@enactprotocol/shared 1.0.12

package/src/core/index.ts

@@ -0,0 +1,3 @@
+export * from './EnactCore';
+export * from './DirectExecutionProvider';
+export * from './DaggerExecutionProvider';

package/src/exec/index.ts

@@ -0,0 +1,3 @@
+export { default } from './logger';
+export { default as logger } from './logger';
+export * from './validate';

package/src/exec/logger.ts

@@ -0,0 +1,63 @@
+import pino from "pino";
+
+// Determine if the environment is silent (e.g., CI, testing, or specific env var)
+const isSilentMode =
+	() =>
+		process.env.CI === "true" ||
+		process.env.NODE_ENV === "test" ||
+		process.env.ENACT_SILENT === "true" ||
+		process.env.ENACT_SKIP_INTERACTIVE === "true";
+
+// Base logger configuration
+const logger = pino({
+	level: process.env.LOG_LEVEL || "info",
+	// In tests, we don't want the pretty transport, as it adds noise.
+	// The output is captured anyway.
+	...(process.env.NODE_ENV !== "test" && {
+		transport: {
+			target: "pino-pretty",
+			options: {
+				colorize: true,
+				ignore: "pid,hostname",
+				translateTime: "SYS:standard",
+			},
+		},
+	}),
+});
+
+// Wrapper to dynamically check silent mode on each call
+const wrappedLogger = {
+	info: (...args: Parameters<typeof logger.info>) => {
+		if (!isSilentMode()) {
+			logger.info(...args);
+		}
+	},
+	warn: (...args: Parameters<typeof logger.warn>) => {
+		if (!isSilentMode()) {
+			logger.warn(...args);
+		}
+	},
+	error: (...args: Parameters<typeof logger.error>) => {
+		// The silent tests expect errors to be silent too.
+		if (!isSilentMode()) {
+			logger.error(...args);
+		}
+	},
+	debug: (...args: Parameters<typeof logger.debug>) => {
+		if (!isSilentMode() && (process.env.DEBUG || process.env.VERBOSE)) {
+			logger.debug(...args);
+		}
+	},
+	// Expose a way to check if client logging is enabled (for MCP)
+	clientLoggingEnabled: () => !process.env.ENACT_MCP_CLIENT,
+	isLevelEnabled: (level: string) => {
+		if (isSilentMode()) {
+			return false;
+		}
+		return logger.isLevelEnabled(level);
+	},
+	// Keep original pino instance available if needed
+	pino: logger,
+};
+
+export default wrappedLogger;

