@astra-code/astra-ai 0.1.0

package/src/commands/cli.ts

@@ -0,0 +1,117 @@
+import {BackendClient} from "../lib/backendClient.js";
+import {clearSession, loadSession} from "../lib/sessionStore.js";
+import {spawnSync} from "node:child_process";
+import fs from "node:fs";
+import path from "node:path";
+
+const readFlag = (args: string[], flag: string): string | undefined => {
+  const idx = args.indexOf(flag);
+  if (idx < 0) {
+    return undefined;
+  }
+  return args[idx + 1];
+};
+
+export const runCliCommand = async (args: string[]): Promise<number> => {
+  const [command] = args;
+  const backend = new BackendClient();
+
+  try {
+    if (command === "logout") {
+      clearSession();
+      console.log("Logged out.");
+      return 0;
+    }
+
+    if (command === "whoami") {
+      const session = loadSession();
+      if (!session) {
+        console.error("Not signed in. Run `astra-code` to login.");
+        return 1;
+      }
+      const profile = await backend.get("/api/user/profile", {
+        user_id: session.user_id,
+        org_id: session.org_id
+      });
+      console.log(JSON.stringify(profile, null, 2));
+      return 0;
+    }
+
+    if (command === "sessions") {
+      const session = loadSession();
+      if (!session) {
+        console.error("Not signed in. Run `astra-code` to login.");
+        return 1;
+      }
+      const data = await backend.get("/api/sessions", {
+        user_id: session.user_id
+      });
+      console.log(JSON.stringify(data, null, 2));
+      return 0;
+    }
+
+    if (command === "skills") {
+      const session = loadSession();
+      if (!session) {
+        console.error("Not signed in. Run `astra-code` to login.");
+        return 1;
+      }
+      const suggest = readFlag(args, "--suggest");
+      const endpoint = suggest ? "/api/agent/suggest-skills" : "/api/agent/skills";
+      const payload = suggest ? {prompt: suggest} : undefined;
+      const data = payload ? await backend.post(endpoint, payload) : await backend.get(endpoint);
+      console.log(JSON.stringify(data, null, 2));
+      return 0;
+    }
+
+    if (command === "session-messages") {
+      const sessionId = readFlag(args, "--session");
+      if (!sessionId) {
+        console.error("Missing required flag: --session <session_id>");
+        return 1;
+      }
+      const data = await backend.get(`/api/sessions/${sessionId}/messages`);
+      console.log(JSON.stringify(data, null, 2));
+      return 0;
+    }
+
+    if (command === "help" || !command) {
+      console.log(
+        [
+          "astra-code [command]",
+          "",
+          "Commands:",
+          "  help",
+          "  legacy-python [args...]",
+          "  logout",
+          "  whoami",
+          "  sessions",
+          "  skills [--suggest \"prompt\"]",
+          "  session-messages --session <id>"
+        ].join("\n")
+      );
+      return 0;
+    }
+
+    if (command === "legacy-python") {
+      const legacyRoot = path.resolve(process.cwd(), "../astra-code");
+      if (!fs.existsSync(legacyRoot)) {
+        console.error(`Legacy runtime not found at ${legacyRoot}`);
+        return 1;
+      }
+      const passThrough = args.slice(1);
+      const result = spawnSync("python", ["-m", "astra_code", ...passThrough], {
+        cwd: legacyRoot,
+        stdio: "inherit"
+      });
+      return result.status ?? 1;
+    }
+
+    console.error(`Unknown command: ${command}`);
+    console.error("Run `astra-code help` for available commands.");
+    return 1;
+  } catch (error) {
+    console.error(error instanceof Error ? error.message : String(error));
+    return 1;
+  }
+};

package/src/index.ts

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+import React from "react";
+import {render} from "ink";
+import {AstraApp} from "./app/App.js";
+import {runCliCommand} from "./commands/cli.js";
+
+const main = async (): Promise<void> => {
+  const args = process.argv.slice(2);
+  if (args.length === 0) {
+    render(React.createElement(AstraApp));
+    return;
+  }
+
+  const code = await runCliCommand(args);
+  process.exitCode = code;
+};
+
+void main();

