@dreamboard-games/cli 0.1.30-alpha.3 → 0.1.30-alpha.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -108
- package/dist/agent-verifier/agent-workspace-verifier.mjs +1855 -57
- package/dist/agent-verifier/agent-workspace-verifier.mjs.map +1 -1
- package/dist/agent-verifier/{chunk-XQXDOBYB.mjs → chunk-4I2WWAPK.mjs} +27 -10
- package/dist/agent-verifier/chunk-4I2WWAPK.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-O4YCPU7C.mjs → chunk-BWBN2TDJ.mjs} +539 -641
- package/dist/agent-verifier/chunk-BWBN2TDJ.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-SH5JKYOB.mjs → chunk-FNSHNMDY.mjs} +116 -23
- package/dist/agent-verifier/chunk-FNSHNMDY.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-TAEQKBJB.mjs → chunk-GWRZRWCF.mjs} +1 -1
- package/dist/agent-verifier/chunk-GWRZRWCF.mjs.map +1 -0
- package/dist/agent-verifier/chunk-H6XDQJ3N.mjs +11 -0
- package/dist/agent-verifier/chunk-HUBV22JQ.mjs +89 -0
- package/dist/agent-verifier/chunk-HUBV22JQ.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-VS573ERH.mjs → chunk-JZTH3EMV.mjs} +2 -2
- package/dist/agent-verifier/{chunk-XGWCY624.mjs → chunk-KDAQ4CZY.mjs} +34 -27
- package/dist/agent-verifier/chunk-KDAQ4CZY.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-IAYRNVUC.mjs → chunk-LMW66VBH.mjs} +2 -13
- package/dist/agent-verifier/{chunk-IAYRNVUC.mjs.map → chunk-LMW66VBH.mjs.map} +1 -1
- package/dist/agent-verifier/{chunk-776W3UGV.mjs → chunk-M6YNQZCC.mjs} +4 -13
- package/dist/agent-verifier/chunk-M6YNQZCC.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-H76MT5UR.mjs → chunk-M7UVBANQ.mjs} +2 -1
- package/dist/agent-verifier/chunk-M7UVBANQ.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-NAK77WXW.mjs → chunk-MYMVXTZT.mjs} +4 -5
- package/dist/agent-verifier/chunk-MYMVXTZT.mjs.map +1 -0
- package/dist/agent-verifier/chunk-OJFZVGEL.mjs +492 -0
- package/dist/agent-verifier/chunk-OJFZVGEL.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-LUZ7KE6H.mjs → chunk-QD4SQNUP.mjs} +4 -8
- package/dist/agent-verifier/{chunk-LUZ7KE6H.mjs.map → chunk-QD4SQNUP.mjs.map} +1 -1
- package/dist/agent-verifier/{chunk-7WWGFAAU.mjs → chunk-QMOBTQ5G.mjs} +215 -223
- package/dist/agent-verifier/chunk-QMOBTQ5G.mjs.map +1 -0
- package/dist/agent-verifier/chunk-TTB7AIHZ.mjs +214 -0
- package/dist/agent-verifier/chunk-TTB7AIHZ.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-F2DIOJJZ.mjs → chunk-XCQQIPCO.mjs} +5 -46
- package/dist/agent-verifier/chunk-XCQQIPCO.mjs.map +1 -0
- package/dist/agent-verifier/{global-config-Y2NTSK4R.mjs → global-config-SWWR2LP4.mjs} +6 -6
- package/dist/agent-verifier/{keychain-backend-SPQWGKZN.mjs → keychain-backend-UF3Z26JM.mjs} +12 -7
- package/dist/agent-verifier/keychain-backend-UF3Z26JM.mjs.map +1 -0
- package/dist/agent-verifier/{local-files-JFOQQZDL.mjs → local-files-OF4QFISU.mjs} +10 -10
- package/dist/agent-verifier/{chunk-UIOLGH4A.mjs → local-typecheck-DHVLM37Z.mjs} +4 -4
- package/dist/agent-verifier/local-typecheck-DHVLM37Z.mjs.map +1 -0
- package/dist/agent-verifier/{materialize-workspace-ZAVGQQSF.mjs → materialize-workspace-K4WYFG5E.mjs} +23 -22
- package/dist/agent-verifier/materialize-workspace-K4WYFG5E.mjs.map +1 -0
- package/dist/agent-verifier/{project-state-K576C2TE.mjs → project-state-XKUSCFSV.mjs} +2 -2
- package/dist/agent-verifier/{prompt-MJRJMOGQ.mjs → prompt-VKHMCQT6.mjs} +2 -2
- package/dist/agent-verifier/{chunk-A64ZZUZV.mjs → reducer-bundle-preflight-GLUJKTWU.mjs} +76 -25
- package/dist/agent-verifier/reducer-bundle-preflight-GLUJKTWU.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-JGT4P4UD.mjs → reducer-contract-preflight-WVQQPW5F.mjs} +7 -6
- package/dist/agent-verifier/reducer-contract-preflight-WVQQPW5F.mjs.map +1 -0
- package/dist/agent-verifier/{chunk-E7SSWJXJ.mjs → reducer-native-test-harness-UFMSNNDY.mjs} +463 -686
- package/dist/agent-verifier/reducer-native-test-harness-UFMSNNDY.mjs.map +1 -0
- package/dist/agent-verifier/static-scaffold-MHVM63HU.mjs +24 -0
- package/dist/agent-verifier/workspace-codegen-SPPVHURX.mjs +10 -0
- package/dist/agent-verifier/{workspace-dependencies-NOOQBK6I.mjs → workspace-dependencies-5HEEKZFP.mjs} +6 -4
- package/dist/authoring-compatibility-internal.js +12 -0
- package/dist/chunk-2H7UOFLK.js +11 -0
- package/dist/chunk-EQNBQVIW.js +204 -0
- package/dist/chunk-EQNBQVIW.js.map +1 -0
- package/dist/{chunk-TAQKH67O.js → chunk-I4SZ7FA4.js} +2593 -7278
- package/dist/chunk-I4SZ7FA4.js.map +1 -0
- package/dist/chunk-RTNKVNQA.js +3735 -0
- package/dist/chunk-RTNKVNQA.js.map +1 -0
- package/dist/chunk-UI7NWSYA.js +334 -0
- package/dist/chunk-UI7NWSYA.js.map +1 -0
- package/dist/{global-config-S4ZIPECE.js → global-config-GK2UC2X6.js} +4 -3
- package/dist/index.js +3278 -6181
- package/dist/index.js.map +1 -1
- package/dist/internal.js +36 -10
- package/dist/internal.js.map +1 -1
- package/dist/{keychain-backend-HDF4TZDL.js → keychain-backend-GO34KGTG.js} +12 -7
- package/dist/keychain-backend-GO34KGTG.js.map +1 -0
- package/dist/{prompt-NDV3AE5L.js → prompt-GMZABCJC.js} +2 -2
- package/package.json +9 -19
- package/release/authoring-release-set.json +38 -0
- package/skills/dreamboard/SKILL.md +30 -28
- package/skills/dreamboard/references/building-your-first-game.md +15 -15
- package/skills/dreamboard/references/cli.md +46 -47
- package/skills/dreamboard/references/manifest-authoring.md +11 -3
- package/skills/dreamboard/references/quickstart.md +16 -13
- package/skills/dreamboard/references/testing.md +6 -13
- package/dist/agent-verifier/chunk-3UKQVWLV.mjs +0 -1744
- package/dist/agent-verifier/chunk-3UKQVWLV.mjs.map +0 -1
- package/dist/agent-verifier/chunk-776W3UGV.mjs.map +0 -1
- package/dist/agent-verifier/chunk-7WWGFAAU.mjs.map +0 -1
- package/dist/agent-verifier/chunk-A64ZZUZV.mjs.map +0 -1
- package/dist/agent-verifier/chunk-E7SSWJXJ.mjs.map +0 -1
- package/dist/agent-verifier/chunk-F2DIOJJZ.mjs.map +0 -1
- package/dist/agent-verifier/chunk-G42BGGG2.mjs +0 -70
- package/dist/agent-verifier/chunk-G42BGGG2.mjs.map +0 -1
- package/dist/agent-verifier/chunk-H76MT5UR.mjs.map +0 -1
- package/dist/agent-verifier/chunk-HGMUAL33.mjs +0 -39
- package/dist/agent-verifier/chunk-HGMUAL33.mjs.map +0 -1
- package/dist/agent-verifier/chunk-JGT4P4UD.mjs.map +0 -1
- package/dist/agent-verifier/chunk-NAK77WXW.mjs.map +0 -1
- package/dist/agent-verifier/chunk-O4YCPU7C.mjs.map +0 -1
- package/dist/agent-verifier/chunk-S34FRJHS.mjs +0 -222
- package/dist/agent-verifier/chunk-S34FRJHS.mjs.map +0 -1
- package/dist/agent-verifier/chunk-SH5JKYOB.mjs.map +0 -1
- package/dist/agent-verifier/chunk-SKI2ESE5.mjs +0 -44
- package/dist/agent-verifier/chunk-TAEQKBJB.mjs.map +0 -1
- package/dist/agent-verifier/chunk-UIOLGH4A.mjs.map +0 -1
- package/dist/agent-verifier/chunk-UIZNWRM6.mjs +0 -2432
- package/dist/agent-verifier/chunk-UIZNWRM6.mjs.map +0 -1
- package/dist/agent-verifier/chunk-W3N3QJ4V.mjs +0 -624
- package/dist/agent-verifier/chunk-W3N3QJ4V.mjs.map +0 -1
- package/dist/agent-verifier/chunk-XGWCY624.mjs.map +0 -1
- package/dist/agent-verifier/chunk-XQXDOBYB.mjs.map +0 -1
- package/dist/agent-verifier/compile-TEQVA46V.mjs +0 -312
- package/dist/agent-verifier/compile-TEQVA46V.mjs.map +0 -1
- package/dist/agent-verifier/keychain-backend-SPQWGKZN.mjs.map +0 -1
- package/dist/agent-verifier/local-typecheck-XVGWI75X.mjs +0 -10
- package/dist/agent-verifier/materialize-workspace-ZAVGQQSF.mjs.map +0 -1
- package/dist/agent-verifier/reducer-bundle-preflight-LXNJUBKL.mjs +0 -20
- package/dist/agent-verifier/reducer-contract-preflight-TUMQ43JV.mjs +0 -11
- package/dist/agent-verifier/reducer-native-test-harness-CHX5MBL5.mjs +0 -50
- package/dist/agent-verifier/static-scaffold-R7SVDRQI.mjs +0 -27
- package/dist/agent-verifier/sync-THAI546U.mjs +0 -588
- package/dist/agent-verifier/sync-THAI546U.mjs.map +0 -1
- package/dist/agent-verifier/test-AFAQFKOB.mjs +0 -353
- package/dist/agent-verifier/test-AFAQFKOB.mjs.map +0 -1
- package/dist/agent-verifier/workspace-codegen-2ZMQRIKJ.mjs +0 -10
- package/dist/agent-verifier/workspace-dependencies-NOOQBK6I.mjs.map +0 -1
- package/dist/chunk-N7XPNNUI.js +0 -432
- package/dist/chunk-N7XPNNUI.js.map +0 -1
- package/dist/chunk-SEGVTWSK.js +0 -44
- package/dist/chunk-SEGVTWSK.js.map +0 -1
- package/dist/chunk-TAQKH67O.js.map +0 -1
- package/dist/dev-host/components/drawer.tsx +0 -132
- package/dist/dev-host/components/input.tsx +0 -21
- package/dist/dev-host/dev-api-proxy-plugin.ts +0 -328
- package/dist/dev-host/dev-author-dom-warnings.ts +0 -100
- package/dist/dev-host/dev-diagnostics.ts +0 -62
- package/dist/dev-host/dev-fallback-stylesheet.ts +0 -53
- package/dist/dev-host/dev-hmr-guard-plugin.ts +0 -47
- package/dist/dev-host/dev-host-controller.ts +0 -674
- package/dist/dev-host/dev-host-player-query.ts +0 -17
- package/dist/dev-host/dev-host-session-transport.ts +0 -52
- package/dist/dev-host/dev-host-storage.ts +0 -56
- package/dist/dev-host/dev-log-relay-plugin.ts +0 -510
- package/dist/dev-host/dev-runtime-config.ts +0 -14
- package/dist/dev-host/dev-runtime-platform.ts +0 -335
- package/dist/dev-host/dev-virtual-modules-plugin.ts +0 -64
- package/dist/dev-host/host-main.css +0 -224
- package/dist/dev-host/host-main.tsx +0 -948
- package/dist/dev-host/index.html +0 -56
- package/dist/dev-host/lib/utils.ts +0 -6
- package/dist/dev-host/plugin-main.ts +0 -61
- package/dist/dev-host/plugin.html +0 -24
- package/dist/dev-host/shared-styles.css +0 -144
- package/dist/dev-host/start-dev-server.ts +0 -140
- package/dist/dev-host/virtual-modules.d.ts +0 -27
- package/dist/global-config-S4ZIPECE.js.map +0 -1
- package/dist/keychain-backend-HDF4TZDL.js.map +0 -1
- package/skills/dreamboard/scripts/events-extract.mjs +0 -218
- /package/dist/agent-verifier/{chunk-SKI2ESE5.mjs.map → chunk-H6XDQJ3N.mjs.map} +0 -0
- /package/dist/agent-verifier/{chunk-VS573ERH.mjs.map → chunk-JZTH3EMV.mjs.map} +0 -0
- /package/dist/agent-verifier/{global-config-Y2NTSK4R.mjs.map → global-config-SWWR2LP4.mjs.map} +0 -0
- /package/dist/agent-verifier/{local-files-JFOQQZDL.mjs.map → local-files-OF4QFISU.mjs.map} +0 -0
- /package/dist/agent-verifier/{local-typecheck-XVGWI75X.mjs.map → project-state-XKUSCFSV.mjs.map} +0 -0
- /package/dist/agent-verifier/{prompt-MJRJMOGQ.mjs.map → prompt-VKHMCQT6.mjs.map} +0 -0
