@hachej/boring-core 0.1.0

package/dist/app/server/index.js

@@ -0,0 +1,507 @@
+import {
+  WorkspaceRuntimeSandboxHandleStore,
+  authHook,
+  createAuth,
+  createCoreApp,
+  loadConfig,
+  registerInviteRoutes,
+  registerMemberRoutes,
+  registerRoutes,
+  registerSettingsRoutes,
+  registerWorkspaceRoutes
+} from "../../chunk-CZ4HIXII.js";
+import {
+  PostgresUserStore,
+  PostgresWorkspaceStore,
+  createDatabase
+} from "../../chunk-HSRBZLKT.js";
+import "../../chunk-H5KU6R6Y.js";
+import "../../chunk-MLKGABMK.js";
+
+// src/app/server/createCoreWorkspaceAgentServer.ts
+import { access, mkdir, readFile, stat } from "fs/promises";
+import { createReadStream } from "fs";
+import path from "path";
+import {
+  registerAgentRoutes
+} from "@hachej/boring-agent/server";
+import {
+  collectWorkspaceAgentServerPlugins,
+  provisionWorkspaceAgentServer
+} from "@hachej/boring-workspace/app/server";
+import {
+  createInMemoryBridge,
+  createWorkspaceUiTools,
+  uiRoutes
+} from "@hachej/boring-workspace/server";
+var MIME_TYPES = {
+  ".css": "text/css; charset=utf-8",
+  ".html": "text/html; charset=utf-8",
+  ".ico": "image/x-icon",
+  ".jpg": "image/jpeg",
+  ".js": "text/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".map": "application/json; charset=utf-8",
+  ".png": "image/png",
+  ".svg": "image/svg+xml",
+  ".webp": "image/webp"
+};
+var AUTH_PROXY_BLOCKED_RESPONSE_HEADERS = /* @__PURE__ */ new Set([
+  "connection",
+  "content-encoding",
+  "content-length",
+  "keep-alive",
+  "transfer-encoding"
+]);
+var FRONTEND_AUTH_PAGES = /* @__PURE__ */ new Set([
+  "/auth/signin",
+  "/auth/signup",
+  "/auth/forgot-password",
+  "/auth/reset-password",
+  "/auth/verify-email",
+  "/auth/callback/github"
+]);
+function contentType(filePath) {
+  const ext = path.extname(filePath).toLowerCase();
+  return MIME_TYPES[ext] ?? "application/octet-stream";
+}
+function injectCspNonceIntoHtml(html, nonce) {
+  if (!nonce) return html;
+  const metaTag = `<meta name="boring-csp-nonce" content="${nonce}" />`;
+  const withMeta = html.includes("</head>") ? html.replace("</head>", `  ${metaTag}
+</head>`) : `${metaTag}
+${html}`;
+  return withMeta.replace(/<script(?![^>]*\bnonce=)/g, `<script nonce="${nonce}"`).replace(/<style(?![^>]*\bnonce=)/g, `<style nonce="${nonce}"`);
+}
+async function pathExists(filePath) {
+  try {
+    await access(filePath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function pathIsFile(filePath) {
+  try {
+    const info = await stat(filePath);
+    return info.isFile();
+  } catch {
+    return false;
+  }
+}
+function toHeaders(source) {
+  const headers = new Headers();
+  for (const [key, value] of Object.entries(source)) {
+    if (!value) continue;
+    headers.set(key, Array.isArray(value) ? value[0] : value);
+  }
+  return headers;
+}
+function extractSetCookies(headers) {
+  const withGetSetCookie = headers;
+  if (typeof withGetSetCookie.getSetCookie === "function") {
+    return withGetSetCookie.getSetCookie();
+  }
+  const value = headers.get("set-cookie");
+  return value ? [value] : [];
+}
+function encodeAuthRequestBody(request) {
+  const isBodyless = request.method === "GET" || request.method === "HEAD";
+  if (isBodyless) return void 0;
+  const bodyValue = request.body;
+  if (bodyValue == null) return void 0;
+  if (typeof bodyValue === "string") return bodyValue;
+  if (bodyValue instanceof Uint8Array) return bodyValue;
+  if (bodyValue instanceof URLSearchParams) return bodyValue;
+  const requestContentType = String(request.headers?.["content-type"] ?? "").toLowerCase();
+  if (requestContentType.includes("application/x-www-form-urlencoded")) {
+    const params = new URLSearchParams();
+    for (const [key, value] of Object.entries(bodyValue)) {
+      if (value == null) continue;
+      params.append(key, String(value));
