@beyondidentity/ai-cli 0.1.711

package/README.md

@@ -0,0 +1,66 @@
+# @beyondidentity/ai-cli
+
+Beyond Identity AI CLI - unified command-line interface for AI agent operations.
+
+## Features
+
+- **Proxy Management** (`byid proxy`): Start, stop, and manage the local proxy service
+- **Auth Flow** (`byid auth`): Beyond Identity authentication helper
+- **Launch** (`byid launch`): Launch programs with auth configured
+
+## Installation
+
+```bash
+# Install from rolling channel (Cloudsmith)
+npm install @beyondidentity/ai-cli@rolling
+
+# Or use directly with npx
+npx @beyondidentity/ai-cli@rolling --help
+```
+
+## Usage
+
+```bash
+# Show all commands
+byid --help
+
+# Proxy commands
+byid proxy start              # Start local proxy
+byid proxy info               # Show proxy status
+byid proxy stop               # Stop local proxy
+
+# Auth flow
+byid auth --help
+
+# Launch programs
+byid launch --help
+```
+
+## Private Registry Configuration
+
+Configure `~/.npmrc` for Cloudsmith access:
+
+```
+@beyondidentity:registry=https://npm.cloudsmith.io/beyond-identity/ai-agents-npm/
+//npm.cloudsmith.io/beyond-identity/ai-agents-npm/:_authToken=YOUR_TOKEN
+```
+
+## Platform Support
+
+Supports macOS (Intel/ARM), Linux (x64/ARM64), and Windows (x64).
+
+## Architecture
+
+This shim package automatically installs the correct platform binary via npm's `optionalDependencies` mechanism. Platform-specific binaries are published as separate packages:
+
+- `@beyondidentity/ai-cli-darwin-arm64`
+- `@beyondidentity/ai-cli-darwin-x64`
+- `@beyondidentity/ai-cli-linux-x64`
+- `@beyondidentity/ai-cli-linux-arm64`
+- `@beyondidentity/ai-cli-win32-x64`
+
+If `optionalDependencies` installation fails, a postinstall script will attempt to download the binary as a fallback.
+
+## License
+
+UNLICENSED - For internal use only.

package/bin/byid.js

@@ -0,0 +1,20 @@
+#!/usr/bin/env node
+
+// Execute the binary via index.js
+const { getBinaryPath } = require('../index.js');
+
+try {
+  const binaryPath = getBinaryPath();
+  const args = process.argv.slice(2);
+
+  // Execute binary directly - blocks until process exits
+  require('child_process').execFileSync(binaryPath, args, {
+    stdio: 'inherit'
+  });
+} catch (error) {
+  // Print error message if it's not from execFileSync
+  if (!error.status) {
+    console.error(error.message);
+  }
+  process.exit(error.status || 1);
+}

package/index.js

@@ -0,0 +1,85 @@
+#!/usr/bin/env node
+const { existsSync } = require('fs');
+const path = require('path');
+
+// Detect current platform
+function getPlatform() {
+  const platform = process.platform;
+  const arch = process.arch;
+
+  const platformMap = {
+    'darwin': 'darwin',
+    'linux': 'linux',
+    'win32': 'win32'
+  };
+
+  const archMap = {
+    'x64': 'x64',
+    'arm64': 'arm64',
+    'arm': 'arm'
+  };
+
+  const mappedPlatform = platformMap[platform];
+  const mappedArch = archMap[arch];
+
+  if (!mappedPlatform || !mappedArch) {
+    throw new Error(`Unsupported platform: ${platform}-${arch}`);
+  }
+
+  return `${mappedPlatform}-${mappedArch}`;
+}
+
+// Get binary path
+function getBinaryPath() {
+  const platform = getPlatform();
+  const binaryName = process.platform === 'win32' ? 'byid.exe' : 'byid';
+
+  // Strategy 1: Try platform-specific package (installed as optionalDependency)
+  const platformPackage = `@beyondidentity/ai-cli-${platform}`;
+  try {
+    const platformPath = require.resolve(`${platformPackage}/bin/${binaryName}`);
+    if (existsSync(platformPath)) {
+      return platformPath;
+    }
+  } catch (e) {
+    // Platform package not found, try fallback
+  }
+
+  // Strategy 2: Try fallback binary (downloaded by postinstall script)
+  const fallbackPath = path.join(__dirname, 'bin', binaryName);
+  if (existsSync(fallbackPath)) {
+    return fallbackPath;
+  }
+
+  // Neither strategy worked
+  throw new Error(
+    `Could not find binary for platform ${platform}.\n` +
+    `Tried:\n` +
+    `  1. Platform package: ${platformPackage}\n` +
+    `  2. Fallback download: ${fallbackPath}\n` +
+    `Make sure optionalDependencies are enabled or postinstall script ran successfully.\n` +
+    `For more information, contact Beyond Identity support.`
+  );
+}
+
+// Export for programmatic use
+module.exports = { getBinaryPath, getPlatform };
+
+// Execute if run directly
+if (require.main === module) {
+  try {
+    const binaryPath = getBinaryPath();
+    const args = process.argv.slice(2);
+
+    // Execute binary directly - blocks until process exits
+    require('child_process').execFileSync(binaryPath, args, {
+      stdio: 'inherit'
+    });
+  } catch (error) {
+    // Print error message if it's not from execFileSync
+    if (!error.status) {
+      console.error(error.message);
+    }
+    process.exit(error.status || 1);
+  }
+}

