npm - @h-rig/github-provider-plugin - Versions diffs - 0.0.6-alpha.157 → 0.0.6-alpha.158 - Mend

@h-rig/github-provider-plugin 0.0.6-alpha.157 → 0.0.6-alpha.158

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/dist/src/identity-env.d.ts +16 -0
package/dist/src/identity-env.js +239 -0
package/dist/src/identity.d.ts +17 -0
package/dist/src/identity.js +134 -0
package/dist/src/index.d.ts +1 -4
package/dist/src/index.js +360 -740
package/dist/src/issue-analysis.d.ts +5 -5
package/dist/src/issue-analysis.js +6 -6
package/dist/src/lib.d.ts +16 -0
package/dist/src/lib.js +485 -0
package/dist/src/plugin.d.ts +6 -2
package/dist/src/plugin.js +792 -31
package/dist/src/profile-ops.d.ts +8 -0
package/dist/src/profile-ops.js +9 -0
package/dist/src/service.js +1 -35
package/dist/src/token-env.d.ts +3 -0
package/dist/src/token-env.js +26 -0
package/dist/src/triage-run.js +12 -10
package/package.json +24 -4
package/dist/src/auth-store.d.ts +0 -42
package/dist/src/auth-store.js +0 -226
package/dist/src/credentials.d.ts +0 -20
package/dist/src/credentials.js +0 -118
package/dist/src/github-api.d.ts +0 -107
package/dist/src/github-api.js +0 -451
package/dist/src/projects.d.ts +0 -31
package/dist/src/projects.js +0 -147

package/dist/src/github-api.d.ts DELETED Viewed

@@ -1,107 +0,0 @@
-import type { GitHubRepositoryProbe, GitHubUserInfo } from "@rig/contracts";
-export type { GitHubRepositoryProbe, GitHubUserInfo };
-export type GitHubFormPostResult = {
-    readonly status: number;
-    readonly payload: Record<string, unknown>;
-};
-export type GitHubFormPoster = (endpoint: string, body: Record<string, string>) => Promise<GitHubFormPostResult>;
-export type GitHubUserFetcher = (token: string) => Promise<GitHubUserInfo>;
-export declare function fetchGitHubUserInfo(token: string): Promise<GitHubUserInfo>;
-export declare function resolveGitHubAuthStatus(input: {
-    readonly projectRoot: string;
-    readonly oauthConfigured?: boolean;
-}): import("@rig/contracts").GitHubAuthStatus;
-export declare function saveGitHubTokenForProject(input: {
-    readonly projectRoot: string;
-    readonly token: string;
-    readonly tokenSource?: "oauth-device" | "manual-token";
-    readonly selectedRepo?: string | null;
-    readonly fetchUser?: GitHubUserFetcher;
-}): Promise<{
-    signedIn: boolean;
-    login: string | null;
-    userId: string | null;
-    scopes: readonly string[];
-    selectedRepo: string | null;
-    oauthConfigured: boolean;
-    tokenSource: "oauth-device" | "manual-token" | "env" | null;
-    ok: true;
-}>;
-export declare function beginGitHubDeviceFlow(input: {
-    readonly projectRoot: string;
-    readonly clientId: string;
-    readonly scope?: string;
-    readonly selectedRepo?: string | null;
-    readonly postForm?: GitHubFormPoster;
-}): Promise<{
-    ok: true;
-    pollId: `${string}-${string}-${string}-${string}-${string}`;
-    userCode: string | null;
-    verificationUri: string | null;
-    expiresIn: number;
-    intervalSeconds: number;
-}>;
-export declare function pollGitHubDeviceFlow(input: {
-    readonly projectRoot: string;
-    readonly clientId: string;
-    readonly pollId: string;
-    readonly selectedRepo?: string | null;
-    readonly postForm?: GitHubFormPoster;
-    readonly fetchUser?: GitHubUserFetcher;
-}): Promise<{
-    ok: false;
-    status: "expired";
-    error: string;
-    intervalSeconds?: undefined;
-} | {
-    ok: false;
-    status: "pending" | "slow-down";
-    intervalSeconds: number;
-    error?: undefined;
-} | {
-    ok: false;
-    status: "error";
-    error: string;
-    intervalSeconds?: undefined;
-} | {
-    signedIn: boolean;
