepHistory[stepHistory.length - 1].toolCalls.push(toolName);
|
||||
}
|
||||
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({
|
||||
toolName,
|
||||
input: parameters || {},
|
||||
});
|
||||
|
||||
// if tool already completed (status in same event), log output
|
||||
if (status === "completed" && output) {
|
||||
log.debug(` output: ${output}`);
|
||||
}
|
||||
},
|
||||
tool_result: (event: OpenCodeToolResultEvent, thinkingTimer: ThinkingTimer) => {
|
||||
// handle both new part structure and legacy flat structure
|
||||
const toolId = event.part?.callID || event.tool_id;
|
||||
const status = event.part?.state?.status || event.status || "unknown";
|
||||
const output = event.part?.state?.output || event.output;
|
||||
|
||||
thinkingTimer.markToolResult();
|
||||
|
||||
if (toolId) {
|
||||
const toolStartTime = toolCallTimings.get(toolId);
|
||||
if (toolStartTime) {
|
||||
const toolDuration = performance.now() - toolStartTime;
|
||||
toolCallTimings.delete(toolId);
|
||||
const stepContext = currentStepId ? ` (step=${currentStepType || "unknown"})` : "";
|
||||
log.debug(
|
||||
`» OpenCode tool_result${stepContext}: id=${toolId}, status=${status}, duration=${Math.round(toolDuration)}ms`
|
||||
);
|
||||
if (output) {
|
||||
log.debug(` output: ${typeof output === "string" ? output : JSON.stringify(output)}`);
|
||||
}
|
||||
if (toolDuration > 5000) {
|
||||
log.info(
|
||||
`» ⚠️ tool call took ${(toolDuration / 1000).toFixed(1)}s - this may indicate network latency or slow processing`
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (status === "error") {
|
||||
const errorMsg = typeof output === "string" ? output : JSON.stringify(output);
|
||||
log.info(`» ❌ tool call failed: ${errorMsg}`);
|
||||
} else if (output) {
|
||||
// log successful tool result so it appears in captured output
|
||||
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
|
||||
log.debug(`tool output: ${outputStr}`);
|
||||
}
|
||||
},
|
||||
result: async (event: OpenCodeResultEvent) => {
|
||||
const status = event.status || "unknown";
|
||||
const duration = event.stats?.duration_ms || 0;
|
||||
const toolCalls = event.stats?.tool_calls || 0;
|
||||
log.info(
|
||||
`» OpenCode result: status=${status}, duration=${duration}ms, tool_calls=${toolCalls}`
|
||||
);
|
||||
|
||||
if (event.status === "error") {
|
||||
log.info(`» OpenCode CLI failed: ${JSON.stringify(event)}`);
|
||||
} else {
|
||||
// log tokens once at the end (use stats from result if available, otherwise use accumulated from step_finish)
|
||||
const inputTokens = event.stats?.input_tokens || accumulatedTokens.input || 0;
|
||||
const outputTokens = event.stats?.output_tokens || accumulatedTokens.output || 0;
|
||||
const totalTokens = event.stats?.total_tokens || inputTokens + outputTokens;
|
||||
log.info(`» run complete: tool_calls=${toolCalls}, duration=${duration}ms`);
|
||||
|
||||
if ((inputTokens > 0 || outputTokens > 0) && !tokensLogged) {
|
||||
log.table([
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
{ data: "Total Tokens", header: true },
|
||||
],
|
||||
[String(inputTokens), String(outputTokens), String(totalTokens)],
|
||||
]);
|
||||
tokensLogged = true;
|
||||
}
|
||||
}
|
||||
},
|
||||
};
|
||||
@@ -0,0 +1,658 @@
|
||||
/**
|
||||
* OpenToad agent — secure harness around OpenCode CLI.
|
||||
*
|
||||
* transparently wraps OpenCode with a security layer:
|
||||
* - bash: "deny" via OPENCODE_CONFIG_CONTENT (agent cannot shell out)
|
||||
* - MCP ShellTool provides restricted shell (filtered env, no secrets)
|
||||
* - MCP server injected alongside project config (not replacing)
|
||||
* - ASKPASS handles git auth separately (token never in subprocess env)
|
||||
*
|
||||
* the agent process itself gets full env (needs LLM API keys, PATH, etc.).
