@mkterswingman/5mghost-yonder 0.0.1 → 0.0.3

package/README.md

@@ -5,15 +5,56 @@ Internal MCP server package for 5mghost workflows.
 ## Quick Start
 
 ```bash
-npx @mkterswingman/5mghost-yonder setup
+curl -fsSL https://mkterswingman.com/install/yt-mcp.sh | bash
 ```
 
-The setup command configures auth, optional YouTube cookies, and prints MCP config for supported AI clients.
+```powershell
+powershell -ExecutionPolicy Bypass -Command "irm https://mkterswingman.com/install/yt-mcp.ps1 | iex"
+```
+
+```
+
+The bootstrap installer:
+
+- installs the npm package
+- installs required runtimes (`playwright`, `yt-dlp`, `ffmpeg`)
+- runs `yt-mcp setup`
+- runs `yt-mcp smoke` to verify MCP startup and authenticated remote access
+- asks whether to configure YouTube cookies now; if you confirm, it runs `yt-mcp setup-cookies` and a subtitle smoke check immediately
+
+If you are working inside the repo instead of using the hosted installer:
+
+```bash
+bash scripts/install.sh
+```
+
+```powershell
+powershell -ExecutionPolicy Bypass -File .\scripts\install.ps1
+```
+
+`yt-mcp` stores first-party shared auth at `~/.mkterswingman/auth.json`, so logging in here also covers other first-party local MCPs on the same machine. YouTube cookies remain local to `~/.yt-mcp/`.
+
+Client registration notes:
+
+- `setup` auto-registers Claude/Codex/Gemini/OpenCode when their CLI supports `mcp add`
+- OpenClaw is registered by writing `mcporter.json` directly, which avoids Windows path escaping issues
+- pasted PAT tokens are stored in `~/.mkterswingman/auth.json`; client `env.YT_MCP_TOKEN` is optional after setup
+
+Media download runtime expectations:
+
+- `start_download_job` and `poll_download_job` are job-based local tools
+- `ffmpeg` is required for video download modes
+- each job handles up to 5 YouTube videos
+- downloads are written to `~/Downloads/yt-mcp/YYYY-MM-DD_<video_id>`
 
 ## Commands
 
 - `setup` — first-time setup
 - `serve` — start the stdio MCP server
+- `smoke` — run the installer smoke checks (`search_videos`, plus `validate_cookies` with `--subtitles`)
+- `runtime` — install, update, or check required runtimes
+- `check` — inspect shared auth, runtime status, and YouTube cookies
 - `setup-cookies` — refresh YouTube cookies
-- `update` — update to the latest npm version
+- `uninstall` — remove MCP registrations and local `~/.yt-mcp` config
+- `update` — update the main package and required runtimes
 - `version` — print the installed version

package/dist/auth/sharedAuth.d.ts

@@ -0,0 +1,10 @@
+export interface SharedAuthData {
+    type: "jwt" | "pat";
+    access_token?: string;
+    refresh_token?: string;
+    expires_at?: number;
+    client_id?: string;
+    pat?: string;
+}
+export declare function readSharedAuth(authPath: string): SharedAuthData | null;
+export declare function writeSharedAuth(authPath: string, data: SharedAuthData): void;

package/dist/auth/sharedAuth.js

@@ -0,0 +1,24 @@
+import { chmodSync, existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from "node:fs";
+import { dirname } from "node:path";
+export function readSharedAuth(authPath) {
+    if (!existsSync(authPath))
+        return null;
+    try {
+        return JSON.parse(readFileSync(authPath, "utf8"));
+    }
+    catch {
+        return null;
+    }
+}
+export function writeSharedAuth(authPath, data) {
+    mkdirSync(dirname(authPath), { recursive: true });
+    const tempPath = `${authPath}.tmp`;
+    writeFileSync(tempPath, JSON.stringify(data, null, 2), { encoding: "utf8", mode: 0o600 });
+    renameSync(tempPath, authPath);
+    try {
+        chmodSync(authPath, 0o600);
+    }
+    catch {
+        // Why: chmod is best-effort on Windows and should not block auth persistence.
+    }
+}

