Files
wehub-resource-sync 98e40dac97
CLI Smoke Test / smoke-test-linux (20) (push) Has been cancelled
CLI Smoke Test / smoke-test-linux (24) (push) Has been cancelled
CLI Smoke Test / smoke-test-windows (20) (push) Has been cancelled
CLI Smoke Test / smoke-test-windows (24) (push) Has been cancelled
Expo App TypeScript typecheck / typecheck (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:40:49 +08:00

189 lines
7.3 KiB
TypeScript

/**
* Codex MCP Client exploration script (legacy path).
*
* Connects to `codex mcp-server` directly (no daemon, no API, no session),
* sends a prompt, auto-approves permission requests, and prints all events.
*
* What this shows:
* 1. Elicitation payload compatibility with Codex-specific fields
* 2. MCP `action` + Codex `decision` response requirements
* 3. Sandbox/approval policy behavior under MCP transport
*
* Usage:
* npx tsx experiments/codex.ts
* npx tsx experiments/codex.ts "your prompt here"
* CWD=/some/project npx tsx experiments/codex.ts
*/
import { Client } from '@modelcontextprotocol/sdk/client/index.js';
import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
import { ElicitRequestSchema } from '@modelcontextprotocol/sdk/types.js';
import * as z4mini from 'zod/v4-mini';
import { z } from 'zod';
import { execSync } from 'child_process';
// ── Config ──────────────────────────────────────────────────────────────────
const PROMPT = process.argv[2] || 'curl google home page';
const WORK_DIR = process.env.CWD || '/Users/kirilldubovitskiy/projects/happy/happy/packages/happy-cli/demo-project';
const TIMEOUT = 60_000; // 60s hard timeout for the whole run
// 'on-request' triggers elicitation for commands; 'never' auto-approves everything
const APPROVAL_POLICY: 'untrusted' | 'on-failure' | 'on-request' | 'never' = 'on-request';
// 'read-only' + 'on-request' should trigger permission prompts for network/write commands
const SANDBOX: 'read-only' | 'workspace-write' | 'danger-full-access' = 'read-only';
// ── Helpers ─────────────────────────────────────────────────────────────────
function log(tag: string, ...args: unknown[]) {
const ts = new Date().toISOString().slice(11, 23);
console.log(`[${ts}] [${tag}]`, ...args);
}
function getCodexMcpCommand(): string {
const version = execSync('codex --version', { encoding: 'utf8' }).trim();
const match = version.match(/codex-cli\s+(\d+\.\d+\.\d+(?:-alpha\.\d+)?)/);
if (!match) throw new Error(`Cannot parse codex version: ${version}`);
const [major, minor] = match[1].split(/[-.]/).map(Number);
return (major > 0 || minor >= 43) ? 'mcp-server' : 'mcp';
}
/**
* Build a passthrough version of ElicitRequestSchema.
* The stock MCP SDK schema strips unknown params (like codex_call_id).
* We rebuild the params union with looseObject so they survive.
*/
function buildCodexElicitRequestSchema() {
const shape = (ElicitRequestSchema as any)._zod.def.shape;
const unionOptions: any[] = shape.params._zod.def.options;
const looseOptions = unionOptions.map((opt: any) => z4mini.looseObject(opt._zod.def.shape));
// Reuse the original method literal — Client.setRequestHandler checks `def.value`
// but z4mini.literal only has `def.values`, so using the original avoids the mismatch.
return z4mini.object({
method: shape.method,
params: z4mini.union(looseOptions as [any, any, ...any[]]),
});
}
// ── Main ────────────────────────────────────────────────────────────────────
async function main() {
const mcpCommand = getCodexMcpCommand();
log('INIT', `codex ${mcpCommand} | prompt="${PROMPT}" | cwd=${WORK_DIR}`);
// Hard timeout
const hardTimer = setTimeout(() => {
log('TIMEOUT', `Hard timeout (${TIMEOUT}ms) reached, exiting`);
process.exit(1);
}, TIMEOUT);
const client = new Client(
{ name: 'codex-experiment', version: '0.0.1' },
{ capabilities: { elicitation: {} } },
);
// Track permission requests for debugging
let elicitationCount = 0;
// Listen for codex/event notifications
client.setNotificationHandler(z.object({
method: z.literal('codex/event'),
params: z.object({ msg: z.any() }),
}).passthrough(), (data) => {
const msg = data.params.msg;
const type = msg?.type ?? 'unknown';
if (type === 'agent_reasoning_delta') {
process.stdout.write(msg.delta ?? '');
} else if (type === 'agent_message') {
log('MSG', msg.message);
} else if (type === 'exec_command_begin') {
log('EXEC', `$ ${msg.command}`);
} else if (type === 'exec_command_end') {
const out = (msg.output || msg.error || '').slice(0, 300);
log('EXEC', `→ ${out}`);
} else if (type === 'task_complete') {
log('DONE', 'task_complete');
} else if (type === 'turn_aborted') {
log('ABORT', 'turn_aborted');
} else {
log('EVENT', type, JSON.stringify(msg).slice(0, 200));
}
});
// Register elicitation handler (permission approval)
const CodexElicitSchema = buildCodexElicitRequestSchema();
client.setRequestHandler(CodexElicitSchema as any, async (request: any) => {
elicitationCount++;
const params = request.params;
const callId = params?.codex_call_id ?? '<missing>';
const cmd = params?.codex_command ?? [];
const cwd = params?.codex_cwd ?? '<unknown>';
log('PERM', `#${elicitationCount} call_id=${callId}`);
log('PERM', ` command: ${JSON.stringify(cmd)}`);
log('PERM', ` cwd: ${cwd}`);
log('PERM', ` message: ${(params?.message ?? '').slice(0, 120)}`);
// Verify codex_call_id is NOT stripped
if (!params?.codex_call_id) {
log('BUG', 'codex_call_id is MISSING — schema passthrough is broken!');
return { action: 'decline' as const };
}
log('PERM', '→ auto-approving');
// MCP elicitation expects `action` ('accept'|'decline'|'cancel').
// Codex also reads a custom `decision` field from the response.
return { action: 'accept' as const, decision: 'approved' as const };
});
// Create transport
const transport = new StdioClientTransport({
command: 'codex',
args: [mcpCommand],
});
log('CONNECT', 'Connecting to codex MCP server...');
await client.connect(transport);
log('CONNECT', 'Connected');
// Send prompt
log('SEND', `Calling codex tool with prompt: "${PROMPT}"`);
try {
const response = await client.callTool({
name: 'codex',
arguments: {
prompt: PROMPT,
'approval-policy': APPROVAL_POLICY,
sandbox: SANDBOX,
cwd: WORK_DIR,
},
}, undefined, {
timeout: TIMEOUT - 5000,
});
log('RESPONSE', JSON.stringify(response).slice(0, 500));
} catch (err) {
log('ERROR', err);
}
// Cleanup
clearTimeout(hardTimer);
log('CLEANUP', 'Closing client...');
try {
await client.close();
} catch {}
const pid = (transport as any).pid;
if (pid) {
try { process.kill(pid, 'SIGKILL'); } catch {}
}
log('EXIT', `Done. ${elicitationCount} permission requests handled.`);
process.exit(0);
}
main().catch((err) => {
console.error('Fatal:', err);
process.exit(1);
});