1package config
2
3import (
4 "bytes"
5 "cmp"
6 "context"
7 "errors"
8 "fmt"
9 "io"
10 "log/slog"
11 "maps"
12 "net/http"
13 "net/url"
14 "regexp"
15 "slices"
16 "strings"
17 "time"
18
19 "charm.land/catwalk/pkg/catwalk"
20 "github.com/charmbracelet/crush/internal/csync"
21 "github.com/charmbracelet/crush/internal/env"
22 "github.com/charmbracelet/crush/internal/oauth"
23 "github.com/charmbracelet/crush/internal/oauth/copilot"
24 "github.com/invopop/jsonschema"
25)
26
27const (
28 appName = "crush"
29 defaultDataDirectory = ".crush"
30 defaultInitializeAs = "AGENTS.md"
31)
32
33var defaultContextPaths = []string{
34 ".github/copilot-instructions.md",
35 ".cursorrules",
36 ".cursor/rules/",
37 "CLAUDE.md",
38 "CLAUDE.local.md",
39 "GEMINI.md",
40 "gemini.md",
41 "crush.md",
42 "crush.local.md",
43 "Crush.md",
44 "Crush.local.md",
45 "CRUSH.md",
46 "CRUSH.local.md",
47 "AGENTS.md",
48 "agents.md",
49 "Agents.md",
50}
51
52type SelectedModelType string
53
54// String returns the string representation of the [SelectedModelType].
55func (s SelectedModelType) String() string {
56 return string(s)
57}
58
59const (
60 SelectedModelTypeLarge SelectedModelType = "large"
61 SelectedModelTypeSmall SelectedModelType = "small"
62)
63
64const (
65 AgentCoder string = "coder"
66 AgentTask string = "task"
67)
68
69type SelectedModel struct {
70 // The model id as used by the provider API.
71 // Required.
72 Model string `json:"model" jsonschema:"required,description=The model ID as used by the provider API,example=gpt-4o"`
73 // The model provider, same as the key/id used in the providers config.
74 // Required.
75 Provider string `json:"provider" jsonschema:"required,description=The model provider ID that matches a key in the providers config,example=openai"`
76
77 // Only used by models that use the openai provider and need this set.
78 ReasoningEffort string `json:"reasoning_effort,omitempty" jsonschema:"description=Reasoning effort level for OpenAI models that support it,enum=low,enum=medium,enum=high"`
79
80 // Used by anthropic models that can reason to indicate if the model should think.
81 Think bool `json:"think,omitempty" jsonschema:"description=Enable thinking mode for Anthropic models that support reasoning"`
82
83 // Overrides the default model configuration.
84 MaxTokens int64 `json:"max_tokens,omitempty" jsonschema:"description=Maximum number of tokens for model responses,maximum=200000,example=4096"`
85 Temperature *float64 `json:"temperature,omitempty" jsonschema:"description=Sampling temperature,minimum=0,maximum=1,example=0.7"`
86 TopP *float64 `json:"top_p,omitempty" jsonschema:"description=Top-p (nucleus) sampling parameter,minimum=0,maximum=1,example=0.9"`
87 TopK *int64 `json:"top_k,omitempty" jsonschema:"description=Top-k sampling parameter"`
88 FrequencyPenalty *float64 `json:"frequency_penalty,omitempty" jsonschema:"description=Frequency penalty to reduce repetition"`
89 PresencePenalty *float64 `json:"presence_penalty,omitempty" jsonschema:"description=Presence penalty to increase topic diversity"`
90
91 // Override provider specific options.
92 ProviderOptions map[string]any `json:"provider_options,omitempty" jsonschema:"description=Additional provider-specific options for the model"`
93}
94
95type ProviderConfig struct {
96 // The provider's id.
97 ID string `json:"id,omitempty" jsonschema:"description=Unique identifier for the provider,example=openai"`
98 // The provider's name, used for display purposes.
99 Name string `json:"name,omitempty" jsonschema:"description=Human-readable name for the provider,example=OpenAI"`
100 // The provider's API endpoint.
101 BaseURL string `json:"base_url,omitempty" jsonschema:"description=Base URL for the provider's API,format=uri,example=https://api.openai.com/v1"`
102 // The provider type, e.g. "openai", "anthropic", etc. if empty it defaults to openai.
103 Type catwalk.Type `json:"type,omitempty" jsonschema:"description=Provider type that determines the API format,enum=openai,enum=openai-compat,enum=anthropic,enum=gemini,enum=azure,enum=vertexai,default=openai"`
104 // The provider's API key.
105 APIKey string `json:"api_key,omitempty" jsonschema:"description=API key for authentication with the provider,example=$OPENAI_API_KEY"`
106 // The original API key template before resolution (for re-resolution on auth errors).
107 APIKeyTemplate string `json:"-"`
108 // OAuthToken for providers that use OAuth2 authentication.
109 OAuthToken *oauth.Token `json:"oauth,omitempty" jsonschema:"description=OAuth2 token for authentication with the provider"`
110 // Marks the provider as disabled.