package/install.js

@@ -0,0 +1,418 @@
+#!/usr/bin/env node
+
+const fs = require('fs');
+const path = require('path');
+const https = require('https');
+const http = require('http');
+const zlib = require('zlib');
+const { execSync } = require('child_process');
+
+// Check if running in CI environment
+const isCI = process.env.CI === 'true' || process.env.CI === '1';
+
+// Logging helpers
+function log(...args) {
+  if (!isCI) {
+    console.log(...args);
+  }
+}
+
+function logProgress(message) {
+  if (!isCI) {
+    process.stdout.write(`\r${message}`);
+  }
+}
+
+// Detect current platform
+function getPlatform() {
+  const platform = process.platform;
+  const arch = process.arch;
+
+  const platformMap = {
+    'darwin': 'darwin',
+    'linux': 'linux',
+    'win32': 'win32'
+  };
+
+  const archMap = {
+    'x64': 'x64',
+    'arm64': 'arm64',
+    'arm': 'arm'
+  };
+
+  const mappedPlatform = platformMap[platform];
+  const mappedArch = archMap[arch];
+
+  if (!mappedPlatform || !mappedArch) {
+    throw new Error(`Unsupported platform: ${platform}-${arch}`);
+  }
+
+  return `${mappedPlatform}-${mappedArch}`;
+}
+
+// Check if optional dependency is already installed
+function checkOptionalDependency(platformPackage, binaryName) {
+  try {
+    const platformPath = require.resolve(`${platformPackage}/bin/${binaryName}`);
+    if (fs.existsSync(platformPath)) {
+      log(`✓ Platform package ${platformPackage} already installed`);
+      return true;
+    }
+  } catch (e) {
+    // Platform package not found
+  }
+  return false;
+}
+
+// Check if fallback binary already exists and is valid
+function checkFallbackBinary(binaryPath) {
+  if (fs.existsSync(binaryPath)) {
+    try {
+      fs.accessSync(binaryPath, fs.constants.X_OK);
+      log('✓ Fallback binary already exists and is executable');
+      return true;
+    } catch (e) {
+      // Binary exists but not executable, re-download
+      log('Existing fallback binary is invalid, re-downloading...');
+      fs.unlinkSync(binaryPath);
+    }
+  }
+  return false;
+}
+
+// Check write permissions for bin directory
+function checkWritePermissions() {
+  const binDir = path.join(__dirname, 'bin');
+  try {
+    fs.mkdirSync(binDir, { recursive: true });
+    const testFile = path.join(binDir, '.write-test');
+    fs.writeFileSync(testFile, 'test');
+    fs.unlinkSync(testFile);
+    return true;
+  } catch (error) {
+    if (error.code === 'EACCES') {
+      console.warn('⚠ Warning: No write permissions for bin/ directory');
+      console.warn('Run with appropriate permissions or contact your system administrator');
+      return false;
+    }
+    throw error;
+  }
+}
+
+
+// Construct download URL based on registry
+function constructDownloadUrl(packageName, version, registryUrl) {
+  // Extract package name without scope for tarball filename
+  const tarballName = packageName.split('/').pop();
+
+  return `${registryUrl}/${packageName}/-/${tarballName}-${version}.tgz`;
+}
+
+// Download file with progress indication
+function downloadBinary(url, destPath, options = {}) {
+  return new Promise((resolve, reject) => {
+    const protocol = url.startsWith('https') ? https : http;
+
+    log(`Downloading from: ${url}`);
+
+    const requestOptions = {
+      headers: options.headers || {},
+      timeout: options.timeout || 30000
+    };
+
+    const request = protocol.get(url, requestOptions, (response) => {
+      // Handle redirects
+      if (response.statusCode === 302 || response.statusCode === 301) {
+        log(`Following redirect to: ${response.headers.location}`);
+        return downloadBinary(response.headers.location, destPath, options)
+          .then(resolve)
+          .catch(reject);
+      }
+
+      // Handle authentication errors
+      if (response.statusCode === 401 || response.statusCode === 403) {
+        return reject(new Error(
+          'Authentication required. Package not found in public registry.\n' +
+          'This package may be in a private registry. Use npm/pnpm/yarn for installation,\n' +
+          'which will handle authentication automatically via your .npmrc configuration.'
+        ));
+      }
+
+      if (response.statusCode !== 200) {
+        return reject(new Error(`HTTP ${response.statusCode}: ${response.statusMessage}`));
+      }
+
+      const totalBytes = parseInt(response.headers['content-length'], 10);
