@hasna/machines 0.0.48 → 0.0.49

package/dist/storage.js

@@ -1,35 +1,5 @@
 // @bun
-var __create = Object.create;
-var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-function __accessProp(key) {
-  return this[key];
-}
-var __toESMCache_node;
-var __toESMCache_esm;
-var __toESM = (mod, isNodeMode, target) => {
-  var canCache = mod != null && typeof mod === "object";
-  if (canCache) {
-    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
-    var cached = cache.get(mod);
-    if (cached)
-      return cached;
-  }
-  target = mod != null ? __create(__getProtoOf(mod)) : {};
-  const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
-  for (let key of __getOwnPropNames(mod))
-    if (!__hasOwnProp.call(to, key))
-      __defProp(to, key, {
-        get: __accessProp.bind(mod, key),
-        enumerable: true
-      });
-  if (canCache)
-    cache.set(mod, to);
-  return to;
-};
-var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
 var __returnValue = (v) => v;
 function __exportSetter(name, newValue) {
   this[name] = __returnValue.bind(null, newValue);
@@ -206,51 +176,6 @@ function getAdapter(path = getDbPath()) {
 function getDb(path = getDbPath()) {
   return getAdapter(path).raw;
 }
-function closeDb() {
-  if (adapter) {
-    adapter.close();
-    adapter = null;
-  }
-}
-function upsertHeartbeat(machineId, pid = process.pid, status = "online", metadata = {}) {
-  const db = getDb();
-  db.query(`INSERT INTO agent_heartbeats (
-       machine_id,
-       pid,
-       status,
-       updated_at,
-       daemon_version,
-       agent_mode,
-       platform,
-       os_version,
-       os_build,
-       arch,
-       uptime_seconds,
-       tool_versions_json,
-       tailscale_json,
-       storage_sync_status,
-       storage_sync_last_error,
-       doctor_summary_json,
-       private_metadata
-     )
-     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-     ON CONFLICT(machine_id, pid) DO UPDATE SET
-       status = excluded.status,
-       updated_at = excluded.updated_at,
-       daemon_version = excluded.daemon_version,
-       agent_mode = excluded.agent_mode,
-       platform = excluded.platform,
-       os_version = excluded.os_version,
-       os_build = excluded.os_build,
-       arch = excluded.arch,
-       uptime_seconds = excluded.uptime_seconds,
-       tool_versions_json = excluded.tool_versions_json,
-       tailscale_json = excluded.tailscale_json,
-       storage_sync_status = excluded.storage_sync_status,
-       storage_sync_last_error = excluded.storage_sync_last_error,
-       doctor_summary_json = excluded.doctor_summary_json,
-       private_metadata = excluded.private_metadata`).run(machineId, pid, status, new Date().toISOString(), metadata.daemonVersion ?? null, metadata.agentMode ?? null, metadata.platform ?? null, metadata.osVersion ?? null, metadata.osBuild ?? null, metadata.arch ?? null, metadata.uptimeSeconds == null ? null : Math.max(0, Math.floor(metadata.uptimeSeconds)), metadata.toolVersions ? JSON.stringify(metadata.toolVersions) : null, metadata.tailscale ? JSON.stringify(metadata.tailscale) : null, metadata.storageSyncStatus ?? null, metadata.storageSyncLastError ?? null, metadata.doctorSummary ? JSON.stringify(metadata.doctorSummary) : null, metadata.privateMetadata ? 1 : 0);
-}
 function getLocalMachineId() {
   return process.env["HASNA_MACHINES_MACHINE_ID"] || hostname();
 }
@@ -280,12 +205,6 @@ function countRuns(table) {
   const row = db.query(`SELECT COUNT(*) as count FROM ${table}`).get();
   return row.count;
 }
-function setHeartbeatStatus(machineId, pid, status) {
-  const db = getDb();
-  db.query(`UPDATE agent_heartbeats
-     SET status = ?, updated_at = ?
