Agent & model refactor (#478)

* agent & model refactor with ASKPASS git auth, UI restructure, clerk v7

Made-with: Cursor

* fix stale agent/effort refs, add tests for askpass + model resolution

- reviewCleanup.ts: payload.agent -> payload.model, remove effort
- selectMode.ts PlanEdit: remove delegation/subagent/effort references
- pullfrog.yml.ts: update env vars (drop GOOGLE_API_KEY/CURSOR_API_KEY,
  add GOOGLE_GENERATIVE_AI_API_KEY/XAI_API_KEY/MOONSHOT_API_KEY/OPENCODE_API_KEY)
- FlagsSettings/RepoInstructionsSection: remove stale effort/timeout copy
- new: gitAuthServer.test.ts (10 tests — lifecycle, token delivery, tamper detection, script gen)
- new: agent.test.ts (4 tests — default opentoad, AGENT_OVERRIDE, invalid override)
- new: models.test.ts (19 tests — parseModel, resolution, registry invariants)
- update models.dev snapshot

Made-with: Cursor

* fix changed-agents.sh to filter legacy agent files from CI matrix

legacy agent files (claude.ts, codex.ts, etc.) are @ts-nocheck and not
exported from index.ts. changed-agents.sh now reads index.ts imports to
build the active agent set and treats changes to inactive files as
non-agent changes (opentoad canary only).

Made-with: Cursor

* remove MCP file tools, old agent harnesses, and obsolete security tests

ASKPASS-based git auth makes the old MCP file tool security layer unnecessary:
- token never in subprocess env, so symlink/gitattributes/hook attacks can't exfiltrate it
- agents now use native file tools (OpenCode builtin read/edit)

deleted:
- action/mcp/file.ts (file_read, file_write, file_edit, file_delete, list_directory)
- action/mcp/index.ts (dead re-export)
- agent harnesses: claude.ts, codex.ts, cursor.ts, gemini.ts, opencode.ts
- opencode-runner.ts (inlined into opentoad.ts)
- security tests that validated MCP file tool restrictions
- commented-out three-step review flow (~300 lines)
- sanitizeSchema/wrapSchema dead code from mcp/shared.ts
- OPENCODE_MODEL_MINI/MAX env vars (effort-level model overrides removed)

updated test prompts to use generic file ops instead of MCP tool names.
restored pkg-json-scripts + requirements-txt-attack (test --ignore-scripts defense).

Made-with: Cursor

* bump actions/checkout v4 → v6 (node 24)

node 20 actions deprecated june 2, 2026.

Made-with: Cursor

* temporarily disable fail-fast on agnostic tests to debug checkout@v6

Made-with: Cursor

* re-enable fail-fast on agnostic tests

Made-with: Cursor

* fix test token mismatch: mint OIDC tokens scoped to target repo

CI tests override GITHUB_REPOSITORY to pullfrog/test-repo but inherit
the runner's GITHUB_TOKEN (scoped to pullfrog/app), causing 401s on
every run-context fetch. Clear GITHUB_TOKEN in the test subprocess so
ensureGitHubToken() mints a properly scoped token via OIDC.

Also centralizes the default GITHUB_REPOSITORY in runAgentStreaming
instead of repeating it in every test file, and fixes preview-cleanup
to remove workers from all queues (not just name-matching ones).

Made-with: Cursor

* fix ensureGitHubToken to try OIDC when app credentials are absent

ensureGitHubToken only attempted token minting when GITHUB_APP_ID and
GITHUB_PRIVATE_KEY were set. In CI, OIDC is available but app creds
aren't exposed — so the guard prevented minting entirely.

Made-with: Cursor

* dead code cleanup: remove remnants of deleted agents, file tools, effort system

remove unused @anthropic-ai/claude-agent-sdk and @openai/codex-sdk deps,
orphaned file-tool security tests, dead GEMINI_MODEL passthrough, stale
opencode-runner wiki refs, deleted test file references, and MCP file tool
docs. rename docs/effort → docs/models. fix vitest setup: move dotenv to
globalSetup (runs once before forks instead of per-file, 19s → 200ms).

Made-with: Cursor

* address review feedback: remove dead code, update stale references

- remove AGENT_OVERRIDE (only opentoad exists)
- remove shellToolName plumbing (always restricted shell)
- bump action version to 0.0.179
- remove CURSOR_API_KEY from all workflows/configs
- remove OPENCODE_MODEL_MINI/MAX from workflows/docs
- delete wiki/effort.md, rewrite docs/effort.mdx as "Models"
- rewrite wiki/modes.md: orchestrator/subagent → single agent
- simplify flag system: drop builtin flag extraction (debug, effort,
  timeout, agent), keep custom flag replacement only
- reserve all legacy flag names to prevent custom flag conflicts

Made-with: Cursor

* regenerate lockfile after removing claude-agent-sdk and codex-sdk

Made-with: Cursor

* fix import ordering, add lockfile check to pre-push hook

Made-with: Cursor

* remove dead debug payload field, stale packageExtensions

Made-with: Cursor

* merge proc-sandbox and token-exfil into a single test

proc-sandbox and token-exfil were duplicative — both tested that
SANDBOX_TEST_TOKEN couldn't be exfiltrated. consolidated into
token-exfil with shell:restricted (which actually exercises filterEnv)
and the /proc attack vector hints from proc-sandbox.

