Compare commits
500 Commits
v0.7.0
..
721ca1bc10
| Author | SHA1 | Date | |
|---|---|---|---|
|
721ca1bc10
|
|||
|
eb102e1374
|
|||
|
bc2174286e
|
|||
|
1b4ab894d4
|
|||
|
1c983fb144
|
|||
|
09fb6634f0
|
|||
|
46ddfdc464
|
|||
|
df6c3c50db
|
|||
|
8c5bed3e34
|
|||
|
d45375a454
|
|||
|
ed8327e9d6
|
|||
|
bc1800db4f
|
|||
|
dd8da58105
|
|||
|
6a0df70777
|
|||
|
5e550a67ce
|
|||
|
b781dd8dc6
|
|||
|
43fbe448cb
|
|||
|
9efd6a2690
|
|||
|
a3f278544a
|
|||
|
e48926f458
|
|||
|
4e616fe7c3
|
|||
|
863b28f01e
|
|||
|
bf97f2261d
|
|||
|
baa44ec5cb
|
|||
|
29af20f316
|
|||
|
960a199cd2
|
|||
|
3a18ffdaf3
|
|||
|
7aa00d52de
|
|||
|
ac58ddc202
|
|||
|
38259642cd
|
|||
|
90e105a171
|
|||
|
a5ece505b7
|
|||
|
fb8633dc75
|
|||
|
a7ebc15b89
|
|||
|
a7a9b6b1cf
|
|||
|
e1c2f0aa42
|
|||
|
6e9b394f73
|
|||
|
747ca0d0fc
|
|||
|
ba665528ed
|
|||
|
1440e23748
|
|||
|
8ff9d84a85
|
|||
|
dc8e831f27
|
|||
|
985ae11fcf
|
|||
|
b758b17dbb
|
|||
|
aef26013cb
|
|||
|
b1fc199a5f
|
|||
|
7e801b80d0
|
|||
|
7cd7abe469
|
|||
|
6a5561edba
|
|||
|
d8a92f4e62
|
|||
|
6330d7dd95
|
|||
|
c63eb0a9f9
|
|||
|
d927a9b99f
|
|||
|
766684615b
|
|||
|
5be12e90dc
|
|||
|
7325ad7b32
|
|||
|
2e224948d4
|
|||
|
fa424bde34
|
|||
|
42c88fa2a3
|
|||
|
84c6f88cf2
|
|||
|
f401c637cc
|
|||
|
3239c5d990
|
|||
|
1dff08893a
|
|||
|
f65ec9e9fe
|
|||
|
3ce5ab4fe7
|
|||
| fd21431c2f | |||
| 61a698f9eb | |||
|
518a39c143
|
|||
|
160ee5d5ae
|
|||
|
e4819ff9db
|
|||
|
ecb3cdfcc2
|
|||
|
364cf29296
|
|||
|
b2fa8ebb71
|
|||
| 48031d592f | |||
|
4c7a0a7a77
|
|||
|
8f960fdbbf
|
|||
|
feefe45ed2
|
|||
| 9958eeee8f | |||
|
aa31db7e07
|
|||
|
8c6dde7d86
|
|||
|
738e29059b
|
|||
|
2eb81c4a8b
|
|||
|
88998d1019
|
|||
|
a1fc099c24
|
|||
|
2fe365bef8
|
|||
|
efb1b7b96b
|
|||
|
d915f9e3c1
|
|||
|
11ebf3c155
|
|||
|
abf5d425fd
|
|||
|
1e3d52482a
|
|||
|
0fb72f8226
|
|||
|
0701c370b4
|
|||
|
0bdaa9441f
|
|||
|
4ba1bd8a24
|
|||
|
b484242e4c
|
|||
|
a756394e30
|
|||
|
0faf7b850d
|
|||
|
eeb9f7083b
|
|||
|
b6a5b340f1
|
|||
|
209257c7b1
|
|||
|
4e88cebe28
|
|||
|
738b600fa6
|
|||
|
f67538e5ab
|
|||
|
18bb3d3440
|
|||
|
04cd3c890b
|
|||
|
ef8f5865e2
|
|||
|
493e9bb2a5
|
|||
|
3eff135349
|
|||
|
7ac753d824
|
|||
|
9add71ff13
|
|||
|
7154c3a652
|
|||
|
36ac924d77
|
|||
|
5e4d3ff011
|
|||
|
fd287b09b0
|
|||
|
07c1f70df3
|
|||
|
8c398b6360
|
|||
|
e43c2e477a
|
|||
|
6078072915
|
|||
|
1902e2d040
|
|||
|
702e6f2f63
|
|||
|
01938a0f28
|
|||
|
5d017fbb48
|
|||
|
a3ed9476ae
|
|||
|
a22faad992
|
|||
|
06fe1f9471
|
|||
|
e2ff2c03f8
|
|||
|
7ca9a19d3b
|
|||
|
f5b69d6b4d
|
|||
|
4f244618ca
|
|||
|
b7a20a000a
|
|||
|
0094be475f
|
|||
|
3e508c9337
|
|||
|
edd3c08247
|
|||
|
bf6b2f718c
|
|||
|
984a073730
|
|||
|
aa4babff56
|
|||
|
7f620d469b
|
|||
|
33782c59a8
|
|||
|
5669830510
|
|||
|
99c6cff068
|
|||
|
9b395a304d
|
|||
|
01912bcef3
|
|||
|
e0b85fc936
|
|||
|
73f6e07e47
|
|||
|
534b9923ae
|
|||
|
c66faa22dc
|
|||
|
cf666eb2c6
|
|||
|
76861508c9
|
|||
|
beebb39050
|
|||
|
3d7ba424f1
|
|||
|
84eb82b355
|
|||
|
1fbdcd66d1
|
|||
|
5b65496684
|
|||
|
ca808b4c08
|
|||
|
84c1753ed5
|
|||
|
c8d9f89d59
|
|||
|
e3531b4dcf
|
|||
|
b939868d28
|
|||
|
7630b3e75c
|
|||
| 3292f8e0a5 | |||
|
cf1c06e632
|
|||
|
49f2932b30
|
|||
|
5fd786dd3d
|
|||
|
f5967c7771
|
|||
|
eee0e86131
|
|||
|
51dfd2a655
|
|||
|
d9cf0c4b08
|
|||
|
b4c65f7a19
|
|||
|
1c0e836a92
|
|||
|
2da196c091
|
|||
|
69648afe27
|
|||
|
454f5c03f3
|
|||
|
406642723e
|
|||
|
2469b713c7
|
|||
|
b6ad7a575d
|
|||
|
f3b410d146
|
|||
|
095d0f3d8a
|
|||
|
5f445e046f
|
|||
|
96ab2bdc1b
|
|||
|
cb175e3b51
|
|||
|
7965b970d9
|
|||
|
0a21f10b04
|
|||
|
49aa9fad41
|
|||
|
8f7d3bd13c
|
|||
|
f7fb249d43
|
|||
|
d9498ffb21
|
|||
|
0177fa6906
|
|||
|
c3f6cb8f46
|
|||
|
7facdce6b6
|
|||
|
c11eb352fe
|
|||
|
0e427dc4ba
|
|||
|
f1914f6bd4
|
|||
|
dba6304f51
|
|||
|
e40a8bba72
|
|||
|
c057249e52
|
|||
|
d906713d7d
|
|||
| ff3419a714 | |||
|
a5899da4fb
|
|||
|
dedcef8ac5
|
|||
|
d658f1d2fe
|
|||
|
6b4a45874f
|
|||
|
7839e1dbd9
|
|||
|
78c3932f36
|
|||
|
11334149b0
|
|||
|
4caa035528
|
|||
|
f30e81af08
|
|||
|
4c75655f58
|
|||
|
f865892c28
|
|||
|
ebeb9c9b7d
|
|||
|
ab2b927fcb
|
|||
|
7e5ff2ba1f
|
|||
|
ed59051f3d
|
|||
| e98bf56a2b | |||
| fb510b1a4f | |||
|
6c17462040
|
|||
|
1536cf384c
|
|||
|
d6842d7e29
|
|||
|
fbc0acda2a
|
|||
|
0327d041b6
|
|||
|
6a01fd4fbd
|
|||
| d822180205 | |||
|
89d0fdce26
|
|||
|
b3ecdce979
|
|||
|
3873821a31
|
|||
|
9c2801b643
|
|||
|
d78820dcd4
|
|||
|
d43c4232a2
|
|||
|
f41c85b703
|
|||
|
9e056bdcf0
|
|||
|
d6022b9f98
|
|||
|
6fc1abf94a
|
|||
|
92ea0f624e
|
|||
|
c3fd8fbc1c
|
|||
|
7fd3f7761c
|
|||
|
05e19098b2
|
|||
|
60067ae757
|
|||
|
c72003b0b6
|
|||
|
7c9d500116
|
|||
|
6b2c87b562
|
|||
|
b2dbdfb4b1
|
|||
|
063e198f96
|
|||
|
73cbe16ec1
|
|||
|
bdea854a9f
|
|||
|
9b4c800597
|
|||
|
eb4d1c02f4
|
|||
|
c428990900
|
|||
|
03b9cc70b9
|
|||
|
3fa0eb832c
|
|||
|
83f66e1061
|
|||
|
741b9c364c
|
|||
|
b6f6f456db
|
|||
|
00a6cf74d7
|
|||
|
d35ca352ca
|
|||
| 57dc1cb252 | |||
|
101a9cdd6e
|
|||
|
c5f52e1efb
|
|||
|
470149b606
|
|||
|
02062c5a50
|
|||
|
e6e99b6926
|
|||
|
15a293204f
|
|||
|
ecf3780aed
|
|||
|
e798747135
|
|||
|
60493728a0
|
|||
|
25d6370b20
|
|||
|
d67f845af5
|
|||
|
920a14cabe
|
|||
|
58bdd2e584
|
|||
|
ce6f53ad05
|
|||
|
96f8007d53
|
|||
|
32a55652fe
|
|||
|
2b92e6c98b
|
|||
|
cfa654bcd8
|
|||
|
d0f5ae39e2
|
|||
|
2bb8cf5f73
|
|||
|
fbac446859
|
|||
|
f91cf2e346
|
|||
|
b6b33ab7e3
|
|||
|
c1902a69d1
|
|||
|
812a8e101c
|
|||
|
655ee2a599
|
|||
|
128a8f9a9c
|
|||
|
b1be9443e7
|
|||
|
7b12c69ebf
|
|||
|
69ad584137
|
|||
|
313058e70a
|
|||
|
ea96d9ba3d
|
|||
|
7884adc7c1
|
|||
|
948466d771
|
|||
|
3894c98b5b
|
|||
|
5e9c31595e
|
|||
|
39d9b25e47
|
|||
|
b86f76ddb9
|
|||
|
7f267a10a1
|
|||
|
cdafdff281
|
|||
|
60ad83d6d9
|
|||
|
44c03ccf4f
|
|||
|
af933bbb29
|
|||
|
1f127ee990
|
|||
|
88a9a7709f
|
|||
| e8d92d1b01 | |||
| ddbfd03e75 | |||
|
d1c7f09015
|
|||
|
d2f8f995f0
|
|||
|
5ef9a397ca
|
|||
|
325ab1f45e
|
|||
|
4cfaa2dc77
|
|||
|
6abe2c5536
|
|||
|
03cfd59962
|
|||
|
4d7d5e5e53
|
|||
|
3779b940ae
|
|||
|
d2e541c5c0
|
|||
|
621c90427c
|
|||
|
486001ee85
|
|||
|
c7a2ec084f
|
|||
|
d4e0d48198
|
|||
|
07f23bab5e
|
|||
|
b11797ea1c
|
|||
|
70c2d411ae
|
|||
|
f82c9aff40
|
|||
|
a935add2a7
|
|||
|
8a37a88ffd
|
|||
|
8f66cac680
|
|||
|
0a40ddd2e4
|
|||
|
d5e0728532
|
|||
|
25c0885dcc
|
|||
|
f56ed7d005
|
|||
|
d79e4b9dff
|
|||
|
cdd829199f
|
|||
|
e3c644b8ca
|
|||
|
5cb8070da1
|
|||
|
66801b5d07
|
|||
|
f2de196e22
|
|||
|
2eba530895
|
|||
| 3baa3102a3 | |||
| 2d4fad596c | |||
| 7259e59d2a | |||
| cec04c4597 | |||
| a7f5677195 | |||
| 6075f0a190 | |||
| 15310a9e2c | |||
| f7df54f2f7 | |||
| 212d4bace4 | |||
| f4b3267c89 | |||
| 9eeeb11871 | |||
| b8db3f689d | |||
| 3b21ce2aa5 | |||
| 9bf4fcd943 | |||
| c1f5cfbbda | |||
| 46517a4e15 | |||
| efbe76e1fc | |||
| 245c567d30 | |||
| cbb3d2c34a | |||
| bddec85fa5 | |||
| 96acbc6bf0 | |||
| 0735a31190 | |||
| 986c64ff13 | |||
| 831426d418 | |||
| b99e3fc030 | |||
| 012734f70a | |||
| f591a9635e | |||
| 7c099bf589 | |||
| 32d3cee907 | |||
| 86539c4bb8 | |||
| 14549afd52 | |||
| 667c843fc0 | |||
| 680a52982c | |||
| 52efb1a775 | |||
| c88931d318 | |||
| 2183ed62d1 | |||
| cc8bd040b9 | |||
| a2a464151f | |||
| c9a3f247e7 | |||
| d167502b7b | |||
| 0d9927bb99 | |||
| c9858ce615 | |||
| cccaa1dbe7 | |||
| acd951e981 | |||
| 10d80d58fd | |||
| f196c375d6 | |||
| cc62c89b05 | |||
| 3266cdeb08 | |||
| 6605c62015 | |||
| 704fdbd145 | |||
| 93e76a65a1 | |||
| b3ca7ebddb | |||
| 091fc0b7b7 | |||
| 874f5ba08e | |||
| 5fdfe94b88 | |||
| c02b168749 | |||
| 6ababd919d | |||
| 86b2b2d772 | |||
| 2aa2c3ccee | |||
| 70645a8431 | |||
| ca4b2f2637 | |||
| 7fce8f9b23 | |||
| e5b3b332f6 | |||
| 3e59762443 | |||
| 2ea8a48f28 | |||
| 3c07471620 | |||
| 23e2c1144f | |||
| 313f5e2dda | |||
| 26c35e55d8 | |||
| 878adc0eb7 | |||
| d353767b2c | |||
| 33baeaa62d | |||
| 591b7a5bf1 | |||
| 0bc993532b | |||
| 09379e7231 | |||
| 1a45ce9dc1 | |||
| 95df054dfb | |||
| 5b49553c6d | |||
| 6508940d11 | |||
| 71d89eaaba | |||
| 9619b7908f | |||
| 304129d793 | |||
| 5df435c21a | |||
| 2719c7320a | |||
| a84bae189c | |||
| d82c7c2535 | |||
| 2bc832ed95 | |||
| b5a0f0635b | |||
| 7426aa4bcb | |||
| ba9649382e | |||
| 9c64e97d8b | |||
| 4b1cd3cf44 | |||
| 4a0f002503 | |||
| c4f8c6e102 | |||
| 421308423f | |||
| 0550de2093 | |||
| dddf72e1da | |||
| e23820adf2 | |||
| fea4411aa6 | |||
| b814a38c59 | |||
| 1a3476e4fb | |||
| ecd4d6587c | |||
| 0938119e99 | |||
| 9f15f01871 | |||
| f09cbd2b32 | |||
| 77c1a06277 | |||
| 600f5d1484 | |||
| 7f71317acd | |||
| 865ef5827b | |||
| e5d5bf6c53 | |||
| 7b08d1ef96 | |||
| 9d363b38c7 | |||
| 2f3586cbbf | |||
| 843abe0621 | |||
| 474c5bc76f | |||
| b49a27f886 | |||
| 6f77b3f46e | |||
| a835012673 | |||
| 3f1e8003f8 | |||
| 8475707e75 | |||
| 8a240b1c3f | |||
| 59a3e3012b | |||
| c13142f971 | |||
| a468ee1154 | |||
| 1b504e211a | |||
| 29536f6291 | |||
| 4ef483126d | |||
| 8d2961f3ee | |||
| f1146bb2b9 | |||
| 2daa014c99 | |||
| ebe642f44a | |||
| 25ad254e84 | |||
| 947a7871c2 | |||
| 6421a677eb | |||
| 950893f4a2 | |||
| a10948614d | |||
| 39fc863e22 | |||
| df8b326d89 | |||
| 591f204b67 | |||
| 316ebd6d25 | |||
| 4e707ae08e | |||
| 1ef554c759 | |||
| 367e7d90fd | |||
| 6e7a89763c | |||
| 9dd3836802 | |||
| f822546971 | |||
| 4bf338f91a | |||
| 16577ddc5e | |||
| 384ae73c80 | |||
| d4c932b8ac | |||
| 743e42d4f8 | |||
| 6be2651106 | |||
| 2a2d20a25c | |||
| 882942385b | |||
| 0aa908c8d3 | |||
| 4c179c9269 | |||
| a4fe91ffda | |||
| dc500207ef | |||
| c1e3c3699b | |||
| 52e9f5fc70 | |||
| c85cddb5b4 | |||
| 477b53124d | |||
| 650dbd92e0 | |||
| 88288a98b6 | |||
| 377ab91af7 | |||
| acfc7685f4 | |||
| 5636010e1e |
-124
@@ -1,127 +1,3 @@
|
||||
## v0.7.0 (2026-06-18)
|
||||
|
||||
### Feat
|
||||
|
||||
- added a memory option to .set tab completions
|
||||
- Added a diagnostic .info tools subcommand to make it easier to see what tools are enabled in all contexts
|
||||
- Added additional info outputs for enabled skills and sbx directories
|
||||
- directly execute shell commands from within the REPL
|
||||
- created mixin kit for built-in functions and MCP servers
|
||||
- Added sbx mixins for the secrets providers so users can also bootstrap those as well.
|
||||
- added support for loading sbx mixins that are dynamically discovered in the users workspace and config directory
|
||||
- Added a --fresh flag to let users create a truly bare bones sandbox without bootstrapping their config
|
||||
- initial built-in sandboxing support powered by Docker sbx
|
||||
- Added the ability to auto-bootstrap workspace memory when in git repos
|
||||
- Added explicit guardrail handling for pending agents
|
||||
- auto-append memory to memory index and don't necessarily require the LLM to remember to do it after a write
|
||||
- Added an --init-memory [global|workspace] flag to easily and quickly enable memory
|
||||
- added memory global configuration settings to the output of --info and .info
|
||||
- added .set memory REPL commands to control memory injection and applied formatting
|
||||
- Create the built-in memory management tools
|
||||
- Append the memory system prompts (readonly or r/w) to the system prompt when applicable
|
||||
- Created the --no-memory CLI flag to disable memory for this invocation
|
||||
- Added the memory configuration properties and storage to the main app config, roles, sessions, and agents.
|
||||
- initial scaffolding of a memory system
|
||||
|
||||
### Fix
|
||||
|
||||
- rebuild the tool scope after dynamically updating the skills_enabled value in the REPL
|
||||
- properly resolve Windows-based local vault password file locations and bootstrap them into the sandbox when possible
|
||||
- auto-translation of user-prefixed Mac and Linux paths for the vault password file when running inside a sandbox
|
||||
- don't attempt to auto complete .vault list in the REPL; that's the end of the command
|
||||
- buffer tool stdout as well as stderr so that any tools that error to stdout are captured and included in the response to the model, enabling the model to see what went wrong and to reason about how to fix it.
|
||||
- auto-bootstrapped memory was accidentally putting the MEMORY.md directly in the repo root rather than .coyote/memory/MEMORY.md
|
||||
- improved the fs_patch script description and added improved error handling to it.
|
||||
- added in forgotten require_max_tokens to the fable model
|
||||
- append memory functions to non-graph based agents on init
|
||||
- when auto_continue is disabled via the .set auto_continue false command, it should strip the todo functions from the list of functions
|
||||
- use rawPredict for non-streaming Claude requests
|
||||
|
||||
### Refactor
|
||||
|
||||
- Migrated the .skills command completion to use StateFlags and updated the help messages
|
||||
|
||||
## v0.6.0 (2026-06-05)
|
||||
|
||||
### Feat
|
||||
|
||||
- added skill hint prompt injection and configuration
|
||||
- Fallthrough on missing secrets during mcp.json merging
|
||||
- validate visible_skills field at config load time
|
||||
- implemented reflexion (sorta) in sisyphus for significant code changes to delegate to the code-reviewer agent
|
||||
- improved explore agent
|
||||
- removed conditional fallback of LLM_*_RAW_JSON from built-ins
|
||||
- updated enabled_skills handling to support both list and comma-separated strings
|
||||
- added new REPL set commands for toggling skills and changing what skills are enabled
|
||||
- upgraded to the latest version of mcp-remote
|
||||
- fs_grep now works with both files and directories
|
||||
- improved code reviewer agents with skills
|
||||
- added round trip validation for vault providers to ensure permissions and authentication
|
||||
- created new first-time run wizard for secrets provider
|
||||
- vault_password_file or nothing at all is shorthand for just using the local gman provider for secret management
|
||||
- refactored gman usage to be generic and work with various vault providers and use the SupportedProvider enum directly for configurations
|
||||
- created initial parity gman generalization for vault provider
|
||||
- Refactored the sisyhpus agent system to utilize the new skills system to improve performance and reliability
|
||||
- llm graph nodes support skills
|
||||
- updated sisyphus and coder tools
|
||||
- removed potentially confusing tab completions for .skill
|
||||
- .edit skill <name> support from within the REPL
|
||||
- Added skills_dir to the info output of Coyote
|
||||
- Created a few auto built-in skills
|
||||
- Added support for auto_unload skills during chat
|
||||
- cleaned up skill implementation
|
||||
- support multiple skill flags to load multiple skills at CLI startup
|
||||
- Modified --skill CLI to allow users to specify skills to start the REPL or CLI with.
|
||||
- added CLI --skill flag for modifying skills easily
|
||||
- REPL integration with skills
|
||||
- dynamic loading/unloading of skill tools and MCP servers whenever load_skill/unload_skill are invoked
|
||||
- created built-in functions for listing, loading, and unloading skills
|
||||
- implemented the skills policy to track available skills per context
|
||||
- added remote install and install support for skills
|
||||
- created the skill registry
|
||||
- decided to make skills persist to disk like agents and not in-memory like built-in roles
|
||||
- scaffold skill module
|
||||
|
||||
### Fix
|
||||
|
||||
- disable skills for specific built-in roles
|
||||
- redirect stderr into user's /dev/tty for guards
|
||||
- azure doesn't support underscores in key vault
|
||||
- accidental regression on enabled_skills being empty = all
|
||||
- greedy secrets regex caused multiple secrets on one line to fail
|
||||
- add agent context check to skill visibility validation
|
||||
- enforced global visible_skills in llm node validation and improved skill loading error handling across the project
|
||||
- restore agent skill policy on error during effective policy calculation
|
||||
- apply the same validation for skill filenames on list_skills as happens everywhere else
|
||||
- the vault's init_bare should try to load the provisioned secret_provider from the config file without also interpolating any of the rest of the configuration file. It should only fail if the user has not yet created a configuration file; i.e. done a first-time run.
|
||||
- the vault roundtrip test used characters that are unsupported by some major secrets providers
|
||||
- fixed tool filtering logic for skills and user functions in agents
|
||||
- privilege leak when unloading skills and leaving tool scope untouched
|
||||
- When bootstrapping an app config to interpolate secrets, clone the secrets provider configuration as well so config secrets stored in remote vaults can be used properly
|
||||
- forgot to move back up the vault probe value error to be before the delete
|
||||
- don't silently fail on skill role composition extraction in llm nodes
|
||||
- set -euo pipefail for the temp script in execute_command.sh tool
|
||||
- added forgotten skill name validation to has_skill to prevent side-channel attacks
|
||||
- use unique values for the secrets round trip verification
|
||||
- stop interpolating a line if any errors occur
|
||||
- added path validation for skill names
|
||||
- effective_policy unconditionally overwrote skill values for role-like structs
|
||||
- updated execute_command to not mangle heredocs and also added explicit instructions to the coder and sisyphus agents to use fs_write and fs_patch over execute_command when writing files
|
||||
- llm nodes accidentally skipped skill_registry::effective_role because I was passing an inline role instead
|
||||
- updated temperature values for all agents and roles
|
||||
- added back in require_max_tokens for new Claude models
|
||||
- skill support also requires function calling to be enabled
|
||||
- non_tty tests break on some TTY terminals
|
||||
- skill loading on agents
|
||||
- forgot to bootstrap skills on REPL startup
|
||||
- remove now deprecated .skill edit command
|
||||
|
||||
### Refactor
|
||||
|
||||
- removed redundant skill name validation from has_skill function
|
||||
- support both CSV and list formats for enabled_tools
|
||||
- Support both CSV and list formats for enabled_mcp_servers
|
||||
|
||||
## v0.5.0 (2026-05-27)
|
||||
|
||||
### Feat
|
||||
|
||||
Generated
+347
-197
File diff suppressed because it is too large
Load Diff
+1
-3
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "coyote-ai"
|
||||
version = "0.7.0"
|
||||
version = "0.5.0"
|
||||
edition = "2024"
|
||||
authors = ["Alex Clarke <alex.j.tusa@gmail.com>"]
|
||||
description = "An all-in-one, batteries included LLM CLI Tool"
|
||||
@@ -58,8 +58,6 @@ http = "1.1.0"
|
||||
indexmap = { version = "2.2.6", features = ["serde"] }
|
||||
hmac = "0.12.1"
|
||||
aws-smithy-eventstream = "0.60.4"
|
||||
aws-smithy-types = "=1.4.9"
|
||||
time = "=0.3.47"
|
||||
urlencoding = "2.1.3"
|
||||
json-patch = { version = "4.0.0", default-features = false }
|
||||
bitflags = "2.5.0"
|
||||
|
||||
@@ -25,7 +25,6 @@ Coming from [AIChat](https://github.com/sigoden/aichat)? Follow the [migration g
|
||||
* [REPL](https://github.com/Dark-Alex-17/coyote/wiki/REPL): Interactive Read-Eval-Print Loop for conversational interactions with LLMs and Coyote.
|
||||
* [Custom REPL Prompt](https://github.com/Dark-Alex-17/coyote/wiki/REPL-Prompt): Customize the REPL prompt to provide useful contextual information.
|
||||
* [Vault](https://github.com/Dark-Alex-17/coyote/wiki/Vault): Securely store and manage sensitive information such as API keys and credentials.
|
||||
* [Sandboxes](https://github.com/Dark-Alex-17/coyote/wiki/Sandboxes): Launch Coyote inside an isolated [Docker Sandbox](https://docs.docker.com/ai/sandboxes/) with one command. Host config and vault credentials are projected in automatically; everything else is delegated to the `sbx` CLI.
|
||||
* [Shell Integrations](https://github.com/Dark-Alex-17/coyote/wiki/Shell-Integrations): Seamlessly integrate Coyote with your shell environment for enhanced command-line assistance.
|
||||
* [Function Calling](https://github.com/Dark-Alex-17/coyote/wiki/Tools): Leverage function calling capabilities to extend Coyote's functionality with custom tools
|
||||
* [Creating Custom Tools](https://github.com/Dark-Alex-17/coyote/wiki/Custom-Tools): You can create your own custom tools to enhance Coyote's capabilities.
|
||||
@@ -37,7 +36,6 @@ Coming from [AIChat](https://github.com/sigoden/aichat)? Follow the [migration g
|
||||
* [Macros](https://github.com/Dark-Alex-17/coyote/wiki/Macros): Automate repetitive tasks and workflows with Coyote "scripts" (macros).
|
||||
* [RAG](https://github.com/Dark-Alex-17/coyote/wiki/RAG): Retrieval-Augmented Generation for enhanced information retrieval and generation.
|
||||
* [Sessions](https://github.com/Dark-Alex-17/coyote/wiki/Sessions): Manage and persist conversational contexts and settings across multiple interactions.
|
||||
* [Memory](https://github.com/Dark-Alex-17/coyote/wiki/Memory): Persistent file-based memory that survives across sessions. Bootstrap with `coyote --init-memory [global|workspace]`.
|
||||
* [Roles](https://github.com/Dark-Alex-17/coyote/wiki/Roles): Customize model behavior for specific tasks or domains.
|
||||
* [Skills](https://github.com/Dark-Alex-17/coyote/wiki/Skills): Modular knowledge or capability packs the LLM can load and unload mid-conversation. Multiple skills compose; instructions stack, tools and MCPs union.
|
||||
* [Agents](https://github.com/Dark-Alex-17/coyote/wiki/Agents): Leverage AI agents to perform complex tasks and workflows, including sub-agent spawning, teammate messaging, and user interaction tools.
|
||||
|
||||
@@ -14,21 +14,6 @@ review_attempts=$(echo "$state" | jq -r '.review_attempts // 0')
|
||||
max_review_attempts=$(echo "$state" | jq -r '.max_review_attempts // 1')
|
||||
review_notes=$(echo "$state" | jq -r '.review_notes // ""')
|
||||
|
||||
if [[ "$review_clean" != "true" && "$review_clean" != "false" ]]; then
|
||||
echo "ERROR: review_clean must be boolean ('true'/'false'); got: $review_clean" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! [[ "$review_attempts" =~ ^[0-9]+$ ]]; then
|
||||
echo "ERROR: review_attempts must be a non-negative integer; got: $review_attempts" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! [[ "$max_review_attempts" =~ ^[0-9]+$ ]]; then
|
||||
echo "ERROR: max_review_attempts must be a non-negative integer; got: $max_review_attempts" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "$review_clean" == "true" ]]; then
|
||||
jq -nc '{"_next": "end_success"}'
|
||||
exit 0
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
name: explore
|
||||
description: Fast codebase exploration agent - finds patterns, structures, and relevant files. Designed to be fanned out 2-5 in parallel by orchestrators.
|
||||
version: 3.0.0
|
||||
version: 2.0.0
|
||||
|
||||
skills_enabled: true
|
||||
enabled_skills:
|
||||
- ai-slop-remover
|
||||
enabled_skills: []
|
||||
|
||||
variables:
|
||||
- name: project_dir
|
||||
@@ -23,85 +22,64 @@ global_tools:
|
||||
instructions: |
|
||||
You are a codebase explorer. Your job: Search, find, report. Nothing else.
|
||||
|
||||
## Step 0: Load your skills
|
||||
|
||||
At the start of every exploration, call `skill__load` for `ai-slop-remover`. Your findings go directly into the orchestrator's synthesis, so concise, slop-free output is the contract. Apply the skill's standards to your final findings block:
|
||||
|
||||
- No filler ("It's important to note that…", "Let me explain…"). Just the finding.
|
||||
- No flattery, no padding, no status updates about your process.
|
||||
- No multi-paragraph commentary — bullet points with code snippets are enough.
|
||||
|
||||
## You may be one of many parallel explorers
|
||||
|
||||
Orchestrators (like Sisyphus) often fan out 2-5 explore agents at once, each covering a different angle of the same question. Assume you are ONE narrow slice of a larger investigation. Stay strictly within YOUR slice as defined by the prompt — don't broaden scope to cover what other parallel explorers might be handling.
|
||||
|
||||
If the prompt says "find auth middleware", you find auth middleware. You do NOT also tour the routing layer, the error system, and the database connection pool. Narrow scope is the contract.
|
||||
|
||||
## Investigation methodology
|
||||
## Your mission
|
||||
|
||||
Before searching, build a quick mental model. Then narrow in. Then read.
|
||||
1. Search for relevant files and patterns within YOUR slice.
|
||||
2. Read key files to understand structure.
|
||||
3. Report findings concisely.
|
||||
4. Signal completion with `EXPLORE_COMPLETE`.
|
||||
|
||||
1. **Frame the question.** What kind of artifact am I looking for? Symbols (struct/class/function)? File patterns? Configuration? Implementation details? Tests? Different artifact kinds use different tools.
|
||||
## File reading strategy (minimize token usage)
|
||||
|
||||
2. **Find first, read second.** Never `fs_read` a file without knowing why you're reading it.
|
||||
|
||||
3. **Build a directory mental model with `fs_ls` and `fs_glob`** — `fs_ls src/` to see what's there; `fs_glob '**/*.rs' src/` to see which files exist by name.
|
||||
|
||||
4. **Locate symbols with `fs_grep`** — for finding where things live across the codebase. `fs_grep --pattern "fn handle_request" --include "*.rs"` is faster than reading files.
|
||||
|
||||
5. **Read targeted sections with `fs_read --offset/--limit`** — `fs_read --path "src/main.rs" --offset 50 --limit 30` reads lines 50-79 only. `fs_read` adds line numbers but TRUNCATES long lines (over 2000 chars) and caps output at 2000 lines by default.
|
||||
|
||||
6. **Use `fs_cat` only when you need the full untruncated file** — rare in exploration. If you reach for `fs_cat`, ask whether `fs_grep` + targeted `fs_read` would answer your question with less context spend.
|
||||
|
||||
7. **Never read entire large files** — for files 500+ lines, read the relevant section only.
|
||||
1. **Find first, read second** — never read a file without knowing why.
|
||||
2. **Use grep to locate** — `fs_grep --pattern "struct User" --include "*.rs"` finds where things are.
|
||||
3. **Use glob to discover** — `fs_glob --pattern "*.rs" --path src/` finds files by name.
|
||||
4. **Prefer `fs_read` with offset/limit** — `fs_read --path "src/main.rs" --offset 50 --limit 30` reads lines 50-79 only. `fs_read` adds line numbers but TRUNCATES long lines (over 2000 chars) and caps output at 2000 lines by default.
|
||||
5. **Use `fs_cat` only when you need the entire file untruncated** — for exploration this should be rare. If you find yourself reaching for `fs_cat`, ask whether `fs_grep` + a targeted `fs_read` would answer your question instead.
|
||||
6. **Never read entire large files** — if a file is 500+ lines, read the relevant section only.
|
||||
|
||||
## Available actions
|
||||
|
||||
- `fs_grep --pattern "struct User" --include "*.rs"` — find content across files in a directory tree
|
||||
- `fs_grep --pattern "TODO" --path "src/main.rs"` — find content within a single file (--include is ignored in this mode)
|
||||
- `fs_grep --pattern "struct User" --include "*.rs"` — find content across files
|
||||
- `fs_glob --pattern "*.rs" --path src/` — find files by name pattern
|
||||
- `fs_read --path "src/main.rs"` — read a TRUNCATED view with line numbers (default 2000 lines, lines over 2000 chars cut off)
|
||||
- `fs_read --path "src/main.rs" --offset 100 --limit 50` — read lines 100-149 only (line numbers; truncation rules still apply)
|
||||
- `fs_read --path "src/main.rs" --offset 100 --limit 50` — read lines 100-149 only (with line numbers, truncation rules still apply)
|
||||
- `fs_cat --path "src/main.rs"` — read the FULL untruncated file (no line numbers); use only when you actually need every line
|
||||
- `fs_ls --path "src/"` — list directory contents
|
||||
|
||||
## When to use the web (ddg-search MCP)
|
||||
|
||||
Rarely. You are a CODEBASE explorer, not a web researcher. Use the web only when the codebase references an external library/framework whose documented behavior is the answer to the question (e.g., "how does Tokio's #[tokio::main] expand"), and the answer isn't in the local code. For internal questions ("how does OUR auth work"), grep the codebase — never the web.
|
||||
|
||||
## Output format
|
||||
|
||||
Always end your response with a structured findings block. Sisyphus reads this verbatim and may paste sections directly into delegation prompts for a coder agent, so the structure matters:
|
||||
Always end your response with a findings summary. Include actual code snippets when they show the pattern — file paths alone are not enough for the orchestrator to delegate downstream:
|
||||
|
||||
```
|
||||
FINDINGS:
|
||||
- [One-line concrete fact about what you found]
|
||||
- [Another one-line fact]
|
||||
- Relevant files: [list of paths, no commentary]
|
||||
- [Key finding 1]
|
||||
- [Key finding 2]
|
||||
- Relevant files: [list]
|
||||
|
||||
Code patterns (paste actual lines):
|
||||
- From `path/to/file.ext` lines N-M:
|
||||
<5-20 lines of actual code that show the pattern>
|
||||
- From `path/to/other.ext` lines N-M:
|
||||
<another snippet>
|
||||
|
||||
Open questions (only if any):
|
||||
- [Anything you couldn't determine and the orchestrator should clarify or delegate elsewhere]
|
||||
<snippet>
|
||||
|
||||
EXPLORE_COMPLETE
|
||||
```
|
||||
|
||||
Pasting actual code lines (5-20 per pattern) lets the orchestrator hand snippets directly to a coder agent without re-exploration. That is the entire point of your existence in a parallel research phase. File paths alone make downstream delegation impossible — the coder would have to re-do your work.
|
||||
Pasting actual code lines (5-20 lines per pattern) lets the orchestrator hand the snippet directly to a coder agent without re-exploration. That is the whole point of your existence in a fanned-out research phase.
|
||||
|
||||
## Rules
|
||||
|
||||
1. **Be fast.** Don't read every file, read representative ones.
|
||||
2. **Stay in your slice.** Narrow scope is the contract.
|
||||
3. **Be concise.** Report findings, not your process. Apply the `ai-slop-remover` skill to your output.
|
||||
4. **Never modify files.** You are read-only.
|
||||
5. **Limit reads.** Target around 5 file reads per exploration; go higher only when the question genuinely requires it.
|
||||
6. **Paste code snippets.** File paths alone make downstream delegation impossible.
|
||||
7. **Report what you didn't find.** If the prompt asked for X and X doesn't exist in your slice, say so explicitly — don't pad your findings with adjacent material to hide the gap.
|
||||
1. **Be fast** — don't read every file, read representative ones.
|
||||
2. **Stay in your slice** — narrow scope is the contract.
|
||||
3. **Be concise** — report findings, not your process.
|
||||
4. **Never modify files** — you are read-only.
|
||||
5. **Limit reads** — max 5 file reads per exploration.
|
||||
6. **Paste code snippets** — file paths alone make downstream delegation impossible.
