npm - @lifeaitools/clauth - Versions diffs - 0.7.0 → 0.7.4 - Mend

@lifeaitools/clauth 0.7.0 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/cli/commands/serve.js CHANGED Viewed

@@ -166,6 +166,20 @@ function dashboardHtml(port, whitelist) {
   .btn-mcp-setup{background:#1e293b;color:#94a3b8;border:1px solid #334155;padding:6px 12px;font-size:.8rem;border-radius:6px;cursor:pointer;font-weight:500;transition:all .15s}
   .btn-mcp-setup:hover{border-color:#60a5fa;color:#60a5fa}
   .btn-mcp-setup:disabled{opacity:.4;cursor:not-allowed}
+  .btn-add{background:#1a2e1a;color:#4ade80;border:1px solid #166534;padding:7px 16px;font-size:.85rem;border-radius:7px;cursor:pointer;font-weight:500;transition:all .15s}
+  .btn-add:hover{background:#1a3d22;border-color:#4ade80}
+  .add-panel{display:none;background:#1a1f2e;border:1px solid #334155;border-radius:8px;padding:1.25rem;margin-bottom:1.5rem}
+  .add-panel h3{font-size:.9rem;font-weight:600;color:#f8fafc;margin-bottom:1rem}
+  .add-row{display:flex;gap:10px;flex-wrap:wrap;align-items:flex-end;margin-bottom:.75rem}
+  .add-field{display:flex;flex-direction:column;gap:4px}
+  .add-field label{font-size:.75rem;color:#64748b}
+  .add-input{background:#0f172a;border:1px solid #334155;border-radius:6px;color:#e2e8f0;font-family:'Courier New',monospace;font-size:.88rem;padding:7px 12px;outline:none;width:200px;transition:border-color .2s}
+  .add-input:focus{border-color:#3b82f6}
+  .add-select{background:#0f172a;border:1px solid #334155;border-radius:6px;color:#e2e8f0;font-size:.88rem;padding:7px 12px;outline:none;width:200px;transition:border-color .2s;cursor:pointer}
+  .add-select:focus{border-color:#3b82f6}
+  .add-foot{display:flex;gap:8px;align-items:center}
+  .add-msg{font-size:.82rem}
+  .add-msg.ok{color:#4ade80} .add-msg.fail{color:#f87171}
   .footer{margin-top:2rem;font-size:.75rem;color:#475569;text-align:center}
   .oauth-fields{display:flex;flex-direction:column;gap:8px;margin-bottom:8px}
   .oauth-field{display:flex;flex-direction:column;gap:3px}
@@ -204,11 +218,33 @@ function dashboardHtml(port, whitelist) {
   </div>
   <div class="toolbar">
     <button class="btn-refresh" onclick="loadServices()">↻ Refresh</button>
+    <button class="btn-add" onclick="toggleAddService()">+ Add Service</button>
     <button class="btn-check" id="check-btn" onclick="checkAll()">⬤ Check All</button>
     <button class="btn-lock" onclick="lockVault()">🔒 Lock</button>
     <button class="btn-cancel" style="margin-left:auto" onclick="toggleChangePw()">Change Password</button>
   </div>
+  <div class="add-panel" id="add-panel">
+    <h3>Add New Service</h3>
+    <div class="add-row">
+      <div class="add-field">
+        <label>Service name</label>
+        <input class="add-input" id="add-name" type="text" placeholder="e.g. coolify-admin" autocomplete="off" spellcheck="false">
+      </div>
+      <div class="add-field">
+        <label>Key type</label>
+        <select class="add-select" id="add-type">
+          <option value="">Loading…</option>
+        </select>
+      </div>
+    </div>
+    <div class="add-foot">
+      <button class="btn-chpw-save" onclick="addService()">Create Service</button>
+      <button class="btn-cancel" onclick="toggleAddService()">Cancel</button>
+      <span class="add-msg" id="add-msg"></span>
+    </div>
+  </div>
   <div class="chpw-panel" id="chpw-panel">
     <h3>Change Master Password</h3>
     <div class="chpw-row">
@@ -722,11 +758,78 @@ async function changePassword() {
   }
 }
-// Enter key on lock screen
+// ── Add Service ──────────────────────────────
+const TYPE_LABELS = {
+  token: "token (API key)",
+  secret: "secret (password, secret)",
+  keypair: "keypair (user:key pair)",
+  connstring: "connstring (connection string)",
+  oauth: "oauth (OAuth credentials)",
+};
+async function toggleAddService() {
