@moxxy/cli 0.1.3 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin.js +48 -22
- package/dist/bin.js.map +1 -1
- package/package.json +2 -4
package/dist/bin.js
CHANGED
|
@@ -90305,14 +90305,14 @@ function randomCode(digits = 6) {
|
|
|
90305
90305
|
}
|
|
90306
90306
|
|
|
90307
90307
|
// ../plugin-vault/dist/keysource.js
|
|
90308
|
-
var
|
|
90309
|
-
var
|
|
90308
|
+
var KEYCHAIN_SERVICE = "moxxy";
|
|
90309
|
+
var KEYCHAIN_ACCOUNT = "vault-master-key";
|
|
90310
90310
|
function createCombinedKeySource(opts) {
|
|
90311
90311
|
let resolvedName = "unknown";
|
|
90312
90312
|
const diskPath = resolveDiskPath(opts.diskKeyPath);
|
|
90313
90313
|
const persistKey = async (keyB64) => {
|
|
90314
90314
|
if (!opts.disableKeytar)
|
|
90315
|
-
await
|
|
90315
|
+
await tryKeychainSet(keyB64);
|
|
90316
90316
|
if (diskPath)
|
|
90317
90317
|
await tryDiskSet(diskPath, keyB64);
|
|
90318
90318
|
};
|
|
@@ -90328,9 +90328,9 @@ function createCombinedKeySource(opts) {
|
|
|
90328
90328
|
return deriveKey(envValue, salt);
|
|
90329
90329
|
}
|
|
90330
90330
|
if (!opts.disableKeytar) {
|
|
90331
|
-
const fromKeychain = await
|
|
90331
|
+
const fromKeychain = await tryKeychainGet();
|
|
90332
90332
|
if (fromKeychain) {
|
|
90333
|
-
resolvedName = "
|
|
90333
|
+
resolvedName = "keychain";
|
|
90334
90334
|
if (diskPath)
|
|
90335
90335
|
void tryDiskSet(diskPath, fromKeychain);
|
|
90336
90336
|
return Buffer.from(fromKeychain, "base64");
|
|
@@ -90341,7 +90341,7 @@ function createCombinedKeySource(opts) {
|
|
|
90341
90341
|
if (fromDisk) {
|
|
90342
90342
|
resolvedName = `file:${diskPath}`;
|
|
90343
90343
|
if (!opts.disableKeytar)
|
|
90344
|
-
void
|
|
90344
|
+
void tryKeychainSet(fromDisk);
|
|
90345
90345
|
return Buffer.from(fromDisk, "base64");
|
|
90346
90346
|
}
|
|
90347
90347
|
}
|
|
@@ -90377,24 +90377,22 @@ async function tryDiskSet(filePath, value) {
|
|
|
90377
90377
|
} catch {
|
|
90378
90378
|
}
|
|
90379
90379
|
}
|
|
90380
|
-
async function
|
|
90380
|
+
async function tryKeychainGet() {
|
|
90381
90381
|
try {
|
|
90382
|
-
const mod = await import('
|
|
90383
|
-
|
|
90384
|
-
if (!fn)
|
|
90382
|
+
const mod = await import('@napi-rs/keyring');
|
|
90383
|
+
if (!mod.Entry)
|
|
90385
90384
|
return null;
|
|
90386
|
-
return
|
|
90385
|
+
return new mod.Entry(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT).getPassword() || null;
|
|
90387
90386
|
} catch {
|
|
90388
90387
|
return null;
|
|
90389
90388
|
}
|
|
90390
90389
|
}
|
|
90391
|
-
async function
|
|
90390
|
+
async function tryKeychainSet(value) {
|
|
90392
90391
|
try {
|
|
90393
|
-
const mod = await import('
|
|
90394
|
-
|
|
90395
|
-
if (!fn)
|
|
90392
|
+
const mod = await import('@napi-rs/keyring');
|
|
90393
|
+
if (!mod.Entry)
|
|
90396
90394
|
return;
|
|
90397
|
-
|
|
90395
|
+
new mod.Entry(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT).setPassword(value);
|
|
90398
90396
|
} catch {
|
|
90399
90397
|
}
|
|
90400
90398
|
}
|
|
@@ -90405,7 +90403,7 @@ var VaultPassphraseError = class extends Error {
|
|
|
90405
90403
|
super(`Wrong vault passphrase for ${filePath}.
|
|
90406
90404
|
If you've forgotten it, wipe the vault and key cache, then re-run \`moxxy init\`:
|
|
90407
90405
|
rm ${filePath} ~/.moxxy/vault.key
|
|
90408
|
-
(If
|
|
90406
|
+
(If the OS keychain holds a cached key, also clear it: \`security delete-generic-password -s moxxy\` on macOS.)