|
||||
|
||||
## Context
|
||||
- Project: {{project_dir}}
|
||||
|
||||
@@ -239,45 +239,6 @@ instructions: |
|
||||
|
||||
**No evidence = not complete.** Mark a todo `completed` only after evidence is collected.
|
||||
|
||||
### Independent code review (post-coder, non-trivial work)
|
||||
|
||||
After completing delegated `coder` work, spawn `code-reviewer` for an independent review pass if ANY of these are true:
|
||||
|
||||
1. **2+ coder agents were spawned** for this task (multi-component change; no single coder saw the whole picture)
|
||||
2. **A single coder touched 5+ files** (broad-scope change; harder for self-review to hold in one context)
|
||||
3. **The change crosses architectural boundaries** — auth, public APIs, security-sensitive paths, schema/migration files, configuration that affects multiple services
|
||||
4. **You judge the change as architecturally significant** even if 1-3 don't trigger
|
||||
|
||||
If none of these fire, the work is "single coder, narrow scope, mechanical" — coder's internal `self_review` is sufficient.
|
||||
|
||||
**Why this matters.** Coder's `self_review` is a same-agent check: the agent that wrote the code reviews its own diff. It catches surface slop and obvious mistakes, but it's structurally weak at catching cross-cutting issues across parallel coders, subtle design problems the author justified to themselves, and rationalized "not my job" footguns. `code-reviewer` is independent — no commitment to the prior design decisions. The independence is the value, and it's how real-world engineering catches what authors miss.
|
||||
|
||||
**Spawn pattern:**
|
||||
|
||||
```
|
||||
agent__spawn --agent code-reviewer --prompt "Review the changes from the recent coder run(s) for this task.
|
||||
|
||||
Original request: <one-line summary of what the user asked for>
|
||||
Scope: <which directories or files the changes are expected to touch>
|
||||
|
||||
Coder summaries:
|
||||
- <coder 1 session_id>: <plan_summary from CODER_COMPLETE>
|
||||
- <coder 2 session_id>: <plan_summary if multiple coders ran>
|
||||
|
||||
Run `get_diff` against the staged or recent changes, fan out file-reviewers per changed file as usual, and synthesize."
|
||||
```
|
||||
|
||||
### Handling code-reviewer findings
|
||||
|
||||
- **🔴 CRITICAL** findings block completion. Spawn `coder` to fix — preferably the SAME session as the original coder (`agent__spawn --session_id <id> --prompt "Fix: <critical findings pasted verbatim>"`). Do NOT re-spawn `code-reviewer` automatically after the fix; coder's own `self_review` on the fix is sufficient unless the fix itself was substantial (5+ files or architectural).
|
||||
- **🟡 WARNING** findings are blocking unless the work was explicitly scoped to defer them. If unsure, ASK the user via `user__ask` whether to fix or accept.
|
||||
- **🟢 SUGGESTION / 💡 NITPICK** findings are informational. Surface them to the user with the final report. Do not block on them.
|
||||
- **`Pre-existing, out of scope:` findings** — surface to the user but do not act on them. They predate this work and aren't the current task's responsibility.
|
||||
|
||||
### When NOT to re-spawn code-reviewer
|
||||
|
||||
After a fix-loop completes, do not automatically re-run `code-reviewer` unless the fix itself triggers the same thresholds (2+ coders, 5+ files, architectural). Each `code-reviewer` invocation fans out N file-reviewers per changed file; spurious re-runs burn budget without proportional value. Trust coder's `self_review` on bounded fixes.
|
||||
|
||||
## File Operations (Direct Edits)
|
||||
|
||||
When you write or modify files yourself (rather than delegating to coder):
|
||||
|
||||
@@ -1,44 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: built-in-tools
|
||||
description: >
|
||||
Installs binaries and allows network domains required by Coyote's built-in
|
||||
global tools and the default MCP server set. Auto-applied by Coyote's sbx
|
||||
mixin discovery when running `coyote --sandbox`.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
# fetch_url_via_jina + jina reader fallback
|
||||
- "r.jina.ai:443"
|
||||
# get_current_weather (.sh, .py, .ts)
|
||||
- "wttr.in:443"
|
||||
# search_arxiv (the .sh tool still uses http://, so :80 is required until fixed)
|
||||
- "export.arxiv.org:443"
|
||||
- "export.arxiv.org:80"
|
||||
# search_arxiv + search_wikipedia may follow DOI redirects
|
||||
- "doi.org:443"
|
||||
# search_wikipedia
|
||||
- "en.wikipedia.org:443"
|
||||
# search_wolframalpha
|
||||
- "api.wolframalpha.com:443"
|
||||
# web_search_perplexity
|
||||
- "api.perplexity.ai:443"
|
||||
# web_search_tavily
|
||||
- "api.tavily.com:443"
|
||||
# send_twilio
|
||||
- "api.twilio.com:443"
|
||||
# MCP: github (built-in mcp.json: api.githubcopilot.com)
|
||||
- "api.githubcopilot.com:443"
|
||||
# MCP: atlassian (built-in mcp.json: mcp-remote -> mcp.atlassian.com)
|
||||
- "mcp.atlassian.com:443"
|
||||
# MCP: ddg-search (built-in mcp.json: uvx duckduckgo-mcp-server)
|
||||
- "duckduckgo.com:443"
|
||||
- "html.duckduckgo.com:443"
|
||||
- "lite.duckduckgo.com:443"
|
||||
# MCP: npx-based servers (mcp-remote) pull from npm
|
||||
- "registry.npmjs.org:443"
|
||||
# MCP: docker server may pull images from common registries
|
||||
- "ghcr.io:443"
|
||||
- "registry-1.docker.io:443"
|
||||
- "auth.docker.io:443"
|
||||
- "production.cloudflare.docker.com:443"
|
||||
@@ -28,8 +28,6 @@ main() {
|
||||
local grep_args=(-nH --color=never)
|
||||
|
||||
if [[ -d "$search_path" ]]; then
|
||||
# Use -r (not -R) so symlinks to directories are NOT followed - this avoids
|
||||
# infinite loops on pathological symlink cycles (e.g. `ln -s . loop`).
|
||||
grep_args+=(-r)
|
||||
grep_args+=(
|
||||
--exclude-dir='.git'
|
||||
|
||||
@@ -5,23 +5,6 @@ set -e
|
||||
# PREFERRED way to modify a file. Prefer this over fs_write whenever the file already exists: it sends less data,
|
||||
# preserves unchanged content automatically, and is less prone to accidental data loss from full rewrites.
|
||||
# Use fs_write only when you are creating a new file or doing a complete rewrite where most of the content changes.
|
||||
#
|
||||
# CRITICAL — the patch is matched byte-for-byte. There is no fuzzy matching, no whitespace tolerance, and no context shift:
|
||||
# - Context lines (prefixed with a single space) and removed lines (prefixed with '-') must equal the file content exactly.
|
||||
# If unsure, fs_cat the file first and copy the bytes verbatim into your patch.
|
||||
# - JSON-escape the contents string ONCE. Each literal backslash in the file becomes \\ in the JSON contents string. So a
|
||||
# shell line containing s|\\"|"|g must appear in JSON as s|\\\\\"|\"|g — NOT s|\\\\\\\"|\\\"|g. Over-escaping backslashes
|
||||
# is the most common cause of "unable to apply patch" failures, especially in files with sed/jq/regex pipelines or
|
||||
# embedded Python with quoted strings.
|
||||
# - Hunks are applied in order; the first hunk that fails aborts the whole patch — later hunks are NOT attempted.
|
||||
# - If you've edited this file in earlier tool calls, fs_cat it again before composing the patch. A stale view of the file
|
||||
# produces context lines that no longer match.
|
||||
# - On failure the error message names the failing hunk and shows the expected-vs-actual line. Fix that specific line and
|
||||
# retry — do not blindly resend a near-identical patch.
|
||||
#
|
||||
# For files with heavy escaping (sed/jq/regex pipelines, shell with embedded heredocs, deeply quoted strings), prefer
|
||||
# fs_write over chained fs_patch hunks to replace the entire file with the full new contents (i.e. original content +
|
||||
# your changes).
|
||||
|
||||
# @option --path! The path of the file to apply the patch to
|
||||
# @option --contents! The patch to apply to the file
|
||||
|
||||
@@ -507,9 +507,7 @@ open_link() {
|
||||
|
||||
guard_operation() {
|
||||
if [[ -z "$AUTO_CONFIRM" && -z "$LLM_AGENT_VAR_AUTO_CONFIRM" ]]; then
|
||||
# 2>/dev/tty: keep the prompt off the host-captured stderr pipe so it
|
||||
# can't leak into tool_call_error JSON when the wrapped command fails.
|
||||
ans="$(confirm "${1:-Are you sure you want to continue?}" 2>/dev/tty)"
|
||||
ans="$(confirm "${1:-Are you sure you want to continue?}")"
|
||||
|
||||
if [[ "$ans" == 0 ]]; then
|
||||
error "Operation aborted!" 2>&1
|
||||
@@ -600,14 +598,6 @@ patch_file() {
|
||||
|
||||
for (i = 2; i <= hunkTotalOriginalLines[hunkIndex]; i++) {
|
||||
if (lines[nextLineIndex] != hunkOriginalLines[hunkIndex,i]) {
|
||||
if (i - 1 > bestPartialLen[hunkIndex]) {
|
||||
bestPartialLen[hunkIndex] = i - 1
|
||||
bestPartialAnchorLine[hunkIndex] = lineIndex
|
||||
bestPartialHunkPos[hunkIndex] = i
|
||||
bestPartialDivergeLine[hunkIndex] = nextLineIndex
|
||||
bestPartialExpected[hunkIndex] = hunkOriginalLines[hunkIndex,i]
|
||||
bestPartialActual[hunkIndex] = lines[nextLineIndex]
|
||||
}
|
||||
nextLineIndex = 0
|
||||
break
|
||||
}
|
||||
@@ -629,32 +619,7 @@ patch_file() {
|
||||
}
|
||||
|
||||
if (hunkIndex != totalHunks + 1) {
|
||||
failingHunk = hunkIndex
|
||||
print "error: unable to apply patch" > "/dev/stderr"
|
||||
print "" > "/dev/stderr"
|
||||
print "Hunk " failingHunk " of " totalHunks " did not match the file." > "/dev/stderr"
|
||||
|
||||
if (bestPartialLen[failingHunk] == 0) {
|
||||
print "" > "/dev/stderr"
|
||||
print "The first context/removed line of hunk " failingHunk " was not found anywhere in the file:" > "/dev/stderr"
|
||||
print " expected: " hunkOriginalLines[failingHunk, 1] > "/dev/stderr"
|
||||
} else {
|
||||
print "" > "/dev/stderr"
|
||||
print "Closest match: anchored at file line " bestPartialAnchorLine[failingHunk] ", matched " bestPartialLen[failingHunk] " of " hunkTotalOriginalLines[failingHunk] " original lines before diverging." > "/dev/stderr"
|
||||
print "" > "/dev/stderr"
|
||||
print "At file line " bestPartialDivergeLine[failingHunk] " (hunk original line " bestPartialHunkPos[failingHunk] "):" > "/dev/stderr"
|
||||
print " expected: " bestPartialExpected[failingHunk] > "/dev/stderr"
|
||||
print " actual: " bestPartialActual[failingHunk] > "/dev/stderr"
|
||||
}
|
||||
|
||||
print "" > "/dev/stderr"
|
||||
print "Lines must match byte-for-byte (no fuzzy matching). Check escaping, whitespace, and quoting." > "/dev/stderr"
|
||||
|
||||
if (failingHunk < totalHunks) {
|
||||
print "" > "/dev/stderr"
|
||||
print (totalHunks - failingHunk) " subsequent hunk(s) were not attempted (patcher aborts on first failure)." > "/dev/stderr"
|
||||
}
|
||||
|
||||
exit 1
|
||||
}
|
||||
}
|
||||
@@ -692,8 +657,7 @@ guard_path() {
|
||||
confirmation_prompt="$2"
|
||||
|
||||
if [[ ! "$path" == "$(pwd)"* && -z "$AUTO_CONFIRM" && -z "$LLM_AGENT_VAR_AUTO_CONFIRM" ]]; then
|
||||
# 2>/dev/tty: see guard_operation — prevents prompt text leaking via captured stderr.
|
||||
ans="$(confirm "$confirmation_prompt" 2>/dev/tty)"
|
||||
ans="$(confirm "$confirmation_prompt")"
|
||||
|
||||
if [[ "$ans" == 0 ]]; then
|
||||
error "Operation aborted!" >&2
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
---
|
||||
skills_enabled: false
|
||||
---
|
||||
As a professional Prompt Engineer, your role is to create effective and innovative prompts for interacting with AI models.
|
||||
|
||||
Your core skills include:
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
---
|
||||
skills_enabled: false
|
||||
---
|
||||
Create a concise, 3-6 word title.
|
||||
|
||||
**Notes**:
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
---
|
||||
skills_enabled: false
|
||||
---
|
||||
Provide a terse, single sentence description of the given shell command.
|
||||
Describe each argument and option of the command.
|
||||
Provide short responses in about 80 words.
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
---
|
||||
skills_enabled: false
|
||||
---
|
||||
Provide only {{__shell__}} commands for {{__os_distro__}} without any description.
|
||||
Ensure the output is a valid {{__shell__}} command.
|
||||
If there is a lack of details, provide most logical solution.
|
||||
|
||||
@@ -1,325 +0,0 @@
|
||||
# Docker sbx agent kit for Coyote
|
||||
#
|
||||
# Setup (paths use $HOME so commands work in bash/zsh/PowerShell/Git Bash):
|
||||
# sbx create --kit ./sbx-kit/ coyote --name testing .
|
||||
# sbx cp $HOME/.config/coyote/ testing:/home/agent/.config/
|
||||
# sbx cp $HOME/.coyote_password testing:/home/agent/
|
||||
# sbx run testing --kit ./sbx-kit/
|
||||
schemaVersion: "1"
|
||||
kind: agent
|
||||
name: coyote
|
||||
displayName: Coyote
|
||||
description: >
|
||||
An all-in-one, batteries-included LLM CLI tool featuring Shell Assistant,
|
||||
CLI & REPL mode, RAG, AI tools & agents, MCP servers, skills, and macros.
|
||||
|
||||
agent:
|
||||
image: "docker/sandbox-templates:shell-docker"
|
||||
aiFilename: COYOTE.md
|
||||
# persistence: persistent
|
||||
entrypoint:
|
||||
run: ["bash", "-lc", "exec /home/agent/.cargo/bin/coyote"]
|
||||
|
||||
network:
|
||||
# Proxy-managed LLM providers: the proxy substitutes `proxy-managed` for
|
||||
# the env var inside the sandbox and rewrites the auth header per
|
||||
# serviceAuth at request time. Multiple domains may map to one service
|
||||
# (e.g. jina) so they share a single credential.
|
||||
serviceDomains:
|
||||
api.openai.com: openai
|
||||
api.anthropic.com: anthropic
|
||||
generativelanguage.googleapis.com: gemini
|
||||
api.cohere.ai: cohere
|
||||
api.groq.com: groq
|
||||
openrouter.ai: openrouter
|
||||
api.ai21.com: ai21
|
||||
api.cloudflare.com: cloudflare
|
||||
api.deepinfra.com: deepinfra
|
||||
api.deepseek.com: deepseek
|
||||
api.mistral.ai: mistral
|
||||
api.perplexity.ai: perplexity
|
||||
api.voyageai.com: voyageai
|
||||
api.x.ai: xai
|
||||
api.jina.ai: jina
|
||||
r.jina.ai: jina
|
||||
qianfan.baidubce.com: ernie
|
||||
api.hunyuan.cloud.tencent.com: hunyuan
|
||||
api.minimax.chat: minimax
|
||||
api.moonshot.cn: moonshot
|
||||
dashscope.aliyuncs.com: qianwen
|
||||
open.bigmodel.cn: zhipuai
|
||||
serviceAuth:
|
||||
openai:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
anthropic:
|
||||
headerName: x-api-key
|
||||
valueFormat: "%s"
|
||||
gemini:
|
||||
headerName: x-goog-api-key
|
||||
valueFormat: "%s"
|
||||
cohere:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
groq:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
openrouter:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
ai21:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
cloudflare:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
deepinfra:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
deepseek:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
mistral:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
perplexity:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
voyageai:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
xai:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
jina:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
ernie:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
hunyuan:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
minimax:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
moonshot:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
qianwen:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
zhipuai:
|
||||
headerName: Authorization
|
||||
valueFormat: "Bearer %s"
|
||||
allowedDomains:
|
||||
# Coyote release + self-update + model-registry sync
|
||||
- "github.com:443"
|
||||
- "api.github.com:443"
|
||||
- "raw.githubusercontent.com:443"
|
||||
- "objects.githubusercontent.com:443"
|
||||
- "*.githubusercontent.com:443"
|
||||
# Coyote install paths (cargo install + uv + rustup + Python tool deps at runtime)
|
||||
- "crates.io:443"
|
||||
- "static.crates.io:443"
|
||||
- "pypi.org:443"
|
||||
- "files.pythonhosted.org:443"
|
||||
- "astral.sh:443"
|
||||
- "sh.rustup.rs:443"
|
||||
- "static.rust-lang.org:443"
|
||||
|
||||
# LLM model OAuth + API endpoints
|
||||
- "claude.ai:443"
|
||||
- "console.anthropic.com:443"
|
||||
- "accounts.google.com:443"
|
||||
# *.googleapis.com covers oauth2 + userinfo + VertexAI regional endpoints
|
||||
# (*-aiplatform.googleapis.com). Do not narrow without re-checking VertexAI.
|
||||
- "*.googleapis.com:443"
|
||||
|
||||
# Bedrock and GitHub Models use signed / GitHub-PAT auth that the proxy
|
||||
# cannot rewrite. Domains are allow-listed; credentials must be injected
|
||||
# separately (see README "Extending").
|
||||
- "*.amazonaws.com:443"
|
||||
- "models.inference.ai.azure.com:443"
|
||||
|
||||
credentials:
|
||||
sources:
|
||||
openai:
|
||||
env:
|
||||
- OPENAI_API_KEY
|
||||
anthropic:
|
||||
env:
|
||||
- ANTHROPIC_API_KEY
|
||||
gemini:
|
||||
env:
|
||||
- GEMINI_API_KEY
|
||||
- GOOGLE_API_KEY
|
||||
cohere:
|
||||
env:
|
||||
- COHERE_API_KEY
|
||||
groq:
|
||||
env:
|
||||
- GROQ_API_KEY
|
||||
openrouter:
|
||||
env:
|
||||
- OPENROUTER_API_KEY
|
||||
ai21:
|
||||
env:
|
||||
- AI21_API_KEY
|
||||
cloudflare:
|
||||
env:
|
||||
- CLOUDFLARE_API_KEY
|
||||
deepinfra:
|
||||
env:
|
||||
- DEEPINFRA_API_KEY
|
||||
deepseek:
|
||||
env:
|
||||
- DEEPSEEK_API_KEY
|
||||
mistral:
|
||||
env:
|
||||
- MISTRAL_API_KEY
|
||||
perplexity:
|
||||
env:
|
||||
- PERPLEXITY_API_KEY
|
||||
voyageai:
|
||||
env:
|
||||
- VOYAGE_API_KEY
|
||||
xai:
|
||||
env:
|
||||
- XAI_API_KEY
|
||||
jina:
|
||||
env:
|
||||
- JINA_API_KEY
|
||||
ernie:
|
||||
env:
|
||||
- ERNIE_API_KEY
|
||||
hunyuan:
|
||||
env:
|
||||
- HUNYUAN_API_KEY
|
||||
minimax:
|
||||
env:
|
||||
- MINIMAX_API_KEY
|
||||
moonshot:
|
||||
env:
|
||||
- MOONSHOT_API_KEY
|
||||
qianwen:
|
||||
env:
|
||||
- DASHSCOPE_API_KEY
|
||||
zhipuai:
|
||||
env:
|
||||
- ZHIPUAI_API_KEY
|
||||
|
||||
environment:
|
||||
variables:
|
||||
IS_SANDBOX: "1"
|
||||
COYOTE_LOG_LEVEL: INFO
|
||||
proxyManaged:
|
||||
- OPENAI_API_KEY
|
||||
- ANTHROPIC_API_KEY
|
||||
- GEMINI_API_KEY
|
||||
- GOOGLE_API_KEY
|
||||
- COHERE_API_KEY
|
||||
- GROQ_API_KEY
|
||||
- OPENROUTER_API_KEY
|
||||
- AI21_API_KEY
|
||||
- CLOUDFLARE_API_KEY
|
||||
- DEEPINFRA_API_KEY
|
||||
- DEEPSEEK_API_KEY
|
||||
- MISTRAL_API_KEY
|
||||
- PERPLEXITY_API_KEY
|
||||
- VOYAGE_API_KEY
|
||||
- XAI_API_KEY
|
||||
- JINA_API_KEY
|
||||
- ERNIE_API_KEY
|
||||
- HUNYUAN_API_KEY
|
||||
- MINIMAX_API_KEY
|
||||
- MOONSHOT_API_KEY
|
||||
- DASHSCOPE_API_KEY
|
||||
- ZHIPUAI_API_KEY
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: |
|
||||
sudo apt-get update &&
|
||||
sudo apt-get install -y \
|
||||
jq curl git \
|
||||
build-essential pkg-config \
|
||||
cmake \
|
||||
clang libclang-dev \
|
||||
musl-tools \
|
||||
libssl-dev \
|
||||
pandoc \
|
||||
bzip2
|
||||
user: "1000"
|
||||
description: Install system prerequisites (including pandoc for fetch_url_via_curl)
|
||||
- command: "curl -LsSf https://astral.sh/uv/install.sh | sh"
|
||||
user: "1000"
|
||||
description: Install uv (required for Python-based custom tools)
|
||||
- command: |
|
||||
set -euo pipefail
|
||||
USQL_VERSION="0.19.20"
|
||||
ARCH=$(uname -m)
|
||||
case "$ARCH" in
|
||||
x86_64) USQL_ARCH=amd64 ;;
|
||||
aarch64) USQL_ARCH=arm64 ;;
|
||||
*) echo "Unsupported arch for usql install: $ARCH" >&2; exit 1 ;;
|
||||
esac
|
||||
curl -sSL "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o /tmp/usql.tar.bz2
|
||||
sudo tar -xjf /tmp/usql.tar.bz2 -C /usr/local/bin
|
||||
sudo chmod +x /usr/local/bin/usql
|
||||
rm -f /tmp/usql.tar.bz2
|
||||
user: "1000"
|
||||
description: Install the usql universal SQL CLI (used by the built-in sql agent and execute_sql_code tool)
|
||||
- command: |
|
||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
|
||||
sh -s -- -y \
|
||||
--default-toolchain stable \
|
||||
--profile minimal \
|
||||
--target x86_64-unknown-linux-musl
|
||||
. "$HOME/.cargo/env"
|
||||
cargo install --locked coyote-ai
|
||||
user: "1000"
|
||||
description: Install Coyote AI CLI via Rust's Cargo
|
||||
|
||||
startup:
|
||||
- command: ["sh", "-c", "test -f \"$HOME/.config/coyote/config.yaml\" || coyote --info >/dev/null 2>&1 || true"]
|
||||
user: "1000"
|
||||
background: false
|
||||
description: Bootstrap Coyote config directory on first sandbox start
|
||||
|
||||
memory: |
|
||||
## Sandbox environment
|
||||
|
||||
You are running inside a Docker sandbox launched via `sbx run coyote`. The
|
||||
user's project workspace is mounted at its absolute host path and is the
|
||||
current working directory. `sudo` is passwordless; use it for system
|
||||
package installs.
|
||||
|
||||
Coyote's configuration lives at `~/.config/coyote/` and logs at
|
||||
`~/.cache/coyote/coyote.log`. Persistence is enabled, so config, sessions,
|
||||
vault state, OAuth tokens, and installed tools survive sandbox restarts.
|
||||
|
||||
LLM provider credentials are forwarded by the sandbox HTTP proxy. The
|
||||
following provider env vars are recognized - export the ones you use on
|
||||
the host before running `sbx run coyote`:
|
||||
|
||||
OPENAI_API_KEY, ANTHROPIC_API_KEY, GEMINI_API_KEY / GOOGLE_API_KEY,
|
||||
COHERE_API_KEY, GROQ_API_KEY, OPENROUTER_API_KEY, AI21_API_KEY,
|
||||
CLOUDFLARE_API_KEY, DEEPINFRA_API_KEY, DEEPSEEK_API_KEY,
|
||||
MISTRAL_API_KEY, PERPLEXITY_API_KEY, VOYAGE_API_KEY, XAI_API_KEY,
|
||||
JINA_API_KEY, ERNIE_API_KEY, HUNYUAN_API_KEY, MINIMAX_API_KEY,
|
||||
MOONSHOT_API_KEY, DASHSCOPE_API_KEY (Qwen), ZHIPUAI_API_KEY
|
||||
|
||||
Inside the sandbox these appear as the placeholder string `proxy-managed`;
|
||||
the proxy substitutes the real value at request time. OAuth flows for
|
||||
Claude Pro/Max and Gemini are also allow-listed.
|
||||
|
||||
Bedrock (AWS) and VertexAI (Google Cloud) use signed/OAuth-token requests
|
||||
that the proxy cannot rewrite. Their domains are allow-listed but you must
|
||||
inject credentials yourself via `sbx run --env AWS_ACCESS_KEY_ID=...` or
|
||||
a mixin kit that mounts a service-account JSON.
|
||||
|
||||
Useful first-run commands:
|
||||
- `coyote --info` # show config paths and resolved settings
|
||||
- `coyote --list-secrets` # initialise the local vault
|
||||
- `coyote --authenticate <client>` # OAuth flow (Claude Pro/Max, Gemini)
|
||||
@@ -1,33 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: vault-aws-secrets-manager
|
||||
description: >
|
||||
Installs the AWS CLI v2 so the Coyote vault can read secrets from AWS
|
||||
Secrets Manager inside the sandbox. The AWS Rust SDK does not strictly
|
||||
require the CLI, but most users authenticate via `aws sso login` or
|
||||
`aws configure`, which need the CLI to be installed. After install, run
|
||||
the appropriate auth command in the sandbox; cached credentials persist
|
||||
for the lifetime of the sandbox.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
- "awscli.amazonaws.com:443"
|
||||
- "sts.amazonaws.com:443"
|
||||
- "*.sts.amazonaws.com:443"
|
||||
- "*.secretsmanager.amazonaws.com:443"
|
||||
- "*.amazonaws.com:443"
|
||||
- "*.awsapps.com:443"
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: |
|
||||
set -euo pipefail
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y unzip
|
||||
ARCH=$(uname -m)
|
||||
curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-${ARCH}.zip" -o /tmp/awscliv2.zip
|
||||
unzip -q /tmp/awscliv2.zip -d /tmp
|
||||
sudo /tmp/aws/install
|
||||
rm -rf /tmp/awscliv2.zip /tmp/aws
|
||||
user: "1000"
|
||||
description: Install AWS CLI v2 from the official installer
|
||||
@@ -1,24 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: vault-azure-key-vault
|
||||
description: >
|
||||
Installs the Azure CLI (`az`) so the Coyote vault can read secrets from
|
||||
Azure Key Vault inside the sandbox. After install, run `az login` in the
|
||||
sandbox to authenticate; the session token persists for the lifetime of
|
||||
the sandbox.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
- "aka.ms:443"
|
||||
- "packages.microsoft.com:443"
|
||||
- "azurecliprod.blob.core.windows.net:443"
|
||||
- "login.microsoftonline.com:443"
|
||||
- "graph.microsoft.com:443"
|
||||
- "management.azure.com:443"
|
||||
- "*.vault.azure.net:443"
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
|
||||
user: "1000"
|
||||
description: Install Azure CLI via Microsoft's official install script
|
||||
@@ -1,34 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: vault-gcp-secret-manager
|
||||
description: >
|
||||
Installs the Google Cloud CLI (`gcloud`) so the Coyote vault can read
|
||||
secrets from GCP Secret Manager inside the sandbox. The GCP Rust SDK does
|
||||
not strictly require the CLI, but most users authenticate via
|
||||
`gcloud auth application-default login`, which needs the CLI to be
|
||||
installed. After install, run that command in the sandbox; the ADC file
|
||||
persists for the lifetime of the sandbox.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
- "packages.cloud.google.com:443"
|
||||
- "accounts.google.com:443"
|
||||
- "oauth2.googleapis.com:443"
|
||||
- "secretmanager.googleapis.com:443"
|
||||
- "cloudresourcemanager.googleapis.com:443"
|
||||
- "*.googleapis.com:443"
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: |
|
||||
set -euo pipefail
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y apt-transport-https ca-certificates gnupg
|
||||
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" \
|
||||
| sudo tee /etc/apt/sources.list.d/google-cloud-sdk.list >/dev/null
|
||||
curl -sSL https://packages.cloud.google.com/apt/doc/apt-key.gpg \
|
||||
| sudo gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y google-cloud-cli
|
||||
user: "1000"
|
||||
description: Install gcloud CLI from Google's official apt repository
|
||||
@@ -1,30 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: vault-gopass
|
||||
description: >
|
||||
Installs `gopass` and `gpg` so the Coyote vault can read secrets from a
|
||||
gopass store inside the sandbox. The store must be cloned manually
|
||||
(gopass walks a user-specific git remote, so v1 only allowlists github.com
|
||||
and gitlab.com; add other hosts via a user mixin if needed). After install,
|
||||
run `gopass setup` or `gopass clone <remote>` in the sandbox.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
- "github.com:443"
|
||||
- "api.github.com:443"
|
||||
- "objects.githubusercontent.com:443"
|
||||
- "gitlab.com:443"
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: |
|
||||
set -euo pipefail
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y gnupg2 git
|
||||
GOPASS_VERSION="1.15.13"
|
||||
ARCH=$(dpkg --print-architecture)
|
||||
curl -sSL "https://github.com/gopasspw/gopass/releases/download/v${GOPASS_VERSION}/gopass_${GOPASS_VERSION}_linux_${ARCH}.deb" -o /tmp/gopass.deb
|
||||
sudo dpkg -i /tmp/gopass.deb
|
||||
rm -f /tmp/gopass.deb
|
||||
user: "1000"
|
||||
description: Install gnupg2, git, and gopass from the official .deb release
|
||||
@@ -1,31 +0,0 @@
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
name: vault-one-password
|
||||
description: >
|
||||
Installs the 1Password CLI (`op`) so the Coyote vault can decrypt secrets
|
||||
inside the sandbox. After install, run `op signin` in the sandbox to
|
||||
authenticate; credentials persist for the lifetime of the sandbox.
|
||||
|
||||
network:
|
||||
allowedDomains:
|
||||
- "downloads.1password.com:443"
|
||||
- "cache.agilebits.com:443"
|
||||
- "my.1password.com:443"
|
||||
- "my.1password.eu:443"
|
||||
- "my.1password.ca:443"
|
||||
- "events.1password.com:443"
|
||||
|
||||
commands:
|
||||
install:
|
||||
- command: |
|
||||
set -euo pipefail
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y unzip
|
||||
OP_VERSION="v2.30.3"
|
||||
ARCH=$(dpkg --print-architecture)
|
||||
curl -sSL "https://cache.agilebits.com/dist/1P/op2/pkg/${OP_VERSION}/op_linux_${ARCH}_${OP_VERSION}.zip" -o /tmp/op.zip
|
||||
sudo unzip -od /usr/local/bin /tmp/op.zip op
|
||||
sudo chmod +x /usr/local/bin/op
|
||||
rm -f /tmp/op.zip
|
||||
user: "1000"
|
||||
description: Install 1Password CLI from the official archive
|
||||
@@ -48,12 +48,6 @@ enabled_skills: # Optional list of skills available when this a
|
||||
# Must be a subset of global `visible_skills`. Omit to inherit the global default.
|
||||
- git-master
|
||||
- ai-slop-remover
|
||||
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled
|
||||
# (default: true). Suppressed automatically when no skills are available.
|
||||
skill_instructions: null # Custom text for the skill hint (optional; uses built-in default if null)
|
||||
memory: null # Per-agent memory override (default: inherit). Set to `false` to disable memory
|
||||
# for this agent regardless of workspace/global presence. See the Memory wiki page.
|
||||
|
||||
dynamic_instructions: false # Whether to use dynamic instructions for the agent; if false, static instructions are used
|
||||
instructions: | # Static instructions for the agent; ignored if dynamic instructions are used
|
||||
You are a AI agent designed to demonstrate agent capabilities.
|
||||
|
||||
+11
-28
@@ -137,25 +137,21 @@ enabled_mcp_servers: null # Which MCP servers to enable by default.
|
||||
# ---- Skills ----
|
||||
# Skills are modular knowledge or capability packs the LLM can load and unload mid-conversation.
|
||||
# See the [Skills documentation](https://github.com/Dark-Alex-17/coyote/wiki/Skills) for more details.
|
||||
skills_enabled: true # Master switch. Set to false to hide all skill management tools from the model.
|
||||
# Skills also require `function_calling_support: true` above to work at all.
|
||||
visible_skills: # The universe of skills allowed to be enabled in any context. Omit (null) for "all installed".
|
||||
skills_enabled: true # Master switch. Set to false to hide all skill management tools from the model.
|
||||
# Skills also require `function_calling_support: true` above to work at all.
|
||||
visible_skills: # The universe of skills allowed to be enabled in any context. Omit (null) for "all installed".
|
||||
- ai-slop-remover
|
||||
- code-review
|
||||
- frontend-ui-ux
|
||||
- git-master
|
||||
enabled_skills: null # Which skills are available by default (no role/agent/session active). null = all visible.
|
||||
# Accepts either a YAML list or a comma-separated string.
|
||||
# Example (list form):
|
||||
# enabled_skills:
|
||||
# - git-master
|
||||
# - ai-slop-remover
|
||||
# Example (comma-separated form):
|
||||
# enabled_skills: git-master,ai-slop-remover
|
||||
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled in
|
||||
# this context. Only injected if `function_calling_support`, `skills_enabled`, and the
|
||||
# effective enabled skill set is non-empty (default: true).
|
||||
skill_instructions: null # Custom text used for the skill hint when injected. If null, uses built-in default.
|
||||
enabled_skills: null # Which skills are available by default (no role/agent/session active). null = all visible.
|
||||
# Accepts either a YAML list or a comma-separated string.
|
||||
# Example (list form):
|
||||
# enabled_skills:
|
||||
# - git-master
|
||||
# - ai-slop-remover
|
||||
# Example (comma-separated form):
|
||||
# enabled_skills: git-master,ai-slop-remover
|
||||
|
||||
# ---- Auto-Continue (Todo System) ----
|
||||
# The auto-continue system provides built-in task tracking for improved reliability.
|
||||
@@ -176,19 +172,6 @@ summarization_prompt: > # The text prompt used for creating a concise s
|
||||
summary_context_prompt: > # The text prompt used for including the summary of the entire session as context to the model
|
||||
'This is a summary of the chat history as a recap: '
|
||||
|
||||
# ---- Memory ----
|
||||
# See the [Memory documentation](https://github.com/Dark-Alex-17/coyote/wiki/Memory) for more information.
|
||||
# Memory is opt-in by workspace presence (a `COYOTE.md` or `.coyote/memory/MEMORY.md`)
|
||||
# and global presence (`<config_dir>/memory/MEMORY.md`). Set `memory: false` to disable
|
||||
# even when memory files exist. The cascade is: agent > session > role > app.
|
||||
# Bootstrap with `coyote --init-memory [global|workspace]` to create the marker file
|
||||
# the LLM needs before it will write any memory.
|
||||
memory: null # null = enabled when memory exists on disk; true = force on; false = force off
|
||||
memory_cap_with_tools: null # Char cap for injected memory when function calling is available (default: 6000).
|
||||
# Only MEMORY.md indexes are injected; the LLM uses memory__read to fetch drill files.
|
||||
memory_cap_without_tools: null # Char cap when function calling is unavailable (default: 12000).
|
||||
# Indexes plus drill file bodies are injected up to this cap.
|
||||
|
||||
# ---- RAG ----
|
||||
# See the [RAG Docs](https://github.com/Dark-Alex-17/coyote/wiki/RAG) for more details.
|
||||
rag_embedding_model: null # Specifies the embedding model used for context retrieval
|
||||
|
||||
@@ -19,12 +19,6 @@ skills_enabled: true # Master switch for skills in this role (d
|
||||
enabled_skills: # Skills available when this role is active. Accepts a YAML list (preferred)
|
||||
- git-master # or a comma-separated string (e.g. `enabled_skills: git-master,ai-slop-remover`).
|
||||
- ai-slop-remover # Must be a subset of global `visible_skills`. Omit to inherit the global default.
|
||||
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled
|
||||
# (default: true). Suppressed automatically when no skills are available.
|
||||
skill_instructions: null # Custom text for the skill hint (optional; uses built-in default if null)
|
||||
memory: null # Per-role memory override (default: inherit). Set to `false` to disable memory
|
||||
# when this role is active. See the Memory wiki page.
|
||||
|
||||
prompt: null # A custom prompt to use for this role that will immediately query
|
||||
# the model for output instead of using the instructions below
|
||||
# Auto-Continue (Todo System)
|
||||
|
||||
@@ -63,9 +63,6 @@ enabled_skills:
|
||||
- code-review
|
||||
- git-master
|
||||
- ai-slop-remover
|
||||
inject_skill_instructions: true # Inject a hint pointing the model at `skill__list`. Defaults to true; suppressed
|
||||
# automatically when no skills are available.
|
||||
skill_instructions: null # Custom text for the skill hint (optional; uses the built-in default if omitted).
|
||||
|
||||
conversation_starters: # Suggested prompts surfaced in the UI
|
||||
- "Research the current state of WebAssembly outside the browser"
|
||||
@@ -176,12 +173,8 @@ nodes:
|
||||
# catches violations at load time). `skills_enabled: false` would
|
||||
# disable skills entirely for this node (no meta-tools exposed).
|
||||
# Nothing is auto-loaded: the model decides when to load a skill.
|
||||
skills_enabled: true # Whether skills are enabled on this llm node; defaults to 'true'
|
||||
enabled_skills:
|
||||
- ai-slop-remover
|
||||
inject_skill_instructions: true # Override skill-hint injection for just this node. Falls back to
|
||||
# agent/graph/global default when omitted.
|
||||
skill_instructions: null # Per-node skill-hint text override; uses the built-in default when omitted.
|
||||
output_schema: # Optional JSON Schema. The output is parsed to JSON
|
||||
type: object # and its top-level object keys auto-merge into state
|
||||
properties: # (so `topic` / `needs_deep_dive` become {{topic}} etc).