-     WHERE machine_id = ? AND pid = ?`).run(status, new Date().toISOString(), machineId, pid);
-}
 function recordSetupRun(machineId, status, details) {
   const db = getDb();
   const now = new Date().toISOString();
@@ -359,6 +278,8 @@ var PG_MIGRATIONS = [
 
 // src/remote-storage.ts
 import pg from "pg";
+var MACHINES_DATABASE_ALLOW_INSECURE_TLS_ENV = "HASNA_MACHINES_ALLOW_INSECURE_DATABASE_TLS";
+var MACHINES_DATABASE_SSL_REJECT_UNAUTHORIZED_ENV = "HASNA_MACHINES_DATABASE_SSL_REJECT_UNAUTHORIZED";
 function translatePlaceholders(sql) {
   let index = 0;
   return sql.replace(/\?/g, () => `$${++index}`);
@@ -367,7 +288,18 @@ function normalizeParams(params) {
   const flat = params.length === 1 && Array.isArray(params[0]) ? params[0] : params;
   return flat.map((value) => value === undefined ? null : value);
 }
-function sslConfigFor(connectionString) {
+function envFlag(env, name) {
+  const value = env[name]?.trim().toLowerCase();
+  return value === "1" || value === "true" || value === "yes" || value === "on";
+}
+function isLoopbackHost(hostname2) {
+  const normalized = hostname2.replace(/^\[|\]$/g, "").toLowerCase();
+  return normalized === "localhost" || normalized === "::1" || normalized === "0:0:0:0:0:0:0:1" || /^127(?:\.\d{1,3}){3}$/.test(normalized);
+}
+function allowsLocalInsecureTls(url, env) {
+  return isLoopbackHost(url.hostname) && envFlag(env, MACHINES_DATABASE_ALLOW_INSECURE_TLS_ENV);
+}
+function sslConfigFor(connectionString, env = process.env) {
   let url;
   try {
     url = new URL(connectionString);
@@ -376,12 +308,21 @@ function sslConfigFor(connectionString) {
   }
   const sslMode = url.searchParams.get("sslmode")?.toLowerCase();
   const ssl = url.searchParams.get("ssl")?.toLowerCase();
-  if (sslMode === "disable" || ssl === "false")
-    return;
-  if (sslMode === "no-verify" || process.env["HASNA_MACHINES_DATABASE_SSL_REJECT_UNAUTHORIZED"] === "0") {
+  const rejectUnauthorizedOverride = env[MACHINES_DATABASE_SSL_REJECT_UNAUTHORIZED_ENV]?.trim() === "0";
+  if (sslMode === "disable" || ssl === "false") {
+    if (allowsLocalInsecureTls(url, env))
+      return;
+    throw new Error(`Insecure PostgreSQL TLS mode is rejected for remote storage; use sslmode=require or set ${MACHINES_DATABASE_ALLOW_INSECURE_TLS_ENV}=1 only for loopback development databases.`);
+  }
+  if (sslMode === "no-verify" || rejectUnauthorizedOverride) {
+    if (!allowsLocalInsecureTls(url, env)) {
+      throw new Error(`PostgreSQL TLS certificate verification cannot be disabled for remote storage; set ${MACHINES_DATABASE_ALLOW_INSECURE_TLS_ENV}=1 only for loopback development databases.`);
+    }
     return { rejectUnauthorized: false };
   }
-  return sslMode || ssl === "true" ? { rejectUnauthorized: true } : undefined;
+  if (sslMode || ssl === "true")
+    return { rejectUnauthorized: true };
+  return isLoopbackHost(url.hostname) ? undefined : { rejectUnauthorized: true };
 }
 
 class PgAdapterAsync {
@@ -666,16 +607,376 @@ function coerceForSqlite(value) {
     return JSON.stringify(value);
   return String(value);
 }
+
+// src/commands/mutation-approval.ts
+import { createHash, createHmac, randomUUID, timingSafeEqual } from "crypto";
+import { resolve as resolve2 } from "path";
+var MUTATION_APPROVAL_FLAG_ENV = "HASNA_MACHINES_ALLOW_MUTATIONS";
+var LEGACY_MUTATION_APPROVAL_FLAG_ENV = "HASNA_MACHINES_MUTATION_APPROVAL";
+var MUTATION_APPROVAL_TOKEN_ENV = "HASNA_MACHINES_MUTATION_TOKEN";
+var MUTATION_APPROVAL_CALLER_ENV = "HASNA_MACHINES_MUTATION_CALLER_ID";
+var MUTATION_APPROVAL_RUN_ENV = "HASNA_MACHINES_MUTATION_RUN_ID";
