@openacp/cli 2026.331.1 → 2026.331.3

package/dist/chunk-OSBZXY2W.js

@@ -1,126 +0,0 @@
-import {
-  SecurityGuard
-} from "./chunk-LGFWH3AE.js";
-
-// src/plugins/security/index.ts
-function createSecurityPlugin() {
-  return {
-    name: "@openacp/security",
-    version: "1.0.0",
-    description: "User access control and session limits",
-    essential: false,
-    permissions: ["services:register", "middleware:register", "kernel:access", "commands:register"],
-    inheritableKeys: ["allowedUsers", "maxSessionsPerUser", "rateLimits"],
-    async install(ctx) {
-      const { settings, legacyConfig, terminal } = ctx;
-      if (legacyConfig) {
-        const securityCfg = legacyConfig.security;
-        if (securityCfg) {
-          await settings.setAll({
-            allowedUserIds: securityCfg.allowedUserIds ?? [],
-            maxConcurrentSessions: securityCfg.maxConcurrentSessions ?? 20,
-            sessionTimeoutMinutes: securityCfg.sessionTimeoutMinutes ?? 60
-          });
-          terminal.log.success("Security settings migrated from legacy config");
-          return;
-        }
-      }
-      await settings.setAll({
-        allowedUserIds: [],
-        maxConcurrentSessions: 20,
-        sessionTimeoutMinutes: 60
-      });
-      terminal.log.success("Security defaults saved");
-    },
-    async configure(ctx) {
-      const { terminal, settings } = ctx;
-      const current = await settings.getAll();
-      const choice = await terminal.select({
-        message: "What to configure?",
-        options: [
-          { value: "allowedUsers", label: "Edit allowed user IDs" },
-          { value: "maxSessions", label: `Max concurrent sessions (current: ${current.maxConcurrentSessions ?? 20})` },
-          { value: "timeout", label: `Session timeout minutes (current: ${current.sessionTimeoutMinutes ?? 60})` },
-          { value: "done", label: "Done" }
-        ]
-      });
-      if (choice === "allowedUsers") {
-        const currentIds = current.allowedUserIds ?? [];
-        const val = await terminal.text({
-          message: "Allowed user IDs (comma-separated, empty = allow all):",
-          defaultValue: currentIds.join(", ")
-        });
-        const ids = val.split(",").map((s) => s.trim()).filter(Boolean);
-        await settings.set("allowedUserIds", ids);
-        terminal.log.success("Allowed user IDs updated");
-      } else if (choice === "maxSessions") {
-        const val = await terminal.text({
-          message: "Max concurrent sessions:",
-          defaultValue: String(current.maxConcurrentSessions ?? 20),
-          validate: (v) => {
-            const n = Number(v.trim());
-            if (isNaN(n) || n < 1) return "Must be a positive number";
-            return void 0;
-          }
-        });
-        await settings.set("maxConcurrentSessions", Number(val.trim()));
-        terminal.log.success("Max sessions updated");
-      } else if (choice === "timeout") {
-        const val = await terminal.text({
-          message: "Session timeout (minutes):",
-          defaultValue: String(current.sessionTimeoutMinutes ?? 60),
-          validate: (v) => {
-            const n = Number(v.trim());
-            if (isNaN(n) || n < 1) return "Must be a positive number";
-            return void 0;
-          }
-        });
-        await settings.set("sessionTimeoutMinutes", Number(val.trim()));
-        terminal.log.success("Session timeout updated");
-      }
-    },
-    async uninstall(ctx, opts) {
-      if (opts.purge) {
-        await ctx.settings.clear();
-        ctx.terminal.log.success("Security settings cleared");
-      }
-    },
-    async setup(ctx) {
-      const core = ctx.core;
-      const guard = new SecurityGuard(core.configManager, core.sessionManager);
-      ctx.registerMiddleware("message:incoming", {
-        handler: async (payload, next) => {
-          const access = guard.checkAccess(payload);
-          if (!access.allowed) {
-            ctx.log.info(`Access denied: ${access.reason}`);
-            return null;
-          }
-          return next();
-        }
-      });
-      ctx.registerService("security", guard);
-      ctx.registerCommand({
-        name: "dangerous",
-        description: "Toggle dangerous mode (auto-approve all permissions)",
-        usage: "on|off",
-        category: "plugin",
-        handler: async (args) => {
-          const mode = args.raw.trim().toLowerCase();
-          if (mode === "on") return { type: "text", text: "Dangerous mode enabled \u2014 all permissions will be auto-approved." };
-          if (mode === "off") return { type: "text", text: "Dangerous mode disabled \u2014 permissions require manual approval." };