|
||||
* security is enforced at the tool layer, not the process layer.
|
||||
*/
|
||||
import { execFileSync } from "node:child_process";
|
||||
import { mkdirSync } from "node:fs";
|
||||
import { join } from "node:path";
|
||||
import { performance } from "node:perf_hooks";
|
||||
import { ghPullfrogMcpName } from "../external.ts";
|
||||
import { modelAliases, resolveCliModel } from "../models.ts";
|
||||
import { getIdleMs, markActivity } from "../utils/activity.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import { installFromNpmTarball } from "../utils/install.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { ThinkingTimer } from "../utils/timer.ts";
|
||||
import { type AgentResult, type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
|
||||
|
||||
// pinned CLI version
|
||||
const OPENCODE_CLI_VERSION = "1.1.56";
|
||||
|
||||
async function installOpencodeCli(): Promise<string> {
|
||||
return await installFromNpmTarball({
|
||||
packageName: "opencode-ai",
|
||||
version: OPENCODE_CLI_VERSION,
|
||||
executablePath: "bin/opencode",
|
||||
installDependencies: true,
|
||||
});
|
||||
}
|
||||
|
||||
// ── config ─────────────────────────────────────────────────────────────────────
|
||||
|
||||
type OpenCodeConfig = {
|
||||
mcp?: Record<string, unknown>;
|
||||
permission?: Record<string, unknown>;
|
||||
provider?: Record<string, unknown>;
|
||||
model?: string;
|
||||
enabled_providers?: string[];
|
||||
[key: string]: unknown;
|
||||
};
|
||||
|
||||
function buildSecurityConfig(ctx: AgentRunContext, model: string | undefined): string {
|
||||
const config: OpenCodeConfig = {
|
||||
permission: {
|
||||
bash: "deny",
|
||||
edit: "allow",
|
||||
read: "allow",
|
||||
webfetch: "allow",
|
||||
external_directory: "deny",
|
||||
},
|
||||
mcp: {
|
||||
[ghPullfrogMcpName]: { type: "remote", url: ctx.mcpServerUrl },
|
||||
},
|
||||
};
|
||||
|
||||
if (model) {
|
||||
config.model = model;
|
||||
|
||||
const slashIndex = model.indexOf("/");
|
||||
if (slashIndex > 0) {
|
||||
config.enabled_providers = [model.slice(0, slashIndex).toLowerCase()];
|
||||
}
|
||||
}
|
||||
|
||||
return JSON.stringify(config);
|
||||
}
|
||||
|
||||
// ── model resolution (see wiki/model-resolution.md) ─────────────────────────────
|
||||
//
|
||||
// priority:
|
||||
// 1. OPENCODE_MODEL env var (explicit override)
|
||||
// 2. explicit slug from repo config / payload
|
||||
// 3. auto-select: `opencode models` → recommended aliases first, then secondary
|
||||
// 4. undefined → let OpenCode decide
|
||||
|
||||
function getOpenCodeModels(cliPath: string): string[] {
|
||||
try {
|
||||
const output = execFileSync(cliPath, ["models"], {
|
||||
encoding: "utf-8",
|
||||
timeout: 30_000,
|
||||
env: process.env,
|
||||
});
|
||||
return output
|
||||
.split("\n")
|
||||
.map((line) => line.trim())
|
||||
.filter(Boolean);
|
||||
} catch (error) {
|
||||
log.debug(
|
||||
`» failed to run \`opencode models\`: ${error instanceof Error ? error.message : String(error)}`
|
||||
);
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
const AUTO_SELECT_WARNING =
|
||||
"select a model explicitly in the Pullfrog console (https://pullfrog.com/console) to avoid this.";
|
||||
|
||||
function resolveOpenCodeModel(ctx: {
|
||||
cliPath: string;
|
||||
modelSlug?: string | undefined;
|
||||
}): string | undefined {
|
||||
// 1. explicit env var override
|
||||
const envModel = process.env.OPENCODE_MODEL?.trim();
|
||||
if (envModel) {
|
||||
log.info(`» model: ${envModel} (override via OPENCODE_MODEL)`);
|
||||
return envModel;
|
||||
}
|
||||
|
||||
// 2. explicit slug from repo config / payload
|
||||
if (ctx.modelSlug) {
|
||||
const resolved = resolveCliModel(ctx.modelSlug);
|
||||
if (resolved) {
|
||||
log.info(`» model: ${resolved} (from repo config)`);
|
||||
return resolved;
|
||||
}
|
||||
log.warning(`» unknown model slug "${ctx.modelSlug}" — falling through to auto-select`);
|
||||
}
|
||||
|
||||
// 3. auto-select: ask OpenCode what's available, pick our best curated match.