Made-with: Cursor

* fix wiki adversarial.md to match actual tokenExfil validator

Made-with: Cursor
This commit is contained in:
Colin McDonnell
2026-03-12 05:22:51 +00:00
committed by pullfrog[bot]
parent 5bcfae990a
commit 6d25adfd1a
111 changed files with 4196 additions and 10202 deletions
-341
View File
@@ -1,341 +0,0 @@
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
// changes to tool permissions should be reflected in wiki/granular-tools.md
// changes to web search configuration should be reflected in wiki/websearch.md
import { mkdirSync, writeFileSync } from "node:fs";
import { join } from "node:path";
import type { SDKMessage } from "@anthropic-ai/claude-agent-sdk";
import type { Effort } from "../external.ts";
import { ghPullfrogMcpName } from "../external.ts";
import packageJson from "../package.json" with { type: "json" };
import { markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromNpmTarball } from "../utils/install.ts";
import { spawn } from "../utils/subprocess.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
// model selection based on effort level
// these are aliases that always resolve to the latest version
const claudeEffortModels: Record<Effort, string> = {
mini: "sonnet",
auto: "opus",
max: "opus",
};
// Claude Code CLI --effort level per pullfrog effort
// null = use default (high). "max" is Opus 4.6 only.
const claudeEffortLevels: Record<Effort, string | null> = {
mini: null,
auto: null,
max: "max",
};
/**
* Build disallowedTools list from payload permissions.
*/
function buildDisallowedTools(ctx: AgentRunContext): string[] {
const disallowed: string[] = [];
if (ctx.payload.web === "disabled") disallowed.push("WebFetch");
if (ctx.payload.search === "disabled") disallowed.push("WebSearch");
// both "disabled" and "restricted" block native shell
// "restricted" means use MCP shell tool instead
const shell = ctx.payload.shell;
if (shell !== "enabled") disallowed.push("Bash");
// always block native file tools (use MCP file_read/file_write instead)
disallowed.push("Read", "Write", "Edit", "MultiEdit");
// block built-in subagent spawning — delegation is handled by gh_pullfrog/delegate
disallowed.push("Task");
return disallowed;
}
/**
* Write MCP config file for Claude CLI.
* Returns the path to the config file.
*/
function writeMcpConfig(ctx: AgentRunContext): string {
const configDir = join(ctx.tmpdir, ".claude");
mkdirSync(configDir, { recursive: true });
const configPath = join(configDir, "mcp.json");
const mcpConfig = {
mcpServers: {
[ghPullfrogMcpName]: { type: "http", url: ctx.mcpServerUrl },
},
};
writeFileSync(configPath, JSON.stringify(mcpConfig, null, 2), "utf-8");
log.debug(`» MCP config written to ${configPath}`);
return configPath;
}
async function installClaude(): Promise<string> {
const versionRange = packageJson.dependencies["@anthropic-ai/claude-agent-sdk"] || "latest";
return await installFromNpmTarball({
packageName: "@anthropic-ai/claude-agent-sdk",
version: versionRange,
executablePath: "cli.js",
});
}
export const claude = agent({
name: "claude",
install: installClaude,
run: async (ctx) => {
// install CLI at start of run
const cliPath = await installClaude();
// select model and effort level
const model = claudeEffortModels[ctx.payload.effort];
const effortLevel = claudeEffortLevels[ctx.payload.effort];
log.info(`» model: ${model}${effortLevel ? ` (effort: ${effortLevel})` : ""}`);
// build disallowedTools based on tool permissions
const disallowedTools = buildDisallowedTools(ctx);
if (disallowedTools.length > 0) {
log.debug(`» disallowed built-ins: ${JSON.stringify(disallowedTools)}`);
}
// write MCP config file
const mcpConfigPath = writeMcpConfig(ctx);
// build CLI args
// claude -p "prompt" --dangerously-skip-permissions --mcp-config ./mcp.json --model opus --output-format stream-json --verbose
const args: string[] = [
cliPath,
"-p",
ctx.instructions.full,
"--dangerously-skip-permissions",
"--mcp-config",
mcpConfigPath,
"--model",
model,
"--output-format",
"stream-json",
"--verbose",
];
// add --effort flag if specified (e.g. "max" for Opus 4.6)
if (effortLevel) {
args.push("--effort", effortLevel);
}
// add disallowed tools if any
if (disallowedTools.length > 0) {
args.push("--disallowedTools");
args.push(...disallowedTools);
}
log.info("» running Claude CLI...");
let stdoutBuffer = "";
let finalOutput = "";
const usageContainer: UsageContainer = { value: null };
// track shell tool IDs to identify when shell tool results come back
const shellToolIds = new Set<string>();
const thinkingTimer = new ThinkingTimer();
const result = await spawn({
cmd: "node",
args,
cwd: process.cwd(),
env: process.env,
stdio: ["ignore", "pipe", "pipe"],
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
onStdout: async (chunk) => {
finalOutput += chunk;
markActivity(); // reset activity timeout on any CLI output
// buffer incomplete lines across chunks (NDJSON format)
stdoutBuffer += chunk;
const lines = stdoutBuffer.split("\n");
// keep the last element (may be incomplete) in the buffer
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) continue;
try {
const message = JSON.parse(trimmed) as SDKMessage;
markActivity(); // reset activity timeout on every event
log.debug(JSON.stringify(message, null, 2));
const handler = messageHandlers[message.type];
if (handler) {
await handler(message as never, shellToolIds, thinkingTimer, usageContainer);
}
} catch {
// ignore parse errors - might be non-JSON output
log.debug(`[claude] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
}
}
},
onStderr: (chunk) => {
const trimmed = chunk.trim();
if (trimmed) {
log.info(`[claude stderr] ${trimmed}`);
finalOutput += trimmed + "\n";
}
},
});
if (result.exitCode !== 0) {
const errorMessage =
result.stderr ||
finalOutput ||
result.stdout ||
"Unknown error - no output from Claude CLI";
log.error(`Claude CLI exited with code ${result.exitCode}: ${errorMessage}`);
return {
success: false,
error: errorMessage,
output: finalOutput || result.stdout || "",
usage: usageContainer.value ?? undefined,
};
}
log.info("» Claude CLI completed successfully");
return {
success: true,
output: finalOutput || result.stdout || "",
usage: usageContainer.value ?? undefined,
};
},
});
// run-local usage container — passed to handlers via closure for parallel-safe runs
type UsageContainer = { value: AgentUsage | null };
type SDKMessageType = SDKMessage["type"];
type SDKMessageHandler<type extends SDKMessageType = SDKMessageType> = (
data: Extract<SDKMessage, { type: type }>,
shellToolIds: Set<string>,
thinkingTimer: ThinkingTimer,
usageContainer: UsageContainer
) => void | Promise<void>;
type SDKMessageHandlers = {
[type in SDKMessageType]: SDKMessageHandler<type>;
};
const messageHandlers: SDKMessageHandlers = {
assistant: (data, shellToolIds, thinkingTimer, _usageContainer) => {
if (data.message?.content) {
for (const content of data.message.content) {
if (content.type === "text" && content.text?.trim()) {
log.box(content.text.trim(), { title: "Claude" });
} else if (content.type === "tool_use") {
// track shell tool IDs (Claude's native tool is named "bash")
if (content.name === "bash" && content.id) {
shellToolIds.add(content.id);
}
thinkingTimer.markToolCall();
log.toolCall({
toolName: content.name,
input: content.input,
});
}
}
}
},
user: (data, shellToolIds, thinkingTimer, _usageContainer) => {
if (data.message?.content) {
for (const content of data.message.content) {
if (typeof content === "string") {
continue;
}
if (content.type === "tool_result") {
thinkingTimer.markToolResult();
const toolUseId = content.tool_use_id;
const isShellTool = toolUseId && shellToolIds.has(toolUseId);
const outputContent =
typeof content.content === "string"
? content.content
: Array.isArray(content.content)
? content.content
.map((entry: unknown) =>
typeof entry === "string"
? entry
: typeof entry === "object" && entry !== null && "text" in entry
? String(entry.text)
: JSON.stringify(entry)
)
.join("\n")
: String(content.content);
if (isShellTool) {
// Log shell output in a collapsed group
log.startGroup(`shell output`);
if (content.is_error) {
log.info(outputContent);
} else {
log.info(outputContent);
}
log.endGroup();
// Clean up the tracked ID
shellToolIds.delete(toolUseId);
} else if (content.is_error) {
log.info(`Tool error: ${outputContent}`);
} else {
// log successful non-shell tool result at debug level
log.debug(`tool output: ${outputContent}`);
}
}
}
}
},
result: async (data, _shellToolIds, _thinkingTimer, usageContainer) => {
if (data.subtype === "success") {
const usage = data.usage;
const inputTokens = usage?.input_tokens || 0;
const cacheRead = usage?.cache_read_input_tokens || 0;
const cacheWrite = usage?.cache_creation_input_tokens || 0;
const outputTokens = usage?.output_tokens || 0;
const totalInput = inputTokens + cacheRead + cacheWrite;
usageContainer.value = {
agent: "claude",
inputTokens: totalInput,
outputTokens,
cacheReadTokens: cacheRead,
cacheWriteTokens: cacheWrite,
costUsd: data.total_cost_usd ?? undefined,
};
log.table([
[
{ data: "Cost", header: true },
{ data: "Input", header: true },
{ data: "Cache Read", header: true },
{ data: "Cache Write", header: true },
{ data: "Output", header: true },
],
[
`$${data.total_cost_usd?.toFixed(4) || "0.0000"}`,
String(totalInput),
String(cacheRead),
String(cacheWrite),
String(outputTokens),
],
]);
} else if (data.subtype === "error_max_turns") {
log.info(`Max turns reached: ${JSON.stringify(data)}`);
} else if (data.subtype === "error_during_execution") {
log.info(`Execution error: ${JSON.stringify(data)}`);
} else {
log.info(`Failed: ${JSON.stringify(data)}`);
}
},
system: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
stream_event: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
tool_progress: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
tool_use_summary: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
auth_status: (_data, _shellToolIds, _thinkingTimer, _usageContainer) => {},
};
-412
View File
@@ -1,412 +0,0 @@
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
// changes to tool permissions should be reflected in wiki/granular-tools.md
// changes to web search configuration should be reflected in wiki/websearch.md
import { mkdirSync, writeFileSync } from "node:fs";
import { join } from "node:path";
import type { ThreadEvent } from "@openai/codex-sdk";
import type { Effort } from "../external.ts";
import { ghPullfrogMcpName } from "../external.ts";
import { markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromNpmTarball } from "../utils/install.ts";
import { filterEnv } from "../utils/secrets.ts";
import { spawn } from "../utils/subprocess.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
// pinned CLI version — no 1-1 package.json dependency for the CLI package
// (package.json has @openai/codex-sdk which is the SDK, not the CLI)
const CODEX_CLI_VERSION = "0.101.0";
// configuration based on effort level
// https://developers.openai.com/codex/models/
type ModelReasoningEffort = "minimal" | "low" | "medium" | "high" | "xhigh";
type CodexEffortConfig = { model: string; reasoningEffort?: ModelReasoningEffort };
// preferred model for auto/max — falls back to gpt-5.2-codex if API key lacks access
const PREFERRED_MODEL = "gpt-5.3-codex";
const FALLBACK_MODEL = "gpt-5.2-codex";
function getCodexEffortConfig(model: string): Record<Effort, CodexEffortConfig> {
return {
mini: { model: "gpt-5.2-codex", reasoningEffort: "low" },
auto: { model },
max: { model, reasoningEffort: "high" },
};
}
// check if a model is available for the given API key via GET /v1/models
async function isModelAvailable(ctx: { apiKey: string; model: string }): Promise<boolean> {
try {
const response = await fetch("https://api.openai.com/v1/models", {
headers: { Authorization: `Bearer ${ctx.apiKey}` },
signal: AbortSignal.timeout(10_000),
});
if (!response.ok) {
log.info(
`failed to list models (HTTP ${response.status}), falling back to ${FALLBACK_MODEL}`
);
return false;
}
const body = (await response.json()) as { data: Array<{ id: string }> };
return body.data.some((m) => m.id === ctx.model);
} catch (err) {
log.info(`failed to list models: ${err}, falling back to ${FALLBACK_MODEL}`);
return false;
}
}
// resolve the best available model for auto/max effort levels
async function resolveModel(apiKey: string): Promise<string> {
const available = await isModelAvailable({ apiKey, model: PREFERRED_MODEL });
if (available) {
log.info(`» ${PREFERRED_MODEL} is available for this API key`);
return PREFERRED_MODEL;
}
log.info(`» ${PREFERRED_MODEL} not available, using ${FALLBACK_MODEL}`);
return FALLBACK_MODEL;
}
function writeCodexConfig(ctx: AgentRunContext): string {
const codexDir = join(ctx.tmpdir, ".codex");
mkdirSync(codexDir, { recursive: true });
const configPath = join(codexDir, "config.toml");
// build MCP servers section
log.info(`» adding MCP server '${ghPullfrogMcpName}' at ${ctx.mcpServerUrl}`);
const mcpServerSections = [`[mcp_servers.${ghPullfrogMcpName}]\nurl = "${ctx.mcpServerUrl}"`];
// build features section for tool control
// disable native shell if shell is "disabled" or "restricted"
// when "restricted", agent uses MCP shell tool which filters secrets
const shell = ctx.payload.shell;
const features: string[] = [];
if (shell !== "enabled") {
features.push("shell_tool = false");
features.push("unified_exec = false");
}
// note: there is no Codex feature flag to disable the native apply_patch tool.
// apply_patch_freeform only controls the freeform variant and defaults to false.
// native file tools are steered to MCP via instructions, and the sandbox (workspace-write
// or read-only) constrains what the native tool can access even if the agent ignores instructions.
