npm - @everywheredev/cli - Versions diffs - 0.0.11 → 0.0.12 - Mend

@everywheredev/cli 0.0.11 → 0.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +1 -1
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -180,7 +180,7 @@ Check the top-level render call using <`+Re+">.")}return ce}}function Br(b,ce){{
   <%s {...props} />
 React keys must be passed directly to JSX without using spread:
   let props = %s;
-  <%s key={someKey} {...props} />`,Ni,la,Vi,la),Ka[la+Ni]=!0}}return b===s?ua(dn):er(dn),dn}}function oo(b,ce,Re){return Vr(b,ce,Re,!0)}function bi(b,ce,Re){return Vr(b,ce,Re,!1)}var tr=bi,Wi=oo;PE.Fragment=s,PE.jsx=tr,PE.jsxs=Wi}()});var Kg=je((E5,cD)=>{"use strict";process.env.NODE_ENV==="production"?cD.exports=k_():cD.exports=M_()});var rW=_t(dB(),1);import{fileURLToPath as MG}from"node:url";var U5=_t(dB(),1),G_=_t(Qw(),1);import{Buffer as m2}from"node:buffer";var D3=new TextEncoder,Wh=new TextDecoder,Q3=2**32;function E2(n){let e=n;return e instanceof Uint8Array&&(e=Wh.decode(e)),e}var ww=n=>new Uint8Array(m2.from(E2(n),"base64url"));var qB=class extends Error{static code="ERR_JOSE_GENERIC";code="ERR_JOSE_GENERIC";constructor(e,i){super(e,i),this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}};var Ns=class extends qB{static code="ERR_JWT_INVALID";code="ERR_JWT_INVALID"};function B2(n){return typeof n=="object"&&n!==null}function ZB(n){if(!B2(n)||Object.prototype.toString.call(n)!=="[object Object]")return!1;if(Object.getPrototypeOf(n)===null)return!0;let e=n;for(;Object.getPrototypeOf(e)!==null;)e=Object.getPrototypeOf(e);return Object.getPrototypeOf(n)===e}var Sw=ww;function XB(n){if(typeof n!="string")throw new Ns("JWTs must use Compact JWS serialization, JWT must be a string");let{1:e,length:i}=n.split(".");if(i===5)throw new Ns("Only JWTs using Compact JWS serialization can be decoded");if(i!==3)throw new Ns("Invalid JWT");if(!e)throw new Ns("JWTs must contain a payload");let s;try{s=Sw(e)}catch{throw new Ns("Failed to base64url decode the payload")}let u;try{u=JSON.parse(Wh.decode(s))}catch{throw new Ns("Failed to parse the decoded payload as JSON")}if(!ZB(u))throw new Ns("Invalid JWT Claims Set");return u}var bt=class n extends Error{kind;status;code;hint;constructor(e,i,s={}){super(i,s.cause!==void 0?{cause:s.cause}:void 0),this.name="CliError",this.kind=e,this.status=s.status,this.code=s.code,this.hint=s.hint,Object.setPrototypeOf(this,n.prototype)}get exitCode(){return this.kind==="config"||this.kind==="bad_request"?2:1}static fromStatus(e,i){let s=i?.error,u=i?.message;switch(e){case 400:return new n("bad_request",u??"Bad request.",{status:e,code:s});case 401:return new n("unauthorized",u??"Unauthorized.",{status:e,code:s,hint:"Run `pocketdev login` to sign in."});case 403:return new n("forbidden",u??"Forbidden.",{status:e,code:s,hint:"You may not have access to this project. Run `pocketdev me` to check your account, or re-run `pocketdev push` to bind a project you own. (Premium features also require an active paid tier.)"});case 404:return new n("not_found",u??"Not found.",{status:e,code:s,hint:"Check the path with `pocketdev tree`."});case 409:return new n("conflict",u??"File changed on the host since you read it.",{status:e,code:s,hint:"Reload, diff, or overwrite \u2014 never silently clobber a concurrent edit."});case 422:return new n("agent_unavailable",u??"Agent unavailable.",{status:e,code:s,hint:"List agents with `pocketdev agents` and pass a valid agentId."