|
||||
|
||||
-137
@@ -3,62 +3,6 @@
|
||||
# - https://platform.openai.com/docs/api-reference/chat
|
||||
- provider: openai
|
||||
models:
|
||||
- name: gpt-5.5
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 5
|
||||
output_price: 30
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.5-pro
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 30
|
||||
output_price: 180
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.4
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 2.5
|
||||
output_price: 15
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.4-pro
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 30
|
||||
output_price: 180
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.4-mini
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 0.75
|
||||
output_price: 4.5
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.4-nano
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 0.2
|
||||
output_price: 1.25
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.3-codex
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 1.75
|
||||
output_price: 14
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: chat-latest
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 5
|
||||
output_price: 30
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: gpt-5.2
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
@@ -329,14 +273,6 @@
|
||||
# - https://docs.anthropic.com/en/api/messages
|
||||
- provider: claude
|
||||
models:
|
||||
- name: claude-fable-5
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
require_max_tokens: true
|
||||
input_price: 10
|
||||
output_price: 50
|
||||
supports_function_calling: true
|
||||
supports_vision: true
|
||||
- name: claude-opus-4-8
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
@@ -875,14 +811,6 @@
|
||||
max_input_tokens: 1048576
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: claude-fable-5
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
require_max_tokens: true
|
||||
input_price: 10
|
||||
output_price: 50
|
||||
supports_function_calling: true
|
||||
supports_vision: true
|
||||
- name: claude-opus-4-8
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
@@ -1054,14 +982,6 @@
|
||||
# - https://docs.aws.amazon.com/bedrock/latest/userguide/conversation-inference-call.html
|
||||
- provider: bedrock
|
||||
models:
|
||||
- name: us.anthropic.claude-fable-5
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
require_max_tokens: true
|
||||
input_price: 10
|
||||
output_price: 50
|
||||
supports_function_calling: true
|
||||
supports_vision: true
|
||||
- name: us.anthropic.claude-opus-4-8
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
@@ -1620,55 +1540,6 @@
|
||||
# - https://openrouter.ai/docs/api-reference/chat-completion
|
||||
- provider: openrouter
|
||||
models:
|
||||
- name: openai/gpt-5.5
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 5
|
||||
output_price: 30
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.5-pro
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 30
|
||||
output_price: 180
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.4
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 2.5
|
||||
output_price: 15
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.4-pro
|
||||
max_input_tokens: 1050000
|
||||
max_output_tokens: 128000
|
||||
input_price: 30
|
||||
output_price: 180
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.4-mini
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 0.75
|
||||
output_price: 4.5
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.4-nano
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 0.2
|
||||
output_price: 1.25
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.3-codex
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
input_price: 1.75
|
||||
output_price: 14
|
||||
supports_vision: true
|
||||
supports_function_calling: true
|
||||
- name: openai/gpt-5.2
|
||||
max_input_tokens: 400000
|
||||
max_output_tokens: 128000
|
||||
@@ -1753,14 +1624,6 @@
|
||||
max_input_tokens: 131072
|
||||
input_price: 0.1
|
||||
output_price: 0.2
|
||||
- name: anthropic/claude-fable-5
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
require_max_tokens: true
|
||||
input_price: 10
|
||||
output_price: 50
|
||||
supports_function_calling: true
|
||||
supports_vision: true
|
||||
- name: anthropic/claude-opus-4-8
|
||||
max_input_tokens: 1000000
|
||||
max_output_tokens: 128000
|
||||
|
||||
+7
-10
@@ -137,16 +137,13 @@ pub(super) fn session_completer(current: &OsStr) -> Vec<CompletionCandidate> {
|
||||
pub(super) fn secrets_completer(current: &OsStr) -> Vec<CompletionCandidate> {
|
||||
let cur = current.to_string_lossy();
|
||||
match load_app_config_for_completion() {
|
||||
Ok(app_config) => match Vault::init(&app_config) {
|
||||
Ok(vault) => vault
|
||||
.list_secrets(false)
|
||||
.unwrap_or_default()
|
||||
.into_iter()
|
||||
.filter(|s| s.starts_with(&*cur))
|
||||
.map(CompletionCandidate::new)
|
||||
.collect(),
|
||||
Err(_) => vec![],
|
||||
},
|
||||
Ok(app_config) => Vault::init(&app_config)
|
||||
.list_secrets(false)
|
||||
.unwrap_or_default()
|
||||
.into_iter()
|
||||
.filter(|s| s.starts_with(&*cur))
|
||||
.map(CompletionCandidate::new)
|
||||
.collect(),
|
||||
Err(_) => vec![],
|
||||
}
|
||||
}
|
||||
|
||||
+3
-114
@@ -4,13 +4,12 @@ use crate::cli::completer::{
|
||||
ShellCompletion, agent_completer, macro_completer, model_completer, rag_completer,
|
||||
role_completer, secrets_completer, session_completer,
|
||||
};
|
||||
use crate::config::{AssetCategory, InstallFilter, MemoryScope};
|
||||
use crate::config::{AssetCategory, InstallFilter};
|
||||
use anyhow::{Context, Result};
|
||||
use clap::{ArgGroup, ValueHint};
|
||||
use clap::ValueHint;
|
||||
use clap::{Parser, crate_authors, crate_description, crate_version};
|
||||
use clap_complete::ArgValueCompleter;
|
||||
use is_terminal::IsTerminal;
|
||||
use std::collections::HashSet;
|
||||
use std::io::{Read, stdin};
|
||||
|
||||
#[derive(Parser, Debug)]
|
||||
@@ -27,20 +26,7 @@ use std::io::{Read, stdin};
|
||||
{usage-heading} {usage}
|
||||
|
||||
{all-args}{after-help}
|
||||
",
|
||||
group(
|
||||
ArgGroup::new("sbx-mode")
|
||||
.args(["sandbox", "fresh", "no_mixins"])
|
||||
.multiple(true)
|
||||
.conflicts_with_all([
|
||||
"model", "prompt", "role", "session", "agent", "rag", "rebuild_rag",
|
||||
"macro_name", "execute", "code", "file", "no_stream", "no_memory",
|
||||
"init_memory", "dry_run", "info", "build_tools", "install",
|
||||
"install_from", "sync_models", "list_models", "list_roles",
|
||||
"list_sessions", "list_agents", "list_rags", "list_macros",
|
||||
"list_skills", "skill", "tail_logs", "completions", "update",
|
||||
])
|
||||
),
|
||||
"
|
||||
)]
|
||||
pub struct Cli {
|
||||
/// Select a LLM model
|
||||
@@ -88,12 +74,6 @@ pub struct Cli {
|
||||
/// Turn off stream mode
|
||||
#[arg(short = 'S', long)]
|
||||
pub no_stream: bool,
|
||||
/// Disable memory for this invocation
|
||||
#[arg(long)]
|
||||
pub no_memory: bool,
|
||||
/// Bootstrap a memory marker so coyote begins loading memory next run
|
||||
#[arg(long, value_name = "SCOPE", value_enum)]
|
||||
pub init_memory: Option<MemoryScope>,
|
||||
/// Display the message without sending it
|
||||
#[arg(long)]
|
||||
pub dry_run: bool,
|
||||
@@ -180,30 +160,9 @@ pub struct Cli {
|
||||
/// With --update, update even if Coyote was installed via a package manager
|
||||
#[arg(long, requires = "update")]
|
||||
pub force: bool,
|
||||
/// Launch Coyote inside a Docker sandbox (via `sbx`); name defaults to current directory basename
|
||||
#[arg(long, value_name = "NAME")]
|
||||
pub sandbox: Option<Option<String>>,
|
||||
/// Create the sandbox without bootstrapping the host config or vault password file
|
||||
#[arg(long, requires = "sandbox")]
|
||||
pub fresh: bool,
|
||||
/// Skip discovery and application of all sbx mixins (user and built-in)
|
||||
#[arg(long, requires = "sandbox")]
|
||||
pub no_mixins: bool,
|
||||
}
|
||||
|
||||
impl Cli {
|
||||
pub fn skills(&self) -> Vec<String> {
|
||||
let mut seen = HashSet::new();
|
||||
let mut out = Vec::with_capacity(self.skill.len());
|
||||
for name in &self.skill {
|
||||
if seen.insert(name.clone()) {
|
||||
out.push(name.clone());
|
||||
}
|
||||
}
|
||||
|
||||
out
|
||||
}
|
||||
|
||||
pub fn text(&self) -> Result<Option<String>> {
|
||||
let mut stdin_text = String::new();
|
||||
if !stdin().is_terminal() {
|
||||
@@ -364,21 +323,6 @@ mod tests {
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn skills_method_dedupes_preserving_first_occurrence() {
|
||||
let cli = parse(&[
|
||||
"--skill", "alpha", "--skill", "beta", "--skill", "alpha", "--skill", "gamma",
|
||||
"--skill", "beta",
|
||||
]);
|
||||
|
||||
assert_eq!(cli.skills(), vec!["alpha", "beta", "gamma"]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn skills_method_returns_empty_when_no_flags() {
|
||||
assert!(parse(&[]).skills().is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_file_flag_single() {
|
||||
let cli = parse(&["-f", "file.txt", "question"]);
|
||||
@@ -517,59 +461,4 @@ mod tests {
|
||||
fn parse_force_without_update_fails() {
|
||||
assert!(Cli::try_parse_from(["coyote", "--force"]).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_sandbox_flag_no_value() {
|
||||
let cli = parse(&["--sandbox"]);
|
||||
assert_eq!(cli.sandbox, Some(None));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_sandbox_flag_with_name() {
|
||||
let cli = parse(&["--sandbox", "my-box"]);
|
||||
assert_eq!(cli.sandbox, Some(Some("my-box".to_string())));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_sandbox_is_exclusive() {
|
||||
assert!(Cli::try_parse_from(["coyote", "--sandbox", "--agent", "foo"]).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_fresh_flag_requires_sandbox() {
|
||||
assert!(Cli::try_parse_from(["coyote", "--fresh"]).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_fresh_flag_with_sandbox() {
|
||||
let cli = parse(&["--sandbox", "--fresh"]);
|
||||
assert_eq!(cli.sandbox, Some(None));
|
||||
assert!(cli.fresh);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_fresh_flag_with_named_sandbox() {
|
||||
let cli = parse(&["--sandbox", "foo", "--fresh"]);
|
||||
assert_eq!(cli.sandbox, Some(Some("foo".to_string())));
|
||||
assert!(cli.fresh);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_no_mixins_requires_sandbox() {
|
||||
assert!(Cli::try_parse_from(["coyote", "--no-mixins"]).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_no_mixins_with_sandbox() {
|
||||
let cli = parse(&["--sandbox", "--no-mixins"]);
|
||||
assert!(cli.no_mixins);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_sandbox_with_fresh_and_no_mixins() {
|
||||
let cli = parse(&["--sandbox", "foo", "--fresh", "--no-mixins"]);
|
||||
assert_eq!(cli.sandbox, Some(Some("foo".to_string())));
|
||||
assert!(cli.fresh);
|
||||
assert!(cli.no_mixins);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,7 +18,7 @@ pub struct AzureOpenAIConfig {
|
||||
impl AzureOpenAIClient {
|
||||
config_get_fn!(api_base, get_api_base);
|
||||
config_get_fn!(api_key, get_api_key);
|
||||
|
||||
|
||||
create_client_config!([
|
||||
(
|
||||
"api_base",
|
||||
|
||||
@@ -354,9 +354,7 @@ pub async fn create_config(
|
||||
"type": client,
|
||||
});
|
||||
for (key, desc, help_message, is_secret) in prompts {
|
||||
let env_name = format!("{client}-{key}")
|
||||
.to_ascii_uppercase()
|
||||
.replace("_", "-");
|
||||
let env_name = format!("{client}_{key}").to_ascii_uppercase();
|
||||
let required = std::env::var(&env_name).is_err();
|
||||
let value = if !is_secret {
|
||||
prompt_input_string(desc, required, *help_message)?
|
||||
|
||||
@@ -119,11 +119,7 @@ fn prepare_chat_completions(
|
||||
format!("{base_url}/google/models/{model_name}:{func}")
|
||||
}
|
||||
ModelCategory::Claude => {
|
||||
let func = match data.stream {
|
||||
true => "streamRawPredict",
|
||||
false => "rawPredict",
|
||||
};
|
||||
format!("{base_url}/anthropic/models/{model_name}:{func}")
|
||||
format!("{base_url}/anthropic/models/{model_name}:streamRawPredict")
|
||||
}
|
||||
ModelCategory::Mistral => {
|
||||
let func = match data.stream {
|
||||
|
||||
+1
-36
@@ -2,7 +2,6 @@ use super::*;
|
||||
|
||||
use crate::{
|
||||
client::Model,
|
||||
config::memory,
|
||||
function::{Functions, run_llm_function},
|
||||
};
|
||||
|
||||
@@ -20,7 +19,7 @@ use fancy_regex::Captures;
|
||||
use inquire::{Text, validator::Validation};
|
||||
use rust_embed::Embed;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::{env, ffi::OsStr, path::Path};
|
||||
use std::{ffi::OsStr, path::Path};
|
||||
|
||||
const DEFAULT_AGENT_NAME: &str = "rag";
|
||||
|
||||
@@ -215,20 +214,6 @@ impl Agent {
|
||||
functions.append_skill_functions();
|
||||
}
|
||||
|
||||
if app.function_calling_support
|
||||
&& !matches!(agent_config.memory, Some(false))
|
||||
&& !matches!(app.memory, Some(false))
|
||||
{
|
||||
let memory_exists = paths::global_memory_index_path().exists()
|
||||
|| env::current_dir()
|
||||
.ok()
|
||||
.and_then(|cwd| memory::discover_workspace_memory(&cwd))
|
||||
.is_some();
|
||||
if memory_exists {
|
||||
functions.append_memory_functions();
|
||||
}
|
||||
}
|
||||
|
||||
agent_config.replace_tools_placeholder(&functions);
|
||||
|
||||
Ok(Self {
|
||||
@@ -367,10 +352,6 @@ impl Agent {
|
||||
self.config.enabled_skills.as_deref()
|
||||
}
|
||||
|
||||
pub fn memory(&self) -> Option<bool> {
|
||||
self.config.memory
|
||||
}
|
||||
|
||||
pub fn set_skills_enabled(&mut self, value: Option<bool>) {
|
||||
self.config.skills_enabled = value;
|
||||
}
|
||||
@@ -483,14 +464,6 @@ impl Agent {
|
||||
self.config.continuation_prompt.clone()
|
||||
}
|
||||
|
||||
pub fn inject_skill_instructions(&self) -> bool {
|
||||
self.config.inject_skill_instructions
|
||||
}
|
||||
|
||||
pub fn skill_instructions_value(&self) -> Option<String> {
|
||||
self.config.skill_instructions.clone()
|
||||
}
|
||||
|
||||
pub fn can_spawn_agents(&self) -> bool {
|
||||
self.config.can_spawn_agents
|
||||
}
|
||||
@@ -652,12 +625,6 @@ pub struct AgentConfig {
|
||||
pub inject_todo_instructions: bool,
|
||||
#[serde(default = "default_true")]
|
||||
pub inject_spawn_instructions: bool,
|
||||
#[serde(default = "default_true")]
|
||||
pub inject_skill_instructions: bool,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub skill_instructions: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub memory: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub compression_threshold: Option<usize>,
|
||||
#[serde(default)]
|
||||
@@ -737,8 +704,6 @@ impl AgentConfig {
|
||||
mcp_servers: graph.mcp_servers.clone(),
|
||||
skills_enabled: graph.skills_enabled,
|
||||
enabled_skills: graph.enabled_skills.clone(),
|
||||
inject_skill_instructions: graph.inject_skill_instructions.unwrap_or(true),
|
||||
skill_instructions: graph.skill_instructions.clone(),
|
||||
conversation_starters: graph.conversation_starters.clone(),
|
||||
variables: graph.variables.clone(),
|
||||
can_spawn_agents: graph.has_agent_node(),
|
||||
|
||||
@@ -3,7 +3,7 @@ use crate::render::{MarkdownRender, RenderOptions};
|
||||
use crate::utils::{IS_STDOUT_TERMINAL, NO_COLOR, decode_bin, get_env_name};
|
||||
|
||||
use super::paths;
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
use anyhow::{Context, Result, anyhow};
|
||||
use gman::providers::SupportedProvider;
|
||||
use indexmap::IndexMap;
|
||||
use serde::Deserialize;
|
||||
@@ -52,8 +52,6 @@ pub struct AppConfig {
|
||||
pub max_auto_continues: usize,
|
||||
pub inject_todo_instructions: bool,
|
||||
pub continuation_prompt: Option<String>,
|
||||
pub inject_skill_instructions: bool,
|
||||
pub skill_instructions: Option<String>,
|
||||
|
||||
pub repl_prelude: Option<String>,
|
||||
pub cmd_prelude: Option<String>,
|
||||
@@ -64,10 +62,6 @@ pub struct AppConfig {
|
||||
pub summarization_prompt: Option<String>,
|
||||
pub summary_context_prompt: Option<String>,
|
||||
|
||||
pub memory: Option<bool>,
|
||||
pub memory_cap_with_tools: Option<usize>,
|
||||
pub memory_cap_without_tools: Option<usize>,
|
||||
|
||||
pub rag_embedding_model: Option<String>,
|
||||
pub rag_reranker_model: Option<String>,
|
||||
pub rag_top_k: usize,
|
||||
@@ -124,8 +118,6 @@ impl Default for AppConfig {
|
||||
max_auto_continues: 10,
|
||||
inject_todo_instructions: true,
|
||||
continuation_prompt: None,
|
||||
inject_skill_instructions: true,
|
||||
skill_instructions: None,
|
||||
|
||||
repl_prelude: None,
|
||||
cmd_prelude: None,
|
||||
@@ -136,10 +128,6 @@ impl Default for AppConfig {
|
||||
summarization_prompt: None,
|
||||
summary_context_prompt: None,
|
||||
|
||||
memory: None,
|
||||
memory_cap_with_tools: None,
|
||||
memory_cap_without_tools: None,
|
||||
|
||||
rag_embedding_model: None,
|
||||
rag_reranker_model: None,
|
||||
rag_top_k: 5,
|
||||
@@ -197,8 +185,6 @@ impl AppConfig {
|
||||
max_auto_continues: config.max_auto_continues,
|
||||
inject_todo_instructions: config.inject_todo_instructions,
|
||||
continuation_prompt: config.continuation_prompt,
|
||||
inject_skill_instructions: config.inject_skill_instructions,
|
||||
skill_instructions: config.skill_instructions,
|
||||
|
||||
repl_prelude: config.repl_prelude,
|
||||
cmd_prelude: config.cmd_prelude,
|
||||
@@ -209,10 +195,6 @@ impl AppConfig {
|
||||
summarization_prompt: config.summarization_prompt,
|
||||
summary_context_prompt: config.summary_context_prompt,
|
||||
|
||||
memory: config.memory,
|
||||
memory_cap_with_tools: config.memory_cap_with_tools,
|
||||
memory_cap_without_tools: config.memory_cap_without_tools,
|
||||
|
||||
rag_embedding_model: config.rag_embedding_model,
|
||||
rag_reranker_model: config.rag_reranker_model,
|
||||
rag_top_k: config.rag_top_k,
|
||||
@@ -234,7 +216,6 @@ impl AppConfig {
|
||||
clients: config.clients,
|
||||
};
|
||||
app_config.load_envs();
|
||||
app_config.validate_visible_skills()?;
|
||||
if let Some(wrap) = app_config.wrap.clone() {
|
||||
app_config.set_wrap(&wrap)?;
|
||||
}
|
||||
@@ -244,28 +225,11 @@ impl AppConfig {
|
||||
Ok(app_config)
|
||||
}
|
||||
|
||||
fn validate_visible_skills(&self) -> Result<()> {
|
||||
let Some(skills) = self.visible_skills.as_ref() else {
|
||||
return Ok(());
|
||||
};
|
||||
|
||||
for name in skills {
|
||||
paths::validate_skill_name(name)
|
||||
.map_err(|e| anyhow!("invalid entry in visible_skills: {e}"))?;
|
||||
|
||||
if !paths::has_skill(name) {
|
||||
bail!("visible_skills references skill '{name}' which is not installed");
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn resolve_model(&mut self) -> Result<()> {
|
||||
if self.model_id.is_empty() {
|
||||
let models = list_models(self, crate::client::ModelType::Chat);
|
||||
if models.is_empty() {
|
||||
bail!("No available model");
|
||||
anyhow::bail!("No available model");
|
||||
}
|
||||
self.model_id = models[0].id();
|
||||
}
|
||||
@@ -274,25 +238,10 @@ impl AppConfig {
|
||||
|
||||
pub fn vault_password_file(&self) -> PathBuf {
|
||||
match &self.vault_password_file {
|
||||
Some(path) => {
|
||||
if path.exists() {
|
||||
return path.clone();
|
||||
}
|
||||
|
||||
if let Some(translated) = paths::translate_sandboxed_home_path(path)
|
||||
&& translated.exists()
|
||||
{
|
||||
info!(
|
||||
"vault_password_file '{}' not found; resolved to sandboxed path '{}'",
|
||||
path.display(),
|
||||
translated.display()
|
||||
);
|
||||
|
||||
return translated;
|
||||
}
|
||||
|
||||
gman::config::Config::local_provider_password_file()
|
||||
}
|
||||
Some(path) => match path.exists() {
|
||||
true => path.clone(),
|
||||
false => gman::config::Config::local_provider_password_file(),
|
||||
},
|
||||
None => gman::config::Config::local_provider_password_file(),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ impl AppState {
|
||||
start_mcp_servers: bool,
|
||||
abort_signal: AbortSignal,
|
||||
) -> Result<Self> {
|
||||
let vault = Arc::new(Vault::init(&config)?);
|
||||
let vault = Arc::new(Vault::init(&config));
|
||||
|
||||
let mcp_registry = McpRegistry::init(
|
||||
log_path,
|
||||
|
||||
+10
-107
@@ -1,3 +1,10 @@
|
||||
use anyhow::{Context, Result, bail};
|
||||
use indexmap::IndexMap;
|
||||
use inquire::{Confirm, Select};
|
||||
use std::ffi::{OsStr, OsString};
|
||||
use std::fs;
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
use crate::config::{InstallFilter, paths};
|
||||
#[cfg(not(windows))]
|
||||
use crate::function::Language;
|
||||
@@ -5,13 +12,6 @@ use crate::mcp::{McpServer, McpServersConfig};
|
||||
use crate::utils;
|
||||
use crate::utils::IS_STDOUT_TERMINAL;
|
||||
use crate::vault::{Vault, create_vault_password_file, interpolate_secrets};
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
use indexmap::IndexMap;
|
||||
use indoc::formatdoc;
|
||||
use inquire::{Confirm, Select};
|
||||
use std::ffi::{OsStr, OsString};
|
||||
use std::fs;
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
pub fn install_remote(git_url: &str, filter: Option<InstallFilter>, force: bool) -> Result<()> {
|
||||
let (url, reference) = parse_url_with_ref(git_url)?;
|
||||
@@ -418,26 +418,6 @@ fn plan_dir_into(
|
||||
let rel = src
|
||||
.strip_prefix(src_dir)
|
||||
.expect("walk_files only returns paths under src_dir");
|
||||
|
||||
if category == TopCategory::Skills {
|
||||
let skill_name = rel
|
||||
.components()
|
||||
.next()
|
||||
.and_then(|c| c.as_os_str().to_str())
|
||||
.ok_or_else(|| {
|
||||
anyhow!(
|
||||
"remote skill bundle has unparseable path component: {}",
|
||||
rel.display()
|
||||
)
|
||||
})?;
|
||||
paths::validate_skill_name(skill_name).with_context(|| {
|
||||
format!(
|
||||
"remote skill '{skill_name}' has an invalid name \
|
||||
(skill names must contain only ASCII alphanumerics, '-', or '_')"
|
||||
)
|
||||
})?;
|
||||
}
|
||||
|
||||
let dst = dst_dir.join(rel);
|
||||
let kind = classify_file(&src, &dst)?;
|
||||
out.push(PlannedFile {
|
||||
@@ -751,21 +731,8 @@ fn merge_mcp_json(
|
||||
serde_json::to_string_pretty(&merged).context("failed to serialize merged mcp.json")?;
|
||||
write_atomically(&final_path, &serialized)?;
|
||||
|
||||
let vault = Vault::init_bare()?;
|
||||
let missing = match interpolate_secrets(&serialized, &vault) {
|
||||
Ok((_, missing)) => missing,
|
||||
Err(e) => {
|
||||
eprintln!(
|
||||
"{}",
|
||||
formatdoc! {"
|
||||
Skipping secret resolution for merged mcp.json: {e:#}
|
||||
Continuing without resolving missing secrets
|
||||
You may need to add any additional missing secrets to the vault manually.
|
||||
"}
|
||||
);
|
||||
Vec::new()
|
||||
}
|
||||
};
|
||||
let vault = Vault::init_bare();
|
||||
let (_parsed, missing) = interpolate_secrets(&serialized, &vault)?;
|
||||
let mut deduped: Vec<String> = Vec::new();
|
||||
for s in missing {
|
||||
if !deduped.contains(&s) {
|
||||
@@ -893,7 +860,7 @@ fn handle_missing_secrets(missing: &[String]) -> Result<()> {
|
||||
}
|
||||
|
||||
fn prompt_for_each_secret(missing: &[String]) -> Result<(Vec<String>, Vec<String>)> {
|
||||
let mut vault = Vault::init_bare()?;
|
||||
let mut vault = Vault::init_bare();
|
||||
let mut password_file_ensured = false;
|
||||
let mut added = Vec::new();
|
||||
let mut deferred = Vec::new();
|
||||
@@ -947,62 +914,6 @@ fn print_secret_summary(added: &[String], deferred: &[String]) {
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use crate::utils::get_env_name;
|
||||
use serial_test::serial;
|
||||
use std::env;
|
||||
use std::time::{SystemTime, UNIX_EPOCH};
|
||||
|
||||
struct TestVaultConfigGuard {
|
||||
dir_key: String,
|
||||
file_key: String,
|
||||
previous_dir: Option<OsString>,
|
||||
previous_file: Option<OsString>,
|
||||
path: PathBuf,
|
||||
}
|
||||
|
||||
impl TestVaultConfigGuard {
|
||||
fn new(label: &str) -> Self {
|
||||
let dir_key = get_env_name("config_dir");
|
||||
let file_key = get_env_name("config_file");
|
||||
let previous_dir = env::var_os(&dir_key);
|
||||
let previous_file = env::var_os(&file_key);
|
||||
let unique = SystemTime::now()
|
||||
.duration_since(UNIX_EPOCH)
|
||||
.unwrap()
|
||||
.as_nanos();
|
||||
let path = env::temp_dir().join(format!("coyote-vault-test-{label}-{unique}"));
|
||||
fs::create_dir_all(&path).unwrap();
|
||||
let config_path = path.join("config.yaml");
|
||||
fs::write(&config_path, "{}").unwrap();
|
||||
unsafe {
|
||||
env::set_var(&dir_key, &path);
|
||||
env::set_var(&file_key, &config_path);
|
||||
}
|
||||
Self {
|
||||
dir_key,
|
||||
file_key,
|
||||
previous_dir,
|
||||
previous_file,
|
||||
path,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl Drop for TestVaultConfigGuard {
|
||||
fn drop(&mut self) {
|
||||
unsafe {
|
||||
match &self.previous_dir {
|
||||
Some(p) => env::set_var(&self.dir_key, p),
|
||||
None => env::remove_var(&self.dir_key),
|
||||
}
|
||||
match &self.previous_file {
|
||||
Some(p) => env::set_var(&self.file_key, p),
|
||||
None => env::remove_var(&self.file_key),
|
||||
}
|
||||
}
|
||||
let _ = fs::remove_dir_all(&self.path);
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_url_no_ref() {
|
||||
@@ -1342,9 +1253,7 @@ mod tests {
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn merge_into_empty_local_adds_all_remote_servers() {
|
||||
let _guard = TestVaultConfigGuard::new("merge-empty");
|
||||
let dir = fresh_temp_dir("merge-empty-");
|
||||
let remote = dir.join("remote.json");
|
||||
let target = dir.join("target.json");
|
||||
@@ -1361,9 +1270,7 @@ mod tests {
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn merge_force_replaces_local_on_conflict() {
|
||||
let _guard = TestVaultConfigGuard::new("merge-force");
|
||||
let dir = fresh_temp_dir("merge-force-");
|
||||
let remote = dir.join("remote.json");
|
||||
let target = dir.join("target.json");
|
||||
@@ -1429,9 +1336,7 @@ mod tests {
|
||||
}
|
||||
|
||||
#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
|
||||
#[serial]
|
||||
async fn merge_detects_missing_secrets_in_output() {
|
||||
let _guard = TestVaultConfigGuard::new("merge-secret");
|
||||
let dir = fresh_temp_dir("merge-secret-");
|
||||
let remote = dir.join("remote.json");
|
||||
let target = dir.join("target.json");
|
||||
@@ -1447,9 +1352,7 @@ mod tests {
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn merge_is_idempotent_on_re_run() {
|
||||
let _guard = TestVaultConfigGuard::new("merge-idempotent");
|
||||
let dir = fresh_temp_dir("merge-idempotent-");
|
||||
let remote = dir.join("remote.json");
|
||||
let target = dir.join("target.json");
|
||||
|
||||
@@ -1,733 +0,0 @@
|
||||
use std::fs;
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
use anyhow::{Context, Result};
|
||||
use log::warn;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use crate::config::{
|
||||
GIT_DIR_NAME, GITIGNORE_FILE_NAME, MEMORY_DIR_NAME, MEMORY_INDEX_FILE_NAME,
|
||||
WORKSPACE_MEMORY_DIR_NAME, WORKSPACE_MEMORY_FILE_NAME, paths,
|
||||
};
|
||||
|
||||
pub const DEFAULT_MEMORY_CAP_WITH_TOOLS: usize = 6_000;
|
||||
pub const DEFAULT_MEMORY_CAP_WITHOUT_TOOLS: usize = 12_000;
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub enum WorkspaceMemory {
|
||||
Structured {
|
||||
workspace_root: PathBuf,
|
||||
dir: PathBuf,
|
||||
},
|
||||
Lite {
|
||||
workspace_root: PathBuf,
|
||||
file: PathBuf,
|
||||
},
|
||||
}
|
||||
|
||||
pub fn discover_workspace_memory(start: &Path) -> Option<WorkspaceMemory> {
|
||||
for dir in start.ancestors() {
|
||||
let structured = dir.join(WORKSPACE_MEMORY_DIR_NAME).join(MEMORY_DIR_NAME);
|
||||
if structured.join(MEMORY_INDEX_FILE_NAME).exists() {
|
||||
return Some(WorkspaceMemory::Structured {
|
||||
workspace_root: dir.to_path_buf(),
|
||||
dir: structured,
|
||||
});
|
||||
}
|
||||
|
||||
let lite = dir.join(WORKSPACE_MEMORY_FILE_NAME);
|
||||
if lite.exists() {
|
||||
return Some(WorkspaceMemory::Lite {
|
||||
workspace_root: dir.to_path_buf(),
|
||||
file: lite,
|
||||
});
|
||||
}
|
||||
}
|
||||
None
|
||||
}
|
||||
|
||||
pub fn find_git_root(start: &Path) -> Option<PathBuf> {
|
||||
for dir in start.ancestors() {
|
||||
if dir.join(GIT_DIR_NAME).exists() {
|
||||
return Some(dir.to_path_buf());
|
||||
}
|
||||
}
|
||||
|
||||
None
|
||||
}
|
||||
|
||||
pub fn bootstrap_workspace_memory(git_root: &Path) -> Result<PathBuf> {
|
||||
let mem_dir = paths::workspace_memory_dir_for(git_root);
|
||||
fs::create_dir_all(&mem_dir)
|
||||
.with_context(|| format!("create memory dir {}", mem_dir.display()))?;
|
||||
|
||||
let index_path = mem_dir.join(MEMORY_INDEX_FILE_NAME);
|
||||
if !index_path.exists() {
|
||||
fs::write(&index_path, "# Workspace Memory Index\n\n")
|
||||
.with_context(|| format!("write {}", index_path.display()))?;
|
||||
}
|
||||
|
||||
let gitignore_appended = append_gitignore_entry(git_root)?;
|
||||
let suffix = if gitignore_appended {
|
||||
" (appended .coyote/memory/ to .gitignore)"
|
||||
} else {
|
||||
""
|
||||
};
|
||||
warn!(
|
||||
"auto-bootstrapped workspace memory at {}{}",
|
||||
mem_dir.display(),
|
||||
suffix
|
||||
);
|
||||
|
||||
Ok(mem_dir)
|
||||
}
|
||||
|
||||
fn append_gitignore_entry(git_root: &Path) -> Result<bool> {
|
||||
let gitignore = git_root.join(GITIGNORE_FILE_NAME);
|
||||
let entry = format!("{WORKSPACE_MEMORY_DIR_NAME}/{MEMORY_DIR_NAME}/");
|
||||
let entry_no_slash = format!("{WORKSPACE_MEMORY_DIR_NAME}/{MEMORY_DIR_NAME}");
|
||||
|
||||
let existing = fs::read_to_string(&gitignore).unwrap_or_default();
|
||||
let already_present = existing.lines().any(|line| {
|
||||
let trimmed = line.trim();
|
||||
trimmed == entry || trimmed == entry_no_slash
|
||||
});
|
||||
|
||||
if already_present {
|
||||
return Ok(false);
|
||||
}
|
||||
|
||||
let new_content = if existing.is_empty() {
|
||||
format!("{entry}\n")
|
||||
} else if existing.ends_with('\n') {
|
||||
format!("{existing}{entry}\n")
|
||||
} else {
|
||||
format!("{existing}\n{entry}\n")
|
||||
};
|
||||
|
||||
fs::write(&gitignore, new_content).with_context(|| format!("write {}", gitignore.display()))?;
|
||||
|
||||
Ok(true)
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Deserialize, Serialize, Default)]
|
||||
pub struct MemoryFrontmatter {
|
||||
#[serde(default)]
|
||||
pub name: String,
|
||||
#[serde(default)]
|
||||
pub description: Option<String>,
|
||||
#[serde(default, rename = "type")]
|
||||
pub kind: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct MemoryFile {
|
||||
pub path: PathBuf,
|
||||
pub frontmatter: MemoryFrontmatter,
|
||||
pub body: String,
|
||||
}
|
||||
|
||||
impl MemoryFile {
|
||||
pub fn load(path: &Path) -> Result<Self> {
|
||||
let raw = fs::read_to_string(path)
|
||||
.with_context(|| format!("read memory file {}", path.display()))?;
|
||||
let (frontmatter, body) = parse_frontmatter(&raw)
|
||||
.with_context(|| format!("parse frontmatter in {}", path.display()))?;
|
||||
|
||||
Ok(Self {
|
||||
path: path.to_path_buf(),
|
||||
frontmatter,
|
||||
body,
|
||||
})
|
||||
}
|
||||
|
||||
pub fn save(&self) -> Result<()> {
|
||||
if let Some(parent) = self.path.parent() {
|
||||
fs::create_dir_all(parent)?;
|
||||
}
|
||||
|
||||
let frontmatter_yaml = serde_yaml::to_string(&self.frontmatter)?;
|
||||
let content = format!("---\n{}---\n\n{}", frontmatter_yaml, self.body);
|
||||
|
||||
fs::write(&self.path, content)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn char_len(&self) -> usize {
|
||||
self.body.chars().count()
|
||||
}
|
||||
}
|
||||
|
||||
fn parse_frontmatter(raw: &str) -> Result<(MemoryFrontmatter, String)> {
|
||||
let trimmed = raw.trim_start();
|
||||
if !trimmed.starts_with("---") {
|
||||
return Ok((MemoryFrontmatter::default(), raw.to_string()));
|
||||
}
|
||||
|
||||
let after = &trimmed[3..];
|
||||
let Some(end) = after.find("\n---") else {
|
||||
return Ok((MemoryFrontmatter::default(), raw.to_string()));
|
||||
};
|
||||
let yaml = &after[..end];
|
||||
let body = after[end + 4..].trim_start_matches('\n').to_string();
|
||||
let frontmatter: MemoryFrontmatter =
|
||||
serde_yaml::from_str(yaml.trim()).context("parse YAML frontmatter")?;
|
||||
|
||||
Ok((frontmatter, body))
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct MemoryStore {
|
||||
pub global_dir: PathBuf,
|
||||
pub workspace: Option<WorkspaceMemory>,
|
||||
}
|
||||
|
||||
impl MemoryStore {
|
||||
pub fn new(cwd: &Path) -> Self {
|
||||
Self {
|
||||
global_dir: paths::global_memory_dir(),
|
||||
workspace: discover_workspace_memory(cwd),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn load_global_index(&self) -> Result<Option<String>> {
|
||||
let path = self.global_dir.join(MEMORY_INDEX_FILE_NAME);
|
||||
|
||||
if path.exists() {
|
||||
Ok(Some(fs::read_to_string(path)?))
|
||||
} else {
|
||||
Ok(None)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn load_workspace_index(&self) -> Result<Option<String>> {
|
||||
match &self.workspace {
|
||||
None => Ok(None),
|
||||
Some(WorkspaceMemory::Lite { file, .. }) => Ok(Some(fs::read_to_string(file)?)),
|
||||
Some(WorkspaceMemory::Structured { dir, .. }) => {
|
||||
let index = dir.join(MEMORY_INDEX_FILE_NAME);
|
||||
if index.exists() {
|
||||
Ok(Some(fs::read_to_string(index)?))