- /package/dist/agent-verifier/{project-state-K576C2TE.mjs.map → static-scaffold-MHVM63HU.mjs.map} +0 -0
- /package/dist/agent-verifier/{reducer-bundle-preflight-LXNJUBKL.mjs.map → workspace-codegen-SPPVHURX.mjs.map} +0 -0
- /package/dist/agent-verifier/{reducer-contract-preflight-TUMQ43JV.mjs.map → workspace-dependencies-5HEEKZFP.mjs.map} +0 -0
- /package/dist/{agent-verifier/reducer-native-test-harness-CHX5MBL5.mjs.map → authoring-compatibility-internal.js.map} +0 -0
- /package/dist/{agent-verifier/static-scaffold-R7SVDRQI.mjs.map → chunk-2H7UOFLK.js.map} +0 -0
- /package/dist/{agent-verifier/workspace-codegen-2ZMQRIKJ.mjs.map → global-config-GK2UC2X6.js.map} +0 -0
- /package/dist/{prompt-NDV3AE5L.js.map → prompt-GMZABCJC.js.map} +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/app/tsconfig.framework.json +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/app/tsconfig.json +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/ui/index.tsx +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/ui/style.css +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/ui/tsconfig.framework.json +0 -0
- /package/{dist/scaffold → scaffold}/assets/static/ui/tsconfig.json +0 -0
|
@@ -2,14 +2,14 @@
|
|
|
2
2
|
import {
|
|
3
3
|
atomicWriteFile,
|
|
4
4
|
withFileLock
|
|
5
|
-
} from "./chunk-
|
|
5
|
+
} from "./chunk-GWRZRWCF.mjs";
|
|
6
6
|
import {
|
|
7
7
|
ensureDir,
|
|
8
8
|
readJsonFile
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-LMW66VBH.mjs";
|
|
10
10
|
import {
|
|
11
11
|
PROJECT_DIR_NAME
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-M7UVBANQ.mjs";
|
|
13
13
|
|
|
14
14
|
// src/config/global-config.ts
|
|
15
15
|
import os2 from "os";
|
|
@@ -19,12 +19,36 @@ import path2 from "path";
|
|
|
19
19
|
import os from "os";
|
|
20
20
|
import path from "path";
|
|
21
21
|
import { promises as fs } from "fs";
|
|
22
|
+
var credentialDirectoryOverrideForTests = null;
|
|
23
|
+
function getCredentialDirectory() {
|
|
24
|
+
return credentialDirectoryOverrideForTests ?? path.join(os.homedir(), PROJECT_DIR_NAME);
|
|
25
|
+
}
|
|
22
26
|
function getCredentialFilePath() {
|
|
23
|
-
return path.join(
|
|
27
|
+
return path.join(getCredentialDirectory(), "auth.json");
|
|
28
|
+
}
|
|
29
|
+
function getCredentialAuditLogPath() {
|
|
30
|
+
return path.join(getCredentialDirectory(), "auth-events.log");
|
|
24
31
|
}
|
|
25
32
|
function getCredentialLockPath() {
|
|
26
33
|
return `${getCredentialFilePath()}.lock`;
|
|
27
34
|
}
|
|
35
|
+
async function appendCredentialAuditEvent(event) {
|
|
36
|
+
try {
|
|
37
|
+
const logPath = getCredentialAuditLogPath();
|
|
38
|
+
await fs.mkdir(path.dirname(logPath), { recursive: true, mode: 448 });
|
|
39
|
+
await fs.appendFile(
|
|
40
|
+
logPath,
|
|
41
|
+
`${JSON.stringify({
|
|
42
|
+
timestamp: (/* @__PURE__ */ new Date()).toISOString(),
|
|
43
|
+
pid: process.pid,
|
|
44
|
+
...event
|
|
45
|
+
})}
|
|
46
|
+
`,
|
|
47
|
+
{ mode: 384 }
|
|
48
|
+
);
|
|
49
|
+
} catch {
|
|
50
|
+
}
|
|
51
|
+
}
|
|
28
52
|
async function fileRead() {
|
|
29
53
|
const filePath = getCredentialFilePath();
|
|
30
54
|
let data;
|
|
@@ -43,13 +67,15 @@ async function fileRead() {
|
|
|
43
67
|
} catch {
|
|
44
68
|
return null;
|
|
45
69
|
}
|
|
46
|
-
const accessToken = parsed.accessToken ?? parsed.authToken;
|
|
70
|
+
const accessToken = parsed.clerkAccessToken ?? parsed.accessToken ?? parsed.authToken;
|
|
47
71
|
const refreshToken = parsed.refreshToken;
|
|
48
72
|
if (!accessToken && !refreshToken) return null;
|
|
49
73
|
return {
|
|
50
74
|
accessToken: accessToken || void 0,
|
|
51
75
|
refreshToken: refreshToken || void 0,
|
|
52
|
-
tokenExpiresAt: parsed.tokenExpiresAt || void 0,
|
|
76
|
+
tokenExpiresAt: parsed.clerkAccessExpiresAt || parsed.tokenExpiresAt || void 0,
|
|
77
|
+
dreamboardApiToken: parsed.dreamboardApiToken || void 0,
|
|
78
|
+
dreamboardApiExpiresAt: parsed.dreamboardApiExpiresAt || void 0,
|
|
53
79
|
clerkOAuthIssuer: parsed.clerkOAuthIssuer || void 0,
|
|
54
80
|
clerkOAuthClientId: parsed.clerkOAuthClientId || void 0,
|
|
55
81
|
clerkOAuthTokenUrl: parsed.clerkOAuthTokenUrl || void 0,
|
|
@@ -71,9 +97,11 @@ async function fileWriteFull(creds) {
|
|
|
71
97
|
);
|
|
72
98
|
}
|
|
73
99
|
await writeFilePayload({
|
|
74
|
-
|
|
100
|
+
clerkAccessToken: creds.accessToken,
|
|
75
101
|
refreshToken: creds.refreshToken,
|
|
76
|
-
|
|
102
|
+
clerkAccessExpiresAt: creds.tokenExpiresAt,
|
|
103
|
+
dreamboardApiToken: creds.dreamboardApiToken,
|
|
104
|
+
dreamboardApiExpiresAt: creds.dreamboardApiExpiresAt,
|
|
77
105
|
clerkOAuthIssuer: creds.clerkOAuthIssuer,
|
|
78
106
|
clerkOAuthClientId: creds.clerkOAuthClientId,
|
|
79
107
|
clerkOAuthTokenUrl: creds.clerkOAuthTokenUrl,
|
|
@@ -86,12 +114,27 @@ async function fileWriteAccessOnly(accessToken) {
|
|
|
86
114
|
}
|
|
87
115
|
await writeFilePayload({ authToken: accessToken });
|
|
88
116
|
}
|
|
89
|
-
async function fileClear() {
|
|
117
|
+
async function fileClear(reason = "credential_store_clear") {
|
|
90
118
|
const filePath = getCredentialFilePath();
|
|
91
119
|
try {
|
|
92
120
|
await fs.unlink(filePath);
|
|
121
|
+
await appendCredentialAuditEvent({
|
|
122
|
+
event: "auth_file_deleted",
|
|
123
|
+
reason,
|
|
124
|
+
authPath: filePath,
|
|
125
|
+
backend: "file"
|
|
126
|
+
});
|
|
93
127
|
} catch (err) {
|
|
94
|
-
if (err.code
|
|
128
|
+
if (err.code === "ENOENT") {
|
|
129
|
+
await appendCredentialAuditEvent({
|
|
130
|
+
event: "auth_file_delete_missing",
|
|
131
|
+
reason,
|
|
132
|
+
authPath: filePath,
|
|
133
|
+
backend: "file"
|
|
134
|
+
});
|
|
135
|
+
return;
|
|
136
|
+
}
|
|
137
|
+
throw err;
|
|
95
138
|
}
|
|
96
139
|
}
|
|
97
140
|
var fileCredentialBackend = {
|
|
@@ -101,6 +144,13 @@ var fileCredentialBackend = {
|
|
|
101
144
|
writeAccessOnly: fileWriteAccessOnly,
|
|
102
145
|
clear: fileClear
|
|
103
146
|
};
|
|
147
|
+
var CredentialStoreUnavailableError = class extends Error {
|
|
148
|
+
code = "CREDENTIAL_STORE_UNAVAILABLE";
|
|
149
|
+
constructor(reason) {
|
|
150
|
+
super(`Credential store unavailable: ${reason}`);
|
|
151
|
+
this.name = "CredentialStoreUnavailableError";
|
|
152
|
+
}
|
|
153
|
+
};
|
|
104
154
|
var cachedBackend = null;
|
|
105
155
|
var migrationCompleted = false;
|
|
106
156
|
var backendResolver = defaultBackendResolver;
|
|
@@ -118,7 +168,7 @@ async function defaultBackendResolver() {
|
|
|
118
168
|
if (!useKeychain) {
|
|
119
169
|
return fileCredentialBackend;
|
|
120
170
|
}
|
|
121
|
-
const { tryKeychainBackend } = await import("./keychain-backend-
|
|
171
|
+
const { tryKeychainBackend } = await import("./keychain-backend-UF3Z26JM.mjs");
|
|
122
172
|
const keychain = await tryKeychainBackend();
|
|
123
173
|
if (keychain.available) {
|
|
124
174
|
return keychain.backend;
|
|
@@ -127,7 +177,7 @@ async function defaultBackendResolver() {
|
|
|
127
177
|
}
|
|
128
178
|
async function readCredentialBackendPreference() {
|
|
129
179
|
try {
|
|
130
|
-
const { loadGlobalConfig: loadGlobalConfig2 } = await import("./global-config-
|
|
180
|
+
const { loadGlobalConfig: loadGlobalConfig2 } = await import("./global-config-SWWR2LP4.mjs");
|
|
131
181
|
const config = await loadGlobalConfig2();
|
|
132
182
|
return config.credentialBackend === "keychain";
|
|
133
183
|
} catch {
|
|
@@ -144,7 +194,7 @@ async function getCredentialBackend() {
|
|
|
144
194
|
}
|
|
145
195
|
return cachedBackend;
|
|
146
196
|
}
|
|
147
|
-
async function migrateFromFileBackendIfNeeded(target) {
|
|
197
|
+
async function migrateFromFileBackendIfNeeded(target, options = {}) {
|
|
148
198
|
try {
|
|
149
199
|
const [onDisk, onTarget] = await Promise.all([
|
|
150
200
|
fileCredentialBackend.read(),
|
|
@@ -152,33 +202,75 @@ async function migrateFromFileBackendIfNeeded(target) {
|
|
|
152
202
|
]);
|
|
153
203
|
if (!onDisk) return;
|
|
154
204
|
if (onTarget) {
|
|
155
|
-
await fileCredentialBackend.clear();
|
|
156
205
|
return;
|
|
157
206
|
}
|
|
158
207
|
if (onDisk.accessToken && onDisk.refreshToken) {
|
|
159
|
-
|
|
208
|
+
const migrated = {
|
|
160
209
|
accessToken: onDisk.accessToken,
|
|
161
|
-
refreshToken: onDisk.refreshToken
|
|
162
|
-
|
|
210
|
+
refreshToken: onDisk.refreshToken,
|
|
211
|
+
tokenExpiresAt: onDisk.tokenExpiresAt,
|
|
212
|
+
dreamboardApiToken: onDisk.dreamboardApiToken,
|
|
213
|
+
dreamboardApiExpiresAt: onDisk.dreamboardApiExpiresAt,
|
|
214
|
+
clerkOAuthIssuer: onDisk.clerkOAuthIssuer,
|
|
215
|
+
clerkOAuthClientId: onDisk.clerkOAuthClientId,
|
|
216
|
+
clerkOAuthTokenUrl: onDisk.clerkOAuthTokenUrl,
|
|
217
|
+
environment: onDisk.environment
|
|
218
|
+
};
|
|
219
|
+
await target.writeFull(migrated);
|
|
220
|
+
await verifyMigratedSession(target, migrated);
|
|
163
221
|
} else if (onDisk.accessToken) {
|
|
164
222
|
await target.writeAccessOnly(onDisk.accessToken);
|
|
223
|
+
const migrated = await target.read();
|
|
224
|
+
if (migrated?.accessToken !== onDisk.accessToken) {
|
|
225
|
+
throw new Error("Credential migration verification failed.");
|
|
226
|
+
}
|
|
165
227
|
} else {
|
|
166
228
|
return;
|
|
167
229
|
}
|
|
168
|
-
|
|
169
|
-
|
|
230
|
+
} catch (error) {
|
|
231
|
+
if (options.failClosed) {
|
|
232
|
+
throw new CredentialStoreUnavailableError(
|
|
233
|
+
error instanceof Error ? error.message : String(error)
|
|
234
|
+
);
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
async function verifyMigratedSession(target, expected) {
|
|
239
|
+
const migrated = await target.read();
|
|
240
|
+
if (migrated?.accessToken !== expected.accessToken || migrated.refreshToken !== expected.refreshToken) {
|
|
241
|
+
throw new Error("Credential migration verification failed.");
|
|
170
242
|
}
|
|
171
243
|
}
|
|
172
244
|
async function getStoredSession() {
|
|
245
|
+
if (process.env.DREAMBOARD_AGENT_TOKEN?.trim()) {
|
|
246
|
+
return null;
|
|
247
|
+
}
|
|
173
248
|
const backend = await getCredentialBackend();
|
|
174
249
|
return backend.read();
|
|
175
250
|
}
|
|
176
|
-
async function
|
|
251
|
+
async function clearCredentials(reason = "credential_store_clear") {
|
|
177
252
|
await withFileLock(getCredentialLockPath(), async () => {
|
|
178
253
|
const backend = await getCredentialBackend();
|
|
179
|
-
await backend.
