@meshxdata/fops 0.0.5 → 0.0.7

package/src/plugins/bundled/fops-plugin-memory/skills/memory/SKILL.md

@@ -0,0 +1,58 @@
+---
+name: memory
+description: Persistent memory across agent sessions
+---
+
+## Agent Memory
+
+You have persistent memory across sessions. Relevant memories are automatically recalled into your context when they match the user's query. You can also save new memories during conversations.
+
+## When to Save Memories
+
+Save a memory when you learn something that would be useful in **future sessions**:
+
+- **Resolved issues**: "postgres init fails if vault isn't started first — start vault before running migrations"
+- **User preferences**: "user prefers to rebuild images rather than pull from ECR"
+- **Stack quirks**: "trino takes 30-45 seconds to become healthy after container starts"
+- **Configuration discoveries**: "frontend needs NEXT_PUBLIC_API_URL set to http://localhost:9001 in .env"
+- **Debugging insights**: "backend OOM usually means too many Kafka consumers — reduce KAFKA_MAX_POLL_RECORDS"
+- **Workflow patterns**: "user runs fops down && fops up to reset state, not just restart"
+
+## How to Save
+
+```bash
+fops memory save "description of what you learned"
+fops memory save "postgres needs vault running first" --tag postgres --tag startup
+```
+
+Tags help with recall but are optional. The text itself is searched.
+
+## When NOT to Save
+
+- Transient state (container is currently down, an image was just pulled)
+- Information already in the stack context (service ports, container health)
+- Generic knowledge (Docker commands, AWS docs)
+- Anything the user explicitly asks you not to remember
+
+## Commands
+
+```bash
+fops memory save "text" [--tag tag1 --tag tag2]   # Save a memory
+fops memory list                                    # List all memories
+fops memory search "query"                          # Search by relevance
+fops memory forget <id>                             # Remove a memory
+fops memory clear                                   # Clear all memories
+fops mem ...                                        # Shorthand alias
+```
+
+## Recall
+
+Memories are automatically recalled via the knowledge system. When the user's message matches stored memories, they appear in your context under "Agent Memory". You don't need to explicitly search — relevant memories are injected per turn.
+
+## Housekeeping
+
+If you notice a recalled memory is outdated or incorrect, suggest removing it:
+
+```bash
+fops memory forget abc123
+```

package/src/plugins/loader.js

@@ -1,7 +1,7 @@
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
-import { fileURLToPath } from "node:url";
+import { fileURLToPath, pathToFileURL } from "node:url";
 import { createRegistry } from "./registry.js";
 import { validateManifest } from "./manifest.js";
 import { discoverPlugins } from "./discovery.js";
@@ -10,6 +10,45 @@ import { loadBuiltinAgents } from "../agent/agents.js";
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
+/**
+ * Sync bundled plugins from src/plugins/bundled/ to ~/.fops/plugins/.
+ * Installs missing plugins and updates existing ones when the bundled version is newer.
+ */
+function syncBundledPlugins() {
+  const bundledDir = path.join(__dirname, "bundled");
+  if (!fs.existsSync(bundledDir)) return;
+
+  const globalDir = path.join(os.homedir(), ".fops", "plugins");
+  fs.mkdirSync(globalDir, { recursive: true });
+
+  const entries = fs.readdirSync(bundledDir, { withFileTypes: true });
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+    const srcDir = path.join(bundledDir, entry.name);
+    const manifestPath = path.join(srcDir, "fops.plugin.json");
+    if (!fs.existsSync(manifestPath)) continue;
+
+    let manifest;
+    try { manifest = JSON.parse(fs.readFileSync(manifestPath, "utf8")); } catch { continue; }
+
+    const destDir = path.join(globalDir, entry.name);
+    const destManifest = path.join(destDir, "fops.plugin.json");
+
+    // Skip if installed version is same or newer
+    if (fs.existsSync(destManifest)) {
+      try {
+        const existing = JSON.parse(fs.readFileSync(destManifest, "utf8"));
+        if (existing.version >= manifest.version) continue;
+      } catch {
+        // corrupt manifest — overwrite
+      }
+    }
+
+    // Copy plugin to ~/.fops/plugins/<name>/
+    fs.cpSync(srcDir, destDir, { recursive: true });
+  }
+}
+
 /**
  * Ensure ~/.fops/plugins/node_modules symlinks to the CLI's node_modules.
  * This lets global plugins resolve bare imports (chalk, execa, inquirer, etc.)
@@ -88,7 +127,7 @@ async function loadBuiltinPlugins(registry) {
   const entries = fs.readdirSync(builtinsDir).filter((f) => f.endsWith(".js"));
   for (const file of entries) {
     try {
-      const mod = await import(path.join(builtinsDir, file));
+      const mod = await import(pathToFileURL(path.join(builtinsDir, file)).href);
       const plugin = mod.default || mod;
       if (typeof plugin.register === "function") {
         const pluginId = `builtin:${path.basename(file, ".js")}`;
@@ -106,6 +145,7 @@ async function loadBuiltinPlugins(registry) {
  * Returns a populated PluginRegistry.
  */
 export async function loadPlugins() {
+  syncBundledPlugins();
   ensurePluginNodeModules();
   const registry = createRegistry();
   loadBuiltinAgents(registry);
@@ -152,7 +192,7 @@ export async function loadPlugins() {
     }
 
