@lifeaitools/clauth 1.5.80 → 1.5.82

package/README.md

@@ -123,7 +123,7 @@ Full daemon operations reference: see `regen-root/.claude/rules/clauth.md`.
 
 ---
 
-## MCP Server — 3 Namespaces, 27 Tools
+## MCP Server — 3 Namespaces, 32 Tools
 
 clauth is the single MCP interface for all local tools. One process, namespaced paths:
 
@@ -131,16 +131,18 @@ clauth is the single MCP interface for all local tools. One process, namespaced
 |------|-----------|-------|-------------|
 | `/clauth` | `clauth_*` | 13 | Credential vault operations |
 | `/gws` | `gws_*` | 6 | Google Workspace (Gmail, Calendar, Drive) |
-| `/fs` | `fs_*` | 8 | Filesystem (read, write, grep, glob, delete, mkdir, mounts) |
-| `/mcp` | all | 27 | All namespaces combined (Claude Code) |
-
-### FS Tools (v1.5.38)
-
-8 filesystem tools with path-jail security:
-- `fs_read`, `fs_write`, `fs_list`, `fs_grep`, `fs_glob`, `fs_delete`, `fs_mkdir`, `fs_mounts`
-- Uses `node:fs/promises` (async), `@vscode/ripgrep` (shipped binary), `fast-glob`
-- Permission flags per mount: `r` (read), `w` (write), `d` (delete)
-- Mount config stored as "fileserver" service type in vault — only configurable through web UI
+| `/fs` | `fs_*` | 13 | Filesystem (read, write, append, chunked write, URL ingest, Git import, stat, grep, glob, delete, mkdir, mounts) |
+| `/mcp` | all | 32 | All namespaces combined (Claude Code) |
+
+### FS Tools
+
+13 filesystem tools with path-jail security:
+- `fs_read`, `fs_write`, `fs_stat`, `fs_append`, `fs_write_chunk`, `fs_ingest_url`, `fs_import_git_files`, `fs_list`, `fs_grep`, `fs_glob`, `fs_delete`, `fs_mkdir`, `fs_mounts`
+- Uses `node:fs/promises` (async), `@vscode/ripgrep` (shipped binary), `fast-glob`
+- Permission flags per mount: `r` (read), `w` (write), `d` (delete)
+- Mount config stored as "fileserver" service type in vault — only configurable through web UI
+- Large writes should use `fs_write_chunk`; cloud-to-local transfer should use `fs_ingest_url`; guarded appends should pass `expected_sha256` from `fs_stat`
+- Durable new files authored by Claude.ai in GitHub should use `fs_import_git_files` so the local dirty monorepo fetches and restores only named paths without `git pull`
 
 ### GWS Tools
 

package/cli/commands/serve.js

@@ -17,7 +17,7 @@ import ora from "ora";
 import { execSync as execSyncTop } from "child_process";
 import Conf from "conf";
 import { getConfOptions } from "../conf-path.js";
-import { readdir, readFile, writeFile, rm, mkdir, stat, rename } from "node:fs/promises";
+import { appendFile, readdir, readFile, writeFile, rm, mkdir, stat, rename } from "node:fs/promises";
 import fg from "fast-glob";
 import { rgPath } from "@vscode/ripgrep";
 import { createStudioDebugRuntime } from "../studio-debug.js";
@@ -3687,37 +3687,43 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
       return ok(res, { status: tunnelStatus });
     }
 