const featuresSection = features.length > 0 ? `[features]\n${features.join("\n")}` : "";
// trust the project so codex loads repo-level .codex/config.toml
const cwd = process.cwd();
const projectTrustSection = `[projects."${cwd}"]\ntrust_level = "trusted"`;
// set approval_policy = "never" so we can avoid --dangerously-bypass-approvals-and-sandbox.
// this keeps sandbox enforcement active while still running non-interactively.
// the sandbox (workspace-write or read-only) constrains native file tool access.
const approvalSection = `approval_policy = "never"`;
writeFileSync(
configPath,
`# written by pullfrog
${approvalSection}
${featuresSection}
${projectTrustSection}
${mcpServerSections.join("\n\n")}
`.trim() + "\n"
);
log.info(
`» Codex config written to ${configPath} (shell: ${shell === "enabled" ? "enabled" : "disabled"}, project trusted: ${cwd})`
);
return codexDir;
}
async function installCodex(): Promise<string> {
return await installFromNpmTarball({
packageName: "@openai/codex",
version: CODEX_CLI_VERSION,
executablePath: "bin/codex.js",
installDependencies: true,
});
}
export const codex = agent({
name: "codex",
install: installCodex,
run: async (ctx) => {
// validate API key first
const apiKey = process.env.OPENAI_API_KEY;
if (!apiKey) {
throw new Error("OPENAI_API_KEY is required for codex agent");
}
// install CLI and resolve model concurrently
const [cliPath, model] = await Promise.all([installCodex(), resolveModel(apiKey)]);
// write config file (creates ~/.codex/config.toml)
const codexDir = writeCodexConfig(ctx);
// get model and reasoning effort based on effort level
const effortConfig = getCodexEffortConfig(model)[ctx.payload.effort];
log.info(
`» model: ${effortConfig.model}${effortConfig.reasoningEffort ? ` (reasoningEffort: ${effortConfig.reasoningEffort})` : ""}`
);
// determine sandbox mode based on push permission
// push: "disabled" → read-only sandbox, otherwise workspace-write.
// we avoid danger-full-access because it completely disables the sandbox,
// which would let native file tools (apply_patch) write anywhere unrestricted.
// workspace-write constrains native file access to the working directory.
const sandboxMode = ctx.payload.push === "disabled" ? "read-only" : "workspace-write";
// determine network and search permissions
// web: "disabled" → no network access, otherwise enabled
const networkAccessEnabled = ctx.payload.web !== "disabled";
// search: "disabled" → no web search, otherwise enabled
const webSearchEnabled = ctx.payload.search !== "disabled";
// note: we intentionally do NOT use --dangerously-bypass-approvals-and-sandbox.
// that flag bypasses both approvals AND the sandbox. instead, we set
// approval_policy = "never" in config.toml and keep the sandbox active.
// this ensures native file tools (apply_patch) are constrained by the sandbox
// even if the agent ignores MCP-only instructions.
const args: string[] = [
cliPath,
"exec",
ctx.instructions.full,
"--model",
effortConfig.model,
"--sandbox",
sandboxMode,
"--json",
"--config",
`sandbox_workspace_write.network_access=${networkAccessEnabled}`,
"--config",
`features.web_search_request=${webSearchEnabled}`,
];
if (effortConfig.reasoningEffort) {
args.push("--config", `model_reasoning_effort="${effortConfig.reasoningEffort}"`);
}
log.info(
`» Codex options: sandboxMode=${sandboxMode}, networkAccess=${networkAccessEnabled}, webSearch=${webSearchEnabled}`
);
log.info("» running Codex CLI...");
const runState: CodexRunState = { usage: null };
const messageHandlers = createMessageHandlers();
let stdoutBuffer = "";
let finalOutput = "";
// Track command execution IDs to identify when command results come back
const commandExecutionIds = new Set<string>();
const thinkingTimer = new ThinkingTimer();
// when shell is restricted/disabled, filter sensitive env vars from the codex process.
// defense-in-depth: codex 0.99.0's shell_command_tool feature flag is unreliable,
// so native shell commands may still run. filtering the process env ensures secrets
// (matching *_TOKEN, *_KEY, *_SECRET, etc.) are not accessible even if native shell
// bypasses the MCP shell tool's filterEnv.
// API key is explicitly re-added since codex needs it for API calls.
const baseEnv = ctx.payload.shell === "enabled" ? process.env : filterEnv();
const env: NodeJS.ProcessEnv = {
...baseEnv,
CODEX_HOME: codexDir,
CODEX_API_KEY: apiKey,
OPENAI_API_KEY: apiKey,
};
const result = await spawn({
cmd: "node",
args,
cwd: process.cwd(),
env,
stdio: ["ignore", "pipe", "pipe"],
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
onStdout: async (chunk) => {
finalOutput += chunk;
markActivity(); // reset activity timeout on any CLI output
// buffer incomplete lines across chunks (NDJSON format)
stdoutBuffer += chunk;
const lines = stdoutBuffer.split("\n");
// keep the last element (may be incomplete) in the buffer
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) continue;
try {
const event = JSON.parse(trimmed) as ThreadEvent;
markActivity(); // reset activity timeout on every event
log.debug(JSON.stringify(event, null, 2));
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
if (handler) {
await handler(event as never, commandExecutionIds, thinkingTimer, runState);
}
} catch {
// ignore parse errors - might be non-JSON output
log.debug(`[codex] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
}
}
},
onStderr: (chunk) => {
const trimmed = chunk.trim();
if (trimmed) {
log.info(`[codex stderr] ${trimmed}`);
finalOutput += trimmed + "\n";
}
},
});
if (result.exitCode !== 0) {
const errorMessage =
result.stderr || finalOutput || result.stdout || "Unknown error - no output from Codex CLI";
log.error(`Codex CLI exited with code ${result.exitCode}: ${errorMessage}`);
return {
success: false,
error: errorMessage,
output: finalOutput || result.stdout || "",
usage: runState.usage ?? undefined,
};
}
log.info("» Codex CLI completed successfully");
return {
success: true,
output: finalOutput || result.stdout || "",
usage: runState.usage ?? undefined,
};
},
});
// run-local usage accumulator — passed to handlers via closure for parallel-safe runs.
// codex fires turn.completed per-turn (not once at the end like claude/gemini),
// so we must accumulate rather than overwrite.
type CodexRunState = { usage: AgentUsage | null };
type ThreadEventHandler<type extends ThreadEvent["type"]> = (
event: Extract<ThreadEvent, { type: type }>,
commandExecutionIds: Set<string>,
thinkingTimer: ThinkingTimer,
runState: CodexRunState
) => void | Promise<void>;
function createMessageHandlers(): {
[type in ThreadEvent["type"]]: ThreadEventHandler<type>;
} {
return {
"thread.started": () => {
// No logging needed
},
"turn.started": () => {
// No logging needed
},
"turn.completed": async (event, _commandExecutionIds, _thinkingTimer, runState) => {
const inputTokens = event.usage.input_tokens ?? 0;
const cachedInputTokens = event.usage.cached_input_tokens ?? 0;
const outputTokens = event.usage.output_tokens ?? 0;
// accumulate across turns (codex fires turn.completed per-turn, not once at end).
// note: openai's input_tokens already includes cached tokens (unlike claude's API),
// so we do not add cachedInputTokens to inputTokens — that would double-count.
if (runState.usage) {
runState.usage.inputTokens += inputTokens;
runState.usage.outputTokens += outputTokens;
runState.usage.cacheReadTokens = (runState.usage.cacheReadTokens ?? 0) + cachedInputTokens;
} else {
runState.usage = {
agent: "codex",
inputTokens,
outputTokens,
cacheReadTokens: cachedInputTokens,
};
}
log.table([
[
{ data: "Input Tokens", header: true },
{ data: "Cached Input Tokens", header: true },
{ data: "Output Tokens", header: true },
],
[String(inputTokens), String(cachedInputTokens), String(outputTokens)],
]);
},
"turn.failed": (event) => {
log.info(`Turn failed: ${event.error.message}`);
},
"item.started": (event, commandExecutionIds, thinkingTimer) => {
const item = event.item;
if (item.type === "command_execution") {
commandExecutionIds.add(item.id);
thinkingTimer.markToolCall();
log.toolCall({
toolName: item.command,
input: (item as any).args || {},
});
} else if (item.type === "agent_message") {
// Will be handled on completion
} else if (item.type === "mcp_tool_call") {
thinkingTimer.markToolCall();
log.toolCall({
toolName: item.tool,
input: {
server: item.server,
...((item as any).arguments || {}),
},
});
}
// Reasoning items are handled on completion for better readability
},
"item.updated": (event) => {
const item = event.item;
if (item.type === "command_execution") {
if (item.status === "in_progress" && item.aggregated_output) {
// Command is still running, could show progress if needed
}
}
},
"item.completed": (event, commandExecutionIds, thinkingTimer) => {
const item = event.item;
if (item.type === "agent_message") {
log.box(item.text.trim(), { title: "Codex" });
} else if (item.type === "command_execution") {
const isTracked = commandExecutionIds.has(item.id);
if (isTracked) {
thinkingTimer.markToolResult();
log.startGroup(`shell output`);
if (item.status === "failed" || (item.exit_code !== undefined && item.exit_code !== 0)) {
log.info(item.aggregated_output || "Command failed");
} else {
log.info(item.aggregated_output || "");
}
log.endGroup();
commandExecutionIds.delete(item.id);
}
} else if (item.type === "mcp_tool_call") {
thinkingTimer.markToolResult();
if (item.status === "failed" && item.error) {
log.info(`MCP tool call failed: ${item.error.message}`);
} else if ((item as any).output) {
// log successful MCP tool call output so it appears in captured output
const output = (item as any).output;
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
log.debug(`tool output: ${outputStr}`);
}
} else if (item.type === "reasoning") {
// Display reasoning in a human-readable format
const reasoningText = item.text.trim();
// Remove markdown bold markers if present for cleaner output
const cleanText = reasoningText.replace(/\*\*/g, "");
log.box(cleanText, { title: "Codex" });
}
},
error: (event) => {
log.info(`Error: ${event.message}`);
},
};
}
-447
View File
@@ -1,447 +0,0 @@
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
// changes to tool permissions should be reflected in wiki/granular-tools.md
// changes to web search configuration should be reflected in wiki/websearch.md
import { spawn } from "node:child_process";
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
import { homedir } from "node:os";
import { join } from "node:path";
import { performance } from "node:perf_hooks";
import type { Effort } from "../external.ts";
import { ghPullfrogMcpName } from "../external.ts";
import { markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromDirectTarball } from "../utils/install.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { type AgentRunContext, agent } from "./shared.ts";
// pinned CLI version — cursor-agent is downloaded as a tarball from downloads.cursor.com.
// the version format is {date}-{commit_hash}. update by inspecting the install script:
// curl -fsSL https://cursor.com/install | grep DOWNLOAD_URL
const CURSOR_CLI_VERSION = "2026.01.28-fd13201";
// effort configuration for Cursor
// only "max" overrides the model; mini/auto use default ("auto")
const cursorEffortModels: Record<Effort, string | null> = {
mini: null, // use default (auto)
auto: null, // use default (auto)
max: "opus-4.5-thinking",
} as const;
// cursor cli event types inferred from stream-json output
interface CursorSystemEvent {
type: "system";
subtype?: string;
[key: string]: unknown;
}
interface CursorUserEvent {
type: "user";
message?: {
role: string;
content: Array<{ type: string; text?: string }>;
};
[key: string]: unknown;
}
interface CursorThinkingEvent {
type: "thinking";
subtype: "delta" | "completed";
text?: string;
[key: string]: unknown;
}
interface CursorAssistantEvent {
type: "assistant";
model_call_id?: string;
message?: {
role: string;
content: Array<{ type: string; text?: string }>;
};
[key: string]: unknown;
}
interface CursorToolCallEvent {
type: "tool_call";
subtype: "started" | "completed";
call_id?: string;
tool_call?: {
mcpToolCall?: {
args?: {
name?: string;
args?: unknown;
toolName?: string;
providerIdentifier?: string;
};
result?: {
success?: {
content?: Array<{ text?: { text?: string } }>;
isError?: boolean;
};
};
};
};
[key: string]: unknown;
}
interface CursorResultEvent {
type: "result";
subtype: "success" | "error";
result?: string;
duration_ms?: number;
[key: string]: unknown;
}
type CursorEvent =
| CursorSystemEvent
| CursorUserEvent
| CursorThinkingEvent
| CursorAssistantEvent
| CursorToolCallEvent
| CursorResultEvent;
async function installCursor(): Promise<string> {
const os = process.platform === "darwin" ? "darwin" : "linux";
const arch = process.arch === "arm64" ? "arm64" : "x64";
return await installFromDirectTarball({
url: `https://downloads.cursor.com/lab/${CURSOR_CLI_VERSION}/${os}/${arch}/agent-cli-package.tar.gz`,
executablePath: "cursor-agent",
stripComponents: 1,
});
}
export const cursor = agent({
name: "cursor",
install: installCursor,
run: async (ctx) => {
// validate API key exists for headless/CI authentication
const apiKey = process.env.CURSOR_API_KEY;
if (!apiKey) {
throw new Error("CURSOR_API_KEY is required for cursor agent");
}
// install CLI at start of run
const cliPath = await installCursor();
configureCursorMcpServers(ctx);
configureCursorTools(ctx);
// determine model based on effort level
// respect project's .cursor/cli.json if it specifies a model
const projectCliConfigPath = join(process.cwd(), ".cursor", "cli.json");
let modelOverride: string | null = null;
if (existsSync(projectCliConfigPath)) {
try {
const projectConfig = JSON.parse(readFileSync(projectCliConfigPath, "utf-8"));
