@openape/apes 0.2.0

package/dist/server-4ZIIWOOP.js

@@ -0,0 +1,333 @@
+#!/usr/bin/env node
+import {
+  apiFetch,
+  getAuthToken,
+  getGrantsEndpoint,
+  getIdpUrl,
+  getRequesterIdentity
+} from "./chunk-2JEBWXMI.js";
+
+// src/commands/mcp/server.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
+import { createServer } from "http";
+import consola from "consola";
+
+// src/commands/mcp/tools.ts
+import { hostname } from "os";
+import {
+  createShapesGrant,
+  fetchGrantToken,
+  loadAdapter as loadAdapter2,
+  resolveCommand,
+  verifyAndExecute
+} from "@openape/shapes";
+import { z } from "zod";
+
+// src/commands/mcp/adapter-tools.ts
+import { readdirSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+import { loadAdapter } from "@openape/shapes";
+function operationToInputSchema(op) {
+  const properties = {};
+  const required = [];
+  if (op.positionals) {
+    for (const pos of op.positionals) {
+      properties[pos] = { type: "string", description: `Positional argument: ${pos}` };
+      required.push(pos);
+    }
+  }
+  if (op.required_options) {
+    for (const opt of op.required_options) {
+      const name = opt.replace(/^--/, "");
+      properties[name] = { type: "string", description: `Required option: ${opt}` };
+      required.push(name);
+    }
+  }
+  return {
+    type: "object",
+    properties,
+    required: required.length > 0 ? required : void 0
+  };
+}
+function scanAdapterDir(dir) {
+  try {
+    return readdirSync(dir).filter((f) => f.endsWith(".toml")).map((f) => f.replace(".toml", ""));
+  } catch {
+    return [];
+  }
+}
+function loadAdapterTools() {
+  const tools = [];
+  const seen = /* @__PURE__ */ new Set();
+  const adapterDirs = [
+    join(process.cwd(), ".openape", "shapes", "adapters"),
+    join(homedir(), ".openape", "shapes", "adapters"),
+    "/etc/openape/shapes/adapters"
+  ];
+  for (const dir of adapterDirs) {
+    for (const id of scanAdapterDir(dir)) {
+      if (seen.has(id))
+        continue;
+      seen.add(id);
+      try {
+        const loaded = loadAdapter(id);
+        for (const op of loaded.adapter.operations) {
+          tools.push({
+            name: `apes.run.${id}.${op.id}`,
+            description: op.display || `${id}: ${op.id}`,
+            inputSchema: operationToInputSchema(op),
+            adapterId: id,
+            operationId: op.id
+          });
+        }
+      } catch {
+      }
+    }
+  }
+  return tools;
+}
+
+// src/commands/mcp/tools.ts
+function registerStaticTools(server) {
+  server.registerTool("apes.grants.list", {
+    description: "List grants",
+    inputSchema: {
+      status: z.string().optional().describe("Filter by status: pending, approved, denied, revoked, used"),
+      limit: z.string().optional().describe("Max results")
+    }
+  }, async ({ status, limit }) => {
+    const idp = getIdpUrl();
+    if (!idp)
+      return { content: [{ type: "text", text: "Not configured. Run `apes login` first." }] };
+    const grantsUrl = await getGrantsEndpoint(idp);
+    const params = new URLSearchParams();
+    if (status)
+      params.set("status", status);
+    if (limit)
+      params.set("limit", limit);
+    const query = params.toString() ? `?${params.toString()}` : "";
+    const response = await apiFetch(`${grantsUrl}${query}`);
+    return { content: [{ type: "text", text: JSON.stringify(response, null, 2) }] };
+  });
+  server.registerTool("apes.grants.request", {
+    description: "Request a grant for a command",
+    inputSchema: {
+      command: z.string().describe("Command to request permission for"),
+      audience: z.string().describe("Service identifier (e.g. escapes, proxy, shapes)"),
+      approval: z.string().optional().describe("once, timed, or always"),
+      reason: z.string().optional().describe("Reason for the request")
+    }
+  }, async ({ command, audience, approval, reason }) => {
+    const idp = getIdpUrl();
+    const requester = getRequesterIdentity();
+    if (!idp || !requester)
+      return { content: [{ type: "text", text: "Not authenticated. Run `apes login` first." }] };
+    const grantsUrl = await getGrantsEndpoint(idp);
+    const cmdParts = command.split(" ");
+    const grant = await apiFetch(grantsUrl, {
+      method: "POST",
+      body: {
+        requester,
+        target_host: hostname(),
+        audience,
+        grant_type: approval || "once",
+        command: cmdParts,
+        reason: reason || command
+      }
+    });
+    return {
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          status: "pending_approval",
+          grant_id: grant.id,
+          approve_url: `${idp}/grant-approval?grant_id=${grant.id}`,
+          message: "Grant needs approval. Approve via URL or `apes grants approve <id>`, then retry with grant_id."
+        }, null, 2)
+      }]
+    };
+  });
+  server.registerTool("apes.config.get", {
+    description: "Get apes configuration value",
+    inputSchema: {
+      key: z.string().describe("Config key: idp, email")
+    }
+  }, ({ key }) => {
+    if (key === "idp") {
+      const idp = getIdpUrl();
+      return { content: [{ type: "text", text: idp || "Not configured" }] };
+    }
+    if (key === "email") {
+      const email = getRequesterIdentity();
+      return { content: [{ type: "text", text: email || "Not logged in" }] };
+    }
+    return { content: [{ type: "text", text: `Unknown key: ${key}` }] };
+  });
+  server.registerTool("apes.explain", {
+    description: "Show what permissions a command would need",
+    inputSchema: {
+      command: z.array(z.string()).describe('Command as array of strings (e.g. ["gh", "repo", "list"])'),
+      adapter: z.string().optional().describe("Explicit adapter TOML path")
+    }
+  }, async ({ command, adapter }) => {
+    try {
+      const loaded = loadAdapter2(command[0], adapter);
+      const resolved = await resolveCommand(loaded, command);
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify({
+            adapter: resolved.adapter.cli.id,
+            operation: resolved.detail.operation_id,
+            display: resolved.detail.display,
+            permission: resolved.permission,
+            resource_chain: resolved.detail.resource_chain,
+            exact_command: resolved.detail.constraints?.exact_command ?? false,
+            adapter_digest: resolved.digest
+          }, null, 2)
+        }]
+      };
+    } catch (err) {
+      return { content: [{ type: "text", text: `Error: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+    }
+  });
+  server.registerTool("apes.adapter.list", {
+    description: "List installed CLI adapters"
+  }, () => {
+    const tools = loadAdapterTools();
+    const adapters = [...new Set(tools.map((t) => t.adapterId))];
+    return {
+      content: [{
+        type: "text",
+        text: adapters.length > 0 ? `Installed adapters: ${adapters.join(", ")}` : "No adapters installed."
