@anna-ai/cli 0.1.4 → 0.1.11

package/dist/server-Cd5Lo-2v.js

@@ -0,0 +1,678 @@
+import { canonicalHost, getAccount } from "./credentials-ggdaz_-7.js";
+import { dirname, join, normalize, resolve } from "node:path";
+import { createRequire } from "node:module";
+import { createReadStream, existsSync, readFileSync, statSync, watch } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { readFile } from "node:fs/promises";
+import { createServer } from "node:http";
+import { WebSocketServer } from "ws";
+import { setTimeout as setTimeout$1 } from "node:timers/promises";
+
+//#region src/harness/llm-bridge.ts
+var LlmBridge = class {
+	mintedAuto = new Map();
+	mintedAgent = new Map();
+	mocks = [];
+	streamCounter = 0;
+	constructor(opts) {
+		this.opts = opts;
+		if (opts.mode === "mock" && opts.mockFile) {
+			const path = resolve(opts.mockFile);
+			if (existsSync(path)) {
+				const lines = readFileSync(path, "utf8").split(/\r?\n/);
+				for (const line of lines) {
+					if (!line.trim() || line.startsWith("#")) continue;
+					try {
+						this.mocks.push(JSON.parse(line));
+					} catch {}
+				}
+			}
+		}
+	}
+	/** Returns true iff this bridge handles `(ns, method)` (i.e. the harness
+	*  should NOT forward it to the in-process Python dispatcher). */
+	static handles(ns, method) {
+		if (ns === "llm" && method === "complete") return true;
+		if (ns === "agent" && method.startsWith("session.")) return true;
+		return false;
+	}
+	/** Resolve the active account or throw with a friendly message. */
+	account() {
+		const acc = getAccount(this.opts.account);
+		if (!acc) throw new Error("no PAT on disk — run `anna-app login --host <nexus-url>` first (or use `--no-llm` / `--mock-llm <fixture>` to develop offline)");
+		if (acc.expires_at && acc.expires_at < Math.floor(Date.now() / 1e3)) throw new Error("PAT expired — run `anna-app login` again");
+		return acc;
+	}
+	/** Mint (or reuse) an `app_session_token` for kind=complete (per window). */
+	async mintComplete(windowUuid) {
+		const cached = this.mintedAuto.get(windowUuid);
+		if (cached && cached.expiresAt - 30 > Math.floor(Date.now() / 1e3)) return cached;
+		const acc = this.account();
+		const body = {
+			pat: acc.pat,
+			kind: "complete",
+			app_id: this.opts.appId ?? null
+		};
+		if (!body.app_id) body.app_id = 1;
+		const minted = await this.callMint(acc.host, body);
+		const ms = {
+			appSessionToken: minted.app_session_token,
+			appSessionUuid: minted.app_session_uuid,
+			expiresAt: Math.floor(Date.now() / 1e3) + (minted.expires_in || 600),
+			isAgent: false,
+			submode: null
+		};
+		this.mintedAuto.set(windowUuid, ms);
+		return ms;
+	}
+	/** Mint a kind=agent session — called from `agent.session.create`. */
+	async mintAgent(args) {
+		const acc = this.account();
+		const submode = args.submode ?? "auto";
+		const body = {
+			pat: acc.pat,
+			kind: "agent",
+			submode,
+			fixed_client_id: args.fixed_client_id ?? args.fixedClientId ?? null,
+			app_id: this.opts.appId ?? 1,
+			label: args.label ?? "anna-app dev",
+			quota_caps: args.quotaCaps ?? null
+		};
+		const minted = await this.callMint(acc.host, body);
+		const ms = {
+			appSessionToken: minted.app_session_token,
+			appSessionUuid: minted.app_session_uuid,
+			expiresAt: Math.floor(Date.now() / 1e3) + (minted.expires_in || 600),
+			isAgent: true,
+			submode
+		};
+		this.mintedAgent.set(ms.appSessionUuid, ms);
+		return ms;
+	}
