@nproxy/cli 0.0.1

package/dist/index.js

@@ -0,0 +1,362 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import { Cli, z } from "incur";
+
+// src/npmrc.ts
+import { readFile, writeFile } from "fs/promises";
+import { homedir } from "os";
+import { join } from "path";
+async function readSlugFromNpmrc(dir = process.cwd()) {
+  const file = join(dir, ".npmrc");
+  let content;
+  try {
+    content = await readFile(file, "utf-8");
+  } catch {
+    return void 0;
+  }
+  const match = content.match(
+    /registry\s*=\s*https:\/\/([^.]+)\.nproxy\.app\/?/
+  );
+  return match?.[1];
+}
+async function readTokenFromNpmrc(slug, dir = process.cwd()) {
+  const file = join(dir, ".npmrc");
+  let content;
+  try {
+    content = await readFile(file, "utf-8");
+  } catch {
+    return void 0;
+  }
+  const escapedSlug = slug.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+  const pattern = new RegExp(
+    `\\/\\/${escapedSlug}\\.nproxy\\.app\\/:_authToken=(.+)`
+  );
+  const match = content.match(pattern);
+  return match?.[1]?.trim();
+}
+function upsertLine(lines, prefix, full) {
+  const idx = lines.findIndex((l) => l.startsWith(prefix));
+  if (idx >= 0) {
+    lines[idx] = full;
+  } else {
+    lines.push(full);
+  }
+  return lines;
+}
+async function writeNpmrc(options) {
+  const { slug, token } = options;
+  const isGlobal = options.global ?? false;
+  const dir = isGlobal ? homedir() : options.dir ?? process.cwd();
+  const file = join(dir, ".npmrc");
+  let content = "";
+  try {
+    content = await readFile(file, "utf-8");
+  } catch {
+  }
+  if (content.length > 0) {
+    const timestamp = Date.now();
+    await writeFile(join(dir, `.npmrc.bak.${timestamp}`), content);
+  }
+  const registry = `https://${slug}.nproxy.app/`;
+  let lines = content.split("\n");
+  if (lines.at(-1) === "") lines.pop();
+  lines = upsertLine(lines, "registry=", `registry=${registry}`);
+  if (token) {
+    const authPrefix = `//${slug}.nproxy.app/:_authToken=`;
+    lines = upsertLine(lines, authPrefix, `${authPrefix}${token}`);
+  }
+  await writeFile(file, lines.join("\n") + "\n");
+  return file;
+}
+
+// src/setup.ts
+async function runSetup(options) {
+  const { slug, global: isGlobal, token } = options;
+  const registry = `https://${slug}.nproxy.app/`;
+  const file = await writeNpmrc({ slug, global: isGlobal, token });
+  return { file, registry };
+}
+
+// src/verify.ts
+import { resolve4 } from "dns/promises";
+async function timed(fn) {
+  const start = performance.now();
+  const value = await fn();
+  return { value, duration: Math.round(performance.now() - start) };
+}
+async function checkDns(slug) {
+  const host = `${slug}.nproxy.app`;
+  try {
+    const { value: addresses, duration } = await timed(() => resolve4(host));
+    return {
+      name: "dns",
+      status: addresses.length > 0 ? "pass" : "fail",
+      message: addresses.length > 0 ? `Resolved to ${addresses[0]}` : "No addresses returned",
+      duration
+    };
+  } catch (err) {
+    return {
+      name: "dns",
+      status: "fail",
+      message: `DNS lookup failed: ${err.message}`,
+      duration: 0
+    };
+  }
+}
+async function checkPing(slug) {
+  const url = `https://${slug}.nproxy.app/-/ping`;
+  try {
+    const { value: res, duration } = await timed(() => fetch(url));
+    return {
+      name: "ping",
+      status: res.status === 200 ? "pass" : "fail",
+      message: res.status === 200 ? `OK (${res.status})` : `Unexpected status ${res.status}`,
+      duration
+    };
+  } catch (err) {
+    return {
+      name: "ping",
+      status: "fail",
+      message: `Ping failed: ${err.message}`,
+      duration: 0
+    };
+  }
+}
+async function checkDashboard() {
+  const url = "https://nproxy.app/api/health";
+  try {
+    const { value: res, duration } = await timed(() => fetch(url));
