Closed
Conversation
This reverts commit 3c67ec0.
- Add /sources/add/$pluginKey route with optional ?url= search param - New SourcesAddPage reads plugin key from URL, renders plugin's add component - Remove useReducer state machine from SourcesPage (list/detecting/adding) - SourcesPage now only shows the list view; detect navigates to add route - Manual add buttons and presets are now <Link> elements to add routes - onComplete/onCancel in add flow navigate back to / with fresh state - Clicking 'Sources' in sidebar always returns to clean list view
…grade Improve LLM tool discovery and TS contract previews
…ting refactor: move source add flows to proper subpage routes
- Bind to 127.0.0.1 + ::1 instead of :: so the server works with both localhost and 127.0.0.1 on Windows without exposing to the LAN - Add host header validation to production server and vite dev server
…nding Fix localhost server binding for Windows IPv6 compatibility
…e/main Version Packages (beta)
…e/main Version Packages (beta)
…-responses Improve TypeScript preview token efficiency
- Add InlineCreateSecret component to create secrets during OAuth config - Add ClientSecretField with '+ New' button next to SecretPicker - Always rebuild web dist and set NODE_ENV=production in CLI build - Remove version badge from sidebar
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Drop changesets prerelease mode, ignore SDK/plugins in changesets (versioned independently), and update CLI changeset with full release notes.
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…ivan#182) * refactor(cloud): recompose API routing with Effect services * dont count resume as usage * refactor(cloud): use tagged API boundary errors * refactor(cloud): make API routing apps effect-native * fix(cloud): redirect auth callback on service errors * fix(cloud): scope shared services at request execution * style: format
…hysSullivan#183) * fix(api): harden plugin error boundaries and sanitize unknown failures * style: format * fix(mcp): prevent internal error message leakage in json-rpc responses * chore(cloud): remove unused auth error imports * chore: exclude generated route trees from oxlint and oxfmt * fix(cloud): add platform-node for api test typecheck * style: format
…ivan#167) * feat(sources): expose upstream url and render SourceFavicon Adds an optional `url` field on the `Source` SDK schema, the HTTP API response shape, and the handler projection. Each built-in plugin populates it with the relevant upstream endpoint: - `mcp`: remote transport's endpoint (undefined for stdio) - `graphql`: the configured endpoint - `openapi`: the spec baseUrl - `google-discovery`: the rootUrl Introduces `<SourceFavicon>`, a tiny component that extracts the base origin from the URL and resolves a favicon, with a skeleton placeholder while loading and a graceful fallback when the host doesn't serve one. Adopts it in both the cloud and local app shells — each sidebar entry now shows the upstream's favicon next to the source name, giving the list a much more recognizable "title-card" feel. Also renames the section header from "Configured" to "Sources". * use tldts for domain extraction, add BoxIcon fallback for built-in sources --------- Co-authored-by: Rhys Sullivan <39114868+RhysSullivan@users.noreply.github.com>
…ysSullivan#165) * feat(react): add CardStack primitive and adopt it across surfaces Introduces a new `<CardStack>` primitive (and its Entry/Content/ Header sub-components) in packages/react/src/components/card-stack.tsx that standardizes the grouped-card layout used across the app — one container style, consistent padding, hover affordances, and slotted title/description/action regions. Adopts it in four places that were previously reinventing the same pattern with hand-rolled `<div className="rounded-lg border ...">` markup: - Secrets page: each secret row becomes a `<CardStackEntry>` with title/description/actions slots. - Schema explorer: wrapped in `<CardStack>`/`<CardStackHeader>` with a computed field count. - Tool detail: schema and TypeScript sections use CardStack headers, plus a small `EmptySection` helper for consistent empty states. - Tool tree: recursive tree rendering is flattened into a row-based layout inside a CardStack wrapper. * fix(react): use Input/Button components in CardStack search (oxlint forbid-elements) * fix(ci): unblock typecheck and openapi test from main - annotate Plan types in billing_.plans to fix implicit any - set 60s timeout on Cloudflare real-specs describe block * style: apply oxfmt formatting
…#164) * feat(react/mcp-install-card): show agent provider logos The Connect-to-Agent card previously didn't make it obvious what "agent" meant in context. Surface Cursor, Claude, and OpenCode logos so users immediately understand which clients they can paste the install command into. Adds `@lobehub/icons` (and its transitive deps) as a dependency of @executor/react to supply the brand glyphs. * chore: regenerate bun.lock after merge * use Tabs component for transport switcher, fix localhost detection, use Mono icon for OpenCode --------- Co-authored-by: Rhys Sullivan <39114868+RhysSullivan@users.noreply.github.com>
* feat(react): add global command palette (⌘K) Introduces `<CommandPalette>`, a shared keyboard-driven navigator that lists sources grouped by plugin. Wired into both the cloud and local app shells so users can jump between sources without reaching for the sidebar. The palette is plugin-driven: each shell passes the set of source plugins it has loaded, and the component renders the entries grouped by plugin kind. * fix(react/command-palette): drop missing SourceFavicon and url field The sources/list API response has no url field, and source-favicon was never added to this branch. Typecheck was failing on both. * use SourceFavicon in command palette for connected sources * eagerly load shellscript syntax for instant bash highlighting * remove unused useEffect import from code-block --------- Co-authored-by: Rhys Sullivan <39114868+RhysSullivan@users.noreply.github.com>
…CRUD - Introduce PolicyDecision type (allow/deny/require_interaction/fallback) - Add get/update methods to PolicyEngine interface for individual policy ops - Restructure Policy schema: action→effect, match→toolPattern+approvalMode, add enabled field - Extract evaluatePolicyDecision into policy-eval.ts for centralized matching - Add ElicitationContext.approval for tracking policy vs annotation approvals
BREAKING: Drops columns name, action, matchToolPattern, matchSourceId. Storage namespaces bumped (policies→policies-v2, meta→meta-v2) in file backend. - Add get(policyId) and update(policyId, patch) methods - check() now evaluates policies via evaluatePolicyDecision - sortPoliciesByPrecedence applied to list results - Both storage backends migrated with updated tests
Adds list, create, get, update, and remove endpoints under /scopes/:scopeId/policies. Includes input validation (non-empty toolPattern, at least one field on update) and proper error responses (400, 404).
Adds PoliciesPage component with inline PolicyForm for create/edit flows, CardStack listing, permission badge, and enable/disable toggle. Wires up policiesAtom, createPolicy, updatePolicy, and removePolicy atoms. Route added in both cloud and local apps with Policies nav item in sidebar.
Adds approval field to the interaction object when elicitationContext.approval is present.
Tests policy enforcement through executor with annotated tools, including allow/deny scenarios based on policy effect and approvalMode settings.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
react-infinite-scroll-componentfor improved user experience when loading tools. Update component props to manage loading states and tool counts effectively. Refactor related components to support new features and ensure seamless integration with existing tool management logic.run_codetoexecuteacross the assistant and executor components. Update related documentation, tests, and internal references to ensure consistency. Remove unused code and streamline tool management processes..executor/executor.jsoncwith options: "quickjs", "ses", and "deno". Updated documentation and tests to reflect these changes. Implemented runtime selection logic in the control plane.