|
||||
// `opencode models` returns `provider/model-id` specifiers matching our resolve values exactly.
|
||||
// two-pass: recommended (top-tier per provider) first, then secondary models.
|
||||
const availableModels = getOpenCodeModels(ctx.cliPath);
|
||||
const availableSet = new Set(availableModels);
|
||||
if (availableSet.size > 0) {
|
||||
log.debug(`» opencode models (${availableSet.size}): ${availableModels.join(", ")}`);
|
||||
const match =
|
||||
modelAliases.find((a) => a.recommended && availableSet.has(a.resolve)) ??
|
||||
modelAliases.find((a) => availableSet.has(a.resolve));
|
||||
if (match) {
|
||||
log.info(
|
||||
`» model: ${match.resolve} (auto-selected${match.recommended ? " — recommended" : ""} curated match)`
|
||||
);
|
||||
log.warning(`» model auto-selected. ${AUTO_SELECT_WARNING}`);
|
||||
return match.resolve;
|
||||
}
|
||||
log.info(
|
||||
`» opencode has ${availableSet.size} models but none match curated aliases — letting OpenCode auto-select`
|
||||
);
|
||||
}
|
||||
|
||||
log.warning(`» no model resolved. letting OpenCode auto-select. ${AUTO_SELECT_WARNING}`);
|
||||
return undefined;
|
||||
}
|
||||
|
||||
// ── provider error detection ───────────────────────────────────────────────────
|
||||
|
||||
const PROVIDER_ERROR_PATTERNS = [
|
||||
{ pattern: "429", label: "rate limited (429)" },
|
||||
{ pattern: "RESOURCE_EXHAUSTED", label: "quota exhausted" },
|
||||
{ pattern: "quota", label: "quota error" },
|
||||
{ pattern: "status: 500", label: "provider 500 error" },
|
||||
{ pattern: "INTERNAL", label: "provider internal error" },
|
||||
{ pattern: "status: 503", label: "provider unavailable (503)" },
|
||||
{ pattern: "UNAVAILABLE", label: "provider unavailable" },
|
||||
{ pattern: "rate limit", label: "rate limited" },
|
||||
{ pattern: "limit: 0", label: "zero quota" },
|
||||
];
|
||||
|
||||
function detectProviderError(text: string): string | null {
|
||||
for (const entry of PROVIDER_ERROR_PATTERNS) {
|
||||
if (text.includes(entry.pattern)) return entry.label;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
// ── NDJSON event types ─────────────────────────────────────────────────────────
|
||||
|
||||
interface OpenCodeInitEvent {
|
||||
type: "init";
|
||||
timestamp?: string;
|
||||
session_id?: string;
|
||||
model?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeMessageEvent {
|
||||
type: "message";
|
||||
timestamp?: string;
|
||||
role?: "user" | "assistant";
|
||||
content?: string;
|
||||
delta?: boolean;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeTextEvent {
|
||||
type: "text";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: { id?: string; type?: string; text?: string; [key: string]: unknown };
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeStepStartEvent {
|
||||
type: "step_start";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: { id?: string; type?: string; [key: string]: unknown };
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeStepFinishEvent {
|
||||
type: "step_finish";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
type?: string;
|
||||
reason?: string;
|
||||
cost?: number;
|
||||
tokens?: {
|
||||
input?: number;
|
||||
output?: number;
|
||||
reasoning?: number;
|
||||
cache?: { read?: number; write?: number };
|
||||
};
|
||||
[key: string]: unknown;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeToolUseEvent {
|
||||
type: "tool_use";
|
||||
timestamp?: number;
|
||||
sessionID?: string;
|
||||
part?: {
|
||||
id?: string;
|
||||
callID?: string;
|