-          return { type: "menu", title: "Dangerous Mode", options: [
-            { label: "Enable", command: "/dangerous on" },
-            { label: "Disable", command: "/dangerous off" }
-          ] };
-        }
-      });
-      ctx.log.info("Security service ready");
-    }
-  };
-}
-var security_default = createSecurityPlugin();
-
-export {
-  security_default
-};
-//# sourceMappingURL=chunk-OSBZXY2W.js.map

package/dist/chunk-OSBZXY2W.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/plugins/security/index.ts"],"sourcesContent":["import type { OpenACPPlugin, InstallContext, MiddlewarePayloadMap } from '../../core/plugin/types.js'\nimport { SecurityGuard } from './security-guard.js'\nimport type { IncomingMessage } from '../../core/types.js'\n\n// Structural type for the core fields SecurityGuard needs, avoiding\n// a direct dependency on OpenACPCore's full interface.\ninterface SecurityCoreAccess {\n  configManager: ConstructorParameters<typeof SecurityGuard>[0]\n  sessionManager: ConstructorParameters<typeof SecurityGuard>[1]\n}\n\n// Factory function pattern (closure for state)\nfunction createSecurityPlugin(): OpenACPPlugin {\n  return {\n    name: '@openacp/security',\n    version: '1.0.0',\n    description: 'User access control and session limits',\n    essential: false,\n    permissions: ['services:register', 'middleware:register', 'kernel:access', 'commands:register'],\n    inheritableKeys: ['allowedUsers', 'maxSessionsPerUser', 'rateLimits'],\n\n    async install(ctx: InstallContext) {\n      const { settings, legacyConfig, terminal } = ctx\n\n      // Migrate from legacy config if present\n      if (legacyConfig) {\n        const securityCfg = legacyConfig.security as Record<string, unknown> | undefined\n        if (securityCfg) {\n          await settings.setAll({\n            allowedUserIds: securityCfg.allowedUserIds ?? [],\n            maxConcurrentSessions: securityCfg.maxConcurrentSessions ?? 20,\n            sessionTimeoutMinutes: securityCfg.sessionTimeoutMinutes ?? 60,\n          })\n          terminal.log.success('Security settings migrated from legacy config')\n          return\n        }\n      }\n\n      // Save defaults (no interactive prompts needed)\n      await settings.setAll({\n        allowedUserIds: [],\n        maxConcurrentSessions: 20,\n        sessionTimeoutMinutes: 60,\n      })\n      terminal.log.success('Security defaults saved')\n    },\n\n    async configure(ctx: InstallContext) {\n      const { terminal, settings } = ctx\n      const current = await settings.getAll()\n\n      const choice = await terminal.select({\n        message: 'What to configure?',\n        options: [\n          { value: 'allowedUsers', label: 'Edit allowed user IDs' },\n          { value: 'maxSessions', label: `Max concurrent sessions (current: ${current.maxConcurrentSessions ?? 20})` },\n          { value: 'timeout', label: `Session timeout minutes (current: ${current.sessionTimeoutMinutes ?? 60})` },\n          { value: 'done', label: 'Done' },\n        ],\n      })\n\n      if (choice === 'allowedUsers') {\n        const currentIds = (current.allowedUserIds as string[]) ?? []\n        const val = await terminal.text({\n          message: 'Allowed user IDs (comma-separated, empty = allow all):',\n          defaultValue: currentIds.join(', '),\n        })\n        const ids = val.split(',').map((s) => s.trim()).filter(Boolean)\n        await settings.set('allowedUserIds', ids)\n        terminal.log.success('Allowed user IDs updated')\n      } else if (choice === 'maxSessions') {\n        const val = await terminal.text({\n          message: 'Max concurrent sessions:',\n          defaultValue: String(current.maxConcurrentSessions ?? 20),\n          validate: (v) => {\n            const n = Number(v.trim())\n            if (isNaN(n) || n < 1) return 'Must be a positive number'\n            return undefined\n          },\n        })\n        await settings.set('maxConcurrentSessions', Number(val.trim()))\n        terminal.log.success('Max sessions updated')\n      } else if (choice === 'timeout') {\n        const val = await terminal.text({\n          message: 'Session timeout (minutes):',\n          defaultValue: String(current.sessionTimeoutMinutes ?? 