@bookedsolid/reagent 0.14.2 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +61 -9
- package/dist/cli/commands/account.d.ts +2 -0
- package/dist/cli/commands/account.d.ts.map +1 -0
- package/dist/cli/commands/account.js +455 -0
- package/dist/cli/commands/account.js.map +1 -0
- package/dist/cli/commands/init/index.d.ts.map +1 -1
- package/dist/cli/commands/init/index.js +3 -0
- package/dist/cli/commands/init/index.js.map +1 -1
- package/dist/cli/commands/init/mcp-config.d.ts.map +1 -1
- package/dist/cli/commands/init/mcp-config.js +27 -17
- package/dist/cli/commands/init/mcp-config.js.map +1 -1
- package/dist/cli/commands/init/package-dep.d.ts +13 -0
- package/dist/cli/commands/init/package-dep.d.ts.map +1 -0
- package/dist/cli/commands/init/package-dep.js +112 -0
- package/dist/cli/commands/init/package-dep.js.map +1 -0
- package/dist/cli/commands/upgrade.d.ts.map +1 -1
- package/dist/cli/commands/upgrade.js +54 -2
- package/dist/cli/commands/upgrade.js.map +1 -1
- package/dist/cli/index.js +5 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/config/accounts.d.ts +26 -0
- package/dist/config/accounts.d.ts.map +1 -0
- package/dist/config/accounts.js +104 -0
- package/dist/config/accounts.js.map +1 -0
- package/dist/gateway/client-manager.d.ts.map +1 -1
- package/dist/gateway/client-manager.js +3 -1
- package/dist/gateway/client-manager.js.map +1 -1
- package/dist/platform/keychain.d.ts +26 -0
- package/dist/platform/keychain.d.ts.map +1 -0
- package/dist/platform/keychain.js +92 -0
- package/dist/platform/keychain.js.map +1 -0
- package/dist/types/accounts.d.ts +22 -0
- package/dist/types/accounts.d.ts.map +1 -0
- package/dist/types/accounts.js +2 -0
- package/dist/types/accounts.js.map +1 -0
- package/dist/types/audit.d.ts +1 -0
- package/dist/types/audit.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/package.json +2 -1
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
import { execFileSync } from 'node:child_process';
|
|
2
|
+
const KEYCHAIN_ACCOUNT = 'reagent';
|
|
3
|
+
/**
|
|
4
|
+
* Store a credential blob in macOS Keychain under a reagent-namespaced service.
|
|
5
|
+
*/
|
|
6
|
+
export function keychainSet(service, credential) {
|
|
7
|
+
const data = JSON.stringify(credential);
|
|
8
|
+
// Delete existing entry first (ignore errors if it doesn't exist)
|
|
9
|
+
try {
|
|
10
|
+
execFileSync('security', ['delete-generic-password', '-s', service, '-a', KEYCHAIN_ACCOUNT], {
|
|
11
|
+
stdio: 'pipe',
|
|
12
|
+
});
|
|
13
|
+
}
|
|
14
|
+
catch {
|
|
15
|
+
// Entry doesn't exist yet — that's fine
|
|
16
|
+
}
|
|
17
|
+
execFileSync('security', ['add-generic-password', '-s', service, '-a', KEYCHAIN_ACCOUNT, '-w', data, '-U'], { stdio: 'pipe' });
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* Retrieve a credential blob from macOS Keychain.
|
|
21
|
+
*/
|
|
22
|
+
export function keychainGet(service) {
|
|
23
|
+
try {
|
|
24
|
+
const raw = execFileSync('security', ['find-generic-password', '-s', service, '-a', KEYCHAIN_ACCOUNT, '-w'], { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf8' });
|
|
25
|
+
return JSON.parse(raw.trim());
|
|
26
|
+
}
|
|
27
|
+
catch {
|
|
28
|
+
return null;
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Delete a credential from macOS Keychain.
|
|
33
|
+
*/
|
|
34
|
+
export function keychainDelete(service) {
|
|
35
|
+
try {
|
|
36
|
+
execFileSync('security', ['delete-generic-password', '-s', service, '-a', KEYCHAIN_ACCOUNT], {
|
|
37
|
+
stdio: 'pipe',
|
|
38
|
+
});
|
|
39
|
+
return true;
|
|
40
|
+
}
|
|
41
|
+
catch {
|
|
42
|
+
return false;
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Check if a credential exists in macOS Keychain.
|
|
47
|
+
*/
|
|
48
|
+
export function keychainExists(service) {
|
|
49
|
+
try {
|
|
50
|
+
execFileSync('security', ['find-generic-password', '-s', service, '-a', KEYCHAIN_ACCOUNT], {
|
|
51
|
+
stdio: 'pipe',
|
|
52
|
+
});
|
|
53
|
+
return true;
|
|
54
|
+
}
|
|
55
|
+
catch {
|
|
56
|
+
return false;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Read Claude Code's own keychain credential.
|
|
61
|
+
*/
|
|
62
|
+
export function readClaudeCodeCredential() {
|
|
63
|
+
try {
|
|
64
|
+
const raw = execFileSync('security', ['find-generic-password', '-s', 'Claude Code-credentials', '-w'], { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf8' });
|
|
65
|
+
const parsed = JSON.parse(raw.trim());
|
|
66
|
+
// Claude Code stores {oauth_token, refresh_token, expiry, ...} — normalize to our shape
|
|
67
|
+
return {
|
|
68
|
+
accessToken: parsed.oauth_token || parsed.accessToken,
|
|
69
|
+
refreshToken: parsed.refresh_token || parsed.refreshToken,
|
|
70
|
+
expiresAt: parsed.expiry || parsed.expiresAt,
|
|
71
|
+
scopes: parsed.scopes,
|
|
72
|
+
};
|
|
73
|
+
}
|
|
74
|
+
catch {
|
|
75
|
+
return null;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Write back a credential to Claude Code's own keychain entry.