+      let downloadedBytes = 0;
+
+      // Progress logging
+      response.on('data', (chunk) => {
+        downloadedBytes += chunk.length;
+        if (totalBytes) {
+          const percent = ((downloadedBytes / totalBytes) * 100).toFixed(1);
+          logProgress(`Downloading: ${percent}% (${downloadedBytes}/${totalBytes} bytes)`);
+        }
+      });
+
+      const fileStream = fs.createWriteStream(destPath);
+      response.pipe(fileStream);
+
+      fileStream.on('finish', () => {
+        fileStream.close();
+        if (!isCI) {
+          process.stdout.write('\n');
+        }
+
+        // Verify download completeness
+        if (totalBytes && downloadedBytes !== totalBytes) {
+          fs.unlinkSync(destPath);
+          return reject(new Error(`Incomplete download: ${downloadedBytes}/${totalBytes} bytes`));
+        }
+
+        log('✓ Download complete');
+        resolve();
+      });
+
+      fileStream.on('error', (err) => {
+        fs.unlinkSync(destPath);
+        reject(err);
+      });
+    });
+
+    request.on('error', reject);
+    request.on('timeout', () => {
+      request.destroy();
+      reject(new Error('Download timeout'));
+    });
+  });
+}
+
+// Download with retry logic
+async function downloadWithRetry(url, destPath, options = {}, maxRetries = 3) {
+  for (let attempt = 1; attempt <= maxRetries; attempt++) {
+    try {
+      await downloadBinary(url, destPath, options);
+      return;
+    } catch (error) {
+      if (attempt === maxRetries) {
+        throw error;
+      }
+      const delay = Math.pow(2, attempt) * 1000; // 2s, 4s, 8s
+      console.warn(`\n⚠ Download failed (attempt ${attempt}/${maxRetries}): ${error.message}`);
+      console.warn(`Retrying in ${delay/1000}s...`);
+      await new Promise(resolve => setTimeout(resolve, delay));
+    }
+  }
+}
+
+// Extract a specific file from a tar.gz archive
+// Implements manual tar parsing to avoid external dependencies
+// Tar format: 512-byte blocks, alternating header and data blocks
+function extractFileFromTarball(tarballBuffer, targetFilename) {
+  const BLOCK_SIZE = 512;
+  let offset = 0;
+
+  while (offset < tarballBuffer.length) {
+    // Read header block
+    const header = tarballBuffer.slice(offset, offset + BLOCK_SIZE);
+
+    // Check if we've reached the end (two zero blocks)
+    if (header.every(byte => byte === 0)) {
+      break;
+    }
+
+    // Extract filename (bytes 0-99, null-terminated)
+    const filenameBuffer = header.slice(0, 100);
+    const nullIndex = filenameBuffer.indexOf(0);
+    const filename = filenameBuffer.slice(0, nullIndex > 0 ? nullIndex : 100).toString('utf8');
+
+    // Extract file size (bytes 124-135, octal string)
+    const sizeStr = header.slice(124, 136).toString('utf8').trim().replace(/\0/g, '');
+    const fileSize = parseInt(sizeStr, 8) || 0;
+
+    // Move to data blocks
+    offset += BLOCK_SIZE;
+
+    // Check if this is the file we're looking for
+    if (filename === targetFilename || filename.endsWith('/' + targetFilename)) {
+      // Extract file data
+      const fileData = tarballBuffer.slice(offset, offset + fileSize);
+      return fileData;
+    }
+
+    // Skip to next header (file data is padded to 512-byte boundary)
+    const dataBlocks = Math.ceil(fileSize / BLOCK_SIZE);
+    offset += dataBlocks * BLOCK_SIZE;
+  }
+
+  return null;
+}
+
+// Download using npm pack (uses npm's authentication)
+function downloadViaPackageManager(platformPackage, binaryName) {
+  log('Using package manager to download platform package...');
+
+  const npmExecPath = process.env.npm_execpath;
+  if (!npmExecPath) {
+    throw new Error('npm executable path not found');
+  }
+
+  try {
+    // Use npm pack to download the tarball
+    // npm pack automatically uses .npmrc authentication
+    log(`Running: npm pack ${platformPackage}`);
+
+    const output = execSync(`"${npmExecPath}" pack ${platformPackage}`, {
+      encoding: 'utf8',
+      cwd: __dirname,
+      stdio: ['pipe', 'pipe', 'pipe']
+    });
+
+    // npm pack outputs the tarball filename
+    const tarballFilename = output.trim().split('\n').pop();
+    const tarballPath = path.join(__dirname, tarballFilename);
+
+    if (!fs.existsSync(tarballPath)) {
+      throw new Error(`Tarball not found: ${tarballPath}`);
+    }
+
+    log(`✓ Downloaded: ${tarballFilename}`);
+
+    // Extract the binary