111 Disable bool `json:"disable,omitempty" jsonschema:"description=Whether this provider is disabled,default=false"`
112
113 // Custom system prompt prefix.
114 SystemPromptPrefix string `json:"system_prompt_prefix,omitempty" jsonschema:"description=Custom prefix to add to system prompts for this provider"`
115
116 // Extra headers to send with each request to the provider.
117 ExtraHeaders map[string]string `json:"extra_headers,omitempty" jsonschema:"description=Additional HTTP headers to send with requests"`
118 // Extra body
119 ExtraBody map[string]any `json:"extra_body,omitempty" jsonschema:"description=Additional fields to include in request bodies, only works with openai-compatible providers"`
120
121 ProviderOptions map[string]any `json:"provider_options,omitempty" jsonschema:"description=Additional provider-specific options for this provider"`
122
123 // Used to pass extra parameters to the provider.
124 ExtraParams map[string]string `json:"-"`
125
126 // The provider models
127 Models []catwalk.Model `json:"models,omitempty" jsonschema:"description=List of models available from this provider"`
128}
129
130// ToProvider converts the [ProviderConfig] to a [catwalk.Provider].
131func (c *ProviderConfig) ToProvider() catwalk.Provider {
132 // Convert config provider to provider.Provider format
133 provider := catwalk.Provider{
134 Name: c.Name,
135 ID: catwalk.InferenceProvider(c.ID),
136 Models: make([]catwalk.Model, len(c.Models)),
137 }
138
139 // Convert models
140 for i, model := range c.Models {
141 provider.Models[i] = catwalk.Model{
142 ID: model.ID,
143 Name: model.Name,
144 CostPer1MIn: model.CostPer1MIn,
145 CostPer1MOut: model.CostPer1MOut,
146 CostPer1MInCached: model.CostPer1MInCached,
147 CostPer1MOutCached: model.CostPer1MOutCached,
148 ContextWindow: model.ContextWindow,
149 DefaultMaxTokens: model.DefaultMaxTokens,
150 CanReason: model.CanReason,
151 ReasoningLevels: model.ReasoningLevels,
152 DefaultReasoningEffort: model.DefaultReasoningEffort,
153 SupportsImages: model.SupportsImages,
154 }
155 }
156
157 return provider
158}
159
160func (c *ProviderConfig) SetupGitHubCopilot() {
161 maps.Copy(c.ExtraHeaders, copilot.Headers())
162}
163
164type MCPType string
165
166const (
167 MCPStdio MCPType = "stdio"
168 MCPSSE MCPType = "sse"
169 MCPHttp MCPType = "http"
170)
171
172type MCPConfig struct {
173 Command string `json:"command,omitempty" jsonschema:"description=Command to execute for stdio MCP servers,example=npx"`
174 Env map[string]string `json:"env,omitempty" jsonschema:"description=Environment variables to set for the MCP server"`
175 Args []string `json:"args,omitempty" jsonschema:"description=Arguments to pass to the MCP server command"`
176 Type MCPType `json:"type" jsonschema:"required,description=Type of MCP connection,enum=stdio,enum=sse,enum=http,default=stdio"`
177 URL string `json:"url,omitempty" jsonschema:"description=URL for HTTP or SSE MCP servers,format=uri,example=http://localhost:3000/mcp"`
178 Disabled bool `json:"disabled,omitempty" jsonschema:"description=Whether this MCP server is disabled,default=false"`
179 DisabledTools []string `json:"disabled_tools,omitempty" jsonschema:"description=List of tools from this MCP server to disable,example=get-library-doc"`
180 Timeout int `json:"timeout,omitempty" jsonschema:"description=Timeout in seconds for MCP server connections,default=15,example=30,example=60,example=120"`
181
182 // TODO: maybe make it possible to get the value from the env
183 Headers map[string]string `json:"headers,omitempty" jsonschema:"description=HTTP headers for HTTP/SSE MCP servers"`
184}
185
186type LSPConfig struct {
187 Disabled bool `json:"disabled,omitempty" jsonschema:"description=Whether this LSP server is disabled,default=false"`
188 Command string `json:"command,omitempty" jsonschema:"description=Command to execute for the LSP server,example=gopls"`
189 Args []string `json:"args,omitempty" jsonschema:"description=Arguments to pass to the LSP server command"`
190 Env map[string]string `json:"env,omitempty" jsonschema:"description=Environment variables to set to the LSP server command"`
191 FileTypes []string `json:"filetypes,omitempty" jsonschema:"description=File types this LSP server handles,example=go,example=mod,example=rs,example=c,example=js,example=ts"`
192 RootMarkers []string `json:"root_markers,omitempty" jsonschema:"description=Files or directories that indicate the project root,example=go.mod,example=package.json,example=Cargo.toml"`
193 InitOptions map[string]any `json:"init_options,omitempty" jsonschema:"description=Initialization options passed to the LSP server during initialize request"`
194 Options map[string]any `json:"options,omitempty" jsonschema:"description=LSP server-specific settings passed during initialization"`
195 Timeout int `json:"timeout,omitempty" jsonschema:"description=Timeout in seconds for LSP server initialization,default=30,example=60,example=120"`
196}
197
198type TUIOptions struct {
199 CompactMode bool `json:"compact_mode,omitempty" jsonschema:"description=Enable compact mode for the TUI interface,default=false"`
200 DiffMode string `json:"diff_mode,omitempty" jsonschema:"description=Diff mode for the TUI interface,enum=unified,enum=split"`
201 // Here we can add themes later or any TUI related options
202 //
203
204 Completions Completions `json:"completions,omitzero" jsonschema:"description=Completions UI options"`
205 Transparent *bool `json:"transparent,omitempty" jsonschema:"description=Enable transparent background for the TUI interface,default=false"`
206}
207
208// Completions defines options for the completions UI.
