@openafw/openafw 0.5.2

package/dist/bin/tap.js

@@ -0,0 +1,83 @@
+#!/usr/bin/env node
+import process from "node:process";
+import { spawn } from "node:child_process";
+
+//#region src/bin/tap.ts
+const args = process.argv.slice(2);
+const sep = args.indexOf("--");
+if (sep < 0) {
+	process.stderr.write("afw-tap: missing -- separator; expected --agent X --server Y -- <cmd> [args...]\n");
+	process.exit(2);
+}
+const flags = args.slice(0, sep);
+const cmd = args[sep + 1];
+const cmdArgs = args.slice(sep + 2);
+if (!cmd) {
+	process.stderr.write("afw-tap: no command specified after --\n");
+	process.exit(2);
+}
+const AGENT = readFlag(flags, "--agent") ?? "unknown";
+const SERVER = readFlag(flags, "--server") ?? "unknown";
+const DAEMON_URL = process.env.AFW_DAEMON_URL ?? "http://localhost:9877";
+const child = spawn(cmd, cmdArgs, { stdio: [
+	"pipe",
+	"pipe",
+	"inherit"
+] });
+if (!child.stdin || !child.stdout) {
+	process.stderr.write("afw-tap: failed to open child stdio\n");
+	process.exit(2);
+}
+forward(process.stdin, child.stdin, "request");
+forward(child.stdout, process.stdout, "response");
+child.on("exit", (code, signal) => {
+	process.exit(code ?? (signal ? 1 : 0));
+});
+child.on("error", (err) => {
+	process.stderr.write(`afw-tap: child error: ${err.message}\n`);
+	process.exit(2);
+});
+process.on("SIGTERM", () => child.kill("SIGTERM"));
+process.on("SIGINT", () => child.kill("SIGINT"));
+function forward(src, dst, direction) {
+	let buf = "";
+	src.on("data", (chunk) => {
+		dst.write(chunk);
+		buf += typeof chunk === "string" ? chunk : chunk.toString("utf8");
+		let nl;
+		while ((nl = buf.indexOf("\n")) >= 0) {
+			const line = buf.slice(0, nl).trim();
+			buf = buf.slice(nl + 1);
+			if (line.length > 0) emitFrame(line, direction);
+		}
+	});
+	src.on("end", () => {
+		if (buf.trim().length > 0) emitFrame(buf.trim(), direction);
+		dst.end();
+	});
+}
+function emitFrame(line, direction) {
+	let frame;
+	try {
+		frame = JSON.parse(line);
+	} catch {
+		return;
+	}
+	fetch(`${DAEMON_URL}/api/tap/frame`, {
+		method: "POST",
+		headers: { "content-type": "application/json" },
+		body: JSON.stringify({
+			agent: AGENT,
+			server: SERVER,
+			ts: Date.now(),
+			direction,
+			frame
+		})
+	}).catch(() => {});
+}
+function readFlag(flags$1, name) {
+	const i = flags$1.indexOf(name);
+	return i >= 0 && i + 1 < flags$1.length ? flags$1[i + 1] : void 0;
+}
+
+//#endregion

package/dist/bin/tools.js

@@ -0,0 +1,432 @@
+#!/usr/bin/env node
+import { getSecret, readSecrets } from "../secrets-Bj-gyv53.js";
+import { activeProviderFor, readToolProviders, searchBaidu, searchBrave, searchDuckDuckGo } from "../backends-Byh5VYtT.js";
+import process from "node:process";
+
+//#region src/core/web-search/fetch.ts
+const FETCH_USER_AGENT = "afw-tools/0.1 (+https://openafw.com)";
+const DEFAULT_MAX_BYTES = 1024 * 1024;
+const DEFAULT_TIMEOUT_MS = 15e3;
+async function fetchUrl(opts) {
+	const policy = checkUrlPolicy(opts.url);
+	if (!policy.ok) return policy;
+	const controller = new AbortController();
+	const timer = setTimeout(() => controller.abort(), opts.timeoutMs ?? DEFAULT_TIMEOUT_MS);
+	let res;
+	try {
+		res = await fetch(opts.url, {
+			headers: {
+				"user-agent": FETCH_USER_AGENT,
+				accept: "text/html, text/plain, */*"
+			},
+			redirect: "follow",
+			signal: controller.signal
+		});
+	} catch (err$1) {
+		clearTimeout(timer);
+		return {
+			ok: false,
+			error: `fetch failed: ${err$1.message}`
