@ait-co/devtools 0.1.102 → 0.1.104

package/dist/{deeplink-D1HXJ2YG.js.map → deeplink-B5-Hxu0Q.js.map}

@@ -1 +1 @@
-{"version":3,"file":"deeplink-D1HXJ2YG.js","names":[],"sources":["../src/mcp/deeplink.ts"],"sourcesContent":["/**\n * URL of the AITC Sandbox launcher PWA.\n *\n * Declared here (not imported from `src/unplugin/tunnel.ts`) to respect the\n * mcp → unplugin layering boundary. unplugin/tunnel.ts declares its own copy\n * for the same reason — keep the two in sync when the URL changes.\n */\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Optional metadata that enriches the launcher deep-link (#498).\n *\n * These fields are added as query params so the launcher PWA can display\n * a recognizable identity (name, icon) without the user having to configure\n * anything extra.\n */\nexport interface LauncherAttachUrlOpts {\n  /**\n   * Human-readable app name shown in the partner nav bar (`name=` param).\n   * Blank / whitespace-only values are not added.\n   */\n  name?: string;\n  /**\n   * Absolute `https://` icon URL for the partner nav bar icon slot (`icon=`\n   * param). Non-https or falsy values are not added.\n   */\n  icon?: string;\n  /**\n   * When `true`, adds `selfdebug=1` to the launcher URL so the launcher PWA\n   * registers its own document as a CDP target (issue #531/#543).\n   *\n   * **Single-attach model**: attaching the launcher self-target causes any\n   * currently-attached mini-app target to be evicted. This is intentional —\n   * `selfdebug` is a \"launcher diagnostics mode\" for inspecting the launcher's\n   * own DOM/console/safe-area, not simultaneous dual-attach.\n   *\n   * When `false` or omitted (default), the param is not added and the output\n   * is byte-identical to the previous behaviour.\n   */\n  selfdebug?: boolean;\n}\n\n/**\n * Builds a launcher PWA deep-link for env-2 MCP-attach (issue #378).\n *\n * The launcher at {@link LAUNCHER_URL} renders tunnelUrl in a full-viewport\n * iframe. `&debug=1&relay=<wssUrl>` is forwarded onto the iframe src so the\n * framed page's in-app debug gate (Layer C) is satisfied and a Chii target.js\n * is injected. `&at=<totpCode>` is added only when a code is provided (same\n * conditional as {@link buildDeepLinkAttachUrl}).\n *\n * When `opts.name` is given (non-blank), it is added as `&name=` so the\n * launcher partner bar shows the app name instead of the generic default (#498).\n * When `opts.icon` is an absolute https:// URL, it is added as `&icon=` so the\n * launcher can render an icon next to the title (#498).\n *\n * Unlike `buildDeepLinkAttachUrl` (which splices onto a non-special scheme URL\n * via raw string manipulation), this function uses WHATWG `encodeURIComponent`\n * because the target is a standard `https:` URL.\n *\n * SECRET-HANDLING: `totpCode` (when provided) is placed into the `at=` param\n * only — never logged or returned separately. Callers must NOT log the result\n * of this function to stdout/stderr.\n *\n * @param tunnelUrl - The `https://*.trycloudflare.com` app tunnel URL\n *   (`AIT_TUNNEL_BASE_URL`). This is the URL the launcher frames.\n * @param wssUrl - The `wss://` relay URL the framed page will attach to.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is appended as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Omit when TOTP is disabled.\n * @param opts - Optional app identity hints: `name`, `icon`, and `selfdebug`\n *   (#498, #543).\n * @returns The launcher deep-link URL with `?url=<enc>&debug=1&relay=<enc>\n *   [&at=<code>][&name=<enc>][&icon=<enc>][&selfdebug=1]` params.\n */\nexport function buildLauncherAttachUrl(\n  tunnelUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n  opts?: LauncherAttachUrlOpts,\n): string {\n  let url =\n    `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}` +\n    `&debug=1&relay=${encodeURIComponent(wssUrl)}`;\n  if (totpCode !== undefined && totpCode !== '') {\n    url += `&at=${encodeURIComponent(totpCode)}`;\n  }\n  // App identity hints (#498): add non-blank name and valid https icon.\n  if (opts?.name !== undefined && opts.name.trim() !== '') {\n    url += `&name=${encodeURIComponent(opts.name.trim())}`;\n  }\n  if (opts?.icon !== undefined) {\n    let iconParsed: URL;\n    try {\n      iconParsed = new URL(opts.icon);\n    } catch {\n      iconParsed = null as unknown as URL;\n    }\n    if (iconParsed?.protocol === 'https:') {\n      url += `&icon=${encodeURIComponent(opts.icon)}`;\n    }\n  }\n  // Self-debug opt-in (#543): add selfdebug=1 only when explicitly requested.\n  // Without this flag the output is byte-identical to the previous behaviour.\n  if (opts?.selfdebug === true) {\n    url += '&selfdebug=1';\n  }\n  return url;\n}\n\n/**\n * Build a self-attaching dog-food deep-link.\n *\n * `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dog-food bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n *\n * The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n *\n * TOTP `at=` param:\n *   When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n *   `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n *   The code must be computed by the caller at call time — do NOT pre-compute\n *   and cache it, because the 30-second window expires quickly. The in-app gate\n *   (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n *\n * Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n */\n\n/**\n * Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n *\n * The expected form from `ait deploy --scheme-only` is:\n *   intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n */\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/**\n * Validates the authority (host) portion of a scheme URL.\n *\n * Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n *\n * Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n */\nexport function validateSchemeAuthority(schemeUrl: string): string | null {\n  // Extract authority from `scheme://authority[/path][?query][#hash]`.\n  // We cannot use the WHATWG URL parser for non-special schemes reliably\n  // (see the deeplink.ts module comment), so we parse the raw string.\n  const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]*:\\/\\//, '');\n  if (afterScheme === schemeUrl) {\n    // No `://` found — not a scheme URL at all.\n    return (\n      'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n      'Use the URL printed by `ait deploy --scheme-only`.'\n    );\n  }\n\n  // authority ends at the first `/`, `?`, `#`, or end of string.\n  const authorityEnd = afterScheme.search(/[/?#]/);\n  const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n  if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n    const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n    return (\n      `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n      'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n      'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n    );\n  }\n\n  return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. */\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n  if (query === '') return '';\n  return query\n    .split('&')\n    .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n    .join('&');\n}\n\n/**\n * Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n *\n * @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n *   by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n *   of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n *   running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n *   appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n *   producing such a link would be a silent dead end).\n */\nexport function buildDeepLinkAttachUrl(\n  schemeUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n): string {\n  let relay: URL;\n  try {\n    relay = new URL(wssUrl);\n  } catch {\n    throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n  }\n  if (relay.protocol !== 'wss:') {\n    throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n  }\n\n  const hashIndex = schemeUrl.indexOf('#');\n  const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n  const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n  const queryIndex = beforeHash.indexOf('?');\n  const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n  let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n  const appended: AppendParam[] = [\n    ['debug', '1'],\n    ['relay', wssUrl],\n  ];\n  // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n  // TOTP is disabled preserves backward compatibility with gate deployments\n  // that do not yet evaluate the `at` param.\n  if (totpCode !== undefined && totpCode !== '') {\n    appended.push(['at', totpCode]);\n  }\n\n  // Always strip the `at` key from the existing query so a stale code from a\n  // previous run is removed even when the caller does not provide a fresh code.\n  query = stripExisting(query, 'at');\n\n  for (const [key] of appended) {\n    query = stripExisting(query, key);\n  }\n  for (const [key, value] of appended) {\n    const pair = `${key}=${encodeURIComponent(value)}`;\n    query = query === '' ? pair : `${query}&${pair}`;\n  }\n\n  return `${base}?${query}${hash}`;\n}\n"],"mappings":";;;;;;;;AAOA,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoErB,SAAgB,uBACd,WACA,QACA,UACA,MACQ;CACR,IAAI,MACF,GAAG,aAAa,OAAO,mBAAmB,UAAU,CAAA,iBAClC,mBAAmB,OAAO;AAC9C,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,QAAO,OAAO,mBAAmB,SAAS;AAG5C,KAAI,MAAM,SAAS,KAAA,KAAa,KAAK,KAAK,MAAM,KAAK,GACnD,QAAO,SAAS,mBAAmB,KAAK,KAAK,MAAM,CAAC;AAEtD,KAAI,MAAM,SAAS,KAAA,GAAW;EAC5B,IAAI;AACJ,MAAI;AACF,gBAAa,IAAI,IAAI,KAAK,KAAK;UACzB;AACN,gBAAa;;AAEf,MAAI,YAAY,aAAa,SAC3B,QAAO,SAAS,mBAAmB,KAAK,KAAK;;AAKjD,KAAI,MAAM,cAAc,KACtB,QAAO;AAET,QAAO"}
+{"version":3,"file":"deeplink-B5-Hxu0Q.js","names":[],"sources":["../src/mcp/deeplink.ts"],"sourcesContent":["/**\n * URL of the AITC Sandbox launcher PWA.\n *\n * Declared here (not imported from `src/unplugin/tunnel.ts`) to respect the\n * mcp → unplugin layering boundary. unplugin/tunnel.ts declares its own copy\n * for the same reason — keep the two in sync when the URL changes.\n */\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Optional metadata that enriches the launcher deep-link (#498).\n *\n * These fields are added as query params so the launcher PWA can display\n * a recognizable identity (name, icon) without the user having to configure\n * anything extra.\n */\nexport interface LauncherAttachUrlOpts {\n  /**\n   * Human-readable app name shown in the partner nav bar (`name=` param).\n   * Blank / whitespace-only values are not added.\n   */\n  name?: string;\n  /**\n   * Absolute `https://` icon URL for the partner nav bar icon slot (`icon=`\n   * param). Non-https or falsy values are not added.\n   */\n  icon?: string;\n  /**\n   * When `true`, adds `selfdebug=1` to the launcher URL so the launcher PWA\n   * registers its own document as a CDP target (issue #531/#543).\n   *\n   * **Single-attach model**: attaching the launcher self-target causes any\n   * currently-attached mini-app target to be evicted. This is intentional —\n   * `selfdebug` is a \"launcher diagnostics mode\" for inspecting the launcher's\n   * own DOM/console/safe-area, not simultaneous dual-attach.\n   *\n   * When `false` or omitted (default), the param is not added and the output\n   * is byte-identical to the previous behaviour.\n   */\n  selfdebug?: boolean;\n}\n\n/**\n * Builds a launcher PWA deep-link for env-2 MCP-attach (issue #378).\n *\n * The launcher at {@link LAUNCHER_URL} renders tunnelUrl in a full-viewport\n * iframe. `&debug=1&relay=<wssUrl>` is forwarded onto the iframe src so the\n * framed page's in-app debug gate (Layer C) is satisfied and a Chii target.js\n * is injected. `&at=<totpCode>` is added only when a code is provided (same\n * conditional as {@link buildDeepLinkAttachUrl}).\n *\n * When `opts.name` is given (non-blank), it is added as `&name=` so the\n * launcher partner bar shows the app name instead of the generic default (#498).\n * When `opts.icon` is an absolute https:// URL, it is added as `&icon=` so the\n * launcher can render an icon next to the title (#498).\n *\n * Unlike `buildDeepLinkAttachUrl` (which splices onto a non-special scheme URL\n * via raw string manipulation), this function uses WHATWG `encodeURIComponent`\n * because the target is a standard `https:` URL.\n *\n * SECRET-HANDLING: `totpCode` (when provided) is placed into the `at=` param\n * only — never logged or returned separately. Callers must NOT log the result\n * of this function to stdout/stderr.\n *\n * @param tunnelUrl - The `https://*.trycloudflare.com` app tunnel URL\n *   (`AIT_TUNNEL_BASE_URL`). This is the URL the launcher frames.\n * @param wssUrl - The `wss://` relay URL the framed page will attach to.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is appended as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Omit when TOTP is disabled.\n * @param opts - Optional app identity hints: `name`, `icon`, and `selfdebug`\n *   (#498, #543).\n * @returns The launcher deep-link URL with `?url=<enc>&debug=1&relay=<enc>\n *   [&at=<code>][&name=<enc>][&icon=<enc>][&selfdebug=1]` params.\n */\nexport function buildLauncherAttachUrl(\n  tunnelUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n  opts?: LauncherAttachUrlOpts,\n): string {\n  let url =\n    `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}` +\n    `&debug=1&relay=${encodeURIComponent(wssUrl)}`;\n  if (totpCode !== undefined && totpCode !== '') {\n    url += `&at=${encodeURIComponent(totpCode)}`;\n  }\n  // App identity hints (#498): add non-blank name and valid https icon.\n  if (opts?.name !== undefined && opts.name.trim() !== '') {\n    url += `&name=${encodeURIComponent(opts.name.trim())}`;\n  }\n  if (opts?.icon !== undefined) {\n    let iconParsed: URL;\n    try {\n      iconParsed = new URL(opts.icon);\n    } catch {\n      iconParsed = null as unknown as URL;\n    }\n    if (iconParsed?.protocol === 'https:') {\n      url += `&icon=${encodeURIComponent(opts.icon)}`;\n    }\n  }\n  // Self-debug opt-in (#543): add selfdebug=1 only when explicitly requested.\n  // Without this flag the output is byte-identical to the previous behaviour.\n  if (opts?.selfdebug === true) {\n    url += '&selfdebug=1';\n  }\n  return url;\n}\n\n/**\n * Build a self-attaching dog-food deep-link.\n *\n * `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dog-food bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n *\n * The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n *\n * TOTP `at=` param:\n *   When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n *   `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n *   The code must be computed by the caller at call time — do NOT pre-compute\n *   and cache it, because the 30-second window expires quickly. The in-app gate\n *   (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n *\n * Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n */\n\n/**\n * Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n *\n * The expected form from `ait deploy --scheme-only` is:\n *   intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n */\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/**\n * Validates the authority (host) portion of a scheme URL.\n *\n * Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n *\n * Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n */\nexport function validateSchemeAuthority(schemeUrl: string): string | null {\n  // Extract authority from `scheme://authority[/path][?query][#hash]`.\n  // We cannot use the WHATWG URL parser for non-special schemes reliably\n  // (see the deeplink.ts module comment), so we parse the raw string.\n  const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]*:\\/\\//, '');\n  if (afterScheme === schemeUrl) {\n    // No `://` found — not a scheme URL at all.\n    return (\n      'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n      'Use the URL printed by `ait deploy --scheme-only`.'\n    );\n  }\n\n  // authority ends at the first `/`, `?`, `#`, or end of string.\n  const authorityEnd = afterScheme.search(/[/?#]/);\n  const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n  if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n    const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n    return (\n      `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n      'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n      'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n    );\n  }\n\n  return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. */\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n  if (query === '') return '';\n  return query\n    .split('&')\n    .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n    .join('&');\n}\n\n/**\n * Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n *\n * @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n *   by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n *   of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n *   running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n *   appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n *   producing such a link would be a silent dead end).\n */\nexport function buildDeepLinkAttachUrl(\n  schemeUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n): string {\n  let relay: URL;\n  try {\n    relay = new URL(wssUrl);\n  } catch {\n    throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n  }\n  if (relay.protocol !== 'wss:') {\n    throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n  }\n\n  const hashIndex = schemeUrl.indexOf('#');\n  const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n  const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n  const queryIndex = beforeHash.indexOf('?');\n  const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n  let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n  const appended: AppendParam[] = [\n    ['debug', '1'],\n    ['relay', wssUrl],\n  ];\n  // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n  // TOTP is disabled preserves backward compatibility with gate deployments\n  // that do not yet evaluate the `at` param.\n  if (totpCode !== undefined && totpCode !== '') {\n    appended.push(['at', totpCode]);\n  }\n\n  // Always strip the `at` key from the existing query so a stale code from a\n  // previous run is removed even when the caller does not provide a fresh code.\n  query = stripExisting(query, 'at');\n\n  for (const [key] of appended) {\n    query = stripExisting(query, key);\n  }\n  for (const [key, value] of appended) {\n    const pair = `${key}=${encodeURIComponent(value)}`;\n    query = query === '' ? pair : `${query}&${pair}`;\n  }\n\n  return `${base}?${query}${hash}`;\n}\n"],"mappings":";;;;;;;;AAOA,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoErB,SAAgB,uBACd,WACA,QACA,UACA,MACQ;CACR,IAAI,MACF,GAAG,aAAa,OAAO,mBAAmB,UAAU,CAAA,iBAClC,mBAAmB,OAAO;AAC9C,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,QAAO,OAAO,mBAAmB,SAAS;AAG5C,KAAI,MAAM,SAAS,KAAA,KAAa,KAAK,KAAK,MAAM,KAAK,GACnD,QAAO,SAAS,mBAAmB,KAAK,KAAK,MAAM,CAAC;AAEtD,KAAI,MAAM,SAAS,KAAA,GAAW;EAC5B,IAAI;AACJ,MAAI;AACF,gBAAa,IAAI,IAAI,KAAK,KAAK;UACzB;AACN,gBAAa;;AAEf,MAAI,YAAY,aAAa,SAC3B,QAAO,SAAS,mBAAmB,KAAK,KAAK;;AAKjD,KAAI,MAAM,cAAc,KACtB,QAAO;AAET,QAAO"}