+var MUTATION_APPROVAL_REPLAY_PATH_ENV = "HASNA_MACHINES_MUTATION_REPLAY_PATH";
+var TOKEN_PREFIX = "machines-mut-v1";
+var DEFAULT_TOKEN_TTL_MS = 5 * 60 * 1000;
+var MAX_TOKEN_TTL_MS = 5 * 60 * 1000;
+var MAX_CLOCK_SKEW_MS = 30000;
+var trustedSdkMutationApprovals = new WeakSet;
+function isTrustedSdkMutationApproval(approval) {
+  return typeof approval === "object" && approval !== null && trustedSdkMutationApprovals.has(approval);
+}
+function isTruthy(value) {
+  return value === "1" || value?.toLowerCase() === "true" || value?.toLowerCase() === "yes";
+}
+function nowMs(now) {
+  if (typeof now === "number")
+    return now;
+  if (now instanceof Date)
+    return now.getTime();
+  return Date.now();
+}
+function signingSecret(env, explicitSecret) {
+  return explicitSecret?.trim() || env[MUTATION_APPROVAL_TOKEN_ENV]?.trim();
+}
+function base64Url(value) {
+  return Buffer.from(value).toString("base64url");
+}
+function hmac(payload, secret) {
+  return createHmac("sha256", secret).update(payload).digest("base64url");
+}
+function sha256Hex(payload) {
+  return createHash("sha256").update(payload).digest("hex");
+}
+function replayDbPath(env) {
+  const configured = env[MUTATION_APPROVAL_REPLAY_PATH_ENV]?.trim();
+  return configured ? resolve2(configured) : undefined;
+}
+function replayNonceKey(claims) {
+  return sha256Hex(JSON.stringify({ nonce: claims.nonce }));
+}
+function recordReplayNonce(env, claims, tokenPayload, now) {
+  const dbPath = replayDbPath(env);
+  if (!dbPath)
+    return;
+  if (!claims.nonce) {
+    return { approved: false, reason: "approval_token nonce claim is required for replay protection." };
+  }
+  try {
+    const db = getDb(dbPath);
+    db.query("DELETE FROM mutation_approval_nonces WHERE expires_at <= ?").run(now);
+    const result = db.query(`
+      INSERT OR IGNORE INTO mutation_approval_nonces (
+        nonce_sha256,
+        token_sha256,
+        surface,
+        operation,
+        caller_id,
+        run_id,
+        transport,
+        expires_at,
+        used_at
+      )
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(replayNonceKey(claims), sha256Hex(tokenPayload), claims.surface, claims.operation, claims.callerId ?? "", claims.runId ?? "", claims.transport ?? "", claims.expiresAt, now);
+    if (result.changes !== 1) {
+      return { approved: false, reason: "approval_token nonce has already been used." };
+    }
+    return;
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return { approved: false, reason: `approval_token replay store is unavailable: ${message}` };
+  }
+}
+function safeEqual(left, right) {
+  const leftBuffer = Buffer.from(left);
+  const rightBuffer = Buffer.from(right);
+  return leftBuffer.length === rightBuffer.length && timingSafeEqual(leftBuffer, rightBuffer);
+}
+function normalizeScope(scope) {
+  return {
+    surface: scope.surface,
+    operation: scope.operation,
+    machineId: scope.machineId || undefined,
+    resourceId: scope.resourceId || undefined,
+    callerId: scope.callerId || undefined,
+    runId: scope.runId || undefined,
+    transport: scope.transport || undefined,
+    argsSha256: scope.argsSha256 || (scope.args === undefined ? undefined : mutationArgsSha256(scope.args))
+  };
+}
+function canonicalizeMutationArg(value, inArray = false) {
+  if (value === undefined)
+    return inArray ? null : undefined;
+  if (value === null || typeof value === "boolean" || typeof value === "string")
+    return value;
+  if (typeof value === "number")
+    return Number.isFinite(value) ? value : null;
+  if (Array.isArray(value)) {
+    return value.map((entry) => canonicalizeMutationArg(entry, true) ?? null);