+		};
+	}
+	clearTimeout(timer);
+	const finalPolicy = checkUrlPolicy(res.url);
+	if (!finalPolicy.ok) return finalPolicy;
+	const contentType = res.headers.get("content-type") ?? "";
+	const maxBytes = opts.maxBytes ?? DEFAULT_MAX_BYTES;
+	const { text, truncated } = await readBounded(res, maxBytes);
+	const isHtml = /\bhtml\b/i.test(contentType) || /^\s*<!doctype html/i.test(text);
+	const extracted = isHtml ? htmlToText(text) : text.trim();
+	const title = isHtml ? extractTitle(text) : void 0;
+	return {
+		ok: true,
+		url: opts.url,
+		finalUrl: res.url,
+		status: res.status,
+		contentType,
+		...title ? { title } : {},
+		text: extracted,
+		truncated
+	};
+}
+/** Reject URLs that point at the local machine, private networks,
+*  link-local space, or cloud metadata endpoints. Operates on the URL
+*  string only (no DNS resolution) — for ip-literal hosts this is
+*  exact; for DNS names we still let the request go and re-check after
+*  redirect. Bypassing this via DNS rebinding would need a layered
+*  network policy (out of scope for v0). */
+function checkUrlPolicy(rawUrl) {
+	let url;
+	try {
+		url = new URL(rawUrl);
+	} catch {
+		return {
+			ok: false,
+			error: "invalid url"
+		};
+	}
+	if (url.protocol !== "http:" && url.protocol !== "https:") return {
+		ok: false,
+		error: `unsupported scheme: ${url.protocol}`
+	};
+	const host = url.hostname.toLowerCase();
+	if (BLOCKED_HOSTS.has(host)) return {
+		ok: false,
+		error: `host "${host}" is on the local-network deny list`
+	};
+	if (isPrivateIpLiteral(host)) return {
+		ok: false,
+		error: `host "${host}" resolves to a private/local network`
+	};
+	return { ok: true };
+}
+const BLOCKED_HOSTS = new Set([
+	"localhost",
+	"localhost.localdomain",
+	"0.0.0.0",
+	"127.0.0.1",
+	"::1",
+	"169.254.169.254",
+	"metadata.google.internal"
+]);
+/** True if the host is an IPv4 or IPv6 literal inside a private /
+*  loopback / link-local range. Pure parse, no DNS. */
+function isPrivateIpLiteral(host) {
+	if (host.includes(":")) {
+		if (host === "::1" || host.startsWith("fe80:") || host.startsWith("fc") || host.startsWith("fd")) return true;
+		return false;
+	}
+	const m = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(host);
+	if (!m) return false;
+	const [a, b] = [Number(m[1]), Number(m[2])];
+	if (a === 10) return true;
+	if (a === 127) return true;
+	if (a === 169 && b === 254) return true;
+	if (a === 172 && b >= 16 && b <= 31) return true;
+	if (a === 192 && b === 168) return true;
+	if (a === 100 && b >= 64 && b <= 127) return true;
+	if (a === 0) return true;
+	return false;
+}
+async function readBounded(res, maxBytes) {
+	if (!res.body) return {
+		text: "",
+		truncated: false
+	};
+	const reader = res.body.getReader();
+	const chunks = [];
+	let total = 0;
+	let truncated = false;
+	while (true) {
+		const { done, value } = await reader.read();
+		if (done) break;
+		if (!value) continue;
+		if (total + value.byteLength > maxBytes) {
+			const remaining = Math.max(0, maxBytes - total);
+			if (remaining > 0) chunks.push(value.subarray(0, remaining));
+			total += remaining;
+			truncated = true;
+			try {
+				await reader.cancel();
+			} catch {}
+			break;
+		}
+		chunks.push(value);
+		total += value.byteLength;
+	}
+	const merged = new Uint8Array(total);
+	let off = 0;
+	for (const c of chunks) {
+		merged.set(c, off);
+		off += c.byteLength;
+	}
+	return {
+		text: new TextDecoder("utf-8", { fatal: false }).decode(merged),
