@h-rig/cli 0.0.6-alpha.90 → 0.0.6-alpha.91

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (118) hide show
  1. package/README.md +18 -19
  2. package/dist/bin/build-rig-binaries.js +22 -10
  3. package/dist/bin/rig.d.ts +71 -1
  4. package/dist/bin/rig.js +15078 -11169
  5. package/dist/config/rig-default-config.yml +5 -0
  6. package/dist/src/app/drone-ui.d.ts +11 -14
  7. package/dist/src/app/drone-ui.js +70 -86
  8. package/dist/src/commands/_async-ui.d.ts +1 -4
  9. package/dist/src/commands/_async-ui.js +9 -111
  10. package/dist/src/commands/_cli-format.d.ts +16 -9
  11. package/dist/src/commands/_cli-format.js +167 -295
  12. package/dist/src/commands/_connection-state.d.ts +11 -1
  13. package/dist/src/commands/_connection-state.js +50 -5
  14. package/dist/src/commands/_doctor-checks.d.ts +0 -6
  15. package/dist/src/commands/_doctor-checks.js +79 -382
  16. package/dist/src/commands/_help-catalog.d.ts +1 -1
  17. package/dist/src/commands/_help-catalog.js +217 -157
  18. package/dist/src/commands/_inprocess-services.d.ts +33 -0
  19. package/dist/src/commands/_inprocess-services.js +102 -0
  20. package/dist/src/commands/_json-output.js +4 -0
  21. package/dist/src/commands/_lazy-reconcile.d.ts +34 -0
  22. package/dist/src/commands/_lazy-reconcile.js +102 -0
  23. package/dist/src/commands/_paths.js +1 -1
  24. package/dist/src/commands/_pi-frontend.d.ts +18 -10
  25. package/dist/src/commands/_pi-frontend.js +37 -715
  26. package/dist/src/commands/_pi-install.js +18 -36
  27. package/dist/src/commands/_policy.d.ts +1 -1
  28. package/dist/src/commands/_policy.js +56 -15
  29. package/dist/src/commands/_run-bridge.d.ts +114 -0
  30. package/dist/src/commands/_run-bridge.js +387 -0
  31. package/dist/src/commands/_run-diagnostics.d.ts +9 -0
  32. package/dist/src/commands/_run-diagnostics.js +51 -0
  33. package/dist/src/commands/_run-driver-helpers.d.ts +8 -81
  34. package/dist/src/commands/_run-driver-helpers.js +79 -283
  35. package/dist/src/commands/_run-projection.d.ts +50 -0
  36. package/dist/src/commands/_run-projection.js +349 -0
  37. package/dist/src/commands/_run-subcommands.d.ts +3 -0
  38. package/dist/src/commands/_run-subcommands.js +31 -0
  39. package/dist/src/commands/_spinner.js +1 -1
  40. package/dist/src/commands/agent.d.ts +1 -1
  41. package/dist/src/commands/agent.js +8559 -239
  42. package/dist/src/commands/dist.d.ts +1 -1
  43. package/dist/src/commands/dist.js +27 -19
  44. package/dist/src/commands/doctor.d.ts +1 -1
  45. package/dist/src/commands/doctor.js +93 -475
  46. package/dist/src/commands/github.d.ts +1 -1
  47. package/dist/src/commands/github.js +113 -387
  48. package/dist/src/commands/inbox.d.ts +22 -24
  49. package/dist/src/commands/inbox.js +420 -691
  50. package/dist/src/commands/init.d.ts +6 -16
  51. package/dist/src/commands/init.js +334 -971
  52. package/dist/src/commands/inspect.d.ts +19 -2
  53. package/dist/src/commands/inspect.js +644 -610
  54. package/dist/src/commands/pi.d.ts +1 -1
  55. package/dist/src/commands/plugin.d.ts +1 -1
  56. package/dist/src/commands/plugin.js +486 -7
  57. package/dist/src/commands/profile-and-review.d.ts +1 -1
  58. package/dist/src/commands/profile-and-review.js +94 -56
  59. package/dist/src/commands/queue.js +1 -21
  60. package/dist/src/commands/remote.d.ts +1 -1
  61. package/dist/src/commands/remote.js +837 -14
  62. package/dist/src/commands/repo-git-harness.d.ts +1 -1
  63. package/dist/src/commands/repo-git-harness.js +57 -14
  64. package/dist/src/commands/run.d.ts +20 -2
  65. package/dist/src/commands/run.js +17579 -1759
  66. package/dist/src/commands/server.d.ts +2 -6
  67. package/dist/src/commands/server.js +141 -723
  68. package/dist/src/commands/setup.d.ts +1 -1
  69. package/dist/src/commands/setup.js +102 -484
  70. package/dist/src/commands/stats.d.ts +13 -10
  71. package/dist/src/commands/stats.js +689 -761
  72. package/dist/src/commands/task-run-driver.d.ts +50 -88
  73. package/dist/src/commands/task-run-driver.js +116 -2717
  74. package/dist/src/commands/task.d.ts +34 -13
  75. package/dist/src/commands/task.js +668 -2523
  76. package/dist/src/commands/test.d.ts +1 -1
  77. package/dist/src/commands/triage.d.ts +11 -0
  78. package/dist/src/commands/triage.js +227 -0
  79. package/dist/src/commands/workspace.d.ts +1 -1
  80. package/dist/src/commands.d.ts +0 -16
  81. package/dist/src/commands.js +16657 -12250
  82. package/dist/src/index.js +16528 -12497
  83. package/dist/src/launcher.js +4 -0
  84. package/dist/src/operator-cli.d.ts +2 -0
  85. package/dist/src/operator-cli.js +17837 -0
  86. package/dist/src/operator-entry.d.ts +1 -0
  87. package/dist/src/operator-entry.js +3 -0
  88. package/package.json +18 -12
  89. package/dist/src/app/board.d.ts +0 -23
  90. package/dist/src/app/board.js +0 -1786
  91. package/dist/src/app/theme.d.ts +0 -47
  92. package/dist/src/app/theme.js +0 -150
  93. package/dist/src/commands/_authority-runs.d.ts +0 -22