+  }
+  if (value instanceof Date)
+    return value.toISOString();
+  if (typeof value === "object") {
+    const result = {};
+    for (const key of Object.keys(value).sort()) {
+      if (key === "approval_token" || key === "approvalToken")
+        continue;
+      const canonicalValue = canonicalizeMutationArg(value[key]);
+      if (canonicalValue !== undefined)
+        result[key] = canonicalValue;
+    }
+    return result;
+  }
+  return inArray ? null : undefined;
+}
+function canonicalMutationArgs(value) {
+  return JSON.stringify(canonicalizeMutationArg(value) ?? {});
+}
+function mutationArgsSha256(value) {
+  return sha256Hex(canonicalMutationArgs(value));
+}
+function stripPlanRuntimeFields(value) {
+  if (Array.isArray(value))
+    return value.map(stripPlanRuntimeFields);
+  if (value instanceof Date)
+    return value;
+  if (value && typeof value === "object") {
+    const result = {};
+    for (const [key, entry] of Object.entries(value)) {
+      if (key === "planDigest" || key === "plan_digest" || key === "mode" || key === "executed")
+        continue;
+      result[key] = stripPlanRuntimeFields(entry);
+    }
+    return result;
+  }
+  return value;
+}
+function mutationPlanDigest(plan) {
+  return mutationArgsSha256(stripPlanRuntimeFields(plan));
+}
+function attachMutationPlanDigest(plan) {
+  return {
+    ...plan,
+    planDigest: mutationPlanDigest(plan)
+  };
+}
+function assertMutationPlanDigest(plan, expectedPlanDigest) {
+  if (expectedPlanDigest && mutationPlanDigest(plan) !== expectedPlanDigest) {
+    throw new Error("Approved plan digest does not match the current execution plan.");
+  }
+}
+function createMutationApprovalToken(scope, options = {}) {
+  const env = options.env ?? process.env;
+  const secret = signingSecret(env, options.secret);
+  if (!secret)
+    throw new Error(`${MUTATION_APPROVAL_TOKEN_ENV} is required to sign mutation approval tokens.`);
+  const issuedAt = nowMs(options.now);
+  const claims = {
+    version: 1,
+    ...normalizeScope(scope),
+    callerId: scope.callerId,
+    runId: scope.runId,
+    transport: scope.transport,
+    issuedAt,
+    expiresAt: issuedAt + Math.max(1, options.ttlMs ?? DEFAULT_TOKEN_TTL_MS),
+    nonce: options.nonce ?? randomUUID()
+  };
+  claims.args_sha256 = claims.argsSha256;
+  delete claims.args;
+  delete claims.argsSha256;
+  const payload = base64Url(JSON.stringify(claims));
+  return `${TOKEN_PREFIX}.${payload}.${hmac(payload, secret)}`;
+}
+function parseToken(token) {
+  if (!token)
+    return null;
+  const parts = token.split(".");
+  if (parts.length !== 3 || parts[0] !== TOKEN_PREFIX)
+    return null;
+  try {
+    const claims = JSON.parse(Buffer.from(parts[1] ?? "", "base64url").toString("utf8"));
+    return { payload: parts[1] ?? "", signature: parts[2] ?? "", claims };
+  } catch {
+    return null;
+  }
+}
+function claimMatches(expected, actual) {
+  if (expected === undefined)
+    return actual === undefined;
+  return actual === expected;
+}
+function verifyMutationApprovalToken(options) {
+  const env = options.env ?? process.env;
+  const secret = signingSecret(env);
+  if (!secret)
+    return { approved: false, reason: `${MUTATION_APPROVAL_TOKEN_ENV} is not configured.` };
+  const parsed = parseToken(options.approvalToken);
+  if (!parsed)
+    return { approved: false, reason: "approval_token is not a scoped mutation token." };
+  if (!safeEqual(hmac(parsed.payload, secret), parsed.signature)) {
+    return { approved: false, reason: "approval_token signature is invalid." };
+  }
+  const claims = parsed.claims;
+  if (claims.version !== 1)