});case 501:return new n("not_implemented",u??"Not implemented on this host.",{status:e,code:s,hint:"Port exposure may require a tunnel (e.g. install `cloudflared`)."});case 502:return new n("bad_gateway",u??"Upstream proxy error.",{status:e,code:s,hint:"The host could not reach the upstream target for `pocketdev request`."});default:return new n("internal",u??`Unexpected host status ${e}.`,{status:e,code:s})}}static network(e,i){return new n("network",e,{cause:i,hint:"Is the host reachable at that URL and is the stack up? If it serves a self-signed TLS cert, ensure NODE_EXTRA_CA_CERTS trusts it."})}static config(e,i){return new n("config",e,{hint:i})}static auth(e,i,s){return new n("auth",e,{hint:i,cause:s})}};function Vh(n){return n instanceof bt}async function Rw(n,e=fetch){let i=n.replace(/\/+$/,""),s=new AbortController,u=setTimeout(()=>s.abort(),4e3);try{let c=await e(`${i}/api/cli/bootstrap`,{headers:{accept:"application/json"},signal:s.signal});if(!c.ok)return;let g=await c.json();return!g||typeof g.clientId!="string"||g.clientId===""?void 0:{clientId:g.clientId,scopes:Array.isArray(g.scopes)?g.scopes:void 0}}catch{return}finally{clearTimeout(u)}}function Fw(n){let e="";for(let i of n)e+=String.fromCharCode(i);return Buffer.from(e,"binary").toString("base64").replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}function v2(n){let e=new Uint8Array(n);return globalThis.crypto.getRandomValues(e),e}function D2(){return Fw(v2(32))}async function Q2(n){let e=new TextEncoder().encode(n),i=await globalThis.crypto.subtle.digest("SHA-256",e);return Fw(new Uint8Array(i))}async function xw(){let n=D2(),e=await Q2(n);return{codeVerifier:n,codeChallenge:e,method:"S256"}}var Zh=class{constructor(e,i=fetch,s=S2){this.cfg=e;this.fetchImpl=i;this.sleep=s}async discover(){let e=`${w2(this.cfg.oidcIssuer)}/.well-known/openid-configuration`,i=await this.fetchImpl(e,{headers:{accept:"application/json"}});if(!i.ok)throw bt.auth(`OIDC discovery failed (${i.status}).`,`Check the profile's oidcIssuer (${this.cfg.oidcIssuer}).`);return await i.json()}async authorize(e){let i=await this.discover(),s=await xw(),u=new URLSearchParams({client_id:this.cfg.clientId,scope:this.cfg.scopes.join(" "),code_challenge:s.codeChallenge,code_challenge_method:s.method}),c=await this.fetchImpl(i.device_authorization_endpoint,{method:"POST",headers:qh(),body:u.toString()});if(!c.ok)throw bt.auth(`Device authorization request failed (${c.status}).`);let g=await c.json();return e({userCode:g.user_code,verificationUri:g.verification_uri,verificationUriComplete:g.verification_uri_complete,expiresIn:g.expires_in}),{...await this.poll(i,g,s.codeVerifier),clientId:this.cfg.clientId}}async refresh(e){let i=await this.discover(),s=new URLSearchParams({grant_type:"refresh_token",client_id:this.cfg.clientId,refresh_token:e}),u=await this.fetchImpl(i.token_endpoint,{method:"POST",headers:qh(),body:s.toString()});if(!u.ok)throw bt.auth("Token refresh failed.","Run `pocketdev login` to re-authenticate.");return _w(await u.json())}async revoke(e){let i=await this.discover();if(!i.revocation_endpoint)return;let s=new URLSearchParams({client_id:this.cfg.clientId,token:e});await this.fetchImpl(i.revocation_endpoint,{method:"POST",headers:qh(),body:s.toString()}).catch(()=>{})}async poll(e,i,s){let u=(i.interval??5)*1e3,c=Date.now()+i.expires_in*1e3;for(;Date.now()<c;){await this.sleep(u);let g=new