@harness-fe/mcp-server 4.0.0-next.2 → 4.0.0-next.4

package/dist/dashboardSpa.js

@@ -1,180 +0,0 @@
-/**
- * HTTP handler that serves the React SPA built by `@harness-fe/dashboard-ui`.
- *
- * Routing rules (after the `isAuthorized` middleware in bridge.ts):
- *   - GET /                          → 302 to /dashboard/?token=<preserved> (legacy root)
- *   - GET /sessions/:id              → 302 to /dashboard/sessions/:id?token=… (legacy bookmarks)
- *   - GET /dashboard                 → 302 to /dashboard/?token=<preserved>
- *   - GET /dashboard/                → serve index.html (SPA shell)
- *   - GET /dashboard/<asset.ext>     → serve that file from dist/ (if it exists)
- *   - GET /dashboard/<other-path>    → serve index.html (SPA client-side routing)
- *
- * The dist directory is resolved at module load via `require.resolve()` on
- * the dashboard-ui package — same trick `replayViewer.ts` uses for
- * rrweb-player. No copy step needed; pnpm workspace symlinks just work in
- * dev, and `pnpm deploy` bundles the dist into the published tarball.
- */
-import { createRequire } from 'node:module';
-import { existsSync, readFileSync } from 'node:fs';
-import { dirname, extname, join, resolve as resolvePath } from 'node:path';
-import { DEFAULT_COOKIE_NAME } from './auth.js';
-const require = createRequire(import.meta.url);
-/**
- * If a request arrived with `?token=` AND no harness_fe_token cookie yet,
- * stamp the cookie and 302 back to the same path without the query.
- *
- * Why this matters: the SPA bundle is loaded by the browser as
- * `<script src="/dashboard/assets/index-XXX.js">` — relative paths without
- * the token query — which would 401 against the upstream auth middleware.
- * Setting the cookie on the first HTML request means every subsequent
- * same-origin fetch (assets, /api/*, WebSocket upgrade) is automatically
- * authenticated, and the visible URL stays clean.
- */
-function maybeHandleTokenHandoff(req, res, url) {
-    const tokenInQuery = url.searchParams.get('token');
-    if (!tokenInQuery)
-        return false;
-    // If the cookie's already set with the same value, nothing to do —
-    // pass through (the browser will follow links without ?token=).
-    const cookies = req.headers.cookie ?? '';
-    if (cookies.includes(`${DEFAULT_COOKIE_NAME}=`))
-        return false;
-    // Strip token from the URL and 302 back to the canonical path so the
-    // browser bookmarks / shares clean URLs. The cookie carries auth from
-    // here on. Also normalize `/dashboard` → `/dashboard/` in the same hop
-    // so we don't waste a second redirect chasing the trailing slash.
-    url.searchParams.delete('token');
-    const canonicalPath = url.pathname === '/dashboard' ? '/dashboard/' : url.pathname;
-    const remaining = url.searchParams.toString();
-    const clean = `${canonicalPath}${remaining ? '?' + remaining : ''}`;
-    const cookie = `${DEFAULT_COOKIE_NAME}=${encodeURIComponent(tokenInQuery)}; ` +
-        // Path=/ so /api/*, /replay/*, /dashboard/* all see it.
-        // SameSite=Lax keeps the cookie on cross-tab nav.
-        // No HttpOnly: the SPA's WS code may want to surface the token in
-        //   a Bearer header for tools that don't share cookies (rare —
-        //   browsers attach cookies to WS, so this is just defense in depth).
-        // 30-day Max-Age matches the /__auth login flow.
-        `Path=/; SameSite=Lax; Max-Age=2592000`;
-    res.statusCode = 302;
-    res.setHeader('set-cookie', cookie);
-    res.setHeader('location', clean);
-    res.setHeader('cache-control', 'no-store');
-    res.end();
-    return true;
-}
-function resolveDashboardDist() {
-    try {
-        const pkgPath = require.resolve('@harness-fe/dashboard-ui/package.json');
-        const dist = join(dirname(pkgPath), 'dist');
-        return existsSync(join(dist, 'index.html')) ? dist : undefined;
-    }
-    catch {
-        return undefined;
-    }
-}
-const CONTENT_TYPES = {
-    '.html': 'text/html; charset=utf-8',
-    '.js': 'application/javascript; charset=utf-8',
-    '.mjs': 'application/javascript; charset=utf-8',
-    '.css': 'text/css; charset=utf-8',
-    '.json': 'application/json; charset=utf-8',
-    '.svg': 'image/svg+xml',
-    '.png': 'image/png',
-    '.jpg': 'image/jpeg',
-    '.jpeg': 'image/jpeg',
-    '.gif': 'image/gif',
-    '.webp': 'image/webp',
