npm - @damn-dev/cli - Versions diffs - 0.9.2-rc.1 - Mend

@damn-dev/cli 0.9.2-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (336) hide show

package/runtime/plugins/damndev/index.js ADDED Viewed

@@ -0,0 +1,331 @@
+import crypto from "node:crypto";
+function readCfg(api) {
+  return api.pluginConfig ?? {};
+}
+function signHmacSha256(rawBody, secret) {
+  return `sha256=${crypto.createHmac("sha256", secret).update(rawBody).digest("hex")}`;
+}
+function verifyHmacSha256(rawBody, secret, headerValue) {
+  if (!secret || !headerValue) return false;
+  const expected = crypto.createHmac("sha256", secret).update(rawBody).digest("hex");
+  const normalized = headerValue.startsWith("sha256=") ? headerValue.slice(7) : headerValue;
+  try {
+    const aBuf = Buffer.from(expected, "hex");
+    const bBuf = Buffer.from(normalized, "hex");
+    return aBuf.length === bBuf.length && crypto.timingSafeEqual(aBuf, bBuf);
+  } catch {
+    return false;
+  }
+}
+function safeJsonParse(raw) {
+  try { return raw ? JSON.parse(raw) : {}; } catch { return null; }
+}
+async function readRawBody(req, maxBytes = 1024 * 1024) {
+  let total = 0;
+  let raw = "";
+  for await (const chunk of req) {
+    total += chunk.length;
+    if (total > maxBytes) throw new Error("Body too large");
+    raw += chunk;
+  }
+  return raw;
+}
+function deriveAgentId(to) {
+  if (!to || typeof to !== "string") return null;
+  if (to.startsWith("chan_")) return to.slice(5);
+  return to;
+}
+function buildHookPayload(pcfg, body) {
+  const source = body?.source ?? "damndev";
+  const userId = body?.userId ?? body?.to ?? "default";
+  const text = body?.text ?? body?.message ?? "";
+  const agentId = body?.agentId ?? pcfg.defaultAgentId ?? "main";
+  const name = body?.name ?? pcfg.defaultName ?? "Damn.dev";
+  const sessionPrefix = pcfg.defaultSessionPrefix ?? "damndev:";
+  const sessionKey = body?.sessionKey ?? `${sessionPrefix}${source}:${String(userId).replace(/[^a-zA-Z0-9:_-]/g, "_")}`;
+  if (!text || typeof text !== "string") throw new Error("Inbound payload must include text or message");
+  return {
+    message: text, name, agentId, sessionKey,
+    wakeMode: body?.wakeMode ?? "now",
+    deliver: body?.deliver ?? false,
+    channel: body?.channel ?? "damndev",
+    to: body?.to ?? userId,
+    model: body?.model,
+    thinking: body?.thinking,
+    timeoutSeconds: body?.timeoutSeconds,
+  };
+}
+const PLUGIN_CONFIG_SCHEMA = {
+  safeParse(value) {
+    if (value === undefined) return { success: true, data: undefined };
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+      return { success: false, error: { issues: [{ path: [], message: "expected config object" }] } };
+    }
+    return { success: true, data: value };
+  },
+  jsonSchema: {
+    type: "object",
+    additionalProperties: true,
+    properties: {
+      webhookUrl: { type: "string" },
+      authToken: { type: "string" },
+      defaultTo: { type: "string" },
+      inboundPath: { type: "string" },
+      inboundSharedSecret: { type: "string" },
+      hookForwardUrl: { type: "string" },
+      hookToken: { type: "string" },
+      defaultAgentId: { type: "string" },
+      defaultSessionPrefix: { type: "string" },
+      defaultName: { type: "string" },
+      forwardTimeoutMs: { type: "number" },
+    },
+  },
+};
+export default {
+  id: "damndev",
+  name: "Damn.dev Channel",
+  description: "Damn.dev workspace messaging channel via HTTP webhooks.",
+  version: "0.1.0",
+  configSchema: PLUGIN_CONFIG_SCHEMA,
+  register(api) {
+    const pcfg = readCfg(api);
+    const channelPlugin = {
+      id: "damndev",
+      meta: {
+        id: "damndev",
+        label: "Damn.dev",
+        selectionLabel: "Damn.dev App",
+        docsPath: "/channels/damndev",
+        blurb: "Damn.dev workspace messaging channel.",
+        aliases: ["damn", "myapp"],
+      },
+      capabilities: { chatTypes: ["direct"] },
+      status: { skipStaleSocketHealthCheck: true },
+      config: {
+        listAccountIds: () => ["default"],
+        resolveAccount: (_cfg, accountId) => ({
+          accountId: accountId ?? "default",
+          webhookUrl: pcfg.webhookUrl,
+          authToken: pcfg.authToken,
+          defaultTo: pcfg.defaultTo,
+        }),
+        resolveDefaultTo: (_cfg, _accountId) => pcfg.defaultTo ?? "default",
+        describeAccount: (account) => {
+          if (!account) return null;
+          return {
+            accountId: account.accountId ?? "default",
+            enabled: true,
+            mode: "webhook",