  94. package/dist/src/commands/_authority-runs.js +0 -110
  95. package/dist/src/commands/_operator-surface.d.ts +0 -34
  96. package/dist/src/commands/_operator-surface.js +0 -220
  97. package/dist/src/commands/_operator-view.d.ts +0 -30
  98. package/dist/src/commands/_operator-view.js +0 -1070
  99. package/dist/src/commands/_preflight.d.ts +0 -22
  100. package/dist/src/commands/_preflight.js +0 -540
  101. package/dist/src/commands/_run-replay.d.ts +0 -24
  102. package/dist/src/commands/_run-replay.js +0 -142
  103. package/dist/src/commands/_server-client.d.ts +0 -186
  104. package/dist/src/commands/_server-client.js +0 -681
  105. package/dist/src/commands/_snapshot-upload.d.ts +0 -39
  106. package/dist/src/commands/_snapshot-upload.js +0 -455
  107. package/dist/src/commands/_task-picker.d.ts +0 -9
  108. package/dist/src/commands/_task-picker.js +0 -201
  109. package/dist/src/commands/browser.d.ts +0 -65
  110. package/dist/src/commands/browser.js +0 -1173
  111. package/dist/src/commands/connect.d.ts +0 -7
  112. package/dist/src/commands/connect.js +0 -419
  113. package/dist/src/commands/inspector.d.ts +0 -3
  114. package/dist/src/commands/inspector.js +0 -263
  115. package/dist/src/commands/task-report-bug.d.ts +0 -19
  116. package/dist/src/commands/task-report-bug.js +0 -1281
  117. package/dist/src/report-bug.d.ts +0 -44
  118. package/dist/src/report-bug.js +0 -260
@@ -60,20 +60,843 @@ Usage: ${usage}`);
60
60
  return taskId;
61
61
  }
62
62
 
63
- // packages/cli/src/commands/remote.ts
64
- import {
65
- doctorManagedRemoteEndpoints,
66
- listManagedRemoteEndpoints,
67
- matchesEventFilter,
68
- migrateManagedRemoteEndpoints,
69
- RemoteCliError,
70
- RemoteWsClient,
71
- removeManagedRemoteEndpoint,
72
- resolveRemoteEndpoint,
73
- summarizeMessage,
74
- updateManagedRemoteEndpointInAuthority,
75
- upsertManagedRemoteEndpoint
76
- } from "@rig/runtime/control-plane/remote";
63
+ // packages/runtime/src/control-plane/remote.ts
64
+ import { randomUUID } from "crypto";
65
+ import { chmodSync, existsSync as existsSync2, mkdirSync, readFileSync, writeFileSync } from "fs";
66
+ import { homedir } from "os";
67
+ import { dirname as dirname2, join, resolve as resolve2 } from "path";
68
+ import { parse as parseToml, stringify as stringifyToml } from "smol-toml";
69
+
70
+ // packages/runtime/src/control-plane/server-paths.ts
71
+ import { existsSync } from "fs";
72
+ import { dirname, resolve, relative } from "path";
73
+ import { assertPathInsideRoot, assertSafeRunId, safePathSegment } from "@rig/shared/safe-identifiers";
74
+ function normalizeOptionalString(value) {
75
+ return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
76
+ }
77
+ function resolveAuthorityPaths(projectRoot) {
78
+ const normalizedRoot = resolve(projectRoot);
79
+ const stateRoot = resolveAuthorityStateRoot(normalizedRoot);
80
+ const stateDir = resolveAuthorityStateDir(normalizedRoot);
81
+ return {
82
+ projectRoot: normalizedRoot,
83
+ harnessRoot: resolve(normalizedRoot, "rig"),
84
+ runsDir: resolve(stateRoot, "runs"),
85
+ remoteDir: resolve(stateRoot, "remote"),
86
+ stateDir,
87
+ remoteEndpointsPath: resolve(stateRoot, "remote", "endpoints.toml"),
88
+ remoteSecretsPath: resolve(stateDir, "remote-secrets.toml")
89
+ };
90
+ }
91
+ function resolveAuthorityStateRoot(projectRoot) {
92
+ const normalizedRoot = resolve(projectRoot);
93
+ const taskWorkspace = normalizeOptionalString(process.env.RIG_TASK_WORKSPACE);
94
+ if (taskWorkspace) {
95
+ return resolve(taskWorkspace, ".rig");
96
+ }
97
+ const stateDir = normalizeOptionalString(process.env.RIG_STATE_DIR);
98
+ if (stateDir) {
99
+ return dirname(resolve(stateDir));
100
+ }
101
+ const logsDir = normalizeOptionalString(process.env.RIG_LOGS_DIR);
102
+ if (logsDir) {
103
+ return dirname(resolve(logsDir));
104
+ }
105
+ const sessionFile = normalizeOptionalString(process.env.RIG_SESSION_FILE);
106
+ if (sessionFile) {
107
+ return dirname(dirname(resolve(sessionFile)));
108
+ }
109
+ const projectStateRoot = resolve(normalizedRoot, ".rig");
110
+ if (existsSync(projectStateRoot)) {
111
+ return projectStateRoot;
112
+ }
113
+ return resolve(normalizedRoot, ".rig");
114
+ }
115
+ function resolveAuthorityStateDir(projectRoot) {
116
+ const explicit = normalizeOptionalString(process.env.RIG_STATE_DIR);
117
+ if (explicit) {
118
+ return resolve(explicit);
119
+ }
120
+ return resolve(resolveAuthorityStateRoot(projectRoot), "state");
121
+ }
122
+
123
+ // packages/runtime/src/control-plane/remote.ts
124
+ var DEFAULT_REMOTE_PORT = 7890;
125
+ var DEFAULT_TIMEOUTS = {
126
+ connectMs: 5000,
127
+ authMs: 5000,
128
+ requestMs: 30000,
129
+ subscriptionMs: 1e4
130
+ };
131
+ var REMOTES_CONFIG_PATH = join(homedir(), ".config", "rig", "remotes.toml");
132
+
133
+ class RemoteCliError extends Error {
134
+ code;
135
+ exitCode;
136
+ details;
137
+ constructor(code, message, exitCode = 1, details) {
138
+ super(message);