URLSearchParams({grant_type:"urn:ietf:params:oauth:grant-type:device_code",client_id:this.cfg.clientId,device_code:i.device_code,code_verifier:s}),E=await this.fetchImpl(e.token_endpoint,{method:"POST",headers:qh(),body:g.toString()});if(E.ok)return _w(await E.json());let y=await E.json().catch(()=>({}));switch(y.error){case"authorization_pending":continue;case"slow_down":u+=5e3;continue;case"access_denied":throw bt.auth("Authorization was denied.");case"expired_token":throw bt.auth("The device code expired.","Run `pocketdev login` again.");default:throw bt.auth(`Device token poll failed: ${y.error??E.status}.`)}}throw bt.auth("Timed out waiting for device authorization.","Run `pocketdev login` again.")}};function _w(n){return n.expires_in&&!n.expiresAt?{...n,expiresAt:Date.now()+n.expires_in*1e3}:n}function qh(){return{"content-type":"application/x-www-form-urlencoded",accept:"application/json"}}function w2(n){return n.endsWith("/")?n.slice(0,-1):n}function S2(n){return new Promise(e=>setTimeout(e,n))}var R2="hydra-tokens",F2=6e4,Xh=class{constructor(e,i,s=_2,u=x2){this.config=e;this.keychain=i;this.devicePrompt=s;this.makeFlow=u}tokens;loaded=!1;async getAuthHeader(){return`Bearer ${(await this.ensureValidToken()).access_token}`}async bearerToken(){return(await this.ensureValidToken()).access_token}async login(){let e=await Rw(this.config.profile().hostUrl).catch(()=>{}),s=await this.makeFlow(this.config,e).authorize(this.devicePrompt);await this.store(s)}async logout(){await this.load();let e=this.tokens?.refresh_token;e&&await this.makeFlow(this.config,this.flowOverrides()).revoke(e).catch(()=>{}),this.tokens=void 0,await this.keychain.delete(this.account())}async refresh(){await this.load();let e=this.tokens?.refresh_token;if(!e)return!1;try{let i=await this.makeFlow(this.config,this.flowOverrides()).refresh(e);return i.refresh_token||(i.refresh_token=e),i.clientId||(i.clientId=this.tokens?.clientId),await this.store(i),!0}catch{return!1}}subject(){if(!this.tokens?.access_token)return"remote";try{let e=XB(this.tokens.access_token);return typeof e.sub=="string"?e.sub:"remote"}catch{return"remote"}}flowOverrides(){return this.tokens?.clientId?{clientId:this.tokens.clientId}:void 0}async ensureValidToken(){if(await this.load(),!this.tokens?.access_token)throw bt.auth("Not signed in.","Run `pocketdev login`.");if(this.isExpiring(this.tokens)&&!await this.refresh())throw bt.auth("Session expired and could not be refreshed.","Run `pocketdev login`.");return this.tokens}isExpiring(e){return e.expiresAt?Date.now()>=e.expiresAt-F2:!1}async load(){if(this.loaded)return;this.loaded=!0;let e=await this.keychain.get(this.account());if(e)try{this.tokens=JSON.parse(e)}catch{this.tokens=void 0}}async store(e){this.tokens=e,this.loaded=!0,await this.keychain.set(this.account(),JSON.stringify(e))}account(){return`${R2}:${this.config.profile().name}`}};function x2(n,e){let i=n.profile(),u=n.resolve().oidcIssuer??i.oidcIssuer;if(!u)throw bt.config(`Remote profile "${i.name}" has no OIDC issuer.`,"Set OIDC_ISSUER or add oidcIssuer to the profile in ~/.pocketdev/config.json.");let c=e?.clientId??i.clientId;if(!c)throw bt.config(`Remote profile "${i.name}" has no clientId.`);return new Zh({oidcIssuer:u,clientId:c,scopes:e?.scopes??i.scopes??[]})}var _2=n=>{let e=n.verificationUriComplete??n.verificationUri;process.stderr.write(`
