@askexenow/exe-os 0.9.8 → 0.9.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/backfill-conversations.js +222 -49
- package/dist/bin/backfill-responses.js +221 -48
- package/dist/bin/backfill-vectors.js +225 -52
- package/dist/bin/cleanup-stale-review-tasks.js +150 -28
- package/dist/bin/cli.js +1295 -856
- package/dist/bin/exe-agent-config.js +36 -8
- package/dist/bin/exe-agent.js +14 -4
- package/dist/bin/exe-assign.js +221 -48
- package/dist/bin/exe-boot.js +778 -427
- package/dist/bin/exe-call.js +41 -13
- package/dist/bin/exe-cloud.js +163 -58
- package/dist/bin/exe-dispatch.js +276 -139
- package/dist/bin/exe-doctor.js +145 -27
- package/dist/bin/exe-export-behaviors.js +141 -23
- package/dist/bin/exe-forget.js +137 -19
- package/dist/bin/exe-gateway.js +677 -388
- package/dist/bin/exe-heartbeat.js +227 -108
- package/dist/bin/exe-kill.js +138 -20
- package/dist/bin/exe-launch-agent.js +172 -39
- package/dist/bin/exe-link.js +291 -100
- package/dist/bin/exe-new-employee.js +214 -106
- package/dist/bin/exe-pending-messages.js +395 -33
- package/dist/bin/exe-pending-notifications.js +684 -99
- package/dist/bin/exe-pending-reviews.js +420 -74
- package/dist/bin/exe-rename.js +147 -49
- package/dist/bin/exe-review.js +138 -20
- package/dist/bin/exe-search.js +240 -69
- package/dist/bin/exe-session-cleanup.js +440 -250
- package/dist/bin/exe-settings.js +61 -17
- package/dist/bin/exe-start-codex.js +158 -39
- package/dist/bin/exe-start-opencode.js +157 -38
- package/dist/bin/exe-status.js +151 -29
- package/dist/bin/exe-team.js +138 -20
- package/dist/bin/git-sweep.js +404 -212
- package/dist/bin/graph-backfill.js +137 -19
- package/dist/bin/graph-export.js +140 -22
- package/dist/bin/install.js +90 -61
- package/dist/bin/scan-tasks.js +412 -220
- package/dist/bin/setup.js +564 -293
- package/dist/bin/shard-migrate.js +139 -21
- package/dist/bin/update.js +138 -49
- package/dist/bin/wiki-sync.js +137 -19
- package/dist/gateway/index.js +533 -320
- package/dist/hooks/bug-report-worker.js +344 -193
- package/dist/hooks/codex-stop-task-finalizer.js +4678 -0
- package/dist/hooks/commit-complete.js +402 -210
- package/dist/hooks/error-recall.js +245 -74
- package/dist/hooks/exe-heartbeat-hook.js +16 -6
- package/dist/hooks/ingest-worker.js +3423 -3157
- package/dist/hooks/ingest.js +832 -97
- package/dist/hooks/instructions-loaded.js +227 -54
- package/dist/hooks/notification.js +216 -43
- package/dist/hooks/post-compact.js +239 -62
- package/dist/hooks/pre-compact.js +408 -216
- package/dist/hooks/pre-tool-use.js +268 -90
- package/dist/hooks/prompt-ingest-worker.js +352 -102
- package/dist/hooks/prompt-submit.js +541 -328
- package/dist/hooks/response-ingest-worker.js +372 -122
- package/dist/hooks/session-end.js +443 -240
- package/dist/hooks/session-start.js +313 -127
- package/dist/hooks/stop.js +293 -98
- package/dist/hooks/subagent-stop.js +239 -62
- package/dist/hooks/summary-worker.js +568 -236
- package/dist/index.js +538 -324
- package/dist/lib/agent-config.js +28 -6
- package/dist/lib/cloud-sync.js +284 -105
- package/dist/lib/config.js +30 -10
- package/dist/lib/consolidation.js +16 -6
- package/dist/lib/database.js +123 -25
- package/dist/lib/db-daemon-client.js +73 -19
- package/dist/lib/db.js +123 -25
- package/dist/lib/device-registry.js +133 -35
- package/dist/lib/embedder.js +107 -32
- package/dist/lib/employee-templates.js +14 -4
- package/dist/lib/employees.js +41 -13
- package/dist/lib/exe-daemon-client.js +88 -22
- package/dist/lib/exe-daemon.js +935 -587
- package/dist/lib/hybrid-search.js +240 -69
- package/dist/lib/identity.js +18 -8
- package/dist/lib/license.js +133 -48
- package/dist/lib/messaging.js +116 -56
- package/dist/lib/reminders.js +14 -4
- package/dist/lib/schedules.js +137 -19
- package/dist/lib/skill-learning.js +33 -6
- package/dist/lib/store.js +137 -19
- package/dist/lib/task-router.js +14 -4
- package/dist/lib/tasks.js +280 -234
- package/dist/lib/tmux-routing.js +172 -125
- package/dist/lib/token-spend.js +26 -8
- package/dist/mcp/server.js +1326 -609
- package/dist/mcp/tools/complete-reminder.js +14 -4
- package/dist/mcp/tools/create-reminder.js +14 -4
- package/dist/mcp/tools/create-task.js +306 -248
- package/dist/mcp/tools/deactivate-behavior.js +16 -6