139
+ this.name = "RemoteCliError";
140
+ this.code = code;
141
+ this.exitCode = exitCode;
142
+ this.details = details;
143
+ }
144
+ }
145
+ function loadRemotesConfig(configPath = REMOTES_CONFIG_PATH) {
146
+ if (!existsSync2(configPath)) {
147
+ return { version: 1, remotes: {} };
148
+ }
149
+ try {
150
+ const content = readFileSync(configPath, "utf-8");
151
+ if (!content.trim()) {
152
+ return { version: 1, remotes: {} };
153
+ }
154
+ const parsed = parseToml(content);
155
+ return {
156
+ version: parsed.version ?? 1,
157
+ remotes: parsed.remotes ?? {}
158
+ };
159
+ } catch (error) {
160
+ throw new RemoteCliError("RIG_REMOTE_CONFIG_PARSE_ERROR", `Failed to parse remotes config at ${configPath}: ${error instanceof Error ? error.message : String(error)}`, 2, { configPath });
161
+ }
162
+ }
163
+ function saveRemotesConfig(config, configPath = REMOTES_CONFIG_PATH) {
164
+ mkdirSync(dirname2(configPath), { recursive: true });
165
+ writeFileSync(configPath, `${stringifyToml(config).trimEnd()}
166
+ `, "utf-8");
167
+ try {
168
+ chmodSync(configPath, 384);
169
+ } catch {}
170
+ }
171
+ function readTomlFile(path, fallback) {
172
+ if (!existsSync2(path))
173
+ return fallback;
174
+ const raw = readFileSync(path, "utf8");
175
+ if (!raw.trim())
176
+ return fallback;
177
+ return parseToml(raw);
178
+ }
179
+ function writeTomlFile(path, value) {
180
+ mkdirSync(dirname2(path), { recursive: true });
181
+ writeFileSync(path, `${stringifyToml(value).trimEnd()}
182
+ `, "utf8");
183
+ }
184
+ function normalizeStringArray(value) {
185
+ if (!Array.isArray(value))
186
+ return [];
187
+ return value.map((entry) => normalizeString(entry)).filter((entry) => entry !== "");
188
+ }
189
+ function normalizePort(value) {
190
+ const port = typeof value === "number" ? value : Number(value);
191
+ return Number.isInteger(port) && port > 0 && port <= 65535 ? port : DEFAULT_REMOTE_PORT;
192
+ }
193
+ function loadRemoteEndpointsToml(projectRoot) {
194
+ const paths = resolveAuthorityPaths(projectRoot);
195
+ const parsed = readTomlFile(paths.remoteEndpointsPath, { version: 1, endpoints: {} });
196
+ return {
197
+ version: parsed.version ?? 1,
198
+ endpoints: parsed.endpoints ?? {}
199
+ };
200
+ }
201
+ function loadRemoteSecretsToml(projectRoot) {
202
+ const paths = resolveAuthorityPaths(projectRoot);
203
+ const parsed = readTomlFile(paths.remoteSecretsPath, { version: 1, secrets: {} });
204
+ return {
205
+ version: parsed.version ?? 1,
206
+ secrets: parsed.secrets ?? {}
207
+ };
208
+ }
209
+ function saveRemoteEndpointsToml(projectRoot, payload) {
210
+ writeTomlFile(resolveAuthorityPaths(projectRoot).remoteEndpointsPath, payload);
211
+ }
212
+ function saveRemoteSecretsToml(projectRoot, payload) {
213
+ const paths = resolveAuthorityPaths(projectRoot);
214
+ writeTomlFile(paths.remoteSecretsPath, payload);
215
+ try {
216
+ chmodSync(paths.remoteSecretsPath, 384);
217
+ } catch {}
218
+ }
219
+ function listAuthorityRemoteEndpoints(projectRoot) {
220
+ const endpoints = loadRemoteEndpointsToml(projectRoot).endpoints ?? {};
221
+ const secrets = loadRemoteSecretsToml(projectRoot).secrets ?? {};
222
+ return Object.values(endpoints).map((entry) => {
223
+ const token = secrets[entry.secret_ref] ?? "";
224
+ return {
225
+ id: entry.id,
226
+ alias: entry.alias,
227
+ host: entry.host,
228
+ port: normalizePort(entry.port),
229
+ token,
230
+ autoConnect: Boolean(entry.auto_connect),
231
+ addedAt: entry.created_at,
232
+ updatedAt: entry.updated_at,
233
+ lastConnectedAt: normalizeString(entry.last_connected_at) || null,
234
+ labels: normalizeStringArray(entry.labels),
235
+ capabilities: normalizeStringArray(entry.capabilities),
236
+ transport: normalizeString(entry.transport) || "websocket",
237
+ secretRef: entry.secret_ref
238
+ };
239
+ }).sort((left, right) => left.alias.localeCompare(right.alias));
240
+ }
241
+ function nextRemoteEndpointRecord(input) {
242
+ const timestamp = new Date().toISOString();
243
+ const secretRef = input.existing?.secret_ref ?? randomUUID();
244
+ return {
245
+ record: {
246
+ id: input.endpointId ?? input.existing?.id ?? randomUUID(),
247
+ alias: input.alias,
248
+ host: input.host,
249
+ port: normalizePort(input.port),
250
+ transport: normalizeString(input.transport) || normalizeString(input.existing?.transport) || "websocket",
251
+ auto_connect: input.autoConnect ?? input.existing?.auto_connect ?? false,
252
+ labels: input.labels ?? normalizeStringArray(input.existing?.labels),
253
+ capabilities: input.capabilities ?? normalizeStringArray(input.existing?.capabilities),
254
+ secret_ref: secretRef,
255
+ created_at: input.existing?.created_at ?? timestamp,
256
+ updated_at: timestamp,
257
+ last_connected_at: input.existing?.last_connected_at ?? null
258
+ },
259
+ secretRef
260
+ };
261
+ }
262
+ function upsertAuthorityRemoteEndpoint(projectRoot, input) {
263
+ const endpointsToml = loadRemoteEndpointsToml(projectRoot);
264
