@gjsify/cli 0.4.36 → 0.4.37

package/lib/utils/install-tarball-cache.js

@@ -30,32 +30,28 @@
 // same hex bytes share the same cache entry; that is the invariant pnpm
 // relies on too. Tarballs without an integrity hash (older registries)
 // fall through to a no-op cache and download every time.
-import { existsSync, mkdirSync, readFileSync, renameSync, statSync, writeFileSync } from 'node:fs';
+import { existsSync, statSync } from 'node:fs';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
+import { atomicWrite, gjsifyCacheRoot, readCacheFile } from './install-cache-fs.js';
 const CACHE_LAYOUT_VERSION = 'v1';
-/**
- * Resolve the root of the tarball cache. Mirrors the dlx cache's
- * XDG-honouring lookup so users with a custom `XDG_CACHE_HOME` get a
- * single coherent cache root.
- */
+/** Root of the tarball cache: `$XDG_CACHE_HOME/gjsify/tarballs/v1`. */
 function cacheRoot() {
-    const xdg = process.env.XDG_CACHE_HOME;
-    const base = xdg && xdg.length > 0 ? xdg : join(homedir(), '.cache');
-    return join(base, 'gjsify', 'tarballs', CACHE_LAYOUT_VERSION);
+    return gjsifyCacheRoot('tarballs', CACHE_LAYOUT_VERSION);
 }
 /**
- * Convert an SRI integrity string (`sha512-AbCd…=`) into a cache file path.
- * Returns `null` for unsupported / malformed integrity values so the caller
- * can fall back to a fresh download.
+ * Parse an SRI integrity string (`sha512-AbCd…=`) into its algorithm + hex
+ * digest, or `null` for a missing / malformed value (caller falls back to a
+ * fresh download). Shared by both the gjsify-store and npm-cacache path
+ * derivations below — the base64→hex decode used to be inlined in each.
  */
-function pathFor(integrity) {
+function parseSri(integrity) {
     if (!integrity)
         return null;
     const dashIdx = integrity.indexOf('-');
     if (dashIdx <= 0 || dashIdx === integrity.length - 1)
         return null;
-    const algo = integrity.slice(0, dashIdx);
+    const algorithm = integrity.slice(0, dashIdx);
     const b64 = integrity.slice(dashIdx + 1).replace(/=+$/, '');
     // Decode base64 → hex; throws on malformed input which we swallow.
     let hex;
@@ -67,8 +63,19 @@ function pathFor(integrity) {
     }
     if (hex.length < 4)
         return null;
-    const shard = hex.slice(0, 2);
-    return join(cacheRoot(), algo, shard, `${hex}.tgz`);
+    return { algorithm, hex };
+}
+/**
+ * Convert an SRI integrity string into a cache file path. Returns `null` for
+ * unsupported / malformed integrity values so the caller can fall back to a
+ * fresh download.
+ */
+function pathFor(integrity) {
+    const sri = parseSri(integrity);
+    if (!sri)
+        return null;
+    const shard = sri.hex.slice(0, 2);
+    return join(cacheRoot(), sri.algorithm, shard, `${sri.hex}.tgz`);
 }
 /**
  * Read a cached tarball by SRI integrity. Returns the raw tarball bytes if
@@ -80,18 +87,7 @@ export function getCachedTarball(integrity) {
     const path = pathFor(integrity);
     if (!path)
         return null;
-    if (!existsSync(path))
-        return null;
-    try {
-        const buf = readFileSync(path);
-        // Sanity: a zero-byte file is a previous-write failure; treat as MISS.
-        if (buf.length === 0)
-            return null;
-        return buf;
-    }
-    catch {
-        return null;
-    }
+    return readCacheFile(path);
 }
 /**
  * Persist a tarball to the cache. Writes to a `<path>.tmp.<pid>` sibling
@@ -106,18 +102,10 @@ export function putCachedTarball(integrity, bytes) {
     const path = pathFor(integrity);
     if (!path)
         return;
+    // Idempotent: content-addressed entries are immutable, never rewritten.
     if (existsSync(path))
         return;
-    try {
-        mkdirSync(join(path, '..'), { recursive: true });