||||
tool?: string;
|
||||
state?: { status?: string; input?: unknown; output?: string };
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeToolResultEvent {
|
||||
type: "tool_result";
|
||||
timestamp?: number;
|
||||
sessionID?: string;
|
||||
part?: { callID?: string; state?: { status?: string; output?: string } };
|
||||
tool_id?: string;
|
||||
status?: "success" | "error";
|
||||
output?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeResultEvent {
|
||||
type: "result";
|
||||
timestamp?: string;
|
||||
status?: "success" | "error";
|
||||
stats?: {
|
||||
total_tokens?: number;
|
||||
input_tokens?: number;
|
||||
output_tokens?: number;
|
||||
duration_ms?: number;
|
||||
tool_calls?: number;
|
||||
};
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
interface OpenCodeErrorEvent {
|
||||
type: "error";
|
||||
timestamp?: string;
|
||||
sessionID?: string;
|
||||
error?: { name?: string; message?: string; data?: unknown; [key: string]: unknown };
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
type OpenCodeEvent =
|
||||
| OpenCodeInitEvent
|
||||
| OpenCodeMessageEvent
|
||||
| OpenCodeTextEvent
|
||||
| OpenCodeStepStartEvent
|
||||
| OpenCodeStepFinishEvent
|
||||
| OpenCodeToolUseEvent
|
||||
| OpenCodeToolResultEvent
|
||||
| OpenCodeResultEvent
|
||||
| OpenCodeErrorEvent;
|
||||
|
||||
// ── runner ──────────────────────────────────────────────────────────────────────
|
||||
|
||||
type RunParams = {
|
||||
label: string;
|
||||
cliPath: string;
|
||||
args: string[];
|
||||
cwd: string;
|
||||
env: Record<string, string | undefined>;
|
||||
};
|
||||
|
||||
async function runOpenCode(params: RunParams): Promise<AgentResult> {
|
||||
const startTime = performance.now();
|
||||
let eventCount = 0;
|
||||
const thinkingTimer = new ThinkingTimer();
|
||||
|
||||
let finalOutput = "";
|
||||
let accumulatedTokens = { input: 0, output: 0 };
|
||||
let tokensLogged = false;
|
||||
const toolCallTimings = new Map<string, number>();
|
||||
let currentStepId: string | null = null;
|
||||
let currentStepType: string | null = null;
|
||||
let stepHistory: Array<{ stepId: string; stepType: string; toolCalls: string[] }> = [];
|
||||
|
||||
function buildUsage(): AgentUsage | undefined {
|
||||
return accumulatedTokens.input > 0 || accumulatedTokens.output > 0
|
||||
? {
|
||||
agent: "opentoad",
|
||||
inputTokens: accumulatedTokens.input,
|
||||
outputTokens: accumulatedTokens.output,
|
||||
}
|
||||
: undefined;
|
||||
}
|
||||
|
||||
const handlers = {
|
||||
init: (event: OpenCodeInitEvent) => {
|
||||
log.debug(
|
||||
`» ${params.label} init: session_id=${event.session_id || "unknown"}, model=${event.model || "unknown"}`
|
||||
);
|
||||
log.debug(`» ${params.label} init event (full): ${JSON.stringify(event)}`);
|
||||
finalOutput = "";
|
||||
accumulatedTokens = { input: 0, output: 0 };
|
||||
tokensLogged = false;
|
||||
},
|
||||
message: (event: OpenCodeMessageEvent) => {
|
||||
if (event.role === "assistant" && event.content?.trim()) {
|
||||
const message = event.content.trim();
|
||||
if (event.delta) {
|
||||
log.debug(
|
||||
`» ${params.label} thinking: ${message.substring(0, 300)}${message.length > 300 ? "..." : ""}`
|
||||
);
|
||||
} else {
|
||||
log.debug(
|
||||
`» ${params.label} message (${event.role}): ${message.substring(0, 100)}${message.length > 100 ? "..." : ""}`
|
||||
);
|
||||
finalOutput = message;
|
||||
}
|
||||
} else if (event.role === "user") {
|
||||
log.debug(
|
||||