+ const secretsToml = loadRemoteSecretsToml(projectRoot);
265
+ const existing = Object.values(endpointsToml.endpoints ?? {}).find((entry) => entry.alias === input.alias) ?? null;
266
+ const { record, secretRef } = nextRemoteEndpointRecord({
267
+ endpointId: input.endpointId,
268
+ existing,
269
+ alias: input.alias,
270
+ host: input.host,
271
+ port: input.port,
272
+ token: input.token,
273
+ autoConnect: input.autoConnect,
274
+ transport: input.transport,
275
+ labels: input.labels,
276
+ capabilities: input.capabilities
277
+ });
278
+ endpointsToml.endpoints = {
279
+ ...endpointsToml.endpoints ?? {},
280
+ [record.id]: record
281
+ };
282
+ secretsToml.secrets = {
283
+ ...secretsToml.secrets ?? {},
284
+ [secretRef]: input.token
285
+ };
286
+ saveRemoteEndpointsToml(projectRoot, endpointsToml);
287
+ saveRemoteSecretsToml(projectRoot, secretsToml);
288
+ return listAuthorityRemoteEndpoints(projectRoot).find((entry) => entry.id === record.id);
289
+ }
290
+ function updateAuthorityRemoteEndpoint(projectRoot, input) {
291
+ const endpointsToml = loadRemoteEndpointsToml(projectRoot);
292
+ const secretsToml = loadRemoteSecretsToml(projectRoot);
293
+ const current = Object.values(endpointsToml.endpoints ?? {}).find((entry) => input.endpointId && entry.id === input.endpointId || input.alias && entry.alias === input.alias);
294
+ if (!current)
295
+ return null;
296
+ const record = {
297
+ ...current,
298
+ alias: normalizeString(input.alias) || current.alias,
299
+ host: normalizeString(input.host) || current.host,
300
+ port: input.port !== undefined ? normalizePort(input.port) : current.port,
301
+ auto_connect: input.autoConnect ?? current.auto_connect,
302
+ transport: normalizeString(input.transport) || current.transport,
303
+ labels: input.labels ?? normalizeStringArray(current.labels),
304
+ capabilities: input.capabilities ?? normalizeStringArray(current.capabilities),
305
+ updated_at: new Date().toISOString()
306
+ };
307
+ endpointsToml.endpoints = {
308
+ ...endpointsToml.endpoints ?? {},
309
+ [record.id]: record
310
+ };
311
+ if (input.token !== undefined) {
312
+ secretsToml.secrets = {
313
+ ...secretsToml.secrets ?? {},
314
+ [record.secret_ref]: input.token
315
+ };
316
+ }
317
+ saveRemoteEndpointsToml(projectRoot, endpointsToml);
318
+ saveRemoteSecretsToml(projectRoot, secretsToml);
319
+ return listAuthorityRemoteEndpoints(projectRoot).find((entry) => entry.id === record.id) ?? null;
320
+ }
321
+ function removeAuthorityRemoteEndpoint(projectRoot, endpointIdOrAlias) {
322
+ const endpointsToml = loadRemoteEndpointsToml(projectRoot);
323
+ const secretsToml = loadRemoteSecretsToml(projectRoot);
324
+ const entry = Object.values(endpointsToml.endpoints ?? {}).find((candidate) => candidate.id === endpointIdOrAlias || candidate.alias === endpointIdOrAlias);
325
+ if (!entry)
326
+ return false;
327
+ const nextEndpoints = { ...endpointsToml.endpoints ?? {} };
328
+ delete nextEndpoints[entry.id];
329
+ const nextSecrets = { ...secretsToml.secrets ?? {} };
330
+ delete nextSecrets[entry.secret_ref];
331
+ saveRemoteEndpointsToml(projectRoot, { version: endpointsToml.version ?? 1, endpoints: nextEndpoints });
332
+ saveRemoteSecretsToml(projectRoot, { version: secretsToml.version ?? 1, secrets: nextSecrets });
333
+ return true;
334
+ }
335
+ function markAuthorityRemoteEndpointConnected(projectRoot, endpointId, connectedAt = new Date().toISOString()) {
336
+ const endpointsToml = loadRemoteEndpointsToml(projectRoot);
337
+ const entry = endpointsToml.endpoints?.[endpointId];
338
+ if (!entry)
339
+ return;
340
+ endpointsToml.endpoints = {
341
+ ...endpointsToml.endpoints ?? {},
342
+ [endpointId]: {
343
+ ...entry,
344
+ last_connected_at: connectedAt,
345
+ updated_at: connectedAt
346
+ }
347
+ };
348
+ saveRemoteEndpointsToml(projectRoot, endpointsToml);
349
+ }
350
+ function importLegacyRemoteEndpoints(projectRoot, legacyPath = REMOTES_CONFIG_PATH) {
351
+ if (!existsSync2(legacyPath)) {
352
+ return { imported: 0, skipped: 0, sourcePath: legacyPath };
353
+ }
354
+ const parsed = readTomlFile(legacyPath, { version: 1, remotes: {} });
355
+ let imported = 0;
356
+ let skipped = 0;
357
+ for (const [alias, entry] of Object.entries(parsed.remotes ?? {})) {
358
+ const host = normalizeString(entry.host);
359
+ const token = normalizeString(entry.token);
360
+ if (!host || !token) {
361
+ skipped += 1;
362
+ continue;
363
+ }
364
+ upsertAuthorityRemoteEndpoint(projectRoot, {
365
+ alias,
366
+ host,
367
+ port: normalizePort(entry.port),
368
+ token
369
+ });
370
+ imported += 1;
371
+ }
372
+ return { imported, skipped, sourcePath: legacyPath };
373
+ }
374
+ function doctorAuthorityRemoteEndpoints(projectRoot) {
375
+ const paths = resolveAuthorityPaths(projectRoot);
376
+ const endpoints = loadRemoteEndpointsToml(projectRoot).endpoints ?? {};
377
+ const secrets = loadRemoteSecretsToml(projectRoot).secrets ?? {};
378