+    return { approved: false, reason: "approval_token version is unsupported." };
+  if (!claims.callerId || !claims.runId) {
+    return { approved: false, reason: "approval_token must include caller and run claims." };
+  }
+  if (!claims.transport) {
+    return { approved: false, reason: "approval_token must include a transport claim." };
+  }
+  if (!Number.isFinite(claims.expiresAt) || claims.expiresAt <= nowMs(options.now)) {
+    return { approved: false, reason: "approval_token is expired." };
+  }
+  const now = nowMs(options.now);
+  if (!Number.isFinite(claims.issuedAt) || claims.issuedAt > now + MAX_CLOCK_SKEW_MS) {
+    return { approved: false, reason: "approval_token issue time is invalid." };
+  }
+  if (claims.expiresAt - claims.issuedAt > MAX_TOKEN_TTL_MS) {
+    return { approved: false, reason: "approval_token TTL is too long." };
+  }
+  for (const key of ["surface", "operation", "machineId", "resourceId", "transport"]) {
+    if (!claimMatches(options[key], claims[key])) {
+      return { approved: false, reason: `approval_token ${key} claim does not match this mutation.` };
+    }
+  }
+  for (const key of ["callerId", "runId"]) {
+    if (options[key] !== undefined && options[key] !== claims[key]) {
+      return { approved: false, reason: `approval_token ${key} claim does not match this mutation.` };
+    }
+  }
+  const expectedArgsSha256 = options.argsSha256 || (options.args === undefined ? undefined : mutationArgsSha256(options.args));
+  if (expectedArgsSha256 !== undefined && claims.args_sha256 !== expectedArgsSha256) {
+    return { approved: false, reason: "approval_token args_sha256 claim does not match this mutation." };
+  }
+  const replayDecision = recordReplayNonce(env, claims, parsed.payload, now);
+  if (replayDecision)
+    return replayDecision;
+  return { approved: true, claims };
+}
+function isMutationApproved(options = {}) {
+  const env = options.env ?? process.env;
+  const surface = options.surface ?? "cli";
+  if (surface === "mcp") {
+    if (!options.operation)
+      return false;
+    return verifyMutationApprovalToken({
+      surface,
+      operation: options.operation,
+      machineId: options.machineId,
+      resourceId: options.resourceId,
+      callerId: options.callerId,
+      runId: options.runId,
+      transport: options.transport ?? "mcp",
+      args: options.args,
+      argsSha256: options.argsSha256,
+      approvalToken: options.approvalToken,
+      env,
+      now: options.now
+    }).approved;
+  }
+  if (options.approvalToken) {
+    const decision = options.operation ? verifyMutationApprovalToken({
+      surface,
+      operation: options.operation,
+      machineId: options.machineId,
+      resourceId: options.resourceId,
+      callerId: options.callerId,
+      runId: options.runId,
+      transport: options.transport ?? surface,
+      args: options.args,
+      argsSha256: options.argsSha256,
+      approvalToken: options.approvalToken,
+      env,
+      now: options.now
+    }) : { approved: false };
+    if (decision.approved)
+      return true;
+    if (env[MUTATION_APPROVAL_TOKEN_ENV]?.trim())
+      return false;
+  }
+  return isTruthy(env[MUTATION_APPROVAL_FLAG_ENV]) || isTruthy(env[LEGACY_MUTATION_APPROVAL_FLAG_ENV]);
+}
+function assertMutationApproved(options) {
+  if (isMutationApproved(options)) {
+    return;
+  }
+  const env = options.env ?? process.env;
+  const tokenConfigured = Boolean(env[MUTATION_APPROVAL_TOKEN_ENV]?.trim());