+      }]
+    };
+  });
+  server.registerTool("apes.fetch", {
+    description: "Make an authenticated HTTP request",
+    inputSchema: {
+      method: z.string().describe("HTTP method (GET, POST, PUT, DELETE)"),
+      url: z.string().describe("URL to fetch"),
+      body: z.string().optional().describe("Request body (JSON string)")
+    }
+  }, async ({ method, url, body }) => {
+    const token = getAuthToken();
+    if (!token)
+      return { content: [{ type: "text", text: "Not authenticated. Run `apes login` first." }], isError: true };
+    const response = await fetch(url, {
+      method,
+      headers: {
+        "Authorization": `Bearer ${token}`,
+        "Content-Type": "application/json"
+      },
+      body: body || void 0
+    });
+    const text = await response.text();
+    try {
+      return { content: [{ type: "text", text: JSON.stringify(JSON.parse(text), null, 2) }] };
+    } catch {
+      return { content: [{ type: "text", text }] };
+    }
+  });
+}
+function registerAdapterTools(server) {
+  const adapterTools = loadAdapterTools();
+  for (const tool of adapterTools) {
+    const schemaShape = {
+      grant_id: z.string().optional().describe("Grant ID from a previous pending_approval response")
+    };
+    if (tool.inputSchema && typeof tool.inputSchema === "object") {
+      const props = tool.inputSchema.properties;
+      if (props) {
+        for (const [key, val] of Object.entries(props)) {
+          schemaShape[key] = z.string().optional().describe(val.description || key);
+        }
+      }
+    }
+    server.registerTool(tool.name, {
+      description: tool.description,
+      inputSchema: schemaShape
+    }, async (args) => {
+      const idp = getIdpUrl();
+      if (!idp)
+        return { content: [{ type: "text", text: "Not configured. Run `apes login` first." }], isError: true };
+      try {
+        const loaded = loadAdapter2(tool.adapterId);
+        const op = loaded.adapter.operations.find((o) => o.id === tool.operationId);
+        if (!op)
+          return { content: [{ type: "text", text: `Operation ${tool.operationId} not found` }], isError: true };
+        const argv = [loaded.adapter.cli.executable, ...op.command];
+        if (op.positionals) {
+          for (const pos of op.positionals) {
+            if (args[pos])
+              argv.push(String(args[pos]));
+          }
+        }
+        if (op.required_options) {
+          for (const opt of op.required_options) {
+            const name = opt.replace(/^--/, "");
+            if (args[name])
+              argv.push(opt, String(args[name]));
+          }
+        }
+        const resolved = await resolveCommand(loaded, argv);
+        if (args.grant_id) {
+          const token = await fetchGrantToken(idp, String(args.grant_id));
+          await verifyAndExecute(token, resolved);
+          return { content: [{ type: "text", text: "Command executed successfully." }] };
+        }
+        const grant = await createShapesGrant(resolved, { idp, approval: "once" });
+        return {
+          content: [{
+            type: "text",
+            text: JSON.stringify({
+              status: "pending_approval",
+              grant_id: grant.id,
+              approve_url: `${idp}/grant-approval?grant_id=${grant.id}`,
+              message: "Grant needs approval. Approve, then call this tool again with grant_id."
+            }, null, 2)
+          }]
+        };
+      } catch (err) {
+        return { content: [{ type: "text", text: `Error: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+      }
+    });
+  }
+}
+
+// src/commands/mcp/server.ts
+async function startMcpServer(transport, port) {
+  const server = new McpServer({
+    name: "apes",
+    version: true ? "0.2.0" : "0.1.0"
+  });
+  registerStaticTools(server);
+  registerAdapterTools(server);
+  if (transport === "stdio") {
+    const stdioTransport = new StdioServerTransport();
+    await server.connect(stdioTransport);
+  } else if (transport === "sse") {
+    const httpServer = createServer(async (req, res) => {
+      if (req.url === "/sse" && req.method === "GET") {
+        const sseTransport = new SSEServerTransport("/messages", res);
+        await server.connect(sseTransport);
+      } else if (req.url === "/messages" && req.method === "POST") {
+        res.writeHead(200);
+        res.end();
+      } else {
+        res.writeHead(404);
+        res.end("Not found");
+      }
+    });
+    httpServer.listen(port, () => {
+      consola.info(`MCP SSE server listening on http://localhost:${port}/sse`);
+    });
+  }
+}
+export {
+  startMcpServer
+};
+//# sourceMappingURL=server-4ZIIWOOP.js.map