`» ${params.label} message (${event.role}): ${event.content?.substring(0, 100) || ""}${event.content && event.content.length > 100 ? "..." : ""}`
|
||||
);
|
||||
}
|
||||
},
|
||||
text: (event: OpenCodeTextEvent) => {
|
||||
if (event.part?.text?.trim()) {
|
||||
const message = event.part.text.trim();
|
||||
log.box(message, { title: params.label });
|
||||
finalOutput = message;
|
||||
}
|
||||
},
|
||||
step_start: (event: OpenCodeStepStartEvent) => {
|
||||
const stepType = event.part?.type || "unknown";
|
||||
const stepId = event.part?.id || "unknown";
|
||||
currentStepId = stepId;
|
||||
currentStepType = stepType;
|
||||
stepHistory.push({ stepId, stepType, toolCalls: [] });
|
||||
},
|
||||
step_finish: async (event: OpenCodeStepFinishEvent) => {
|
||||
const stepId = event.part?.id || "unknown";
|
||||
const eventTokens = event.part?.tokens;
|
||||
if (eventTokens) {
|
||||
accumulatedTokens.input += eventTokens.input || 0;
|
||||
accumulatedTokens.output += eventTokens.output || 0;
|
||||
}
|
||||
if (currentStepId === stepId) {
|
||||
currentStepId = null;
|
||||
currentStepType = null;
|
||||
}
|
||||
},
|
||||
tool_use: (event: OpenCodeToolUseEvent) => {
|
||||
const toolName = event.part?.tool;
|
||||
const toolId = event.part?.callID;
|
||||
if (!toolName || !toolId) {
|
||||
log.info(
|
||||
`» tool_use event missing toolName or toolId: ${JSON.stringify(event).substring(0, 500)}`
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if (stepHistory.length > 0) {
|
||||
stepHistory[stepHistory.length - 1]!.toolCalls.push(toolName);
|
||||
}
|
||||
|
||||
thinkingTimer.markToolCall();
|
||||
log.toolCall({ toolName, input: event.part?.state?.input || {} });
|
||||
|
||||
if (event.part?.state?.status === "completed" && event.part.state.output) {
|
||||
log.debug(` output: ${event.part.state.output}`);
|
||||
}
|
||||
},
|
||||
tool_result: (event: OpenCodeToolResultEvent) => {
|
||||
const toolId = event.part?.callID || event.tool_id;
|
||||
const status = event.part?.state?.status || event.status || "unknown";
|
||||
const output = event.part?.state?.output || event.output;
|
||||
|
||||
thinkingTimer.markToolResult();
|
||||
|
||||
if (toolId) {
|
||||
const toolStartTime = toolCallTimings.get(toolId);
|
||||
if (toolStartTime) {
|
||||
const toolDuration = performance.now() - toolStartTime;
|
||||
toolCallTimings.delete(toolId);
|
||||
const stepContext = currentStepId ? ` (step=${currentStepType || "unknown"})` : "";
|
||||
log.debug(
|
||||
`» ${params.label} tool_result${stepContext}: id=${toolId}, status=${status}, duration=${Math.round(toolDuration)}ms`
|
||||
);
|
||||
if (output) {
|
||||
log.debug(` output: ${typeof output === "string" ? output : JSON.stringify(output)}`);
|
||||
}
|
||||
if (toolDuration > 5000) {
|
||||
log.info(
|
||||
`» tool call took ${(toolDuration / 1000).toFixed(1)}s - may indicate network latency`
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (status === "error") {
|
||||
const errorMsg = typeof output === "string" ? output : JSON.stringify(output);
|
||||
log.info(`» tool call failed: ${errorMsg}`);
|
||||
} else if (output) {
|
||||
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
|
||||
log.debug(`tool output: ${outputStr}`);
|
||||
}
|
||||
},
|
||||
result: async (event: OpenCodeResultEvent) => {
|
||||
const status = event.status || "unknown";
|
||||
const duration = event.stats?.duration_ms || 0;
|
||||
const toolCalls = event.stats?.tool_calls || 0;
|
||||
log.info(
|
||||
`» ${params.label} result: status=${status}, duration=${duration}ms, tool_calls=${toolCalls}`