+	async callMint(host, body) {
+		const url = `${canonicalHost(host)}/api/v1/anna-apps/dev/session/mint`;
+		const res = await fetch(url, {
+			method: "POST",
+			headers: { "content-type": "application/json" },
+			body: JSON.stringify(body)
+		});
+		if (!res.ok) {
+			const text = await res.text().catch(() => "");
+			throw new Error(`session.mint failed: HTTP ${res.status} ${text}`);
+		}
+		return await res.json();
+	}
+	/** Public entry — invoked by harness `proxyCall` for llm.* / agent.*. */
+	async dispatch(args) {
+		if (this.opts.mode === "off") return {
+			ok: false,
+			error: {
+				code: "llm_disabled",
+				message: "harness started with --no-llm"
+			}
+		};
+		if (this.opts.mode === "mock") return this.dispatchMock(args);
+		try {
+			return await this.dispatchReal(args);
+		} catch (e) {
+			return {
+				ok: false,
+				error: {
+					code: "transport",
+					message: e.message
+				}
+			};
+		}
+	}
+	async dispatchMock(args) {
+		const content = String(args.args?.content ?? args.args?.messages ?? "");
+		const entry = this.mocks.find((m) => m.ns === args.ns && m.method === args.method && (!m.match?.contentIncludes || content.includes(m.match.contentIncludes))) ?? this.mocks.find((m) => m.ns === args.ns && m.method === args.method);
+		if (!entry) return {
+			ok: true,
+			result: args.ns === "llm" ? {
+				role: "assistant",
+				content: {
+					type: "text",
+					text: "(mock) no fixture matched"
+				},
+				model: "mock-model",
+				stopReason: "endTurn"
+			} : {
+				app_session_uuid: "aps_mock",
+				expires_in: 600,
+				submode: "auto",
+				granted_tools: []
+			}
+		};
+		if (entry.events && entry.events.length > 0) {
+			const sid = `mock-${++this.streamCounter}`;
+			(async () => {
+				let seq = 0;
+				for (const ev of entry.events ?? []) {
+					if (ev.delay_ms) await setTimeout$1(ev.delay_ms);
+					seq += 1;
+					args.onEvent("rpc.stream", {
+						stream_id: sid,
+						seq,
+						payload: ev.payload,
+						done: false
+					});
+				}
+				args.onEvent("rpc.stream", {
+					stream_id: sid,
+					seq: seq + 1,
+					payload: { event: "end" },
+					done: true
+				});
+			})();
+			return {
+				ok: true,
+				result: {
+					stream_id: sid,
+					run_id: "mock-run"
+				}
+			};
+		}
+		return {
+			ok: true,
+			result: entry.result ?? {}
+		};
+	}
+	async dispatchReal(args) {
+		const acc = this.account();
+		if (args.ns === "llm" && args.method === "complete") {
+			const ms = await this.mintComplete(args.windowUuid);
+			const result = await this.postJson(`${canonicalHost(acc.host)}/api/v1/copilot/app/complete`, ms.appSessionToken, args.args);
+			return {
+				ok: true,
+				result
+			};
+		}
+		if (args.ns === "agent") switch (args.method) {
+			case "session.create": {
+				const ms = await this.mintAgent(args.args);
+				return {
+					ok: true,
+					result: {
+						app_session_uuid: ms.appSessionUuid,
+						expires_in: Math.max(0, ms.expiresAt - Math.floor(Date.now() / 1e3)),
+						submode: ms.submode,
+						fixed_client_id: args.args.fixed_client_id ?? null,
+						granted_tools: []
+					}
+				};
+			}
+			case "session.run": {
+				const apsUuid = String(args.args.app_session_uuid ?? "");
+				const ms = this.mintedAgent.get(apsUuid);
+				if (!ms) return {
+					ok: false,
+					error: {
+						code: "session_expired",
+						message: "no cached session"
+					}
+				};
+				const sid = `dev-${++this.streamCounter}`;