60),\n          validate: (v) => {\n            const n = Number(v.trim())\n            if (isNaN(n) || n < 1) return 'Must be a positive number'\n            return undefined\n          },\n        })\n        await settings.set('sessionTimeoutMinutes', Number(val.trim()))\n        terminal.log.success('Session timeout updated')\n      }\n    },\n\n    async uninstall(ctx: InstallContext, opts: { purge: boolean }) {\n      if (opts.purge) {\n        await ctx.settings.clear()\n        ctx.terminal.log.success('Security settings cleared')\n      }\n    },\n\n    async setup(ctx) {\n      const core = ctx.core as SecurityCoreAccess\n      const guard = new SecurityGuard(core.configManager, core.sessionManager)\n\n      // Register middleware for message:incoming — block unauthorized users\n      ctx.registerMiddleware('message:incoming', {\n        handler: async (payload: MiddlewarePayloadMap['message:incoming'], next) => {\n          const access = guard.checkAccess(payload as unknown as IncomingMessage)\n          if (!access.allowed) {\n            ctx.log.info(`Access denied: ${access.reason}`)\n            return null  // block\n          }\n          return next()\n        }\n      })\n\n      // Register SecurityGuard as the service directly\n      ctx.registerService('security', guard)\n\n      ctx.registerCommand({\n        name: 'dangerous',\n        description: 'Toggle dangerous mode (auto-approve all permissions)',\n        usage: 'on|off',\n        category: 'plugin',\n        handler: async (args) => {\n          const mode = args.raw.trim().toLowerCase()\n          if (mode === 'on') return { type: 'text', text: 'Dangerous mode enabled — all permissions will be auto-approved.' }\n          if (mode === 'off') return { type: 'text', text: 'Dangerous mode disabled — permissions require manual approval.' }\n          return { type: 'menu', title: 'Dangerous Mode', options: [\n            { label: 'Enable', command: '/dangerous on' },\n            { label: 'Disable', command: '/dangerous off' },\n          ]}\n        },\n      })\n\n      ctx.log.info('Security service ready')\n    },\n  }\n}\n\nexport default createSecurityPlugin()\n"],"mappings":";;;;;AAYA,SAAS,uBAAsC;AAC7C,SAAO;AAAA,IACL,MAAM;AAAA,IACN,SAAS;AAAA,IACT,aAAa;AAAA,IACb,WAAW;AAAA,IACX,aAAa,CAAC,qBAAqB,uBAAuB,iBAAiB,mBAAmB;AAAA,IAC9F,iBAAiB,CAAC,gBAAgB,sBAAsB,YAAY;AAAA,IAEpE,MAAM,QAAQ,KAAqB;AACjC,YAAM,EAAE,UAAU,cAAc,SAAS,IAAI;AAG7C,UAAI,cAAc;AAChB,cAAM,cAAc,aAAa;AACjC,YAAI,aAAa;AACf,gBAAM,SAAS,OAAO;AAAA,YACpB,gBAAgB,YAAY,kBAAkB,CAAC;AAAA,YAC/C,uBAAuB,YAAY,yBAAyB;AAAA,YAC5D,uBAAuB,YAAY,yBAAyB;AAAA,UAC9D,CAAC;AACD,mBAAS,IAAI,QAAQ,+CAA+C;AACpE;AAAA,QACF;AAAA,MACF;AAGA,YAAM,SAAS,OAAO;AAAA,QACpB,gBAAgB,CAAC;AAAA,QACjB,uBAAuB;AAAA,QACvB,uBAAuB;AAAA,MACzB,CAAC;AACD,eAAS,IAAI,QAAQ,yBAAyB;AAAA,IAChD;AAAA,IAEA,MAAM,UAAU,KAAqB;AACnC,YAAM,EAAE,UAAU,SAAS,IAAI;AAC/B,YAAM,UAAU,MAAM,SAAS,OAAO;AAEtC,YAAM,SAAS,MAAM,SAAS,OAAO;AAAA,QACnC,SAAS;AAAA,QACT,SAAS;AAAA,UACP,EAAE,OAAO,gBAAgB,OAAO,wBAAwB;AAAA,UACxD,EAAE,OAAO,eAAe,OAAO,qCAAqC,QAAQ,yBAAyB,EAAE,IAAI;AAAA,UAC3G,EAAE,OAAO,WAAW,OAAO,qCAAqC,QAAQ,yBAAyB,EAAE,IAAI;AAAA,UACvG,EAAE,OAAO,QAAQ,OAAO,OAAO;AAAA,QACjC;AAAA,MACF,CAAC;AAED,UAAI,WAAW,gBAAgB;AAC7B,cAAM,aAAc,QAAQ,kBAA+B,CAAC;AAC5D,cAAM,MAAM,MAAM,SAAS,KAAK;AAAA,UAC9B,SAAS;AAAA,UACT,cAAc,WAAW,KAAK,IAAI;AAAA,QACpC,CAAC;AACD,cAAM,MAAM,IAAI,MAAM,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO;AAC9D,cAAM,SAAS,IAAI,kBAAkB,GAAG;AACxC,iBAAS,IAAI,QAAQ,0BAA0B;AAAA,MACjD,WAAW,WAAW,eAAe;AACnC,cAAM,MAAM,MAAM,SAAS,KAAK;AAAA,UAC9B,SAAS;AAAA,UACT,cAAc,OAAO,QAAQ,yBAAyB,EAAE;AAAA,UACxD,UAAU,CAAC,MAAM;AACf,kBAAM,IAAI,OAAO,EAAE,KAAK,CAAC;AACzB,gBAAI,MAAM,CAAC,KAAK,IAAI,EAAG,QAAO;AAC9B,mBAAO;AAAA,UACT;AAAA,QACF,CAAC;AACD,cAAM,SAAS,IAAI,yBAAyB,OAAO,IAAI,KAAK,CAAC,CAAC;AAC9D,iBAAS,IAAI,QAAQ,sBAAsB;AAAA,MAC7C,WAAW,WAAW,WAAW;AAC/B,cAAM,MAAM,MAAM,SAAS,KAAK;AAAA,UAC9B,SAAS;AAAA,UACT,cAAc,OAAO,QAAQ,yBAAyB,EAAE;AAAA,UACxD,UAAU,CAAC,MAAM;AACf,kBAAM,IAAI,OAAO,EAAE,KAAK,CAAC;AACzB,gBAAI,MAAM,CAAC,KAAK,IAAI,EAAG,QAAO;AAC9B,mBAAO;AAAA,UACT;AAAA,QACF,CAAC;AACD,cAAM,SAAS,IAAI,yBAAyB,OAAO,IAAI,KAAK,CAAC,CAAC;AAC9D,iBAAS,IAAI,QAAQ,yBAAyB;AAAA,MAChD;AAAA,IACF;AAAA,IAEA,MAAM,UAAU,KAAqB,MAA0B;AAC7D,UAAI,KAAK,OAAO;AACd,cAAM,IAAI,SAAS,MAAM;AACzB,YAAI,SAAS,IAAI,QAAQ,2BAA2B;AAAA,MACtD;AAAA,IACF;AAAA,IAEA,MAAM,MAAM,KAAK;AACf,YAAM,OAAO,IAAI;AACjB,YAAM,QAAQ,IAAI,cAAc,KAAK,eAAe,KAAK,cAAc;AAGvE,UAAI,mBAAmB,oBAAoB;AAAA,QACzC,SAAS,OAAO,SAAmD,SAAS;AAC1E,gBAAM,SAAS,MAAM,YAAY,OAAqC;AACtE,cAAI,CAAC,OAAO,SAAS;AACnB,gBAAI,IAAI,KAAK,kBAAkB,OAAO,MAAM,EAAE;AAC9C,mBAAO;AAAA,UACT;AACA,iBAAO,KAAK;AAAA,QACd;AAAA,MACF,CAAC;AAGD,UAAI,gBAAgB,YAAY,KAAK;AAErC,UAAI,gBAAgB;AAAA,QAClB,MAAM;AAAA,QACN,aAAa;AAAA,QACb,OAAO;AAAA,QACP,UAAU;AAAA,QACV,SAAS,OAAO,SAAS;AACvB,gBAAM,OAAO,KAAK,IAAI,KAAK,EAAE,YAAY;AACzC,cAAI,SAAS,KAAM,QAAO,EAAE,MAAM,QAAQ,MAAM,uEAAkE;AAClH,cAAI,SAAS,MAAO,QAAO,EAAE,MAAM,QAAQ,MAAM,sEAAiE;AAClH,iBAAO,EAAE,MAAM,QAAQ,OAAO,kBAAkB,SAAS;AAAA,YACvD,EAAE,OAAO,UAAU,SAAS,gBAAgB;AAAA,YAC5C,EAAE,OAAO,WAAW,SAAS,iBAAiB;AAAA,UAChD,EAAC;AAAA,QACH;AAAA,MACF,CAAC;AAED,UAAI,IAAI,KAAK,wBAAwB;AAAA,IACvC;AAAA,EACF;AACF;AAEA,IAAO,mBAAQ,qBAAqB;","names":[]}