+		truncated
+	};
+}
+function extractTitle(html) {
+	const m = /<title[^>]*>([\s\S]*?)<\/title>/i.exec(html);
+	if (!m?.[1]) return void 0;
+	const stripped = m[1].replace(/\s+/g, " ").trim();
+	return stripped || void 0;
+}
+/** Pretty-bad HTML→text extractor. Drops <script>/<style> contents
+*  entirely, strips remaining tags, decodes a handful of entities,
+*  collapses runs of whitespace. Good enough for "let the model read
+*  this page" — not for archival fidelity. Kept dependency-free so
+*  the binary stays small. */
+function htmlToText(html) {
+	return decodeEntities(html.replace(/<script[\s\S]*?<\/script>/gi, " ").replace(/<style[\s\S]*?<\/style>/gi, " ").replace(/<!--[\s\S]*?-->/g, " ").replace(/<(?:br|\/p|\/div|\/li|\/h[1-6])\s*[^>]*>/gi, "\n").replace(/<[^>]+>/g, " ").replace(/[ \t]+/g, " ").replace(/\n[ \t]+/g, "\n").replace(/\n{3,}/g, "\n\n").trim());
+}
+function decodeEntities(s) {
+	return s.replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&quot;/g, "\"").replace(/&#39;/g, "'").replace(/&#x27;/g, "'").replace(/&nbsp;/g, " ").replace(/&#(\d+);/g, (_, n) => {
+		const code = Number(n);
+		return Number.isFinite(code) && code >= 32 && code < 65536 ? String.fromCodePoint(code) : "";
+	});
+}
+
+//#endregion
+//#region src/bin/tools.ts
+const SERVER_NAME = "afw-tools";
+const SERVER_VERSION = "0.1.0";
+const PROTOCOL_VERSION = "2024-11-05";
+const WEB_SEARCH_TOOL = {
+	name: "web_search",
+	description: "Search the web via the user-configured backend (DuckDuckGo, Brave, SearXNG, or Tavily). Returns a list of {title, url, snippet} results. Use when you need current information beyond your training cutoff or to locate a specific page.",
+	inputSchema: {
+		type: "object",
+		properties: {
+			query: {
+				type: "string",
+				description: "The search query."
+			},
+			count: {
+				type: "number",
+				description: "Maximum number of results to return (default 10).",
+				minimum: 1,
+				maximum: 25
+			}
+		},
+		required: ["query"]
+	}
+};
+const WEB_FETCH_TOOL = {
+	name: "web_fetch",
+	description: "Fetch a public web URL and return its title plus extracted text content. Blocks requests to localhost, private networks, and cloud metadata endpoints — the model cannot probe the user's intranet. Follows redirects; responses are truncated at ~1 MiB.",
+	inputSchema: {
+		type: "object",
+		properties: {
+			url: {
+				type: "string",
+				description: "The absolute http(s) URL to fetch."
+			},
+			maxBytes: {
+				type: "number",
+				description: "Cap on response bytes read (default 1048576).",
+				minimum: 1024,
+				maximum: 4 * 1024 * 1024
+			}
+		},
+		required: ["url"]
+	}
+};
+function send(msg) {
+	process.stdout.write(`${JSON.stringify(msg)}\n`);
+}
+function err(id, code, message) {
+	send({
+		jsonrpc: "2.0",
+		id,
+		error: {
+			code,
+			message
+		}
+	});
+}
+async function dispatch(req) {
+	const id = req.id ?? null;
+	switch (req.method) {
+		case "initialize":
+			send({
+				jsonrpc: "2.0",
+				id,
+				result: {
+					protocolVersion: PROTOCOL_VERSION,
+					serverInfo: {
+						name: SERVER_NAME,
+						version: SERVER_VERSION
+					},
+					capabilities: { tools: {} }
+				}
+			});
+			return;
+		case "notifications/initialized": return;
+		case "tools/list":
+			send({
+				jsonrpc: "2.0",
+				id,
+				result: { tools: [WEB_SEARCH_TOOL, WEB_FETCH_TOOL] }
+			});
+			return;
+		case "tools/call": {
+			const params = req.params ?? {};
+			if (params.name === "web_search") {
