npm - @hienlh/ppm - Versions diffs - 0.7.29 → 0.7.30 - Mend

@hienlh/ppm 0.7.29 → 0.7.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md +5 -0
package/package.json +1 -1
package/src/cli/commands/restart.ts +14 -5
package/test-claude-oauth-v2.mjs +0 -165
package/test-claude-oauth.mjs +0 -175
package/test-verify-oat.mjs +0 -106

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,10 @@
 # Changelog
+## [0.7.30] - 2026-03-23
+### Fixed
+- **Restart from PPM terminal**: worker and restart command now ignore SIGHUP — killing the old server destroys the terminal PTY which sends SIGHUP to the process group, previously killing the worker before it could spawn the new server
 ## [0.7.29] - 2026-03-22
 ### Added

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hienlh/ppm",
-  "version": "0.7.29",
+  "version": "0.7.30",
   "description": "Personal Project Manager — mobile-first web IDE with AI assistance",
   "author": "hienlh",
   "license": "MIT",

package/src/cli/commands/restart.ts CHANGED Viewed

@@ -10,6 +10,9 @@ const RESTART_RESULT = resolve(PPM_DIR, ".restart-result");
 /** Restart only the server process, keeping the tunnel alive */
 export async function restartServer(options: { config?: string }) {
+  // Ignore SIGHUP so this process survives when PPM terminal dies
+  process.on("SIGHUP", () => {});
   if (!existsSync(STATUS_FILE)) {
     console.log("No PPM daemon running. Use 'ppm start' instead.");
     process.exit(1);
@@ -51,7 +54,8 @@ export async function restartServer(options: { config?: string }) {
   console.log("  If you're using PPM terminal, wait a few seconds then reload the page.\n");
   // Generate a self-contained restart worker script.
-  // Runs as a detached process so it survives when the PPM server (and its terminals) die.
+  // Worker ignores SIGHUP so it survives when killing the server causes the
+  // terminal (and its process group) to receive SIGHUP.
   const params = JSON.stringify({
     serverPid, port, host, serverScript,
     config: options.config ?? "",
@@ -67,6 +71,11 @@ export async function restartServer(options: { config?: string }) {
 import { readFileSync, writeFileSync, openSync, unlinkSync, appendFileSync } from "node:fs";
 import { createServer } from "node:net";
+// Ignore SIGHUP — when we kill the old server, the terminal PTY dies and
+// SIGHUP is sent to the entire process group. Without this, the worker
+// would be killed before it can spawn the new server.
+process.on("SIGHUP", () => {});
 const P = ${params};
 async function main() {
@@ -163,7 +172,8 @@ main();
 `);
   // Spawn worker as a fully detached process
-  const logFd = openSync(resolve(PPM_DIR, "ppm.log"), "a");
+  const logFile = resolve(PPM_DIR, "ppm.log");
+  const logFd = openSync(logFile, "a");
   const worker = Bun.spawn({
     cmd: [process.execPath, "run", workerPath],
     stdio: ["ignore", logFd, logFd],
@@ -171,9 +181,8 @@ main();
   });
   worker.unref();
-  // Poll for result — if running from external terminal, we'll see the result.
-  // If running from PPM terminal, this process dies when server is killed — that's fine,
-  // the user already saw the pre-restart message above.
+  // Poll for result — works from both PPM terminal (SIGHUP-immune) and external terminal.
+  // Output may not be visible if PPM terminal PTY is dead, but process stays alive.
   const pollStart = Date.now();
   while (Date.now() - pollStart < 20000) {
     await Bun.sleep(500);