+    extractBinary(tarballPath, binaryName);
+
+    return true;
+  } catch (error) {
+    throw new Error(`npm pack failed: ${error.message}`);
+  }
+}
+
+// Extract binary from tarball
+function extractBinary(tarballPath, binaryName) {
+  const extractDir = path.join(__dirname, 'bin');
+
+  try {
+    // Create bin directory
+    fs.mkdirSync(extractDir, { recursive: true });
+
+    log('Extracting tarball...');
+
+    // Read and decompress the .tgz file
+    const compressedData = fs.readFileSync(tarballPath);
+    const tarData = zlib.gunzipSync(compressedData);
+
+    // Platform packages have structure: package/bin/{binary-name}
+    const targetPath = `package/bin/${binaryName}`;
+
+    // Extract the binary from the tar archive
+    const binaryData = extractFileFromTarball(tarData, targetPath);
+
+    if (!binaryData) {
+      throw new Error(
+        `Binary '${binaryName}' not found in downloaded package.\n` +
+        `Expected at: ${targetPath}\n` +
+        `This may indicate a packaging issue.`
+      );
+    }
+
+    // Write binary to final location
+    const destBinary = path.join(extractDir, binaryName);
+    fs.writeFileSync(destBinary, binaryData);
+
+    // Set executable permissions
+    fs.chmodSync(destBinary, 0o755);
+
+    log(`✓ Binary extracted to: ${destBinary}`);
+
+    // Cleanup tarball
+    fs.unlinkSync(tarballPath);
+
+  } catch (error) {
+    // Cleanup on error
+    if (fs.existsSync(tarballPath)) {
+      fs.unlinkSync(tarballPath);
+    }
+    throw error;
+  }
+}
+
+// Main installation logic
+async function main() {
+  try {
+    const platform = getPlatform();
+    const binaryName = process.platform === 'win32' ? 'byid.exe' : 'byid';
+    const platformPackage = `@beyondidentity/ai-cli-${platform}`;
+
+    // Check if optionalDependency already installed
+    if (checkOptionalDependency(platformPackage, binaryName)) {
+      process.exit(0);
+    }
+
+    // Check if fallback binary already exists
+    const fallbackBinaryPath = path.join(__dirname, 'bin', binaryName);
+    if (checkFallbackBinary(fallbackBinaryPath)) {
+      process.exit(0);
+    }
+
+    log(`Platform package ${platformPackage} not found, attempting fallback download...`);
+
+    // Check write permissions
+    if (!checkWritePermissions()) {
+      process.exit(0);
+    }
+
+    // Strategy 1: If npm is available, use npm pack (handles auth automatically)
+    if (process.env.npm_execpath) {
+      log('Detected npm package manager');
+      try {
+        downloadViaPackageManager(platformPackage, binaryName);
+        log('✓ Fallback installation complete via npm');
+        process.exit(0);
+      } catch (npmError) {
+        console.warn(`\n⚠ npm pack failed: ${npmError.message}`);
+        console.warn('Falling back to direct HTTPS download...');
+      }
+    } else {
+      log('npm not detected, using direct HTTPS download');
+    }
+
+    // Strategy 2: Direct HTTPS download (for non-npm package managers)
+    const pkgJson = require('./package.json');
+    const version = pkgJson.version;
+    const registryUrl = pkgJson.registryUrl || process.env.NPM_REGISTRY_URL || 'https://registry.npmjs.org';
+
+    log(`Registry: ${registryUrl}`);
+    log(`Version: ${version}`);
+
+    // Construct download URL
+    const downloadUrl = constructDownloadUrl(platformPackage, version, registryUrl);
+
+    // Download tarball (assumes public registry, no auth needed)
+    const tarballPath = path.join(__dirname, `.temp-${platform}.tgz`);
+    await downloadWithRetry(downloadUrl, tarballPath);
+
+    // Extract binary (synchronous)
+    extractBinary(tarballPath, binaryName);
+
+    log('✓ Fallback installation complete via HTTPS');
+    process.exit(0);
+
+  } catch (error) {
+    console.warn('\n⚠ Warning: Fallback binary download failed');
+    console.warn(`Error: ${error.message}`);
+    console.warn('\nThe package may not work correctly on this platform.');
+    console.warn('Please ensure optionalDependencies are enabled in your package manager.');
+    console.warn('For more information, see the README or visit:');
+    console.warn('https://gitlab.byndid.com/ai/ai-agents');
+
+    // Don't fail the install - just warn
+    process.exit(0);
+  }
+}
+
+// Run if executed directly
+if (require.main === module) {
+  main();
+}
+
+module.exports = { getPlatform, constructDownloadUrl, extractFileFromTarball };

