@ekkos/cli 1.3.1 → 1.3.2

package/dist/synk/machine-client.js

@@ -0,0 +1,218 @@
+"use strict";
+/**
+ * WebSocket client for machine/daemon communication with synk-server
+ * Manages keep-alive heartbeat, daemon state updates, and RPC handler registration
+ *
+ * This is SEPARATE from SessionClient — SessionClient is per-session, MachineClient is per-daemon.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MachineClient = void 0;
+const socket_io_client_1 = require("socket.io-client");
+const config_1 = require("./config");
+const encryption_1 = require("./encryption");
+class RpcHandlerManager {
+    constructor(scopePrefix, encryptionKey, encryptionVariant, log) {
+        this.scopePrefix = scopePrefix;
+        this.encryptionKey = encryptionKey;
+        this.encryptionVariant = encryptionVariant;
+        this.log = log;
+        this.handlers = new Map();
+        this.socket = null;
+    }
+    registerHandler(method, handler) {
+        const prefixed = `${this.scopePrefix}:${method}`;
+        this.handlers.set(prefixed, handler);
+        if (this.socket) {
+            this.socket.emit('rpc-register', { method: prefixed });
+        }
+    }
+    async handleRequest(request) {
+        try {
+            const handler = this.handlers.get(request.method);
+            if (!handler) {
+                this.log('[RPC] Method not found:', request.method);
+                return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, { error: 'Method not found' }));
+            }
+            const params = (0, encryption_1.decrypt)(this.encryptionKey, this.encryptionVariant, (0, encryption_1.decodeBase64)(request.params));
+            this.log('[RPC] Calling handler:', request.method);
+            const result = await handler(params);
+            return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, result));
+        }
+        catch (error) {
+            this.log('[RPC] Error:', error);
+            return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, {
+                error: error instanceof Error ? error.message : 'Unknown error',
+            }));
+        }
+    }
+    onSocketConnect(socket) {
+        this.socket = socket;
+        for (const [method] of this.handlers) {
+            socket.emit('rpc-register', { method });
+        }
+    }
+    onSocketDisconnect() {
+        this.socket = null;
+    }
+}
+// --- MachineClient ---
+class MachineClient {
+    constructor(token, machine, logger) {
+        this.token = token;
+        this.machine = machine;
+        this.keepAliveInterval = null;
+        this.log = logger || ((...args) => console.log('[MACHINE]', ...args));
+        this.rpcHandlerManager = new RpcHandlerManager(this.machine.id, this.machine.encryptionKey, this.machine.encryptionVariant, this.log);
+    }
+    setRPCHandlers({ spawnSession, stopSession, requestShutdown }) {
+        this.rpcHandlerManager.registerHandler('spawn-synk-session', async (params) => {
+            const { directory, sessionId, machineId, environmentVariables } = params || {};
+            this.log('Spawning session:', JSON.stringify(params));
+            if (!directory) {
+                throw new Error('Directory is required');
+            }
+            const result = await spawnSession({ directory, sessionId, machineId, environmentVariables });
+            switch (result.type) {
+                case 'success':
+                    this.log('Spawned session:', result.sessionId);
+                    return { type: 'success', sessionId: result.sessionId };
+                case 'error':
+                    throw new Error(result.errorMessage);
+            }
+        });
+        this.rpcHandlerManager.registerHandler('stop-session', (params) => {
+            const { sessionId } = params || {};
+            if (!sessionId)
+                throw new Error('Session ID is required');
+            const success = stopSession(sessionId);
+            if (!success)
+                throw new Error('Session not found or failed to stop');
+            this.log('Stopped session:', sessionId);
+            return { message: 'Session stopped' };
+        });
+        this.rpcHandlerManager.registerHandler('stop-daemon', () => {
+            this.log('Received stop-daemon RPC');
+            setTimeout(() => requestShutdown(), 100);
+            return { message: 'Daemon shutdown initiated' };
+        });
+    }
+    async updateMachineMetadata(handler) {
+        const maxRetries = 3;
+        for (let attempt = 0; attempt < maxRetries; attempt++) {
+            const updated = handler(this.machine.metadata);
+            const answer = await this.socket.emitWithAck('machine-update-metadata', {
+                machineId: this.machine.id,
+                metadata: (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, updated)),
+                expectedVersion: this.machine.metadataVersion,
+            });
+            if (answer.result === 'success') {
+                this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.metadata));
+                this.machine.metadataVersion = answer.version;
+                return;
+            }
+            if (answer.result === 'version-mismatch' && answer.version > this.machine.metadataVersion) {
+                this.machine.metadataVersion = answer.version;
+                this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.metadata));
+            }
+            if (attempt < maxRetries - 1) {
+                await new Promise(r => setTimeout(r, 1000 * (attempt + 1)));
+            }
+        }
+    }
+    async updateDaemonState(handler) {
+        const maxRetries = 3;
+        for (let attempt = 0; attempt < maxRetries; attempt++) {
+            const updated = handler(this.machine.daemonState);
+            const answer = await this.socket.emitWithAck('machine-update-state', {
+                machineId: this.machine.id,
+                daemonState: (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, updated)),
+                expectedVersion: this.machine.daemonStateVersion,
+            });
+            if (answer.result === 'success') {
+                this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.daemonState));
+                this.machine.daemonStateVersion = answer.version;
+                return;
+            }
+            if (answer.result === 'version-mismatch' && answer.version > this.machine.daemonStateVersion) {
+                this.machine.daemonStateVersion = answer.version;
+                this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.daemonState));
+            }
+            if (attempt < maxRetries - 1) {
+                await new Promise(r => setTimeout(r, 1000 * (attempt + 1)));
+            }
+        }
+    }
+    connect() {
+        this.log('Connecting to', config_1.synkConfig.serverUrl);
+        this.socket = (0, socket_io_client_1.io)(config_1.synkConfig.serverUrl, {
+            transports: ['websocket'],
+            auth: {
+                token: this.token,
+                clientType: 'machine-scoped',
+                machineId: this.machine.id,
+            },
+            path: '/v1/updates',
+            reconnection: true,
+            reconnectionDelay: 1000,
+            reconnectionDelayMax: 5000,
+        });
+        this.socket.on('connect', () => {
+            this.log('Connected to synk-server');
+            this.updateDaemonState((state) => ({
+                ...state,
+                status: 'running',
+                pid: process.pid,
+                httpPort: this.machine.daemonState?.httpPort,
+                startedAt: Date.now(),
+            })).catch(err => this.log('Failed to update daemon state:', err));
+            this.rpcHandlerManager.onSocketConnect(this.socket);
+            this.startKeepAlive();
+        });
+        this.socket.on('disconnect', () => {
+            this.log('Disconnected from synk-server');
+            this.rpcHandlerManager.onSocketDisconnect();
+            this.stopKeepAlive();
+        });
+        this.socket.on('rpc-request', async (data, callback) => {
+            callback(await this.rpcHandlerManager.handleRequest(data));
+        });
+        this.socket.on('update', (data) => {
+            if (data.body?.t === 'update-machine' && data.body.machineId === this.machine.id) {
+                if (data.body.metadata) {
+                    this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(data.body.metadata.value));
+                    this.machine.metadataVersion = data.body.metadata.version;
+                }
+                if (data.body.daemonState) {
+                    this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(data.body.daemonState.value));
+                    this.machine.daemonStateVersion = data.body.daemonState.version;
+                }
+            }
+        });
+        this.socket.on('connect_error', (error) => {
+            this.log('Connection error:', error.message);
+        });
+    }
+    startKeepAlive() {
+        this.stopKeepAlive();
+        this.keepAliveInterval = setInterval(() => {
+            this.socket.emit('machine-alive', {
+                machineId: this.machine.id,
+                time: Date.now(),
+            });
+        }, 20000);
+    }
+    stopKeepAlive() {
+        if (this.keepAliveInterval) {
+            clearInterval(this.keepAliveInterval);
+            this.keepAliveInterval = null;
+        }
+    }
+    shutdown() {
+        this.log('Shutting down');
+        this.stopKeepAlive();
+        if (this.socket) {
+            this.socket.close();
+        }
+    }
+}
+exports.MachineClient = MachineClient;