package/dist/{deeplink-DDOe0FQl.cjs → deeplink-BzdbA1gV.cjs}

@@ -59,4 +59,4 @@ function buildLauncherAttachUrl(tunnelUrl, wssUrl, totpCode, opts) {
 //#endregion
 exports.buildLauncherAttachUrl = buildLauncherAttachUrl;
 
-//# sourceMappingURL=deeplink-DDOe0FQl.cjs.map
+//# sourceMappingURL=deeplink-BzdbA1gV.cjs.map

package/dist/{deeplink-DDOe0FQl.cjs.map → deeplink-BzdbA1gV.cjs.map}

@@ -1 +1 @@
-{"version":3,"file":"deeplink-DDOe0FQl.cjs","names":[],"sources":["../src/mcp/deeplink.ts"],"sourcesContent":["/**\n * URL of the AITC Sandbox launcher PWA.\n *\n * Declared here (not imported from `src/unplugin/tunnel.ts`) to respect the\n * mcp → unplugin layering boundary. unplugin/tunnel.ts declares its own copy\n * for the same reason — keep the two in sync when the URL changes.\n */\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Optional metadata that enriches the launcher deep-link (#498).\n *\n * These fields are added as query params so the launcher PWA can display\n * a recognizable identity (name, icon) without the user having to configure\n * anything extra.\n */\nexport interface LauncherAttachUrlOpts {\n  /**\n   * Human-readable app name shown in the partner nav bar (`name=` param).\n   * Blank / whitespace-only values are not added.\n   */\n  name?: string;\n  /**\n   * Absolute `https://` icon URL for the partner nav bar icon slot (`icon=`\n   * param). Non-https or falsy values are not added.\n   */\n  icon?: string;\n  /**\n   * When `true`, adds `selfdebug=1` to the launcher URL so the launcher PWA\n   * registers its own document as a CDP target (issue #531/#543).\n   *\n   * **Single-attach model**: attaching the launcher self-target causes any\n   * currently-attached mini-app target to be evicted. This is intentional —\n   * `selfdebug` is a \"launcher diagnostics mode\" for inspecting the launcher's\n   * own DOM/console/safe-area, not simultaneous dual-attach.\n   *\n   * When `false` or omitted (default), the param is not added and the output\n   * is byte-identical to the previous behaviour.\n   */\n  selfdebug?: boolean;\n}\n\n/**\n * Builds a launcher PWA deep-link for env-2 MCP-attach (issue #378).\n *\n * The launcher at {@link LAUNCHER_URL} renders tunnelUrl in a full-viewport\n * iframe. `&debug=1&relay=<wssUrl>` is forwarded onto the iframe src so the\n * framed page's in-app debug gate (Layer C) is satisfied and a Chii target.js\n * is injected. `&at=<totpCode>` is added only when a code is provided (same\n * conditional as {@link buildDeepLinkAttachUrl}).\n *\n * When `opts.name` is given (non-blank), it is added as `&name=` so the\n * launcher partner bar shows the app name instead of the generic default (#498).\n * When `opts.icon` is an absolute https:// URL, it is added as `&icon=` so the\n * launcher can render an icon next to the title (#498).\n *\n * Unlike `buildDeepLinkAttachUrl` (which splices onto a non-special scheme URL\n * via raw string manipulation), this function uses WHATWG `encodeURIComponent`\n * because the target is a standard `https:` URL.\n *\n * SECRET-HANDLING: `totpCode` (when provided) is placed into the `at=` param\n * only — never logged or returned separately. Callers must NOT log the result\n * of this function to stdout/stderr.\n *\n * @param tunnelUrl - The `https://*.trycloudflare.com` app tunnel URL\n *   (`AIT_TUNNEL_BASE_URL`). This is the URL the launcher frames.\n * @param wssUrl - The `wss://` relay URL the framed page will attach to.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is appended as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Omit when TOTP is disabled.\n * @param opts - Optional app identity hints: `name`, `icon`, and `selfdebug`\n *   (#498, #543).\n * @returns The launcher deep-link URL with `?url=<enc>&debug=1&relay=<enc>\n *   [&at=<code>][&name=<enc>][&icon=<enc>][&selfdebug=1]` params.\n */\nexport function buildLauncherAttachUrl(\n  tunnelUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n  opts?: LauncherAttachUrlOpts,\n): string {\n  let url =\n    `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}` +\n    `&debug=1&relay=${encodeURIComponent(wssUrl)}`;\n  if (totpCode !== undefined && totpCode !== '') {\n    url += `&at=${encodeURIComponent(totpCode)}`;\n  }\n  // App identity hints (#498): add non-blank name and valid https icon.\n  if (opts?.name !== undefined && opts.name.trim() !== '') {\n    url += `&name=${encodeURIComponent(opts.name.trim())}`;\n  }\n  if (opts?.icon !== undefined) {\n    let iconParsed: URL;\n    try {\n      iconParsed = new URL(opts.icon);\n    } catch {\n      iconParsed = null as unknown as URL;\n    }\n    if (iconParsed?.protocol === 'https:') {\n      url += `&icon=${encodeURIComponent(opts.icon)}`;\n    }\n  }\n  // Self-debug opt-in (#543): add selfdebug=1 only when explicitly requested.\n  // Without this flag the output is byte-identical to the previous behaviour.\n  if (opts?.selfdebug === true) {\n    url += '&selfdebug=1';\n  }\n  return url;\n}\n\n/**\n * Build a self-attaching dog-food deep-link.\n *\n * `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dog-food bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n *\n * The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n *\n * TOTP `at=` param:\n *   When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n *   `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n *   The code must be computed by the caller at call time — do NOT pre-compute\n *   and cache it, because the 30-second window expires quickly. The in-app gate\n *   (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n *\n * Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n */\n\n/**\n * Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n *\n * The expected form from `ait deploy --scheme-only` is:\n *   intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n */\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/**\n * Validates the authority (host) portion of a scheme URL.\n *\n * Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n *\n * Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n */\nexport function validateSchemeAuthority(schemeUrl: string): string | null {\n  // Extract authority from `scheme://authority[/path][?query][#hash]`.\n  // We cannot use the WHATWG URL parser for non-special schemes reliably\n  // (see the deeplink.ts module comment), so we parse the raw string.\n  const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]*:\\/\\//, '');\n  if (afterScheme === schemeUrl) {\n    // No `://` found — not a scheme URL at all.\n    return (\n      'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n      'Use the URL printed by `ait deploy --scheme-only`.'\n    );\n  }\n\n  // authority ends at the first `/`, `?`, `#`, or end of string.\n  const authorityEnd = afterScheme.search(/[/?#]/);\n  const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n  if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n    const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n    return (\n      `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n      'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n      'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n    );\n  }\n\n  return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. */\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n  if (query === '') return '';\n  return query\n    .split('&')\n    .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n    .join('&');\n}\n\n/**\n * Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n *\n * @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n *   by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n *   of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n *   running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n *   appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n *   producing such a link would be a silent dead end).\n */\nexport function buildDeepLinkAttachUrl(\n  schemeUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n): string {\n  let relay: URL;\n  try {\n    relay = new URL(wssUrl);\n  } catch {\n    throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n  }\n  if (relay.protocol !== 'wss:') {\n    throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n  }\n\n  const hashIndex = schemeUrl.indexOf('#');\n  const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n  const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n  const queryIndex = beforeHash.indexOf('?');\n  const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n  let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n  const appended: AppendParam[] = [\n    ['debug', '1'],\n    ['relay', wssUrl],\n  ];\n  // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n  // TOTP is disabled preserves backward compatibility with gate deployments\n  // that do not yet evaluate the `at` param.\n  if (totpCode !== undefined && totpCode !== '') {\n    appended.push(['at', totpCode]);\n  }\n\n  // Always strip the `at` key from the existing query so a stale code from a\n  // previous run is removed even when the caller does not provide a fresh code.\n  query = stripExisting(query, 'at');\n\n  for (const [key] of appended) {\n    query = stripExisting(query, key);\n  }\n  for (const [key, value] of appended) {\n    const pair = `${key}=${encodeURIComponent(value)}`;\n    query = query === '' ? pair : `${query}&${pair}`;\n  }\n\n  return `${base}?${query}${hash}`;\n}\n"],"mappings":";;;;;;;;AAOA,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoErB,SAAgB,uBACd,WACA,QACA,UACA,MACQ;CACR,IAAI,MACF,GAAG,aAAa,OAAO,mBAAmB,UAAU,CAAA,iBAClC,mBAAmB,OAAO;AAC9C,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,QAAO,OAAO,mBAAmB,SAAS;AAG5C,KAAI,MAAM,SAAS,KAAA,KAAa,KAAK,KAAK,MAAM,KAAK,GACnD,QAAO,SAAS,mBAAmB,KAAK,KAAK,MAAM,CAAC;AAEtD,KAAI,MAAM,SAAS,KAAA,GAAW;EAC5B,IAAI;AACJ,MAAI;AACF,gBAAa,IAAI,IAAI,KAAK,KAAK;UACzB;AACN,gBAAa;;AAEf,MAAI,YAAY,aAAa,SAC3B,QAAO,SAAS,mBAAmB,KAAK,KAAK;;AAKjD,KAAI,MAAM,cAAc,KACtB,QAAO;AAET,QAAO"}
+{"version":3,"file":"deeplink-BzdbA1gV.cjs","names":[],"sources":["../src/mcp/deeplink.ts"],"sourcesContent":["/**\n * URL of the AITC Sandbox launcher PWA.\n *\n * Declared here (not imported from `src/unplugin/tunnel.ts`) to respect the\n * mcp → unplugin layering boundary. unplugin/tunnel.ts declares its own copy\n * for the same reason — keep the two in sync when the URL changes.\n */\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Optional metadata that enriches the launcher deep-link (#498).\n *\n * These fields are added as query params so the launcher PWA can display\n * a recognizable identity (name, icon) without the user having to configure\n * anything extra.\n */\nexport interface LauncherAttachUrlOpts {\n  /**\n   * Human-readable app name shown in the partner nav bar (`name=` param).\n   * Blank / whitespace-only values are not added.\n   */\n  name?: string;\n  /**\n   * Absolute `https://` icon URL for the partner nav bar icon slot (`icon=`\n   * param). Non-https or falsy values are not added.\n   */\n  icon?: string;\n  /**\n   * When `true`, adds `selfdebug=1` to the launcher URL so the launcher PWA\n   * registers its own document as a CDP target (issue #531/#543).\n   *\n   * **Single-attach model**: attaching the launcher self-target causes any\n   * currently-attached mini-app target to be evicted. This is intentional —\n   * `selfdebug` is a \"launcher diagnostics mode\" for inspecting the launcher's\n   * own DOM/console/safe-area, not simultaneous dual-attach.\n   *\n   * When `false` or omitted (default), the param is not added and the output\n   * is byte-identical to the previous behaviour.\n   */\n  selfdebug?: boolean;\n}\n\n/**\n * Builds a launcher PWA deep-link for env-2 MCP-attach (issue #378).\n *\n * The launcher at {@link LAUNCHER_URL} renders tunnelUrl in a full-viewport\n * iframe. `&debug=1&relay=<wssUrl>` is forwarded onto the iframe src so the\n * framed page's in-app debug gate (Layer C) is satisfied and a Chii target.js\n * is injected. `&at=<totpCode>` is added only when a code is provided (same\n * conditional as {@link buildDeepLinkAttachUrl}).\n *\n * When `opts.name` is given (non-blank), it is added as `&name=` so the\n * launcher partner bar shows the app name instead of the generic default (#498).\n * When `opts.icon` is an absolute https:// URL, it is added as `&icon=` so the\n * launcher can render an icon next to the title (#498).\n *\n * Unlike `buildDeepLinkAttachUrl` (which splices onto a non-special scheme URL\n * via raw string manipulation), this function uses WHATWG `encodeURIComponent`\n * because the target is a standard `https:` URL.\n *\n * SECRET-HANDLING: `totpCode` (when provided) is placed into the `at=` param\n * only — never logged or returned separately. Callers must NOT log the result\n * of this function to stdout/stderr.\n *\n * @param tunnelUrl - The `https://*.trycloudflare.com` app tunnel URL\n *   (`AIT_TUNNEL_BASE_URL`). This is the URL the launcher frames.\n * @param wssUrl - The `wss://` relay URL the framed page will attach to.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is appended as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Omit when TOTP is disabled.\n * @param opts - Optional app identity hints: `name`, `icon`, and `selfdebug`\n *   (#498, #543).\n * @returns The launcher deep-link URL with `?url=<enc>&debug=1&relay=<enc>\n *   [&at=<code>][&name=<enc>][&icon=<enc>][&selfdebug=1]` params.\n */\nexport function buildLauncherAttachUrl(\n  tunnelUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n  opts?: LauncherAttachUrlOpts,\n): string {\n  let url =\n    `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}` +\n    `&debug=1&relay=${encodeURIComponent(wssUrl)}`;\n  if (totpCode !== undefined && totpCode !== '') {\n    url += `&at=${encodeURIComponent(totpCode)}`;\n  }\n  // App identity hints (#498): add non-blank name and valid https icon.\n  if (opts?.name !== undefined && opts.name.trim() !== '') {\n    url += `&name=${encodeURIComponent(opts.name.trim())}`;\n  }\n  if (opts?.icon !== undefined) {\n    let iconParsed: URL;\n    try {\n      iconParsed = new URL(opts.icon);\n    } catch {\n      iconParsed = null as unknown as URL;\n    }\n    if (iconParsed?.protocol === 'https:') {\n      url += `&icon=${encodeURIComponent(opts.icon)}`;\n    }\n  }\n  // Self-debug opt-in (#543): add selfdebug=1 only when explicitly requested.\n  // Without this flag the output is byte-identical to the previous behaviour.\n  if (opts?.selfdebug === true) {\n    url += '&selfdebug=1';\n  }\n  return url;\n}\n\n/**\n * Build a self-attaching dog-food deep-link.\n *\n * `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dog-food bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n *\n * The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n *\n * TOTP `at=` param:\n *   When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n *   `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n *   The code must be computed by the caller at call time — do NOT pre-compute\n *   and cache it, because the 30-second window expires quickly. The in-app gate\n *   (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n *\n * Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n */\n\n/**\n * Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n *\n * The expected form from `ait deploy --scheme-only` is:\n *   intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n */\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/**\n * Validates the authority (host) portion of a scheme URL.\n *\n * Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n *\n * Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n */\nexport function validateSchemeAuthority(schemeUrl: string): string | null {\n  // Extract authority from `scheme://authority[/path][?query][#hash]`.\n  // We cannot use the WHATWG URL parser for non-special schemes reliably\n  // (see the deeplink.ts module comment), so we parse the raw string.\n  const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]*:\\/\\//, '');\n  if (afterScheme === schemeUrl) {\n    // No `://` found — not a scheme URL at all.\n    return (\n      'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n      'Use the URL printed by `ait deploy --scheme-only`.'\n    );\n  }\n\n  // authority ends at the first `/`, `?`, `#`, or end of string.\n  const authorityEnd = afterScheme.search(/[/?#]/);\n  const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n  if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n    const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n    return (\n      `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n      'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n      'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n    );\n  }\n\n  return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. */\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n  if (query === '') return '';\n  return query\n    .split('&')\n    .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n    .join('&');\n}\n\n/**\n * Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n *\n * @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n *   by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n *   of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n *   running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n *   is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n *   every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n *   appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n *   producing such a link would be a silent dead end).\n */\nexport function buildDeepLinkAttachUrl(\n  schemeUrl: string,\n  wssUrl: string,\n  totpCode?: string,\n): string {\n  let relay: URL;\n  try {\n    relay = new URL(wssUrl);\n  } catch {\n    throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n  }\n  if (relay.protocol !== 'wss:') {\n    throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n  }\n\n  const hashIndex = schemeUrl.indexOf('#');\n  const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n  const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n  const queryIndex = beforeHash.indexOf('?');\n  const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n  let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n  const appended: AppendParam[] = [\n    ['debug', '1'],\n    ['relay', wssUrl],\n  ];\n  // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n  // TOTP is disabled preserves backward compatibility with gate deployments\n  // that do not yet evaluate the `at` param.\n  if (totpCode !== undefined && totpCode !== '') {\n    appended.push(['at', totpCode]);\n  }\n\n  // Always strip the `at` key from the existing query so a stale code from a\n  // previous run is removed even when the caller does not provide a fresh code.\n  query = stripExisting(query, 'at');\n\n  for (const [key] of appended) {\n    query = stripExisting(query, key);\n  }\n  for (const [key, value] of appended) {\n    const pair = `${key}=${encodeURIComponent(value)}`;\n    query = query === '' ? pair : `${query}&${pair}`;\n  }\n\n  return `${base}?${query}${hash}`;\n}\n"],"mappings":";;;;;;;;AAOA,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoErB,SAAgB,uBACd,WACA,QACA,UACA,MACQ;CACR,IAAI,MACF,GAAG,aAAa,OAAO,mBAAmB,UAAU,CAAA,iBAClC,mBAAmB,OAAO;AAC9C,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,QAAO,OAAO,mBAAmB,SAAS;AAG5C,KAAI,MAAM,SAAS,KAAA,KAAa,KAAK,KAAK,MAAM,KAAK,GACnD,QAAO,SAAS,mBAAmB,KAAK,KAAK,MAAM,CAAC;AAEtD,KAAI,MAAM,SAAS,KAAA,GAAW;EAC5B,IAAI;AACJ,MAAI;AACF,gBAAa,IAAI,IAAI,KAAK,KAAK;UACzB;AACN,gBAAa;;AAEf,MAAI,YAAY,aAAa,SAC3B,QAAO,SAAS,mBAAmB,KAAK,KAAK;;AAKjD,KAAI,MAAM,cAAc,KACtB,QAAO;AAET,QAAO"}