- package/dist/mcp/tools/list-reminders.js +14 -4
- package/dist/mcp/tools/list-tasks.js +123 -107
- package/dist/mcp/tools/send-message.js +75 -29
- package/dist/mcp/tools/update-task.js +1848 -199
- package/dist/runtime/index.js +441 -248
- package/dist/tui/App.js +761 -424
- package/package.json +1 -1
|
@@ -64,9 +64,34 @@ var init_db_retry = __esm({
|
|
|
64
64
|
}
|
|
65
65
|
});
|
|
66
66
|
|
|
67
|
+
// src/lib/secure-files.ts
|
|
68
|
+
import { chmodSync, existsSync, mkdirSync } from "fs";
|
|
69
|
+
import { chmod, mkdir } from "fs/promises";
|
|
70
|
+
async function ensurePrivateDir(dirPath) {
|
|
71
|
+
await mkdir(dirPath, { recursive: true, mode: PRIVATE_DIR_MODE });
|
|
72
|
+
try {
|
|
73
|
+
await chmod(dirPath, PRIVATE_DIR_MODE);
|
|
74
|
+
} catch {
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
async function enforcePrivateFile(filePath) {
|
|
78
|
+
try {
|
|
79
|
+
await chmod(filePath, PRIVATE_FILE_MODE);
|
|
80
|
+
} catch {
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
var PRIVATE_DIR_MODE, PRIVATE_FILE_MODE;
|
|
84
|
+
var init_secure_files = __esm({
|
|
85
|
+
"src/lib/secure-files.ts"() {
|
|
86
|
+
"use strict";
|
|
87
|
+
PRIVATE_DIR_MODE = 448;
|
|
88
|
+
PRIVATE_FILE_MODE = 384;
|
|
89
|
+
}
|
|
90
|
+
});
|
|
91
|
+
|
|
67
92
|
// src/lib/config.ts
|
|
68
|
-
import { readFile, writeFile
|
|
69
|
-
import { readFileSync, existsSync, renameSync } from "fs";
|
|
93
|
+
import { readFile, writeFile } from "fs/promises";
|
|
94
|
+
import { readFileSync, existsSync as existsSync2, renameSync } from "fs";
|
|
70
95
|
import path from "path";
|
|
71
96
|
import os from "os";
|
|
72
97
|
function resolveDataDir() {
|
|
@@ -74,7 +99,7 @@ function resolveDataDir() {
|
|
|
74
99
|
if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
|
|
75
100
|
const newDir = path.join(os.homedir(), ".exe-os");
|
|
76
101
|
const legacyDir = path.join(os.homedir(), ".exe-mem");
|
|
77
|
-
if (!
|
|
102
|
+
if (!existsSync2(newDir) && existsSync2(legacyDir)) {
|
|
78
103
|
try {
|
|
79
104
|
renameSync(legacyDir, newDir);
|
|
80
105
|
process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
|
|
@@ -137,9 +162,9 @@ function normalizeAutoUpdate(raw) {
|
|
|
137
162
|
}
|
|
138
163
|
async function loadConfig() {
|
|
139
164
|
const dir = process.env.EXE_OS_DIR ?? process.env.EXE_MEM_DIR ?? EXE_AI_DIR;
|
|
140
|
-
await
|
|
165
|
+
await ensurePrivateDir(dir);
|
|
141
166
|
const configPath = path.join(dir, "config.json");
|
|
142
|
-
if (!
|
|
167
|
+
if (!existsSync2(configPath)) {
|
|
143
168
|
return { ...DEFAULT_CONFIG, dbPath: path.join(dir, "memories.db") };
|
|
144
169
|
}
|
|
145
170
|
const raw = await readFile(configPath, "utf-8");
|
|
@@ -152,6 +177,7 @@ async function loadConfig() {
|
|
|
152
177
|
`);
|
|
153
178
|
try {
|
|
154
179
|
await writeFile(configPath, JSON.stringify(migratedCfg, null, 2) + "\n");
|
|
180
|
+
await enforcePrivateFile(configPath);
|
|
155
181
|
} catch {
|
|
156
182
|
}
|
|
157
183
|
}
|
|
@@ -171,6 +197,7 @@ var EXE_AI_DIR, DB_PATH, MODELS_DIR, CONFIG_PATH, LEGACY_LANCE_PATH, CURRENT_CON
|
|
|
171
197
|
var init_config = __esm({
|
|
172
198
|
"src/lib/config.ts"() {
|
|
173
199
|
"use strict";
|
|
200
|
+
init_secure_files();
|
|
174
201
|
EXE_AI_DIR = resolveDataDir();
|
|
175
202
|
DB_PATH = path.join(EXE_AI_DIR, "memories.db");
|
|
176
203
|
MODELS_DIR = path.join(EXE_AI_DIR, "models");
|
|
@@ -249,7 +276,7 @@ var init_config = __esm({
|
|
|
249
276
|
|
|
250
277
|
// src/lib/employees.ts
|
|
251
278
|
import { readFile as readFile2, writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
|
|
252
|
-
import { existsSync as
|
|
279
|
+
import { existsSync as existsSync3, symlinkSync, readlinkSync, readFileSync as readFileSync2, renameSync as renameSync2, unlinkSync, writeFileSync } from "fs";
|
|
253
280
|
import { execSync } from "child_process";
|
|
254
281
|
import path2 from "path";
|
|
255
282
|
import os2 from "os";
|
|
@@ -266,7 +293,7 @@ function getCoordinatorName(employees = loadEmployeesSync()) {
|
|
|
266
293
|
return getCoordinatorEmployee(employees)?.name ?? DEFAULT_COORDINATOR_TEMPLATE_NAME;
|
|
267
294
|
}
|
|
268
295
|
function loadEmployeesSync(employeesPath = EMPLOYEES_PATH) {
|
|
269
|
-
if (!