-    // POST /launch-ccandme — spawn CCandMe (WezTerm 4-pane: Claude + Codex + Me)
+    // POST /launch-ccandme — open a new CCandMe WezTerm window without killing existing sessions
     if (method === "POST" && reqPath === "/launch-ccandme") {
       if (lockedGuard(res)) return;
       try {
         const { spawn } = await import("child_process");
-        const ccandmeBin = path.resolve(process.env.APPDATA || "", "../Local/node_modules/.bin/ccandme.cmd");
-        const fallbacks = [
-          ccandmeBin,
-          "C:/Dev/CCandMe/bin/ccandme.mjs",
-        ];
-        // Find the first ccandme binary that exists
-        const { existsSync } = await import("fs");
-        let cmd = null;
-        let args = [];
-        for (const f of fallbacks) {
-          if (existsSync(f)) {
-            if (f.endsWith(".mjs")) { cmd = process.execPath; args = [f, "start"]; }
-            else { cmd = f; args = ["start"]; }
-            break;
-          }
-        }
-        // Last resort: try the global npm bin
-        if (!cmd) {
-          cmd = process.platform === "win32" ? "cmd.exe" : "ccandme";
-          args = process.platform === "win32" ? ["/c", "ccandme", "start"] : ["start"];
+        const { existsSync, readFileSync, writeFileSync } = await import("fs");
+
+        // Locate WezTerm
+        const wezCandidates = [
+          "C:/Program Files/WezTerm/wezterm.exe",
+          "C:/Program Files (x86)/WezTerm/wezterm.exe",
+          process.env.WEZTERM_EXE,
+        ].filter(Boolean);
+        const wezExe = wezCandidates.find(existsSync) || "wezterm";
+
+        // Render the lua config from the CCandMe template (skip the kill-existing step)
+        const CCANDME_DIR = "C:/Dev/CCandMe";
+        const WORK_DIR = "C:/Dev/regen-root";
+        const templatePath = path.join(CCANDME_DIR, "templates", "wezterm.lua");
+        const luaOutPath  = path.join(CCANDME_DIR, ".ccandme-wezterm.lua");
+
+        if (existsSync(templatePath)) {
+          const lua = readFileSync(templatePath, "utf8")
+            .replaceAll("__SUPERVISOR_DIR__", CCANDME_DIR.replace(/\//g, "\\\\"))
+            .replaceAll("__WORK_DIR__",       WORK_DIR.replace(/\//g, "\\\\"))
+            .replaceAll("__WORKSPACE__",      "ccandme")
+            .replaceAll("__CLAUDE_CMD__",     "claude")
+            .replaceAll("__CODEX_CMD__",      "codex")
+            .replaceAll("__PACKAGE_ROOT__",   CCANDME_DIR.replace(/\//g, "\\\\"));
+          writeFileSync(luaOutPath, lua, "utf8");
         }
-        const child = spawn(cmd, args, {
+
+        // Launch WezTerm with the CCandMe config — no kill of existing sessions
+        const luaArg = existsSync(luaOutPath) ? luaOutPath : path.join(CCANDME_DIR, ".ccandme-wezterm.lua");
+        const child = spawn(wezExe, ["--config-file", luaArg, "start"], {
           detached: true,
           stdio: "ignore",
-          windowsHide: false,
-          shell: process.platform === "win32" && cmd === "cmd.exe" ? false : true,
         });
         child.unref();
         return ok(res, { ok: true, message: "CCandMe launched" });
@@ -5476,8 +5482,8 @@ async function actionForeground(opts) {
 // Reuses the same auth model as the HTTP daemon.
 // Secrets are delivered via temp files — never in the MCP response.
 
-import { createInterface } from "readline";
-import { execSync, spawn as spawnProc } from "child_process";
+import { createInterface } from "readline";
+import { execSync, spawn as spawnProc, spawnSync } from "child_process";
 
 // ── Monkey dispatch — headless Claude CLI worker ─────────────────
 function findClaudeBinary() {
@@ -6132,24 +6138,115 @@ async function getFileserverMounts(vault) {
   }
 }
 