package/dist/server-4ZIIWOOP.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/commands/mcp/server.ts","../src/commands/mcp/tools.ts","../src/commands/mcp/adapter-tools.ts"],"sourcesContent":["import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'\nimport { SSEServerTransport } from '@modelcontextprotocol/sdk/server/sse.js'\nimport { createServer } from 'node:http'\nimport consola from 'consola'\nimport { registerAdapterTools, registerStaticTools } from './tools'\n\ndeclare const __VERSION__: string\n\nexport async function startMcpServer(transport: 'stdio' | 'sse', port: number) {\n  const server = new McpServer({\n    name: 'apes',\n    version: typeof __VERSION__ !== 'undefined' ? __VERSION__ : '0.1.0',\n  })\n\n  // Register static tools\n  registerStaticTools(server)\n\n  // Register adapter-derived tools\n  registerAdapterTools(server)\n\n  if (transport === 'stdio') {\n    const stdioTransport = new StdioServerTransport()\n    await server.connect(stdioTransport)\n  }\n  else if (transport === 'sse') {\n    const httpServer = createServer(async (req, res) => {\n      if (req.url === '/sse' && req.method === 'GET') {\n        const sseTransport = new SSEServerTransport('/messages', res)\n        await server.connect(sseTransport)\n      }\n      else if (req.url === '/messages' && req.method === 'POST') {\n        // SSE message handling is done by the transport\n        res.writeHead(200)\n        res.end()\n      }\n      else {\n        res.writeHead(404)\n        res.end('Not found')\n      }\n    })\n\n    httpServer.listen(port, () => {\n      consola.info(`MCP SSE server listening on http://localhost:${port}/sse`)\n    })\n  }\n}\n","import { hostname } from 'node:os'\nimport type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'\nimport {\n  createShapesGrant,\n  fetchGrantToken,\n  loadAdapter,\n  resolveCommand,\n  verifyAndExecute,\n} from '@openape/shapes'\nimport { z } from 'zod'\nimport { getAuthToken, getIdpUrl, getRequesterIdentity } from '../../config'\nimport { apiFetch, getGrantsEndpoint } from '../../http'\nimport { loadAdapterTools } from './adapter-tools'\n\nexport function registerStaticTools(server: McpServer) {\n  server.registerTool('apes.grants.list', {\n    description: 'List grants',\n    inputSchema: {\n      status: z.string().optional().describe('Filter by status: pending, approved, denied, revoked, used'),\n      limit: z.string().optional().describe('Max results'),\n    },\n  }, async ({ status, limit }) => {\n    const idp = getIdpUrl()\n    if (!idp)\n      return { content: [{ type: 'text' as const, text: 'Not configured. Run `apes login` first.' }] }\n\n    const grantsUrl = await getGrantsEndpoint(idp)\n    const params = new URLSearchParams()\n    if (status)\n      params.set('status', status)\n    if (limit)\n      params.set('limit', limit)\n    const query = params.toString() ? `?${params.toString()}` : ''\n    const response = await apiFetch(`${grantsUrl}${query}`)\n    return { content: [{ type: 'text' as const, text: JSON.stringify(response, null, 2) }] }\n  })\n\n  server.registerTool('apes.grants.request', {\n    description: 'Request a grant for a command',\n    inputSchema: {\n      command: z.string().describe('Command to request permission for'),\n      audience: z.string().describe('Service identifier (e.g. escapes, proxy, shapes)'),\n      approval: z.string().optional().describe('once, timed, or always'),\n      reason: z.string().optional().describe('Reason for the request'),\n    },\n  }, async ({ command, audience, approval, reason }) => {\n    const idp = getIdpUrl()\n    const requester = getRequesterIdentity()\n    if (!idp || !requester)\n      return { content: [{ type: 'text' as const, text: 'Not authenticated. Run `apes login` first.' }] }\n\n    const grantsUrl = await getGrantsEndpoint(idp)\n    const cmdParts = command.split(' ')\n    const grant = await apiFetch<{ id: string, status: string }>(grantsUrl, {\n      method: 'POST',\n      body: {\n        requester,\n        target_host: hostname(),\n        audience,\n        grant_type: approval || 'once',\n        command: cmdParts,\n        reason: reason || command,\n      },\n    })\n\n    return {\n      content: [{\n        type: 'text' as const,\n        text: JSON.stringify({\n          status: 'pending_approval',\n          grant_id: grant.id,\n          approve_url: `${idp}/grant-approval?grant_id=${grant.id}`,\n          message: 'Grant needs approval. Approve via URL or `apes grants approve <id>`, then retry with grant_id.',\n        }, null, 2),\n      }],\n    }\n  })\n\n  server.registerTool('apes.config.get', {\n    description: 'Get apes configuration value',\n    inputSchema: {\n      key: z.string().describe('Config key: idp, email'),\n    },\n  }, ({ key }) => {\n    if (key === 'idp') {\n      const idp = getIdpUrl()\n      return { content: [{ type: 'text' as const, text: idp || 'Not configured' }] }\n    }\n    if (key === 'email') {\n      const email = getRequesterIdentity()\n      return { content: [{ type: 'text' as const, text: email || 'Not logged in' }] }\n    }\n    return { content: [{ type: 'text' as const, text: `Unknown key: ${key}` }] }\n  })\n\n  server.registerTool('apes.explain', {\n    description: 'Show what permissions a command would need',\n    inputSchema: {\n      command: z.array(z.string()).describe('Command as array of strings (e.g. [\"gh\", \"repo\", \"list\"])'),\n      adapter: z.string().optional().describe('Explicit adapter TOML path'),\n    },\n  }, async ({ command, adapter }) => {\n    try {\n      const loaded = loadAdapter(command[0]!, adapter)\n      const resolved = await resolveCommand(loaded, command)\n      return {\n        content: [{\n          type: 'text' as const,\n          text: JSON.stringify({\n            adapter: resolved.adapter.cli.id,\n            operation: resolved.detail.operation_id,\n            display: resolved.detail.display,\n            permission: resolved.permission,\n            resource_chain: resolved.detail.resource_chain,\n            exact_command: resolved.detail.constraints?.exact_command ?? false,\n            adapter_digest: resolved.digest,\n          }, null, 2),\n        }],\n      }\n    }\n    catch (err) {\n      return { content: [{ type: 'text' as const, text: `Error: ${err instanceof Error ? err.message : String(err)}` }], isError: true }\n    }\n  })\n\n  server.registerTool('apes.adapter.list', {\n    description: 'List installed CLI adapters',\n  }, () => {\n    const tools = loadAdapterTools()\n    const adapters = [...new Set(tools.map(t => t.adapterId))]\n    return {\n      content: [{\n        type: 'text' as const,\n        text: adapters.length > 0\n          ? `Installed adapters: ${adapters.join(', ')}`\n          : 'No adapters installed.',\n      }],\n    }\n  })\n\n  server.registerTool('apes.fetch', {\n    description: 'Make an authenticated HTTP request',\n    inputSchema: {\n      method: z.string().describe('HTTP method (GET, POST, PUT, DELETE)'),\n      url: z.string().describe('URL to fetch'),\n      body: z.string().optional().describe('Request body (JSON string)'),\n    },\n  }, async ({ method, url, body }) => {\n    const token = getAuthToken()\n    if (!token)\n      return { content: [{ type: 'text' as const, text: 'Not authenticated. Run `apes login` first.' }], isError: true }\n\n    const response = await fetch(url, {\n      method,\n      headers: {\n        'Authorization': `Bearer ${token}`,\n        'Content-Type': 'application/json',\n      },\n      body: body || undefined,\n    })\n    const text = await response.text()\n    try {\n      return { content: [{ type: 'text' as const, text: JSON.stringify(JSON.parse(text), null, 2) }] }\n    }\n    catch {\n      return { content: [{ type: 'text' as const, text }] }\n    }\n  })\n}\n\nexport function registerAdapterTools(server: McpServer) {\n  const adapterTools = loadAdapterTools()\n\n  for (const tool of adapterTools) {\n    // Build Zod schema from adapter operation\n    const schemaShape: Record<string, z.ZodType> = {\n      grant_id: z.string().optional().describe('Grant ID from a previous pending_approval response'),\n    }\n\n    if (tool.inputSchema && typeof tool.inputSchema === 'object') {\n      const props = (tool.inputSchema as { properties?: Record<string, { description?: string }> }).properties\n      if (props) {\n        for (const [key, val] of Object.entries(props)) {\n          schemaShape[key] = z.string().optional().describe(val.description || key)\n        }\n      }\n    }\n\n    server.registerTool(tool.name, {\n      description: tool.description,\n      inputSchema: schemaShape,\n    }, async (args) => {\n      const idp = getIdpUrl()\n      if (!idp)\n        return { content: [{ type: 'text' as const, text: 'Not configured. Run `apes login` first.' }], isError: true }\n\n      try {\n        const loaded = loadAdapter(tool.adapterId)\n        const op = loaded.adapter.operations.find(o => o.id === tool.operationId)\n        if (!op)\n          return { content: [{ type: 'text' as const, text: `Operation ${tool.operationId} not found` }], isError: true }\n\n        const argv = [loaded.adapter.cli.executable, ...op.command]\n        if (op.positionals) {\n          for (const pos of op.positionals) {\n            if (args[pos])\n              argv.push(String(args[pos]))\n          }\n        }\n        if (op.required_options) {\n          for (const opt of op.required_options) {\n            const name = opt.replace(/^--/, '')\n            if (args[name])\n              argv.push(opt, String(args[name]))\n          }\n        }\n\n        const resolved = await resolveCommand(loaded, argv)\n\n        if (args.grant_id) {\n          const token = await fetchGrantToken(idp, String(args.grant_id))\n          await verifyAndExecute(token, resolved)\n          return { content: [{ type: 'text' as const, text: 'Command executed successfully.' }] }\n        }\n\n        const grant = await createShapesGrant(resolved, { idp, approval: 'once' })\n        return {\n          content: [{\n            type: 'text' as const,\n            text: JSON.stringify({\n              status: 'pending_approval',\n              grant_id: grant.id,\n              approve_url: `${idp}/grant-approval?grant_id=${grant.id}`,\n              message: 'Grant