package/dist/{devtools-opener-XpwL3fZ9.js → devtools-opener-B8nxrxqu.js}

@@ -1,15 +1,5 @@
 import { createRequire } from "node:module";
 //#region \0rolldown/runtime.js
-var __defProp = Object.defineProperty;
-var __exportAll = (all, no_symbols) => {
-	let target = {};
-	for (var name in all) __defProp(target, name, {
-		get: all[name],
-		enumerable: true
-	});
-	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
-	return target;
-};
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
 //#endregion
 //#region src/mcp/devtools-opener.ts
@@ -76,6 +66,6 @@ function openUrlInBrowser(url) {
 	return false;
 }
 //#endregion
-export { isAutoDevtoolsDisabled, openUrlInBrowser, __exportAll as t };
+export { isAutoDevtoolsDisabled, openUrlInBrowser };
 
-//# sourceMappingURL=devtools-opener-XpwL3fZ9.js.map
+//# sourceMappingURL=devtools-opener-B8nxrxqu.js.map

package/dist/{devtools-opener-XpwL3fZ9.js.map → devtools-opener-B8nxrxqu.js.map}

@@ -1 +1 @@
-{"version":3,"file":"devtools-opener-XpwL3fZ9.js","names":[],"sources":["../src/mcp/devtools-opener.ts"],"sourcesContent":["/**\n * Auto-opens Chrome DevTools when a page attaches over the Chii relay.\n *\n * When a real device attaches (env 2 / 3 / 4 in the 4-environments fidelity\n * ladder), the Chii relay exposes a standard CDP WebSocket endpoint.  Chii\n * also self-hosts its DevTools frontend at:\n *\n *   <relay-base>/front_end/chii_app.html\n *     ?ws|wss=<encodeURIComponent(\"<relay-host>/client/<uuid>?target=<targetId>&at=<totp>\")>\n *\n * The param name follows the relay base scheme — `ws=` for plain HTTP\n * (env 3/4 local relay), `wss=` for HTTPS (env 2 tunnel) — matching the\n * scheme branch in chii/public/index.js.\n *\n * This is the same URL format that Chii's own index-page inspect-links use\n * (derived from `chii/public/index.js` — the JS that powers the target list\n * page at `<relay-base>/`).  Opening this URL in the developer's local browser\n * gives a full Chrome DevTools UI connected to the phone via the relay.\n *\n * IMPORTANT — environment guard:\n *   Auto-open only fires in relay environments (env 2 / 3 / 4). In env 1\n *   (local browser + mock SDK) the developer already has F12 available; opening\n *   a DevTools window pointing at the mock relay would be confusing and useless.\n *   The caller (`startAttachWatcher` in `debug-server.ts`) passes the current\n *   environment and this module bails out when it is `mock`.\n *\n * Opt-out: set `AIT_AUTO_DEVTOOLS=0` in the environment to suppress auto-open\n *   entirely. Any other value (or absent) enables the default behaviour.\n *\n * Duplicate-open guard:\n *   `AutoDevtoolsOpener` tracks whether open was already triggered for the\n *   current session. The open fires at most once per instance — typically one\n *   per `runDebugServer` call.\n *\n * TOTP expiry caveat:\n *   The `at=` TOTP code embedded in the `wss=` parameter is minted fresh at the\n *   moment `open()` is called. The code is valid for ~3 minutes (the relay gate\n *   accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps = 180–210 s). If the developer\n *   does not open the URL within that window the WebSocket upgrade will be\n *   rejected with 4401. In practice the browser opens immediately after the OS\n *   `open` command; if needed the developer can copy the wss= param, replace\n *   `at=`, and reload. This is documented in the JSDoc below.\n *\n * PWA (WebKit) caveat:\n *   The Chii relay injects a chobitsu CDP shim into WebKit-based runtimes (env 2\n *   AITC Sandbox PWA). The DevTools frontend will connect and most panels work.\n *   However, WebKit does not expose the full CDP domain set that V8/Blink does,\n *   so some panels (Network, Layers) may appear empty or show limited data.\n *   This is a WebKit runtime constraint, not a relay or devtools-opener issue.\n *\n * Node-only: uses `child_process.spawnSync` to invoke the OS open command.\n */\n\nimport type { McpEnvironment } from './environment.js';\n\n// ---------------------------------------------------------------------------\n// Chii self-hosted DevTools frontend URL\n// ---------------------------------------------------------------------------\n\n/**\n * Assembles the Chii self-hosted DevTools inspector URL for a given relay\n * and target.\n *\n * Chii serves its own DevTools frontend at\n * `<relayHttpBaseUrl>/front_end/chii_app.html`. The `ws=` (plain HTTP relay)\n * or `wss=` (HTTPS relay) query parameter is a URL-encoded string of the form\n * `<relay-host>/client/<uuid>?target=<id>&at=<totp>` — the same format used\n * by Chii's own target list page (derived from `chii/public/index.js`).\n *\n * The `at=` TOTP code is minted at call time via `mintTotp()`.  It is valid\n * for ~3 minutes (relay gate accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps =\n * 180–210 s).  The developer must open the returned URL within that window.\n * If the window expires before the browser connects, the relay will reject the\n * WebSocket upgrade with close code 4401.\n *\n * FAIL-CLOSED (issue #509): `mintTotp` is REQUIRED.  When omitted (i.e.\n * `undefined`), this function returns `null` — the caller must treat `null` as\n * \"inspector not yet available\" and show a waiting hint instead of a broken\n * link. Relay sessions gate every WS upgrade with TOTP (#452), so a URL built\n * without `at=` would be rejected with WS 4401 immediately — there is no\n * non-TOTP relay path in production. Returning `null` surfaces this cleanly as\n * a \"TOTP not yet configured\" state rather than silently producing a URL that\n * will always fail at the WS handshake.\n *\n * SECRET-HANDLING: `mintTotp` returns a code, not a secret. The code is\n * embedded in the `wss=` parameter (inside the `at=` param) of the returned\n * URL. Callers MUST NOT log the returned URL to stdout (stderr is OK — it is\n * the intended fallback surface for the developer to copy the URL).\n *\n * @param relayHttpBaseUrl - Local HTTP base URL of the Chii relay, e.g.\n *   `http://127.0.0.1:9100`. No trailing slash.\n * @param targetId - Chii target id (from `GET <relay>/targets`).\n * @param mintTotp - Function that returns a fresh 6-digit TOTP code string.\n *   Called at most once. **Required** — when `undefined`, the function returns\n *   `null` (fail-closed: no `at=` param means the relay WS gate rejects the\n *   handshake, so a null result is safer than a URL that always 404s).\n * @param panel - Initial panel. Defaults to `\"console\"`.\n *\n * @returns The inspector URL string, or `null` when `mintTotp` is absent.\n *\n * @example\n * buildChiiInspectorUrl(\n *   'http://127.0.0.1:9100',\n *   'abc123',\n *   () => generateTotp(secret),\n * )\n * // → 'http://127.0.0.1:9100/front_end/chii_app.html?ws=127.0.0.1%3A9100%2Fclient%2F<uuid>%3Ftarget%3Dabc123%26at%3D<code>'\n */\nexport function buildChiiInspectorUrl(\n  relayHttpBaseUrl: string,\n  targetId: string,\n  mintTotp?: () => string,\n  panel: 'elements' | 'console' | 'sources' | 'network' = 'console',\n): string | null {\n  // FAIL-CLOSED (#509): relay sessions require TOTP for every WS upgrade.\n  // Without a mintTotp function we cannot produce a valid at= code, so we\n  // return null rather than a URL that will always be rejected by the relay gate\n  // with WS 4401 / HTTP 404. Callers show a \"waiting\" hint when they get null.\n  if (!mintTotp) {\n    return null;\n  }\n\n  // Extract the host (and port) from the relay HTTP base URL, and pick the\n  // query param name chii_app.html expects: `ws=` dials `ws://` (plain-HTTP\n  // relay — env 3/4 local 127.0.0.1) while `wss=` dials `wss://` (HTTPS\n  // tunnel — env 2). chii/public/index.js does the same scheme branch:\n  // `location.protocol === 'https:' ? 'wss' : 'ws'`. Always sending `wss=`\n  // would make the frontend attempt TLS against the plain-HTTP local relay.\n  let relayHost: string;\n  let wsParamName: 'ws' | 'wss';\n  try {\n    const parsed = new URL(relayHttpBaseUrl);\n    relayHost = parsed.host; // e.g. \"127.0.0.1:9100\"\n    wsParamName = parsed.protocol === 'https:' ? 'wss' : 'ws';\n  } catch {\n    // Fallback: strip the scheme prefix manually if URL parsing fails.\n    relayHost = relayHttpBaseUrl.replace(/^https?:\\/\\//i, '');\n    wsParamName = /^https:/i.test(relayHttpBaseUrl) ? 'wss' : 'ws';\n  }\n\n  // Generate a client UUID that matches the format Chii's index.js uses\n  // (6 random alphanumeric characters).\n  const clientId = `devtools-opener-${Date.now().toString(36)}`;\n\n  // Build the ws=/wss= value: \"<relay-host>/client/<uuid>?target=<id>&at=<code>\"\n  // This mirrors the format from chii/public/index.js:\n  //   `${domain}${basePath}client/${randomId(6)}?target=${targetId}`\n  // SECRET-HANDLING: mintTotp() returns a code (not a secret). The code\n  // rides only in the URL's at= param. Callers must not log the URL.\n  const code = mintTotp();\n  const wsPath = `${relayHost}/client/${clientId}?target=${encodeURIComponent(targetId)}&at=${encodeURIComponent(code)}`;\n\n  const params = new URLSearchParams({ [wsParamName]: wsPath, panel });\n  return `${relayHttpBaseUrl.replace(/\\/$/, '')}/front_end/chii_app.html?${params.toString()}`;\n}\n\n// ---------------------------------------------------------------------------\n// Opt-out check\n// ---------------------------------------------------------------------------\n\n/**\n * Returns `true` when auto-open is **disabled**.\n *\n * Default (env var absent or any value other than `\"1\"`) is **disabled** —\n * the developer uses the \"디버그 툴 열기\" button on the /attach or dashboard\n * page instead. Set `AIT_AUTO_DEVTOOLS=1` to restore the old automatic\n * browser-open behaviour on device attach.\n *\n * `AIT_AUTO_DEVTOOLS=0` retains its explicit opt-out meaning for backward\n * compatibility (same effect as absent).\n */\nexport function isAutoDevtoolsDisabled(): boolean {\n  return process.env.AIT_AUTO_DEVTOOLS !== '1';\n}\n\n// ---------------------------------------------------------------------------\n// Browser open (Node-only, sync)\n// ---------------------------------------------------------------------------\n\n/**\n * Opens the given URL in the OS default browser using a platform-appropriate\n * command. Returns `true` on success.\n *\n * Failures are silent from the caller's perspective — the caller should log\n * the URL to stderr as a fallback before calling this function.\n */\nexport function openUrlInBrowser(url: string): boolean {\n  // Test hook: skip actual spawn when running in vitest / CI where the OS open\n  // command may hang or be absent. Production code never sets this.\n  if (process.env.AIT_AUTO_DEVTOOLS_TEST_SKIP_SPAWN === '1') return false;\n  // eslint-disable-next-line @typescript-eslint/no-require-imports\n  const { spawnSync } = require('node:child_process') as typeof import('node:child_process');\n  const platform = process.platform;\n\n  type Candidate = { cmd: string; args: string[] };\n  let candidates: Candidate[];\n  if (platform === 'darwin') {\n    candidates = [{ cmd: 'open', args: [url] }];\n  } else if (platform === 'win32') {\n    candidates = [{ cmd: 'cmd', args: ['/c', 'start', '', url] }];\n  } else {\n    // Linux + fallback\n    candidates = [\n      { cmd: 'xdg-open', args: [url] },\n      { cmd: 'sensible-browser', args: [url] },\n      { cmd: 'x-www-browser', args: [url] },\n    ];\n  }\n\n  for (const { cmd, args } of candidates) {\n    try {\n      const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5_000 });\n      if (!result.error && result.status === 0) return true;\n    } catch {\n      // Try next candidate.\n    }\n  }\n  return false;\n}\n\n// ---------------------------------------------------------------------------\n// AutoDevtoolsOpener — stateful once-per-session open guard\n// ---------------------------------------------------------------------------\n\n/**\n * Options for {@link AutoDevtoolsOpener.open}.\n *\n * The `relayHttpBaseUrl` and `targetId` fields are required to build a working\n * Chii self-hosted inspector URL. When `relayHttpBaseUrl` is absent the open\n * is skipped (no relay available yet).\n */\nexport interface DevtoolsOpenOptions {\n  /**\n   * Stable local inspector URL (`http://127.0.0.1:<port>/inspector`) from the\n   * QR HTTP server (issue #530). When provided this URL is opened in the browser\n   * instead of building a direct `front_end/chii_app.html?wss=…` URL. The\n   * `/inspector` endpoint mints a fresh TOTP at click time and redirects, so\n   * there is no TOTP-expiry race. Safe to log (no tunnel host, no TOTP code).\n   *\n   * When absent, falls back to building a direct inspector URL from\n   * `relayHttpBaseUrl` + `mintTotp` (legacy path, kept for backward compat).\n   */\n  inspectorStableUrl?: string | null;\n  /**\n   * Local HTTP base URL of the Chii relay, e.g. `http://127.0.0.1:9100`.\n   * Used to build the `<relay-base>/front_end/chii_app.html?wss=…` URL when\n   * `inspectorStableUrl` is not available.