-async function resolveInMount(requestedPath, mountName, vault) {
+async function resolveInMount(requestedPath, mountName, vault) {
   const { mounts, error } = await getFileserverMounts(vault);
   if (error) return { error };
   if (!mounts || mounts.length === 0) return { error: "No fileserver services configured. Add one with key_type='fileserver' and value: {\"path\": \"C:/Dev/regen-root\", \"access\": \"rwd\"}" };
   const mount = mountName ? mounts.find(m => m.name === mountName) : mounts[0];
   if (!mount) return { error: `Mount '${mountName}' not found. Available: ${mounts.map(m => m.name).join(", ")}` };
   if (!mount.path) return { error: `Fileserver '${mount.name}' has no path configured` };
-  const resolved = path.resolve(mount.path, requestedPath);
-  const normalized = path.normalize(resolved);
-  if (!normalized.startsWith(path.normalize(mount.path))) {
-    return { error: `Path escapes mount: ${requestedPath}` };
-  }
-  return { resolved: normalized, mount };
-}
-
-function checkAccess(mount, flag) {
-  return mount.access.includes(flag);
-}
+  const resolved = path.resolve(mount.path, requestedPath);
+  const normalized = path.normalize(resolved);
+  const relative = path.relative(path.normalize(mount.path), normalized);
+  if (relative.startsWith("..") || path.isAbsolute(relative)) {
+    return { error: `Path escapes mount: ${requestedPath}` };
+  }
+  return { resolved: normalized, mount };
+}
+
+function checkAccess(mount, flag) {
+  return mount.access.includes(flag);
+}
+
+function sha256Hex(value) {
+  return crypto.createHash("sha256").update(value).digest("hex");
+}
+
+async function atomicWriteText(filePath, content) {
+  await mkdir(path.dirname(filePath), { recursive: true });
+  const tempPath = path.join(
+    path.dirname(filePath),
+    `.${path.basename(filePath)}.tmp-${process.pid}-${Date.now()}-${crypto.randomBytes(4).toString("hex")}`
+  );
+  await writeFile(tempPath, content, "utf8");
+  await rename(tempPath, filePath);
+}
+
+async function fileInfo(filePath, requestedPath) {
+  const s = await stat(filePath);
+  const info = {
+    path: requestedPath,
+    type: s.isDirectory() ? "dir" : "file",
+    size: s.size,
+    modified: s.mtime.toISOString(),
+  };
+  if (s.isFile()) {
+    const content = await readFile(filePath);
+    info.sha256 = sha256Hex(content);
+  }
+  return info;
+}
+
+const FS_UPLOAD_SESSIONS = new Map();
+const FS_UPLOAD_TTL_MS = 30 * 60 * 1000;
+const FS_MAX_CHUNKS = 500;
+const FS_MAX_CHUNK_BYTES = 128 * 1024;
+const FS_MAX_INGEST_BYTES = 25 * 1024 * 1024;
+const FS_GIT_IMPORT_ALLOWED_PREFIXES = [
+  "docs/",
+  ".rdc/plans/",
+  ".rdc/guides/",
+  ".claude/context/",
+  ".claude/rules/",
+  ".rdc/relay/from-claude-ai/",
+];
+
+function cleanupFsUploadSessions() {
+  const cutoff = Date.now() - FS_UPLOAD_TTL_MS;
+  for (const [id, session] of FS_UPLOAD_SESSIONS) {
+    if (session.updatedAt < cutoff) FS_UPLOAD_SESSIONS.delete(id);
+  }
+}
+
+function runGit(cwd, args, opts = {}) {
+  const res = spawnSync("git", args, {
+    cwd,
+    encoding: "utf8",
+    windowsHide: true,
+    maxBuffer: opts.maxBuffer || 10 * 1024 * 1024,
+  });
+  if (res.status !== 0) {
+    const detail = (res.stderr || res.stdout || "").trim();
+    throw new Error(`git ${args.join(" ")} failed${detail ? `: ${detail}` : ""}`);
+  }
+  return (res.stdout || "").trim();
+}
+
+function runGitRaw(cwd, args, opts = {}) {
+  const res = spawnSync("git", args, {
+    cwd,
+    encoding: "buffer",
+    windowsHide: true,
+    maxBuffer: opts.maxBuffer || 10 * 1024 * 1024,
+  });
+  if (res.status !== 0) {
+    const detail = Buffer.concat([res.stderr || Buffer.alloc(0), res.stdout || Buffer.alloc(0)]).toString("utf8").trim();
+    throw new Error(`git ${args.join(" ")} failed${detail ? `: ${detail}` : ""}`);
+  }
+  return res.stdout || Buffer.alloc(0);
+}
+
+function normalizeRepoPath(p) {
+  if (!p || typeof p !== "string") return null;
+  const normalized = p.replace(/\\/g, "/").replace(/^\/+/, "");
+  const parts = normalized.split("/").filter(Boolean);
+  if (parts.length === 0 || parts.includes("..") || path.isAbsolute(p)) return null;
+  return parts.join("/");
+}
+
+function isAllowedGitImportPath(p, allowedPrefixes = FS_GIT_IMPORT_ALLOWED_PREFIXES) {
+  return allowedPrefixes.some((prefix) => p === prefix.replace(/\/$/, "") || p.startsWith(prefix));
+}
 