|
|
90409
90407
|
Or set MOXXY_VAULT_PASSPHRASE to a known value to skip the prompt entirely.`);
|
|
90410
90408
|
this.filePath = filePath;
|
|
90411
90409
|
this.name = "VaultPassphraseError";
|
|
@@ -118363,7 +118361,10 @@ async function setupSessionWithConfig(opts) {
|
|
|
118363
118361
|
skipUser: opts.skipUserConfig
|
|
118364
118362
|
});
|
|
118365
118363
|
progress({ kind: "config-loaded", sources: sources.length });
|
|
118366
|
-
const { plugin: vaultPlugin, vault } = buildVaultPlugin({
|
|
118364
|
+
const { plugin: vaultPlugin, vault } = buildVaultPlugin({
|
|
118365
|
+
disableKeytar: opts.disableKeytar,
|
|
118366
|
+
...opts.passphrasePrompt ? { passphrasePrompt: opts.passphrasePrompt } : {}
|
|
118367
|
+
});
|
|
118367
118368
|
const config = await resolveConfigPlaceholders(rawConfig, vault, logger);
|
|
118368
118369
|
const session = await buildSession({
|
|
118369
118370
|
cwd: opts.cwd,
|
|
@@ -120075,15 +120076,17 @@ function renderLogo(width = process.stdout.columns ?? 80, opts = {}) {
|
|
|
120075
120076
|
return "\n" + body + "\n\n";
|
|
120076
120077
|
}
|
|
120077
120078
|
async function runInitCommand(argv) {
|
|
120079
|
+
const interactive = Boolean(process.stdin.isTTY);
|
|
120078
120080
|
const { session, vault } = await bootSessionWithConfig(argv, {
|
|
120079
120081
|
skipKeyPrompt: true,
|
|
120080
|
-
skipProviderActivation: true
|
|
120082
|
+
skipProviderActivation: true,
|
|
120083
|
+
...interactive ? { passphrasePrompt: promptVaultPassphrase } : {}
|
|
120081
120084
|
});
|
|
120082
|
-
if (!
|
|
120085
|
+
if (!interactive) {
|
|
120083
120086
|
return await runHeadlessInit(session, vault);
|
|
120084
120087
|
}
|
|
120085
|
-
await vault.open();
|
|
120086
120088
|
process.stdout.write(renderLogo());
|
|
120089
|
+
await vault.open();
|
|
120087
120090
|
const providerDefs = session.providers.list();
|
|
120088
120091
|
const defsByName = new Map(providerDefs.map((d2) => [d2.name, d2]));
|
|
120089
120092
|
const providers = providerDefs.map((p3) => {
|
|
@@ -120171,6 +120174,26 @@ async function runHeadlessInit(session, vault) {
|
|
|
120171
120174
|
`);
|
|
120172
120175
|
return 0;
|
|
120173
120176
|
}
|
|
120177
|
+
async function promptVaultPassphrase() {
|
|
120178
|
+
Se2(
|
|
120179
|
+
[
|
|
120180
|
+
"moxxy keeps your API keys in a local encrypted vault.",
|
|
120181
|
+
"Choose a passphrase to protect it \u2014 it's cached in your OS keychain",
|
|
120182
|
+
`(or ${colors.dim("~/.moxxy/vault.key")}) so you won't be asked again.`,
|
|
120183
|
+
`Tip: set ${colors.bold("MOXXY_VAULT_PASSPHRASE")} to skip this prompt.`
|
|
120184
|
+
].join("\n"),
|
|
120185
|
+
"Step 0 \u2014 Vault passphrase"
|
|
120186
|
+
);
|
|
120187
|
+
const value = await Ce2({
|
|
120188
|
+
message: "Set a vault passphrase",
|
|
120189
|
+
validate: (v3) => v3 && v3.trim().length > 0 ? void 0 : "Enter a passphrase (esc to cancel)."
|
|
120190
|
+
});
|
|
120191
|
+
if (q2(value)) {
|
|
120192
|
+
me2("Setup cancelled. Run `moxxy init` again when you are ready.");
|
|
120193
|
+
process.exit(1);
|
|
120194
|
+
}
|
|
120195
|
+
return value.trim();
|
|
120196
|
+
}
|
|
120174
120197
|
function providerAuthKind(def) {
|
|
120175
120198
|
return def.auth?.kind === "oauth" ? "oauth" : "apiKey";
|
|
120176
120199
|
}
|
|
@@ -123343,7 +123366,10 @@ async function runServeStatus(except, all) {
|
|
|
123343
123366
|
return 0;
|
|
123344
123367
|
}
|
|
123345
123368
|
async function runServeForeground(argv, except, all) {
|
|
123346
|
-
const setup = await bootSessionWithConfig(argv, {
|
|
123369
|
+
const setup = await bootSessionWithConfig(argv, {
|
|
123370
|
+
skipKeyPrompt: true,
|
|
123371
|
+
tolerateNoProvider: true
|
|
123372
|
+
});
|
|
123347
123373
|
const { session, vault, config, scheduler, webhooks } = setup;
|
|
123348
123374
|
const setupHandle = { scheduler, webhooks };
|
|
123349
123375
|
let runnerServer;
|