+ const missingSecrets = Object.values(endpoints).filter((entry) => !normalizeString(secrets[entry.secret_ref])).map((entry) => entry.alias);
379
+ const warnings = [];
380
+ if (!existsSync2(paths.remoteEndpointsPath)) {
381
+ warnings.push("Remote endpoint manifest is missing.");
382
+ }
383
+ if (!existsSync2(paths.remoteSecretsPath)) {
384
+ warnings.push("Remote secret store is missing.");
385
+ }
386
+ return {
387
+ manifestPath: paths.remoteEndpointsPath,
388
+ secretsPath: paths.remoteSecretsPath,
389
+ endpointCount: Object.keys(endpoints).length,
390
+ missingSecrets,
391
+ warnings
392
+ };
393
+ }
394
+ function listManagedRemoteEndpoints(configPath = REMOTES_CONFIG_PATH, projectRoot) {
395
+ if (projectRoot) {
396
+ return listAuthorityRemoteEndpoints(projectRoot).map((entry) => ({
397
+ id: entry.id,
398
+ alias: entry.alias,
399
+ host: entry.host,
400
+ port: entry.port,
401
+ token: entry.token,
402
+ addedAt: entry.addedAt,
403
+ lastConnected: entry.lastConnectedAt
404
+ }));
405
+ }
406
+ const config = loadRemotesConfig(configPath);
407
+ return Object.entries(config.remotes ?? {}).map(([alias, entry]) => ({
408
+ id: alias,
409
+ alias,
410
+ host: normalizeString(entry.host) || "",
411
+ port: Number.isFinite(entry.port) ? Number(entry.port) : DEFAULT_REMOTE_PORT,
412
+ token: normalizeString(entry.token) || "",
413
+ addedAt: normalizeString(entry.addedAt) || null,
414
+ lastConnected: normalizeString(entry.lastConnected) || null
415
+ })).sort((left, right) => left.alias.localeCompare(right.alias));
416
+ }
417
+ function upsertManagedRemoteEndpoint(input, configPath = REMOTES_CONFIG_PATH, projectRoot) {
418
+ if (projectRoot) {
419
+ const saved = upsertAuthorityRemoteEndpoint(projectRoot, {
420
+ ...input,
421
+ token: input.token ?? ""
422
+ });
423
+ return {
424
+ id: saved.id,
425
+ alias: saved.alias,
426
+ host: saved.host,
427
+ port: saved.port,
428
+ token: saved.token,
429
+ addedAt: saved.addedAt,
430
+ lastConnected: saved.lastConnectedAt
431
+ };
432
+ }
433
+ const config = loadRemotesConfig(configPath);
434
+ const existing = config.remotes?.[input.alias];
435
+ const nextEntry = {
436
+ host: input.host,
437
+ port: input.port,
438
+ token: input.token,
439
+ addedAt: normalizeString(existing?.addedAt) || new Date().toISOString(),
440
+ ...normalizeString(existing?.lastConnected) ? { lastConnected: normalizeString(existing?.lastConnected) } : {}
441
+ };
442
+ const nextConfig = {
443
+ version: config.version ?? 1,
444
+ remotes: {
445
+ ...config.remotes ?? {},
446
+ [input.alias]: nextEntry
447
+ }
448
+ };
449
+ saveRemotesConfig(nextConfig, configPath);
450
+ return {
451
+ id: input.alias,
452
+ alias: input.alias,
453
+ host: input.host,
454
+ port: input.port,
455
+ token: input.token ?? "",
456
+ addedAt: nextEntry.addedAt ?? null,
457
+ lastConnected: nextEntry.lastConnected ?? null
458
+ };
459
+ }
460
+ function removeManagedRemoteEndpoint(alias, configPath = REMOTES_CONFIG_PATH, projectRoot) {
461
+ if (projectRoot) {
462
+ return removeAuthorityRemoteEndpoint(projectRoot, alias);
463
+ }
464
+ const config = loadRemotesConfig(configPath);
465
+ if (!config.remotes?.[alias]) {
466
+ return false;
467
+ }
468
+ const nextRemotes = { ...config.remotes ?? {} };
469
+ delete nextRemotes[alias];
470
+ saveRemotesConfig({
471
+ version: config.version ?? 1,
472
+ remotes: nextRemotes
473
+ }, configPath);
474
+ return true;
475
+ }
476
+ function resolveRemoteEndpoint(options) {
477
+ const env = options.env ?? process.env;
478
+ const envHost = normalizeString(env.RIG_REMOTE_HOST);
479
+ const envToken = normalizeString(env.RIG_REMOTE_TOKEN);
480
+ const envPort = parsePort(normalizeString(env.RIG_REMOTE_PORT), "RIG_REMOTE_PORT");
481
+ const envAlias = normalizeString(env.RIG_REMOTE_ALIAS);
482
+ const explicitHost = normalizeString(options.host);
483
+ const explicitToken = normalizeString(options.token);
484
+ const explicitPort = parsePort(normalizeString(options.port), "--port");
485
+ const explicitProvided = Boolean(explicitHost || explicitToken || explicitPort !== null);
486
+ const requestedAlias = normalizeString(options.remoteAlias) || envAlias;
487
+ let endpoint = {
488
+ source: "env",
489
+ host: envHost || "",
490
+ port: envPort ?? DEFAULT_REMOTE_PORT,
491
+ token: envToken || "",
492
+ configPath: REMOTES_CONFIG_PATH
493
+ };
494
+ if (requestedAlias) {
495
+ if (options.projectRoot) {
496
+ const remote = listAuthorityRemoteEndpoints(options.projectRoot).find((entry) => entry.alias === requestedAlias);
497
+ if (!remote) {
498
+ const configPath = resolveAuthorityPaths(options.projectRoot).remoteEndpointsPath;
499
+ throw new RemoteCliError("RIG_REMOTE_ALIAS_NOT_FOUND", `Remote alias '${requestedAlias}' was not found in ${configPath}.`, 2, { alias: requestedAlias, configPath });
500
+ }
501
+ endpoint = {
502
+ source: "alias",
503
+ alias: requestedAlias,
504
+ host: remote.host,
505
+ port: remote.port,
506
+ token: remote.token,
507