package/dist/chunk-OYSAN7UX.js

@@ -1,15 +0,0 @@
-// src/core/utils/read-text-file.ts
-import fs from "fs";
-async function readTextFileWithRange(filePath, options) {
-  const content = await fs.promises.readFile(filePath, "utf-8");
-  if (!options?.line && !options?.limit) return content;
-  const lines = content.split("\n");
-  const start = Math.max(0, (options.line ?? 1) - 1);
-  const end = options.limit ? start + options.limit : lines.length;
-  return lines.slice(start, end).join("\n");
-}
-
-export {
-  readTextFileWithRange
-};
-//# sourceMappingURL=chunk-OYSAN7UX.js.map

package/dist/chunk-OYSAN7UX.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/core/utils/read-text-file.ts"],"sourcesContent":["import fs from \"node:fs\";\n\n/**\n * Read a text file, optionally returning only a range of lines.\n * Pure utility — no dependencies on plugin code.\n */\nexport async function readTextFileWithRange(\n  filePath: string,\n  options?: { line?: number; limit?: number },\n): Promise<string> {\n  const content = await fs.promises.readFile(filePath, \"utf-8\");\n  if (!options?.line && !options?.limit) return content;\n  const lines = content.split(\"\\n\");\n  const start = Math.max(0, (options.line ?? 1) - 1);\n  const end = options.limit ? start + options.limit : lines.length;\n  return lines.slice(start, end).join(\"\\n\");\n}\n"],"mappings":";AAAA,OAAO,QAAQ;AAMf,eAAsB,sBACpB,UACA,SACiB;AACjB,QAAM,UAAU,MAAM,GAAG,SAAS,SAAS,UAAU,OAAO;AAC5D,MAAI,CAAC,SAAS,QAAQ,CAAC,SAAS,MAAO,QAAO;AAC9C,QAAM,QAAQ,QAAQ,MAAM,IAAI;AAChC,QAAM,QAAQ,KAAK,IAAI,IAAI,QAAQ,QAAQ,KAAK,CAAC;AACjD,QAAM,MAAM,QAAQ,QAAQ,QAAQ,QAAQ,QAAQ,MAAM;AAC1D,SAAO,MAAM,MAAM,OAAO,GAAG,EAAE,KAAK,IAAI;AAC1C;","names":[]}

package/dist/chunk-P3HHJANC.js

@@ -1,209 +0,0 @@
-import {
-  MAX_RETRIES
-} from "./chunk-NHD5XDD2.js";
-
-// src/plugins/tunnel/index.ts
-import path from "path";
-function createTunnelPlugin() {
-  let service = null;
-  return {
-    name: "@openacp/tunnel",
-    version: "1.0.0",
-    description: "Expose local services to internet via tunnel providers",
-    essential: false,
-    permissions: ["services:register", "kernel:access", "commands:register"],
-    async install(ctx) {
-      const { terminal, settings, legacyConfig } = ctx;
-      if (legacyConfig) {
-        const tunnelCfg = legacyConfig.tunnel;
-        if (tunnelCfg) {
-          await settings.setAll({
-            enabled: tunnelCfg.enabled ?? true,
-            provider: tunnelCfg.provider ?? "cloudflare",
-            port: tunnelCfg.port ?? 3100,
-            options: tunnelCfg.options ?? {},
-            maxUserTunnels: tunnelCfg.maxUserTunnels ?? 5,
-            storeTtlMinutes: tunnelCfg.storeTtlMinutes ?? 60,
-            auth: tunnelCfg.auth ?? { enabled: false }
-          });
-          terminal.log.success("Tunnel settings migrated from legacy config");
-          return;
-        }
-      }
-      const provider = await terminal.select({
-        message: "Tunnel provider:",
-        options: [
-          { value: "cloudflare", label: "Cloudflare (cloudflared)", hint: "Free, no account needed" },
-          { value: "ngrok", label: "ngrok", hint: "Requires auth token" },
-          { value: "bore", label: "bore", hint: "Self-hostable" },
-          { value: "tailscale", label: "Tailscale Funnel" }
-        ]
-      });
-      const portStr = await terminal.text({
-        message: "Local port to expose:",
-        defaultValue: "3100",
-        validate: (v) => {
-          const n = Number(v.trim());
-          if (isNaN(n) || n < 1 || n > 65535) return "Port must be 1-65535";
-          return void 0;
-        }
-      });
-      let authToken = "";
-      if (provider === "ngrok") {
-        authToken = await terminal.text({
-          message: "ngrok auth token:",
-          validate: (v) => !v.trim() ? "Auth token cannot be empty" : void 0
-        });
-        authToken = authToken.trim();
-      }
-      await settings.setAll({
-        enabled: true,
-        provider,
-        port: Number(portStr.trim()),
-        options: authToken ? { authtoken: authToken } : {},
-        maxUserTunnels: 5,
-        storeTtlMinutes: 60,
-        auth: { enabled: false }
-      });
-      terminal.log.success("Tunnel settings saved");
-    },
-    async configure(ctx) {
-      const { terminal, settings } = ctx;
-      const current = await settings.getAll();
-      const choice = await terminal.select({
-        message: "What to configure?",
-        options: [
-          { value: "provider", label: `Change provider (current: ${current.provider ?? "none"})` },
-          { value: "port", label: `Change port (current: ${current.port ?? 3100})` },