-    '.ico': 'image/x-icon',
-    '.woff': 'font/woff',
-    '.woff2': 'font/woff2',
-    '.txt': 'text/plain; charset=utf-8',
-    '.map': 'application/json; charset=utf-8',
-};
-function contentTypeFor(filePath) {
-    return CONTENT_TYPES[extname(filePath).toLowerCase()] ?? 'application/octet-stream';
-}
-export function createDashboardSpaHandler() {
-    const dist = resolveDashboardDist();
-    return (req, res) => {
-        if (!req.url)
-            return false;
-        const url = new URL(req.url, 'http://localhost');
-        const path = url.pathname;
-        const method = req.method ?? 'GET';
-        if (method !== 'GET' && method !== 'HEAD')
-            return false;
-        // Legacy paths from the old server-rendered dashboard — redirect into
-        // the SPA preserving the token query so the user stays authenticated.
-        if (path === '/' || path === '/index.html') {
-            res.statusCode = 302;
-            res.setHeader('location', `/dashboard/${url.search ?? ''}`);
-            res.end();
-            return true;
-        }
-        const legacySession = path.match(/^\/sessions\/([^/]+)$/);
-        if (legacySession) {
-            const sid = legacySession[1];
-            res.statusCode = 302;
-            res.setHeader('location', `/dashboard/sessions/${sid}${url.search ?? ''}`);
-            res.end();
-            return true;
-        }
-        if (!path.startsWith('/dashboard'))
-            return false;
-        // First-load token handoff: ?token=… → cookie + redirect.
-        // Skip for static asset paths; setting the cookie there would still
-        // work but the redirect would break the script tag's request chain.
-        if (!path.startsWith('/dashboard/assets/') && !path.startsWith('/dashboard/static/')) {
-            if (maybeHandleTokenHandoff(req, res, url))
-                return true;
-        }
-        // If dashboard-ui isn't installed (someone using an older deploy
-        // or running tests in isolation), fall through with a friendly
-        // 503 rather than 404 — clearer signal than silent miss.
-        if (!dist) {
-            res.statusCode = 503;
-            res.setHeader('content-type', 'text/plain; charset=utf-8');
-            res.end('Dashboard UI is not bundled with this build.');
-            return true;
-        }
-        // /dashboard with no trailing slash → redirect, preserving token.
-        if (path === '/dashboard') {
-            const search = url.search ?? '';
-            res.statusCode = 302;
-            res.setHeader('location', `/dashboard/${search}`);
-            res.end();
-            return true;
-        }
-        // Strip the `/dashboard/` prefix to get the relative path inside dist.
-        const rel = path.slice('/dashboard/'.length) || 'index.html';
-        // Path traversal defense: resolve against dist and require the
-        // result is still inside dist. Without this, a crafted URL like
-        // `/dashboard/../../etc/passwd` would escape.
-        const candidate = resolvePath(dist, rel);
-        if (!candidate.startsWith(dist + (dist.endsWith('/') ? '' : '/')) && candidate !== dist) {
-            res.statusCode = 403;
-            res.setHeader('content-type', 'text/plain; charset=utf-8');
-            res.end('Forbidden');
-            return true;
-        }
-        // Serve the file if it exists; otherwise fall back to index.html
-        // so the SPA's client-side router can take over (this is how /sessions/:id
-        // works without server config).
-        const target = existsSync(candidate) ? candidate : join(dist, 'index.html');
-        try {
-            const body = readFileSync(target);
-            res.statusCode = 200;
-            res.setHeader('content-type', contentTypeFor(target));
-            // Hashed assets are immutable; HTML shells should never cache.
-            const isHashed = /\/assets\/.+-[A-Za-z0-9_-]{6,}\.[a-z0-9]+$/.test(target);
-            res.setHeader('cache-control', isHashed ? 'public, max-age=31536000, immutable' : 'no-store');
-            res.end(body);
-        }
-        catch (err) {
-            res.statusCode = 500;
-            res.setHeader('content-type', 'text/plain; charset=utf-8');
-            res.end(`dashboard read error: ${err instanceof Error ? err.message : String(err)}`);
-        }
-        return true;
-    };
-}