 const MCP_TOOLS = [
   {
@@ -6642,9 +6739,9 @@ const MCP_TOOLS = [
       additionalProperties: false,
     },
   },
-  {
-    name: "fs_write",
-    description: "Write content to a file. Creates parent directories if needed. Overwrites existing file.",
+  {
+    name: "fs_write",
+    description: "Write content to a file. Creates parent directories if needed. Overwrites existing file.",
     inputSchema: {
       type: "object",
       properties: {
@@ -6653,12 +6750,93 @@ const MCP_TOOLS = [
         mount: { type: "string", description: "Mount name (default: first mount)" },
       },
       required: ["path", "content"],
-      additionalProperties: false,
-    },
-  },
-  {
-    name: "fs_list",
-    description: "List directory contents with file type, size, and modification time.",
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_stat",
+    description: "Get file or directory metadata. Files include a SHA-256 hash for guarded edits.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        path: { type: "string", description: "Relative path within mount" },
+        mount: { type: "string", description: "Mount name (default: first mount)" },
+      },
+      required: ["path"],
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_append",
+    description: "Append text to a file, optionally guarded by the current file SHA-256 hash.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        path: { type: "string", description: "Relative path within mount" },
+        content: { type: "string", description: "Text to append" },
+        mount: { type: "string", description: "Mount name (default: first mount)" },
+        expected_sha256: { type: "string", description: "Optional current file SHA-256. If provided and the file exists, append only when it matches." },
+      },
+      required: ["path", "content"],
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_write_chunk",
+    description: "Stage chunked text writes and atomically publish when all chunks arrive. Use when single write arguments are too large.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        upload_id: { type: "string", description: "Caller-chosen idempotency key for this file upload" },
+        path: { type: "string", description: "Relative path within mount" },
+        chunk_index: { type: "number", description: "Zero-based chunk index" },
+        total_chunks: { type: "number", description: "Total chunks expected" },
+        content: { type: "string", description: "Chunk text content" },
+        mount: { type: "string", description: "Mount name (default: first mount)" },
+        expected_sha256: { type: "string", description: "Optional SHA-256 of the final assembled file content" },
+      },
+      required: ["upload_id", "path", "chunk_index", "total_chunks", "content"],
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_ingest_url",
+    description: "Download text from an http(s) URL and atomically write it inside the mount. Useful for moving cloud files into the local filesystem.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        url: { type: "string", description: "HTTPS or HTTP URL to fetch" },
+        path: { type: "string", description: "Relative output path within mount" },
+        mount: { type: "string", description: "Mount name (default: first mount)" },
+        max_bytes: { type: "number", description: "Maximum download size in bytes (default 5MB, hard max 25MB)" },
+        expected_sha256: { type: "string", description: "Optional SHA-256 of fetched content before writing" },
+      },
+      required: ["url", "path"],
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_import_git_files",
+    description: "Fetch a Git ref and restore only named files into the mounted repo, optionally committing just those files. Designed for Claude.ai GitHub uploads into dirty local monorepos.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        remote: { type: "string", description: "Git remote name (default: origin)" },
+        ref: { type: "string", description: "Branch, tag, or commit to fetch/restore from" },
+        paths: { type: "array", items: { type: "string" }, description: "Repo-relative file paths to import" },
+        mode: { type: "string", enum: ["new_only", "overwrite"], description: "new_only refuses existing local paths. overwrite restores named paths only." },
+        commit: { type: "boolean", description: "When true, stage only imported paths and create a local commit. Never pushes." },
+        message: { type: "string", description: "Commit subject when commit=true" },
+        mount: { type: "string", description: "Mount name (default: first mount)" },
+        allowed_prefixes: { type: "array", items: { type: "string" }, description: "Optional path allowlist prefixes. Defaults to docs and agent corpus paths." },
+      },
+      required: ["ref", "paths"],
+      additionalProperties: false,
+    },
+  },
+  {
+    name: "fs_list",
+    description: "List directory contents with file type, size, and modification time.",
     inputSchema: {
       type: "object",
       properties: {
@@ -7127,20 +7305,250 @@ async function handleMcpTool(vault, name, args) {
       }
     }
 