package/test-claude-oauth-v2.mjs DELETED Viewed

@@ -1,165 +0,0 @@
-#!/usr/bin/env bun
-/**
- * Claude OAuth PKCE test — fixed version
- *
- * Fixes vs v1:
- *   1. Token endpoint: console.anthropic.com (not api.anthropic.com)
- *   2. Content-Type: application/x-www-form-urlencoded (not JSON)
- *   3. Removed `state` from token exchange body (client-side CSRF only)
- *   4. Only platform.claude.com redirect (confirmed to work with this client_id)
- *
- * Usage: bun test-claude-oauth-v2.mjs
- */
-import crypto from 'crypto'
-import readline from 'readline'
-import { execSync } from 'child_process'
-const CLIENT_ID   = '9d1c250a-e61b-44d9-88ed-5944d1962f5e'
-const REDIRECT    = 'https://platform.claude.com/oauth/code/callback'
-const SCOPE       = 'org:create_api_key user:profile user:inference user:sessions:claude_code user:mcp_servers user:file_upload'
-const TOKEN_URL   = 'https://console.anthropic.com/v1/oauth/token'
-// ── PKCE ────────────────────────────────────────────────────────────────────
-function generatePKCE() {
-  // 32 random bytes → 43 base64url chars (RFC 7636 minimum entropy)
-  const verifier  = crypto.randomBytes(32).toString('base64url')
-  const challenge = crypto.createHash('sha256').update(verifier).digest('base64url')
-  const state     = crypto.randomBytes(16).toString('base64url')
-  return { verifier, challenge, state }
-}
-// ── Helpers ──────────────────────────────────────────────────────────────────
-function copyToClipboard(text) {
-  try { execSync(`echo ${JSON.stringify(text)} | pbcopy`); return true }
-  catch { return false }
-}
-function ask(rl, question) {
-  return new Promise(resolve => rl.question(question, resolve))
-}
-function parseCode(input) {
-  input = input.trim()
-  // Full URL
-  try {
-    const url  = new URL(input)
-    const code = url.searchParams.get('code')
-    if (code) return code.split('#')[0]
-  } catch {}
-  // platform.claude.com format: CODE#STATE
-  if (input.includes('#')) return input.split('#')[0]
-  // raw code
-  return input.split('?')[0].split('&')[0]
-}
-// ── Token exchange ───────────────────────────────────────────────────────────
-async function exchangeCode({ code, verifier }) {
-  console.log(`\nPOST ${TOKEN_URL}`)
-  const body = new URLSearchParams({
-    grant_type:    'authorization_code',
-    client_id:     CLIENT_ID,
-    code,
-    redirect_uri:  REDIRECT,
-    code_verifier: verifier,
-  })
-  const res  = await fetch(TOKEN_URL, {
-    method:  'POST',
-    headers: {
-      'Content-Type': 'application/x-www-form-urlencoded',
-      'Accept':        'application/json',
-    },
-    body,
-  })
-  const data = await res.json()
-  return { ok: res.ok, status: res.status, data }
-}
-// ── Main ─────────────────────────────────────────────────────────────────────
-const rl = readline.createInterface({ input: process.stdin, output: process.stdout })
-console.log('\n╔══════════════════════════════════════════╗')
-console.log('║   Claude OAuth PKCE Test — v2 (fixed)   ║')
-console.log('╚══════════════════════════════════════════╝\n')
-const { verifier, challenge, state } = generatePKCE()
-console.log(`verifier  (${verifier.length} chars): ${verifier.slice(0, 20)}...`)
-console.log(`challenge (${challenge.length} chars): ${challenge}`)
-console.log(`state     (${state.length}  chars): ${state}\n`)
-// Build auth URL — code=true tells claude.ai to show a code page instead of redirecting
-const params = new URLSearchParams({
-  code:                  'true',
-  client_id:             CLIENT_ID,
-  response_type:         'code',
-  redirect_uri:          REDIRECT,
-  scope:                 SCOPE,
-  code_challenge:        challenge,
-  code_challenge_method: 'S256',
-  state,
-})
-const authUrl = `https://claude.ai/oauth/authorize?${params}`
-console.log('┌─ Authorization URL ──────────────────────────────────────────────')
-console.log(`│ ${authUrl}`)
-console.log('└─────────────────────────────────────────────────────────────────\n')
-const copied = copyToClipboard(authUrl)
-if (copied) console.log('✓ Copied to clipboard\n')
-console.log('1. Mở URL trong browser')
-console.log('2. Login / approve')
-console.log('3. platform.claude.com sẽ hiển thị code dạng: XXXX#STATE\n')
-const input = await ask(rl, 'Paste code/URL: ')
-const code  = parseCode(input)
-if (!code) {
-  console.error('❌ Không parse được code')
-  rl.close()
-  process.exit(1)
-}
-console.log(`\n✓ code = ${code.slice(0, 30)}...`)
-// Validate state (CSRF check — client-side only, not sent to server)
-const returnedState = input.includes('#') ? input.split('#')[1]?.split('&')[0] : null
-if (returnedState && returnedState !== state) {
-  console.warn(`⚠️  State mismatch! Expected: ${state}, Got: ${returnedState}`)
-} else if (returnedState) {
-  console.log(`✓ state OK`)
-}
-console.log('\nExchanging code for token...')
-const { ok, status, data } = await exchangeCode({ code, verifier })
-console.log(`\nHTTP ${status}`)
-if (ok) {
-  console.log('\n✅ SUCCESS!')
-  console.log('─'.repeat(50))
-  console.log(`access_token:  ${(data.access_token ?? data.accessToken)?.slice(0, 35)}...`)
-  console.log(`refresh_token: ${(data.refresh_token ?? data.refreshToken)?.slice(0, 35)}...`)
-  console.log(`token_type:    ${data.token_type}`)
-  console.log(`expires_in:    ${data.expires_in}s`)
-  if (data.account) {
-    console.log(`email:         ${data.account.email_address}`)
-    console.log(`account_uuid:  ${data.account.uuid}`)
-  }
-  console.log('─'.repeat(50))
-  console.log('\nFull response:')
-  console.log(JSON.stringify(data, null, 2))
-} else {
-  console.log('\n❌ FAILED')
-  console.log(JSON.stringify(data, null, 2))
-}
-rl.close()