package/dist/auth/tokenManager.d.ts

@@ -1,9 +1,18 @@
+interface TokenManagerOptions {
+    authPath?: string;
+    env?: NodeJS.ProcessEnv;
+    fetchImpl?: typeof fetch;
+}
 export declare class TokenManager {
     private authUrl;
-    constructor(authUrl: string);
+    private authPath;
+    private env;
+    private fetchImpl;
+    constructor(authUrl: string, options?: TokenManagerOptions);
     getValidToken(): Promise<string | null>;
     saveTokens(accessToken: string, refreshToken: string, expiresIn: number, clientId?: string): Promise<void>;
     savePAT(pat: string): Promise<void>;
     private readAuth;
     private refreshTokens;
 }
+export {};

package/dist/auth/tokenManager.js

@@ -1,13 +1,19 @@
-import { existsSync, readFileSync, writeFileSync } from "node:fs";
-import { PATHS, ensureConfigDir } from "../utils/config.js";
+import { PATHS } from "../utils/config.js";
+import { readSharedAuth, writeSharedAuth } from "./sharedAuth.js";
 export class TokenManager {
     authUrl;
-    constructor(authUrl) {
+    authPath;
+    env;
+    fetchImpl;
+    constructor(authUrl, options = {}) {
         this.authUrl = authUrl;
+        this.authPath = options.authPath ?? PATHS.sharedAuthJson;
+        this.env = options.env ?? process.env;
+        this.fetchImpl = options.fetchImpl ?? fetch;
     }
     async getValidToken() {
         // Check env var PAT first
-        const envPat = process.env.YT_MCP_TOKEN;
+        const envPat = this.env.YT_MCP_TOKEN;
         if (envPat)
             return envPat;
         const auth = this.readAuth();
@@ -38,7 +44,6 @@ export class TokenManager {
         return null;
     }
     async saveTokens(accessToken, refreshToken, expiresIn, clientId) {
-        ensureConfigDir();
         const data = {
             type: "jwt",
             access_token: accessToken,
@@ -46,30 +51,17 @@ export class TokenManager {
             expires_at: Date.now() + expiresIn * 1000,
             client_id: clientId,
         };
-        writeFileSync(PATHS.authJson, JSON.stringify(data, null, 2), {
-            mode: 0o600,
-        });
+        writeSharedAuth(this.authPath, data);
     }
     async savePAT(pat) {
-        ensureConfigDir();
         const data = {
             type: "pat",
             pat,
         };
-        writeFileSync(PATHS.authJson, JSON.stringify(data, null, 2), {
-            mode: 0o600,
-        });
+        writeSharedAuth(this.authPath, data);
     }
     readAuth() {
-        if (!existsSync(PATHS.authJson))
-            return null;
-        try {
-            const raw = readFileSync(PATHS.authJson, "utf8");
-            return JSON.parse(raw);
-        }
-        catch {
-            return null;
-        }
+        return readSharedAuth(this.authPath);
     }
     async refreshTokens(refreshToken, clientId) {
         const url = `${this.authUrl}/oauth/token`;
@@ -80,7 +72,7 @@ export class TokenManager {
         if (clientId) {
             body.client_id = clientId;
         }
-        const res = await fetch(url, {
+        const res = await this.fetchImpl(url, {
             method: "POST",
             headers: { "Content-Type": "application/json" },
             body: JSON.stringify(body),

package/dist/cli/check.d.ts

@@ -0,0 +1,4 @@
+/**
+ * `yt-mcp check` — verify token, cookies, yt-dlp, and remote API connectivity.
+ */
+export declare function runCheck(): Promise<void>;