-          { value: "toggle", label: `${current.enabled ? "Disable" : "Enable"} tunnel` },
-          { value: "done", label: "Done" }
-        ]
-      });
-      if (choice === "provider") {
-        const provider = await terminal.select({
-          message: "Tunnel provider:",
-          options: [
-            { value: "cloudflare", label: "Cloudflare" },
-            { value: "ngrok", label: "ngrok" },
-            { value: "bore", label: "bore" },
-            { value: "tailscale", label: "Tailscale" }
-          ]
-        });
-        await settings.set("provider", provider);
-        terminal.log.success("Provider updated");
-      } else if (choice === "port") {
-        const val = await terminal.text({
-          message: "New port:",
-          defaultValue: String(current.port ?? 3100),
-          validate: (v) => {
-            const n = Number(v.trim());
-            if (isNaN(n) || n < 1 || n > 65535) return "Port must be 1-65535";
-            return void 0;
-          }
-        });
-        await settings.set("port", Number(val.trim()));
-        terminal.log.success("Port updated");
-      } else if (choice === "toggle") {
-        const newState = !current.enabled;
-        await settings.set("enabled", newState);
-        terminal.log.success(`Tunnel ${newState ? "enabled" : "disabled"}`);
-      }
-    },
-    async uninstall(ctx, opts) {
-      if (opts.purge) {
-        await ctx.settings.clear();
-        ctx.terminal.log.success("Tunnel settings cleared");
-      }
-    },
-    inheritableKeys: ["provider", "maxUserTunnels", "auth"],
-    async setup(ctx) {
-      const config = ctx.pluginConfig;
-      if (!config.enabled) {
-        ctx.log.info("Tunnel disabled");
-        return;
-      }
-      if (!config.provider) {
-        ctx.log.info("Tunnel disabled (no provider configured)");
-        return;
-      }
-      const { TunnelService } = await import("./tunnel-service-TBAHDXMF.js");
-      const instanceRoot = ctx.instanceRoot;
-      const tunnelSvc = new TunnelService(
-        config,
-        path.join(instanceRoot, "tunnels.json")
-      );
-      const publicUrl = await tunnelSvc.start();
-      service = tunnelSvc;
-      ctx.registerService("tunnel", tunnelSvc);
-      ctx.registerCommand({
-        name: "tunnel",
-        description: "Manage tunnels: /tunnel <port> [label] | /tunnel stop <port>",
-        category: "plugin",
-        handler: async (args) => {
-          const parts = args.raw.trim().split(/\s+/);
-          if (parts[0] === "stop" && parts[1]) {
-            const port = parseInt(parts[1], 10);
-            if (isNaN(port)) return { type: "error", message: "Invalid port number" };
-            try {
-              await tunnelSvc.stopTunnel(port);
-              return { type: "text", text: `Tunnel on port ${port} stopped.` };
-            } catch (err2) {
-              return { type: "error", message: err2.message };
-            }
-          }
-          if (parts[0] && parts[0] !== "") {
-            const port = parseInt(parts[0], 10);
-            if (isNaN(port)) return { type: "error", message: "Invalid port number" };
-            const label = parts.slice(1).join(" ") || void 0;
-            try {
-              const entry = await tunnelSvc.addTunnel(port, { label });
-              return { type: "text", text: `Tunnel created: ${entry.publicUrl ?? "starting..."}` };
-            } catch (err2) {
-              return { type: "error", message: err2.message };
-            }
-          }
-          const url = tunnelSvc.getPublicUrl();
-          const err = tunnelSvc.getStartError();
-          let text = url ? `Tunnel: ${url}` : "No tunnel active.";
-          if (err) text += `
-\u26A0\uFE0F System tunnel error: ${err}`;
-          return { type: "text", text };
-        }
-      });
-      ctx.registerCommand({
-        name: "tunnels",
-        description: "List active tunnels",
-        category: "plugin",
-        handler: async () => {
-          const userTunnels = tunnelSvc.listTunnels();
-          const systemUrl = tunnelSvc.getPublicUrl();
-          const sysError = tunnelSvc.getStartError();
-          const systemDetail = sysError ? `${systemUrl} \u26A0\uFE0F ${sysError}` : systemUrl;
-          const items = [
-            { label: "System", detail: systemDetail },
-            ...userTunnels.map((t) => {
-              const statusInfo = t.status === "failed" && t.retryCount > 0 ? `${t.status} (retry ${t.retryCount}/${MAX_RETRIES})` : t.status;
-              return {
-                label: t.label ?? `Port ${t.port}`,
-                detail: `${t.publicUrl ?? statusInfo} (${t.provider})`
-              };
-            })
-          ];