package/src/lib/backendClient.ts

@@ -0,0 +1,252 @@
+import {
+  getBackendUrl,
+  getDefaultClientId,
+  getDefaultModel,
+  getProviderForModel,
+  getRuntimeMode
+} from "./config.js";
+import type {AgentEvent, AuthSession, ChatMessage} from "../types/events.js";
+import type {WorkspaceFile} from "./workspaceScanner.js";
+
+type JsonRecord = Record<string, unknown>;
+
+export type SessionSummary = {
+  id: string;
+  title: string;
+  updated_at: string;
+  total_messages: number;
+  model: string;
+};
+
+export class BackendClient {
+  private readonly baseUrl: string;
+
+  public constructor(baseUrl = getBackendUrl()) {
+    this.baseUrl = baseUrl;
+  }
+
+  public async get(path: string, params?: Record<string, string>): Promise<JsonRecord> {
+    const url = new URL(`${this.baseUrl}${path}`);
+    if (params) {
+      for (const [key, value] of Object.entries(params)) {
+        url.searchParams.set(key, value);
+      }
+    }
+    return this.request(url.toString(), "GET");
+  }
+
+  public async post(path: string, payload?: JsonRecord): Promise<JsonRecord> {
+    return this.request(`${this.baseUrl}${path}`, "POST", payload ?? {});
+  }
+
+  public async patch(path: string, payload?: JsonRecord): Promise<JsonRecord> {
+    return this.request(`${this.baseUrl}${path}`, "PATCH", payload ?? {});
+  }
+
+  public async delete(path: string): Promise<JsonRecord> {
+    return this.request(`${this.baseUrl}${path}`, "DELETE");
+  }
+
+  public async healthOk(): Promise<boolean> {
+    try {
+      const data = await this.get("/healthz");
+      return data.status === "ok";
+    } catch {
+      return false;
+    }
+  }
+
+  public async validateSession(session: AuthSession): Promise<boolean> {
+    try {
+      await this.get("/api/user/profile", {
+        user_id: session.user_id,
+        org_id: session.org_id
+      });
+      return true;
+    } catch {
+      return false;
+    }
+  }
+
+  public async ensureSessionId(
+    user: AuthSession,
+    existingSessionId: string | null,
+    model = getDefaultModel()
+  ): Promise<string> {
+    if (existingSessionId) {
+      return existingSessionId;
+    }
+
+    const data = await this.post("/api/sessions", {
+      user_id: user.user_id,
+      org_id: user.org_id,
+      title: "New Chat",
+      model
+    });
+
+    const directSessionId = data.session_id;
+    if (typeof directSessionId === "string" && directSessionId) {
+      return directSessionId;
+    }
+
+    const directId = data.id;
+    if (typeof directId === "string" && directId) {
+      return directId;
+    }
+
+    const nested = data.session as Record<string, unknown> | undefined;
+    const nestedId = nested?.id;
+    if (typeof nestedId === "string" && nestedId) {
+      return nestedId;
+    }
+
+    throw new Error("Backend did not return a session id (checked session_id, id, and session.id)");
+  }
+
+  public async listSessions(user: AuthSession, limit = 100): Promise<SessionSummary[]> {
+    const data = (await this.get("/api/sessions", {
+      user_id: user.user_id,
+      org_id: user.org_id,
+      limit: String(limit),
+      offset: "0"
+    })) as unknown;
+    if (!Array.isArray(data)) {
+      return [];
+    }
+    const out: SessionSummary[] = [];
+    for (const item of data) {
+        const row = item as Record<string, unknown>;
+        const id = typeof row.id === "string" ? row.id : "";
+        if (!id) {
+          continue;
+        }
+        out.push({
+          id,
+          title: typeof row.title === "string" && row.title ? row.title : "Untitled",
+          updated_at: typeof row.updated_at === "string" ? row.updated_at : "",
+          total_messages: typeof row.total_messages === "number" ? row.total_messages : 0,
+          model: typeof row.model === "string" ? row.model : ""
+        });
+    }
+    return out;
+  }
+
+  public async deleteSession(sessionId: string): Promise<void> {
+    await this.delete(`/api/sessions/${sessionId}`);
+  }
+
+  public async getSessionMessages(sessionId: string, limit = 200): Promise<ChatMessage[]> {
+    const data = (await this.get(`/api/sessions/${sessionId}/messages`, {limit: String(limit)})) as unknown;
+    if (!Array.isArray(data)) {
+      return [];
+    }
+    const mapped: ChatMessage[] = [];
+    for (const item of data) {
+      const row = item as Record<string, unknown>;
+      const role = row.role === "assistant" ? "assistant" : row.role === "user" ? "user" : null;
+      const content = typeof row.content === "string" ? row.content : "";
+      if (role && content) {
+        mapped.push({role, content});
+      }
+    }
+    return mapped;
+  }
+
+  public streamChat(payload: {
+    user: AuthSession;
+    sessionId: string;
+    messages: ChatMessage[];
+    workspaceRoot: string;
+    workspaceTree?: string[];
+    workspaceFiles?: WorkspaceFile[];
+    model?: string;
+  }): AsyncGenerator<AgentEvent, void, void> {
+    const model = payload.model ?? getDefaultModel();
+    const body = {
+      client_id: getDefaultClientId(),
+      runtime_mode: getRuntimeMode(),
+      session_id: payload.sessionId,
+      messages: payload.messages,
+      provider: getProviderForModel(model),
+      model,
+      context: {
+        workspaceRoot: payload.workspaceRoot,
+        workspaceTree: payload.workspaceTree ?? [],
+        workspaceFiles: payload.workspaceFiles ?? [],
+        execution_scope: {
+          root: payload.workspaceRoot,
+          strict: true
+        }
+      },
+      user_id: payload.user.user_id,
+      org_id: payload.user.org_id
+    };
+    return this.streamSse("/api/agent/chat/stream", body);
+  }
+
+  private async request(url: string, method: string, payload?: JsonRecord): Promise<JsonRecord> {
+    const response = await fetch(url, {
+      method,
+      headers: {"content-type": "application/json"},
+      body: payload ? JSON.stringify(payload) : null
+    });
+
+    if (!response.ok) {
+      const detail = (await response.text()).trim();
+      throw new Error(`Backend error ${response.status}: ${detail || response.statusText}`);
+    }
+
+    const text = await response.text();
+    if (!text) {
+      return {};
+    }
+    return JSON.parse(text) as JsonRecord;
+  }
+
+  private async *streamSse(path: string, payload: JsonRecord): AsyncGenerator<AgentEvent> {
+    const response = await fetch(`${this.baseUrl}${path}`, {
+      method: "POST",
+      headers: {"content-type": "application/json"},
+      body: JSON.stringify(payload)
+    });
+
+    if (!response.ok) {
+      const detail = (await response.text()).trim();
+      throw new Error(`Backend error ${response.status}: ${detail || response.statusText}`);
+    }
+
+    if (!response.body) {
+      throw new Error("Missing stream body from backend");
+    }
+
+    const decoder = new TextDecoder();
+    const reader = response.body.getReader();
+    let buffer = "";
+
+    while (true) {
+      const {value, done} = await reader.read();
+      if (done) {
+        break;
+      }
+
+      buffer += decoder.decode(value, {stream: true});
+      const lines = buffer.split(/\r?\n/);
+      buffer = lines.pop() ?? "";
+
+      for (const line of lines) {
+        if (!line.startsWith("data: ")) {
+          continue;
+        }
+        const data = line.slice(6).trim();
+        if (data === "[DONE]") {
+          return;
+        }
+        try {
+          yield JSON.parse(data) as AgentEvent;
+        } catch {
+          // Ignore malformed chunks and keep stream alive.
+        }
+      }
+    }
+  }
+}