     try {
-      const mod = await import(entryPoint);
+      const mod = await import(pathToFileURL(entryPoint).href);
       const plugin = mod.default || mod;
 
       if (typeof plugin.register === "function") {

package/src/setup/aws.js

@@ -3,7 +3,7 @@ import os from "node:os";
 import path from "node:path";
 import chalk from "chalk";
 import { execa } from "execa";
-import inquirer from "inquirer";
+import { getInquirer } from "../lazy.js";
 
 /**
  * Read saved FOPS config (~/.fops.json) for AWS SSO settings etc.
@@ -34,7 +34,7 @@ export async function promptAwsSsoConfig() {
   console.log(chalk.dim("  We'll set up an AWS CLI profile for ECR image pulls."));
   console.log(chalk.dim("  You can find these values in your AWS SSO portal.\n"));
 
-  const answers = await inquirer.prompt([
+  const answers = await (await getInquirer()).prompt([
     {
       type: "input",
       name: "profileName",
@@ -100,10 +100,13 @@ export function detectEcrRegistry(dir) {
 /**
  * Parse ~/.aws/config and find SSO profiles with their sso_session names.
  */
-export function detectAwsSsoProfiles() {
-  const configPath = path.join(os.homedir(), ".aws", "config");
-  if (!fs.existsSync(configPath)) return [];
-  const content = fs.readFileSync(configPath, "utf8");
+export function detectAwsSsoProfiles(configContent = null) {
+  if (configContent === null) {
+    const configPath = path.join(os.homedir(), ".aws", "config");
+    if (!fs.existsSync(configPath)) return [];
+    configContent = fs.readFileSync(configPath, "utf8");
+  }
+  const content = configContent;
   const profiles = [];
   let currentProfile = null;
   let currentAttrs = {};
@@ -151,7 +154,7 @@ export async function ensureSsoConfig() {
   console.log(chalk.cyan("\n  AWS SSO is not configured. Let's set it up.\n"));
   console.log(chalk.dim("  You can find these values in your AWS SSO portal.\n"));
 
-  const answers = await inquirer.prompt([
+  const answers = await (await getInquirer()).prompt([
     { type: "input", name: "sessionName", message: "SSO session name:", default: "me-central-1" },
     { type: "input", name: "startUrl", message: "SSO start URL:", validate: (v) => v?.trim() ? true : "Required." },
     { type: "input", name: "ssoRegion", message: "SSO region:", default: "us-east-1" },
@@ -183,86 +186,111 @@ output = json
 }
 
 /**
- * Fix AWS SSO: ensure config exists, detect profile, then login.
+ * Run `aws sso login` for a profile, handling TTY on all platforms.
+ * Returns the execa result ({ exitCode, timedOut }).
  */
-export async function fixAwsSso() {
-  await ensureSsoConfig();
-
-  const profiles = detectAwsSsoProfiles();
-  if (profiles.length === 0) {
-    throw new Error("No SSO profiles found after config — check ~/.aws/config");
+async function runSsoLogin(profileName) {
+  let ttyFd = null;
+  if (process.platform !== "win32") {
+    try { ttyFd = fs.openSync("/dev/tty", "r"); } catch { ttyFd = null; }
   }
 
