Add 1.1 update

h3xxit · h3xxit · commit 543134ead226 · 2025-11-30T22:10:33.000+01:00
diff --git a/packages/cli/src/cli_call_template.ts b/packages/cli/src/cli_call_template.ts
@@ -162,6 +162,7 @@ export interface CliCallTemplate extends CallTemplate {
   env_vars?: Record<string, string> | null;
   working_dir?: string | null;
   auth?: undefined;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -174,6 +175,7 @@ export const CliCallTemplateSchema: z.ZodType<CliCallTemplate> = z.object({
   env_vars: z.record(z.string(), z.string()).nullable().optional().describe('Environment variables to set when executing the commands'),
   working_dir: z.string().nullable().optional().describe('Working directory for command execution'),
   auth: z.undefined().optional(),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }).strict() as z.ZodType<CliCallTemplate>;
 
 /**
@@ -200,6 +202,7 @@ export class CliCallTemplateSerializer extends Serializer<CliCallTemplate> {
       env_vars: obj.env_vars,
       working_dir: obj.working_dir,
       auth: obj.auth,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/cli/src/index.ts b/packages/cli/src/index.ts
@@ -13,5 +13,8 @@ export function register(override: boolean = false): void {
   CommunicationProtocol.communicationProtocols['cli'] = new CliCommunicationProtocol();
 }
 
+// Automatically register CLI plugins on import
+register();
+
 export * from './cli_call_template';
 export * from './cli_communication_protocol';
diff --git a/packages/core/src/client/utcp_client.ts b/packages/core/src/client/utcp_client.ts
@@ -138,11 +138,26 @@ export class UtcpClient implements IUtcpClient {
     const result = await protocol.registerManual(this, processedCallTemplate);
 
     if (result.success) {
+      // Determine allowed protocols: use explicit list if provided, otherwise default to manual's own protocol
+      const allowedProtocols = (processedCallTemplate.allowed_communication_protocols?.length)
+        ? processedCallTemplate.allowed_communication_protocols
+        : [processedCallTemplate.call_template_type];
+
+      // Filter tools based on allowed protocols and prefix names
+      const filteredTools = [];
       for (const tool of result.manual.tools) {
+        const toolProtocol = tool.tool_call_template.call_template_type;
+        if (!allowedProtocols.includes(toolProtocol)) {
+          console.warn(`Tool '${tool.name}' uses communication protocol '${toolProtocol}' which is not in allowed protocols [${allowedProtocols.map(p => `'${p}'`).join(', ')}] for manual '${manualCallTemplate.name}'. Tool will not be registered.`);
+          continue;
+        }
         if (!tool.name.startsWith(`${processedCallTemplate.name}.`)) {
           tool.name = `${processedCallTemplate.name}.${tool.name}`;
         }
+        filteredTools.push(tool);
       }
+      result.manual.tools = filteredTools;
+
       await this.config.tool_repository.saveManual(processedCallTemplate, result.manual);
       console.log(`Successfully registered manual '${manualCallTemplate.name}' with ${result.manual.tools.length} tools.`);
     } else {
@@ -224,6 +239,16 @@ export class UtcpClient implements IUtcpClient {
         throw new Error(`Could not find manual call template for manual '${manualName}'.`);
     }
 
+    // Validate protocol is allowed
+    const toolProtocol = tool.tool_call_template.call_template_type;
+    const allowedProtocols = (manualCallTemplate.allowed_communication_protocols?.length)
+      ? manualCallTemplate.allowed_communication_protocols
+      : [manualCallTemplate.call_template_type];
+    
+    if (!allowedProtocols.includes(toolProtocol)) {
+      throw new Error(`Tool '${toolName}' uses communication protocol '${toolProtocol}' which is not allowed by manual '${manualName}'. Allowed protocols: [${allowedProtocols.map(p => `'${p}'`).join(', ')}]`);
+    }
+
     const processedToolCallTemplate = await this.substituteCallTemplateVariables(tool.tool_call_template, manualName);
 
     const protocol = this._registeredCommProtocols.get(processedToolCallTemplate.call_template_type);
@@ -263,6 +288,16 @@ export class UtcpClient implements IUtcpClient {
         throw new Error(`Could not find manual call template for manual '${manualName}'.`);
     }
 