|
|
254
|
+
await backend.clear(reason);
|
|
180
255
|
});
|
|
181
256
|
}
|
|
257
|
+
async function withCredentialLock(fn, options) {
|
|
258
|
+
return withFileLock(
|
|
259
|
+
getCredentialLockPath(),
|
|
260
|
+
async () => {
|
|
261
|
+
const backend = await getCredentialBackend();
|
|
262
|
+
const ops = {
|
|
263
|
+
backendName: backend.name,
|
|
264
|
+
read: () => backend.read(),
|
|
265
|
+
writeFull: (creds) => backend.writeFull(creds),
|
|
266
|
+
writeAccessOnly: (accessToken) => backend.writeAccessOnly(accessToken),
|
|
267
|
+
clear: (reason) => backend.clear(reason)
|
|
268
|
+
};
|
|
269
|
+
return fn(ops);
|
|
270
|
+
},
|
|
271
|
+
options
|
|
272
|
+
);
|
|
273
|
+
}
|
|
182
274
|
|
|
183
275
|
// src/config/global-config.ts
|
|
184
276
|
function normalizeCredentialBackend(value) {
|
|
@@ -217,10 +309,11 @@ async function saveGlobalConfig(config) {
|
|
|
217
309
|
|
|
218
310
|
export {
|
|
219
311
|
getStoredSession,
|
|
220
|
-
|
|
312
|
+
clearCredentials,
|
|
313
|
+
withCredentialLock,
|
|
221
314
|
getGlobalConfigPath,
|
|
222
315
|
getGlobalAuthPath,
|
|
223
316
|
loadGlobalConfig,
|
|
224
317
|
saveGlobalConfig
|
|
225
318
|
};
|
|
226
|
-
//# sourceMappingURL=chunk-
|
|
319
|
+
//# sourceMappingURL=chunk-FNSHNMDY.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/config/global-config.ts","../../src/config/credential-store.ts"],"sourcesContent":["import os from \"node:os\";\nimport path from \"node:path\";\nimport type { CredentialBackendPreference, GlobalConfig } from \"../types.js\";\nimport { PROJECT_DIR_NAME } from \"../constants.js\";\nimport { ensureDir, readJsonFile } from \"../utils/fs.js\";\nimport { atomicWriteFile } from \"../utils/atomic-file.js\";\nimport { getCredentialFilePath } from \"./credential-store.js\";\n\nfunction normalizeCredentialBackend(\n value: unknown,\n): CredentialBackendPreference | undefined {\n if (value === \"file\" || value === \"keychain\") return value;\n // Tolerate unknown / malformed values rather than refusing to load the\n // whole config - an unrecognised backend name should degrade to \"use\n // the default\" instead of locking the user out of their CLI.\n return undefined;\n}\n\nexport function getGlobalConfigPath(): string {\n return path.join(os.homedir(), PROJECT_DIR_NAME, \"config.json\");\n}\n\n/**\n * Path to the on-disk credential file used by the file backend of\n * `CredentialStore`. Re-exported here to avoid circular / ad-hoc imports\n * in UI surface (`auth status`, `config show`, etc).\n */\nexport function getGlobalAuthPath(): string {\n return getCredentialFilePath();\n}\n\n/**\n * Load non-credential CLI configuration.\n *\n * Note: this function used to also load `authToken` / `refreshToken`\n * from `auth.json` and flatten them onto `GlobalConfig`. That shape\n * enabled the refresh-token-wipe bug: `saveGlobalConfig({ ...config })`\n * without explicit auth fields erased the stored refresh token.\n *\n * Credentials are now owned exclusively by `CredentialStore`. Callers\n * that need them must import `getCredentials()` directly.\n */\nexport async function loadGlobalConfig(): Promise<GlobalConfig> {\n const config = await readJsonFile<GlobalConfig>(getGlobalConfigPath()).catch(\n () => ({}) as GlobalConfig,\n );\n return {\n environment: config.environment,\n credentialBackend: normalizeCredentialBackend(config.credentialBackend),\n };\n}\n\n/**\n * Persist non-credential CLI configuration.\n *\n * This function cannot write credentials, by construction: the\n * `GlobalConfig` type has no credential fields. Credentials must be\n * persisted through `setCredentials` / `clearCredentials` from\n * `credential-store.ts`.\n */\nexport async function saveGlobalConfig(config: GlobalConfig): Promise<void> {\n const configDir = path.join(os.homedir(), PROJECT_DIR_NAME);\n await ensureDir(configDir);\n const normalized: GlobalConfig = {\n environment: config.environment,\n credentialBackend: normalizeCredentialBackend(config.credentialBackend),\n };\n await atomicWriteFile(\n getGlobalConfigPath(),\n `${JSON.stringify(normalized, null, 2)}\\n`,\n { mode: 0o600 },\n );\n}\n","/**\n * Single writer for the long-lived Dreamboard session credentials.\n *\n * Design invariants (enforced at the type level and tested in\n * `credential-store.test.ts`):\n *\n * 1. This module is the ONLY place in the CLI that writes credentials to\n * disk or the OS keychain. `global-config.ts` used to own both the\n * config and the credentials via `saveGlobalConfig`, which made it\n * trivial to wipe a refresh token by accident. The `GlobalConfig` type\n * no longer carries credentials, so attempting to persist one through\n * the config path is a type error.\n *\n * 2. The mutating surface is intentionally narrow:\n * - `setCredentials(c)` for refreshable sessions (both tokens present)\n * - `setAccessOnlySession(accessToken)` for the `auth set` / `config set\n * --token` power-user path, which has no refresh token by\n * construction\n * - `clearCredentials()` wipes the file entirely\n * There is no \"partial update\" API. `Credentials` requires both\n * `accessToken` and `refreshToken`, so it is impossible to persist a\n * half-populated refreshable session.\n *\n * 3. Writes go through `atomicWriteFile` + `withFileLock`, so a crash or\n * interrupt during CLI writes cannot leave `auth.json`\n * truncated, and parallel CLI invocations cannot clobber each other's\n * rotated refresh tokens.\n *\n * 4. The on-disk JSON shape for the file backend is kept backward\n * compatible: we continue to read/write `authToken` + `refreshToken`\n * so existing users are not forced to log in again after this change.\n * A newer `accessToken` key is also accepted for read to ease any\n * future format bump.\n *\n * 5. All builds default to the file backend. The OS keychain is an explicit\n * opt-in through config or `DREAMBOARD_CREDENTIAL_BACKEND=keychain`.\n */\n\nimport os from \"node:os\";\nimport path from \"node:path\";\nimport { promises as fs } from \"node:fs\";\nimport { PROJECT_DIR_NAME } from \"../constants.js\";\nimport {\n atomicWriteFile,\n withFileLock,\n type FileLockOptions,\n} from \"../utils/atomic-file.js\";\n\n/**\n * Fully refreshable session. `accessToken` is the Clerk OAuth bootstrap token\n * retained for refresh/exchange compatibility; ordinary API calls use\n * `dreamboardApiToken`.\n */\nexport type Credentials = {\n readonly accessToken: string;\n readonly refreshToken: string;\n readonly tokenExpiresAt?: string;\n readonly dreamboardApiToken?: string;\n readonly dreamboardApiExpiresAt?: string;\n readonly clerkOAuthIssuer?: string;\n readonly clerkOAuthClientId?: string;\n readonly clerkOAuthTokenUrl?: string;\n readonly environment?: string;\n};\n\n/**\n * Raw on-disk snapshot. Either or both fields may be present. The refresh\n * coordinator only acts on snapshots that have both tokens populated.\n */\nexport type StoredSessionSnapshot = {\n readonly accessToken?: string;\n readonly refreshToken?: string;\n readonly tokenExpiresAt?: string;\n readonly dreamboardApiToken?: string;\n readonly dreamboardApiExpiresAt?: string;\n readonly clerkOAuthIssuer?: string;\n readonly clerkOAuthClientId?: string;\n readonly clerkOAuthTokenUrl?: string;\n readonly environment?: string;\n};\n\nexport type CredentialBackendName = \"file\" | \"keychain\";\n\nexport type CredentialBackend = {\n readonly name: CredentialBackendName;\n read(): Promise<StoredSessionSnapshot | null>;\n writeFull(creds: Credentials): Promise<void>;\n writeAccessOnly(accessToken: string): Promise<void>;\n clear(reason?: CredentialClearReason): Promise<void>;\n};\n\nexport type CredentialLockOps = {\n readonly backendName: CredentialBackendName;\n read(): Promise<StoredSessionSnapshot | null>;\n writeFull(creds: Credentials): Promise<void>;\n writeAccessOnly(accessToken: string): Promise<void>;\n clear(reason?: CredentialClearReason): Promise<void>;\n};\n\nexport type CredentialClearReason =\n | \"auth_clear_command\"\n | \"logout_command\"\n | \"user_token_manager_logout\"\n | \"credential_store_clear\";\n\ntype DiskShape = Partial<{\n clerkAccessToken: string;\n clerkAccessExpiresAt: string;\n accessToken: string;\n authToken: string;\n refreshToken: string;\n tokenExpiresAt: string;\n dreamboardApiToken: string;\n dreamboardApiExpiresAt: string;\n clerkOAuthIssuer: string;\n clerkOAuthClientId: string;\n clerkOAuthTokenUrl: string;\n environment: string;\n}>;\n\nlet credentialDirectoryOverrideForTests: string | null = null;\n\nfunction getCredentialDirectory(): string {\n return (\n credentialDirectoryOverrideForTests ??\n path.join(os.homedir(), PROJECT_DIR_NAME)\n );\n}\n\nexport function getCredentialFilePath(): string {\n return path.join(getCredentialDirectory(), \"auth.json\");\n}\n\nexport function getCredentialAuditLogPath(): string {\n return path.join(getCredentialDirectory(), \"auth-events.log\");\n}\n\nfunction getCredentialLockPath(): string {\n return `${getCredentialFilePath()}.lock`;\n}\n\nasync function appendCredentialAuditEvent(event: {\n readonly event: \"auth_file_deleted\" | \"auth_file_delete_missing\";\n readonly reason: CredentialClearReason;\n readonly authPath: string;\n readonly backend: CredentialBackendName;\n}): Promise<void> {\n try {\n const logPath = getCredentialAuditLogPath();\n await fs.mkdir(path.dirname(logPath), { recursive: true, mode: 0o700 });\n await fs.appendFile(\n logPath,\n `${JSON.stringify({\n timestamp: new Date().toISOString(),\n pid: process.pid,\n ...event,\n })}\\n`,\n { mode: 0o600 },\n );\n } catch {\n // Credential clearing must not fail because local diagnostic logging failed.