@cognisos/liminal 2.4.1 → 2.4.2

package/dist/bin.js

@@ -78,7 +78,7 @@ var init_pipeline = __esm({
 });
 
 // src/version.ts
-var VERSION = true ? "2.4.1" : "0.2.1";
+var VERSION = true ? "2.4.2" : "0.2.1";
 var BANNER_LINES = [
   " ___       ___  _____ ______   ___  ________   ________  ___",
   "|\\  \\     |\\  \\|\\   _ \\  _   \\|\\  \\|\\   ___  \\|\\   __  \\|\\  \\",
@@ -124,7 +124,7 @@ var DEFAULTS = {
   compressRoles: ["user", "assistant"],
   compressToolResults: true,
   learnFromResponses: true,
-  latencyBudgetMs: 5e3,
+  latencyBudgetMs: 1e4,
   enabled: true,
   tools: [],
   concurrencyLimit: 6,
@@ -912,9 +912,9 @@ import { homedir as homedir4 } from "os";
 var INFO3 = {
   id: "cursor",
   label: "Cursor",
-  description: "AI-first code editor (GUI config required)",
+  description: "AI-first code editor (proxy-based, automated)",
   protocol: "openai-chat",
-  automatable: false
+  automatable: true
 };
 function getCursorPaths() {
   const platform = process.platform;
@@ -967,25 +967,20 @@ var cursorConnector = {
     return {
       success: true,
       shellExports: [],
-      // No env vars — GUI only
       postSetupInstructions: [
-        "Cursor routes API calls through its cloud servers, so localhost",
-        "URLs are blocked. You need a tunnel to expose the proxy:",
+        "Run the automated setup:",
         "",
-        `  npx cloudflared tunnel --url http://localhost:${port}`,
+        "  liminal setup cursor",
         "",
-        "Then configure Cursor with the tunnel URL:",
+        "This will:",
+        "  1. Generate and install a local CA certificate",
+        "  2. Launch Cursor with --proxy-server=http://127.0.0.1:" + port,
         "",
-        "  1. Open Cursor Settings (not VS Code settings)",
-        "  2. Go to Models",
-        '  3. Enable "Override OpenAI Base URL (when using key)"',
-        "  4. Set the base URL to your tunnel URL + /v1",
-        "     (e.g., https://abc123.trycloudflare.com/v1)",
-        "  5. Enter your real OpenAI/Anthropic API key",
-        "  6. Restart Cursor",
+        "All LLM API calls are transparently intercepted and compressed.",
+        "No Cursor settings changes needed \u2014 works with all models.",
         "",
-        "Cursor uses OpenAI format for all models, including Claude.",
-        "Both Chat Completions and Agent mode (Responses API) are supported."
+        "Or launch Cursor manually:",
+        `  cursor --proxy-server=http://127.0.0.1:${port}`
       ]
     };
   },
@@ -1376,23 +1371,62 @@ async function compressConversation(pipeline, session, plan, options = { compres
     totalTokensSaved += saved;
   };
   const log = options.logFn;
-  const compressed = await Promise.all(
-    plan.messages.map(async (tm) => {
-      const role = tm.message.role;
-      const blockTypes = Array.isArray(tm.message.content) ? tm.message.content.map((b) => b.type).join(",") : "string";
-      if (tm.tier === "hot") {
-        log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 HOT (verbatim)`);
-        return tm.message;
-      }
-      if (tm.eligibleTokens === 0) {
-        log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 ${tm.tier.toUpperCase()} (0 eligible tok, skip)`);
-        return tm.message;
-      }
-      log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 ${tm.tier.toUpperCase()} (${tm.eligibleTokens} eligible tok, batch compressing)`);
-      return batchCompressMessage(tm.message, pipeline, session, record, options);
-    })
-  );
-  return { messages: compressed, anyCompressed, totalTokensSaved };
+  const threshold = options.compressionThreshold ?? 100;
+  const results = new Array(plan.messages.length);
+  const compressible = [];
+  for (let i = 0; i < plan.messages.length; i++) {
+    const tm = plan.messages[i];
+    const role = tm.message.role;
+    const blockTypes = Array.isArray(tm.message.content) ? tm.message.content.map((b) => b.type).join(",") : "string";
+    if (tm.tier === "hot") {
+      log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 HOT (verbatim)`);
+      results[i] = tm.message;
+      continue;
+    }
+    if (tm.eligibleTokens === 0) {
+      log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 ${tm.tier.toUpperCase()} (0 eligible tok, skip)`);
+      results[i] = tm.message;
+      continue;
+    }
+    const proseEstimate = estimateProseTokens(tm.message, options.compressToolResults);