if (projectConfig.model) {
log.info(`» model: ${projectConfig.model} (from .cursor/cli.json)`);
} else {
modelOverride = cursorEffortModels[ctx.payload.effort];
}
} catch {
modelOverride = cursorEffortModels[ctx.payload.effort];
}
} else {
modelOverride = cursorEffortModels[ctx.payload.effort];
}
if (modelOverride) {
log.info(`» model: ${modelOverride}`);
} else if (!existsSync(projectCliConfigPath)) {
log.info(`» model: default`);
}
// track logged model_call_ids to avoid duplicates
// cursor emits each assistant message twice: once without model_call_id, then again with it
const loggedModelCallIds = new Set<string>();
const thinkingTimer = new ThinkingTimer();
const messageHandlers = {
system: (_event: CursorSystemEvent) => {
// system init events - no logging needed
},
user: (_event: CursorUserEvent) => {
// user messages already logged in prompt box
},
thinking: (_event: CursorThinkingEvent) => {
// thinking events are internal - no logging needed
},
assistant: (event: CursorAssistantEvent) => {
const text = event.message?.content?.[0]?.text?.trim();
if (!text) return;
if (event.model_call_id) {
// complete message with model_call_id - log it if we haven't seen this id before
// cursor emits each message twice: first without model_call_id, then with it
// we deduplicate by model_call_id to avoid logging the same message twice
if (!loggedModelCallIds.has(event.model_call_id)) {
loggedModelCallIds.add(event.model_call_id);
log.box(text, { title: "Cursor" });
}
} else {
// message without model_call_id - log it immediately
// this handles cases where:
// 1. the final summary message might only be emitted without model_call_id
// 2. messages that don't get re-emitted with model_call_id
// without this, the final comprehensive summary wouldn't print (as we discovered)
log.box(text, { title: "Cursor" });
}
},
tool_call: (event: CursorToolCallEvent) => {
if (event.subtype === "started") {
// handle both MCP tools and built-in tools (shell, WebFetch, etc)
const mcpToolCall = event.tool_call?.mcpToolCall;
const builtinToolCall = (event.tool_call as any)?.builtinToolCall;
thinkingTimer.markToolCall();
if (mcpToolCall?.args?.toolName && mcpToolCall?.args?.args) {
log.toolCall({
toolName: mcpToolCall.args.toolName,
input: mcpToolCall.args.args,
});
} else if (builtinToolCall?.args?.name && builtinToolCall?.args?.args) {
log.toolCall({
toolName: builtinToolCall.args.name,
input: builtinToolCall.args.args,
});
}
} else if (event.subtype === "completed") {
thinkingTimer.markToolResult();
const result = event.tool_call?.mcpToolCall?.result?.success;
const isError = result?.isError;
if (isError) {
log.info("Tool call failed");
} else {
// log successful tool result so it appears in output
// handle both formats: { text: string } or { text: { text: string } }
const contentItem = result?.content?.[0];
const textValue = contentItem?.text;
const text = typeof textValue === "string" ? textValue : textValue?.text;
if (text) {
log.debug(`tool output: ${text}`);
}
}
}
},
result: async (event: CursorResultEvent) => {
if (event.subtype === "success" && event.duration_ms) {
const durationSec = (event.duration_ms / 1000).toFixed(1);
log.debug(`Cursor completed in ${durationSec}s`);
// note: we don't log event.result here because it contains the full conversation
// concatenated together, which would duplicate all the individual assistant
// messages we've already logged. the individual assistant events are sufficient.
}
},
};
try {
// build CLI args
// IMPORTANT: prompt is a POSITIONAL argument and must come LAST
// --print is a FLAG (not an option that takes a value)
const baseArgs = [
"--print",
"--output-format",
"stream-json",
"--approve-mcps",
"--api-key",
apiKey,
];
// add model flag if we have an override
if (modelOverride) {
baseArgs.push("--model", modelOverride);
}
// always use --force since permissions are controlled via cli-config.json
// prompt MUST be last as a positional argument
const cursorArgs = [...baseArgs, "--force", ctx.instructions.full];
log.info("» running Cursor CLI...");
const startTime = performance.now();
// create env without XDG_CONFIG_HOME so CLI uses $HOME/.cursor/ where we wrote config
const cliEnv = Object.fromEntries(
Object.entries(process.env).filter(([key]) => key !== "XDG_CONFIG_HOME")
);
return new Promise((resolve) => {
const child = spawn(cliPath, cursorArgs, {
cwd: process.cwd(),
env: cliEnv,
stdio: ["ignore", "pipe", "pipe"],
});
let stdout = "";
let stderr = "";
let stdoutBuffer = "";
child.on("spawn", () => {
log.debug("Cursor CLI process spawned");
});
child.stdout?.on("data", async (data) => {
const text = data.toString();
stdout += text;
markActivity(); // reset activity timeout on any CLI output
// buffer incomplete lines across chunks (NDJSON format)
stdoutBuffer += text;
const lines = stdoutBuffer.split("\n");
// keep the last element (may be incomplete) in the buffer
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) continue;
try {
const event = JSON.parse(trimmed) as CursorEvent;
log.debug(JSON.stringify(event, null, 2));
// skip empty thinking deltas
if (event.type === "thinking" && event.subtype === "delta" && !event.text) {
continue;
}
// route to appropriate handler
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
if (handler) {
await handler(event as never);
}
} catch {
// ignore parse errors - might be formatted tool call logs from cursor cli
}
}
});
child.stderr?.on("data", (data) => {
const text = data.toString();
stderr += text;
process.stderr.write(text);
log.info(text);
});
child.on("close", async (code, signal) => {
if (signal) {
log.info(`Cursor CLI terminated by signal: ${signal}`);
}
const duration = ((performance.now() - startTime) / 1000).toFixed(1);
if (code === 0) {
log.success(`Cursor CLI completed successfully in ${duration}s`);
resolve({
success: true,
output: stdout.trim(),
});
} else {
const errorMessage = stderr || `Cursor CLI exited with code ${code}`;
log.error(`Cursor CLI failed after ${duration}s: ${errorMessage}`);
resolve({
success: false,
error: errorMessage,
output: stdout.trim(),
});
}
});
child.on("error", (error) => {
const duration = ((performance.now() - startTime) / 1000).toFixed(1);
const errorMessage = error.message || String(error);
log.error(`Cursor CLI execution failed after ${duration}s: ${errorMessage}`);
resolve({
success: false,
error: errorMessage,
output: stdout.trim(),
});
});
});
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
log.error(`Cursor execution failed: ${errorMessage}`);
return {
success: false,
error: errorMessage,
output: "",
};
}
},
});
// get the cursor config directory
// always use $HOME/.cursor/ for consistency
// when spawning the CLI, we unset XDG_CONFIG_HOME so it looks here too
function getCursorConfigDir(): string {
return join(homedir(), ".cursor");
}
// There was an issue on macOS when you set HOME to a temp directory
// it was unable to find the macOS keychain and would fail
// temp solution is to stick with the actual $HOME
function configureCursorMcpServers(ctx: AgentRunContext): void {
const cursorConfigDir = getCursorConfigDir();
const mcpConfigPath = join(cursorConfigDir, "mcp.json");
mkdirSync(cursorConfigDir, { recursive: true });
const mcpServers = {
[ghPullfrogMcpName]: { type: "http", url: ctx.mcpServerUrl },
};
writeFileSync(mcpConfigPath, JSON.stringify({ mcpServers }, null, 2), "utf-8");
log.info(`» MCP config written to ${mcpConfigPath}`);
}
interface CursorCliConfig {
permissions: {
allow: string[];
deny: string[];
};
sandbox?: {
mode: "enabled" | "disabled";
networkAccess?: "allowlist" | "full";
};
}
/**
* Configure Cursor CLI tool permissions via cli-config.json.
*
* Config path: $HOME/.cursor/cli-config.json
*/
function configureCursorTools(ctx: AgentRunContext): void {
const cursorConfigDir = getCursorConfigDir();
const cliConfigPath = join(cursorConfigDir, "cli-config.json");
mkdirSync(cursorConfigDir, { recursive: true });
// build deny list based on tool permissions
const shell = ctx.payload.shell;
const deny: string[] = [];
if (ctx.payload.search === "disabled") deny.push("WebSearch");
// both "disabled" and "restricted" block native shell
if (shell !== "enabled") deny.push("Shell(*)");
// always block native file tools (use MCP file_read/file_write instead)
deny.push("Read(*)", "Write(*)", "StrReplace(*)", "EditNotebook(*)", "Delete(*)");
// block built-in subagent spawning — delegation is handled by gh_pullfrog/delegate
deny.push("Task(*)");
const config: CursorCliConfig = {
permissions: {
allow: [],
deny,
},
};
// web: "disabled" requires sandbox with network blocking
// sandbox.networkAccess: "allowlist" blocks network in shell subprocesses via seatbelt
if (ctx.payload.web === "disabled") {
config.sandbox = {
mode: "enabled",
networkAccess: "allowlist",
};
}
writeFileSync(cliConfigPath, JSON.stringify(config, null, 2), "utf-8");
log.info(`» CLI config written to ${cliConfigPath}`);
log.debug(`» disallowed built-ins: ${JSON.stringify(deny)}`);
log.debug(`» CLI config contents: ${JSON.stringify(config, null, 2)}`);
}
-440
View File
@@ -1,440 +0,0 @@
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
// changes to tool permissions should be reflected in wiki/granular-tools.md
// changes to web search configuration should be reflected in wiki/websearch.md
import { mkdirSync, readFileSync, writeFileSync } from "node:fs";
import { homedir } from "node:os";
import { join } from "node:path";
import type { Effort } from "../external.ts";
import { ghPullfrogMcpName } from "../external.ts";
import { markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromGithub } from "../utils/install.ts";
import { spawn } from "../utils/subprocess.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { getGitHubInstallationToken } from "../utils/token.ts";
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
// effort configuration: model + thinking level
// thinkingLevel is set via settings.json modelConfig.generateContentConfig.thinkingConfig
// see: https://ai.google.dev/gemini-api/docs/thinking#thinking-levels
// latest models:
const geminiEffortConfig: Record<Effort, { model: string; thinkingLevel: string }> = {
// https://ai.google.dev/gemini-api/docs/models
// the docs mention needing to enable preview features for these models but if you
// pass the model directly it works if we ever did need to do something like this,
// we could write to .gemini/settings.json
mini: { model: "gemini-3-flash-preview", thinkingLevel: "LOW" },
auto: { model: "gemini-3-pro-preview", thinkingLevel: "HIGH" },
max: { model: "gemini-3-pro-preview", thinkingLevel: "HIGH" },
} as const;
// gemini cli event types inferred from stream-json output (NDJSON format)
interface GeminiInitEvent {
type: "init";
timestamp?: string;
session_id?: string;
model?: string;
[key: string]: unknown;
}
interface GeminiMessageEvent {
type: "message";
timestamp?: string;
role?: "user" | "assistant";
content?: string;
delta?: boolean;
[key: string]: unknown;
}
interface GeminiToolUseEvent {
type: "tool_use";
timestamp?: string;
tool_name?: string;
tool_id?: string;
parameters?: unknown;
[key: string]: unknown;
}
interface GeminiToolResultEvent {
type: "tool_result";
timestamp?: string;
tool_id?: string;
status?: "success" | "error";
output?: string;
[key: string]: unknown;
}
interface GeminiResultEvent {
type: "result";
timestamp?: string;
status?: "success" | "error";
stats?: {
total_tokens?: number;
input_tokens?: number;
output_tokens?: number;
duration_ms?: number;
tool_calls?: number;
};
[key: string]: unknown;
}
type GeminiEvent =
| GeminiInitEvent
| GeminiMessageEvent
| GeminiToolUseEvent
| GeminiToolResultEvent
| GeminiResultEvent;
// pinned CLI version — gemini-cli is installed from GitHub releases, not npm
const GEMINI_CLI_VERSION = "v0.28.2";
// transient API error patterns that warrant a retry.
// these are server-side issues, not client errors.
const TRANSIENT_ERROR_PATTERNS = [
"INTERNAL",
"status: 500",
"status: 503",
"UNAVAILABLE",
"RESOURCE_EXHAUSTED",
];
function isTransientApiError(output: string): boolean {
return TRANSIENT_ERROR_PATTERNS.some((pattern) => output.includes(pattern));
}
const MAX_ATTEMPTS = 2;
const RETRY_DELAY_MS = 5_000;
// run-local state container — passed to handlers via closure for parallel-safe runs
type GeminiRunState = {
assistantMessageBuffer: string;
usage: AgentUsage | null;
};
function createMessageHandlers(runState: GeminiRunState) {
return {
init: (_event: GeminiInitEvent) => {
log.debug(JSON.stringify(_event, null, 2));
// initialization event - no logging needed
runState.assistantMessageBuffer = "";
},
message: (event: GeminiMessageEvent) => {
log.debug(JSON.stringify(event, null, 2));
if (event.role === "assistant" && event.content?.trim()) {
if (event.delta) {
// accumulate delta messages
runState.assistantMessageBuffer += event.content;
} else {
// final message - log it
const message = event.content.trim();
if (message) {
log.box(message, { title: "Gemini" });
}
runState.assistantMessageBuffer = "";
}
} else if (
event.role === "assistant" &&
!event.delta &&
runState.assistantMessageBuffer.trim()
) {
// if we have buffered content and get a non-delta message, log the buffer
log.box(runState.assistantMessageBuffer.trim(), { title: "Gemini" });
runState.assistantMessageBuffer = "";
}
},
tool_use: (event: GeminiToolUseEvent, thinkingTimer: ThinkingTimer) => {
log.debug(JSON.stringify(event, null, 2));
if (event.tool_name) {
thinkingTimer.markToolCall();
log.toolCall({
toolName: event.tool_name,
input: event.parameters || {},
});
}
},
tool_result: (event: GeminiToolResultEvent, thinkingTimer: ThinkingTimer) => {
log.debug(JSON.stringify(event, null, 2));
thinkingTimer.markToolResult();