+    }
+    return params;
+  }
+  return JSON.stringify(bodyValue);
+}
+function httpError(message, statusCode) {
+  const error = new Error(message);
+  error.statusCode = statusCode;
+  return error;
+}
+function validateWorkspaceIdSegment(value) {
+  const workspaceId = value.trim();
+  if (!workspaceId) throw httpError("workspace id is required", 400);
+  if (workspaceId.includes("\0") || workspaceId.includes("/") || workspaceId.includes("\\") || workspaceId.includes("..") || path.isAbsolute(workspaceId)) {
+    throw httpError("invalid workspace id", 400);
+  }
+  return workspaceId;
+}
+async function resolveAuthorizedWorkspaceId(request, workspaceStore) {
+  const headerValue = request.headers?.["x-boring-workspace-id"];
+  const query = request.query;
+  const queryValue = query?.workspaceId;
+  const workspaceId = typeof headerValue === "string" ? headerValue : typeof queryValue === "string" ? queryValue : "";
+  const normalizedWorkspaceId = validateWorkspaceIdSegment(workspaceId);
+  const user = request.user;
+  if (!user?.id) throw httpError("authentication required", 401);
+  let member = false;
+  try {
+    member = await workspaceStore.isMember(normalizedWorkspaceId, user.id);
+  } catch (error) {
+    request.log?.error({ err: error, workspaceId: normalizedWorkspaceId }, "workspace access check failed");
+    throw httpError("workspace access check failed", 500);
+  }
+  if (!member) throw httpError("workspace access denied", 403);
+  return normalizedWorkspaceId;
+}
+async function resolveWorkspaceRoot(baseRoot, workspaceId) {
+  const base = path.resolve(baseRoot);
+  const scopedRoot = path.resolve(base, workspaceId);
+  if (scopedRoot === base || !scopedRoot.startsWith(`${base}${path.sep}`)) {
+    throw httpError("invalid workspace id", 400);
+  }
+  await mkdir(scopedRoot, { recursive: true });
+  return scopedRoot;
+}
+function shouldServeFrontend(pathname) {
+  if (pathname === "/health") return false;
+  if (pathname.startsWith("/api/")) return false;
+  if (FRONTEND_AUTH_PAGES.has(pathname)) return true;
+  if (pathname === "/auth") return false;
+  if (pathname.startsWith("/auth/")) return false;
+  return true;
+}
+async function registerAuthProxy(app) {
+  app.all("/auth/*", async (request, reply) => {
+    const accept = String(request.headers?.accept ?? "");
+    if (request.method === "GET" && accept.includes("text/html")) {
+      return reply.callNotFound();
+    }
+    const body = encodeAuthRequestBody(request);
+    const targetUrl = new URL(request.url, app.config.auth.url).toString();
+    const response = await app.auth.handler(
+      new Request(targetUrl, {
+        method: request.method,
+        headers: toHeaders(request.headers),
+        body
+      })
+    );
+    for (const [key, value] of response.headers.entries()) {
+      const lowered = key.toLowerCase();
+      if (lowered === "set-cookie") continue;
+      if (AUTH_PROXY_BLOCKED_RESPONSE_HEADERS.has(lowered)) continue;
+      reply.header(key, value);
+    }
+    const setCookies = extractSetCookies(response.headers);
+    if (setCookies.length > 0) {
+      reply.header("set-cookie", setCookies.length === 1 ? setCookies[0] : setCookies);
+    }
+    reply.status(response.status);
+    const responseBody = Buffer.from(await response.arrayBuffer());
+    return reply.send(responseBody);
+  });
+}
+async function registerFrontendAuthPages(app, appRoot) {
+  const frontDistDir = path.resolve(appRoot, "dist/front");
+  const indexPath = path.resolve(frontDistDir, "index.html");
+  for (const pagePath of FRONTEND_AUTH_PAGES) {
+    app.get(pagePath, async (request, reply) => {
+      if (!await pathExists(indexPath)) {
+        reply.status(503);
+        return {
+          error: "frontend_not_built",
+          message: "Build the frontend before starting in production mode."
