@clubnet/seedclub 0.2.0

package/LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2026 Seed Club
+Copyright (c) 2025 Mario Zechner (original pi project)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,246 @@
+# seedclub
+
+The Human+ Venture Network — AI agent for deal sourcing, research, and signal tracking.
+
+Requirements: Node.js 22+
+
+## Install
+
+```bash
+npm install -g @clubnet/seedclub
+```
+
+Then:
+
+```bash
+seedclub
+```
+
+Use `/login` to set up your API keys.
+
+### Alternative: curl | bash
+
+```bash
+curl -fsSL https://raw.githubusercontent.com/seedclub/seedclub/main/install.sh | bash
+```
+
+### Team onboarding (private package)
+
+seedclub is published to npmjs as a private package in the `@clubnet` org.
+
+Fast path:
+
+```bash
+SEEDCLUB_NPM_TOKEN=YOUR_NPM_TOKEN curl -fsSL https://raw.githubusercontent.com/seedclub/seedclub/main/install.sh | bash
+seedclub setup-auth
+```
+
+Manual one-time `.npmrc` setup:
+
+```bash
+echo "@clubnet:registry=https://registry.npmjs.org/" >> ~/.npmrc
+echo "//registry.npmjs.org/:_authToken=YOUR_NPM_TOKEN" >> ~/.npmrc
+```
+
+Then `npm install -g @clubnet/seedclub` works.
+
+## Commands
+
+| Command | What it does |
+|---|---|
+| `/seedclub` | Main menu — connect, add signals, sort signals |
+| `/add <url>` | Add a signal (any URL) |
+| `/sort` | Sort signals into angel.md values |
+| `seedclub setup-auth` | Configure npm auth for npmjs private package access in `~/.npmrc` |
+
+## How it works
+
+seedclub is an npm package (`@clubnet/seedclub`) that wraps [pi](https://github.com/badlogic/pi-mono) as a dependency. Installing the package globally gives you the `seedclub` command.
+
+The `seedclub` CLI wrapper does three things:
+1. Sets `PI_CODING_AGENT_DIR` to point pi at `~/.seedclub/agent/`
+2. Sets `PI_SKIP_VERSION_CHECK=1` so pi's update banner never shows
+3. Spawns the pi binary from the package's own `node_modules/`
+
+A `postinstall` script runs after every install/update and sets up:
+
+```
+~/.seedclub/
+  └── agent/
+        ├── extensions/
+        │     ├── seedclub/        ← core: auth, tools, commands
+        │     └── seedclub-ui/     ← UI: welcome screen, update check
+        ├── themes/
+        │     └── seedclub.json
+        ├── settings.json
+        └── .seedclub-version
+```
+
+This means:
+- Running `seedclub` → uses `~/.seedclub/agent/` config, package-local pi binary
+- Running `pi` (if installed separately) → uses `~/.pi/agent/` config, totally independent
+- **seedclub never modifies pi's installation**
+
+## Version pinning
+
+seedclub pins versions in `package.json`:
+
+```json
+{
+  "version": "0.2.0",
+  "dependencies": {
+    "@mariozechner/pi-coding-agent": "0.52.9"
+  }
+}
+```
+
+Users never interact with pi's npm package directly. When they run `seedclub update`, it runs `npm install -g @clubnet/seedclub@latest`.
+
+## Theme
+
+The seedclub theme lives at `assets/theme/seedclub.json` and gets installed to `~/.seedclub/agent/themes/seedclub.json`.
+
+It's a standard pi theme with 51 color tokens. Edit it to change any visual aspect of the app:
+
+| Section | What it controls |
+|---|---|
+| **Core UI** | `accent`, `border`, `success`, `error`, `warning`, `muted`, `text` |
+| **Backgrounds** | User messages, tool boxes (pending/success/error), selection highlight |
+| **Markdown** | Headings, links, code blocks, quotes, list bullets |
+| **Syntax** | Comments, keywords, functions, strings, numbers, types |
+| **Thinking borders** | Editor border color per thinking level (off → xhigh) |