\n }\n}\n\nasync function fileRead(): Promise<StoredSessionSnapshot | null> {\n const filePath = getCredentialFilePath();\n let data: string;\n try {\n data = await fs.readFile(filePath, \"utf8\");\n } catch (err) {\n if ((err as NodeJS.ErrnoException).code === \"ENOENT\") return null;\n throw err;\n }\n if (data.trim().length === 0) {\n return null;\n }\n let parsed: DiskShape;\n try {\n parsed = JSON.parse(data) as DiskShape;\n } catch {\n return null;\n }\n const accessToken =\n parsed.clerkAccessToken ?? parsed.accessToken ?? parsed.authToken;\n const refreshToken = parsed.refreshToken;\n if (!accessToken && !refreshToken) return null;\n return {\n accessToken: accessToken || undefined,\n refreshToken: refreshToken || undefined,\n tokenExpiresAt:\n parsed.clerkAccessExpiresAt || parsed.tokenExpiresAt || undefined,\n dreamboardApiToken: parsed.dreamboardApiToken || undefined,\n dreamboardApiExpiresAt: parsed.dreamboardApiExpiresAt || undefined,\n clerkOAuthIssuer: parsed.clerkOAuthIssuer || undefined,\n clerkOAuthClientId: parsed.clerkOAuthClientId || undefined,\n clerkOAuthTokenUrl: parsed.clerkOAuthTokenUrl || undefined,\n environment: parsed.environment || undefined,\n };\n}\n\nasync function writeFilePayload(payload: DiskShape): Promise<void> {\n await atomicWriteFile(\n getCredentialFilePath(),\n `${JSON.stringify(payload, null, 2)}\\n`,\n { mode: 0o600 },\n );\n}\n\nasync function fileWriteFull(creds: Credentials): Promise<void> {\n if (!creds.accessToken || !creds.refreshToken) {\n throw new Error(\n \"Refusing to persist credentials with an empty accessToken or refreshToken.\",\n );\n }\n await writeFilePayload({\n clerkAccessToken: creds.accessToken,\n refreshToken: creds.refreshToken,\n clerkAccessExpiresAt: creds.tokenExpiresAt,\n dreamboardApiToken: creds.dreamboardApiToken,\n dreamboardApiExpiresAt: creds.dreamboardApiExpiresAt,\n clerkOAuthIssuer: creds.clerkOAuthIssuer,\n clerkOAuthClientId: creds.clerkOAuthClientId,\n clerkOAuthTokenUrl: creds.clerkOAuthTokenUrl,\n environment: creds.environment,\n });\n}\n\nasync function fileWriteAccessOnly(accessToken: string): Promise<void> {\n if (!accessToken) {\n throw new Error(\"Refusing to persist an empty access token.\");\n }\n await writeFilePayload({ authToken: accessToken });\n}\n\nasync function fileClear(\n reason: CredentialClearReason = \"credential_store_clear\",\n): Promise<void> {\n const filePath = getCredentialFilePath();\n try {\n await fs.unlink(filePath);\n await appendCredentialAuditEvent({\n event: \"auth_file_deleted\",\n reason,\n authPath: filePath,\n backend: \"file\",\n });\n } catch (err) {\n if ((err as NodeJS.ErrnoException).code === \"ENOENT\") {\n await appendCredentialAuditEvent({\n event: \"auth_file_delete_missing\",\n reason,\n authPath: filePath,\n backend: \"file\",\n });\n return;\n }\n throw err;\n }\n}\n\nexport const fileCredentialBackend: CredentialBackend = {\n name: \"file\",\n read: fileRead,\n writeFull: fileWriteFull,\n writeAccessOnly: fileWriteAccessOnly,\n clear: fileClear,\n};\n\nexport type BackendResolver = () =>\n | CredentialBackend\n | Promise<CredentialBackend>;\n\nexport class CredentialStoreUnavailableError extends Error {\n readonly code = \"CREDENTIAL_STORE_UNAVAILABLE\";\n\n constructor(reason: string) {\n super(`Credential store unavailable: ${reason}`);\n this.name = \"CredentialStoreUnavailableError\";\n }\n}\n\nlet cachedBackend: CredentialBackend | null = null;\nlet migrationCompleted = false;\nlet backendResolver: BackendResolver = defaultBackendResolver;\n\n/**\n * Resolver precedence for all builds:\n *\n * 1. `DREAMBOARD_CREDENTIAL_BACKEND` env var (debugging / CI override).\n * - \"file\" -> force file\n * - \"keychain\" -> force keychain (falls back to file if the native\n * module or the OS keyring is unavailable)\n * - \"auto\" -> same as unset (use config)\n * - unknown -> throw so typos fail loud\n * 2. `credentialBackend` in `~/.dreamboard/config.json`.\n * - \"keychain\" -> opt in to the OS keychain (with file fallback)\n * - \"file\" / unset / malformed -> file\n * 3. Default: file backend.\n *\n * Keychain is opt-in because on macOS the OS login-keychain prompts for\n * the user's password the first time a new binary tries to write to an\n * item, and re-prompts whenever the Node binary signature changes. We\n * would rather ship a zero-prompt default and let users who care about\n * encrypted-at-rest storage enable it.\n *\n * The resolver is async because the keychain probe requires a dynamic\n * `@napi-rs/keyring` import.\n */\nasync function defaultBackendResolver(): Promise<CredentialBackend> {\n const override = (process.env.DREAMBOARD_CREDENTIAL_BACKEND ?? \"\")\n .trim()\n .toLowerCase();\n if (override === \"file\") {\n return fileCredentialBackend;\n }\n if (override && override !== \"keychain\" && override !== \"auto\") {\n // Fail loud on typos rather than silently falling back: this env\n // var exists specifically for users who are debugging auth issues\n // and need to know their override took effect.\n throw new Error(\n `Unknown DREAMBOARD_CREDENTIAL_BACKEND value \"${override}\" (expected \"file\", \"keychain\", or \"auto\").`,\n );\n }\n\n const useKeychain =\n override === \"keychain\" || (await readCredentialBackendPreference());\n if (!useKeychain) {\n return fileCredentialBackend;\n }\n\n const { tryKeychainBackend } = await import(\"./keychain-backend.js\");\n const keychain = await tryKeychainBackend();\n if (keychain.available) {\n return keychain.backend;\n }\n // The user explicitly asked for keychain but the platform can't\n // provide one (no libsecret on Linux, missing native module, etc).\n // Silently degrade to the file backend so the CLI stays usable; the\n // active backend is still visible through `dreamboard auth status`.\n return fileCredentialBackend;\n}\n\nasync function readCredentialBackendPreference(): Promise<boolean> {\n try {\n // Dynamic import to avoid a top-level cycle with `global-config.ts`\n // (which imports `getCredentialFilePath` from this module). Using\n // the async path keeps the cycle purely lazy.\n const { loadGlobalConfig } = await import(\"./global-config.js\");\n const config = await loadGlobalConfig();\n return config.credentialBackend === \"keychain\";\n } catch {\n // If the config file is unreadable or the dynamic import fails\n // (e.g. during early bootstrap), fall back to the file-backed\n // default rather than crashing credential lookups.\n return false;\n }\n}\n\n/**\n * Override which backend is used. Tests use this to inject in-memory\n * backends; production code uses the file-default resolver.\n */\nexport function setCredentialBackendResolver(resolver: BackendResolver): void {\n backendResolver = resolver;\n cachedBackend = null;\n migrationCompleted = false;\n}\n\nexport async function getCredentialBackend(): Promise<CredentialBackend> {\n if (cachedBackend === null) {\n cachedBackend = await backendResolver();\n // One-time migration: if we resolved to a non-file backend and\n // `auth.json` still has credentials from the old layout, copy them\n // over. The file is intentionally left in place; implicit backend\n // migration must not make a working CLI session appear to vanish from\n // the default file-backed view.\n if (!migrationCompleted && cachedBackend.name !== \"file\") {\n await migrateFromFileBackendIfNeeded(cachedBackend);\n }\n migrationCompleted = true;\n }\n return cachedBackend;\n}\n\nasync function migrateFromFileBackendIfNeeded(\n target: CredentialBackend,\n options: { failClosed?: boolean } = {},\n): Promise<void> {\n try {\n const [onDisk, onTarget] = await Promise.all([\n fileCredentialBackend.read(),\n target.read(),\n ]);\n if (!onDisk) return;\n if (onTarget) {\n // Target already has a session - the user has already migrated. Leave the\n // file copy alone so a transient keychain override/probe cannot remove\n // the visible file-backed session.\n return;\n }\n if (onDisk.accessToken && onDisk.refreshToken) {\n const migrated: Credentials = {\n accessToken: onDisk.accessToken,\n refreshToken: onDisk.refreshToken,\n tokenExpiresAt: onDisk.tokenExpiresAt,\n dreamboardApiToken: onDisk.dreamboardApiToken,\n dreamboardApiExpiresAt: onDisk.dreamboardApiExpiresAt,\n clerkOAuthIssuer: onDisk.clerkOAuthIssuer,\n clerkOAuthClientId: onDisk.clerkOAuthClientId,\n clerkOAuthTokenUrl: onDisk.clerkOAuthTokenUrl,\n environment: onDisk.environment,\n };\n await target.writeFull(migrated);\n await verifyMigratedSession(target, migrated);\n } else if (onDisk.accessToken) {\n await target.writeAccessOnly(onDisk.accessToken);\n const migrated = await target.read();\n if (migrated?.accessToken !== onDisk.accessToken) {\n throw new Error(\"Credential migration verification failed.\");\n }\n } else {\n return;\n }\n } catch (error) {\n if (options.failClosed) {\n throw new CredentialStoreUnavailableError(\n error instanceof Error ? error.message : String(error),\n );\n }\n // Migration is best-effort. A failure here should not block CLI\n // operation; on next run the file backend is still consulted\n // directly because the keychain backend's `read` returns null and\n // callers fall through to \"missing session\" → login prompt.\n }\n}\n\nasync function verifyMigratedSession(\n target: CredentialBackend,\n expected: Credentials,\n): Promise<void> {\n const migrated = await target.read();\n if (\n migrated?.accessToken !== expected.accessToken ||\n migrated.refreshToken !== expected.refreshToken\n ) {\n throw new Error(\"Credential migration verification failed.\");\n }\n}\n\nexport async function getActiveCredentialBackendName(): Promise<CredentialBackendName> {\n const backend = await getCredentialBackend();\n return backend.name;\n}\n\n/** Loose read: returns whatever is on disk, including access-only sessions. */\nexport async function getStoredSession(): Promise<StoredSessionSnapshot | null> {\n if (process.env.DREAMBOARD_AGENT_TOKEN?.trim()) {\n return null;\n }\n const backend = await getCredentialBackend();\n return backend.read();\n}\n\n/** Strict read: returns a refreshable pair, or null if either token is missing. */\nexport async function getCredentials(): Promise<Credentials | null> {\n const snapshot = await getStoredSession();\n if (!snapshot) return null;\n const { accessToken, refreshToken } = snapshot;\n if (!accessToken || !refreshToken) return null;\n return {\n accessToken,\n refreshToken,\n tokenExpiresAt: snapshot.tokenExpiresAt,\n dreamboardApiToken: snapshot.dreamboardApiToken,\n dreamboardApiExpiresAt: snapshot.dreamboardApiExpiresAt,\n clerkOAuthIssuer: snapshot.clerkOAuthIssuer,\n clerkOAuthClientId: snapshot.clerkOAuthClientId,\n clerkOAuthTokenUrl: snapshot.clerkOAuthTokenUrl,\n environment: snapshot.environment,\n };\n}\n\nexport async function setCredentials(creds: Credentials): Promise<void> {\n await withFileLock(getCredentialLockPath(), async () => {\n const backend = await getCredentialBackend();\n await backend.writeFull(creds);\n });\n}\n\nexport async function setAccessOnlySession(accessToken: string): Promise<void> {\n await withFileLock(getCredentialLockPath(), async () => {\n const backend = await getCredentialBackend();\n await backend.writeAccessOnly(accessToken);\n });\n}\n\nexport async function clearCredentials(\n reason: CredentialClearReason = \"credential_store_clear\",\n): Promise<void> {\n await withFileLock(getCredentialLockPath(), async () => {\n const backend = await getCredentialBackend();\n await backend.clear(reason);\n });\n}\n\n/**\n * Run `fn` while holding the cross-process credential lock. `fn` receives\n * an ops handle that reads/writes the active backend without re-acquiring\n * the lock (avoiding deadlock).