package/src/exec/validate.ts

@@ -0,0 +1,238 @@
+// src/exec/validate.ts - Simplified validation module for CLI core
+import type { EnactTool, JSONSchemaDefinition } from "../types";
+
+export function validateAgainstSchema(
+	value: any,
+	schema: JSONSchemaDefinition,
+	fieldName: string,
+): void {
+	const {
+		type,
+		format,
+		enum: enumValues,
+		minimum,
+		maximum,
+		pattern,
+		required,
+	} = schema;
+
+	// Type validation
+	if (type) {
+		let validType = false;
+
+		switch (type) {
+			case "string":
+				validType = typeof value === "string";
+				break;
+			case "number":
+			case "integer":
+				validType = typeof value === "number";
+				if (type === "integer" && !Number.isInteger(value)) {
+					validType = false;
+				}
+				break;
+			case "boolean":
+				validType = typeof value === "boolean";
+				break;
+			case "array":
+				validType = Array.isArray(value);
+				break;
+			case "object":
+				validType =
+					typeof value === "object" && value !== null && !Array.isArray(value);
+				break;
+		}
+
+		if (!validType) {
+			throw new Error(`Invalid type for ${fieldName}: expected ${type}`);
+		}
+	}
+
+	// For object types, validate required properties
+	if (type === "object" && required && Array.isArray(required)) {
+		for (const requiredProp of required) {
+			if (value[requiredProp] === undefined) {
+				throw new Error(
+					`Missing required property: ${requiredProp} in ${fieldName}`,
+				);
+			}
+		}
+	}
+
+	// Format validation (simplified)
+	if (format && type === "string") {
+		const formatValidators: Record<string, RegExp> = {
+			email: /^.+@.+\..+$/,
+			"date-time":
+				/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(.\d+)?(Z|[+-]\d{2}:\d{2})$/,
+			uri: /^https?:\/\/.+/,
+		};
+
+		if (formatValidators[format] && !formatValidators[format].test(value)) {
+			throw new Error(`Invalid format for ${fieldName}: expected ${format}`);
+		}
+	}
+
+	// Enum validation
+	if (enumValues && !enumValues.includes(value)) {
+		throw new Error(
+			`Invalid value for ${fieldName}: must be one of [${enumValues.join(", ")}]`,
+		);
+	}
+
+	// Range validation for numbers
+	if (
+		(minimum !== undefined || maximum !== undefined) &&
+		typeof value === "number"
+	) {
+		if (minimum !== undefined && value < minimum) {
+			throw new Error(`Value for ${fieldName} must be >= ${minimum}`);
+		}
+		if (maximum !== undefined && value > maximum) {
+			throw new Error(`Value for ${fieldName} must be <= ${maximum}`);
+		}
+	}
+
+	// Pattern validation for strings
+	if (
+		pattern &&
+		typeof value === "string" &&
+		!new RegExp(pattern).test(value)
+	) {
+		throw new Error(`Value for ${fieldName} must match pattern: ${pattern}`);
+	}
+}
+
+export function validateToolStructure(tool: EnactTool): void {
+	// Check required fields
+	const requiredFields = ["name", "description", "command"];
+
+	for (const field of requiredFields) {
+		if (!(tool as any)[field]) {
+			throw new Error(
+				`Missing required field: ${field} in tool ${JSON.stringify(tool)}`,
+			);
+		}
+	}
+
+	// Validate name format - supports hierarchical names with forward slashes
+	if (
+		!/^[a-zA-Z0-9][a-zA-Z0-9_-]*(?:\/[a-zA-Z0-9][a-zA-Z0-9_-]*)*$/.test(
+			tool.name,
+		)
+	) {
+		throw new Error(
+			`Invalid tool name: ${tool.name}. Must follow hierarchical format like "tool-name" or "org/package/tool-name".`,
+		);
+	}
+
+	// Validate command is not empty
+	if (!tool.command.trim()) {
+		throw new Error("Command field cannot be empty");
+	}
+
+	// Validate timeout format if provided
+	if (tool.timeout) {
+		if (!/^\d+[smh]$/.test(tool.timeout)) {
+			throw new Error(
+				`Invalid timeout format: ${tool.timeout}. Must be Go duration format like "30s", "5m", "1h"`,
+			);
+		}
+	}
+
+	// Validate environment variables structure
+	if (tool.env) {
+		for (const [varName, config] of Object.entries(tool.env)) {
+			if (
+				!config.description ||
+				!config.source ||
+				config.required === undefined
+			) {
+				throw new Error(
+					`Environment variable ${varName} must have description, source, and required fields`,
+				);
+			}
+
+			if (!/^[A-Z][A-Z0-9_]*$/.test(varName)) {
+				throw new Error(
+					`Invalid environment variable name: ${varName}. Must be uppercase with underscores`,
+				);
+			}
+		}
+	}
+
+	// Validate authors structure if provided
+	if (tool.authors) {
+		for (const author of tool.authors) {
+			if (!author.name) {
+				throw new Error("Author must have a name field");
+			}
+
+			if (author.email && !/^.+@.+\..+$/.test(author.email)) {
+				throw new Error(`Invalid email format for author: ${author.email}`);
+			}
+
+			if (author.url && !/^https?:\/\/.+/.test(author.url)) {
+				throw new Error(`Invalid URL format for author: ${author.url}`);
+			}
+		}
+	}
+}
+
+export function validateInputs(
+	tool: EnactTool,
+	inputs: Record<string, any>,
+): Record<string, any> {
+	const validatedInputs: Record<string, any> = {};
+
+	if (!tool.inputSchema || !tool.inputSchema.properties) {
+		return inputs;
+	}
+
+	// Check for required fields
+	const requiredFields = tool.inputSchema.required || [];
+	for (const field of requiredFields) {
+		if (inputs[field] === undefined) {
+			throw new Error(`Missing required input: ${field}`);
+		}
+	}
+
+	// Validate and extract values
+	for (const [key, schema] of Object.entries(tool.inputSchema.properties)) {
+		if (inputs[key] !== undefined) {
+			validateAgainstSchema(inputs[key], schema, key);
+			validatedInputs[key] = inputs[key];
+		} else if (schema.default !== undefined) {
+			validatedInputs[key] = schema.default;
+		}
+	}
+
+	return validatedInputs;
+}
+
+export function validateOutput(tool: EnactTool, output: any): any {
+	if (!tool.outputSchema) {
+		return output;
+	}
+
+	try {
+		// Validate the entire output against the schema
+		validateAgainstSchema(output, tool.outputSchema, "output");
+
+		// Also check required fields specifically
+		if (
+			tool.outputSchema.required &&
+			Array.isArray(tool.outputSchema.required)
+		) {
+			for (const requiredField of tool.outputSchema.required) {
+				if (output[requiredField] === undefined) {
+					throw new Error(`Missing required output field: ${requiredField}`);
+				}
+			}
+		}
+
+		return output;
+	} catch (error) {
+		throw new Error(`Output validation failed: ${(error as Error).message}`);
+	}
+}