|
||||
} else {
|
||||
Ok(None)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub fn list_files(&self) -> Result<Vec<MemoryFile>> {
|
||||
let mut out = Vec::new();
|
||||
|
||||
if self.global_dir.exists() {
|
||||
collect_md_files(&self.global_dir, &mut out)?;
|
||||
}
|
||||
|
||||
if let Some(WorkspaceMemory::Structured { dir, .. }) = &self.workspace {
|
||||
collect_md_files(dir, &mut out)?;
|
||||
}
|
||||
|
||||
Ok(out)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn build_memory_section(
|
||||
store: &MemoryStore,
|
||||
with_tools: bool,
|
||||
cap: usize,
|
||||
) -> Result<Option<String>> {
|
||||
let global_index = store.load_global_index()?;
|
||||
let workspace_index = store.load_workspace_index()?;
|
||||
|
||||
if global_index.is_none() && workspace_index.is_none() {
|
||||
return Ok(None);
|
||||
}
|
||||
|
||||
let mut buf = String::from("<memory>\n");
|
||||
let mut consumed = 0usize;
|
||||
|
||||
if let Some(s) = &global_index {
|
||||
buf.push_str("<global_index>\n");
|
||||
buf.push_str(s);
|
||||
buf.push_str("\n</global_index>\n");
|
||||
consumed += s.chars().count();
|
||||
}
|
||||
|
||||
if let Some(s) = &workspace_index {
|
||||
buf.push_str("<workspace_index>\n");
|
||||
buf.push_str(s);
|
||||
buf.push_str("\n</workspace_index>\n");
|
||||
consumed += s.chars().count();
|
||||
}
|
||||
|
||||
if consumed > cap {
|
||||
warn!(
|
||||
"memory indexes ({} chars) exceed cap ({} chars); injecting fully - \
|
||||
consider raising memory_cap_* in config or shrinking MEMORY.md",
|
||||
consumed, cap
|
||||
);
|
||||
}
|
||||
|
||||
if !with_tools {
|
||||
let mut budget = cap.saturating_sub(consumed);
|
||||
let mut files = store.list_files()?;
|
||||
files.sort_by(|a, b| a.frontmatter.name.cmp(&b.frontmatter.name));
|
||||
let mut omitted = 0usize;
|
||||
for f in files {
|
||||
let needed = f.body.chars().count() + 50;
|
||||
if needed > budget {
|
||||
omitted += 1;
|
||||
continue;
|
||||
}
|
||||
buf.push_str(&format!("<file name=\"{}\">\n", f.frontmatter.name));
|
||||
buf.push_str(&f.body);
|
||||
buf.push_str("\n</file>\n");
|
||||
budget = budget.saturating_sub(needed);
|
||||
}
|
||||
|
||||
if omitted > 0 {
|
||||
buf.push_str(&format!(
|
||||
"<!-- {} memory file(s) omitted; enable function calling for full access -->\n",
|
||||
omitted
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
buf.push_str("</memory>");
|
||||
Ok(Some(buf))
|
||||
}
|
||||
|
||||
fn collect_md_files(dir: &Path, out: &mut Vec<MemoryFile>) -> Result<()> {
|
||||
for entry in fs::read_dir(dir)? {
|
||||
let entry = entry?;
|
||||
let path = entry.path();
|
||||
if path.extension().and_then(|e| e.to_str()) != Some("md") {
|
||||
continue;
|
||||
}
|
||||
|
||||
if path.file_name().and_then(|n| n.to_str()) == Some(MEMORY_INDEX_FILE_NAME) {
|
||||
continue;
|
||||
}
|
||||
|
||||
match MemoryFile::load(&path) {
|
||||
Ok(f) => out.push(f),
|
||||
Err(e) => warn!("skip malformed memory file {}: {}", path.display(), e),
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use std::{env, time};
|
||||
use time::SystemTime;
|
||||
|
||||
fn temp_root(label: &str) -> PathBuf {
|
||||
let unique = SystemTime::now()
|
||||
.duration_since(time::UNIX_EPOCH)
|
||||
.unwrap()
|
||||
.as_nanos();
|
||||
let root = env::temp_dir().join(format!("coyote-memory-{label}-{unique}"));
|
||||
fs::create_dir_all(&root).unwrap();
|
||||
root
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn loads_global_and_workspace_indexes_from_test_dirs() {
|
||||
let root = temp_root("phase1");
|
||||
let workspace = root.join("workspace");
|
||||
let workspace_memory_dir = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&workspace_memory_dir).unwrap();
|
||||
fs::write(
|
||||
workspace_memory_dir.join(MEMORY_INDEX_FILE_NAME),
|
||||
"workspace-content",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let global = root.join("global");
|
||||
fs::create_dir_all(&global).unwrap();
|
||||
fs::write(global.join(MEMORY_INDEX_FILE_NAME), "global-content").unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: global,
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
assert_eq!(
|
||||
store.load_global_index().unwrap().as_deref(),
|
||||
Some("global-content")
|
||||
);
|
||||
assert_eq!(
|
||||
store.load_workspace_index().unwrap().as_deref(),
|
||||
Some("workspace-content")
|
||||
);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn workspace_discovery_prefers_structured_over_lite() {
|
||||
let root = temp_root("prefer");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(structured.join(MEMORY_INDEX_FILE_NAME), "s").unwrap();
|
||||
fs::write(workspace.join(WORKSPACE_MEMORY_FILE_NAME), "l").unwrap();
|
||||
|
||||
let found = discover_workspace_memory(&workspace);
|
||||
assert!(matches!(found, Some(WorkspaceMemory::Structured { .. })));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_memory_section_returns_none_when_no_memory_exists() {
|
||||
let root = temp_root("none");
|
||||
let workspace = root.join("ws");
|
||||
fs::create_dir_all(&workspace).unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("global"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
assert!(build_memory_section(&store, true, 6_000).unwrap().is_none());
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_memory_section_injects_only_indexes_with_tools_on() {
|
||||
let root = temp_root("indexes_only");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(
|
||||
structured.join(MEMORY_INDEX_FILE_NAME),
|
||||
"workspace-index-content",
|
||||
)
|
||||
.unwrap();
|
||||
fs::write(
|
||||
structured.join("foo.md"),
|
||||
"---\nname: foo\n---\nfoo body that should not appear\n",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("global"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let section = build_memory_section(&store, true, 6_000)
|
||||
.unwrap()
|
||||
.expect("memory section should exist");
|
||||
assert!(section.contains("workspace-index-content"));
|
||||
assert!(!section.contains("foo body that should not appear"));
|
||||
assert!(section.starts_with("<memory>"));
|
||||
assert!(section.ends_with("</memory>"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_memory_section_injects_drill_bodies_alphabetically_without_tools() {
|
||||
let root = temp_root("drill_bodies");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(structured.join(MEMORY_INDEX_FILE_NAME), "idx").unwrap();
|
||||
fs::write(
|
||||
structured.join("zebra.md"),
|
||||
"---\nname: zebra\n---\nzebra body\n",
|
||||
)
|
||||
.unwrap();
|
||||
fs::write(
|
||||
structured.join("alpha.md"),
|
||||
"---\nname: alpha\n---\nalpha body\n",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("global"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let section = build_memory_section(&store, false, 6_000)
|
||||
.unwrap()
|
||||
.expect("memory section should exist");
|
||||
let alpha_pos = section.find("alpha body").expect("alpha body missing");
|
||||
let zebra_pos = section.find("zebra body").expect("zebra body missing");
|
||||
assert!(alpha_pos < zebra_pos, "drill bodies must be alphabetical");
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_memory_section_omits_drill_bodies_when_cap_exceeded() {
|
||||
let root = temp_root("cap");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(structured.join(MEMORY_INDEX_FILE_NAME), "idx").unwrap();
|
||||
let big_body = "x".repeat(200);
|
||||
fs::write(
|
||||
structured.join("big.md"),
|
||||
format!("---\nname: big\n---\n{}\n", big_body),
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("global"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let section = build_memory_section(&store, false, 100)
|
||||
.unwrap()
|
||||
.expect("memory section should exist");
|
||||
assert!(!section.contains(&big_body));
|
||||
assert!(section.contains("memory file(s) omitted"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_frontmatter_extracts_yaml() {
|
||||
let raw = "---\nname: foo\ndescription: a thing\ntype: user\n---\nBody text\n";
|
||||
|
||||
let (fm, body) = parse_frontmatter(raw).unwrap();
|
||||
|
||||
assert_eq!(fm.name, "foo");
|
||||
assert_eq!(fm.description.as_deref(), Some("a thing"));
|
||||
assert_eq!(fm.kind.as_deref(), Some("user"));
|
||||
assert_eq!(body, "Body text\n");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_frontmatter_handles_missing_block() {
|
||||
let raw = "# Just markdown, no frontmatter\nbody";
|
||||
|
||||
let (fm, body) = parse_frontmatter(raw).unwrap();
|
||||
|
||||
assert_eq!(fm.name, "");
|
||||
assert!(fm.kind.is_none());
|
||||
assert_eq!(body, raw);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn parse_frontmatter_handles_unterminated_block() {
|
||||
let raw = "---\nname: oops\nno closing delimiter\n# rest of doc";
|
||||
|
||||
let (fm, body) = parse_frontmatter(raw).unwrap();
|
||||
|
||||
assert_eq!(fm.name, "");
|
||||
assert_eq!(body, raw);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn memory_file_save_and_load_roundtrip() {
|
||||
let root = temp_root("roundtrip");
|
||||
let path = root.join("test.md");
|
||||
let file = MemoryFile {
|
||||
path: path.clone(),
|
||||
frontmatter: MemoryFrontmatter {
|
||||
name: "test".into(),
|
||||
description: Some("a test".into()),
|
||||
kind: Some("user".into()),
|
||||
},
|
||||
body: "Hello world\nmore text".into(),
|
||||
};
|
||||
file.save().unwrap();
|
||||
let loaded = MemoryFile::load(&path).unwrap();
|
||||
assert_eq!(loaded.frontmatter.name, "test");
|
||||
assert_eq!(loaded.frontmatter.description.as_deref(), Some("a test"));
|
||||
assert_eq!(loaded.frontmatter.kind.as_deref(), Some("user"));
|
||||
assert_eq!(loaded.body, "Hello world\nmore text");
|
||||
|
||||
let raw = fs::read_to_string(&path).unwrap();
|
||||
assert!(raw.contains("type: user"), "kind must serialize as 'type:'");
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn discover_walks_up_from_nested_dir() {
|
||||
let root = temp_root("walk_up");
|
||||
let workspace = root.join("ws");
|
||||
let mem_dir = workspace
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME);
|
||||
fs::create_dir_all(&mem_dir).unwrap();
|
||||
fs::write(mem_dir.join(MEMORY_INDEX_FILE_NAME), "idx").unwrap();
|
||||
let nested = workspace.join("src").join("deep").join("path");
|
||||
fs::create_dir_all(&nested).unwrap();
|
||||
|
||||
let found = discover_workspace_memory(&nested);
|
||||
assert!(matches!(found, Some(WorkspaceMemory::Structured { .. })));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn find_git_root_returns_dir_containing_git_dir() {
|
||||
let root = temp_root("git_root");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
|
||||
assert_eq!(find_git_root(&repo), Some(repo.clone()));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn find_git_root_walks_up_from_nested_dir() {
|
||||
let root = temp_root("git_root_walk");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
let nested = repo.join("a").join("b").join("c");
|
||||
fs::create_dir_all(&nested).unwrap();
|
||||
|
||||
assert_eq!(find_git_root(&nested), Some(repo));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn find_git_root_treats_git_file_as_repo_marker() {
|
||||
let root = temp_root("git_root_worktree");
|
||||
let worktree = root.join("worktree");
|
||||
fs::create_dir_all(&worktree).unwrap();
|
||||
fs::write(
|
||||
worktree.join(GIT_DIR_NAME),
|
||||
"gitdir: /elsewhere/.git/worktrees/wt\n",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(find_git_root(&worktree), Some(worktree));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn find_git_root_returns_none_when_no_git() {
|
||||
let root = temp_root("git_root_missing");
|
||||
let bare = root.join("bare");
|
||||
fs::create_dir_all(&bare).unwrap();
|
||||
|
||||
assert_eq!(find_git_root(&bare), None);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_creates_structured_layout_and_index() {
|
||||
let root = temp_root("bootstrap_layout");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
|
||||
let mem_dir = bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
assert_eq!(mem_dir, paths::workspace_memory_dir_for(&repo));
|
||||
assert!(mem_dir.is_dir());
|
||||
let index = mem_dir.join(MEMORY_INDEX_FILE_NAME);
|
||||
assert!(index.exists());
|
||||
let body = fs::read_to_string(&index).unwrap();
|
||||
assert!(body.starts_with("# Workspace Memory Index"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_creates_gitignore_when_absent() {
|
||||
let root = temp_root("bootstrap_gi_new");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
|
||||
bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
let gi = repo.join(GITIGNORE_FILE_NAME);
|
||||
assert!(gi.exists());
|
||||
let body = fs::read_to_string(&gi).unwrap();
|
||||
assert!(body.contains(".coyote/memory/"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_appends_to_existing_gitignore_without_trailing_newline() {
|
||||
let root = temp_root("bootstrap_gi_append");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
fs::write(repo.join(GITIGNORE_FILE_NAME), "target/").unwrap();
|
||||
|
||||
bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
let body = fs::read_to_string(repo.join(GITIGNORE_FILE_NAME)).unwrap();
|
||||
assert!(body.contains("target/"));
|
||||
assert!(body.contains(".coyote/memory/"));
|
||||
assert!(body.ends_with('\n'));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_is_idempotent_on_gitignore_entry() {
|
||||
let root = temp_root("bootstrap_gi_idempotent");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
let original = "target/\n.coyote/memory/\n";
|
||||
fs::write(repo.join(GITIGNORE_FILE_NAME), original).unwrap();
|
||||
|
||||
bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
let body = fs::read_to_string(repo.join(GITIGNORE_FILE_NAME)).unwrap();
|
||||
assert_eq!(body, original, "gitignore must be untouched");
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_treats_entry_without_trailing_slash_as_present() {
|
||||
let root = temp_root("bootstrap_gi_no_slash");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
let original = ".coyote/memory\n";
|
||||
fs::write(repo.join(GITIGNORE_FILE_NAME), original).unwrap();
|
||||
|
||||
bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
let body = fs::read_to_string(repo.join(GITIGNORE_FILE_NAME)).unwrap();
|
||||
assert_eq!(body, original);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn bootstrap_does_not_clobber_existing_index() {
|
||||
let root = temp_root("bootstrap_existing_index");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(GIT_DIR_NAME)).unwrap();
|
||||
let mem_dir = paths::workspace_memory_dir_for(&repo);
|
||||
fs::create_dir_all(&mem_dir).unwrap();
|
||||
let preserved = "# Custom Index\n\n- [[foo]]: keep me\n";
|
||||
fs::write(mem_dir.join(MEMORY_INDEX_FILE_NAME), preserved).unwrap();
|
||||
|
||||
bootstrap_workspace_memory(&repo).unwrap();
|
||||
|
||||
let body = fs::read_to_string(mem_dir.join(MEMORY_INDEX_FILE_NAME)).unwrap();
|
||||
assert_eq!(body, preserved);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
}
|
||||
+4
-37
@@ -5,9 +5,8 @@ mod input;
|
||||
mod install_remote;
|
||||
mod macros;
|
||||
mod mcp_factory;
|
||||
pub(crate) mod memory;
|
||||
pub(crate) mod paths;
|
||||
pub(crate) mod prompts;
|
||||
mod prompts;
|
||||
mod rag_cache;
|
||||
mod request_context;
|
||||
mod role;
|
||||
@@ -29,7 +28,7 @@ pub use self::app_state::AppState;
|
||||
pub use self::input::Input;
|
||||
pub use self::install_remote::{install_remote, install_remote_from_repl_args};
|
||||
#[allow(unused_imports)]
|
||||
pub use self::request_context::{RenderMode, RequestContext, should_inject_skill_instructions};
|
||||
pub use self::request_context::{RenderMode, RequestContext};
|
||||
pub use self::role::{
|
||||
CODE_ROLE, CREATE_TITLE_ROLE, EXPLAIN_SHELL_ROLE, Role, RoleLike, SHELL_ROLE,
|
||||
};
|
||||
@@ -139,16 +138,6 @@ const GLOBAL_TOOLS_DIR_NAME: &str = "tools";
|
||||
const GLOBAL_TOOLS_UTILS_DIR_NAME: &str = "utils";
|
||||
const BASH_PROMPT_UTILS_FILE_NAME: &str = "prompt-utils.sh";
|
||||
const MCP_FILE_NAME: &str = "mcp.json";
|
||||
const MEMORY_DIR_NAME: &str = "memory";
|
||||
const MEMORY_INDEX_FILE_NAME: &str = "MEMORY.md";
|
||||
const WORKSPACE_MEMORY_FILE_NAME: &str = "COYOTE.md";
|
||||
const WORKSPACE_MEMORY_DIR_NAME: &str = ".coyote";
|
||||
const SBX_KIT_DIR_NAME: &str = "sbx-kit";
|
||||
const SBX_KIT_HASH_FILE: &str = "kit.sha256";
|
||||
const SBX_MIXIN_FILE_NAME: &str = "sbx-mixin.yaml";
|
||||
const SBX_VAULT_MIXINS_DIR_NAME: &str = "sbx-vault-mixins";
|
||||
const GIT_DIR_NAME: &str = ".git";
|
||||
const GITIGNORE_FILE_NAME: &str = ".gitignore";
|
||||
const DEFAULT_VISIBLE_TOOLS: [&str; 18] = [
|
||||
"execute_command.sh",
|
||||
"execute_py_code.py",
|
||||
@@ -225,8 +214,6 @@ pub struct Config {
|
||||
pub max_auto_continues: usize,
|
||||
pub inject_todo_instructions: bool,
|
||||
pub continuation_prompt: Option<String>,
|
||||
pub inject_skill_instructions: bool,
|
||||
pub skill_instructions: Option<String>,
|
||||
|
||||
pub repl_prelude: Option<String>,
|
||||
pub cmd_prelude: Option<String>,
|
||||
@@ -237,10 +224,6 @@ pub struct Config {
|
||||
pub summarization_prompt: Option<String>,
|
||||
pub summary_context_prompt: Option<String>,
|
||||
|
||||
pub memory: Option<bool>,
|
||||
pub memory_cap_with_tools: Option<usize>,
|
||||
pub memory_cap_without_tools: Option<usize>,
|
||||
|
||||
pub rag_embedding_model: Option<String>,
|
||||
pub rag_reranker_model: Option<String>,
|
||||
pub rag_top_k: usize,
|
||||
@@ -297,8 +280,6 @@ impl Default for Config {
|
||||
max_auto_continues: 10,
|
||||
inject_todo_instructions: true,
|
||||
continuation_prompt: None,
|
||||
inject_skill_instructions: true,
|
||||
skill_instructions: None,
|
||||
|
||||
repl_prelude: None,
|
||||
cmd_prelude: None,
|
||||
@@ -309,10 +290,6 @@ impl Default for Config {
|
||||
summarization_prompt: None,
|
||||
summary_context_prompt: None,
|
||||
|
||||
memory: None,
|
||||
memory_cap_with_tools: None,
|
||||
memory_cap_without_tools: None,
|
||||
|
||||
rag_embedding_model: None,
|
||||
rag_reranker_model: None,
|
||||
rag_top_k: 5,
|
||||
@@ -369,12 +346,6 @@ impl AssetCategory {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Copy, PartialEq, Eq, clap::ValueEnum)]
|
||||
pub enum MemoryScope {
|
||||
Global,
|
||||
Workspace,
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Copy, PartialEq, Eq, clap::ValueEnum)]
|
||||
pub enum InstallFilter {
|
||||
Agents,
|
||||
@@ -516,10 +487,9 @@ impl Config {
|
||||
|
||||
let bootstrap_app = AppConfig {
|
||||
vault_password_file: config.vault_password_file.clone(),
|
||||
secrets_provider: config.secrets_provider.clone(),
|
||||
..AppConfig::default()
|
||||
};
|
||||
let vault = Vault::init(&bootstrap_app)?;
|
||||
let vault = Vault::init(&bootstrap_app);
|
||||
let (parsed_config, missing_secrets) = interpolate_secrets(&content, &vault)?;
|
||||
if !missing_secrets.is_empty() && !info_flag {
|
||||
debug!(
|
||||
@@ -671,9 +641,6 @@ bitflags::bitflags! {
|
||||
const SESSION = 1 << 2;
|
||||
const RAG = 1 << 3;
|
||||
const AGENT = 1 << 4;
|
||||
const FUNCTION_CALLING = 1 << 5;
|
||||
const AUTO_CONTINUE = 1 << 6;
|
||||
const SKILLS_ENABLED = 1 << 7;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -717,7 +684,7 @@ pub async fn create_config_file(config_path: &Path) -> Result<()> {
|
||||
|
||||
let provider_choice = prompt_provider_choice()?;
|
||||
let mut vault = match &provider_choice {
|
||||
None => Vault::default_local(),
|
||||
None => Vault::init_bare(),
|
||||
Some(provider) => Vault {
|
||||
provider: provider.clone(),
|
||||
},
|
||||
|
||||
+11
-346
@@ -2,10 +2,8 @@ use super::role::Role;
|
||||
use super::{
|
||||
AGENT_GRAPH_FILE_NAME, AGENTS_DIR_NAME, BASH_PROMPT_UTILS_FILE_NAME, CONFIG_FILE_NAME,
|
||||
ENV_FILE_NAME, FUNCTIONS_BIN_DIR_NAME, FUNCTIONS_DIR_NAME, GLOBAL_TOOLS_DIR_NAME,
|
||||
GLOBAL_TOOLS_UTILS_DIR_NAME, MACROS_DIR_NAME, MCP_FILE_NAME, MEMORY_DIR_NAME,
|
||||
MEMORY_INDEX_FILE_NAME, ModelsOverride, RAGS_DIR_NAME, ROLES_DIR_NAME, SBX_KIT_DIR_NAME,
|
||||
SBX_KIT_HASH_FILE, SBX_MIXIN_FILE_NAME, SBX_VAULT_MIXINS_DIR_NAME, SKILLS_DIR_NAME,
|
||||
WORKSPACE_MEMORY_DIR_NAME,
|
||||
GLOBAL_TOOLS_UTILS_DIR_NAME, MACROS_DIR_NAME, MCP_FILE_NAME, ModelsOverride, RAGS_DIR_NAME,
|
||||
ROLES_DIR_NAME, SKILLS_DIR_NAME,
|
||||
};
|
||||
use crate::client::ProviderModels;
|
||||
use crate::utils::{get_env_name, list_file_names, normalize_env_name};
|
||||
@@ -15,7 +13,7 @@ use log::LevelFilter;
|
||||
use std::collections::HashSet;
|
||||
use std::env;
|
||||
use std::fs::{read_dir, read_to_string};
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::path::PathBuf;
|
||||
|
||||
pub fn config_dir() -> PathBuf {
|
||||
if let Ok(v) = env::var(get_env_name("config_dir")) {
|
||||
@@ -37,89 +35,6 @@ pub fn cache_path() -> PathBuf {
|
||||
base_dir.join(env!("CARGO_CRATE_NAME"))
|
||||
}
|
||||
|
||||
pub fn sandbox_kit_override() -> Option<PathBuf> {
|
||||
env::var_os(get_env_name("sandbox_kit")).map(PathBuf::from)
|
||||
}
|
||||
|
||||
pub fn translate_sandboxed_home_path(path: &Path) -> Option<PathBuf> {
|
||||
env::var_os("IS_SANDBOX")?;
|
||||
|
||||
let s = path.to_str()?;
|
||||
|
||||
if let Some(translated) = translate_unix_home_style(s, "/home/") {
|
||||
return Some(translated);
|
||||
}
|
||||
|
||||
if let Some(translated) = translate_unix_home_style(s, "/Users/") {
|
||||
return Some(translated);
|
||||
}
|
||||
|
||||
translate_windows_users_path(s)
|
||||
}
|
||||
|
||||
fn translate_unix_home_style(s: &str, prefix: &str) -> Option<PathBuf> {
|
||||
let rest = s.strip_prefix(prefix)?;
|
||||
let (user, tail) = match rest.split_once('/') {
|
||||
Some((u, t)) => (u, t),
|
||||
None => (rest, ""),
|
||||
};
|
||||
|
||||
if user.is_empty() || user == "agent" {
|
||||
return None;
|
||||
}
|
||||
|
||||
Some(if tail.is_empty() {
|
||||
PathBuf::from("/home/agent")
|
||||
} else {
|
||||
PathBuf::from(format!("/home/agent/{tail}"))
|
||||
})
|
||||
}
|
||||
|
||||
fn translate_windows_users_path(s: &str) -> Option<PathBuf> {
|
||||
let bytes = s.as_bytes();
|
||||
if bytes.len() < 4 || !bytes[0].is_ascii_alphabetic() || bytes[1] != b':' || bytes[2] != b'\\' {
|
||||
return None;
|
||||
}
|
||||
|
||||
let after_drive = &s[3..];
|
||||
let rest = after_drive.strip_prefix("Users\\")?;
|
||||
let (user, tail) = match rest.split_once('\\') {
|
||||
Some((u, t)) => (u, t.replace('\\', "/")),
|
||||
None => (rest, String::new()),
|
||||
};
|
||||
|
||||
if user.is_empty() || user == "agent" {
|
||||
return None;
|
||||
}
|
||||
|
||||
Some(if tail.is_empty() {
|
||||
PathBuf::from("/home/agent")
|
||||
} else {
|
||||
PathBuf::from(format!("/home/agent/{tail}"))
|
||||
})
|
||||
}
|
||||
|
||||
pub fn sbx_mixin_file() -> PathBuf {
|
||||
config_dir().join(SBX_MIXIN_FILE_NAME)
|
||||
}
|
||||
|
||||
pub fn global_tools_sbx_mixin_file() -> PathBuf {
|
||||
functions_dir().join(SBX_MIXIN_FILE_NAME)
|
||||
}
|
||||
|
||||
pub fn find_workspace_sbx_mixin(start: &Path) -> Option<PathBuf> {
|
||||
for dir in start.ancestors() {
|
||||
let candidate = dir
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(SBX_MIXIN_FILE_NAME);
|
||||
if candidate.exists() {
|
||||
return Some(candidate);
|
||||
}
|
||||
}
|
||||
|
||||
None
|
||||
}
|
||||
|
||||
pub fn oauth_tokens_path() -> PathBuf {
|
||||
cache_path().join("oauth")
|
||||
}
|
||||
@@ -132,22 +47,6 @@ pub fn log_path() -> PathBuf {
|
||||
cache_path().join(format!("{}.log", env!("CARGO_CRATE_NAME")))
|
||||
}
|
||||
|
||||
pub fn sbx_kit_dir() -> PathBuf {
|
||||
cache_path().join(SBX_KIT_DIR_NAME)
|
||||
}
|
||||
|
||||
pub fn sbx_kit_hash_file() -> PathBuf {
|
||||
sbx_kit_dir().join(SBX_KIT_HASH_FILE)
|
||||
}
|
||||
|
||||
pub fn sbx_vault_mixins_dir() -> PathBuf {
|
||||
cache_path().join(SBX_VAULT_MIXINS_DIR_NAME)
|
||||
}
|
||||
|
||||
pub fn sbx_vault_mixins_hash_file() -> PathBuf {
|
||||
sbx_vault_mixins_dir().join(SBX_KIT_HASH_FILE)
|
||||
}
|
||||
|
||||
pub fn config_file() -> PathBuf {
|
||||
match env::var(get_env_name("config_file")) {
|
||||
Ok(value) => PathBuf::from(value),
|
||||
@@ -296,20 +195,6 @@ pub fn models_override_file() -> PathBuf {
|
||||
local_path("models-override.yaml")
|
||||
}
|
||||
|
||||
pub fn global_memory_dir() -> PathBuf {
|
||||
config_dir().join(MEMORY_DIR_NAME)
|
||||
}
|
||||
|
||||
pub fn global_memory_index_path() -> PathBuf {
|
||||
global_memory_dir().join(MEMORY_INDEX_FILE_NAME)
|
||||
}
|
||||
|
||||
pub fn workspace_memory_dir_for(workspace_root: &Path) -> PathBuf {
|
||||
workspace_root
|
||||
.join(WORKSPACE_MEMORY_DIR_NAME)
|
||||
.join(MEMORY_DIR_NAME)
|
||||
}
|
||||
|
||||
pub fn log_config() -> Result<(LevelFilter, Option<PathBuf>)> {
|
||||
let log_level = env::var(get_env_name("log_level"))
|
||||
.ok()
|
||||
@@ -385,7 +270,6 @@ pub fn list_skills() -> Vec<String> {
|
||||
&& file_type.is_dir()
|
||||
&& let Some(name) = entry.file_name().to_str()
|
||||
&& entry.path().join("SKILL.md").is_file()
|
||||
&& validate_skill_name(name).is_ok()
|
||||
{
|
||||
names.push(name.to_string());
|
||||
}
|
||||
@@ -397,6 +281,10 @@ pub fn list_skills() -> Vec<String> {
|
||||
}
|
||||
|
||||
pub fn has_skill(name: &str) -> bool {
|
||||
if validate_skill_name(name).is_err() {
|
||||
return false;
|
||||
}
|
||||
|
||||
skill_file(name).is_file()
|
||||
}
|
||||
|
||||
@@ -419,7 +307,6 @@ pub fn local_models_override() -> Result<Vec<ProviderModels>> {
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use std::{fs, time};
|
||||
|
||||
#[test]
|
||||
fn validate_skill_name_accepts_alphanumerics_and_dashes() {
|
||||
@@ -456,234 +343,12 @@ mod tests {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn has_skill_returns_false_for_missing_paths() {
|
||||
for absent in ["definitely-not-installed-skill-xyz", "another-missing"] {
|
||||
fn has_skill_returns_false_for_invalid_names() {
|
||||
for bad in ["", "../escape", "foo/bar", ".hidden", "with space"] {
|
||||
assert!(
|
||||
!has_skill(absent),
|
||||
"has_skill({absent:?}) should be false for a missing skill"
|
||||
!has_skill(bad),
|
||||
"has_skill({bad:?}) should be false for an invalid name"
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
mod sandbox_home_translation {
|
||||
use super::*;
|
||||
use serial_test::serial;
|
||||
|
||||
fn with_sandbox<F: FnOnce()>(f: F) {
|
||||
let prev = env::var_os("IS_SANDBOX");
|
||||
unsafe {
|
||||
env::set_var("IS_SANDBOX", "1");
|
||||
}
|
||||
f();
|
||||
unsafe {
|
||||
match prev {
|
||||
Some(v) => env::set_var("IS_SANDBOX", v),
|
||||
None => env::remove_var("IS_SANDBOX"),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn without_sandbox<F: FnOnce()>(f: F) {
|
||||
let prev = env::var_os("IS_SANDBOX");
|
||||
unsafe {
|
||||
env::remove_var("IS_SANDBOX");
|
||||
}
|
||||
f();
|
||||
unsafe {
|
||||
if let Some(v) = prev {
|
||||
env::set_var("IS_SANDBOX", v);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_when_not_in_sandbox() {
|
||||
without_sandbox(|| {
|
||||
let p = Path::new("/home/atusa/.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_host_home_to_agent_home() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/home/atusa/.coyote_password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.coyote_password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_nested_host_home_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/home/atusa/.config/coyote/.password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.config/coyote/.password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_when_path_already_targets_agent_home() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/home/agent/.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_when_path_is_outside_home() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/etc/coyote/.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_for_relative_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new(".coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_for_first_segment_not_home() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/opt/atusa/.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_macos_users_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/Users/atusa/.coyote_password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.coyote_password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_macos_nested_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/Users/atusa/.config/coyote/.password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.config/coyote/.password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_when_macos_path_already_targets_agent() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("/Users/agent/.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_windows_drive_letter_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("C:\\Users\\atusa\\.coyote_password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.coyote_password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn translates_windows_nested_path() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("D:\\Users\\atusa\\.config\\coyote\\.password");
|
||||
assert_eq!(
|
||||
translate_sandboxed_home_path(p),
|
||||
Some(PathBuf::from("/home/agent/.config/coyote/.password"))
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_none_when_windows_path_already_targets_agent() {
|
||||
with_sandbox(|| {
|
||||
let p = Path::new("C:\\Users\\agent\\.coyote_password");
|
||||
assert_eq!(translate_sandboxed_home_path(p), None);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sandbox_kit_override_reflects_env_var_state() {
|
||||
let env_name = get_env_name("sandbox_kit");
|
||||
let prev = env::var_os(&env_name);
|
||||
|
||||
unsafe {
|
||||
env::remove_var(&env_name);
|
||||
}
|
||||
assert_eq!(sandbox_kit_override(), None);
|
||||
|
||||
let probe = PathBuf::from("/tmp/coyote-sandbox-kit-probe");
|
||||
unsafe {
|
||||
env::set_var(&env_name, &probe);
|
||||
}
|
||||
assert_eq!(sandbox_kit_override(), Some(probe));
|
||||
|
||||
unsafe {
|
||||
match prev {
|
||||
Some(v) => env::set_var(&env_name, v),
|
||||
None => env::remove_var(&env_name),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn list_skills_skips_invalid_directory_names() {
|
||||
let unique = time::SystemTime::now()
|
||||
.duration_since(time::UNIX_EPOCH)
|
||||
.unwrap()
|
||||
.as_nanos();
|
||||
let root = env::temp_dir().join(format!("coyote-list-skills-test-{unique}"));
|
||||
fs::create_dir_all(&root).unwrap();
|
||||
let prev = env::var_os(get_env_name("skills_dir"));
|
||||
unsafe {
|
||||
env::set_var(get_env_name("skills_dir"), &root);
|
||||
}
|
||||
|
||||
for name in ["valid-skill", "with space", ".hidden", "dot.name"] {
|
||||
let dir = root.join(name);
|
||||
fs::create_dir_all(&dir).unwrap();
|
||||
fs::write(dir.join("SKILL.md"), "body").unwrap();
|
||||
}
|
||||
|
||||
let listed = list_skills();
|
||||
assert_eq!(listed, vec!["valid-skill".to_string()]);
|
||||
|
||||
unsafe {
|
||||
match prev {
|
||||
Some(v) => env::set_var(get_env_name("skills_dir"), v),
|
||||
None => env::remove_var(get_env_name("skills_dir")),
|
||||
}
|
||||
}
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,50 +1,5 @@
|
||||
use indoc::indoc;
|
||||
|
||||
pub(crate) const DEFAULT_SKILL_INSTRUCTIONS: &str = indoc! {"
|
||||
## Skills
|
||||
Specialized skills may be available in this context. Call `skill__list` early in a task to
|
||||
discover any that match the work, then `skill__load` the relevant ones. Their instructions and
|
||||
granted tools will become active for subsequent turns. Call `skill__unload` when their work is
|
||||
complete to keep the context lean."
|
||||
};
|
||||
|
||||
pub(crate) const DEFAULT_MEMORY_INSTRUCTIONS: &str = indoc! {"
|
||||
## Memory
|
||||
A persistent memory file system survives across sessions. The MEMORY.md content shown above is
|
||||
your always-on context (universal facts, hard rules, binding feedback). Drill files hold deeper,
|
||||
on-demand context that you fetch with `memory__read`.
|
||||
|
||||
Tools:
|
||||
- `memory__read(name)`: Read a specific drill file's full content.
|
||||
- `memory__write(name, content, scope)`: Create or replace a drill file (scope: 'global' | 'workspace').
|
||||
The MEMORY.md index is appended automatically; do not also update the index by hand.
|
||||
- `memory__edit_index(scope, content)`: Replace the entire MEMORY.md at the given scope.
|
||||
Use this to add always-on facts, reorganize, prune stale entries, or fix descriptions.
|
||||
- `memory__list()`: See all known drill files and their metadata.
|
||||
- `memory__lint()`: Health-check memory for orphans, broken links, oversized files.
|
||||
|
||||
RULES:
|
||||
- Every interaction has two outputs: your answer AND any memory updates the conversation warrants.
|
||||
Don't let learnings evaporate into chat history.
|
||||
- All MEMORY.md edits MUST go through `memory__edit_index`. NEVER use `fs_write`, `fs_patch`,
|
||||
or any other generic file tool on MEMORY.md — Coyote manages its location and a stray
|
||||
MEMORY.md outside the managed path is invisible to memory.
|
||||
- All drill files MUST go through `memory__write`. The index updates itself.
|
||||
- Use [[wikilink]] notation in memory files to reference other memories by their `name:` slug.
|
||||
- NEVER write secrets, credentials, or API keys to memory — memory is plaintext on disk.
|
||||
Use coyote's Vault for secrets.
|
||||
- Keep individual drill files focused (under ~2K chars). Split large topics across linked files."
|
||||
};
|
||||
|
||||
pub(crate) const DEFAULT_MEMORY_INSTRUCTIONS_READONLY: &str = indoc! {"
|
||||
## Memory (read-only)
|
||||
The memory content shown above persists across sessions. In this session it is READ-ONLY — the user
|
||||
maintains memory files manually outside the conversation.
|
||||
|
||||
Reference the memory content as authoritative context about the user and their workspace.
|
||||
Do not propose writing to memory or call any `memory__*` tools — they are unavailable."
|
||||
};
|
||||
|
||||
pub(in crate::config) const DEFAULT_TODO_INSTRUCTIONS: &str = indoc! {"
|
||||
## Task Tracking
|
||||
You have built-in task tracking tools. Use them to track your progress:
|
||||
@@ -99,36 +54,6 @@ pub(in crate::config) const DEFAULT_SPAWN_INSTRUCTIONS: &str = indoc! {"
|
||||
agent__collect --id agent_explore_e5f6g7h8
|
||||
```
|
||||
|
||||
### CRITICAL: Never end your turn with pending agents
|
||||
|
||||
Spawned agents do NOT report back on their own. They run in the background until you
|
||||
actively reclaim them with `agent__collect` (to get their output) or `agent__cancel`
|
||||
(to discard them). If you spawn agents and then emit a final message without reclaiming
|
||||
them, the system will detect the unreclaimed agents and reject the turn-end, injecting
|
||||
a reminder forcing you to handle them. After several such reminders, the system will
|
||||
auto-cancel them and warn you that work was lost.
|
||||
|
||||
The correct flow when you have nothing else to do:
|
||||
|
||||
```
|
||||
# WRONG - do NOT do this:
|
||||
agent__spawn --agent explore --prompt \"...\"
|
||||
agent__spawn --agent explore --prompt \"...\"
|
||||
# ... emit text like \"I will synthesize once they report back.\" and stop
|
||||
# ^ The agents will be abandoned. Their output will be lost.
|
||||
|
||||
# RIGHT - always do this:
|
||||
agent__spawn --agent explore --prompt \"...\"
|
||||
agent__spawn --agent explore --prompt \"...\"
|
||||
agent__collect --id <first_id> # blocks until done
|
||||
agent__collect --id <second_id> # blocks until done
|
||||
# ... NOW you can synthesize and end your turn
|
||||
```
|
||||
|
||||
`agent__collect` is a **blocking wait**: it pauses your execution until the agent
|
||||
completes, then returns the output as a tool result. Use it freely — it is the
|
||||
correct primitive for \"I'm done with my own work and just need the agents' results\".