-    login: string | null;
-    userId: string | null;
-    scopes: readonly string[];
-    selectedRepo: string | null;
-    oauthConfigured: boolean;
-    tokenSource: "oauth-device" | "manual-token" | "env" | null;
-    ok: true;
-    status: "signed-in";
-    error?: undefined;
-    intervalSeconds?: undefined;
-}>;
-export declare function checkGitHubRepoPermissions(input: {
-    readonly projectRoot: string;
-    readonly oauthConfigured?: boolean;
-}): {
-    ok: false;
-    signedIn: boolean;
-    canOpenPullRequest: boolean;
-    reason: "not-authenticated";
-    login?: undefined;
-    scopes?: undefined;
-    pullRequests?: undefined;
-    push?: undefined;
-} | {
-    ok: true;
-    signedIn: boolean;
-    login: string | null;
-    scopes: readonly string[];
-    canOpenPullRequest: boolean;
-    pullRequests: boolean;
-    push: boolean;
-    reason: "stored-token" | "token-scope-unverified";
-};
-export declare function probeGitHubRepository(input: {
-    readonly owner: string;
-    readonly repo: string;
-    readonly token: string | null;
-    readonly scopes: readonly string[];
-    readonly fetchRepository?: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
-}): Promise<GitHubRepositoryProbe>;

package/dist/src/github-api.js DELETED Viewed

@@ -1,451 +0,0 @@
-// @bun
-// packages/github-provider-plugin/src/github-api.ts
-import { randomUUID } from "crypto";
-// packages/github-provider-plugin/src/auth-store.ts
-import { randomBytes } from "crypto";
-import { chmodSync, copyFileSync, existsSync, mkdirSync, readFileSync, writeFileSync } from "fs";
-import { dirname, resolve } from "path";
-import { resolveRigStatePaths } from "@rig/runtime/control-plane/server-paths";
-function cleanString(value) {
-  return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
-}
-function cleanScopes(value) {
-  if (!Array.isArray(value))
-    return [];
-  return value.flatMap((entry) => {
-    const clean = cleanString(entry);
-    return clean ? [clean] : [];
-  });
-}
-function parseApiSessions(value) {
-  if (!Array.isArray(value))
-    return [];
-  return value.flatMap((entry) => {
-    if (!entry || typeof entry !== "object" || Array.isArray(entry))
-      return [];
-    const record = entry;
-    const token = cleanString(record.token);
-    if (!token)
-      return [];
-    return [{
-      token,
-      login: cleanString(record.login),
-      userId: cleanString(record.userId),
-      createdAt: cleanString(record.createdAt) ?? undefined
-    }];
-  });
-}
-function parsePendingDevice(value) {
-  if (!value || typeof value !== "object")
-    return null;
-  const record = value;
-  const pollId = cleanString(record.pollId);
-  const deviceCode = cleanString(record.deviceCode);
-  const expiresAt = cleanString(record.expiresAt);
-  const intervalSeconds = typeof record.intervalSeconds === "number" && Number.isFinite(record.intervalSeconds) ? Math.max(1, Math.floor(record.intervalSeconds)) : null;
-  if (!pollId || !deviceCode || !expiresAt || !intervalSeconds)
-    return null;
-  return { pollId, deviceCode, expiresAt, intervalSeconds };
-}
-function parsePendingDevices(value) {
-  if (!Array.isArray(value))
-    return [];
-  return value.flatMap((entry) => {
-    const pending = parsePendingDevice(entry);
-    return pending ? [pending] : [];
-  });
-}
-function readStoredAuth(stateFile) {
-  if (!existsSync(stateFile))
-    return {};
-  try {
-    const parsed = JSON.parse(readFileSync(stateFile, "utf8"));
-    return {
-      ...cleanString(parsed.token) ? { token: cleanString(parsed.token) } : {},
-      login: cleanString(parsed.login),
-      userId: cleanString(parsed.userId),
