@joshski/dust 0.1.85 → 0.1.87

package/dist/proxy/claude-api-proxy.d.ts

@@ -0,0 +1,59 @@
+/**
+ * Claude API Proxy Server
+ *
+ * An HTTP server that proxies Claude API requests from Docker containers.
+ * The container sends plain HTTP requests to this proxy, and the proxy
+ * forwards them to the Anthropic API with the OAuth token injected.
+ *
+ * This allows removing:
+ * - CLAUDE_CODE_OAUTH_TOKEN environment variable from containers
+ * - ~/.claude mount (currently read-write for OAuth token refresh)
+ * - ~/.claude.json mount
+ *
+ * The proxy handles token management (including refresh) on the host side.
+ *
+ * Flow:
+ * ```
+ * Container: HTTP request to proxy:3002/v1/messages
+ *     → Proxy receives plain HTTP request
+ *     → Proxy reads OAuth token from ~/.claude/.credentials.json
+ *     → Proxy forwards to https://api.anthropic.com/v1/messages with Authorization header
+ *     → Returns response to container
+ * ```
+ */
+export interface ClaudeApiProxyDependencies {
+    homedir: () => string;
+    readFileSync: (path: string, encoding: 'utf-8') => string;
+    fetch: typeof fetch;
+}
+export declare const defaultDependencies: ClaudeApiProxyDependencies;
+/**
+ * Credentials stored in ~/.claude/.credentials.json by Claude Code
+ */
+export interface ClaudeCredentials {
+    claudeAiOauth?: {
+        accessToken?: string;
+        refreshToken?: string;
+        expiresAt?: string;
+    };
+}
+/**
+ * Read OAuth token from Claude Code's credentials file.
+ * Returns null if the file doesn't exist or doesn't contain a valid token.
+ */
+export declare function readOAuthToken(dependencies?: ClaudeApiProxyDependencies): string | null;
+/**
+ * Check if the OAuth token is expired or about to expire.
+ * Returns true if the token expires within the next 5 minutes.
+ */
+export declare function isTokenExpired(dependencies?: ClaudeApiProxyDependencies): boolean;
+export interface ClaudeApiProxyServer {
+    port: number;
+    stop: () => void;
+}
+/**
+ * Creates a Claude API proxy server.
+ * The server accepts HTTP requests and forwards them to the Anthropic API
+ * with the OAuth token injected.
+ */
+export declare function createClaudeApiProxyServer(dependencies?: ClaudeApiProxyDependencies): Promise<ClaudeApiProxyServer>;

package/dist/proxy/git-credential-proxy.d.ts

@@ -0,0 +1,68 @@
+/**
+ * Git Credential Proxy Server
+ *
+ * An HTTP server that proxies git requests from Docker containers.
+ * The container talks plain HTTP to this proxy, and the proxy forwards
+ * requests to the upstream HTTPS URL with credentials injected.
+ *
+ * The proxy uses the host's existing git credential system (`git credential fill`)
+ * so no new auth setup is required from the user.
+ *
+ * Flow:
+ * ```
+ * Container: git clone http://host.docker.internal:<port>/org/repo.git
+ *     → Proxy receives plain HTTP git smart protocol request
+ *     → Proxy runs `git credential fill` on host to get credentials
+ *     → Proxy forwards as https://github.com/org/repo.git with Authorization header
+ *     → Returns response to container
+ * ```
+ */
+import type { spawn as nodeSpawn } from 'node:child_process';
+export interface GitCredentialProxyDependencies {
+    spawn: typeof nodeSpawn;
+}
+export interface GitCredentials {
+    username: string;
+    password: string;
+}
+/**
+ * Parse a git URL path to extract the host, owner, and repo.
+ * Expected format: /<host>/<owner>/<repo>.git or /<owner>/<repo>.git (defaults to github.com)
+ */
+export declare function parseGitPath(urlPath: string): {
+    host: string;
+    owner: string;
+    repo: string;
+} | null;
+/**
+ * Runs `git credential fill` to obtain credentials for a given URL.
+ * Returns the username and password from the git credential helper.
+ */
+export declare function getGitCredentials(host: string, dependencies: GitCredentialProxyDependencies): Promise<GitCredentials | null>;
+/**
+ * Creates the Authorization header value for git HTTP authentication.
+ * Uses Basic authentication with base64-encoded credentials.
+ */
+export declare function createAuthHeader(credentials: GitCredentials): string;
+/**
+ * Extracts the git smart protocol endpoint from a URL path.
+ * Git smart protocol uses these endpoints:
+ * - /info/refs?service=git-upload-pack (fetch/clone discovery)
+ * - /info/refs?service=git-receive-pack (push discovery)
+ * - /git-upload-pack (fetch/clone data)
+ * - /git-receive-pack (push data)
+ */
+export declare function extractGitEndpoint(urlPath: string): {
+    basePath: string;
+    endpoint: string;
+} | null;
+export interface GitCredentialProxyServer {
+    port: number;
+    stop: () => void;
+}
+/**
+ * Creates a git credential proxy server.
+ * The server accepts git smart HTTP protocol requests and forwards them
+ * to the upstream HTTPS URL with credentials injected.
+ */
+export declare function createGitCredentialProxyServer(dependencies: GitCredentialProxyDependencies): Promise<GitCredentialProxyServer>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@joshski/dust",
-  "version": "0.1.85",
+  "version": "0.1.87",
   "description": "Flow state for AI coding agents",
   "type": "module",
   "bin": {