From 417318c2915d42c300ffaa101cb6a0aaaa86b3c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnaud=20H=C3=A9ritier?= Date: Fri, 29 May 2026 08:02:45 +0000 Subject: [PATCH 1/2] docs: sync documentation with recent code changes - Add --app-name, --sidebar, --disable-commands flags to docker agent run table - Add model_id field to after_llm_call hook payload docs - Rename cagent/ meta keys to docker-agent/ in remote-mcp OAuth section --- docs/configuration/hooks/index.md | 4 ++-- docs/features/cli/index.md | 3 +++ docs/features/remote-mcp/index.md | 12 ++++++------ 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/docs/configuration/hooks/index.md b/docs/configuration/hooks/index.md index 1ace6c7d4..ba3c985a8 100644 --- a/docs/configuration/hooks/index.md +++ b/docs/configuration/hooks/index.md @@ -256,7 +256,7 @@ In addition to the common fields, each event ships its own payload: | `turn_start` | _none_ (just the common fields) | | `turn_end` | `agent_name`, `reason` — one of `normal`, `continue`, `steered`, `error`, `canceled`, `hook_blocked`, `loop_detected` | | `before_llm_call` | `iteration` — 1-based run-loop iteration counter (the model call this hook is gating) | -| `after_llm_call` | `agent_name`, `stop_response`, `last_user_message` | +| `after_llm_call` | `agent_name`, `model_id`, `stop_response`, `last_user_message` | | `session_end` | `reason` — one of `clear`, `logout`, `prompt_input_exit`, `other` | | `pre_compact` | `source` — one of `manual`, `auto`, `overflow`, `tool_overflow` | | `before_compaction` | `input_tokens`, `output_tokens`, `context_limit`, `compaction_reason` (one of `threshold`/`overflow`/`manual`) | @@ -547,7 +547,7 @@ The `reason` field classifies the exit: `before_llm_call` fires immediately before every model call (after `turn_start` has assembled the messages). It cannot contribute context — use `turn_start` for that — but it can **stop the run** by returning `decision: block` (or exit code 2). The built-in `max_iterations` hook implements a hard cap on top of this event. -`after_llm_call` fires immediately after each successful model call, before the response is recorded into the session and tool calls are dispatched. The assistant text is in `stop_response`. Use it for response auditing, redaction logging, or quality metrics. Failed model calls fire `on_error` instead. +`after_llm_call` fires immediately after each successful model call, before the response is recorded into the session and tool calls are dispatched. The assistant text is in `stop_response`. The model used for the call is in `model_id` (e.g. `anthropic/claude-sonnet-4-5`). Use it for response auditing, redaction logging, or quality metrics. Failed model calls fire `on_error` instead. ### Before/After-Compaction: structured compaction control diff --git a/docs/features/cli/index.md b/docs/features/cli/index.md index 2a95ab37a..a6fa89370 100644 --- a/docs/features/cli/index.md +++ b/docs/features/cli/index.md @@ -37,6 +37,9 @@ $ docker agent run [config] [message...] [flags] | `--dry-run` | Initialize the agent without executing anything (useful for validating a config) | | `--remote ` | Use a remote runtime at the given address instead of running the agent locally | | `--lean` | Use a simplified TUI with minimal chrome | +| `--app-name ` | Application name shown in the TUI in place of "docker agent" | +| `--sidebar` | Show the sidebar in the TUI (set `--sidebar=false` to hide it) | +| `--disable-commands ` | Comma-separated list of slash commands to hide and disable in the TUI (e.g. `/cost,/eval,/model`) | | `--json` | Output results as newline-delimited JSON (use with `--exec`) | | `--hide-tool-calls` | Hide tool calls in the output | | `--hide-tool-results` | Hide tool call results in the output | diff --git a/docs/features/remote-mcp/index.md b/docs/features/remote-mcp/index.md index 70ee4083f..ae8de2c06 100644 --- a/docs/features/remote-mcp/index.md +++ b/docs/features/remote-mcp/index.md @@ -114,19 +114,19 @@ When running `docker-agent serve api` (no local