+| **Diffs** | Added/removed/context lines in tool output |
+
+The `vars` block at the top defines reusable colors (e.g. `brand: "#00C853"`) that are referenced throughout `colors`. To change the brand color, just update `vars.brand`.
+
+**Hot reload:** Edit the theme file while seedclub is running and it reloads instantly.
+
+Colors can be hex (`"#00C853"`), 256-color palette index (`242`), a reference to a `vars` entry (`"brand"`), or empty string (`""`) for the terminal default.
+
+## Development
+
+### Setup
+
+```bash
+git clone https://github.com/seedclub/seedclub.git
+cd seedclub
+
+# Install locally from the repo
+npm install -g ./
+```
+
+### Repo structure
+
+```
+seedclub/
+  ├── package.json       ← npm package definition (@clubnet/seedclub)
+  ├── bin/cli.js         ← Node.js CLI wrapper (the `seedclub` command)
+  ├── postinstall.js     ← runs after npm install (sets up ~/.seedclub/agent/)
+  ├── install.sh         ← curl | bash installer (just runs npm install -g)
+  ├── README.md
+  └── assets/
+        ├── theme/
+        │     └── seedclub.json
+        └── extensions/
+              ├── seedclub/        ← core extension source
+              └── seedclub-ui/     ← UI extension source
+```
+
+The `assets/` directory contains the canonical source for extensions and themes. The postinstall script copies these into `~/.seedclub/agent/`.
+
+### Updating pi
+
+When a new pi version comes out:
+
+1. **Test it locally:**
+   ```bash
+   # Update the dependency
+   npm install @mariozechner/pi-coding-agent@NEW_VERSION
+   npm install -g ./
+   seedclub  # test everything works
+   ```
+
+2. **Bump versions:**
+   Update the `package.json` dependency and package version:
+   ```json
+   {
+     "version": "0.3.0",
+     "dependencies": {
+       "@mariozechner/pi-coding-agent": "0.52.12"
+     }
+   }
+   ```
+
+3. **Publish:**
+   ```bash
+   git add -A
+   git commit -m "bump pi to 0.52.12"
+   git push
+   npm publish
+   ```
+
+Users get the update when they run `seedclub update`.
+
+### Updating extensions
+
+Extensions live in `assets/extensions/`. Edit them there, then:
+
+```bash
+# Test locally
+npm install -g ./
+seedclub  # test
+
+# When ready, bump package version and publish
+git add -A
+git commit -m "update extensions"
+git push
+npm publish
+```
+
+For reproducible extension dependency installs, commit `assets/extensions/seedclub/package-lock.json` and keep it in sync when changing extension deps.
+
+### Release checklist
+
+1. Test new pi version locally
+2. Test extensions work
+3. Bump version in `package.json`
+4. Push to main
+5. `npm publish`
+
+### Publishing
+
+```bash
+# One-time setup
+echo "@clubnet:registry=https://registry.npmjs.org/" >> ~/.npmrc
+echo "//registry.npmjs.org/:_authToken=YOUR_NPM_TOKEN" >> ~/.npmrc
+
+# Publish
+npm publish --access restricted
+```
+
+## Update
+
+```bash
+seedclub update
+```
+
+## Uninstall
+
+```bash
+npm uninstall -g @clubnet/seedclub
+rm -rf ~/.seedclub
+```
+
+### Coming from the old version (curl | bash)
+
+The previous version installed into `~/.seedclub/bin/` and modified your PATH. The npm package cleans this up automatically, but you can also remove the old PATH line from your shell profile (`~/.zshrc`, `~/.bashrc`, etc.) manually.
+
+```bash
+npm install -g @clubnet/seedclub
+```
+
+If you have pi installed globally (`npm install -g @mariozechner/pi-coding-agent`), that's fine — seedclub and pi are completely independent.
+
+## License
+
+MIT