+				this.pumpAgentRun({
+					host: acc.host,
+					token: ms.appSessionToken,
+					body: {
+						...args.args,
+						stream: true
+					},
+					streamId: sid,
+					windowUuid: args.windowUuid,
+					onEvent: args.onEvent
+				});
+				return {
+					ok: true,
+					result: {
+						stream_id: sid,
+						run_id: String(args.args.run_id ?? sid)
+					}
+				};
+			}
+			case "session.cancel": {
+				const apsUuid = String(args.args.app_session_uuid ?? "");
+				const ms = this.mintedAgent.get(apsUuid);
+				if (!ms) return {
+					ok: false,
+					error: {
+						code: "session_expired",
+						message: "no cached session"
+					}
+				};
+				const out = await this.postJson(`${canonicalHost(acc.host)}/api/v1/copilot/app/agent/cancel`, ms.appSessionToken, args.args);
+				return {
+					ok: true,
+					result: out
+				};
+			}
+			case "session.history": return {
+				ok: false,
+				error: {
+					code: "not_supported",
+					message: "agent.session.history is not exposed over HTTP; available only via in-process store"
+				}
+			};
+			case "session.delete": {
+				const apsUuid = String(args.args.app_session_uuid ?? "");
+				const ms = this.mintedAgent.get(apsUuid);
+				this.mintedAgent.delete(apsUuid);
+				if (!ms) return {
+					ok: true,
+					result: { deleted: true }
+				};
+				const url = `${canonicalHost(acc.host)}/api/v1/copilot/app/sessions/${encodeURIComponent(apsUuid)}`;
+				const res = await fetch(url, {
+					method: "DELETE",
+					headers: { authorization: `Bearer ${ms.appSessionToken}` }
+				});
+				if (!res.ok) {
+					const text = await res.text().catch(() => "");
+					return {
+						ok: false,
+						error: {
+							code: "transport",
+							message: `HTTP ${res.status}: ${text}`
+						}
+					};
+				}
+				return {
+					ok: true,
+					result: { deleted: true }
+				};
+			}
+		}
+		return {
+			ok: false,
+			error: {
+				code: "unknown_method",
+				message: `${args.ns}.${args.method}`
+			}
+		};
+	}
+	async postJson(url, token, body) {
+		const res = await fetch(url, {
+			method: "POST",
+			headers: {
+				"content-type": "application/json",
+				authorization: `Bearer ${token}`
+			},
+			body: JSON.stringify(body)
+		});
+		if (!res.ok) {
+			const text = await res.text().catch(() => "");
+			throw new Error(`HTTP ${res.status}: ${text}`);
+		}
+		return res.json();
+	}
+	/** Consume an SSE response and forward each frame as `rpc.stream`. */
+	async pumpAgentRun(args) {
+		const url = `${canonicalHost(args.host)}/api/v1/copilot/app/agent`;
+		let seq = 0;
+		const emit = (payload, done) => {
+			seq += 1;
+			args.onEvent("rpc.stream", {
+				stream_id: args.streamId,
+				window_uuid: args.windowUuid,
+				seq,
+				payload,
+				done
+			});
+		};
+		try {
+			const res = await fetch(url, {
+				method: "POST",
+				headers: {
+					"content-type": "application/json",
+					authorization: `Bearer ${args.token}`,
+					accept: "text/event-stream"
+				},
+				body: JSON.stringify(args.body)
+			});
+			if (!res.ok || !res.body) {
+				const text = await res.text().catch(() => "");
+				emit({
+					event: "error",
+					code: "http",
+					message: `HTTP ${res.status}: ${text}`
+				}, true);
+				return;
+			}
+			const reader = res.body.getReader();
+			const decoder = new TextDecoder();
+			let buf = "";
+			while (true) {
+				const { value, done } = await reader.read();
+				if (done) break;