-          return { type: "list", title: "Active Tunnels", items };
-        }
-      });
-      ctx.log.info(`Tunnel ready: ${publicUrl}`);
-    },
-    async teardown() {
-      if (service) {
-        await service.stop();
-      }
-    }
-  };
-}
-var tunnel_default = createTunnelPlugin();
-
-export {
-  tunnel_default
-};
-//# sourceMappingURL=chunk-P3HHJANC.js.map

package/dist/chunk-P3HHJANC.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/plugins/tunnel/index.ts"],"sourcesContent":["import path from 'node:path'\nimport type { OpenACPPlugin, InstallContext } from '../../core/plugin/types.js'\nimport type { TunnelConfig } from '../../core/config/config.js'\nimport { MAX_RETRIES } from './tunnel-registry.js'\n\nfunction createTunnelPlugin(): OpenACPPlugin {\n  let service: { stop(): Promise<void> } | null = null\n\n  return {\n    name: '@openacp/tunnel',\n    version: '1.0.0',\n    description: 'Expose local services to internet via tunnel providers',\n    essential: false,\n    permissions: ['services:register', 'kernel:access', 'commands:register'],\n\n    async install(ctx: InstallContext) {\n      const { terminal, settings, legacyConfig } = ctx\n\n      // Migrate from legacy config if present\n      if (legacyConfig) {\n        const tunnelCfg = legacyConfig.tunnel as Record<string, unknown> | undefined\n        if (tunnelCfg) {\n          await settings.setAll({\n            enabled: tunnelCfg.enabled ?? true,\n            provider: tunnelCfg.provider ?? 'cloudflare',\n            port: tunnelCfg.port ?? 3100,\n            options: tunnelCfg.options ?? {},\n            maxUserTunnels: tunnelCfg.maxUserTunnels ?? 5,\n            storeTtlMinutes: tunnelCfg.storeTtlMinutes ?? 60,\n            auth: tunnelCfg.auth ?? { enabled: false },\n          })\n          terminal.log.success('Tunnel settings migrated from legacy config')\n          return\n        }\n      }\n\n      // Interactive setup\n      const provider = await terminal.select({\n        message: 'Tunnel provider:',\n        options: [\n          { value: 'cloudflare', label: 'Cloudflare (cloudflared)', hint: 'Free, no account needed' },\n          { value: 'ngrok', label: 'ngrok', hint: 'Requires auth token' },\n          { value: 'bore', label: 'bore', hint: 'Self-hostable' },\n          { value: 'tailscale', label: 'Tailscale Funnel' },\n        ],\n      })\n\n      const portStr = await terminal.text({\n        message: 'Local port to expose:',\n        defaultValue: '3100',\n        validate: (v) => {\n          const n = Number(v.trim())\n          if (isNaN(n) || n < 1 || n > 65535) return 'Port must be 1-65535'\n          return undefined\n        },\n      })\n\n      let authToken = ''\n      if (provider === 'ngrok') {\n        authToken = await terminal.text({\n          message: 'ngrok auth token:',\n          validate: (v) => (!v.trim() ? 'Auth token cannot be empty' : undefined),\n        })\n        authToken = authToken.trim()\n      }\n\n      await settings.setAll({\n        enabled: true,\n        provider,\n        port: Number(portStr.trim()),\n        options: authToken ? { authtoken: authToken } : {},\n        maxUserTunnels: 5,\n        storeTtlMinutes: 60,\n        auth: { enabled: false },\n      })\n      terminal.log.success('Tunnel settings saved')\n    },\n\n    async configure(ctx: InstallContext) {\n      const { terminal, settings } = ctx\n      const current = await settings.getAll()\n\n      const choice = await terminal.select({\n        message: 'What to configure?',\n        options: [\n          { value: 'provider', label: `Change provider (current: ${current.provider ?? 'none'})` },\n          { value: 'port', label: `Change port (current: ${current.port ?? 3100})` },\n          { value: 'toggle', label: `${current.enabled ? 'Disable' : 'Enable'} tunnel` },\n          { value: 'done', label: 'Done' },\n        ],\n      })\n\n      if (choice === 'provider') {\n        const provider = await terminal.select({\n          message: 'Tunnel provider:',\n          options: [\n            { value: 'cloudflare', label: 'Cloudflare' },\n            { value: 'ngrok', label: 'ngrok' },\n            { value: 'bore', label: 'bore' },\n            { value: 'tailscale', label: 'Tailscale' },\n          ],\n        })\n        await settings.set('provider', provider)\n        terminal.log.success('Provider updated')\n      } else if (choice === 'port') {\n        const val = await terminal.text({\n          message: 'New port:',\n          defaultValue: String(current.port ?? 