209type Completions struct {
210 MaxDepth *int `json:"max_depth,omitempty" jsonschema:"description=Maximum depth for the ls tool,default=0,example=10"`
211 MaxItems *int `json:"max_items,omitempty" jsonschema:"description=Maximum number of items to return for the ls tool,default=1000,example=100"`
212}
213
214func (c Completions) Limits() (depth, items int) {
215 return ptrValOr(c.MaxDepth, 0), ptrValOr(c.MaxItems, 0)
216}
217
218type Permissions struct {
219 AllowedTools []string `json:"allowed_tools,omitempty" jsonschema:"description=List of tools that don't require permission prompts,example=bash,example=view"`
220}
221
222type TrailerStyle string
223
224const (
225 TrailerStyleNone TrailerStyle = "none"
226 TrailerStyleCoAuthoredBy TrailerStyle = "co-authored-by"
227 TrailerStyleAssistedBy TrailerStyle = "assisted-by"
228)
229
230type Attribution struct {
231 TrailerStyle TrailerStyle `json:"trailer_style,omitempty" jsonschema:"description=Style of attribution trailer to add to commits,enum=none,enum=co-authored-by,enum=assisted-by,default=assisted-by"`
232 CoAuthoredBy *bool `json:"co_authored_by,omitempty" jsonschema:"description=Deprecated: use trailer_style instead"`
233 GeneratedWith bool `json:"generated_with,omitempty" jsonschema:"description=Add Generated with Crush line to commit messages and issues and PRs,default=true"`
234}
235
236// JSONSchemaExtend marks the co_authored_by field as deprecated in the schema.
237func (Attribution) JSONSchemaExtend(schema *jsonschema.Schema) {
238 if schema.Properties != nil {
239 if prop, ok := schema.Properties.Get("co_authored_by"); ok {
240 prop.Deprecated = true
241 }
242 }
243}
244
245type Options struct {
246 ContextPaths []string `json:"context_paths,omitempty" jsonschema:"description=Paths to files containing context information for the AI,example=.cursorrules,example=CRUSH.md"`
247 SkillsPaths []string `json:"skills_paths,omitempty" jsonschema:"description=Paths to directories containing Agent Skills (folders with SKILL.md files),example=~/.config/crush/skills,example=./skills"`
248 TUI *TUIOptions `json:"tui,omitempty" jsonschema:"description=Terminal user interface options"`
249 Debug bool `json:"debug,omitempty" jsonschema:"description=Enable debug logging,default=false"`
250 DebugLSP bool `json:"debug_lsp,omitempty" jsonschema:"description=Enable debug logging for LSP servers,default=false"`
251 DisableAutoSummarize bool `json:"disable_auto_summarize,omitempty" jsonschema:"description=Disable automatic conversation summarization,default=false"`
252 DataDirectory string `json:"data_directory,omitempty" jsonschema:"description=Directory for storing application data (relative to working directory),default=.crush,example=.crush"` // Relative to the cwd
253 DisabledTools []string `json:"disabled_tools,omitempty" jsonschema:"description=List of built-in tools to disable and hide from the agent,example=bash,example=sourcegraph"`
254 DisableProviderAutoUpdate bool `json:"disable_provider_auto_update,omitempty" jsonschema:"description=Disable providers auto-update,default=false"`
255 DisableDefaultProviders bool `json:"disable_default_providers,omitempty" jsonschema:"description=Ignore all default/embedded providers. When enabled, providers must be fully specified in the config file with base_url, models, and api_key - no merging with defaults occurs,default=false"`
256 Attribution *Attribution `json:"attribution,omitempty" jsonschema:"description=Attribution settings for generated content"`
257 DisableMetrics bool `json:"disable_metrics,omitempty" jsonschema:"description=Disable sending metrics,default=false"`
258 InitializeAs string `json:"initialize_as,omitempty" jsonschema:"description=Name of the context file to create/update during project initialization,default=AGENTS.md,example=AGENTS.md,example=CRUSH.md,example=CLAUDE.md,example=docs/LLMs.md"`
259 AutoLSP *bool `json:"auto_lsp,omitempty" jsonschema:"description=Automatically setup LSPs based on root markers,default=true"`
260 Progress *bool `json:"progress,omitempty" jsonschema:"description=Show indeterminate progress updates during long operations,default=true"`
261 DisableNotifications bool `json:"disable_notifications,omitempty" jsonschema:"description=Disable desktop notifications,default=false"`