+    if (res.status !== 200) {
+      return {
+        name: "dashboard",
+        status: "warn",
+        message: `Dashboard returned status ${res.status}`,
+        duration
+      };
+    }
+    const body = await res.json();
+    return {
+      name: "dashboard",
+      status: body.status === "ok" ? "pass" : "warn",
+      message: body.status === "ok" ? "Dashboard healthy" : `Dashboard status: ${body.status}`,
+      duration
+    };
+  } catch (err) {
+    return {
+      name: "dashboard",
+      status: "warn",
+      message: `Dashboard unreachable: ${err.message}`,
+      duration: 0
+    };
+  }
+}
+async function fetchPackageData(slug, token) {
+  const url = `https://${slug}.nproxy.app/express`;
+  const headers = { Accept: "application/json" };
+  if (token) {
+    headers.Authorization = `Bearer ${token}`;
+  }
+  const { value: res, duration } = await timed(
+    () => fetch(url, { headers })
+  );
+  const body = await res.json();
+  return { response: res, body, duration };
+}
+function checkPackageFetch(slug, data) {
+  const raw = JSON.stringify(data.body);
+  const expected = `${slug}.nproxy.app`;
+  const hasTarballRewrite = raw.includes(expected);
+  return {
+    name: "package_fetch",
+    status: hasTarballRewrite ? "pass" : "fail",
+    message: hasTarballRewrite ? `Tarball URLs rewritten to ${expected}` : `Tarball URLs not rewritten to ${expected}`,
+    duration: data.duration
+  };
+}
+function checkProxyHeaders(slug, data) {
+  const tenant = data.response.headers.get("x-nproxy-tenant");
+  return {
+    name: "proxy_headers",
+    status: tenant === slug ? "pass" : "fail",
+    message: tenant === slug ? `x-nproxy-tenant: ${tenant}` : `Expected x-nproxy-tenant="${slug}", got "${tenant}"`,
+    duration: 0
+  };
+}
+async function checkTokenAuth(slug, token) {
+  const url = `https://${slug}.nproxy.app/-/ping`;
+  try {
+    const { value: res, duration } = await timed(
+      () => fetch(url, {
+        headers: { Authorization: `Bearer ${token}` }
+      })
+    );
+    if (res.status === 200) {
+      return {
+        name: "token_auth",
+        status: "pass",
+        message: "Token accepted by proxy",
+        duration
+      };
+    }
+    return {
+      name: "token_auth",
+      status: "fail",
+      message: `Token rejected with status ${res.status}`,
+      duration
+    };
+  } catch (err) {
+    return {
+      name: "token_auth",
+      status: "fail",
+      message: `Token auth check failed: ${err.message}`,
+      duration: 0
+    };
+  }
+}
+async function runVerify(slug, quick = false, token) {
+  const checks = [];
+  const [dns, ping] = await Promise.all([checkDns(slug), checkPing(slug)]);
+  checks.push(dns, ping);
+  if (!quick) {
+    const dashboard = await checkDashboard();
+    checks.push(dashboard);
+    try {
+      const data = await fetchPackageData(slug, token);
+      checks.push(checkPackageFetch(slug, data));
+      checks.push(checkProxyHeaders(slug, data));
+    } catch (err) {
+      checks.push({
+        name: "package_fetch",
+        status: "fail",
+        message: `Fetch failed: ${err.message}`,
+        duration: 0
+      });
+      checks.push({
+        name: "proxy_headers",
+        status: "fail",
+        message: `Fetch failed: ${err.message}`,
+        duration: 0
+      });
+    }
+    if (token) {
+      const tokenCheck = await checkTokenAuth(slug, token);
+      checks.push(tokenCheck);
+    }
+  }
+  const ok = checks.every((c) => c.status !== "fail");
+  return { slug, checks, ok };
+}
+async function runStatus(slug) {
+  const ping = await checkPing(slug);
+  return {
+    slug,
+    reachable: ping.status === "pass",
+    latency: ping.duration
+  };
+}
+
+// src/index.ts
+var cli = Cli.create("nproxy", {
+  version: "0.0.1",
+  description: "Configure and verify your nproxy registry proxy."