+  const panel = document.getElementById("add-panel");
+  const open  = panel.style.display === "block";
+  panel.style.display = open ? "none" : "block";
+  if (!open) {
+    document.getElementById("add-name").value = "";
+    document.getElementById("add-msg").textContent = "";
+    // Fetch available key types from server
+    const sel = document.getElementById("add-type");
+    sel.innerHTML = '<option value="">Loading…</option>';
+    try {
+      const r = await fetch(BASE + "/meta").then(r => r.json());
+      const types = r.key_types || ["token", "secret", "keypair", "connstring", "oauth"];
+      sel.innerHTML = types.map(t =>
+        \`<option value="\${t}">\${TYPE_LABELS[t] || t}</option>\`
+      ).join("");
+    } catch {
+      sel.innerHTML = ["token","secret","keypair","connstring","oauth"].map(t =>
+        \`<option value="\${t}">\${TYPE_LABELS[t] || t}</option>\`
+      ).join("");
+    }
+    document.getElementById("add-name").focus();
+  }
+}
+async function addService() {
+  const name = document.getElementById("add-name").value.trim().toLowerCase();
+  const type = document.getElementById("add-type").value;
+  const msg  = document.getElementById("add-msg");
+  if (!name) { msg.className = "add-msg fail"; msg.textContent = "Service name is required."; return; }
+  if (!/^[a-z0-9][a-z0-9_-]*$/.test(name)) { msg.className = "add-msg fail"; msg.textContent = "Lowercase letters, numbers, hyphens, underscores only."; return; }
+  msg.className = "add-msg"; msg.textContent = "Creating…";
+  try {
+    const r = await fetch(BASE + "/add-service", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name, key_type: type, label: name })
+    }).then(r => r.json());
+    if (r.locked) { showLockScreen(); return; }
+    if (r.error) throw new Error(r.error);
+    msg.className = "add-msg ok"; msg.textContent = "✓ " + name + " created";
+    setTimeout(() => {
+      document.getElementById("add-panel").style.display = "none";
+      msg.textContent = "";
+      loadServices();
+    }, 1200);
+  } catch (e) {
+    msg.className = "add-msg fail"; msg.textContent = "✗ " + e.message;
+  }
+}
+// Enter key on lock screen and add-service panel
 document.addEventListener("DOMContentLoaded", () => {
   document.getElementById("lock-input").addEventListener("keydown", e => {
     if (e.key === "Enter") unlock();
   });
+  document.getElementById("add-name").addEventListener("keydown", e => {
+    if (e.key === "Enter") addService();
+  });
 });
 // ── Tunnel management ───────────────────────
@@ -1120,6 +1223,43 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
     res.end(JSON.stringify(data));
   }
+  // ── Build status (populated via Supabase Realtime) ─────────
+  let buildStatus = { active: false, status: "idle", apps: [], updated_at: null };
+  (async () => {
+    try {
+      const sbUrl = (api.getBaseUrl() || "").replace("/functions/v1/auth-vault", "");
+      const sbKey = api.getAnonKey();
+      if (!sbUrl || !sbKey) return;
+      const { createClient: createSB } = await import("@supabase/supabase-js");
+      const sb = createSB(sbUrl, sbKey);
+      // Initial fetch
+      const { data } = await sb.from("prt_storage").select("value").eq("key", "build_status").single();
+      if (data?.value) buildStatus = typeof data.value === "string" ? JSON.parse(data.value) : data.value;
+      // Realtime subscription
+      sb.channel("build-status")
+        .on("postgres_changes", { event: "*", schema: "public", table: "prt_storage", filter: "key=eq.build_status" },
+          (payload) => {
+            const val = payload.new?.value;
+            if (val) {
+              buildStatus = typeof val === "string" ? JSON.parse(val) : val;
+              const logMsg = `[${new Date().toISOString()}] Build status update: ${buildStatus.status} (${buildStatus.commit?.slice(0,8) || "?"})\n`;
+              try { fs.appendFileSync(LOG_FILE, logMsg); } catch {}