262 DisabledSkills []string `json:"disabled_skills,omitempty" jsonschema:"description=List of skill names to disable and hide from the agent,example=crush-config"`
263}
264
265type MCPs map[string]MCPConfig
266
267type MCP struct {
268 Name string `json:"name"`
269 MCP MCPConfig `json:"mcp"`
270}
271
272func (m MCPs) Sorted() []MCP {
273 sorted := make([]MCP, 0, len(m))
274 for k, v := range m {
275 sorted = append(sorted, MCP{
276 Name: k,
277 MCP: v,
278 })
279 }
280 slices.SortFunc(sorted, func(a, b MCP) int {
281 return strings.Compare(a.Name, b.Name)
282 })
283 return sorted
284}
285
286type LSPs map[string]LSPConfig
287
288type LSP struct {
289 Name string `json:"name"`
290 LSP LSPConfig `json:"lsp"`
291}
292
293func (l LSPs) Sorted() []LSP {
294 sorted := make([]LSP, 0, len(l))
295 for k, v := range l {
296 sorted = append(sorted, LSP{
297 Name: k,
298 LSP: v,
299 })
300 }
301 slices.SortFunc(sorted, func(a, b LSP) int {
302 return strings.Compare(a.Name, b.Name)
303 })
304 return sorted
305}
306
307func (l LSPConfig) ResolvedEnv() []string {
308 return resolveEnvs(l.Env)
309}
310
311func (m MCPConfig) ResolvedEnv() []string {
312 return resolveEnvs(m.Env)
313}
314
315func (m MCPConfig) ResolvedHeaders() map[string]string {
316 resolver := NewShellVariableResolver(env.New())
317 for e, v := range m.Headers {
318 var err error
319 m.Headers[e], err = resolver.ResolveValue(v)
320 if err != nil {
321 slog.Error("Error resolving header variable", "error", err, "variable", e, "value", v)
322 continue
323 }
324 }
325 return m.Headers
326}
327
328type Agent struct {
329 ID string `json:"id,omitempty"`
330 Name string `json:"name,omitempty"`
331 Description string `json:"description,omitempty"`
332 // This is the id of the system prompt used by the agent
333 Disabled bool `json:"disabled,omitempty"`
334
335 Model SelectedModelType `json:"model" jsonschema:"required,description=The model type to use for this agent,enum=large,enum=small,default=large"`
336
337 // The available tools for the agent
338 // if this is nil, all tools are available
339 AllowedTools []string `json:"allowed_tools,omitempty"`
340
341 // this tells us which MCPs are available for this agent
342 // if this is empty all mcps are available
343 // the string array is the list of tools from the AllowedMCP the agent has available
344 // if the string array is nil, all tools from the AllowedMCP are available
345 AllowedMCP map[string][]string `json:"allowed_mcp,omitempty"`
346
347 // Overrides the context paths for this agent
348 ContextPaths []string `json:"context_paths,omitempty"`
349}
350
351type Tools struct {
352 Ls ToolLs `json:"ls,omitzero"`
353 Grep ToolGrep `json:"grep,omitzero"`
354}
355
356type ToolLs struct {
357 MaxDepth *int `json:"max_depth,omitempty" jsonschema:"description=Maximum depth for the ls tool,default=0,example=10"`
358 MaxItems *int `json:"max_items,omitempty" jsonschema:"description=Maximum number of items to return for the ls tool,default=1000,example=100"`
359}
360
361// Limits returns the user-defined max-depth and max-items, or their defaults.
362func (t ToolLs) Limits() (depth, items int) {
363 return ptrValOr(t.MaxDepth, 0), ptrValOr(t.MaxItems, 0)
364}
365
366type ToolGrep struct {
367 Timeout *time.Duration `json:"timeout,omitempty" jsonschema:"description=Timeout for the grep tool call,default=5s,example=10s"`
368}
369
370// GetTimeout returns the user-defined timeout or the default.
371func (t ToolGrep) GetTimeout() time.Duration {
372 return ptrValOr(t.Timeout, 5*time.Second)
373}
374
375// HookConfig defines a user-configured shell command that fires on a hook
376// event (e.g. PreToolUse).
377type HookConfig struct {
378 // Regex pattern tested against the tool name. Empty means match all.
379 Matcher string `json:"matcher,omitempty" jsonschema:"description=Regex pattern tested against the tool name. Empty means match all tools."`
380 // Shell command to execute.
381 Command string `json:"command" jsonschema:"required,description=Shell command to execute when the hook fires"`
382 // Timeout in seconds. Default 30.
383 Timeout int `json:"timeout,omitempty" jsonschema:"description=Timeout in seconds for the hook command,default=30"`
384
385 // Compiled matcher regex. Not serialized.
386 matcherRegex *regexp.Regexp
387}
388
389// MatcherRegex returns the compiled matcher regex, or nil if no matcher is
390// set.