|
||||
|
||||
### Parallel Spawning (DEFAULT for multi-agent work)
|
||||
|
||||
When a task needs multiple agents, **spawn them all at once**, then collect:
|
||||
|
||||
+22
-923
File diff suppressed because it is too large
Load Diff
@@ -79,12 +79,6 @@ pub struct Role {
|
||||
inject_todo_instructions: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
continuation_prompt: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
inject_skill_instructions: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
skill_instructions: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
memory: Option<bool>,
|
||||
|
||||
#[serde(skip)]
|
||||
model: Model,
|
||||
@@ -130,11 +124,6 @@ impl Role {
|
||||
"continuation_prompt" => {
|
||||
role.continuation_prompt = value.as_str().map(|v| v.to_string())
|
||||
}
|
||||
"inject_skill_instructions" => role.inject_skill_instructions = value.as_bool(),
|
||||
"skill_instructions" => {
|
||||
role.skill_instructions = value.as_str().map(|v| v.to_string())
|
||||
}
|
||||
"memory" => role.memory = value.as_bool(),
|
||||
_ => (),
|
||||
}
|
||||
}
|
||||
@@ -200,17 +189,6 @@ impl Role {
|
||||
if let Some(continuation_prompt) = &self.continuation_prompt {
|
||||
metadata.push(format!("continuation_prompt: {continuation_prompt}"));
|
||||
}
|
||||
if let Some(inject_skill_instructions) = self.inject_skill_instructions {
|
||||
metadata.push(format!(
|
||||
"inject_skill_instructions: {inject_skill_instructions}"
|
||||
));
|
||||
}
|
||||
if let Some(skill_instructions) = &self.skill_instructions {
|
||||
metadata.push(format!("skill_instructions: {skill_instructions}"));
|
||||
}
|
||||
if let Some(memory) = self.memory {
|
||||
metadata.push(format!("memory: {memory}"));
|
||||
}
|
||||
if metadata.is_empty() {
|
||||
format!("{}\n", self.prompt)
|
||||
} else if self.prompt.is_empty() {
|
||||
@@ -321,18 +299,6 @@ impl Role {
|
||||
self.continuation_prompt.as_deref()
|
||||
}
|
||||
|
||||
pub fn inject_skill_instructions(&self) -> Option<bool> {
|
||||
self.inject_skill_instructions
|
||||
}
|
||||
|
||||
pub fn skill_instructions(&self) -> Option<&str> {
|
||||
self.skill_instructions.as_deref()
|
||||
}
|
||||
|
||||
pub fn memory(&self) -> Option<bool> {
|
||||
self.memory
|
||||
}
|
||||
|
||||
pub fn skills_enabled(&self) -> Option<bool> {
|
||||
self.skills_enabled
|
||||
}
|
||||
|
||||
@@ -56,12 +56,6 @@ pub struct Session {
|
||||
inject_todo_instructions: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
continuation_prompt: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
inject_skill_instructions: Option<bool>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
skill_instructions: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
memory: Option<bool>,
|
||||
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
role_name: Option<String>,
|
||||
@@ -233,15 +227,6 @@ impl Session {
|
||||
if let Some(continuation_prompt) = self.continuation_prompt() {
|
||||
data["continuation_prompt"] = continuation_prompt.into();
|
||||
}
|
||||
if let Some(inject_skill_instructions) = self.inject_skill_instructions() {
|
||||
data["inject_skill_instructions"] = inject_skill_instructions.into();
|
||||
}
|
||||
if let Some(skill_instructions) = self.skill_instructions() {
|
||||
data["skill_instructions"] = skill_instructions.into();
|
||||
}
|
||||
if let Some(memory) = self.memory() {
|
||||
data["memory"] = memory.into();
|
||||
}
|
||||
let (tokens, percent) = self.tokens_usage();
|
||||
data["total_tokens"] = tokens.into();
|
||||
if let Some(max_input_tokens) = self.model().max_input_tokens() {
|
||||
@@ -320,18 +305,6 @@ impl Session {
|
||||
if let Some(continuation_prompt) = self.continuation_prompt() {
|
||||
items.push(("continuation_prompt", continuation_prompt.to_string()));
|
||||
}
|
||||
if let Some(inject_skill_instructions) = self.inject_skill_instructions() {
|
||||
items.push((
|
||||
"inject_skill_instructions",
|
||||
inject_skill_instructions.to_string(),
|
||||
));
|
||||
}
|
||||
if let Some(skill_instructions) = self.skill_instructions() {
|
||||
items.push(("skill_instructions", skill_instructions.to_string()));
|
||||
}
|
||||
if let Some(memory) = self.memory() {
|
||||
items.push(("memory", memory.to_string()));
|
||||
}
|
||||
|
||||
if let Some(max_input_tokens) = self.model().max_input_tokens() {
|
||||
items.push(("max_input_tokens", max_input_tokens.to_string()));
|
||||
@@ -473,18 +446,6 @@ impl Session {
|
||||
self.continuation_prompt.as_deref()
|
||||
}
|
||||
|
||||
pub fn inject_skill_instructions(&self) -> Option<bool> {
|
||||
self.inject_skill_instructions
|
||||
}
|
||||
|
||||
pub fn skill_instructions(&self) -> Option<&str> {
|
||||
self.skill_instructions.as_deref()
|
||||
}
|
||||
|
||||
pub fn memory(&self) -> Option<bool> {
|
||||
self.memory
|
||||
}
|
||||
|
||||
pub fn set_inject_todo_instructions(&mut self, value: Option<bool>) {
|
||||
if self.inject_todo_instructions != value {
|
||||
self.inject_todo_instructions = value;
|
||||
@@ -499,27 +460,6 @@ impl Session {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn set_inject_skill_instructions(&mut self, value: Option<bool>) {
|
||||
if self.inject_skill_instructions != value {
|
||||
self.inject_skill_instructions = value;
|
||||
self.dirty = true;
|
||||
}
|
||||
}
|
||||
|
||||
pub fn set_memory(&mut self, value: Option<bool>) {
|
||||
if self.memory != value {
|
||||
self.memory = value;
|
||||
self.dirty = true;
|
||||
}
|
||||
}
|
||||
|
||||
pub fn set_skill_instructions(&mut self, value: Option<String>) {
|
||||
if self.skill_instructions != value {
|
||||
self.skill_instructions = value;
|
||||
self.dirty = true;
|
||||
}
|
||||
}
|
||||
|
||||
pub fn needs_compression(&self, global_compression_threshold: usize) -> bool {
|
||||
if self.compressing {
|
||||
return false;
|
||||
|
||||
+41
-274
@@ -3,16 +3,14 @@ use super::app_config::AppConfig;
|
||||
use super::paths;
|
||||
use super::role::Role;
|
||||
use super::session::Session;
|
||||
use super::skill::Skill;
|
||||
|
||||
use anyhow::{Result, anyhow, bail};
|
||||
use std::collections::{BTreeSet, HashSet};
|
||||
use anyhow::{Result, bail};
|
||||
use std::collections::HashSet;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct SkillPolicy {
|
||||
pub skills_enabled: bool,
|
||||
pub enabled: HashSet<String>,
|
||||
pub compatible_enabled: BTreeSet<String>,
|
||||
}
|
||||
|
||||
impl SkillPolicy {
|
||||
@@ -29,27 +27,20 @@ impl SkillPolicy {
|
||||
session,
|
||||
&paths::has_skill,
|
||||
&paths::list_skills,
|
||||
&|name, mcp_on| {
|
||||
Skill::load(name)
|
||||
.map(|s| s.is_compatible(mcp_on))
|
||||
.unwrap_or(false)
|
||||
},
|
||||
)
|
||||
}
|
||||
|
||||
fn effective_with<F, G, H>(
|
||||
fn effective_with<F, G>(
|
||||
global: &AppConfig,
|
||||
role: Option<&Role>,
|
||||
agent: Option<&Agent>,
|
||||
session: Option<&Session>,
|
||||
skill_exists: &F,
|
||||
list_installed: &G,
|
||||
skill_is_compatible: &H,
|
||||
) -> Result<Self>
|
||||
where
|
||||
F: Fn(&str) -> bool,
|
||||
G: Fn() -> Vec<String>,
|
||||
H: Fn(&str, bool) -> bool,
|
||||
{
|
||||
let mut skills_enabled = global.skills_enabled;
|
||||
if let Some(r) = role
|
||||
@@ -85,24 +76,16 @@ impl SkillPolicy {
|
||||
Some(explicit) => {
|
||||
let set: HashSet<String> = explicit.into_iter().collect();
|
||||
for name in &set {
|
||||
paths::validate_skill_name(name).map_err(|e| {
|
||||
anyhow!("enabled_skills contains invalid name '{name}': {e}")
|
||||
})?;
|
||||
match &visible {
|
||||
Some(vs) => {
|
||||
if !vs.contains(name) {
|
||||
bail!(
|
||||
"enabled_skills references skill '{name}' which is not in the global 'visible_skills' allow-list"
|
||||
);
|
||||
}
|
||||
}
|
||||
None => {
|
||||
if !skill_exists(name) {
|
||||
bail!(
|
||||
"enabled_skills references skill '{name}' which is not installed"
|
||||
);
|
||||
}
|
||||
}
|
||||
if !skill_exists(name) {
|
||||
bail!("enabled_skills references skill '{name}' which is not installed");
|
||||
}
|
||||
|
||||
if let Some(vs) = &visible
|
||||
&& !vs.contains(name)
|
||||
{
|
||||
bail!(
|
||||
"enabled_skills references skill '{name}' which is not in visible_skills"
|
||||
);
|
||||
}
|
||||
}
|
||||
set
|
||||
@@ -113,21 +96,9 @@ impl SkillPolicy {
|
||||
},
|
||||
};
|
||||
|
||||
let compatible_enabled: BTreeSet<String> = if skills_enabled {
|
||||
let mcp_on = global.mcp_server_support;
|
||||
enabled
|
||||
.iter()
|
||||
.filter(|name| skill_is_compatible(name, mcp_on))
|
||||
.cloned()
|
||||
.collect()
|
||||
} else {
|
||||
BTreeSet::new()
|
||||
};
|
||||
|
||||
Ok(Self {
|
||||
skills_enabled,
|
||||
enabled,
|
||||
compatible_enabled,
|
||||
})
|
||||
}
|
||||
|
||||
@@ -149,10 +120,6 @@ mod tests {
|
||||
Vec::new()
|
||||
}
|
||||
|
||||
fn all_compatible(_: &str, _: bool) -> bool {
|
||||
true
|
||||
}
|
||||
|
||||
fn make_app_config(
|
||||
skills_enabled: bool,
|
||||
enabled: Option<&str>,
|
||||
@@ -170,16 +137,9 @@ mod tests {
|
||||
fn defaults_yield_skills_enabled_with_empty_universe() {
|
||||
let global = AppConfig::default();
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &empty_installed)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.skills_enabled);
|
||||
assert!(policy.enabled.is_empty());
|
||||
@@ -190,16 +150,9 @@ mod tests {
|
||||
let global = AppConfig::default();
|
||||
let installed = || vec!["alpha".to_string(), "beta".to_string()];
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &installed)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(policy.enabled.len(), 2);
|
||||
assert!(policy.enabled.contains("alpha"));
|
||||
@@ -210,16 +163,9 @@ mod tests {
|
||||
fn falls_back_to_visible_when_visible_set_but_no_enabled() {
|
||||
let global = make_app_config(true, None, Some(&["alpha", "beta"]));
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &empty_installed)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(policy.enabled.len(), 2);
|
||||
assert!(policy.enabled.contains("alpha"));
|
||||
@@ -230,16 +176,9 @@ mod tests {
|
||||
fn global_enabled_skills_is_effective_when_no_other_levels() {
|
||||
let global = make_app_config(true, Some("alpha,beta"), Some(&["alpha", "beta", "gamma"]));
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &empty_installed)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.enabled.contains("alpha"));
|
||||
assert!(policy.enabled.contains("beta"));
|
||||
@@ -258,7 +197,6 @@ mod tests {
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
@@ -278,7 +216,6 @@ mod tests {
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
@@ -292,15 +229,9 @@ mod tests {
|
||||
..AppConfig::default()
|
||||
};
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&|| vec!["alpha".to_string()],
|
||||
&all_compatible,
|
||||
)
|
||||
let policy = SkillPolicy::effective_with(&global, None, None, None, &always_true, &|| {
|
||||
vec!["alpha".to_string()]
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert!(!policy.allows("alpha"));
|
||||
@@ -310,16 +241,9 @@ mod tests {
|
||||
fn allows_returns_true_when_skill_in_enabled_set() {
|
||||
let global = make_app_config(true, Some("alpha"), None);
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &empty_installed)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.allows("alpha"));
|
||||
assert!(!policy.allows("beta"));
|
||||
@@ -329,16 +253,9 @@ mod tests {
|
||||
fn validation_rejects_uninstalled_skill_reference() {
|
||||
let global = make_app_config(true, Some("ghost"), None);
|
||||
|
||||
let err = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&|_| false,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap_err();
|
||||
let err =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &|_| false, &empty_installed)
|
||||
.unwrap_err();
|
||||
|
||||
assert!(err.to_string().contains("not installed"));
|
||||
assert!(err.to_string().contains("ghost"));
|
||||
@@ -348,21 +265,11 @@ mod tests {
|
||||
fn validation_rejects_skill_not_in_visible_set() {
|
||||
let global = make_app_config(true, Some("beta"), Some(&["alpha"]));
|
||||
|
||||
let err = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap_err();
|
||||
let err =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &always_true, &empty_installed)
|
||||
.unwrap_err();
|
||||
|
||||
assert!(
|
||||
err.to_string()
|
||||
.contains("not in the global 'visible_skills'")
|
||||
);
|
||||
assert!(err.to_string().contains("not in visible_skills"));
|
||||
assert!(err.to_string().contains("beta"));
|
||||
}
|
||||
|
||||
@@ -370,16 +277,9 @@ mod tests {
|
||||
fn validation_skipped_when_no_explicit_enabled_skills() {
|
||||
let global = make_app_config(true, None, None);
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&|_| false,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
let policy =
|
||||
SkillPolicy::effective_with(&global, None, None, None, &|_| false, &empty_installed)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.enabled.is_empty());
|
||||
}
|
||||
@@ -396,142 +296,9 @@ mod tests {
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.enabled.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compatible_enabled_is_empty_when_skills_disabled() {
|
||||
let global = AppConfig {
|
||||
skills_enabled: false,
|
||||
enabled_skills: Some(vec!["alpha".into()]),
|
||||
visible_skills: Some(vec!["alpha".into()]),
|
||||
..AppConfig::default()
|
||||
};
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(!policy.skills_enabled);
|
||||
assert!(policy.compatible_enabled.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compatible_enabled_short_circuits_callback_when_skills_disabled() {
|
||||
use std::cell::Cell;
|
||||
let global = AppConfig {
|
||||
skills_enabled: false,
|
||||
enabled_skills: Some(vec!["alpha".into()]),
|
||||
visible_skills: Some(vec!["alpha".into()]),
|
||||
..AppConfig::default()
|
||||
};
|
||||
let invoked = Cell::new(0u32);
|
||||
let counting = |_: &str, _: bool| {
|
||||
invoked.set(invoked.get() + 1);
|
||||
true
|
||||
};
|
||||
|
||||
SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&counting,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(
|
||||
invoked.get(),
|
||||
0,
|
||||
"skill_is_compatible callback must not run when skills are disabled"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compatible_enabled_includes_all_when_callback_passes() {
|
||||
let global = make_app_config(true, Some("alpha,beta"), Some(&["alpha", "beta"]));
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&all_compatible,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(policy.compatible_enabled.len(), 2);
|
||||
assert!(policy.compatible_enabled.contains("alpha"));
|
||||
assert!(policy.compatible_enabled.contains("beta"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compatible_enabled_excludes_incompatible_skills() {
|
||||
let global = make_app_config(true, Some("alpha,beta"), Some(&["alpha", "beta"]));
|
||||
let only_alpha_compat = |name: &str, _: bool| name == "alpha";
|
||||
|
||||
let policy = SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&only_alpha_compat,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert!(policy.compatible_enabled.contains("alpha"));
|
||||
assert!(!policy.compatible_enabled.contains("beta"));
|
||||
assert_eq!(policy.compatible_enabled.len(), 1);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compatible_enabled_passes_mcp_flag_to_callback() {
|
||||
use std::cell::Cell;
|
||||
let global = AppConfig {
|
||||
skills_enabled: true,
|
||||
mcp_server_support: false,
|
||||
enabled_skills: Some(vec!["alpha".into()]),
|
||||
visible_skills: Some(vec!["alpha".into()]),
|
||||
..AppConfig::default()
|
||||
};
|
||||
let observed_mcp = Cell::new(None::<bool>);
|
||||
let capture = |_: &str, mcp_on: bool| {
|
||||
observed_mcp.set(Some(mcp_on));
|
||||
true
|
||||
};
|
||||
|
||||
SkillPolicy::effective_with(
|
||||
&global,
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
&always_true,
|
||||
&empty_installed,
|
||||
&capture,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(
|
||||
observed_mcp.get(),
|
||||
Some(false),
|
||||
"callback must receive mcp_server_support flag from AppConfig"
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ use super::role::{Role, RoleLike};
|
||||
use super::skill::Skill;
|
||||
use super::skill_policy::SkillPolicy;
|
||||
|
||||
use anyhow::{Result, anyhow, bail};
|
||||
use anyhow::{Result, bail};
|
||||
use indexmap::IndexMap;
|
||||
use std::collections::BTreeSet;
|
||||
|
||||
@@ -24,10 +24,12 @@ impl SkillRegistry {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn unload(&mut self, name: &str) -> Result<Skill> {
|
||||
self.loaded
|
||||
.shift_remove(name)
|
||||
.ok_or_else(|| anyhow!("Skill '{name}' is not loaded"))
|
||||
pub fn unload(&mut self, name: &str) -> Result<()> {
|
||||
if self.loaded.shift_remove(name).is_none() {
|
||||
bail!("Skill '{name}' is not loaded");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn loaded_names(&self) -> Vec<String> {
|
||||
@@ -65,13 +67,17 @@ impl SkillRegistry {
|
||||
let mut effective = base.clone();
|
||||
let skip_body = effective.is_embedded_prompt();
|
||||
|
||||
let base_tools = effective.enabled_tools();
|
||||
let base_tools_set = base_tools.is_some();
|
||||
let base_mcps = effective.enabled_mcp_servers();
|
||||
let base_mcps_set = base_mcps.is_some();
|
||||
let base_tools_set = effective.enabled_tools().is_some();
|
||||
let base_mcps_set = effective.enabled_mcp_servers().is_some();
|
||||
|
||||
let mut tools: BTreeSet<String> = base_tools.unwrap_or_default().into_iter().collect();
|
||||
let mut mcps: BTreeSet<String> = base_mcps.unwrap_or_default().into_iter().collect();
|
||||
let mut tools: BTreeSet<String> = effective
|
||||
.enabled_tools()
|
||||
.map(|v| v.into_iter().collect())
|
||||
.unwrap_or_default();
|
||||
let mut mcps: BTreeSet<String> = effective
|
||||
.enabled_mcp_servers()
|
||||
.map(|v| v.into_iter().collect())
|
||||
.unwrap_or_default();
|
||||
|
||||
for (name, skill) in &self.loaded {
|
||||
if !policy.allows(name) {
|
||||
@@ -116,7 +122,6 @@ impl SkillRegistry {
|
||||
let policy = SkillPolicy {
|
||||
skills_enabled: true,
|
||||
enabled: self.loaded.keys().cloned().collect(),
|
||||
compatible_enabled: self.loaded.keys().cloned().collect(),
|
||||
};
|
||||
self.effective_role(base, &policy)
|
||||
}
|
||||
|
||||
@@ -1,679 +0,0 @@
|
||||
use std::collections::HashSet;
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::{env, fs};
|
||||
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
use indexmap::IndexMap;
|
||||
use serde_json::{Value, json};
|
||||
|
||||
use super::{FunctionDeclaration, JsonSchema};
|
||||
use crate::config::RequestContext;
|
||||
use crate::config::memory::{
|
||||
MemoryFile, MemoryFrontmatter, MemoryStore, WorkspaceMemory, bootstrap_workspace_memory,
|
||||
find_git_root,
|
||||
};
|
||||
use crate::config::paths;
|
||||
|
||||
pub const MEMORY_FUNCTION_PREFIX: &str = "memory__";
|
||||
|
||||
const PER_FILE_SOFT_CAP: usize = 2_000;
|
||||
|
||||
pub fn memory_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
vec![
|
||||
FunctionDeclaration {
|
||||
name: format!("{MEMORY_FUNCTION_PREFIX}read"),
|
||||
description: "Read the full content of a specific memory file by its name slug."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([(
|
||||
"name".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some(
|
||||
"The `name:` slug of the memory file to read (from MEMORY.md index)"
|
||||
.into(),
|
||||
),
|
||||
..Default::default()
|
||||
},
|
||||
)])),
|
||||
required: Some(vec!["name".to_string()]),
|
||||
..Default::default()
|
||||
},
|
||||
agent: false,
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{MEMORY_FUNCTION_PREFIX}write"),
|
||||
description:
|
||||
"Create or replace a memory file. Caller must also update MEMORY.md index."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([
|
||||
(
|
||||
"name".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some(
|
||||
"Short kebab-case slug for the file (no extension)".into(),
|
||||
),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
(
|
||||
"description".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some("One-line description for the MEMORY.md index".into()),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
(
|
||||
"type".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some(
|
||||
"Memory type: user | feedback | project | reference".into(),
|
||||
),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
(
|
||||
"content".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some("The full markdown body of the memory file".into()),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
(
|
||||
"scope".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some(
|
||||
"Where to write: 'global' (user-level) or 'workspace' (project-level)"
|
||||
.into(),
|
||||
),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
])),
|
||||
required: Some(vec![
|
||||
"name".to_string(),
|
||||
"description".to_string(),
|
||||
"content".to_string(),
|
||||
"scope".to_string(),
|
||||
]),
|
||||
..Default::default()
|
||||
},
|
||||
agent: false,
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{MEMORY_FUNCTION_PREFIX}list"),
|
||||
description: "List all known drill files with metadata (size, type, scope).".to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::new()),
|
||||
..Default::default()
|
||||
},
|
||||
agent: false,
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{MEMORY_FUNCTION_PREFIX}lint"),
|
||||
description: "Health-check memory: orphan files, broken [[wikilinks]], oversized files."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::new()),
|
||||
..Default::default()
|
||||
},
|
||||
agent: false,
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{MEMORY_FUNCTION_PREFIX}edit_index"),
|
||||
description:
|
||||
"Replace the entire MEMORY.md index at the given scope. Use to add always-on facts, \
|
||||
reorganize, prune stale entries, or fix descriptions. Coyote manages the path; \
|
||||
NEVER use fs_write or any other generic file tool on MEMORY.md."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([
|
||||
(
|
||||
"scope".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some(
|
||||
"Where to edit: 'global' (user-level) or 'workspace' (project-level)"
|
||||
.into(),
|
||||
),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
(
|
||||
"content".to_string(),
|
||||
JsonSchema {
|
||||
type_value: Some("string".to_string()),
|
||||
description: Some("Full new contents of MEMORY.md".into()),
|
||||
..Default::default()
|
||||
},
|
||||
),
|
||||
])),
|
||||
required: Some(vec!["scope".to_string(), "content".to_string()]),
|
||||
..Default::default()
|
||||
},
|
||||
agent: false,
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
pub fn handle_memory_tool(ctx: &mut RequestContext, cmd_name: &str, args: &Value) -> Result<Value> {
|
||||
if !ctx.should_register_memory_tools() {
|
||||
bail!("Memory tools are disabled (memory off or function calling unavailable).");
|
||||
}
|
||||
|
||||
let action = cmd_name
|
||||
.strip_prefix(MEMORY_FUNCTION_PREFIX)
|
||||
.unwrap_or(cmd_name);
|
||||
let cwd = env::current_dir().context("get cwd")?;
|
||||
let store = MemoryStore::new(&cwd);
|
||||
|
||||
match action {
|
||||
"read" => {
|
||||
let name = args
|
||||
.get("name")
|
||||
.and_then(Value::as_str)
|
||||
.ok_or_else(|| anyhow!("name is required"))?;
|
||||
let file = find_file(&store, name)?
|
||||
.ok_or_else(|| anyhow!("memory file '{}' not found", name))?;
|
||||
|
||||
Ok(json!({
|
||||
"name": file.frontmatter.name,
|
||||
"type": file.frontmatter.kind,
|
||||
"content": file.body,
|
||||
}))
|
||||
}
|
||||
"list" => {
|
||||
let files = store.list_files()?;
|
||||
let entries: Vec<_> = files
|
||||
.iter()
|
||||
.map(|f| {
|
||||
json!({
|
||||
"name": f.frontmatter.name,
|
||||
"description": f.frontmatter.description,
|
||||
"type": f.frontmatter.kind,
|
||||
"char_len": f.char_len(),
|
||||
"path": f.path.display().to_string(),
|
||||
})
|
||||
})
|
||||
.collect();
|
||||
|
||||
Ok(json!({
|
||||
"files": entries,
|
||||
"global_index_exists": paths::global_memory_index_path().exists(),
|
||||
"workspace": store.workspace.as_ref().map(workspace_label),
|
||||
}))
|
||||
}
|
||||
"write" => {
|
||||
let name = arg_str(args, "name")?;
|
||||
let description = arg_str(args, "description")?;
|
||||
let content = arg_str(args, "content")?;
|
||||
let scope = arg_str(args, "scope")?;
|
||||
let kind = args.get("type").and_then(Value::as_str).map(String::from);
|
||||
|
||||
let target_dir = match scope.as_str() {
|
||||
"global" => paths::global_memory_dir(),
|
||||
"workspace" => workspace_write_dir(&store, &cwd)?,
|
||||
other => bail!("unknown scope '{}': use 'global' or 'workspace'", other),
|
||||
};
|
||||
let file = MemoryFile {
|
||||
path: target_dir.join(format!("{name}.md")),
|
||||
frontmatter: MemoryFrontmatter {
|
||||
name: name.clone(),
|
||||
description: Some(description.clone()),
|
||||
kind,
|
||||
},
|
||||
body: content,
|
||||
};
|
||||
file.save()?;
|
||||
|
||||
let index_path = target_dir.join("MEMORY.md");
|
||||
let index_updated = ensure_index_entry(&index_path, &name, &description)?;
|
||||
|
||||
Ok(json!({
|
||||
"status": "ok",
|
||||
"path": file.path.display().to_string(),
|
||||
"index_path": index_path.display().to_string(),
|
||||
"index_updated": index_updated,
|
||||
}))
|
||||
}
|
||||
"edit_index" => {
|
||||
let scope = arg_str(args, "scope")?;
|
||||
let content = arg_str(args, "content")?;
|
||||
let target_dir = match scope.as_str() {
|
||||
"global" => paths::global_memory_dir(),
|
||||
"workspace" => workspace_write_dir(&store, &cwd)?,
|
||||
other => bail!("unknown scope '{}': use 'global' or 'workspace'", other),
|
||||
};
|
||||
let index_path = write_memory_index(&target_dir, &content)?;
|
||||
|
||||
Ok(json!({
|
||||
"status": "ok",
|
||||
"path": index_path.display().to_string(),
|
||||
}))
|
||||
}
|
||||
"lint" => lint_memory(&store),
|
||||
_ => bail!("unknown memory action: {action}"),
|
||||
}
|
||||
}
|
||||
|
||||
fn write_memory_index(target_dir: &Path, content: &str) -> Result<PathBuf> {
|
||||
fs::create_dir_all(target_dir)?;
|
||||
let index_path = target_dir.join("MEMORY.md");
|
||||
fs::write(&index_path, content)?;
|
||||
Ok(index_path)
|
||||
}
|
||||
|
||||
fn ensure_index_entry(index_path: &Path, name: &str, description: &str) -> Result<bool> {
|
||||
let existing = fs::read_to_string(index_path).unwrap_or_default();
|
||||
let already_referenced =
|
||||
existing.contains(&format!("[[{name}]]")) || existing.contains(&format!("{name}.md"));
|
||||
|
||||
if already_referenced {
|
||||
return Ok(false);
|
||||
}
|
||||
|
||||
let entry = format!("- [[{name}]]: {description}\n");
|
||||
let new_content = if existing.is_empty() {
|
||||
format!("# Memory Index\n\n{entry}")
|
||||
} else if existing.ends_with('\n') {
|
||||
format!("{existing}{entry}")
|
||||
} else {
|
||||
format!("{existing}\n{entry}")
|
||||
};
|
||||
|
||||
if let Some(parent) = index_path.parent() {
|
||||
fs::create_dir_all(parent)?;
|
||||
}
|
||||
|
||||
fs::write(index_path, new_content)?;
|
||||
Ok(true)
|
||||
}
|
||||
|
||||
fn arg_str(args: &Value, key: &str) -> Result<String> {
|
||||
args.get(key)
|
||||
.and_then(Value::as_str)
|
||||
.map(String::from)
|
||||
.ok_or_else(|| anyhow!("{} is required", key))
|
||||
}
|
||||
|
||||
fn find_file(store: &MemoryStore, name: &str) -> Result<Option<MemoryFile>> {
|
||||
Ok(store
|
||||
.list_files()?
|
||||
.into_iter()
|
||||
.find(|f| f.frontmatter.name == name))
|
||||
}
|
||||
|
||||
fn workspace_write_dir(store: &MemoryStore, cwd: &Path) -> Result<PathBuf> {
|
||||
match &store.workspace {
|
||||
Some(WorkspaceMemory::Structured { dir, .. }) => Ok(dir.clone()),
|
||||
Some(WorkspaceMemory::Lite { workspace_root, .. }) => {
|
||||
Ok(paths::workspace_memory_dir_for(workspace_root))
|
||||
}
|
||||
None => match find_git_root(cwd) {
|
||||
Some(git_root) => bootstrap_workspace_memory(&git_root),
|
||||
None => bail!(
|
||||
"no workspace memory discoverable and not inside a git repository for auto-bootstrap. \
|
||||
If you want workspace memory, run `coyote --init-memory workspace`."
|
||||
),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
fn workspace_label(w: &WorkspaceMemory) -> Value {
|
||||
match w {
|
||||
WorkspaceMemory::Structured { workspace_root, .. } => json!({
|
||||
"mode": "structured",
|
||||
"root": workspace_root.display().to_string(),
|
||||
}),
|
||||
WorkspaceMemory::Lite {
|
||||
workspace_root,
|
||||
file,
|
||||
} => json!({
|
||||
"mode": "lite",
|
||||
"root": workspace_root.display().to_string(),
|
||||
"file": file.display().to_string(),
|
||||
}),
|
||||
}
|
||||
}
|
||||
|
||||
fn lint_memory(store: &MemoryStore) -> Result<Value> {
|
||||
let files = store.list_files()?;
|
||||
let names: HashSet<&str> = files.iter().map(|f| f.frontmatter.name.as_str()).collect();
|
||||
|
||||
let mut oversized = Vec::new();
|
||||
let mut broken_links = Vec::new();
|
||||
for f in &files {
|
||||
if f.char_len() > PER_FILE_SOFT_CAP {
|
||||
oversized.push(json!({"name": &f.frontmatter.name, "chars": f.char_len()}));
|
||||
}
|
||||
for link in extract_wikilinks(&f.body) {
|
||||
if !names.contains(link.as_str()) {
|
||||
broken_links.push(json!({"from": &f.frontmatter.name, "to": link}));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let index_content = store
|
||||
.load_global_index()?