package/dist/cli/check.js

@@ -0,0 +1,90 @@
+import { existsSync } from "node:fs";
+import { PATHS, loadConfig } from "../utils/config.js";
+import { TokenManager } from "../auth/tokenManager.js";
+import { hasSIDCookies, areCookiesExpired } from "../utils/cookies.js";
+import { getYtDlpVersion } from "../utils/ytdlpPath.js";
+import { runRuntimeCommand } from "./runtime.js";
+/**
+ * `yt-mcp check` — verify token, cookies, yt-dlp, and remote API connectivity.
+ */
+export async function runCheck() {
+    const config = loadConfig();
+    const tm = new TokenManager(config.auth_url);
+    console.log("yt-mcp check\n");
+    // 1. Token
+    const token = await tm.getValidToken();
+    if (token) {
+        const masked = token.slice(0, 8) + "...";
+        const source = process.env.YT_MCP_TOKEN ? "env" : PATHS.sharedAuthJson;
+        console.log(`🔑 Shared auth: ✅ present (${masked}) [${source}]`);
+        // Server verification
+        try {
+            const res = await fetch(`${config.auth_url}/api/me`, {
+                headers: { Authorization: `Bearer ${token}` },
+                signal: AbortSignal.timeout(10_000),
+            });
+            if (res.ok) {
+                console.log("🔐 Server verification: ✅ active");
+            }
+            else {
+                console.log(`🔐 Server verification: ❌ ${res.status} ${res.statusText}`);
+                console.log("   Run `yt-mcp setup` to re-authenticate.");
+            }
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            console.log(`🔐 Server verification: ⚠️  unreachable (${msg})`);
+        }
+    }
+    else {
+        console.log("🔑 Shared auth: ❌ not configured");
+        console.log("   Run `yt-mcp setup` or set YT_MCP_TOKEN env var");
+    }
+    console.log("");
+    console.log(await runRuntimeCommand("check"));
+    // 2. Cookies
+    if (existsSync(PATHS.cookiesTxt)) {
+        const hasSID = hasSIDCookies(PATHS.cookiesTxt);
+        const expired = areCookiesExpired(PATHS.cookiesTxt);
+        if (hasSID && !expired) {
+            console.log("🍪 Cookies: ✅ valid (SID present, not expired)");
+        }
+        else if (hasSID && expired) {
+            console.log("🍪 Cookies: ❌ expired");
+            console.log("   Run `yt-mcp setup-cookies` to refresh");
+        }
+        else {
+            console.log("🍪 Cookies: ❌ no YouTube session cookies found");
+            console.log("   Run `yt-mcp setup-cookies`");
+        }
+    }
+    else {
+        console.log("🍪 Cookies: ❌ not found");
+        console.log("   Run `yt-mcp setup-cookies`");
+    }
+    // 3. yt-dlp
+    const ytdlp = getYtDlpVersion();
+    if (ytdlp) {
+        console.log(`🎬 yt-dlp: ✅ ${ytdlp.version} (${ytdlp.source})`);
+    }
+    else {
+        console.log("🎬 yt-dlp: ❌ not found");
+        console.log("   Install: brew install yt-dlp (or pip install yt-dlp)");
+    }
+    // 4. Remote API
+    try {
+        const res = await fetch(`${config.api_url}/healthz`, {
+            signal: AbortSignal.timeout(10_000),
+        });
+        if (res.ok) {
+            console.log(`🌐 Remote API: ✅ reachable (${config.api_url})`);
+        }
+        else {
+            console.log(`🌐 Remote API: ⚠️  ${res.status} ${res.statusText}`);
+        }
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.log(`🌐 Remote API: ❌ unreachable (${msg})`);
+    }
+}