package/test-claude-oauth.mjs DELETED Viewed

@@ -1,175 +0,0 @@
-#!/usr/bin/env bun
-/**
- * Test Claude OAuth flow — manual copy/paste approach
- * Usage: bun test-claude-oauth.mjs
- */
-import crypto from 'crypto'
-import readline from 'readline'
-import { execSync } from 'child_process'
-const CLIENT_ID = '9d1c250a-e61b-44d9-88ed-5944d1962f5e'
-const SCOPE = 'org:create_api_key user:profile user:inference user:sessions:claude_code user:mcp_servers user:file_upload'
-// Redirect URIs to test (in order)
-const REDIRECT_URI_OPTIONS = [
-  { label: 'platform.claude.com (manual code page)', uri: 'https://platform.claude.com/oauth/code/callback' },
-  { label: 'localhost:54545 (CLIProxyAPI style)',     uri: 'http://localhost:54545/callback' },
-  { label: 'localhost (no port)',                     uri: 'http://localhost/callback' },
-]
-// Token endpoints to try
-const TOKEN_ENDPOINTS = [
-  'https://api.anthropic.com/v1/oauth/token',
-  'https://claude.ai/api/oauth/token',
-]
-// ── PKCE ────────────────────────────────────────────────────────────────────
-function generatePKCE() {
-  // 96 bytes → 128 base64url chars (matches CLIProxyAPI exactly)
-  const verifierBytes = crypto.randomBytes(96)
-  const verifier = verifierBytes.toString('base64url')
-  const challenge = crypto.createHash('sha256').update(verifier).digest('base64url')
-  const state = crypto.randomBytes(16).toString('base64url')
-  return { verifier, challenge, state }
-}
-// ── CLI helpers ──────────────────────────────────────────────────────────────
-function copyToClipboard(text) {
-  try {
-    execSync(`echo ${JSON.stringify(text)} | pbcopy`)
-    return true
-  } catch { return false }
-}
-function ask(rl, question) {
-  return new Promise(resolve => rl.question(question, resolve))
-}
-function parseCode(input) {
-  input = input.trim()
-  // Full URL: http://localhost/callback?code=XXX&state=YYY
-  try {
-    const url = new URL(input)
-    const code = url.searchParams.get('code')
-    if (code) return code.split('#')[0]
-  } catch {}
-  // code#state format (platform.claude.com)
-  if (input.includes('#')) return input.split('#')[0]
-  // Raw code
-  return input.split('?')[0].split('&')[0]
-}
-// ── Token exchange ───────────────────────────────────────────────────────────
-async function exchangeCode({ code, verifier, state, redirectUri }) {
-  const body = {
-    grant_type:    'authorization_code',
-    client_id:     CLIENT_ID,
-    code,
-    redirect_uri:  redirectUri,
-    code_verifier: verifier,
-    state,
-  }
-  for (const endpoint of TOKEN_ENDPOINTS) {
-    process.stdout.write(`  → POST ${endpoint} ... `)
-    const res = await fetch(endpoint, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json', 'Accept': 'application/json' },
-      body: JSON.stringify(body),
-    })
-    const data = await res.json()
-    console.log(`HTTP ${res.status}`)
-    if (res.ok) return { endpoint, data }
-    console.log(`     error: ${JSON.stringify(data?.error || data)}`)
-  }
-  return null
-}
-// ── Main ─────────────────────────────────────────────────────────────────────
-const rl = readline.createInterface({ input: process.stdin, output: process.stdout })