+ configPath: resolveAuthorityPaths(options.projectRoot).remoteEndpointsPath
508
+ };
509
+ } else {
510
+ const config = loadRemotesConfig();
511
+ const remote = config.remotes?.[requestedAlias];
512
+ if (!remote) {
513
+ throw new RemoteCliError("RIG_REMOTE_ALIAS_NOT_FOUND", `Remote alias '${requestedAlias}' was not found in ${REMOTES_CONFIG_PATH}.`, 2, { alias: requestedAlias, configPath: REMOTES_CONFIG_PATH });
514
+ }
515
+ endpoint = {
516
+ source: "alias",
517
+ alias: requestedAlias,
518
+ host: normalizeString(remote.host) || "",
519
+ port: Number.isFinite(remote.port) ? Number(remote.port) : DEFAULT_REMOTE_PORT,
520
+ token: normalizeString(remote.token) || "",
521
+ configPath: REMOTES_CONFIG_PATH
522
+ };
523
+ }
524
+ }
525
+ if (explicitProvided) {
526
+ endpoint = {
527
+ ...endpoint,
528
+ source: "flags",
529
+ host: explicitHost || endpoint.host,
530
+ port: explicitPort ?? endpoint.port,
531
+ token: explicitToken || endpoint.token
532
+ };
533
+ }
534
+ if (!endpoint.host) {
535
+ throw new RemoteCliError("RIG_REMOTE_HOST_REQUIRED", "Remote host is required. Pass --host, --remote <alias>, or set RIG_REMOTE_HOST.", 2);
536
+ }
537
+ if (!Number.isFinite(endpoint.port) || endpoint.port <= 0 || endpoint.port > 65535) {
538
+ throw new RemoteCliError("RIG_REMOTE_INVALID_PORT", `Invalid remote port: ${endpoint.port}.`, 2);
539
+ }
540
+ return endpoint;
541
+ }
542
+
543
+ class RemoteWsClient {
544
+ endpoint;
545
+ ws = null;
546
+ connected = false;
547
+ pending = new Map;
548
+ onEvent;
549
+ requestTimeoutMs;
550
+ connectTimeoutMs;
551
+ authTimeoutMs;
552
+ subscriptionTimeoutMs;
553
+ connectionToken = null;
554
+ connectionTokenExpiresAt = null;
555
+ tokenRefreshTimer = null;
556
+ constructor(endpoint, options = {}) {
557
+ this.endpoint = endpoint;
558
+ this.onEvent = options.onEvent;
559
+ this.connectTimeoutMs = options.connectTimeoutMs ?? DEFAULT_TIMEOUTS.connectMs;
560
+ this.authTimeoutMs = options.authTimeoutMs ?? DEFAULT_TIMEOUTS.authMs;
561
+ this.requestTimeoutMs = options.requestTimeoutMs ?? DEFAULT_TIMEOUTS.requestMs;
562
+ this.subscriptionTimeoutMs = options.subscriptionTimeoutMs ?? DEFAULT_TIMEOUTS.subscriptionMs;
563
+ }
564
+ setEventHandler(handler) {
565
+ this.onEvent = handler;
566
+ }
567
+ async connect() {
568
+ if (this.connected) {
569
+ return;
570
+ }
571
+ const url = `ws://${this.endpoint.host}:${this.endpoint.port}`;
572
+ await new Promise((resolve3, reject) => {
573
+ let authResolved = false;
574
+ let connectTimer = setTimeout(() => {
575
+ connectTimer = null;
576
+ reject(new RemoteCliError("RIG_REMOTE_CONNECT_TIMEOUT", `Timed out connecting to ${url} after ${this.connectTimeoutMs}ms.`, 3, { host: this.endpoint.host, port: this.endpoint.port, timeoutMs: this.connectTimeoutMs }));
577
+ }, this.connectTimeoutMs);
578
+ const ws = new WebSocket(url);
579
+ this.ws = ws;
580
+ ws.onopen = () => {
581
+ const authMessage = {
582
+ type: "auth",
583
+ id: crypto.randomUUID(),
584
+ timestamp: new Date().toISOString(),
585
+ token: this.connectionToken || this.endpoint.token,
586
+ tokenType: this.connectionToken ? "connection" : "server"
587
+ };
588
+ let authTimer = setTimeout(() => {
589
+ authTimer = null;
590
+ reject(new RemoteCliError("RIG_REMOTE_AUTH_TIMEOUT", `Timed out waiting for auth response from ${url} after ${this.authTimeoutMs}ms.`, 3, { host: this.endpoint.host, port: this.endpoint.port, timeoutMs: this.authTimeoutMs }));
591
+ }, this.authTimeoutMs);
592
+ ws.send(JSON.stringify(authMessage));
593
+ const originalOnMessage = ws.onmessage;
594
+ ws.onmessage = (event) => {
595
+ const message = parseIncomingMessage(event.data);
596
+ if (!message) {
597
+ return;
598
+ }
599
+ if (message.type === "auth_response" && !authResolved) {
600
+ authResolved = true;
601
+ if (connectTimer) {
602
+ clearTimeout(connectTimer);
603
+ connectTimer = null;
604
+ }
605
+ if (authTimer) {
606
+ clearTimeout(authTimer);
607
+ authTimer = null;
608
+ }
609
+ const auth = message;
610
+ if (!auth.success) {
611
+ reject(new RemoteCliError("RIG_REMOTE_AUTH_FAILED", auth.error || "Remote authentication failed.", 3, { host: this.endpoint.host, port: this.endpoint.port }));
612
+ return;
613
+ }
614
+ if (auth.connectionToken && auth.connectionTokenExpiresAt) {
615
+ this.connectionToken = auth.connectionToken;
616
+ this.connectionTokenExpiresAt = auth.connectionTokenExpiresAt;
617
+ this.scheduleTokenRefresh();
618
+ }
619
+ if (this.endpoint.configPath.endsWith("endpoints.toml")) {
620
+ const projectRoot = dirname2(dirname2(dirname2(this.endpoint.configPath)));
621
+ try {
622
+ markAuthorityRemoteEndpointConnected(projectRoot, this.endpoint.alias ? listAuthorityRemoteEndpoints(projectRoot).find((entry) => entry.alias === this.endpoint.alias)?.id ?? "" : "");
623
+ } catch {}
624
+ }
625
+ this.connected = true;
626
+ ws.onmessage = (event2) => {
627
+ const next = parseIncomingMessage(event2.data);
628
+ if (!next) {
629
+ return;