\n   *\n   * For env 3/4 (intoss relay) this is `http://127.0.0.1:<port>`.\n   * For env 2 (external PWA relay) this is the relay's external HTTP URL\n   * (e.g. `https://<host>.trycloudflare.com`).\n   *\n   * When absent or empty, `open()` is a no-op.\n   *\n   * SECRET-HANDLING: this value contains the relay host. Callers MUST NOT\n   * log it to stdout; stderr is the intended surface.\n   */\n  relayHttpBaseUrl: string | null | undefined;\n  /**\n   * Chii target id of the attached page, from `listTargets()[0].id`.\n   * When absent or empty, `open()` is a no-op.\n   */\n  targetId: string | null | undefined;\n  /**\n   * Function that mints a fresh TOTP code when called. Called at most once per\n   * `open()` invocation, immediately before building the inspector URL.\n   * Only used when `inspectorStableUrl` is absent.\n   *\n   * Pass `undefined` when TOTP is disabled (no `at=` param is added).\n   *\n   * SECRET-HANDLING: the function MUST return only the code (6 digits), not\n   * the secret. The code rides in the URL's `at=` param only.\n   */\n  mintTotp?: () => string;\n  /** Current MCP environment (`mock` | `relay`). `open()` no-ops on `mock`. */\n  env: McpEnvironment;\n}\n\n/**\n * Manages auto-opening Chrome DevTools on every NEW target attach (issue #530).\n *\n * Create one instance per `runDebugServer` call and pass its `open()` method\n * as the `onAttach` callback to the attach watcher (via `DualConnectionRouter`).\n *\n * The open fires for each NEW `targetId` — subsequent notifications for the\n * same target are de-duplicated. Re-attach with a fresh targetId (e.g. after\n * page reload on the phone) fires a new open. The URL opened is the stable\n * `/inspector` endpoint (issue #530) when `inspectorStableUrl` is provided —\n * it mints a fresh TOTP at click time so there is no expiry race. Falls back to\n * building a direct `front_end/chii_app.html?wss=…` URL when\n * `inspectorStableUrl` is absent.\n *\n * Opt-out and mock-environment guard are checked at call time.\n */\nexport class AutoDevtoolsOpener {\n  /** Per-target de-dupe set (issue #530 — target-unit guard replaces once-per-daemon). */\n  private readonly _openedTargets = new Set<string>();\n\n  /**\n   * Attempts to auto-open Chii DevTools in the developer's browser.\n   *\n   * Opens when:\n   *   - `options.targetId` is a NEW target (not yet in `_openedTargets`).\n   *\n   * No-op when any of the following conditions hold:\n   *   1. `targetId` has already been opened (`_openedTargets` has it).\n   *   2. `AIT_AUTO_DEVTOOLS=0` opt-out is set.\n   *   3. `options.env` is `mock` (env 1 — F12 is already available).\n   *   4. `options.targetId` is null/undefined/empty (no page attached yet).\n   *   5. Neither `inspectorStableUrl` nor `relayHttpBaseUrl` is available.\n   *\n   * When `inspectorStableUrl` is provided (issue #530 stable URL): opens\n   * `http://127.0.0.1:<port>/inspector` directly and writes it to stderr.\n   * The URL contains no tunnel host or TOTP code — safe to log anywhere.\n   *\n   * Legacy path (no `inspectorStableUrl`): builds a direct\n   * `<relay-base>/front_end/chii_app.html?wss=…` URL from `relayHttpBaseUrl`\n   * + `mintTotp`, writes to stderr. TOTP expiry caveat applies (~3 min window).\n   *\n   * SECRET-HANDLING: direct inspector URL (written to stderr) may contain relay\n   * host and TOTP code. Stable URL is secret-free. Neither must go to stdout or\n   * persistent logs.\n   */\n  open(options: DevtoolsOpenOptions): void {\n    if (isAutoDevtoolsDisabled()) return;\n    if (options.env === 'mock') return;\n    if (!options.targetId) return;\n\n    // Target-unit de-dupe (issue #530): re-attach with a new targetId fires again.\n    const targetId = options.targetId;\n    if (this._openedTargets.has(targetId)) return;\n\n    // Use stable /inspector URL when available (issue #530) — secret-free, no expiry.\n    if (options.inspectorStableUrl) {\n      this._openedTargets.add(targetId);\n      const stableUrl = options.inspectorStableUrl;\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다.\\n' +\n          `[ait-debug] QR 페이지 또는 대시보드(${stableUrl.replace('/inspector', '')})의 \"디버그 툴 열기\" 버튼을 눌러 DevTools를 여세요.\\n` +\n          '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n',\n      );\n      const opened = openUrlInBrowser(stableUrl);\n      if (!opened) {\n        process.stderr.write(\n          `[ait-debug] 브라우저 자동 열기 실패 — ${stableUrl} 을 브라우저에서 직접 여세요.\\n`,\n        );\n      }\n      return;\n    }\n\n    // Legacy path: build direct inspector URL from relayHttpBaseUrl + mintTotp.\n    if (!options.relayHttpBaseUrl) return;\n\n    this._openedTargets.add(targetId);\n\n    const inspectorUrl = buildChiiInspectorUrl(\n      options.relayHttpBaseUrl,\n      targetId,\n      options.mintTotp,\n    );\n\n    // FAIL-CLOSED (#509): buildChiiInspectorUrl returns null when mintTotp is\n    // absent (no valid at= code → relay WS gate would reject the connection).\n    // Record targetId in set so this guard fires, but skip browser open.\n    if (inspectorUrl === null) {\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다 — TOTP secret 미설정으로 인스펙터 URL을 생성할 수 없습니다.\\n' +\n          '[ait-debug] relay 세션은 AIT_DEBUG_TOTP_SECRET 설정이 필요합니다.\\n',\n      );\n      return;\n    }\n\n    process.stderr.write(\n      '[ait-debug] 기기가 연결됐습니다.\\n' +\n        `[ait-debug] DevTools URL: ${inspectorUrl}\\n` +\n        '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n' +\n        '[ait-debug] 주의: URL의 at= 코드는 ~3분 안에서만 유효합니다.\\n',\n    );\n\n    const opened = openUrlInBrowser(inspectorUrl);\n    if (!opened) {\n      process.stderr.write(\n        '[ait-debug] 브라우저 자동 열기 실패 — 위 URL을 브라우저에서 직접 여세요.\\n',\n      );\n    }\n  }\n\n  /**\n   * Returns `true` if `open()` has been called for at least one target.\n   * (Replaces the old once-per-session `_opened` flag; kept for interface\n   * compatibility with tests that read `opener.opened`.)\n   */\n  get opened(): boolean {\n    return this._openedTargets.size > 0;\n  }\n\n  /** Returns the set of target IDs that have already been auto-opened. */\n  get openedTargets(): ReadonlySet<string> {\n    return this._openedTargets;\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AA2KA,SAAgB,yBAAkC;AAChD,QAAO,QAAQ,IAAI,sBAAsB;;;;;;;;;AAc3C,SAAgB,iBAAiB,KAAsB;AAGrD,KAAI,QAAQ,IAAI,sCAAsC,IAAK,QAAO;CAElE,MAAM,EAAE,cAAA,UAAsB,qBAAqB;CACnD,MAAM,WAAW,QAAQ;CAGzB,IAAI;AACJ,KAAI,aAAa,SACf,cAAa,CAAC;EAAE,KAAK;EAAQ,MAAM,CAAC,IAAI;EAAE,CAAC;UAClC,aAAa,QACtB,cAAa,CAAC;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAI;EAAE,CAAC;KAG7D,cAAa;EACX;GAAE,KAAK;GAAY,MAAM,CAAC,IAAI;GAAE;EAChC;GAAE,KAAK;GAAoB,MAAM,CAAC,IAAI;GAAE;EACxC;GAAE,KAAK;GAAiB,MAAM,CAAC,IAAI;GAAE;EACtC;AAGH,MAAK,MAAM,EAAE,KAAK,UAAU,WAC1B,KAAI;EACF,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAO,CAAC;AACzE,MAAI,CAAC,OAAO,SAAS,OAAO,WAAW,EAAG,QAAO;SAC3C;AAIV,QAAO"}
+{"version":3,"file":"devtools-opener-B8nxrxqu.js","names":[],"sources":["../src/mcp/devtools-opener.ts"],"sourcesContent":["/**\n * Auto-opens Chrome DevTools when a page attaches over the Chii relay.\n *\n * When a real device attaches (env 2 / 3 / 4 in the 4-environments fidelity\n * ladder), the Chii relay exposes a standard CDP WebSocket endpoint.  Chii\n * also self-hosts its DevTools frontend at:\n *\n *   <relay-base>/front_end/chii_app.html\n *     ?ws|wss=<encodeURIComponent(\"<relay-host>/client/<uuid>?target=<targetId>&at=<totp>\")>\n *\n * The param name follows the relay base scheme — `ws=` for plain HTTP\n * (env 3/4 local relay), `wss=` for HTTPS (env 2 tunnel) — matching the\n * scheme branch in chii/public/index.js.\n *\n * This is the same URL format that Chii's own index-page inspect-links use\n * (derived from `chii/public/index.js` — the JS that powers the target list\n * page at `<relay-base>/`).  Opening this URL in the developer's local browser\n * gives a full Chrome DevTools UI connected to the phone via the relay.\n *\n * IMPORTANT — environment guard:\n *   Auto-open only fires in relay environments (env 2 / 3 / 4). In env 1\n *   (local browser + mock SDK) the developer already has F12 available; opening\n *   a DevTools window pointing at the mock relay would be confusing and useless.\n *   The caller (`startAttachWatcher` in `debug-server.ts`) passes the current\n *   environment and this module bails out when it is `mock`.\n *\n * Opt-out: set `AIT_AUTO_DEVTOOLS=0` in the environment to suppress auto-open\n *   entirely. Any other value (or absent) enables the default behaviour.\n *\n * Duplicate-open guard:\n *   `AutoDevtoolsOpener` tracks whether open was already triggered for the\n *   current session. The open fires at most once per instance — typically one\n *   per `runDebugServer` call.\n *\n * TOTP expiry caveat:\n *   The `at=` TOTP code embedded in the `wss=` parameter is minted fresh at the\n *   moment `open()` is called. The code is valid for ~3 minutes (the relay gate\n *   accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps = 180–210 s). If the developer\n *   does not open the URL within that window the WebSocket upgrade will be\n *   rejected with 4401. In practice the browser opens immediately after the OS\n *   `open` command; if needed the developer can copy the wss= param, replace\n *   `at=`, and reload. This is documented in the JSDoc below.\n *\n * PWA (WebKit) caveat:\n *   The Chii relay injects a chobitsu CDP shim into WebKit-based runtimes (env 2\n *   AITC Sandbox PWA). The DevTools frontend will connect and most panels work.\n *   However, WebKit does not expose the full CDP domain set that V8/Blink does,\n *   so some panels (Network, Layers) may appear empty or show limited data.\n *   This is a WebKit runtime constraint, not a relay or devtools-opener issue.\n *\n * Node-only: uses `child_process.spawnSync` to invoke the OS open command.\n */\n\nimport type { McpEnvironment } from './environment.js';\n\n// ---------------------------------------------------------------------------\n// Chii self-hosted DevTools frontend URL\n// ---------------------------------------------------------------------------\n\n/**\n * Assembles the Chii self-hosted DevTools inspector URL for a given relay\n * and target.\n *\n * Chii serves its own DevTools frontend at\n * `<relayHttpBaseUrl>/front_end/chii_app.html`. The `ws=` (plain HTTP relay)\n * or `wss=` (HTTPS relay) query parameter is a URL-encoded string of the form\n * `<relay-host>/client/<uuid>?target=<id>&at=<totp>` — the same format used\n * by Chii's own target list page (derived from `chii/public/index.js`).\n *\n * The `at=` TOTP code is minted at call time via `mintTotp()`.  It is valid\n * for ~3 minutes (relay gate accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps =\n * 180–210 s).  The developer must open the returned URL within that window.\n * If the window expires before the browser connects, the relay will reject the\n * WebSocket upgrade with close code 4401.\n *\n * FAIL-CLOSED (issue #509): `mintTotp` is REQUIRED.  When omitted (i.e.\n * `undefined`), this function returns `null` — the caller must treat `null` as\n * \"inspector not yet available\" and show a waiting hint instead of a broken\n * link. Relay sessions gate every WS upgrade with TOTP (#452), so a URL built\n * without `at=` would be rejected with WS 4401 immediately — there is no\n * non-TOTP relay path in production. Returning `null` surfaces this cleanly as\n * a \"TOTP not yet configured\" state rather than silently producing a URL that\n * will always fail at the WS handshake.\n *\n * SECRET-HANDLING: `mintTotp` returns a code, not a secret. The code is\n * embedded in the `wss=` parameter (inside the `at=` param) of the returned\n * URL. Callers MUST NOT log the returned URL to stdout (stderr is OK — it is\n * the intended fallback surface for the developer to copy the URL).\n *\n * @param relayHttpBaseUrl - Local HTTP base URL of the Chii relay, e.g.\n *   `http://127.0.0.1:9100`. No trailing slash.\n * @param targetId - Chii target id (from `GET <relay>/targets`).\n * @param mintTotp - Function that returns a fresh 6-digit TOTP code string.\n *   Called at most once. **Required** — when `undefined`, the function returns\n *   `null` (fail-closed: no `at=` param means the relay WS gate rejects the\n *   handshake, so a null result is safer than a URL that always 404s).\n * @param panel - Initial panel. Defaults to `\"console\"`.\n *\n * @returns The inspector URL string, or `null` when `mintTotp` is absent.\n *\n * @example\n * buildChiiInspectorUrl(\n *   'http://127.0.0.1:9100',\n *   'abc123',\n *   () => generateTotp(secret),\n * )\n * // → 'http://127.0.0.1:9100/front_end/chii_app.html?ws=127.0.0.1%3A9100%2Fclient%2F<uuid>%3Ftarget%3Dabc123%26at%3D<code>'\n */\nexport function buildChiiInspectorUrl(\n  relayHttpBaseUrl: string,\n  targetId: string,\n  mintTotp?: () => string,\n  panel: 'elements' | 'console' | 'sources' | 'network' = 'console',\n): string | null {\n  // FAIL-CLOSED (#509): relay sessions require TOTP for every WS upgrade.