@ekkos/cli 1.3.2 → 1.3.5

package/dist/synk/encryption.js

@@ -1,133 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.encodeBase64 = encodeBase64;
-exports.encodeBase64Url = encodeBase64Url;
-exports.decodeBase64 = decodeBase64;
-exports.getRandomBytes = getRandomBytes;
-exports.libsodiumPublicKeyFromSecretKey = libsodiumPublicKeyFromSecretKey;
-exports.libsodiumEncryptForPublicKey = libsodiumEncryptForPublicKey;
-exports.encryptLegacy = encryptLegacy;
-exports.decryptLegacy = decryptLegacy;
-exports.encryptWithDataKey = encryptWithDataKey;
-exports.decryptWithDataKey = decryptWithDataKey;
-exports.encrypt = encrypt;
-exports.decrypt = decrypt;
-exports.authChallenge = authChallenge;
-const node_crypto_1 = require("node:crypto");
-const tweetnacl_1 = __importDefault(require("tweetnacl"));
-function encodeBase64(buffer, variant = 'base64') {
-    if (variant === 'base64url') {
-        return encodeBase64Url(buffer);
-    }
-    return Buffer.from(buffer).toString('base64');
-}
-function encodeBase64Url(buffer) {
-    return Buffer.from(buffer)
-        .toString('base64')
-        .replace(/\+/g, '-')
-        .replace(/\//g, '_')
-        .replace(/=/g, '');
-}
-function decodeBase64(base64, variant = 'base64') {
-    if (variant === 'base64url') {
-        const base64Standard = base64
-            .replace(/-/g, '+')
-            .replace(/_/g, '/')
-            + '='.repeat((4 - base64.length % 4) % 4);
-        return new Uint8Array(Buffer.from(base64Standard, 'base64'));
-    }
-    return new Uint8Array(Buffer.from(base64, 'base64'));
-}
-function getRandomBytes(size) {
-    return new Uint8Array((0, node_crypto_1.randomBytes)(size));
-}
-function libsodiumPublicKeyFromSecretKey(seed) {
-    const hashedSeed = new Uint8Array((0, node_crypto_1.createHash)('sha512').update(seed).digest());
-    const secretKey = hashedSeed.slice(0, 32);
-    return new Uint8Array(tweetnacl_1.default.box.keyPair.fromSecretKey(secretKey).publicKey);
-}
-function libsodiumEncryptForPublicKey(data, recipientPublicKey) {
-    const ephemeralKeyPair = tweetnacl_1.default.box.keyPair();
-    const nonce = getRandomBytes(tweetnacl_1.default.box.nonceLength);
-    const encrypted = tweetnacl_1.default.box(data, nonce, recipientPublicKey, ephemeralKeyPair.secretKey);
-    const result = new Uint8Array(ephemeralKeyPair.publicKey.length + nonce.length + encrypted.length);
-    result.set(ephemeralKeyPair.publicKey, 0);
-    result.set(nonce, ephemeralKeyPair.publicKey.length);
-    result.set(encrypted, ephemeralKeyPair.publicKey.length + nonce.length);
-    return result;
-}
-function encryptLegacy(data, secret) {
-    const nonce = getRandomBytes(tweetnacl_1.default.secretbox.nonceLength);
-    const encrypted = tweetnacl_1.default.secretbox(new TextEncoder().encode(JSON.stringify(data)), nonce, secret);
-    const result = new Uint8Array(nonce.length + encrypted.length);
-    result.set(nonce);
-    result.set(encrypted, nonce.length);
-    return result;
-}
-function decryptLegacy(data, secret) {
-    const nonce = data.slice(0, tweetnacl_1.default.secretbox.nonceLength);
-    const encrypted = data.slice(tweetnacl_1.default.secretbox.nonceLength);
-    const decrypted = tweetnacl_1.default.secretbox.open(encrypted, nonce, secret);
-    if (!decrypted) {
-        return null;
-    }
-    return JSON.parse(new TextDecoder().decode(decrypted));
-}
-function encryptWithDataKey(data, dataKey) {
-    const nonce = getRandomBytes(12);
-    const cipher = (0, node_crypto_1.createCipheriv)('aes-256-gcm', dataKey, nonce);
-    const plaintext = new TextEncoder().encode(JSON.stringify(data));
-    const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
-    const authTag = cipher.getAuthTag();
-    const bundle = new Uint8Array(12 + encrypted.length + 16 + 1);
-    bundle.set([0], 0);
-    bundle.set(nonce, 1);
-    bundle.set(new Uint8Array(encrypted), 13);
-    bundle.set(new Uint8Array(authTag), 13 + encrypted.length);
-    return bundle;
-}
-function decryptWithDataKey(bundle, dataKey) {
-    if (bundle.length < 1)
-        return null;
-    if (bundle[0] !== 0)
-        return null;
-    if (bundle.length < 12 + 16 + 1)
-        return null;
-    const nonce = bundle.slice(1, 13);
-    const authTag = bundle.slice(bundle.length - 16);
-    const ciphertext = bundle.slice(13, bundle.length - 16);
-    try {
-        const decipher = (0, node_crypto_1.createDecipheriv)('aes-256-gcm', dataKey, nonce);
-        decipher.setAuthTag(authTag);
-        const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
-        return JSON.parse(new TextDecoder().decode(decrypted));
-    }
-    catch {
-        return null;
-    }
-}
-function encrypt(key, variant, data) {
-    if (variant === 'legacy') {
-        return encryptLegacy(data, key);
-    }
-    else {
-        return encryptWithDataKey(data, key);
-    }
-}
-function decrypt(key, variant, data) {
-    if (variant === 'legacy') {
-        return decryptLegacy(data, key);
-    }
-    else {
-        return decryptWithDataKey(data, key);
-    }
-}
-function authChallenge(secret) {
-    const keypair = tweetnacl_1.default.sign.keyPair.fromSeed(secret);
-    const challenge = getRandomBytes(32);
-    const signature = tweetnacl_1.default.sign.detached(challenge, keypair.secretKey);
-    return { challenge, publicKey: keypair.publicKey, signature };
-}