if (event.status === "error") {
const errorMsg =
typeof event.output === "string" ? event.output : JSON.stringify(event.output);
log.info(`Tool call failed: ${errorMsg}`);
} else if (event.output) {
// log successful tool result so it appears in output
const outputStr =
typeof event.output === "string" ? event.output : JSON.stringify(event.output);
log.debug(`tool output: ${outputStr}`);
}
},
result: async (event: GeminiResultEvent) => {
log.debug(JSON.stringify(event, null, 2));
// log any remaining buffered assistant message
if (runState.assistantMessageBuffer.trim()) {
log.box(runState.assistantMessageBuffer.trim(), { title: "Gemini" });
runState.assistantMessageBuffer = "";
}
if (event.status === "success" && event.stats) {
const stats = event.stats;
runState.usage = {
agent: "gemini",
inputTokens: stats.input_tokens ?? 0,
outputTokens: stats.output_tokens ?? 0,
};
const rows: Array<Array<{ data: string; header?: boolean } | string>> = [
[
{ data: "Input Tokens", header: true },
{ data: "Output Tokens", header: true },
{ data: "Total Tokens", header: true },
{ data: "Tool Calls", header: true },
{ data: "Duration (ms)", header: true },
],
[
String(stats.input_tokens || 0),
String(stats.output_tokens || 0),
String(stats.total_tokens || 0),
String(stats.tool_calls || 0),
String(stats.duration_ms || 0),
],
];
log.table(rows);
} else if (event.status === "error") {
log.error(`Gemini CLI failed: ${JSON.stringify(event)}`);
}
},
};
}
async function installGemini(githubInstallationToken?: string): Promise<string> {
return await installFromGithub({
owner: "google-gemini",
repo: "gemini-cli",
tag: GEMINI_CLI_VERSION,
assetName: "gemini.js",
...(githubInstallationToken && { githubInstallationToken }),
});
}
export const gemini = agent({
name: "gemini",
install: installGemini,
run: async (ctx) => {
// install CLI at start of run - use token for GitHub API rate limiting
const cliPath = await installGemini(getGitHubInstallationToken());
const model = configureGeminiSettings(ctx);
if (!process.env.GOOGLE_API_KEY && !process.env.GEMINI_API_KEY) {
throw new Error("GOOGLE_API_KEY or GEMINI_API_KEY is required for gemini agent");
}
// build CLI args - --yolo for auto-approval
// tool restrictions handled via settings.json tools.exclude
const args = [
"--model",
model,
"--yolo",
"--output-format=stream-json",
"-p",
ctx.instructions.full,
];
for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
let finalOutput = "";
let stdoutBuffer = "";
const runState: GeminiRunState = { assistantMessageBuffer: "", usage: null };
const messageHandlers = createMessageHandlers(runState);
const thinkingTimer = new ThinkingTimer();
try {
const result = await spawn({
cmd: "node",
args: [cliPath, ...args],
env: process.env,
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
onStdout: async (chunk) => {
const text = chunk.toString();
finalOutput += text;
markActivity(); // reset activity timeout on any CLI output
// buffer incomplete lines across chunks (NDJSON format)
stdoutBuffer += text;
const lines = stdoutBuffer.split("\n");
// keep the last element (may be incomplete) in the buffer
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) continue;
log.debug(`[gemini stdout] ${trimmed}`);
try {
const event = JSON.parse(trimmed) as GeminiEvent;
markActivity(); // reset activity timeout on every event
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
if (handler) {
await handler(event as never, thinkingTimer);
}
} catch {
// ignore parse errors - might be non-JSON output from gemini cli
log.debug(`[gemini] non-JSON stdout line: ${trimmed.substring(0, 200)}`);
}
}
},
onStderr: (chunk) => {
const trimmed = chunk.trim();
if (trimmed) {
log.info(`[gemini stderr] ${trimmed}`);
finalOutput += trimmed + "\n";
}
},
});
if (result.exitCode !== 0) {
const errorMessage =
result.stderr ||
finalOutput ||
result.stdout ||
"Unknown error - no output from Gemini CLI";
// retry on transient API errors (500, 503, INTERNAL, etc.)
if (attempt < MAX_ATTEMPTS && isTransientApiError(errorMessage)) {
log.info(
`» transient Gemini API error on attempt ${attempt}/${MAX_ATTEMPTS}, retrying in ${RETRY_DELAY_MS / 1000}s...`
);
await new Promise((resolve) => setTimeout(resolve, RETRY_DELAY_MS));
continue;
}
log.error(`Gemini CLI exited with code ${result.exitCode}: ${errorMessage}`);
return {
success: false,
error: errorMessage,
output: finalOutput || result.stdout || "",
usage: runState.usage ?? undefined,
};
}
finalOutput = finalOutput || result.stdout || "Gemini CLI completed successfully.";
log.info("» Gemini CLI completed successfully");
return {
success: true,
output: finalOutput,
usage: runState.usage ?? undefined,
};
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
// retry on transient API errors from spawn exceptions too
if (attempt < MAX_ATTEMPTS && isTransientApiError(errorMessage)) {
log.info(
`» transient Gemini API error on attempt ${attempt}/${MAX_ATTEMPTS}, retrying in ${RETRY_DELAY_MS / 1000}s...`
);
await new Promise((resolve) => setTimeout(resolve, RETRY_DELAY_MS));
continue;
}
log.error(`Failed to run Gemini CLI: ${errorMessage}`);
return {
success: false,
error: errorMessage,
output: finalOutput || "",
usage: runState.usage ?? undefined,
};
}
}
// should never reach here, but satisfy TypeScript
return { success: false, error: "exhausted all retry attempts", output: "" };
},
});
/**
* Configure Gemini CLI settings by writing to settings.json.
* Returns the model to use for CLI args.
*
* See: https://github.com/google-gemini/gemini-cli/blob/main/docs/get-started/configuration.md
*/
function configureGeminiSettings(ctx: AgentRunContext): string {
const effortConfig = geminiEffortConfig[ctx.payload.effort];
// allow env var override for tests (e.g., to avoid flash RPD quota limits)
const model = process.env.GEMINI_MODEL ?? effortConfig.model;
const thinkingLevel = effortConfig.thinkingLevel;
log.info(`» model: ${model} (thinkingLevel: ${thinkingLevel})`);
const realHome = homedir();
const geminiConfigDir = join(realHome, ".gemini");
const settingsPath = join(geminiConfigDir, "settings.json");
mkdirSync(geminiConfigDir, { recursive: true });
// read existing settings if present
let existingSettings: Record<string, unknown> = {};
try {
const content = readFileSync(settingsPath, "utf-8");
existingSettings = JSON.parse(content);
} catch {
// file doesn't exist or is invalid - start fresh
}
// convert to Gemini's expected format (httpUrl for HTTP transport, no type field)
interface GeminiMcpServerConfig {
command?: string;
args?: string[];
env?: Record<string, string>;
cwd?: string;
url?: string;
httpUrl?: string;
headers?: Record<string, string>;
timeout?: number;
trust?: boolean;
description?: string;
includeTools?: string[];
excludeTools?: string[];
}
log.info(`» adding MCP server '${ghPullfrogMcpName}' at ${ctx.mcpServerUrl}...`);
const geminiMcpServers: Record<string, GeminiMcpServerConfig> = {
[ghPullfrogMcpName]: {
httpUrl: ctx.mcpServerUrl,
trust: true, // trust our own MCP server to avoid confirmation prompts
},
};
// build tools.exclude based on permissions (v0.3.0+ nested format)
const shell = ctx.payload.shell;
const exclude: string[] = [];
if (shell !== "enabled") exclude.push("run_shell_command");
if (ctx.payload.web === "disabled") exclude.push("web_fetch");
if (ctx.payload.search === "disabled") exclude.push("google_web_search");
// always block native file tools (use MCP file_read/file_write instead)
exclude.push("read_file", "write_file", "list_directory");
// merge with existing settings, overwriting mcpServers and modelConfig
const newSettings: Record<string, unknown> = {
...existingSettings,
mcpServers: geminiMcpServers,
// configure thinking level via modelConfig
// see: https://ai.google.dev/api/generate-content (ThinkingConfig)
modelConfig: {
generateContentConfig: {
thinkingConfig: {
thinkingLevel,
},
},
},
// v0.3.0+ nested format
...(exclude.length > 0 && { tools: { exclude } }),
};
writeFileSync(settingsPath, JSON.stringify(newSettings, null, 2), "utf-8");
log.info(`» Gemini settings written to ${settingsPath}`);
if (exclude.length > 0) {
log.debug(`» disallowed built-ins: ${JSON.stringify(exclude)}`);
}
return model;
}
+2 -13
View File
@@ -1,17 +1,6 @@
import type { AgentName } from "../external.ts";
import { claude } from "./claude.ts";
import { codex } from "./codex.ts";
import { cursor } from "./cursor.ts";
import { gemini } from "./gemini.ts";
import { opencode } from "./opencode.ts";
import { opentoad } from "./opentoad.ts";
import type { Agent } from "./shared.ts";
export type { Agent, AgentUsage } from "./shared.ts";
export const agents = {
claude,
codex,
cursor,
gemini,
opencode,
} satisfies Record<AgentName, Agent>;
export const agents = { opentoad } satisfies Record<string, Agent>;
-875
View File
@@ -1,875 +0,0 @@
// changes to effort level configuration should be reflected in wiki/effort.md and docs/effort.mdx
// changes to tool permissions should be reflected in wiki/granular-tools.md
// changes to web search configuration should be reflected in wiki/websearch.md
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
import { join } from "node:path";
import { performance } from "node:perf_hooks";
import { ghPullfrogMcpName } from "../external.ts";
import { getIdleMs, markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromNpmTarball } from "../utils/install.ts";
import { spawn } from "../utils/subprocess.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
// pinned CLI version — no 1-1 package.json dependency for the CLI package
// (package.json has @opencode-ai/sdk which is the SDK, not the CLI)
const OPENCODE_CLI_VERSION = "1.1.56";
// known provider error patterns in stderr (from --print-logs output).
// when OpenCode encounters these, it often goes silent on stdout (Issue #752),
// so we surface them prominently instead of burying them in debug warnings.
const PROVIDER_ERROR_PATTERNS = [
{ pattern: "429", label: "rate limited (429)" },
{ pattern: "RESOURCE_EXHAUSTED", label: "quota exhausted" },
{ pattern: "quota", label: "quota error" },
{ pattern: "status: 500", label: "provider 500 error" },
{ pattern: "INTERNAL", label: "provider internal error" },
{ pattern: "status: 503", label: "provider unavailable (503)" },
{ pattern: "UNAVAILABLE", label: "provider unavailable" },
{ pattern: "rate limit", label: "rate limited" },
{ pattern: "limit: 0", label: "zero quota" },
];
function detectProviderError(text: string): string | null {
for (const entry of PROVIDER_ERROR_PATTERNS) {
if (text.includes(entry.pattern)) return entry.label;
}
return null;
}
type OpenCodeConfig = {
mcp?: Record<string, unknown>;
permission?: Record<string, unknown>;
provider?: Record<string, unknown>;
model?: string;
enabled_providers?: string[];
[key: string]: unknown;
};
type RecordPropertyContext = {
value: unknown;
key: string;
};
type RepoConfigLoadContext = {
repoConfigPath: string;
};
type ProviderFromModelContext = {
model: string;
};
type InlineConfigOverrideContext = {
model: string;
};
type InlineConfigOverride = {
providerId: string;
content: string;
};
type ModelOverrideResolutionContext = {
effort: AgentRunContext["payload"]["effort"];
env: NodeJS.ProcessEnv;
};
type ModelOverrideResolution = {
model: string;
source: "OPENCODE_MODEL_MINI" | "OPENCODE_MODEL_MAX" | "OPENCODE_MODEL";
};
function isRecord(value: unknown): value is Record<string, unknown> {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function getRecordProperty(ctx: RecordPropertyContext): Record<string, unknown> | undefined {
if (!isRecord(ctx.value)) {
return undefined;
}
const propertyValue = ctx.value[ctx.key];
if (!isRecord(propertyValue)) {
return undefined;
}
return propertyValue;
}
function loadRepoOpenCodeConfig(ctx: RepoConfigLoadContext): OpenCodeConfig | undefined {
if (!existsSync(ctx.repoConfigPath)) {
log.info(`» repo opencode.json not found at ${ctx.repoConfigPath}`);
return undefined;
}
try {
const rawConfig = readFileSync(ctx.repoConfigPath, "utf-8");
const parsedConfig = JSON.parse(rawConfig);
if (!isRecord(parsedConfig)) {
log.warning(`» repo opencode.json is not an object: ${ctx.repoConfigPath}`);
return undefined;
}
const providerConfig = getRecordProperty({ value: parsedConfig, key: "provider" });
if (providerConfig) {
const providerNames = Object.keys(providerConfig);
log.info(`» repo opencode provider config detected: ${providerNames.join(", ")}`);
}
const result: OpenCodeConfig = parsedConfig;
log.info(`» loaded repo opencode.json from ${ctx.repoConfigPath}`);
return result;
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
log.warning(`» failed to parse repo opencode.json at ${ctx.repoConfigPath}: ${errorMessage}`);
return undefined;
}
}
function parseProviderFromModel(ctx: ProviderFromModelContext): string | undefined {
const trimmedModel = ctx.model.trim();
const slashIndex = trimmedModel.indexOf("/");
if (slashIndex <= 0) {
return undefined;
}
const providerId = trimmedModel.slice(0, slashIndex).trim().toLowerCase();
if (!providerId) {
return undefined;
}
return providerId;
}
function buildInlineConfigOverride(
ctx: InlineConfigOverrideContext
): InlineConfigOverride | undefined {
const providerId = parseProviderFromModel({ model: ctx.model });
if (!providerId) {
return undefined;
}
const inlineConfig: OpenCodeConfig = {
model: ctx.model,
enabled_providers: [providerId],
};
return {
providerId,
content: JSON.stringify(inlineConfig),
};
}
function readNonEmptyEnvVar(ctx: { env: NodeJS.ProcessEnv; name: string }): string | undefined {
const value = ctx.env[ctx.name];
if (!value) {
return undefined;
}
const trimmed = value.trim();
if (!trimmed) {
return undefined;
}
return trimmed;
}
function resolveModelOverride(
ctx: ModelOverrideResolutionContext