-    case "fs_write": {
-      const r = await resolveInMount(args.path, args.mount, vault);
-      if (r.error) return mcpError(r.error);
-      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
-      try {
-        await mkdir(path.dirname(r.resolved), { recursive: true });
-        await writeFile(r.resolved, args.content, "utf8");
-        return mcpResult(`Written: ${args.path} (${Buffer.byteLength(args.content)} bytes)`);
-      } catch (err) {
-        return mcpError(`Write failed: ${err.message}`);
-      }
-    }
-
-    case "fs_list": {
+    case "fs_write": {
+      const r = await resolveInMount(args.path, args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
+      try {
+        await atomicWriteText(r.resolved, args.content);
+        return mcpResult(`Written: ${args.path} (${Buffer.byteLength(args.content)} bytes)`);
+      } catch (err) {
+        return mcpError(`Write failed: ${err.message}`);
+      }
+    }
+
+    case "fs_stat": {
+      const r = await resolveInMount(args.path, args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "r")) return mcpError("Read access denied on this mount");
+      try {
+        return mcpResult(JSON.stringify(await fileInfo(r.resolved, args.path), null, 2));
+      } catch (err) {
+        if (err.code === "ENOENT") return mcpError(`Not found: ${args.path}`);
+        return mcpError(`Stat failed: ${err.message}`);
+      }
+    }
+
+    case "fs_append": {
+      const r = await resolveInMount(args.path, args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
+      try {
+        try {
+          const current = await readFile(r.resolved);
+          if (args.expected_sha256 && sha256Hex(current) !== args.expected_sha256) {
+            return mcpError("Append rejected: current file hash does not match expected_sha256");
+          }
+        } catch (err) {
+          if (err.code !== "ENOENT") throw err;
+          if (args.expected_sha256) return mcpError("Append rejected: file does not exist for expected_sha256 guard");
+        }
+        await mkdir(path.dirname(r.resolved), { recursive: true });
+        await appendFile(r.resolved, args.content, "utf8");
+        const info = await fileInfo(r.resolved, args.path);
+        return mcpResult(JSON.stringify({ appended_bytes: Buffer.byteLength(args.content), ...info }, null, 2));
+      } catch (err) {
+        return mcpError(`Append failed: ${err.message}`);
+      }
+    }
+
+    case "fs_write_chunk": {
+      cleanupFsUploadSessions();
+      const { upload_id, chunk_index, total_chunks, content } = args;
+      const index = Number(chunk_index);
+      const total = Number(total_chunks);
+      if (!Number.isInteger(index) || !Number.isInteger(total) || index < 0 || total < 1 || index >= total) {
+        return mcpError("Invalid chunk_index/total_chunks");
+      }
+      if (total > FS_MAX_CHUNKS) return mcpError(`Too many chunks: max ${FS_MAX_CHUNKS}`);
+      if (Buffer.byteLength(content, "utf8") > FS_MAX_CHUNK_BYTES) {
+        return mcpError(`Chunk too large: max ${FS_MAX_CHUNK_BYTES} bytes`);
+      }
+
+      const r = await resolveInMount(args.path, args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
+
+      const key = `${r.mount.name}:${args.path}:${upload_id}`;
+      let session = FS_UPLOAD_SESSIONS.get(key);
+      if (!session) {
+        session = { path: args.path, resolved: r.resolved, total, chunks: new Map(), expectedSha256: args.expected_sha256 || null, updatedAt: Date.now() };
+        FS_UPLOAD_SESSIONS.set(key, session);
+      }
+      if (session.total !== total || session.path !== args.path || session.resolved !== r.resolved) {
+        return mcpError("Upload id collision: path or total_chunks differs from existing session");
+      }