package/dist/synk/index.d.ts

@@ -1,13 +0,0 @@
-/**
- * ekkOS_synk — Remote session sync for Claude Code
- */
-export { synkConfig } from './config';
-export * from './encryption';
-export * from './auth';
-export * from './persistence';
-export * from './types';
-export { displayQRCode } from './qr';
-export { ApiClient } from './api';
-export { SessionClient } from './session-client';
-export { MachineClient } from './machine-client';
-export { SynkSessionBridge } from './session-bridge';

package/dist/synk/index.js

@@ -1,36 +0,0 @@
-"use strict";
-/**
- * ekkOS_synk — Remote session sync for Claude Code
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SynkSessionBridge = exports.MachineClient = exports.SessionClient = exports.ApiClient = exports.displayQRCode = exports.synkConfig = void 0;
-var config_1 = require("./config");
-Object.defineProperty(exports, "synkConfig", { enumerable: true, get: function () { return config_1.synkConfig; } });
-__exportStar(require("./encryption"), exports);
-__exportStar(require("./auth"), exports);
-__exportStar(require("./persistence"), exports);
-__exportStar(require("./types"), exports);
-var qr_1 = require("./qr");
-Object.defineProperty(exports, "displayQRCode", { enumerable: true, get: function () { return qr_1.displayQRCode; } });
-var api_1 = require("./api");
-Object.defineProperty(exports, "ApiClient", { enumerable: true, get: function () { return api_1.ApiClient; } });
-var session_client_1 = require("./session-client");
-Object.defineProperty(exports, "SessionClient", { enumerable: true, get: function () { return session_client_1.SessionClient; } });
-var machine_client_1 = require("./machine-client");
-Object.defineProperty(exports, "MachineClient", { enumerable: true, get: function () { return machine_client_1.MachineClient; } });
-var session_bridge_1 = require("./session-bridge");
-Object.defineProperty(exports, "SynkSessionBridge", { enumerable: true, get: function () { return session_bridge_1.SynkSessionBridge; } });