package/src/index.ts

@@ -0,0 +1,42 @@
+// Core exports
+export { EnactCore } from './core/EnactCore';
+export { DirectExecutionProvider } from './core/DirectExecutionProvider';
+export { DaggerExecutionProvider } from './core/DaggerExecutionProvider';
+
+// Types and utilities
+export type { EnactTool } from './types';
+export type { EnactToolDefinition } from './api/types';
+export { default as LocalToolResolver } from './LocalToolResolver';
+export { default } from './LocalToolResolver';
+
+// Exec utilities
+export { default as logger } from './exec/logger';
+export * from './exec/validate';
+
+// Utils
+export * from './utils/config';
+export * from './utils/env-loader';
+export { showHelp } from './utils/help';
+export { showVersion as utilsShowVersion } from './utils/version';
+export * from './utils/logger';
+export * from './utils/silent-monitor';
+export * from './utils/timeout';
+
+// Security
+export * from './security/security';
+export { verifyTool, shouldExecuteTool, VERIFICATION_POLICIES } from './security/sign';
+export type { VerificationPolicy as SecurityVerificationPolicy } from './security/sign';
+export * from './security/verification-enforcer';
+
+// Services
+export * from './services/McpCoreService';
+
+// Web
+export * from './web/env-manager-server';
+
+// API
+export * from './api/enact-api';
+export type { ApiResponse, ToolSearchQuery, ToolUsage, CLITokenCreate, OAuthTokenExchange } from './api/types';
+
+// Lib
+export * from './lib/enact-direct';