+				buf += decoder.decode(value, { stream: true });
+				let idx;
+				while ((idx = buf.indexOf("\n\n")) >= 0) {
+					const frame = buf.slice(0, idx);
+					buf = buf.slice(idx + 2);
+					const payload = parseSseFrame(frame);
+					if (payload != null) emit(payload, false);
+				}
+			}
+			if (buf.trim().length > 0) {
+				const payload = parseSseFrame(buf);
+				if (payload != null) emit(payload, false);
+			}
+			emit({ event: "end" }, true);
+		} catch (e) {
+			emit({
+				event: "error",
+				code: "transport",
+				message: e.message
+			}, true);
+		}
+	}
+};
+function parseSseFrame(frame) {
+	const lines = frame.split(/\r?\n/);
+	let dataLines = [];
+	let eventName = null;
+	for (const raw of lines) {
+		if (!raw || raw.startsWith(":")) continue;
+		if (raw.startsWith("data:")) dataLines.push(raw.slice(5).trimStart());
+		else if (raw.startsWith("event:")) eventName = raw.slice(6).trim();
+	}
+	if (dataLines.length === 0) return null;
+	const data = dataLines.join("\n");
+	try {
+		const obj = JSON.parse(data);
+		if (eventName && obj && typeof obj === "object" && !("event" in obj)) return {
+			...obj,
+			event: eventName
+		};
+		return obj;
+	} catch {
+		return {
+			event: eventName ?? "raw",
+			text: data
+		};
+	}
+}
+
+//#endregion
+//#region src/harness/server.ts
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const MIME = {
+	".html": "text/html; charset=utf-8",
+	".js": "application/javascript; charset=utf-8",
+	".mjs": "application/javascript; charset=utf-8",
+	".css": "text/css; charset=utf-8",
+	".json": "application/json; charset=utf-8",
+	".svg": "image/svg+xml",
+	".png": "image/png",
+	".jpg": "image/jpeg",
+	".jpeg": "image/jpeg",
+	".gif": "image/gif",
+	".woff": "font/woff",
+	".woff2": "font/woff2",
+	".map": "application/json"
+};
+var HarnessServer = class {
+	server = createServer((req, res) => this.handle(req, res));
+	wss = null;
+	sessionId = null;
+	liveSockets = new Set();
+	watchers = [];
+	reloadDebounce = null;
+	/** Pending events queued by the LLM bridge — drained alongside Python events. */
+	llmEventQueue = [];
+	llmBridge;
+	constructor(cfg, bridge) {
+		this.cfg = cfg;
+		this.bridge = bridge;
+		this.llmBridge = cfg.llm ? new LlmBridge(cfg.llm) : null;
+	}
+	async listen() {
+		if (this.cfg.executas && this.cfg.executas.length > 0) await this.bridge.call("executas.register", { executas: this.cfg.executas.map((e) => ({
+			tool_id: e.tool_id,
+			project_dir: e.project_dir,
+			command: e.command ?? null
+		})) });
+		await new Promise((res, rej) => this.server.listen(this.cfg.port, () => res()).once("error", rej));
+		this.wss = new WebSocketServer({ noServer: true });
+		this.server.on("upgrade", (req, socket, head) => {
+			const url = new URL(req.url ?? "/", "http://localhost");
+			if (url.pathname !== "/ws") {
+				socket.destroy();
+				return;
+			}
+			this.wss.handleUpgrade(req, socket, head, (ws) => {
+				const sid = url.searchParams.get("session_id");
+				if (!sid || sid !== this.sessionId) {
+					ws.close(1008, "unknown session_id");
+					return;
+				}
+				this.liveSockets.add(ws);
+				const timer = setInterval(async () => {
+					try {
+						const out = await this.bridge.call("session.drain_events", { session_id: sid });
+						for (const ev of out.events) ws.send(JSON.stringify({
+							kind: "event",
+							...ev
+						}));
+						if (this.llmEventQueue.length > 0) {
+							const drained = this.llmEventQueue.splice(0);
