npm - @lovelybunch/api - Versions diffs - 1.0.75-alpha.1 → 1.0.75-alpha.10 - Mend

@lovelybunch/api 1.0.75-alpha.1 → 1.0.75-alpha.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (184) hide show

package/dist/lib/auth/auth-manager.d.ts CHANGED Viewed

@@ -128,3 +128,8 @@ export declare class AuthManager {
  * @param configPath - Optional custom path to auth.json. If not provided, uses OS app data directory.
  */
 export declare function getAuthManager(configPath?: string): AuthManager;
+/**
+ * Reset the singleton AuthManager (for testing isolation).
+ * Only effective when NODE_ENV is 'test'.
+ */
+export declare function resetAuthManagerForTesting(): void;

package/dist/lib/auth/auth-manager.js CHANGED Viewed

@@ -420,3 +420,12 @@ export function getAuthManager(configPath) {
     }
     return authManagerInstance;
 }
+/**
+ * Reset the singleton AuthManager (for testing isolation).
+ * Only effective when NODE_ENV is 'test'.
+ */
+export function resetAuthManagerForTesting() {
+    if (process.env.NODE_ENV === 'test') {
+        authManagerInstance = null;
+    }
+}

package/dist/lib/storage/file-storage.d.ts CHANGED Viewed

@@ -1,30 +1,30 @@
-import { ChangeProposal, CPStatus } from '@lovelybunch/types';
-export interface CPFilter {
-    status?: CPStatus;
+import { Task, TaskStatus } from '@lovelybunch/types';
+export interface TaskFilter {
+    status?: TaskStatus;
     author?: string;
     priority?: string;
     tags?: string[];
     search?: string;
 }
 export interface StorageAdapter {
-    createCP(cp: ChangeProposal): Promise<void>;
-    getCP(id: string): Promise<ChangeProposal | null>;
-    updateCP(id: string, cp: Partial<ChangeProposal>): Promise<void>;
-    deleteCP(id: string): Promise<void>;
-    listCPs(filter?: CPFilter): Promise<ChangeProposal[]>;
-    searchCPs(query: string): Promise<ChangeProposal[]>;
+    createTask(task: Task): Promise<void>;
+    getTask(id: string): Promise<Task | null>;
+    updateTask(id: string, task: Partial<Task>): Promise<void>;
+    deleteTask(id: string): Promise<void>;
+    listTasks(filter?: TaskFilter): Promise<Task[]>;
+    searchTasks(query: string): Promise<Task[]>;
 }
 export declare class FileStorageAdapter implements StorageAdapter {
     private basePath;
     private sanitizeForYAML;
     constructor(basePath?: string);
     ensureDirectories(): Promise<void>;
-    createCP(cp: ChangeProposal): Promise<void>;
-    getCP(id: string): Promise<ChangeProposal | null>;
-    updateCP(id: string, updates: Partial<ChangeProposal>): Promise<void>;
-    deleteCP(id: string): Promise<void>;
-    listCPs(filter?: CPFilter): Promise<ChangeProposal[]>;
-    searchCPs(query: string): Promise<ChangeProposal[]>;
-    private frontmatterToCP;
+    createTask(task: Task): Promise<void>;
+    getTask(id: string): Promise<Task | null>;
+    updateTask(id: string, updates: Partial<Task>): Promise<void>;
+    deleteTask(id: string): Promise<void>;
+    listTasks(filter?: TaskFilter): Promise<Task[]>;
+    searchTasks(query: string): Promise<Task[]>;
+    private frontmatterToTask;
     private getDefaultContent;
 }