-      scopes: cleanScopes(parsed.scopes),
-      selectedRepo: cleanString(parsed.selectedRepo),
-      tokenSource: parsed.tokenSource === "oauth-device" || parsed.tokenSource === "manual-token" || parsed.tokenSource === "env" ? parsed.tokenSource : undefined,
-      pendingDevice: parsePendingDevice(parsed.pendingDevice),
-      pendingDevices: parsePendingDevices(parsed.pendingDevices),
-      apiSessions: parseApiSessions(parsed.apiSessions),
-      updatedAt: cleanString(parsed.updatedAt) ?? undefined
-    };
-  } catch {
-    return {};
-  }
-}
-function newApiSessionToken() {
-  return `rig_${randomBytes(32).toString("base64url")}`;
-}
-function writeStoredAuth(stateFile, payload) {
-  mkdirSync(dirname(stateFile), { recursive: true });
-  writeFileSync(stateFile, `${JSON.stringify(payload, null, 2)}
-`, { encoding: "utf8", mode: 384 });
-  try {
-    chmodSync(stateFile, 384);
-  } catch {}
-}
-function localProjectAuthStateFile(projectRoot) {
-  return resolve(projectRoot, ".rig", "state", "github-auth.json");
-}
-function resolveGitHubAuthStateFile(projectRoot) {
-  return resolve(resolveRigStatePaths(projectRoot).stateDir, "github-auth.json");
-}
-function copyGitHubAuthStateToLocalProjectRoot(stateFile, projectRoot) {
-  const targetFile = localProjectAuthStateFile(projectRoot);
-  mkdirSync(dirname(targetFile), { recursive: true });
-  if (existsSync(stateFile)) {
-    copyFileSync(stateFile, targetFile);
-    try {
-      chmodSync(targetFile, 384);
-    } catch {}
-    return;
-  }
-  writeStoredAuth(targetFile, {});
-}
-function createGitHubAuthStoreFromStateFile(stateFile) {
-  return {
-    stateFile,
-    status(options) {
-      const stored = readStoredAuth(stateFile);
-      const token = cleanString(stored.token);
-      return {
-        signedIn: Boolean(token),
-        login: cleanString(stored.login),
-        userId: cleanString(stored.userId),
-        scopes: cleanScopes(stored.scopes),
-        selectedRepo: cleanString(stored.selectedRepo),
-        oauthConfigured: options?.oauthConfigured === true,
-        tokenSource: token ? stored.tokenSource ?? "manual-token" : null
-      };
-    },
-    readToken() {
-      return cleanString(readStoredAuth(stateFile).token);
-    },
-    saveToken(input) {
-      const previous = readStoredAuth(stateFile);
-      writeStoredAuth(stateFile, {
-        ...previous,
-        token: input.token,
-        tokenSource: input.tokenSource,
-        login: input.login ?? null,
-        userId: input.userId ?? null,
-        scopes: input.scopes ?? [],
-        selectedRepo: input.selectedRepo ?? previous.selectedRepo ?? null,
-        pendingDevice: null,
-        pendingDevices: [],
-        apiSessions: previous.apiSessions ?? [],
-        updatedAt: new Date().toISOString()
-      });
-    },
-    createApiSession() {
-      const previous = readStoredAuth(stateFile);
-      const token = newApiSessionToken();
-      const session = {
-        token,
-        login: cleanString(previous.login),
-        userId: cleanString(previous.userId),
-        createdAt: new Date().toISOString()
-      };
-      writeStoredAuth(stateFile, {
-        ...previous,
-        apiSessions: [...(previous.apiSessions ?? []).slice(-9), session],
-        updatedAt: new Date().toISOString()
-      });
-      return { token, login: session.login ?? null, userId: session.userId ?? null };
-    },
-    readApiSession(token) {
-      const clean = cleanString(token);
-      if (!clean)
-        return null;
-      const previous = readStoredAuth(stateFile);
-      const session = (previous.apiSessions ?? []).find((candidate) => candidate.token === clean);