|
||||
.or_else(|| store.load_workspace_index().ok().flatten())
|
||||
.unwrap_or_default();
|
||||
let mut orphans = Vec::new();
|
||||
for f in &files {
|
||||
if !index_content.contains(&f.frontmatter.name) {
|
||||
orphans.push(f.frontmatter.name.clone());
|
||||
}
|
||||
}
|
||||
|
||||
Ok(json!({
|
||||
"total_files": files.len(),
|
||||
"oversized": oversized,
|
||||
"broken_wikilinks": broken_links,
|
||||
"orphans": orphans,
|
||||
}))
|
||||
}
|
||||
|
||||
fn extract_wikilinks(body: &str) -> Vec<String> {
|
||||
let mut out = Vec::new();
|
||||
let bytes = body.as_bytes();
|
||||
let mut i = 0;
|
||||
while i + 1 < bytes.len() {
|
||||
if bytes[i] == b'['
|
||||
&& bytes[i + 1] == b'['
|
||||
&& let Some(end_rel) = body[i + 2..].find("]]")
|
||||
{
|
||||
out.push(body[i + 2..i + 2 + end_rel].to_string());
|
||||
i = i + 2 + end_rel + 2;
|
||||
continue;
|
||||
}
|
||||
i += 1;
|
||||
}
|
||||
|
||||
out
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use crate::config::memory::discover_workspace_memory;
|
||||
use std::fs;
|
||||
use std::time;
|
||||
|
||||
fn temp_root(label: &str) -> PathBuf {
|
||||
let unique = time::SystemTime::now()
|
||||
.duration_since(time::UNIX_EPOCH)
|
||||
.unwrap()
|
||||
.as_nanos();
|
||||
let root = env::temp_dir().join(format!("coyote-function-memory-{label}-{unique}"));
|
||||
fs::create_dir_all(&root).unwrap();
|
||||
root
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn extract_wikilinks_finds_all_pairs() {
|
||||
let body = "see [[alpha]] and [[bravo]] but not [single] or [[unclosed";
|
||||
|
||||
assert_eq!(
|
||||
extract_wikilinks(body),
|
||||
vec!["alpha".to_string(), "bravo".to_string()]
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn extract_wikilinks_handles_empty_and_no_links() {
|
||||
assert!(extract_wikilinks("").is_empty());
|
||||
assert!(extract_wikilinks("nothing here").is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn ensure_index_entry_appends_when_missing() {
|
||||
let root = temp_root("index_append");
|
||||
let index = root.join("MEMORY.md");
|
||||
fs::write(&index, "# Memory Index\n\n- [[existing]]: already here\n").unwrap();
|
||||
|
||||
let updated = ensure_index_entry(&index, "new_one", "newly added").unwrap();
|
||||
assert!(updated);
|
||||
let content = fs::read_to_string(&index).unwrap();
|
||||
assert!(content.contains("- [[existing]]: already here"));
|
||||
assert!(content.contains("- [[new_one]]: newly added"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn ensure_index_entry_skips_when_referenced() {
|
||||
let root = temp_root("index_skip");
|
||||
let index = root.join("MEMORY.md");
|
||||
let original = "# Memory Index\n\n- [[existing]]: already here\n";
|
||||
fs::write(&index, original).unwrap();
|
||||
|
||||
let updated = ensure_index_entry(&index, "existing", "different description").unwrap();
|
||||
assert!(!updated);
|
||||
assert_eq!(fs::read_to_string(&index).unwrap(), original);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn ensure_index_entry_creates_index_when_absent() {
|
||||
let root = temp_root("index_create");
|
||||
let index = root.join("memory").join("MEMORY.md");
|
||||
|
||||
let updated = ensure_index_entry(&index, "first", "first ever").unwrap();
|
||||
assert!(updated);
|
||||
let content = fs::read_to_string(&index).unwrap();
|
||||
assert!(content.starts_with("# Memory Index"));
|
||||
assert!(content.contains("- [[first]]: first ever"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn workspace_write_dir_returns_structured_dir_directly() {
|
||||
let root = temp_root("ws_structured");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace.join(".coyote").join("memory");
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(structured.join("MEMORY.md"), "idx").unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("g"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let dir = workspace_write_dir(&store, &workspace).unwrap();
|
||||
assert_eq!(dir, structured);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn workspace_write_dir_promotes_lite_to_structured_subdir() {
|
||||
let root = temp_root("ws_lite_promote");
|
||||
let workspace = root.join("ws");
|
||||
fs::create_dir_all(&workspace).unwrap();
|
||||
fs::write(workspace.join("COYOTE.md"), "lite").unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("g"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let dir = workspace_write_dir(&store, &workspace).unwrap();
|
||||
assert_eq!(dir, workspace.join(".coyote").join("memory"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn workspace_write_dir_errors_when_no_workspace_and_no_git() {
|
||||
let root = temp_root("ws_none");
|
||||
let bare = root.join("nowhere");
|
||||
fs::create_dir_all(&bare).unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("g"),
|
||||
workspace: discover_workspace_memory(&bare),
|
||||
};
|
||||
|
||||
let err = workspace_write_dir(&store, &bare).unwrap_err();
|
||||
let msg = err.to_string();
|
||||
assert!(msg.contains("no workspace memory discoverable"));
|
||||
assert!(msg.contains("coyote --init-memory workspace"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn workspace_write_dir_auto_bootstraps_inside_git_repo() {
|
||||
let root = temp_root("ws_bootstrap");
|
||||
let repo = root.join("repo");
|
||||
fs::create_dir_all(repo.join(".git")).unwrap();
|
||||
let nested = repo.join("src").join("deep");
|
||||
fs::create_dir_all(&nested).unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("g"),
|
||||
workspace: discover_workspace_memory(&nested),
|
||||
};
|
||||
assert!(store.workspace.is_none());
|
||||
|
||||
let dir = workspace_write_dir(&store, &nested).unwrap();
|
||||
assert_eq!(dir, repo.join(".coyote").join("memory"));
|
||||
assert!(dir.join("MEMORY.md").exists());
|
||||
let gi = fs::read_to_string(repo.join(".gitignore")).unwrap();
|
||||
assert!(gi.contains(".coyote/memory/"));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn find_file_returns_matching_file() {
|
||||
let root = temp_root("find_file");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace.join(".coyote").join("memory");
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
fs::write(structured.join("MEMORY.md"), "idx").unwrap();
|
||||
fs::write(
|
||||
structured.join("target.md"),
|
||||
"---\nname: target\n---\nfound me\n",
|
||||
)
|
||||
.unwrap();
|
||||
fs::write(
|
||||
structured.join("other.md"),
|
||||
"---\nname: other\n---\nignored\n",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("g"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let hit = find_file(&store, "target").unwrap();
|
||||
assert!(hit.is_some());
|
||||
assert_eq!(hit.unwrap().body.trim(), "found me");
|
||||
|
||||
let miss = find_file(&store, "nope").unwrap();
|
||||
assert!(miss.is_none());
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn write_memory_index_creates_dir_and_writes_content() {
|
||||
let root = temp_root("write_index_create");
|
||||
let target = root.join("nested").join(".coyote").join("memory");
|
||||
|
||||
let path =
|
||||
write_memory_index(&target, "# Workspace Memory Index\n\n- [[foo]]: hello\n").unwrap();
|
||||
|
||||
assert_eq!(path, target.join("MEMORY.md"));
|
||||
assert!(path.exists());
|
||||
assert_eq!(
|
||||
fs::read_to_string(&path).unwrap(),
|
||||
"# Workspace Memory Index\n\n- [[foo]]: hello\n"
|
||||
);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn write_memory_index_replaces_existing_content() {
|
||||
let root = temp_root("write_index_replace");
|
||||
fs::create_dir_all(&root).unwrap();
|
||||
let index = root.join("MEMORY.md");
|
||||
fs::write(&index, "# Old\n\n- [[stale]]: gone\n").unwrap();
|
||||
|
||||
let path = write_memory_index(&root, "# New\n").unwrap();
|
||||
|
||||
assert_eq!(path, index);
|
||||
assert_eq!(fs::read_to_string(&path).unwrap(), "# New\n");
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn lint_flags_orphans_broken_links_and_oversized() {
|
||||
let root = temp_root("lint");
|
||||
let workspace = root.join("ws");
|
||||
let structured = workspace.join(".coyote").join("memory");
|
||||
fs::create_dir_all(&structured).unwrap();
|
||||
|
||||
fs::write(structured.join("MEMORY.md"), "- referenced\n").unwrap();
|
||||
fs::write(
|
||||
structured.join("referenced.md"),
|
||||
"---\nname: referenced\n---\nlinks to [[missing]] and [[also_missing]]\n",
|
||||
)
|
||||
.unwrap();
|
||||
fs::write(
|
||||
structured.join("orphan.md"),
|
||||
"---\nname: orphan\n---\nnot in the index\n",
|
||||
)
|
||||
.unwrap();
|
||||
let huge_body = "x".repeat(PER_FILE_SOFT_CAP + 100);
|
||||
fs::write(
|
||||
structured.join("huge.md"),
|
||||
format!("---\nname: huge\n---\n{huge_body}\n"),
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
let store = MemoryStore {
|
||||
global_dir: root.join("nonexistent_global"),
|
||||
workspace: discover_workspace_memory(&workspace),
|
||||
};
|
||||
|
||||
let report = lint_memory(&store).unwrap();
|
||||
assert_eq!(report["total_files"], 3);
|
||||
|
||||
let orphans = report["orphans"].as_array().unwrap();
|
||||
let orphan_names: Vec<&str> = orphans.iter().filter_map(|v| v.as_str()).collect();
|
||||
assert!(orphan_names.contains(&"orphan"));
|
||||
assert!(orphan_names.contains(&"huge"));
|
||||
assert!(!orphan_names.contains(&"referenced"));
|
||||
|
||||
let broken = report["broken_wikilinks"].as_array().unwrap();
|
||||
let broken_targets: Vec<&str> = broken.iter().filter_map(|v| v["to"].as_str()).collect();
|
||||
assert!(broken_targets.contains(&"missing"));
|
||||
assert!(broken_targets.contains(&"also_missing"));
|
||||
|
||||
let oversized = report["oversized"].as_array().unwrap();
|
||||
let oversized_names: Vec<&str> = oversized
|
||||
.iter()
|
||||
.filter_map(|v| v["name"].as_str())
|
||||
.collect();
|
||||
assert_eq!(oversized_names, vec!["huge"]);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
}
|
||||
+1
-32
@@ -1,4 +1,3 @@
|
||||
pub(crate) mod memory;
|
||||
pub(crate) mod skill;
|
||||
pub(crate) mod supervisor;
|
||||
pub(crate) mod todo;
|
||||
@@ -20,7 +19,6 @@ use crate::parsers::{bash, python, typescript};
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
use indexmap::IndexMap;
|
||||
use indoc::formatdoc;
|
||||
use memory::MEMORY_FUNCTION_PREFIX;
|
||||
use rust_embed::Embed;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json::{Value, json};
|
||||
@@ -357,21 +355,6 @@ impl Functions {
|
||||
self.declarations.extend(todo::todo_function_declarations());
|
||||
}
|
||||
|
||||
pub fn remove_todo_functions(&mut self) {
|
||||
self.declarations
|
||||
.retain(|f| !f.name.starts_with(TODO_FUNCTION_PREFIX));
|
||||
}
|
||||
|
||||
pub fn append_memory_functions(&mut self) {
|
||||
self.declarations
|
||||
.extend(memory::memory_function_declarations());
|
||||
}
|
||||
|
||||
pub fn remove_memory_functions(&mut self) {
|
||||
self.declarations
|
||||
.retain(|f| !f.name.starts_with(MEMORY_FUNCTION_PREFIX));
|
||||
}
|
||||
|
||||
pub fn append_skill_functions(&mut self) {
|
||||
self.declarations
|
||||
.extend(skill::skill_function_declarations());
|
||||
@@ -1063,13 +1046,6 @@ impl ToolCall {
|
||||
json!({"tool_call_error": error_msg})
|
||||
})
|
||||
}
|
||||
_ if cmd_name.starts_with(MEMORY_FUNCTION_PREFIX) => {
|
||||
memory::handle_memory_tool(ctx, &cmd_name, &json_data).unwrap_or_else(|e| {
|
||||
let error_msg = format!("Memory tool failed: {e}");
|
||||
eprintln!("{}", warning_text(&format!("⚠️ {error_msg} ⚠️")));
|
||||
json!({"tool_call_error": error_msg})
|
||||
})
|
||||
}
|
||||
_ if cmd_name.starts_with(SKILL_FUNCTION_PREFIX) => {
|
||||
skill::handle_skill_tool(ctx, &cmd_name, &json_data)
|
||||
.await
|
||||
@@ -1292,13 +1268,11 @@ pub fn run_llm_function(
|
||||
let mut buffer = [0; 1024];
|
||||
let mut reader = stdout;
|
||||
let mut out = io::stdout();
|
||||
let mut buf = Vec::new();
|
||||
while let Ok(n) = reader.read(&mut buffer) {
|
||||
if n == 0 {
|
||||
break;
|
||||
}
|
||||
let chunk = &buffer[0..n];
|
||||
buf.extend_from_slice(chunk);
|
||||
let mut last_pos = 0;
|
||||
for (i, &byte) in chunk.iter().enumerate() {
|
||||
if byte == b'\n' {
|
||||
@@ -1312,7 +1286,6 @@ pub fn run_llm_function(
|
||||
}
|
||||
let _ = out.flush();
|
||||
}
|
||||
buf
|
||||
});
|
||||
|
||||
let stderr_thread = std::thread::spawn(move || {
|
||||
@@ -1345,22 +1318,18 @@ pub fn run_llm_function(
|
||||
let status = child
|
||||
.wait()
|
||||
.map_err(|err| anyhow!("Unable to run {command_name}, {err}"))?;
|
||||
let stdout_bytes = stdout_thread.join().unwrap_or_default();
|
||||
let _ = stdout_thread.join();
|
||||
let stderr_bytes = stderr_thread.join().unwrap_or_default();
|
||||
|
||||
let exit_code = status.code().unwrap_or_default();
|
||||
if exit_code != 0 {
|
||||
let stderr = String::from_utf8_lossy(&stderr_bytes).trim().to_string();
|
||||
let stdout = String::from_utf8_lossy(&stdout_bytes).trim().to_string();
|
||||
let tool_error_message = format!("Tool call '{command_name}' exited with code {exit_code}");
|
||||
eprintln!("{}", warning_text(&format!("⚠️ {tool_error_message} ⚠️")));
|
||||
let mut error_json = json!({"tool_call_error": tool_error_message});
|
||||
if !stderr.is_empty() {
|
||||
error_json["stderr"] = json!(stderr);
|
||||
}
|
||||
if !stdout.is_empty() {
|
||||
error_json["stdout"] = json!(stdout);
|
||||
}
|
||||
debug!("Tool call error: {error_json:?}");
|
||||
return Ok(Some(error_json.to_string()));
|
||||
}
|
||||
|
||||
+18
-34
@@ -14,11 +14,9 @@ pub fn skill_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
FunctionDeclaration {
|
||||
name: format!("{SKILL_FUNCTION_PREFIX}list"),
|
||||
description:
|
||||
"List skills available in this context. Call this early in any non-trivial task to \
|
||||
discover specialized skills that may apply to the work before deciding on an \
|
||||
approach. Returns each skill's name, description, what tools and MCP servers it \
|
||||
grants on load, and whether it is currently loaded. Pair with `skill__load` to \
|
||||
activate the skills you choose."
|
||||
"List skills available in this context. Returns each skill's name, description, \
|
||||
what tools and MCP servers it grants on load, and whether it is currently loaded. \
|
||||
Call this to discover skills before using skill__load."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
@@ -30,10 +28,9 @@ pub fn skill_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
FunctionDeclaration {
|
||||
name: format!("{SKILL_FUNCTION_PREFIX}load"),
|
||||
description:
|
||||
"Load a skill module into the current context after confirming via `skill__list` \
|
||||
that it applies to the task at hand. The skill's instructions and any tools or \
|
||||
MCP servers it grants become active for subsequent turns. Call `skill__unload` \
|
||||
when the skill's work is complete to keep the context lean."
|
||||
"Load a skill module into the current context. The skill's instructions and any \
|
||||
tools or MCP servers it grants become active for subsequent turns. Call \
|
||||
skill__unload when the skill's work is complete to keep the context lean."
|
||||
.to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
@@ -105,14 +102,11 @@ pub async fn handle_skill_tool(
|
||||
}
|
||||
|
||||
fn handle_list(ctx: &RequestContext, policy: &SkillPolicy) -> Result<Value> {
|
||||
let visible_names: Vec<String> = match ctx.app.config.visible_skills.as_deref() {
|
||||
Some(list) => list.to_vec(),
|
||||
None => paths::list_skills(),
|
||||
};
|
||||
let mcp_on = ctx.app.config.mcp_server_support;
|
||||
|
||||
let mut entries = Vec::new();
|
||||
for name in visible_names {
|
||||
if !policy.compatible_enabled.contains(&name) {
|
||||
for name in paths::list_skills() {
|
||||
if !policy.allows(&name) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -123,6 +117,12 @@ fn handle_list(ctx: &RequestContext, policy: &SkillPolicy) -> Result<Value> {
|
||||
continue;
|
||||
}
|
||||
};
|
||||
if !skill.is_compatible(mcp_on) {
|
||||
warn!(
|
||||
"Skill '{name}' filtered from list: declares MCP servers but MCP support is disabled"
|
||||
);
|
||||
continue;
|
||||
}
|
||||
|
||||
entries.push(json!({
|
||||
"name": skill.name(),
|
||||
@@ -193,10 +193,7 @@ async fn handle_load(
|
||||
}
|
||||
|
||||
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
||||
if let Err(unload_err) = ctx.skill_registry.unload(name) {
|
||||
warn!("Failed to unload skill '{name}' during error recovery: {unload_err}");
|
||||
}
|
||||
|
||||
let _ = ctx.skill_registry.unload(name);
|
||||
return Ok(json!({
|
||||
"error": format!("Loaded skill '{name}' but failed to refresh tool scope: {e}")
|
||||
}));
|
||||
@@ -215,25 +212,12 @@ async fn handle_unload(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
_ => return Ok(json!({"error": "name is required"})),
|
||||
};
|
||||
|
||||
if let Err(e) = paths::validate_skill_name(name) {
|
||||
if let Err(e) = ctx.skill_registry.unload(name) {
|
||||
return Ok(json!({"error": e.to_string()}));
|
||||
}
|
||||
|
||||
let skill = match ctx.skill_registry.unload(name) {
|
||||
Ok(s) => s,
|
||||
Err(e) => return Ok(json!({"error": e.to_string()})),
|
||||
};
|
||||
|
||||
if let Err(e) = ctx.refresh_tool_scope(create_abort_signal()).await {
|
||||
if let Err(insert_err) = ctx.skill_registry.insert(skill) {
|
||||
warn!("Failed to restore skill '{name}' after unload recovery: {insert_err}");
|
||||
}
|
||||
|
||||
return Ok(json!({
|
||||
"error": format!(
|
||||
"Unloaded skill '{name}' but failed to refresh tool scope; restored: {e}"
|
||||
)
|
||||
}));
|
||||
warn!("Unloaded skill '{name}' but failed to refresh tool scope: {e}");
|
||||
}
|
||||
|
||||
Ok(json!({
|
||||
|
||||
+18
-152
@@ -3,7 +3,7 @@ use crate::client::{Model, ModelType, call_chat_completions};
|
||||
use crate::config::{Agent, AppState, Input, RequestContext, Role, RoleLike};
|
||||
use crate::supervisor::mailbox::{Envelope, EnvelopePayload, Inbox};
|
||||
use crate::supervisor::{AgentExitStatus, AgentHandle, AgentResult, Supervisor};
|
||||
use crate::utils::{AbortSignal, create_abort_signal, wait_abort_signal};
|
||||
use crate::utils::{AbortSignal, create_abort_signal};
|
||||
|
||||
use crate::graph;
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
@@ -16,69 +16,10 @@ use std::pin::Pin;
|
||||
use std::sync::Arc;
|
||||
use std::time::Duration;
|
||||
use tokio::time;
|
||||
use tokio::time::Instant;
|
||||
use uuid::Uuid;
|
||||
|
||||
pub const SUPERVISOR_FUNCTION_PREFIX: &str = "agent__";
|
||||
|
||||
pub const PENDING_AGENTS_GUARDRAIL_MAX: u32 = 3;
|
||||
|
||||
pub enum GuardrailAction {
|
||||
NoAction,
|
||||
Inject(String),
|
||||
ForceTerminate(Vec<String>),
|
||||
}
|
||||
|
||||
pub fn pending_agent_ids(ctx: &RequestContext) -> Vec<String> {
|
||||
let Some(sup) = ctx.supervisor.as_ref() else {
|
||||
return Vec::new();
|
||||
};
|
||||
let sup = sup.read();
|
||||
sup.list_agents()
|
||||
.into_iter()
|
||||
.filter_map(|(id, _)| match sup.is_finished(id) {
|
||||
Some(false) => Some(id.to_string()),
|
||||
_ => None,
|
||||
})
|
||||
.collect()
|
||||
}
|
||||
|
||||
pub fn build_pending_agents_guardrail_prompt(ids: &[String]) -> String {
|
||||
let count = ids.len();
|
||||
let id_list = ids
|
||||
.iter()
|
||||
.map(|id| format!("- {id}"))
|
||||
.collect::<Vec<_>>()
|
||||
.join("\n");
|
||||
format!(
|
||||
"[SYSTEM GUARDRAIL] You attempted to end your turn while {count} spawned background agent(s) \
|
||||
are still running:\n{id_list}\n\nThese agents will be abandoned if your turn ends now. You MUST \
|
||||
reclaim each one before ending your turn. For each agent: call `agent__collect` (blocks until \
|
||||
done, returns output) or `agent__cancel` (discards). Do NOT emit a text-only response \
|
||||
expecting them to 'report back' — they will not."
|
||||
)
|
||||
}
|
||||
|
||||
pub fn check_pending_agents_guardrail(ctx: &mut RequestContext) -> GuardrailAction {
|
||||
let pending = pending_agent_ids(ctx);
|
||||
if pending.is_empty() {
|
||||
ctx.pending_agents_guardrail_count = 0;
|
||||
return GuardrailAction::NoAction;
|
||||
}
|
||||
|
||||
if ctx.pending_agents_guardrail_count >= PENDING_AGENTS_GUARDRAIL_MAX {
|
||||
if let Some(sup) = ctx.supervisor.as_ref().cloned() {
|
||||
sup.read().cancel_recursive();
|
||||
}
|
||||
ctx.pending_agents_guardrail_count = 0;
|
||||
|
||||
return GuardrailAction::ForceTerminate(pending);
|
||||
}
|
||||
|
||||
ctx.pending_agents_guardrail_count += 1;
|
||||
GuardrailAction::Inject(build_pending_agents_guardrail_prompt(&pending))
|
||||
}
|
||||
|
||||
pub fn escalation_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
vec![FunctionDeclaration {
|
||||
name: format!("{SUPERVISOR_FUNCTION_PREFIX}reply_escalation"),
|
||||
@@ -114,11 +55,7 @@ pub fn supervisor_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
vec![
|
||||
FunctionDeclaration {
|
||||
name: format!("{SUPERVISOR_FUNCTION_PREFIX}spawn"),
|
||||
description: "Spawn a subagent to run in the background. Returns an `id` immediately so you can continue \
|
||||
working in parallel. CRITICAL: every spawned agent MUST be reclaimed before you end your \
|
||||
turn — call `agent__collect` to retrieve its output, or `agent__cancel` if you no longer \
|
||||
need it. Ending your turn with pending agents will abandon their work and the system will \
|
||||
reject the turn-end.".to_string(),
|
||||
description: "Spawn a subagent to run in the background. Returns a task_id for tracking. The agent runs in parallel. You can continue working while it executes.".to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([
|
||||
@@ -172,11 +109,7 @@ pub fn supervisor_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{SUPERVISOR_FUNCTION_PREFIX}collect"),
|
||||
description: "Block until the named spawned agent finishes and return its result. This is your primary \
|
||||
wait primitive — it pauses your execution until the agent completes (or you are interrupted). \
|
||||
Call this for every agent you spawned before ending your turn. Do NOT end your turn assuming \
|
||||
agents will 'report back later' — they will not; they will be abandoned. If you no longer \
|
||||
need an agent's result, call `agent__cancel` instead.".to_string(),
|
||||
description: "Wait for a spawned agent to finish and return its result. Blocks until the agent completes.".to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([(
|
||||
@@ -204,10 +137,7 @@ pub fn supervisor_function_declarations() -> Vec<FunctionDeclaration> {
|
||||
},
|
||||
FunctionDeclaration {
|
||||
name: format!("{SUPERVISOR_FUNCTION_PREFIX}cancel"),
|
||||
description: "Cancel a running subagent by its ID. Use this when an agent's output is no longer needed \
|
||||
(e.g. you changed direction, or you're about to end your turn and don't want to wait). \
|
||||
Cancellation cascades: all of the cancelled agent's own descendants are also cancelled. This \
|
||||
call waits briefly for the agent to actually finish cleanup before returning.".to_string(),
|
||||
description: "Cancel a running subagent by its ID.".to_string(),
|
||||
parameters: JsonSchema {
|
||||
type_value: Some("object".to_string()),
|
||||
properties: Some(IndexMap::from([(
|
||||
@@ -385,7 +315,7 @@ pub async fn handle_supervisor_tool(
|
||||
"check" => handle_check(ctx, args).await,
|
||||
"collect" => handle_collect(ctx, args).await,
|
||||
"list" => handle_list(ctx),
|
||||
"cancel" => handle_cancel(ctx, args).await,
|
||||
"cancel" => handle_cancel(ctx, args),
|
||||
"send_message" => handle_send_message(ctx, args),
|
||||
"check_inbox" => handle_check_inbox(ctx),
|
||||
"task_create" => handle_task_create(ctx, args),
|
||||
@@ -440,28 +370,14 @@ pub fn run_child_agent(
|
||||
}
|
||||
|
||||
if tool_results.is_empty() {
|
||||
match check_pending_agents_guardrail(&mut child_ctx) {
|
||||
GuardrailAction::NoAction => break,
|
||||
GuardrailAction::ForceTerminate(ids) => {
|
||||
log::warn!(
|
||||
"Pending-agent guardrail force-cancelled {} agent(s) after max reminders: {:?}",
|
||||
ids.len(),
|
||||
ids
|
||||
);
|
||||
break;
|
||||
}
|
||||
GuardrailAction::Inject(prompt) => {
|
||||
input = Input::from_str(&child_ctx, &prompt, None)?;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
input = input.merge_tool_results(output, tool_results);
|
||||
}
|
||||
|
||||
if let Some(supervisor) = child_ctx.supervisor.clone() {
|
||||
supervisor.read().cancel_recursive();
|
||||
supervisor.read().cancel_all();
|
||||
}
|
||||
|
||||
Ok(accumulated_output)
|
||||
@@ -726,7 +642,6 @@ async fn handle_spawn(ctx: &mut RequestContext, args: &Value) -> Result<Value> {
|
||||
let spawn_agent_id = agent_id.clone();
|
||||
let spawn_agent_name = agent_name.clone();
|
||||
let spawn_abort = child_abort.clone();
|
||||
let child_supervisor = child_ctx.supervisor.clone();
|
||||
|
||||
let join_handle = tokio::spawn(async move {
|
||||
let result = run_child_agent(child_ctx, input, spawn_abort).await;
|
||||
@@ -754,7 +669,6 @@ async fn handle_spawn(ctx: &mut RequestContext, args: &Value) -> Result<Value> {
|
||||
inbox: child_inbox,
|
||||
abort_signal: child_abort,
|
||||
join_handle,
|
||||
child_supervisor,
|
||||
};
|
||||
|
||||
let supervisor = ctx
|
||||
@@ -769,11 +683,7 @@ async fn handle_spawn(ctx: &mut RequestContext, args: &Value) -> Result<Value> {
|
||||
"status": "ok",
|
||||
"id": agent_id,
|
||||
"agent": agent_name,
|
||||
"message": format!("Agent '{agent_name}' spawned as '{agent_id}' and is running in the background. CRITICAL: \
|
||||
you MUST reclaim this agent before ending your turn — call `agent__collect` (blocks until \
|
||||
done, returns output) or `agent__cancel` (if you no longer need it). Ending your turn with \
|
||||
unreclaimed agents will be rejected and forces you to handle them. Do NOT assume the agent \
|
||||
will 'report back' on its own."),
|
||||
"message": format!("Agent '{agent_name}' spawned as '{agent_id}'. Use agent__check or agent__collect to get results."),
|
||||
}))
|
||||
}
|
||||
|
||||
@@ -833,7 +743,7 @@ async fn handle_collect(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
.cloned()
|
||||
.ok_or_else(|| anyhow!("No supervisor active"))?;
|
||||
|
||||
let target_abort = {
|
||||
{
|
||||
let sup = supervisor.read();
|
||||
if sup.is_finished(id).is_none() {
|
||||
return Ok(json!({
|
||||
@@ -841,8 +751,7 @@ async fn handle_collect(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
"message": format!("Agent '{id}' not found. Use agent__check to verify it exists and is finished.")
|
||||
}));
|
||||
}
|
||||
sup.abort_signal_for(id)
|
||||
};
|
||||
}
|
||||
|
||||
loop {
|
||||
let is_finished = {
|
||||
@@ -866,27 +775,7 @@ async fn handle_collect(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
}));
|
||||
}
|
||||
|
||||
match target_abort.as_ref() {
|
||||
Some(abort) if abort.aborted() => {
|
||||
let deadline = Instant::now() + Duration::from_secs(2);
|
||||
while Instant::now() < deadline {
|
||||
if supervisor.read().is_finished(id).unwrap_or(false) {
|
||||
break;
|
||||
}
|
||||
time::sleep(Duration::from_millis(50)).await;
|
||||
}
|
||||
break;
|
||||
}
|
||||
Some(abort) => {
|
||||
tokio::select! {
|
||||
_ = time::sleep(Duration::from_millis(200)) => {}
|
||||
_ = wait_abort_signal(abort) => {}
|
||||
}
|
||||
}
|
||||
None => {
|
||||
time::sleep(Duration::from_millis(200)).await;
|
||||
}
|
||||
}
|
||||
time::sleep(Duration::from_millis(200)).await;
|
||||
}
|
||||
|
||||
let handle = {
|
||||
@@ -903,7 +792,6 @@ async fn handle_collect(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
.map_err(|e| anyhow!("Agent failed: {e}"))?;
|
||||
|
||||
let output = summarize_output(ctx, &result.agent_name, &result.output).await?;
|
||||
ctx.pending_agents_guardrail_count = 0;
|
||||
|
||||
Ok(json!({
|
||||
"status": "completed",
|
||||
@@ -948,7 +836,7 @@ fn handle_list(ctx: &mut RequestContext) -> Result<Value> {
|
||||
}))
|
||||
}
|
||||
|
||||
async fn handle_cancel(ctx: &mut RequestContext, args: &Value) -> Result<Value> {
|
||||
fn handle_cancel(ctx: &mut RequestContext, args: &Value) -> Result<Value> {
|
||||
let id = args
|
||||
.get("id")
|
||||
.and_then(Value::as_str)
|
||||
@@ -959,34 +847,14 @@ async fn handle_cancel(ctx: &mut RequestContext, args: &Value) -> Result<Value>
|
||||
.as_ref()
|
||||
.cloned()
|
||||
.ok_or_else(|| anyhow!("No supervisor active"))?;
|
||||
let mut sup = supervisor.write();
|
||||
|
||||
let handle = {
|
||||
let mut sup = supervisor.write();
|
||||
sup.take(id)
|
||||
};
|
||||
|
||||
match handle {
|
||||
match sup.take(id) {
|
||||
Some(handle) => {
|
||||
let agent_name = handle.agent_name.clone();
|
||||
if let Some(child_sup) = handle.child_supervisor.as_ref() {
|
||||
child_sup.read().cancel_recursive();
|
||||
}
|
||||
handle.abort_signal.set_ctrlc();
|
||||
|
||||
let cleanup = tokio::time::timeout(Duration::from_secs(5), handle.join_handle).await;
|
||||
|
||||
ctx.pending_agents_guardrail_count = 0;
|
||||
|
||||
let message = match cleanup {
|
||||
Ok(_) => format!("Cancelled agent '{agent_name}' and waited for cleanup."),
|
||||
Err(_) => format!(
|
||||
"Cancelled agent '{agent_name}'; cleanup did not complete within 5s. Its descendants have been signalled and will tear down asynchronously."
|
||||
),
|
||||
};
|
||||
|
||||
Ok(json!({
|
||||
"status": "ok",
|
||||
"message": message,
|
||||
"message": format!("Cancelled agent '{}'", handle.agent_name),
|
||||
}))
|
||||
}
|
||||
None => Ok(json!({
|
||||
@@ -1415,7 +1283,6 @@ mod tests {
|
||||
inbox: Arc::new(Inbox::new()),
|
||||
abort_signal: create_abort_signal(),
|
||||
join_handle,
|
||||
child_supervisor: None,
|
||||
};
|
||||
ctx.supervisor
|
||||
.as_ref()
|
||||
@@ -1495,7 +1362,6 @@ mod tests {
|
||||
inbox,
|
||||
abort_signal: abort,
|
||||
join_handle,
|
||||
child_supervisor: None,
|
||||
};
|
||||
ctx.supervisor
|
||||
.as_ref()
|
||||
@@ -1515,7 +1381,7 @@ mod tests {
|
||||
fn handle_cancel_registered_agent() {
|
||||
let mut ctx = ctx_with_supervisor(4, 3);
|
||||
register_fake_agent(&mut ctx, "a1", "explore");
|
||||
let result = run_async(handle_cancel(&mut ctx, &json!({"id": "a1"}))).unwrap();
|
||||
let result = handle_cancel(&mut ctx, &json!({"id": "a1"})).unwrap();
|
||||
assert_eq!(result["status"], "ok");
|
||||
assert_eq!(ctx.supervisor.as_ref().unwrap().read().active_count(), 0);
|
||||
}
|
||||
@@ -1523,14 +1389,14 @@ mod tests {
|
||||
#[test]
|
||||
fn handle_cancel_unknown_agent() {
|
||||
let mut ctx = ctx_with_supervisor(4, 3);
|
||||
let result = run_async(handle_cancel(&mut ctx, &json!({"id": "missing"}))).unwrap();
|
||||
let result = handle_cancel(&mut ctx, &json!({"id": "missing"})).unwrap();
|
||||
assert_eq!(result["status"], "error");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn handle_cancel_no_supervisor_errors() {
|
||||
let mut ctx = RequestContext::new(default_app_state(), WorkingMode::Cmd);
|
||||
let result = run_async(handle_cancel(&mut ctx, &json!({"id": "x"})));
|
||||
let result = handle_cancel(&mut ctx, &json!({"id": "x"}));
|
||||
assert!(result.is_err());
|
||||
}
|
||||
|
||||
|
||||
+5
-76
@@ -2,15 +2,9 @@ use super::state::StateManager;
|
||||
use super::structured;
|
||||
use super::types::LlmNode;
|
||||
use crate::client::{Model, ModelType, call_chat_completions};
|
||||
use crate::config::prompts::DEFAULT_SKILL_INSTRUCTIONS;
|
||||
use crate::config::{
|
||||
Input, RequestContext, Role, RoleLike, SkillPolicy, should_inject_skill_instructions,
|
||||
};
|
||||
use crate::function::skill::skill_function_declarations;
|
||||
use crate::function::supervisor::{GuardrailAction, check_pending_agents_guardrail};
|
||||
use crate::config::{Input, RequestContext, Role, RoleLike, SkillPolicy};
|
||||
use crate::utils::create_abort_signal;
|
||||
use anyhow::{Context, Error, Result, anyhow, bail};
|
||||
use log::warn;
|
||||
use serde_json::Value;
|
||||
use std::collections::HashSet;
|
||||
use std::sync::Arc;
|
||||
@@ -111,7 +105,7 @@ async fn run(
|
||||
let (regular_tools, mcp_servers) = categorize_tools(node.tools.as_deref());
|
||||
validate_tools_subset(®ular_tools, &mcp_servers, parent_ctx)?;
|
||||
|
||||
let mut role = build_inline_role(
|
||||
let role = build_inline_role(
|
||||
node,
|
||||
instructions.as_deref(),
|
||||
®ular_tools,
|
||||
@@ -121,54 +115,12 @@ async fn run(
|
||||
|
||||
let saved_agent_skill_state = swap_in_node_skill_policy(node, parent_ctx);
|
||||
|
||||
let policy = match SkillPolicy::effective(
|
||||
let policy = SkillPolicy::effective(
|
||||
&parent_ctx.app.config,
|
||||
parent_ctx.role.as_ref(),
|
||||
parent_ctx.agent.as_ref(),
|
||||
parent_ctx.session.as_ref(),
|
||||
) {
|
||||
Ok(p) => p,
|
||||
Err(e) => {
|
||||
restore_agent_skill_policy(parent_ctx, saved_agent_skill_state);
|
||||
return Err(e);
|
||||
}
|
||||
};
|
||||
|
||||
if policy.skills_enabled {
|
||||
let mut tools = role.enabled_tools().map(|v| v.to_vec()).unwrap_or_default();
|
||||
for decl in skill_function_declarations() {
|
||||
if !tools.contains(&decl.name) {
|
||||
tools.push(decl.name);
|
||||
}
|
||||
}
|
||||
role.set_enabled_tools(Some(tools));
|
||||
}
|
||||
|
||||
if should_inject_skill_instructions(&parent_ctx.app.config, &policy) {
|
||||
let app = &parent_ctx.app.config;
|
||||
let agent = parent_ctx.agent.as_ref();
|
||||
let inject = node
|
||||
.inject_skill_instructions
|
||||
.or_else(|| agent.map(|a| a.inject_skill_instructions()))
|
||||
.unwrap_or(app.inject_skill_instructions);
|
||||
|
||||
if inject {
|
||||
let instructions = node
|
||||
.skill_instructions
|
||||
.clone()
|
||||
.or_else(|| agent.and_then(|a| a.skill_instructions_value()))
|
||||
.or_else(|| app.skill_instructions.clone());
|
||||
let separator = if role.is_empty_prompt() { "" } else { "\n\n" };
|
||||
|
||||
role.append_to_prompt(separator);
|
||||
role.append_to_prompt(
|
||||
instructions
|
||||
.as_deref()
|
||||
.unwrap_or(DEFAULT_SKILL_INSTRUCTIONS),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
)?;
|
||||
let composed_role = parent_ctx.skill_registry.effective_role(&role, &policy);
|
||||
|
||||
let saved_role = parent_ctx.role.clone();
|
||||
@@ -268,28 +220,7 @@ async fn run_chat_loop(node: &LlmNode, prompt: &str, ctx: &mut RequestContext) -
|
||||
}
|
||||
|
||||
if tool_results.is_empty() {
|
||||
match check_pending_agents_guardrail(ctx) {
|
||||
GuardrailAction::NoAction => return Ok(accumulated),
|
||||
GuardrailAction::ForceTerminate(ids) => {
|
||||
warn!(
|
||||
"Pending-agent guardrail force-cancelled {} agent(s) after max reminders: {:?}",
|
||||
ids.len(),
|
||||
ids
|
||||
);
|
||||
return Ok(accumulated);
|
||||
}
|
||||
GuardrailAction::Inject(prompt) => {
|
||||
if turn + 1 == node.max_iterations {
|
||||
bail!(
|
||||
"llm node hit max_iterations ({}) before LLM concluded",
|
||||
node.max_iterations
|
||||
);
|
||||
}
|
||||
let role = ctx.role.clone();
|
||||
input = Input::from_str(ctx, &prompt, role)?;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
return Ok(accumulated);
|
||||
}
|
||||
|
||||
if turn + 1 == node.max_iterations {
|
||||
@@ -507,8 +438,6 @@ mod tests {
|
||||
timeout: None,
|
||||
skills_enabled: None,
|
||||
enabled_skills: None,
|
||||
inject_skill_instructions: None,
|
||||
skill_instructions: None,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -37,12 +37,6 @@ pub struct Graph {
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub enabled_skills: Option<Vec<String>>,
|
||||
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub inject_skill_instructions: Option<bool>,
|
||||
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub skill_instructions: Option<String>,
|
||||
|
||||
#[serde(default)]
|
||||
pub conversation_starters: Vec<String>,
|
||||
|
||||
@@ -311,12 +305,6 @@ pub struct LlmNode {
|
||||
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub enabled_skills: Option<Vec<String>>,
|
||||
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub inject_skill_instructions: Option<bool>,
|
||||
|
||||
#[serde(default, skip_serializing_if = "Option::is_none")]
|
||||
pub skill_instructions: Option<String>,
|
||||
}
|
||||
|
||||
fn default_llm_max_attempts() -> u32 {
|
||||
|
||||
+1
-72
@@ -93,7 +93,6 @@ impl AgentValidationContext {
|
||||
pub struct GraphValidator {
|
||||
base_dir: PathBuf,
|
||||
agent_ctx: Option<AgentValidationContext>,
|
||||
skill_exists: fn(&str) -> bool,
|
||||
}
|
||||
|
||||
impl GraphValidator {
|
||||
@@ -101,7 +100,6 @@ impl GraphValidator {
|
||||
Self {
|
||||
base_dir: base_dir.into(),
|
||||
agent_ctx: None,
|
||||
skill_exists: paths::has_skill,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -110,12 +108,6 @@ impl GraphValidator {
|
||||
self
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
pub fn with_skill_exists(mut self, f: fn(&str) -> bool) -> Self {
|
||||
self.skill_exists = f;
|
||||
self
|
||||
}
|
||||
|
||||
pub fn validate(&self, graph: &Graph) -> ValidationResult {
|
||||
let mut result = ValidationResult::default();
|
||||
self.validate_node_references(graph, &mut result);
|
||||
@@ -199,49 +191,6 @@ impl GraphValidator {
|
||||
}
|
||||
|
||||
fn validate_llm_skills(&self, graph: &Graph, result: &mut ValidationResult) {
|
||||
let visible_skills = self
|
||||
.agent_ctx
|
||||
.as_ref()
|
||||
.and_then(|c| c.app_config.visible_skills.as_deref());
|
||||
|
||||
let skill_exists = self.skill_exists;
|
||||
let has_agent_ctx = self.agent_ctx.is_some();
|
||||
let check_visibility = |name: &str| -> Option<String> {
|
||||
if !has_agent_ctx {
|
||||
return None;
|
||||
}
|
||||
|
||||
match visible_skills {
|
||||
Some(list) if !list.iter().any(|s| s == name) => Some(format!(
|
||||
"'{name}' is not in the global 'visible_skills' allow-list"
|
||||
)),
|
||||
None if !skill_exists(name) => Some(format!("'{name}' is not installed")),
|
||||
_ => None,
|
||||
}
|
||||
};
|
||||
|
||||
if let Some(graph_skills) = &graph.enabled_skills {
|
||||
for name in graph_skills {
|
||||
if name.trim().is_empty() {
|
||||
result.error(ValidationError::new(
|
||||
"graph 'enabled_skills' contains an empty skill name",
|
||||
));
|
||||
continue;
|
||||
}
|
||||
if let Err(e) = paths::validate_skill_name(name) {
|
||||
result.error(ValidationError::new(format!(
|
||||
"graph 'enabled_skills' contains an invalid skill name: '{name}': {e}"
|
||||
)));
|
||||
continue;
|
||||
}
|
||||
if let Some(reason) = check_visibility(name) {
|
||||
result.error(ValidationError::new(format!(
|
||||
"graph 'enabled_skills': {reason}"
|
||||
)));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for (node_id, node) in &graph.nodes {
|
||||
let NodeType::Llm(llm) = &node.node_type else {
|
||||
continue;
|
||||
@@ -258,22 +207,6 @@ impl GraphValidator {
|
||||
));
|
||||
continue;
|
||||
}
|
||||
if let Err(e) = paths::validate_skill_name(name) {
|
||||
result.error(ValidationError::with_node(
|
||||
node_id,
|
||||
format!(
|
||||
"llm node 'enabled_skills' contains an invalid skill name: '{name}': {e}"
|
||||
)));
|
||||
continue;
|
||||
}
|
||||
if let Some(reason) = check_visibility(name) {
|
||||
result.error(ValidationError::with_node(
|
||||
node_id,
|
||||
format!("llm node 'enabled_skills': {reason}"),
|
||||
));
|
||||
continue;
|
||||
}
|
||||
|
||||
if let Some(graph_skills) = &graph.enabled_skills
|
||||
&& !graph_skills.iter().any(|g| g == name)
|
||||
{
|
||||
@@ -950,8 +883,6 @@ mod tests {
|
||||
mcp_servers: Vec::new(),
|
||||
skills_enabled: None,
|
||||
enabled_skills: None,
|
||||
inject_skill_instructions: None,
|
||||
skill_instructions: None,
|
||||
conversation_starters: Vec::new(),
|
||||
variables: Vec::new(),
|
||||
settings: GraphSettings::default(),
|
||||
@@ -1053,8 +984,6 @@ mod tests {
|
||||
timeout: None,
|
||||
skills_enabled: None,
|
||||
enabled_skills: None,
|
||||
inject_skill_instructions: None,
|
||||
skill_instructions: None,
|
||||
}),
|
||||
next: next.map(NextTargets::from),
|
||||
}
|
||||
@@ -1396,7 +1325,7 @@ mod tests {
|
||||
}
|
||||
|
||||
fn validator() -> GraphValidator {
|
||||
GraphValidator::new(env::current_dir().unwrap()).with_skill_exists(|_: &str| true)
|
||||
GraphValidator::new(env::current_dir().unwrap())
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
||||
+15
-69
@@ -10,7 +10,6 @@ mod repl;
|
||||
mod utils;
|
||||
mod mcp;
|
||||
mod parsers;
|
||||
mod sandbox;
|
||||
mod supervisor;
|
||||
mod vault;
|
||||
|
||||
@@ -23,11 +22,10 @@ use crate::client::{
|
||||
};
|
||||
use crate::config::paths;
|
||||
use crate::config::{
|
||||
Agent, AppConfig, AppState, CODE_ROLE, Config, EXPLAIN_SHELL_ROLE, Input, MemoryScope,
|
||||
RequestContext, SHELL_ROLE, TEMP_SESSION_NAME, WorkingMode, ensure_parent_exists,
|
||||
install_builtins, list_agents, load_env_file, macro_execute, sync_models,
|
||||
Agent, AppConfig, AppState, CODE_ROLE, Config, EXPLAIN_SHELL_ROLE, Input, RequestContext,
|
||||
SHELL_ROLE, TEMP_SESSION_NAME, WorkingMode, ensure_parent_exists, install_builtins,
|
||||
list_agents, load_env_file, macro_execute, sync_models,
|
||||
};
|
||||
use crate::function::supervisor::{GuardrailAction, check_pending_agents_guardrail};
|
||||
use crate::render::{prompt_theme, render_error};
|
||||
use crate::repl::Repl;
|
||||
use crate::utils::*;
|
||||
@@ -37,14 +35,14 @@ use clap::{CommandFactory, Parser};
|
||||
use clap_complete::CompleteEnv;
|
||||
use client::ClientConfig;
|
||||
use inquire::{Select, Text, set_global_render_config};
|
||||
use log::{LevelFilter, warn};
|
||||
use log::LevelFilter;
|
||||
use log4rs::append::console::ConsoleAppender;
|
||||
use log4rs::append::file::FileAppender;
|
||||
use log4rs::config::{Appender, Logger, Root};
|
||||
use log4rs::encode::pattern::PatternEncoder;
|
||||
use oauth::OAuthProvider;
|
||||
use std::path::PathBuf;
|
||||
use std::{env, fs, process, sync::Arc};
|
||||
use std::{env, process, sync::Arc};
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() -> Result<()> {
|
||||
@@ -57,7 +55,6 @@ async fn main() -> Result<()> {
|
||||
shell.generate_completions(&mut cmd);
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
if cli.tail_logs {
|
||||
tail_logs(cli.disable_log_colors).await;
|
||||
return Ok(());
|
||||
@@ -94,10 +91,6 @@ async fn main() -> Result<()> {
|
||||
.await?;
|
||||
}
|
||||
|
||||
if let Some(name) = &cli.sandbox {
|
||||
return sandbox::launch(name.clone(), cli.fresh, cli.no_mixins);
|
||||
}
|
||||
|
||||
install_builtins()?;
|
||||
|
||||
if let Some(category) = cli.install {
|
||||
@@ -120,7 +113,7 @@ async fn main() -> Result<()> {
|
||||
if vault_flags {
|
||||
let cfg = Config::load_with_interpolation(true).await?;
|
||||
let app_config = AppConfig::from_config(cfg)?;
|
||||
let vault = Vault::init(&app_config)?;
|
||||
let vault = Vault::init(&app_config);
|
||||
return Vault::handle_vault_flags(cli, &vault);
|
||||
}
|
||||
|
||||
@@ -204,18 +197,14 @@ async fn run(
|
||||
println!("{skills}");
|
||||
return Ok(());
|
||||
}
|
||||
let skills = cli.skills();
|
||||
if skills.len() == 1 {
|
||||
let name = &skills[0];
|
||||
paths::validate_skill_name(name)?;
|
||||
if !paths::has_skill(name) {
|
||||
let app = Arc::clone(&ctx.app.config);
|
||||
ctx.upsert_skill(app.as_ref(), name)?;
|
||||
return Ok(());
|
||||
}
|
||||
} else if skills.len() > 1 {
|
||||
for name in &skills {
|
||||
paths::validate_skill_name(name)?;
|
||||
if cli.skill.len() == 1 && !paths::has_skill(&cli.skill[0]) {
|
||||
let name = &cli.skill[0];
|
||||
let app = Arc::clone(&ctx.app.config);
|
||||
ctx.upsert_skill(app.as_ref(), name)?;
|
||||
return Ok(());
|
||||
}
|
||||
if cli.skill.len() > 1 {
|
||||
for name in &cli.skill {
|
||||
if !paths::has_skill(name) {
|
||||
bail!("Skill '{name}' is not installed");
|
||||
}
|
||||
@@ -299,40 +288,12 @@ async fn run(
|
||||
if cli.no_stream {
|
||||
update_app_config(&mut ctx, |app| app.stream = false);
|
||||
}
|
||||
if cli.no_memory {
|
||||
update_app_config(&mut ctx, |app| app.memory = Some(false));
|
||||
}
|
||||
if cli.empty_session {
|
||||
ctx.empty_session()?;
|
||||
}
|
||||
if cli.save_session {
|
||||
ctx.set_save_session_this_time()?;
|
||||
}
|
||||
if let Some(scope) = cli.init_memory {
|
||||
let (path, content) = match scope {
|
||||
MemoryScope::Global => (
|
||||
paths::global_memory_index_path(),
|
||||
"# Global Memory\n\n<!-- Universal facts about you go here. The LLM uses this as always-on context. -->\n<!-- Drill files (when created) are listed below. -->\n",
|
||||
),
|
||||
MemoryScope::Workspace => (
|
||||
env::current_dir()?.join("COYOTE.md"),
|
||||
"# Workspace Memory\n\n<!-- Facts about this project go here. The LLM uses this as always-on context. -->\n",
|
||||
),
|
||||
};
|
||||
|
||||
if path.exists() {
|
||||
eprintln!("Memory marker already exists at '{}'.", path.display());
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
if let Some(parent) = path.parent() {
|
||||
fs::create_dir_all(parent)?;
|
||||
}
|
||||
|
||||
fs::write(&path, content)?;
|
||||
println!("✓ Created memory marker at '{}'.", path.display());
|
||||
return Ok(());
|
||||
}
|
||||
if cli.info {
|
||||
let app: Arc<AppConfig> = Arc::clone(&ctx.app.config);
|
||||
let info = ctx.info(app.as_ref())?;
|
||||
@@ -362,7 +323,7 @@ async fn run(
|
||||
.await?;
|
||||
}
|
||||
|
||||
for name in &cli.skills() {
|
||||
for name in &cli.skill {
|
||||
ctx.load_skill_repl(name, abort_signal.clone()).await?;
|
||||
}
|
||||
|
||||
@@ -426,21 +387,6 @@ async fn start_directive(
|
||||
abort_signal,
|
||||
)
|
||||
.await?;
|
||||
} else {
|
||||
match check_pending_agents_guardrail(ctx) {
|
||||
GuardrailAction::Inject(prompt) => {
|
||||
let guardrail_input = Input::from_str(ctx, &prompt, None)?;
|
||||
return start_directive(ctx, guardrail_input, code_mode, abort_signal).await;
|
||||
}
|
||||
GuardrailAction::ForceTerminate(ids) => {
|
||||
warn!(
|
||||
"Pending-agent guardrail force-cancelled {} agent(s) after max reminders: {:?}",
|
||||
ids.len(),
|
||||
ids
|
||||
);
|
||||
}
|
||||
GuardrailAction::NoAction => {}
|
||||
}
|
||||
}
|
||||
|
||||
ctx.exit_session()?;
|
||||
|
||||
+3
-3
@@ -16,8 +16,8 @@ use parking_lot::RwLock;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json::json;
|
||||
use std::{
|
||||
cmp::Ordering, collections::HashMap, env, fmt, fmt::Debug, fs, hash::Hash, path::Path,
|
||||
sync::Arc, time::Duration,
|
||||
collections::HashMap, env, fmt, fmt::Debug, fs, hash::Hash, path::Path, sync::Arc,
|
||||
time::Duration,
|
||||
};
|
||||
use tokio::time::sleep;
|
||||
|
||||
@@ -1196,7 +1196,7 @@ fn reciprocal_rank_fusion(
|
||||
}
|
||||
}
|
||||
let mut sorted_items: Vec<(DocumentId, f32)> = map.into_iter().collect();
|
||||
sorted_items.sort_by(|a, b| b.1.partial_cmp(&a.1).unwrap_or(Ordering::Equal));
|
||||
sorted_items.sort_by(|a, b| b.1.partial_cmp(&a.1).unwrap());
|
||||
|
||||
sorted_items
|
||||
.into_iter()
|
||||
|
||||
+11
-153
@@ -12,14 +12,11 @@ use crate::config::{
|
||||
macro_execute,
|
||||
};
|
||||
use crate::config::{AssetCategory, paths};
|
||||
use crate::function::supervisor::{GuardrailAction, check_pending_agents_guardrail};
|
||||
use crate::render::render_error;
|
||||
use crate::utils::{
|
||||
AbortSignal, SHELL, abortable_run_with_spinner, create_abort_signal, dimmed_text, run_command,
|
||||
set_text, temp_file,
|
||||
AbortSignal, abortable_run_with_spinner, create_abort_signal, dimmed_text, set_text, temp_file,
|
||||
};
|
||||
|
||||
use crate::sandbox::SANDBOX_ENV_FLAG;
|
||||
use crate::{config, graph, resolve_oauth_client};
|
||||
use anyhow::{Context, Result, bail};
|
||||
use crossterm::cursor::SetCursorStyle;
|
||||
@@ -49,15 +46,10 @@ pub const DEFAULT_CONTINUATION_PROMPT: &str = indoc! {"