package/dist/synk/machine-client.d.ts

@@ -1,42 +0,0 @@
-/**
- * WebSocket client for machine/daemon communication with synk-server
- * Manages keep-alive heartbeat, daemon state updates, and RPC handler registration
- *
- * This is SEPARATE from SessionClient — SessionClient is per-session, MachineClient is per-daemon.
- */
-import type { MachineMetadata, DaemonState, Machine } from './types';
-export interface SpawnSessionOptions {
-    machineId?: string;
-    directory: string;
-    sessionId?: string;
-    environmentVariables?: Record<string, string>;
-}
-export type SpawnSessionResult = {
-    type: 'success';
-    sessionId: string;
-} | {
-    type: 'error';
-    errorMessage: string;
-};
-interface MachineRpcHandlers {
-    spawnSession: (options: SpawnSessionOptions) => Promise<SpawnSessionResult>;
-    stopSession: (sessionId: string) => boolean;
-    requestShutdown: () => void;
-}
-export declare class MachineClient {
-    private readonly token;
-    private readonly machine;
-    private socket;
-    private keepAliveInterval;
-    private rpcHandlerManager;
-    private log;
-    constructor(token: string, machine: Machine, logger?: (msg: string, ...args: any[]) => void);
-    setRPCHandlers({ spawnSession, stopSession, requestShutdown }: MachineRpcHandlers): void;
-    updateMachineMetadata(handler: (metadata: MachineMetadata | null) => MachineMetadata): Promise<void>;
-    updateDaemonState(handler: (state: DaemonState | null) => DaemonState): Promise<void>;
-    connect(): void;
-    private startKeepAlive;
-    private stopKeepAlive;
-    shutdown(): void;
-}
-export {};