+  <%s key={someKey} {...props} />`,Ni,la,Vi,la),Ka[la+Ni]=!0}}return b===s?ua(dn):er(dn),dn}}function oo(b,ce,Re){return Vr(b,ce,Re,!0)}function bi(b,ce,Re){return Vr(b,ce,Re,!1)}var tr=bi,Wi=oo;PE.Fragment=s,PE.jsx=tr,PE.jsxs=Wi}()});var Kg=je((E5,cD)=>{"use strict";process.env.NODE_ENV==="production"?cD.exports=k_():cD.exports=M_()});var rW=_t(dB(),1);import{fileURLToPath as MG}from"node:url";var U5=_t(dB(),1),G_=_t(Qw(),1);import{Buffer as m2}from"node:buffer";var D3=new TextEncoder,Wh=new TextDecoder,Q3=2**32;function E2(n){let e=n;return e instanceof Uint8Array&&(e=Wh.decode(e)),e}var ww=n=>new Uint8Array(m2.from(E2(n),"base64url"));var qB=class extends Error{static code="ERR_JOSE_GENERIC";code="ERR_JOSE_GENERIC";constructor(e,i){super(e,i),this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}};var Ns=class extends qB{static code="ERR_JWT_INVALID";code="ERR_JWT_INVALID"};function B2(n){return typeof n=="object"&&n!==null}function ZB(n){if(!B2(n)||Object.prototype.toString.call(n)!=="[object Object]")return!1;if(Object.getPrototypeOf(n)===null)return!0;let e=n;for(;Object.getPrototypeOf(e)!==null;)e=Object.getPrototypeOf(e);return Object.getPrototypeOf(n)===e}var Sw=ww;function XB(n){if(typeof n!="string")throw new Ns("JWTs must use Compact JWS serialization, JWT must be a string");let{1:e,length:i}=n.split(".");if(i===5)throw new Ns("Only JWTs using Compact JWS serialization can be decoded");if(i!==3)throw new Ns("Invalid JWT");if(!e)throw new Ns("JWTs must contain a payload");let s;try{s=Sw(e)}catch{throw new Ns("Failed to base64url decode the payload")}let u;try{u=JSON.parse(Wh.decode(s))}catch{throw new Ns("Failed to parse the decoded payload as JSON")}if(!ZB(u))throw new Ns("Invalid JWT Claims Set");return u}var bt=class n extends Error{kind;status;code;hint;constructor(e,i,s={}){super(i,s.cause!==void 0?{cause:s.cause}:void 0),this.name="CliError",this.kind=e,this.status=s.status,this.code=s.code,this.hint=s.hint,Object.setPrototypeOf(this,n.prototype)}get exitCode(){return this.kind==="config"||this.kind==="bad_request"?2:1}static fromStatus(e,i){let s=i?.error,u=i?.message;switch(e){case 400:return new n("bad_request",u??"Bad request.",{status:e,code:s});case 401:return new n("unauthorized",u??"Unauthorized.",{status:e,code:s,hint:"Run `pocketdev login` to sign in."});case 402:return new n("payment_required",u??"Plan limit reached.",{status:e,code:s,hint:"You've hit a limit on your current plan. Upgrade in the dashboard (Account \u2192 Billing) to continue."});case 403:return new n("forbidden",u??"Forbidden.",{status:e,code:s,hint:"You may not have access to this project. Run `pocketdev me` to check your account, or re-run `pocketdev push` to bind a project you own. (Premium features also require an active paid tier.)"});case 404:return new n("not_found",u??"Not found.",{status:e,code:s,hint:"Check the path with `pocketdev tree`."});case 409:return new n("conflict",u??"File changed on the host since you read it.",{status:e,code:s,hint:"Reload, diff, or overwrite \u2014 never silently clobber a concurrent edit."});case 422:return new n("agent_unavailable",u??"Agent unavailable.",{status:e,code:s,hint:"List agents with `pocketdev agents` and pass a valid agentId."});case 501:return new n("not_implemented",u??"Not implemented on this host.",{status:e,code:s,hint:"Port exposure may require a tunnel (e.g. install `cloudflared`)."});case 502:return new n("bad_gateway",u??"Upstream proxy error.",{status:e,code:s,hint:"The host could not reach the upstream target for `pocketdev request`."