): ModelOverrideResolution | undefined {
if (ctx.effort === "mini") {
const miniModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL_MINI" });
if (miniModel) {
return { model: miniModel, source: "OPENCODE_MODEL_MINI" };
}
}
if (ctx.effort === "max") {
const maxModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL_MAX" });
if (maxModel) {
return { model: maxModel, source: "OPENCODE_MODEL_MAX" };
}
}
const baseModel = readNonEmptyEnvVar({ env: ctx.env, name: "OPENCODE_MODEL" });
if (!baseModel) {
return undefined;
}
return { model: baseModel, source: "OPENCODE_MODEL" };
}
async function installOpencode(): Promise<string> {
return await installFromNpmTarball({
packageName: "opencode-ai",
version: OPENCODE_CLI_VERSION,
executablePath: "bin/opencode",
installDependencies: true,
});
}
export const opencode = agent({
name: "opencode",
install: installOpencode,
run: async (ctx) => {
// install CLI at start of run
const cliPath = await installOpencode();
// 1. configure home/config directory
const tempHome = ctx.tmpdir;
const configDir = join(tempHome, ".config", "opencode");
mkdirSync(configDir, { recursive: true });
configureOpenCode(ctx);
// message positional must come right after "run", before flags.
// --print-logs makes OpenCode write internal logs to stderr (otherwise they only go to a log file).
// this is critical for debugging since opencode run suppresses errors by default (Issue #752).
const args = ["run", ctx.instructions.full, "--format", "json", "--print-logs"];
// resolve model override from environment.
// precedence:
// 1) effort-specific overrides (OPENCODE_MODEL_MINI / OPENCODE_MODEL_MAX)
// 2) OPENCODE_MODEL fallback
// 3) OpenCode auto-select
const modelOverride = resolveModelOverride({
effort: ctx.payload.effort,
env: process.env,
});
if (modelOverride) {
args.push("--model", modelOverride.model);
log.info(`» model: ${modelOverride.model} (override via ${modelOverride.source})`);
} else {
log.info(`» model: auto-selected by OpenCode`);
}
process.env.HOME = tempHome;
// XDG_CONFIG_HOME must be set because GitHub Actions sets it to a different path,
// and OpenCode follows XDG spec (checks XDG_CONFIG_HOME before falling back to $HOME/.config)
const env: NodeJS.ProcessEnv = {
...process.env,
HOME: tempHome,
XDG_CONFIG_HOME: join(tempHome, ".config"),
// set GOOGLE_GENERATIVE_AI_API_KEY alias for Google provider compatibility (if not already set)
GOOGLE_GENERATIVE_AI_API_KEY:
process.env.GOOGLE_GENERATIVE_AI_API_KEY || process.env.GEMINI_API_KEY,
};
if (modelOverride) {
const inlineOverride = buildInlineConfigOverride({ model: modelOverride.model });
if (inlineOverride) {
env.OPENCODE_CONFIG_CONTENT = inlineOverride.content;
log.info(
`» OpenCode inline config override enabled: provider=${inlineOverride.providerId}, model=${modelOverride.model}`
);
} else {
log.warning(
`» skipping OpenCode inline config override: unable to parse provider from model "${modelOverride.model}"`
);
}
}
const hasOpenRouterKey = Boolean(env.OPENROUTER_API_KEY);
const hasAnthropicKey = Boolean(env.ANTHROPIC_API_KEY);
const hasOpenAiKey = Boolean(env.OPENAI_API_KEY);
const hasGoogleKey = Boolean(
env.GOOGLE_API_KEY || env.GEMINI_API_KEY || env.GOOGLE_GENERATIVE_AI_API_KEY
);
log.info(
`» provider key presence: OPENROUTER=${hasOpenRouterKey ? "set" : "unset"}, ANTHROPIC=${hasAnthropicKey ? "set" : "unset"}, OPENAI=${hasOpenAiKey ? "set" : "unset"}, GOOGLE=${hasGoogleKey ? "set" : "unset"}`
);
// OpenCode doesn't support GitHub App installation tokens
delete env.GITHUB_TOKEN;
// run OpenCode in the repository directory (process.cwd() is set to GITHUB_WORKSPACE or repo dir)
const repoDir = process.cwd();
log.debug(`» starting OpenCode: ${cliPath} ${args.join(" ")}`);
log.debug(`» working directory: ${repoDir}`);
log.debug(`» HOME: ${env.HOME}`);
log.debug(`» XDG_CONFIG_HOME: ${env.XDG_CONFIG_HOME}`);
const startTime = performance.now();
let eventCount = 0;
const thinkingTimer = new ThinkingTimer();
// reset module-level state before each run (same pattern as claude/codex/gemini).
// without this, a failed subprocess that never emits an init event would
// carry stale token counts or output from a prior delegation run.
finalOutput = "";
accumulatedTokens = { input: 0, output: 0 };
tokensLogged = false;
// track recent stderr lines for provider error diagnosis.
// when OpenCode goes silent on stdout, these are the only clue.
const recentStderr: string[] = [];
const MAX_STDERR_LINES = 20;
let lastProviderError: string | null = null;
let output = "";
let stdoutBuffer = ""; // buffer for incomplete lines across chunks
try {
const result = await spawn({
cmd: cliPath,
args,
cwd: repoDir,
env,
activityTimeout: 0, // process-level activity timeout (5min) is the single authority
stdio: ["ignore", "pipe", "pipe"],
onStdout: async (chunk) => {
const text = chunk.toString();
output += text;
markActivity(); // reset activity timeout on any CLI output
// buffer incomplete lines across chunks (NDJSON format)
stdoutBuffer += text;
const lines = stdoutBuffer.split("\n");
// keep the last element (may be incomplete) in the buffer
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) {
continue;
}
try {
const event = JSON.parse(trimmed) as OpenCodeEvent;
eventCount++;
// debug log all events to diagnose ordering and missing MCP/shell tool calls
log.debug(JSON.stringify(event, null, 2));
const timeSinceLastActivity = getIdleMs();
if (timeSinceLastActivity > 10000) {
const activeToolCalls = toolCallTimings.size;
const toolCallInfo =
activeToolCalls > 0
? ` (waiting for ${activeToolCalls} tool call${activeToolCalls > 1 ? "s" : ""})`
: " (OpenCode may be processing internally - LLM calls, planning, etc.)";
log.info(
`» no activity for ${(timeSinceLastActivity / 1000).toFixed(1)}s${toolCallInfo} (${eventCount} events processed so far)`
);
}
markActivity(); // reset activity timeout on every event
const handler = messageHandlers[event.type as keyof typeof messageHandlers];
if (handler) {
await handler(event as never, thinkingTimer);
} else {
// log unhandled event types for visibility
log.info(
`» OpenCode event (unhandled): type=${event.type}, data=${JSON.stringify(event).substring(0, 500)}`
);
}
} catch {
// non-JSON lines are ignored (might be debug output from opencode)
log.debug(`» non-JSON stdout line: ${trimmed.substring(0, 200)}`);
}
}
},
onStderr: (chunk) => {
const trimmed = chunk.trim();
if (!trimmed) return;
// track recent stderr for diagnosis
recentStderr.push(trimmed);
if (recentStderr.length > MAX_STDERR_LINES) recentStderr.shift();
// detect provider errors and surface them prominently
const providerError = detectProviderError(trimmed);
if (providerError) {
lastProviderError = providerError;
log.info(`» provider error detected (${providerError}): ${trimmed.substring(0, 500)}`);
} else {
//agent OpenCode's --print-logs output goes to stderr. demote internal
// INFO/DEBUG bus traffic to debug so it doesn't drown out tool
// call logs in the GitHub Actions step output.
log.debug(trimmed);
}
},
});
const duration = performance.now() - startTime;
log.info(
`» OpenCode CLI completed in ${Math.round(duration)}ms with exit code ${result.exitCode}`
);
// if zero events processed, something went wrong - surface stderr context
if (eventCount === 0) {
const stderrContext = recentStderr.join("\n");
const diagnosis = lastProviderError
? `provider error: ${lastProviderError}`
: "unknown cause (no stdout events received)";
log.info(`» OpenCode produced 0 events (${diagnosis})`);
if (stderrContext) {
log.info(`» last stderr output:\n${stderrContext}`);
}
}
// log tokens if they weren't logged yet (fallback if result event wasn't emitted)
if (!tokensLogged && (accumulatedTokens.input > 0 || accumulatedTokens.output > 0)) {
const totalTokens = accumulatedTokens.input + accumulatedTokens.output;
log.table([
[
{ data: "Input Tokens", header: true },
{ data: "Output Tokens", header: true },
{ data: "Total Tokens", header: true },
],
[String(accumulatedTokens.input), String(accumulatedTokens.output), String(totalTokens)],
]);
}
const usage = buildOpenCodeUsage();
// return result
if (result.exitCode !== 0) {
const errorContext = lastProviderError ? ` (${lastProviderError})` : "";
const errorMessage =
result.stderr ||
result.stdout ||
`unknown error - no output from OpenCode CLI${errorContext}`;
log.error(
`OpenCode CLI exited with code ${result.exitCode}${errorContext}: ${errorMessage}`
);
log.debug(`OpenCode stdout: ${result.stdout?.substring(0, 500)}`);
log.debug(`OpenCode stderr: ${result.stderr?.substring(0, 500)}`);
return {
success: false,
output: finalOutput || output,
error: errorMessage,
usage,
};
}
if (eventCount === 0 && lastProviderError) {
return {
success: false,
output: finalOutput || output,
error: `provider error: ${lastProviderError}`,
usage,
};
}
return {
success: true,
output: finalOutput || output,
usage,
};
} catch (error) {
// activity timeout or process timeout - surface the real cause
const duration = performance.now() - startTime;
const errorMessage = error instanceof Error ? error.message : String(error);
const isActivityTimeout = errorMessage.includes("activity timeout");
// build a diagnostic message that includes provider context
const stderrContext = recentStderr.slice(-10).join("\n");
const diagnosis = lastProviderError
? `likely cause: ${lastProviderError}`
: eventCount === 0
? "OpenCode produced 0 stdout events - check if the model provider is reachable"
: `${eventCount} events were processed before the hang`;
log.info(
`» OpenCode ${isActivityTimeout ? "hung" : "failed"} after ${(duration / 1000).toFixed(1)}s: ${errorMessage}`
);
log.info(`» diagnosis: ${diagnosis}`);
if (stderrContext) {
log.info(
`» recent stderr (last ${Math.min(recentStderr.length, 10)} lines):\n${stderrContext}`
);
}
return {
success: false,
output: finalOutput || output,
error: `${errorMessage} [${diagnosis}]`,
usage: buildOpenCodeUsage(),
};
}
},
});
/**
* Configure OpenCode via opencode.json config file.
* Builds complete config with MCP servers and permissions in a single write to avoid race conditions.
*/
function configureOpenCode(ctx: AgentRunContext): void {
const configDir = join(ctx.tmpdir, ".config", "opencode");
mkdirSync(configDir, { recursive: true });
const configPath = join(configDir, "opencode.json");
const repoConfigPath = join(process.cwd(), "opencode.json");
const repoConfig = loadRepoOpenCodeConfig({ repoConfigPath });
if (repoConfig?.model) {
log.info(`» repo opencode model configured: ${repoConfig.model}`);
}
// build MCP servers config
const opencodeMcpServers: Record<string, unknown> = {};
const repoMcpServers = getRecordProperty({ value: repoConfig, key: "mcp" });
if (repoMcpServers) {
Object.assign(opencodeMcpServers, repoMcpServers);
}
opencodeMcpServers[ghPullfrogMcpName] = { type: "remote" as const, url: ctx.mcpServerUrl };
// build permission object based on tool permissions
// note: OpenCode has no built-in web search tool
const shell = ctx.payload.shell;
const permission: Record<string, unknown> = {};
const repoPermission = getRecordProperty({ value: repoConfig, key: "permission" });
if (repoPermission) {
Object.assign(permission, repoPermission);
}
permission.edit = "deny";
permission.read = "deny";
permission.bash = shell !== "enabled" ? "deny" : "allow";
permission.webfetch = ctx.payload.web === "disabled" ? "deny" : "allow";
permission.external_directory = "deny";
// build complete config in one object
const config: OpenCodeConfig = {};
if (repoConfig) {
Object.assign(config, repoConfig);
}
config.mcp = opencodeMcpServers;
config.permission = permission;
const configJson = JSON.stringify(config, null, 2);
try {
writeFileSync(configPath, configJson, "utf-8");
} catch (error) {
log.error(
`failed to write OpenCode config to ${configPath}: ${error instanceof Error ? error.message : String(error)}`
);
throw error;
}
log.info(`» OpenCode config written to ${configPath}`);
log.debug(`» disallowed built-ins: ${JSON.stringify(permission)}`);
log.debug(`OpenCode config contents:\n${configJson}`);
}
////////////////////////////////////////////
//////////// EVENT HANDLERS ////////////
////////////////////////////////////////////
// opencode cli event types inferred from json output format
interface OpenCodeInitEvent {
type: "init";
timestamp?: string;
session_id?: string;
model?: string;
[key: string]: unknown;
}
interface OpenCodeMessageEvent {
type: "message";
timestamp?: string;
role?: "user" | "assistant";
content?: string;
delta?: boolean;
[key: string]: unknown;
}
interface OpenCodeTextEvent {
type: "text";
timestamp?: string;
sessionID?: string;
part?: {
id?: string;
type?: string;
text?: string;
[key: string]: unknown;
};
[key: string]: unknown;
}
interface OpenCodeStepStartEvent {
type: "step_start";
timestamp?: string;
sessionID?: string;
part?: {
id?: string;
type?: string;
[key: string]: unknown;
};
[key: string]: unknown;
}
interface OpenCodeStepFinishEvent {
type: "step_finish";
timestamp?: string;
sessionID?: string;
part?: {
id?: string;
type?: string;
reason?: string;
cost?: number;
tokens?: {
input?: number;
output?: number;
reasoning?: number;
cache?: {
read?: number;
write?: number;
};
};
[key: string]: unknown;
};
[key: string]: unknown;
}
interface OpenCodeToolUseEvent {
type: "tool_use";
timestamp?: number;
sessionID?: string;
part?: {
id?: string;
callID?: string;
tool?: string;
state?: {
status?: string;
input?: unknown;
output?: string;
};
};
[key: string]: unknown;
}
interface OpenCodeToolResultEvent {
type: "tool_result";
timestamp?: number;
sessionID?: string;
part?: {
callID?: string;
state?: {
status?: string;
output?: string;
};
};
// fallback fields for older format
tool_id?: string;
status?: "success" | "error";