3100),\n          validate: (v) => {\n            const n = Number(v.trim())\n            if (isNaN(n) || n < 1 || n > 65535) return 'Port must be 1-65535'\n            return undefined\n          },\n        })\n        await settings.set('port', Number(val.trim()))\n        terminal.log.success('Port updated')\n      } else if (choice === 'toggle') {\n        const newState = !current.enabled\n        await settings.set('enabled', newState)\n        terminal.log.success(`Tunnel ${newState ? 'enabled' : 'disabled'}`)\n      }\n    },\n\n    async uninstall(ctx: InstallContext, opts: { purge: boolean }) {\n      if (opts.purge) {\n        await ctx.settings.clear()\n        ctx.terminal.log.success('Tunnel settings cleared')\n      }\n    },\n\n    inheritableKeys: ['provider', 'maxUserTunnels', 'auth'],\n\n    async setup(ctx) {\n      const config = ctx.pluginConfig as Record<string, unknown>\n      if (!config.enabled) {\n        ctx.log.info('Tunnel disabled')\n        return\n      }\n      if (!config.provider) {\n        ctx.log.info('Tunnel disabled (no provider configured)')\n        return\n      }\n\n      const { TunnelService } = await import('./tunnel-service.js')\n      const instanceRoot = ctx.instanceRoot\n      const tunnelSvc = new TunnelService(\n        config as unknown as TunnelConfig,\n        path.join(instanceRoot, 'tunnels.json'),\n      )\n      const publicUrl = await tunnelSvc.start()\n      service = tunnelSvc\n\n      ctx.registerService('tunnel', tunnelSvc)\n\n      ctx.registerCommand({\n        name: 'tunnel',\n        description: 'Manage tunnels: /tunnel <port> [label] | /tunnel stop <port>',\n        category: 'plugin',\n        handler: async (args) => {\n          const parts = args.raw.trim().split(/\\s+/)\n\n          // /tunnel stop <port>\n          if (parts[0] === 'stop' && parts[1]) {\n            const port = parseInt(parts[1], 10)\n            if (isNaN(port)) return { type: 'error', message: 'Invalid port number' }\n            try {\n              await tunnelSvc.stopTunnel(port)\n              return { type: 'text', text: `Tunnel on port ${port} stopped.` }\n            } catch (err) {\n              return { type: 'error', message: (err as Error).message }\n            }\n          }\n\n          // /tunnel <port> [label]\n          if (parts[0] && parts[0] !== '') {\n            const port = parseInt(parts[0], 10)\n            if (isNaN(port)) return { type: 'error', message: 'Invalid port number' }\n            const label = parts.slice(1).join(' ') || undefined\n            try {\n              const entry = await tunnelSvc.addTunnel(port, { label })\n              return { type: 'text', text: `Tunnel created: ${entry.publicUrl ?? 'starting...'}` }\n            } catch (err) {\n              return { type: 'error', message: (err as Error).message }\n            }\n          }\n\n          // /tunnel (no args) — show current tunnel URL + health\n          const url = tunnelSvc.getPublicUrl()\n          const err = tunnelSvc.getStartError()\n          let text = url ? `Tunnel: ${url}` : 'No tunnel active.'\n          if (err) text += `\\n⚠️ System tunnel error: ${err}`\n          return { type: 'text', text }\n        },\n      })\n\n      ctx.registerCommand({\n        name: 'tunnels',\n        description: 'List active tunnels',\n        category: 'plugin',\n        handler: async () => {\n          const userTunnels = tunnelSvc.listTunnels()\n          const systemUrl = tunnelSvc.getPublicUrl()\n          const sysError = tunnelSvc.getStartError()\n          const systemDetail = sysError ? `${systemUrl} ⚠️ ${sysError}` : systemUrl\n          const items = [\n            { label: 'System', detail: systemDetail },\n            ...userTunnels.map(t => {\n              const statusInfo = t.status === 'failed' && t.retryCount > 0\n                ? `${t.status} (retry ${t.retryCount}/${MAX_RETRIES})`\n                : t.status\n              return {\n                label: t.label ?? `Port ${t.port}`,\n                detail: `${t.publicUrl ?? statusInfo} (${t.provider})`,\n              }\n            }),\n          ]\n          return { type: 'list', title: 'Active Tunnels', items }\n        },\n      })\n\n      ctx.log.info(`Tunnel ready: ${publicUrl}`)\n    },\n\n    async teardown() {\n      if (service) {\n        await service.stop()\n      }\n    },\n  }\n}\n\nexport default