+            webhookUrl: account.webhookUrl ? "[configured]" : "[missing]",
+            authToken: account.authToken ? "[configured]" : "[missing]",
+            defaultTo: account.defaultTo ?? null,
+          };
+        },
+      },
+      outbound: {
+        deliveryMode: "direct",
+        sendText: async ({ cfg, to, text, ...rest }) => {
+          const resolvedText = text ?? rest.content ?? rest.message ?? "";
+          const webhookUrl = pcfg.webhookUrl;
+          const authToken = pcfg.authToken;
+          const resolvedTo = to ?? pcfg.defaultTo ?? "default";
+          if (!webhookUrl) return { ok: false, error: "damndev webhookUrl not configured" };
+          const agentId = deriveAgentId(resolvedTo);
+          const payload = JSON.stringify({
+            agent_id: agentId ?? resolvedTo,
+            output: resolvedText,
+            channel_id: agentId ? `chan_${agentId}` : undefined,
+          });
+          const headers = { "content-type": "application/json" };
+          if (authToken) {
+            headers.authorization = `Bearer ${authToken}`;
+            headers["x-damndev-signature"] = signHmacSha256(payload, authToken);
+          }
+          const res = await fetch(webhookUrl, { method: "POST", headers, body: payload });
+          if (!res.ok) {
+            const body = await res.text().catch(() => "");
+            return { ok: false, error: `damndev outbound ${res.status} ${body}`.trim() };
+          }
+          return { ok: true };
+        },
+      },
+    };
+    api.registerChannel({ plugin: channelPlugin });
+    const backendUrl = pcfg.webhookUrl
+      ? pcfg.webhookUrl.replace(/\/webhooks\/openclaw$/, '')
+      : 'http://host.docker.internal:3001';
+    const inboundSecret = pcfg.inboundSharedSecret ?? '';
+    api.registerTool(
+      (ctx) => ({
+        name: 'skill_exec',
+        description: 'Invoke a damn.dev skill by slug. Use this to call any skill (lifelog-today, lifelog-search, lifelog-week, etc.). Returns the skill output as text.',
+        parameters: {
+          type: 'object',
+          properties: {
+            slug: { type: 'string', description: 'Skill slug (e.g. lifelog-today, lifelog-search)' },
+            args: { type: 'object', description: 'Skill arguments (e.g. { "query": "exercise" })', additionalProperties: true },
+          },
+          required: ['slug'],
+        },
+        async execute(_callId, params) {
+          const body = JSON.stringify({ slug: params.slug, args: params.args ?? {}, agent_id: ctx.agentId ?? 'unknown' });
+          const sig = signHmacSha256(body, inboundSecret);
+          try {
+            const res = await fetch(`${backendUrl}/skills/exec`, {
+              method: 'POST',
+              headers: { 'content-type': 'application/json', 'x-damndev-signature': sig },
+              body,
+            });
+            const data = await res.json();
+            if (!res.ok) {
+              return { content: [{ type: 'text', text: `Error ${res.status}: ${data.error ?? JSON.stringify(data)}` }] };
+            }
+            return { content: [{ type: 'text', text: data.output ?? '(no output)' }] };
+          } catch (err) {
+            return { content: [{ type: 'text', text: `skill_exec failed: ${err instanceof Error ? err.message : String(err)}` }] };
+          }
+        },
+      }),
+      { optional: true },
+    );
+    api.registerTool(
+      (ctx) => ({
+        name: 'shell_exec_guarded',
+        description: 'Execute a shell command on the local machine through the damn.dev backend policy engine. Safe commands run immediately. Risky commands are queued for human approval. Always use this tool for shell execution — never use exec, bash, or process directly.',
+        parameters: {
+          type: 'object',
+          properties: {
+            command: { type: 'string', description: 'The shell command to run' },
+            working_dir: { type: 'string', description: 'Absolute working directory path (optional)' },
+            reason: { type: 'string', description: 'Why this command is needed' },
+            session_key: { type: 'string', description: 'Current session key for approval routing (optional)' },
+          },
+          required: ['command'],
+        },
+        async execute(_callId, params) {
+          // ctx.sessionKey is the full OpenClaw session identifier
+          // (agent:<id>:openresponses-user:<channelId>). Backend strips the prefix
+          // via resolveChannelFromSessionKey() to route approvals to the correct tab.
