npm - @i4ctime/q-ring - Versions diffs - 0.2.8 → 0.3.0 - Mend

@i4ctime/q-ring 0.2.8 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/chunk-HOMNGA55.js +651 -0
package/dist/chunk-HOMNGA55.js.map +1 -0
package/dist/chunk-WQPJ2FTM.js +673 -0
package/dist/chunk-WQPJ2FTM.js.map +1 -0
package/dist/dashboard-7GII7BS2.js +482 -0
package/dist/dashboard-7GII7BS2.js.map +1 -0
package/dist/dashboard-JTALLJM6.js +482 -0
package/dist/dashboard-JTALLJM6.js.map +1 -0
package/dist/index.js +48 -648
package/dist/index.js.map +1 -1
package/dist/mcp.js +35 -626
package/dist/mcp.js.map +1 -1
package/package.json +2 -2

package/dist/chunk-WQPJ2FTM.js ADDED Viewed

@@ -0,0 +1,673 @@
+#!/usr/bin/env node
+// src/core/envelope.ts
+function createEnvelope(value, opts) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  let expiresAt = opts?.expiresAt;
+  if (!expiresAt && opts?.ttlSeconds) {
+    expiresAt = new Date(Date.now() + opts.ttlSeconds * 1e3).toISOString();
+  }
+  return {
+    v: 1,
+    value: opts?.states ? void 0 : value,
+    states: opts?.states,
+    defaultEnv: opts?.defaultEnv,
+    meta: {
+      createdAt: now,
+      updatedAt: now,
+      expiresAt,
+      ttlSeconds: opts?.ttlSeconds,
+      description: opts?.description,
+      tags: opts?.tags,
+      entangled: opts?.entangled,
+      accessCount: 0
+    }
+  };
+}
+function parseEnvelope(raw) {
+  try {
+    const parsed = JSON.parse(raw);
+    if (parsed && typeof parsed === "object" && parsed.v === 1) {
+      return parsed;
+    }
+  } catch {
+  }
+  return null;
+}
+function wrapLegacy(rawValue) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  return {
+    v: 1,
+    value: rawValue,
+    meta: {
+      createdAt: now,
+      updatedAt: now,
+      accessCount: 0
+    }
+  };
+}
+function serializeEnvelope(envelope) {
+  return JSON.stringify(envelope);
+}
+function collapseValue(envelope, env) {
+  if (envelope.states) {
+    const targetEnv = env ?? envelope.defaultEnv;
+    if (targetEnv && envelope.states[targetEnv]) {
+      return envelope.states[targetEnv];
+    }
+    if (envelope.defaultEnv && envelope.states[envelope.defaultEnv]) {
+      return envelope.states[envelope.defaultEnv];
+    }
+    const keys = Object.keys(envelope.states);
+    if (keys.length > 0) {
+      return envelope.states[keys[0]];
+    }
+    return null;
+  }
+  return envelope.value ?? null;
+}
+function checkDecay(envelope) {
+  if (!envelope.meta.expiresAt) {
+    return {
+      isExpired: false,
+      isStale: false,
+      lifetimePercent: 0,
+      secondsRemaining: null,
+      timeRemaining: null
+    };
+  }
+  const now = Date.now();
+  const expires = new Date(envelope.meta.expiresAt).getTime();
+  const created = new Date(envelope.meta.createdAt).getTime();
+  const totalLifetime = expires - created;
+  const elapsed = now - created;
+  const remaining = expires - now;
+  const lifetimePercent = totalLifetime > 0 ? Math.round(elapsed / totalLifetime * 100) : 100;
+  const secondsRemaining = Math.floor(remaining / 1e3);
+  let timeRemaining = null;
+  if (remaining > 0) {
+    const days = Math.floor(remaining / 864e5);
+    const hours = Math.floor(remaining % 864e5 / 36e5);
+    const minutes = Math.floor(remaining % 36e5 / 6e4);
+    if (days > 0) timeRemaining = `${days}d ${hours}h`;
+    else if (hours > 0) timeRemaining = `${hours}h ${minutes}m`;
+    else timeRemaining = `${minutes}m`;
+  } else {
+    timeRemaining = "expired";
+  }
+  return {
+    isExpired: remaining <= 0,
+    isStale: lifetimePercent >= 75,
+    lifetimePercent,
+    secondsRemaining,
+    timeRemaining
+  };
+}
+function recordAccess(envelope) {
+  return {
+    ...envelope,
+    meta: {
+      ...envelope.meta,
+      accessCount: envelope.meta.accessCount + 1,
+      lastAccessedAt: (/* @__PURE__ */ new Date()).toISOString()
+    }
+  };
+}
+// src/core/collapse.ts
+import { execSync } from "child_process";
+import { existsSync, readFileSync } from "fs";
+import { join } from "path";