package/dist/dashboardUrl.d.ts

@@ -1,13 +0,0 @@
-/**
- * Compose dashboard URLs the user (or agent) should hit.
- *
- * Carries the configured auth token in the query string so the browser
- * lands pre-authenticated. On loopback hosts with no token configured,
- * the URL is left bare.
- */
-import type { IBridge } from './bridge.js';
-export interface DashboardUrlOptions {
-    /** When provided, deep-link to a specific session detail page. */
-    sessionId?: string;
-}
-export declare function buildDashboardUrl(bridge: IBridge, opts?: DashboardUrlOptions): string | undefined;

package/dist/dashboardUrl.js

@@ -1,18 +0,0 @@
-/**
- * Compose dashboard URLs the user (or agent) should hit.
- *
- * Carries the configured auth token in the query string so the browser
- * lands pre-authenticated. On loopback hosts with no token configured,
- * the URL is left bare.
- */
-export function buildDashboardUrl(bridge, opts = {}) {
-    const base = bridge.getViewerBaseUrl();
-    if (!base)
-        return undefined;
-    const path = opts.sessionId
-        ? `/dashboard/sessions/${encodeURIComponent(opts.sessionId)}`
-        : '/dashboard/';
-    const token = bridge.getAuthToken();
-    const qs = token ? `?token=${encodeURIComponent(token)}` : '';
-    return `${base}${path}${qs}`;
-}

package/dist/eventsHandler.d.ts

@@ -1,24 +0,0 @@
-/**
- * HTTP POST /events handler — stateless alternative to the WebSocket path.
- *
- * Accepts a JSON body matching `httpBatchSchema`:
- *   { hello: { role: 'node-runtime', projectId, sessionId, ... },
- *     events: [ { id, name, ts, payload, ... }, ... ] }
- *
- * Each POST is treated as a one-shot hello+events sequence:
- *   1. Register (or re-register) the peer via the same bridge internals.
- *   2. Persist every event to the right session timeline.
- *   3. Respond 204 No Content.
- *
- * Also handles:
- *   GET /events/ping  → 200 { ok: true, version }
- *   OPTIONS /events   → 204 CORS preflight
- */
-import type { IncomingMessage, ServerResponse } from 'node:http';
-import type { Bridge } from './bridge.js';
-/**
- * Returns a handler that matches /events/* routes and returns `true` when it
- * handled the request (so the bridge can short-circuit its 404 fallback).
- */
-export declare function createEventsHandler(bridge: Bridge): (req: IncomingMessage, res: ServerResponse) => Promise<boolean>;
-export type EventsHandler = ReturnType<typeof createEventsHandler>;