630
+ }
631
+ this.routeMessage(next);
632
+ };
633
+ resolve3();
634
+ return;
635
+ }
636
+ if (typeof originalOnMessage === "function") {
637
+ originalOnMessage.call(ws, event);
638
+ }
639
+ };
640
+ };
641
+ ws.onerror = () => {
642
+ if (connectTimer) {
643
+ clearTimeout(connectTimer);
644
+ connectTimer = null;
645
+ }
646
+ if (!authResolved) {
647
+ reject(new RemoteCliError("RIG_REMOTE_CONNECT_FAILED", `Failed to connect to ${url}.`, 3, { host: this.endpoint.host, port: this.endpoint.port }));
648
+ }
649
+ };
650
+ ws.onclose = () => {
651
+ this.connected = false;
652
+ this.clearPending("Connection closed");
653
+ };
654
+ });
655
+ }
656
+ disconnect() {
657
+ this.connected = false;
658
+ this.clearTokenRefreshTimer();
659
+ this.clearPending("Connection closed");
660
+ if (this.ws) {
661
+ try {
662
+ this.ws.close();
663
+ } catch {}
664
+ this.ws = null;
665
+ }
666
+ }
667
+ async subscribe(eventTypes = []) {
668
+ const message = { type: "subscribe" };
669
+ if (eventTypes.length > 0) {
670
+ message.eventTypes = eventTypes;
671
+ }
672
+ const response = await this.request(message, this.subscriptionTimeoutMs);
673
+ return expectType(response, "operation_result");
674
+ }
675
+ async unsubscribe() {
676
+ return expectType(await this.request({ type: "unsubscribe" }), "operation_result");
677
+ }
678
+ async getState() {
679
+ return expectType(await this.request({ type: "get_state" }), "state_response");
680
+ }
681
+ async getTasks() {
682
+ return expectType(await this.request({ type: "get_tasks" }), "tasks_response");
683
+ }
684
+ async pause() {
685
+ return expectType(await this.request({ type: "pause" }), "operation_result");
686
+ }
687
+ async resume() {
688
+ return expectType(await this.request({ type: "resume" }), "operation_result");
689
+ }
690
+ async interrupt() {
691
+ return expectType(await this.request({ type: "interrupt" }), "operation_result");
692
+ }
693
+ async continueExecution() {
694
+ return expectType(await this.request({ type: "continue" }), "operation_result");
695
+ }
696
+ async refreshTasks() {
697
+ return expectType(await this.request({ type: "refresh_tasks" }), "operation_result");
698
+ }
699
+ async addIterations(count) {
700
+ return expectType(await this.request({ type: "add_iterations", count }), "operation_result");
701
+ }
702
+ async removeIterations(count) {
703
+ return expectType(await this.request({ type: "remove_iterations", count }), "operation_result");
704
+ }
705
+ async getPromptPreview(taskId) {
706
+ return expectType(await this.request({ type: "get_prompt_preview", taskId }), "prompt_preview_response");
707
+ }
708
+ async getIterationOutput(taskId) {
709
+ return expectType(await this.request({ type: "get_iteration_output", taskId }), "iteration_output_response");
710
+ }
711
+ async startOrchestration(options) {
712
+ return expectType(await this.request({
713
+ type: "orchestrate:start",
714
+ maxWorkers: options.maxWorkers,
715
+ maxIterations: options.maxIterations,
716
+ directMerge: options.directMerge
717
+ }), "orchestrate:start_response");
718
+ }
719
+ async pauseOrchestration(orchestrationId) {
720
+ return expectType(await this.request({ type: "orchestrate:pause", orchestrationId }), "operation_result");
721
+ }
722
+ async resumeOrchestration(orchestrationId) {
723
+ return expectType(await this.request({ type: "orchestrate:resume", orchestrationId }), "operation_result");
724
+ }
725
+ async stopOrchestration(orchestrationId) {
726
+ return expectType(await this.request({ type: "orchestrate:stop", orchestrationId }), "operation_result");
727
+ }
728
+ async getOrchestrationState(orchestrationId) {
729
+ return expectType(await this.request({ type: "orchestrate:get_state", orchestrationId }), "orchestrate:state_response");
730
+ }
731
+ async ping() {
732
+ return this.request({ type: "ping" });
733
+ }
734
+ async request(payload, timeoutMs = this.requestTimeoutMs) {
735
+ if (!this.connected || !this.ws) {
736
+ throw new RemoteCliError("RIG_REMOTE_NOT_CONNECTED", "Remote client is not connected.", 3);
737
+ }
738
+ const id = crypto.randomUUID();
739
+ const message = {
740
+ ...payload,
741
+ id,
742
+ timestamp: new Date().toISOString()
743
+ };
744
+ return await new Promise((resolve3, reject) => {
745
+ const timeout = setTimeout(() => {
746
+ this.pending.delete(id);
747
+ reject(new RemoteCliError("RIG_REMOTE_REQUEST_TIMEOUT", `Timed out waiting for response to '${String(payload.type)}' after ${timeoutMs}ms.`, 3, { requestType: payload.type, requestId: id, timeoutMs }));
748
+ }, timeoutMs);
749
+ this.pending.set(id, { resolve: resolve3, reject, timeout });
750
+ this.ws?.send(JSON.stringify(message));
751
+ });
752
+ }
753
+ routeMessage(message) {
754
+ if (message.id && this.pending.has(message.id)) {
755
+ const pending = this.pending.get(message.id);
756
+ if (pending) {
757
+ clearTimeout(pending.timeout);
758
+ this.pending.delete(message.id);
759
+ pending.resolve(message);
