npm - @chainpatrol/cli - Versions diffs - 0.1.0 - Mend

@chainpatrol/cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/README.md +224 -0
package/dist/breakdown-JVN66HY3.js +69 -0
package/dist/chunk-D2QGXYXZ.js +126 -0
package/dist/chunk-E2LAMILJ.js +48 -0
package/dist/chunk-EEG7T6WT.js +287 -0
package/dist/chunk-H7UKKLCV.js +6572 -0
package/dist/chunk-IUZB3DQW.js +237 -0
package/dist/chunk-JCMWDZYY.js +39 -0
package/dist/chunk-U73SABXK.js +46 -0
package/dist/chunk-VFT3TD3E.js +82 -0
package/dist/cli.js +895 -0
package/dist/completions-EGQIARFC.js +12 -0
package/dist/config-Z3TASRME.js +10 -0
package/dist/configs-update-BK2S6AZ6.js +101 -0
package/dist/create-4SQUBQI7.js +128 -0
package/dist/drift-VRZKQC4P.js +80 -0
package/dist/found-4O3AISNI.js +93 -0
package/dist/healthcheck-7DR5MGEQ.js +94 -0
package/dist/list-6L7XR4SZ.js +94 -0
package/dist/list-HZAHEHDM.js +40 -0
package/dist/list-IBMM562A.js +139 -0
package/dist/list-json-TPBLJBD3.js +24 -0
package/dist/login-G7LPHKDR.js +162 -0
package/dist/login-json-LKB72OFY.js +71 -0
package/dist/logout-LA7VEKON.js +25 -0
package/dist/logout-json-4GIJZJ46.js +18 -0
package/dist/run-PABQKATZ.js +112 -0
package/dist/run-U62KVNTH.js +34 -0
package/dist/setup-skill-U24CJZ6T.js +211 -0
package/dist/snapshot-JEVDTE74.js +88 -0
package/dist/summary-YG5NYIOA.js +61 -0
package/dist/validate-PI7GPT5I.js +79 -0
package/package.json +50 -0