+          // Available in OpenClaw 2026.3.2+ embedded plugin tool contexts.
+          const resolvedSessionKey = ctx.sessionKey ?? params.session_key ?? undefined;
+          const body = JSON.stringify({
+            ...params,
+            session_key: resolvedSessionKey,
+            agent_id: ctx.agentId ?? 'unknown',
+          });
+          const sig = signHmacSha256(body, inboundSecret);
+          try {
+            const res = await fetch(`${backendUrl}/skills/plugin-exec`, {
+              method: 'POST',
+              headers: { 'content-type': 'application/json', 'x-damndev-signature': sig },
+              body,
+            });
+            const data = await res.json();
+            if (!res.ok) {
+              return { content: [{ type: 'text', text: `Error ${res.status}: ${data.error ?? JSON.stringify(data)}` }] };
+            }
+            if (data.status === 'pending_approval') {
+              return { content: [{ type: 'text', text: data.output }] };
+            }
+            const out = data.output ?? '(no output)';
+            const exitBadge = (data.exitCode ?? 0) === 0 ? 'exit 0' : `exit ${data.exitCode}`;
+            return { content: [{ type: 'text', text: `${out}\n\n[${exitBadge} · ${data.durationMs ?? 0}ms]` }] };
+          } catch (err) {
+            return { content: [{ type: 'text', text: `shell_exec_guarded failed: ${err instanceof Error ? err.message : String(err)}` }] };
+          }
+        },
+      }),
+      { optional: true },
+    );
+    const inboundPath = pcfg.inboundPath ?? "/damndev/webhook";
+    api.registerHttpRoute({
+      path: inboundPath,
+      auth: "plugin",
+      handler: async (req, res) => {
+        if (req.method !== "POST") {
+          res.statusCode = 405;
+          res.setHeader("content-type", "application/json");
+          res.end(JSON.stringify({ ok: false, error: "Method Not Allowed" }));
+          return;
+        }
+        try {
+          const raw = await readRawBody(req);
+          const body = safeJsonParse(raw);
+          if (!body) {
+            res.statusCode = 400;
+            res.setHeader("content-type", "application/json");
+            res.end(JSON.stringify({ ok: false, error: "Invalid JSON body" }));
+            return;
+          }
+          const providedSig = req.headers["x-damndev-signature"] || req.headers["x-signature"] || "";
+          const secret = pcfg.inboundSharedSecret;
+          const sig = Array.isArray(providedSig) ? providedSig[0] : providedSig;
+          if (!verifyHmacSha256(raw, secret, sig)) {
+            res.statusCode = 401;
+            res.setHeader("content-type", "application/json");
+            res.end(JSON.stringify({ ok: false, error: "Invalid signature" }));
+            return;
+          }
+          const hookForwardUrl = pcfg.hookForwardUrl;
+          const hookToken = pcfg.hookToken;
+          if (!hookForwardUrl || !hookToken) {
+            res.statusCode = 500;
+            res.setHeader("content-type", "application/json");
+            res.end(JSON.stringify({ ok: false, error: "hookForwardUrl / hookToken not configured" }));
+            return;
+          }
+          const hookPayload = buildHookPayload(pcfg, body);
+          const controller = new AbortController();
+          const timeout = setTimeout(() => controller.abort(), pcfg.forwardTimeoutMs ?? 30000);
+          let hookRes;
+          try {
+            hookRes = await fetch(hookForwardUrl, {
+              method: "POST",
+              headers: { "content-type": "application/json", authorization: `Bearer ${hookToken}` },
+              body: JSON.stringify(hookPayload),
+              signal: controller.signal,
+            });
+          } finally { clearTimeout(timeout); }
+          const hookText = await hookRes.text().catch(() => "");
+          if (!hookRes.ok) {
+            res.statusCode = 502;
+            res.setHeader("content-type", "application/json");
+            res.end(JSON.stringify({ ok: false, error: `hook forward failed: ${hookRes.status}`, upstream: hookText }));
+            return;
+          }
+          res.statusCode = 200;
+          res.setHeader("content-type", "application/json");
+          res.end(JSON.stringify({ ok: true, forwarded: true }));
+        } catch (err) {
+          res.statusCode = 500;
+          res.setHeader("content-type", "application/json");
+          res.end(JSON.stringify({ ok: false, error: err instanceof Error ? err.message : String(err) }));
+        }
+      },
+    });
+  },
+};