391func (h *HookConfig) MatcherRegex() *regexp.Regexp {
392 return h.matcherRegex
393}
394
395// TimeoutDuration returns the hook timeout as a time.Duration, defaulting
396// to 30s.
397func (h *HookConfig) TimeoutDuration() time.Duration {
398 if h.Timeout <= 0 {
399 return 30 * time.Second
400 }
401 return time.Duration(h.Timeout) * time.Second
402}
403
404// Config holds the configuration for crush.
405type Config struct {
406 Schema string `json:"$schema,omitempty"`
407
408 // We currently only support large/small as values here.
409 Models map[SelectedModelType]SelectedModel `json:"models,omitempty" jsonschema:"description=Model configurations for different model types,example={\"large\":{\"model\":\"gpt-4o\",\"provider\":\"openai\"}}"`
410
411 // Recently used models stored in the data directory config.
412 RecentModels map[SelectedModelType][]SelectedModel `json:"recent_models,omitempty" jsonschema:"-"`
413
414 // The providers that are configured
415 Providers *csync.Map[string, ProviderConfig] `json:"providers,omitempty" jsonschema:"description=AI provider configurations"`
416
417 MCP MCPs `json:"mcp,omitempty" jsonschema:"description=Model Context Protocol server configurations"`
418
419 LSP LSPs `json:"lsp,omitempty" jsonschema:"description=Language Server Protocol configurations"`
420
421 Options *Options `json:"options,omitempty" jsonschema:"description=General application options"`
422
423 Permissions *Permissions `json:"permissions,omitempty" jsonschema:"description=Permission settings for tool usage"`
424
425 Tools Tools `json:"tools,omitzero" jsonschema:"description=Tool configurations"`
426
427 Hooks map[string][]HookConfig `json:"hooks,omitempty" jsonschema:"description=User-defined shell commands that fire on hook events (e.g. PreToolUse)"`
428
429 Agents map[string]Agent `json:"-"`
430}
431
432func (c *Config) EnabledProviders() []ProviderConfig {
433 var enabled []ProviderConfig
434 for p := range c.Providers.Seq() {
435 if !p.Disable {
436 enabled = append(enabled, p)
437 }
438 }
439 return enabled
440}
441
442// IsConfigured return true if at least one provider is configured
443func (c *Config) IsConfigured() bool {
444 return len(c.EnabledProviders()) > 0
445}
446
447func (c *Config) GetModel(provider, model string) *catwalk.Model {
448 if providerConfig, ok := c.Providers.Get(provider); ok {
449 for _, m := range providerConfig.Models {
450 if m.ID == model {
451 return &m
452 }
453 }
454 }
455 return nil
456}
457
458func (c *Config) GetProviderForModel(modelType SelectedModelType) *ProviderConfig {
459 model, ok := c.Models[modelType]
460 if !ok {
461 return nil
462 }
463 if providerConfig, ok := c.Providers.Get(model.Provider); ok {
464 return &providerConfig
465 }
466 return nil
467}
468
469func (c *Config) GetModelByType(modelType SelectedModelType) *catwalk.Model {
470 model, ok := c.Models[modelType]
471 if !ok {
472 return nil
473 }
474 return c.GetModel(model.Provider, model.Model)
475}
476
477func (c *Config) LargeModel() *catwalk.Model {
478 model, ok := c.Models[SelectedModelTypeLarge]
479 if !ok {
480 return nil
481 }
482 return c.GetModel(model.Provider, model.Model)
483}
484
485func (c *Config) SmallModel() *catwalk.Model {
486 model, ok := c.Models[SelectedModelTypeSmall]
487 if !ok {
488 return nil
489 }
490 return c.GetModel(model.Provider, model.Model)
491}
492
493const maxRecentModelsPerType = 5
494
495func allToolNames() []string {
496 return []string{
497 "agent",
498 "bash",
499 "crush_info",
500 "crush_logs",
501 "job_output",
502 "job_kill",
503 "download",
504 "edit",
505 "multiedit",
506 "lsp_diagnostics",
507 "lsp_references",
508 "lsp_restart",
509 "fetch",
510 "agentic_fetch",
511 "glob",
512 "grep",
513 "ls",
514 "sourcegraph",
515 "todos",
516 "view",
517 "write",
518 "list_mcp_resources",
519 "read_mcp_resource",
520 }
521}
522
523func resolveAllowedTools(allTools []string, disabledTools []string) []string {
524 if disabledTools == nil {
525 return allTools
526 }
527 // filter out disabled tools (exclude mode)
528 return filterSlice(allTools, disabledTools, false)
529}
530
531func resolveReadOnlyTools(tools []string) []string {
532 readOnlyTools := []string{"glob", "grep", "ls", "sourcegraph", "view"}
533 // filter to only include tools that are in allowedtools (include mode)
534 return filterSlice(tools, readOnlyTools, true)
535}
536
537func filterSlice(data []string, mask []string, include bool) []string {
538 var filtered []string
539 for _, s := range data {
540 // if include is true, we include items that ARE in the mask
541 // if include is false, we include items that are NOT in the mask
542 if include == slices.Contains(mask, s) {
543 filtered = append(filtered, s)
544 }
545 }
546 return filtered
547}
548
549func (c *Config) SetupAgents() {
550 allowedTools := resolveAllowedTools(allToolNames(), c.Options.DisabledTools)
551
552 agents := map[string]Agent{
553 AgentCoder: {
554 ID: AgentCoder,
555 Name: "Coder",
556 Description: "An agent that helps with executing coding tasks.",
557 Model: SelectedModelTypeLarge,
558 ContextPaths: c.Options.ContextPaths,
559 AllowedTools: allowedTools,
560 },
561
562 AgentTask: {
563 ID: AgentTask,
564 Name: "Task",
565 Description: "An agent that helps with searching for context and finding implementation details.",
566 Model: SelectedModelTypeLarge,
567 ContextPaths: c.Options.ContextPaths,
568 AllowedTools: resolveReadOnlyTools(allowedTools),
569 // NO MCPs or LSPs by default
570 AllowedMCP: map[string][]string{},
571 },
572 }
573 c.Agents = agents
574}
575
576// API key validation lives between this block and [ProviderConfig.TestConnection]
577// below. See internal/config/VALIDATION.md for the full contract, the
578// per-provider probe table, the classifier inventory, and the checklist for
579// adding or changing a provider's validation behavior. Any change to
580// [buildValidationProbe], the classify* functions, or
581// [openaiCompatModelsAllowlist] must be reflected in that document.