+        };
+      }
+      const html = await readFile(indexPath, "utf-8");
+      reply.type("text/html; charset=utf-8");
+      return reply.send(injectCspNonceIntoHtml(html, request.cspNonce));
+    });
+  }
+}
+async function registerFrontendFallback(app, appRoot) {
+  const frontDistDir = path.resolve(appRoot, "dist/front");
+  const indexPath = path.resolve(frontDistDir, "index.html");
+  app.get("/", async (request, reply) => {
+    if (!await pathExists(indexPath)) {
+      reply.status(503);
+      return {
+        error: "frontend_not_built",
+        message: "Build the frontend before starting in production mode."
+      };
+    }
+    const html = await readFile(indexPath, "utf-8");
+    reply.type("text/html; charset=utf-8");
+    return reply.send(injectCspNonceIntoHtml(html, request.cspNonce));
+  });
+  app.get("/*", async (request, reply) => {
+    const pathname = request.url.split("?")[0] ?? "/";
+    if (!shouldServeFrontend(pathname)) return reply.callNotFound();
+    const candidate = path.resolve(frontDistDir, `.${pathname}`);
+    const withinDist = candidate === frontDistDir || candidate.startsWith(`${frontDistDir}${path.sep}`);
+    if (!withinDist) {
+      reply.status(400);
+      return { error: "invalid_path" };
+    }
+    if (await pathIsFile(candidate)) {
+      reply.type(contentType(candidate));
+      return reply.send(createReadStream(candidate));
+    }
+    if (!await pathExists(indexPath)) {
+      reply.status(503);
+      return {
+        error: "frontend_not_built",
+        message: "Build the frontend before starting in production mode."
+      };
+    }
+    const html = await readFile(indexPath, "utf-8");
+    reply.type("text/html; charset=utf-8");
+    return reply.send(injectCspNonceIntoHtml(html, request.cspNonce));
+  });
+}
+async function createCoreRuntime(config) {
+  if (config.stores !== "postgres") {
+    throw new Error("createCoreWorkspaceAgentServer currently supports only CORE_STORES=postgres");
+  }
+  const { db, sql } = createDatabase(config);
+  const storeDb = db;
+  const userStore = new PostgresUserStore(storeDb);
+  const workspaceStore = new PostgresWorkspaceStore(
+    storeDb,
+    config.encryption.workspaceSettingsKey
+  );
+  const app = await createCoreApp(config);
+  const auth = createAuth(config, db, {
+    workspaceStore,
+    logger: app.log
+  });
+  app.decorate("db", db);
+  app.decorate("auth", auth);
+  app.decorate("userStore", userStore);
+  app.decorate("workspaceStore", workspaceStore);
+  app.addHook("onClose", async () => {
+    await sql.end();
+  });
+  return { app, sql, db, userStore, workspaceStore };
+}
+async function registerCoreRoutes({
+  app,
+  sql,
+  db,
+  userStore,
+  workspaceStore
+}) {
+  await app.register(authHook);
+  await app.register(registerRoutes, {
+    sql,
+    db,
+    userStore,
+    workspaceStore
+  });
+  await app.register(registerWorkspaceRoutes);
+  await app.register(registerMemberRoutes);
+  await app.register(registerSettingsRoutes);
+  await app.register(registerInviteRoutes);
+}
+async function createCoreWorkspaceAgentServer(options = {}) {
+  const config = options.config ?? await loadConfig({
+    allowMissingSecrets: process.env.NODE_ENV !== "production",
+    ...options.loadConfigOptions
+  });
+  const { app, sql, db, userStore, workspaceStore } = await createCoreRuntime(config);
+  const appRoot = options.appRoot;
+  const serveFrontend = options.serveFrontend ?? (process.env.NODE_ENV !== "development" && Boolean(appRoot));
+  const workspaceRoot = options.workspaceRoot ?? process.cwd();
+  await registerCoreRoutes({ app, sql, db, userStore, workspaceStore });