+var BRANCH_ENV_MAP = {
+  main: "prod",
+  master: "prod",
+  production: "prod",
+  develop: "dev",
+  development: "dev",
+  dev: "dev",
+  staging: "staging",
+  stage: "staging",
+  test: "test",
+  testing: "test"
+};
+function detectGitBranch(cwd) {
+  try {
+    const branch = execSync("git rev-parse --abbrev-ref HEAD", {
+      cwd: cwd ?? process.cwd(),
+      stdio: ["pipe", "pipe", "pipe"],
+      encoding: "utf8",
+      timeout: 3e3
+    }).trim();
+    return branch || null;
+  } catch {
+    return null;
+  }
+}
+function readProjectConfig(projectPath) {
+  const configPath = join(projectPath ?? process.cwd(), ".q-ring.json");
+  try {
+    if (existsSync(configPath)) {
+      return JSON.parse(readFileSync(configPath, "utf8"));
+    }
+  } catch {
+  }
+  return null;
+}
+function collapseEnvironment(ctx = {}) {
+  if (ctx.explicit) {
+    return { env: ctx.explicit, source: "explicit" };
+  }
+  const qringEnv = process.env.QRING_ENV;
+  if (qringEnv) {
+    return { env: qringEnv, source: "QRING_ENV" };
+  }
+  const nodeEnv = process.env.NODE_ENV;
+  if (nodeEnv) {
+    const mapped = mapEnvName(nodeEnv);
+    return { env: mapped, source: "NODE_ENV" };
+  }
+  const config = readProjectConfig(ctx.projectPath);
+  if (config?.env) {
+    return { env: config.env, source: "project-config" };
+  }
+  const branch = detectGitBranch(ctx.projectPath);
+  if (branch) {
+    const branchMap = { ...BRANCH_ENV_MAP, ...config?.branchMap };
+    const mapped = branchMap[branch];
+    if (mapped) {
+      return { env: mapped, source: "git-branch" };
+    }
+  }
+  if (config?.defaultEnv) {
+    return { env: config.defaultEnv, source: "project-config" };
+  }
+  return null;
+}
+function mapEnvName(raw) {
+  const lower = raw.toLowerCase();
+  if (lower === "production") return "prod";
+  if (lower === "development") return "dev";
+  return lower;
+}
+// src/core/observer.ts
+import { existsSync as existsSync2, mkdirSync, appendFileSync, readFileSync as readFileSync2 } from "fs";
+import { join as join2 } from "path";
+import { homedir } from "os";
+function getAuditDir() {
+  const dir = join2(homedir(), ".config", "q-ring");
+  if (!existsSync2(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  return dir;
+}
+function getAuditPath() {
+  return join2(getAuditDir(), "audit.jsonl");
+}
+function logAudit(event) {
+  const full = {
+    ...event,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    pid: process.pid
+  };
+  try {
+    appendFileSync(getAuditPath(), JSON.stringify(full) + "\n");
+  } catch {
+  }
+}
+function queryAudit(query = {}) {
+  const path = getAuditPath();
+  if (!existsSync2(path)) return [];
+  try {
+    const lines = readFileSync2(path, "utf8").split("\n").filter((l) => l.trim());
+    let events = lines.map((line) => {
+      try {
+        return JSON.parse(line);
+      } catch {
+        return null;
+      }
+    }).filter((e) => e !== null);
+    if (query.key) {
+      events = events.filter((e) => e.key === query.key);
+    }
+    if (query.action) {
+      events = events.filter((e) => e.action === query.action);
+    }
+    if (query.since) {
+      const since = new Date(query.since).getTime();
+      events = events.filter(
+        (e) => new Date(e.timestamp).getTime() >= since
+      );
+    }
+    events.sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+    if (query.limit) {
+      events = events.slice(0, query.limit);
+    }
+    return events;
+  } catch {
+    return [];
+  }
+}
+function detectAnomalies(key) {
+  const recent = queryAudit({
+    key,
+    action: "read",
+    since: new Date(Date.now() - 36e5).toISOString()
+    // last hour
+  });
+  const anomalies = [];
+  if (key && recent.length > 50) {
+    anomalies.push({
+      type: "burst",
+      description: `${recent.length} reads of "${key}" in the last hour`,
+      events: recent.slice(0, 10)
+    });
+  }
+  const nightAccess = recent.filter((e) => {
+    const hour = new Date(e.timestamp).getHours();