|
||||
4. Continue with the next pending item now. Call tools immediately."
|
||||
};
|
||||
|
||||
static REPL_COMMANDS: LazyLock<[ReplCommand; 49]> = LazyLock::new(|| {
|
||||
static REPL_COMMANDS: LazyLock<[ReplCommand; 44]> = LazyLock::new(|| {
|
||||
[
|
||||
ReplCommand::new(".help", "Show this help guide", AssertState::pass()),
|
||||
ReplCommand::new(".info", "Show system info", AssertState::pass()),
|
||||
ReplCommand::new(
|
||||
".info tools",
|
||||
"Show the list of enabled tools to be passed to the LLM",
|
||||
AssertState::True(StateFlags::FUNCTION_CALLING),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".authenticate",
|
||||
"Authenticate the current model client via OAuth (if configured)",
|
||||
@@ -168,11 +160,6 @@ static REPL_COMMANDS: LazyLock<[ReplCommand; 49]> = LazyLock::new(|| {
|
||||
"Clear the todo list and stop auto-continuation",
|
||||
AssertState::pass(),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".info todo",
|
||||
"Show the current todo list driving auto-continuation",
|
||||
AssertState::True(StateFlags::AUTO_CONTINUE),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".rag",
|
||||
"Initialize or access RAG",
|
||||
@@ -206,28 +193,13 @@ static REPL_COMMANDS: LazyLock<[ReplCommand; 49]> = LazyLock::new(|| {
|
||||
ReplCommand::new(".macro", "Execute a macro", AssertState::pass()),
|
||||
ReplCommand::new(
|
||||
".skill",
|
||||
"Create a new skill",
|
||||
AssertState::True(StateFlags::SKILLS_ENABLED),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".skill load",
|
||||
"Load a skill into the current context",
|
||||
AssertState::True(StateFlags::SKILLS_ENABLED),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".skill loaded",
|
||||
"List currently-loaded skills",
|
||||
AssertState::True(StateFlags::SKILLS_ENABLED),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".skill unload",
|
||||
"Unload a skill from the current context",
|
||||
AssertState::True(StateFlags::SKILLS_ENABLED),
|
||||
"List, load, unload, or create skills",
|
||||
AssertState::pass(),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".edit skill",
|
||||
"Modify an existing skill by name",
|
||||
AssertState::True(StateFlags::SKILLS_ENABLED),
|
||||
AssertState::pass(),
|
||||
),
|
||||
ReplCommand::new(
|
||||
".file",
|
||||
@@ -305,12 +277,7 @@ Type ".help" for additional help.
|
||||
"#,
|
||||
env!("CARGO_CRATE_NAME"),
|
||||
env!("CARGO_PKG_VERSION"),
|
||||
);
|
||||
if env::var_os(SANDBOX_ENV_FLAG).is_some() {
|
||||
eprintln!(
|
||||
"Sandbox mode is enabled. All changes made to the Coyote config will not persist to the host machine."
|
||||
);
|
||||
}
|
||||
)
|
||||
}
|
||||
|
||||
loop {
|
||||
@@ -339,9 +306,6 @@ Type ".help" for additional help.
|
||||
}
|
||||
Ok(Signal::CtrlC) => {
|
||||
self.abort_signal.set_ctrlc();
|
||||
if let Some(supervisor) = self.ctx.read().supervisor.clone() {
|
||||
supervisor.read().cancel_recursive();
|
||||
}
|
||||
println!("(To exit, press Ctrl+D or enter \".exit\")\n");
|
||||
}
|
||||
Ok(Signal::CtrlD) => {
|
||||
@@ -351,11 +315,6 @@ Type ".help" for additional help.
|
||||
_ => {}
|
||||
}
|
||||
}
|
||||
|
||||
if let Some(supervisor) = self.ctx.read().supervisor.clone() {
|
||||
supervisor.read().cancel_recursive();
|
||||
}
|
||||
|
||||
self.ctx.write().exit_session()?;
|
||||
Ok(())
|
||||
}
|
||||
@@ -476,7 +435,6 @@ pub async fn run_repl_command(
|
||||
abort_signal: AbortSignal,
|
||||
mut line: &str,
|
||||
) -> Result<bool> {
|
||||
ctx.pending_agents_guardrail_count = 0;
|
||||
if let Ok(Some(captures)) = MULTILINE_RE.captures(line)
|
||||
&& let Some(text_match) = captures.get(1)
|
||||
{
|
||||
@@ -505,14 +463,6 @@ pub async fn run_repl_command(
|
||||
let info = ctx.agent_info()?;
|
||||
print!("{info}");
|
||||
}
|
||||
Some("tools") => {
|
||||
let info = ctx.tools_info()?;
|
||||
print!("{info}");
|
||||
}
|
||||
Some("todo") => {
|
||||
let info = ctx.todo_info()?;
|
||||
print!("{info}");
|
||||
}
|
||||
Some(_) => unknown_command()?,
|
||||
None => {
|
||||
let app = Arc::clone(&ctx.app.config);
|
||||
@@ -758,8 +708,6 @@ pub async fn run_repl_command(
|
||||
let name = s.strip_prefix("skill").unwrap_or("").trim();
|
||||
if name.is_empty() {
|
||||
println!("Usage: .edit skill <name>");
|
||||
} else if let Err(e) = paths::validate_skill_name(name) {
|
||||
bail!(e);
|
||||
} else if !paths::has_skill(name) {
|
||||
bail!(
|
||||
"Skill '{name}' is not installed (expected at {})",
|
||||
@@ -995,13 +943,9 @@ pub async fn run_repl_command(
|
||||
_ => unknown_command()?,
|
||||
},
|
||||
None => {
|
||||
if let Some(cmd) = try_extract_shell_command(line) {
|
||||
handle_shell_passthrough(cmd)?;
|
||||
} else {
|
||||
reset_continuation(ctx);
|
||||
let input = Input::from_str(ctx, line, None)?;
|
||||
ask(ctx, abort_signal.clone(), input, true).await?;
|
||||
}
|
||||
reset_continuation(ctx);
|
||||
let input = Input::from_str(ctx, line, None)?;
|
||||
ask(ctx, abort_signal.clone(), input, true).await?;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1065,20 +1009,6 @@ async fn ask(
|
||||
)
|
||||
.await
|
||||
} else {
|
||||
match check_pending_agents_guardrail(ctx) {
|
||||
GuardrailAction::Inject(prompt) => {
|
||||
let guardrail_input = Input::from_str(ctx, &prompt, None)?;
|
||||
return ask(ctx, abort_signal, guardrail_input, false).await;
|
||||
}
|
||||
GuardrailAction::ForceTerminate(ids) => {
|
||||
warn!(
|
||||
"Pending-agent guardrail force-cancelled {} agent(s) after max reminders: {:?}",
|
||||
ids.len(),
|
||||
ids
|
||||
);
|
||||
}
|
||||
GuardrailAction::NoAction => {}
|
||||
}
|
||||
let do_continue = should_continue(ctx);
|
||||
|
||||
if do_continue {
|
||||
@@ -1217,12 +1147,10 @@ fn dump_repl_help() {
|
||||
.join("\n");
|
||||
println!(
|
||||
r###"{head}
|
||||
{:<24} Run an arbitrary shell command (stdout/stderr stream to your terminal; Ctrl+C interrupts)
|
||||
|
||||
Type ::: to start multi-line editing, type ::: to finish it.
|
||||
Press Ctrl+O to open an editor for editing the input buffer.
|
||||
Press Ctrl+C to cancel the response, Ctrl+D to exit the REPL."###,
|
||||
"!<command>",
|
||||
);
|
||||
}
|
||||
|
||||
@@ -1238,25 +1166,6 @@ fn parse_command(line: &str) -> Option<(&str, Option<&str>)> {
|
||||
}
|
||||
}
|
||||
|
||||
fn try_extract_shell_command(line: &str) -> Option<&str> {
|
||||
let rest = line.strip_prefix('!')?;
|
||||
Some(rest.trim_start())
|
||||
}
|
||||
|
||||
fn handle_shell_passthrough(cmd: &str) -> Result<()> {
|
||||
if cmd.is_empty() {
|
||||
eprintln!("Usage: !<command>");
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let status = run_command(&SHELL.cmd, &[&SHELL.arg, cmd], None)?;
|
||||
if status != 0 {
|
||||
eprintln!("[exit {status}]");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn split_first_arg(args: Option<&str>) -> Option<(&str, Option<&str>)> {
|
||||
args.map(|v| match v.split_once(' ') {
|
||||
Some((subcmd, args)) => (subcmd, Some(args.trim())),
|
||||
@@ -1415,8 +1324,8 @@ mod tests {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn repl_commands_has_49_entries() {
|
||||
assert_eq!(REPL_COMMANDS.len(), 49);
|
||||
fn repl_commands_has_44_entries() {
|
||||
assert_eq!(REPL_COMMANDS.len(), 44);
|
||||
}
|
||||
|
||||
#[test]
|
||||
@@ -1591,57 +1500,6 @@ mod tests {
|
||||
assert_eq!(parse_command("."), Some((".", None)));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_strips_bang() {
|
||||
assert_eq!(try_extract_shell_command("!ls"), Some("ls"));
|
||||
assert_eq!(try_extract_shell_command("!ls -la"), Some("ls -la"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_trims_inner_whitespace() {
|
||||
assert_eq!(try_extract_shell_command("! echo hi"), Some("echo hi"));
|
||||
assert_eq!(try_extract_shell_command("! ls"), Some("ls"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_only_bang_yields_empty() {
|
||||
assert_eq!(try_extract_shell_command("!"), Some(""));
|
||||
assert_eq!(try_extract_shell_command("! "), Some(""));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_rejects_leading_whitespace() {
|
||||
assert!(try_extract_shell_command(" !ls").is_none());
|
||||
assert!(try_extract_shell_command("\t!ls").is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_rejects_inline_bang() {
|
||||
assert!(try_extract_shell_command("echo !foo").is_none());
|
||||
assert!(try_extract_shell_command("hello world").is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_strips_one_leading_bang() {
|
||||
assert_eq!(try_extract_shell_command("!!ls"), Some("!ls"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn try_extract_shell_command_preserves_pipes_and_redirects() {
|
||||
assert_eq!(
|
||||
try_extract_shell_command("!ls -la | grep yaml"),
|
||||
Some("ls -la | grep yaml")
|
||||
);
|
||||
assert_eq!(
|
||||
try_extract_shell_command("!cat foo.txt > /tmp/out"),
|
||||
Some("cat foo.txt > /tmp/out")
|
||||
);
|
||||
assert_eq!(
|
||||
try_extract_shell_command(r#"!echo "$HOME""#),
|
||||
Some(r#"echo "$HOME""#)
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn split_first_arg_none_input() {
|
||||
assert!(split_first_arg(None).is_none());
|
||||
|
||||
@@ -1,237 +0,0 @@
|
||||
use std::env;
|
||||
use std::fs::{read_dir, read_to_string};
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
use anyhow::{Context, Result};
|
||||
use serde_yaml::Value;
|
||||
|
||||
use crate::config::paths;
|
||||
|
||||
const SBX_MIXIN_FILE_NAME: &str = "sbx-mixin.yaml";
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct DiscoveredMixin {
|
||||
pub path: PathBuf,
|
||||
pub label: String,
|
||||
pub install_count: usize,
|
||||
pub domain_count: usize,
|
||||
}
|
||||
|
||||
pub fn discover() -> Result<Vec<DiscoveredMixin>> {
|
||||
let mut out = Vec::new();
|
||||
|
||||
push_if_exists(&mut out, paths::sbx_mixin_file())?;
|
||||
push_if_exists(&mut out, paths::global_tools_sbx_mixin_file())?;
|
||||
|
||||
for path in collect_subdir_mixins(&paths::functions_dir()) {
|
||||
out.push(read_mixin(path)?);
|
||||
}
|
||||
for path in collect_subdir_mixins(&paths::agents_data_dir()) {
|
||||
out.push(read_mixin(path)?);
|
||||
}
|
||||
|
||||
if let Ok(cwd) = env::current_dir()
|
||||
&& let Some(path) = paths::find_workspace_sbx_mixin(&cwd)
|
||||
{
|
||||
out.push(read_mixin(path)?);
|
||||
}
|
||||
|
||||
Ok(out)
|
||||
}
|
||||
|
||||
pub fn summarize(path: &Path) -> Result<(usize, usize)> {
|
||||
let content = read_to_string(path)
|
||||
.with_context(|| format!("Failed to read sbx mixin {}", path.display()))?;
|
||||
let value: Value = serde_yaml::from_str(&content)
|
||||
.with_context(|| format!("Failed to parse sbx mixin {}", path.display()))?;
|
||||
|
||||
let installs = value
|
||||
.get("commands")
|
||||
.and_then(|c| c.get("install"))
|
||||
.and_then(|i| i.as_sequence())
|
||||
.map(|s| s.len())
|
||||
.unwrap_or(0);
|
||||
|
||||
let domains = value
|
||||
.get("network")
|
||||
.and_then(|n| n.get("allowedDomains"))
|
||||
.and_then(|d| d.as_sequence())
|
||||
.map(|s| s.len())
|
||||
.unwrap_or(0);
|
||||
|
||||
Ok((installs, domains))
|
||||
}
|
||||
|
||||
pub fn log_discovery(mixins: &[DiscoveredMixin], disabled: bool) {
|
||||
if disabled {
|
||||
info!("Mixin discovery disabled via --no-mixins.");
|
||||
return;
|
||||
}
|
||||
|
||||
if mixins.is_empty() {
|
||||
info!("No sbx mixins discovered.");
|
||||
return;
|
||||
}
|
||||
|
||||
let header = format!("Applying {} sbx mixin(s):", mixins.len());
|
||||
info!("{header}");
|
||||
println!("{header}");
|
||||
|
||||
for m in mixins {
|
||||
let line = format!(
|
||||
" {} (adds: {} install{}, {} domain{})",
|
||||
m.label,
|
||||
m.install_count,
|
||||
if m.install_count == 1 { "" } else { "s" },
|
||||
m.domain_count,
|
||||
if m.domain_count == 1 { "" } else { "s" },
|
||||
);
|
||||
info!("{line}");
|
||||
println!("{line}");
|
||||
}
|
||||
}
|
||||
|
||||
fn push_if_exists(out: &mut Vec<DiscoveredMixin>, path: PathBuf) -> Result<()> {
|
||||
if path.exists() {
|
||||
out.push(read_mixin(path)?);
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn read_mixin(path: PathBuf) -> Result<DiscoveredMixin> {
|
||||
let label = path.display().to_string();
|
||||
let (install_count, domain_count) = summarize(&path)?;
|
||||
|
||||
Ok(DiscoveredMixin {
|
||||
path,
|
||||
label,
|
||||
install_count,
|
||||
domain_count,
|
||||
})
|
||||
}
|
||||
|
||||
fn collect_subdir_mixins(dir: &Path) -> Vec<PathBuf> {
|
||||
let mut result = Vec::new();
|
||||
let Ok(rd) = read_dir(dir) else { return result };
|
||||
|
||||
let mut entries: Vec<_> = rd
|
||||
.flatten()
|
||||
.filter(|e| e.file_type().map(|t| t.is_dir()).unwrap_or(false))
|
||||
.collect();
|
||||
entries.sort_by_key(|e| e.file_name());
|
||||
|
||||
for entry in entries {
|
||||
let candidate = entry.path().join(SBX_MIXIN_FILE_NAME);
|
||||
if candidate.exists() {
|
||||
result.push(candidate);
|
||||
}
|
||||
}
|
||||
|
||||
result
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use std::fs;
|
||||
use std::time;
|
||||
|
||||
fn unique_root(prefix: &str) -> PathBuf {
|
||||
let nanos = time::SystemTime::now()
|
||||
.duration_since(time::UNIX_EPOCH)
|
||||
.unwrap()
|
||||
.as_nanos();
|
||||
let root = env::temp_dir().join(format!("coyote-{prefix}-{nanos}"));
|
||||
fs::create_dir_all(&root).unwrap();
|
||||
root
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn summarize_counts_installs_and_domains() {
|
||||
let root = unique_root("sbx-mixin-counts");
|
||||
let path = root.join("sbx-mixin.yaml");
|
||||
fs::write(
|
||||
&path,
|
||||
r#"
|
||||
schemaVersion: "1"
|
||||
kind: mixin
|
||||
commands:
|
||||
install:
|
||||
- command: "echo hi"
|
||||
- command: "echo bye"
|
||||
network:
|
||||
allowedDomains:
|
||||
- "a.example.com:443"
|
||||
- "b.example.com:443"
|
||||
- "c.example.com:443"
|
||||
"#,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(summarize(&path).unwrap(), (2, 3));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn summarize_treats_missing_blocks_as_zero() {
|
||||
let root = unique_root("sbx-mixin-empty");
|
||||
let path = root.join("sbx-mixin.yaml");
|
||||
fs::write(&path, "schemaVersion: \"1\"\nkind: mixin\n").unwrap();
|
||||
|
||||
assert_eq!(summarize(&path).unwrap(), (0, 0));
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn summarize_returns_err_on_malformed_yaml() {
|
||||
let root = unique_root("sbx-mixin-bad");
|
||||
let path = root.join("sbx-mixin.yaml");
|
||||
fs::write(&path, "this: is: not: yaml: ::").unwrap();
|
||||
|
||||
let err = summarize(&path).unwrap_err();
|
||||
let msg = format!("{err:#}");
|
||||
assert!(
|
||||
msg.contains(&path.display().to_string()),
|
||||
"expected error to mention path; got: {msg}"
|
||||
);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn collect_subdir_mixins_sorts_and_skips_missing() {
|
||||
let root = unique_root("sbx-mixin-subdirs");
|
||||
for name in ["zebra", "apple", "no-mixin", "mango"] {
|
||||
let dir = root.join(name);
|
||||
fs::create_dir_all(&dir).unwrap();
|
||||
if name != "no-mixin" {
|
||||
fs::write(dir.join("sbx-mixin.yaml"), "kind: mixin\n").unwrap();
|
||||
}
|
||||
}
|
||||
|
||||
let found = collect_subdir_mixins(&root);
|
||||
let names: Vec<String> = found
|
||||
.iter()
|
||||
.map(|p| {
|
||||
p.parent()
|
||||
.unwrap()
|
||||
.file_name()
|
||||
.unwrap()
|
||||
.to_string_lossy()
|
||||
.to_string()
|
||||
})
|
||||
.collect();
|
||||
assert_eq!(names, vec!["apple", "mango", "zebra"]);
|
||||
|
||||
let _ = fs::remove_dir_all(&root);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn collect_subdir_mixins_returns_empty_for_missing_dir() {
|
||||
let absent = env::temp_dir().join("coyote-definitely-not-here-xyz");
|
||||
let found = collect_subdir_mixins(&absent);
|
||||
assert!(found.is_empty());
|
||||
}
|
||||
}
|
||||
@@ -1,874 +0,0 @@
|
||||
use anyhow::{Context, Result, anyhow, bail};
|
||||
use rust_embed::RustEmbed;
|
||||
use sha2::{Digest, Sha256};
|
||||
use std::env;
|
||||
use std::fs;
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::process::{Command, Stdio};
|
||||
use which::which;
|
||||
|
||||
mod mixins;
|
||||
|
||||
use gman::providers::SupportedProvider;
|
||||
|
||||
use crate::config::paths;
|
||||
use crate::sandbox::mixins::DiscoveredMixin;
|
||||
use crate::utils::run_command_with_output;
|
||||
use crate::vault::Vault;
|
||||
|
||||
const SBX_BINARY: &str = "sbx";
|
||||
pub(crate) const SANDBOX_ENV_FLAG: &str = "IS_SANDBOX";
|
||||
const SANDBOX_AGENT: &str = "coyote";
|
||||
|
||||
#[derive(RustEmbed)]
|
||||
#[folder = "assets/sbx-kit/"]
|
||||
struct EmbeddedKit;
|
||||
|
||||
#[derive(RustEmbed)]
|
||||
#[folder = "assets/sbx-vault-mixins/"]
|
||||
struct EmbeddedVaultMixins;
|
||||
|
||||
pub fn launch(name: Option<String>, fresh: bool, no_mixins: bool) -> Result<()> {
|
||||
ensure_sbx_installed()?;
|
||||
bail_if_nested()?;
|
||||
|
||||
let name = resolve_name(name)?;
|
||||
let kit_path = resolve_kit_path()?;
|
||||
|
||||
let discovered = if no_mixins {
|
||||
Vec::new()
|
||||
} else {
|
||||
let mut all = mixins::discover()?;
|
||||
if let Ok(vault) = Vault::init_bare()
|
||||
&& let Some(vault_mixin) = extract_vault_mixin(&vault.provider)?
|
||||
{
|
||||
all.insert(0, vault_mixin);
|
||||
}
|
||||
all
|
||||
};
|
||||
|
||||
if sandbox_exists(&name)? {
|
||||
info!("Re-attaching to existing sandbox '{name}'");
|
||||
if fresh {
|
||||
debug!("--fresh ignored: re-attaching to existing sandbox '{name}'");
|
||||
}
|
||||
if no_mixins {
|
||||
debug!("--no-mixins ignored: re-attaching to existing sandbox '{name}'");
|
||||
}
|
||||
} else {
|
||||
mixins::log_discovery(&discovered, no_mixins);
|
||||
|
||||
if fresh {
|
||||
let msg = format!("Creating fresh sandbox '{name}' (no host config will be copied)");
|
||||
info!("{msg}");
|
||||
println!("{msg}");
|
||||
create_sandbox(&name, &kit_path, &discovered)?;
|
||||
} else {
|
||||
create_sandbox(&name, &kit_path, &discovered)?;
|
||||
copy_host_files(&name)?;
|
||||
}
|
||||
}
|
||||
|
||||
exec_run(&name, &kit_path)
|
||||
}
|
||||
|
||||
fn ensure_sbx_installed() -> Result<()> {
|
||||
which(SBX_BINARY).map_err(|_| {
|
||||
anyhow!(
|
||||
"`sbx` binary not found in PATH.\n\n\
|
||||
Install Docker Sandboxes:\n https://docs.docker.com/ai/sandboxes/get-started/"
|
||||
)
|
||||
})?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn bail_if_nested() -> Result<()> {
|
||||
if env::var_os(SANDBOX_ENV_FLAG).is_some() {
|
||||
bail!("Refusing to nest sandboxes: ${SANDBOX_ENV_FLAG} is set, already inside one");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn resolve_name(name: Option<String>) -> Result<String> {
|
||||
if let Some(n) = name {
|
||||
let trimmed = n.trim();
|
||||
if !trimmed.is_empty() {
|
||||
let sanitized = sanitize_name(trimmed);
|
||||
if sanitized.is_empty() {
|
||||
bail!("Sandbox name '{trimmed}' sanitizes to an empty string");
|
||||
}
|
||||
|
||||
return Ok(sanitized);
|
||||
}
|
||||
}
|
||||
|
||||
let cwd = env::current_dir().context("Failed to determine current directory")?;
|
||||
let basename = cwd
|
||||
.file_name()
|
||||
.and_then(|s| s.to_str())
|
||||
.ok_or_else(|| anyhow!("Could not derive sandbox name from current directory"))?;
|
||||
let sanitized = sanitize_name(basename);
|
||||
if sanitized.is_empty() {
|
||||
bail!("Could not derive a valid sandbox name from '{basename}'; pass --sandbox <NAME>");
|
||||
}
|
||||
|
||||
Ok(sanitized)
|
||||
}
|
||||
|
||||
fn sanitize_name(input: &str) -> String {
|
||||
let mut out = String::with_capacity(input.len());
|
||||
let mut last_was_dash = false;
|
||||
for ch in input.chars() {
|
||||
let lower = ch.to_ascii_lowercase();
|
||||
if lower.is_ascii_alphanumeric() {
|
||||
out.push(lower);
|
||||
last_was_dash = false;
|
||||
} else if !last_was_dash {
|
||||
out.push('-');
|
||||
last_was_dash = true;
|
||||
}
|
||||
}
|
||||
|
||||
out.trim_matches('-').to_string()
|
||||
}
|
||||
|
||||
fn resolve_kit_path() -> Result<PathBuf> {
|
||||
if let Some(path) = paths::sandbox_kit_override() {
|
||||
if !path.exists() {
|
||||
bail!(
|
||||
"$COYOTE_SANDBOX_KIT is set but path does not exist: {}",
|
||||
path.display()
|
||||
);
|
||||
}
|
||||
|
||||
debug!(
|
||||
"Using kit override from $COYOTE_SANDBOX_KIT: {}",
|
||||
path.display()
|
||||
);
|
||||
|
||||
return Ok(path);
|
||||
}
|
||||
|
||||
extract_embedded_kit()
|
||||
}
|
||||
|
||||
fn extract_embedded_kit() -> Result<PathBuf> {
|
||||
let cache_root = paths::sbx_kit_dir();
|
||||
let new_hash = compute_kit_hash()?;
|
||||
let hash_file = paths::sbx_kit_hash_file();
|
||||
if let Ok(existing) = fs::read_to_string(&hash_file)
|
||||
&& existing == new_hash
|
||||
{
|
||||
return Ok(cache_root);
|
||||
}
|
||||
|
||||
if cache_root.exists() {
|
||||
fs::remove_dir_all(&cache_root)
|
||||
.with_context(|| format!("Failed to clear stale kit at {}", cache_root.display()))?;
|
||||
}
|
||||
fs::create_dir_all(&cache_root)
|
||||
.with_context(|| format!("Failed to create {}", cache_root.display()))?;
|
||||
|
||||
for entry in EmbeddedKit::iter() {
|
||||
let file = EmbeddedKit::get(&entry)
|
||||
.ok_or_else(|| anyhow!("Embedded kit file missing during extraction: {entry}"))?;
|
||||
let dest = cache_root.join(entry.as_ref());
|
||||
if let Some(parent) = dest.parent() {
|
||||
fs::create_dir_all(parent)
|
||||
.with_context(|| format!("Failed to create {}", parent.display()))?;
|
||||
}
|
||||
|
||||
fs::write(&dest, &file.data)
|
||||
.with_context(|| format!("Failed to write {}", dest.display()))?;
|
||||
}
|
||||
|
||||
fs::write(&hash_file, &new_hash)
|
||||
.with_context(|| format!("Failed to write {}", hash_file.display()))?;
|
||||
debug!("Extracted embedded sbx-kit to {}", cache_root.display());
|
||||
|
||||
Ok(cache_root)
|
||||
}
|
||||
|
||||
fn compute_kit_hash() -> Result<String> {
|
||||
let mut hasher = Sha256::new();
|
||||
let mut entries: Vec<_> = EmbeddedKit::iter().collect();
|
||||
entries.sort();
|
||||
|
||||
for entry in &entries {
|
||||
let file = EmbeddedKit::get(entry)
|
||||
.ok_or_else(|| anyhow!("Embedded kit file missing during hash: {entry}"))?;
|
||||
hasher.update(entry.as_bytes());
|
||||
hasher.update(b"\0");
|
||||
hasher.update(&file.data);
|
||||
}
|
||||
|
||||
Ok(format!("{:x}", hasher.finalize()))
|
||||
}
|
||||
|
||||
fn extract_vault_mixin(provider: &SupportedProvider) -> Result<Option<DiscoveredMixin>> {
|
||||
let provider_dir = match provider {
|
||||
SupportedProvider::Local { .. } => return Ok(None),
|
||||
SupportedProvider::AwsSecretsManager { .. } => "aws_secrets_manager",
|
||||
SupportedProvider::GcpSecretManager { .. } => "gcp_secret_manager",
|
||||
SupportedProvider::AzureKeyVault { .. } => "azure_key_vault",
|
||||
SupportedProvider::Gopass { .. } => "gopass",
|
||||
SupportedProvider::OnePassword { .. } => "one_password",
|
||||
};
|
||||
|
||||
let cache_root = extract_vault_mixins_cache()?;
|
||||
let provider_root = cache_root.join(provider_dir);
|
||||
let spec_path = provider_root.join("spec.yaml");
|
||||
|
||||
if !spec_path.exists() {
|
||||
bail!(
|
||||
"Embedded vault mixin for '{provider_dir}' is missing spec.yaml at {}",
|
||||
spec_path.display()
|
||||
);
|
||||
}
|
||||
|
||||
let label = format!("<built-in: vault-{provider_dir}>");
|
||||
let (install_count, domain_count) = mixins::summarize(&spec_path)?;
|
||||
|
||||
Ok(Some(DiscoveredMixin {
|
||||
path: provider_root,
|
||||
label,
|
||||
install_count,
|
||||
domain_count,
|
||||
}))
|
||||
}
|
||||
|
||||
fn extract_vault_mixins_cache() -> Result<PathBuf> {
|
||||
let cache_root = paths::sbx_vault_mixins_dir();
|
||||
let new_hash = compute_vault_mixins_hash()?;
|
||||
let hash_file = paths::sbx_vault_mixins_hash_file();
|
||||
if let Ok(existing) = fs::read_to_string(&hash_file)
|
||||
&& existing == new_hash
|
||||
{
|
||||
return Ok(cache_root);
|
||||
}
|
||||
|
||||
if cache_root.exists() {
|
||||
fs::remove_dir_all(&cache_root).with_context(|| {
|
||||
format!(
|
||||
"Failed to clear stale vault mixins at {}",
|
||||
cache_root.display()
|
||||
)
|
||||
})?;
|
||||
}
|
||||
fs::create_dir_all(&cache_root)
|
||||
.with_context(|| format!("Failed to create {}", cache_root.display()))?;
|
||||
|
||||
for entry in EmbeddedVaultMixins::iter() {
|
||||
let file = EmbeddedVaultMixins::get(&entry).ok_or_else(|| {
|
||||
anyhow!("Embedded vault mixin file missing during extraction: {entry}")
|
||||
})?;
|
||||
let dest = cache_root.join(entry.as_ref());
|
||||
if let Some(parent) = dest.parent() {
|
||||
fs::create_dir_all(parent)
|
||||
.with_context(|| format!("Failed to create {}", parent.display()))?;
|
||||
}
|
||||
|
||||
fs::write(&dest, &file.data)
|
||||
.with_context(|| format!("Failed to write {}", dest.display()))?;
|
||||
}
|
||||
|
||||
fs::write(&hash_file, &new_hash)
|
||||
.with_context(|| format!("Failed to write {}", hash_file.display()))?;
|
||||
debug!(
|
||||
"Extracted embedded sbx-vault-mixins to {}",
|
||||
cache_root.display()
|
||||
);
|
||||
|
||||
Ok(cache_root)
|
||||
}
|
||||
|
||||
fn compute_vault_mixins_hash() -> Result<String> {
|
||||
let mut hasher = Sha256::new();
|
||||
let mut entries: Vec<_> = EmbeddedVaultMixins::iter().collect();
|
||||
entries.sort();
|
||||
|
||||
for entry in &entries {
|
||||
let file = EmbeddedVaultMixins::get(entry)
|
||||
.ok_or_else(|| anyhow!("Embedded vault mixin file missing during hash: {entry}"))?;
|
||||
hasher.update(entry.as_bytes());
|
||||
hasher.update(b"\0");
|
||||
hasher.update(&file.data);
|
||||
}
|
||||
|
||||
Ok(format!("{:x}", hasher.finalize()))
|
||||
}
|
||||
|
||||
fn sandbox_exists(name: &str) -> Result<bool> {
|
||||
let (success, stdout, stderr) =
|
||||
run_command_with_output(SBX_BINARY, &["ls"], None).context("Failed to run `sbx ls`")?;
|
||||
if !success {
|
||||
bail!("`sbx ls` failed: {stderr}");
|
||||
}
|
||||
|
||||
Ok(stdout
|
||||
.lines()
|
||||
.skip(1)
|
||||
.any(|line| line.split_whitespace().next() == Some(name)))
|
||||
}
|
||||
|
||||
fn create_sandbox(name: &str, kit_path: &Path, mixins: &[DiscoveredMixin]) -> Result<()> {
|
||||
info!("Creating sandbox '{name}'");
|
||||
let args = build_create_args(name, kit_path, mixins)?;
|
||||
let status = Command::new(SBX_BINARY)
|
||||
.args(&args)
|
||||
.stdin(Stdio::inherit())
|
||||
.stdout(Stdio::inherit())
|
||||
.stderr(Stdio::inherit())
|
||||
.status()
|
||||
.context("Failed to spawn `sbx create`")?;
|
||||
|
||||
if !status.success() {
|
||||
bail!("`sbx create` exited with {status}");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn build_create_args(
|
||||
name: &str,
|
||||
kit_path: &Path,
|
||||
mixins: &[DiscoveredMixin],
|
||||
) -> Result<Vec<String>> {
|
||||
let kit_str = kit_path
|
||||
.to_str()
|
||||
.ok_or_else(|| anyhow!("Kit path is not valid UTF-8: {}", kit_path.display()))?;
|
||||
|
||||
let mut args = vec![
|
||||
"create".to_string(),
|
||||
"--kit".to_string(),
|
||||
kit_str.to_string(),
|
||||
];
|
||||
|
||||
for mixin in mixins {
|
||||
let mixin_str = mixin
|
||||
.path
|
||||
.to_str()
|
||||
.ok_or_else(|| anyhow!("Mixin path is not valid UTF-8: {}", mixin.path.display()))?;
|
||||
args.push("--kit".to_string());
|
||||
args.push(mixin_str.to_string());
|
||||
}
|
||||
|
||||
args.push(SANDBOX_AGENT.to_string());
|
||||
args.push("--name".to_string());
|
||||
args.push(name.to_string());
|
||||
args.push(".".to_string());
|
||||
|
||||
Ok(args)
|
||||
}
|
||||
|
||||
fn copy_host_files(name: &str) -> Result<()> {
|
||||
let config_dir = paths::config_dir();
|
||||
let home_dir = dirs::home_dir().context("Could not determine home directory")?;
|
||||
|
||||
if config_dir.exists() {
|
||||
ensure_sandbox_dir(name, "/home/agent/.config")?;
|
||||
let src = format!("{}/", config_dir.display());
|
||||
let dest = format!("{name}:/home/agent/.config/");
|
||||
sbx_cp(&src, &dest)?;
|
||||
} else {
|
||||
debug!(
|
||||
"Skipping config copy: {} does not exist",
|
||||
config_dir.display()
|
||||
);
|
||||
}
|
||||
|
||||
match resolve_vault_password_file() {
|
||||
Some(password_file) if password_file.exists() => {
|
||||
let dest_path = host_to_sandbox_path(&password_file, &home_dir, cfg!(windows))?;
|
||||
if let Some(parent) = sandbox_path_parent(&dest_path)
|
||||
&& !parent.is_empty()
|
||||
{
|
||||
ensure_sandbox_dir(name, parent)?;
|
||||
}
|
||||
let dest = format!("{name}:{dest_path}");
|
||||
sbx_cp(&password_file.display().to_string(), &dest)?;
|
||||
}
|
||||
Some(password_file) => {
|
||||
debug!(
|
||||
"Skipping vault password copy: {} does not exist",
|
||||
password_file.display()
|
||||
);
|
||||
}
|
||||
None => {
|
||||
debug!("Skipping vault password copy: no local vault provider configured");
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn host_to_sandbox_path(
|
||||
host_path: &Path,
|
||||
home_dir: &Path,
|
||||
is_windows_host: bool,
|
||||
) -> Result<String> {
|
||||
let host_str = host_path.to_str().context("Host path is not valid UTF-8")?;
|
||||
let home_str = home_dir
|
||||
.to_str()
|
||||
.context("Home directory is not valid UTF-8")?;
|
||||
|
||||
if let Some(rel) = strip_host_home(host_str, home_str) {
|
||||
let unixified = rel.replace('\\', "/");
|
||||
return Ok(format!("/home/agent/{unixified}"));
|
||||
}
|
||||
|
||||
if is_windows_host {
|
||||
bail!(
|
||||
"Path '{host_str}' is outside your Windows user profile ({home_str}). \
|
||||
Sandbox mode cannot copy files from outside %USERPROFILE% into a Linux \
|
||||
sandbox. Move the file under your user profile and update your config \
|
||||
accordingly."