\n  // Without a mintTotp function we cannot produce a valid at= code, so we\n  // return null rather than a URL that will always be rejected by the relay gate\n  // with WS 4401 / HTTP 404. Callers show a \"waiting\" hint when they get null.\n  if (!mintTotp) {\n    return null;\n  }\n\n  // Extract the host (and port) from the relay HTTP base URL, and pick the\n  // query param name chii_app.html expects: `ws=` dials `ws://` (plain-HTTP\n  // relay — env 3/4 local 127.0.0.1) while `wss=` dials `wss://` (HTTPS\n  // tunnel — env 2). chii/public/index.js does the same scheme branch:\n  // `location.protocol === 'https:' ? 'wss' : 'ws'`. Always sending `wss=`\n  // would make the frontend attempt TLS against the plain-HTTP local relay.\n  let relayHost: string;\n  let wsParamName: 'ws' | 'wss';\n  try {\n    const parsed = new URL(relayHttpBaseUrl);\n    relayHost = parsed.host; // e.g. \"127.0.0.1:9100\"\n    wsParamName = parsed.protocol === 'https:' ? 'wss' : 'ws';\n  } catch {\n    // Fallback: strip the scheme prefix manually if URL parsing fails.\n    relayHost = relayHttpBaseUrl.replace(/^https?:\\/\\//i, '');\n    wsParamName = /^https:/i.test(relayHttpBaseUrl) ? 'wss' : 'ws';\n  }\n\n  // Generate a client UUID that matches the format Chii's index.js uses\n  // (6 random alphanumeric characters).\n  const clientId = `devtools-opener-${Date.now().toString(36)}`;\n\n  // Build the ws=/wss= value: \"<relay-host>/client/<uuid>?target=<id>&at=<code>\"\n  // This mirrors the format from chii/public/index.js:\n  //   `${domain}${basePath}client/${randomId(6)}?target=${targetId}`\n  // SECRET-HANDLING: mintTotp() returns a code (not a secret). The code\n  // rides only in the URL's at= param. Callers must not log the URL.\n  const code = mintTotp();\n  const wsPath = `${relayHost}/client/${clientId}?target=${encodeURIComponent(targetId)}&at=${encodeURIComponent(code)}`;\n\n  const params = new URLSearchParams({ [wsParamName]: wsPath, panel });\n  return `${relayHttpBaseUrl.replace(/\\/$/, '')}/front_end/chii_app.html?${params.toString()}`;\n}\n\n// ---------------------------------------------------------------------------\n// Opt-out check\n// ---------------------------------------------------------------------------\n\n/**\n * Returns `true` when auto-open is **disabled**.\n *\n * Default (env var absent or any value other than `\"1\"`) is **disabled** —\n * the developer uses the \"디버그 툴 열기\" button on the /attach or dashboard\n * page instead. Set `AIT_AUTO_DEVTOOLS=1` to restore the old automatic\n * browser-open behaviour on device attach.\n *\n * `AIT_AUTO_DEVTOOLS=0` retains its explicit opt-out meaning for backward\n * compatibility (same effect as absent).\n */\nexport function isAutoDevtoolsDisabled(): boolean {\n  return process.env.AIT_AUTO_DEVTOOLS !== '1';\n}\n\n// ---------------------------------------------------------------------------\n// Browser open (Node-only, sync)\n// ---------------------------------------------------------------------------\n\n/**\n * Opens the given URL in the OS default browser using a platform-appropriate\n * command. Returns `true` on success.\n *\n * Failures are silent from the caller's perspective — the caller should log\n * the URL to stderr as a fallback before calling this function.\n */\nexport function openUrlInBrowser(url: string): boolean {\n  // Test hook: skip actual spawn when running in vitest / CI where the OS open\n  // command may hang or be absent. Production code never sets this.\n  if (process.env.AIT_AUTO_DEVTOOLS_TEST_SKIP_SPAWN === '1') return false;\n  // eslint-disable-next-line @typescript-eslint/no-require-imports\n  const { spawnSync } = require('node:child_process') as typeof import('node:child_process');\n  const platform = process.platform;\n\n  type Candidate = { cmd: string; args: string[] };\n  let candidates: Candidate[];\n  if (platform === 'darwin') {\n    candidates = [{ cmd: 'open', args: [url] }];\n  } else if (platform === 'win32') {\n    candidates = [{ cmd: 'cmd', args: ['/c', 'start', '', url] }];\n  } else {\n    // Linux + fallback\n    candidates = [\n      { cmd: 'xdg-open', args: [url] },\n      { cmd: 'sensible-browser', args: [url] },\n      { cmd: 'x-www-browser', args: [url] },\n    ];\n  }\n\n  for (const { cmd, args } of candidates) {\n    try {\n      const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5_000 });\n      if (!result.error && result.status === 0) return true;\n    } catch {\n      // Try next candidate.\n    }\n  }\n  return false;\n}\n\n// ---------------------------------------------------------------------------\n// AutoDevtoolsOpener — stateful once-per-session open guard\n// ---------------------------------------------------------------------------\n\n/**\n * Options for {@link AutoDevtoolsOpener.open}.\n *\n * The `relayHttpBaseUrl` and `targetId` fields are required to build a working\n * Chii self-hosted inspector URL. When `relayHttpBaseUrl` is absent the open\n * is skipped (no relay available yet).\n */\nexport interface DevtoolsOpenOptions {\n  /**\n   * Stable local inspector URL (`http://127.0.0.1:<port>/inspector`) from the\n   * QR HTTP server (issue #530). When provided this URL is opened in the browser\n   * instead of building a direct `front_end/chii_app.html?wss=…` URL. The\n   * `/inspector` endpoint mints a fresh TOTP at click time and redirects, so\n   * there is no TOTP-expiry race. Safe to log (no tunnel host, no TOTP code).\n   *\n   * When absent, falls back to building a direct inspector URL from\n   * `relayHttpBaseUrl` + `mintTotp` (legacy path, kept for backward compat).\n   */\n  inspectorStableUrl?: string | null;\n  /**\n   * Local HTTP base URL of the Chii relay, e.g. `http://127.0.0.1:9100`.\n   * Used to build the `<relay-base>/front_end/chii_app.html?wss=…` URL when\n   * `inspectorStableUrl` is not available.\n   *\n   * For env 3/4 (intoss relay) this is `http://127.0.0.1:<port>`.\n   * For env 2 (external PWA relay) this is the relay's external HTTP URL\n   * (e.g. `https://<host>.trycloudflare.com`).\n   *\n   * When absent or empty, `open()` is a no-op.\n   *\n   * SECRET-HANDLING: this value contains the relay host. Callers MUST NOT\n   * log it to stdout; stderr is the intended surface.\n   */\n  relayHttpBaseUrl: string | null | undefined;\n  /**\n   * Chii target id of the attached page, from `listTargets()[0].id`.\n   * When absent or empty, `open()` is a no-op.\n   */\n  targetId: string | null | undefined;\n  /**\n   * Function that mints a fresh TOTP code when called. Called at most once per\n   * `open()` invocation, immediately before building the inspector URL.\n   * Only used when `inspectorStableUrl` is absent.\n   *\n   * Pass `undefined` when TOTP is disabled (no `at=` param is added).\n   *\n   * SECRET-HANDLING: the function MUST return only the code (6 digits), not\n   * the secret. The code rides in the URL's `at=` param only.\n   */\n  mintTotp?: () => string;\n  /** Current MCP environment (`mock` | `relay`). `open()` no-ops on `mock`. */\n  env: McpEnvironment;\n}\n\n/**\n * Manages auto-opening Chrome DevTools on every NEW target attach (issue #530).\n *\n * Create one instance per `runDebugServer` call and pass its `open()` method\n * as the `onAttach` callback to the attach watcher (via `DualConnectionRouter`).\n *\n * The open fires for each NEW `targetId` — subsequent notifications for the\n * same target are de-duplicated. Re-attach with a fresh targetId (e.g. after\n * page reload on the phone) fires a new open. The URL opened is the stable\n * `/inspector` endpoint (issue #530) when `inspectorStableUrl` is provided —\n * it mints a fresh TOTP at click time so there is no expiry race. Falls back to\n * building a direct `front_end/chii_app.html?wss=…` URL when\n * `inspectorStableUrl` is absent.\n *\n * Opt-out and mock-environment guard are checked at call time.\n */\nexport class AutoDevtoolsOpener {\n  /** Per-target de-dupe set (issue #530 — target-unit guard replaces once-per-daemon). */\n  private readonly _openedTargets = new Set<string>();\n\n  /**\n   * Attempts to auto-open Chii DevTools in the developer's browser.\n   *\n   * Opens when:\n   *   - `options.targetId` is a NEW target (not yet in `_openedTargets`).\n   *\n   * No-op when any of the following conditions hold:\n   *   1. `targetId` has already been opened (`_openedTargets` has it).\n   *   2. `AIT_AUTO_DEVTOOLS=0` opt-out is set.\n   *   3. `options.env` is `mock` (env 1 — F12 is already available).\n   *   4. `options.targetId` is null/undefined/empty (no page attached yet).\n   *   5. Neither `inspectorStableUrl` nor `relayHttpBaseUrl` is available.\n   *\n   * When `inspectorStableUrl` is provided (issue #530 stable URL): opens\n   * `http://127.0.0.1:<port>/inspector` directly and writes it to stderr.\n   * The URL contains no tunnel host or TOTP code — safe to log anywhere.\n   *\n   * Legacy path (no `inspectorStableUrl`): builds a direct\n   * `<relay-base>/front_end/chii_app.html?wss=…` URL from `relayHttpBaseUrl`\n   * + `mintTotp`, writes to stderr. TOTP expiry caveat applies (~3 min window).\n   *\n   * SECRET-HANDLING: direct inspector URL (written to stderr) may contain relay\n   * host and TOTP code. Stable URL is secret-free. Neither must go to stdout or\n   * persistent logs.\n   */\n  open(options: DevtoolsOpenOptions): void {\n    if (isAutoDevtoolsDisabled()) return;\n    if (options.env === 'mock') return;\n    if (!options.targetId) return;\n\n    // Target-unit de-dupe (issue #530): re-attach with a new targetId fires again.\n    const targetId = options.targetId;\n    if (this._openedTargets.has(targetId)) return;\n\n    // Use stable /inspector URL when available (issue #530) — secret-free, no expiry.\n    if (options.inspectorStableUrl) {\n      this._openedTargets.add(targetId);\n      const stableUrl = options.inspectorStableUrl;\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다.\\n' +\n          `[ait-debug] QR 페이지 또는 대시보드(${stableUrl.replace('/inspector', '')})의 \"디버그 툴 열기\" 버튼을 눌러 DevTools를 여세요.\\n` +\n          '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n',\n      );\n      const opened = openUrlInBrowser(stableUrl);\n      if (!opened) {\n        process.stderr.write(\n          `[ait-debug] 브라우저 자동 열기 실패 — ${stableUrl} 을 브라우저에서 직접 여세요.\\n`,\n        );\n      }\n      return;\n    }\n\n    // Legacy path: build direct inspector URL from relayHttpBaseUrl + mintTotp.\n    if (!options.relayHttpBaseUrl) return;\n\n    this._openedTargets.add(targetId);\n\n    const inspectorUrl = buildChiiInspectorUrl(\n      options.relayHttpBaseUrl,\n      targetId,\n      options.mintTotp,\n    );\n\n    // FAIL-CLOSED (#509): buildChiiInspectorUrl returns null when mintTotp is\n    // absent (no valid at= code → relay WS gate would reject the connection).\n    // Record targetId in set so this guard fires, but skip browser open.\n    if (inspectorUrl === null) {\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다 — TOTP secret 미설정으로 인스펙터 URL을 생성할 수 없습니다.\\n' +\n          '[ait-debug] relay 세션은 AIT_DEBUG_TOTP_SECRET 설정이 필요합니다.\\n',\n      );\n      return;\n    }\n\n    process.stderr.write(\n      '[ait-debug] 기기가 연결됐습니다.\\n' +\n        `[ait-debug] DevTools URL: ${inspectorUrl}\\n` +\n        '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n' +\n        '[ait-debug] 주의: URL의 at= 코드는 ~3분 안에서만 유효합니다.\\n',\n    );\n\n    const opened = openUrlInBrowser(inspectorUrl);\n    if (!opened) {\n      process.stderr.write(\n        '[ait-debug] 브라우저 자동 열기 실패 — 위 URL을 브라우저에서 직접 여세요.\\n',\n      );\n    }\n  }\n\n  /**\n   * Returns `true` if `open()` has been called for at least one target.\n   * (Replaces the old once-per-session `_opened` flag; kept for interface\n   * compatibility with tests that read `opener.opened`.)\n   */\n  get opened(): boolean {\n    return this._openedTargets.size > 0;\n  }\n\n  /** Returns the set of target IDs that have already been auto-opened. */\n  get openedTargets(): ReadonlySet<string> {\n    return this._openedTargets;\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;AA2KA,SAAgB,yBAAkC;AAChD,QAAO,QAAQ,IAAI,sBAAsB;;;;;;;;;AAc3C,SAAgB,iBAAiB,KAAsB;AAGrD,KAAI,QAAQ,IAAI,sCAAsC,IAAK,QAAO;CAElE,MAAM,EAAE,cAAA,UAAsB,qBAAqB;CACnD,MAAM,WAAW,QAAQ;CAGzB,IAAI;AACJ,KAAI,aAAa,SACf,cAAa,CAAC;EAAE,KAAK;EAAQ,MAAM,CAAC,IAAI;EAAE,CAAC;UAClC,aAAa,QACtB,cAAa,CAAC;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAI;EAAE,CAAC;KAG7D,cAAa;EACX;GAAE,KAAK;GAAY,MAAM,CAAC,IAAI;GAAE;EAChC;GAAE,KAAK;GAAoB,MAAM,CAAC,IAAI;GAAE;EACxC;GAAE,KAAK;GAAiB,MAAM,CAAC,IAAI;GAAE;EACtC;AAGH,MAAK,MAAM,EAAE,KAAK,UAAU,WAC1B,KAAI;EACF,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAO,CAAC;AACzE,MAAI,CAAC,OAAO,SAAS,OAAO,WAAW,EAAG,QAAO;SAC3C;AAIV,QAAO"}