package/dist/lib/storage/file-storage.js CHANGED Viewed

@@ -49,68 +49,76 @@ export class FileStorageAdapter {
         }
     }
     async ensureDirectories() {
-        const dirs = ['proposals', 'specs', 'flags', 'experiments', 'templates', 'jobs'];
+        const dirs = ['tasks', 'specs', 'flags', 'experiments', 'templates', 'jobs'];
         for (const dir of dirs) {
             await fs.mkdir(path.join(this.basePath, dir), { recursive: true });
         }
     }
-    async createCP(cp) {
+    async createTask(task) {
         await this.ensureDirectories();
-        // Extract content from the proposal if it exists
-        const { content, ...frontmatter } = cp;
+        // Extract content from the task if it exists
+        const { content, ...frontmatter } = task;
         // Normalize date fields to Date instances in case callers provide ISO strings
-        const createdAt = cp.metadata.createdAt instanceof Date
-            ? cp.metadata.createdAt
-            : new Date(cp.metadata.createdAt);
-        const updatedAt = cp.metadata.updatedAt instanceof Date
-            ? cp.metadata.updatedAt
-            : new Date(cp.metadata.updatedAt);
-        // Convert the proposal to markdown with YAML frontmatter
+        const createdAt = task.metadata.createdAt instanceof Date
+            ? task.metadata.createdAt
+            : new Date(task.metadata.createdAt);
+        const updatedAt = task.metadata.updatedAt instanceof Date
+            ? task.metadata.updatedAt
+            : new Date(task.metadata.updatedAt);
+        // Convert the task to markdown with YAML frontmatter
         const frontmatterData = this.sanitizeForYAML({
             // Required fields
-            id: cp.id,
-            title: cp.title,
+            id: task.id,
+            title: task.title,
             // Deprecated: intent is kept for backward compatibility during migration
             // TODO: Remove intent field in future version
-            ...(cp.intent && { intent: cp.intent }),
+            ...(task.intent && { intent: task.intent }),
             createdAt: createdAt.toISOString(),
             updatedAt: updatedAt.toISOString(),
-            status: cp.status,
-            priority: cp.metadata.priority || 'medium',
+            status: task.status,
+            priority: task.metadata.priority || 'medium',
             // Author information
             author: {
-                id: cp.author.id,
-                name: cp.author.name,
-                email: cp.author.email || '',
+                id: task.author.id,
+                name: task.author.name,
+                email: task.author.email || '',
                 role: 'engineer', // Default role
-                type: cp.author.type
-            },
-            // Plan
-            plan: {
-                estimatedDuration: 'TBD',
-                dependencies: [],
-                steps: cp.planSteps.map(step => ({
-                    id: step.id,
-                    description: step.description,
-                    status: step.status
-                }))
+                type: task.author.type
             },
+            // Steps (top-level for consistency with CLI storage format)
+            steps: task.planSteps.map(step => ({
+                id: step.id,
+                description: step.description,
+                status: step.status,
+                ...(step.command && { command: step.command }),
+                ...(step.expectedOutcome && { expectedOutcome: step.expectedOutcome }),
+                ...(step.output && { output: step.output }),
+                ...(step.executedAt && { executedAt: step.executedAt instanceof Date ? step.executedAt.toISOString() : step.executedAt }),
+            })),
             // Metadata
-            tags: cp.metadata.tags || [],
+            tags: task.metadata.tags || [],
             labels: [],
-            comments: (cp.comments || []).filter((c) => c !== undefined)
+            // Comments use consistent field names: id, author, content, createdAt
+            comments: (task.comments || [])
+                .filter((c) => c !== undefined)
+                .map((c) => ({
+                id: c.id,
+                author: typeof c.author === 'string' ? c.author : c.author?.name || 'Unknown',
+                content: c.content || c.text || '',
+                createdAt: c.createdAt || c.timestamp || new Date().toISOString(),
+            }))
         });
-        const markdown = matter.stringify(content || this.getDefaultContent(cp), frontmatterData);
-        const filePath = path.join(this.basePath, 'proposals', `${cp.id}.md`);
+        const markdown = matter.stringify(content || this.getDefaultContent(task), frontmatterData);
+        const filePath = path.join(this.basePath, 'tasks', `${task.id}.md`);
         await fs.writeFile(filePath, markdown, 'utf-8');
     }
-    async getCP(id) {
+    async getTask(id) {
         try {
-            const filePath = path.join(this.basePath, 'proposals', `${id}.md`);
+            const filePath = path.join(this.basePath, 'tasks', `${id}.md`);
             const fileContent = await fs.readFile(filePath, 'utf-8');
             const { data, content } = matter(fileContent);
-            // Convert the frontmatter back to a ChangeProposal
-            return this.frontmatterToCP(data, content);
+            // Convert the frontmatter back to a Task
+            return this.frontmatterToTask(data, content);
         }
         catch (error) {
             if (error.code === 'ENOENT')
@@ -118,21 +126,19 @@ export class FileStorageAdapter {
             throw error;
         }
     }
-    async updateCP(id, updates) {
-        const existing = await this.getCP(id);
+    async updateTask(id, updates) {
+        const existing = await this.getTask(id);
         if (!existing)
-            throw new Error(`CP ${id} not found`);
-        // Never allow id to be updated to prevent overwriting other proposals
+            throw new Error(`Task ${id} not found`);
+        // Never allow id to be updated to prevent overwriting other tasks
         const { id: _, ...safeUpdates } = updates;
-        // Handle comments separately as they're stored at root level in file format
-        // Comments can come from either root level or metadata.comments
-        let commentsToStore = existing.metadata.comments || [];