\n *\n * This is the only correct way to perform a read-modify-write on stored\n * credentials (e.g. CLI refresh rotation) in the presence of\n * concurrent CLI invocations.\n */\nexport async function withCredentialLock<T>(\n fn: (ops: CredentialLockOps) => Promise<T>,\n options?: FileLockOptions,\n): Promise<T> {\n return withFileLock(\n getCredentialLockPath(),\n async () => {\n const backend = await getCredentialBackend();\n const ops: CredentialLockOps = {\n backendName: backend.name,\n read: () => backend.read(),\n writeFull: (creds) => backend.writeFull(creds),\n writeAccessOnly: (accessToken) => backend.writeAccessOnly(accessToken),\n clear: (reason) => backend.clear(reason),\n };\n return fn(ops);\n },\n options,\n );\n}\n\n/** Test-only reset of module state. Not exported through the barrel. */\nexport function _resetCredentialStoreForTests(): void {\n cachedBackend = null;\n migrationCompleted = false;\n backendResolver = defaultBackendResolver;\n credentialDirectoryOverrideForTests = null;\n}\n\n/** Test-only override of the credential directory. Not exported through the barrel. */\nexport function _setCredentialDirectoryForTests(\n directory: string | null,\n): void {\n credentialDirectoryOverrideForTests = directory;\n cachedBackend = null;\n migrationCompleted = false;\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA,OAAOA,SAAQ;AACf,OAAOC,WAAU;;;ACqCjB,OAAO,QAAQ;AACf,OAAO,UAAU;AACjB,SAAS,YAAY,UAAU;AAgF/B,IAAI,sCAAqD;AAEzD,SAAS,yBAAiC;AACxC,SACE,uCACA,KAAK,KAAK,GAAG,QAAQ,GAAG,gBAAgB;AAE5C;AAEO,SAAS,wBAAgC;AAC9C,SAAO,KAAK,KAAK,uBAAuB,GAAG,WAAW;AACxD;AAEO,SAAS,4BAAoC;AAClD,SAAO,KAAK,KAAK,uBAAuB,GAAG,iBAAiB;AAC9D;AAEA,SAAS,wBAAgC;AACvC,SAAO,GAAG,sBAAsB,CAAC;AACnC;AAEA,eAAe,2BAA2B,OAKxB;AAChB,MAAI;AACF,UAAM,UAAU,0BAA0B;AAC1C,UAAM,GAAG,MAAM,KAAK,QAAQ,OAAO,GAAG,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AACtE,UAAM,GAAG;AAAA,MACP;AAAA,MACA,GAAG,KAAK,UAAU;AAAA,QAChB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,QAClC,KAAK,QAAQ;AAAA,QACb,GAAG;AAAA,MACL,CAAC,CAAC;AAAA;AAAA,MACF,EAAE,MAAM,IAAM;AAAA,IAChB;AAAA,EACF,QAAQ;AAAA,EAER;AACF;AAEA,eAAe,WAAkD;AAC/D,QAAM,WAAW,sBAAsB;AACvC,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,GAAG,SAAS,UAAU,MAAM;AAAA,EAC3C,SAAS,KAAK;AACZ,QAAK,IAA8B,SAAS,SAAU,QAAO;AAC7D,UAAM;AAAA,EACR;AACA,MAAI,KAAK,KAAK,EAAE,WAAW,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,QAAQ;AACN,WAAO;AAAA,EACT;AACA,QAAM,cACJ,OAAO,oBAAoB,OAAO,eAAe,OAAO;AAC1D,QAAM,eAAe,OAAO;AAC5B,MAAI,CAAC,eAAe,CAAC,aAAc,QAAO;AAC1C,SAAO;AAAA,IACL,aAAa,eAAe;AAAA,IAC5B,cAAc,gBAAgB;AAAA,IAC9B,gBACE,OAAO,wBAAwB,OAAO,kBAAkB;AAAA,IAC1D,oBAAoB,OAAO,sBAAsB;AAAA,IACjD,wBAAwB,OAAO,0BAA0B;AAAA,IACzD,kBAAkB,OAAO,oBAAoB;AAAA,IAC7C,oBAAoB,OAAO,sBAAsB;AAAA,IACjD,oBAAoB,OAAO,sBAAsB;AAAA,IACjD,aAAa,OAAO,eAAe;AAAA,EACrC;AACF;AAEA,eAAe,iBAAiB,SAAmC;AACjE,QAAM;AAAA,IACJ,sBAAsB;AAAA,IACtB,GAAG,KAAK,UAAU,SAAS,MAAM,CAAC,CAAC;AAAA;AAAA,IACnC,EAAE,MAAM,IAAM;AAAA,EAChB;AACF;AAEA,eAAe,cAAc,OAAmC;AAC9D,MAAI,CAAC,MAAM,eAAe,CAAC,MAAM,cAAc;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,QAAM,iBAAiB;AAAA,IACrB,kBAAkB,MAAM;AAAA,IACxB,cAAc,MAAM;AAAA,IACpB,sBAAsB,MAAM;AAAA,IAC5B,oBAAoB,MAAM;AAAA,IAC1B,wBAAwB,MAAM;AAAA,IAC9B,kBAAkB,MAAM;AAAA,IACxB,oBAAoB,MAAM;AAAA,IAC1B,oBAAoB,MAAM;AAAA,IAC1B,aAAa,MAAM;AAAA,EACrB,CAAC;AACH;AAEA,eAAe,oBAAoB,aAAoC;AACrE,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AACA,QAAM,iBAAiB,EAAE,WAAW,YAAY,CAAC;AACnD;AAEA,eAAe,UACb,SAAgC,0BACjB;AACf,QAAM,WAAW,sBAAsB;AACvC,MAAI;AACF,UAAM,GAAG,OAAO,QAAQ;AACxB,UAAM,2BAA2B;AAAA,MAC/B,OAAO;AAAA,MACP;AAAA,MACA,UAAU;AAAA,MACV,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAK,IAA8B,SAAS,UAAU;AACpD,YAAM,2BAA2B;AAAA,QAC/B,OAAO;AAAA,QACP;AAAA,QACA,UAAU;AAAA,QACV,SAAS;AAAA,MACX,CAAC;AACD;AAAA,IACF;AACA,UAAM;AAAA,EACR;AACF;AAEO,IAAM,wBAA2C;AAAA,EACtD,MAAM;AAAA,EACN,MAAM;AAAA,EACN,WAAW;AAAA,EACX,iBAAiB;AAAA,EACjB,OAAO;AACT;AAMO,IAAM,kCAAN,cAA8C,MAAM;AAAA,EAChD,OAAO;AAAA,EAEhB,YAAY,QAAgB;AAC1B,UAAM,iCAAiC,MAAM,EAAE;AAC/C,SAAK,OAAO;AAAA,EACd;AACF;AAEA,IAAI,gBAA0C;AAC9C,IAAI,qBAAqB;AACzB,IAAI,kBAAmC;AAyBvC,eAAe,yBAAqD;AAClE,QAAM,YAAY,QAAQ,IAAI,iCAAiC,IAC5D,KAAK,EACL,YAAY;AACf,MAAI,aAAa,QAAQ;AACvB,WAAO;AAAA,EACT;AACA,MAAI,YAAY,aAAa,cAAc,aAAa,QAAQ;AAI9D,UAAM,IAAI;AAAA,MACR,gDAAgD,QAAQ;AAAA,IAC1D;AAAA,EACF;AAEA,QAAM,cACJ,aAAa,cAAe,MAAM,gCAAgC;AACpE,MAAI,CAAC,aAAa;AAChB,WAAO;AAAA,EACT;AAEA,QAAM,EAAE,mBAAmB,IAAI,MAAM,OAAO,iCAAuB;AACnE,QAAM,WAAW,MAAM,mBAAmB;AAC1C,MAAI,SAAS,WAAW;AACtB,WAAO,SAAS;AAAA,EAClB;AAKA,SAAO;AACT;AAEA,eAAe,kCAAoD;AACjE,MAAI;AAIF,UAAM,EAAE,kBAAAC,kBAAiB,IAAI,MAAM,OAAO,8BAAoB;AAC9D,UAAM,SAAS,MAAMA,kBAAiB;AACtC,WAAO,OAAO,sBAAsB;AAAA,EACtC,QAAQ;AAIN,WAAO;AAAA,EACT;AACF;AAYA,eAAsB,uBAAmD;AACvE,MAAI,kBAAkB,MAAM;AAC1B,oBAAgB,MAAM,gBAAgB;AAMtC,QAAI,CAAC,sBAAsB,cAAc,SAAS,QAAQ;AACxD,YAAM,+BAA+B,aAAa;AAAA,IACpD;AACA,yBAAqB;AAAA,EACvB;AACA,SAAO;AACT;AAEA,eAAe,+BACb,QACA,UAAoC,CAAC,GACtB;AACf,MAAI;AACF,UAAM,CAAC,QAAQ,QAAQ,IAAI,MAAM,QAAQ,IAAI;AAAA,MAC3C,sBAAsB,KAAK;AAAA,MAC3B,OAAO,KAAK;AAAA,IACd,CAAC;AACD,QAAI,CAAC,OAAQ;AACb,QAAI,UAAU;AAIZ;AAAA,IACF;AACA,QAAI,OAAO,eAAe,OAAO,cAAc;AAC7C,YAAM,WAAwB;AAAA,QAC5B,aAAa,OAAO;AAAA,QACpB,cAAc,OAAO;AAAA,QACrB,gBAAgB,OAAO;AAAA,QACvB,oBAAoB,OAAO;AAAA,QAC3B,wBAAwB,OAAO;AAAA,QAC/B,kBAAkB,OAAO;AAAA,QACzB,oBAAoB,OAAO;AAAA,QAC3B,oBAAoB,OAAO;AAAA,QAC3B,aAAa,OAAO;AAAA,MACtB;AACA,YAAM,OAAO,UAAU,QAAQ;AAC/B,YAAM,sBAAsB,QAAQ,QAAQ;AAAA,IAC9C,WAAW,OAAO,aAAa;AAC7B,YAAM,OAAO,gBAAgB,OAAO,WAAW;AAC/C,YAAM,WAAW,MAAM,OAAO,KAAK;AACnC,UAAI,UAAU,gBAAgB,OAAO,aAAa;AAChD,cAAM,IAAI,MAAM,2CAA2C;AAAA,MAC7D;AAAA,IACF,OAAO;AACL;AAAA,IACF;AAAA,EACF,SAAS,OAAO;AACd,QAAI,QAAQ,YAAY;AACtB,YAAM,IAAI;AAAA,QACR,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,MACvD;AAAA,IACF;AAAA,EAKF;AACF;AAEA,eAAe,sBACb,QACA,UACe;AACf,QAAM,WAAW,MAAM,OAAO,KAAK;AACnC,MACE,UAAU,gBAAgB,SAAS,eACnC,SAAS,iBAAiB,SAAS,cACnC;AACA,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACF;AAQA,eAAsB,mBAA0D;AAC9E,MAAI,QAAQ,IAAI,wBAAwB,KAAK,GAAG;AAC9C,WAAO;AAAA,EACT;AACA,QAAM,UAAU,MAAM,qBAAqB;AAC3C,SAAO,QAAQ,KAAK;AACtB;AAmCA,eAAsB,iBACpB,SAAgC,0BACjB;AACf,QAAM,aAAa,sBAAsB,GAAG,YAAY;AACtD,UAAM,UAAU,MAAM,qBAAqB;AAC3C,UAAM,QAAQ,MAAM,MAAM;AAAA,EAC5B,CAAC;AACH;AAWA,eAAsB,mBACpB,IACA,SACY;AACZ,SAAO;AAAA,IACL,sBAAsB;AAAA,IACtB,YAAY;AACV,YAAM,UAAU,MAAM,qBAAqB;AAC3C,YAAM,MAAyB;AAAA,QAC7B,aAAa,QAAQ;AAAA,QACrB,MAAM,MAAM,QAAQ,KAAK;AAAA,QACzB,WAAW,CAAC,UAAU,QAAQ,UAAU,KAAK;AAAA,QAC7C,iBAAiB,CAAC,gBAAgB,QAAQ,gBAAgB,WAAW;AAAA,QACrE,OAAO,CAAC,WAAW,QAAQ,MAAM,MAAM;AAAA,MACzC;AACA,aAAO,GAAG,GAAG;AAAA,IACf;AAAA,IACA;AAAA,EACF;AACF;;;AD7gBA,SAAS,2BACP,OACyC;AACzC,MAAI,UAAU,UAAU,UAAU,WAAY,QAAO;AAIrD,SAAO;AACT;AAEO,SAAS,sBAA8B;AAC5C,SAAOC,MAAK,KAAKC,IAAG,QAAQ,GAAG,kBAAkB,aAAa;AAChE;AAOO,SAAS,oBAA4B;AAC1C,SAAO,sBAAsB;AAC/B;AAaA,eAAsB,mBAA0C;AAC9D,QAAM,SAAS,MAAM,aAA2B,oBAAoB,CAAC,EAAE;AAAA,IACrE,OAAO,CAAC;AAAA,EACV;AACA,SAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,mBAAmB,2BAA2B,OAAO,iBAAiB;AAAA,EACxE;AACF;AAUA,eAAsB,iBAAiB,QAAqC;AAC1E,QAAM,YAAYD,MAAK,KAAKC,IAAG,QAAQ,GAAG,gBAAgB;AAC1D,QAAM,UAAU,SAAS;AACzB,QAAM,aAA2B;AAAA,IAC/B,aAAa,OAAO;AAAA,IACpB,mBAAmB,2BAA2B,OAAO,iBAAiB;AAAA,EACxE;AACA,QAAM;AAAA,IACJ,oBAAoB;AAAA,IACpB,GAAG,KAAK,UAAU,YAAY,MAAM,CAAC,CAAC;AAAA;AAAA,IACtC,EAAE,MAAM,IAAM;AAAA,EAChB;AACF;","names":["os","path","loadGlobalConfig","path","os"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/utils/atomic-file.ts"],"sourcesContent":["/**\n * Primitives for safely mutating local state files owned by the CLI.\n *\n * Two guarantees:\n * - Writes are atomic-ish: we stage the payload in a sibling temp file with\n * the target permissions, fsync the contents, then `rename` over the target.\n * On POSIX `rename` within the same directory is atomic; on Windows it is\n * atomic within the same volume which is always the case for files we write\n * inside `~/.dreamboard`.\n * - We refuse to clobber a file with an empty payload. The original bug that\n * wiped refresh tokens on a failing `sync`/`compile` hinged on `undefined`\n * JSON values being persisted and reloaded as `{}`. Forbidding empty\n * writes here removes that entire failure mode at the primitive level.\n *\n * Additionally, `withFileLock` provides a cross-process advisory lock built on\n * `O_CREAT | O_EXCL` so that parallel CLI invocations serialize around mutations\n * of the same credential state.\n */\n\nimport { constants as fsConstants, promises as fs, type Stats } from \"node:fs\";\nimport path from \"node:path\";\nimport crypto from \"node:crypto\";\n\nexport type AtomicWriteOptions = {\n /** File mode applied to the written file (default: 0o600). */\n mode?: number;\n /** Call `fsync` on the temp file before renaming. Default: true. */\n fsync?: boolean;\n};\n\nexport async function atomicWriteFile(\n targetPath: string,\n contents: string,\n options: AtomicWriteOptions = {},\n): Promise<void> {\n if (contents.length === 0) {\n throw new Error(\n `Refusing to atomicWriteFile an empty payload to ${targetPath}`,\n );\n }\n const mode = options.mode ?? 0o600;\n const shouldFsync = options.fsync ?? true;\n const dir = path.dirname(targetPath);\n await fs.mkdir(dir, { recursive: true });\n\n const suffix = crypto.randomBytes(6).toString(\"hex\");\n const tmpPath = `${targetPath}.tmp-${process.pid}-${suffix}`;\n\n const fh = await fs.open(\n tmpPath,\n fsConstants.O_WRONLY | fsConstants.O_CREAT | fsConstants.O_EXCL,\n mode,\n );\n try {\n await fh.writeFile(contents, \"utf8\");\n try {\n await fh.chmod(mode);\n } catch {\n // Some filesystems (e.g. network volumes, Windows) refuse chmod.\n // Ignoring here is safe: the `open` call above already created the\n // file with the requested mode on systems that honor it.\n }\n if (shouldFsync) {\n try {\n await fh.sync();\n } catch {\n // Best-effort. Not all backends (tmpfs on some platforms) support fsync.