+      if (args.expected_sha256 && session.expectedSha256 && args.expected_sha256 !== session.expectedSha256) {
+        return mcpError("Upload id collision: expected_sha256 differs from existing session");
+      }
+
+      session.chunks.set(index, content);
+      session.updatedAt = Date.now();
+
+      if (session.chunks.size < total) {
+        return mcpResult(JSON.stringify({ upload_id, status: "staged", received_chunks: session.chunks.size, total_chunks: total }, null, 2));
+      }
+
+      const assembled = Array.from({ length: total }, (_, i) => session.chunks.get(i)).join("");
+      const actualSha = sha256Hex(assembled);
+      if (session.expectedSha256 && actualSha !== session.expectedSha256) {
+        FS_UPLOAD_SESSIONS.delete(key);
+        return mcpError(`Final SHA-256 mismatch: expected ${session.expectedSha256}, got ${actualSha}`);
+      }
+
+      try {
+        await atomicWriteText(r.resolved, assembled);
+        FS_UPLOAD_SESSIONS.delete(key);
+        return mcpResult(JSON.stringify({ upload_id, status: "written", path: args.path, bytes: Buffer.byteLength(assembled), sha256: actualSha }, null, 2));
+      } catch (err) {
+        return mcpError(`Chunked write failed: ${err.message}`);
+      }
+    }
+
+    case "fs_ingest_url": {
+      const r = await resolveInMount(args.path, args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
+
+      let url;
+      try {
+        url = new URL(args.url);
+      } catch {
+        return mcpError("Invalid URL");
+      }
+      if (!["http:", "https:"].includes(url.protocol)) return mcpError("Only http(s) URLs are supported");
+
+      const maxBytes = Math.min(Number(args.max_bytes || 5 * 1024 * 1024), FS_MAX_INGEST_BYTES);
+      try {
+        const response = await fetch(url, { redirect: "follow" });
+        if (!response.ok) return mcpError(`Fetch failed: HTTP ${response.status}`);
+        const length = Number(response.headers.get("content-length") || 0);
+        if (length && length > maxBytes) return mcpError(`Fetch rejected: content-length ${length} exceeds max_bytes ${maxBytes}`);
+
+        const reader = response.body?.getReader();
+        if (!reader) return mcpError("Fetch failed: response body is not readable");
+
+        let received = 0;
+        const chunks = [];
+        while (true) {
+          const { done, value } = await reader.read();
+          if (done) break;
+          received += value.byteLength;
+          if (received > maxBytes) return mcpError(`Fetch rejected: response exceeds max_bytes ${maxBytes}`);
+          chunks.push(Buffer.from(value));
+        }
+
+        const content = Buffer.concat(chunks).toString("utf8");
+        const actualSha = sha256Hex(content);
+        if (args.expected_sha256 && actualSha !== args.expected_sha256) {
+          return mcpError(`Fetched SHA-256 mismatch: expected ${args.expected_sha256}, got ${actualSha}`);
+        }
+        await atomicWriteText(r.resolved, content);
+        return mcpResult(JSON.stringify({ status: "written", path: args.path, bytes: Buffer.byteLength(content), sha256: actualSha, source: url.href }, null, 2));
+      } catch (err) {
+        return mcpError(`Ingest failed: ${err.message}`);
+      }
+    }
+
+    case "fs_import_git_files": {
+      if (!Array.isArray(args.paths) || args.paths.length === 0) return mcpError("paths must be a non-empty array");
+      if (args.paths.length > 25) return mcpError("Too many paths: max 25 per import");
+
+      const r = await resolveInMount(".", args.mount, vault);
+      if (r.error) return mcpError(r.error);
+      if (!checkAccess(r.mount, "w")) return mcpError("Write access denied on this mount");
+
+      const repoRoot = r.resolved;
+      const remote = args.remote || "origin";
+      const mode = args.mode || "new_only";
+      const doCommit = args.commit === true;
