npm - @mkterswingman/5mghost-yonder - Versions diffs - 0.0.33 → 0.0.34 - Mend

@mkterswingman/5mghost-yonder 0.0.33 → 0.0.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +3 -3
package/dist/cli/setupCookies.js +3 -18
package/dist/download/downloader.js +17 -4
package/dist/utils/cookieRefresh.d.ts +4 -8
package/dist/utils/cookieRefresh.js +8 -50
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -18,8 +18,8 @@ The bootstrap installer:
 - installs required runtimes (`playwright`, `yt-dlp`, `ffmpeg`)
 - runs `yt-mcp setup`
 - runs `yt-mcp smoke` to verify MCP startup and authenticated remote access
-- first tries a headless YouTube cookie import from your local Chrome/Edge session
-- only asks to open a visible browser for YouTube login if the headless import fails
+- opens a dedicated Playwright browser profile for YouTube login
+- keeps cookie refresh inside the same dedicated profile (does not import system Chrome/Edge profiles)
 - in unattended installs, defaults to OAuth auth mode and defaults to headed cookie setup after the prompt timeout
 - in installer mode, OAuth waits up to `180s` and prints PAT fallback commands before waiting
 - if auth is still incomplete after `setup`, the installer stops before smoke tests and YouTube cookie setup instead of pretending the install fully passed
@@ -57,7 +57,7 @@ Media download runtime expectations:
 - `smoke` — run the installer smoke checks (`search_videos`, plus `validate_cookies` with `--subtitles`)
 - `runtime` — install, update, or check required runtimes
 - `check` — inspect shared auth, runtime status, and YouTube cookies
-- `setup-cookies` — first try importing an existing YouTube login from the most recently active local Chrome/Edge profile on macOS or Windows with a headless real-browser CDP probe, then fall back to manual browser login
+- `setup-cookies` — open a dedicated Playwright browser profile for manual YouTube login and save cookies locally
 - `uninstall` — remove MCP registrations and local `~/.yt-mcp` config
 - `update` — update the main package and required runtimes
 - `version` — print the installed version

package/dist/cli/setupCookies.js CHANGED Viewed

@@ -421,6 +421,9 @@ export function parseSetupCookiesArgs(argv) {
 export async function runSetupCookies(overrides = {}, options = {}) {
     const deps = buildSetupCookiesDeps(overrides);
     deps.log("\n🍪 YouTube Cookie Setup\n");
+    if (options.importOnly && !options.headed) {
+        throw new Error("setup-cookies --import-only mode is no longer supported. Use headed login instead.");
+    }
     deps.ensureConfigDir();
     let chromium;
     try {
@@ -429,23 +432,5 @@ export async function runSetupCookies(overrides = {}, options = {}) {
     catch {
         throw new Error("Playwright runtime is not installed.\nRun: yt-mcp runtime install");
     }
-    if (!options.headed) {
-        let imported = false;
-        try {
-            imported = await deps.tryImportBrowserCookies(chromium, deps);
-        }
-        catch (err) {
-            if (!(err instanceof BrowserProfileLockedError) || options.importOnly) {
-                throw err;
-            }
-            deps.log(`${err.message}\n`);
-        }
-        if (imported) {
-            return;
-        }
-    }
-    if (options.importOnly && !options.headed) {
-        throw new Error("No reusable YouTube session found in local Chrome/Edge profiles");
-    }
     await deps.runManualCookieSetup(chromium, deps);
 }

package/dist/download/downloader.js CHANGED Viewed

@@ -34,11 +34,24 @@ export async function downloadOneItem(input) {
         await deps.rm(input.item.output_dir, { recursive: true, force: true });
         await deps.mkdir(input.item.output_dir, { recursive: true });
         await deps.mkdir(subtitlesDir, { recursive: true });
-        const metadata = await deps.fetchMetadata({
+        const metadataInput = {
             sourceUrl: input.item.source_url,
             videoId: input.item.video_id,
             title: input.item.title,
-        });
+        };
+        let metadata;
+        try {
+            metadata = await deps.fetchMetadata(metadataInput);
+        }
+        catch (error) {
+            const failureKind = classifyRefreshableFailure(error);
+            if (failureKind != null && failureKind !== "RATE_LIMITED" && await deps.refreshCookies()) {
+                metadata = await deps.fetchMetadata(metadataInput);
+            }
+            else {
+                throw error;
+            }
+        }
         const result = {
             video_file: null,
             metadata_file: metadataFile,
@@ -63,7 +76,7 @@ export async function downloadOneItem(input) {
                 });
             }
             catch (error) {
-                const failureKind = classifyVideoDownloadError(error);
+                const failureKind = classifyRefreshableFailure(error);
                 if (failureKind != null && failureKind !== "RATE_LIMITED" && await deps.refreshCookies()) {
                     result.video_file = await deps.downloadVideo({
                         sourceUrl: input.item.source_url,
@@ -311,7 +324,7 @@ function sortSubtitleFiles(files) {
         .sort(([left], [right]) => left.localeCompare(right))
         .map(([format, paths]) => [format, [...paths].sort()]));
 }
-function classifyVideoDownloadError(error) {
+function classifyRefreshableFailure(error) {
     const message = error instanceof Error ? error.message : String(error);
     return classifyYtDlpFailure(message);
 }