package/dist/synk/persistence.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Persistence for ekkOS_synk — credentials, settings, daemon state
+ */
+import { FileHandle } from 'node:fs/promises';
+/** Daemon state persisted locally */
+export interface DaemonLocallyPersistedState {
+    pid: number;
+    httpPort: number;
+    startTime: string;
+    startedWithCliVersion: string;
+    lastHeartbeat?: string;
+    daemonLogPath?: string;
+}
+interface Settings {
+    schemaVersion: number;
+    onboardingCompleted: boolean;
+    machineId?: string;
+    machineIdConfirmedByServer?: boolean;
+    daemonAutoStart?: boolean;
+}
+export type Credentials = {
+    token: string;
+    encryption: {
+        type: 'legacy';
+        secret: Uint8Array;
+    } | {
+        type: 'dataKey';
+        publicKey: Uint8Array;
+        machineKey: Uint8Array;
+    };
+};
+export declare function readCredentials(): Promise<Credentials | null>;
+export declare function writeCredentialsLegacy(credentials: {
+    secret: Uint8Array;
+    token: string;
+}): Promise<void>;
+export declare function writeCredentialsDataKey(credentials: {
+    publicKey: Uint8Array;
+    machineKey: Uint8Array;
+    token: string;
+}): Promise<void>;
+export declare function clearCredentials(): Promise<void>;
+export declare function readSettings(): Promise<Settings>;
+export declare function writeSettings(settings: Settings): Promise<void>;
+export declare function updateSettings(updater: (current: Settings) => Settings | Promise<Settings>): Promise<Settings>;
+export declare function readDaemonState(): Promise<DaemonLocallyPersistedState | null>;
+export declare function writeDaemonState(state: DaemonLocallyPersistedState): void;
+export declare function clearDaemonState(): Promise<void>;
+export declare function acquireDaemonLock(maxAttempts?: number, delayIncrementMs?: number): Promise<FileHandle | null>;
+export declare function releaseDaemonLock(lockHandle: FileHandle): Promise<void>;
+export {};