+      const allowedPrefixes = Array.isArray(args.allowed_prefixes) && args.allowed_prefixes.length > 0
+        ? args.allowed_prefixes.map((p) => normalizeRepoPath(p.endsWith("/") ? p : `${p}/`)).filter(Boolean)
+        : FS_GIT_IMPORT_ALLOWED_PREFIXES;
+
+      try {
+        const topLevel = path.normalize(runGit(repoRoot, ["rev-parse", "--show-toplevel"]));
+        if (topLevel.toLowerCase() !== path.normalize(repoRoot).toLowerCase()) {
+          return mcpError(`Mount root is not the git repo root: ${repoRoot} (repo root: ${topLevel})`);
+        }
+
+        const normalizedPaths = [];
+        for (const rawPath of args.paths) {
+          const normalized = normalizeRepoPath(rawPath);
+          if (!normalized) return mcpError(`Invalid repo path: ${rawPath}`);
+          if (!isAllowedGitImportPath(normalized, allowedPrefixes)) return mcpError(`Path not allowed for git import: ${normalized}`);
+          normalizedPaths.push(normalized);
+        }
+
+        if (mode === "new_only") {
+          for (const rel of normalizedPaths) {
+            const localPath = path.join(repoRoot, rel);
+            try {
+              await stat(localPath);
+              return mcpError(`Import refused: local path already exists in new_only mode: ${rel}`);
+            } catch (err) {
+              if (err.code !== "ENOENT") throw err;
+            }
+          }
+        }
+
+        if (doCommit) {
+          const staged = runGit(repoRoot, ["diff", "--cached", "--name-only"]);
+          if (staged) return mcpError(`Import refused: index already has staged files:\n${staged}`);
+          if (!args.message || !args.message.trim()) return mcpError("message is required when commit=true");
+        }
+
+        runGit(repoRoot, ["fetch", "--no-tags", remote, args.ref]);
+        const sourceCommit = runGit(repoRoot, ["rev-parse", "FETCH_HEAD"]);
+
+        for (const rel of normalizedPaths) {
+          runGit(repoRoot, ["cat-file", "-e", `${sourceCommit}:${rel}`]);
+        }
+
+        runGit(repoRoot, ["restore", `--source=${sourceCommit}`, "--", ...normalizedPaths]);
+
+        const imported = [];
+        for (const rel of normalizedPaths) {
+          const localPath = path.join(repoRoot, rel);
+          const info = await fileInfo(localPath, rel);
+          const sourceBlob = runGit(repoRoot, ["rev-parse", `${sourceCommit}:${rel}`]);
+          const sourceSize = Number(runGitRaw(repoRoot, ["cat-file", "-s", `${sourceCommit}:${rel}`]).toString("utf8").trim());
+          imported.push({ ...info, source_blob: sourceBlob, source_size: sourceSize });
+        }
+
+        let localCommit = null;
+        if (doCommit) {
+          runGit(repoRoot, ["add", "--", ...normalizedPaths]);
+          const body = [
+            args.message.trim(),
+            "",
+            "Imported from Claude.ai GitHub upload.",
+            "",
+            `Source remote: ${remote}`,
+            `Source ref: ${args.ref}`,
+            `Source commit: ${sourceCommit}`,
+            "",
+            "Paths:",
+            ...normalizedPaths.map((p) => `- ${p}`),
+          ].join("\n");
+          runGit(repoRoot, ["commit", "-m", body]);
+          localCommit = runGit(repoRoot, ["rev-parse", "HEAD"]);
+        }
+
+        return mcpResult(JSON.stringify({
+          status: "ok",
+          mode,
+          committed: doCommit,
+          source_commit: sourceCommit,
+          local_commit: localCommit,
+          imported,
+        }, null, 2));
+      } catch (err) {
+        return mcpError(`Git import failed: ${err.message}`);
+      }
+    }
+
+    case "fs_list": {
       const dirPath = args.path || ".";
       const r = await resolveInMount(dirPath, args.mount, vault);
       if (r.error) return mcpError(r.error);