+    return hour >= 1 && hour < 5;
+  });
+  if (nightAccess.length > 0) {
+    anomalies.push({
+      type: "unusual-hour",
+      description: `${nightAccess.length} access(es) during unusual hours (1am-5am)`,
+      events: nightAccess
+    });
+  }
+  return anomalies;
+}
+// src/core/entanglement.ts
+import { existsSync as existsSync3, readFileSync as readFileSync3, writeFileSync, mkdirSync as mkdirSync2 } from "fs";
+import { join as join3 } from "path";
+import { homedir as homedir2 } from "os";
+function getRegistryPath() {
+  const dir = join3(homedir2(), ".config", "q-ring");
+  if (!existsSync3(dir)) {
+    mkdirSync2(dir, { recursive: true });
+  }
+  return join3(dir, "entanglement.json");
+}
+function loadRegistry() {
+  const path = getRegistryPath();
+  if (!existsSync3(path)) {
+    return { pairs: [] };
+  }
+  try {
+    return JSON.parse(readFileSync3(path, "utf8"));
+  } catch {
+    return { pairs: [] };
+  }
+}
+function saveRegistry(registry) {
+  writeFileSync(getRegistryPath(), JSON.stringify(registry, null, 2));
+}
+function entangle(source, target) {
+  const registry = loadRegistry();
+  const exists = registry.pairs.some(
+    (p) => p.source.service === source.service && p.source.key === source.key && p.target.service === target.service && p.target.key === target.key
+  );
+  if (!exists) {
+    registry.pairs.push({
+      source,
+      target,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    registry.pairs.push({
+      source: target,
+      target: source,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    saveRegistry(registry);
+  }
+}
+function findEntangled(source) {
+  const registry = loadRegistry();
+  return registry.pairs.filter(
+    (p) => p.source.service === source.service && p.source.key === source.key
+  ).map((p) => p.target);
+}
+function listEntanglements() {
+  return loadRegistry().pairs;
+}
+// src/core/keyring.ts
+import { Entry, findCredentials } from "@napi-rs/keyring";
+// src/utils/hash.ts
+import { createHash } from "crypto";
+function hashProjectPath(projectPath) {
+  return createHash("sha256").update(projectPath).digest("hex").slice(0, 12);
+}
+// src/core/scope.ts
+var SERVICE_PREFIX = "q-ring";
+function globalService() {
+  return `${SERVICE_PREFIX}:global`;
+}
+function projectService(projectPath) {
+  const hash = hashProjectPath(projectPath);
+  return `${SERVICE_PREFIX}:project:${hash}`;
+}
+function resolveScope(opts) {
+  const { scope, projectPath } = opts;
+  if (scope === "global") {
+    return [{ scope: "global", service: globalService() }];
+  }
+  if (scope === "project") {
+    if (!projectPath) {
+      throw new Error("Project path is required for project scope");
+    }
+    return [
+      { scope: "project", service: projectService(projectPath), projectPath }
+    ];
+  }
+  if (projectPath) {
+    return [
+      { scope: "project", service: projectService(projectPath), projectPath },
+      { scope: "global", service: globalService() }
+    ];
+  }
+  return [{ scope: "global", service: globalService() }];
+}
+// src/core/keyring.ts
+function readEnvelope(service, key) {
+  const entry = new Entry(service, key);
+  const raw = entry.getPassword();
+  if (raw === null) return null;
+  const envelope = parseEnvelope(raw);
+  return envelope ?? wrapLegacy(raw);
+}
+function writeEnvelope(service, key, envelope) {
+  const entry = new Entry(service, key);
+  entry.setPassword(serializeEnvelope(envelope));
+}
+function resolveEnv(opts) {
+  if (opts.env) return opts.env;
+  const result = collapseEnvironment({ projectPath: opts.projectPath });
+  return result?.env;
+}
+function getSecret(key, opts = {}) {
+  const scopes = resolveScope(opts);
+  const env = resolveEnv(opts);
+  const source = opts.source ?? "cli";
+  for (const { service, scope } of scopes) {
+    const envelope = readEnvelope(service, key);
+    if (!envelope) continue;
+    const decay = checkDecay(envelope);
+    if (decay.isExpired) {
+      logAudit({
+        action: "read",