+  if (serveFrontend && appRoot) {
+    await registerFrontendAuthPages(app, appRoot);
+  }
+  await registerAuthProxy(app);
+  const pluginCollection = collectWorkspaceAgentServerPlugins({
+    workspaceRoot,
+    systemPromptAppend: options.systemPromptAppend,
+    resourceLoaderOptions: options.resourceLoaderOptions,
+    plugins: options.plugins,
+    excludeDefaults: options.excludeDefaults
+  });
+  await provisionWorkspaceAgentServer({
+    workspaceRoot,
+    provisioningContributions: pluginCollection.provisioningContributions,
+    force: options.forceProvisioning
+  });
+  const bridges = /* @__PURE__ */ new Map();
+  const getUiBridge = (workspaceId) => {
+    let bridge = bridges.get(workspaceId);
+    if (!bridge) {
+      bridge = createInMemoryBridge();
+      bridges.set(workspaceId, bridge);
+    }
+    return bridge;
+  };
+  const resolveWorkspaceId = async (request) => options.getWorkspaceId ? await options.getWorkspaceId(request) : await resolveAuthorizedWorkspaceId(request, workspaceStore);
+  const resolveRoot = async (workspaceId, request) => options.getWorkspaceRoot ? await options.getWorkspaceRoot(workspaceId, request) : await resolveWorkspaceRoot(workspaceRoot, workspaceId);
+  await app.register(registerAgentRoutes, {
+    workspaceRoot,
+    sessionId: options.sessionId,
+    templatePath: options.templatePath,
+    mode: options.mode,
+    version: options.version,
+    extraTools: [
+      ...options.extraTools ?? [],
+      ...pluginCollection.agentOptions.extraTools ?? []
+    ],
+    systemPromptAppend: pluginCollection.agentOptions.systemPromptAppend,
+    resourceLoaderOptions: pluginCollection.agentOptions.resourceLoaderOptions,
+    getExtraTools: async (ctx) => {
+      const callerTools = options.getExtraTools ? await options.getExtraTools(ctx) : [];
+      return [
+        ...callerTools,
+        ...createWorkspaceUiTools(getUiBridge(ctx.workspaceId), { workspaceRoot: ctx.workspaceRoot })
+      ];
+    },
+    sandboxHandleStore: options.sandboxHandleStore ?? new WorkspaceRuntimeSandboxHandleStore(workspaceStore),
+    getWorkspaceId: resolveWorkspaceId,
+    getWorkspaceRoot: resolveRoot,
+    registerHealthRoute: options.registerHealthRoute ?? false
+  });
+  await app.register(uiRoutes, {
+    getBridge: async (request) => getUiBridge(await resolveWorkspaceId(request))
+  });
+  for (const { routes } of pluginCollection.routeContributions) {
+    await app.register(routes);
+  }
+  if (serveFrontend && appRoot) {
+    await registerFrontendFallback(app, appRoot);
+  }
+  return app;
+}
+
+// src/app/server/devServer.ts
+import { createRequire } from "module";
+import path3 from "path";
+import { pathToFileURL } from "url";
+
+// src/app/server/appRootFromImportMeta.ts
+import path2 from "path";
+import { fileURLToPath } from "url";
+function appRootFromImportMeta(importMetaUrl, levelsUp = 2) {
+  return path2.resolve(path2.dirname(fileURLToPath(importMetaUrl)), "../".repeat(levelsUp));
+}
+
+// src/app/server/devServer.ts
+var DEFAULT_FRONTEND_PORT = 5173;
+async function startCoreWorkspaceAgentDevServer({
+  appRoot,
+  buildServer,
+  frontendPort = DEFAULT_FRONTEND_PORT,
+  eventPrefix = "core-workspace-agent"
+}) {
+  const app = await buildServer({ appRoot, serveFrontend: false });
+  const address = await app.listen({
+    host: app.config.host,
+    port: app.config.port
+  });
+  app.log.info({ event: `${eventPrefix}.server.ready`, address }, `${eventPrefix}.server.ready`);
+  const apiPort = Number(new URL(address).port);
+  const apiTarget = `http://127.0.0.1:${apiPort}`;
+  const requireFromApp = createRequire(path3.join(appRoot, "package.json"));