});default:return new n("internal",u??`Unexpected host status ${e}.`,{status:e,code:s})}}static network(e,i){return new n("network",e,{cause:i,hint:"Is the host reachable at that URL and is the stack up? If it serves a self-signed TLS cert, ensure NODE_EXTRA_CA_CERTS trusts it."})}static config(e,i){return new n("config",e,{hint:i})}static auth(e,i,s){return new n("auth",e,{hint:i,cause:s})}};function Vh(n){return n instanceof bt}async function Rw(n,e=fetch){let i=n.replace(/\/+$/,""),s=new AbortController,u=setTimeout(()=>s.abort(),4e3);try{let c=await e(`${i}/api/cli/bootstrap`,{headers:{accept:"application/json"},signal:s.signal});if(!c.ok)return;let g=await c.json();return!g||typeof g.clientId!="string"||g.clientId===""?void 0:{clientId:g.clientId,scopes:Array.isArray(g.scopes)?g.scopes:void 0}}catch{return}finally{clearTimeout(u)}}function Fw(n){let e="";for(let i of n)e+=String.fromCharCode(i);return Buffer.from(e,"binary").toString("base64").replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}function v2(n){let e=new Uint8Array(n);return globalThis.crypto.getRandomValues(e),e}function D2(){return Fw(v2(32))}async function Q2(n){let e=new TextEncoder().encode(n),i=await globalThis.crypto.subtle.digest("SHA-256",e);return Fw(new Uint8Array(i))}async function xw(){let n=D2(),e=await Q2(n);return{codeVerifier:n,codeChallenge:e,method:"S256"}}var Zh=class{constructor(e,i=fetch,s=S2){this.cfg=e;this.fetchImpl=i;this.sleep=s}async discover(){let e=`${w2(this.cfg.oidcIssuer)}/.well-known/openid-configuration`,i=await this.fetchImpl(e,{headers:{accept:"application/json"}});if(!i.ok)throw bt.auth(`OIDC discovery failed (${i.status}).`,`Check the profile's oidcIssuer (${this.cfg.oidcIssuer}).`);return await i.json()}async authorize(e){let i=await this.discover(),s=await xw(),u=new URLSearchParams({client_id:this.cfg.clientId,scope:this.cfg.scopes.join(" "),code_challenge:s.codeChallenge,code_challenge_method:s.method}),c=await this.fetchImpl(i.device_authorization_endpoint,{method:"POST",headers:qh(),body:u.toString()});if(!c.ok)throw bt.auth(`Device authorization request failed (${c.status}).`);let g=await c.json();return e({userCode:g.user_code,verificationUri:g.verification_uri,verificationUriComplete:g.verification_uri_complete,expiresIn:g.expires_in}),{...await this.poll(i,g,s.codeVerifier),clientId:this.cfg.clientId}}async refresh(e){let i=await this.discover(),s=new URLSearchParams({grant_type:"refresh_token",client_id:this.cfg.clientId,refresh_token:e}),u=await this.fetchImpl(i.token_endpoint,{method:"POST",headers:qh(),body:s.toString()});if(!u.ok)throw bt.auth("Token refresh failed.","Run `pocketdev login` to re-authenticate.");return _w(await u.json())}async revoke(e){let i=await this.discover();if(!i.revocation_endpoint)return;let s=new URLSearchParams({client_id:this.cfg.clientId,token:e});await this.fetchImpl(i.revocation_endpoint,{method:"POST",headers:qh(),body:s.toString()}).catch(()=>{})}async poll(e,i,s){let u=(i.interval??5)*1e3,c=Date.now()+i.expires_in*1e3;for(;Date.now()<c;){await this.sleep(u);let g=new URLSearchParams({grant_type:"urn:ietf:params:oauth:grant-type:device_code",client_id:this.cfg.clientId,device_code:i.device_code,code_verifier:s}),E=await this.fetchImpl(e.token_endpoint,{method:"POST",headers:qh(),body:g.toString()});if(E.ok)return _w(await E.json());let y=await E.json().catch(()=>({}));switch(y.error){case"authorization_pending":continue;case"slow_down":u+=5e3;continue;case"access_denied":throw bt.auth("Authorization was denied.");case"expired_token":throw bt.auth("The device code expired.","Run `pocketdev login` again.");default:throw bt.auth(`Device token poll failed: ${y.error??E.status}.