|
|
296
|
+
if (!existsSync3(employeesPath)) return [];
|
|
270
297
|
try {
|
|
271
298
|
return JSON.parse(readFileSync2(employeesPath, "utf-8"));
|
|
272
299
|
} catch {
|
|
@@ -1211,6 +1238,7 @@ async function ensureSchema() {
|
|
|
1211
1238
|
project TEXT NOT NULL,
|
|
1212
1239
|
summary TEXT NOT NULL,
|
|
1213
1240
|
task_file TEXT,
|
|
1241
|
+
session_scope TEXT,
|
|
1214
1242
|
read INTEGER NOT NULL DEFAULT 0,
|
|
1215
1243
|
created_at TEXT NOT NULL
|
|
1216
1244
|
);
|
|
@@ -1219,7 +1247,7 @@ async function ensureSchema() {
|
|
|
1219
1247
|
ON notifications(read);
|
|
1220
1248
|
|
|
1221
1249
|
CREATE INDEX IF NOT EXISTS idx_notifications_agent
|
|
1222
|
-
ON notifications(agent_id);
|
|
1250
|
+
ON notifications(agent_id, session_scope);
|
|
1223
1251
|
|
|
1224
1252
|
CREATE INDEX IF NOT EXISTS idx_notifications_task_file
|
|
1225
1253
|
ON notifications(task_file);
|
|
@@ -1257,6 +1285,7 @@ async function ensureSchema() {
|
|
|
1257
1285
|
target_agent TEXT NOT NULL,
|
|
1258
1286
|
target_project TEXT,
|
|
1259
1287
|
target_device TEXT NOT NULL DEFAULT 'local',
|
|
1288
|
+
session_scope TEXT,
|
|
1260
1289
|
content TEXT NOT NULL,
|
|
1261
1290
|
priority TEXT DEFAULT 'normal',
|
|
1262
1291
|
status TEXT DEFAULT 'pending',
|
|
@@ -1270,10 +1299,31 @@ async function ensureSchema() {
|
|
|
1270
1299
|
);
|
|
1271
1300
|
|
|
1272
1301
|
CREATE INDEX IF NOT EXISTS idx_messages_target
|
|
1273
|
-
ON messages(target_agent, status);
|
|
1302
|
+
ON messages(target_agent, session_scope, status);
|
|
1274
1303
|
|
|
1275
1304
|
CREATE INDEX IF NOT EXISTS idx_messages_conversation_order
|
|
1276
|
-
ON messages(target_agent, from_agent, server_seq);
|
|
1305
|
+
ON messages(target_agent, session_scope, from_agent, server_seq);
|
|
1306
|
+
`);
|
|
1307
|
+
try {
|
|
1308
|
+
await client.execute({
|
|
1309
|
+
sql: `ALTER TABLE notifications ADD COLUMN session_scope TEXT`,
|
|
1310
|
+
args: []
|
|
1311
|
+
});
|
|
1312
|
+
} catch {
|
|
1313
|
+
}
|
|
1314
|
+
try {
|
|
1315
|
+
await client.execute({
|
|
1316
|
+
sql: `ALTER TABLE messages ADD COLUMN session_scope TEXT`,
|
|
1317
|
+
args: []
|
|
1318
|
+
});
|
|
1319
|
+
} catch {
|
|
1320
|
+
}
|
|
1321
|
+
await client.executeMultiple(`
|
|
1322
|
+
CREATE INDEX IF NOT EXISTS idx_notifications_agent_scope_read
|
|
1323
|
+
ON notifications(agent_id, session_scope, read, created_at);
|
|
1324
|
+
|
|
1325
|
+
CREATE INDEX IF NOT EXISTS idx_messages_target_scope_status
|
|
1326
|
+
ON messages(target_agent, session_scope, status, created_at);
|
|
1277
1327
|
`);
|
|
1278
1328
|
try {
|
|
1279
1329
|
await client.execute({
|
|
@@ -1857,6 +1907,13 @@ async function ensureSchema() {
|
|
|
1857
1907
|
} catch {
|
|
1858
1908
|
}
|
|
1859
1909
|
}
|
|
1910
|
+
try {
|
|
1911
|
+
await client.execute({
|
|
1912
|
+
sql: `UPDATE tasks SET status = 'closed' WHERE status = 'done' AND result IS NOT NULL`,
|
|
1913
|
+
args: []
|
|
1914
|
+
});
|
|
1915
|
+
} catch {
|
|
1916
|
+
}
|
|
1860
1917
|
}
|
|
1861
1918
|
async function disposeDatabase() {
|
|
1862
1919
|
if (_walCheckpointTimer) {
|
|
@@ -1899,6 +1956,7 @@ var shard_manager_exports = {};
|
|
|
1899
1956
|
__export(shard_manager_exports, {
|
|
1900
1957
|
disposeShards: () => disposeShards,
|
|
1901
1958
|
ensureShardSchema: () => ensureShardSchema,
|
|
1959
|
+
getOpenShardCount: () => getOpenShardCount,
|
|
1902
1960
|
getReadyShardClient: () => getReadyShardClient,
|
|
1903
1961
|
getShardClient: () => getShardClient,
|
|
1904
1962
|
getShardsDir: () => getShardsDir,
|
|
@@ -1908,14 +1966,17 @@ __export(shard_manager_exports, {
|
|
|
1908
1966
|
shardExists: () => shardExists
|
|
1909
1967
|
});
|
|
1910
1968
|
import path5 from "path";
|
|
1911
|
-
import { existsSync as
|
|
1969
|
+
import { existsSync as existsSync5, mkdirSync as mkdirSync2, readdirSync } from "fs";
|
|
1912
1970
|
import { createClient as createClient2 } from "@libsql/client";
|
|
1913
1971
|
function initShardManager(encryptionKey) {
|
|
1914
1972
|
_encryptionKey = encryptionKey;
|
|
1915
|
-
if (!