+				const args = params.arguments ?? {};
+				const query = typeof args.query === "string" ? args.query.trim() : "";
+				if (!query) {
+					err(id, -32602, "web_search: `query` is required");
+					return;
+				}
+				const count = typeof args.count === "number" && args.count > 0 ? Math.min(25, args.count) : 10;
+				const outcome = await runWebSearch({
+					query,
+					count
+				});
+				send({
+					jsonrpc: "2.0",
+					id,
+					result: toSearchToolResult(outcome)
+				});
+				return;
+			}
+			if (params.name === "web_fetch") {
+				const args = params.arguments ?? {};
+				const url = typeof args.url === "string" ? args.url.trim() : "";
+				if (!url) {
+					err(id, -32602, "web_fetch: `url` is required");
+					return;
+				}
+				const maxBytes = typeof args.maxBytes === "number" && args.maxBytes > 0 ? args.maxBytes : void 0;
+				const outcome = await fetchUrl({
+					url,
+					...maxBytes ? { maxBytes } : {}
+				});
+				send({
+					jsonrpc: "2.0",
+					id,
+					result: toFetchToolResult(outcome)
+				});
+				return;
+			}
+			err(id, -32601, `unknown tool: ${String(params.name)}`);
+			return;
+		}
+		case "ping":
+			send({
+				jsonrpc: "2.0",
+				id,
+				result: {}
+			});
+			return;
+		default: err(id, -32601, `method not implemented: ${req.method}`);
+	}
+}
+async function runWebSearch(opts) {
+	let provider;
+	try {
+		const store = await readToolProviders();
+		provider = activeProviderFor(store, "web_search");
+	} catch (e) {
+		return {
+			ok: false,
+			error: `tool-providers.json unreadable: ${e.message}`
+		};
+	}
+	if (!provider) return {
+		ok: false,
+		error: "no web_search backend configured — add one in Control · Tool Providers"
+	};
+	switch (provider.backend) {
+		case "duckduckgo": return searchDuckDuckGo({
+			query: opts.query,
+			count: opts.count
+		});
+		case "brave": {
+			const apiKey = await resolveSecret(provider);
+			if (!apiKey) return {
+				ok: false,
+				error: `provider "${provider.id}" is missing its API key`
+			};
+			return searchBrave({
+				query: opts.query,
+				count: opts.count,
+				apiKey
+			});
+		}
+		case "baidu": {
+			const apiKey = await resolveSecret(provider);
+			if (!apiKey) return {
+				ok: false,
+				error: `provider "${provider.id}" is missing its API key`
+			};
+			return searchBaidu({
+				query: opts.query,
+				count: opts.count,
+				apiKey
+			});
+		}
+		case "searxng":
+		case "tavily": return {
+			ok: false,
+			error: `backend "${provider.backend}" is not implemented yet`
+		};
+	}
+}
+async function resolveSecret(p) {
+	if (!p.authRef) return void 0;
+	try {
+		const secrets = await readSecrets();
+		return getSecret(secrets, p.authRef) ?? void 0;
+	} catch {
+		return void 0;
+	}
+}
+function toSearchToolResult(outcome) {
+	if (!outcome.ok) return {
+		isError: true,
+		content: [{
+			type: "text",
+			text: `web_search failed: ${outcome.error}`
+		}]
+	};
+	return { content: [{
+		type: "text",
+		text: formatResults(outcome.results)
+	}] };
+}
+function toFetchToolResult(outcome) {
+	if (!outcome.ok) return {
+		isError: true,
+		content: [{
+			type: "text",
+			text: `web_fetch failed: ${outcome.error}`
+		}]
+	};
+	const header = [
+		`URL: ${outcome.finalUrl}${outcome.finalUrl !== outcome.url ? ` (from ${outcome.url})` : ""}`,
+		`Status: ${outcome.status}`,
+		outcome.contentType ? `Content-Type: ${outcome.contentType}` : "",
+		outcome.title ? `Title: ${outcome.title}` : "",