|
||||
);
|
||||
|
||||
if (event.status === "error") {
|
||||
log.info(`» ${params.label} failed: ${JSON.stringify(event)}`);
|
||||
} else {
|
||||
const inputTokens = event.stats?.input_tokens || accumulatedTokens.input || 0;
|
||||
const outputTokens = event.stats?.output_tokens || accumulatedTokens.output || 0;
|
||||
const totalTokens = event.stats?.total_tokens || inputTokens + outputTokens;
|
||||
log.info(`» run complete: tool_calls=${toolCalls}, duration=${duration}ms`);
|
||||
|
||||
if ((inputTokens > 0 || outputTokens > 0) && !tokensLogged) {
|
||||
log.table([
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
{ data: "Total Tokens", header: true },
|
||||
],
|
||||
[String(inputTokens), String(outputTokens), String(totalTokens)],
|
||||
]);
|
||||
tokensLogged = true;
|
||||
}
|
||||
}
|
||||
},
|
||||
};
|
||||
|
||||
const recentStderr: string[] = [];
|
||||
const MAX_STDERR_LINES = 20;
|
||||
let lastProviderError: string | null = null;
|
||||
|
||||
let output = "";
|
||||
let stdoutBuffer = "";
|
||||
|
||||
try {
|
||||
const result = await spawn({
|
||||
cmd: params.cliPath,
|
||||
args: params.args,
|
||||
cwd: params.cwd,
|
||||
env: params.env,
|
||||
activityTimeout: 0,
|
||||
stdio: ["ignore", "pipe", "pipe"],
|
||||
onStdout: async (chunk) => {
|
||||
const text = chunk.toString();
|
||||
output += text;
|
||||
markActivity();
|
||||
|
||||
stdoutBuffer += text;
|
||||
const lines = stdoutBuffer.split("\n");
|
||||
stdoutBuffer = lines.pop() || "";
|
||||
|
||||
for (const line of lines) {
|
||||
const trimmed = line.trim();
|
||||
if (!trimmed) continue;
|
||||
|
||||
try {
|
||||
const event = JSON.parse(trimmed) as OpenCodeEvent;
|
||||
eventCount++;
|
||||
log.debug(JSON.stringify(event, null, 2));
|
||||
|
||||
const timeSinceLastActivity = getIdleMs();
|
||||
if (timeSinceLastActivity > 10000) {
|
||||
const activeToolCalls = toolCallTimings.size;
|
||||
const toolCallInfo =
|
||||
activeToolCalls > 0
|
||||
? ` (waiting for ${activeToolCalls} tool call${activeToolCalls > 1 ? "s" : ""})`
|
||||
: ` (${params.label} may be processing internally - LLM calls, planning, etc.)`;
|
||||
log.info(
|
||||
`» no activity for ${(timeSinceLastActivity / 1000).toFixed(1)}s${toolCallInfo} (${eventCount} events processed so far)`
|
||||
);
|
||||
}
|
||||
markActivity();
|
||||
const handler = handlers[event.type as keyof typeof handlers];
|
||||
if (handler) {
|
||||
await handler(event as never);
|
||||
} else {
|
||||
log.info(
|
||||
`» ${params.label} event (unhandled): type=${event.type}, data=${JSON.stringify(event).substring(0, 500)}`
|
||||
);
|
||||
}
|
||||
} catch {
|
||||
log.debug(`» non-JSON stdout line: ${trimmed.substring(0, 200)}`);
|
||||
}
|
||||
}
|
||||
},
|
||||
onStderr: (chunk) => {
|
||||
const trimmed = chunk.trim();
|
||||
if (!trimmed) return;
|
||||
|
||||
recentStderr.push(trimmed);
|
||||
if (recentStderr.length > MAX_STDERR_LINES) recentStderr.shift();
|
||||
|
||||
const providerError = detectProviderError(trimmed);
|
||||
if (providerError) {
|
||||
lastProviderError = providerError;
|
||||
log.info(`» provider error detected (${providerError}): ${trimmed.substring(0, 500)}`);
|
||||
} else {
|
||||
log.debug(trimmed);
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
const duration = performance.now() - startTime;
|
||||
log.info(
|
||||
`» ${params.label} completed in ${Math.round(duration)}ms with exit code ${result.exitCode}`
|
||||
);
|
||||
|
||||
if (eventCount === 0) {
|
||||
const stderrContext = recentStderr.join("\n");