|
|
1916
|
-
|
|
1973
|
+
if (!existsSync5(SHARDS_DIR)) {
|
|
1974
|
+
mkdirSync2(SHARDS_DIR, { recursive: true });
|
|
1917
1975
|
}
|
|
1918
1976
|
_shardingEnabled = true;
|
|
1977
|
+
if (_evictionTimer) clearInterval(_evictionTimer);
|
|
1978
|
+
_evictionTimer = setInterval(evictIdleShards, EVICTION_INTERVAL_MS);
|
|
1979
|
+
_evictionTimer.unref();
|
|
1919
1980
|
}
|
|
1920
1981
|
function isShardingEnabled() {
|
|
1921
1982
|
return _shardingEnabled;
|
|
@@ -1932,21 +1993,28 @@ function getShardClient(projectName) {
|
|
|
1932
1993
|
throw new Error(`Invalid project name for shard: "${projectName}"`);
|
|
1933
1994
|
}
|
|
1934
1995
|
const cached = _shards.get(safeName);
|
|
1935
|
-
if (cached)
|
|
1996
|
+
if (cached) {
|
|
1997
|
+
_shardLastAccess.set(safeName, Date.now());
|
|
1998
|
+
return cached;
|
|
1999
|
+
}
|
|
2000
|
+
while (_shards.size >= MAX_OPEN_SHARDS) {
|
|
2001
|
+
evictLRU();
|
|
2002
|
+
}
|
|
1936
2003
|
const dbPath = path5.join(SHARDS_DIR, `${safeName}.db`);
|
|
1937
2004
|
const client = createClient2({
|
|
1938
2005
|
url: `file:${dbPath}`,
|
|
1939
2006
|
encryptionKey: _encryptionKey
|
|
1940
2007
|
});
|
|
1941
2008
|
_shards.set(safeName, client);
|
|
2009
|
+
_shardLastAccess.set(safeName, Date.now());
|
|
1942
2010
|
return client;
|
|
1943
2011
|
}
|
|
1944
2012
|
function shardExists(projectName) {
|
|
1945
2013
|
const safeName = projectName.replace(/[^a-zA-Z0-9_-]/g, "_");
|
|
1946
|
-
return
|
|
2014
|
+
return existsSync5(path5.join(SHARDS_DIR, `${safeName}.db`));
|
|
1947
2015
|
}
|
|
1948
2016
|
function listShards() {
|
|
1949
|
-
if (!
|
|
2017
|
+
if (!existsSync5(SHARDS_DIR)) return [];
|
|
1950
2018
|
return readdirSync(SHARDS_DIR).filter((f) => f.endsWith(".db")).map((f) => f.replace(".db", ""));
|
|
1951
2019
|
}
|
|
1952
2020
|
async function ensureShardSchema(client) {
|
|
@@ -1998,6 +2066,8 @@ async function ensureShardSchema(client) {
|
|
|
1998
2066
|
for (const col of [
|
|
1999
2067
|
"ALTER TABLE memories ADD COLUMN task_id TEXT",
|
|
2000
2068
|
"ALTER TABLE memories ADD COLUMN consolidated INTEGER NOT NULL DEFAULT 0",
|
|
2069
|
+
"ALTER TABLE memories ADD COLUMN author_device_id TEXT",
|
|
2070
|
+
"ALTER TABLE memories ADD COLUMN scope TEXT NOT NULL DEFAULT 'business'",
|
|
2001
2071
|
"ALTER TABLE memories ADD COLUMN importance INTEGER DEFAULT 5",
|
|
2002
2072
|
"ALTER TABLE memories ADD COLUMN status TEXT DEFAULT 'active'",
|
|
2003
2073
|
"ALTER TABLE memories ADD COLUMN wiki_synced INTEGER DEFAULT 0",
|
|
@@ -2135,21 +2205,69 @@ async function getReadyShardClient(projectName) {
|
|
|
2135
2205
|
await ensureShardSchema(client);
|
|
2136
2206
|
return client;
|
|
2137
2207
|
}
|
|
2208
|
+
function evictLRU() {
|
|
2209
|
+
let oldest = null;
|
|
2210
|
+
let oldestTime = Infinity;
|
|
2211
|
+
for (const [name, time] of _shardLastAccess) {
|
|
2212
|
+
if (time < oldestTime) {
|
|
2213
|
+
oldestTime = time;
|
|
2214
|
+
oldest = name;
|
|
2215
|
+
}
|
|
2216
|
+
}
|
|
2217
|
+
if (oldest) {
|
|
2218
|
+
const client = _shards.get(oldest);
|
|
2219
|
+
if (client) {
|
|
2220
|
+
client.close();
|
|
2221
|
+
}
|
|
2222
|
+
_shards.delete(oldest);
|
|
2223
|
+
_shardLastAccess.delete(oldest);
|
|
2224
|
+
}
|
|
2225
|
+
}
|
|
2226
|
+
function evictIdleShards() {
|
|
2227
|
+
const now = Date.now();
|
|
2228
|
+
const toEvict = [];
|
|
2229
|
+
for (const [name, lastAccess] of _shardLastAccess) {
|
|
2230
|
+
if (now - lastAccess > SHARD_IDLE_MS) {
|
|
2231
|
+
toEvict.push(name);
|
|
2232
|
+
}
|
|
2233
|
+
}
|
|
2234
|
+
for (const name of toEvict) {
|
|
2235
|
+
const client = _shards.get(name);
|
|
2236
|
+
if (client) {
|
|
2237
|
+
client.close();
|
|
2238
|
+
}
|
|
2239
|
+
_shards.delete(name);
|
|
2240
|
+
_shardLastAccess.delete(name);
|
|
2241
|
+
}
|
|
2242
|
+
}
|
|
2243
|
+
function getOpenShardCount() {
|
|
2244
|
+
return _shards.size;
|
|
2245
|
+
}
|
|
2138
2246
|
function disposeShards() {
|
|
2247
|
+