package/dist/synk/persistence.js

@@ -0,0 +1,211 @@
+"use strict";
+/**
+ * Persistence for ekkOS_synk — credentials, settings, daemon state
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readCredentials = readCredentials;
+exports.writeCredentialsLegacy = writeCredentialsLegacy;
+exports.writeCredentialsDataKey = writeCredentialsDataKey;
+exports.clearCredentials = clearCredentials;
+exports.readSettings = readSettings;
+exports.writeSettings = writeSettings;
+exports.updateSettings = updateSettings;
+exports.readDaemonState = readDaemonState;
+exports.writeDaemonState = writeDaemonState;
+exports.clearDaemonState = clearDaemonState;
+exports.acquireDaemonLock = acquireDaemonLock;
+exports.releaseDaemonLock = releaseDaemonLock;
+const promises_1 = require("node:fs/promises");
+const node_fs_1 = require("node:fs");
+const node_fs_2 = require("node:fs");
+const zod_1 = require("zod");
+const config_1 = require("./config");
+const encryption_1 = require("./encryption");
+const defaultSettings = {
+    schemaVersion: 1,
+    onboardingCompleted: false,
+};
+// Credentials
+const credentialsSchema = zod_1.z.object({
+    token: zod_1.z.string(),
+    secret: zod_1.z.string().base64().nullish(),
+    encryption: zod_1.z.object({
+        publicKey: zod_1.z.string().base64(),
+        machineKey: zod_1.z.string().base64(),
+    }).nullish(),
+});
+async function readCredentials() {
+    if (!(0, node_fs_1.existsSync)(config_1.synkConfig.credentialsFile))
+        return null;
+    try {
+        const raw = JSON.parse(await (0, promises_1.readFile)(config_1.synkConfig.credentialsFile, 'utf8'));
+        const credentials = credentialsSchema.parse(raw);
+        if (credentials.secret) {
+            return {
+                token: credentials.token,
+                encryption: { type: 'legacy', secret: new Uint8Array(Buffer.from(credentials.secret, 'base64')) },
+            };
+        }
+        else if (credentials.encryption) {
+            return {
+                token: credentials.token,
+                encryption: {
+                    type: 'dataKey',
+                    publicKey: new Uint8Array(Buffer.from(credentials.encryption.publicKey, 'base64')),
+                    machineKey: new Uint8Array(Buffer.from(credentials.encryption.machineKey, 'base64')),
+                },
+            };
+        }
+    }
+    catch {
+        return null;
+    }
+    return null;
+}
+async function writeCredentialsLegacy(credentials) {
+    config_1.synkConfig.ensureDirectories();
+    await (0, promises_1.writeFile)(config_1.synkConfig.credentialsFile, JSON.stringify({
+        secret: (0, encryption_1.encodeBase64)(credentials.secret),
+        token: credentials.token,
+    }, null, 2));
+}
+async function writeCredentialsDataKey(credentials) {
+    config_1.synkConfig.ensureDirectories();
+    await (0, promises_1.writeFile)(config_1.synkConfig.credentialsFile, JSON.stringify({
+        encryption: {
+            publicKey: (0, encryption_1.encodeBase64)(credentials.publicKey),
+            machineKey: (0, encryption_1.encodeBase64)(credentials.machineKey),
+        },
+        token: credentials.token,
+    }, null, 2));
+}
+async function clearCredentials() {
+    if ((0, node_fs_1.existsSync)(config_1.synkConfig.credentialsFile)) {
+        await (0, promises_1.unlink)(config_1.synkConfig.credentialsFile);
+    }
+}
+// Settings
+async function readSettings() {
+    if (!(0, node_fs_1.existsSync)(config_1.synkConfig.settingsFile))
+        return { ...defaultSettings };
+    try {
+        const raw = JSON.parse(await (0, promises_1.readFile)(config_1.synkConfig.settingsFile, 'utf8'));
+        return { ...defaultSettings, ...raw };
+    }
+    catch {
+        return { ...defaultSettings };
+    }
+}
+async function writeSettings(settings) {
+    config_1.synkConfig.ensureDirectories();
+    await (0, promises_1.writeFile)(config_1.synkConfig.settingsFile, JSON.stringify(settings, null, 2));
+}
+async function updateSettings(updater) {