|
||||
const diagnosis = lastProviderError
|
||||
? `provider error: ${lastProviderError}`
|
||||
: "unknown cause (no stdout events received)";
|
||||
log.info(`» ${params.label} produced 0 events (${diagnosis})`);
|
||||
if (stderrContext) log.info(`» last stderr output:\n${stderrContext}`);
|
||||
}
|
||||
|
||||
if (!tokensLogged && (accumulatedTokens.input > 0 || accumulatedTokens.output > 0)) {
|
||||
const totalTokens = accumulatedTokens.input + accumulatedTokens.output;
|
||||
log.table([
|
||||
[
|
||||
{ data: "Input Tokens", header: true },
|
||||
{ data: "Output Tokens", header: true },
|
||||
{ data: "Total Tokens", header: true },
|
||||
],
|
||||
[String(accumulatedTokens.input), String(accumulatedTokens.output), String(totalTokens)],
|
||||
]);
|
||||
}
|
||||
|
||||
const usage = buildUsage();
|
||||
|
||||
if (result.exitCode !== 0) {
|
||||
const errorContext = lastProviderError ? ` (${lastProviderError})` : "";
|
||||
const errorMessage =
|
||||
result.stderr ||
|
||||
result.stdout ||
|
||||
`unknown error - no output from OpenCode CLI${errorContext}`;
|
||||
log.error(
|
||||
`${params.label} exited with code ${result.exitCode}${errorContext}: ${errorMessage}`
|
||||
);
|
||||
log.debug(`stdout: ${result.stdout?.substring(0, 500)}`);
|
||||
log.debug(`stderr: ${result.stderr?.substring(0, 500)}`);
|
||||
return { success: false, output: finalOutput || output, error: errorMessage, usage };
|
||||
}
|
||||
|
||||
if (eventCount === 0 && lastProviderError) {
|
||||
return {
|
||||
success: false,
|
||||
output: finalOutput || output,
|
||||
error: `provider error: ${lastProviderError}`,
|
||||
usage,
|
||||
};
|
||||
}
|
||||
|
||||
return { success: true, output: finalOutput || output, usage };
|
||||
} catch (error) {
|
||||
const duration = performance.now() - startTime;
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
const isActivityTimeout = errorMessage.includes("activity timeout");
|
||||
|
||||
const stderrContext = recentStderr.slice(-10).join("\n");
|
||||
const diagnosis = lastProviderError
|
||||
? `likely cause: ${lastProviderError}`
|
||||
: eventCount === 0
|
||||
? "OpenCode produced 0 stdout events - check if the model provider is reachable"
|
||||
: `${eventCount} events were processed before the hang`;
|
||||
|
||||
log.info(
|
||||
`» ${params.label} ${isActivityTimeout ? "hung" : "failed"} after ${(duration / 1000).toFixed(1)}s: ${errorMessage}`
|
||||
);
|
||||
log.info(`» diagnosis: ${diagnosis}`);
|
||||
if (stderrContext)
|
||||
log.info(
|
||||
`» recent stderr (last ${Math.min(recentStderr.length, 10)} lines):\n${stderrContext}`
|
||||
);
|
||||
|
||||
return {
|
||||
success: false,
|
||||
output: finalOutput || output,
|
||||
error: `${errorMessage} [${diagnosis}]`,
|
||||
usage: buildUsage(),
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
// ── agent ───────────────────────────────────────────────────────────────────────
|
||||
|
||||
export const opentoad = agent({
|
||||
name: "opentoad",
|
||||
install: installOpencodeCli,
|
||||
run: async (ctx) => {
|
||||
const cliPath = await installOpencodeCli();
|
||||
|
||||
const model = resolveOpenCodeModel({
|
||||
cliPath,
|
||||
modelSlug: ctx.payload.model,
|
||||
});
|
||||
|
||||
const tempHome = ctx.tmpdir;
|
||||
mkdirSync(join(tempHome, ".config", "opencode"), { recursive: true });
|
||||
|
||||
const args = ["run", ctx.instructions.full, "--format", "json", "--print-logs"];
|
||||
|
||||
// agent process gets full env — needs LLM API keys, PATH, locale, etc.