-      return session ? { login: cleanString(session.login), userId: cleanString(session.userId) } : null;
-    },
-    copyToProjectRoot(projectRoot) {
-      const targetFile = resolveGitHubAuthStateFile(projectRoot);
-      writeStoredAuth(targetFile, readStoredAuth(stateFile));
-    },
-    copyToLocalProjectRoot(projectRoot) {
-      copyGitHubAuthStateToLocalProjectRoot(stateFile, projectRoot);
-    },
-    savePendingDevice(input) {
-      const previous = readStoredAuth(stateFile);
-      const pendingDevices = [
-        ...previous.pendingDevice ? [previous.pendingDevice] : [],
-        ...previous.pendingDevices ?? [],
-        input
-      ].filter((entry, index, entries) => entries.findIndex((candidate) => candidate.pollId === entry.pollId) === index);
-      writeStoredAuth(stateFile, {
-        ...previous,
-        pendingDevice: null,
-        pendingDevices,
-        updatedAt: new Date().toISOString()
-      });
-    },
-    saveSelectedRepo(selectedRepo) {
-      const previous = readStoredAuth(stateFile);
-      writeStoredAuth(stateFile, {
-        ...previous,
-        selectedRepo: selectedRepo ?? null,
-        updatedAt: new Date().toISOString()
-      });
-    },
-    readPendingDevice(pollId) {
-      const previous = readStoredAuth(stateFile);
-      const pending = [
-        ...previous.pendingDevice ? [previous.pendingDevice] : [],
-        ...previous.pendingDevices ?? []
-      ].find((entry) => entry.pollId === pollId) ?? null;
-      if (!pending)
-        return null;
-      if (Date.parse(pending.expiresAt) <= Date.now())
-        return null;
-      return pending;
-    },
-    clearPendingDevice(pollId) {
-      const previous = readStoredAuth(stateFile);
-      const remaining = pollId ? (previous.pendingDevices ?? []).filter((entry) => entry.pollId !== pollId) : [];
-      writeStoredAuth(stateFile, {
-        ...previous,
-        pendingDevice: null,
-        pendingDevices: remaining,
-        updatedAt: new Date().toISOString()
-      });
-    }
-  };
-}
-function createGitHubAuthStore(projectRoot) {
-  return createGitHubAuthStoreFromStateFile(resolveGitHubAuthStateFile(projectRoot));
-}
-// packages/github-provider-plugin/src/github-api.ts
-function normalizeString(value) {
-  return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
-}
-function normalizeScopes(value) {
-  if (Array.isArray(value)) {
-    return value.flatMap((entry) => {
-      const normalized = normalizeString(entry);
-      return normalized ? [normalized] : [];
-    });
-  }
-  if (typeof value === "string") {
-    return value.split(/[ ,]+/).map((entry) => entry.trim()).filter(Boolean);
-  }
-  return [];
-}
-async function defaultPostGitHubForm(endpoint, body) {
-  const response = await fetch(endpoint, {
-    method: "POST",
-    headers: {
-      accept: "application/json",
-      "content-type": "application/x-www-form-urlencoded",
-      "user-agent": "rig"
-    },
-    body: new URLSearchParams(body)
-  });
-  const payload = await response.json().catch(() => ({}));
-  return { status: response.status, payload };
-}
-async function fetchGitHubUserInfo(token) {
-  const response = await fetch("https://api.github.com/user", {
-    headers: {
-      accept: "application/vnd.github+json",
-      authorization: `Bearer ${token}`,
-      "user-agent": "rig"
-    }
-  });
-  const payload = await response.json().catch(() => ({}));
-  if (!response.ok) {
-    throw new Error(typeof payload.message === "string" ? payload.message : `GitHub user lookup failed (${response.status}).`);
-  }
-  const login = normalizeString(payload.login);