package/assets/extensions/seedclub/api-client.ts

@@ -0,0 +1,102 @@
+/**
+ * API Client for Seed Club.
+ * Simple HTTP client with Bearer token auth.
+ */
+
+import { clearStoredToken, getApiBase, getToken } from "./auth.js";
+
+let cachedToken: string | null = null;
+let cachedApiBase: string | null = null;
+
+export class ApiError extends Error {
+	constructor(
+		public status: number,
+		message: string,
+		public details?: unknown,
+	) {
+		super(message);
+		this.name = "ApiError";
+	}
+}
+
+export class NotConnectedError extends Error {
+	constructor() {
+		super("Not connected. Run /seedclub to authenticate.");
+		this.name = "NotConnectedError";
+	}
+}
+
+export function setCachedToken(token: string, apiBase: string): void {
+	cachedToken = token;
+	cachedApiBase = apiBase;
+}
+
+export async function clearCredentials(): Promise<void> {
+	cachedToken = null;
+	cachedApiBase = null;
+	await clearStoredToken();
+}
+
+async function getAuthToken(): Promise<string> {
+	if (cachedToken) return cachedToken;
+	const token = await getToken();
+	if (!token) throw new NotConnectedError();
+	cachedToken = token;
+	cachedApiBase = getApiBase();
+	return token;
+}
+
+interface RequestOptions {
+	method?: "GET" | "POST" | "PATCH" | "DELETE";
+	body?: unknown;
+	params?: Record<string, string | number | undefined>;
+}
+
+async function apiRequest<T>(endpoint: string, options: RequestOptions = {}): Promise<T> {
+	const { method = "GET", body, params } = options;
+	const token = await getAuthToken();
+	const apiBase = cachedApiBase || getApiBase();
+
+	const url = new URL(`/api/mcp${endpoint}`, apiBase);
+	if (params) {
+		for (const [key, value] of Object.entries(params)) {
+			if (value !== undefined) url.searchParams.set(key, String(value));
+		}
+	}
+
+	const response = await fetch(url.toString(), {
+		method,
+		headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
+		body: body ? JSON.stringify(body) : undefined,
+	});
+
+	if (response.status === 401) {
+		await clearCredentials();
+		throw new ApiError(401, "Token expired or revoked. Run /seedclub to reconnect.");
+	}
+
+	const text = await response.text();
+	let data: any;
+	try {
+		data = text ? JSON.parse(text) : {};
+	} catch {
+		if (!response.ok) {
+			throw new ApiError(response.status, `Request failed (${response.status}): ${text.slice(0, 200)}`);
+		}
+		throw new ApiError(response.status, `Invalid JSON response from server: ${text.slice(0, 200)}`);
+	}
+
+	if (!response.ok) {
+		throw new ApiError(response.status, data.error || `Request failed (${response.status})`, data.details);
+	}
+	return data as T;
+}
+
+export const api = {
+	get: <T>(endpoint: string, params?: Record<string, string | number | undefined>) =>
+		apiRequest<T>(endpoint, { method: "GET", params }),
+	post: <T>(endpoint: string, body: unknown) => apiRequest<T>(endpoint, { method: "POST", body }),
+	patch: <T>(endpoint: string, body: unknown) => apiRequest<T>(endpoint, { method: "PATCH", body }),
+	delete: <T>(endpoint: string, params?: Record<string, string | number | undefined>) =>
+		apiRequest<T>(endpoint, { method: "DELETE", params }),
+};

package/assets/extensions/seedclub/auth.ts

@@ -0,0 +1,89 @@
+/**
+ * Token storage for Seed Club.
+ *
+ * Priority: SEEDCLUB_TOKEN env var > stored token file.
+ * Use /seedclub to connect.
+ */
+
+import { chmod, mkdir, readFile, unlink, writeFile } from "node:fs/promises";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+const CONFIG_DIR = join(homedir(), ".config", "seedclub");
+const TOKEN_FILE = join(CONFIG_DIR, "token");
+const LEGACY_CONFIG_DIR = join(homedir(), ".config", "looseleaf");
+const LEGACY_TOKEN_FILE = join(LEGACY_CONFIG_DIR, "token");
+const DEFAULT_API_BASE = "https://looseleaf-rouge.vercel.app";
+
+export interface StoredToken {
+	token: string;
+	email: string;
+	createdAt: string;
+	apiBase: string;
+}
+
+let _cachedApiBase: string | null = null;
+
+export function getApiBase(): string {
+	if (process.env.SEEDCLUB_API || process.env.SEED_NETWORK_API)
+		return process.env.SEEDCLUB_API || process.env.SEED_NETWORK_API!;
+	if (_cachedApiBase) return _cachedApiBase;
+	return DEFAULT_API_BASE;
+}
+
+export function setCachedApiBase(apiBase: string): void {
+	_cachedApiBase = apiBase;
+}
+
+export function clearCachedApiBase(): void {
+	_cachedApiBase = null;
+}
+
+async function tryReadTokenFile(path: string): Promise<StoredToken | null> {
+	try {
+		const content = await readFile(path, "utf-8");
+		const stored = JSON.parse(content) as StoredToken;
+		if (!stored.token || !stored.token.startsWith("sn_")) return null;
+		if (stored.apiBase && !process.env.SEEDCLUB_API) {
+			_cachedApiBase = stored.apiBase;
+		}
+		return stored;
+	} catch {
+		return null;
+	}
+}
+
+export async function getStoredToken(): Promise<StoredToken | null> {
+	// Try new location first, fall back to legacy
+	const stored = await tryReadTokenFile(TOKEN_FILE);
+	if (stored) return stored;
+	return await tryReadTokenFile(LEGACY_TOKEN_FILE);
+}
+
+export async function getToken(): Promise<string | null> {
+	if (process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)
+		return (process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)!;
+	const stored = await getStoredToken();
+	return stored?.token ?? null;
+}
+
+export async function storeToken(token: string, email: string, apiBase: string): Promise<void> {
+	await mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+	await writeFile(
+		TOKEN_FILE,
+		JSON.stringify({ token, email, createdAt: new Date().toISOString(), apiBase }, null, 2),
+		{ mode: 0o600 },
+	);
+	try {
+		await chmod(TOKEN_FILE, 0o600);
+	} catch {}
+}
+
+export async function clearStoredToken(): Promise<boolean> {
+	try {
+		await unlink(TOKEN_FILE);
+		return true;
+	} catch {
+		return false;
+	}
+}