npm - @moxxy/cli - Versions diffs - 0.8.2 → 0.9.0 - Mend

@moxxy/cli 0.8.2 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bin.js CHANGED Viewed

@@ -134374,13 +134374,14 @@ async function createWebSocketTransportServer(opts) {
   const host = opts.host ?? "127.0.0.1";
   const maxConnections = opts.maxConnections ?? DEFAULT_MAX_CONNECTIONS;
   let currentToken = opts.authToken;
+  let currentAllowedOrigins = opts.allowedOrigins ?? [];
   let connections = 0;
   const wss = new import_websocket_server.default({
     host,
     port: opts.port,
     maxPayload: opts.maxPayloadBytes ?? 64 * 1024 * 1024,
     verifyClient: (info) => {
-      if (!checkWsOrigin(info.req, opts.allowedOrigins)) {
+      if (!checkWsOrigin(info.req, currentAllowedOrigins)) {
         console.warn(`[moxxy] ws bridge: rejected browser-origin upgrade (Origin: ${String(info.req.headers.origin)})`);
         return false;
       }
@@ -134420,6 +134421,9 @@ async function createWebSocketTransportServer(opts) {
       for (const client of wss.clients)
         client.terminate();
     },
+    setAllowedOrigins(origins) {
+      currentAllowedOrigins = [...origins];
+    },
     clientCount() {
       return connections;
     },
@@ -135994,6 +135998,17 @@ var REMOTE_ALLOWED_COMMANDS = /* @__PURE__ */ new Set([
   "session.setMode",
   "session.newSession",
   "session.runCommand",
+  // Multi-session conversations: list/create/switch/rename are conversation-
+  // scoped — the same trust class as `session.newSession` (already allowed),
+  // and what a paired phone needs to mirror the desktop's session list.
+  // `sessions.remove` is deliberately NOT here: it deletes on-disk state
+  // (the runner's session JSONL + the chat NDJSON transcript), a destructive
+  // host mutation in the same class as `desks.remove`, which is also
+  // host-only.
+  "sessions.list",
+  "sessions.create",
+  "sessions.setActive",
+  "sessions.rename",
   // Voice input (capability-probed; transcribe fails coded without a transcriber).
   "session.hasTranscriber",
   "session.transcribe",
@@ -136129,6 +136144,20 @@ var ipcInputSchemas = {
     id: z.string().min(1).max(256),
     name: z.string().min(1).max(200)
   }),
+  // Sessions: create/rename persist the name into the desks JSON (bound it
+  // like desks.create/rename); setActive spawns a runner and remove deletes
+  // the session's on-disk logs, so their ids are bounded too. These commands
+  // are also served to remote (WS) clients, so the bounds are load-bearing.
+  "sessions.create": z.object({
+    deskId: z.string().min(1).max(256).optional(),
+    name: z.string().min(1).max(200).optional()
+  }).optional(),
+  "sessions.setActive": z.object({ id: z.string().min(1).max(256) }),
+  "sessions.remove": z.object({ id: z.string().min(1).max(256) }),
+  "sessions.rename": z.object({
+    id: z.string().min(1).max(256),
+    name: z.string().min(1).max(200)
+  }),
   // Whitelist the fields a renderer may write — `version` is managed by
   // the main process; unknown keys are rejected (.strict()).
   "prefs.update": z.object({
@@ -136136,7 +136165,8 @@ var ipcInputSchemas = {
     clerkUserId: z.string().max(256).nullable().optional(),
     clerkDisplayName: z.string().max(256).nullable().optional(),
     signedInAt: z.number().nullable().optional(),
-    mobileGatewayEnabled: z.boolean().optional()
+    mobileGatewayEnabled: z.boolean().optional(),
+    theme: z.enum(["light", "dark", "system"]).optional()
   }).strict(),
   // Mobile-gateway control. Both no-arg variants pin the payload to "nothing"
   // so a hostile caller can't smuggle args; setEnabled is a strict boolean.