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@beyondidentity/ai-cli",
+  "version": "0.1.711+28e733c",
+  "description": "Beyond Identity AI CLI - unified command interface with proxy, auth, and launch commands",
+  "keywords": ["beyondidentity", "ai", "cli", "byid"],
+  "license": "UNLICENSED",
+  "bin": {
+    "byid": "./bin/byid.js"
+  },
+  "main": "./index.js",
+  "scripts": {
+    "postinstall": "node install.js"
+  },
+  "files": [
+    "index.js",
+    "install.js",
+    "bin/byid.js",
+    "THIRD_PARTY_LICENSES.txt"
+  ],
+  "optionalDependencies": {
+    "@beyondidentity/ai-cli-linux-x64": "0.1.711+28e733c"
+  },
+  "_commentedOutPlatforms": {
+    "_note": "These platforms are not yet supported but reserved for future use",
+    "_darwin-arm64": "@beyondidentity/ai-cli-darwin-arm64",
+    "_darwin-x64": "@beyondidentity/ai-cli-darwin-x64",
+    "_linux-arm64": "@beyondidentity/ai-cli-linux-arm64",
+    "_win32-x64": "@beyondidentity/ai-cli-win32-x64"
+  },
+  "registryUrl": "https://npm.cloudsmith.io/beyond-identity/ai-agents-npm",
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}