Teknium 0ff7c09e2f feat(mcp-oauth): stdin paste-back fallback for headless OAuth flow (#32053) ... When the user runs OAuth on a remote/SSH machine without a port forward, the OAuth provider redirects to http://127.0.0.1:<port>/callback which only the listener on the remote machine can receive — the user's browser on another box just shows a connection error. _wait_for_callback() now races the HTTP listener against a stdin reader on interactive TTYs. The user can copy the URL from the browser's address bar after authorization (which contains code=...&state=...) and paste it back at the prompt. Whichever fills the result dict first wins; the HTTP listener remains the primary path for local sessions and SSH tunnels. Accepts any of: - Full local redirect URL: http://127.0.0.1:N/callback?code=...&state=... - Provider URL after redirect: https://mcp.linear.app/callback?code=...&state=... - Just the query string: ?code=...&state=... or code=...&state=... The paste thread only spawns when _is_interactive() is true, preserving the existing 'no input() in headless runs' invariant — verified by TestWaitForCallbackPasteIntegration.test_paste_prompt_NOT_shown_when_noninteractive. The SSH-session hint in _redirect_handler is updated to surface the paste option as the primary remedy, with ssh -L tunneling as the alternative.		2026-05-25 05:20:05 -07:00
..
computer_use	fix(computer-use): skip capture_after when action failed (ok=False)	2026-05-22 01:19:01 -07:00
environments	feat(docker): remove gosu from bundled image; s6-setuidgid handles privilege drop	2026-05-24 18:05:33 -07:00
neutts_samples
__init__.py
ansi_strip.py
approval.py	fix(approval): harden YOLO bypass, LLM parsing, auto-approve audit, pipe pattern (#23835)	2026-05-25 03:35:33 -07:00
binary_extensions.py
browser_camofox.py	feat: auto-launch Chromium-family browser for CDP	2026-05-19 22:34:05 -07:00
browser_camofox_state.py
browser_cdp_tool.py	feat: auto-launch Chromium-family browser for CDP	2026-05-19 22:34:05 -07:00
browser_dialog_tool.py	feat: auto-launch Chromium-family browser for CDP	2026-05-19 22:34:05 -07:00
browser_supervisor.py	fix(async): close unscheduled coroutines in all threadsafe bridges (#26584)	2026-05-15 14:00:01 -07:00
browser_tool.py	fix(vision): route auxiliary.vision.provider=openai to api.openai.com, skip text-only main (#31452)	2026-05-24 15:01:28 -07:00
budget_config.py	chore: remove Atropos RL environments and tinker-atropos integration (#26106)	2026-05-15 10:36:38 +05:30
checkpoint_manager.py	chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)	2026-05-11 11:13:25 -07:00
clarify_gateway.py	feat(gateway): wire clarify tool with inline keyboard buttons on Telegram (#24199)	2026-05-12 16:33:33 -07:00
clarify_tool.py
code_execution_tool.py	fix(profiles): cross-profile soft guard on file-write tools + system-prompt hint (#31290)	2026-05-24 00:38:17 -07:00
computer_use_tool.py
credential_files.py
cronjob_tools.py	fix(cron): allow emoji ZWJ sequences in prompts	2026-05-19 00:10:43 -07:00
debug_helpers.py
delegate_tool.py	fix(delegation): preserve configured_provider name when runtime returns 'custom'	2026-05-17 11:40:05 -07:00
discord_tool.py
env_passthrough.py	harden(env_passthrough): apply GHSA-rhgp-j443-p4rf filter to config.yaml path (#27794)	2026-05-25 03:35:23 -07:00
fal_common.py	refactor(image_gen): port FAL backend to plugins/image_gen/fal	2026-05-22 04:10:45 -07:00
feishu_doc_tool.py
feishu_drive_tool.py
file_operations.py	fix(lint): skip per-file shell linter when LSP will handle the file (#29054)	2026-05-20 01:46:40 -05:00
file_state.py
file_tools.py	fix: reject read_file symlinks to blocking devices (#10133)	2026-05-25 05:07:38 -07:00
fuzzy_match.py	chore: ruff auto-fixes — collapsible-else-if, if-stmt-min-max, dict.fromkeys (#23926)	2026-05-11 11:03:29 -07:00
homeassistant_tool.py
image_generation_tool.py	refactor(image_gen): port FAL backend to plugins/image_gen/fal	2026-05-22 04:10:45 -07:00
interrupt.py
kanban_tools.py	feat(kanban): stamp originating ACP session_id on tasks	2026-05-18 21:15:21 -07:00