package/src/lib/enact-direct.ts

@@ -0,0 +1,258 @@
+// src/lib/enact-direct.ts - Library interface for direct usage by MCP servers
+import {
+	EnactCore,
+	type ToolSearchOptions,
+	type ToolExecuteOptions,
+} from "../core/EnactCore";
+import type { EnactTool, ExecutionResult } from "../types";
+
+/**
+ * Direct Enact Library Interface
+ *
+ * This provides a simple, direct interface for MCP servers to use Enact
+ * without any CLI process spawning. All operations happen in-process.
+ */
+export class EnactDirect {
+	private core: EnactCore;
+
+	constructor(
+		options: {
+			apiUrl?: string;
+			supabaseUrl?: string;
+			authToken?: string;
+			verificationPolicy?: "permissive" | "enterprise" | "paranoid";
+			defaultTimeout?: string;
+		} = {},
+	) {
+		this.core = new EnactCore({
+			apiUrl:
+				options.apiUrl || process.env.ENACT_API_URL || "https://enact.tools",
+			supabaseUrl:
+				options.supabaseUrl ||
+				process.env.ENACT_SUPABASE_URL ||
+				"https://xjnhhxwxovjifdxdwzih.supabase.co",
+			executionProvider: "direct",
+			authToken: options.authToken || process.env.ENACT_AUTH_TOKEN,
+			verificationPolicy: options.verificationPolicy || "permissive",
+			defaultTimeout: options.defaultTimeout || "30s",
+		});
+	}
+
+	/**
+	 * Execute a tool by name with inputs
+	 *
+	 * @param name - Tool name (e.g., "my-org/data-processor")
+	 * @param inputs - Input parameters for the tool
+	 * @param options - Execution options
+	 * @returns Execution result
+	 */
+	async executeToolByName(
+		name: string,
+		inputs: Record<string, any> = {},
+		options: ToolExecuteOptions = {},
+	): Promise<ExecutionResult> {
+		return this.core.executeToolByName(name, inputs, options);
+	}
+
+	/**
+	 * Search for tools matching a query
+	 *
+	 * @param options - Search options
+	 * @returns Array of matching tools
+	 */
+	async searchTools(options: ToolSearchOptions): Promise<EnactTool[]> {
+		return this.core.searchTools(options);
+	}
+
+	/**
+	 * Get detailed information about a specific tool
+	 *
+	 * @param name - Tool name
+	 * @param version - Optional specific version
+	 * @returns Tool information or null if not found
+	 */
+	async getToolInfo(name: string, version?: string): Promise<EnactTool | null> {
+		return this.core.getToolInfo(name, version);
+	}
+
+	/**
+	 * Verify a tool's cryptographic signatures
+	 *
+	 * @param name - Tool name
+	 * @param policy - Verification policy
+	 * @returns Verification result
+	 */
+	async verifyTool(
+		name: string,
+		policy?: "permissive" | "enterprise" | "paranoid",
+	): Promise<{
+		verified: boolean;
+		signatures: any[];
+		policy: string;
+		errors?: string[];
+	}> {
+		return this.core.verifyTool(name, policy);
+	}
+
+	/**
+	 * Execute a tool from raw YAML definition
+	 *
+	 * @param toolYaml - YAML tool definition
+	 * @param inputs - Input parameters
+	 * @param options - Execution options
+	 * @returns Execution result
+	 */
+	async executeRawTool(
+		toolYaml: string,
+		inputs: Record<string, any> = {},
+		options: ToolExecuteOptions = {},
+	): Promise<ExecutionResult> {
+		return this.core.executeRawTool(toolYaml, inputs, options);
+	}
+
+	/**
+	 * Check if a tool exists in the registry
+	 *
+	 * @param name - Tool name
+	 * @returns True if tool exists
+	 */
+	async toolExists(name: string): Promise<boolean> {
+		return this.core.toolExists(name);
+	}
+
+	/**
+	 * Get all tools with optional filtering
+	 *
+	 * @param options - Filter options
+	 * @returns Array of tools
+	 */
+	async getTools(
+		options: {
+			limit?: number;
+			offset?: number;
+			tags?: string[];
+			author?: string;
+		} = {},
+	): Promise<EnactTool[]> {
+		return this.core.getTools(options);
+	}
+
+	/**
+	 * Get tools by specific tags
+	 *
+	 * @param tags - Array of tags to filter by
+	 * @param limit - Maximum number of results
+	 * @returns Array of tools
+	 */
+	async getToolsByTags(
+		tags: string[],
+		limit: number = 20,
+	): Promise<EnactTool[]> {
+		return this.core.getToolsByTags(tags, limit);
+	}
+
+	/**
+	 * Get tools by a specific author
+	 *
+	 * @param author - Author name
+	 * @param limit - Maximum number of results
+	 * @returns Array of tools
+	 */
+	async getToolsByAuthor(
+		author: string,
+		limit: number = 20,
+	): Promise<EnactTool[]> {
+		return this.core.getToolsByAuthor(author, limit);
+	}
+
+	/**
+	 * Get the current status of the Enact core
+	 *
+	 * @returns Status information
+	 */
+	async getStatus(): Promise<{
+		executionProvider: string;
+		apiUrl: string;
+		verificationPolicy: string;
+		defaultTimeout: string;
+		authenticated: boolean;
+	}> {
+		return this.core.getStatus();
+	}
+
+	/**
+	 * Set authentication token
+	 *
+	 * @param token - Authentication token
+	 */
+	setAuthToken(token: string): void {
+		this.core.setAuthToken(token);
+	}
+
+	/**
+	 * Get authentication status
+	 *
+	 * @returns Authentication status
+	 */
+	async getAuthStatus(): Promise<{
+		authenticated: boolean;
+		user?: string;
+		server?: string;
+	}> {
+		return this.core.getAuthStatus();
+	}
+
+	/**
+	 * Publish a tool (requires authentication)
+	 *
+	 * @param tool - Tool definition to publish
+	 * @returns Publication result
+	 */
+	async publishTool(
+		tool: EnactTool,
+	): Promise<{ success: boolean; message: string }> {
+		return this.core.publishTool(tool);
+	}
+}
+
+// Create and export a default instance
+export const enactDirect = new EnactDirect();
+
+// Export convenience functions using the default instance
+export const executeToolByName = (
+	name: string,
+	inputs: Record<string, any> = {},
+	options: ToolExecuteOptions = {},
+) => enactDirect.executeToolByName(name, inputs, options);
+
+export const searchTools = (options: ToolSearchOptions) =>
+	enactDirect.searchTools(options);
+
+export const getToolInfo = (name: string, version?: string) =>
+	enactDirect.getToolInfo(name, version);
+
+export const executeRawTool = (
+	toolYaml: string,
+	inputs: Record<string, any> = {},
+	options: ToolExecuteOptions = {},
+) => enactDirect.executeRawTool(toolYaml, inputs, options);
+
+export const getToolsByTags = (tags: string[], limit: number = 20) =>
+	enactDirect.getToolsByTags(tags, limit);
+
+export const getToolsByAuthor = (author: string, limit: number = 20) =>
+	enactDirect.getToolsByAuthor(author, limit);
+
+export const toolExists = (name: string) => enactDirect.toolExists(name);
+
+export const getAuthStatus = () => enactDirect.getAuthStatus();
+
+export const publishTool = (tool: EnactTool) => enactDirect.publishTool(tool);
+
+// Also export the core for advanced usage
+export {
+	EnactCore,
+	type ToolSearchOptions,
+	type ToolExecuteOptions,
+} from "../core/EnactCore";
+export type { EnactTool, ExecutionResult } from "../types";

package/src/lib/index.ts

@@ -0,0 +1 @@
+export * from './enact-direct';

package/src/security/index.ts

@@ -0,0 +1,3 @@
+export * from './security';
+export * from './sign';
+export * from './verification-enforcer';