-  const profile = profiles[0];
-  console.log(chalk.dim(`  Using AWS profile: ${profile.name}`));
-  console.log(chalk.cyan(`  ▶ aws sso login --profile ${profile.name}`));
-
-  // Open /dev/tty directly so SSO login gets a real terminal even when
-  // the parent process has piped stdio (e.g. agent → runShellCommand → fops doctor)
-  let ttyFd;
-  try { ttyFd = fs.openSync("/dev/tty", "r"); } catch { ttyFd = null; }
-
-  const { exitCode } = await execa("aws", ["sso", "login", "--profile", profile.name], {
+  const result = await execa("aws", ["sso", "login", "--profile", profileName], {
     stdio: [ttyFd ?? "inherit", "inherit", "inherit"],
     reject: false,
     timeout: 120_000,
   });
 
   if (ttyFd !== null) fs.closeSync(ttyFd);
+  return result;
+}
 
-  if (exitCode !== 0) {
-    // SSO login failed — likely bad config. Remove it and re-run setup.
-    console.log(chalk.yellow("  SSO login failed — re-running setup with new values...\n"));
-    const configPath = path.join(os.homedir(), ".aws", "config");
-    if (fs.existsSync(configPath)) fs.unlinkSync(configPath);
-    await ensureSsoConfig();
+/**
+ * Fix AWS SSO: ensure config exists, detect profile, then login.
+ * Distinguishes timeout/incomplete browser auth from bad config so
+ * the user isn't forced to re-enter values when they just ran out of time.
+ */
+export async function fixAwsSso(ctx = {}) {
+  const exec = ctx.exec || execa;
+  const home = ctx.home || os.homedir();
+
+  await ensureSsoConfig();
 
-    const retryProfiles = detectAwsSsoProfiles();
-    if (retryProfiles.length === 0) {
+  const MAX_ATTEMPTS = 3;
+
+  for (let attempt = 0; attempt < MAX_ATTEMPTS; attempt++) {
+    const profiles = detectAwsSsoProfiles();
+    if (profiles.length === 0) {
       throw new Error("No SSO profiles found after config — check ~/.aws/config");
     }
 
-    const retryProfile = retryProfiles[0];
-    console.log(chalk.cyan(`  ▶ aws sso login --profile ${retryProfile.name}`));
-
-    let retryTtyFd;
-    try { retryTtyFd = fs.openSync("/dev/tty", "r"); } catch { retryTtyFd = null; }
+    const profile = profiles[0];
+    console.log(chalk.dim(`  Using AWS profile: ${profile.name}`));
+    console.log(chalk.cyan(`  ▶ aws sso login --profile ${profile.name}`));
 
-    const { exitCode: retryCode } = await execa("aws", ["sso", "login", "--profile", retryProfile.name], {
-      stdio: [retryTtyFd ?? "inherit", "inherit", "inherit"],
+    const result = await exec("aws", ["sso", "login", "--profile", profile.name], {
+      stdio: "inherit",
       reject: false,
       timeout: 120_000,
     });
 
-    if (retryTtyFd !== null) fs.closeSync(retryTtyFd);
+    if (result.exitCode === 0) return;
+
+    if (result.timedOut) {
+      console.log(chalk.yellow("\n  SSO login timed out — browser auth was not completed in time."));
+    } else {
+      console.log(chalk.yellow("\n  SSO login did not complete."));
+    }
+
+    const { action } = await (await getInquirer()).prompt([{
+      type: "list",
+      name: "action",
+      message: "What would you like to do?",
+      choices: [
+        { name: "Retry login (same settings)", value: "retry" },
+        { name: "Reconfigure SSO (re-enter values)", value: "reconfig" },
+        { name: "Abort", value: "abort" },
+      ],
+    }]);
+
+    if (action === "abort") {
+      throw new Error("SSO login aborted by user");
+    }
 
-    if (retryCode !== 0) {
-      throw new Error("SSO login failed. Check your SSO start URL and region in ~/.aws/config");
+    if (action === "reconfig") {
+      const configPath = path.join(home, ".aws", "config");
+      if (fs.existsSync(configPath)) fs.unlinkSync(configPath);
+      await ensureSsoConfig();
     }
+    // "retry" loops again with the same config
   }
+
+  throw new Error("SSO login failed after multiple attempts. Check your SSO start URL and region in ~/.aws/config");
 }
 
 /**
  * Fix ECR: ensure SSO session is valid, then docker login to ECR.
  */
-export async function fixEcr(ecrInfo) {
+export async function fixEcr(ecrInfo, ctx = {}) {
+  const exec = ctx.exec || execa;
+
   const profiles = detectAwsSsoProfiles();
   // Pick the profile whose region matches ECR, or fall back to first
   const profile = profiles.find((p) => p.region === ecrInfo.region) || profiles[0];
   const profileArgs = profile ? ["--profile", profile.name] : [];
 
   // First make sure SSO works
-  const { stdout } = await execa("aws", ["sts", "get-caller-identity", "--output", "json", ...profileArgs], {
+  const { stdout } = await exec("aws", ["sts", "get-caller-identity", "--output", "json", ...profileArgs], {
     reject: false, timeout: 10000,
   });
   if (!stdout || !stdout.includes("Account")) {
-    await fixAwsSso();
+    await fixAwsSso(ctx);
   }
 