760
+ }
761
+ return;
762
+ }
763
+ if (message.type === "token_refresh_response") {
764
+ const token = normalizeString(message.connectionToken);
765
+ const expiresAt = normalizeString(message.connectionTokenExpiresAt);
766
+ if (token && expiresAt) {
767
+ this.connectionToken = token;
768
+ this.connectionTokenExpiresAt = expiresAt;
769
+ this.scheduleTokenRefresh();
770
+ }
771
+ }
772
+ this.onEvent?.({ receivedAt: new Date().toISOString(), message });
773
+ }
774
+ scheduleTokenRefresh() {
775
+ this.clearTokenRefreshTimer();
776
+ if (!this.connectionToken || !this.connectionTokenExpiresAt || !this.ws || !this.connected) {
777
+ return;
778
+ }
779
+ const expiresAt = new Date(this.connectionTokenExpiresAt).getTime();
780
+ if (!Number.isFinite(expiresAt)) {
781
+ return;
782
+ }
783
+ const refreshAt = expiresAt - 60 * 60 * 1000;
784
+ const delay = Math.max(0, refreshAt - Date.now());
785
+ this.tokenRefreshTimer = setTimeout(() => {
786
+ if (!this.connected || !this.ws || !this.connectionToken) {
787
+ return;
788
+ }
789
+ const refreshMessage = {
790
+ type: "token_refresh",
791
+ id: crypto.randomUUID(),
792
+ timestamp: new Date().toISOString(),
793
+ connectionToken: this.connectionToken
794
+ };
795
+ this.ws.send(JSON.stringify(refreshMessage));
796
+ }, delay);
797
+ }
798
+ clearTokenRefreshTimer() {
799
+ if (this.tokenRefreshTimer) {
800
+ clearTimeout(this.tokenRefreshTimer);
801
+ this.tokenRefreshTimer = null;
802
+ }
803
+ }
804
+ clearPending(reason) {
805
+ for (const [requestId, pending] of this.pending.entries()) {
806
+ clearTimeout(pending.timeout);
807
+ pending.reject(new RemoteCliError("RIG_REMOTE_REQUEST_CANCELLED", `${reason} (request ${requestId}).`, 3, { requestId }));
808
+ this.pending.delete(requestId);
809
+ }
810
+ }
811
+ }
812
+ function matchesEventFilter(message, expectedType) {
813
+ if (!expectedType) {
814
+ return true;
815
+ }
816
+ if (message.type === expectedType) {
817
+ return true;
818
+ }
819
+ if (message.type === "engine_event") {
820
+ const eventType = normalizeString(message.event?.type);
821
+ return eventType === expectedType;
822
+ }
823
+ if (message.type === "parallel_event") {
824
+ const eventType = normalizeString(message.event?.type);
825
+ return eventType === expectedType;
826
+ }
827
+ return false;
828
+ }
829
+ function summarizeMessage(message) {
830
+ if (message.type === "pong") {
831
+ return "pong";
832
+ }
833
+ if (message.type === "engine_event") {
834
+ const eventType = normalizeString(message.event?.type);
835
+ return eventType ? `engine_event:${eventType}` : "engine_event";
836
+ }
837
+ if (message.type === "parallel_event") {
838
+ const eventType = normalizeString(message.event?.type);
839
+ const orchestrationId = normalizeString(message.orchestrationId);
840
+ return orchestrationId ? `parallel_event:${eventType || "unknown"}:${orchestrationId}` : `parallel_event:${eventType || "unknown"}`;
841
+ }
842
+ return message.type;
843
+ }
844
+ function migrateManagedRemoteEndpoints(projectRoot, legacyPath = REMOTES_CONFIG_PATH) {
845
+ return importLegacyRemoteEndpoints(projectRoot, legacyPath);
846
+ }
847
+ function doctorManagedRemoteEndpoints(projectRoot) {
848
+ return doctorAuthorityRemoteEndpoints(projectRoot);
849
+ }
850
+ function updateManagedRemoteEndpointInAuthority(projectRoot, input) {
851
+ const updated = updateAuthorityRemoteEndpoint(projectRoot, input);
852
+ if (!updated)
853
+ return null;
854
+ return {
855
+ id: updated.id,
856
+ alias: updated.alias,
857
+ host: updated.host,
858
+ port: updated.port,
859
+ token: updated.token,
860
+ addedAt: updated.addedAt,
861
+ lastConnected: updated.lastConnectedAt
862
+ };
863
+ }
864
+ function normalizeString(value) {
865
+ if (!value) {
866
+ return "";
867
+ }
868
+ return value.trim();
869
+ }
870
+ function parsePort(value, label) {
871
+ if (!value) {
872
+ return null;
873
+ }
874
+ const parsed = Number.parseInt(value, 10);
875
+ if (!Number.isFinite(parsed) || parsed <= 0 || parsed > 65535) {
876
+ throw new RemoteCliError("RIG_REMOTE_INVALID_PORT", `Invalid port for ${label}: ${value}.`, 2, { label, value });
877
+ }
878
+ return parsed;
879
+ }
880
+ function parseIncomingMessage(raw) {
881
+ if (typeof raw !== "string") {
882
+ return null;
883
+ }
884
+ try {
885
+ const parsed = JSON.parse(raw);
886
+ if (!parsed || typeof parsed !== "object" || typeof parsed.type !== "string") {
887
+ return null;
888
+ }
889
+ return parsed;
890
+ } catch {
891
+ return null;
892
+ }
893
+ }
894
+ function expectType(message, expectedType) {
895
+ if (message.type !== expectedType) {
896
+ throw new RemoteCliError("RIG_REMOTE_UNEXPECTED_RESPONSE", `Unexpected response type: ${message.type}. Expected ${expectedType}.`, 3, { expectedType, actualType: message.type, message });
897
+ }
898
+ return message;
899
+ }
77
900
 
78
901
  // packages/cli/src/commands/_parsers.ts
79
902
  function parseOptionalPositiveInt(value, option) {