mirror of
https://github.com/leonvanzyl/autocoder.git
synced 2026-01-30 14:22:04 +00:00
f180e1933d
Implements feature locking to prevent multiple agent sessions from working on the same feature simultaneously. This is essential for parallel agent execution. Database changes: - Add `in_progress` boolean column to Feature model - Add migration function to handle existing databases MCP Server tools: - Add `feature_mark_in_progress` - lock feature when starting work - Add `feature_clear_in_progress` - unlock feature when abandoning - Update `feature_get_next` to skip in-progress features - Update `feature_get_stats` to include in_progress count - Update `feature_mark_passing` and `feature_skip` to clear in_progress Backend updates: - Update progress.py to track and display in_progress count - Update features router to properly categorize in-progress features - Update WebSocket to broadcast in_progress in progress updates - Add in_progress to FeatureResponse schema Frontend updates: - Add in_progress to TypeScript types (Feature, ProjectStats, WSProgressMessage) - Update useWebSocket hook to track in_progress state Prompt template: - Add instructions for agents to mark features in-progress immediately - Document new MCP tools in allowed tools section Also fixes spec_chat_session.py to use absolute project path instead of relative path for consistency with CLI behavior. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
176 lines
6.2 KiB
Python
176 lines
6.2 KiB
Python
"""
|
|
Claude SDK Client Configuration
|
|
===============================
|
|
|
|
Functions for creating and configuring the Claude Agent SDK client.
|
|
"""
|
|
|
|
import json
|
|
import os
|
|
import shutil
|
|
import sys
|
|
from pathlib import Path
|
|
|
|
from claude_agent_sdk import ClaudeAgentOptions, ClaudeSDKClient
|
|
from claude_agent_sdk.types import HookMatcher
|
|
|
|
from security import bash_security_hook
|
|
|
|
|
|
# Feature MCP tools for feature/test management
|
|
FEATURE_MCP_TOOLS = [
|
|
"mcp__features__feature_get_stats",
|
|
"mcp__features__feature_get_next",
|
|
"mcp__features__feature_get_for_regression",
|
|
"mcp__features__feature_mark_in_progress",
|
|
"mcp__features__feature_mark_passing",
|
|
"mcp__features__feature_skip",
|
|
"mcp__features__feature_create_bulk",
|
|
]
|
|
|
|
# Playwright MCP tools for browser automation
|
|
PLAYWRIGHT_TOOLS = [
|
|
# Core navigation & screenshots
|
|
"mcp__playwright__browser_navigate",
|
|
"mcp__playwright__browser_navigate_back",
|
|
"mcp__playwright__browser_take_screenshot",
|
|
"mcp__playwright__browser_snapshot",
|
|
|
|
# Element interaction
|
|
"mcp__playwright__browser_click",
|
|
"mcp__playwright__browser_type",
|
|
"mcp__playwright__browser_fill_form",
|
|
"mcp__playwright__browser_select_option",
|
|
"mcp__playwright__browser_hover",
|
|
"mcp__playwright__browser_drag",
|
|
"mcp__playwright__browser_press_key",
|
|
|
|
# JavaScript & debugging
|
|
"mcp__playwright__browser_evaluate",
|
|
"mcp__playwright__browser_run_code",
|
|
"mcp__playwright__browser_console_messages",
|
|
"mcp__playwright__browser_network_requests",
|
|
|
|
# Browser management
|
|
"mcp__playwright__browser_close",
|
|
"mcp__playwright__browser_resize",
|
|
"mcp__playwright__browser_tabs",
|
|
"mcp__playwright__browser_wait_for",
|
|
"mcp__playwright__browser_handle_dialog",
|
|
"mcp__playwright__browser_file_upload",
|
|
"mcp__playwright__browser_install",
|
|
]
|
|
|
|
# Built-in tools
|
|
BUILTIN_TOOLS = [
|
|
"Read",
|
|
"Write",
|
|
"Edit",
|
|
"Glob",
|
|
"Grep",
|
|
"Bash",
|
|
]
|
|
|
|
|
|
def create_client(project_dir: Path, model: str):
|
|
"""
|
|
Create a Claude Agent SDK client with multi-layered security.
