@go-tapd/tapd 0.1.5

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 flc1125 (https://github.com/flc1125, https://flc.io)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,13 @@
+# TAPD CLI
+
+This npm package installs the `tapd` command line client from the matching
+GitHub Release binary.
+
+```bash
+npm install -g @go-tapd/tapd
+tapd --help
+```
+
+The installer downloads the archive for the current operating system and CPU
+architecture, verifies it with the release checksum, and exposes the `tapd`
+binary through npm's global bin path.

package/bin/tapd.js

@@ -0,0 +1,23 @@
+#!/usr/bin/env node
+
+const { spawnSync } = require("node:child_process");
+const path = require("node:path");
+
+const binaryName = process.platform === "win32" ? "tapd.exe" : "tapd";
+const binaryPath = path.join(__dirname, "..", "vendor", binaryName);
+
+const result = spawnSync(binaryPath, process.argv.slice(2), {
+  stdio: "inherit",
+});
+
+if (result.error) {
+  console.error(`Failed to run tapd binary at ${binaryPath}: ${result.error.message}`);
+  process.exit(1);
+}
+
+if (result.signal) {
+  console.error(`tapd exited because of signal ${result.signal}`);
+  process.exit(1);
+}
+
+process.exit(result.status ?? 0);

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "@go-tapd/tapd",
+  "version": "0.1.5",
+  "description": "TAPD command line client",
+  "license": "MIT",
+  "homepage": "https://github.com/go-tapd/cli",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/go-tapd/cli.git"
+  },
+  "bugs": {
+    "url": "https://github.com/go-tapd/cli/issues"
+  },
+  "bin": {
+    "tapd": "bin/tapd.js"
+  },
+  "files": [
+    "bin/",
+    "scripts/",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "postinstall": "node scripts/install.js"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "os": [
+    "darwin",
+    "linux",
+    "win32"
+  ],
+  "cpu": [
+    "x64",
+    "arm64"
+  ],
+  "publishConfig": {
+    "access": "public"
+  }
+}