@@ -136524,14 +136554,41 @@ function isWildcardHost(host) {
   const h3 = host.trim().toLowerCase();
   return h3 === "0.0.0.0" || h3 === "::" || h3 === "[::]";
 }
+var VIRTUAL_IFACE = /^(?:utun|tun|tap|ppp|ipsec|wg|zt|ts|tailscale|vmnet|vnic|bridge|docker|veth|awdl|llw|ap|anpi)\d*$/i;
+function isLinkLocalV4(ip) {
+  return ip.startsWith("169.254.");
+}
+function isRfc1918(ip) {
+  if (ip.startsWith("10.") || ip.startsWith("192.168."))
+    return true;
+  const m3 = /^172\.(\d{1,3})\./.exec(ip);
+  return m3 !== null && Number(m3[1]) >= 16 && Number(m3[1]) <= 31;
+}
+function isCgnat(ip) {
+  const m3 = /^100\.(\d{1,3})\./.exec(ip);
+  return m3 !== null && Number(m3[1]) >= 64 && Number(m3[1]) <= 127;
+}
 function lanHost(fallback) {
-  for (const list of Object.values(os5__default.networkInterfaces())) {
+  let best = null;
+  for (const [name, list] of Object.entries(os5__default.networkInterfaces())) {
     for (const ni of list ?? []) {
-      if (ni.family === "IPv4" && !ni.internal)
-        return ni.address;
+      if (ni.family !== "IPv4" || ni.internal)
+        continue;
+      const virtual = VIRTUAL_IFACE.test(name);
+      let rank;
+      if (isLinkLocalV4(ni.address))
+        rank = 5;
+      else if (isRfc1918(ni.address))
+        rank = virtual ? 3 : 1;
+      else if (isCgnat(ni.address))
+        rank = 4;
+      else
+        rank = virtual ? 4 : 2;
+      if (!best || rank < best.rank)
+        best = { address: ni.address, rank };
     }
   }
-  return fallback;
+  return best?.address ?? fallback;
 }
 function advertisedHost(bindHost) {
   if (isWildcardHost(bindHost))
@@ -136547,6 +136604,20 @@ function buildConnectUrl(opts) {
   }
   return `ws://${opts.localHost}:${opts.port}/?t=${t2}`;
 }
+function connectUrlOrigin(url2) {
+  const u2 = new URL(url2);
+  const secure = u2.protocol === "wss:" || u2.protocol === "https:";
+  return `${secure ? "https" : "http"}://${u2.host}`;
+}
+function advertisedOrigins(bindHost, port) {
+  return [
+    .../* @__PURE__ */ new Set([
+      connectUrlOrigin(`ws://${advertisedHost(bindHost)}:${port}`),
+      `http://127.0.0.1:${port}`,
+      `http://localhost:${port}`
+    ])
+  ];
+}
 // ../plugin-channel-mobile/dist/tunnel.js
 function normalizeTunnelChoice(raw) {
@@ -136631,10 +136702,12 @@ var MobileChannel = class {
     this.host = host;
     host.register();
     host.wire();
+    const localOrigins = advertisedOrigins(this.bindHost, this.port);
     const server = await startWsBridge(bus, {
       port: this.port,
       host: this.bindHost,
       authToken: this.token,
+      allowedOrigins: localOrigins,
       // Back-compat ONLY: the QR this channel prints embeds the token as `?t=`
       // (pairing payload); current apps strip it and authenticate via the
       // Sec-WebSocket-Protocol bearer entry, but older installed builds still
@@ -136649,6 +136722,7 @@ var MobileChannel = class {
       try {
         this.tunnel = await provider.open({ port: this.port, host: this.bindHost });
         tunnelUrl = this.tunnel.url;
+        server.setAllowedOrigins([...localOrigins, connectUrlOrigin(tunnelUrl)]);
         this.logger?.info?.("mobile tunnel open", { provider: provider.name, url: tunnelUrl });
       } catch (err) {
         this.logger?.warn?.("mobile tunnel failed; using the local URL", {