+        // Comments live at root level on Task (not in metadata).
+        // Accept comments from root level or metadata.comments for backward compat.
+        let commentsToStore = existing.comments || [];
         if (safeUpdates.comments) {
-            // If comments are provided at root level, use them
             commentsToStore = safeUpdates.comments;
         }
         else if (safeUpdates.metadata?.comments) {
-            // If comments are provided in metadata, use them
             commentsToStore = safeUpdates.metadata.comments;
         }
         const updated = {
@@ -142,41 +148,39 @@ export class FileStorageAdapter {
                 ...existing.metadata,
                 ...safeUpdates.metadata,
                 updatedAt: new Date(),
-                comments: commentsToStore
             },
-            // Store comments at the root level for the file format
             comments: commentsToStore
         };
-        await this.createCP(updated);
+        await this.createTask(updated);
     }
-    async deleteCP(id) {
-        const filePath = path.join(this.basePath, 'proposals', `${id}.md`);
+    async deleteTask(id) {
+        const filePath = path.join(this.basePath, 'tasks', `${id}.md`);
         await fs.unlink(filePath);
     }
-    async listCPs(filter) {
-        const proposalsDir = path.join(this.basePath, 'proposals');
+    async listTasks(filter) {
+        const tasksDir = path.join(this.basePath, 'tasks');
         try {
-            const files = await fs.readdir(proposalsDir);
-            const proposals = await Promise.all(files
+            const files = await fs.readdir(tasksDir);
+            const tasks = await Promise.all(files
                 .filter(f => f.endsWith('.md'))
                 .map(async (file) => {
-                const content = await fs.readFile(path.join(proposalsDir, file), 'utf-8');
+                const content = await fs.readFile(path.join(tasksDir, file), 'utf-8');
                 const { data, content: body } = matter(content);
-                return this.frontmatterToCP(data, body);
+                return this.frontmatterToTask(data, body);
             }));
             // Apply filters
-            let filtered = proposals.filter(cp => {
-                if (!cp)
+            let filtered = tasks.filter(task => {
+                if (!task)
                     return false;
-                if (filter?.status && cp.status !== filter.status)
+                if (filter?.status && task.status !== filter.status)
                     return false;
-                if (filter?.author && cp.author.id !== filter.author)
+                if (filter?.author && task.author.id !== filter.author)
                     return false;
-                if (filter?.priority && cp.metadata.priority !== filter.priority)
+                if (filter?.priority && task.metadata.priority !== filter.priority)
                     return false;
                 if (filter?.tags && filter.tags.length > 0) {
-                    const cpTags = cp.metadata.tags || [];
-                    if (!filter.tags.some(tag => cpTags.includes(tag)))
+                    const taskTags = task.metadata.tags || [];
+                    if (!filter.tags.some(tag => taskTags.includes(tag)))
                         return false;
                 }
                 return true;
@@ -204,9 +208,9 @@ export class FileStorageAdapter {
             throw error;
         }
     }
-    async searchCPs(query) {
-        const allCPs = await this.listCPs();
-        const fuse = new Fuse(allCPs, {
+    async searchTasks(query) {
+        const allTasks = await this.listTasks();
+        const fuse = new Fuse(allTasks, {
             keys: [
                 { name: 'title', weight: 2 },
                 { name: 'intent', weight: 2 }, // Deprecated fallback
@@ -219,15 +223,16 @@ export class FileStorageAdapter {
         });
         return fuse.search(query).map(result => result.item);
     }
-    frontmatterToCP(data, content) {
-        // Handle both old and new format files
-        const steps = data.plan?.steps || data.steps || [];
-        // Transform comments to match expected format
-        const transformedComments = (data.comments || []).map((comment) => ({
+    frontmatterToTask(data, content) {
+        // Handle both old format (plan.steps) and new format (top-level steps)
+        const steps = data.steps || data.plan?.steps || [];
+        // Normalize comments using consistent field names (content/createdAt).
+        // Also handle legacy format (text/timestamp) for backward compatibility.
+        const normalizedComments = (data.comments || []).map((comment) => ({
             id: comment.id,
-            text: comment.content || comment.text || '', // Handle both content and text fields
             author: typeof comment.author === 'string' ? comment.author : comment.author?.name || 'Unknown',
-            timestamp: comment.createdAt || comment.timestamp || new Date().toISOString()
+            content: comment.content || comment.text || '',
+            createdAt: comment.createdAt || comment.timestamp || new Date().toISOString(),
         }));
         // Use title as primary, fall back to deprecated intent for backward compatibility
         const titleValue = data.title || data.intent || '';
@@ -260,6 +265,7 @@ export class FileStorageAdapter {
             telemetryContracts: data.telemetryContracts || [],
             releasePlan: data.releasePlan || { strategy: 'immediate' },
             status: data.status || 'draft',
+            comments: normalizedComments,
             metadata: {
                 createdAt: new Date(data.createdAt || Date.now()),
                 updatedAt: new Date(data.updatedAt || Date.now()),
@@ -267,16 +273,15 @@ export class FileStorageAdapter {
                 aiInteractions: data.aiInteractions || [],
                 tags: data.tags || [],
                 priority: data.priority || 'medium',
-                comments: transformedComments
             },
             content // Store the markdown content
         };
     }
-    getDefaultContent(cp) {
-        return `# ${cp.title}
+    getDefaultContent(task) {
+        return `# ${task.title}
 ## Problem Statement
-Describe the problem this change proposal addresses.
+Describe the problem this task addresses.
 ## Proposed Solution
 Describe the solution you're proposing.