582
583// ErrValidationUnsupported is returned from [ProviderConfig.TestConnection]
584// when the provider does not expose a deterministic endpoint that proves API
585// key authentication without performing inference. Callers should treat this
586// as "saved but not verified" rather than as a validation failure.
587var ErrValidationUnsupported = errors.New("provider does not expose a deterministic validation probe")
588
589// validationProbe describes a single HTTP request used to prove authentication
590// for a given provider configuration.
591type validationProbe struct {
592 method string
593 url string
594 headers map[string]string
595 body []byte
596 classify func(statusCode int) error
597}
598
599// classifyAuthGated treats the probe endpoint as one that is expected to
600// return 200 with a valid key and 401/403 with an invalid one. Any other
601// status is considered non-deterministic and reported as unsupported so the
602// UI can show "not verified" instead of a misleading "invalid key".
603func classifyAuthGated(c *ProviderConfig) func(int) error {
604 return func(status int) error {
605 switch status {
606 case http.StatusOK:
607 return nil
608 case http.StatusUnauthorized, http.StatusForbidden:
609 return fmt.Errorf("failed to connect to provider %s: %s", c.ID, http.StatusText(status))
610 default:
611 return ErrValidationUnsupported
612 }
613 }
614}
615
616// classifyOpenAIChatMalformed classifies responses from a deliberately
617// malformed POST {baseURL}/chat/completions probe. On most OpenAI-compatible
618// gateways authentication happens before schema validation, so 401/403 means
619// the key is bad while 400/422 means the key was accepted and only the body
620// was rejected. Anything else is treated as unsupported / transient.
621func classifyOpenAIChatMalformed(c *ProviderConfig) func(int) error {
622 return func(status int) error {
623 switch status {
624 case http.StatusUnauthorized, http.StatusForbidden:
625 return fmt.Errorf("failed to connect to provider %s: %s", c.ID, http.StatusText(status))
626 case http.StatusBadRequest, http.StatusUnprocessableEntity:
627 return nil
628 default:
629 return ErrValidationUnsupported
630 }
631 }
632}
633
634// classifyGoogleModels classifies responses from Google's
635// `/v1beta/models?key=…` probe. Google returns 400 INVALID_ARGUMENT for a
636// malformed or unknown API key, so 400/401/403 all indicate an invalid key.
637func classifyGoogleModels(c *ProviderConfig) func(int) error {
638 return func(status int) error {
639 switch status {
640 case http.StatusOK:
641 return nil
642 case http.StatusBadRequest, http.StatusUnauthorized, http.StatusForbidden:
643 return fmt.Errorf("failed to connect to provider %s: %s", c.ID, http.StatusText(status))
644 default:
645 return ErrValidationUnsupported
646 }
647 }
648}
649
650// classifyZAIModels preserves the historical ZAI-specific behaviour: the
651// `/models` endpoint returns a variety of non-200 statuses even with a valid
652// key, but reliably returns 401 when the key is bad. Treat 401 as invalid
653// and anything else as valid (the endpoint is authoritative about bad keys
654// but noisy about everything else).
655func classifyZAIModels(c *ProviderConfig) func(int) error {
656 return func(status int) error {
657 if status == http.StatusUnauthorized {
658 return fmt.Errorf("failed to connect to provider %s: %s", c.ID, http.StatusText(status))
659 }
660 return nil
661 }
662}
663
664// openaiCompatModelsAllowlist lists openai-compat providers whose `/models`
665// endpoint is known to authenticate the caller (i.e. return 401/403 for a
666// bad key rather than 200 with a public listing). New openai-compat
667// providers should NOT be added here unless their `/models` behaviour has
668// been confirmed to gate on auth — otherwise they should use the malformed
669// chat-completions probe or return [ErrValidationUnsupported].