package/dist/{devtools-opener-mDgeg_MX.cjs → devtools-opener-iv1OwfJN.cjs}

@@ -65,4 +65,4 @@ function openUrlInBrowser(url) {
 exports.isAutoDevtoolsDisabled = isAutoDevtoolsDisabled;
 exports.openUrlInBrowser = openUrlInBrowser;
 
-//# sourceMappingURL=devtools-opener-mDgeg_MX.cjs.map
+//# sourceMappingURL=devtools-opener-iv1OwfJN.cjs.map

package/dist/{devtools-opener-mDgeg_MX.cjs.map → devtools-opener-iv1OwfJN.cjs.map}

@@ -1 +1 @@
-{"version":3,"file":"devtools-opener-mDgeg_MX.cjs","names":[],"sources":["../src/mcp/devtools-opener.ts"],"sourcesContent":["/**\n * Auto-opens Chrome DevTools when a page attaches over the Chii relay.\n *\n * When a real device attaches (env 2 / 3 / 4 in the 4-environments fidelity\n * ladder), the Chii relay exposes a standard CDP WebSocket endpoint.  Chii\n * also self-hosts its DevTools frontend at:\n *\n *   <relay-base>/front_end/chii_app.html\n *     ?ws|wss=<encodeURIComponent(\"<relay-host>/client/<uuid>?target=<targetId>&at=<totp>\")>\n *\n * The param name follows the relay base scheme — `ws=` for plain HTTP\n * (env 3/4 local relay), `wss=` for HTTPS (env 2 tunnel) — matching the\n * scheme branch in chii/public/index.js.\n *\n * This is the same URL format that Chii's own index-page inspect-links use\n * (derived from `chii/public/index.js` — the JS that powers the target list\n * page at `<relay-base>/`).  Opening this URL in the developer's local browser\n * gives a full Chrome DevTools UI connected to the phone via the relay.\n *\n * IMPORTANT — environment guard:\n *   Auto-open only fires in relay environments (env 2 / 3 / 4). In env 1\n *   (local browser + mock SDK) the developer already has F12 available; opening\n *   a DevTools window pointing at the mock relay would be confusing and useless.\n *   The caller (`startAttachWatcher` in `debug-server.ts`) passes the current\n *   environment and this module bails out when it is `mock`.\n *\n * Opt-out: set `AIT_AUTO_DEVTOOLS=0` in the environment to suppress auto-open\n *   entirely. Any other value (or absent) enables the default behaviour.\n *\n * Duplicate-open guard:\n *   `AutoDevtoolsOpener` tracks whether open was already triggered for the\n *   current session. The open fires at most once per instance — typically one\n *   per `runDebugServer` call.\n *\n * TOTP expiry caveat:\n *   The `at=` TOTP code embedded in the `wss=` parameter is minted fresh at the\n *   moment `open()` is called. The code is valid for ~3 minutes (the relay gate\n *   accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps = 180–210 s). If the developer\n *   does not open the URL within that window the WebSocket upgrade will be\n *   rejected with 4401. In practice the browser opens immediately after the OS\n *   `open` command; if needed the developer can copy the wss= param, replace\n *   `at=`, and reload. This is documented in the JSDoc below.\n *\n * PWA (WebKit) caveat:\n *   The Chii relay injects a chobitsu CDP shim into WebKit-based runtimes (env 2\n *   AITC Sandbox PWA). The DevTools frontend will connect and most panels work.\n *   However, WebKit does not expose the full CDP domain set that V8/Blink does,\n *   so some panels (Network, Layers) may appear empty or show limited data.\n *   This is a WebKit runtime constraint, not a relay or devtools-opener issue.\n *\n * Node-only: uses `child_process.spawnSync` to invoke the OS open command.\n */\n\nimport type { McpEnvironment } from './environment.js';\n\n// ---------------------------------------------------------------------------\n// Chii self-hosted DevTools frontend URL\n// ---------------------------------------------------------------------------\n\n/**\n * Assembles the Chii self-hosted DevTools inspector URL for a given relay\n * and target.\n *\n * Chii serves its own DevTools frontend at\n * `<relayHttpBaseUrl>/front_end/chii_app.html`. The `ws=` (plain HTTP relay)\n * or `wss=` (HTTPS relay) query parameter is a URL-encoded string of the form\n * `<relay-host>/client/<uuid>?target=<id>&at=<totp>` — the same format used\n * by Chii's own target list page (derived from `chii/public/index.js`).\n *\n * The `at=` TOTP code is minted at call time via `mintTotp()`.  It is valid\n * for ~3 minutes (relay gate accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps =\n * 180–210 s).  The developer must open the returned URL within that window.\n * If the window expires before the browser connects, the relay will reject the\n * WebSocket upgrade with close code 4401.\n *\n * FAIL-CLOSED (issue #509): `mintTotp` is REQUIRED.  When omitted (i.e.\n * `undefined`), this function returns `null` — the caller must treat `null` as\n * \"inspector not yet available\" and show a waiting hint instead of a broken\n * link. Relay sessions gate every WS upgrade with TOTP (#452), so a URL built\n * without `at=` would be rejected with WS 4401 immediately — there is no\n * non-TOTP relay path in production. Returning `null` surfaces this cleanly as\n * a \"TOTP not yet configured\" state rather than silently producing a URL that\n * will always fail at the WS handshake.\n *\n * SECRET-HANDLING: `mintTotp` returns a code, not a secret. The code is\n * embedded in the `wss=` parameter (inside the `at=` param) of the returned\n * URL. Callers MUST NOT log the returned URL to stdout (stderr is OK — it is\n * the intended fallback surface for the developer to copy the URL).\n *\n * @param relayHttpBaseUrl - Local HTTP base URL of the Chii relay, e.g.\n *   `http://127.0.0.1:9100`. No trailing slash.\n * @param targetId - Chii target id (from `GET <relay>/targets`).\n * @param mintTotp - Function that returns a fresh 6-digit TOTP code string.\n *   Called at most once. **Required** — when `undefined`, the function returns\n *   `null` (fail-closed: no `at=` param means the relay WS gate rejects the\n *   handshake, so a null result is safer than a URL that always 404s).\n * @param panel - Initial panel. Defaults to `\"console\"`.\n *\n * @returns The inspector URL string, or `null` when `mintTotp` is absent.\n *\n * @example\n * buildChiiInspectorUrl(\n *   'http://127.0.0.1:9100',\n *   'abc123',\n *   () => generateTotp(secret),\n * )\n * // → 'http://127.0.0.1:9100/front_end/chii_app.html?ws=127.0.0.1%3A9100%2Fclient%2F<uuid>%3Ftarget%3Dabc123%26at%3D<code>'\n */\nexport function buildChiiInspectorUrl(\n  relayHttpBaseUrl: string,\n  targetId: string,\n  mintTotp?: () => string,\n  panel: 'elements' | 'console' | 'sources' | 'network' = 'console',\n): string | null {\n  // FAIL-CLOSED (#509): relay sessions require TOTP for every WS upgrade.\n  // Without a mintTotp function we cannot produce a valid at= code, so we\n  // return null rather than a URL that will always be rejected by the relay gate\n  // with WS 4401 / HTTP 404. Callers show a \"waiting\" hint when they get null.\n  if (!mintTotp) {\n    return null;\n  }\n\n  // Extract the host (and port) from the relay HTTP base URL, and pick the\n  // query param name chii_app.html expects: `ws=` dials `ws://` (plain-HTTP\n  // relay — env 3/4 local 127.0.0.1) while `wss=` dials `wss://` (HTTPS\n  // tunnel — env 2). chii/public/index.js does the same scheme branch:\n  // `location.protocol === 'https:' ? 'wss' : 'ws'`. Always sending `wss=`\n  // would make the frontend attempt TLS against the plain-HTTP local relay.\n  let relayHost: string;\n  let wsParamName: 'ws' | 'wss';\n  try {\n    const parsed = new URL(relayHttpBaseUrl);\n    relayHost = parsed.host; // e.g. \"127.0.0.1:9100\"\n    wsParamName = parsed.protocol === 'https:' ? 'wss' : 'ws';\n  } catch {\n    // Fallback: strip the scheme prefix manually if URL parsing fails.\n    relayHost = relayHttpBaseUrl.replace(/^https?:\\/\\//i, '');\n    wsParamName = /^https:/i.test(relayHttpBaseUrl) ? 'wss' : 'ws';\n  }\n\n  // Generate a client UUID that matches the format Chii's index.js uses\n  // (6 random alphanumeric characters).\n  const clientId = `devtools-opener-${Date.now().toString(36)}`;\n\n  // Build the ws=/wss= value: \"<relay-host>/client/<uuid>?target=<id>&at=<code>\"\n  // This mirrors the format from chii/public/index.js:\n  //   `${domain}${basePath}client/${randomId(6)}?target=${targetId}`\n  // SECRET-HANDLING: mintTotp() returns a code (not a secret). The code\n  // rides only in the URL's at= param. Callers must not log the URL.\n  const code = mintTotp();\n  const wsPath = `${relayHost}/client/${clientId}?target=${encodeURIComponent(targetId)}&at=${encodeURIComponent(code)}`;\n\n  const params = new URLSearchParams({ [wsParamName]: wsPath, panel });\n  return `${relayHttpBaseUrl.replace(/\\/$/, '')}/front_end/chii_app.html?${params.toString()}`;\n}\n\n// ---------------------------------------------------------------------------\n// Opt-out check\n// ---------------------------------------------------------------------------\n\n/**\n * Returns `true` when auto-open is **disabled**.\n *\n * Default (env var absent or any value other than `\"1\"`) is **disabled** —\n * the developer uses the \"디버그 툴 열기\" button on the /attach or dashboard\n * page instead. Set `AIT_AUTO_DEVTOOLS=1` to restore the old automatic\n * browser-open behaviour on device attach.\n *\n * `AIT_AUTO_DEVTOOLS=0` retains its explicit opt-out meaning for backward\n * compatibility (same effect as absent).\n */\nexport function isAutoDevtoolsDisabled(): boolean {\n  return process.env.AIT_AUTO_DEVTOOLS !== '1';\n}\n\n// ---------------------------------------------------------------------------\n// Browser open (Node-only, sync)\n// ---------------------------------------------------------------------------\n\n/**\n * Opens the given URL in the OS default browser using a platform-appropriate\n * command. Returns `true` on success.\n *\n * Failures are silent from the caller's perspective — the caller should log\n * the URL to stderr as a fallback before calling this function.\n */\nexport function openUrlInBrowser(url: string): boolean {\n  // Test hook: skip actual spawn when running in vitest / CI where the OS open\n  // command may hang or be absent. Production code never sets this.\n  if (process.env.AIT_AUTO_DEVTOOLS_TEST_SKIP_SPAWN === '1') return false;\n  // eslint-disable-next-line @typescript-eslint/no-require-imports\n  const { spawnSync } = require('node:child_process') as typeof import('node:child_process');\n  const platform = process.platform;\n\n  type Candidate = { cmd: string; args: string[] };\n  let candidates: Candidate[];\n  if (platform === 'darwin') {\n    candidates = [{ cmd: 'open', args: [url] }];\n  } else if (platform === 'win32') {\n    candidates = [{ cmd: 'cmd', args: ['/c', 'start', '', url] }];\n  } else {\n    // Linux + fallback\n    candidates = [\n      { cmd: 'xdg-open', args: [url] },\n      { cmd: 'sensible-browser', args: [url] },\n      { cmd: 'x-www-browser', args: [url] },\n    ];\n  }\n\n  for (const { cmd, args } of candidates) {\n    try {\n      const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5_000 });\n      if (!result.error && result.status === 0) return true;\n    } catch {\n      // Try next candidate.\n    }\n  }\n  return false;\n}\n\n// ---------------------------------------------------------------------------\n// AutoDevtoolsOpener — stateful once-per-session open guard\n// ---------------------------------------------------------------------------\n\n/**\n * Options for {@link AutoDevtoolsOpener.open}.\n *\n * The `relayHttpBaseUrl` and `targetId` fields are required to build a working\n * Chii self-hosted inspector URL. When `relayHttpBaseUrl` is absent the open\n * is skipped (no relay available yet).\n */\nexport interface DevtoolsOpenOptions {\n  /**\n   * Stable local inspector URL (`http://127.0.0.1:<port>/inspector`) from the\n   * QR HTTP server (issue #530). When provided this URL is opened in the browser\n   * instead of building a direct `front_end/chii_app.html?wss=…` URL. The\n   * `/inspector` endpoint mints a fresh TOTP at click time and redirects, so\n   * there is no TOTP-expiry race. Safe to log (no tunnel host, no TOTP code).\n   *\n   * When absent, falls back to building a direct inspector URL from\n   * `relayHttpBaseUrl` + `mintTotp` (legacy path, kept for backward compat).\n   */\n  inspectorStableUrl?: string | null;\n  /**\n   * Local HTTP base URL of the Chii relay, e.g. `http://127.0.0.1:9100`.\n   * Used to build the `<relay-base>/front_end/chii_app.html?wss=…` URL when\n   * `inspectorStableUrl` is not available.\n   *\n   * For env 3/4 (intoss relay) this is `http://127.0.0.1:<port>`.\n   * For env 2 (external PWA relay) this is the relay's external HTTP URL\n   * (e.g. `https://<host>.trycloudflare.com`).\n   *\n   * When absent or empty, `open()` is a no-op.