package/runtime/plugins/damndev/openclaw.plugin.json ADDED Viewed

@@ -0,0 +1,24 @@
+{
+  "id": "damndev",
+  "name": "Damn.dev Channel",
+  "description": "Damn.dev workspace messaging channel via HTTP webhooks.",
+  "version": "0.1.0",
+  "channels": ["damndev"],
+  "configSchema": {
+    "type": "object",
+    "additionalProperties": true,
+    "properties": {
+      "webhookUrl": { "type": "string" },
+      "authToken": { "type": "string" },
+      "defaultTo": { "type": "string" },
+      "inboundPath": { "type": "string" },
+      "inboundSharedSecret": { "type": "string" },
+      "hookForwardUrl": { "type": "string" },
+      "hookToken": { "type": "string" },
+      "defaultAgentId": { "type": "string" },
+      "defaultSessionPrefix": { "type": "string" },
+      "defaultName": { "type": "string" },
+      "forwardTimeoutMs": { "type": "number" }
+    }
+  }
+}

package/runtime/plugins/damndev/package.json ADDED Viewed

@@ -0,0 +1,6 @@
+{
+  "name": "openclaw-plugin-damndev",
+  "version": "0.1.0",
+  "type": "module",
+  "main": "index.js"
+}

package/scripts/postinstall.js ADDED Viewed

@@ -0,0 +1,51 @@
+#!/usr/bin/env node
+// Runs after `npm install -g @damn-dev/cli`. Generates the Prisma client
+// against the bundled schema so the backend can require @prisma/client
+// at runtime without a manual `prisma generate` step.
+//
+// Best-effort: if generation fails (rare — usually missing C++ toolchain
+// for the Prisma engine), we print a clear remediation hint and exit 0 so
+// the overall npm install doesn't fail. The CLI itself will surface the
+// same error at `damn-dev start` if the client is missing, with a pointer
+// to re-run `npm install -g @damn-dev/cli --foreground-scripts`.
+'use strict'
+const path = require('node:path')
+const fs = require('node:fs')
+const { spawnSync } = require('node:child_process')
+// When installed as a dependency, __dirname is packages-cli/scripts.
+// When installed globally, __dirname is under the user's npm prefix.
+const SCHEMA_PATH = path.resolve(__dirname, '..', 'runtime', 'backend', 'prisma', 'schema.prisma')
+if (!fs.existsSync(SCHEMA_PATH)) {
+  console.error(`[@damn-dev/cli postinstall] schema.prisma missing at ${SCHEMA_PATH} — skipping prisma generate.`)
+  process.exit(0)
+}
+// Skip generate when running inside the monorepo dev install — there the
+// workspace's own prisma client is already generated and we don't want to
+// stomp on it. Heuristic: if a sibling pnpm-workspace.yaml exists two levels
+// up, we're probably in the source repo, not a global install.
+const monorepoMarker = path.resolve(__dirname, '..', '..', '..', 'pnpm-workspace.yaml')
+if (fs.existsSync(monorepoMarker)) {
+  console.log('[@damn-dev/cli postinstall] detected monorepo source install — skipping prisma generate.')
+  process.exit(0)
+}
+try {
+  const prismaBin = require.resolve('prisma/build/index.js')
+  console.log('[@damn-dev/cli postinstall] Generating Prisma client...')
+  const result = spawnSync(process.execPath, [prismaBin, 'generate', `--schema=${SCHEMA_PATH}`], {
+    stdio: 'inherit',
+    env: { ...process.env },
+  })
+  if (result.status !== 0) {
+    console.warn('[@damn-dev/cli postinstall] prisma generate exited with code', result.status)
+    console.warn('[@damn-dev/cli postinstall] You can re-run manually: npx prisma generate --schema=' + SCHEMA_PATH)
+  }
+} catch (err) {
+  console.warn('[@damn-dev/cli postinstall] prisma generate failed:', err.message || err)
+  console.warn('[@damn-dev/cli postinstall] This usually means the Prisma engine binary could not be downloaded.')
+  console.warn('[@damn-dev/cli postinstall] If `damn-dev start` fails, re-run install with --foreground-scripts to see details.')
+}