+  const viteEntry = requireFromApp.resolve("vite");
+  const viteModule = await import(pathToFileURL(viteEntry).href);
+  const vite = await viteModule.createServer({
+    root: appRoot,
+    server: {
+      port: frontendPort,
+      strictPort: false,
+      host: true,
+      proxy: {
+        "/api": apiTarget,
+        "/health": apiTarget,
+        "/auth": {
+          target: apiTarget,
+          changeOrigin: true,
+          bypass(req) {
+            const accept = req.headers.accept ?? "";
+            if (req.method === "GET" && accept.includes("text/html")) {
+              return req.url;
+            }
+            return void 0;
+          }
+        }
+      }
+    }
+  });
+  await vite.listen();
+  vite.printUrls();
+  app.log.info(
+    {
+      event: `${eventPrefix}.vite.ready`,
+      frontendPort,
+      apiTarget
+    },
+    `${eventPrefix}.vite.ready`
+  );
+  return { app, address, apiTarget };
+}
+async function startCoreWorkspaceAgentDevServerFromMeta(importMetaUrl, opts = {}) {
+  const appRoot = appRootFromImportMeta(importMetaUrl, opts.levelsUp ?? 2);
+  return startCoreWorkspaceAgentDevServer({
+    appRoot,
+    buildServer: (options) => createCoreWorkspaceAgentServer(options),
+    frontendPort: opts.frontendPort,
+    eventPrefix: opts.eventPrefix
+  });
+}
+
+// src/app/server/vercelFastifyHandler.ts
+function createVercelFastifyHandler({
+  createServer
+}) {
+  let serverPromise;
+  async function getServer() {
+    serverPromise ??= Promise.resolve(createServer()).then(async (server) => {
+      await server.ready();
+      return server;
+    }).catch((error) => {
+      serverPromise = void 0;
+      throw error;
+    });
+    return serverPromise;
+  }
+  return async function vercelFastifyHandler(req, res) {
+    const server = await getServer();
+    server.server.emit("request", req, res);
+  };
+}
+
+// src/app/server/runServer.ts
+async function runCoreWorkspaceAgentServer(importMetaUrl, opts = {}) {
+  const appRoot = appRootFromImportMeta(importMetaUrl, opts.levelsUp ?? 2);
+  const app = await createCoreWorkspaceAgentServer({
+    appRoot,
+    workspaceRoot: opts.workspaceRoot,
+    serveFrontend: true
+  });
+  const address = await app.listen({ host: app.config.host, port: app.config.port });
+  app.log.info({ event: "core.server.ready", address }, "core.server.ready");
+}
+
+// src/app/server/vercelEntry.ts
+function createCoreVercelEntry(_importMetaUrl, opts = {}) {
+  process.env.BORING_AGENT_MODE ??= "vercel-sandbox";
+  process.env.BORING_AGENT_WORKSPACE_ROOT ??= opts.workspaceRoot ?? "/tmp/boring-workspaces";
+  const appRoot = process.cwd();
+  const workspaceRoot = process.env.BORING_AGENT_WORKSPACE_ROOT;
+  return createVercelFastifyHandler({
+    createServer: () => createCoreWorkspaceAgentServer({ appRoot, workspaceRoot, serveFrontend: true })
+  });
+}
+export {
+  appRootFromImportMeta,
+  createCoreVercelEntry,
+  createCoreWorkspaceAgentServer,
+  createVercelFastifyHandler,
+  runCoreWorkspaceAgentServer,
+  startCoreWorkspaceAgentDevServer,
+  startCoreWorkspaceAgentDevServerFromMeta
+};

package/dist/app/vite/index.d.ts

@@ -0,0 +1,10 @@
+type BoringViteAlias = {
+    find: string | RegExp;
+    replacement: string;
+};
+interface CreateBoringAppViteAliasesOptions {
+    repoRoot: string;
+}
+declare function createBoringAppViteAliases({ repoRoot, }: CreateBoringAppViteAliasesOptions): BoringViteAlias[];
+
+export { type BoringViteAlias, type CreateBoringAppViteAliasesOptions, createBoringAppViteAliases };

package/dist/app/vite/index.js

@@ -0,0 +1,33 @@
+import "../../chunk-MLKGABMK.js";
+