\n   *\n   * SECRET-HANDLING: this value contains the relay host. Callers MUST NOT\n   * log it to stdout; stderr is the intended surface.\n   */\n  relayHttpBaseUrl: string | null | undefined;\n  /**\n   * Chii target id of the attached page, from `listTargets()[0].id`.\n   * When absent or empty, `open()` is a no-op.\n   */\n  targetId: string | null | undefined;\n  /**\n   * Function that mints a fresh TOTP code when called. Called at most once per\n   * `open()` invocation, immediately before building the inspector URL.\n   * Only used when `inspectorStableUrl` is absent.\n   *\n   * Pass `undefined` when TOTP is disabled (no `at=` param is added).\n   *\n   * SECRET-HANDLING: the function MUST return only the code (6 digits), not\n   * the secret. The code rides in the URL's `at=` param only.\n   */\n  mintTotp?: () => string;\n  /** Current MCP environment (`mock` | `relay`). `open()` no-ops on `mock`. */\n  env: McpEnvironment;\n}\n\n/**\n * Manages auto-opening Chrome DevTools on every NEW target attach (issue #530).\n *\n * Create one instance per `runDebugServer` call and pass its `open()` method\n * as the `onAttach` callback to the attach watcher (via `DualConnectionRouter`).\n *\n * The open fires for each NEW `targetId` — subsequent notifications for the\n * same target are de-duplicated. Re-attach with a fresh targetId (e.g. after\n * page reload on the phone) fires a new open. The URL opened is the stable\n * `/inspector` endpoint (issue #530) when `inspectorStableUrl` is provided —\n * it mints a fresh TOTP at click time so there is no expiry race. Falls back to\n * building a direct `front_end/chii_app.html?wss=…` URL when\n * `inspectorStableUrl` is absent.\n *\n * Opt-out and mock-environment guard are checked at call time.\n */\nexport class AutoDevtoolsOpener {\n  /** Per-target de-dupe set (issue #530 — target-unit guard replaces once-per-daemon). */\n  private readonly _openedTargets = new Set<string>();\n\n  /**\n   * Attempts to auto-open Chii DevTools in the developer's browser.\n   *\n   * Opens when:\n   *   - `options.targetId` is a NEW target (not yet in `_openedTargets`).\n   *\n   * No-op when any of the following conditions hold:\n   *   1. `targetId` has already been opened (`_openedTargets` has it).\n   *   2. `AIT_AUTO_DEVTOOLS=0` opt-out is set.\n   *   3. `options.env` is `mock` (env 1 — F12 is already available).\n   *   4. `options.targetId` is null/undefined/empty (no page attached yet).\n   *   5. Neither `inspectorStableUrl` nor `relayHttpBaseUrl` is available.\n   *\n   * When `inspectorStableUrl` is provided (issue #530 stable URL): opens\n   * `http://127.0.0.1:<port>/inspector` directly and writes it to stderr.\n   * The URL contains no tunnel host or TOTP code — safe to log anywhere.\n   *\n   * Legacy path (no `inspectorStableUrl`): builds a direct\n   * `<relay-base>/front_end/chii_app.html?wss=…` URL from `relayHttpBaseUrl`\n   * + `mintTotp`, writes to stderr. TOTP expiry caveat applies (~3 min window).\n   *\n   * SECRET-HANDLING: direct inspector URL (written to stderr) may contain relay\n   * host and TOTP code. Stable URL is secret-free. Neither must go to stdout or\n   * persistent logs.\n   */\n  open(options: DevtoolsOpenOptions): void {\n    if (isAutoDevtoolsDisabled()) return;\n    if (options.env === 'mock') return;\n    if (!options.targetId) return;\n\n    // Target-unit de-dupe (issue #530): re-attach with a new targetId fires again.\n    const targetId = options.targetId;\n    if (this._openedTargets.has(targetId)) return;\n\n    // Use stable /inspector URL when available (issue #530) — secret-free, no expiry.\n    if (options.inspectorStableUrl) {\n      this._openedTargets.add(targetId);\n      const stableUrl = options.inspectorStableUrl;\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다.\\n' +\n          `[ait-debug] QR 페이지 또는 대시보드(${stableUrl.replace('/inspector', '')})의 \"디버그 툴 열기\" 버튼을 눌러 DevTools를 여세요.\\n` +\n          '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n',\n      );\n      const opened = openUrlInBrowser(stableUrl);\n      if (!opened) {\n        process.stderr.write(\n          `[ait-debug] 브라우저 자동 열기 실패 — ${stableUrl} 을 브라우저에서 직접 여세요.\\n`,\n        );\n      }\n      return;\n    }\n\n    // Legacy path: build direct inspector URL from relayHttpBaseUrl + mintTotp.\n    if (!options.relayHttpBaseUrl) return;\n\n    this._openedTargets.add(targetId);\n\n    const inspectorUrl = buildChiiInspectorUrl(\n      options.relayHttpBaseUrl,\n      targetId,\n      options.mintTotp,\n    );\n\n    // FAIL-CLOSED (#509): buildChiiInspectorUrl returns null when mintTotp is\n    // absent (no valid at= code → relay WS gate would reject the connection).\n    // Record targetId in set so this guard fires, but skip browser open.\n    if (inspectorUrl === null) {\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다 — TOTP secret 미설정으로 인스펙터 URL을 생성할 수 없습니다.\\n' +\n          '[ait-debug] relay 세션은 AIT_DEBUG_TOTP_SECRET 설정이 필요합니다.\\n',\n      );\n      return;\n    }\n\n    process.stderr.write(\n      '[ait-debug] 기기가 연결됐습니다.\\n' +\n        `[ait-debug] DevTools URL: ${inspectorUrl}\\n` +\n        '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n' +\n        '[ait-debug] 주의: URL의 at= 코드는 ~3분 안에서만 유효합니다.\\n',\n    );\n\n    const opened = openUrlInBrowser(inspectorUrl);\n    if (!opened) {\n      process.stderr.write(\n        '[ait-debug] 브라우저 자동 열기 실패 — 위 URL을 브라우저에서 직접 여세요.\\n',\n      );\n    }\n  }\n\n  /**\n   * Returns `true` if `open()` has been called for at least one target.\n   * (Replaces the old once-per-session `_opened` flag; kept for interface\n   * compatibility with tests that read `opener.opened`.)\n   */\n  get opened(): boolean {\n    return this._openedTargets.size > 0;\n  }\n\n  /** Returns the set of target IDs that have already been auto-opened. */\n  get openedTargets(): ReadonlySet<string> {\n    return this._openedTargets;\n  }\n}\n"],"mappings":";;;;;;;;;;;;AA2KA,SAAgB,yBAAkC;AAChD,QAAO,QAAQ,IAAI,sBAAsB;;;;;;;;;AAc3C,SAAgB,iBAAiB,KAAsB;AAGrD,KAAI,QAAQ,IAAI,sCAAsC,IAAK,QAAO;CAElE,MAAM,EAAE,cAAc,QAAQ,qBAAqB;CACnD,MAAM,WAAW,QAAQ;CAGzB,IAAI;AACJ,KAAI,aAAa,SACf,cAAa,CAAC;EAAE,KAAK;EAAQ,MAAM,CAAC,IAAI;EAAE,CAAC;UAClC,aAAa,QACtB,cAAa,CAAC;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAI;EAAE,CAAC;KAG7D,cAAa;EACX;GAAE,KAAK;GAAY,MAAM,CAAC,IAAI;GAAE;EAChC;GAAE,KAAK;GAAoB,MAAM,CAAC,IAAI;GAAE;EACxC;GAAE,KAAK;GAAiB,MAAM,CAAC,IAAI;GAAE;EACtC;AAGH,MAAK,MAAM,EAAE,KAAK,UAAU,WAC1B,KAAI;EACF,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAO,CAAC;AACzE,MAAI,CAAC,OAAO,SAAS,OAAO,WAAW,EAAG,QAAO;SAC3C;AAIV,QAAO"}
+{"version":3,"file":"devtools-opener-iv1OwfJN.cjs","names":[],"sources":["../src/mcp/devtools-opener.ts"],"sourcesContent":["/**\n * Auto-opens Chrome DevTools when a page attaches over the Chii relay.\n *\n * When a real device attaches (env 2 / 3 / 4 in the 4-environments fidelity\n * ladder), the Chii relay exposes a standard CDP WebSocket endpoint.  Chii\n * also self-hosts its DevTools frontend at:\n *\n *   <relay-base>/front_end/chii_app.html\n *     ?ws|wss=<encodeURIComponent(\"<relay-host>/client/<uuid>?target=<targetId>&at=<totp>\")>\n *\n * The param name follows the relay base scheme — `ws=` for plain HTTP\n * (env 3/4 local relay), `wss=` for HTTPS (env 2 tunnel) — matching the\n * scheme branch in chii/public/index.js.\n *\n * This is the same URL format that Chii's own index-page inspect-links use\n * (derived from `chii/public/index.js` — the JS that powers the target list\n * page at `<relay-base>/`).  Opening this URL in the developer's local browser\n * gives a full Chrome DevTools UI connected to the phone via the relay.\n *\n * IMPORTANT — environment guard:\n *   Auto-open only fires in relay environments (env 2 / 3 / 4). In env 1\n *   (local browser + mock SDK) the developer already has F12 available; opening\n *   a DevTools window pointing at the mock relay would be confusing and useless.\n *   The caller (`startAttachWatcher` in `debug-server.ts`) passes the current\n *   environment and this module bails out when it is `mock`.\n *\n * Opt-out: set `AIT_AUTO_DEVTOOLS=0` in the environment to suppress auto-open\n *   entirely. Any other value (or absent) enables the default behaviour.\n *\n * Duplicate-open guard:\n *   `AutoDevtoolsOpener` tracks whether open was already triggered for the\n *   current session. The open fires at most once per instance — typically one\n *   per `runDebugServer` call.\n *\n * TOTP expiry caveat:\n *   The `at=` TOTP code embedded in the `wss=` parameter is minted fresh at the\n *   moment `open()` is called. The code is valid for ~3 minutes (the relay gate\n *   accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps = 180–210 s). If the developer\n *   does not open the URL within that window the WebSocket upgrade will be\n *   rejected with 4401. In practice the browser opens immediately after the OS\n *   `open` command; if needed the developer can copy the wss= param, replace\n *   `at=`, and reload. This is documented in the JSDoc below.\n *\n * PWA (WebKit) caveat:\n *   The Chii relay injects a chobitsu CDP shim into WebKit-based runtimes (env 2\n *   AITC Sandbox PWA). The DevTools frontend will connect and most panels work.\n *   However, WebKit does not expose the full CDP domain set that V8/Blink does,\n *   so some panels (Network, Layers) may appear empty or show limited data.\n *   This is a WebKit runtime constraint, not a relay or devtools-opener issue.\n *\n * Node-only: uses `child_process.spawnSync` to invoke the OS open command.\n */\n\nimport type { McpEnvironment } from './environment.js';\n\n// ---------------------------------------------------------------------------\n// Chii self-hosted DevTools frontend URL\n// ---------------------------------------------------------------------------\n\n/**\n * Assembles the Chii self-hosted DevTools inspector URL for a given relay\n * and target.\n *\n * Chii serves its own DevTools frontend at\n * `<relayHttpBaseUrl>/front_end/chii_app.html`. The `ws=` (plain HTTP relay)\n * or `wss=` (HTTPS relay) query parameter is a URL-encoded string of the form\n * `<relay-host>/client/<uuid>?target=<id>&at=<totp>` — the same format used\n * by Chii's own target list page (derived from `chii/public/index.js`).\n *\n * The `at=` TOTP code is minted at call time via `mintTotp()`.  It is valid\n * for ~3 minutes (relay gate accepts ±RELAY_VERIFY_SKEW_STEPS=6 steps =\n * 180–210 s).  The developer must open the returned URL within that window.\n * If the window expires before the browser connects, the relay will reject the\n * WebSocket upgrade with close code 4401.\n *\n * FAIL-CLOSED (issue #509): `mintTotp` is REQUIRED.  When omitted (i.e.\n * `undefined`), this function returns `null` — the caller must treat `null` as\n * \"inspector not yet available\" and show a waiting hint instead of a broken\n * link. Relay sessions gate every WS upgrade with TOTP (#452), so a URL built\n * without `at=` would be rejected with WS 4401 immediately — there is no\n * non-TOTP relay path in production. Returning `null` surfaces this cleanly as\n * a \"TOTP not yet configured\" state rather than silently producing a URL that\n * will always fail at the WS handshake.\n *\n * SECRET-HANDLING: `mintTotp` returns a code, not a secret. The code is\n * embedded in the `wss=` parameter (inside the `at=` param) of the returned\n * URL. Callers MUST NOT log the returned URL to stdout (stderr is OK — it is\n * the intended fallback surface for the developer to copy the URL).\n *\n * @param relayHttpBaseUrl - Local HTTP base URL of the Chii relay, e.g.\n *   `http://127.0.0.1:9100`. No trailing slash.\n * @param targetId - Chii target id (from `GET <relay>/targets`).\n * @param mintTotp - Function that returns a fresh 6-digit TOTP code string.\n *   Called at most once. **Required** — when `undefined`, the function returns\n *   `null` (fail-closed: no `at=` param means the relay WS gate rejects the\n *   handshake, so a null result is safer than a URL that always 404s).\n * @param panel - Initial panel. Defaults to `\"console\"`.\n *\n * @returns The inspector URL string, or `null` when `mintTotp` is absent.\n *\n * @example\n * buildChiiInspectorUrl(\n *   'http://127.0.0.1:9100',\n *   'abc123',\n *   () => generateTotp(secret),\n * )\n * // → 'http://127.0.0.1:9100/front_end/chii_app.html?ws=127.0.0.1%3A9100%2Fclient%2F<uuid>%3Ftarget%3Dabc123%26at%3D<code>'\n */\nexport function buildChiiInspectorUrl(\n  relayHttpBaseUrl: string,\n  targetId: string,\n  mintTotp?: () => string,\n  panel: 'elements' | 'console' | 'sources' | 'network' = 'console',\n): string | null {\n  // FAIL-CLOSED (#509): relay sessions require TOTP for every WS upgrade.