if (_evictionTimer) {
|
|
2248
|
+
clearInterval(_evictionTimer);
|
|
2249
|
+
_evictionTimer = null;
|
|
2250
|
+
}
|
|
2139
2251
|
for (const [, client] of _shards) {
|
|
2140
2252
|
client.close();
|
|
2141
2253
|
}
|
|
2142
2254
|
_shards.clear();
|
|
2255
|
+
_shardLastAccess.clear();
|
|
2143
2256
|
_shardingEnabled = false;
|
|
2144
2257
|
_encryptionKey = null;
|
|
2145
2258
|
}
|
|
2146
|
-
var SHARDS_DIR, _shards, _encryptionKey, _shardingEnabled;
|
|
2259
|
+
var SHARDS_DIR, SHARD_IDLE_MS, MAX_OPEN_SHARDS, EVICTION_INTERVAL_MS, _shards, _shardLastAccess, _evictionTimer, _encryptionKey, _shardingEnabled;
|
|
2147
2260
|
var init_shard_manager = __esm({
|
|
2148
2261
|
"src/lib/shard-manager.ts"() {
|
|
2149
2262
|
"use strict";
|
|
2150
2263
|
init_config();
|
|
2151
2264
|
SHARDS_DIR = path5.join(EXE_AI_DIR, "shards");
|
|
2265
|
+
SHARD_IDLE_MS = 5 * 60 * 1e3;
|
|
2266
|
+
MAX_OPEN_SHARDS = 10;
|
|
2267
|
+
EVICTION_INTERVAL_MS = 60 * 1e3;
|
|
2152
2268
|
_shards = /* @__PURE__ */ new Map();
|
|
2269
|
+
_shardLastAccess = /* @__PURE__ */ new Map();
|
|
2270
|
+
_evictionTimer = null;
|
|
2153
2271
|
_encryptionKey = null;
|
|
2154
2272
|
_shardingEnabled = false;
|
|
2155
2273
|
}
|
|
@@ -2348,7 +2466,7 @@ init_database();
|
|
|
2348
2466
|
|
|
2349
2467
|
// src/lib/keychain.ts
|
|
2350
2468
|
import { readFile as readFile3, writeFile as writeFile3, unlink, mkdir as mkdir3, chmod as chmod2 } from "fs/promises";
|
|
2351
|
-
import { existsSync as
|
|
2469
|
+
import { existsSync as existsSync4 } from "fs";
|
|
2352
2470
|
import path4 from "path";
|
|
2353
2471
|
import os4 from "os";
|
|
2354
2472
|
var SERVICE = "exe-mem";
|
|
@@ -2378,7 +2496,7 @@ async function getMasterKey() {
|
|
|
2378
2496
|
}
|
|
2379
2497
|
}
|
|
2380
2498
|
const keyPath = getKeyPath();
|
|
2381
|
-
if (!
|
|
2499
|
+
if (!existsSync4(keyPath)) {
|
|
2382
2500
|
process.stderr.write(
|
|
2383
2501
|
`[keychain] Key not found at ${keyPath} (HOME=${os4.homedir()}, EXE_OS_DIR=${process.env.EXE_OS_DIR ?? "unset"})
|
|
2384
2502
|
`
|
|
@@ -2693,12 +2811,12 @@ function vectorToBlob(vector) {
|
|
|
2693
2811
|
// src/bin/shard-migrate.ts
|
|
2694
2812
|
init_database();
|
|
2695
2813
|
init_shard_manager();
|
|
2696
|
-
import { existsSync as
|
|
2814
|
+
import { existsSync as existsSync6, writeFileSync as writeFileSync2 } from "fs";
|
|
2697
2815
|
import path6 from "path";
|
|
2698
2816
|
var MIGRATION_MARKER = path6.join(getShardsDir(), ".migrated");
|
|
2699
2817
|
var BATCH_SIZE = 100;
|
|
2700
2818
|
async function main() {
|
|
2701
|
-
if (
|
|
2819
|
+
if (existsSync6(MIGRATION_MARKER)) {
|
|
2702
2820
|
process.stderr.write("[shard-migrate] Already migrated \u2014 skipping.\n");
|
|
2703
2821
|
return;
|
|
2704
2822
|
}
|
package/dist/bin/update.js
CHANGED
|
@@ -15,9 +15,18 @@ var __export = (target, all) => {
|
|
|
15
15
|
__defProp(target, name, { get: all[name], enumerable: true });
|
|
16
16
|
};
|
|
17
17
|
|
|
18
|
+
// src/lib/secure-files.ts
|
|
19
|
+
import { chmodSync, existsSync, mkdirSync } from "fs";
|
|
20
|
+
import { chmod, mkdir } from "fs/promises";
|
|
21
|
+
var init_secure_files = __esm({
|
|
22
|
+
"src/lib/secure-files.ts"() {
|
|
23
|
+
"use strict";
|
|
24
|
+
}
|
|
25
|
+
});
|
|
26
|
+
|
|
18
27
|
// src/lib/config.ts
|
|
19
|
-
import { readFile, writeFile
|
|
20
|
-
import { readFileSync as readFileSync2, existsSync, renameSync } from "fs";
|
|
28
|
+
import { readFile, writeFile } from "fs/promises";
|
|
29
|
+
import { readFileSync as readFileSync2, existsSync as existsSync2, renameSync } from "fs";
|
|
21
30
|
import path2 from "path";
|
|
22
31
|
import os from "os";
|
|
23
32
|
function resolveDataDir() {
|
|
@@ -25,7 +34,7 @@ function resolveDataDir() {
|
|
|
25
34
|
if (process.env.EXE_MEM_DIR) return process.env.EXE_MEM_DIR;
|
|
26
35
|
const newDir = path2.join(os.homedir(), ".exe-os");
|
|
27
36
|
const legacyDir = path2.join(os.homedir(), ".exe-mem");
|
|
28
|
-
if (!