package/src/lib/config.ts

@@ -0,0 +1,29 @@
+import path from "node:path";
+import os from "node:os";
+import dotenv from "dotenv";
+
+dotenv.config({path: path.resolve(process.cwd(), ".env"), quiet: true});
+
+export const APP_NAME = "astra-code";
+export const SESSION_DIR = path.join(os.homedir(), ".astra-code");
+export const SESSION_FILE = path.join(SESSION_DIR, "session.json");
+
+export const getBackendUrl = (): string =>
+  (process.env.ASTRA_BACKEND_URL ?? "https://api.astraaifor.me").replace(/\/+$/, "");
+
+export const getDefaultModel = (): string => process.env.ASTRA_MODEL ?? "gpt-5.1-codex";
+
+export const getDefaultClientId = (): string => process.env.ASTRA_CLIENT_ID ?? "astra-code";
+
+export const getRuntimeMode = (): string => process.env.ASTRA_RUNTIME_MODE ?? "astra-code";
+
+export const getProviderForModel = (model: string): string => {
+  const normalized = model.toLowerCase();
+  if (normalized.startsWith("gpt-") || normalized.includes("o1") || normalized.includes("o3")) {
+    return "openai";
+  }
+  if (normalized.startsWith("claude")) {
+    return "claude";
+  }
+  return process.env.ASTRA_PROVIDER ?? "claude";
+};

package/src/lib/sessionStore.ts

@@ -0,0 +1,27 @@
+import fs from "node:fs";
+import {SESSION_DIR, SESSION_FILE} from "./config.js";
+import type {AuthSession} from "../types/events.js";
+
+export const loadSession = (): AuthSession | null => {
+  if (!fs.existsSync(SESSION_FILE)) {
+    return null;
+  }
+
+  try {
+    const raw = fs.readFileSync(SESSION_FILE, "utf8");
+    return JSON.parse(raw) as AuthSession;
+  } catch {
+    return null;
+  }
+};
+
+export const saveSession = (session: AuthSession): void => {
+  fs.mkdirSync(SESSION_DIR, {recursive: true});
+  fs.writeFileSync(SESSION_FILE, `${JSON.stringify(session, null, 2)}\n`, "utf8");
+};
+
+export const clearSession = (): void => {
+  if (fs.existsSync(SESSION_FILE)) {
+    fs.unlinkSync(SESSION_FILE);
+  }
+};