\n }\n }\n } finally {\n await fh.close();\n }\n\n try {\n await fs.rename(tmpPath, targetPath);\n } catch (err) {\n await fs.unlink(tmpPath).catch(() => undefined);\n throw err;\n }\n}\n\nexport type FileLockOptions = {\n /** Max number of acquisition attempts before giving up. Default: 100. */\n retries?: number;\n /** Minimum backoff between retries in ms. Default: 20. */\n minDelayMs?: number;\n /** Maximum backoff between retries in ms. Default: 200. */\n maxDelayMs?: number;\n /**\n * A lockfile older than this is considered stale and forcibly removed.\n * Guards against crashed processes leaving a permanent lock. Default: 30s.\n */\n staleMs?: number;\n};\n\nexport async function withFileLock<T>(\n lockPath: string,\n fn: () => Promise<T>,\n options: FileLockOptions = {},\n): Promise<T> {\n const retries = options.retries ?? 100;\n const minDelayMs = options.minDelayMs ?? 20;\n const maxDelayMs = options.maxDelayMs ?? 200;\n const staleMs = options.staleMs ?? 30_000;\n\n await fs.mkdir(path.dirname(lockPath), { recursive: true });\n\n let attempt = 0;\n let acquired = false;\n while (!acquired) {\n try {\n const fh = await fs.open(\n lockPath,\n fsConstants.O_WRONLY | fsConstants.O_CREAT | fsConstants.O_EXCL,\n 0o600,\n );\n await fh.writeFile(`${process.pid}\\n`, \"utf8\");\n await fh.close();\n acquired = true;\n break;\n } catch (err) {\n const code = (err as NodeJS.ErrnoException).code;\n if (code !== \"EEXIST\") {\n throw err;\n }\n }\n\n let stat: Stats | null = null;\n try {\n stat = await fs.stat(lockPath);\n } catch {\n continue;\n }\n if (stat !== null) {\n const ageMs = Date.now() - stat.mtimeMs;\n if (ageMs > staleMs) {\n await fs.unlink(lockPath).catch(() => undefined);\n continue;\n }\n }\n\n attempt += 1;\n if (attempt >= retries) {\n throw new Error(\n `Timed out acquiring file lock at ${lockPath} after ${retries} attempts.`,\n );\n }\n const jitter = Math.floor(\n Math.random() * Math.max(1, maxDelayMs - minDelayMs),\n );\n await new Promise((resolve) => setTimeout(resolve, minDelayMs + jitter));\n }\n\n try {\n return await fn();\n } finally {\n await fs.unlink(lockPath).catch(() => undefined);\n }\n}\n"],"mappings":";;;AAmBA,SAAS,aAAa,aAAa,YAAY,UAAsB;AACrE,OAAO,UAAU;AACjB,OAAO,YAAY;AASnB,eAAsB,gBACpB,YACA,UACA,UAA8B,CAAC,GAChB;AACf,MAAI,SAAS,WAAW,GAAG;AACzB,UAAM,IAAI;AAAA,MACR,mDAAmD,UAAU;AAAA,IAC/D;AAAA,EACF;AACA,QAAM,OAAO,QAAQ,QAAQ;AAC7B,QAAM,cAAc,QAAQ,SAAS;AACrC,QAAM,MAAM,KAAK,QAAQ,UAAU;AACnC,QAAM,GAAG,MAAM,KAAK,EAAE,WAAW,KAAK,CAAC;AAEvC,QAAM,SAAS,OAAO,YAAY,CAAC,EAAE,SAAS,KAAK;AACnD,QAAM,UAAU,GAAG,UAAU,QAAQ,QAAQ,GAAG,IAAI,MAAM;AAE1D,QAAM,KAAK,MAAM,GAAG;AAAA,IAClB;AAAA,IACA,YAAY,WAAW,YAAY,UAAU,YAAY;AAAA,IACzD;AAAA,EACF;AACA,MAAI;AACF,UAAM,GAAG,UAAU,UAAU,MAAM;AACnC,QAAI;AACF,YAAM,GAAG,MAAM,IAAI;AAAA,IACrB,QAAQ;AAAA,IAIR;AACA,QAAI,aAAa;AACf,UAAI;AACF,cAAM,GAAG,KAAK;AAAA,MAChB,QAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF,UAAE;AACA,UAAM,GAAG,MAAM;AAAA,EACjB;AAEA,MAAI;AACF,UAAM,GAAG,OAAO,SAAS,UAAU;AAAA,EACrC,SAAS,KAAK;AACZ,UAAM,GAAG,OAAO,OAAO,EAAE,MAAM,MAAM,MAAS;AAC9C,UAAM;AAAA,EACR;AACF;AAgBA,eAAsB,aACpB,UACA,IACA,UAA2B,CAAC,GAChB;AACZ,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,aAAa,QAAQ,cAAc;AACzC,QAAM,aAAa,QAAQ,cAAc;AACzC,QAAM,UAAU,QAAQ,WAAW;AAEnC,QAAM,GAAG,MAAM,KAAK,QAAQ,QAAQ,GAAG,EAAE,WAAW,KAAK,CAAC;AAE1D,MAAI,UAAU;AACd,MAAI,WAAW;AACf,SAAO,CAAC,UAAU;AAChB,QAAI;AACF,YAAM,KAAK,MAAM,GAAG;AAAA,QAClB;AAAA,QACA,YAAY,WAAW,YAAY,UAAU,YAAY;AAAA,QACzD;AAAA,MACF;AACA,YAAM,GAAG,UAAU,GAAG,QAAQ,GAAG;AAAA,GAAM,MAAM;AAC7C,YAAM,GAAG,MAAM;AACf,iBAAW;AACX;AAAA,IACF,SAAS,KAAK;AACZ,YAAM,OAAQ,IAA8B;AAC5C,UAAI,SAAS,UAAU;AACrB,cAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,OAAqB;AACzB,QAAI;AACF,aAAO,MAAM,GAAG,KAAK,QAAQ;AAAA,IAC/B,QAAQ;AACN;AAAA,IACF;AACA,QAAI,SAAS,MAAM;AACjB,YAAM,QAAQ,KAAK,IAAI,IAAI,KAAK;AAChC,UAAI,QAAQ,SAAS;AACnB,cAAM,GAAG,OAAO,QAAQ,EAAE,MAAM,MAAM,MAAS;AAC/C;AAAA,MACF;AAAA,IACF;AAEA,eAAW;AACX,QAAI,WAAW,SAAS;AACtB,YAAM,IAAI;AAAA,QACR,oCAAoC,QAAQ,UAAU,OAAO;AAAA,MAC/D;AAAA,IACF;AACA,UAAM,SAAS,KAAK;AAAA,MAClB,KAAK,OAAO,IAAI,KAAK,IAAI,GAAG,aAAa,UAAU;AAAA,IACrD;AACA,UAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,aAAa,MAAM,CAAC;AAAA,EACzE;AAEA,MAAI;AACF,WAAO,MAAM,GAAG;AAAA,EAClB,UAAE;AACA,UAAM,GAAG,OAAO,QAAQ,EAAE,MAAM,MAAM,MAAS;AAAA,EACjD;AACF;","names":[]}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __export = (target, all) => {
|
|
4
|
+
for (var name in all)
|
|
5
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
6
|
+
};
|
|
7
|
+
|
|
8
|
+
export {
|
|
9
|
+
__export
|
|
10
|
+
};
|
|
11
|
+
//# sourceMappingURL=chunk-H6XDQJ3N.mjs.map
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import {
|
|
3
|
+
loadProjectAuthoringAdapter,
|
|
4
|
+
readWorkspaceTextFileIfExists,
|
|
5
|
+
validateGeneratedArtifacts,
|
|
6
|
+
writeWorkspaceTextFile
|
|
7
|
+
} from "./chunk-OJFZVGEL.mjs";
|
|
8
|
+
|
|
9
|
+
// src/services/project/workspace-codegen.ts
|
|
10
|
+
var STARTER_UI_SEED_FILES = /* @__PURE__ */ new Set([
|
|
11
|
+
"ui/interaction-routes.tsx",
|
|
12
|
+
"ui/setup-screen.tsx",
|
|
13
|
+
"ui/styles.ts",
|
|
14
|
+
"ui/ui-contract-typing-smoke.tsx"
|
|
15
|
+
]);
|
|
16
|
+
var SETUP_PROFILES_SEED_MARKER = "Dreamboard generated setup profile seeds.";
|
|
17
|
+
function isFrameworkOwnedSetupProfilesSeed(content) {
|
|
18
|
+
if (content === null || content === void 0) {
|
|
19
|
+
return false;
|
|
20
|
+
}
|
|
21
|
+
const trimmed = content.trim();
|
|
22
|
+
return trimmed.length === 0 || trimmed.includes(SETUP_PROFILES_SEED_MARKER);
|
|
23
|
+
}
|
|
24
|
+
async function applyWorkspaceCodegen(options) {
|
|
25
|
+
const { projectRoot, manifest } = options;
|
|
26
|
+
const { adapter } = await loadProjectAuthoringAdapter(projectRoot);
|
|
27
|
+
const artifacts = validateGeneratedArtifacts(adapter, [
|
|
28
|
+
...adapter.generateWorkspaceArtifacts(manifest),
|
|
29
|
+
...adapter.generateTestArtifacts({ manifest })
|
|
30
|
+
]);
|
|
31
|
+
const authoritativeFiles = new Map(
|
|
32
|
+
artifacts.filter((artifact) => artifact.ownership !== "seed").map((artifact) => [artifact.path, artifact.content])
|
|
33
|
+
);
|
|
34
|
+
const seedFiles = new Map(
|
|
35
|
+
artifacts.filter((artifact) => artifact.ownership === "seed").map((artifact) => [artifact.path, artifact.content])
|
|
36
|
+
);
|
|
37
|
+
const written = [];
|
|
38
|
+
const skipped = [];
|
|
39
|
+
const merged = [];
|
|
40
|
+
const existingUiAppBeforeSeeds = await readWorkspaceTextFileIfExists(
|
|
41
|
+
projectRoot,
|
|
42
|
+
"ui/App.tsx"
|
|
43
|
+
);
|
|
44
|
+
const shouldWriteStarterUiSeedFiles = existingUiAppBeforeSeeds === null || existingUiAppBeforeSeeds.trim().length === 0;
|
|
45
|
+
for (const [relativePath, content] of authoritativeFiles) {
|
|
46
|
+
const existingContent = await readWorkspaceTextFileIfExists(
|
|
47
|
+
projectRoot,
|
|
48
|
+
relativePath
|
|
49
|
+
);
|
|
50
|
+
await writeWorkspaceTextFile(projectRoot, relativePath, content);
|
|
51
|
+
if (existingContent !== content) {
|
|
52
|
+
written.push(relativePath);
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
for (const [relativePath, content] of seedFiles) {
|
|
56
|
+
const existingContent = await readWorkspaceTextFileIfExists(
|
|
57
|
+
projectRoot,
|
|
58
|
+
relativePath
|
|
59
|
+
);
|
|
60
|
+
if (STARTER_UI_SEED_FILES.has(relativePath) && !shouldWriteStarterUiSeedFiles && existingContent === null) {
|
|
61
|
+
skipped.push(relativePath);
|
|
62
|
+
continue;
|
|
63
|
+
}
|
|
64
|
+
const shouldRefreshFrameworkSeed = relativePath === "app/setup-profiles.ts" && isFrameworkOwnedSetupProfilesSeed(existingContent);
|
|
65
|
+
if (shouldRefreshFrameworkSeed) {
|
|
66
|
+
await writeWorkspaceTextFile(projectRoot, relativePath, content);
|
|
67
|
+
if (existingContent !== content) {
|
|
68
|
+
written.push(relativePath);
|
|
69
|
+
}
|
|
70
|
+
continue;
|
|
71
|
+
}
|
|
72
|
+
const hasExistingContent = existingContent !== null && existingContent.trim().length > 0;
|
|
73
|
+
if (hasExistingContent) {
|
|
74
|
+
skipped.push(relativePath);
|
|
75
|
+
continue;
|
|
76
|
+
}
|
|
77
|
+
await writeWorkspaceTextFile(projectRoot, relativePath, content);
|
|
78
|
+
written.push(relativePath);
|
|
79
|
+
}
|
|
80
|
+
written.sort();
|
|
81
|
+
skipped.sort();
|
|
82
|
+
merged.sort();
|
|
83
|
+
return { written, skipped, merged };
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
export {
|
|
87
|
+
applyWorkspaceCodegen
|
|
88
|
+
};
|
|
89
|
+
//# sourceMappingURL=chunk-HUBV22JQ.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/services/project/workspace-codegen.ts"],"sourcesContent":["import type { GameTopologyManifest } from \"@dreamboard-games/sdk/types\";\nimport { loadProjectAuthoringAdapter } from \"../project-authoring/loader.js\";\nimport { validateGeneratedArtifacts } from \"../project-authoring/validation.js\";\nimport {\n readWorkspaceTextFileIfExists,\n writeWorkspaceTextFile,\n} from \"./workspace-path.js\";\n\nexport interface WorkspaceCodegenWriteResult {\n written: string[];\n skipped: string[];\n merged: string[];\n}\n\nconst STARTER_UI_SEED_FILES = new Set([\n \"ui/interaction-routes.tsx\",\n \"ui/setup-screen.tsx\",\n \"ui/styles.ts\",\n \"ui/ui-contract-typing-smoke.tsx\",\n]);\nconst SETUP_PROFILES_SEED_MARKER = \"Dreamboard generated setup profile seeds.\";\n\nfunction isFrameworkOwnedSetupProfilesSeed(\n content: string | null | undefined,\n): boolean {\n if (content === null || content === undefined) {\n return false;\n }\n const trimmed = content.trim();\n return trimmed.length === 0 || trimmed.includes(SETUP_PROFILES_SEED_MARKER);\n}\n\nexport async function applyWorkspaceCodegen(options: {\n projectRoot: string;\n manifest: GameTopologyManifest;\n}): Promise<WorkspaceCodegenWriteResult> {\n const { projectRoot, manifest } = options;\n const { adapter } = await loadProjectAuthoringAdapter(projectRoot);\n const artifacts = validateGeneratedArtifacts(adapter, [\n ...adapter.generateWorkspaceArtifacts(manifest),\n ...adapter.generateTestArtifacts({ manifest }),\n ]);\n const authoritativeFiles = new Map(\n artifacts\n .filter((artifact) => artifact.ownership !== \"seed\")\n .map((artifact) => [artifact.path, artifact.content]),\n );\n const seedFiles = new Map(\n artifacts\n .filter((artifact) => artifact.ownership === \"seed\")\n .map((artifact) => [artifact.path, artifact.content]),\n );\n\n const written: string[] = [];\n const skipped: string[] = [];\n const merged: string[] = [];\n const existingUiAppBeforeSeeds = await readWorkspaceTextFileIfExists(\n projectRoot,\n \"ui/App.tsx\",\n );\n const shouldWriteStarterUiSeedFiles =\n existingUiAppBeforeSeeds === null ||\n existingUiAppBeforeSeeds.trim().length === 0;\n\n for (const [relativePath, content] of authoritativeFiles) {\n const existingContent = await readWorkspaceTextFileIfExists(\n projectRoot,\n relativePath,\n );\n await writeWorkspaceTextFile(projectRoot, relativePath, content);\n if (existingContent !