+    // Validate protocol is allowed
+    const toolProtocol = tool.tool_call_template.call_template_type;
+    const allowedProtocols = (manualCallTemplate.allowed_communication_protocols?.length)
+      ? manualCallTemplate.allowed_communication_protocols
+      : [manualCallTemplate.call_template_type];
+    
+    if (!allowedProtocols.includes(toolProtocol)) {
+      throw new Error(`Tool '${toolName}' uses communication protocol '${toolProtocol}' which is not allowed by manual '${manualName}'. Allowed protocols: [${allowedProtocols.map(p => `'${p}'`).join(', ')}]`);
+    }
+
     const processedToolCallTemplate = await this.substituteCallTemplateVariables(tool.tool_call_template, manualName);
 
     const protocol = this._registeredCommProtocols.get(processedToolCallTemplate.call_template_type);
diff --git a/packages/core/src/data/call_template.ts b/packages/core/src/data/call_template.ts
@@ -23,6 +23,18 @@ export interface CallTemplate {
    */
   auth?: Auth;
 
+  /**
+   * Optional list of allowed communication protocol types for tools within this manual.
+   * 
+   * Behavior:
+   * - If undefined, null, or empty array → defaults to only allowing the manual's own call_template_type
+   * - If set to a non-empty array → only those protocol types are allowed
+   * 
+   * This provides secure-by-default behavior where a manual can only register/call tools
+   * that use its own protocol unless explicitly configured otherwise.
+   */
+  allowed_communication_protocols?: string[];
+
   [key: string]: any;
 }
 
diff --git a/packages/direct-call/src/direct_call_template.ts b/packages/direct-call/src/direct_call_template.ts
@@ -17,6 +17,7 @@ export interface DirectCallTemplate extends CallTemplate {
   call_template_type: 'direct-call';
   callable_name: string;
   auth?: undefined;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -27,6 +28,7 @@ export const DirectCallTemplateSchema: z.ZodType<DirectCallTemplate> = z.object(
   call_template_type: z.literal('direct-call'),
   callable_name: z.string().describe('The name of the callable function to invoke.'),
   auth: z.undefined().optional(),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }).strict() as z.ZodType<DirectCallTemplate>;
 
 /**
@@ -42,6 +44,7 @@ export class DirectCallTemplateSerializer extends Serializer<DirectCallTemplate>
       call_template_type: obj.call_template_type,
       callable_name: obj.callable_name,
       auth: obj.auth,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/file/src/file_call_template.ts b/packages/file/src/file_call_template.ts
@@ -23,6 +23,7 @@ export interface FileCallTemplate extends CallTemplate {
   file_path: string;
   auth?: undefined;
   auth_tools?: Auth | null;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -40,6 +41,7 @@ export const FileCallTemplateSchema: z.ZodType<FileCallTemplate> = z.object({
     }
     return val as Auth;
   }).describe('Authentication to apply to generated tools from OpenAPI specs.'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }).strict() as z.ZodType<FileCallTemplate>;
 
 /**
@@ -58,6 +60,7 @@ export class FileCallTemplateSerializer extends Serializer<FileCallTemplate> {
       file_path: obj.file_path,
       auth: obj.auth,
       auth_tools: obj.auth_tools ? new AuthSerializer().toDict(obj.auth_tools) : null,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/http/src/http_call_template.ts b/packages/http/src/http_call_template.ts
@@ -22,6 +22,7 @@ export interface HttpCallTemplate extends CallTemplate {
   body_field?: string;
   header_fields?: string[];
   auth_tools?: Auth | null;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -45,6 +46,7 @@ export const HttpCallTemplateSchema: z.ZodType<HttpCallTemplate> = z.object({
     }
     return val as Auth;
   }).describe('Authentication configuration for generated tools'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }) as z.ZodType<HttpCallTemplate>;
 