-        const tmp = `${path}.tmp.${process.pid}`;
-        writeFileSync(tmp, bytes);
-        renameSync(tmp, path);
-    }
-    catch {
-        // Cache write failure is non-fatal — the install proceeds with the
-        // in-memory bytes; we just won't get a hit on the next run.
-    }
+    atomicWrite(path, bytes);
 }
 /**
  * Best-effort cache stats for diagnostics. Returns `null` when the cache
@@ -138,3 +126,67 @@ export function isCacheHit(integrity) {
         return false;
     }
 }
+// ---------------------------------------------------------------------------
+// Foreign cache interop — read npm's cacache content store.
+//
+// npm stores downloaded tarballs in a content-addressable store
+// (`cacache`) keyed by the SAME SRI integrity we key our own store on, and
+// holds the raw `.tgz` bytes verbatim. Layout (cacache `content-v2`):
+//
+//   <npm-cache>/_cacache/content-v2/<algo>/<hex[0:2]>/<hex[2:4]>/<hex[4:]>
+//
+// `<algo>` is the SRI algorithm (`sha512`), `<hex>` the hex-encoded digest —
+// identical derivation to our own `pathFor`, just a different root and no
+// `.tgz` extension. So anyone who has run `npm install` before already has
+// these tarballs on disk; reading them turns a cold `gjsify install` into a
+// near-warm one without a single network round-trip.
+//
+// pnpm/yarn/bun stores are deliberately NOT read here: pnpm/bun store
+// *unpacked* per-file content (no tarball to hand to the extractor) and yarn
+// berry stores zip archives under its own (non-SRI) cache key — none map to a
+// tarball-by-integrity lookup the way npm's cacache does.
+// ---------------------------------------------------------------------------
+/**
+ * Resolve npm's `content-v2` directory, honouring `GJSIFY_NPM_CACHE`
+ * (full path to a `_cacache` dir; `0`/`false`/empty disables the interop),
+ * then `npm_config_cache`, then the platform default `~/.npm`. Returns `null`
+ * when the interop is disabled or no plausible cache root exists.
+ */
+function npmCacacheContentDir() {
+    const override = process.env.GJSIFY_NPM_CACHE;
+    if (override !== undefined) {
+        const trimmed = override.trim();
+        if (trimmed === '' || trimmed === '0' || trimmed === 'false')
+            return null;
+        // Accept either the `_cacache` dir itself or its parent npm cache dir.
+        const base = trimmed.endsWith('_cacache') ? trimmed : join(trimmed, '_cacache');
+        return join(base, 'content-v2');
+    }
+    const npmConfigCache = process.env.npm_config_cache;
+    const cacheBase = npmConfigCache && npmConfigCache.length > 0 ? npmConfigCache : join(homedir(), '.npm');
+    return join(cacheBase, '_cacache', 'content-v2');
+}
+/** Map an SRI integrity to its npm cacache content-store path, or `null`. */
+function npmCachePathFor(integrity) {
+    const contentDir = npmCacacheContentDir();
+    if (!contentDir)
+        return null;
+    const sri = parseSri(integrity);
+    if (!sri)
+        return null;
+    // cacache shards the hex digest into [0:2]/[2:4]/[4:] with NO extension.
+    return join(contentDir, sri.algorithm, sri.hex.slice(0, 2), sri.hex.slice(2, 4), sri.hex.slice(4));
+}
+/**
+ * Read a tarball from npm's cacache content store by SRI integrity. Returns
+ * the raw `.tgz` bytes on a HIT, `null` on a MISS / disabled interop / read
+ * failure. Like {@link getCachedTarball}, this trusts the content-addressed
+ * path rather than re-hashing — the extractor surfaces any genuinely corrupt
+ * tarball loudly, and cacache verified the bytes on write.
+ */
+export function getForeignCachedTarball(integrity) {
+    const path = npmCachePathFor(integrity);
+    if (!path)
+        return null;
+    return readCacheFile(path);
+}