+    const lockFile = config_1.synkConfig.settingsFile + '.lock';
+    const tmpFile = config_1.synkConfig.settingsFile + '.tmp';
+    let fileHandle;
+    let attempts = 0;
+    while (attempts < 50) {
+        try {
+            fileHandle = await (0, promises_1.open)(lockFile, node_fs_2.constants.O_CREAT | node_fs_2.constants.O_EXCL | node_fs_2.constants.O_WRONLY);
+            break;
+        }
+        catch (err) {
+            if (err.code === 'EEXIST') {
+                attempts++;
+                await new Promise(resolve => setTimeout(resolve, 100));
+                try {
+                    const stats = await (0, promises_1.stat)(lockFile);
+                    if (Date.now() - stats.mtimeMs > 10000) {
+                        await (0, promises_1.unlink)(lockFile).catch(() => { });
+                    }
+                }
+                catch { }
+            }
+            else {
+                throw err;
+            }
+        }
+    }
+    if (!fileHandle) {
+        throw new Error('Failed to acquire settings lock after 5 seconds');
+    }
+    try {
+        const current = await readSettings();
+        const updated = await updater(current);
+        config_1.synkConfig.ensureDirectories();
+        await (0, promises_1.writeFile)(tmpFile, JSON.stringify(updated, null, 2));
+        await (0, promises_1.rename)(tmpFile, config_1.synkConfig.settingsFile);
+        return updated;
+    }
+    finally {
+        await fileHandle.close();
+        await (0, promises_1.unlink)(lockFile).catch(() => { });
+    }
+}
+// Daemon state
+async function readDaemonState() {
+    try {
+        if (!(0, node_fs_1.existsSync)(config_1.synkConfig.daemonStateFile))
+            return null;
+        return JSON.parse(await (0, promises_1.readFile)(config_1.synkConfig.daemonStateFile, 'utf-8'));
+    }
+    catch {
+        return null;
+    }
+}
+function writeDaemonState(state) {
+    (0, node_fs_1.writeFileSync)(config_1.synkConfig.daemonStateFile, JSON.stringify(state, null, 2), 'utf-8');
+}
+async function clearDaemonState() {
+    if ((0, node_fs_1.existsSync)(config_1.synkConfig.daemonStateFile)) {
+        await (0, promises_1.unlink)(config_1.synkConfig.daemonStateFile);
+    }
+    if ((0, node_fs_1.existsSync)(config_1.synkConfig.daemonLockFile)) {
+        try {
+            await (0, promises_1.unlink)(config_1.synkConfig.daemonLockFile);
+        }
+        catch { }
+    }
+}
+async function acquireDaemonLock(maxAttempts = 5, delayIncrementMs = 200) {
+    for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+        try {
+            const fileHandle = await (0, promises_1.open)(config_1.synkConfig.daemonLockFile, node_fs_2.constants.O_CREAT | node_fs_2.constants.O_EXCL | node_fs_2.constants.O_WRONLY);
+            await fileHandle.writeFile(String(process.pid));
+            return fileHandle;
+        }
+        catch (error) {
+            if (error.code === 'EEXIST') {
+                try {
+                    const lockPid = (0, node_fs_1.readFileSync)(config_1.synkConfig.daemonLockFile, 'utf-8').trim();
+                    if (lockPid && !isNaN(Number(lockPid))) {
+                        try {
+                            process.kill(Number(lockPid), 0);
+                        }
+                        catch {
+                            (0, node_fs_1.unlinkSync)(config_1.synkConfig.daemonLockFile);
+                            continue;
+                        }
+                    }
+                }
+                catch { }
+            }
+            if (attempt === maxAttempts)
+                return null;
+            await new Promise(resolve => setTimeout(resolve, attempt * delayIncrementMs));
+        }
+    }
+    return null;
+}
+async function releaseDaemonLock(lockHandle) {
+    try {
+        await lockHandle.close();
+    }
+    catch { }
+    try {
+        if ((0, node_fs_1.existsSync)(config_1.synkConfig.daemonLockFile))
+            (0, node_fs_1.unlinkSync)(config_1.synkConfig.daemonLockFile);
+    }
+    catch { }
+}