+		outcome.truncated ? "(response truncated at maxBytes)" : ""
+	].filter(Boolean).join("\n");
+	return { content: [{
+		type: "text",
+		text: `${header}\n\n${outcome.text}`
+	}] };
+}
+function formatResults(results) {
+	if (results.length === 0) return "No results.";
+	const lines = [];
+	results.forEach((r, i) => {
+		lines.push(`${i + 1}. ${r.title}`);
+		lines.push(`   ${r.url}`);
+		if (r.snippet) lines.push(`   ${r.snippet}`);
+		lines.push("");
+	});
+	return lines.join("\n").trimEnd();
+}
+let buf = "";
+process.stdin.setEncoding("utf8");
+process.stdin.on("data", (chunk) => {
+	buf += chunk;
+	let nl;
+	while ((nl = buf.indexOf("\n")) >= 0) {
+		const line = buf.slice(0, nl).trim();
+		buf = buf.slice(nl + 1);
+		if (!line) continue;
+		let req;
+		try {
+			req = JSON.parse(line);
+		} catch (e) {
+			err(null, -32700, `parse error: ${e.message}`);
+			continue;
+		}
+		dispatch(req).catch((e) => err(req.id ?? null, -32e3, e.message));
+	}
+});
+process.stdin.on("end", () => {
+	process.exit(0);
+});
+
+//#endregion

package/dist/secrets-9JqUBHyw.js

@@ -0,0 +1,3 @@
+import { EMPTY_SECRETS, SECRETS_VERSION, getSecret, mutateSecrets, normalizeSecretStore, readSecrets, removeSecret, secretRefs, setSecret, writeSecrets } from "./secrets-Bj-gyv53.js";
+
+export { readSecrets };

package/dist/secrets-Bj-gyv53.js

@@ -0,0 +1,169 @@
+import process from "node:process";
+import { dirname, join } from "node:path";
+import { access, chmod, mkdir, readFile, rename, writeFile } from "node:fs/promises";
+import { homedir } from "node:os";
+
+//#region src/core/paths.ts
+const HOME = homedir();
+/** Resolve the afw home directory. Honors an explicit `AFW_HOME`
+*  override; otherwise `~/.afw`. */
+function resolveHome() {
+	return process.env.AFW_HOME ?? join(HOME, ".afw");
+}
+const AFW_HOME = resolveHome();
+const paths = {
+	home: AFW_HOME,
+	wire: {
+		dir: join(AFW_HOME, "wire"),
+		routes: join(AFW_HOME, "wire", "routes.json"),
+		traces: join(AFW_HOME, "wire", "traces"),
+		tracesArchive: join(AFW_HOME, "wire", "traces", "archive"),
+		daemonSock: join(AFW_HOME, "wire", "daemon.sock"),
+		daemonPid: join(AFW_HOME, "wire", "daemon.pid")
+	},
+	backups: {
+		dir: join(AFW_HOME, "backups"),
+		manifest: join(AFW_HOME, "backups", "manifest.json")
+	},
+	logs: {
+		dir: join(AFW_HOME, "logs"),
+		daemon: join(AFW_HOME, "logs", "daemon.log"),
+		daemonErr: join(AFW_HOME, "logs", "daemon.err")
+	},
+	config: join(AFW_HOME, "config.json"),
+	update: join(AFW_HOME, "update.json"),
+	models: join(AFW_HOME, "models.json"),
+	routing: join(AFW_HOME, "routing.json"),
+	secrets: join(AFW_HOME, "secrets.json"),
+	keys: join(AFW_HOME, "keys.json"),
+	tiers: join(AFW_HOME, "tiers.json"),
+	masking: join(AFW_HOME, "masking.json"),
+	toolProviders: join(AFW_HOME, "tool-providers.json"),
+	agent: {
+		claudeCode: {
+			settings: join(HOME, ".claude", "settings.json"),
+			legacy: join(HOME, ".claude.json")
+		},
+		claudeDesktop: {
+			root: join(HOME, "Library", "Application Support", "Claude"),
+			mcpConfig: join(HOME, "Library", "Application Support", "Claude", "claude_desktop_config.json")
+		},
+		openclaw: join(HOME, ".openclaw", "openclaw.json"),
+		opencode: join(HOME, ".config", "opencode", "opencode.json"),
+		hermes: {
+			config: join(HOME, ".hermes", "config.yaml"),
+			env: join(HOME, ".hermes", ".env")
+		},
+		codex: {
+			config: join(HOME, ".codex", "config.toml"),
+			auth: join(HOME, ".codex", "auth.json")
+		},