-  const id = typeof payload.id === "number" ? String(payload.id) : normalizeString(payload.id);
-  if (!login || !id) {
-    throw new Error("GitHub user lookup did not return login/id.");
-  }
-  return { login, id, scopes: normalizeScopes(response.headers.get("x-oauth-scopes")) };
-}
-function resolveGitHubAuthStatus(input) {
-  return createGitHubAuthStore(input.projectRoot).status({ oauthConfigured: input.oauthConfigured });
-}
-async function saveGitHubTokenForProject(input) {
-  const token = normalizeString(input.token);
-  if (!token) {
-    throw new Error("token is required");
-  }
-  const user = await (input.fetchUser ?? fetchGitHubUserInfo)(token);
-  const store = createGitHubAuthStore(input.projectRoot);
-  store.saveToken({
-    token,
-    tokenSource: input.tokenSource ?? "manual-token",
-    login: user.login,
-    userId: user.id,
-    scopes: user.scopes ?? [],
-    selectedRepo: input.selectedRepo ?? undefined
-  });
-  return { ok: true, ...store.status({ oauthConfigured: true }) };
-}
-async function beginGitHubDeviceFlow(input) {
-  const clientId = normalizeString(input.clientId);
-  if (!clientId) {
-    throw new Error("clientId is required");
-  }
-  const postForm = input.postForm ?? defaultPostGitHubForm;
-  const result = await postForm("https://github.com/login/device/code", {
-    client_id: clientId,
-    scope: normalizeString(input.scope) ?? "repo read:project user:email"
-  });
-  const deviceCode = normalizeString(result.payload.device_code);
-  if (result.status < 200 || result.status >= 300 || !deviceCode) {
-    throw new Error(normalizeString(result.payload.error_description) ?? "GitHub device flow start failed.");
-  }
-  const expiresIn = typeof result.payload.expires_in === "number" ? result.payload.expires_in : 900;
-  const intervalSeconds = typeof result.payload.interval === "number" ? result.payload.interval : 5;
-  const pollId = randomUUID();
-  createGitHubAuthStore(input.projectRoot).savePendingDevice({
-    pollId,
-    deviceCode,
-    expiresAt: new Date(Date.now() + expiresIn * 1000).toISOString(),
-    intervalSeconds
-  });
-  if (input.selectedRepo) {
-    createGitHubAuthStore(input.projectRoot).saveSelectedRepo(input.selectedRepo);
-  }
-  return {
-    ok: true,
-    pollId,
-    userCode: normalizeString(result.payload.user_code),
-    verificationUri: normalizeString(result.payload.verification_uri),
-    expiresIn,
-    intervalSeconds
-  };
-}
-async function pollGitHubDeviceFlow(input) {
-  const clientId = normalizeString(input.clientId);
-  if (!clientId) {
-    throw new Error("clientId is required");
-  }
-  const store = createGitHubAuthStore(input.projectRoot);
-  const pending = store.readPendingDevice(input.pollId);
-  if (!pending) {
-    return { ok: false, status: "expired", error: "GitHub device flow expired or unknown." };
-  }
-  const result = await (input.postForm ?? defaultPostGitHubForm)("https://github.com/login/oauth/access_token", {
-    client_id: clientId,
-    device_code: pending.deviceCode,
-    grant_type: "urn:ietf:params:oauth:grant-type:device_code"
-  });
-  const error = normalizeString(result.payload.error);
-  if (error === "authorization_pending" || error === "slow_down") {
-    return {
-      ok: false,
-      status: error === "slow_down" ? "slow-down" : "pending",
-      intervalSeconds: error === "slow_down" ? pending.intervalSeconds + 5 : pending.intervalSeconds
-    };
-  }
-  if (error || typeof result.payload.access_token !== "string") {
-    return {
-      ok: false,
-      status: "error",
-      error: normalizeString(result.payload.error_description) ?? "GitHub device authorization failed."