|
|
|
|
Args:
|
|
project_dir: Directory for the project
|
|
model: Claude model to use
|
|
|
|
Returns:
|
|
Configured ClaudeSDKClient (from claude_agent_sdk)
|
|
|
|
Security layers (defense in depth):
|
|
1. Sandbox - OS-level bash command isolation prevents filesystem escape
|
|
2. Permissions - File operations restricted to project_dir only
|
|
3. Security hooks - Bash commands validated against an allowlist
|
|
(see security.py for ALLOWED_COMMANDS)
|
|
|
|
Note: Authentication is handled by start.bat/start.sh before this runs.
|
|
The Claude SDK auto-detects credentials from ~/.claude/.credentials.json
|
|
"""
|
|
# Create comprehensive security settings
|
|
# Note: Using relative paths ("./**") restricts access to project directory
|
|
# since cwd is set to project_dir
|
|
security_settings = {
|
|
"sandbox": {"enabled": True, "autoAllowBashIfSandboxed": True},
|
|
"permissions": {
|
|
"defaultMode": "acceptEdits", # Auto-approve edits within allowed directories
|
|
"allow": [
|
|
# Allow all file operations within the project directory
|
|
"Read(./**)",
|
|
"Write(./**)",
|
|
"Edit(./**)",
|
|
"Glob(./**)",
|
|
"Grep(./**)",
|
|
# Bash permission granted here, but actual commands are validated
|
|
# by the bash_security_hook (see security.py for allowed commands)
|
|
"Bash(*)",
|
|
# Allow Playwright MCP tools for browser automation
|
|
*PLAYWRIGHT_TOOLS,
|
|
# Allow Feature MCP tools for feature management
|
|
*FEATURE_MCP_TOOLS,
|
|
],
|
|
},
|
|
}
|
|
|
|
# Ensure project directory exists before creating settings file
|
|
project_dir.mkdir(parents=True, exist_ok=True)
|
|
|
|
# Write settings to a file in the project directory
|
|
settings_file = project_dir / ".claude_settings.json"
|
|
with open(settings_file, "w") as f:
|
|
json.dump(security_settings, f, indent=2)
|
|
|
|
print(f"Created security settings at {settings_file}")
|
|
print(" - Sandbox enabled (OS-level bash isolation)")
|
|
print(f" - Filesystem restricted to: {project_dir.resolve()}")
|
|
print(" - Bash commands restricted to allowlist (see security.py)")
|
|
print(" - MCP servers: playwright (browser), features (database)")
|
|
print(" - Project settings enabled (skills, commands, CLAUDE.md)")
|
|
print()
|
|
|
|
# Use system Claude CLI instead of bundled one (avoids Bun runtime crash on Windows)
|
|
system_cli = shutil.which("claude")
|
|
if system_cli:
|
|
print(f" - Using system CLI: {system_cli}")
|
|
else:
|
|
print(" - Warning: System Claude CLI not found, using bundled CLI")
|
|
|
|
return ClaudeSDKClient(
|
|
options=ClaudeAgentOptions(
|
|
model=model,
|
|
cli_path=system_cli, # Use system CLI to avoid bundled Bun crash (exit code 3)
|
|
system_prompt="You are an expert full-stack developer building a production-quality web application.",
|
|
setting_sources=["project"], # Enable skills, commands, and CLAUDE.md from project dir
|
|
max_buffer_size=10 * 1024 * 1024, # 10MB for large Playwright screenshots
|
|
allowed_tools=[
|
|
*BUILTIN_TOOLS,
|
|
*PLAYWRIGHT_TOOLS,
|
|
*FEATURE_MCP_TOOLS,
|
|
],
|
|
mcp_servers={
|
|
"playwright": {"command": "npx", "args": ["@playwright/mcp@latest", "--viewport-size", "1280x720"]},
|
|
"features": {
|
|
"command": sys.executable, # Use the same Python that's running this script
|
|
"args": ["-m", "mcp_server.feature_mcp"],
|
|
"env": {
|
|
"PROJECT_DIR": str(project_dir.resolve()),
|
|
"PYTHONPATH": str(Path(__file__).parent.resolve()),
|
|
},
|
|
},
|
|
},
|
|
hooks={
|
|
"PreToolUse": [
|
|
HookMatcher(matcher="Bash", hooks=[bash_security_hook]),
|
|
],
|
|
},
|
|
max_turns=1000,
|
|
cwd=str(project_dir.resolve()),
|
|
settings=str(settings_file.resolve()), # Use absolute path
|
|
)
|
|
)
|