package/package.json

@@ -1,61 +1,61 @@
-{
-  "name": "@lifeaitools/clauth",
-  "version": "1.5.80",
-  "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
-  "type": "module",
-  "bin": {
-    "clauth": "./cli/index.js"
-  },
-  "scripts": {
-    "build": "bash scripts/build.sh",
-    "postinstall": "node scripts/postinstall.js",
-    "worker:start": "node cli/index.js serve",
-    "worker:stop": "curl -s http://127.0.0.1:52437/shutdown 2>nul || taskkill /F /IM cloudflared.exe 2>nul & exit 0",
-    "worker:restart": "npm run worker:stop && timeout /t 3 /nobreak >nul && npm run worker:start"
-  },
-  "dependencies": {
-    "chalk": "^5.3.0",
-    "commander": "^12.1.0",
-    "conf": "^13.0.0",
-    "inquirer": "^10.1.0",
-    "node-fetch": "^3.3.2",
-    "ora": "^8.1.0",
-    "@vscode/ripgrep": "^1.15.9",
-    "fast-glob": "^3.3.2"
-  },
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "keywords": [
-    "lifeai",
-    "credentials",
-    "vault",
-    "cli",
-    "prt"
-  ],
-  "author": "Dave Ladouceur <dave@life.ai>",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/LIFEAI/clauth.git"
-  },
-  "devDependencies": {
-    "javascript-obfuscator": "^5.3.0"
-  },
-  "files": [
-    "cli/",
-    "scripts/bin/",
-    "scripts/bootstrap.cjs",
-    "scripts/build.sh",
-    "scripts/postinstall.js",
-    "supabase/",
-    ".clauth-skill/",
-    "install.sh",
-    "install.ps1",
-    "README.md"
-  ],
-  "publishConfig": {
-    "access": "public"
-  },
-  "homepage": "https://github.com/LIFEAI/clauth"
-}
+{
+  "name": "@lifeaitools/clauth",
+  "version": "1.5.82",
+  "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
+  "type": "module",
+  "bin": {
+    "clauth": "./cli/index.js"
+  },
+  "scripts": {
+    "build": "bash scripts/build.sh",
+    "postinstall": "node scripts/postinstall.js",
+    "worker:start": "node cli/index.js serve",
+    "worker:stop": "curl -s http://127.0.0.1:52437/shutdown 2>nul || taskkill /F /IM cloudflared.exe 2>nul & exit 0",
+    "worker:restart": "npm run worker:stop && timeout /t 3 /nobreak >nul && npm run worker:start"
+  },
+  "dependencies": {
+    "chalk": "^5.3.0",
+    "commander": "^12.1.0",
+    "conf": "^13.0.0",
+    "inquirer": "^10.1.0",
+    "node-fetch": "^3.3.2",
+    "ora": "^8.1.0",
+    "@vscode/ripgrep": "^1.15.9",
+    "fast-glob": "^3.3.2"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "keywords": [
+    "lifeai",
+    "credentials",
+    "vault",
+    "cli",
+    "prt"
+  ],
+  "author": "Dave Ladouceur <dave@life.ai>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/LIFEAI/clauth.git"
+  },
+  "devDependencies": {
+    "javascript-obfuscator": "^5.3.0"
+  },
+  "files": [
+    "cli/",
+    "scripts/bin/",
+    "scripts/bootstrap.cjs",
+    "scripts/build.sh",
+    "scripts/postinstall.js",
+    "supabase/",
+    ".clauth-skill/",
+    "install.sh",
+    "install.ps1",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "homepage": "https://github.com/LIFEAI/clauth"
+}