needs approval. Approve, then call this tool again with grant_id.',\n            }, null, 2),\n          }],\n        }\n      }\n      catch (err) {\n        return { content: [{ type: 'text' as const, text: `Error: ${err instanceof Error ? err.message : String(err)}` }], isError: true }\n      }\n    })\n  }\n}\n","import { readdirSync } from 'node:fs'\nimport { homedir } from 'node:os'\nimport { join } from 'node:path'\nimport { loadAdapter } from '@openape/shapes'\nimport type { ShapesOperation } from '@openape/shapes'\n\nexport interface AdapterToolDef {\n  name: string\n  description: string\n  inputSchema: Record<string, unknown>\n  adapterId: string\n  operationId: string\n}\n\nfunction operationToInputSchema(op: ShapesOperation): Record<string, unknown> {\n  const properties: Record<string, unknown> = {}\n  const required: string[] = []\n\n  if (op.positionals) {\n    for (const pos of op.positionals) {\n      properties[pos] = { type: 'string', description: `Positional argument: ${pos}` }\n      required.push(pos)\n    }\n  }\n\n  if (op.required_options) {\n    for (const opt of op.required_options) {\n      const name = opt.replace(/^--/, '')\n      properties[name] = { type: 'string', description: `Required option: ${opt}` }\n      required.push(name)\n    }\n  }\n\n  return {\n    type: 'object',\n    properties,\n    required: required.length > 0 ? required : undefined,\n  }\n}\n\nfunction scanAdapterDir(dir: string): string[] {\n  try {\n    return readdirSync(dir)\n      .filter(f => f.endsWith('.toml'))\n      .map(f => f.replace('.toml', ''))\n  }\n  catch {\n    return []\n  }\n}\n\nexport function loadAdapterTools(): AdapterToolDef[] {\n  const tools: AdapterToolDef[] = []\n  const seen = new Set<string>()\n\n  const adapterDirs = [\n    join(process.cwd(), '.openape', 'shapes', 'adapters'),\n    join(homedir(), '.openape', 'shapes', 'adapters'),\n    '/etc/openape/shapes/adapters',\n  ]\n\n  for (const dir of adapterDirs) {\n    for (const id of scanAdapterDir(dir)) {\n      if (seen.has(id))\n        continue\n      seen.add(id)\n\n      try {\n        const loaded = loadAdapter(id)\n        for (const op of loaded.adapter.operations) {\n          tools.push({\n            name: `apes.run.${id}.${op.id}`,\n            description: op.display || `${id}: ${op.id}`,\n            inputSchema: operationToInputSchema(op),\n            adapterId: id,\n            operationId: op.id,\n          })\n        }\n      }\n      catch {\n        // Skip adapters that fail to load\n      }\n    }\n  }\n\n  return tools\n}\n"],"mappings":";;;;;;;;;;AAAA,SAAS,iBAAiB;AAC1B,SAAS,4BAA4B;AACrC,SAAS,0BAA0B;AACnC,SAAS,oBAAoB;AAC7B,OAAO,aAAa;;;ACJpB,SAAS,gBAAgB;AAEzB;AAAA,EACE;AAAA,EACA;AAAA,EACA,eAAAA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,SAAS;;;ACTlB,SAAS,mBAAmB;AAC5B,SAAS,eAAe;AACxB,SAAS,YAAY;AACrB,SAAS,mBAAmB;AAW5B,SAAS,uBAAuB,IAA8C;AAC5E,QAAM,aAAsC,CAAC;AAC7C,QAAM,WAAqB,CAAC;AAE5B,MAAI,GAAG,aAAa;AAClB,eAAW,OAAO,GAAG,aAAa;AAChC,iBAAW,GAAG,IAAI,EAAE,MAAM,UAAU,aAAa,wBAAwB,GAAG,GAAG;AAC/E,eAAS,KAAK,GAAG;AAAA,IACnB;AAAA,EACF;AAEA,MAAI,GAAG,kBAAkB;AACvB,eAAW,OAAO,GAAG,kBAAkB;AACrC,YAAM,OAAO,IAAI,QAAQ,OAAO,EAAE;AAClC,iBAAW,IAAI,IAAI,EAAE,MAAM,UAAU,aAAa,oBAAoB,GAAG,GAAG;AAC5E,eAAS,KAAK,IAAI;AAAA,IACpB;AAAA,EACF;AAEA,SAAO;AAAA,IACL,MAAM;AAAA,IACN;AAAA,IACA,UAAU,SAAS,SAAS,IAAI,WAAW;AAAA,EAC7C;AACF;AAEA,SAAS,eAAe,KAAuB;AAC7C,MAAI;AACF,WAAO,YAAY,GAAG,EACnB,OAAO,OAAK,EAAE,SAAS,OAAO,CAAC,EAC/B,IAAI,OAAK,EAAE,QAAQ,SAAS,EAAE,CAAC;AAAA,EACpC,QACM;AACJ,WAAO,CAAC;AAAA,EACV;AACF;AAEO,SAAS,mBAAqC;AACnD,QAAM,QAA0B,CAAC;AACjC,QAAM,OAAO,oBAAI,IAAY;AAE7B,QAAM,cAAc;AAAA,IAClB,KAAK,QAAQ,IAAI,GAAG,YAAY,UAAU,UAAU;AAAA,IACpD,KAAK,QAAQ,GAAG,YAAY,UAAU,UAAU;AAAA,IAChD;AAAA,EACF;AAEA,aAAW,OAAO,aAAa;AAC7B,eAAW,MAAM,eAAe,GAAG,GAAG;AACpC,UAAI,KAAK,IAAI,EAAE;AACb;AACF,WAAK,IAAI,EAAE;AAEX,UAAI;AACF,cAAM,SAAS,YAAY,EAAE;AAC7B,mBAAW,MAAM,OAAO,QAAQ,YAAY;AAC1C,gBAAM,KAAK;AAAA,YACT,MAAM,YAAY,EAAE,IAAI,GAAG,EAAE;AAAA,YAC7B,aAAa,GAAG,WAAW,GAAG,EAAE,KAAK,GAAG,EAAE;AAAA,YAC1C,aAAa,uBAAuB,EAAE;AAAA,YACtC,WAAW;AAAA,YACX,aAAa,GAAG;AAAA,UAClB,CAAC;AAAA,QACH;AAAA,MACF,QACM;AAAA,MAEN;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;;;ADxEO,SAAS,oBAAoB,QAAmB;AACrD,SAAO,aAAa,oBAAoB;AAAA,IACtC,aAAa;AAAA,IACb,aAAa;AAAA,MACX,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,4DAA4D;AAAA,MACnG,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,aAAa;AAAA,IACrD;AAAA,EACF,GAAG,OAAO,EAAE,QAAQ,MAAM,MAAM;AAC9B,UAAM,MAAM,UAAU;AACtB,QAAI,CAAC;AACH,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,0CAA0C,CAAC,EAAE;AAEjG,UAAM,YAAY,MAAM,kBAAkB,GAAG;AAC7C,UAAM,SAAS,IAAI,gBAAgB;AACnC,QAAI;AACF,aAAO,IAAI,UAAU,MAAM;AAC7B,QAAI;AACF,aAAO,IAAI,SAAS,KAAK;AAC3B,UAAM,QAAQ,OAAO,SAAS,IAAI,IAAI,OAAO,SAAS,CAAC,KAAK;AAC5D,UAAM,WAAW,MAAM,SAAS,GAAG,SAAS,GAAG,KAAK,EAAE;AACtD,WAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,UAAU,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,EACzF,CAAC;AAED,SAAO,aAAa,uBAAuB;AAAA,IACzC,aAAa;AAAA,IACb,aAAa;AAAA,MACX,SAAS,EAAE,OAAO,EAAE,SAAS,mCAAmC;AAAA,MAChE,UAAU,EAAE,OAAO,EAAE,SAAS,kDAAkD;AAAA,MAChF,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,wBAAwB;AAAA,MACjE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,wBAAwB;AAAA,IACjE;AAAA,EACF,GAAG,OAAO,EAAE,SAAS,UAAU,UAAU,OAAO,MAAM;AACpD,UAAM,MAAM,UAAU;AACtB,UAAM,YAAY,qBAAqB;AACvC,QAAI,CAAC,OAAO,CAAC;AACX,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,6CAA6C,CAAC,EAAE;AAEpG,UAAM,YAAY,MAAM,kBAAkB,GAAG;AAC7C,UAAM,WAAW,QAAQ,MAAM,GAAG;AAClC,UAAM,QAAQ,MAAM,SAAyC,WAAW;AAAA,MACtE,QAAQ;AAAA,MACR,MAAM;AAAA,QACJ;AAAA,QACA,aAAa,SAAS;AAAA,QACtB;AAAA,QACA,YAAY,YAAY;AAAA,QACxB,SAAS;AAAA,QACT,QAAQ,UAAU;AAAA,MACpB;AAAA,IACF,CAAC;AAED,WAAO;AAAA,MACL,SAAS,CAAC;AAAA,QACR,MAAM;AAAA,QACN,MAAM,KAAK,UAAU;AAAA,UACnB,QAAQ;AAAA,UACR,UAAU,MAAM;AAAA,UAChB,aAAa,GAAG,GAAG,4BAA4B,MAAM,EAAE;AAAA,UACvD,SAAS;AAAA,QACX,GAAG,MAAM,CAAC;AAAA,MACZ,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AAED,SAAO,aAAa,mBAAmB;AAAA,IACrC,aAAa;AAAA,IACb,aAAa;AAAA,MACX,KAAK,EAAE,OAAO,EAAE,SAAS,wBAAwB;AAAA,IACnD;AAAA,EACF,GAAG,CAAC,EAAE,IAAI,MAAM;AACd,QAAI,QAAQ,OAAO;AACjB,YAAM,MAAM,UAAU;AACtB,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,OAAO,iBAAiB,CAAC,EAAE;AAAA,IAC/E;AACA,QAAI,QAAQ,SAAS;AACnB,YAAM,QAAQ,qBAAqB;AACnC,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,SAAS,gBAAgB,CAAC,EAAE;AAAA,IAChF;AACA,WAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,gBAAgB,GAAG,GAAG,CAAC,EAAE;AAAA,EAC7E,CAAC;AAED,SAAO,aAAa,gBAAgB;AAAA,IAClC,aAAa;AAAA,IACb,aAAa;AAAA,MACX,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,2DAA2D;AAAA,MACjG,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,4BAA4B;AAAA,IACtE;AAAA,EACF,GAAG,OAAO,EAAE,SAAS,QAAQ,MAAM;AACjC,QAAI;AACF,YAAM,SAASC,aAAY,QAAQ,CAAC,GAAI,OAAO;AAC/C,YAAM,WAAW,MAAM,eAAe,QAAQ,OAAO;AACrD,aAAO;AAAA,QACL,SAAS,CAAC;AAAA,UACR,MAAM;AAAA,UACN,MAAM,KAAK,UAAU;AAAA,YACnB,SAAS,SAAS,QAAQ,IAAI;AAAA,YAC9B,WAAW,SAAS,OAAO;AAAA,YAC3B,SAAS,SAAS,OAAO;AAAA,YACzB,YAAY,SAAS;AAAA,YACrB,gBAAgB,SAAS,OAAO;AAAA,YAChC,eAAe,SAAS,OAAO,aAAa,iBAAiB;AAAA,YAC7D,gBAAgB,SAAS;AAAA,UAC3B,GAAG,MAAM,CAAC;AAAA,QACZ,CAAC;AAAA,MACH;AAAA,IACF,SACO,KAAK;AACV,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,SAAS,KAAK;AAAA,IACnI;AAAA,EACF,CAAC;AAED,SAAO,aAAa,qBAAqB;AAAA,IACvC,aAAa;AAAA,EACf,GAAG,MAAM;AACP,UAAM,QAAQ,iBAAiB;AAC/B,UAAM,WAAW,CAAC,GAAG,IAAI,IAAI,MAAM,IAAI,OAAK,EAAE,SAAS,CAAC,CAAC;AACzD,WAAO;AAAA,MACL,SAAS,CAAC;AAAA,QACR,MAAM;AAAA,QACN,MAAM,SAAS,SAAS,IACpB,uBAAuB,SAAS,KAAK,IAAI,CAAC,KAC1C;AAAA,MACN,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AAED,SAAO,aAAa,cAAc;AAAA,IAChC,aAAa;AAAA,IACb,aAAa;AAAA,MACX,QAAQ,EAAE,OAAO,EAAE,SAAS,sCAAsC;AAAA,MAClE,KAAK,EAAE,OAAO,EAAE,SAAS,cAAc;AAAA,MACvC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,4BAA4B;AAAA,IACnE;AAAA,EACF,GAAG,OAAO,EAAE,QAAQ,KAAK,KAAK,MAAM;AAClC,UAAM,QAAQ,aAAa;AAC3B,QAAI,CAAC;AACH,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,6CAA6C,CAAC,GAAG,SAAS,KAAK;AAEnH,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC;AAAA,MACA,SAAS;AAAA,QACP,iBAAiB,UAAU,KAAK;AAAA,QAChC,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,QAAQ;AAAA,IAChB,CAAC;AACD,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,QAAI;AACF,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,KAAK,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IACjG,QACM;AACJ,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,KAAK,CAAC,EAAE;AAAA,IACtD;AAAA,EACF,CAAC;AACH;AAEO,SAAS,qBAAqB,QAAmB;AACtD,QAAM,eAAe,iBAAiB;AAEtC,aAAW,QAAQ,cAAc;AAE/B,UAAM,cAAyC;AAAA,MAC7C,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,oDAAoD;AAAA,IAC/F;AAEA,QAAI,KAAK,eAAe,OAAO,KAAK,gBAAgB,UAAU;AAC5D,YAAM,QAAS,KAAK,YAA0E;AAC9F,UAAI,OAAO;AACT,mBAAW,CAAC,KAAK,GAAG,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC9C,sBAAY,GAAG,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,IAAI,eAAe,GAAG;AAAA,QAC1E;AAAA,MACF;AAAA,IACF;AAEA,WAAO,aAAa,KAAK,MAAM;AAAA,MAC7B,aAAa,KAAK;AAAA,MAClB,aAAa;AAAA,IACf,GAAG,OAAO,SAAS;AACjB,YAAM,MAAM,UAAU;AACtB,UAAI,CAAC;AACH,eAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,0CAA0C,CAAC,GAAG,SAAS,KAAK;AAEhH,UAAI;AACF,cAAM,SAASA,aAAY,KAAK,SAAS;AACzC,cAAM,KAAK,OAAO,QAAQ,WAAW,KAAK,OAAK,EAAE,OAAO,KAAK,WAAW;AACxE,YAAI,CAAC;AACH,iBAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,aAAa,KAAK,WAAW,aAAa,CAAC,GAAG,SAAS,KAAK;AAEhH,cAAM,OAAO,CAAC,OAAO,QAAQ,IAAI,YAAY,GAAG,GAAG,OAAO;AAC1D,YAAI,GAAG,aAAa;AAClB,qBAAW,OAAO,GAAG,aAAa;AAChC,gBAAI,KAAK,GAAG;AACV,mBAAK,KAAK,OAAO,KAAK,GAAG,CAAC,CAAC;AAAA,UAC/B;AAAA,QACF;AACA,YAAI,GAAG,kBAAkB;AACvB,qBAAW,OAAO,GAAG,kBAAkB;AACrC,kBAAM,OAAO,IAAI,QAAQ,OAAO,EAAE;AAClC,gBAAI,KAAK,IAAI;AACX,mBAAK,KAAK,KAAK,OAAO,KAAK,IAAI,CAAC,CAAC;AAAA,UACrC;AAAA,QACF;AAEA,cAAM,WAAW,MAAM,eAAe,QAAQ,IAAI;AAElD,YAAI,KAAK,UAAU;AACjB,gBAAM,QAAQ,MAAM,gBAAgB,KAAK,OAAO,KAAK,QAAQ,CAAC;AAC9D,gBAAM,iBAAiB,OAAO,QAAQ;AACtC,iBAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,iCAAiC,CAAC,EAAE;AAAA,QACxF;AAEA,cAAM,QAAQ,MAAM,kBAAkB,UAAU,EAAE,KAAK,UAAU,OAAO,CAAC;AACzE,eAAO;AAAA,UACL,SAAS,CAAC;AAAA,YACR,MAAM;AAAA,YACN,MAAM,KAAK,UAAU;AAAA,cACnB,QAAQ;AAAA,cACR,UAAU,MAAM