|
|
37
|
+
if (!existsSync2(newDir) && existsSync2(legacyDir)) {
|
|
29
38
|
try {
|
|
30
39
|
renameSync(legacyDir, newDir);
|
|
31
40
|
process.stderr.write(`[exe-os] Migrated data directory: ~/.exe-mem \u2192 ~/.exe-os
|
|
@@ -40,6 +49,7 @@ var EXE_AI_DIR, DB_PATH, MODELS_DIR, CONFIG_PATH, LEGACY_LANCE_PATH, CURRENT_CON
|
|
|
40
49
|
var init_config = __esm({
|
|
41
50
|
"src/lib/config.ts"() {
|
|
42
51
|
"use strict";
|
|
52
|
+
init_secure_files();
|
|
43
53
|
EXE_AI_DIR = resolveDataDir();
|
|
44
54
|
DB_PATH = path2.join(EXE_AI_DIR, "memories.db");
|
|
45
55
|
MODELS_DIR = path2.join(EXE_AI_DIR, "models");
|
|
@@ -123,8 +133,11 @@ __export(license_exports, {
|
|
|
123
133
|
stopLicenseRevalidation: () => stopLicenseRevalidation,
|
|
124
134
|
validateLicense: () => validateLicense
|
|
125
135
|
});
|
|
126
|
-
import { readFileSync as readFileSync3, writeFileSync, existsSync as
|
|
136
|
+
import { readFileSync as readFileSync3, writeFileSync, existsSync as existsSync3, mkdirSync as mkdirSync2 } from "fs";
|
|
127
137
|
import { randomUUID } from "crypto";
|
|
138
|
+
import { createRequire } from "module";
|
|
139
|
+
import { pathToFileURL } from "url";
|
|
140
|
+
import os2 from "os";
|
|
128
141
|
import path3 from "path";
|
|
129
142
|
import { jwtVerify, importSPKI } from "jose";
|
|
130
143
|
async function fetchRetry(url, init) {
|
|
@@ -138,34 +151,34 @@ async function fetchRetry(url, init) {
|
|
|
138
151
|
function loadDeviceId() {
|
|
139
152
|
const deviceJsonPath = path3.join(EXE_AI_DIR, "device.json");
|
|
140
153
|
try {
|
|
141
|
-
if (
|
|
154
|
+
if (existsSync3(deviceJsonPath)) {
|
|
142
155
|
const data = JSON.parse(readFileSync3(deviceJsonPath, "utf8"));
|
|
143
156
|
if (data.deviceId) return data.deviceId;
|
|
144
157
|
}
|
|
145
158
|
} catch {
|
|
146
159
|
}
|
|
147
160
|
try {
|
|
148
|
-
if (
|
|
161
|
+
if (existsSync3(DEVICE_ID_PATH)) {
|
|
149
162
|
const id2 = readFileSync3(DEVICE_ID_PATH, "utf8").trim();
|
|
150
163
|
if (id2) return id2;
|
|
151
164
|
}
|
|
152
165
|
} catch {
|
|
153
166
|
}
|
|
154
167
|
const id = randomUUID();
|
|
155
|
-
|
|
168
|
+
mkdirSync2(EXE_AI_DIR, { recursive: true });
|
|
156
169
|
writeFileSync(DEVICE_ID_PATH, id, "utf8");
|
|
157
170
|
return id;
|
|
158
171
|
}
|
|
159
172
|
function loadLicense() {
|
|
160
173
|
try {
|
|
161
|
-
if (!
|
|
174
|
+
if (!existsSync3(LICENSE_PATH)) return null;
|
|
162
175
|
return readFileSync3(LICENSE_PATH, "utf8").trim();
|
|
163
176
|
} catch {
|
|
164
177
|
return null;
|
|
165
178
|
}
|
|
166
179
|
}
|
|
167
180
|
function saveLicense(apiKey) {
|
|
168
|
-
|
|
181
|
+
mkdirSync2(EXE_AI_DIR, { recursive: true });
|
|
169
182
|
writeFileSync(LICENSE_PATH, apiKey.trim(), { encoding: "utf8", mode: 384 });
|
|
170
183
|
}
|
|
171
184
|
async function verifyLicenseJwt(token) {
|
|
@@ -192,7 +205,7 @@ async function verifyLicenseJwt(token) {
|
|
|
192
205
|
}
|
|
193
206
|
async function getCachedLicense() {
|
|
194
207
|
try {
|
|
195
|
-
if (!
|
|
208
|
+
if (!existsSync3(CACHE_PATH)) return null;
|
|
196
209
|
const raw = JSON.parse(readFileSync3(CACHE_PATH, "utf8"));
|
|
197
210
|
if (!raw.token || typeof raw.token !== "string") return null;
|
|
198
211
|
return await verifyLicenseJwt(raw.token);
|
|
@@ -202,7 +215,7 @@ async function getCachedLicense() {
|
|
|
202
215
|
}
|
|
203
216
|
function readCachedToken() {
|
|
204
217
|
try {
|
|
205
|
-
if (!