package/dist/utils/cookieRefresh.d.ts CHANGED Viewed

@@ -1,19 +1,15 @@
 /**
- * Cookie auto-refresh with three-tier fallback.
+ * Cookie auto-refresh with two-tier fallback.
  *
  * Tier 1: Headless Playwright refresh using existing browser-profile.
  *   If Google session is still valid, cookies are extracted automatically.
  *
- * Tier 2: Re-import from system Chrome/Edge (headless, about:blank).
- *   Copies the real browser profile to a temp dir and reads cookies via CDP
- *   without making any network requests (avoids Google token rotation).
- *
- * Tier 3: Open a headed browser for manual user login.
+ * Tier 2: Open a headed browser for manual user login.
  *   Blocks the MCP tool call for up to ~2 minutes while the user logs in.
- *   Creates browser-profile so Tier 1 works next time.
+ *   Uses the dedicated yt-mcp profile so refresh never touches system profiles.
  */
 /**
- * Attempt to refresh YouTube cookies through a three-tier fallback chain.
+ * Attempt to refresh YouTube cookies through the dedicated two-tier fallback chain.
  *
  * @returns true if cookies were refreshed, false if all tiers failed.
  */

package/dist/utils/cookieRefresh.js CHANGED Viewed

@@ -1,16 +1,12 @@
 /**
- * Cookie auto-refresh with three-tier fallback.
+ * Cookie auto-refresh with two-tier fallback.
  *
  * Tier 1: Headless Playwright refresh using existing browser-profile.
  *   If Google session is still valid, cookies are extracted automatically.
  *
- * Tier 2: Re-import from system Chrome/Edge (headless, about:blank).
- *   Copies the real browser profile to a temp dir and reads cookies via CDP
- *   without making any network requests (avoids Google token rotation).
- *
- * Tier 3: Open a headed browser for manual user login.
+ * Tier 2: Open a headed browser for manual user login.
  *   Blocks the MCP tool call for up to ~2 minutes while the user logs in.
- *   Creates browser-profile so Tier 1 works next time.
+ *   Uses the dedicated yt-mcp profile so refresh never touches system profiles.
  */
 import { existsSync } from "node:fs";
 import { PATHS, ensureConfigDir } from "./config.js";
@@ -18,7 +14,7 @@ import { detectBrowserChannel, hasYouTubeSession, saveCookiesToDisk, } from "../
 import { hasSIDCookies } from "./cookies.js";
 const HEADLESS_TIMEOUT_MS = 30_000;
 /**
- * Attempt to refresh YouTube cookies through a three-tier fallback chain.
+ * Attempt to refresh YouTube cookies through the dedicated two-tier fallback chain.
  *
  * @returns true if cookies were refreshed, false if all tiers failed.
  */
@@ -30,13 +26,8 @@ export async function tryHeadlessRefresh() {
         if (tier1)
             return true;
     }
-    // Tier 2: Re-import from system browser (headless, no network requests)
-    const tier2 = await tryReimportFromSystemBrowser();
-    if (tier2)
-        return true;
-    // Tier 3: Open headed browser for manual login
-    const tier3 = await tryHeadedManualLogin();
-    return tier3;
+    // Tier 2: Open headed browser for manual login
+    return tryHeadedManualLogin();
 }
 /**
  * Tier 1: Use existing browser-profile with Playwright to refresh cookies.
@@ -84,42 +75,9 @@ async function tryPlaywrightRefresh() {
     }
 }
 /**
- * Tier 2: Re-import cookies from the user's system Chrome/Edge.
- * Uses headless Chrome with about:blank to avoid triggering Google token rotation.
- */
-async function tryReimportFromSystemBrowser() {
-    try {
-        const pw = await import("playwright");
-        const { tryImportBrowserCookies, saveCookiesAndClose, readImportedBrowserCookies, } = await import("../cli/setupCookies.js");
-        const { findImportableBrowserProfileCandidates, prepareImportedBrowserWorkspace, cleanupImportedBrowserWorkspace, } = await import("./browserProfileImport.js");
-        const deps = {
-            ensureConfigDir,
-            loadChromium: async () => pw.chromium,
-            detectBrowserChannel,
-            hasYouTubeSession,
-            saveCookiesAndClose,
-            // Why: waitForLogin is unused in import path but required by SetupCookiesDeps type
-            waitForLogin: async () => null,
-            findImportableBrowserProfileCandidates,
-            prepareImportedBrowserWorkspace,
-            cleanupImportedBrowserWorkspace,
-            readImportedBrowserCookies,
-            tryImportBrowserCookies,
-            // Why: runManualCookieSetup is unused in import path but required by type
-            runManualCookieSetup: async () => { },
-            // Why: silent logging during auto-refresh — user doesn't see MCP server stdout
-            log: () => { },
-        };
-        return await tryImportBrowserCookies(pw.chromium, deps);
-    }
-    catch {
-        return false;
-    }
-}
-/**
- * Tier 3: Open a headed browser for the user to manually log in.
+ * Tier 2: Open a headed browser for the user to manually log in.
  * Blocks the MCP tool call for up to ~2 minutes.
- * Creates browser-profile so Tier 1 works for future refreshes.
+ * Uses the dedicated yt-mcp browser-profile for future Tier 1 refreshes.
  */
 async function tryHeadedManualLogin() {
     try {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mkterswingman/5mghost-yonder",
-  "version": "0.0.33",
+  "version": "0.0.34",
   "description": "Internal MCP client with local data tools and remote API proxy",
   "type": "module",
   "bin": {