package/dist/eventsHandler.js

@@ -1,114 +0,0 @@
-/**
- * HTTP POST /events handler — stateless alternative to the WebSocket path.
- *
- * Accepts a JSON body matching `httpBatchSchema`:
- *   { hello: { role: 'node-runtime', projectId, sessionId, ... },
- *     events: [ { id, name, ts, payload, ... }, ... ] }
- *
- * Each POST is treated as a one-shot hello+events sequence:
- *   1. Register (or re-register) the peer via the same bridge internals.
- *   2. Persist every event to the right session timeline.
- *   3. Respond 204 No Content.
- *
- * Also handles:
- *   GET /events/ping  → 200 { ok: true, version }
- *   OPTIONS /events   → 204 CORS preflight
- */
-import { PROTOCOL_VERSION, httpBatchSchema } from '@harness-fe/protocol';
-// ─── CORS helpers ────────────────────────────────────────────────────────────
-function isLoopback(req) {
-    const host = req.headers['host'] ?? '';
-    // Match 127.0.0.1:* and localhost:*
-    return /^(127\.0\.0\.1|localhost)(:\d+)?$/.test(host);
-}
-function setCorsHeaders(res) {
-    res.setHeader('Access-Control-Allow-Origin', '*');
-    res.setHeader('Access-Control-Allow-Methods', 'POST, GET, OPTIONS');
-    res.setHeader('Access-Control-Allow-Headers', 'content-type');
-}
-// ─── Body reader ─────────────────────────────────────────────────────────────
-function readBody(req) {
-    return new Promise((resolve, reject) => {
-        const chunks = [];
-        req.on('data', (chunk) => chunks.push(chunk));
-        req.on('end', () => resolve(Buffer.concat(chunks).toString('utf-8')));
-        req.on('error', reject);
-    });
-}
-// ─── Factory ─────────────────────────────────────────────────────────────────
-/**
- * Returns a handler that matches /events/* routes and returns `true` when it
- * handled the request (so the bridge can short-circuit its 404 fallback).
- */
-export function createEventsHandler(bridge) {
-    return async (req, res) => {
-        const url = req.url ?? '';
-        const method = req.method ?? 'GET';
-        // Only intercept /events and /events/ping
-        if (url !== '/events' && url !== '/events/ping')
-            return false;
-        // CORS: only emit headers when request comes from loopback
-        if (isLoopback(req)) {
-            setCorsHeaders(res);
-        }
-        // Preflight for both routes
-        if (method === 'OPTIONS') {
-            res.statusCode = 204;
-            res.end();
-            return true;
-        }
-        // GET /events/ping
-        if (url === '/events/ping' && method === 'GET') {
-            res.statusCode = 200;
-            res.setHeader('content-type', 'application/json; charset=utf-8');
-            res.end(JSON.stringify({ ok: true, version: PROTOCOL_VERSION }));
-            return true;
-        }
-        // POST /events
-        if (url === '/events' && method === 'POST') {
-            let rawBody;
-            try {
-                rawBody = await readBody(req);
-            }
-            catch {
-                res.statusCode = 400;
-                res.setHeader('content-type', 'application/json; charset=utf-8');
-                res.end(JSON.stringify({ error: 'failed to read request body' }));
-                return true;
-            }
-            let parsed;
-            try {
-                parsed = JSON.parse(rawBody);
-            }
-            catch {
-                res.statusCode = 400;
-                res.setHeader('content-type', 'application/json; charset=utf-8');
-                res.end(JSON.stringify({ error: 'invalid JSON' }));
-                return true;
-            }
-            const validated = httpBatchSchema.safeParse(parsed);
-            if (!validated.success) {
-                res.statusCode = 400;
-                res.setHeader('content-type', 'application/json; charset=utf-8');
-                res.end(JSON.stringify({ error: validated.error.message }));
-                return true;
-            }
-            const { hello, events } = validated.data;
-            try {
-                bridge.handleHttpBatch(hello, events);
-            }
-            catch (err) {
-                res.statusCode = 500;
-                res.setHeader('content-type', 'application/json; charset=utf-8');
-                res.end(JSON.stringify({
-                    error: err instanceof Error ? err.message : 'internal error',
-                }));
-                return true;
-            }
-            res.statusCode = 204;
-            res.end();
-            return true;
-        }
-        return false;
-    };
-}