== content) {\n written.push(relativePath);\n }\n }\n\n for (const [relativePath, content] of seedFiles) {\n const existingContent = await readWorkspaceTextFileIfExists(\n projectRoot,\n relativePath,\n );\n if (\n STARTER_UI_SEED_FILES.has(relativePath) &&\n !shouldWriteStarterUiSeedFiles &&\n existingContent === null\n ) {\n skipped.push(relativePath);\n continue;\n }\n\n const shouldRefreshFrameworkSeed =\n relativePath === \"app/setup-profiles.ts\" &&\n isFrameworkOwnedSetupProfilesSeed(existingContent);\n\n if (shouldRefreshFrameworkSeed) {\n await writeWorkspaceTextFile(projectRoot, relativePath, content);\n if (existingContent !== content) {\n written.push(relativePath);\n }\n continue;\n }\n\n const hasExistingContent =\n existingContent !== null && existingContent.trim().length > 0;\n if (hasExistingContent) {\n skipped.push(relativePath);\n continue;\n }\n\n await writeWorkspaceTextFile(projectRoot, relativePath, content);\n written.push(relativePath);\n }\n\n written.sort();\n skipped.sort();\n merged.sort();\n return { written, skipped, merged };\n}\n"],"mappings":";;;;;;;;;AAcA,IAAM,wBAAwB,oBAAI,IAAI;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AACD,IAAM,6BAA6B;AAEnC,SAAS,kCACP,SACS;AACT,MAAI,YAAY,QAAQ,YAAY,QAAW;AAC7C,WAAO;AAAA,EACT;AACA,QAAM,UAAU,QAAQ,KAAK;AAC7B,SAAO,QAAQ,WAAW,KAAK,QAAQ,SAAS,0BAA0B;AAC5E;AAEA,eAAsB,sBAAsB,SAGH;AACvC,QAAM,EAAE,aAAa,SAAS,IAAI;AAClC,QAAM,EAAE,QAAQ,IAAI,MAAM,4BAA4B,WAAW;AACjE,QAAM,YAAY,2BAA2B,SAAS;AAAA,IACpD,GAAG,QAAQ,2BAA2B,QAAQ;AAAA,IAC9C,GAAG,QAAQ,sBAAsB,EAAE,SAAS,CAAC;AAAA,EAC/C,CAAC;AACD,QAAM,qBAAqB,IAAI;AAAA,IAC7B,UACG,OAAO,CAAC,aAAa,SAAS,cAAc,MAAM,EAClD,IAAI,CAAC,aAAa,CAAC,SAAS,MAAM,SAAS,OAAO,CAAC;AAAA,EACxD;AACA,QAAM,YAAY,IAAI;AAAA,IACpB,UACG,OAAO,CAAC,aAAa,SAAS,cAAc,MAAM,EAClD,IAAI,CAAC,aAAa,CAAC,SAAS,MAAM,SAAS,OAAO,CAAC;AAAA,EACxD;AAEA,QAAM,UAAoB,CAAC;AAC3B,QAAM,UAAoB,CAAC;AAC3B,QAAM,SAAmB,CAAC;AAC1B,QAAM,2BAA2B,MAAM;AAAA,IACrC;AAAA,IACA;AAAA,EACF;AACA,QAAM,gCACJ,6BAA6B,QAC7B,yBAAyB,KAAK,EAAE,WAAW;AAE7C,aAAW,CAAC,cAAc,OAAO,KAAK,oBAAoB;AACxD,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,IACF;AACA,UAAM,uBAAuB,aAAa,cAAc,OAAO;AAC/D,QAAI,oBAAoB,SAAS;AAC/B,cAAQ,KAAK,YAAY;AAAA,IAC3B;AAAA,EACF;AAEA,aAAW,CAAC,cAAc,OAAO,KAAK,WAAW;AAC/C,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,IACF;AACA,QACE,sBAAsB,IAAI,YAAY,KACtC,CAAC,iCACD,oBAAoB,MACpB;AACA,cAAQ,KAAK,YAAY;AACzB;AAAA,IACF;AAEA,UAAM,6BACJ,iBAAiB,2BACjB,kCAAkC,eAAe;AAEnD,QAAI,4BAA4B;AAC9B,YAAM,uBAAuB,aAAa,cAAc,OAAO;AAC/D,UAAI,oBAAoB,SAAS;AAC/B,gBAAQ,KAAK,YAAY;AAAA,MAC3B;AACA;AAAA,IACF;AAEA,UAAM,qBACJ,oBAAoB,QAAQ,gBAAgB,KAAK,EAAE,SAAS;AAC9D,QAAI,oBAAoB;AACtB,cAAQ,KAAK,YAAY;AACzB;AAAA,IACF;AAEA,UAAM,uBAAuB,aAAa,cAAc,OAAO;AAC/D,YAAQ,KAAK,YAAY;AAAA,EAC3B;AAEA,UAAQ,KAAK;AACb,UAAQ,KAAK;AACb,SAAO,KAAK;AACZ,SAAO,EAAE,SAAS,SAAS,OAAO;AACpC;","names":[]}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import {
|
|
3
3
|
__export
|
|
4
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-H6XDQJ3N.mjs";
|
|
5
5
|
|
|
6
6
|
// ../../node_modules/.pnpm/zod@4.4.3/node_modules/zod/v4/classic/external.js
|
|
7
7
|
var external_exports = {};
|
|
@@ -14520,4 +14520,4 @@ config(en_default());
|
|
|
14520
14520
|
export {
|
|
14521
14521
|
external_exports
|
|
14522
14522
|
};
|
|
14523
|
-
//# sourceMappingURL=chunk-
|
|
14523
|
+
//# sourceMappingURL=chunk-JZTH3EMV.mjs.map
|
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
+
import {
|
|
3
|
+
atomicWriteFile
|
|
4
|
+
} from "./chunk-GWRZRWCF.mjs";
|
|
2
5
|
import {
|
|
3
6
|
hashContent,
|
|
4
7
|
isAllowedGamePath,
|
|
@@ -6,26 +9,24 @@ import {
|
|
|
6
9
|
isLibraryPath,
|
|
7
10
|
materializeManifest,
|
|
8
11
|
writeManifestSource
|
|
9
|
-
} from "./chunk-
|
|
10
|
-
import {
|
|
11
|
-
atomicWriteFile
|
|
12
|
-
} from "./chunk-TAEQKBJB.mjs";
|
|
12
|
+
} from "./chunk-BWBN2TDJ.mjs";
|
|
13
13
|
import {
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
14
|
+
readWorkspaceTextFile,
|
|
15
|
+
readWorkspaceTextFileIfExists,
|
|
16
|
+
resolveWorkspacePath,
|
|
17
|
+
unlinkWorkspaceFile,
|
|
18
|
+
writeWorkspaceTextFile
|
|
19
|
+
} from "./chunk-OJFZVGEL.mjs";
|
|
19
20
|
import {
|
|
20
21
|
LOCAL_IGNORE_DIRS,
|
|
21
22
|
MANIFEST_FILE,
|
|
22
23
|
PROJECT_DIR_NAME,
|
|
23
24
|
RULE_FILE,
|
|
24
25
|
SNAPSHOT_FILE
|
|
25
|
-
} from "./chunk-
|
|
26
|
+
} from "./chunk-M7UVBANQ.mjs";
|
|
26
27
|
|
|
27
28
|
// src/services/project/local-files.ts
|
|
28
|
-
import { readdir
|
|
29
|
+
import { readdir } from "fs/promises";
|
|
29
30
|
import path from "path";
|
|
30
31
|
function isAllowedGamePath2(filePath) {
|
|
31
32
|
return isAllowedGamePath(filePath);
|
|
@@ -41,8 +42,7 @@ function shouldWriteScaffoldFile(filePath, existingContent) {
|
|
|
41
42
|
async function writeSourceFiles(rootDir, files) {
|
|
42
43
|
for (const [relativePath, content] of Object.entries(files)) {
|
|
43
44
|
if (content === null || content === void 0) continue;
|
|
44
|
-
|
|
45
|
-
await writeTextFile(filePath, content);
|
|
45
|
+
await writeWorkspaceTextFile(rootDir, relativePath, content);
|
|
46
46
|
}
|
|
47
47
|
}
|
|
48
48
|
async function writeScaffoldFiles(rootDir, files) {
|
|
@@ -50,14 +50,16 @@ async function writeScaffoldFiles(rootDir, files) {
|
|
|
50
50
|
const skipped = [];
|
|
51
51
|
for (const [relativePath, content] of Object.entries(files)) {
|
|
52
52
|
if (content === null || content === void 0) continue;
|
|
53
|
-
const
|
|
54
|
-
|
|
53
|
+
const existingContent = await readWorkspaceTextFileIfExists(
|
|
54
|
+
rootDir,
|
|
55
|
+
relativePath
|
|
56
|
+
);
|
|
55
57
|
const decision = shouldWriteScaffoldFile(relativePath, existingContent);
|
|
56
58
|
if (decision === "skip") {
|
|
57
59
|
skipped.push(relativePath);
|
|
58
60
|
continue;
|
|
59
61
|
}
|
|
60
|
-
await
|
|
62
|
+
await writeWorkspaceTextFile(rootDir, relativePath, content);
|
|
61
63
|
if (existingContent !== content) {
|
|
62
64
|
written.push(relativePath);
|
|
63
65
|
}
|
|
@@ -71,7 +73,7 @@ async function removeExtraneousFiles(rootDir, keep) {
|
|
|
71
73
|
for (const filePath of Object.keys(localFiles)) {
|
|
72
74
|
if (filePath === MANIFEST_FILE || filePath === RULE_FILE) continue;
|
|
73
75
|
if (!keep.has(filePath)) {
|
|
74
|
-
await
|
|
76
|
+
await unlinkWorkspaceFile(rootDir, filePath);
|
|
75
77
|
}
|
|
76
78
|
}
|
|
77
79
|
}
|
|
@@ -89,7 +91,7 @@ async function walkDir(rootDir, currentDir, result) {
|
|
|
89
91
|
} else if (entry.isFile()) {
|
|
90
92
|
const filePath = path.join(currentDir, entry.name);
|
|
91
93
|
const relativePath = path.relative(rootDir, filePath);
|
|
92
|
-
result[relativePath] = await
|
|
94
|
+
result[relativePath] = await readWorkspaceTextFile(rootDir, relativePath);
|
|
93
95
|
}
|
|
94
96
|
}
|
|
95
97
|
}
|
|
@@ -97,15 +99,13 @@ async function writeManifest(rootDir, manifest) {
|
|
|
97
99
|
await writeManifestSource(rootDir, manifest);
|
|
98
100
|
}
|
|
99
101
|
async function writeRule(rootDir, ruleText) {
|
|
100
|
-
|
|
101
|
-
await writeTextFile(filePath, ruleText);
|
|
102
|
+
await writeWorkspaceTextFile(rootDir, RULE_FILE, ruleText);
|
|
102
103
|
}
|
|
103
104
|
async function loadManifest(rootDir) {
|
|
104
105
|
return materializeManifest(rootDir);
|
|
105
106
|
}
|
|
106
107
|
async function loadRule(rootDir) {
|
|
107
|
-
|
|
108
|
-
return readTextFile(filePath);
|
|
108
|
+
return readWorkspaceTextFile(rootDir, RULE_FILE);
|
|
109
109
|
}
|
|
110
110
|
async function writeSnapshot(rootDir) {
|
|
111
111
|
const files = await collectLocalFiles(rootDir);
|
|
@@ -120,20 +120,27 @@ async function writeSnapshotFromFiles(rootDir, files) {
|
|
|
120
120
|
if (isDynamicGeneratedPath(filePath)) continue;
|
|
121
121
|
snapshot.files[filePath] = hashContent(content);
|
|
122
122
|
}
|
|
123
|
-
const snapshotPath =
|
|
123
|
+
const snapshotPath = resolveWorkspacePath(
|
|
124
|
+
rootDir,
|
|
125
|
+
`${PROJECT_DIR_NAME}/${SNAPSHOT_FILE}`
|
|
126
|
+
);
|
|
124
127
|
await atomicWriteFile(
|
|
125
128
|
snapshotPath,
|
|
126
129
|
`${JSON.stringify(snapshot, null, 2)}
|
|
127
130
|
`,
|
|
128
|
-
{
|
|
131
|
+
{
|
|
132
|
+
mode: 420
|
|
133
|
+
}
|
|
129
134
|
);
|
|
130
135
|
}
|
|
131
136
|
function isIgnorableLocalDiffPath(filePath) {
|
|
132
137
|
return filePath.startsWith("test/generated/") || filePath.startsWith(".playwright-cli/");
|
|
133
138
|
}
|
|
134
139
|
async function getLocalDiff(rootDir) {
|
|
135
|
-
const
|
|
136
|
-
|
|
140
|
+
const snapshot = await readWorkspaceTextFile(
|
|
141
|
+
rootDir,
|
|
142
|
+
`${PROJECT_DIR_NAME}/${SNAPSHOT_FILE}`
|
|
143
|
+
).then((text) => JSON.parse(text)).catch(() => null);
|
|
137
144
|
if (!snapshot) {
|
|
138
145
|
return { modified: [], added: [], deleted: [] };
|
|
139
146
|
}
|
|
@@ -182,4 +189,4 @@ export {
|
|
|
182
189
|
writeSnapshotFromFiles,
|
|
183
190
|
getLocalDiff
|
|
184
191
|
};
|
|
185
|
-
//# sourceMappingURL=chunk-
|
|
192
|
+