+            }
+          })
+        .subscribe();
+      const logMsg = `[${new Date().toISOString()}] Build status: Realtime subscription active\n`;
+      try { fs.appendFileSync(LOG_FILE, logMsg); } catch {}
+    } catch (err) {
+      const logMsg = `[${new Date().toISOString()}] Build status subscription failed: ${err.message}\n`;
+      try { fs.appendFileSync(LOG_FILE, logMsg); } catch {}
+    }
+  })();
   const server = http.createServer(async (req, res) => {
     const remote = req.socket.remoteAddress;
     const isLocal = remote === "127.0.0.1" || remote === "::1" || remote === "::ffff:127.0.0.1";
@@ -1292,7 +1432,9 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
         res.writeHead(401, { "Content-Type": "application/json", ...CORS });
         return res.end(JSON.stringify({ error: "invalid_token" }));
       }
-      // Token valid — fall through to MCP handling below
+      // Token valid — mark as remote caller (claude.ai via tunnel)
+      req._clauthRemote = true;
+      // fall through to MCP handling below
     }
     // ── MCP Streamable HTTP transport (2025-03-26 spec) ──
@@ -1333,6 +1475,7 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
       if (rpcMethod === "tools/call") {
         const { name, arguments: args } = body.params || {};
         const vault = sseVault();
+        vault.remote = !!req._clauthRemote;
         try {
           const result = await handleMcpTool(vault, name, args || {});
           password = vault.password;
@@ -1490,6 +1633,11 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
       });
     }
+    // GET /builds — CI build status (no auth required, same as /ping)
+    if (method === "GET" && reqPath === "/builds") {
+      return ok(res, buildStatus);
+    }
     // GET /mcp-setup — OAuth credentials for claude.ai MCP setup (localhost only)
     if (method === "GET" && reqPath === "/mcp-setup") {
       return ok(res, {
@@ -1535,6 +1683,31 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
       return false;
     }
+    // GET /meta — return valid key_types from DB check constraint
+    if (method === "GET" && reqPath === "/meta") {
+      if (lockedGuard(res)) return;
+      try {
+        const baseUrl = api.getBaseUrl().replace("/functions/v1/auth-vault", "");
+        const anonKey = api.getAnonKey();
+        const sql = `SELECT check_clause FROM information_schema.check_constraints WHERE constraint_name = 'clauth_services_key_type_check'`;
+        const r = await fetch(`${baseUrl}/rest/v1/rpc/`, {
+          method: "POST",
+          headers: { "Content-Type": "application/json", "Authorization": `Bearer ${anonKey}`, "apikey": anonKey }
+        }).catch(() => null);
+        // Fallback: parse from a direct SQL query via postgrest isn't possible without an RPC,
+        // so we query the status endpoint which returns services with their key_types
+        const { token, timestamp } = deriveToken(password, machineHash);
+        const statusResult = await api.status(password, machineHash, token, timestamp);
+        const existingTypes = [...new Set((statusResult.services || []).map(s => s.key_type).filter(Boolean))];
+        // Merge with known types (in case no service of that type exists yet)
+        const knownTypes = ["token", "secret", "keypair", "connstring", "oauth"];
+        const allTypes = [...new Set([...knownTypes, ...existingTypes])];
+        return ok(res, { key_types: allTypes });
+      } catch (err) {
+        return ok(res, { key_types: ["token", "secret", "keypair", "connstring", "oauth"] });
+      }
+    }
     // GET /status
     if (method === "GET" && reqPath === "/status") {
       if (lockedGuard(res)) return;
@@ -1783,6 +1956,38 @@ function createServer(initPassword, whitelist, port, tunnelHostname = null) {
       }
     }
+    // POST /add-service — register a new service in the vault