-    };
-  }
-  const token = result.payload.access_token;
-  const user = await (input.fetchUser ?? fetchGitHubUserInfo)(token);
-  store.saveToken({
-    token,
-    tokenSource: "oauth-device",
-    login: user.login,
-    userId: user.id,
-    scopes: user.scopes ?? normalizeScopes(result.payload.scope),
-    selectedRepo: input.selectedRepo ?? undefined
-  });
-  store.clearPendingDevice(input.pollId);
-  return { ok: true, status: "signed-in", ...store.status({ oauthConfigured: true }) };
-}
-function checkGitHubRepoPermissions(input) {
-  const store = createGitHubAuthStore(input.projectRoot);
-  const auth = store.status({ oauthConfigured: input.oauthConfigured });
-  if (!auth.signedIn) {
-    return { ok: false, signedIn: false, canOpenPullRequest: false, reason: "not-authenticated" };
-  }
-  const normalizedScopes = auth.scopes.map((scope) => scope.toLowerCase());
-  const broadEnough = normalizedScopes.includes("repo") || normalizedScopes.includes("public_repo");
-  return {
-    ok: true,
-    signedIn: true,
-    login: auth.login,
-    scopes: auth.scopes,
-    canOpenPullRequest: broadEnough,
-    pullRequests: broadEnough,
-    push: broadEnough,
-    reason: broadEnough ? "stored-token" : "token-scope-unverified"
-  };
-}
-async function probeGitHubRepository(input) {
-  const headers = {
-    accept: "application/vnd.github+json",
-    "user-agent": "rig"
-  };
-  if (input.token) {
-    headers.authorization = `Bearer ${input.token}`;
-  }
-  try {
-    const response = await (input.fetchRepository ?? fetch)(`https://api.github.com/repos/${encodeURIComponent(input.owner)}/${encodeURIComponent(input.repo)}`, { headers });
-    const payload = await response.json().catch(() => ({}));
-    if (response.ok) {
-      return {
-        ok: true,
-        owner: input.owner,
-        repo: input.repo,
-        status: response.status,
-        authenticated: Boolean(input.token),
-        authenticationRequired: payload.private === true && !input.token,
-        fullName: typeof payload.full_name === "string" ? payload.full_name : `${input.owner}/${input.repo}`,
-        private: typeof payload.private === "boolean" ? payload.private : null,
-        message: input.token ? "Repository access verified with signed-in GitHub credentials." : "Public repository access verified without credentials.",
-        scopes: input.scopes
-      };
-    }
-    const authenticationRequired = !input.token && (response.status === 401 || response.status === 403 || response.status === 404);
-    return {
-      ok: false,
-      owner: input.owner,
-      repo: input.repo,
-      status: response.status,
-      authenticated: Boolean(input.token),
-      authenticationRequired,
-      fullName: null,
-      private: null,
-      message: authenticationRequired ? "Repository is private, missing, or inaccessible without GitHub sign-in. Sign in before saving this config." : typeof payload.message === "string" ? payload.message : `GitHub repository probe failed (${response.status}).`,
-      scopes: input.scopes
-    };
-  } catch (error) {
-    return {
-      ok: false,
-      owner: input.owner,
-      repo: input.repo,
-      status: 0,
-      authenticated: Boolean(input.token),
-      authenticationRequired: !input.token,
-      fullName: null,
-      private: null,
-      message: error instanceof Error ? error.message : "GitHub repository probe failed.",
-      scopes: input.scopes
-    };
-  }
-}
-export {
-  saveGitHubTokenForProject,
-  resolveGitHubAuthStatus,
-  probeGitHubRepository,
-  pollGitHubDeviceFlow,
-  fetchGitHubUserInfo,
-  checkGitHubRepoPermissions,
-  beginGitHubDeviceFlow
-};

package/dist/src/projects.d.ts DELETED Viewed

@@ -1,31 +0,0 @@
-import type { GitHubProjectStatusField, GitHubProjectSummary } from "@rig/contracts";
-export type { GitHubProjectStatusField, GitHubProjectSummary };
-export type GitHubGraphQLFetch = (query: string, variables: Record<string, unknown>, token: string) => Promise<unknown>;
-export declare function listGitHubProjects(input: {
-    owner: string;
-    token: string;
-    first?: number;
-    fetchGraphQL?: GitHubGraphQLFetch;
-}): Promise<GitHubProjectSummary[]>;
-export declare function resolveProjectStatusField(input: {
-    projectId: string;
-    token: string;
-    fetchGraphQL?: GitHubGraphQLFetch;
-}): Promise<GitHubProjectStatusField>;
-export declare function ensureIssueProjectItem(input: {
-    projectId: string;
-    issueNodeId: string;
-    token: string;
-    fetchGraphQL?: GitHubGraphQLFetch;
-}): Promise<{
-    id: string;
-    created: boolean;
-}>;
-export declare function updateIssueProjectStatus(input: {
-    projectId: string;
-    itemId: string;
-    fieldId: string;
-    optionId: string;
-    token: string;
-    fetchGraphQL?: GitHubGraphQLFetch;
-}): Promise<void>;