package/src/lib/terminalBridge.ts

@@ -0,0 +1,80 @@
+import path from "node:path";
+import {spawn, spawnSync} from "node:child_process";
+
+export type TerminalRunResult = {
+  exit_code: number;
+  output: string;
+  cancelled: boolean;
+};
+
+const resolveCommandCwd = (workspaceRoot: string, cwd: string): string =>
+  path.resolve(workspaceRoot, cwd || ".");
+
+const isWithinWorkspace = (workspaceRoot: string, candidate: string): boolean => {
+  const rel = path.relative(path.resolve(workspaceRoot), path.resolve(candidate));
+  return rel === "" || (!rel.startsWith("..") && !path.isAbsolute(rel));
+};
+
+const escapesScopeByCommandText = (command: string): boolean => {
+  // Strict guardrail for astra-code mode: reject obvious out-of-scope path references.
+  return /(^|\s)(\/[^\s]*|~\/[^\s]*|\.\.\/[^\s]*)/.test(command);
+};
+
+export const runTerminalCommand = (
+  command: string,
+  cwd: string,
+  blocking: boolean,
+  workspaceRoot: string
+): TerminalRunResult => {
+  if (!command.trim()) {
+    return {exit_code: 1, output: "No command provided", cancelled: false};
+  }
+
+  const effectiveCwd = resolveCommandCwd(workspaceRoot, cwd);
+  if (!isWithinWorkspace(workspaceRoot, effectiveCwd)) {
+    return {
+      exit_code: 1,
+      output: `Command rejected: cwd escapes approved scope (${workspaceRoot})`,
+      cancelled: false
+    };
+  }
+  if (escapesScopeByCommandText(command)) {
+    return {
+      exit_code: 1,
+      output: "Command rejected: out-of-scope path reference detected in command text",
+      cancelled: false
+    };
+  }
+
+  if (!blocking) {
+    const child = spawn("zsh", ["-lc", command], {
+      cwd: effectiveCwd,
+      detached: true,
+      stdio: "ignore"
+    });
+    child.unref();
+    return {
+      exit_code: 0,
+      output: `Started in background (pid ${child.pid ?? "unknown"})`,
+      cancelled: false
+    };
+  }
+
+  const result = spawnSync("zsh", ["-lc", command], {
+    cwd: effectiveCwd,
+    encoding: "utf8",
+    timeout: 120_000,
+    maxBuffer: 1024 * 1024 * 8
+  });
+
+  const stdout = result.stdout ?? "";
+  const stderr = result.stderr ?? "";
+  const output = `${stdout}${stderr}`.trim();
+  const timedOut = Boolean(result.error && "code" in result.error && result.error.code === "ETIMEDOUT");
+
+  return {
+    exit_code: result.status ?? (timedOut ? 124 : 1),
+    output: output || (timedOut ? "Command timed out after 120s" : "Command completed with no output"),
+    cancelled: timedOut
+  };
+};

package/src/lib/trustStore.ts

@@ -0,0 +1,40 @@
+import fs from "node:fs";
+import path from "node:path";
+import {SESSION_DIR} from "./config.js";
+
+const TRUST_FILE = path.join(SESSION_DIR, "trusted-workspaces.json");
+
+type TrustRecord = {
+  trusted_at: string;
+};
+
+type TrustMap = Record<string, TrustRecord>;
+
+const readTrustMap = (): TrustMap => {
+  if (!fs.existsSync(TRUST_FILE)) {
+    return {};
+  }
+  try {
+    const raw = fs.readFileSync(TRUST_FILE, "utf8");
+    const parsed = JSON.parse(raw) as TrustMap;
+    return parsed && typeof parsed === "object" ? parsed : {};
+  } catch {
+    return {};
+  }
+};
+
+const writeTrustMap = (trustMap: TrustMap): void => {
+  fs.mkdirSync(SESSION_DIR, {recursive: true});
+  fs.writeFileSync(TRUST_FILE, `${JSON.stringify(trustMap, null, 2)}\n`, "utf8");
+};
+
+export const isWorkspaceTrusted = (workspaceRoot: string): boolean => {
+  const trustMap = readTrustMap();
+  return Boolean(trustMap[workspaceRoot]);
+};
+
+export const trustWorkspace = (workspaceRoot: string): void => {
+  const trustMap = readTrustMap();
+  trustMap[workspaceRoot] = {trusted_at: new Date().toISOString()};
+  writeTrustMap(trustMap);
+};