+    if (proseEstimate < threshold) {
+      log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 ${tm.tier.toUpperCase()} (${proseEstimate} prose tok after segmentation < ${threshold} threshold, skip)`);
+      results[i] = tm.message;
+      continue;
+    }
+    log?.(`[BLOCK] #${tm.index} ${role} [${blockTypes}] \u2192 ${tm.tier.toUpperCase()} (${tm.eligibleTokens} eligible tok, ~${proseEstimate} prose tok, compressing)`);
+    compressible.push({ planIdx: i, tm });
+  }
+  compressible.sort((a, b) => b.tm.eligibleTokens - a.tm.eligibleTokens);
+  for (const { planIdx, tm } of compressible) {
+    results[planIdx] = await batchCompressMessage(tm.message, pipeline, session, record, options);
+  }
+  return { messages: results, anyCompressed, totalTokensSaved };
+}
+function estimateProseTokens(msg, compressToolResults) {
+  const text = extractCompressibleText(msg, compressToolResults);
+  if (!text) return 0;
+  const segments = segmentContent(text);
+  return segments.filter((s) => s.type === "prose").reduce((sum, s) => sum + Math.ceil(s.text.length / 4), 0);
+}
+function extractCompressibleText(msg, compressToolResults) {
+  if (typeof msg.content === "string") {
+    return msg.content.trim() ? msg.content : null;
+  }
+  if (!Array.isArray(msg.content)) return null;
+  const parts = msg.content;
+  const textSegments = [];
+  for (const part of parts) {
+    if (PASSTHROUGH_BLOCK_TYPES.has(part.type)) continue;
+    if (part.type === "text" && typeof part.text === "string" && part.text.trim()) {
+      textSegments.push(part.text);
+    }
+    if (part.type === "tool_result" && compressToolResults) {
+      const extracted = extractToolResultText(part);
+      if (extracted) textSegments.push(extracted);
+    }
+  }
+  return textSegments.length > 0 ? textSegments.join("\n\n") : null;
 }
 function extractToolResultText(part) {
   if (typeof part.content === "string" && part.content.trim()) {
@@ -1854,6 +1888,7 @@ async function handleChatCompletions(req, res, body, pipeline, config, logger, s
         plan,
         {
           compressToolResults: config.compressToolResults,
+          compressionThreshold: config.compressionThreshold,
           logFn: (msg) => logger.log(msg),
           semaphore,
           semaphoreTimeoutMs: config.concurrencyTimeoutMs
@@ -2127,6 +2162,7 @@ async function handleAnthropicMessages(req, res, body, pipeline, config, logger,
         plan,
         {
           compressToolResults: config.compressToolResults,
+          compressionThreshold: config.compressionThreshold,
           logFn: (msg) => logger.log(msg),
           semaphore,
           semaphoreTimeoutMs: config.concurrencyTimeoutMs
@@ -2703,7 +2739,7 @@ async function passthroughToUpstream(req, res, fullUrl, config, logger) {
   }
 }
 function createRequestHandler(deps) {
-  const { sessions, semaphore, latencyMonitor, config, logger } = deps;
+  const { sessions, semaphore, latencyMonitor, mitmStats, config, logger } = deps;
   const startTime = Date.now();
   return async (req, res) => {
     try {
@@ -2733,6 +2769,7 @@ function createRequestHandler(deps) {
           latency: {
             global_p95_ms: latencyMonitor.getGlobalP95()
           },
+          mitm: mitmStats.snapshot(),
           sessions: sessionSummaries.map((s) => ({
             session_key: s.key,
             connector: s.connector,
@@ -3199,7 +3236,7 @@ function shouldIntercept(hostname) {
 
 // src/tls/connect-handler.ts
 function createConnectHandler(options) {
-  const { logger, onIntercept } = options;
+  const { logger, onIntercept, onPassthrough } = options;
   return (req, clientSocket, head) => {
     const target = req.url ?? "";
     const [hostname, portStr] = parseConnectTarget(target);
@@ -3219,6 +3256,7 @@ function createConnectHandler(options) {
       onIntercept(clientSocket, hostname, port);
     } else {
       logger.log(`[TUNNEL] ${hostname}:${port} \u2192 passthrough`);
+      onPassthrough?.();
       const upstreamSocket = net.connect(port, hostname, () => {
         clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
         if (head.length > 0) {
@@ -3572,6 +3610,38 @@ function createMitmBridge(options) {
   };
 }
 
+// src/tls/mitm-stats.ts
+var MitmStats = class {
+  _intercepted = 0;
+  _passthrough = 0;
+  _activeBridges = 0;
+  _hosts = /* @__PURE__ */ new Set();