+        key,
+        scope,
+        source,
+        detail: "blocked: secret expired (quantum decay)"
+      });
+      continue;
+    }
+    const value = collapseValue(envelope, env);
+    if (value === null) continue;
+    const updated = recordAccess(envelope);
+    writeEnvelope(service, key, updated);
+    logAudit({ action: "read", key, scope, env, source });
+    return value;
+  }
+  return null;
+}
+function getEnvelope(key, opts = {}) {
+  const scopes = resolveScope(opts);
+  for (const { service, scope } of scopes) {
+    const envelope = readEnvelope(service, key);
+    if (envelope) return { envelope, scope };
+  }
+  return null;
+}
+function setSecret(key, value, opts = {}) {
+  const scope = opts.scope ?? "global";
+  const scopes = resolveScope({ ...opts, scope });
+  const { service } = scopes[0];
+  const source = opts.source ?? "cli";
+  const existing = readEnvelope(service, key);
+  let envelope;
+  if (opts.states) {
+    envelope = createEnvelope("", {
+      states: opts.states,
+      defaultEnv: opts.defaultEnv,
+      description: opts.description,
+      tags: opts.tags,
+      ttlSeconds: opts.ttlSeconds,
+      expiresAt: opts.expiresAt,
+      entangled: existing?.meta.entangled
+    });
+  } else {
+    envelope = createEnvelope(value, {
+      description: opts.description,
+      tags: opts.tags,
+      ttlSeconds: opts.ttlSeconds,
+      expiresAt: opts.expiresAt,
+      entangled: existing?.meta.entangled
+    });
+  }
+  if (existing) {
+    envelope.meta.createdAt = existing.meta.createdAt;
+    envelope.meta.accessCount = existing.meta.accessCount;
+  }
+  writeEnvelope(service, key, envelope);
+  logAudit({ action: "write", key, scope, source });
+  const entangled = findEntangled({ service, key });
+  for (const target of entangled) {
+    try {
+      const targetEnvelope = readEnvelope(target.service, target.key);
+      if (targetEnvelope) {
+        if (opts.states) {
+          targetEnvelope.states = opts.states;
+        } else {
+          targetEnvelope.value = value;
+        }
+        targetEnvelope.meta.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+        writeEnvelope(target.service, target.key, targetEnvelope);
+        logAudit({
+          action: "entangle",
+          key: target.key,
+          scope: "global",
+          source,
+          detail: `propagated from ${key}`
+        });
+      }
+    } catch {
+    }
+  }
+}
+function deleteSecret(key, opts = {}) {
+  const scopes = resolveScope(opts);
+  const source = opts.source ?? "cli";
+  let deleted = false;
+  for (const { service, scope } of scopes) {
+    const entry = new Entry(service, key);
+    try {
+      if (entry.deleteCredential()) {
+        deleted = true;
+        logAudit({ action: "delete", key, scope, source });
+      }
+    } catch {
+    }
+  }
+  return deleted;
+}
+function listSecrets(opts = {}) {
+  const source = opts.source ?? "cli";
+  const services = [];
+  if (!opts.scope || opts.scope === "global") {
+    services.push({ service: globalService(), scope: "global" });
+  }
+  if ((!opts.scope || opts.scope === "project") && opts.projectPath) {
+    services.push({
+      service: projectService(opts.projectPath),
+      scope: "project"
+    });
+  }
+  const results = [];
+  const seen = /* @__PURE__ */ new Set();
+  for (const { service, scope } of services) {
+    try {
+      const credentials = findCredentials(service);
+      for (const cred of credentials) {
+        const id = `${scope}:${cred.account}`;
+        if (seen.has(id)) continue;
+        seen.add(id);
+        const envelope = parseEnvelope(cred.password) ?? wrapLegacy(cred.password);
+        const decay = checkDecay(envelope);
+        results.push({
+          key: cred.account,
+          scope,
+          envelope,
+          decay
+        });
+      }
+    } catch {
+    }
+  }
+  logAudit({ action: "list", source });
+  return results.sort((a, b) => a.key.localeCompare(b.key));
+}
+function exportSecrets(opts = {}) {