package/dist/identity.d.ts

@@ -1,90 +0,0 @@
-/**
- * Caller identity (4.0 · P1) — turns the auth boundary from a plain
- * allow/deny into "allow/deny + *who*".
- *
- * Phase 1 scope: this module only *establishes* and *carries* a Principal,
- * and the bridge *tags* writes with it (createdBy). It deliberately does NOT
- * filter reads by owner — that's P3 (tenant isolation). Keeping the two apart
- * means identity plumbing lands with zero behaviour change: loopback solo dev
- * stays a single implicit `local` principal, and an authorized caller sees
- * everything exactly as before.
- *
- * Why a separate module from auth.ts: `isAuthorized` answers a boolean and is
- * consumed on the hot path of every HTTP route / WS upgrade. `resolvePrincipal`
- * is the richer, additive view layered on top — it reuses the same primitives
- * (isAuthEnabled / extractToken / verifyToken) so the two can never disagree on
- * who is allowed in.
- */
-import type { IncomingMessage } from 'node:http';
-import { type AuthOptions } from './auth.js';
-export type PrincipalKind = 'local' | 'token' | 'host';
-export interface Principal {
-    /** Stable id for this caller. Loopback / stdio solo dev → `local`. */
-    id: string;
-    /** How the identity was established. */
-    kind: PrincipalKind;
-    /** Optional human-readable label (for dashboards / audit). */
-    displayName?: string;
-}
-/**
- * The implicit single principal for loopback and stdio solo dev. The daemon
- * trusts everything that can reach the loopback socket, so there is one
- * caller and it owns everything — exactly today's behaviour, now named.
- */
-export declare const LOCAL_PRINCIPAL: Principal;
-/**
- * Principal for the custom-`authorize` path. Hosts that embed the daemon own
- * their own user model; until `authorize` can return a richer identity
- * (future work), an authorized host caller maps to this single principal.
- */
-export declare const HOST_PRINCIPAL: Principal;
-/**
- * Derive a stable principal id from a bearer token. One token = one principal
- * in 4.0's trusted-team model. We hash so the raw secret never becomes an id
- * that could leak into stored `createdBy` tags or audit logs.
- */
-export declare function tokenPrincipalId(token: string): string;
-/**
- * Resolve the caller behind a request.
- *
- * Returns `null` when auth is enabled and the request is NOT authorized — this
- * mirrors `isAuthorized(req) === false` exactly, so callers can treat a null
- * principal as "reject" without a second auth check.
- *
- * - auth disabled (loopback): {@link LOCAL_PRINCIPAL}
- * - custom `authorize`: {@link HOST_PRINCIPAL} when it accepts, else `null`
- * - token: a {@link tokenPrincipalId}-derived principal when it matches, else `null`
- */
-export declare function resolvePrincipal(req: IncomingMessage, opts: AuthOptions): Principal | null;
-type HeaderBag = Record<string, string | string[] | undefined>;
-/**
- * Identify (not authorize) the caller behind an MCP tool call (4.0 · P4).
- *
- * The HTTP MCP request has already cleared the bridge's auth wrapper by the
- * time a tool runs, so this only needs to *name* the caller — never to
- * re-check them. Pass the per-request headers from the MCP SDK's
- * `extra.requestInfo`; stdio calls have no requestInfo and resolve to `local`
- * (the daemon trusts its local stdio agent).
- *
- * - auth disabled, or no headers (stdio) → {@link LOCAL_PRINCIPAL}
- * - custom authorize → {@link HOST_PRINCIPAL}
- * - token mode → token principal from the Authorization header (LOCAL if absent)
- */
-export declare function identifyPrincipal(headers: HeaderBag | undefined, opts: AuthOptions): Principal;
-/**
- * Tenant-isolation visibility check (4.0 · P3). Decides whether `principal`
- * may see a record tagged with `createdBy`.
- *
- * - `local` (loopback / stdio solo / no-auth) → sees everything. This keeps
- *   solo dev's behaviour completely unchanged.
- * - unowned data (`createdBy` null/undefined — legacy rows from before P1, or
- *   records the daemon never tagged) → visible to everyone (backward compat).
- * - otherwise → visible only to the principal that created it.
- *
- * Note: in the current single-token / loopback reality the data creator
- * (plugin / runtime client) and the querying agent share one principal, so
- * this is exact. A full `project → agent` binding (creator ≠ consumer, once
- * P6 splits write/read scopes) is deferred to P6.
- */
-export declare function canSee(principal: Principal, createdBy: string | null | undefined): boolean;
-export {};