package/dist/cli/index.d.ts

@@ -1,2 +1,16 @@
 #!/usr/bin/env node
-export {};
+export declare function buildHelpText(version: string): string;
+export interface UnifiedUpdateDeps {
+    getCurrentVersion(): string;
+    getLatestVersion(): Promise<string>;
+    installLatestPackage(): Promise<void>;
+    updateRuntime(): Promise<import("../runtime/installers.js").RuntimeSummary>;
+}
+export declare function runUnifiedUpdate(deps: UnifiedUpdateDeps): Promise<{
+    package: {
+        currentVersion: string;
+        latestVersion: string;
+        updated: boolean;
+    };
+    runtime: import("../runtime/installers.js").RuntimeSummary;
+}>;

package/dist/cli/index.js

@@ -14,6 +14,41 @@ function getVersion() {
         return "unknown";
     }
 }
+export function buildHelpText(version) {
+    return `
+yt-mcp v${version}
+
+Usage: yt-mcp <command>
+
+Commands:
+  setup          Run first-time setup (OAuth + cookies + MCP registration)
+  serve          Start the MCP server (stdio transport)
+  smoke          Run installer smoke checks
+  setup-cookies  Refresh YouTube cookies using browser login
+  runtime        Manage required runtimes
+  check          Check auth, runtime, cookies, and connectivity
+  uninstall      Remove MCP registrations and local yt-mcp config
+  update         Update the main package and required runtimes
+  version        Show current version
+
+Environment variables:
+  YT_MCP_TOKEN   Personal Access Token (skips OAuth)
+`;
+}
+export async function runUnifiedUpdate(deps) {
+    const currentVersion = deps.getCurrentVersion();
+    const latestVersion = await deps.getLatestVersion();
+    let updated = false;
+    if (latestVersion !== currentVersion) {
+        await deps.installLatestPackage();
+        updated = true;
+    }
+    const runtime = await deps.updateRuntime();
+    return {
+        package: { currentVersion, latestVersion, updated },
+        runtime,
+    };
+}
 const command = process.argv[2];
 async function main() {
     switch (command) {
@@ -27,31 +62,59 @@ async function main() {
             await runServe();
             break;
         }
+        case "smoke": {
+            const { runSmoke } = await import("./smoke.js");
+            await runSmoke(process.argv.slice(3));
+            break;
+        }
         case "setup-cookies": {
             const { runSetupCookies } = await import("./setupCookies.js");
             await runSetupCookies();
             break;
         }
+        case "uninstall": {
+            const { runUninstall } = await import("./uninstall.js");
+            await runUninstall();
+            break;
+        }
+        case "runtime": {
+            const { runRuntimeCli } = await import("./runtime.js");
+            await runRuntimeCli(process.argv[3]);
+            break;
+        }
+        case "check": {
+            const { runCheck } = await import("./check.js");
+            await runCheck();
+            break;
+        }
         case "update": {
             const current = getVersion();
             console.log(`Current version: ${current}`);
             console.log("Checking for updates...\n");
             try {
-                const latest = execSync("npm view @mkterswingman/5mghost-yonder version", {
-                    encoding: "utf8",
-                    stdio: ["ignore", "pipe", "ignore"],
-                }).trim();
-                if (latest === current) {
-                    console.log(`✅ Already on the latest version (${current})`);
+                const { updateAll } = await import("../runtime/installers.js");
+                const summary = await runUnifiedUpdate({
+                    getCurrentVersion: getVersion,
+                    getLatestVersion: async () => execSync("npm view @mkterswingman/5mghost-yonder version", {
+                        encoding: "utf8",
+                        stdio: ["ignore", "pipe", "ignore"],
+                    }).trim(),
+                    installLatestPackage: async () => {
+                        execSync("npm install -g @mkterswingman/5mghost-yonder@latest", {
+                            stdio: "inherit",
+                        });
+                    },
+                    updateRuntime: updateAll,
+                });
+                if (summary.package.updated) {
+                    console.log(`\n✅ Updated package to ${summary.package.latestVersion}`);
                 }
                 else {
-                    console.log(`New version available: ${latest}`);
-                    console.log("Updating...\n");
-                    execSync("npm install -g @mkterswingman/5mghost-yonder@latest", {
-                        stdio: "inherit",
-                    });
-                    console.log(`\n✅ Updated to ${latest}`);
+                    console.log(`✅ Already on the latest version (${summary.package.currentVersion})`);
                 }
+                console.log("");
+                const { formatRuntimeSummary } = await import("./runtime.js");
+                console.log(formatRuntimeSummary(summary.runtime));
             }
             catch (err) {
                 const msg = err instanceof Error ? err.message : String(err);
@@ -68,21 +131,7 @@ async function main() {
             break;
         }
         default:
-            console.log(`
-yt-mcp v${getVersion()}
-
-Usage: yt-mcp <command>
-
-Commands:
-  setup          Run first-time setup (OAuth + cookies + MCP registration)
-  serve          Start the MCP server (stdio transport)
-  setup-cookies  Refresh YouTube cookies using browser login
-  update         Update to the latest version
-  version        Show current version
-
-Environment variables:
-  YT_MCP_TOKEN   Personal Access Token (skips OAuth)
-`);
+            console.log(buildHelpText(getVersion()));
             process.exit(command ? 1 : 0);
     }
 }