browser, no callback server), th | Key | Value | | ---------------------------- | ---------------------------------------------------------------- | - | `cagent/type` | `"oauth_flow"` | - | `cagent/server_url` | The MCP server URL (for display / favicon) | - | `cagent/authorize_url` | The full URL the client should open in the user's browser | - | `cagent/state` | The `state` value the client must echo back when replying | + | `docker-agent/type` | `"oauth_flow"` | + | `docker-agent/server_url` | The MCP server URL (for display / favicon) | + | `docker-agent/authorize_url` | The full URL the client should open in the user's browser | + | `docker-agent/state` | The `state` value the client must echo back when replying | | `auth_server` | Issuer of the authorization server | | `auth_server_metadata` | RFC 8414 authorization-server metadata document | | `resource_metadata` | RFC 9728 protected-resource metadata document | - The client opens the browser at `cagent/authorize_url`, receives the OAuth callback at whatever endpoint the configured `redirect_uri` resolves to (typically a host-controlled bouncer that 302s into a deeplink), and replies to the elicitation with `accept` and `Content = {"code": "...", "state": "..."}`. The runtime verifies the `state`, exchanges the `code` at the token endpoint (using the same `redirect_uri` for RFC 6749 §4.1.3 binding), stores the token, and replays the original MCP request with `Authorization: Bearer ...`. + The client opens the browser at `docker-agent/authorize_url`, receives the OAuth callback at whatever endpoint the configured `redirect_uri` resolves to (typically a host-controlled bouncer that 302s into a deeplink), and replies to the elicitation with `accept` and `Content = {"code": "...", "state": "..."}`. The runtime verifies the `state`, exchanges the `code` at the token endpoint (using the same `redirect_uri` for RFC 6749 §4.1.3 binding), stores the token, and replays the original MCP request with `Authorization: Bearer ...`. - **Flag not set** (legacy): the runtime emits only `auth_server_metadata` + `resource_metadata`; the client is expected to drive the OAuth flow itself (PKCE, DCR, token exchange) and reply with `Content = {"access_token": "...", "refresh_token": "...", ...}`. -The legacy `{access_token, ...}` reply shape is still accepted on the `--mcp-oauth-redirect-uri` path too: a client that prefers to do the exchange itself can ignore the `cagent/authorize_url`/`cagent/state` keys. +The legacy `{access_token, ...}` reply shape is still accepted on the `--mcp-oauth-redirect-uri` path too: a client that prefers to do the exchange itself can ignore the `docker-agent/authorize_url`/`docker-agent/state` keys. A per-toolset `callbackRedirectURL` (in the YAML) overrides the runtime-wide `--mcp-oauth-redirect-uri` for that toolset. From 63d93a3876ed3dba9dbe3fd97923d96bfbe4660d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnaud=20H=C3=A9ritier?= Date: Fri, 29 May 2026 08:05:55 +0000 Subject: [PATCH 2/2] docs: clarify --sidebar default value in CLI reference --- docs/features/cli/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/features/cli/index.md b/docs/features/cli/index.md index a6fa89370..59b32ab63 100644 --- a/docs/features/cli/index.md +++ b/docs/features/cli/index.md @@ -38,7 +38,7 @@ $ docker agent run [config] [message...] [flags] | `--remote ` | Use a remote runtime at the given address instead of running the agent locally | | `--lean` | Use a simplified TUI with minimal chrome | | `--app-name ` | Application name shown in the TUI in place of "docker agent" | -| `--sidebar` | Show the sidebar in the TUI (set `--sidebar=false` to hide it) | +| `--sidebar` | Show the sidebar in the TUI; enabled by default (pass `--sidebar=false` to hide it) | | `--disable-commands ` | Comma-separated list of slash commands to hide and disable in the TUI (e.g. `/cost,/eval,/model`) | | `--json` | Output results as newline-delimited JSON (use with `--exec`) | | `--hide-tool-calls` | Hide tool calls in the output |