package/lib/utils/prompt.d.ts

@@ -0,0 +1,8 @@
+/** Print a question and read one line from stdin (visible). */
+export declare function promptLine(question: string): Promise<string>;
+/**
+ * Print a question and read one line WITHOUT echoing it (passwords). Uses raw
+ * mode + manual key handling on a TTY; falls back to a plain line read when
+ * stdin is not a TTY (piped). Ctrl-C aborts the process.
+ */
+export declare function promptHidden(question: string): Promise<string>;

package/lib/utils/prompt.js

@@ -0,0 +1,92 @@
+// Minimal interactive prompts for `gjsify login` — a visible line prompt and a
+// hidden (no-echo) password prompt. Cross-runtime: `process.stdin.setRawMode`
+// is provided by Node and by `@gjsify/process` (terminal-native) under GJS.
+//
+// Non-TTY stdin (piped input, CI) is supported: both helpers read a single line
+// without raw-mode masking, so `printf 'user\npass\n' | gjsify login` works for
+// automation.
+const CTRL_C = String.fromCharCode(3); // ETX (Ctrl-C)
+const DEL = String.fromCharCode(127); // DEL (Backspace on most terminals)
+const BACKSPACE = String.fromCharCode(8); // BS
+/** Print a question and read one line from stdin (visible). */
+export async function promptLine(question) {
+    process.stdout.write(question);
+    return readLine();
+}
+/**
+ * Print a question and read one line WITHOUT echoing it (passwords). Uses raw
+ * mode + manual key handling on a TTY; falls back to a plain line read when
+ * stdin is not a TTY (piped). Ctrl-C aborts the process.
+ */
+export async function promptHidden(question) {
+    process.stdout.write(question);
+    const stdin = process.stdin;
+    if (!stdin.isTTY || typeof stdin.setRawMode !== 'function') {
+        // Non-interactive: read a line as-is (no masking possible/needed).
+        return readLine();
+    }
+    return new Promise((resolve) => {
+        let buf = '';
+        stdin.setRawMode(true);
+        stdin.resume();
+        stdin.setEncoding('utf-8');
+        const onData = (chunk) => {
+            for (const ch of chunk) {
+                if (ch === '\r' || ch === '\n') {
+                    cleanup();
+                    process.stdout.write('\n');
+                    resolve(buf);
+                    return;
+                }
+                else if (ch === CTRL_C) {
+                    cleanup();
+                    process.stdout.write('\n');
+                    process.exit(130);
+                }
+                else if (ch === DEL || ch === BACKSPACE) {
+                    if (buf.length > 0) {
+                        buf = buf.slice(0, -1);
+                        process.stdout.write('\b \b');
+                    }
+                }
+                else if (ch >= ' ') {
+                    buf += ch;
+                    process.stdout.write('*');
+                }
+            }
+        };
+        const cleanup = () => {
+            stdin.setRawMode(false);
+            stdin.removeListener('data', onData);
+            stdin.pause();
+        };
+        stdin.on('data', onData);
+    });
+}
+/** Read a single line from stdin (shared by both prompts on non-TTY). */
+function readLine() {
+    return new Promise((resolve) => {
+        let buf = '';
+        const onData = (chunk) => {
+            buf += typeof chunk === 'string' ? chunk : chunk.toString('utf-8');
+            const nl = buf.indexOf('\n');
+            if (nl >= 0) {
+                cleanup();
+                resolve(buf.slice(0, nl).replace(/\r$/, ''));
+            }
+        };
+        const onEnd = () => {
+            cleanup();
+            resolve(buf.replace(/\r$/, '').trim());
+        };
+        const cleanup = () => {
+            process.stdin.removeListener('data', onData);
+            process.stdin.removeListener('end', onEnd);
+        };
+        process.stdin.setEncoding('utf-8');
+        if (typeof process.stdin.isPaused === 'function' && process.stdin.isPaused())
+            process.stdin.resume();
+        process.stdin.on('data', onData);
+        process.stdin.once('end', onEnd);
+    });
+}