 /**
@@ -64,6 +66,7 @@ export class HttpCallTemplateSerializer extends Serializer<HttpCallTemplate> {
       headers: obj.headers,
       body_field: obj.body_field,
       header_fields: obj.header_fields,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/http/src/sse_call_template.ts b/packages/http/src/sse_call_template.ts
@@ -33,6 +33,7 @@ export interface SseCallTemplate extends CallTemplate {
   headers?: Record<string, string>;
   body_field?: string | null;
   header_fields?: string[] | null;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -49,6 +50,7 @@ export const SseCallTemplateSchema: z.ZodType<SseCallTemplate> = z.object({
   headers: z.record(z.string(), z.string()).optional().describe('Optional static headers for the initial connection.'),
   body_field: z.string().nullable().optional().describe('The name of the single input field to be sent as the request body.'),
   header_fields: z.array(z.string()).nullable().optional().describe('List of input fields to be sent as request headers for the initial connection.'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }) as z.ZodType<SseCallTemplate>;
 
 /**
@@ -72,6 +74,7 @@ export class SseCallTemplateSerializer extends Serializer<SseCallTemplate> {
       headers: obj.headers,
       body_field: obj.body_field,
       header_fields: obj.header_fields,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/http/src/streamable_http_call_template.ts b/packages/http/src/streamable_http_call_template.ts
@@ -35,6 +35,7 @@ export interface StreamableHttpCallTemplate extends CallTemplate {
   headers?: Record<string, string>;
   body_field?: string | null;
   header_fields?: string[] | null;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -52,6 +53,7 @@ export const StreamableHttpCallTemplateSchema: z.ZodType<StreamableHttpCallTempl
   headers: z.record(z.string(), z.string()).optional().describe('Optional static headers to include in requests.'),
   body_field: z.string().nullable().optional().describe('The name of the single input field to be sent as the request body.'),
   header_fields: z.array(z.string()).nullable().optional().describe('List of input fields to be sent as request headers.'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }) as z.ZodType<StreamableHttpCallTemplate>;
 
 /**
@@ -76,6 +78,7 @@ export class StreamableHttpCallTemplateSerializer extends Serializer<StreamableH
       headers: obj.headers,
       body_field: obj.body_field,
       header_fields: obj.header_fields,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/mcp/src/mcp_call_template.ts b/packages/mcp/src/mcp_call_template.ts
@@ -123,6 +123,7 @@ export interface McpCallTemplate extends CallTemplate {
   config: McpConfig;
   auth?: OAuth2Auth;
   register_resources_as_tools?: boolean;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -135,6 +136,7 @@ export const McpCallTemplateSchema: z.ZodType<McpCallTemplate> = z.object({
   config: McpConfigSchema.describe('Configuration object containing MCP server definitions. Follows the same format as the official MCP server configuration.'),
   auth: AuthSchema.nullable().optional().describe('Optional OAuth2 authentication for HTTP-based MCP servers.'),
   register_resources_as_tools: z.boolean().default(false).describe('Whether to register MCP resources as callable tools. When True, server resources are exposed as tools that can be called.'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }) as z.ZodType<McpCallTemplate>;
 
 /**
@@ -153,6 +155,7 @@ export class McpCallTemplateSerializer extends Serializer<McpCallTemplate> {
       config: obj.config,
       auth: obj.auth,
       register_resources_as_tools: obj.register_resources_as_tools,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/packages/text/src/text_call_template.ts b/packages/text/src/text_call_template.ts
@@ -22,6 +22,7 @@ export interface TextCallTemplate extends CallTemplate {
   base_url?: string;
   auth?: undefined;
   auth_tools?: Auth | null;
+  allowed_communication_protocols?: string[];
 }
 
 /**
@@ -40,6 +41,7 @@ export const TextCallTemplateSchema: z.ZodType<TextCallTemplate> = z.object({
     }
     return val as Auth;
   }).describe('Optional authentication to apply to generated tools from OpenAPI specs'),
+  allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),
 }).strict() as z.ZodType<TextCallTemplate>;
 