`)}}throw bt.auth("Timed out waiting for device authorization.","Run `pocketdev login` again.")}};function _w(n){return n.expires_in&&!n.expiresAt?{...n,expiresAt:Date.now()+n.expires_in*1e3}:n}function qh(){return{"content-type":"application/x-www-form-urlencoded",accept:"application/json"}}function w2(n){return n.endsWith("/")?n.slice(0,-1):n}function S2(n){return new Promise(e=>setTimeout(e,n))}var R2="hydra-tokens",F2=6e4,Xh=class{constructor(e,i,s=_2,u=x2){this.config=e;this.keychain=i;this.devicePrompt=s;this.makeFlow=u}tokens;loaded=!1;async getAuthHeader(){return`Bearer ${(await this.ensureValidToken()).access_token}`}async bearerToken(){return(await this.ensureValidToken()).access_token}async login(){let e=await Rw(this.config.profile().hostUrl).catch(()=>{}),s=await this.makeFlow(this.config,e).authorize(this.devicePrompt);await this.store(s)}async logout(){await this.load();let e=this.tokens?.refresh_token;e&&await this.makeFlow(this.config,this.flowOverrides()).revoke(e).catch(()=>{}),this.tokens=void 0,await this.keychain.delete(this.account())}async refresh(){await this.load();let e=this.tokens?.refresh_token;if(!e)return!1;try{let i=await this.makeFlow(this.config,this.flowOverrides()).refresh(e);return i.refresh_token||(i.refresh_token=e),i.clientId||(i.clientId=this.tokens?.clientId),await this.store(i),!0}catch{return!1}}subject(){if(!this.tokens?.access_token)return"remote";try{let e=XB(this.tokens.access_token);return typeof e.sub=="string"?e.sub:"remote"}catch{return"remote"}}flowOverrides(){return this.tokens?.clientId?{clientId:this.tokens.clientId}:void 0}async ensureValidToken(){if(await this.load(),!this.tokens?.access_token)throw bt.auth("Not signed in.","Run `pocketdev login`.");if(this.isExpiring(this.tokens)&&!await this.refresh())throw bt.auth("Session expired and could not be refreshed.","Run `pocketdev login`.");return this.tokens}isExpiring(e){return e.expiresAt?Date.now()>=e.expiresAt-F2:!1}async load(){if(this.loaded)return;this.loaded=!0;let e=await this.keychain.get(this.account());if(e)try{this.tokens=JSON.parse(e)}catch{this.tokens=void 0}}async store(e){this.tokens=e,this.loaded=!0,await this.keychain.set(this.account(),JSON.stringify(e))}account(){return`${R2}:${this.config.profile().name}`}};function x2(n,e){let i=n.profile(),u=n.resolve().oidcIssuer??i.oidcIssuer;if(!u)throw bt.config(`Remote profile "${i.name}" has no OIDC issuer.`,"Set OIDC_ISSUER or add oidcIssuer to the profile in ~/.pocketdev/config.json.");let c=e?.clientId??i.clientId;if(!c)throw bt.config(`Remote profile "${i.name}" has no clientId.`);return new Zh({oidcIssuer:u,clientId:c,scopes:e?.scopes??i.scopes??[]})}var _2=n=>{let e=n.verificationUriComplete??n.verificationUri;process.stderr.write(`
 To sign in, open:
   ${e}
 `+(n.verificationUriComplete?"":`and enter the code: ${n.userCode}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@everywheredev/cli",
-  "version": "0.0.11",
+  "version": "0.0.12",
   "description": "PocketDev CLI — a Claude-Code-style TypeScript thin client for the PocketDev host (FULL-REMOTE Hydra OAuth2).",
   "type": "module",
   "license": "UNLICENSED",