+  const approvalHint = options.surface === "mcp" ? `pass a scoped approval_token signed with ${MUTATION_APPROVAL_TOKEN_ENV}` : tokenConfigured ? `pass a scoped approval_token signed with ${MUTATION_APPROVAL_TOKEN_ENV} or set ${MUTATION_APPROVAL_FLAG_ENV}=1 for a trusted local session` : `set ${MUTATION_APPROVAL_FLAG_ENV}=1 for a trusted local session or configure ${MUTATION_APPROVAL_TOKEN_ENV}`;
+  throw new Error(`Fleet mutation blocked: ${options.surface}.${options.operation} requires operator approval; ${approvalHint}.`);
+}
+function assertSdkMutationApproved(scope, options = {}) {
+  if (isTrustedSdkMutationApproval(options.trustedLocalMutation))
+    return;
+  const decision = verifyMutationApprovalToken({
+    surface: "sdk",
+    operation: scope.operation,
+    machineId: scope.machineId,
+    resourceId: scope.resourceId,
+    callerId: options.callerId,
+    runId: options.runId,
+    transport: "sdk",
+    args: scope.args,
+    argsSha256: scope.argsSha256,
+    approvalToken: options.approvalToken,
+    env: process.env
+  });
+  if (decision.approved)
+    return;
+  throw new Error(`Fleet mutation blocked: sdk.${scope.operation} requires a scoped SDK approval token.`);
+}
+
+// src/storage.ts
+function storageArgs(options = {}) {
+  return {
+    tables: options.tables?.length ? [...options.tables] : null
+  };
+}
+function storageResourceId(operation, options = {}) {
+  return `storage:${operation}:${mutationArgsSha256(storageArgs(options))}`;
+}
+async function runStorageMigrations2(remote, options = {}) {
+  assertSdkMutationApproved({
+    operation: "machines_storage_migrate",
+    resourceId: "storage:migrations",
+    args: {}
+  }, options);
+  return runStorageMigrations(remote);
+}
+async function storagePush2(options = {}) {
+  assertSdkMutationApproved({
+    operation: "machines_storage_push",
+    resourceId: storageResourceId("push", options),
+    args: storageArgs(options)
+  }, options);
+  return storagePush({ tables: options.tables });
+}
+async function storagePull2(options = {}) {
+  assertSdkMutationApproved({
+    operation: "machines_storage_pull",
+    resourceId: storageResourceId("pull", options),
+    args: storageArgs(options)
+  }, options);
+  return storagePull({ tables: options.tables });
+}
+async function storageSync2(options = {}) {
+  assertSdkMutationApproved({
+    operation: "machines_storage_sync",
+    resourceId: storageResourceId("sync", options),
+    args: storageArgs(options)
+  }, options);
+  return storageSync({ tables: options.tables });
+}
 export {
-  storageSync,
-  storagePush,
-  storagePull,
-  runStorageMigrations,
+  storageSync2 as storageSync,
+  storagePush2 as storagePush,
+  storagePull2 as storagePull,
+  runStorageMigrations2 as runStorageMigrations,
   resolveTables,
   parseStorageTables,
   getSyncMetaAll,
   getStorageStatus,
-  getStoragePg,
   getStorageMode,
   getStorageDatabaseUrl,
   getStorageDatabaseEnvName,
@@ -683,7 +984,6 @@ export {
   STORAGE_TABLES,
   STORAGE_MODE_ENV,
   STORAGE_DATABASE_ENV,
-  PgAdapterAsync,
   PG_MIGRATIONS,
   MACHINES_STORAGE_TABLES,
   MACHINES_STORAGE_MODE_FALLBACK_ENV,

package/dist/types.d.ts

@@ -211,8 +211,15 @@ export interface SelfTestCheck {
     summary: string;
     detail: string;
 }
+export interface SelfTestCounts {
+    ok: number;
+    warn: number;
+    fail: number;
+}
 export interface SelfTestResult {
     machineId: string;
+    overall: SelfTestCheck["status"];
+    counts: SelfTestCounts;
     checks: SelfTestCheck[];
 }
 export interface ClipboardEntry {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hasna/machines",
-  "version": "0.0.48",
+  "version": "0.0.49",
   "description": "Machine fleet management CLI + MCP for developers",
   "type": "module",
   "license": "Apache-2.0",