package/lib/utils/publish-diagnose.js

@@ -70,11 +70,15 @@ function formatLiveToken404(name, version, username) {
         '',
         `Authenticated as: ${username}`,
         '',
-        `The package ${name} does not yet exist on npmjs.com. For a brand-new`,
-        'scoped package, this usually means the first-publish bootstrap step is needed',
-        '(see AGENTS.md > "New @gjsify/* package: first-publish + Trusted Publisher',
-        'bootstrap"). If you\'re sure you have write access to the scope, verify with:',
-        '  npm access ls-packages',
+        `Your token authenticates, so this is NOT a dead-token problem. The package`,
+        `${name} is not (yet) on npmjs.com. Two cases:`,
+        '',
+        '  1. First publish of a brand-new scoped package — do the one-time bootstrap',
+        '     (see AGENTS.md > "New @gjsify/* package: first-publish + Trusted',
+        '     Publisher bootstrap"). The npm registry can also 404 *transiently*',
+        '     while provisioning a brand-new package: simply re-run, or do the very',
+        '     first publish with `npm publish` (then configure the Trusted Publisher).',
+        '  2. You lack publish access to the scope — verify with `npm access ls-packages`.',
     ].join('\n');
 }
 function formatUnknown(name, version) {

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@gjsify/cli",
-    "version": "0.4.36",
+    "version": "0.4.37",
     "description": "CLI for Gjsify",
     "type": "module",
     "main": "lib/index.js",
@@ -120,19 +120,19 @@
         "cli"
     ],
     "dependencies": {
-        "@gjsify/buffer": "^0.4.36",
-        "@gjsify/create-app": "^0.4.36",
-        "@gjsify/node-globals": "^0.4.36",
-        "@gjsify/node-polyfills": "^0.4.36",
-        "@gjsify/npm-registry": "^0.4.36",
-        "@gjsify/resolve-npm": "^0.4.36",
-        "@gjsify/rolldown-plugin-gjsify": "^0.4.36",
-        "@gjsify/rolldown-plugin-pnp": "^0.4.36",
-        "@gjsify/semver": "^0.4.36",
-        "@gjsify/tar": "^0.4.36",
-        "@gjsify/tsc": "^0.4.36",
-        "@gjsify/web-polyfills": "^0.4.36",
-        "@gjsify/workspace": "^0.4.36",
+        "@gjsify/buffer": "^0.4.37",
+        "@gjsify/create-app": "^0.4.37",
+        "@gjsify/node-globals": "^0.4.37",
+        "@gjsify/node-polyfills": "^0.4.37",
+        "@gjsify/npm-registry": "^0.4.37",
+        "@gjsify/resolve-npm": "^0.4.37",
+        "@gjsify/rolldown-plugin-gjsify": "^0.4.37",
+        "@gjsify/rolldown-plugin-pnp": "^0.4.37",
+        "@gjsify/semver": "^0.4.37",
+        "@gjsify/tar": "^0.4.37",
+        "@gjsify/tsc": "^0.4.37",
+        "@gjsify/web-polyfills": "^0.4.37",
+        "@gjsify/workspace": "^0.4.37",
         "cosmiconfig": "^9.0.1",
         "get-tsconfig": "^4.14.0",
         "pkg-types": "^2.3.1",
@@ -140,12 +140,12 @@
         "yargs": "^18.0.0"
     },
     "devDependencies": {
-        "@gjsify/unit": "^0.4.36",
+        "@gjsify/unit": "^0.4.37",
         "@types/yargs": "^17.0.35",
         "typescript": "^5.9.3"
     },
     "peerDependencies": {
-        "@gjsify/rolldown-native": "^0.4.36"
+        "@gjsify/rolldown-native": "^0.4.37"
     },
     "peerDependenciesMeta": {
         "@gjsify/rolldown-native": {