package/scripts/install.js

@@ -0,0 +1,218 @@
+#!/usr/bin/env node
+
+const childProcess = require("node:child_process");
+const crypto = require("node:crypto");
+const fs = require("node:fs");
+const https = require("node:https");
+const os = require("node:os");
+const path = require("node:path");
+
+const packageJson = require("../package.json");
+
+const repo = "go-tapd/cli";
+const version = process.env.TAPD_VERSION || packageJson.version;
+const tag = version.startsWith("v") ? version : `v${version}`;
+
+const platformNames = {
+  darwin: "Darwin",
+  linux: "Linux",
+  win32: "Windows",
+};
+
+const archNames = {
+  x64: "x86_64",
+  arm64: "arm64",
+};
+
+function fail(message) {
+  console.error(`tapd npm install failed: ${message}`);
+  process.exit(1);
+}
+
+function assetName() {
+  const platform = platformNames[process.platform];
+  const arch = archNames[process.arch];
+
+  if (!platform || !arch) {
+    fail(`unsupported platform ${process.platform}/${process.arch}`);
+  }
+
+  const extension = process.platform === "win32" ? "zip" : "tar.gz";
+  return `tapd_${version.replace(/^v/, "")}_${platform}_${arch}.${extension}`;
+}
+
+function request(url, redirects = 0) {
+  return new Promise((resolve, reject) => {
+    https
+      .get(
+        url,
+        {
+          headers: {
+            "User-Agent": "@go-tapd/tapd npm installer",
+          },
+        },
+        (response) => {
+          const statusCode = response.statusCode || 0;
+          const location = response.headers.location;
+
+          if (statusCode >= 300 && statusCode < 400 && location) {
+            response.resume();
+            if (redirects > 5) {
+              reject(new Error(`too many redirects while downloading ${url}`));
+              return;
+            }
+            resolve(request(new URL(location, url).toString(), redirects + 1));
+            return;
+          }
+
+          if (statusCode < 200 || statusCode >= 300) {
+            response.resume();
+            reject(new Error(`download failed with HTTP ${statusCode}: ${url}`));
+            return;
+          }
+
+          resolve(response);
+        },
+      )
+      .on("error", reject);
+  });
+}
+
+async function downloadText(url) {
+  const response = await request(url);
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    response.on("data", (chunk) => chunks.push(chunk));
+    response.on("end", () => resolve(Buffer.concat(chunks).toString("utf8")));
+    response.on("error", reject);
+  });
+}
+
+async function downloadFile(url, destination) {
+  const response = await request(url);
+  await new Promise((resolve, reject) => {
+    const file = fs.createWriteStream(destination);
+    response.pipe(file);
+    file.on("finish", () => file.close(resolve));
+    file.on("error", reject);
+    response.on("error", reject);
+  });
+}
+
+function checksumFor(checksums, name) {
+  const line = checksums
+    .split(/\r?\n/)
+    .find((entry) => entry.includes(name));
+
+  if (!line) {
+    fail(`could not find ${name} in checksums.txt`);
+  }
+
+  const match = line.match(/[a-f0-9]{64}/i);
+  if (!match) {
+    fail(`could not parse checksum for ${name}`);
+  }
+
+  return match[0].toLowerCase();
+}
+
+function sha256(file) {
+  const hash = crypto.createHash("sha256");
+  hash.update(fs.readFileSync(file));
+  return hash.digest("hex");
+}
+
+function extractArchive(archive, destination) {
+  if (process.platform === "win32") {
+    childProcess.execFileSync(
+      "powershell",
+      [
+        "-NoProfile",
+        "-ExecutionPolicy",
+        "Bypass",
+        "-Command",
+        "Expand-Archive -LiteralPath $args[0] -DestinationPath $args[1] -Force",
+        archive,
+        destination,
+      ],
+      { stdio: "inherit" },
+    );
+    return;
+  }
+
+  childProcess.execFileSync("tar", ["-xzf", archive, "-C", destination], {
+    stdio: "inherit",
+  });
+}
+
+function findBinary(directory) {
+  const binaryName = process.platform === "win32" ? "tapd.exe" : "tapd";
+  const entries = fs.readdirSync(directory, { withFileTypes: true });
+
+  for (const entry of entries) {
+    const entryPath = path.join(directory, entry.name);
+    if (entry.isFile() && entry.name === binaryName) {
+      return entryPath;
+    }
+    if (entry.isDirectory()) {
+      const found = findBinary(entryPath);
+      if (found) {
+        return found;
+      }
+    }
+  }
+
+  return "";
+}
+
+async function main() {
+  if (process.env.TAPD_SKIP_DOWNLOAD) {
+    console.log("Skipping tapd binary download because TAPD_SKIP_DOWNLOAD is set.");
+    return;
+  }
+
+  const name = assetName();
+  const baseUrl = `https://github.com/${repo}/releases/download/${tag}`;
+  const archiveUrl = `${baseUrl}/${name}`;
+  const checksumsUrl = `${baseUrl}/checksums.txt`;
+  const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "tapd-npm-"));
+  const archivePath = path.join(tempDir, name);
+  const extractDir = path.join(tempDir, "extract");
+
+  fs.mkdirSync(extractDir);
+
+  try {
+    console.log(`Downloading ${archiveUrl}`);
+    await downloadFile(archiveUrl, archivePath);
+
+    const expected = checksumFor(await downloadText(checksumsUrl), name);
+    const actual = sha256(archivePath);
+
+    if (actual !== expected) {
+      fail(`checksum mismatch for ${name}: expected ${expected}, got ${actual}`);
+    }
+
+    extractArchive(archivePath, extractDir);
+
+    const binary = findBinary(extractDir);
+    if (!binary) {
+      fail(`tapd binary not found in ${name}`);
+    }
+
+    const vendorDir = path.join(__dirname, "..", "vendor");
+    const target = path.join(vendorDir, process.platform === "win32" ? "tapd.exe" : "tapd");
+    fs.rmSync(vendorDir, { force: true, recursive: true });
+    fs.mkdirSync(vendorDir, { recursive: true });
+    fs.copyFileSync(binary, target);
+
+    if (process.platform !== "win32") {
+      fs.chmodSync(target, 0o755);
+    }
+
+    console.log(`Installed tapd ${version} to ${target}`);
+  } finally {
+    fs.rmSync(tempDir, { force: true, recursive: true });
+  }
+}
+
+main().catch((error) => fail(error.message));

package/scripts/set-version.js

@@ -0,0 +1,20 @@
+#!/usr/bin/env node
+
+const fs = require("node:fs");
+const path = require("node:path");
+
+const rawVersion = process.argv[2] || process.env.GITHUB_REF_NAME || process.env.RELEASE_VERSION || "";
+const version = rawVersion.replace(/^refs\/tags\//, "").replace(/^v/, "");
+
+if (!/^\d+\.\d+\.\d+(?:[-+][0-9A-Za-z.-]+)?$/.test(version)) {
+  console.error(`Invalid release version: ${rawVersion}`);
+  process.exit(1);
+}
+
+const packagePath = path.join(__dirname, "..", "package.json");
+const packageJson = JSON.parse(fs.readFileSync(packagePath, "utf8"));
+
+packageJson.version = version;
+fs.writeFileSync(packagePath, `${JSON.stringify(packageJson, null, 2)}\n`);
+
+console.log(`Set npm package version to ${version}`);