output?: string;
[key: string]: unknown;
}
interface OpenCodeResultEvent {
type: "result";
timestamp?: string;
status?: "success" | "error";
stats?: {
total_tokens?: number;
input_tokens?: number;
output_tokens?: number;
duration_ms?: number;
tool_calls?: number;
};
[key: string]: unknown;
}
interface OpenCodeErrorEvent {
type: "error";
timestamp?: string;
sessionID?: string;
error?: {
name?: string;
message?: string;
data?: unknown;
[key: string]: unknown;
};
[key: string]: unknown;
}
type OpenCodeEvent =
| OpenCodeInitEvent
| OpenCodeMessageEvent
| OpenCodeTextEvent
| OpenCodeStepStartEvent
| OpenCodeStepFinishEvent
| OpenCodeToolUseEvent
| OpenCodeToolResultEvent
| OpenCodeResultEvent
| OpenCodeErrorEvent;
let finalOutput = "";
let accumulatedTokens: { input: number; output: number } = { input: 0, output: 0 };
let tokensLogged = false;
function buildOpenCodeUsage(): AgentUsage | undefined {
return accumulatedTokens.input > 0 || accumulatedTokens.output > 0
? {
agent: "opencode",
inputTokens: accumulatedTokens.input,
outputTokens: accumulatedTokens.output,
}
: undefined;
}
const toolCallTimings = new Map<string, number>();
let currentStepId: string | null = null;
let currentStepType: string | null = null;
let stepHistory: Array<{ stepId: string; stepType: string; toolCalls: string[] }> = [];
const messageHandlers = {
init: (event: OpenCodeInitEvent) => {
// initialization event - reset state
log.debug(
`» OpenCode init: session_id=${event.session_id || "unknown"}, model=${event.model || "unknown"}`
);
log.debug(`» OpenCode init event (full): ${JSON.stringify(event)}`);
finalOutput = "";
accumulatedTokens = { input: 0, output: 0 };
tokensLogged = false;
},
message: (event: OpenCodeMessageEvent) => {
if (event.role === "assistant" && event.content?.trim()) {
const message = event.content.trim();
if (message) {
if (event.delta) {
// delta messages are streaming thoughts/reasoning
log.debug(
`» OpenCode thinking: ${message.substring(0, 300)}${message.length > 300 ? "..." : ""}`
);
} else {
// complete messages
log.debug(
`» OpenCode message (${event.role}): ${message.substring(0, 100)}${message.length > 100 ? "..." : ""}`
);
finalOutput = message;
}
}
} else if (event.role === "user") {
log.debug(
`» OpenCode message (${event.role}): ${event.content?.substring(0, 100) || ""}${event.content && event.content.length > 100 ? "..." : ""}`
);
}
},
text: (event: OpenCodeTextEvent) => {
// log from text events only to avoid duplicates
if (event.part?.text?.trim()) {
const message = event.part.text.trim();
log.box(message, { title: "OpenCode" });
finalOutput = message;
}
},
step_start: (event: OpenCodeStepStartEvent) => {
const stepType = event.part?.type || "unknown";
const stepId = event.part?.id || "unknown";
currentStepId = stepId;
currentStepType = stepType;
stepHistory.push({ stepId, stepType, toolCalls: [] });
},
step_finish: async (event: OpenCodeStepFinishEvent) => {
const stepId = event.part?.id || "unknown";
// accumulate tokens from step_finish events (they come here, not in result)
const eventTokens = event.part?.tokens;
if (eventTokens) {
const inputTokens = eventTokens.input || 0;
const outputTokens = eventTokens.output || 0;
// accumulate tokens (don't log yet - wait for result event)
accumulatedTokens.input += inputTokens;
accumulatedTokens.output += outputTokens;
}
// clear current step
if (currentStepId === stepId) {
currentStepId = null;
currentStepType = null;
}
},
tool_use: (event: OpenCodeToolUseEvent, thinkingTimer: ThinkingTimer) => {
const toolName = event.part?.tool;
const toolId = event.part?.callID;
const parameters = event.part?.state?.input;
const status = event.part?.state?.status;
const output = event.part?.state?.output;
if (!toolName || !toolId) {
// surface dropped tool_use events visibly so missing tool calls are diagnosable
log.info(
`» tool_use event missing toolName or toolId: ${JSON.stringify(event).substring(0, 500)}`
);
return;
}
// track tool call in current step
if (stepHistory.length > 0) {
stepHistory[stepHistory.length - 1].toolCalls.push(toolName);
}
thinkingTimer.markToolCall();
log.toolCall({
toolName,
input: parameters || {},
});
// if tool already completed (status in same event), log output
if (status === "completed" && output) {
log.debug(` output: ${output}`);
}
},
tool_result: (event: OpenCodeToolResultEvent, thinkingTimer: ThinkingTimer) => {
// handle both new part structure and legacy flat structure
const toolId = event.part?.callID || event.tool_id;
const status = event.part?.state?.status || event.status || "unknown";
const output = event.part?.state?.output || event.output;
thinkingTimer.markToolResult();
if (toolId) {
const toolStartTime = toolCallTimings.get(toolId);
if (toolStartTime) {
const toolDuration = performance.now() - toolStartTime;
toolCallTimings.delete(toolId);
const stepContext = currentStepId ? ` (step=${currentStepType || "unknown"})` : "";
log.debug(
`» OpenCode tool_result${stepContext}: id=${toolId}, status=${status}, duration=${Math.round(toolDuration)}ms`
);
if (output) {
log.debug(` output: ${typeof output === "string" ? output : JSON.stringify(output)}`);
}
if (toolDuration > 5000) {
log.info(
`» ⚠️ tool call took ${(toolDuration / 1000).toFixed(1)}s - this may indicate network latency or slow processing`
);
}
}
}
if (status === "error") {
const errorMsg = typeof output === "string" ? output : JSON.stringify(output);
log.info(`» ❌ tool call failed: ${errorMsg}`);
} else if (output) {
// log successful tool result so it appears in captured output
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
log.debug(`tool output: ${outputStr}`);
}
},
result: async (event: OpenCodeResultEvent) => {
const status = event.status || "unknown";
const duration = event.stats?.duration_ms || 0;
const toolCalls = event.stats?.tool_calls || 0;
log.info(
`» OpenCode result: status=${status}, duration=${duration}ms, tool_calls=${toolCalls}`
);
if (event.status === "error") {
log.info(`» OpenCode CLI failed: ${JSON.stringify(event)}`);
} else {
// log tokens once at the end (use stats from result if available, otherwise use accumulated from step_finish)
const inputTokens = event.stats?.input_tokens || accumulatedTokens.input || 0;
const outputTokens = event.stats?.output_tokens || accumulatedTokens.output || 0;
const totalTokens = event.stats?.total_tokens || inputTokens + outputTokens;
log.info(`» run complete: tool_calls=${toolCalls}, duration=${duration}ms`);
if ((inputTokens > 0 || outputTokens > 0) && !tokensLogged) {
log.table([
[
{ data: "Input Tokens", header: true },
{ data: "Output Tokens", header: true },
{ data: "Total Tokens", header: true },
],
[String(inputTokens), String(outputTokens), String(totalTokens)],
]);
tokensLogged = true;
}
}
},
};
+658
View File
@@ -0,0 +1,658 @@
/**
* OpenToad agent — secure harness around OpenCode CLI.
*
* transparently wraps OpenCode with a security layer:
* - bash: "deny" via OPENCODE_CONFIG_CONTENT (agent cannot shell out)
* - MCP ShellTool provides restricted shell (filtered env, no secrets)
* - MCP server injected alongside project config (not replacing)
* - ASKPASS handles git auth separately (token never in subprocess env)
*
* the agent process itself gets full env (needs LLM API keys, PATH, etc.).
* security is enforced at the tool layer, not the process layer.
*/
import { execFileSync } from "node:child_process";
import { mkdirSync } from "node:fs";
import { join } from "node:path";
import { performance } from "node:perf_hooks";
import { ghPullfrogMcpName } from "../external.ts";
import { modelAliases, resolveCliModel } from "../models.ts";
import { getIdleMs, markActivity } from "../utils/activity.ts";
import { log } from "../utils/cli.ts";
import { installFromNpmTarball } from "../utils/install.ts";
import { spawn } from "../utils/subprocess.ts";
import { ThinkingTimer } from "../utils/timer.ts";
import { type AgentResult, type AgentRunContext, type AgentUsage, agent } from "./shared.ts";
// pinned CLI version
const OPENCODE_CLI_VERSION = "1.1.56";
async function installOpencodeCli(): Promise<string> {
return await installFromNpmTarball({
packageName: "opencode-ai",
version: OPENCODE_CLI_VERSION,
executablePath: "bin/opencode",
installDependencies: true,
});
}
// ── config ─────────────────────────────────────────────────────────────────────
type OpenCodeConfig = {
mcp?: Record<string, unknown>;
permission?: Record<string, unknown>;
provider?: Record<string, unknown>;
model?: string;
enabled_providers?: string[];
[key: string]: unknown;
};
function buildSecurityConfig(ctx: AgentRunContext, model: string | undefined): string {
const config: OpenCodeConfig = {
permission: {
bash: "deny",
edit: "allow",
read: "allow",
webfetch: "allow",
external_directory: "deny",
},
mcp: {
[ghPullfrogMcpName]: { type: "remote", url: ctx.mcpServerUrl },
},
};
if (model) {
config.model = model;
const slashIndex = model.indexOf("/");
if (slashIndex > 0) {
config.enabled_providers = [model.slice(0, slashIndex).toLowerCase()];
}
}
return JSON.stringify(config);
}
// ── model resolution (see wiki/model-resolution.md) ─────────────────────────────
//
// priority:
// 1. OPENCODE_MODEL env var (explicit override)
// 2. explicit slug from repo config / payload
// 3. auto-select: `opencode models` → recommended aliases first, then secondary
// 4. undefined → let OpenCode decide
function getOpenCodeModels(cliPath: string): string[] {
try {
const output = execFileSync(cliPath, ["models"], {
encoding: "utf-8",
timeout: 30_000,
env: process.env,
});
return output
.split("\n")
.map((line) => line.trim())
.filter(Boolean);
} catch (error) {
log.debug(
`» failed to run \`opencode models\`: ${error instanceof Error ? error.message : String(error)}`
);
return [];
}
}
const AUTO_SELECT_WARNING =
"select a model explicitly in the Pullfrog console (https://pullfrog.com/console) to avoid this.";
function resolveOpenCodeModel(ctx: {
cliPath: string;
modelSlug?: string | undefined;
}): string | undefined {
// 1. explicit env var override
const envModel = process.env.OPENCODE_MODEL?.trim();
if (envModel) {
log.info(`» model: ${envModel} (override via OPENCODE_MODEL)`);
return envModel;
}
// 2. explicit slug from repo config / payload
if (ctx.modelSlug) {
const resolved = resolveCliModel(ctx.modelSlug);
if (resolved) {
log.info(`» model: ${resolved} (from repo config)`);
return resolved;
}
log.warning(`» unknown model slug "${ctx.modelSlug}" — falling through to auto-select`);
}
// 3. auto-select: ask OpenCode what's available, pick our best curated match.
// `opencode models` returns `provider/model-id` specifiers matching our resolve values exactly.
// two-pass: recommended (top-tier per provider) first, then secondary models.
const availableModels = getOpenCodeModels(ctx.cliPath);
const availableSet = new Set(availableModels);
if (availableSet.size > 0) {
log.debug(`» opencode models (${availableSet.size}): ${availableModels.join(", ")}`);
const match =
modelAliases.find((a) => a.recommended && availableSet.has(a.resolve)) ??
modelAliases.find((a) => availableSet.has(a.resolve));
if (match) {
log.info(
`» model: ${match.resolve} (auto-selected${match.recommended ? " — recommended" : ""} curated match)`
);
log.warning(`» model auto-selected. ${AUTO_SELECT_WARNING}`);
return match.resolve;
}
log.info(
`» opencode has ${availableSet.size} models but none match curated aliases — letting OpenCode auto-select`
);
}
log.warning(`» no model resolved. letting OpenCode auto-select. ${AUTO_SELECT_WARNING}`);
return undefined;
}
// ── provider error detection ───────────────────────────────────────────────────
const PROVIDER_ERROR_PATTERNS = [
{ pattern: "429", label: "rate limited (429)" },
{ pattern: "RESOURCE_EXHAUSTED", label: "quota exhausted" },
{ pattern: "quota", label: "quota error" },
{ pattern: "status: 500", label: "provider 500 error" },
{ pattern: "INTERNAL", label: "provider internal error" },
{ pattern: "status: 503", label: "provider unavailable (503)" },
{ pattern: "UNAVAILABLE", label: "provider unavailable" },
{ pattern: "rate limit", label: "rate limited" },
{ pattern: "limit: 0", label: "zero quota" },
];
function detectProviderError(text: string): string | null {
for (const entry of PROVIDER_ERROR_PATTERNS) {
if (text.includes(entry.pattern)) return entry.label;
}
return null;
}
// ── NDJSON event types ─────────────────────────────────────────────────────────
interface OpenCodeInitEvent {
type: "init";
timestamp?: string;
session_id?: string;
model?: string;
[key: string]: unknown;
}
interface OpenCodeMessageEvent {
type: "message";
timestamp?: string;
role?: "user" | "assistant";
content?: string;
delta?: boolean;
[key: string]: unknown;
}
interface OpenCodeTextEvent {
type: "text";
timestamp?: string;
sessionID?: string;
part?: { id?: string; type?: string; text?: string; [key: string]: unknown };
[key: string]: unknown;
}
interface OpenCodeStepStartEvent {
type: "step_start";
timestamp?: string;
sessionID?: string;
part?: { id?: string; type?: string; [key: string]: unknown };
[key: string]: unknown;
}
interface OpenCodeStepFinishEvent {
type: "step_finish";
timestamp?: string;
sessionID?: string;
part?: {
id?: string;
type?: string;
reason?: string;
cost?: number;
tokens?: {
input?: number;
output?: number;
reasoning?: number;
cache?: { read?: number; write?: number };
};
[key: string]: unknown;
};
[key: string]: unknown;
}
interface OpenCodeToolUseEvent {
type: "tool_use";
timestamp?: number;
sessionID?: string;
part?: {
id?: string;
callID?: string;
tool?: string;
state?: { status?: string; input?: unknown; output?: string };
};
[key: string]: unknown;
}
interface OpenCodeToolResultEvent {
type: "tool_result";
timestamp?: number;
sessionID?: string;