package/dist/chunk-EEG7T6WT.js ADDED Viewed

@@ -0,0 +1,287 @@
+import {
+  getConfig,
+  getConfigDir
+} from "./chunk-U73SABXK.js";
+// src/lib/auth.ts
+import {
+  appendFileSync,
+  chmodSync,
+  closeSync,
+  existsSync,
+  mkdirSync,
+  openSync,
+  readFileSync,
+  unlinkSync,
+  writeFileSync
+} from "fs";
+import { join } from "path";
+import { z } from "zod";
+var CLIENT_ID = "chainpatrol-cli";
+var AUTH_TIMEOUT_MS = 3e4;
+var credentialsSchema = z.object({
+  accessToken: z.string().min(1),
+  expiresAt: z.string().datetime({ offset: true }),
+  email: z.string().email().optional()
+});
+var getSessionResponseSchema = z.object({
+  user: z.object({
+    email: z.string().email().optional()
+  }).optional()
+});
+var deviceCodeResponseSchema = z.object({
+  device_code: z.string().min(1),
+  user_code: z.string().min(1),
+  verification_uri: z.string().url(),
+  verification_uri_complete: z.string().url().optional(),
+  expires_in: z.number().int().positive(),
+  interval: z.number().int().positive()
+});
+var pollSuccessResponseSchema = z.object({
+  access_token: z.string().min(1),
+  token_type: z.string().min(1),
+  expires_in: z.number().int().positive(),
+  scope: z.string()
+});
+var pollErrorResponseSchema = z.object({
+  error: z.string().optional()
+});
+function credsFile() {
+  return join(getConfigDir(), "credentials.json");
+}
+function debugFile() {
+  return join(getConfigDir(), "auth-debug.log");
+}
+function sanitizeDebugValue(value) {
+  if (Array.isArray(value)) {
+    return value.map((item) => sanitizeDebugValue(item));
+  }
+  if (value && typeof value === "object") {
+    const output = {};
+    for (const [key, entry] of Object.entries(value)) {
+      const isSensitive = /token|secret|password|authorization|key|session/i.test(key);
+      output[key] = isSensitive ? "[redacted]" : sanitizeDebugValue(entry);
+    }
+    return output;
+  }
+  return value;
+}
+function writeDebugLog(context, payload) {
+  try {
+    mkdirSync(getConfigDir(), { recursive: true });
+    const fileDescriptor = openSync(debugFile(), "a", 384);
+    chmodSync(debugFile(), 384);
+    try {
+      appendFileSync(
+        fileDescriptor,
+        `${(/* @__PURE__ */ new Date()).toISOString()} ${context}
+${JSON.stringify(sanitizeDebugValue(payload), null, 2)}
+`
+      );
+    } finally {
+      closeSync(fileDescriptor);
+    }
+    chmodSync(debugFile(), 384);
+  } catch {
+  }
+}
+var AuthNotLoggedInError = class extends Error {
+  constructor() {
+    super("Not logged in. Run `chainpatrol login` first.");
+  }
+};
+var AuthExpiredError = class extends Error {
+  constructor() {
+    super("Session expired. Run `chainpatrol login` to re-authenticate.");
+  }
+};
+var AuthCorruptedError = class extends Error {
+  constructor() {
+    super("Stored credentials are invalid. Run `chainpatrol login` to re-authenticate.");
+  }
+};
+function getCredentials() {
+  if (!existsSync(credsFile())) {
+    throw new AuthNotLoggedInError();
+  }
+  try {
+    const raw = readFileSync(credsFile(), "utf-8");
+    const parsed = JSON.parse(raw);
+    const validation = credentialsSchema.safeParse(parsed);
+    if (!validation.success) {
+      writeDebugLog("credentials-validation-failed", {
+        path: credsFile(),
+        errors: validation.error.issues,
+        parsed
+      });
+      throw new AuthCorruptedError();
+    }
+    return validation.data;
+  } catch (error) {
+    if (error instanceof AuthCorruptedError) {
+      throw error;
+    }
+    writeDebugLog("credentials-read-failed", {
+      path: credsFile(),
+      message: error instanceof Error ? error.message : String(error)
+    });
+    throw new AuthCorruptedError();
+  }
+}
+function storeCredentials(creds) {
+  mkdirSync(getConfigDir(), { recursive: true });
+  writeFileSync(credsFile(), JSON.stringify(creds, null, 2), { mode: 384 });
+}
+function clearCredentials() {
+  if (existsSync(credsFile())) {
+    unlinkSync(credsFile());
+  }
+}
+function isLoggedIn() {
+  try {
+    getValidCredentials();
+    return true;
+  } catch {
+    return false;
+  }
+}
+function getValidCredentials() {
+  const creds = getCredentials();
+  const expiresMs = new Date(creds.expiresAt).getTime();
+  if (Number.isNaN(expiresMs) || expiresMs < Date.now()) {
+    clearCredentials();
+    throw new AuthExpiredError();
+  }
+  return creds;
+}
+async function fetchUserEmail(accessToken) {
+  const config = getConfig();
+  try {
+    const res = await fetch(`${config.apiUrl}/api/better-auth/get-session`, {
+      headers: { Authorization: `Bearer ${accessToken}` },
+      signal: AbortSignal.timeout(AUTH_TIMEOUT_MS)
+    });
+    if (!res.ok) return null;
+    const rawData = await res.json();
+    const data = getSessionResponseSchema.safeParse(rawData);
+    if (!data.success) {
+      writeDebugLog("fetch-user-email-response-invalid", {
+        status: res.status,
+        errors: data.error.issues,
+        rawData
+      });
+      return null;
+    }
+    return data.data.user?.email ?? null;
+  } catch {
+    return null;
+  }
+}
+async function authFetch(url, body) {
+  try {
+    return await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(body),
+      signal: AbortSignal.timeout(AUTH_TIMEOUT_MS)
+    });
+  } catch (err) {
+    if (err instanceof DOMException && err.name === "TimeoutError") {
+      throw new Error("Request timed out. Check your network connection and try again.");
+    }
+    throw new Error("Network error. Check your internet connection and try again.");
+  }
+}
+async function requestDeviceCode() {
+  const config = getConfig();
+  const res = await authFetch(`${config.apiUrl}/api/better-auth/device/code`, {
+    client_id: CLIENT_ID
+  });
+  if (!res.ok) {
+    if (res.status >= 500) {
+      throw new Error(
+        "ChainPatrol API is temporarily unavailable. Please try again later."
+      );
+    }
+    throw new Error(`Authentication failed (${res.status}). Please try again.`);
+  }
+  const rawData = await res.json();
+  const data = deviceCodeResponseSchema.safeParse(rawData);
+  if (!data.success) {
+    writeDebugLog("request-device-code-response-invalid", {
+      status: res.status,
+      errors: data.error.issues,
+      rawData
+    });
+    throw new Error("Received an invalid authentication response. Please try again.");
+  }
+  return data.data;
+}
+async function pollForToken(deviceCode) {
+  const config = getConfig();
+  const res = await authFetch(`${config.apiUrl}/api/better-auth/device/token`, {
+    grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+    device_code: deviceCode,
+    client_id: CLIENT_ID
+  });
+  if (res.ok) {
+    const rawData = await res.json();
+    const data = pollSuccessResponseSchema.safeParse(rawData);
+    if (!data.success) {
+      writeDebugLog("poll-for-token-success-response-invalid", {
+        status: res.status,
+        errors: data.error.issues,
+        rawData
+      });
+      return {
+        status: "error",
+        message: "Received an invalid authentication response. Please run `chainpatrol login` again."
+      };
+    }
+    return {
+      status: "success",
+      accessToken: data.data.access_token,
+      expiresIn: data.data.expires_in
+    };
+  }
+  const rawError = await res.json();
+  const error = pollErrorResponseSchema.safeParse(rawError);
+  if (!error.success) {
+    writeDebugLog("poll-for-token-error-response-invalid", {
+      status: res.status,
+      errors: error.error.issues,
+      rawError
+    });
+    return {
+      status: "error",
+      message: "Received an invalid authentication response. Please run `chainpatrol login` again."
+    };
+  }
+  switch (error.data.error) {
+    case "authorization_pending":
+      return { status: "pending" };
+    case "slow_down":
+      return { status: "slow_down", addSeconds: 5 };
+    case "expired_token":
+      return { status: "expired" };
+    case "access_denied":
+      return { status: "denied" };
+    default:
+      return { status: "error", message: error.data.error ?? "Unknown error" };
+  }
+}
+export {
+  AuthNotLoggedInError,
+  AuthExpiredError,
+  AuthCorruptedError,
+  getCredentials,
+  storeCredentials,
+  clearCredentials,
+  isLoggedIn,
+  getValidCredentials,
+  fetchUserEmail,
+  requestDeviceCode,
+  pollForToken
+};