-console.log('\n╔══════════════════════════════════════════╗')
-console.log('║     Claude OAuth Test — PPM              ║')
-console.log('╚══════════════════════════════════════════╝\n')
-// Pick redirect URI
-console.log('Redirect URI options:')
-REDIRECT_URI_OPTIONS.forEach((o, i) => console.log(`  ${i + 1}. ${o.label}`))
-const choice = parseInt(await ask(rl, '\nChọn (1-3) [default: 1]: ') || '1') - 1
-const { uri: redirectUri, label } = REDIRECT_URI_OPTIONS[choice] || REDIRECT_URI_OPTIONS[0]
-console.log(`✓ Using: ${redirectUri}\n`)
-// Generate PKCE + URL
-const { verifier, challenge, state } = generatePKCE()
-console.log(`code_verifier length: ${verifier.length} chars`)
-const params = new URLSearchParams({
-  client_id:             CLIENT_ID,
-  response_type:         'code',
-  redirect_uri:          redirectUri,
-  scope:                 SCOPE,
-  code_challenge:        challenge,
-  code_challenge_method: 'S256',
-  state,
-  prompt:                'login',
-})
-// platform.claude.com redirect uses special `code=true` trigger
-if (redirectUri.includes('platform.claude.com')) {
-  params.set('code', 'true')
-}
-const authUrl = `https://claude.ai/oauth/authorize?${params}`
-console.log('\n┌─ Authorization URL ──────────────────────────────────────────────')
-console.log(`│ ${authUrl}`)
-console.log('└─────────────────────────────────────────────────────────────────\n')
-const copied = copyToClipboard(authUrl)
-if (copied) console.log('✓ Copied to clipboard (pbcopy)\n')
-console.log('Mở URL trong browser → authorize → copy code/URL trả về\n')
-if (label.includes('platform')) {
-  console.log('  platform.claude.com sẽ hiện code dạng: XXXX#STATE')
-} else {
-  console.log('  Browser sẽ redirect về localhost (lỗi kết nối là bình thường)')
-  console.log('  Copy toàn bộ URL từ address bar: http://localhost.../callback?code=XXX')
-}
-const input = await ask(rl, '\nPaste code/URL: ')
-const code = parseCode(input)
-if (!code) { console.error('❌ Không parse được code'); process.exit(1) }
-console.log(`✓ code = ${code.slice(0, 20)}...\n`)
-// Exchange
-console.log('Thử exchange token:')
-const result = await exchangeCode({ code, verifier, state, redirectUri })
-if (result) {
-  const { endpoint, data } = result
-  console.log(`\n✅ Success! Endpoint: ${endpoint}`)
-  console.log('\n── Token info ──────────────────────────────────────')
-  console.log(`  access_token:  ${data.access_token?.slice(0, 30)}...`)
-  console.log(`  refresh_token: ${data.refresh_token?.slice(0, 30)}...`)
-  console.log(`  token_type:    ${data.token_type}`)
-  console.log(`  expires_in:    ${data.expires_in}s`)
-  if (data.account) {
-    console.log(`  email:         ${data.account.email_address}`)
-    console.log(`  account_uuid:  ${data.account.uuid}`)
-  }
-  if (data.organization) {
-    console.log(`  org_name:      ${data.organization.name}`)
-    console.log(`  org_uuid:      ${data.organization.uuid}`)
-  }
-  console.log('────────────────────────────────────────────────────')
-  console.log('\nFull response:')
-  console.log(JSON.stringify(data, null, 2))
-} else {
-  console.log('\n❌ Tất cả endpoints đều fail')
-}
-rl.close()