lazy_deps.py	feat(azure-foundry): add Microsoft Entra ID auth	2026-05-18 10:14:38 -07:00
managed_tool_gateway.py
mcp_oauth.py	feat(mcp-oauth): stdin paste-back fallback for headless OAuth flow (#32053)	2026-05-25 05:20:05 -07:00
mcp_oauth_manager.py
mcp_tool.py	fix(mcp): raise ImportError instead of NameError when stdio SDK missing (#31450)	2026-05-24 04:44:59 -07:00
memory_tool.py	fix(security): expand memory content scanning patterns to parity with skills guard (#9151)	2026-05-25 01:51:53 -07:00
microsoft_graph_auth.py
microsoft_graph_client.py
mixture_of_agents_tool.py	chore: ruff auto-fix C401, C416, C408, PLR1722 (#23940)	2026-05-11 11:20:58 -07:00
neutts_synth.py
openrouter_client.py
osv_check.py	chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)	2026-05-11 11:13:25 -07:00
patch_parser.py	fix(lint): skip per-file shell linter when LSP will handle the file (#29054)	2026-05-20 01:46:40 -05:00
path_security.py
process_registry.py	fix(process_registry): use taskkill /T /F for tree-kill on Windows	2026-05-23 20:30:29 -07:00
registry.py	security: sanitize tool error strings before injecting into model context (#26823)	2026-05-16 00:57:39 -07:00
schema_sanitizer.py	fix(xai-responses): strip enum values containing '/' from tool schemas	2026-05-18 10:37:35 -07:00
send_message_tool.py	refactor(gateway): migrate Mattermost adapter to bundled plugin	2026-05-24 18:05:33 -07:00
session_search_tool.py	feat(session_search): single-shape tool with discovery, scroll, browse — no LLM (#27590)	2026-05-17 23:28:45 -07:00
skill_manager_tool.py	fix(profiles): cross-profile soft guard on file-write tools + system-prompt hint (#31290)	2026-05-24 00:38:17 -07:00
skill_provenance.py
skill_usage.py	fix(skills): prune dependency/venv dirs from all skill scanners (#30042)	2026-05-21 14:18:02 -07:00
skills_ast_audit.py	refactor(skills): slim AST diagnostic to single entry point	2026-05-23 17:47:26 -07:00
skills_guard.py	Harden Skills Guard multi-word prompt patterns (#26852)	2026-05-25 01:51:27 -07:00
skills_hub.py	fix(skills,pairing): path traversal guard in uninstall, lock list_pending, hash file paths	2026-05-22 19:59:24 -07:00
skills_sync.py	fix(skills): prune dependency/venv dirs from all skill scanners (#30042)	2026-05-21 14:18:02 -07:00
skills_tool.py	fix(skills): prune dependency/venv dirs from all skill scanners (#30042)	2026-05-21 14:18:02 -07:00
slash_confirm.py	fix(async): close unscheduled coroutines in all threadsafe bridges (#26584)	2026-05-15 14:00:01 -07:00
terminal_tool.py	fix(terminal): warn at call time when background=true runs silently (#31289)	2026-05-23 21:02:14 -07:00
tirith_security.py	fix(tirith): suppress .app lookalike_tld false positives in warn verdicts	2026-05-18 10:20:07 -07:00
todo_tool.py	chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)	2026-05-11 11:13:25 -07:00
tool_backend_helpers.py
tool_output_limits.py
tool_result_storage.py	fix(tool-result-storage): persist via stdin to bypass 128 KB exec-arg cap (#22913)	2026-05-09 18:44:58 -07:00
transcription_tools.py	fix(transcription): reject symlinked audio inputs (#10082)	2026-05-25 05:07:45 -07:00
tts_tool.py	fix(tts): reject '..' traversal in output_path	2026-05-25 05:15:55 -07:00
url_safety.py	fix(url_safety): block IPv4-mapped IPv6 addresses to prevent SSRF bypass	2026-05-18 10:51:15 -07:00
video_generation_tool.py	chore: ruff auto-fix PLR6201 resweep — tuple → set in membership tests (#27355)	2026-05-17 02:29:41 -07:00
vision_tools.py	fix(vision): route auxiliary.vision.provider=openai to api.openai.com, skip text-only main (#31452)	2026-05-24 15:01:28 -07:00
voice_mode.py	fix(voice): chunk oversized CLI recordings	2026-05-21 14:17:39 -07:00
web_tools.py	feat(web): add xAI Web Search provider plugin	2026-05-19 19:27:34 -07:00
website_policy.py
x_search_tool.py	fix(x_search): surface degraded results + validate dates	2026-05-21 02:38:45 +05:30
xai_http.py	feat(web): add xAI Web Search provider plugin	2026-05-19 19:27:34 -07:00
yuanbao_tools.py	Fix unsafe gateway media path delivery	2026-05-23 01:40:35 -07:00