;AAAA,cAChB,aAAa,GAAG,GAAG,4BAA4B,MAAM,EAAE;AAAA,cACvD,SAAS;AAAA,YACX,GAAG,MAAM,CAAC;AAAA,UACZ,CAAC;AAAA,QACH;AAAA,MACF,SACO,KAAK;AACV,eAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,SAAS,KAAK;AAAA,MACnI;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AD1OA,eAAsB,eAAe,WAA4B,MAAc;AAC7E,QAAM,SAAS,IAAI,UAAU;AAAA,IAC3B,MAAM;AAAA,IACN,SAAS,OAAqC,UAAc;AAAA,EAC9D,CAAC;AAGD,sBAAoB,MAAM;AAG1B,uBAAqB,MAAM;AAE3B,MAAI,cAAc,SAAS;AACzB,UAAM,iBAAiB,IAAI,qBAAqB;AAChD,UAAM,OAAO,QAAQ,cAAc;AAAA,EACrC,WACS,cAAc,OAAO;AAC5B,UAAM,aAAa,aAAa,OAAO,KAAK,QAAQ;AAClD,UAAI,IAAI,QAAQ,UAAU,IAAI,WAAW,OAAO;AAC9C,cAAM,eAAe,IAAI,mBAAmB,aAAa,GAAG;AAC5D,cAAM,OAAO,QAAQ,YAAY;AAAA,MACnC,WACS,IAAI,QAAQ,eAAe,IAAI,WAAW,QAAQ;AAEzD,YAAI,UAAU,GAAG;AACjB,YAAI,IAAI;AAAA,MACV,OACK;AACH,YAAI,UAAU,GAAG;AACjB,YAAI,IAAI,WAAW;AAAA,MACrB;AAAA,IACF,CAAC;AAED,eAAW,OAAO,MAAM,MAAM;AAC5B,cAAQ,KAAK,gDAAgD,IAAI,MAAM;AAAA,IACzE,CAAC;AAAA,EACH;AACF;","names":["loadAdapter","loadAdapter"]}

package/dist/ssh-key-ABJCJDH7.js

@@ -0,0 +1,79 @@
+#!/usr/bin/env node
+
+// src/ssh-key.ts
+import { Buffer } from "buffer";
+import { createPrivateKey } from "crypto";
+var OPENSSH_MAGIC = "openssh-key-v1\0";
+function loadEd25519PrivateKey(pem) {
+  if (pem.includes("BEGIN OPENSSH PRIVATE KEY")) {
+    return parseOpenSSHEd25519(pem);
+  }
+  return createPrivateKey(pem);
+}
+function parseOpenSSHEd25519(pem) {
+  const b64 = pem.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/, "").replace(/-----END OPENSSH PRIVATE KEY-----/, "").replace(/\s/g, "");
+  const buf = Buffer.from(b64, "base64");
+  let offset = 0;
+  const magic = buf.subarray(0, OPENSSH_MAGIC.length).toString("ascii");
+  if (magic !== OPENSSH_MAGIC) {
+    throw new Error("Not an OpenSSH private key");
+  }
+  offset += OPENSSH_MAGIC.length;
+  const cipherLen = buf.readUInt32BE(offset);
+  offset += 4;
+  const cipher = buf.subarray(offset, offset + cipherLen).toString();
+  offset += cipherLen;
+  if (cipher !== "none") {
+    throw new Error(`Encrypted keys not supported (cipher: ${cipher}). Decrypt first with: ssh-keygen -p -f <key>`);
+  }
+  const kdfLen = buf.readUInt32BE(offset);
+  offset += 4;
+  offset += kdfLen;
+  const kdfOptsLen = buf.readUInt32BE(offset);
+  offset += 4;
+  offset += kdfOptsLen;
+  const numKeys = buf.readUInt32BE(offset);
+  offset += 4;
+  if (numKeys !== 1) {
+    throw new Error(`Expected 1 key, got ${numKeys}`);
+  }
+  const pubSectionLen = buf.readUInt32BE(offset);
+  offset += 4;
+  offset += pubSectionLen;
+  const privSectionLen = buf.readUInt32BE(offset);
+  offset += 4;
+  const privSection = buf.subarray(offset, offset + privSectionLen);
+  let pOffset = 0;
+  const check1 = privSection.readUInt32BE(pOffset);
+  pOffset += 4;
+  const check2 = privSection.readUInt32BE(pOffset);
+  pOffset += 4;
+  if (check1 !== check2) {
+    throw new Error("Check integers mismatch \u2014 key may be corrupted or encrypted");
+  }
+  const keyTypeLen = privSection.readUInt32BE(pOffset);
+  pOffset += 4;
+  const keyType = privSection.subarray(pOffset, pOffset + keyTypeLen).toString();
+  pOffset += keyTypeLen;
+  if (keyType !== "ssh-ed25519") {
+    throw new Error(`Expected ssh-ed25519, got ${keyType}`);
+  }
+  const pubKeyLen = privSection.readUInt32BE(pOffset);
+  pOffset += 4;
+  const pubKey = privSection.subarray(pOffset, pOffset + pubKeyLen);
+  pOffset += pubKeyLen;
+  const privKeyLen = privSection.readUInt32BE(pOffset);
+  pOffset += 4;
+  const privKeyData = privSection.subarray(pOffset, pOffset + privKeyLen);
+  const seed = privKeyData.subarray(0, 32);
+  const d = seed.toString("base64url");
+  const x = pubKey.toString("base64url");
+  return createPrivateKey({
+    key: { kty: "OKP", crv: "Ed25519", d, x },
+    format: "jwk"
+  });
+}
+export {
+  loadEd25519PrivateKey
+};
+//# sourceMappingURL=ssh-key-ABJCJDH7.js.map

package/dist/ssh-key-ABJCJDH7.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/ssh-key.ts"],"sourcesContent":["import { Buffer } from 'node:buffer'\nimport type { KeyObject } from 'node:crypto'\nimport { createPrivateKey } from 'node:crypto'\n\nconst OPENSSH_MAGIC = 'openssh-key-v1\\0'\n\n/**\n * Parse an OpenSSH Ed25519 private key file and return a Node.js KeyObject.\n * Supports both OpenSSH format (-----BEGIN OPENSSH PRIVATE KEY-----)\n * and PKCS8 PEM format (-----BEGIN PRIVATE KEY-----).\n */\nexport function loadEd25519PrivateKey(pem: string): KeyObject {\n  if (pem.includes('BEGIN OPENSSH PRIVATE KEY')) {\n    return parseOpenSSHEd25519(pem)\n  }\n  // PKCS8 PEM — Node.js handles this natively\n  return createPrivateKey(pem)\n}\n\nfunction parseOpenSSHEd25519(pem: string): KeyObject {\n  const b64 = pem\n    .replace(/-----BEGIN OPENSSH PRIVATE KEY-----/, '')\n    .replace(/-----END OPENSSH PRIVATE KEY-----/, '')\n    .replace(/\\s/g, '')\n\n  const buf = Buffer.from(b64, 'base64')\n  let offset = 0\n\n  // Verify magic\n  const magic = buf.subarray(0, OPENSSH_MAGIC.length).toString('ascii')\n  if (magic !