part?: { callID?: string; state?: { status?: string; output?: string } };
tool_id?: string;
status?: "success" | "error";
output?: string;
[key: string]: unknown;
}
interface OpenCodeResultEvent {
type: "result";
timestamp?: string;
status?: "success" | "error";
stats?: {
total_tokens?: number;
input_tokens?: number;
output_tokens?: number;
duration_ms?: number;
tool_calls?: number;
};
[key: string]: unknown;
}
interface OpenCodeErrorEvent {
type: "error";
timestamp?: string;
sessionID?: string;
error?: { name?: string; message?: string; data?: unknown; [key: string]: unknown };
[key: string]: unknown;
}
type OpenCodeEvent =
| OpenCodeInitEvent
| OpenCodeMessageEvent
| OpenCodeTextEvent
| OpenCodeStepStartEvent
| OpenCodeStepFinishEvent
| OpenCodeToolUseEvent
| OpenCodeToolResultEvent
| OpenCodeResultEvent
| OpenCodeErrorEvent;
// ── runner ──────────────────────────────────────────────────────────────────────
type RunParams = {
label: string;
cliPath: string;
args: string[];
cwd: string;
env: Record<string, string | undefined>;
};
async function runOpenCode(params: RunParams): Promise<AgentResult> {
const startTime = performance.now();
let eventCount = 0;
const thinkingTimer = new ThinkingTimer();
let finalOutput = "";
let accumulatedTokens = { input: 0, output: 0 };
let tokensLogged = false;
const toolCallTimings = new Map<string, number>();
let currentStepId: string | null = null;
let currentStepType: string | null = null;
let stepHistory: Array<{ stepId: string; stepType: string; toolCalls: string[] }> = [];
function buildUsage(): AgentUsage | undefined {
return accumulatedTokens.input > 0 || accumulatedTokens.output > 0
? {
agent: "opentoad",
inputTokens: accumulatedTokens.input,
outputTokens: accumulatedTokens.output,
}
: undefined;
}
const handlers = {
init: (event: OpenCodeInitEvent) => {
log.debug(
`» ${params.label} init: session_id=${event.session_id || "unknown"}, model=${event.model || "unknown"}`
);
log.debug(`» ${params.label} init event (full): ${JSON.stringify(event)}`);
finalOutput = "";
accumulatedTokens = { input: 0, output: 0 };
tokensLogged = false;
},
message: (event: OpenCodeMessageEvent) => {
if (event.role === "assistant" && event.content?.trim()) {
const message = event.content.trim();
if (event.delta) {
log.debug(
`» ${params.label} thinking: ${message.substring(0, 300)}${message.length > 300 ? "..." : ""}`
);
} else {
log.debug(
`» ${params.label} message (${event.role}): ${message.substring(0, 100)}${message.length > 100 ? "..." : ""}`
);
finalOutput = message;
}
} else if (event.role === "user") {
log.debug(
`» ${params.label} message (${event.role}): ${event.content?.substring(0, 100) || ""}${event.content && event.content.length > 100 ? "..." : ""}`
);
}
},
text: (event: OpenCodeTextEvent) => {
if (event.part?.text?.trim()) {
const message = event.part.text.trim();
log.box(message, { title: params.label });
finalOutput = message;
}
},
step_start: (event: OpenCodeStepStartEvent) => {
const stepType = event.part?.type || "unknown";
const stepId = event.part?.id || "unknown";
currentStepId = stepId;
currentStepType = stepType;
stepHistory.push({ stepId, stepType, toolCalls: [] });
},
step_finish: async (event: OpenCodeStepFinishEvent) => {
const stepId = event.part?.id || "unknown";
const eventTokens = event.part?.tokens;
if (eventTokens) {
accumulatedTokens.input += eventTokens.input || 0;
accumulatedTokens.output += eventTokens.output || 0;
}
if (currentStepId === stepId) {
currentStepId = null;
currentStepType = null;
}
},
tool_use: (event: OpenCodeToolUseEvent) => {
const toolName = event.part?.tool;
const toolId = event.part?.callID;
if (!toolName || !toolId) {
log.info(
`» tool_use event missing toolName or toolId: ${JSON.stringify(event).substring(0, 500)}`
);
return;
}
if (stepHistory.length > 0) {
stepHistory[stepHistory.length - 1]!.toolCalls.push(toolName);
}
thinkingTimer.markToolCall();
log.toolCall({ toolName, input: event.part?.state?.input || {} });
if (event.part?.state?.status === "completed" && event.part.state.output) {
log.debug(` output: ${event.part.state.output}`);
}
},
tool_result: (event: OpenCodeToolResultEvent) => {
const toolId = event.part?.callID || event.tool_id;
const status = event.part?.state?.status || event.status || "unknown";
const output = event.part?.state?.output || event.output;
thinkingTimer.markToolResult();
if (toolId) {
const toolStartTime = toolCallTimings.get(toolId);
if (toolStartTime) {
const toolDuration = performance.now() - toolStartTime;
toolCallTimings.delete(toolId);
const stepContext = currentStepId ? ` (step=${currentStepType || "unknown"})` : "";
log.debug(
`» ${params.label} tool_result${stepContext}: id=${toolId}, status=${status}, duration=${Math.round(toolDuration)}ms`
);
if (output) {
log.debug(` output: ${typeof output === "string" ? output : JSON.stringify(output)}`);
}
if (toolDuration > 5000) {
log.info(
`» tool call took ${(toolDuration / 1000).toFixed(1)}s - may indicate network latency`
);
}
}
}
if (status === "error") {
const errorMsg = typeof output === "string" ? output : JSON.stringify(output);
log.info(`» tool call failed: ${errorMsg}`);
} else if (output) {
const outputStr = typeof output === "string" ? output : JSON.stringify(output);
log.debug(`tool output: ${outputStr}`);
}
},
result: async (event: OpenCodeResultEvent) => {
const status = event.status || "unknown";
const duration = event.stats?.duration_ms || 0;
const toolCalls = event.stats?.tool_calls || 0;
log.info(
`» ${params.label} result: status=${status}, duration=${duration}ms, tool_calls=${toolCalls}`
);
if (event.status === "error") {
log.info(`» ${params.label} failed: ${JSON.stringify(event)}`);
} else {
const inputTokens = event.stats?.input_tokens || accumulatedTokens.input || 0;
const outputTokens = event.stats?.output_tokens || accumulatedTokens.output || 0;
const totalTokens = event.stats?.total_tokens || inputTokens + outputTokens;
log.info(`» run complete: tool_calls=${toolCalls}, duration=${duration}ms`);
if ((inputTokens > 0 || outputTokens > 0) && !tokensLogged) {
log.table([
[
{ data: "Input Tokens", header: true },
{ data: "Output Tokens", header: true },
{ data: "Total Tokens", header: true },
],
[String(inputTokens), String(outputTokens), String(totalTokens)],
]);
tokensLogged = true;
}
}
},
};
const recentStderr: string[] = [];
const MAX_STDERR_LINES = 20;
let lastProviderError: string | null = null;
let output = "";
let stdoutBuffer = "";
try {
const result = await spawn({
cmd: params.cliPath,
args: params.args,
cwd: params.cwd,
env: params.env,
activityTimeout: 0,
stdio: ["ignore", "pipe", "pipe"],
onStdout: async (chunk) => {
const text = chunk.toString();
output += text;
markActivity();
stdoutBuffer += text;
const lines = stdoutBuffer.split("\n");
stdoutBuffer = lines.pop() || "";
for (const line of lines) {
const trimmed = line.trim();
if (!trimmed) continue;
try {
const event = JSON.parse(trimmed) as OpenCodeEvent;
eventCount++;
log.debug(JSON.stringify(event, null, 2));
const timeSinceLastActivity = getIdleMs();
if (timeSinceLastActivity > 10000) {
const activeToolCalls = toolCallTimings.size;
const toolCallInfo =
activeToolCalls > 0
? ` (waiting for ${activeToolCalls} tool call${activeToolCalls > 1 ? "s" : ""})`
: ` (${params.label} may be processing internally - LLM calls, planning, etc.)`;
log.info(
`» no activity for ${(timeSinceLastActivity / 1000).toFixed(1)}s${toolCallInfo} (${eventCount} events processed so far)`
);
}
markActivity();
const handler = handlers[event.type as keyof typeof handlers];
if (handler) {
await handler(event as never);
} else {
log.info(
`» ${params.label} event (unhandled): type=${event.type}, data=${JSON.stringify(event).substring(0, 500)}`
);
}
} catch {
log.debug(`» non-JSON stdout line: ${trimmed.substring(0, 200)}`);
}
}
},
onStderr: (chunk) => {
const trimmed = chunk.trim();
if (!trimmed) return;
recentStderr.push(trimmed);
if (recentStderr.length > MAX_STDERR_LINES) recentStderr.shift();
const providerError = detectProviderError(trimmed);
if (providerError) {
lastProviderError = providerError;
log.info(`» provider error detected (${providerError}): ${trimmed.substring(0, 500)}`);
} else {
log.debug(trimmed);
}
},
});
const duration = performance.now() - startTime;
log.info(
`» ${params.label} completed in ${Math.round(duration)}ms with exit code ${result.exitCode}`
);
if (eventCount === 0) {
const stderrContext = recentStderr.join("\n");
const diagnosis = lastProviderError
? `provider error: ${lastProviderError}`
: "unknown cause (no stdout events received)";
log.info(`» ${params.label} produced 0 events (${diagnosis})`);
if (stderrContext) log.info(`» last stderr output:\n${stderrContext}`);
}
if (!tokensLogged && (accumulatedTokens.input > 0 || accumulatedTokens.output > 0)) {
const totalTokens = accumulatedTokens.input + accumulatedTokens.output;
log.table([
[
{ data: "Input Tokens", header: true },
{ data: "Output Tokens", header: true },
{ data: "Total Tokens", header: true },
],
[String(accumulatedTokens.input), String(accumulatedTokens.output), String(totalTokens)],
]);
}
const usage = buildUsage();
if (result.exitCode !== 0) {
const errorContext = lastProviderError ? ` (${lastProviderError})` : "";
const errorMessage =
result.stderr ||
result.stdout ||
`unknown error - no output from OpenCode CLI${errorContext}`;
log.error(
`${params.label} exited with code ${result.exitCode}${errorContext}: ${errorMessage}`
);
log.debug(`stdout: ${result.stdout?.substring(0, 500)}`);
log.debug(`stderr: ${result.stderr?.substring(0, 500)}`);
return { success: false, output: finalOutput || output, error: errorMessage, usage };
}
if (eventCount === 0 && lastProviderError) {
return {
success: false,
output: finalOutput || output,
error: `provider error: ${lastProviderError}`,
usage,
};
}
return { success: true, output: finalOutput || output, usage };
} catch (error) {
const duration = performance.now() - startTime;
const errorMessage = error instanceof Error ? error.message : String(error);
const isActivityTimeout = errorMessage.includes("activity timeout");
const stderrContext = recentStderr.slice(-10).join("\n");
const diagnosis = lastProviderError
? `likely cause: ${lastProviderError}`
: eventCount === 0
? "OpenCode produced 0 stdout events - check if the model provider is reachable"
: `${eventCount} events were processed before the hang`;
log.info(
`» ${params.label} ${isActivityTimeout ? "hung" : "failed"} after ${(duration / 1000).toFixed(1)}s: ${errorMessage}`
);
log.info(`» diagnosis: ${diagnosis}`);
if (stderrContext)
log.info(
`» recent stderr (last ${Math.min(recentStderr.length, 10)} lines):\n${stderrContext}`
);
return {
success: false,
output: finalOutput || output,
error: `${errorMessage} [${diagnosis}]`,
usage: buildUsage(),
};
}
}
// ── agent ───────────────────────────────────────────────────────────────────────
export const opentoad = agent({
name: "opentoad",
install: installOpencodeCli,
run: async (ctx) => {
const cliPath = await installOpencodeCli();
const model = resolveOpenCodeModel({
cliPath,
modelSlug: ctx.payload.model,
});
const tempHome = ctx.tmpdir;
mkdirSync(join(tempHome, ".config", "opencode"), { recursive: true });
const args = ["run", ctx.instructions.full, "--format", "json", "--print-logs"];
// agent process gets full env — needs LLM API keys, PATH, locale, etc.
// security is enforced via OPENCODE_CONFIG_CONTENT (bash: deny) and MCP tool filtering.
const env: Record<string, string | undefined> = {
...process.env,
HOME: tempHome,
XDG_CONFIG_HOME: join(tempHome, ".config"),
OPENCODE_CONFIG_CONTENT: buildSecurityConfig(ctx, model),
GOOGLE_GENERATIVE_AI_API_KEY:
process.env.GOOGLE_GENERATIVE_AI_API_KEY || process.env.GEMINI_API_KEY,
};
const repoDir = process.cwd();
log.debug(`» starting OpenToad (OpenCode): ${cliPath} ${args.join(" ")}`);
log.debug(`» working directory: ${repoDir}`);
return runOpenCode({
label: "OpenToad",
cliPath,
args,
cwd: repoDir,
env,
});
},
});
+9 -21
View File
@@ -1,5 +1,3 @@
import type { show } from "@ark/util";
import { type AgentManifest, type AgentName, agentsManifest } from "../external.ts";
import { log } from "../utils/cli.ts";
import type { ResolvedInstructions } from "../utils/instructions.ts";
import type { ResolvedPayload } from "../utils/payload.ts";
@@ -37,34 +35,24 @@ export interface AgentRunContext {
instructions: ResolvedInstructions;
}
export const agent = <const input extends AgentInput>(input: input): defineAgent<input> => {
export interface Agent {
name: string;
install: (token?: string) => Promise<string>;
run: (ctx: AgentRunContext) => Promise<AgentResult>;
}
export const agent = (input: Agent): Agent => {
return {
...input,
run: async (ctx: AgentRunContext): Promise<AgentResult> => {
log.info(`» agent: ${input.name}`);
// matched by delegateEffort test validator — update tests if changed
log.info(`» effort: ${ctx.payload.effort}`);
if (ctx.payload.model) log.info(`» model: ${ctx.payload.model}`);
if (ctx.payload.timeout) log.info(`» timeout: ${ctx.payload.timeout}`);
log.info(`» web: ${ctx.payload.web}`);
log.info(`» search: ${ctx.payload.search}`);
log.info(`» push: ${ctx.payload.push}`);
log.info(`» shell: ${ctx.payload.shell}`);
log.debug(`» payload: ${JSON.stringify(ctx.payload, null, 2)}`);
return input.run(ctx);
},
...agentsManifest[input.name],
} as never;
};
};
export interface AgentInput {
name: AgentName;
install: (token?: string) => Promise<string>;
run: (ctx: AgentRunContext) => Promise<AgentResult>;
}
export interface Agent extends AgentInput, AgentManifest {}
type agentManifest<name extends AgentName> = (typeof agentsManifest)[name];
type defineAgent<input extends AgentInput> = show<input & agentManifest<input["name"]>>;