+							for (const ev of drained) ws.send(JSON.stringify({
+								kind: "event",
+								...ev
+							}));
+						}
+					} catch (e) {
+						ws.close(1011, `drain failed: ${e.message}`);
+						clearInterval(timer);
+					}
+				}, 200);
+				ws.on("close", () => {
+					this.liveSockets.delete(ws);
+					clearInterval(timer);
+				});
+			});
+		});
+		if (this.cfg.watch) this.startWatcher();
+	}
+	async close() {
+		for (const w of this.watchers) w.close();
+		this.watchers = [];
+		if (this.reloadDebounce) clearTimeout(this.reloadDebounce);
+		if (this.wss) {
+			for (const c of this.wss.clients) c.terminate();
+			this.wss.close();
+		}
+		await new Promise((res) => this.server.close(() => res()));
+	}
+	startWatcher() {
+		const broadcastReload = (path) => {
+			if (this.reloadDebounce) clearTimeout(this.reloadDebounce);
+			this.reloadDebounce = setTimeout(() => {
+				const env = JSON.stringify({
+					kind: "reload",
+					path
+				});
+				for (const ws of this.liveSockets) if (ws.readyState === ws.OPEN) ws.send(env);
+			}, 100);
+		};
+		try {
+			this.watchers.push(watch(this.cfg.bundleDir, { recursive: true }, (_evt, filename) => {
+				if (filename) broadcastReload(`bundle/${filename}`);
+			}));
+		} catch (e) {
+			process.stderr.write(`[harness] watcher failed to attach to ${this.cfg.bundleDir}: ${e.message}\n`);
+		}
+	}
+	async handle(req, res) {
+		try {
+			const url = new URL(req.url ?? "/", "http://localhost");
+			const method = req.method ?? "GET";
+			if (method === "GET" && (url.pathname === "/" || url.pathname === "/dashboard")) return await this.serveDashboard(res);
+			if (method === "GET" && url.pathname === "/api/config") return this.json(res, 200, {
+				app_slug: this.cfg.slug,
+				view: this.cfg.view ?? null,
+				bundle_base: `/anna-apps/${this.cfg.slug}/dev/${this.cfg.bundleEntry}`,
+				executas: (this.cfg.executas ?? []).map((e) => e.tool_id),
+				watch: !!this.cfg.watch
+			});
+			if (method === "POST" && url.pathname === "/api/session/create") return await this.createSession(res);
+			if (method === "POST" && url.pathname === "/api/session/call") return await this.proxyCall(req, res);
+			if (method === "POST" && url.pathname === "/api/session/refresh-token") return await this.refreshToken(res);
+			if (method === "GET" && url.pathname.startsWith("/static/anna-apps/_sdk/")) return await this.serveSdk(url.pathname, res);
+			if (method === "GET" && url.pathname.startsWith(`/anna-apps/${this.cfg.slug}/dev/`)) {
+				const rel = url.pathname.replace(`/anna-apps/${this.cfg.slug}/dev/`, "");
+				return await this.serveBundleAsset(rel, res);
+			}
+			this.text(res, 404, `not found: ${url.pathname}`);
+		} catch (e) {
+			this.text(res, 500, `harness error: ${e.message}`);
+		}
+	}
+	async serveDashboard(res) {
+		const file = join(__dirname, "dashboard.html");
+		const html = await readFile(file, "utf-8");
+		res.writeHead(200, {
+			"content-type": MIME[".html"],
+			"cache-control": "no-store"
+		});
+		res.end(html);
+	}
+	async createSession(res) {
+		if (this.sessionId) {
+			try {
+				await this.bridge.call("session.close", { session_id: this.sessionId });
+			} catch {}
+			this.sessionId = null;
+		}
+		const out = await this.bridge.call("session.create", {
+			user_id: this.cfg.userId,
+			manifest: this.cfg.manifest,
+			view: this.cfg.view,
+			entry_payload: this.cfg.entryPayload ?? {},