createTunnelPlugin()\n"],"mappings":";;;;;AAAA,OAAO,UAAU;AAKjB,SAAS,qBAAoC;AAC3C,MAAI,UAA4C;AAEhD,SAAO;AAAA,IACL,MAAM;AAAA,IACN,SAAS;AAAA,IACT,aAAa;AAAA,IACb,WAAW;AAAA,IACX,aAAa,CAAC,qBAAqB,iBAAiB,mBAAmB;AAAA,IAEvE,MAAM,QAAQ,KAAqB;AACjC,YAAM,EAAE,UAAU,UAAU,aAAa,IAAI;AAG7C,UAAI,cAAc;AAChB,cAAM,YAAY,aAAa;AAC/B,YAAI,WAAW;AACb,gBAAM,SAAS,OAAO;AAAA,YACpB,SAAS,UAAU,WAAW;AAAA,YAC9B,UAAU,UAAU,YAAY;AAAA,YAChC,MAAM,UAAU,QAAQ;AAAA,YACxB,SAAS,UAAU,WAAW,CAAC;AAAA,YAC/B,gBAAgB,UAAU,kBAAkB;AAAA,YAC5C,iBAAiB,UAAU,mBAAmB;AAAA,YAC9C,MAAM,UAAU,QAAQ,EAAE,SAAS,MAAM;AAAA,UAC3C,CAAC;AACD,mBAAS,IAAI,QAAQ,6CAA6C;AAClE;AAAA,QACF;AAAA,MACF;AAGA,YAAM,WAAW,MAAM,SAAS,OAAO;AAAA,QACrC,SAAS;AAAA,QACT,SAAS;AAAA,UACP,EAAE,OAAO,cAAc,OAAO,4BAA4B,MAAM,0BAA0B;AAAA,UAC1F,EAAE,OAAO,SAAS,OAAO,SAAS,MAAM,sBAAsB;AAAA,UAC9D,EAAE,OAAO,QAAQ,OAAO,QAAQ,MAAM,gBAAgB;AAAA,UACtD,EAAE,OAAO,aAAa,OAAO,mBAAmB;AAAA,QAClD;AAAA,MACF,CAAC;AAED,YAAM,UAAU,MAAM,SAAS,KAAK;AAAA,QAClC,SAAS;AAAA,QACT,cAAc;AAAA,QACd,UAAU,CAAC,MAAM;AACf,gBAAM,IAAI,OAAO,EAAE,KAAK,CAAC;AACzB,cAAI,MAAM,CAAC,KAAK,IAAI,KAAK,IAAI,MAAO,QAAO;AAC3C,iBAAO;AAAA,QACT;AAAA,MACF,CAAC;AAED,UAAI,YAAY;AAChB,UAAI,aAAa,SAAS;AACxB,oBAAY,MAAM,SAAS,KAAK;AAAA,UAC9B,SAAS;AAAA,UACT,UAAU,CAAC,MAAO,CAAC,EAAE,KAAK,IAAI,+BAA+B;AAAA,QAC/D,CAAC;AACD,oBAAY,UAAU,KAAK;AAAA,MAC7B;AAEA,YAAM,SAAS,OAAO;AAAA,QACpB,SAAS;AAAA,QACT;AAAA,QACA,MAAM,OAAO,QAAQ,KAAK,CAAC;AAAA,QAC3B,SAAS,YAAY,EAAE,WAAW,UAAU,IAAI,CAAC;AAAA,QACjD,gBAAgB;AAAA,QAChB,iBAAiB;AAAA,QACjB,MAAM,EAAE,SAAS,MAAM;AAAA,MACzB,CAAC;AACD,eAAS,IAAI,QAAQ,uBAAuB;AAAA,IAC9C;AAAA,IAEA,MAAM,UAAU,KAAqB;AACnC,YAAM,EAAE,UAAU,SAAS,IAAI;AAC/B,YAAM,UAAU,MAAM,SAAS,OAAO;AAEtC,YAAM,SAAS,MAAM,SAAS,OAAO;AAAA,QACnC,SAAS;AAAA,QACT,SAAS;AAAA,UACP,EAAE,OAAO,YAAY,OAAO,6BAA6B,QAAQ,YAAY,MAAM,IAAI;AAAA,UACvF,EAAE,OAAO,QAAQ,OAAO,yBAAyB,QAAQ,QAAQ,IAAI,IAAI;AAAA,UACzE,EAAE,OAAO,UAAU,OAAO,GAAG,QAAQ,UAAU,YAAY,QAAQ,UAAU;AAAA,UAC7E,EAAE,OAAO,QAAQ,OAAO,OAAO;AAAA,QACjC;AAAA,MACF,CAAC;AAED,UAAI,WAAW,YAAY;AACzB,cAAM,WAAW,MAAM,SAAS,OAAO;AAAA,UACrC,SAAS;AAAA,UACT,SAAS;AAAA,YACP,EAAE,OAAO,cAAc,OAAO,aAAa;AAAA,YAC3C,EAAE,OAAO,SAAS,OAAO,QAAQ;AAAA,YACjC,EAAE,OAAO,QAAQ,OAAO,OAAO;AAAA,YAC/B,EAAE,OAAO,aAAa,OAAO,YAAY;AAAA,UAC3C;AAAA,QACF,CAAC;AACD,cAAM,SAAS,IAAI,YAAY,QAAQ;AACvC,iBAAS,IAAI,QAAQ,kBAAkB;AAAA,MACzC,WAAW,WAAW,QAAQ;AAC5B,cAAM,MAAM,MAAM,SAAS,KAAK;AAAA,UAC9B,SAAS;AAAA,UACT,cAAc,OAAO,QAAQ,QAAQ,IAAI;AAAA,UACzC,UAAU,CAAC,MAAM;AACf,kBAAM,IAAI,OAAO,EAAE,KAAK,CAAC;AACzB,gBAAI,MAAM,CAAC,KAAK,IAAI,KAAK,IAAI,MAAO,QAAO;AAC3C,mBAAO;AAAA,UACT;AAAA,QACF,CAAC;AACD,cAAM,SAAS,IAAI,QAAQ,OAAO,IAAI,KAAK,CAAC,CAAC;AAC7C,iBAAS,IAAI,QAAQ,cAAc;AAAA,MACrC,WAAW,WAAW,UAAU;AAC9B,cAAM,WAAW,CAAC,QAAQ;AAC1B,cAAM,SAAS,IAAI,WAAW,QAAQ;AACtC,iBAAS,IAAI,QAAQ,UAAU,WAAW,YAAY,UAAU,EAAE;AAAA,MACpE;AAAA,IACF;AAAA,IAEA,MAAM,UAAU,KAAqB,MAA0B;AAC7D,UAAI,KAAK,OAAO;AACd,cAAM,IAAI,SAAS,MAAM;AACzB,YAAI,SAAS,IAAI,QAAQ,yBAAyB;AAAA,MACpD;AAAA,IACF;AAAA,IAEA,iBAAiB,CAAC,YAAY,kBAAkB,MAAM;AAAA,IAEtD,MAAM,MAAM,KAAK;AACf,YAAM,SAAS,IAAI;AACnB,UAAI,CAAC,OAAO,SAAS;AACnB,YAAI,IAAI,KAAK,iBAAiB;AAC9B;AAAA,MACF;AACA,UAAI,CAAC,OAAO,UAAU;AACpB,YAAI,IAAI,KAAK,0CAA0C;AACvD;AAAA,MACF;AAEA,YAAM,EAAE,cAAc,IAAI,MAAM,OAAO,8BAAqB;AAC5D,YAAM,eAAe,IAAI;AACzB,YAAM,YAAY,IAAI;AAAA,QACpB;AAAA,QACA,KAAK,KAAK,cAAc,cAAc;AAAA,MACxC;AACA,YAAM,YAAY,MAAM,UAAU,MAAM;AACxC,gBAAU;AAEV,UAAI,gBAAgB,UAAU,SAAS;AAEvC,UAAI,gBAAgB;AAAA,QAClB,MAAM;AAAA,QACN,aAAa;AAAA,QACb,UAAU;AAAA,QACV,SAAS,OAAO,SAAS;AACvB,gBAAM,QAAQ,KAAK,IAAI,KAAK,EAAE,MAAM,KAAK;AAGzC,cAAI,MAAM,CAAC,MAAM,UAAU,MAAM,CAAC,GAAG;AACnC,kBAAM,OAAO,SAAS,MAAM,CAAC,GAAG,EAAE;AAClC,gBAAI,MAAM,IAAI,EAAG,QAAO,EAAE,MAAM,SAAS,SAAS,sBAAsB;AACxE,gBAAI;AACF,oBAAM,UAAU,WAAW,IAAI;AAC/B,qBAAO,EAAE,MAAM,QAAQ,MAAM,kBAAkB,IAAI,YAAY;AAAA,YACjE,SAASA,MAAK;AACZ,qBAAO,EAAE,MAAM,SAAS,SAAUA,KAAc,QAAQ;AAAA,YAC1D;AAAA,UACF;AAGA,cAAI,MAAM,CAAC,KAAK,MAAM,CAAC,MAAM,IAAI;AAC/B,kBAAM,OAAO,SAAS,MAAM,CAAC,GAAG,EAAE;AAClC,gBAAI,MAAM,IAAI,EAAG,QAAO,EAAE,MAAM,SAAS,SAAS,sBAAsB;AACxE,kBAAM,QAAQ,MAAM,MAAM,CAAC,EAAE,KAAK,GAAG,KAAK;AAC1C,gBAAI;AACF,oBAAM,QAAQ,MAAM,UAAU,UAAU,MAAM,EAAE,MAAM,CAAC;AACvD,qBAAO,EAAE,MAAM,QAAQ,MAAM,mBAAmB,MAAM,aAAa,aAAa,GAAG;AAAA,YACrF,SAASA,MAAK;AACZ,qBAAO,EAAE,MAAM,SAAS,SAAUA,KAAc,QAAQ;AAAA,YAC1D;AAAA,UACF;AAGA,gBAAM,MAAM,UAAU,aAAa;AACnC,gBAAM,MAAM,UAAU,cAAc;AACpC,cAAI,OAAO,MAAM,WAAW,GAAG,KAAK;AACpC,cAAI,IAAK,SAAQ;AAAA,oCAA6B,GAAG;AACjD,iBAAO,EAAE,MAAM,QAAQ,KAAK;AAAA,QAC9B;AAAA,MACF,CAAC;AAED,UAAI,gBAAgB;AAAA,QAClB,MAAM;AAAA,QACN,aAAa;AAAA,QACb,UAAU;AAAA,QACV,SAAS,YAAY;AACnB,gBAAM,cAAc,UAAU,YAAY;AAC1C,gBAAM,YAAY,UAAU,aAAa;AACzC,gBAAM,WAAW,UAAU,cAAc;AACzC,gBAAM,eAAe,WAAW,GAAG,SAAS,iBAAO,QAAQ,KAAK;AAChE,gBAAM,QAAQ;AAAA,YACZ,EAAE,OAAO,UAAU,QAAQ,aAAa;AAAA,YACxC,GAAG,YAAY,IAAI,OAAK;AACtB,oBAAM,aAAa,EAAE,WAAW,YAAY,EAAE,aAAa,IACvD,GAAG,EAAE,MAAM,WAAW,EAAE,UAAU,IAAI,WAAW,MACjD,EAAE;AACN,qBAAO;AAAA,gBACL,OAAO,EAAE,SAAS,QAAQ,EAAE,IAAI;AAAA,gBAChC,QAAQ,GAAG,EAAE,aAAa,UAAU,KAAK,EAAE,QAAQ;AAAA,cACrD;AAAA,YACF,CAAC;AAAA,UACH;AACA,iBAAO,EAAE,MAAM,QAAQ,OAAO,kBAAkB,MAAM;AAAA,QACxD;AAAA,MACF,CAAC;AAED,UAAI,IAAI,KAAK,iBAAiB,SAAS,EAAE;AAAA,IAC3C;AAAA,IAEA,MAAM,WAAW;AACf,UAAI,SAAS;AACX,cAAM,QAAQ,KAAK;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AACF;AAEA,IAAO,iBAAQ,mBAAmB;","names":["err"]}