+		cursor: {
+			darwin: join(HOME, "Library", "Application Support", "Cursor", "User", "settings.json"),
+			linux: join(HOME, ".config", "Cursor", "User", "settings.json")
+		},
+		gemini: join(HOME, ".gemini", ".env")
+	}
+};
+const PRICING_OVERRIDE = join(AFW_HOME, "pricing.json");
+const PRICING_CATALOG_CACHE = join(AFW_HOME, "pricing-catalog.json");
+const DAEMON_PORT = (() => {
+	const p = process.env.AFW_PORT;
+	return p ? Number.parseInt(p, 10) : 9877;
+})();
+const DAEMON_HOST = "localhost";
+const DAEMON_BASE_URL = `http://${DAEMON_HOST}:${DAEMON_PORT}`;
+
+//#endregion
+//#region src/core/atomic-file.ts
+async function atomicWrite(path, content, opts) {
+	await mkdir(dirname(path), { recursive: true });
+	const tmp = `${path}.tmp.${process.pid}`;
+	await writeFile(tmp, content);
+	if (opts?.mode != null) await chmod(tmp, opts.mode);
+	await rename(tmp, path);
+}
+async function fileExists(path) {
+	try {
+		await access(path);
+		return true;
+	} catch {
+		return false;
+	}
+}
+
+//#endregion
+//#region src/core/secrets.ts
+const SECRETS_VERSION = 1;
+const SECRETS_MODE = 384;
+const EMPTY_SECRETS = {
+	version: SECRETS_VERSION,
+	secrets: {}
+};
+function getSecret(store, ref) {
+	return store.secrets[ref];
+}
+/** Refs present in the store, for the UI to show which keys are configured
+*  (it never receives the values themselves). */
+function secretRefs(store) {
+	return Object.keys(store.secrets);
+}
+function isObj(v) {
+	return typeof v === "object" && v !== null && !Array.isArray(v);
+}
+function normalizeSecretStore(raw) {
+	if (!isObj(raw)) return { ...EMPTY_SECRETS };
+	if (raw.version !== SECRETS_VERSION) throw new Error(`secrets.json version ${String(raw.version)} not supported (expected ${SECRETS_VERSION})`);
+	const secrets = {};
+	if (isObj(raw.secrets)) {
+		for (const [ref, value] of Object.entries(raw.secrets)) if (typeof value === "string") secrets[ref] = value;
+	}
+	return {
+		version: SECRETS_VERSION,
+		secrets
+	};
+}
+async function readSecrets() {
+	if (!await fileExists(paths.secrets)) return { ...EMPTY_SECRETS };
+	return normalizeSecretStore(JSON.parse(await readFile(paths.secrets, "utf8")));
+}
+async function writeSecrets(store) {
+	await atomicWrite(paths.secrets, `${JSON.stringify(store, null, 2)}\n`, { mode: SECRETS_MODE });
+}
+let writeChain = Promise.resolve();
+/** Serialized read-modify-write — see model-registry.ts mutateModelRegistry. */
+function mutateSecrets(fn) {
+	const next = writeChain.then(async () => {
+		const store = await readSecrets();
+		const updated = fn(store);
+		if (updated) await writeSecrets(updated);
+		return updated ?? store;
+	});
+	writeChain = next.catch(() => {});
+	return next;
+}
+/** Store a secret value under a ref. */
+function setSecret(ref, value) {
+	return mutateSecrets((store) => ({
+		...store,
+		secrets: {
+			...store.secrets,
+			[ref]: value
+		}
+	}));
+}
+/** Remove a secret. No-op if the ref is absent. */
+function removeSecret(ref) {
+	return mutateSecrets((store) => {
+		if (!(ref in store.secrets)) return void 0;
+		const secrets = { ...store.secrets };
+		delete secrets[ref];
+		return {
+			...store,
+			secrets
+		};
+	});
+}
+
+//#endregion
+export { AFW_HOME, DAEMON_BASE_URL, DAEMON_PORT, EMPTY_SECRETS, PRICING_CATALOG_CACHE, PRICING_OVERRIDE, SECRETS_VERSION, atomicWrite, fileExists, getSecret, mutateSecrets, normalizeSecretStore, paths, readSecrets, removeSecret, secretRefs, setSecret, writeSecrets };