+			app_slug: this.cfg.slug
+		});
+		this.sessionId = out.session_id;
+		this.json(res, 200, out);
+	}
+	async proxyCall(req, res) {
+		const body = await readBody(req);
+		let parsed;
+		try {
+			parsed = JSON.parse(body);
+		} catch {
+			return this.json(res, 400, {
+				ok: false,
+				error: {
+					code: "bad_request",
+					message: "invalid json body"
+				}
+			});
+		}
+		if (this.llmBridge != null && LlmBridge.handles(parsed.ns, parsed.method)) {
+			const out = await this.llmBridge.dispatch({
+				windowUuid: this.sessionId ?? "harness",
+				ns: parsed.ns,
+				method: parsed.method,
+				args: parsed.args ?? {},
+				onEvent: (kind, payload) => {
+					this.llmEventQueue.push({
+						event: kind,
+						payload
+					});
+				}
+			});
+			this.json(res, 200, out);
+			return;
+		}
+		try {
+			const out = await this.bridge.call("session.call", {
+				session_id: parsed.session_id,
+				ns: parsed.ns,
+				method: parsed.method,
+				args: parsed.args ?? {}
+			});
+			this.json(res, 200, out);
+		} catch (e) {
+			this.json(res, 200, {
+				ok: false,
+				error: {
+					code: "transport",
+					message: e.message
+				}
+			});
+		}
+	}
+	async refreshToken(res) {
+		if (!this.sessionId) return this.json(res, 400, { error: "no active session" });
+		try {
+			const out = await this.bridge.call("session.refresh_token", { session_id: this.sessionId });
+			this.json(res, 200, out);
+		} catch (e) {
+			this.json(res, 500, { error: e.message });
+		}
+	}
+	async serveSdk(pathname, res) {
+		const sdkRel = pathname.replace(/^\/static\/anna-apps\/_sdk\/[^/]+\//, "");
+		let distRoot;
+		try {
+			const req = createRequire(import.meta.url);
+			distRoot = dirname(req.resolve("@anna-ai/app-runtime"));
+		} catch (e) {
+			return this.text(res, 500, `@anna-ai/app-runtime is not installed: ${e.message}`);
+		}
+		const abs = resolve(distRoot, sdkRel);
+		if (!abs.startsWith(distRoot)) return this.text(res, 403, "forbidden");
+		return this.serveFile(abs, res);
+	}
+	async serveBundleAsset(rel, res) {
+		const abs = resolve(this.cfg.bundleDir, normalize(rel));
+		if (!abs.startsWith(resolve(this.cfg.bundleDir))) return this.text(res, 403, "forbidden");
+		return this.serveFile(abs, res);
+	}
+	async serveFile(abs, res) {
+		let stat;
+		try {
+			stat = statSync(abs);
+		} catch {
+			return this.text(res, 404, `not found: ${abs}`);
+		}
+		if (!stat.isFile()) return this.text(res, 404, "not a file");
+		const ext = abs.slice(abs.lastIndexOf("."));
+		res.writeHead(200, {
+			"content-type": MIME[ext] ?? "application/octet-stream",
+			"cache-control": "no-store",
+			"content-length": String(stat.size)
+		});
+		createReadStream(abs).pipe(res);
+	}
+	json(res, status, body) {
+		const text = JSON.stringify(body);
+		res.writeHead(status, {
+			"content-type": MIME[".json"],
+			"content-length": String(Buffer.byteLength(text)),
+			"cache-control": "no-store"
+		});
+		res.end(text);
+	}
+	text(res, status, body) {
+		res.writeHead(status, {
+			"content-type": "text/plain; charset=utf-8",
+			"content-length": String(Buffer.byteLength(body))
+		});
+		res.end(body);
+	}
+};
+function readBody(req) {
+	return new Promise((resolve$1, reject) => {
+		const chunks = [];
+		req.on("data", (c) => chunks.push(c));
+		req.on("end", () => resolve$1(Buffer.concat(chunks).toString("utf-8")));
+		req.on("error", reject);
+	});
+}
+
+//#endregion
+export { HarnessServer };