package/dist/lib/terminal/terminal-manager.d.ts CHANGED Viewed

@@ -2,13 +2,11 @@ import { WebSocket } from 'ws';
 import { ShellType } from './shell-utils.js';
 export interface TerminalSession {
     id: string;
-    proposalId: string;
+    taskId: string;
     pty: any;
     websocket?: WebSocket;
     createdAt: Date;
     lastActivity: Date;
-    enableLogging?: boolean;
-    logFilePath?: string;
     backlog: string;
     previewSockets?: Set<WebSocket>;
     previewBuffer?: string;
@@ -21,9 +19,9 @@ export declare class TerminalManager {
     private cleanupInterval;
     private static readonly MAX_BACKLOG_BYTES;
     constructor();
-    createSession(proposalId: string, enableLogging?: boolean, shellPreference?: ShellType, startupCommand?: string): Promise<TerminalSession>;
+    createSession(taskId: string, shellPreference?: ShellType, startupCommand?: string): Promise<TerminalSession>;
     getSession(sessionId: string): TerminalSession | undefined;
-    getSessionsByProposal(proposalId: string): TerminalSession[];
+    getSessionsByTask(taskId: string): TerminalSession[];
     attachWebSocket(sessionId: string, ws: WebSocket): boolean;
     destroySession(sessionId: string): boolean;
     resizeSession(sessionId: string, cols: number, rows: number): boolean;