== OPENSSH_MAGIC) {\n    throw new Error('Not an OpenSSH private key')\n  }\n  offset += OPENSSH_MAGIC.length\n\n  // ciphername\n  const cipherLen = buf.readUInt32BE(offset); offset += 4\n  const cipher = buf.subarray(offset, offset + cipherLen).toString(); offset += cipherLen\n  if (cipher !== 'none') {\n    throw new Error(`Encrypted keys not supported (cipher: ${cipher}). Decrypt first with: ssh-keygen -p -f <key>`)\n  }\n\n  // kdfname\n  const kdfLen = buf.readUInt32BE(offset); offset += 4\n  offset += kdfLen // skip kdf\n\n  // kdfoptions\n  const kdfOptsLen = buf.readUInt32BE(offset); offset += 4\n  offset += kdfOptsLen // skip\n\n  // number of keys\n  const numKeys = buf.readUInt32BE(offset); offset += 4\n  if (numKeys !== 1) {\n    throw new Error(`Expected 1 key, got ${numKeys}`)\n  }\n\n  // public key section (skip)\n  const pubSectionLen = buf.readUInt32BE(offset); offset += 4\n  offset += pubSectionLen\n\n  // private key section\n  const privSectionLen = buf.readUInt32BE(offset); offset += 4\n  const privSection = buf.subarray(offset, offset + privSectionLen)\n  let pOffset = 0\n\n  // check integers (must match)\n  const check1 = privSection.readUInt32BE(pOffset); pOffset += 4\n  const check2 = privSection.readUInt32BE(pOffset); pOffset += 4\n  if (check1 !== check2) {\n    throw new Error('Check integers mismatch — key may be corrupted or encrypted')\n  }\n\n  // keytype string\n  const keyTypeLen = privSection.readUInt32BE(pOffset); pOffset += 4\n  const keyType = privSection.subarray(pOffset, pOffset + keyTypeLen).toString(); pOffset += keyTypeLen\n  if (keyType !== 'ssh-ed25519') {\n    throw new Error(`Expected ssh-ed25519, got ${keyType}`)\n  }\n\n  // public key (32 bytes, prefixed with length)\n  const pubKeyLen = privSection.readUInt32BE(pOffset); pOffset += 4\n  const pubKey = privSection.subarray(pOffset, pOffset + pubKeyLen); pOffset += pubKeyLen\n\n  // private key (64 bytes = 32-byte seed + 32-byte pubkey, prefixed with length)\n  const privKeyLen = privSection.readUInt32BE(pOffset); pOffset += 4\n  const privKeyData = privSection.subarray(pOffset, pOffset + privKeyLen)\n\n  const seed = privKeyData.subarray(0, 32) // Ed25519 seed\n\n  // Import as JWK\n  const d = seed.toString('base64url')\n  const x = pubKey.toString('base64url')\n\n  return createPrivateKey({\n    key: { kty: 'OKP', crv: 'Ed25519', d, x },\n    format: 'jwk',\n  })\n}\n"],"mappings":";;;AAAA,SAAS,cAAc;AAEvB,SAAS,wBAAwB;AAEjC,IAAM,gBAAgB;AAOf,SAAS,sBAAsB,KAAwB;AAC5D,MAAI,IAAI,SAAS,2BAA2B,GAAG;AAC7C,WAAO,oBAAoB,GAAG;AAAA,EAChC;AAEA,SAAO,iBAAiB,GAAG;AAC7B;AAEA,SAAS,oBAAoB,KAAwB;AACnD,QAAM,MAAM,IACT,QAAQ,uCAAuC,EAAE,EACjD,QAAQ,qCAAqC,EAAE,EAC/C,QAAQ,OAAO,EAAE;AAEpB,QAAM,MAAM,OAAO,KAAK,KAAK,QAAQ;AACrC,MAAI,SAAS;AAGb,QAAM,QAAQ,IAAI,SAAS,GAAG,cAAc,MAAM,EAAE,SAAS,OAAO;AACpE,MAAI,UAAU,eAAe;AAC3B,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AACA,YAAU,cAAc;AAGxB,QAAM,YAAY,IAAI,aAAa,MAAM;AAAG,YAAU;AACtD,QAAM,SAAS,IAAI,SAAS,QAAQ,SAAS,SAAS,EAAE,SAAS;AAAG,YAAU;AAC9E,MAAI,WAAW,QAAQ;AACrB,UAAM,IAAI,MAAM,yCAAyC,MAAM,+CAA+C;AAAA,EAChH;AAGA,QAAM,SAAS,IAAI,aAAa,MAAM;AAAG,YAAU;AACnD,YAAU;AAGV,QAAM,aAAa,IAAI,aAAa,MAAM;AAAG,YAAU;AACvD,YAAU;AAGV,QAAM,UAAU,IAAI,aAAa,MAAM;AAAG,YAAU;AACpD,MAAI,YAAY,GAAG;AACjB,UAAM,IAAI,MAAM,uBAAuB,OAAO,EAAE;AAAA,EAClD;AAGA,QAAM,gBAAgB,IAAI,aAAa,MAAM;AAAG,YAAU;AAC1D,YAAU;AAGV,QAAM,iBAAiB,IAAI,aAAa,MAAM;AAAG,YAAU;AAC3D,QAAM,cAAc,IAAI,SAAS,QAAQ,SAAS,cAAc;AAChE,MAAI,UAAU;AAGd,QAAM,SAAS,YAAY,aAAa,OAAO;AAAG,aAAW;AAC7D,QAAM,SAAS,YAAY,aAAa,OAAO;AAAG,aAAW;AAC7D,MAAI,WAAW,QAAQ;AACrB,UAAM,IAAI,MAAM,kEAA6D;AAAA,EAC/E;AAGA,QAAM,aAAa,YAAY,aAAa,OAAO;AAAG,aAAW;AACjE,QAAM,UAAU,YAAY,SAAS,SAAS,UAAU,UAAU,EAAE,SAAS;AAAG,aAAW;AAC3F,MAAI,YAAY,eAAe;AAC7B,UAAM,IAAI,MAAM,6BAA6B,OAAO,EAAE;AAAA,EACxD;AAGA,QAAM,YAAY,YAAY,aAAa,OAAO;AAAG,aAAW;AAChE,QAAM,SAAS,YAAY,SAAS,SAAS,UAAU,SAAS;AAAG,aAAW;AAG9E,QAAM,aAAa,YAAY,aAAa,OAAO;AAAG,aAAW;AACjE,QAAM,cAAc,YAAY,SAAS,SAAS,UAAU,UAAU;AAEtE,QAAM,OAAO,YAAY,SAAS,GAAG,EAAE;AAGvC,QAAM,IAAI,KAAK,SAAS,WAAW;AACnC,QAAM,IAAI,OAAO,SAAS,WAAW;AAErC,SAAO,iBAAiB;AAAA,IACtB,KAAK,EAAE,KAAK,OAAO,KAAK,WAAW,GAAG,EAAE;AAAA,IACxC,QAAQ;AAAA,EACV,CAAC;AACH;","names":[]}

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "@openape/apes",
+  "version": "0.2.0",
+  "description": "Unified CLI + MCP Server for OpenApe",
+  "type": "module",
+  "bin": {
+    "apes": "./dist/cli.js"
+  },
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1",
+    "citty": "^0.1.6",
+    "consola": "^3.4.2",
+    "zod": "^4.3.6",
+    "@openape/core": "0.9.0",
+    "@openape/shapes": "0.4.0",
+    "@openape/grants": "0.5.2"
+  },
+  "devDependencies": {
+    "@types/node": "^25.3.5",
+    "tsup": "^8.5.1",
+    "typescript": "^5.8.2",
+    "vitest": "^3.2.4"
+  },
+  "license": "MIT",
+  "author": "Patrick Hofmann <phofmann@delta-mind.at>",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/openape-ai/openape.git",
+    "directory": "packages/apes"
+  },
+  "scripts": {
+    "build": "tsup",
+    "lint": "eslint .",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run"
+  }
+}