package/dist/synk/machine-client.js

@@ -1,218 +0,0 @@
-"use strict";
-/**
- * WebSocket client for machine/daemon communication with synk-server
- * Manages keep-alive heartbeat, daemon state updates, and RPC handler registration
- *
- * This is SEPARATE from SessionClient — SessionClient is per-session, MachineClient is per-daemon.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MachineClient = void 0;
-const socket_io_client_1 = require("socket.io-client");
-const config_1 = require("./config");
-const encryption_1 = require("./encryption");
-class RpcHandlerManager {
-    constructor(scopePrefix, encryptionKey, encryptionVariant, log) {
-        this.scopePrefix = scopePrefix;
-        this.encryptionKey = encryptionKey;
-        this.encryptionVariant = encryptionVariant;
-        this.log = log;
-        this.handlers = new Map();
-        this.socket = null;
-    }
-    registerHandler(method, handler) {
-        const prefixed = `${this.scopePrefix}:${method}`;
-        this.handlers.set(prefixed, handler);
-        if (this.socket) {
-            this.socket.emit('rpc-register', { method: prefixed });
-        }
-    }
-    async handleRequest(request) {
-        try {
-            const handler = this.handlers.get(request.method);
-            if (!handler) {
-                this.log('[RPC] Method not found:', request.method);
-                return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, { error: 'Method not found' }));
-            }
-            const params = (0, encryption_1.decrypt)(this.encryptionKey, this.encryptionVariant, (0, encryption_1.decodeBase64)(request.params));
-            this.log('[RPC] Calling handler:', request.method);
-            const result = await handler(params);
-            return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, result));
-        }
-        catch (error) {
-            this.log('[RPC] Error:', error);
-            return (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.encryptionKey, this.encryptionVariant, {
-                error: error instanceof Error ? error.message : 'Unknown error',
-            }));
-        }
-    }
-    onSocketConnect(socket) {
-        this.socket = socket;
-        for (const [method] of this.handlers) {
-            socket.emit('rpc-register', { method });
-        }
-    }
-    onSocketDisconnect() {
-        this.socket = null;
-    }
-}
-// --- MachineClient ---
-class MachineClient {
-    constructor(token, machine, logger) {
-        this.token = token;
-        this.machine = machine;
-        this.keepAliveInterval = null;
-        this.log = logger || ((...args) => console.log('[MACHINE]', ...args));
-        this.rpcHandlerManager = new RpcHandlerManager(this.machine.id, this.machine.encryptionKey, this.machine.encryptionVariant, this.log);
-    }
-    setRPCHandlers({ spawnSession, stopSession, requestShutdown }) {
-        this.rpcHandlerManager.registerHandler('spawn-synk-session', async (params) => {
-            const { directory, sessionId, machineId, environmentVariables } = params || {};
-            this.log('Spawning session:', JSON.stringify(params));
-            if (!directory) {
-                throw new Error('Directory is required');
-            }
-            const result = await spawnSession({ directory, sessionId, machineId, environmentVariables });
-            switch (result.type) {
-                case 'success':
-                    this.log('Spawned session:', result.sessionId);
-                    return { type: 'success', sessionId: result.sessionId };
-                case 'error':
-                    throw new Error(result.errorMessage);
-            }
-        });
-        this.rpcHandlerManager.registerHandler('stop-session', (params) => {
-            const { sessionId } = params || {};
-            if (!sessionId)
-                throw new Error('Session ID is required');
-            const success = stopSession(sessionId);
-            if (!success)
-                throw new Error('Session not found or failed to stop');
-            this.log('Stopped session:', sessionId);
-            return { message: 'Session stopped' };
-        });
-        this.rpcHandlerManager.registerHandler('stop-daemon', () => {
-            this.log('Received stop-daemon RPC');
-            setTimeout(() => requestShutdown(), 100);
-            return { message: 'Daemon shutdown initiated' };
-        });
-    }
-    async updateMachineMetadata(handler) {
-        const maxRetries = 3;
-        for (let attempt = 0; attempt < maxRetries; attempt++) {
-            const updated = handler(this.machine.metadata);
-            const answer = await this.socket.emitWithAck('machine-update-metadata', {
-                machineId: this.machine.id,
-                metadata: (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, updated)),
-                expectedVersion: this.machine.metadataVersion,
-            });
-            if (answer.result === 'success') {
-                this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.metadata));
-                this.machine.metadataVersion = answer.version;
-                return;
-            }
-            if (answer.result === 'version-mismatch' && answer.version > this.machine.metadataVersion) {
-                this.machine.metadataVersion = answer.version;
-                this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.metadata));
-            }
-            if (attempt < maxRetries - 1) {
-                await new Promise(r => setTimeout(r, 1000 * (attempt + 1)));
-            }
-        }
-    }
-    async updateDaemonState(handler) {
-        const maxRetries = 3;
-        for (let attempt = 0; attempt < maxRetries; attempt++) {
-            const updated = handler(this.machine.daemonState);
-            const answer = await this.socket.emitWithAck('machine-update-state', {
-                machineId: this.machine.id,
-                daemonState: (0, encryption_1.encodeBase64)((0, encryption_1.encrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, updated)),
-                expectedVersion: this.machine.daemonStateVersion,
-            });
-            if (answer.result === 'success') {
-                this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.daemonState));
-                this.machine.daemonStateVersion = answer.version;
-                return;
-            }
-            if (answer.result === 'version-mismatch' && answer.version > this.machine.daemonStateVersion) {
-                this.machine.daemonStateVersion = answer.version;
-                this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(answer.daemonState));
-            }
-            if (attempt < maxRetries - 1) {
-                await new Promise(r => setTimeout(r, 1000 * (attempt + 1)));
-            }
-        }
-    }
-    connect() {
-        this.log('Connecting to', config_1.synkConfig.serverUrl);
-        this.socket = (0, socket_io_client_1.io)(config_1.synkConfig.serverUrl, {
-            transports: ['websocket'],
-            auth: {
-                token: this.token,
-                clientType: 'machine-scoped',
-                machineId: this.machine.id,
-            },
-            path: '/v1/updates',
-            reconnection: true,
-            reconnectionDelay: 1000,
-            reconnectionDelayMax: 5000,
-        });
-        this.socket.on('connect', () => {
-            this.log('Connected to synk-server');
-            this.updateDaemonState((state) => ({
-                ...state,
-                status: 'running',
-                pid: process.pid,
-                httpPort: this.machine.daemonState?.httpPort,
-                startedAt: Date.now(),
-            })).catch(err => this.log('Failed to update daemon state:', err));
-            this.rpcHandlerManager.onSocketConnect(this.socket);
-            this.startKeepAlive();
-        });
-        this.socket.on('disconnect', () => {
-            this.log('Disconnected from synk-server');
-            this.rpcHandlerManager.onSocketDisconnect();
-            this.stopKeepAlive();
-        });
-        this.socket.on('rpc-request', async (data, callback) => {
-            callback(await this.rpcHandlerManager.handleRequest(data));
-        });
-        this.socket.on('update', (data) => {
-            if (data.body?.t === 'update-machine' && data.body.machineId === this.machine.id) {
-                if (data.body.metadata) {
-                    this.machine.metadata = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(data.body.metadata.value));
-                    this.machine.metadataVersion = data.body.metadata.version;
-                }
-                if (data.body.daemonState) {
-                    this.machine.daemonState = (0, encryption_1.decrypt)(this.machine.encryptionKey, this.machine.encryptionVariant, (0, encryption_1.decodeBase64)(data.body.daemonState.value));
-                    this.machine.daemonStateVersion = data.body.daemonState.version;
-                }
-            }
-        });
-        this.socket.on('connect_error', (error) => {
-            this.log('Connection error:', error.message);
-        });
-    }
-    startKeepAlive() {
-        this.stopKeepAlive();
-        this.keepAliveInterval = setInterval(() => {
-            this.socket.emit('machine-alive', {
-                machineId: this.machine.id,
-                time: Date.now(),
-            });
-        }, 20000);
-    }
-    stopKeepAlive() {
-        if (this.keepAliveInterval) {
-            clearInterval(this.keepAliveInterval);
-            this.keepAliveInterval = null;
-        }
-    }
-    shutdown() {
-        this.log('Shutting down');
-        this.stopKeepAlive();
-        if (this.socket) {
-            this.socket.close();
-        }
-    }
-}
-exports.MachineClient = MachineClient;