+});
+cli.command("setup", {
+  description: "Write/update .npmrc to use your nproxy registry.",
+  args: z.object({
+    slug: z.string().describe("Your organization slug")
+  }),
+  options: z.object({
+    global: z.boolean().optional().describe("Write to ~/.npmrc"),
+    token: z.string().optional().describe("Auth token to include")
+  }),
+  alias: { global: "g" },
+  output: z.object({
+    file: z.string().describe("Path to the .npmrc that was written"),
+    registry: z.string().describe("The registry URL that was set")
+  }),
+  examples: [
+    {
+      args: { slug: "acme" },
+      description: "Set up local .npmrc for acme"
+    },
+    {
+      args: { slug: "acme" },
+      options: { global: true },
+      description: "Set up global .npmrc for acme"
+    }
+  ],
+  async run({ args, options }) {
+    return runSetup({
+      slug: args.slug,
+      global: options.global,
+      token: options.token
+    });
+  }
+});
+cli.command("verify", {
+  description: "Run connectivity checks against your nproxy registry.",
+  args: z.object({
+    slug: z.string().optional().describe("Org slug (reads from .npmrc if omitted)")
+  }),
+  options: z.object({
+    quick: z.boolean().optional().describe("Only run dns + ping checks")
+  }),
+  output: z.object({
+    slug: z.string().describe("Organization slug that was verified"),
+    checks: z.array(
+      z.object({
+        name: z.string().describe("Check name (dns, ping, dashboard, package_fetch, proxy_headers)"),
+        status: z.enum(["pass", "fail", "warn"]).describe("Check result"),
+        message: z.string().describe("Human-readable result detail"),
+        duration: z.number().describe("Check duration in milliseconds")
+      })
+    ).describe("List of check results"),
+    ok: z.boolean().describe("True if no checks failed")
+  }),
+  examples: [
+    { args: { slug: "acme" }, description: "Verify acme proxy" },
+    {
+      options: { quick: true },
+      description: "Quick check (dns + ping only)"
+    }
+  ],
+  async run({ args, options, error }) {
+    const slug = args.slug ?? await readSlugFromNpmrc();
+    if (!slug) {
+      return error({
+        code: "NO_SLUG",
+        message: "No slug provided and none found in .npmrc. Pass a slug or run `nproxy setup <slug>` first."
+      });
+    }
+    const token = await readTokenFromNpmrc(slug);
+    return runVerify(slug, options.quick, token);
+  }
+});
+cli.command("status", {
+  description: "Quick reachability check for your nproxy registry.",
+  args: z.object({
+    slug: z.string().optional().describe("Org slug (reads from .npmrc if omitted)")
+  }),
+  output: z.object({
+    slug: z.string().describe("Organization slug that was checked"),
+    reachable: z.boolean().describe("Whether the proxy responded to ping"),
+    latency: z.number().describe("Ping response time in milliseconds")
+  }),
+  examples: [{ args: { slug: "acme" }, description: "Check acme status" }],
+  async run({ args, error }) {
+    const slug = args.slug ?? await readSlugFromNpmrc();
+    if (!slug) {
+      return error({
+        code: "NO_SLUG",
+        message: "No slug provided and none found in .npmrc. Pass a slug or run `nproxy setup <slug>` first."
+      });
+    }
+    return runStatus(slug);
+  }
+});
+cli.serve();
+var index_default = cli;
+export {
+  index_default as default
+};

package/package.json

@@ -0,0 +1,46 @@
+{
+  "name": "@nproxy/cli",
+  "version": "0.0.1",
+  "description": "Configure and verify your nproxy registry proxy.",
+  "type": "module",
+  "bin": {
+    "nproxy": "./dist/index.js"
+  },
+  "exports": {
+    ".": "./dist/index.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "prepublishOnly": "pnpm build"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "keywords": [
+    "npm",
+    "proxy",
+    "registry",
+    "supply-chain",
+    "security"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/nproxy-app/nproxy",
+    "directory": "packages/cli"
+  },
+  "dependencies": {
+    "incur": "^0.3.13"
+  },
+  "devDependencies": {
+    "tsup": "^8.4.0",
+    "tsx": "^4.19.0",
+    "typescript": "^5.8.0",
+    "vitest": "^3.1.0"
+  }
+}