   // Now do ECR docker login
   const ecrUrl = `${ecrInfo.accountId}.dkr.ecr.${ecrInfo.region}.amazonaws.com`;
   console.log(chalk.cyan(`  ▶ ECR docker login → ${ecrUrl}`));
-  const { stdout: password } = await execa("aws", [
+  const { stdout: password } = await exec("aws", [
     "ecr", "get-login-password", "--region", ecrInfo.region, ...profileArgs,
   ], { reject: false, timeout: 15000 });
 

package/src/setup/setup.js

@@ -3,9 +3,9 @@ import os from "node:os";
 import path from "node:path";
 import chalk from "chalk";
 import { execa } from "execa";
-import inquirer from "inquirer";
 import { make } from "../shell.js";
 import { readFopsConfig, saveFopsConfig, promptAwsSsoConfig, detectEcrRegistry, checkEcrRepos } from "./aws.js";
+import { getInquirer } from "../lazy.js";
 
 // TODO: change back to "main" once stack/api is merged
 export const CLONE_BRANCH = "stack/api";
@@ -70,7 +70,7 @@ export function runSetup(dir, opts = {}) {
         // Check if docker-compose references ECR to auto-detect some values
         const ecrInfo = detectEcrRegistry(dir);
 
-        const { setupAws } = await inquirer.prompt([{
+        const { setupAws } = await (await getInquirer()).prompt([{
           type: "confirm",
           name: "setupAws",
           message: ecrInfo
@@ -109,6 +109,7 @@ export function runSetup(dir, opts = {}) {
           } catch {
             console.log(chalk.yellow("\n⚠ Some images failed to download."));
           }
+          console.log("");
           console.log(chalk.green("Setup complete. Run: fops up"));
           return;
         }
@@ -162,6 +163,7 @@ export function runSetup(dir, opts = {}) {
         console.log(chalk.dim("  Then re-run: fops init --download\n"));
       }
     }
+    console.log("");
     console.log(chalk.green("Setup complete. Run: fops up"));
   })();
 }

package/src/setup/wizard.js

@@ -3,12 +3,12 @@ import os from "node:os";
 import path from "node:path";
 import chalk from "chalk";
 import { execa } from "execa";
-import inquirer from "inquirer";
 import { isFoundationRoot, findComposeRootUp } from "../project.js";
 import { discoverPlugins } from "../plugins/discovery.js";
 import { validateManifest } from "../plugins/manifest.js";
 import { runSetup, CLONE_BRANCH } from "./setup.js";
-import { confirm } from "../ui/index.js";
+import { confirm, selectOption } from "../ui/index.js";
+import { getInquirer } from "../lazy.js";
 
 /**
  * Ensure Homebrew is available (macOS). Installs if missing.
@@ -76,7 +76,7 @@ export async function runInitWizard() {
   } else {
     const foundUp = findComposeRootUp(cwd);
     if (foundUp && foundUp !== cwd) {
-      const { useFound } = await inquirer.prompt([
+      const { useFound } = await (await getInquirer()).prompt([
         { type: "confirm", name: "useFound", message: `Found Foundation project at:\n  ${foundUp}\n  Use it instead of the current directory?`, default: false },
       ]);
       if (useFound) projectRoot = foundUp;
@@ -130,12 +130,9 @@ export async function runInitWizard() {
         hasAws = await installTool("AWS CLI", { brew: "awscli", winget: "Amazon.AWSCLI" });
       }
 
-      // 1Password CLI (optional)
+      // 1Password (optional — status only, no install prompt)
       if (hasOp) console.log(chalk.green("  ✓ 1Password CLI"));
-      else {
-        console.log(chalk.yellow("  ⚠ 1Password CLI") + chalk.dim(" — needed for secret sync"));
-        hasOp = await installTool("1Password CLI", { brewCask: "1password-cli", winget: "AgileBits.1Password.CLI" });
-      }
+      else console.log(chalk.yellow("  ⚠ 1Password CLI") + chalk.dim(" — optional, run: op signin"));
 