|
|
80
|
+
*/
|
|
81
|
+
export function writeClaudeCodeCredential(data) {
|
|
82
|
+
try {
|
|
83
|
+
execFileSync('security', ['delete-generic-password', '-s', 'Claude Code-credentials'], {
|
|
84
|
+
stdio: 'pipe',
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
catch {
|
|
88
|
+
// Doesn't exist yet
|
|
89
|
+
}
|
|
90
|
+
execFileSync('security', ['add-generic-password', '-s', 'Claude Code-credentials', '-w', data, '-U'], { stdio: 'pipe' });
|
|
91
|
+
}
|
|
92
|
+
//# sourceMappingURL=keychain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keychain.js","sourceRoot":"","sources":["../../src/platform/keychain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,MAAM,gBAAgB,GAAG,SAAS,CAAC;AAEnC;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,UAA6B;IACxE,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAExC,kEAAkE;IAClE,IAAI,CAAC;QACH,YAAY,CAAC,UAAU,EAAE,CAAC,yBAAyB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE;YAC3F,KAAK,EAAE,MAAM;SACd,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,wCAAwC;IAC1C,CAAC;IAED,YAAY,CACV,UAAU,EACV,CAAC,sBAAsB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,EACjF,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CACtB,UAAU,EACV,CAAC,uBAAuB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,CAAC,EACtE,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,CACtD,CAAC;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAsB,CAAC;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,YAAY,CAAC,UAAU,EAAE,CAAC,yBAAyB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE;YAC3F,KAAK,EAAE,MAAM;SACd,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,YAAY,CAAC,UAAU,EAAE,CAAC,uBAAuB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE;YACzF,KAAK,EAAE,MAAM;SACd,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB;IACtC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CACtB,UAAU,EACV,CAAC,uBAAuB,EAAE,IAAI,EAAE,yBAAyB,EAAE,IAAI,CAAC,EAChE,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,CACtD,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QACtC,wFAAwF;QACxF,OAAO;YACL,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,WAAW;YACrD,YAAY,EAAE,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,YAAY;YACzD,SAAS,EAAE,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,SAAS;YAC5C,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,IAAY;IACpD,IAAI,CAAC;QACH,YAAY,CAAC,UAAU,EAAE,CAAC,yBAAyB,EAAE,IAAI,EAAE,yBAAyB,CAAC,EAAE;YACrF,KAAK,EAAE,MAAM;SACd,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,oBAAoB;IACtB,CAAC;IACD,YAAY,CACV,UAAU,EACV,CAAC,sBAAsB,EAAE,IAAI,EAAE,yBAAyB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,EAC3E,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
export interface AccountBudget {
|
|
2
|
+
warn_usd?: number;
|
|
3
|
+
halt_usd?: number;
|
|
4
|
+
period?: 'monthly' | 'weekly' | 'daily';
|
|
5
|
+
}
|
|
6
|
+
export interface Account {
|
|
7
|
+
description?: string;
|
|
8
|
+
credential_store: 'keychain';
|
|
9
|
+
keychain_service: string;
|
|
10
|
+
budget?: AccountBudget;
|
|
11
|
+
}
|
|
12
|
+
export interface AccountsConfig {
|
|
13
|
+
version: string;
|
|
14
|
+
accounts: Record<string, Account>;
|
|
15
|
+
}
|
|
16
|
+
export interface AccountCredential {
|
|
17
|
+
accessToken: string;
|
|
18
|
+
refreshToken?: string;
|
|
19
|
+
expiresAt?: string;
|
|
20
|
+
scopes?: string[];
|
|
21
|
+
}
|
|
22
|
+
//# sourceMappingURL=accounts.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"accounts.d.ts","sourceRoot":"","sources":["../../src/types/accounts.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,SAAS,GAAG,QAAQ,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,OAAO;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,UAAU,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,CAAC,EAAE,aAAa,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"accounts.js","sourceRoot":"","sources":["../../src/types/accounts.ts"],"names":[],"mappings":""}
|
package/dist/types/audit.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/types/audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEpD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,gBAAgB,CAAC;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;CACnB"}
|
|
1
|
+
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/types/audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEpD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,gBAAgB,CAAC;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;CACnB"}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -2,4 +2,5 @@ export { Tier, AutonomyLevel, InvocationStatus } from './enums.js';
|
|
|
2
2
|
export type { Policy } from './policy.js';
|
|
3
3
|
export type { GatewayConfig, DownstreamServer, ToolOverride } from './gateway.js';
|
|
4
4
|
export type { AuditRecord } from './audit.js';
|
|
5
|
+
export type { Account, AccountsConfig, AccountCredential, AccountBudget } from './accounts.js';
|
|
5
6
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACnE,YAAY,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAClF,YAAY,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACnE,YAAY,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAClF,YAAY,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@bookedsolid/reagent",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.15.0",
|
|
4
4
|
"description": "Governance layer for Claude Code — policy enforcement, hook-based safety gates, and audit logging for AI-assisted projects",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Booked Solid Technology <oss@bookedsolid.tech> (https://bookedsolid.tech)",
|
|
@@ -76,6 +76,7 @@
|
|
|
76
76
|
"zod": "^3.23.0"
|
|
77
77
|
},
|
|
78
78
|
"devDependencies": {
|
|
79
|
+
"@bookedsolid/reagent": "latest",
|
|
79
80
|
"@changesets/cli": "^2.30.0",
|
|
80
81
|
"@types/node": "^25.5.2",
|
|
81
82
|
"@typescript-eslint/eslint-plugin": "^8.0.0",
|