+// src/app/vite/index.ts
+import path from "path";
+function createBoringAppViteAliases({
+  repoRoot
+}) {
+  const coreSrc = path.resolve(repoRoot, "packages/core/src");
+  const agentSrc = path.resolve(repoRoot, "packages/agent/src");
+  const workspaceSrc = path.resolve(repoRoot, "packages/workspace/src");
+  return [
+    { find: "@hachej/boring-core/front/top-bar-slot", replacement: path.resolve(coreSrc, "front/components/TopBarSlot.tsx") },
+    { find: "@hachej/boring-core/app/front/styles.css", replacement: path.resolve(coreSrc, "app/front/styles.css") },
+    { find: /^@hachej\/boring-core\/app\/front$/, replacement: path.resolve(coreSrc, "app/front/index.ts") },
+    { find: /^@hachej\/boring-core\/front$/, replacement: path.resolve(coreSrc, "front/index.ts") },
+    { find: "@hachej/boring-core/theme.css", replacement: path.resolve(coreSrc, "front/theme.css") },
+    { find: "@hachej/boring-agent/front/styles.css", replacement: path.resolve(agentSrc, "front/styles/globals.css") },
+    { find: /^@hachej\/boring-agent\/front$/, replacement: path.resolve(agentSrc, "front/index.ts") },
+    { find: /^@hachej\/boring-agent$/, replacement: path.resolve(agentSrc, "front/index.ts") },
+    { find: "@hachej/boring-workspace/globals.css", replacement: path.resolve(workspaceSrc, "globals.css") },
+    { find: /^@hachej\/boring-workspace\/shared$/, replacement: path.resolve(workspaceSrc, "shared/index.ts") },
+    { find: /^@hachej\/boring-workspace\/app\/front$/, replacement: path.resolve(workspaceSrc, "app/front/index.ts") },
+    { find: /^@hachej\/boring-workspace\/testing$/, replacement: path.resolve(workspaceSrc, "front/testing/index.ts") },
+    { find: /^@hachej\/boring-workspace$/, replacement: path.resolve(workspaceSrc, "index.ts") },
+    { find: "@/front/lib/", replacement: `${workspaceSrc}/front/lib/` },
+    { find: "@/front/", replacement: `${agentSrc}/front/` },
+    { find: "@/components/", replacement: `${workspaceSrc}/front/components/` },
+    { find: "@/lib/", replacement: `${workspaceSrc}/front/lib/` }
+  ];
+}
+export {
+  createBoringAppViteAliases
+};

package/dist/authHook-vsRhOvnh.d.ts

@@ -0,0 +1,38 @@
+import { C as CoreConfig, R as RuntimeConfig } from './index-COZa03RP.js';
+import { FastifyPluginAsync } from 'fastify';
+import { Auth } from 'better-auth';
+import { W as WorkspaceStore, D as Database } from './connection-CE7z-wBp.js';
+
+interface LoadConfigOptions {
+    tomlPath?: string;
+    env?: Record<string, string | undefined>;
+    allowMissingSecrets?: boolean;
+}
+declare function loadConfig(options?: LoadConfigOptions): Promise<CoreConfig>;
+declare function validateConfig(raw: unknown): CoreConfig;
+declare function buildRuntimeConfigPayload(config: CoreConfig): RuntimeConfig;
+
+declare function validatePasswordStrength(password: string): {
+    valid: boolean;
+    message?: string;
+};
+interface CreateAuthOptions {
+    workspaceStore?: WorkspaceStore;
+    logger?: {
+        warn: (obj: Record<string, unknown>, msg: string) => void;
+    };
+}
+declare function createAuth(config: CoreConfig, db: Database, opts?: CreateAuthOptions): Auth<any>;
+type BetterAuthInstance = Auth<any>;
+
+interface AuthHookOptions {
+    public?: RegExp[];
+}
+declare module 'fastify' {
+    interface FastifyInstance {
+        auth: BetterAuthInstance;
+    }
+}
+declare const authHook: FastifyPluginAsync<AuthHookOptions>;
+
+export { type AuthHookOptions as A, type BetterAuthInstance as B, type CreateAuthOptions as C, type LoadConfigOptions as L, authHook as a, buildRuntimeConfigPayload as b, createAuth as c, validatePasswordStrength as d, loadConfig as l, validateConfig as v };