+    if (method === "POST" && reqPath === "/add-service") {
+      if (lockedGuard(res)) return;
+      let body;
+      try { body = await readBody(req); } catch {
+        res.writeHead(400, { "Content-Type": "application/json", ...CORS });
+        return res.end(JSON.stringify({ error: "Invalid JSON body" }));
+      }
+      const { name, label, key_type, description } = body;
+      if (!name || typeof name !== "string" || !name.trim()) {
+        res.writeHead(400, { "Content-Type": "application/json", ...CORS });
+        return res.end(JSON.stringify({ error: "name is required" }));
+      }
+      const validTypes = ["token", "keypair", "connstring", "oauth", "secret"];
+      const type = (key_type || "token").toLowerCase();
+      if (!validTypes.includes(type)) {
+        res.writeHead(400, { "Content-Type": "application/json", ...CORS });
+        return res.end(JSON.stringify({ error: `key_type must be one of: ${validTypes.join(", ")}` }));
+      }
+      try {
+        const { token, timestamp } = deriveToken(password, machineHash);
+        const result = await api.addService(password, machineHash, token, timestamp, name.trim().toLowerCase(), label || name.trim(), type, description || "");
+        if (result.error) return strike(res, 502, result.error);
+        return ok(res, { ok: true, service: name.trim().toLowerCase() });
+      } catch (err) {
+        return strike(res, 502, err.message);
+      }
+    }
     // Unknown route — don't count browser/MCP noise as auth failures
     // Don't count browser noise, MCP discovery probes, or OAuth probes as auth failures
     const isBenign = reqPath.startsWith("/.well-known/") || [
@@ -2286,7 +2491,14 @@ async function handleMcpTool(vault, name, args) {
           };
         }
-        // Default: file
+        // Remote caller (claude.ai via tunnel) — can't read local temp files
+        // Return value inline in MCP response (safe: stays in AI context, not a shell transcript)
+        if (vault.remote) {
+          const envVar = ENV_MAP[service] || service.toUpperCase().replace(/-/g, "_");
+          return mcpResult(`${envVar}=${value}`);
+        }
+        // Default: file (local callers)
         const envVar = ENV_MAP[service] || service.toUpperCase().replace(/-/g, "_");
         const filePath = writeTempSecret(service, value);
         return mcpResult(`${service} → ${filePath} (auto-deletes in 30s)\nEnv var: ${envVar}\nUsage: export ${envVar}=$(cat ${filePath.replace(/\\/g, "/")})`);
@@ -2322,6 +2534,14 @@ async function handleMcpTool(vault, name, args) {
       if (!lines.length) return mcpError(`No services retrieved:\n${errors.join("\n")}`);
+      // Remote caller — return env vars inline
+      if (vault.remote) {
+        let msg = lines.join("\n");
+        if (errors.length) msg += `\n\nErrors:\n${errors.join("\n")}`;
+        return mcpResult(msg);
+      }
+      // Local caller — write temp env file
       const envFilePath = path.join(os.tmpdir(), ".clauth-env");
       fs.writeFileSync(envFilePath, lines.join("\n") + "\n", { mode: 0o600 });
       setTimeout(() => { try { fs.unlinkSync(envFilePath); } catch {} }, 30_000);
@@ -2497,6 +2717,98 @@ async function actionMcp(opts) {
   createMcpServer(password, whitelist);
 }
+// ── DPAPI auto-start install / uninstall (Windows only) ──────
+const AUTOSTART_DIR  = path.join(os.homedir(), "AppData", "Roaming", "clauth");
+const BOOT_KEY_PATH  = path.join(AUTOSTART_DIR, "boot.key");
+const PS_SCRIPT_PATH = path.join(AUTOSTART_DIR, "autostart.ps1");
+const TASK_NAME      = "ClauthAutostart";
+async function actionInstall(opts) {
+  if (os.platform() !== "win32") {
+    console.log(chalk.red("\n  serve install is only supported on Windows\n"));
+    process.exit(1);
+  }
+  const { default: inquirer } = await import("inquirer");
+  const { pw } = await inquirer.prompt([{