|
|
218
|
+
if (!existsSync3(CACHE_PATH)) return null;
|
|
206
219
|
const raw = JSON.parse(readFileSync3(CACHE_PATH, "utf8"));
|
|
207
220
|
return typeof raw.token === "string" ? raw.token : null;
|
|
208
221
|
} catch {
|
|
@@ -241,52 +254,126 @@ function cacheResponse(token) {
|
|
|
241
254
|
} catch {
|
|
242
255
|
}
|
|
243
256
|
}
|
|
244
|
-
|
|
245
|
-
|
|
257
|
+
function loadPrismaForLicense() {
|
|
258
|
+
if (_prismaFailed) return null;
|
|
259
|
+
const dbUrl = process.env.DATABASE_URL;
|
|
260
|
+
if (!dbUrl) {
|
|
261
|
+
const exeDbRoot = process.env.EXE_DB_ROOT ?? path3.join(os2.homedir(), "exe-db");
|
|
262
|
+
if (!existsSync3(path3.join(exeDbRoot, "package.json"))) {
|
|
263
|
+
_prismaFailed = true;
|
|
264
|
+
return null;
|
|
265
|
+
}
|
|
266
|
+
}
|
|
267
|
+
if (!_prismaPromise) {
|
|
268
|
+
_prismaPromise = (async () => {
|
|
269
|
+
const explicitPath = process.env.EXE_OS_PRISMA_CLIENT_PATH;
|
|
270
|
+
if (explicitPath) {
|
|
271
|
+
const mod2 = await import(pathToFileURL(explicitPath).href);
|
|
272
|
+
const Ctor2 = mod2.PrismaClient ?? mod2.default?.PrismaClient;
|
|
273
|
+
if (!Ctor2) throw new Error(`No PrismaClient at ${explicitPath}`);
|
|
274
|
+
return new Ctor2();
|
|
275
|
+
}
|
|
276
|
+
const exeDbRoot = process.env.EXE_DB_ROOT ?? path3.join(os2.homedir(), "exe-db");
|
|
277
|
+
const req = createRequire(path3.join(exeDbRoot, "package.json"));
|
|
278
|
+
const entry = req.resolve("@prisma/client");
|
|
279
|
+
const mod = await import(pathToFileURL(entry).href);
|
|
280
|
+
const Ctor = mod.PrismaClient ?? mod.default?.PrismaClient;
|
|
281
|
+
if (!Ctor) throw new Error(`No PrismaClient in ${entry}`);
|
|
282
|
+
return new Ctor();
|
|
283
|
+
})().catch((err) => {
|
|
284
|
+
_prismaFailed = true;
|
|
285
|
+
_prismaPromise = null;
|
|
286
|
+
throw err;
|
|
287
|
+
});
|
|
288
|
+
}
|
|
289
|
+
return _prismaPromise;
|
|
290
|
+
}
|
|
291
|
+
async function validateViaPostgres(apiKey) {
|
|
292
|
+
const loader = loadPrismaForLicense();
|
|
293
|
+
if (!loader) return null;
|
|
294
|
+
try {
|
|
295
|
+
const prisma = await loader;
|
|
296
|
+
const rows = await prisma.$queryRawUnsafe(
|
|
297
|
+
`SELECT plan, email, status, device_limit, employee_limit, memory_limit, expires_at
|
|
298
|
+
FROM billing.licenses WHERE key = $1 LIMIT 1`,
|
|
299
|
+
apiKey
|
|
300
|
+
);
|
|
301
|
+
if (!rows || rows.length === 0) return null;
|
|
302
|
+
const row = rows[0];
|
|
303
|
+
if (row.status !== "active") return null;
|
|
304
|
+
if (row.expires_at && new Date(row.expires_at) < /* @__PURE__ */ new Date()) return null;
|
|
305
|
+
const plan = row.plan;
|
|
306
|
+
const limits = PLAN_LIMITS[plan] ?? PLAN_LIMITS.free;
|
|
307
|
+
return {
|
|
308
|
+
valid: true,
|
|
309
|
+
plan,
|
|
310
|
+
email: row.email,
|
|
311
|
+
expiresAt: row.expires_at ? new Date(row.expires_at).toISOString() : null,
|
|
312
|
+
deviceLimit: row.device_limit ?? limits.devices,
|
|
313
|
+
employeeLimit: row.employee_limit ?? limits.employees,
|
|
314
|
+
memoryLimit: row.memory_limit ?? limits.memories
|
|
315
|
+
};
|
|
316
|
+
} catch {
|
|
317
|
+
return null;
|
|
318
|
+
}
|
|
319
|
+
}
|
|
320
|
+
async function validateViaCFWorker(apiKey, deviceId) {
|
|
246
321
|
try {
|
|
247
322
|
const res = await fetchRetry(`${API_BASE}/auth/activate`, {
|
|
248
323
|
method: "POST",
|
|
249
324
|
headers: { "Content-Type": "application/json" },
|
|
250
|
-
body: JSON.stringify({ apiKey, deviceId
|
|
325
|
+
body: JSON.stringify({ apiKey, deviceId }),
|
|
251
326
|
signal: AbortSignal.timeout(1e4)
|
|
252
327
|
});
|
|
253
|
-
if (res.ok)
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
328
|
+
if (!res.ok) return null;
|
|
329
|
+
const data = await res.json();
|
|
330
|
+
if (data.error === "device_limit_exceeded") return null;
|
|
331
|
+
if (!data.valid) return null;
|
|
332
|
+
if (data.token) {
|
|
333
|
+
cacheResponse(data.token);
|
|
334
|
+