 /**
@@ -54,6 +56,7 @@ export class TextCallTemplateSerializer extends Serializer<TextCallTemplate> {
       base_url: obj.base_url,
       auth: obj.auth,
       auth_tools: obj.auth_tools ? new AuthSerializer().toDict(obj.auth_tools) : null,
+      allowed_communication_protocols: obj.allowed_communication_protocols,
     };
   }
 
diff --git a/scripts/update-versions.js b/scripts/update-versions.js
@@ -22,7 +22,7 @@ const PACKAGES_DIR = path.resolve(__dirname, '../packages');
 const ROOT_DIR = path.resolve(__dirname, '..');
 
 // Package directories
-const PACKAGES = ['core', 'http', 'mcp', 'text', 'file', 'cli', 'direct-call', 'dotenv-loader'];
+const PACKAGES = ['core', 'http', 'mcp', 'text', 'file', 'cli', 'direct-call', 'dotenv-loader', 'code-mode'];
 
 /**
  * Parse semantic version string
diff --git a/tests/utcp_client.test.ts b/tests/utcp_client.test.ts

Original file line number	Diff line number	Diff line change
`@@ -13,5 +13,8 @@ export function register(override: boolean = false): void {`
`13`	`13`	`CommunicationProtocol.communicationProtocols['cli'] = new CliCommunicationProtocol();`
`14`	`14`	`}`
`15`	`15`
	`16`	`+// Automatically register CLI plugins on import`
	`17`	`+register();`
	`18`	`+`
`16`	`19`	`export * from './cli_call_template';`
`17`	`20`	`export * from './cli_communication_protocol';`
Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@ export interface FileCallTemplate extends CallTemplate {`
`23`	`23`	`file_path: string;`
`24`	`24`	`auth?: undefined;`
`25`	`25`	`auth_tools?: Auth \| null;`
	`26`	`+ allowed_communication_protocols?: string[];`
`26`	`27`	`}`
`27`	`28`
`28`	`29`	`/**`
`@@ -40,6 +41,7 @@ export const FileCallTemplateSchema: z.ZodType<FileCallTemplate> = z.object({`
`40`	`41`	`}`
`41`	`42`	`return val as Auth;`
`42`	`43`	`}).describe('Authentication to apply to generated tools from OpenAPI specs.'),`
	`44`	`+ allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),`
`43`	`45`	`}).strict() as z.ZodType<FileCallTemplate>;`
`44`	`46`
`45`	`47`	`/**`
`@@ -58,6 +60,7 @@ export class FileCallTemplateSerializer extends Serializer<FileCallTemplate> {`
`58`	`60`	`file_path: obj.file_path,`
`59`	`61`	`auth: obj.auth,`
`60`	`62`	`auth_tools: obj.auth_tools ? new AuthSerializer().toDict(obj.auth_tools) : null,`
	`63`	`+ allowed_communication_protocols: obj.allowed_communication_protocols,`
`61`	`64`	`};`
`62`	`65`	`}`
`63`	`66`
Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ export interface HttpCallTemplate extends CallTemplate {`
`22`	`22`	`body_field?: string;`
`23`	`23`	`header_fields?: string[];`
`24`	`24`	`auth_tools?: Auth \| null;`
	`25`	`+ allowed_communication_protocols?: string[];`
`25`	`26`	`}`
`26`	`27`
`27`	`28`	`/**`
`@@ -45,6 +46,7 @@ export const HttpCallTemplateSchema: z.ZodType<HttpCallTemplate> = z.object({`
`45`	`46`	`}`
`46`	`47`	`return val as Auth;`
`47`	`48`	`}).describe('Authentication configuration for generated tools'),`
	`49`	`+ allowed_communication_protocols: z.array(z.string()).optional().describe('Optional list of allowed communication protocol types for tools within this manual.'),`
`48`	`50`	`}) as z.ZodType<HttpCallTemplate>;`
`49`	`51`
`50`	`52`	`/**`
`@@ -64,6 +66,7 @@ export class HttpCallTemplateSerializer extends Serializer<HttpCallTemplate> {`
`64`	`66`	`headers: obj.headers,`
`65`	`67`	`body_field: obj.body_field,`
`66`	`68`	`header_fields: obj.header_fields,`
	`69`	`+ allowed_communication_protocols: obj.allowed_communication_protocols,`
`67`	`70`	`};`
`68`	`71`	`}`
`69`	`72`