+  _enabled = false;
+  enable() {
+    this._enabled = true;
+  }
+  recordIntercept(hostname) {
+    this._intercepted++;
+    this._activeBridges++;
+    this._hosts.add(hostname);
+  }
+  recordBridgeClosed() {
+    if (this._activeBridges > 0) this._activeBridges--;
+  }
+  recordPassthrough() {
+    this._passthrough++;
+  }
+  snapshot() {
+    return {
+      intercepted: this._intercepted,
+      passthrough: this._passthrough,
+      activeBridges: this._activeBridges,
+      hostsIntercepted: [...this._hosts],
+      enabled: this._enabled
+    };
+  }
+};
+
 // src/daemon/lifecycle.ts
 import { readFileSync as readFileSync5, writeFileSync as writeFileSync4, unlinkSync as unlinkSync3, existsSync as existsSync8 } from "fs";
 import { fork } from "child_process";
@@ -3754,17 +3824,23 @@ async function startCommand(flags) {
   latencyMonitor.onAlert((alert) => {
     logger.log(`[LATENCY] ${alert.type.toUpperCase()}: ${alert.message} (${alert.activeSessions} sessions) \u2014 ${alert.suggestion}`);
   });
-  const deps = { sessions, semaphore, latencyMonitor, config: resolvedConfig, logger };
+  const mitmStats = new MitmStats();
+  const deps = { sessions, semaphore, latencyMonitor, mitmStats, config: resolvedConfig, logger };
   const handler = createRequestHandler(deps);
   let mitmHandler;
   const connectHandler = createConnectHandler({
     logger,
     onIntercept: (socket, hostname, port) => {
       if (mitmHandler) {
+        mitmStats.recordIntercept(hostname);
         mitmHandler(socket, hostname, port);
       } else {
         logger.log(`[MITM] No bridge available for ${hostname} \u2014 falling back to passthrough`);
+        mitmStats.recordPassthrough();
       }
+    },
+    onPassthrough: () => {
+      mitmStats.recordPassthrough();
     }
   });
   const server = new ProxyServer(config.port, handler, connectHandler);
@@ -3789,6 +3865,7 @@ async function startCommand(flags) {
           caKeyPem: ca.keyPem,
           logger
         });
+        mitmStats.enable();
         logger.log("[MITM] TLS bridge active \u2014 intercepting LLM API calls");
       }
     }
@@ -3890,6 +3967,17 @@ async function statusCommand() {
       const latencyFlag = globalP95 >= config.latencyCriticalMs ? " CRITICAL" : globalP95 >= config.latencyWarningMs ? " WARNING" : "";
       console.log(`Latency:    p95 ${globalP95.toFixed(0)}ms${latencyFlag}`);
     }
+    if (data.mitm) {
+      const m = data.mitm;
+      if (m.enabled) {
+        console.log(`MITM:       active (${m.intercepted} intercepted, ${m.passthrough} passthrough, ${m.activeBridges} active)`);
+        if (m.hostsIntercepted.length > 0) {
+          console.log(`  Hosts:    ${m.hostsIntercepted.join(", ")}`);
+        }
+      } else {
+        console.log('MITM:       disabled (run "liminal trust-ca" to enable)');
+      }
+    }
     if (data.sessions.length > 0) {
       console.log();
       console.log("\u2500\u2500\u2500 Sessions \u2500\u2500\u2500");
@@ -4311,6 +4399,133 @@ async function untrustCACommand() {
   console.log("  Cursor MITM interception is no longer available.");
 }
 
+// src/commands/setup-cursor.ts
+import { existsSync as existsSync11 } from "fs";
+import { homedir as homedir5 } from "os";
+import { join as join6 } from "path";
+import { execSync as execSync4, spawn } from "child_process";
+function findCursorBinary() {
+  const platform = process.platform;
+  if (platform === "darwin") {
+    const cliPath = "/usr/local/bin/cursor";
+    if (existsSync11(cliPath)) return cliPath;
+    const appPath = "/Applications/Cursor.app";
+    if (existsSync11(appPath)) {
+      return "open";
+    }
+    return null;
+  }
+  if (platform === "win32") {
+    const localAppData = process.env.LOCALAPPDATA || join6(homedir5(), "AppData", "Local");
+    const exePath = join6(localAppData, "Programs", "Cursor", "Cursor.exe");
+    if (existsSync11(exePath)) return exePath;
+    return null;
+  }
+  const linuxPath = "/usr/bin/cursor";
+  if (existsSync11(linuxPath)) return linuxPath;
+  try {
+    return execSync4("which cursor", { encoding: "utf-8" }).trim();
+  } catch {
+    return null;
+  }
+}
+async function setupCursorCommand(flags) {
+  printBanner();
+  const launch = !flags.has("no-launch");
+  console.log("  [1/4] Checking Cursor installation...");
+  const cursorBin = findCursorBinary();
+  if (!cursorBin) {