package/test-verify-oat.mjs DELETED Viewed

@@ -1,106 +0,0 @@
-#!/usr/bin/env bun
-/**
- * Test verify sk-ant-oat token — see what APIs return
- * Usage: bun test-verify-oat.mjs [TOKEN]
- * If no TOKEN arg, reads TEST_OAUTH_TOKEN_1 from .env.test
- */
-import { readFileSync } from "node:fs";
-import { resolve, dirname } from "node:path";
-import { fileURLToPath } from "node:url";
-const __dir = dirname(fileURLToPath(import.meta.url));
-// Token from CLI arg or .env.test
-let token = process.argv[2];
-if (!token) {
-  const envPath = resolve(__dir, ".env.test");
-  const env = Object.fromEntries(
-    readFileSync(envPath, "utf-8")
-      .split("\n")
-      .filter((l) => l && !l.startsWith("#"))
-      .map((l) => l.split("=").map((s) => s.trim()))
-      .filter(([k, v]) => k && v),
-  );
-  token = env.TEST_OAUTH_TOKEN_1;
-}
-if (!token || token.startsWith("REPLACE")) {
-  console.error("Usage: bun test-verify-oat.mjs [TOKEN]");
-  process.exit(1);
-}
-console.log(`Token: ${token.slice(0, 30)}...`);
-// ── Helper ──────────────────────────────────────────────
-async function tryEndpoint({ label, url, method = "GET", headers = {}, body }) {
-  console.log(`\n── ${label} ──`);
-  try {
-    const opts = {
-      method,
-      headers: {
-        Accept: "application/json",
-        Authorization: `Bearer ${token}`,
-        ...headers,
-      },
-      signal: AbortSignal.timeout(10_000),
-    };
-    if (body) opts.body = typeof body === "string" ? body : JSON.stringify(body);
-    const res = await fetch(url, opts);
-    const text = await res.text();
-    console.log(`HTTP ${res.status}`);
-    try {
-      console.log(JSON.stringify(JSON.parse(text), null, 2));
-    } catch {
-      console.log(text.slice(0, 500));
-    }
-  } catch (e) {
-    console.log(`ERROR: ${e.message}`);
-  }
-}
-// ── 1. claude auth status (CLI) ─────────────────────────
-console.log("\n── claude auth status (CLI) ──");
-try {
-  const proc = Bun.spawn(["claude", "auth", "status"], {
-    env: { ...process.env, CLAUDE_CODE_OAUTH_TOKEN: token, ANTHROPIC_API_KEY: "" },
-    stdout: "pipe",
-    stderr: "pipe",
-  });
-  const stdout = await new Response(proc.stdout).text();
-  const stderr = await new Response(proc.stderr).text();
-  await proc.exited;
-  console.log("stdout:", stdout);
-  if (stderr) console.log("stderr:", stderr);
-} catch (e) {
-  console.log(`ERROR: ${e.message}`);
-}
-// ── 2. /api/oauth/usage ─────────────────────────────────
-await tryEndpoint({
-  label: "GET /api/oauth/usage",
-  url: "https://api.anthropic.com/api/oauth/usage",
-  headers: { "anthropic-beta": "oauth-2025-04-20", "User-Agent": "ppm/1.0" },
-});
-// ── 3. /v1/organizations (org info) ─────────────────────
-await tryEndpoint({
-  label: "GET /v1/organizations",
-  url: "https://api.anthropic.com/v1/organizations",
-  headers: { "anthropic-version": "2023-06-01" },
-});
-// ── 4. /api/auth/session (claude.ai session) ────────────
-await tryEndpoint({
-  label: "GET /api/auth/session (claude.ai)",
-  url: "https://claude.ai/api/auth/session",
-});
-// ── 5. /v1/messages (minimal — test if token works) ─────
-await tryEndpoint({
-  label: "POST /v1/messages (1 token test)",
-  url: "https://api.anthropic.com/v1/messages",
-  method: "POST",
-  headers: { "Content-Type": "application/json", "anthropic-version": "2023-06-01" },
-  body: { model: "claude-sonnet-4-20250514", max_tokens: 1, messages: [{ role: "user", content: "hi" }] },
-});