|
||||
// security is enforced via OPENCODE_CONFIG_CONTENT (bash: deny) and MCP tool filtering.
|
||||
const env: Record<string, string | undefined> = {
|
||||
...process.env,
|
||||
HOME: tempHome,
|
||||
XDG_CONFIG_HOME: join(tempHome, ".config"),
|
||||
OPENCODE_CONFIG_CONTENT: buildSecurityConfig(ctx, model),
|
||||
GOOGLE_GENERATIVE_AI_API_KEY:
|
||||
process.env.GOOGLE_GENERATIVE_AI_API_KEY || process.env.GEMINI_API_KEY,
|
||||
};
|
||||
|
||||
const repoDir = process.cwd();
|
||||
|
||||
log.debug(`» starting OpenToad (OpenCode): ${cliPath} ${args.join(" ")}`);
|
||||
log.debug(`» working directory: ${repoDir}`);
|
||||
|
||||
return runOpenCode({
|
||||
label: "OpenToad",
|
||||
cliPath,
|
||||
args,
|
||||
cwd: repoDir,
|
||||
env,
|
||||
});
|
||||
},
|
||||
});
|
||||
+9
-21
@@ -1,5 +1,3 @@
|
||||
import type { show } from "@ark/util";
|
||||
import { type AgentManifest, type AgentName, agentsManifest } from "../external.ts";
|
||||
import { log } from "../utils/cli.ts";
|
||||
import type { ResolvedInstructions } from "../utils/instructions.ts";
|
||||
import type { ResolvedPayload } from "../utils/payload.ts";
|
||||
@@ -37,34 +35,24 @@ export interface AgentRunContext {
|
||||
instructions: ResolvedInstructions;
|
||||
}
|
||||
|
||||
export const agent = <const input extends AgentInput>(input: input): defineAgent<input> => {
|
||||
export interface Agent {
|
||||
name: string;
|
||||
install: (token?: string) => Promise<string>;
|
||||
run: (ctx: AgentRunContext) => Promise<AgentResult>;
|
||||
}
|
||||
|
||||
export const agent = (input: Agent): Agent => {
|
||||
return {
|
||||
...input,
|
||||
run: async (ctx: AgentRunContext): Promise<AgentResult> => {
|
||||
log.info(`» agent: ${input.name}`);
|
||||
// matched by delegateEffort test validator — update tests if changed
|
||||
log.info(`» effort: ${ctx.payload.effort}`);
|
||||
if (ctx.payload.model) log.info(`» model: ${ctx.payload.model}`);
|
||||
if (ctx.payload.timeout) log.info(`» timeout: ${ctx.payload.timeout}`);
|
||||
log.info(`» web: ${ctx.payload.web}`);
|
||||
log.info(`» search: ${ctx.payload.search}`);
|
||||
log.info(`» push: ${ctx.payload.push}`);
|
||||
log.info(`» shell: ${ctx.payload.shell}`);
|
||||
log.debug(`» payload: ${JSON.stringify(ctx.payload, null, 2)}`);
|
||||
|
||||
return input.run(ctx);
|
||||
},
|
||||
...agentsManifest[input.name],
|
||||
} as never;
|
||||
};
|
||||
};
|
||||
|
||||
export interface AgentInput {
|
||||
name: AgentName;
|
||||
install: (token?: string) => Promise<string>;
|
||||
run: (ctx: AgentRunContext) => Promise<AgentResult>;
|
||||
}
|
||||
|
||||
export interface Agent extends AgentInput, AgentManifest {}
|
||||
|
||||
type agentManifest<name extends AgentName> = (typeof agentsManifest)[name];
|
||||
|
||||
type defineAgent<input extends AgentInput> = show<input & agentManifest<input["name"]>>;
|
||||
|
||||
Reference in New Issue
Block a user