package/dist/lib/terminal/terminal-manager.js CHANGED Viewed

@@ -16,8 +16,8 @@ export class TerminalManager {
             this.cleanupInactiveSessions();
         }, 5 * 60 * 1000);
     }
-    async createSession(proposalId, enableLogging = false, shellPreference = 'bash', startupCommand) {
-        const sessionId = `${proposalId}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
+    async createSession(taskId, shellPreference = 'bash', startupCommand) {
+        const sessionId = `${taskId}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
         // Get the project root directory
         let projectRoot;
         if (process.env.NODE_ENV === 'development' && process.env.GAIT_DEV_ROOT) {
@@ -32,8 +32,8 @@ export class TerminalManager {
         }
         // Prepare context information
         const contextInfo = {
-            proposalId,
-            proposalPath: path.join(projectRoot, '.nut', 'proposals', `${proposalId}.md`),
+            proposalId: taskId,
+            proposalPath: path.join(projectRoot, '.nut', 'tasks', `${taskId}.md`),
             contextPath: path.join(projectRoot, '.nut', 'context'),
             projectRoot,
         };
@@ -65,30 +65,21 @@ export class TerminalManager {
         catch (error) {
             console.error('Error creating init script:', error);
         }
-        // Set up logging if enabled
-        let logFilePath;
-        if (enableLogging) {
-            const sessionsDir = path.join(projectRoot, '.nut', 'sessions');
-            try {
-                fs.mkdirSync(sessionsDir, { recursive: true });
-                logFilePath = path.join(sessionsDir, `${sessionId}.log`);
-                // Create log file with session header
-                const logHeader = `# Terminal Session Log\n# Session ID: ${sessionId}\n# Proposal ID: ${proposalId}\n# Created: ${new Date().toISOString()}\n\n`;
-                fs.writeFileSync(logFilePath, logHeader);
-            }
-            catch (error) {
-                console.error('Error setting up session logging:', error);
-                logFilePath = undefined;
-            }
-        }
         // Get shell arguments
         const shellArgs = getShellArgs(shellPath, initScriptPath);
-        // Prepare environment variables with API keys injected
+        // Prepare environment variables with API keys injected.
+        // Remove internal dev-server env vars (GAIT_DEV_ROOT, NODE_ENV=development)
+        // so that tools like `nut` invoked inside the terminal resolve paths
+        // relative to the terminal's cwd (projectRoot) rather than the API package.
+        const injected = getInjectedEnv();
+        delete injected.GAIT_DEV_ROOT;
+        delete injected.NODE_ENV;
         const env = {
-            ...getInjectedEnv(),
-            COCONUT_PROPOSAL_ID: proposalId,
+            ...injected,
+            COCONUT_TASK_ID: taskId,
             COCONUT_CONTEXT_PATH: path.join(projectRoot, '.nut', 'context'),
-            COCONUT_PROPOSAL_PATH: path.join(projectRoot, '.nut', 'proposals', `${proposalId}.md`),
+            COCONUT_TASK_PATH: path.join(projectRoot, '.nut', 'tasks', `${taskId}.md`),
+            GAIT_DATA_PATH: projectRoot,
             TERM: 'xterm-256color',
             COLORTERM: 'truecolor',
         };
@@ -109,12 +100,10 @@ export class TerminalManager {
         });
         const session = {
             id: sessionId,
-            proposalId,
+            taskId,
             pty: ptyProcess,
             createdAt: new Date(),
             lastActivity: new Date(),
-            enableLogging,
-            logFilePath,
             backlog: '',
             previewSockets: new Set(),
             previewBuffer: '',
@@ -133,7 +122,7 @@ export class TerminalManager {
                 tags: ["agent", "terminal", "session"],
                 payload: {
                     sessionId,
-                    proposalId,
+                    taskId,
                     cwd: projectRoot,
                     shell: shellPath,
                 }
@@ -146,17 +135,6 @@ export class TerminalManager {
         // Set up PTY event handlers
         ptyProcess.onData((data) => {
             session.lastActivity = new Date();
-            // Log data if logging is enabled
-            if (session.enableLogging && session.logFilePath) {
-                try {
-                    const timestamp = new Date().toISOString();
-                    const logEntry = `[${timestamp}] OUTPUT: ${data}`;
-                    fs.appendFileSync(session.logFilePath, logEntry);
-                }
-                catch (error) {
-                    console.error('Error writing to session log:', error);
-                }
-            }
             // Maintain in-memory backlog (trim to last MAX_BACKLOG_BYTES)
             try {
                 // Append and trim to max size
@@ -180,17 +158,6 @@ export class TerminalManager {
         ptyProcess.onExit((e) => {
             const endTime = new Date();
             const duration = endTime.getTime() - session.createdAt.getTime();
-            // Log session end if logging is enabled
-            if (session.enableLogging && session.logFilePath) {
-                try {
-                    const timestamp = endTime.toISOString();
-                    const logEntry = `\n[${timestamp}] SESSION ENDED: Exit code ${e.exitCode}\n`;
-                    fs.appendFileSync(session.logFilePath, logEntry);
-                }
-                catch (error) {
-                    console.error('Error writing session end to log:', error);
-                }
-            }
             // Log session end to activity log
             try {
                 const logger = getLogger();
@@ -242,8 +209,8 @@ export class TerminalManager {
     getSession(sessionId) {
         return this.sessions.get(sessionId);
     }
-    getSessionsByProposal(proposalId) {
-        return Array.from(this.sessions.values()).filter(session => session.proposalId === proposalId);
+    getSessionsByTask(taskId) {
+        return Array.from(this.sessions.values()).filter(session => session.taskId === taskId);
     }
     attachWebSocket(sessionId, ws) {
         const session = this.sessions.get(sessionId);
@@ -282,17 +249,6 @@ export class TerminalManager {
                 const data = JSON.parse(message.toString());
                 switch (data.type) {
                     case 'input':
-                        // Log input if logging is enabled
-                        if (session.enableLogging && session.logFilePath) {
-                            try {
-                                const timestamp = new Date().toISOString();
-                                const logEntry = `[${timestamp}] INPUT: ${data.data}`;
-                                fs.appendFileSync(session.logFilePath, logEntry);
-                            }
-                            catch (error) {
-                                console.error('Error writing input to session log:', error);
-                            }
-                        }
                         session.pty.write(data.data);
                         session.lastActivity = new Date();
                         break;