package/dist/synk/persistence.d.ts

@@ -1,51 +0,0 @@
-/**
- * Persistence for ekkOS_synk — credentials, settings, daemon state
- */
-import { FileHandle } from 'node:fs/promises';
-/** Daemon state persisted locally */
-export interface DaemonLocallyPersistedState {
-    pid: number;
-    httpPort: number;
-    startTime: string;
-    startedWithCliVersion: string;
-    lastHeartbeat?: string;
-    daemonLogPath?: string;
-}
-interface Settings {
-    schemaVersion: number;
-    onboardingCompleted: boolean;
-    machineId?: string;
-    machineIdConfirmedByServer?: boolean;
-    daemonAutoStart?: boolean;
-}
-export type Credentials = {
-    token: string;
-    encryption: {
-        type: 'legacy';
-        secret: Uint8Array;
-    } | {
-        type: 'dataKey';
-        publicKey: Uint8Array;
-        machineKey: Uint8Array;
-    };
-};
-export declare function readCredentials(): Promise<Credentials | null>;
-export declare function writeCredentialsLegacy(credentials: {
-    secret: Uint8Array;
-    token: string;
-}): Promise<void>;
-export declare function writeCredentialsDataKey(credentials: {
-    publicKey: Uint8Array;
-    machineKey: Uint8Array;
-    token: string;
-}): Promise<void>;
-export declare function clearCredentials(): Promise<void>;
-export declare function readSettings(): Promise<Settings>;
-export declare function writeSettings(settings: Settings): Promise<void>;
-export declare function updateSettings(updater: (current: Settings) => Settings | Promise<Settings>): Promise<Settings>;
-export declare function readDaemonState(): Promise<DaemonLocallyPersistedState | null>;
-export declare function writeDaemonState(state: DaemonLocallyPersistedState): void;
-export declare function clearDaemonState(): Promise<void>;
-export declare function acquireDaemonLock(maxAttempts?: number, delayIncrementMs?: number): Promise<FileHandle | null>;
-export declare function releaseDaemonLock(lockHandle: FileHandle): Promise<void>;
-export {};