+    type: "password", name: "pw",
+    message: "Enter clauth password to store for auto-start:", mask: "*"
+  }]);
+  fs.mkdirSync(AUTOSTART_DIR, { recursive: true });
+  // Encrypt password with Windows DPAPI (CurrentUser scope — machine+user bound)
+  const spinner = ora("Encrypting password with Windows DPAPI...").start();
+  let encrypted;
+  try {
+    const { execSync } = await import("child_process");
+    const pwEscaped = pw.replace(/'/g, "''");
+    const psExpr = `[Convert]::ToBase64String([Security.Cryptography.ProtectedData]::Protect([Text.Encoding]::UTF8.GetBytes('${pwEscaped}'),$null,'CurrentUser'))`;
+    encrypted = execSync(`powershell -NoProfile -Command "${psExpr}"`, { encoding: "utf8" }).trim();
+    fs.writeFileSync(BOOT_KEY_PATH, encrypted, "utf8");
+    spinner.succeed(chalk.green("Password encrypted → boot.key"));
+  } catch (err) {
+    spinner.fail(chalk.red(`DPAPI encryption failed: ${err.message}`));
+    process.exit(1);
+  }
+  // Write PowerShell autostart script — decrypts boot.key and pipes to clauth serve start
+  const cliEntry = path.resolve(__dirname, "../index.js").replace(/\\/g, "\\\\");
+  const nodeExe  = process.execPath.replace(/\\/g, "\\\\");
+  const bootKey  = BOOT_KEY_PATH.replace(/\\/g, "\\\\");
+  const psScript = [
+    "# clauth autostart — generated by clauth serve install",
+    `$enc = (Get-Content '${bootKey}' -Raw).Trim()`,
+    `$pw = [Text.Encoding]::UTF8.GetString([Security.Cryptography.ProtectedData]::Unprotect([Convert]::FromBase64String($enc),$null,'CurrentUser'))`,
+    `Start-Process '${nodeExe}' -ArgumentList "'${cliEntry}' serve start -p $pw" -WindowStyle Hidden`,
+  ].join("\n");
+  fs.writeFileSync(PS_SCRIPT_PATH, psScript, "utf8");
+  // Register Windows Scheduled Task — triggers on user logon
+  const spinner2 = ora("Registering Windows Scheduled Task...").start();
+  try {
+    const { execSync } = await import("child_process");
+    const psScriptEsc = PS_SCRIPT_PATH.replace(/\\/g, "\\\\");
+    const args = `-NonInteractive -WindowStyle Hidden -ExecutionPolicy Bypass -File "${psScriptEsc}"`;
+    execSync(
+      `schtasks /create /f /tn "${TASK_NAME}" /sc onlogon /tr "powershell.exe ${args}"`,
+      { encoding: "utf8", stdio: "pipe" }
+    );
+    spinner2.succeed(chalk.green(`Scheduled Task "${TASK_NAME}" registered`));
+  } catch (err) {
+    spinner2.fail(chalk.yellow(`Scheduled task failed (non-fatal): ${err.message}`));
+    console.log(chalk.gray("  You can still start manually: clauth serve start"));
+  }
+  console.log(chalk.cyan("\n  Auto-start installed:\n"));
+  console.log(chalk.gray(`  boot.key:  ${BOOT_KEY_PATH}`));
+  console.log(chalk.gray(`  script:    ${PS_SCRIPT_PATH}`));
+  console.log(chalk.gray(`  task:      ${TASK_NAME}\n`));
+  console.log(chalk.green("  Daemon will auto-start on next Windows login.\n"));
+}
+async function actionUninstall() {
+  if (os.platform() !== "win32") {
+    console.log(chalk.red("\n  serve uninstall is only supported on Windows\n"));
+    process.exit(1);
+  }
+  const { execSync } = await import("child_process");
+  // Remove scheduled task
+  try {
+    execSync(`schtasks /delete /f /tn "${TASK_NAME}"`, { encoding: "utf8", stdio: "pipe" });
+    console.log(chalk.green(`  Removed Scheduled Task: ${TASK_NAME}`));
+  } catch { console.log(chalk.gray(`  Task not found (already removed): ${TASK_NAME}`)); }
+  // Remove boot.key and autostart script
+  for (const f of [BOOT_KEY_PATH, PS_SCRIPT_PATH]) {
+    try { fs.unlinkSync(f); console.log(chalk.green(`  Deleted: ${f}`)); }
+    catch { console.log(chalk.gray(`  Not found (skipped): ${f}`)); }
+  }
+  console.log(chalk.cyan("\n  Auto-start uninstalled.\n"));
+}
 // ── Export ────────────────────────────────────────────────────
 export async function runServe(opts) {
   const action = opts.action || "foreground";
@@ -2508,9 +2820,11 @@ export async function runServe(opts) {