+  const format = opts.format ?? "env";
+  const env = resolveEnv(opts);
+  const entries = listSecrets(opts);
+  const source = opts.source ?? "cli";
+  const merged = /* @__PURE__ */ new Map();
+  const globalEntries = entries.filter((e) => e.scope === "global");
+  const projectEntries = entries.filter((e) => e.scope === "project");
+  for (const entry of [...globalEntries, ...projectEntries]) {
+    if (entry.envelope) {
+      const decay = checkDecay(entry.envelope);
+      if (decay.isExpired) continue;
+      const value = collapseValue(entry.envelope, env);
+      if (value !== null) {
+        merged.set(entry.key, value);
+      }
+    }
+  }
+  logAudit({ action: "export", source, detail: `format=${format}` });
+  if (format === "json") {
+    const obj = {};
+    for (const [key, value] of merged) {
+      obj[key] = value;
+    }
+    return JSON.stringify(obj, null, 2);
+  }
+  const lines = [];
+  for (const [key, value] of merged) {
+    const escaped = value.replace(/\\/g, "\\\\").replace(/"/g, '\\"').replace(/\n/g, "\\n");
+    lines.push(`${key}="${escaped}"`);
+  }
+  return lines.join("\n");
+}
+function entangleSecrets(sourceKey, sourceOpts, targetKey, targetOpts) {
+  const sourceScopes = resolveScope({ ...sourceOpts, scope: sourceOpts.scope ?? "global" });
+  const targetScopes = resolveScope({ ...targetOpts, scope: targetOpts.scope ?? "global" });
+  const source = { service: sourceScopes[0].service, key: sourceKey };
+  const target = { service: targetScopes[0].service, key: targetKey };
+  entangle(source, target);
+  logAudit({
+    action: "entangle",
+    key: sourceKey,
+    source: sourceOpts.source ?? "cli",
+    detail: `entangled with ${targetKey}`
+  });
+}
+// src/core/tunnel.ts
+var tunnelStore = /* @__PURE__ */ new Map();
+var cleanupInterval = null;
+function ensureCleanup() {
+  if (cleanupInterval) return;
+  cleanupInterval = setInterval(() => {
+    const now = Date.now();
+    for (const [id, entry] of tunnelStore) {
+      if (entry.expiresAt && now >= entry.expiresAt) {
+        tunnelStore.delete(id);
+      }
+    }
+    if (tunnelStore.size === 0 && cleanupInterval) {
+      clearInterval(cleanupInterval);
+      cleanupInterval = null;
+    }
+  }, 5e3);
+  if (cleanupInterval && typeof cleanupInterval === "object" && "unref" in cleanupInterval) {
+    cleanupInterval.unref();
+  }
+}
+function tunnelCreate(value, opts = {}) {
+  const id = `tun_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 8)}`;
+  const now = Date.now();
+  tunnelStore.set(id, {
+    value,
+    createdAt: now,
+    expiresAt: opts.ttlSeconds ? now + opts.ttlSeconds * 1e3 : void 0,
+    accessCount: 0,
+    maxReads: opts.maxReads
+  });
+  ensureCleanup();
+  return id;
+}
+function tunnelRead(id) {
+  const entry = tunnelStore.get(id);
+  if (!entry) return null;
+  if (entry.expiresAt && Date.now() >= entry.expiresAt) {
+    tunnelStore.delete(id);
+    return null;
+  }
+  entry.accessCount++;
+  if (entry.maxReads && entry.accessCount >= entry.maxReads) {
+    const value = entry.value;
+    tunnelStore.delete(id);
+    return value;
+  }
+  return entry.value;
+}
+function tunnelDestroy(id) {
+  return tunnelStore.delete(id);
+}
+function tunnelList() {
+  const now = Date.now();
+  const result = [];
+  for (const [id, entry] of tunnelStore) {
+    if (entry.expiresAt && now >= entry.expiresAt) {
+      tunnelStore.delete(id);
+      continue;
+    }
+    result.push({
+      id,
+      createdAt: entry.createdAt,
+      expiresAt: entry.expiresAt,
+      accessCount: entry.accessCount,
+      maxReads: entry.maxReads
+    });
+  }
+  return result;
+}
+export {
+  checkDecay,
+  collapseEnvironment,
+  logAudit,
+  queryAudit,
+  detectAnomalies,
+  listEntanglements,
+  getSecret,
+  getEnvelope,
+  setSecret,
+  deleteSecret,
+  listSecrets,
+  exportSecrets,
+  entangleSecrets,
+  tunnelCreate,
+  tunnelRead,
+  tunnelDestroy,
+  tunnelList
+};
+//# sourceMappingURL=chunk-WQPJ2FTM.js.map