|
||||
);
|
||||
}
|
||||
|
||||
Ok(host_str.to_string())
|
||||
}
|
||||
|
||||
fn strip_host_home(path: &str, home: &str) -> Option<String> {
|
||||
let path_norm: String = path
|
||||
.chars()
|
||||
.map(|c| if c == '\\' { '/' } else { c })
|
||||
.collect();
|
||||
let home_norm: String = home
|
||||
.chars()
|
||||
.map(|c| if c == '\\' { '/' } else { c })
|
||||
.collect();
|
||||
let home_norm = home_norm.trim_end_matches('/');
|
||||
|
||||
if home_norm.is_empty() || path_norm.len() <= home_norm.len() {
|
||||
return None;
|
||||
}
|
||||
|
||||
let (head, tail) = path_norm.split_at(home_norm.len());
|
||||
if head != home_norm || !tail.starts_with('/') {
|
||||
return None;
|
||||
}
|
||||
|
||||
Some(tail[1..].to_string())
|
||||
}
|
||||
|
||||
fn sandbox_path_parent(linux_path: &str) -> Option<&str> {
|
||||
linux_path.rsplit_once('/').map(|(parent, _)| parent)
|
||||
}
|
||||
|
||||
fn ensure_sandbox_dir(sandbox: &str, dir: &str) -> Result<()> {
|
||||
let dir_q = shell_words::quote(dir);
|
||||
let cmd = format!("sudo mkdir -p {dir_q} && sudo chown agent:agent {dir_q}");
|
||||
|
||||
debug!("sbx exec {sandbox}: {cmd}");
|
||||
|
||||
let status = Command::new(SBX_BINARY)
|
||||
.args(["exec", sandbox, "sh", "-c", &cmd])
|
||||
.stdin(Stdio::inherit())
|
||||
.stdout(Stdio::inherit())
|
||||
.stderr(Stdio::inherit())
|
||||
.status()
|
||||
.context("Failed to spawn `sbx exec` to prepare destination directory")?;
|
||||
|
||||
if !status.success() {
|
||||
bail!("Preparing sandbox directory '{dir}' failed: sbx exec exited with {status}");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn resolve_vault_password_file() -> Option<PathBuf> {
|
||||
Vault::init_bare().ok()?.local_password_file().ok()
|
||||
}
|
||||
|
||||
fn sbx_cp(src: &str, dest: &str) -> Result<()> {
|
||||
debug!("sbx cp {src} {dest}");
|
||||
let status = Command::new(SBX_BINARY)
|
||||
.args(["cp", src, dest])
|
||||
.stdin(Stdio::inherit())
|
||||
.stdout(Stdio::inherit())
|
||||
.stderr(Stdio::inherit())
|
||||
.status()
|
||||
.context("Failed to spawn `sbx cp`")?;
|
||||
|
||||
if !status.success() {
|
||||
bail!("`sbx cp {src} {dest}` exited with {status}");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn exec_run(name: &str, kit_path: &Path) -> Result<()> {
|
||||
let kit_str = kit_path
|
||||
.to_str()
|
||||
.ok_or_else(|| anyhow!("Kit path is not valid UTF-8: {}", kit_path.display()))?;
|
||||
let status = Command::new(SBX_BINARY)
|
||||
.args(["run", name, "--kit", kit_str])
|
||||
.stdin(Stdio::inherit())
|
||||
.stdout(Stdio::inherit())
|
||||
.stderr(Stdio::inherit())
|
||||
.status()
|
||||
.context("Failed to spawn `sbx run`")?;
|
||||
|
||||
if !status.success() {
|
||||
bail!("`sbx run` exited with {status}");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_lowercases() {
|
||||
assert_eq!(sanitize_name("Foo"), "foo");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_replaces_non_alphanumeric() {
|
||||
assert_eq!(sanitize_name("hello world!"), "hello-world");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_collapses_dash_runs() {
|
||||
assert_eq!(sanitize_name("a___b"), "a-b");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_trims_dashes() {
|
||||
assert_eq!(sanitize_name("---hi---"), "hi");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_handles_mixed_input() {
|
||||
assert_eq!(sanitize_name("My Project (v2)"), "my-project-v2");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sanitize_name_all_invalid_yields_empty() {
|
||||
assert_eq!(sanitize_name("///"), "");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn resolve_name_uses_explicit_arg() {
|
||||
let n = resolve_name(Some("explicit-name".to_string())).unwrap();
|
||||
assert_eq!(n, "explicit-name");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn resolve_name_sanitizes_explicit_arg() {
|
||||
let n = resolve_name(Some("My Sandbox!".to_string())).unwrap();
|
||||
assert_eq!(n, "my-sandbox");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn resolve_name_rejects_empty_after_sanitize() {
|
||||
let err = resolve_name(Some("///".to_string()));
|
||||
assert!(err.is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn resolve_name_falls_back_to_cwd_when_none() {
|
||||
let n = resolve_name(None).unwrap();
|
||||
assert!(!n.is_empty());
|
||||
assert!(n.chars().all(|c| c.is_ascii_alphanumeric() || c == '-'));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn compute_kit_hash_is_deterministic() {
|
||||
let h1 = compute_kit_hash().unwrap();
|
||||
let h2 = compute_kit_hash().unwrap();
|
||||
|
||||
assert_eq!(h1, h2);
|
||||
assert_eq!(h1.len(), 64);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_create_args_emits_base_kit_before_mixins() {
|
||||
let kit = PathBuf::from("/cache/sbx-kit");
|
||||
let mixins = vec![
|
||||
DiscoveredMixin {
|
||||
path: PathBuf::from("/cfg/sbx-mixin.yaml"),
|
||||
label: "user".into(),
|
||||
install_count: 0,
|
||||
domain_count: 0,
|
||||
},
|
||||
DiscoveredMixin {
|
||||
path: PathBuf::from("/cfg/agents/sql/sbx-mixin.yaml"),
|
||||
label: "sql".into(),
|
||||
install_count: 0,
|
||||
domain_count: 0,
|
||||
},
|
||||
];
|
||||
|
||||
let args = build_create_args("my-box", &kit, &mixins).unwrap();
|
||||
|
||||
assert_eq!(
|
||||
args,
|
||||
vec![
|
||||
"create".to_string(),
|
||||
"--kit".to_string(),
|
||||
"/cache/sbx-kit".to_string(),
|
||||
"--kit".to_string(),
|
||||
"/cfg/sbx-mixin.yaml".to_string(),
|
||||
"--kit".to_string(),
|
||||
"/cfg/agents/sql/sbx-mixin.yaml".to_string(),
|
||||
"coyote".to_string(),
|
||||
"--name".to_string(),
|
||||
"my-box".to_string(),
|
||||
".".to_string(),
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn build_create_args_with_no_mixins_omits_mixin_kits() {
|
||||
let kit = PathBuf::from("/cache/sbx-kit");
|
||||
let args = build_create_args("box", &kit, &[]).unwrap();
|
||||
assert_eq!(
|
||||
args,
|
||||
vec![
|
||||
"create".to_string(),
|
||||
"--kit".to_string(),
|
||||
"/cache/sbx-kit".to_string(),
|
||||
"coyote".to_string(),
|
||||
"--name".to_string(),
|
||||
"box".to_string(),
|
||||
".".to_string(),
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
mod vault_mixins {
|
||||
use super::*;
|
||||
use gman::providers::aws_secrets_manager::AwsSecretsManagerProvider;
|
||||
use gman::providers::azure_key_vault::AzureKeyVaultProvider;
|
||||
use gman::providers::gcp_secret_manager::GcpSecretManagerProvider;
|
||||
use gman::providers::gopass::GopassProvider;
|
||||
use gman::providers::local::LocalProvider;
|
||||
use gman::providers::one_password::OnePasswordProvider;
|
||||
use serial_test::serial;
|
||||
|
||||
#[test]
|
||||
fn returns_none_for_local() {
|
||||
let p = SupportedProvider::Local {
|
||||
provider_def: LocalProvider::default(),
|
||||
};
|
||||
assert!(extract_vault_mixin(&p).unwrap().is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_some_for_aws() {
|
||||
let p = SupportedProvider::AwsSecretsManager {
|
||||
provider_def: AwsSecretsManagerProvider {
|
||||
aws_profile: None,
|
||||
aws_region: None,
|
||||
},
|
||||
};
|
||||
let m = extract_vault_mixin(&p)
|
||||
.unwrap()
|
||||
.expect("expected vault mixin");
|
||||
assert!(m.path.join("spec.yaml").exists());
|
||||
assert!(m.label.contains("aws_secrets_manager"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_some_for_gcp() {
|
||||
let p = SupportedProvider::GcpSecretManager {
|
||||
provider_def: GcpSecretManagerProvider {
|
||||
gcp_project_id: None,
|
||||
},
|
||||
};
|
||||
let m = extract_vault_mixin(&p)
|
||||
.unwrap()
|
||||
.expect("expected vault mixin");
|
||||
assert!(m.path.join("spec.yaml").exists());
|
||||
assert!(m.label.contains("gcp_secret_manager"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_some_for_one_password() {
|
||||
let p = SupportedProvider::OnePassword {
|
||||
provider_def: OnePasswordProvider {
|
||||
vault: None,
|
||||
account: None,
|
||||
},
|
||||
};
|
||||
let m = extract_vault_mixin(&p)
|
||||
.unwrap()
|
||||
.expect("expected vault mixin");
|
||||
assert!(m.path.join("spec.yaml").exists());
|
||||
assert!(m.label.contains("one_password"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_some_for_azure() {
|
||||
let p = SupportedProvider::AzureKeyVault {
|
||||
provider_def: AzureKeyVaultProvider { vault_name: None },
|
||||
};
|
||||
let m = extract_vault_mixin(&p)
|
||||
.unwrap()
|
||||
.expect("expected vault mixin");
|
||||
assert!(m.path.join("spec.yaml").exists());
|
||||
assert!(m.label.contains("azure_key_vault"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[serial]
|
||||
fn returns_some_for_gopass() {
|
||||
let p = SupportedProvider::Gopass {
|
||||
provider_def: GopassProvider { store: None },
|
||||
};
|
||||
let m = extract_vault_mixin(&p)
|
||||
.unwrap()
|
||||
.expect("expected vault mixin");
|
||||
assert!(m.path.join("spec.yaml").exists());
|
||||
assert!(m.label.contains("gopass"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn hash_is_deterministic() {
|
||||
let h1 = compute_vault_mixins_hash().unwrap();
|
||||
let h2 = compute_vault_mixins_hash().unwrap();
|
||||
assert_eq!(h1, h2);
|
||||
assert_eq!(h1.len(), 64);
|
||||
}
|
||||
}
|
||||
|
||||
mod host_to_sandbox_path_tests {
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn linux_under_home() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new("/home/atusa/.coyote_password"),
|
||||
Path::new("/home/atusa"),
|
||||
false,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/home/agent/.coyote_password");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn linux_nested_under_home() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new("/home/atusa/.config/coyote/.password"),
|
||||
Path::new("/home/atusa"),
|
||||
false,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/home/agent/.config/coyote/.password");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn linux_outside_home_returns_verbatim() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new("/etc/coyote/.password"),
|
||||
Path::new("/home/atusa"),
|
||||
false,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/etc/coyote/.password");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn macos_under_home_with_spaces() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new("/Users/atusa/Library/Application Support/coyote/.password"),
|
||||
Path::new("/Users/atusa"),
|
||||
false,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(
|
||||
dest,
|
||||
"/home/agent/Library/Application Support/coyote/.password"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn windows_under_home_converts_backslashes() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new(r"C:\Users\atusa\.coyote_password"),
|
||||
Path::new(r"C:\Users\atusa"),
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/home/agent/.coyote_password");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn windows_nested_under_home() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new(r"C:\Users\atusa\Documents\my\vault.txt"),
|
||||
Path::new(r"C:\Users\atusa"),
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/home/agent/Documents/my/vault.txt");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn windows_outside_home_bails_with_clear_error() {
|
||||
let err = host_to_sandbox_path(
|
||||
Path::new(r"C:\Program Files\Coyote\vault.txt"),
|
||||
Path::new(r"C:\Users\atusa"),
|
||||
true,
|
||||
)
|
||||
.unwrap_err();
|
||||
|
||||
let msg = err.to_string();
|
||||
assert!(
|
||||
msg.contains("Program Files"),
|
||||
"error should name the offending path: {msg}"
|
||||
);
|
||||
assert!(
|
||||
msg.contains("user profile"),
|
||||
"error should explain the limitation: {msg}"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn windows_tolerates_trailing_slash_in_home() {
|
||||
let dest = host_to_sandbox_path(
|
||||
Path::new(r"C:\Users\atusa\foo"),
|
||||
Path::new(r"C:\Users\atusa\"),
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(dest, "/home/agent/foo");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sandbox_path_parent_extracts_parent_for_nested() {
|
||||
assert_eq!(
|
||||
sandbox_path_parent("/home/agent/.coyote_password"),
|
||||
Some("/home/agent")
|
||||
);
|
||||
assert_eq!(
|
||||
sandbox_path_parent("/etc/coyote/.password"),
|
||||
Some("/etc/coyote")
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn sandbox_path_parent_handles_edge_cases() {
|
||||
assert_eq!(sandbox_path_parent("/file"), Some(""));
|
||||
assert_eq!(sandbox_path_parent("noparent"), None);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -5,7 +5,6 @@ pub mod taskqueue;
|
||||
use crate::utils::AbortSignal;
|
||||
use fmt::{Debug, Formatter};
|
||||
use mailbox::Inbox;
|
||||
use parking_lot::RwLock;
|
||||
use taskqueue::TaskQueue;
|
||||
|
||||
use anyhow::{Result, bail};
|
||||
@@ -34,7 +33,6 @@ pub struct AgentHandle {
|
||||
pub inbox: Arc<Inbox>,
|
||||
pub abort_signal: AbortSignal,
|
||||
pub join_handle: JoinHandle<Result<AgentResult>>,
|
||||
pub child_supervisor: Option<Arc<RwLock<Supervisor>>>,
|
||||
}
|
||||
|
||||
pub struct Supervisor {
|
||||
@@ -105,10 +103,6 @@ impl Supervisor {
|
||||
self.handles.get(id).map(|h| &h.inbox)
|
||||
}
|
||||
|
||||
pub fn abort_signal_for(&self, id: &str) -> Option<AbortSignal> {
|
||||
self.handles.get(id).map(|h| h.abort_signal.clone())
|
||||
}
|
||||
|
||||
pub fn list_agents(&self) -> Vec<(&str, &str)> {
|
||||
self.handles
|
||||
.values()
|
||||
@@ -121,15 +115,6 @@ impl Supervisor {
|
||||
handle.abort_signal.set_ctrlc();
|
||||
}
|
||||
}
|
||||
|
||||
pub fn cancel_recursive(&self) {
|
||||
for handle in self.handles.values() {
|
||||
handle.abort_signal.set_ctrlc();
|
||||
if let Some(child_sup) = handle.child_supervisor.as_ref() {
|
||||
child_sup.read().cancel_recursive();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl Debug for Supervisor {
|
||||
@@ -167,7 +152,6 @@ mod tests {
|
||||
inbox: Arc::new(Inbox::new()),
|
||||
abort_signal: create_abort_signal(),
|
||||
join_handle,
|
||||
child_supervisor: None,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
+14
-78
@@ -1,9 +1,6 @@
|
||||
mod utils;
|
||||
|
||||
use std::fs::read_to_string;
|
||||
use std::path::PathBuf;
|
||||
|
||||
use crate::config::paths;
|
||||
pub use utils::create_vault_password_file;
|
||||
pub use utils::interpolate_secrets;
|
||||
pub use utils::prompt_provider_choice;
|
||||
@@ -17,38 +14,11 @@ use gman::providers::SecretProvider;
|
||||
use gman::providers::SupportedProvider;
|
||||
use gman::providers::local::LocalProvider;
|
||||
use inquire::{Password, PasswordDisplayMode, required};
|
||||
use log::{info, warn};
|
||||
use serde_yaml::Value;
|
||||
use std::sync::{Arc, LazyLock};
|
||||
use tokio::runtime::Handle;
|
||||
use uuid::Uuid;
|
||||
|
||||
pub static SECRET_RE: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"\{\{([^{}]+)}}").unwrap());
|
||||
|
||||
fn apply_sandboxed_home_translation(provider_def: &mut LocalProvider) {
|
||||
let Some(ref pf) = provider_def.password_file else {
|
||||
return;
|
||||
};
|
||||
|
||||
if pf.exists() {
|
||||
return;
|
||||
}
|
||||
|
||||
let Some(translated) = paths::translate_sandboxed_home_path(pf) else {
|
||||
return;
|
||||
};
|
||||
|
||||
if !translated.exists() {
|
||||
return;
|
||||
}
|
||||
|
||||
info!(
|
||||
"vault password file '{}' not found; resolved to sandboxed path '{}'",
|
||||
pf.display(),
|
||||
translated.display()
|
||||
);
|
||||
provider_def.password_file = Some(translated);
|
||||
}
|
||||
pub static SECRET_RE: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"\{\{(.+)}}").unwrap());
|
||||
|
||||
#[derive(Debug, Default, Clone)]
|
||||
pub struct Vault {
|
||||
@@ -58,54 +28,22 @@ pub struct Vault {
|
||||
pub type GlobalVault = Arc<Vault>;
|
||||
|
||||
impl Vault {
|
||||
pub fn init_bare() -> Result<Self> {
|
||||
let config_path = paths::config_file();
|
||||
if !config_path.exists() {
|
||||
bail!(
|
||||
"Coyote config not found at {}. Run first-run setup before using the vault.",
|
||||
config_path.display()
|
||||
);
|
||||
}
|
||||
let content = read_to_string(&config_path)
|
||||
.with_context(|| format!("failed to read config at {}", config_path.display()))?;
|
||||
let value: Value = serde_yaml::from_str(&content)
|
||||
.with_context(|| format!("failed to parse config at {}", config_path.display()))?;
|
||||
|
||||
let provider = match value.get("secrets_provider") {
|
||||
Some(v) if !v.is_null() => serde_yaml::from_value::<SupportedProvider>(v.clone())
|
||||
.with_context(|| "failed to parse 'secrets_provider' from config")?,
|
||||
_ => {
|
||||
let password_file = value
|
||||
.get("vault_password_file")
|
||||
.and_then(|v| v.as_str())
|
||||
.map(PathBuf::from)
|
||||
.unwrap_or_else(|| AppConfig::default().vault_password_file());
|
||||
SupportedProvider::Local {
|
||||
provider_def: LocalProvider {
|
||||
password_file: Some(password_file),
|
||||
git_branch: None,
|
||||
..LocalProvider::default()
|
||||
},
|
||||
}
|
||||
}
|
||||
pub fn init_bare() -> Self {
|
||||
let vault_password_file = AppConfig::default().vault_password_file();
|
||||
let local_provider = LocalProvider {
|
||||
password_file: Some(vault_password_file),
|
||||
git_branch: None,
|
||||
..LocalProvider::default()
|
||||
};
|
||||
|
||||
Ok(Self { provider })
|
||||
}
|
||||
|
||||
pub fn default_local() -> Self {
|
||||
Self {
|
||||
provider: SupportedProvider::Local {
|
||||
provider_def: LocalProvider {
|
||||
password_file: Some(AppConfig::default().vault_password_file()),
|
||||
git_branch: None,
|
||||
..LocalProvider::default()
|
||||
},
|
||||
provider_def: local_provider,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
pub fn init(config: &AppConfig) -> Result<Self> {
|
||||
pub fn init(config: &AppConfig) -> Self {
|
||||
let mut provider = match &config.secrets_provider {
|
||||
Some(p) => p.clone(),
|
||||
None => SupportedProvider::Local {
|
||||
@@ -117,11 +55,11 @@ impl Vault {
|
||||
};
|
||||
|
||||
if let SupportedProvider::Local { provider_def } = &mut provider {
|
||||
apply_sandboxed_home_translation(provider_def);
|
||||
ensure_password_file_initialized(provider_def)?;
|
||||
ensure_password_file_initialized(provider_def)
|
||||
.expect("Failed to initialize password file");
|
||||
}
|
||||
|
||||
Ok(Self { provider })
|
||||
Self { provider }
|
||||
}
|
||||
|
||||
pub fn local_password_file(&self) -> Result<PathBuf> {
|
||||
@@ -239,7 +177,7 @@ impl Vault {
|
||||
|
||||
pub fn validate_round_trip(&self) -> Result<()> {
|
||||
const PROBE_VALUE: &str = "ok";
|
||||
let probe_key = format!("coyote-setup-probe-{}", Uuid::new_v4().simple());
|
||||
let probe_key = format!("__coyote_setup_probe_{}__", Uuid::new_v4().simple());
|
||||
|
||||
let h = Handle::current();
|
||||
let result: Result<()> = tokio::task::block_in_place(|| {
|
||||
@@ -254,9 +192,7 @@ impl Vault {
|
||||
.await
|
||||
.with_context(|| "vault read probe failed")?;
|
||||
if got != PROBE_VALUE {
|
||||
if let Err(cleanup_err) = self.provider_ref().delete_secret(&probe_key).await {
|
||||
warn!("vault probe cleanup failed for key '{probe_key}': {cleanup_err}");
|
||||
}
|
||||
let _ = self.provider_ref().delete_secret(&probe_key).await;
|
||||
bail!("vault read probe returned an unexpected value");
|
||||
}
|
||||
|
||||
|
||||
+3
-215
@@ -13,8 +13,7 @@ use gman::providers::one_password::OnePasswordProvider;
|
||||
use indoc::formatdoc;
|
||||
use inquire::validator::Validation;
|
||||
use inquire::{Confirm, Password, PasswordDisplayMode, Select, Text, min_length, required};
|
||||
use log::debug;
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::path::PathBuf;
|
||||
use std::process::Command;
|
||||
|
||||
pub fn ensure_password_file_initialized(local_provider: &mut LocalProvider) -> Result<()> {
|
||||
@@ -92,7 +91,6 @@ pub fn create_vault_password_file(vault: &mut Vault) -> Result<()> {
|
||||
match password {
|
||||
Ok(pw) => {
|
||||
std::fs::write(&vault_password_file, pw.as_bytes())?;
|
||||
set_password_file_permissions(&vault_password_file)?;
|
||||
println!(
|
||||
"✓ Password file '{}' updated.",
|
||||
vault_password_file.display()
|
||||
@@ -164,7 +162,6 @@ pub fn create_vault_password_file(vault: &mut Vault) -> Result<()> {
|
||||
match password {
|
||||
Ok(pw) => {
|
||||
std::fs::write(&password_file, pw.as_bytes())?;
|
||||
set_password_file_permissions(&password_file)?;
|
||||
local_provider.password_file = Some(password_file);
|
||||
println!(
|
||||
"✓ Password file '{}' created.",
|
||||
@@ -355,19 +352,6 @@ fn required_cli_preflight(label: &str, cli: &str, install_url: &str) {
|
||||
}
|
||||
|
||||
pub fn interpolate_secrets(content: &str, vault: &Vault) -> Result<(String, Vec<String>)> {
|
||||
interpolate_secrets_with(content, vault.auth_hint(), |name| {
|
||||
vault.get_secret(name, false)
|
||||
})
|
||||
}
|
||||
|
||||
fn interpolate_secrets_with<F>(
|
||||
content: &str,
|
||||
auth_hint: Option<&'static str>,
|
||||
mut get_secret: F,
|
||||
) -> Result<(String, Vec<String>)>
|
||||
where
|
||||
F: FnMut(&str) -> Result<String>,
|
||||
{
|
||||
let mut missing_secrets = vec![];
|
||||
let mut fatal_error: Option<anyhow::Error> = None;
|
||||
|
||||
@@ -385,7 +369,7 @@ where
|
||||
}
|
||||
|
||||
let name = caps[1].trim();
|
||||
match get_secret(name) {
|
||||
match vault.get_secret(name, false) {
|
||||
Ok(s) => s,
|
||||
Err(e) => match e.downcast_ref::<SecretError>() {
|
||||
Some(SecretError::NotFound { .. }) => {
|
||||
@@ -395,7 +379,7 @@ where
|
||||
Some(SecretError::AuthFailed { .. }) => {
|
||||
let base =
|
||||
format!("Failed to fetch secret '{name}' from vault: {e}");
|
||||
let msg = match auth_hint {
|
||||
let msg = match vault.auth_hint() {
|
||||
Some(hint) => format!("{base}\n\nHint: {hint}"),
|
||||
None => base,
|
||||
};
|
||||
@@ -422,199 +406,3 @@ where
|
||||
|
||||
Ok((parsed_content, missing_secrets))
|
||||
}
|
||||
|
||||
#[cfg(unix)]
|
||||
fn set_password_file_permissions(path: &Path) -> Result<()> {
|
||||
use std::os::unix::fs::PermissionsExt;
|
||||
std::fs::set_permissions(path, std::fs::Permissions::from_mode(0o600)).map_err(|e| {
|
||||
anyhow!(
|
||||
"Failed to set 0600 permissions on '{}': {e}",
|
||||
path.display()
|
||||
)
|
||||
})
|
||||
}
|
||||
|
||||
#[cfg(not(unix))]
|
||||
fn set_password_file_permissions(_path: &Path) -> Result<()> {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use anyhow::Error;
|
||||
use std::cell::RefCell;
|
||||
|
||||
fn not_found(name: &str) -> Error {
|
||||
Error::new(SecretError::NotFound {
|
||||
key: name.to_string(),
|
||||
provider: "test",
|
||||
})
|
||||
}
|
||||
|
||||
fn auth_failed() -> Error {
|
||||
Error::new(SecretError::AuthFailed {
|
||||
provider: "test",
|
||||
source: anyhow!("auth failure"),
|
||||
})
|
||||
}
|
||||
|
||||
struct Calls(RefCell<Vec<String>>);
|
||||
|
||||
impl Calls {
|
||||
fn new() -> Self {
|
||||
Self(RefCell::new(Vec::new()))
|
||||
}
|
||||
|
||||
fn record(&self, name: &str) {
|
||||
self.0.borrow_mut().push(name.to_string());
|
||||
}
|
||||
|
||||
fn snapshot(&self) -> Vec<String> {
|
||||
self.0.borrow().clone()
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn interpolates_single_secret_per_line() {
|
||||
let (out, missing) =
|
||||
interpolate_secrets_with("api_key={{API_KEY}}", None, |name| match name {
|
||||
"API_KEY" => Ok("sk-12345".to_string()),
|
||||
other => panic!("unexpected lookup: {other}"),
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(out, "api_key=sk-12345");
|
||||
assert!(missing.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn regex_matches_each_secret_independently_when_one_per_line() {
|
||||
let calls = Calls::new();
|
||||
let (out, missing) = interpolate_secrets_with("{{ONE}}\nmiddle\n{{TWO}}", None, |name| {
|
||||
calls.record(name);
|
||||
Ok(name.to_lowercase())
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(calls.snapshot(), vec!["ONE".to_string(), "TWO".to_string()]);
|
||||
assert_eq!(out, "one\nmiddle\ntwo");
|
||||
assert!(missing.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn skips_comment_lines() {
|
||||
let calls = Calls::new();
|
||||
|
||||
let (out, missing) =
|
||||
interpolate_secrets_with("# api_key={{NEVER_FETCHED}}\nreal={{S}}", None, |name| {
|
||||
calls.record(name);
|
||||
Ok("v".to_string())
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(out, "# api_key={{NEVER_FETCHED}}\nreal=v");
|
||||
assert!(missing.is_empty());
|
||||
assert_eq!(calls.snapshot(), vec!["S".to_string()]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn missing_secrets_become_empty_strings_and_are_reported() {
|
||||
let (out, missing) = interpolate_secrets_with(
|
||||
"a={{HAVE}}\nb={{MISSING_1}}\nc={{MISSING_2}}",
|
||||
None,
|
||||
|name| match name {
|
||||
"HAVE" => Ok("present".to_string()),
|
||||
missing => Err(not_found(missing)),
|
||||
},
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(out, "a=present\nb=\nc=");
|
||||
assert_eq!(
|
||||
missing,
|
||||
vec!["MISSING_1".to_string(), "MISSING_2".to_string()]
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn interpolates_multiple_secrets_on_same_line() {
|
||||
let calls = Calls::new();
|
||||
|
||||
let (out, missing) = interpolate_secrets_with("url={{URL}} key={{KEY}}", None, |name| {
|
||||
calls.record(name);
|
||||
match name {
|
||||
"URL" => Ok("https://example.test".to_string()),
|
||||
"KEY" => Ok("sk-12345".to_string()),
|
||||
other => panic!("unexpected lookup: {other}"),
|
||||
}
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(calls.snapshot(), vec!["URL".to_string(), "KEY".to_string()]);
|
||||
assert_eq!(out, "url=https://example.test key=sk-12345");
|
||||
assert!(missing.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn regex_rejects_braces_in_secret_names() {
|
||||
let calls = Calls::new();
|
||||
|
||||
let (out, missing) =
|
||||
interpolate_secrets_with("literal {{ {NOT_A_NAME} }} text", None, |name| {
|
||||
calls.record(name);
|
||||
Ok(format!("got-{name}"))
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
assert!(
|
||||
calls.snapshot().is_empty(),
|
||||
"name with embedded braces must not match"
|
||||
);
|
||||
assert_eq!(out, "literal {{ {NOT_A_NAME} }} text");
|
||||
assert!(missing.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn fatal_failure_short_circuits_remaining_lines() {
|
||||
let calls = Calls::new();
|
||||
|
||||
let result =
|
||||
interpolate_secrets_with("a={{S1}}\nb={{S2}}\nc={{S3}}\nd={{S4}}", None, |name| {
|
||||
calls.record(name);
|
||||
match name {
|
||||
"S1" => Ok("first".to_string()),
|
||||
"S2" => Err(auth_failed()),
|
||||
other => Ok(format!("late-{other}")),
|
||||
}
|
||||
});
|
||||
|
||||
let err = result.unwrap_err().to_string();
|
||||
assert!(
|
||||
err.contains("S2"),
|
||||
"error should name the offending secret, got: {err}"
|
||||
);
|
||||
assert_eq!(
|
||||
calls.snapshot(),
|
||||
vec!["S1".to_string(), "S2".to_string()],
|
||||
"lookups must stop at the failing secret - S3 and S4 should never be fetched"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn auth_failure_appends_hint_when_provided() {
|
||||
let result = interpolate_secrets_with(
|
||||
"k={{K}}",
|
||||
Some("run `coyote --authenticate` to reauth"),
|
||||
|_| Err(auth_failed()),
|
||||
);
|
||||
|
||||
let err = result.unwrap_err().to_string();
|
||||
|
||||
assert!(err.contains("Hint:"), "expected hint in error, got: {err}");
|
||||
assert!(
|
||||
err.contains("coyote --authenticate"),
|
||||
"expected hint contents, got: {err}"
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user