const verified = await verifyLicenseJwt(data.token);
|
|
335
|
+
if (verified) return verified;
|
|
336
|
+
}
|
|
337
|
+
const limits = PLAN_LIMITS[data.plan] ?? PLAN_LIMITS.free;
|
|
338
|
+
return {
|
|
339
|
+
valid: data.valid,
|
|
340
|
+
plan: data.plan,
|
|
341
|
+
email: data.email,
|
|
342
|
+
expiresAt: data.expiresAt,
|
|
343
|
+
deviceLimit: limits.devices,
|
|
344
|
+
employeeLimit: limits.employees,
|
|
345
|
+
memoryLimit: limits.memories
|
|
346
|
+
};
|
|
347
|
+
} catch {
|
|
348
|
+
return null;
|
|
349
|
+
}
|
|
350
|
+
}
|
|
351
|
+
async function validateLicense(apiKey, deviceId) {
|
|
352
|
+
const did = deviceId ?? loadDeviceId();
|
|
353
|
+
const pgResult = await validateViaPostgres(apiKey);
|
|
354
|
+
if (pgResult) {
|
|
355
|
+
try {
|
|
356
|
+
writeFileSync(CACHE_PATH, JSON.stringify({ pgLicense: pgResult, ts: Date.now() }), "utf8");
|
|
357
|
+
} catch {
|
|
358
|
+
}
|
|
359
|
+
return pgResult;
|
|
360
|
+
}
|
|
361
|
+
const cfResult = await validateViaCFWorker(apiKey, did);
|
|
362
|
+
if (cfResult) return cfResult;
|
|
363
|
+
const cached = await getCachedLicense();
|
|
364
|
+
if (cached) return cached;
|
|
365
|
+
try {
|
|
366
|
+
if (existsSync3(CACHE_PATH)) {
|
|
367
|
+
const raw = JSON.parse(readFileSync3(CACHE_PATH, "utf8"));
|
|
368
|
+
if (raw.pgLicense && raw.ts && Date.now() - raw.ts < 7 * 24 * 60 * 60 * 1e3) {
|
|
369
|
+
return raw.pgLicense;
|
|
266
370
|
}
|
|
267
|
-
const limits = PLAN_LIMITS[data.plan] ?? PLAN_LIMITS.free;
|
|
268
|
-
return {
|
|
269
|
-
valid: data.valid,
|
|
270
|
-
plan: data.plan,
|
|
271
|
-
email: data.email,
|
|
272
|
-
expiresAt: data.expiresAt,
|
|
273
|
-
deviceLimit: limits.devices,
|
|
274
|
-
employeeLimit: limits.employees,
|
|
275
|
-
memoryLimit: limits.memories
|
|
276
|
-
};
|
|
277
371
|
}
|
|
278
|
-
const cached = await getCachedLicense();
|
|
279
|
-
if (cached) return cached;
|
|
280
|
-
const raw = getRawCachedPlan();
|
|
281
|
-
if (raw) return raw;
|
|
282
|
-
return { ...FREE_LICENSE, valid: false, plan: "free" };
|
|
283
372
|
} catch {
|
|
284
|
-
const cached = await getCachedLicense();
|
|
285
|
-
if (cached) return cached;
|
|
286
|
-
const rawFallback = getRawCachedPlan();
|
|
287
|
-
if (rawFallback) return rawFallback;
|
|
288
|
-
return { ...FREE_LICENSE, valid: false, error: "offline" };
|
|
289
373
|
}
|
|
374
|
+
const rawFallback = getRawCachedPlan();
|
|
375
|
+
if (rawFallback) return rawFallback;
|
|
376
|
+
return { ...FREE_LICENSE, valid: false };
|
|
290
377
|
}
|
|
291
378
|
function getCacheAgeMs() {
|
|
292
379
|
try {
|
|
@@ -302,7 +389,7 @@ async function checkLicense() {
|
|
|
302
389
|
if (!key) {
|
|
303
390
|
try {
|
|
304
391
|
const configPath = path3.join(EXE_AI_DIR, "config.json");
|
|
305
|
-
if (
|
|
392
|
+
if (existsSync3(configPath)) {
|
|
306
393
|
const raw = JSON.parse(readFileSync3(configPath, "utf8"));
|
|
307
394
|
const cloud = raw.cloud;
|
|
308
395
|
if (cloud?.apiKey) {
|
|
@@ -457,7 +544,7 @@ function stopLicenseRevalidation() {
|
|
|
457
544
|
_revalTimer = null;
|
|
458
545
|
}
|
|
459
546
|
}
|
|
460
|
-
var LICENSE_PATH, CACHE_PATH, DEVICE_ID_PATH, API_BASE, RETRY_DELAY_MS, LICENSE_PUBLIC_KEY_PEM, LICENSE_JWT_ALG, PLAN_LIMITS, FREE_LICENSE, CACHE_MAX_AGE_MS, _revalTimer;
|
|
547
|
+
var LICENSE_PATH, CACHE_PATH, DEVICE_ID_PATH, API_BASE, RETRY_DELAY_MS, LICENSE_PUBLIC_KEY_PEM, LICENSE_JWT_ALG, PLAN_LIMITS, FREE_LICENSE, _prismaPromise, _prismaFailed, CACHE_MAX_AGE_MS, _revalTimer;
|
|
461
548
|
var init_license = __esm({
|
|
462
549
|
"src/lib/license.ts"() {
|
|
463
550
|
"use strict";
|
|
@@ -488,6 +575,8 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeHztAMOpR/ZMh+rWuOASjEZ54CGY
|
|
|
488
575
|
employeeLimit: 1,
|
|
489
576
|
memoryLimit: 5e3
|
|
490
577
|
};
|
|
578
|
+
_prismaPromise = null;
|
|
579
|
+
_prismaFailed = false;
|
|
491
580
|
CACHE_MAX_AGE_MS = 36e5;
|
|
492
581
|
_revalTimer = null;
|
|
493
582
|
}
|