670var openaiCompatModelsAllowlist = map[catwalk.InferenceProvider]struct{}{
671 "deepseek": {},
672 catwalk.InferenceProviderGROQ: {},
673 catwalk.InferenceProviderXAI: {},
674 catwalk.InferenceProviderZhipu: {},
675 catwalk.InferenceProviderZhipuCoding: {},
676 catwalk.InferenceProviderCerebras: {},
677 catwalk.InferenceProviderNebius: {},
678 catwalk.InferenceProviderCopilot: {},
679}
680
681// openaiCompatChatProbe builds a malformed-body POST /chat/completions probe
682// for OpenAI-compatible providers whose chat-completions endpoint is known to
683// gate on auth before validating the request body.
684func openaiCompatChatProbe(c *ProviderConfig, baseURL, apiKey string) (*validationProbe, error) {
685 if baseURL == "" {
686 return nil, ErrValidationUnsupported
687 }
688 return &validationProbe{
689 method: http.MethodPost,
690 url: baseURL + "/chat/completions",
691 headers: map[string]string{
692 "Authorization": "Bearer " + apiKey,
693 "Content-Type": "application/json",
694 },
695 // Intentionally malformed: required fields missing so the gateway
696 // rejects the payload after authenticating the caller.
697 body: []byte(`{"__crush_probe__": true}`),
698 classify: classifyOpenAIChatMalformed(c),
699 }, nil
700}
701
702// buildValidationProbe returns the probe to use for this provider, or a
703// sentinel error if verification is impossible without performing inference.
704// A nil probe with a nil error means "the key is valid by virtue of its
705// format and no network probe is necessary" (e.g. Bedrock/Vercel prefix
706// checks).
707func (c *ProviderConfig) buildValidationProbe(resolver VariableResolver) (*validationProbe, error) {
708 providerID := catwalk.InferenceProvider(c.ID)
709 apiKey, _ := resolver.ResolveValue(c.APIKey)
710 baseURL, _ := resolver.ResolveValue(c.BaseURL)
711
712 // Provider-ID-specific probes take precedence over type-based defaults.
713 switch providerID {
714 case catwalk.InferenceProviderMiniMax, catwalk.InferenceProviderMiniMaxChina:
715 base := cmp.Or(baseURL, "https://api.minimax.io/anthropic")
716 return &validationProbe{
717 method: http.MethodGet,
718 url: base + "/v1/models",
719 headers: map[string]string{
720 "x-api-key": apiKey,
721 "anthropic-version": "2023-06-01",
722 },
723 classify: classifyAuthGated(c),
724 }, nil
725 case catwalk.InferenceProviderVenice:
726 base := cmp.Or(baseURL, "https://api.venice.ai/api/v1")
727 return &validationProbe{
728 method: http.MethodGet,
729 url: base + "/api_keys/rate_limits",
730 headers: map[string]string{
731 "Authorization": "Bearer " + apiKey,
732 },
733 classify: classifyAuthGated(c),
734 }, nil
735 case catwalk.InferenceAIHubMix,
736 catwalk.InferenceProviderAvian,
737 catwalk.InferenceProviderCortecs,
738 catwalk.InferenceProviderHuggingFace,
739 catwalk.InferenceProviderIoNet,
740 catwalk.InferenceProviderOpenCodeGo,
741 catwalk.InferenceProviderOpenCodeZen,
742 catwalk.InferenceProviderQiniuCloud,
743 catwalk.InferenceProviderSynthetic:
744 return openaiCompatChatProbe(c, baseURL, apiKey)
745 case catwalk.InferenceProviderChutes, catwalk.InferenceProviderNeuralwatt:
746 // These providers have been observed to return ambiguous responses
747 // for unauthenticated requests, so we cannot safely validate.
748 return nil, ErrValidationUnsupported
749 case catwalk.InferenceProviderZAI:
750 // ZAI's `/models` endpoint is authoritative about bad keys (always
751 // 401) but returns assorted non-200 statuses for valid keys, so it
752 // needs its own classifier.
753 base := baseURL
754 if base == "" {
755 return nil, ErrValidationUnsupported
756 }
757 return &validationProbe{
758 method: http.MethodGet,
759 url: base + "/models",
760 headers: map[string]string{
761 "Authorization": "Bearer " + apiKey,
762 },
763 classify: classifyZAIModels(c),
764 }, nil
765 }
766
767 // Type-based defaults for providers without an explicit override.