package/dist/identity.js

@@ -1,123 +0,0 @@
-/**
- * Caller identity (4.0 · P1) — turns the auth boundary from a plain
- * allow/deny into "allow/deny + *who*".
- *
- * Phase 1 scope: this module only *establishes* and *carries* a Principal,
- * and the bridge *tags* writes with it (createdBy). It deliberately does NOT
- * filter reads by owner — that's P3 (tenant isolation). Keeping the two apart
- * means identity plumbing lands with zero behaviour change: loopback solo dev
- * stays a single implicit `local` principal, and an authorized caller sees
- * everything exactly as before.
- *
- * Why a separate module from auth.ts: `isAuthorized` answers a boolean and is
- * consumed on the hot path of every HTTP route / WS upgrade. `resolvePrincipal`
- * is the richer, additive view layered on top — it reuses the same primitives
- * (isAuthEnabled / extractToken / verifyToken) so the two can never disagree on
- * who is allowed in.
- */
-import { createHash } from 'node:crypto';
-import { extractToken, isAuthEnabled, verifyToken } from './auth.js';
-/**
- * The implicit single principal for loopback and stdio solo dev. The daemon
- * trusts everything that can reach the loopback socket, so there is one
- * caller and it owns everything — exactly today's behaviour, now named.
- */
-export const LOCAL_PRINCIPAL = Object.freeze({
-    id: 'local',
-    kind: 'local',
-    displayName: 'local',
-});
-/**
- * Principal for the custom-`authorize` path. Hosts that embed the daemon own
- * their own user model; until `authorize` can return a richer identity
- * (future work), an authorized host caller maps to this single principal.
- */
-export const HOST_PRINCIPAL = Object.freeze({
-    id: 'host',
-    kind: 'host',
-    displayName: 'host',
-});
-/**
- * Derive a stable principal id from a bearer token. One token = one principal
- * in 4.0's trusted-team model. We hash so the raw secret never becomes an id
- * that could leak into stored `createdBy` tags or audit logs.
- */
-export function tokenPrincipalId(token) {
-    return `token:${createHash('sha256').update(token).digest('hex').slice(0, 12)}`;
-}
-/**
- * Resolve the caller behind a request.
- *
- * Returns `null` when auth is enabled and the request is NOT authorized — this
- * mirrors `isAuthorized(req) === false` exactly, so callers can treat a null
- * principal as "reject" without a second auth check.
- *
- * - auth disabled (loopback): {@link LOCAL_PRINCIPAL}
- * - custom `authorize`: {@link HOST_PRINCIPAL} when it accepts, else `null`
- * - token: a {@link tokenPrincipalId}-derived principal when it matches, else `null`
- */
-export function resolvePrincipal(req, opts) {
-    if (!isAuthEnabled(opts))
-        return LOCAL_PRINCIPAL;
-    if (opts.authorize)
-        return opts.authorize(req) ? HOST_PRINCIPAL : null;
-    const token = extractToken(req, opts);
-    if (!verifyToken(token, opts.token))
-        return null;
-    return { id: tokenPrincipalId(token), kind: 'token' };
-}
-function bearerFromHeaders(headers) {
-    const raw = headers['authorization'] ?? headers['Authorization'];
-    const v = Array.isArray(raw) ? raw[0] : raw;
-    if (typeof v === 'string' && v.startsWith('Bearer ')) {
-        const t = v.slice(7).trim();
-        if (t)
-            return t;
-    }
-    return undefined;
-}
-/**
- * Identify (not authorize) the caller behind an MCP tool call (4.0 · P4).
- *
- * The HTTP MCP request has already cleared the bridge's auth wrapper by the
- * time a tool runs, so this only needs to *name* the caller — never to
- * re-check them. Pass the per-request headers from the MCP SDK's
- * `extra.requestInfo`; stdio calls have no requestInfo and resolve to `local`
- * (the daemon trusts its local stdio agent).
- *
- * - auth disabled, or no headers (stdio) → {@link LOCAL_PRINCIPAL}
- * - custom authorize → {@link HOST_PRINCIPAL}
- * - token mode → token principal from the Authorization header (LOCAL if absent)
- */
-export function identifyPrincipal(headers, opts) {
-    if (!isAuthEnabled(opts))
-        return LOCAL_PRINCIPAL;
-    if (opts.authorize)
-        return HOST_PRINCIPAL;
-    if (!headers)
-        return LOCAL_PRINCIPAL;
-    const token = bearerFromHeaders(headers);
-    return token ? { id: tokenPrincipalId(token), kind: 'token' } : LOCAL_PRINCIPAL;
-}
-/**
- * Tenant-isolation visibility check (4.0 · P3). Decides whether `principal`
- * may see a record tagged with `createdBy`.
- *
- * - `local` (loopback / stdio solo / no-auth) → sees everything. This keeps
- *   solo dev's behaviour completely unchanged.
- * - unowned data (`createdBy` null/undefined — legacy rows from before P1, or
- *   records the daemon never tagged) → visible to everyone (backward compat).
- * - otherwise → visible only to the principal that created it.
- *
- * Note: in the current single-token / loopback reality the data creator
- * (plugin / runtime client) and the querying agent share one principal, so
- * this is exact. A full `project → agent` binding (creator ≠ consumer, once
- * P6 splits write/read scopes) is deferred to P6.
- */
-export function canSee(principal, createdBy) {
-    if (principal.kind === 'local')
-        return true;
-    if (createdBy == null)
-        return true;
-    return createdBy === principal.id;
-}