package/dist/middleware/auth.js CHANGED Viewed

@@ -1,11 +1,36 @@
 import { getCookie } from 'hono/cookie';
+import { getConnInfo } from '@hono/node-server/conninfo';
 import { getAuthManager } from '../lib/auth/auth-manager.js';
+const LOOPBACK_ADDRESSES = new Set(['127.0.0.1', '::1', '::ffff:127.0.0.1']);
+/**
+ * Check if a request is a direct localhost connection (not proxied).
+ * Used to allow CLI tools running on the server to bypass auth.
+ *
+ * Safe because:
+ * - Raw socket address cannot be spoofed (TCP guarantees this)
+ * - Proxied requests (nginx/ALB → node) include X-Forwarded-For, so they
+ *   are excluded even though the socket address is loopback
+ */
+function isDirectLocalConnection(c) {
+    try {
+        // If X-Forwarded-For is present, the request came through a proxy
+        if (c.req.header('x-forwarded-for')) {
+            return false;
+        }
+        const info = getConnInfo(c);
+        return LOOPBACK_ADDRESSES.has(info.remote.address || '');
+    }
+    catch {
+        return false;
+    }
+}
 // Public routes that don't require authentication
 const PUBLIC_ROUTES = [
     '/api/health',
     '/api/v1/auth/status',
     '/api/v1/auth/login',
     '/api/v1/auth/register',
+    '/api/v1/auth/logout',
     '/api/v1/auth/oauth',
     '/api/v1/auth/callback',
 ];
@@ -40,6 +65,13 @@ export async function authMiddleware(c, next) {
         // Auth is disabled, allow all requests
         return next();
     }
+    // Allow direct localhost connections (CLI on the same machine) to bypass auth.
+    // This is safe: the raw TCP socket address can't be spoofed, and proxied
+    // requests are excluded by checking for the X-Forwarded-For header.
+    if (isDirectLocalConnection(c)) {
+        c.set('authType', 'localhost');
+        return next();
+    }
     const path = c.req.path;
     // Allow public routes without authentication
     if (isPublicRoute(path)) {
@@ -129,6 +161,10 @@ export function requireAuth(c) {
         // Return null to indicate auth passed but no session available
         return null;
     }
+    // Direct localhost connections bypass auth (CLI on the same machine)
+    if (authType === 'localhost') {
+        return null;
+    }
     throw new Error('Authentication required');
 }
 /**

package/dist/routes/api/v1/ai/index.js CHANGED Viewed

@@ -1,7 +1,5 @@
 import { Hono } from 'hono';
 import { POST } from './route.js';
-import { POST as toolsPost } from './tools.js';
 const app = new Hono();
 app.post('/', POST);
-app.post('/tools', toolsPost);
 export default app;