//# sourceMappingURL=chunk-KDAQ4CZY.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/services/project/local-files.ts"],"sourcesContent":["import { readdir } from \"node:fs/promises\";\nimport path from \"node:path\";\nimport type { GameTopologyManifest } from \"@dreamboard-games/sdk/types\";\nimport {\n PROJECT_DIR_NAME,\n MANIFEST_FILE,\n RULE_FILE,\n SNAPSHOT_FILE,\n LOCAL_IGNORE_DIRS,\n} from \"../../constants.js\";\nimport type { Snapshot } from \"../../types.js\";\nimport { atomicWriteFile } from \"../../utils/atomic-file.js\";\nimport { hashContent } from \"../../utils/crypto.js\";\nimport {\n computeManifestHash,\n materializeManifest,\n writeManifestSource,\n} from \"./manifest-authoring.js\";\nimport {\n isAllowedGamePath as isAllowedPathFromOwnership,\n isDynamicGeneratedPath,\n isLibraryPath as isLibraryPathFromOwnership,\n} from \"./scaffold-ownership.js\";\nimport {\n readWorkspaceTextFile,\n readWorkspaceTextFileIfExists,\n resolveWorkspacePath,\n unlinkWorkspaceFile,\n writeWorkspaceTextFile,\n} from \"./workspace-path.js\";\n\n/**\n * Returns true when a path is inside the canonical game project structure.\n * Anything outside app/, ui/, shared/, or the known root files is rejected.\n */\nexport function isAllowedGamePath(filePath: string): boolean {\n return isAllowedPathFromOwnership(filePath);\n}\n\nexport function isLibraryPath(filePath: string): boolean {\n return isLibraryPathFromOwnership(filePath);\n}\n\ntype WriteDecision = \"write\" | \"skip\";\n\n/**\n * Decide whether a file from the scaffold response should be written to disk.\n *\n * - Library files → always overwrite (they are fully generated).\n * - Everything else → only write if the file does not yet exist or is empty\n * locally (first-time seeding; preserves user edits).\n */\nfunction shouldWriteScaffoldFile(\n filePath: string,\n existingContent: string | null,\n): WriteDecision {\n if (isLibraryPath(filePath)) return \"write\";\n const hasContent =\n existingContent !== null && existingContent.trim().length > 0;\n return hasContent ? \"skip\" : \"write\";\n}\n\nexport async function writeSourceFiles(\n rootDir: string,\n files: Record<string, string | null>,\n): Promise<void> {\n for (const [relativePath, content] of Object.entries(files)) {\n if (content === null || content === undefined) continue;\n await writeWorkspaceTextFile(rootDir, relativePath, content);\n }\n}\n\nexport interface ScaffoldWriteResult {\n written: string[];\n skipped: string[];\n}\n\n/**\n * Write scaffold files using local-merge logic.\n *\n * - Library files are always overwritten.\n * - User-owned files (phases, components, etc.) are only written when the\n * local file does not exist or is empty. Files with content are skipped\n * so user edits are never lost.\n *\n * Returns lists of files that were written (and actually changed) and files\n * that were skipped because a non-empty local copy already exists.\n */\nexport async function writeScaffoldFiles(\n rootDir: string,\n files: Record<string, string | null>,\n): Promise<ScaffoldWriteResult> {\n const written: string[] = [];\n const skipped: string[] = [];\n\n for (const [relativePath, content] of Object.entries(files)) {\n if (content === null || content === undefined) continue;\n\n const existingContent = await readWorkspaceTextFileIfExists(\n rootDir,\n relativePath,\n );\n\n const decision = shouldWriteScaffoldFile(relativePath, existingContent);\n\n if (decision === \"skip\") {\n skipped.push(relativePath);\n continue;\n }\n\n await writeWorkspaceTextFile(rootDir, relativePath, content);\n\n if (existingContent !== content) {\n written.push(relativePath);\n }\n }\n\n written.sort();\n skipped.sort();\n return { written, skipped };\n}\n\nexport async function removeExtraneousFiles(\n rootDir: string,\n keep: Set<string>,\n): Promise<void> {\n const localFiles = await collectLocalFiles(rootDir);\n for (const filePath of Object.keys(localFiles)) {\n if (filePath === MANIFEST_FILE || filePath === RULE_FILE) continue;\n if (!keep.has(filePath)) {\n await unlinkWorkspaceFile(rootDir, filePath);\n }\n }\n}\n\nexport async function collectLocalFiles(\n rootDir: string,\n): Promise<Record<string, string>> {\n const result: Record<string, string> = {};\n await walkDir(rootDir, rootDir, result);\n return result;\n}\n\nexport async function walkDir(\n rootDir: string,\n currentDir: string,\n result: Record<string, string>,\n): Promise<void> {\n const entries = await readdir(currentDir, { withFileTypes: true });\n for (const entry of entries) {\n if (entry.isDirectory()) {\n if (LOCAL_IGNORE_DIRS.has(entry.name)) continue;\n await walkDir(rootDir, path.join(currentDir, entry.name), result);\n } else if (entry.isFile()) {\n const filePath = path.join(currentDir, entry.name);\n const relativePath = path.relative(rootDir, filePath);\n result[relativePath] = await readWorkspaceTextFile(rootDir, relativePath);\n }\n }\n}\n\nexport async function writeManifest(\n rootDir: string,\n manifest: GameTopologyManifest,\n): Promise<void> {\n await writeManifestSource(rootDir, manifest);\n}\n\nexport async function writeRule(\n rootDir: string,\n ruleText: string,\n): Promise<void> {\n await writeWorkspaceTextFile(rootDir, RULE_FILE, ruleText);\n}\n\nexport async function loadManifest(\n rootDir: string,\n): Promise<GameTopologyManifest> {\n return materializeManifest(rootDir);\n}\n\nexport { computeManifestHash };\n\nexport async function loadRule(rootDir: string): Promise<string> {\n return readWorkspaceTextFile(rootDir, RULE_FILE);\n}\n\nexport async function writeSnapshot(rootDir: string): Promise<void> {\n const files = await collectLocalFiles(rootDir);\n await writeSnapshotFromFiles(rootDir, files);\n}\n\nexport async function writeSnapshotFromFiles(\n rootDir: string,\n files: Record<string, string>,\n): Promise<void> {\n const snapshot: Snapshot = {\n files: {},\n };\n\n for (const [filePath, content] of Object.entries(files)) {\n if (filePath.startsWith(`${PROJECT_DIR_NAME}/`)) continue;\n if (isDynamicGeneratedPath(filePath)) continue;\n snapshot.files[filePath] = hashContent(content);\n }\n\n // Atomic write: a crash mid-snapshot (e.g. user kills a long `dreamboard\n // sync`) must not leave `.dreamboard/snapshot.json` truncated, or\n // `getLocalDiff` will silently report everything as \"added\" on the\n // next run and force a full re-sync.\n const snapshotPath = resolveWorkspacePath(\n rootDir,\n `${PROJECT_DIR_NAME}/${SNAPSHOT_FILE}`,\n );\n await atomicWriteFile(\n snapshotPath,\n `${JSON.stringify(snapshot, null, 2)}\\n`,\n {\n mode: 0o644,\n },\n );\n}\n\nfunction isIgnorableLocalDiffPath(filePath: string): boolean {\n return (\n filePath.startsWith(\"test/generated/\") ||\n filePath.startsWith(\".playwright-cli/\")\n );\n}\n\nexport async function getLocalDiff(rootDir: string): Promise<{\n modified: string[];\n added: string[];\n deleted: string[];\n}> {\n const snapshot = await readWorkspaceTextFile(\n rootDir,\n `${PROJECT_DIR_NAME}/${SNAPSHOT_FILE}`,\n )\n .then((text) => JSON.parse(text) as Snapshot)\n .catch(() => null);\n if (!snapshot) {\n return { modified: [], added: [], deleted: [] };\n }\n\n const files = await collectLocalFiles(rootDir);\n const currentHashes: Record<string, string> = {};\n\n for (const [filePath, content] of Object.entries(files)) {\n if (filePath.startsWith(`${PROJECT_DIR_NAME}/`)) continue;\n if (isIgnorableLocalDiffPath(filePath)) continue;\n if (isDynamicGeneratedPath(filePath)) continue;\n currentHashes[filePath] = hashContent(content);\n }\n\n const modified: string[] = [];\n const added: string[] = [];\n const deleted: string[] = [];\n\n for (const [filePath, hash] of Object.entries(currentHashes)) {\n const prevHash = snapshot.files[filePath];\n if (!prevHash) {\n added.push(filePath);\n } else if (prevHash !== hash) {\n modified.push(filePath);\n }\n }\n\n for (const filePath of Object.keys(snapshot.files)) {\n if (isIgnorableLocalDiffPath(filePath)) continue;\n if (isDynamicGeneratedPath(filePath)) continue;\n if (!currentHashes[filePath]) {\n deleted.push(filePath);\n }\n }\n\n return { modified, added, deleted };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,SAAS,eAAe;AACxB,OAAO,UAAU;AAkCV,SAASA,mBAAkB,UAA2B;AAC3D,SAAO,kBAA2B,QAAQ;AAC5C;AAEO,SAASC,eAAc,UAA2B;AACvD,SAAO,cAA2B,QAAQ;AAC5C;AAWA,SAAS,wBACP,UACA,iBACe;AACf,MAAIA,eAAc,QAAQ,EAAG,QAAO;AACpC,QAAM,aACJ,oBAAoB,QAAQ,gBAAgB,KAAK,EAAE,SAAS;AAC9D,SAAO,aAAa,SAAS;AAC/B;AAEA,eAAsB,iBACpB,SACA,OACe;AACf,aAAW,CAAC,cAAc,OAAO,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,QAAI,YAAY,QAAQ,YAAY,OAAW;AAC/C,UAAM,uBAAuB,SAAS,cAAc,OAAO;AAAA,EAC7D;AACF;AAkBA,eAAsB,mBACpB,SACA,OAC8B;AAC9B,QAAM,UAAoB,CAAC;AAC3B,QAAM,UAAoB,CAAC;AAE3B,aAAW,CAAC,cAAc,OAAO,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,QAAI,YAAY,QAAQ,YAAY,OAAW;AAE/C,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,IACF;AAEA,UAAM,WAAW,wBAAwB,cAAc,eAAe;AAEtE,QAAI,aAAa,QAAQ;AACvB,cAAQ,KAAK,YAAY;AACzB;AAAA,IACF;AAEA,UAAM,uBAAuB,SAAS,cAAc,OAAO;AAE3D,QAAI,oBAAoB,SAAS;AAC/B,cAAQ,KAAK,YAAY;AAAA,IAC3B;AAAA,EACF;AAEA,UAAQ,KAAK;AACb,UAAQ,KAAK;AACb,SAAO,EAAE,SAAS,QAAQ;AAC5B;AAEA,eAAsB,sBACpB,SACA,MACe;AACf,QAAM,aAAa,MAAM,kBAAkB,OAAO;AAClD,aAAW,YAAY,OAAO,KAAK,UAAU,GAAG;AAC9C,QAAI,aAAa,iBAAiB,aAAa,UAAW;AAC1D,QAAI,CAAC,KAAK,IAAI,QAAQ,GAAG;AACvB,YAAM,oBAAoB,SAAS,QAAQ;AAAA,IAC7C;AAAA,EACF;AACF;AAEA,eAAsB,kBACpB,SACiC;AACjC,QAAM,SAAiC,CAAC;AACxC,QAAM,QAAQ,SAAS,SAAS,MAAM;AACtC,SAAO;AACT;AAEA,eAAsB,QACpB,SACA,YACA,QACe;AACf,QAAM,UAAU,MAAM,QAAQ,YAAY,EAAE,eAAe,KAAK,CAAC;AACjE,aAAW,SAAS,SAAS;AAC3B,QAAI,MAAM,YAAY,GAAG;AACvB,UAAI,kBAAkB,IAAI,MAAM,IAAI,EAAG;AACvC,YAAM,QAAQ,SAAS,KAAK,KAAK,YAAY,MAAM,IAAI,GAAG,MAAM;AAAA,IAClE,WAAW,MAAM,OAAO,GAAG;AACzB,YAAM,WAAW,KAAK,KAAK,YAAY,MAAM,IAAI;AACjD,YAAM,eAAe,KAAK,SAAS,SAAS,QAAQ;AACpD,aAAO,YAAY,IAAI,MAAM,sBAAsB,SAAS,YAAY;AAAA,IAC1E;AAAA,EACF;AACF;AAEA,eAAsB,cACpB,SACA,UACe;AACf,QAAM,oBAAoB,SAAS,QAAQ;AAC7C;AAEA,eAAsB,UACpB,SACA,UACe;AACf,QAAM,uBAAuB,SAAS,WAAW,QAAQ;AAC3D;AAEA,eAAsB,aACpB,SAC+B;AAC/B,SAAO,oBAAoB,OAAO;AACpC;AAIA,eAAsB,SAAS,SAAkC;AAC/D,SAAO,sBAAsB,SAAS,SAAS;AACjD;AAEA,eAAsB,cAAc,SAAgC;AAClE,QAAM,QAAQ,MAAM,kBAAkB,OAAO;AAC7C,QAAM,uBAAuB,SAAS,KAAK;AAC7C;AAEA,eAAsB,uBACpB,SACA,OACe;AACf,QAAM,WAAqB;AAAA,IACzB,OAAO,CAAC;AAAA,EACV;AAEA,aAAW,CAAC,UAAU,OAAO,KAAK,OAAO,QAAQ,KAAK,GAAG;AACvD,QAAI,SAAS,WAAW,GAAG,gBAAgB,GAAG,EAAG;AACjD,QAAI,uBAAuB,QAAQ,EAAG;AACtC,aAAS,MAAM,QAAQ,IAAI,YAAY,OAAO;AAAA,EAChD;AAMA,QAAM,eAAe;AAAA,IACnB;AAAA,IACA,GAAG,gBAAgB,IAAI,aAAa;AAAA,EACtC;AACA,QAAM;AAAA,IACJ;AAAA,IACA,GAAG,KAAK,UAAU,UAAU,MAAM,CAAC,CAAC;AAAA;AAAA,IACpC;AAAA,MACE,MAAM;AAAA,IACR;AAAA,EACF;AACF;AAEA,SAAS,yBAAyB,UAA2B;AAC3D,SACE,SAAS,WAAW,iBAAiB,KACrC,SAAS,WAAW,kBAAkB;AAE1C;AAEA,eAAsB,aAAa,SAIhC;AACD,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA,GAAG,gBAAgB,IAAI,aAAa;AAAA,EACtC,EACG,KAAK,CAAC,SAAS,KAAK,MAAM,IAAI,CAAa,EAC3C,MAAM,MAAM,IAAI;AACnB,MAAI,CAAC,UAAU;AACb,WAAO,EAAE,UAAU,CAAC,GAAG,OAAO,CAAC,GAAG,SAAS,CAAC,EAAE;AAAA,EAChD;AAEA,QAAM,QAAQ,MAAM,kBAAkB,OAAO;AAC7C,QAAM,gBAAwC,CAAC;AAE/C,aAAW,CAAC,UAAU,OAAO,KAAK,OAAO,QAAQ,KAAK,GAAG;AACvD,QAAI,SAAS,WAAW,GAAG,gBAAgB,GAAG,EAAG;AACjD,QAAI,yBAAyB,QAAQ,EAAG;AACxC,QAAI,uBAAuB,QAAQ,EAAG;AACtC,kBAAc,QAAQ,IAAI,YAAY,OAAO;AAAA,EAC/C;AAEA,QAAM,WAAqB,CAAC;AAC5B,QAAM,QAAkB,CAAC;AACzB,QAAM,UAAoB,CAAC;AAE3B,aAAW,CAAC,UAAU,IAAI,KAAK,OAAO,QAAQ,aAAa,GAAG;AAC5D,UAAM,WAAW,SAAS,MAAM,QAAQ;AACxC,QAAI,CAAC,UAAU;AACb,YAAM,KAAK,QAAQ;AAAA,IACrB,WAAW,aAAa,MAAM;AAC5B,eAAS,KAAK,QAAQ;AAAA,IACxB;AAAA,EACF;AAEA,aAAW,YAAY,OAAO,KAAK,SAAS,KAAK,GAAG;AAClD,QAAI,yBAAyB,QAAQ,EAAG;AACxC,QAAI,uBAAuB,QAAQ,EAAG;AACtC,QAAI,CAAC,cAAc,QAAQ,GAAG;AAC5B,cAAQ,KAAK,QAAQ;AAAA,IACvB;AAAA,EACF;AAEA,SAAO,EAAE,UAAU,OAAO,QAAQ;AACpC;","names":["isAllowedGamePath","isLibraryPath"]}
|