package/dist/synk/qr.d.ts

@@ -0,0 +1,5 @@
+/**
+ * QR code display for ekkOS_synk mobile pairing
+ */
+/** Display a QR code in the terminal for mobile device pairing */
+export declare function displayQRCode(url: string): void;

package/dist/synk/qr.js

@@ -0,0 +1,33 @@
+"use strict";
+/**
+ * QR code display for ekkOS_synk mobile pairing
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.displayQRCode = displayQRCode;
+const chalk_1 = __importDefault(require("chalk"));
+/** Display a QR code in the terminal for mobile device pairing */
+function displayQRCode(url) {
+    let qrcode;
+    try {
+        qrcode = require('qrcode-terminal');
+    }
+    catch {
+        console.log(chalk_1.default.yellow('  qrcode-terminal not installed. Install it for QR code display.'));
+        console.log(chalk_1.default.gray(`  Pairing URL: ${url}`));
+        return;
+    }
+    console.log('');
+    console.log(chalk_1.default.cyan('═'.repeat(60)));
+    console.log(chalk_1.default.cyan.bold('  ekkOS_synk') + chalk_1.default.gray(' — Scan to pair your mobile device'));
+    console.log(chalk_1.default.cyan('═'.repeat(60)));
+    qrcode.generate(url, { small: true }, (qr) => {
+        for (const line of qr.split('\n')) {
+            console.log(' '.repeat(8) + line);
+        }
+    });
+    console.log(chalk_1.default.cyan('═'.repeat(60)));
+    console.log('');
+}

package/dist/synk/session-bridge.d.ts

@@ -0,0 +1,58 @@
+/**
+ * SynkSessionBridge — links `ekkos run` to synk real-time sync
+ *
+ * Lifecycle:
+ *   create()              → reads creds, returns null if synk disabled
+ *   onSessionEstablished  → creates synk session + WS client
+ *   onAgentOutput         → batched forwarding of PTY output
+ *   onIdleChange          → keepalive / thinking state
+ *   onTurnEnd             → flush output buffer
+ *   shutdown              → graceful close
+ */
+import { EventEmitter } from 'node:events';
+export interface SynkBridgeOptions {
+    cwd: string;
+    verbose?: boolean;
+}
+export declare class SynkSessionBridge extends EventEmitter {
+    private readonly credential;
+    private readonly apiClient;
+    private readonly cwd;
+    private readonly verbose;
+    private sessionClient;
+    private synkSession;
+    private outputBuffer;
+    private flushTimer;
+    private established;
+    private closed;
+    private constructor();
+    /**
+     * Factory — returns null when synk is not configured (zero-cost path).
+     */
+    static create(opts: SynkBridgeOptions): Promise<SynkSessionBridge | null>;
+    /**
+     * Called once after Claude Code's session name is detected from the status line.
+     * Creates the synk session via REST, then opens a SessionClient WebSocket.
+     */
+    onSessionEstablished(sessionName: string, sessionId: string, extra?: {
+        hostPid?: number;
+    }): Promise<void>;
+    /**
+     * Called on every PTY data chunk. Buffers and flushes every 200ms.
+     */
+    onAgentOutput(data: string): void;
+    /**
+     * Called when Claude transitions between idle <-> active.
+     */
+    onIdleChange(idle: boolean): void;
+    /**
+     * Called at turn boundaries — flush any pending output immediately.
+     */
+    onTurnEnd(): void;
+    /**
+     * Graceful shutdown — send death event, flush, close socket.
+     */
+    shutdown(): Promise<void>;
+    private flushOutputBuffer;
+    private log;
+}