+    console.error("  Cursor not found. Install Cursor from https://cursor.com");
+    process.exit(1);
+  }
+  console.log(`  Found: ${cursorBin}`);
+  console.log();
+  console.log("  [2/4] Checking CA certificate...");
+  if (!hasCA()) {
+    console.log("  Generating CA certificate...");
+    ensureCA();
+    console.log(`  Created ${CA_CERT_PATH}`);
+  }
+  if (!isCATrusted()) {
+    console.log("  Installing CA into system trust store...");
+    console.log();
+    console.log("  This allows Liminal to transparently compress LLM API");
+    console.log("  traffic from Cursor. The certificate is scoped to your");
+    console.log("  user account and only used locally.");
+    console.log();
+    const result = installCA();
+    if (!result.success) {
+      console.error(`  CA install failed: ${result.message}`);
+      if (result.requiresSudo) {
+        console.log("  Try: sudo liminal setup cursor");
+      }
+      process.exit(1);
+    }
+    console.log(`  ${result.message}`);
+  } else {
+    console.log("  CA already trusted");
+  }
+  const info = getCAInfo();
+  if (info) {
+    console.log(`  Fingerprint: ${info.fingerprint}`);
+  }
+  console.log();
+  console.log("  [3/4] Checking Liminal proxy...");
+  if (!isConfigured()) {
+    console.error('  Liminal is not configured. Run "liminal init" first.');
+    process.exit(1);
+  }
+  const state = isDaemonRunning();
+  const config = loadConfig();
+  const port = config.port;
+  if (!state.running) {
+    console.log("  Proxy is not running.");
+    console.log();
+    console.log("  Start the proxy first, then re-run this command:");
+    console.log("    liminal start -d");
+    console.log("    liminal setup cursor");
+    console.log();
+    console.log("  Or start in foreground + launch Cursor manually:");
+    console.log(`    liminal start & cursor --proxy-server=http://127.0.0.1:${port}`);
+    process.exit(1);
+  }
+  console.log(`  Proxy running on port ${port} (PID ${state.pid})`);
+  console.log();
+  const proxyUrl = `http://127.0.0.1:${port}`;
+  if (launch) {
+    console.log("  [4/4] Launching Cursor with proxy...");
+    console.log(`  --proxy-server=${proxyUrl}`);
+    console.log();
+    launchCursor(cursorBin, proxyUrl);
+    console.log("  Cursor launched with Liminal compression active.");
+    console.log();
+    console.log("  All LLM API calls will be transparently compressed.");
+    console.log('  Use "liminal status" to monitor compression stats.');
+    console.log('  Use "liminal logs -f" to watch live traffic.');
+  } else {
+    console.log("  [4/4] Ready! Launch Cursor with:");
+    console.log();
+    console.log(`    cursor --proxy-server=${proxyUrl}`);
+    console.log();
+    console.log("  Or create a shell alias:");
+    console.log(`    alias cursor-liminal='cursor --proxy-server=${proxyUrl}'`);
+  }
+}
+function launchCursor(bin, proxyUrl) {
+  const args = [`--proxy-server=${proxyUrl}`];
+  if (bin === "open" && process.platform === "darwin") {
+    spawn("open", ["-a", "Cursor", "--args", ...args], {
+      detached: true,
+      stdio: "ignore"
+    }).unref();
+  } else {
+    spawn(bin, args, {
+      detached: true,
+      stdio: "ignore"
+    }).unref();
+  }
+}
+
 // src/bin.ts
 var USAGE = `
   liminal v${VERSION} \u2014 Transparent LLM context compression proxy
@@ -4325,6 +4540,7 @@ var USAGE = `
     liminal summary                       Detailed session metrics
     liminal config [--set k=v] [--get k]  View or edit configuration
     liminal logs [--follow] [--lines N]   View proxy logs
+    liminal setup cursor [--no-launch]    Set up and launch Cursor with Liminal
     liminal trust-ca                      Install CA cert (for Cursor MITM)
     liminal untrust-ca                    Remove CA cert
     liminal uninstall                     Remove Liminal configuration
@@ -4405,6 +4621,17 @@ async function main() {
       case "logs":
         await logsCommand(flags);
         break;
+      case "setup": {
+        const subcommand = process.argv[3];
+        if (subcommand === "cursor") {
+          await setupCursorCommand(flags);
+        } else {
+          console.error(`Unknown setup target: ${subcommand ?? "(none)"}`);
+          console.error("Available: liminal setup cursor");
+          process.exit(1);
+        }
+        break;
+      }
       case "trust-ca":
         await trustCACommand();
         break;