768 switch c.Type {
769 case catwalk.TypeOpenAI:
770 base := cmp.Or(baseURL, "https://api.openai.com/v1")
771 return &validationProbe{
772 method: http.MethodGet,
773 url: base + "/models",
774 headers: map[string]string{
775 "Authorization": "Bearer " + apiKey,
776 },
777 classify: classifyAuthGated(c),
778 }, nil
779 case catwalk.TypeOpenRouter:
780 base := cmp.Or(baseURL, "https://openrouter.ai/api/v1")
781 return &validationProbe{
782 method: http.MethodGet,
783 url: base + "/credits",
784 headers: map[string]string{
785 "Authorization": "Bearer " + apiKey,
786 },
787 classify: classifyAuthGated(c),
788 }, nil
789 case catwalk.TypeAnthropic:
790 base := cmp.Or(baseURL, "https://api.anthropic.com/v1")
791 testURL := base + "/models"
792 if providerID == catwalk.InferenceKimiCoding {
793 testURL = base + "/v1/models"
794 }
795 return &validationProbe{
796 method: http.MethodGet,
797 url: testURL,
798 headers: map[string]string{
799 "x-api-key": apiKey,
800 "anthropic-version": "2023-06-01",
801 },
802 classify: classifyAuthGated(c),
803 }, nil
804 case catwalk.TypeGoogle:
805 base := cmp.Or(baseURL, "https://generativelanguage.googleapis.com")
806 return &validationProbe{
807 method: http.MethodGet,
808 url: base + "/v1beta/models?key=" + url.QueryEscape(apiKey),
809 classify: classifyGoogleModels(c),
810 }, nil
811 case catwalk.TypeBedrock:
812 // NOTE: Bedrock has a `/foundation-models` endpoint that we could in
813 // theory use, but apparently the authorization is region-specific,
814 // so it's not so trivial. Fall back to a prefix check.
815 if strings.HasPrefix(apiKey, "ABSK") {
816 return nil, nil
817 }
818 return nil, errors.New("not a valid bedrock api key")
819 case catwalk.TypeVercel:
820 // NOTE: Vercel does not validate API keys on the `/models` endpoint.
821 if strings.HasPrefix(apiKey, "vck_") {
822 return nil, nil
823 }
824 return nil, errors.New("not a valid vercel api key")
825 case catwalk.TypeOpenAICompat:
826 // Generic openai-compat providers often expose a public /models
827 // endpoint, so hitting it proves nothing about the caller's key.
828 // Only providers we've confirmed to gate /models on auth use the
829 // /models probe; everyone else needs an explicit override above or
830 // returns ErrValidationUnsupported.
831 if _, ok := openaiCompatModelsAllowlist[providerID]; !ok {
832 return nil, ErrValidationUnsupported
833 }
834 if baseURL == "" {
835 return nil, ErrValidationUnsupported
836 }
837 return &validationProbe{
838 method: http.MethodGet,
839 url: baseURL + "/models",
840 headers: map[string]string{
841 "Authorization": "Bearer " + apiKey,
842 },
843 classify: classifyAuthGated(c),
844 }, nil
845 }
846
847 return nil, ErrValidationUnsupported
848}
849
850// TestConnection attempts to prove that the configured API key authenticates
851// with the provider. It returns nil on confirmed success, [ErrValidationUnsupported]
852// when the provider has no deterministic validation probe, or a non-nil error
853// describing the validation failure.
854func (c *ProviderConfig) TestConnection(resolver VariableResolver) error {
855 probe, err := c.buildValidationProbe(resolver)
856 if err != nil {
857 return err
858 }
859 if probe == nil {
860 // A nil probe with no error means the configuration was accepted
861 // without needing a network round-trip (e.g. Bedrock/Vercel prefix
862 // checks).
863 return nil
864 }
865 if probe.url == "" {
866 return ErrValidationUnsupported
867 }
868
869 ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
870 defer cancel()
871
872 var body io.Reader
873 if len(probe.body) > 0 {
874 body = bytes.NewReader(probe.body)
875 }
876 req, err := http.NewRequestWithContext(ctx, probe.method, probe.url, body)
877 if err != nil {
878 // Probe construction failures shouldn't surface as low-signal user
879 // errors; treat them as "cannot verify" instead.
880 return ErrValidationUnsupported
881 }
882 for k, v := range probe.headers {
883 req.Header.Set(k, v)
884 }
885 for k, v := range c.ExtraHeaders {
886 req.Header.Set(k, v)
887 }
888
889 client := &http.Client{}
890 resp, err := client.Do(req)
891 if err != nil {
892 return fmt.Errorf("failed to connect to provider %s: %w", c.ID, err)
893 }
894 defer resp.Body.Close()
895
896 return probe.classify(resp.StatusCode)
897}
898
899func resolveEnvs(envs map[string]string) []string {
900 resolver := NewShellVariableResolver(env.New())
901 for e, v := range envs {
902 var err error
903 envs[e], err = resolver.ResolveValue(v)
904 if err != nil {
905 slog.Error("Error resolving environment variable", "error", err, "variable", e, "value", v)
906 continue
907 }
908 }
909
910 res := make([]string, 0, len(envs))
911 for k, v := range envs {
912 res = append(res, fmt.Sprintf("%s=%s", k, v))
913 }
914 return res
915}
916
917func ptrValOr[T any](t *T, el T) T {
918 if t == nil {
919 return el
920 }
921 return *t
922}