package/dist/cli/runtime.d.ts

@@ -0,0 +1,9 @@
+import { type RuntimeSummary } from "../runtime/installers.js";
+export interface RuntimeCommandDeps {
+    installAll(): Promise<RuntimeSummary>;
+    updateAll(): Promise<RuntimeSummary>;
+    checkAll(): Promise<RuntimeSummary>;
+}
+export declare function formatRuntimeSummary(summary: RuntimeSummary): string;
+export declare function runRuntimeCommand(action: "install" | "update" | "check", deps?: RuntimeCommandDeps): Promise<string>;
+export declare function runRuntimeCli(action?: string): Promise<void>;

package/dist/cli/runtime.js

@@ -0,0 +1,35 @@
+import { checkAll, installAll, updateAll } from "../runtime/installers.js";
+export function formatRuntimeSummary(summary) {
+    const lines = [`Runtime ${summary.action} completed`];
+    for (const component of summary.components) {
+        const base = `${component.name}: ${component.status} (${component.source}`;
+        if (component.version) {
+            lines.push(`${base}, ${component.version})`);
+        }
+        else if (component.message) {
+            lines.push(`${base}) — ${component.message}`);
+        }
+        else {
+            lines.push(`${base})`);
+        }
+    }
+    return lines.join("\n");
+}
+export async function runRuntimeCommand(action, deps = {
+    installAll,
+    updateAll,
+    checkAll,
+}) {
+    const summary = action === "install"
+        ? await deps.installAll()
+        : action === "update"
+            ? await deps.updateAll()
+            : await deps.checkAll();
+    return formatRuntimeSummary(summary);
+}
+export async function runRuntimeCli(action = "check") {
+    const normalized = action === "install" || action === "update" || action === "check"
+        ? action
+        : "check";
+    console.log(await runRuntimeCommand(normalized));
+}

package/dist/cli/serve.js

@@ -1,16 +1,18 @@
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { loadConfig } from "../utils/config.js";
 import { TokenManager } from "../auth/tokenManager.js";
+import { DownloadJobManager } from "../download/jobManager.js";
 import { createServer } from "../server.js";
 export async function runServe() {
     const config = loadConfig();
     const tokenManager = new TokenManager(config.auth_url);
+    const downloadJobManager = new DownloadJobManager();
     // PAT mode via env var (don't persist — just keep in memory for this session)
     const pat = process.env.YT_MCP_TOKEN;
     if (pat) {
         await tokenManager.savePAT(pat);
     }
-    const server = await createServer(config, tokenManager);
+    const server = await createServer(config, tokenManager, downloadJobManager);
     const transport = new StdioServerTransport();
     await server.connect(transport);
     process.on("SIGINT", async () => {