package/dist/openBrowser.d.ts

@@ -1,33 +0,0 @@
-/**
- * Cross-platform "open this URL in the user's default browser" — a tiny
- * wrapper around the OS-native command.
- *
- * Detection rules:
- *   - darwin → `open <url>`
- *   - linux  → `xdg-open <url>`
- *   - win32  → `cmd /c start "" <url>` (the empty title is required, otherwise `start` treats the URL as a title)
- *
- * Escape hatches:
- *   - `HARNESS_FE_HEADLESS=1` short-circuits and returns `false` without
- *     spawning anything — useful when the daemon runs in Docker / CI /
- *     remote host where there's no GUI to open
- *   - any other platform returns `false`
- *
- * The spawned process is detached and stdio'd to ignore so we don't
- * accidentally tie its lifetime to ours.
- */
-import { spawn } from 'node:child_process';
-export interface OpenBrowserOptions {
-    /** Inject an alternate `process.platform` value, for tests. */
-    platformOverride?: NodeJS.Platform;
-    /** Inject the env lookup, for tests. */
-    envOverride?: Record<string, string | undefined>;
-    /** Inject the spawn function, for tests. */
-    spawnOverride?: typeof spawn;
-}
-export interface OpenBrowserResult {
-    opened: boolean;
-    /** Set when `opened` is false to explain why. */
-    reason?: string;
-}
-export declare function openBrowser(url: string, opts?: OpenBrowserOptions): OpenBrowserResult;

package/dist/openBrowser.js

@@ -1,63 +0,0 @@
-/**
- * Cross-platform "open this URL in the user's default browser" — a tiny
- * wrapper around the OS-native command.
- *
- * Detection rules:
- *   - darwin → `open <url>`
- *   - linux  → `xdg-open <url>`
- *   - win32  → `cmd /c start "" <url>` (the empty title is required, otherwise `start` treats the URL as a title)
- *
- * Escape hatches:
- *   - `HARNESS_FE_HEADLESS=1` short-circuits and returns `false` without
- *     spawning anything — useful when the daemon runs in Docker / CI /
- *     remote host where there's no GUI to open
- *   - any other platform returns `false`
- *
- * The spawned process is detached and stdio'd to ignore so we don't
- * accidentally tie its lifetime to ours.
- */
-import { spawn } from 'node:child_process';
-export function openBrowser(url, opts = {}) {
-    const env = opts.envOverride ?? process.env;
-    if (env.HARNESS_FE_HEADLESS === '1') {
-        return { opened: false, reason: 'HARNESS_FE_HEADLESS=1' };
-    }
-    const platform = opts.platformOverride ?? process.platform;
-    const spawnFn = opts.spawnOverride ?? spawn;
-    let cmd;
-    let args;
-    switch (platform) {
-        case 'darwin':
-            cmd = 'open';
-            args = [url];
-            break;
-        case 'linux':
-            cmd = 'xdg-open';
-            args = [url];
-            break;
-        case 'win32':
-            // `start` is a cmd builtin, not a standalone exe. The first
-            // empty-string arg is the window title — required, because
-            // otherwise `start "https://…"` treats the URL as the title
-            // and never opens anything.
-            cmd = 'cmd';
-            args = ['/c', 'start', '', url];
-            break;
-        default:
-            return { opened: false, reason: `unsupported platform: ${platform}` };
-    }
-    try {
-        const child = spawnFn(cmd, args, {
-            detached: true,
-            stdio: 'ignore',
-        });
-        child.unref();
-        return { opened: true };
-    }
-    catch (err) {
-        return {
-            opened: false,
-            reason: err instanceof Error ? err.message : String(err),
-        };
-    }
-}