       // GitHub credentials
       const netrcPath = path.join(os.homedir(), ".netrc");
@@ -173,19 +170,18 @@ export async function runInitWizard() {
         console.log(chalk.red("  Required tools are still missing. Install them and run fops init again.\n"));
         process.exit(1);
       }
-      const choices = [
-        { name: "Clone foundation-compose into this directory", value: "clone" },
-        { name: "Enter path to an existing foundation-compose directory", value: "path" },
-        { name: "Cancel", value: "cancel" },
-      ];
-      const { action } = await inquirer.prompt([{ type: "list", name: "action", message: "No Foundation project found. What do you want to do?", choices }]);
-      if (action === "cancel") process.exit(0);
+      const action = await selectOption("No Foundation project found. What do you want to do?", [
+        { label: "Clone foundation-compose into this directory", value: "clone" },
+        { label: "Enter path to an existing foundation-compose directory", value: "path" },
+        { label: "Cancel", value: "cancel" },
+      ]);
+      if (!action || action === "cancel") process.exit(0);
       if (action === "clone") {
-        const { repoUrl } = await inquirer.prompt([
+        const { repoUrl } = await (await getInquirer()).prompt([
           { type: "input", name: "repoUrl", message: "Repository URL:", default: "https://github.com/meshxdata/foundation-compose.git", validate: (v) => (v?.trim() ? true : "Repository URL is required.") },
         ]);
         const repoName = repoUrl.trim().replace(/\.git$/, "").split("/").pop() || "foundation-compose";
-        const { targetDir } = await inquirer.prompt([
+        const { targetDir } = await (await getInquirer()).prompt([
           { type: "input", name: "targetDir", message: "Clone into:", default: path.join(cwd, repoName) },
         ]);
         const resolved = path.resolve(targetDir.trim());
@@ -226,7 +222,7 @@ export async function runInitWizard() {
         }
       }
       if (action === "path") {
-        const { dir } = await inquirer.prompt([
+        const { dir } = await (await getInquirer()).prompt([
           {
             type: "input", name: "dir", message: "Path to foundation-compose directory:",
             validate: (value) => {
@@ -241,7 +237,7 @@ export async function runInitWizard() {
       }
     }
   }
-  const { submodules, env, download } = await inquirer.prompt([
+  const { submodules, env, download } = await (await getInquirer()).prompt([
     { type: "confirm", name: "submodules", message: "Initialize and update git submodules?", default: true },
     { type: "confirm", name: "env", message: "Create .env from .env.example (if missing)?", default: true },
     { type: "confirm", name: "download", message: "Download container images now (make download)?", default: false },
@@ -280,7 +276,7 @@ export async function runInitWizard() {
       };
     });
 
-    const { enabledPlugins } = await inquirer.prompt([{
+    const { enabledPlugins } = await (await getInquirer()).prompt([{
       type: "checkbox",
       name: "enabledPlugins",
       message: "Plugins:",

package/src/wsl.js

@@ -0,0 +1,82 @@
+import { execa } from "execa";
+
+/**
+ * Run a command inside the default WSL distro.
+ */
+export async function wslExec(cmd, args = [], opts = {}) {
+  const { input, timeout, reject, stdio } = opts;
+  return execa("wsl", ["-e", cmd, ...args], { input, timeout, reject, stdio });
+}
+
+let _cachedHome = null;
+
+/**
+ * Get the WSL user's home directory (cached after first call).
+ */
+export async function wslHomedir() {
+  if (_cachedHome) return _cachedHome;
+  const { stdout } = await execa("wsl", ["-e", "sh", "-c", "echo $HOME"], {
+    timeout: 10000,
+  });
+  _cachedHome = stdout.trim();
+  return _cachedHome;
+}
+
+/**
+ * Reset the cached WSL home directory (for testing).
+ */
+export function _resetHomedirCache() {
+  _cachedHome = null;
+}
+
+/**
+ * Check whether a file exists inside WSL.
+ */
+export async function wslFileExists(filepath) {
+  try {
+    const { exitCode } = await execa("wsl", ["-e", "test", "-f", filepath], {
+      reject: false,
+      timeout: 5000,
+    });
+    return exitCode === 0;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Read file content from inside WSL.
+ */
+export async function wslReadFile(filepath) {
+  const { stdout } = await execa("wsl", ["-e", "cat", filepath], {
+    timeout: 5000,
+  });
+  return stdout;
+}
+
+/**
+ * Write content to a file inside WSL.
+ */
+export async function wslWriteFile(filepath, content) {
+  await execa("wsl", ["-e", "tee", filepath], {
+    input: content,
+    timeout: 5000,
+    stdout: "ignore",
+  });
+}
+
+/**
+ * Get the version string for a command inside WSL.
+ * Returns the first line of output, or null if the command fails.
+ */
+export async function wslCmdVersion(cmd, args = ["--version"]) {
+  try {
+    const { stdout } = await execa("wsl", ["-e", cmd, ...args], {
+      reject: false,
+      timeout: 10000,
+    });
+    return stdout?.split("\n")[0]?.trim() || null;
+  } catch {
+    return null;
+  }
+}