     case "ping":       return actionPing();
     case "foreground": return actionForeground(opts);
     case "mcp":        return actionMcp(opts);
+    case "install":    return actionInstall(opts);
+    case "uninstall":  return actionUninstall();
     default:
       console.log(chalk.red(`\n  Unknown serve action: ${action}`));
-      console.log(chalk.gray("  Actions: start | stop | restart | ping | foreground | mcp\n"));
+      console.log(chalk.gray("  Actions: start | stop | restart | ping | foreground | mcp | install | uninstall\n"));
       process.exit(1);
   }
 }

package/cli/fingerprint.js CHANGED Viewed

@@ -15,16 +15,18 @@ function getMachineId() {
   try {
     if (platform === "win32") {
-      // Primary: BIOS UUID via WMIC
-      const uuid = execSync("wmic csproduct get uuid /format:value", {
-        encoding: "utf8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"]
-      }).match(/UUID=([A-F0-9-]+)/i)?.[1]?.trim();
+      // Primary: BIOS UUID via PowerShell (wmic removed in Win11 26xxx+)
+      const psPath = "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe";
+      const uuid = execSync(
+        `${psPath} -NoProfile -Command "(Get-CimInstance Win32_ComputerSystemProduct).UUID"`,
+        { encoding: "utf8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"] }
+      ).trim();
-      // Secondary: Windows MachineGuid from registry
+      // Secondary: Windows MachineGuid from registry (via PowerShell for Win11 compat)
       const machineGuid = execSync(
-        "reg query HKLM\\SOFTWARE\\Microsoft\\Cryptography /v MachineGuid",
+        `${psPath} -NoProfile -Command "(Get-ItemProperty 'HKLM:\\SOFTWARE\\Microsoft\\Cryptography').MachineGuid"`,
         { encoding: "utf8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"] }
-      ).match(/MachineGuid\s+REG_SZ\s+([a-f0-9-]+)/i)?.[1]?.trim();
+      ).trim();
       if (!uuid || !machineGuid) throw new Error("Could not read Windows machine IDs");
       return { primary: uuid, secondary: machineGuid, platform: "win32" };

package/cli/index.js CHANGED Viewed

@@ -464,7 +464,7 @@ program.addHelpText("beforeAll", chalk.cyan(`
 // ──────────────────────────────────────────────
 program
   .command("serve [action]")
-  .description("Manage localhost HTTP vault daemon (start|stop|restart|ping)")
+  .description("Manage localhost HTTP vault daemon (start|stop|restart|ping|install|uninstall)")
   .option("--port <n>", "Port (default: 52437)")
   .option("-p, --pw <password>", "clauth password (optional — omit to start locked, unlock in browser)")
   .option("--services <list>", "Comma-separated service whitelist (default: all)")
@@ -478,6 +478,8 @@ Actions:
   ping        Check if the daemon is running
   foreground  Run in foreground (Ctrl+C to stop) — default if no action given
   mcp         Run as MCP stdio server for Claude Code (JSON-RPC over stdin/stdout)
+  install     (Windows) Encrypt password with DPAPI + create Scheduled Task for auto-start on login
+  uninstall   (Windows) Remove Scheduled Task + delete boot.key
 MCP SSE (built into start/foreground):
   The HTTP daemon also serves MCP SSE transport at GET /sse + POST /message.
@@ -492,6 +494,8 @@ Examples:
   clauth serve start --services github,vercel
   clauth serve mcp                       Start MCP server for Claude Code
   clauth serve mcp -p mypass             Start MCP server pre-unlocked
+  clauth serve install                   (Windows) Set up auto-start on login via DPAPI
+  clauth serve uninstall                 (Windows) Remove auto-start
 `)
   .action(async (action, opts) => {
     const resolvedAction = opts.action || action || "foreground";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lifeaitools/clauth",
-  "version": "0.7.0",
+  "version": "0.7.4",
   "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
   "type": "module",
   "bin": {