\n  // Without a mintTotp function we cannot produce a valid at= code, so we\n  // return null rather than a URL that will always be rejected by the relay gate\n  // with WS 4401 / HTTP 404. Callers show a \"waiting\" hint when they get null.\n  if (!mintTotp) {\n    return null;\n  }\n\n  // Extract the host (and port) from the relay HTTP base URL, and pick the\n  // query param name chii_app.html expects: `ws=` dials `ws://` (plain-HTTP\n  // relay — env 3/4 local 127.0.0.1) while `wss=` dials `wss://` (HTTPS\n  // tunnel — env 2). chii/public/index.js does the same scheme branch:\n  // `location.protocol === 'https:' ? 'wss' : 'ws'`. Always sending `wss=`\n  // would make the frontend attempt TLS against the plain-HTTP local relay.\n  let relayHost: string;\n  let wsParamName: 'ws' | 'wss';\n  try {\n    const parsed = new URL(relayHttpBaseUrl);\n    relayHost = parsed.host; // e.g. \"127.0.0.1:9100\"\n    wsParamName = parsed.protocol === 'https:' ? 'wss' : 'ws';\n  } catch {\n    // Fallback: strip the scheme prefix manually if URL parsing fails.\n    relayHost = relayHttpBaseUrl.replace(/^https?:\\/\\//i, '');\n    wsParamName = /^https:/i.test(relayHttpBaseUrl) ? 'wss' : 'ws';\n  }\n\n  // Generate a client UUID that matches the format Chii's index.js uses\n  // (6 random alphanumeric characters).\n  const clientId = `devtools-opener-${Date.now().toString(36)}`;\n\n  // Build the ws=/wss= value: \"<relay-host>/client/<uuid>?target=<id>&at=<code>\"\n  // This mirrors the format from chii/public/index.js:\n  //   `${domain}${basePath}client/${randomId(6)}?target=${targetId}`\n  // SECRET-HANDLING: mintTotp() returns a code (not a secret). The code\n  // rides only in the URL's at= param. Callers must not log the URL.\n  const code = mintTotp();\n  const wsPath = `${relayHost}/client/${clientId}?target=${encodeURIComponent(targetId)}&at=${encodeURIComponent(code)}`;\n\n  const params = new URLSearchParams({ [wsParamName]: wsPath, panel });\n  return `${relayHttpBaseUrl.replace(/\\/$/, '')}/front_end/chii_app.html?${params.toString()}`;\n}\n\n// ---------------------------------------------------------------------------\n// Opt-out check\n// ---------------------------------------------------------------------------\n\n/**\n * Returns `true` when auto-open is **disabled**.\n *\n * Default (env var absent or any value other than `\"1\"`) is **disabled** —\n * the developer uses the \"디버그 툴 열기\" button on the /attach or dashboard\n * page instead. Set `AIT_AUTO_DEVTOOLS=1` to restore the old automatic\n * browser-open behaviour on device attach.\n *\n * `AIT_AUTO_DEVTOOLS=0` retains its explicit opt-out meaning for backward\n * compatibility (same effect as absent).\n */\nexport function isAutoDevtoolsDisabled(): boolean {\n  return process.env.AIT_AUTO_DEVTOOLS !== '1';\n}\n\n// ---------------------------------------------------------------------------\n// Browser open (Node-only, sync)\n// ---------------------------------------------------------------------------\n\n/**\n * Opens the given URL in the OS default browser using a platform-appropriate\n * command. Returns `true` on success.\n *\n * Failures are silent from the caller's perspective — the caller should log\n * the URL to stderr as a fallback before calling this function.\n */\nexport function openUrlInBrowser(url: string): boolean {\n  // Test hook: skip actual spawn when running in vitest / CI where the OS open\n  // command may hang or be absent. Production code never sets this.\n  if (process.env.AIT_AUTO_DEVTOOLS_TEST_SKIP_SPAWN === '1') return false;\n  // eslint-disable-next-line @typescript-eslint/no-require-imports\n  const { spawnSync } = require('node:child_process') as typeof import('node:child_process');\n  const platform = process.platform;\n\n  type Candidate = { cmd: string; args: string[] };\n  let candidates: Candidate[];\n  if (platform === 'darwin') {\n    candidates = [{ cmd: 'open', args: [url] }];\n  } else if (platform === 'win32') {\n    candidates = [{ cmd: 'cmd', args: ['/c', 'start', '', url] }];\n  } else {\n    // Linux + fallback\n    candidates = [\n      { cmd: 'xdg-open', args: [url] },\n      { cmd: 'sensible-browser', args: [url] },\n      { cmd: 'x-www-browser', args: [url] },\n    ];\n  }\n\n  for (const { cmd, args } of candidates) {\n    try {\n      const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5_000 });\n      if (!result.error && result.status === 0) return true;\n    } catch {\n      // Try next candidate.\n    }\n  }\n  return false;\n}\n\n// ---------------------------------------------------------------------------\n// AutoDevtoolsOpener — stateful once-per-session open guard\n// ---------------------------------------------------------------------------\n\n/**\n * Options for {@link AutoDevtoolsOpener.open}.\n *\n * The `relayHttpBaseUrl` and `targetId` fields are required to build a working\n * Chii self-hosted inspector URL. When `relayHttpBaseUrl` is absent the open\n * is skipped (no relay available yet).\n */\nexport interface DevtoolsOpenOptions {\n  /**\n   * Stable local inspector URL (`http://127.0.0.1:<port>/inspector`) from the\n   * QR HTTP server (issue #530). When provided this URL is opened in the browser\n   * instead of building a direct `front_end/chii_app.html?wss=…` URL. The\n   * `/inspector` endpoint mints a fresh TOTP at click time and redirects, so\n   * there is no TOTP-expiry race. Safe to log (no tunnel host, no TOTP code).\n   *\n   * When absent, falls back to building a direct inspector URL from\n   * `relayHttpBaseUrl` + `mintTotp` (legacy path, kept for backward compat).\n   */\n  inspectorStableUrl?: string | null;\n  /**\n   * Local HTTP base URL of the Chii relay, e.g. `http://127.0.0.1:9100`.\n   * Used to build the `<relay-base>/front_end/chii_app.html?wss=…` URL when\n   * `inspectorStableUrl` is not available.\n   *\n   * For env 3/4 (intoss relay) this is `http://127.0.0.1:<port>`.\n   * For env 2 (external PWA relay) this is the relay's external HTTP URL\n   * (e.g. `https://<host>.trycloudflare.com`).\n   *\n   * When absent or empty, `open()` is a no-op.\n   *\n   * SECRET-HANDLING: this value contains the relay host. Callers MUST NOT\n   * log it to stdout; stderr is the intended surface.\n   */\n  relayHttpBaseUrl: string | null | undefined;\n  /**\n   * Chii target id of the attached page, from `listTargets()[0].id`.\n   * When absent or empty, `open()` is a no-op.\n   */\n  targetId: string | null | undefined;\n  /**\n   * Function that mints a fresh TOTP code when called. Called at most once per\n   * `open()` invocation, immediately before building the inspector URL.\n   * Only used when `inspectorStableUrl` is absent.\n   *\n   * Pass `undefined` when TOTP is disabled (no `at=` param is added).\n   *\n   * SECRET-HANDLING: the function MUST return only the code (6 digits), not\n   * the secret. The code rides in the URL's `at=` param only.\n   */\n  mintTotp?: () => string;\n  /** Current MCP environment (`mock` | `relay`). `open()` no-ops on `mock`. */\n  env: McpEnvironment;\n}\n\n/**\n * Manages auto-opening Chrome DevTools on every NEW target attach (issue #530).\n *\n * Create one instance per `runDebugServer` call and pass its `open()` method\n * as the `onAttach` callback to the attach watcher (via `DualConnectionRouter`).\n *\n * The open fires for each NEW `targetId` — subsequent notifications for the\n * same target are de-duplicated. Re-attach with a fresh targetId (e.g. after\n * page reload on the phone) fires a new open. The URL opened is the stable\n * `/inspector` endpoint (issue #530) when `inspectorStableUrl` is provided —\n * it mints a fresh TOTP at click time so there is no expiry race. Falls back to\n * building a direct `front_end/chii_app.html?wss=…` URL when\n * `inspectorStableUrl` is absent.\n *\n * Opt-out and mock-environment guard are checked at call time.\n */\nexport class AutoDevtoolsOpener {\n  /** Per-target de-dupe set (issue #530 — target-unit guard replaces once-per-daemon). */\n  private readonly _openedTargets = new Set<string>();\n\n  /**\n   * Attempts to auto-open Chii DevTools in the developer's browser.\n   *\n   * Opens when:\n   *   - `options.targetId` is a NEW target (not yet in `_openedTargets`).\n   *\n   * No-op when any of the following conditions hold:\n   *   1. `targetId` has already been opened (`_openedTargets` has it).\n   *   2. `AIT_AUTO_DEVTOOLS=0` opt-out is set.\n   *   3. `options.env` is `mock` (env 1 — F12 is already available).\n   *   4. `options.targetId` is null/undefined/empty (no page attached yet).\n   *   5. Neither `inspectorStableUrl` nor `relayHttpBaseUrl` is available.\n   *\n   * When `inspectorStableUrl` is provided (issue #530 stable URL): opens\n   * `http://127.0.0.1:<port>/inspector` directly and writes it to stderr.\n   * The URL contains no tunnel host or TOTP code — safe to log anywhere.\n   *\n   * Legacy path (no `inspectorStableUrl`): builds a direct\n   * `<relay-base>/front_end/chii_app.html?wss=…` URL from `relayHttpBaseUrl`\n   * + `mintTotp`, writes to stderr. TOTP expiry caveat applies (~3 min window).\n   *\n   * SECRET-HANDLING: direct inspector URL (written to stderr) may contain relay\n   * host and TOTP code. Stable URL is secret-free. Neither must go to stdout or\n   * persistent logs.\n   */\n  open(options: DevtoolsOpenOptions): void {\n    if (isAutoDevtoolsDisabled()) return;\n    if (options.env === 'mock') return;\n    if (!options.targetId) return;\n\n    // Target-unit de-dupe (issue #530): re-attach with a new targetId fires again.\n    const targetId = options.targetId;\n    if (this._openedTargets.has(targetId)) return;\n\n    // Use stable /inspector URL when available (issue #530) — secret-free, no expiry.\n    if (options.inspectorStableUrl) {\n      this._openedTargets.add(targetId);\n      const stableUrl = options.inspectorStableUrl;\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다.\\n' +\n          `[ait-debug] QR 페이지 또는 대시보드(${stableUrl.replace('/inspector', '')})의 \"디버그 툴 열기\" 버튼을 눌러 DevTools를 여세요.\\n` +\n          '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n',\n      );\n      const opened = openUrlInBrowser(stableUrl);\n      if (!opened) {\n        process.stderr.write(\n          `[ait-debug] 브라우저 자동 열기 실패 — ${stableUrl} 을 브라우저에서 직접 여세요.\\n`,\n        );\n      }\n      return;\n    }\n\n    // Legacy path: build direct inspector URL from relayHttpBaseUrl + mintTotp.\n    if (!options.relayHttpBaseUrl) return;\n\n    this._openedTargets.add(targetId);\n\n    const inspectorUrl = buildChiiInspectorUrl(\n      options.relayHttpBaseUrl,\n      targetId,\n      options.mintTotp,\n    );\n\n    // FAIL-CLOSED (#509): buildChiiInspectorUrl returns null when mintTotp is\n    // absent (no valid at= code → relay WS gate would reject the connection).\n    // Record targetId in set so this guard fires, but skip browser open.\n    if (inspectorUrl === null) {\n      process.stderr.write(\n        '[ait-debug] 기기가 연결됐습니다 — TOTP secret 미설정으로 인스펙터 URL을 생성할 수 없습니다.\\n' +\n          '[ait-debug] relay 세션은 AIT_DEBUG_TOTP_SECRET 설정이 필요합니다.\\n',\n      );\n      return;\n    }\n\n    process.stderr.write(\n      '[ait-debug] 기기가 연결됐습니다.\\n' +\n        `[ait-debug] DevTools URL: ${inspectorUrl}\\n` +\n        '[ait-debug] (AIT_AUTO_DEVTOOLS=1 로 설정하면 연결 시 자동으로 열립니다)\\n' +\n        '[ait-debug] 주의: URL의 at= 코드는 ~3분 안에서만 유효합니다.\\n',\n    );\n\n    const opened = openUrlInBrowser(inspectorUrl);\n    if (!opened) {\n      process.stderr.write(\n        '[ait-debug] 브라우저 자동 열기 실패 — 위 URL을 브라우저에서 직접 여세요.\\n',\n      );\n    }\n  }\n\n  /**\n   * Returns `true` if `open()` has been called for at least one target.\n   * (Replaces the old once-per-session `_opened` flag; kept for interface\n   * compatibility with tests that read `opener.opened`.)\n   */\n  get opened(): boolean {\n    return this._openedTargets.size > 0;\n  }\n\n  /** Returns the set of target IDs that have already been auto-opened. */\n  get openedTargets(): ReadonlySet<string> {\n    return this._openedTargets;\n  }\n}\n"],"mappings":";;;;;;;;;;;;AA2KA,SAAgB,yBAAkC;AAChD,QAAO,QAAQ,IAAI,sBAAsB;;;;;;;;;AAc3C,SAAgB,iBAAiB,KAAsB;AAGrD,KAAI,QAAQ,IAAI,sCAAsC,IAAK,QAAO;CAElE,MAAM,EAAE,cAAc,QAAQ,qBAAqB;CACnD,MAAM,WAAW,QAAQ;CAGzB,IAAI;AACJ,KAAI,aAAa,SACf,cAAa,CAAC;EAAE,KAAK;EAAQ,MAAM,CAAC,IAAI;EAAE,CAAC;UAClC,aAAa,QACtB,cAAa,CAAC;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAI;EAAE,CAAC;KAG7D,cAAa;EACX;GAAE,KAAK;GAAY,MAAM,CAAC,IAAI;GAAE;EAChC;GAAE,KAAK;GAAoB,MAAM,CAAC,IAAI;GAAE;EACxC;GAAE,KAAK;GAAiB,MAAM,CAAC,IAAI;GAAE;EACtC;AAGH,MAAK,MAAM,EAAE,KAAK,UAAU,WAC1B,KAAI;EACF,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAO,CAAC;AACzE,MAAI,CAAC,OAAO,SAAS,OAAO,WAAW,EAAG,QAAO;SAC3C;AAIV,QAAO"}