@openparachute/hub 0.6.3-rc.4 → 0.6.4-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/package.json +1 -1
  2. package/src/__tests__/account-home-ui.test.ts +97 -0
  3. package/src/__tests__/account-setup.test.ts +609 -0
  4. package/src/__tests__/account-usage.test.ts +137 -0
  5. package/src/__tests__/account-vault-admin-token.test.ts +301 -0
  6. package/src/__tests__/account-vault-token.test.ts +53 -1
  7. package/src/__tests__/admin-vault-admin-token.test.ts +17 -0
  8. package/src/__tests__/admin-vaults.test.ts +20 -0
  9. package/src/__tests__/api-account.test.ts +125 -4
  10. package/src/__tests__/api-invites.test.ts +180 -0
  11. package/src/__tests__/api-mint-token.test.ts +259 -10
  12. package/src/__tests__/api-modules-ops.test.ts +187 -1
  13. package/src/__tests__/api-modules.test.ts +40 -4
  14. package/src/__tests__/api-settings-hub-origin.test.ts +13 -8
  15. package/src/__tests__/auto-wire.test.ts +101 -1
  16. package/src/__tests__/cli.test.ts +188 -2
  17. package/src/__tests__/expose-2fa-warning.test.ts +11 -8
  18. package/src/__tests__/expose-cloudflare.test.ts +5 -4
  19. package/src/__tests__/expose.test.ts +10 -5
  20. package/src/__tests__/hub-origin-resolution.test.ts +179 -25
  21. package/src/__tests__/hub-server.test.ts +628 -13
  22. package/src/__tests__/hub-unit.test.ts +4 -0
  23. package/src/__tests__/invites.test.ts +220 -0
  24. package/src/__tests__/launchctl-guard.test.ts +185 -0
  25. package/src/__tests__/migrate-cutover.test.ts +32 -0
  26. package/src/__tests__/module-ops-client.test.ts +68 -0
  27. package/src/__tests__/scope-explanations.test.ts +16 -0
  28. package/src/__tests__/serve-boot.test.ts +74 -1
  29. package/src/__tests__/serve.test.ts +121 -7
  30. package/src/__tests__/spawn-path.test.ts +191 -0
  31. package/src/__tests__/status.test.ts +64 -0
  32. package/src/__tests__/supervisor.test.ts +177 -0
  33. package/src/__tests__/users.test.ts +27 -0
  34. package/src/account-home-ui.ts +207 -20
  35. package/src/account-setup.ts +342 -0
  36. package/src/account-usage.ts +118 -0
  37. package/src/account-vault-admin-token.ts +242 -0
  38. package/src/account-vault-token.ts +27 -2
  39. package/src/admin-login-ui.ts +94 -0
  40. package/src/admin-vault-admin-token.ts +8 -2
  41. package/src/admin-vaults.ts +137 -29
  42. package/src/api-account.ts +54 -1
  43. package/src/api-invites.ts +347 -0
  44. package/src/api-mint-token.ts +81 -0
  45. package/src/api-modules-ops.ts +168 -53
  46. package/src/api-modules.ts +36 -0
  47. package/src/auto-wire.ts +87 -0
  48. package/src/cli.ts +122 -32
  49. package/src/commands/expose-2fa-warning.ts +17 -13
  50. package/src/commands/migrate-cutover.ts +12 -5
  51. package/src/commands/serve-boot.ts +33 -3
  52. package/src/commands/serve.ts +158 -37
  53. package/src/commands/status.ts +9 -1
  54. package/src/hub-db.ts +70 -2
  55. package/src/hub-server.ts +399 -41
  56. package/src/hub-unit.ts +4 -9
  57. package/src/invites.ts +291 -0
  58. package/src/launchctl-guard.ts +131 -0
  59. package/src/managed-unit.ts +13 -3
  60. package/src/migrate-offer.ts +15 -6
  61. package/src/module-ops-client.ts +47 -22
  62. package/src/scope-attenuation.ts +19 -0
  63. package/src/scope-explanations.ts +9 -1
  64. package/src/service-spec.ts +8 -3
  65. package/src/spawn-path.ts +148 -0
  66. package/src/supervisor.ts +84 -7
  67. package/src/users.ts +42 -4
  68. package/src/vault-hub-origin-env.ts +28 -0
  69. package/src/vault-name.ts +13 -1
  70. package/web/ui/dist/assets/{index-mz8XcVPP.css → index-BYYUeLGA.css} +1 -1
  71. package/web/ui/dist/assets/index-D3cDUOOj.js +61 -0
  72. package/web/ui/dist/index.html +2 -2
  73. package/web/ui/dist/assets/index-D_6AFvZy.js +0 -61
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@openparachute/hub",
3
- "version": "0.6.3-rc.4",
3
+ "version": "0.6.4-rc.1",
4
4
  "description": "parachute — the local hub for the Parachute ecosystem (discovery, ports, lifecycle, soon OAuth).",
5
5
  "license": "AGPL-3.0",
6
6
  "publishConfig": {
package/src/__tests__/account-home-ui.test.ts CHANGED
@@ -175,6 +175,103 @@ describe("renderAccountHome", () => {
175
175
  expect(html).not.toContain('data-testid="mcp-connect"');
176
176
  });
177
177
 
178
+ test("get-started card — links to the two onboarding prompts, placed before the vault card", () => {
179
+ const html = renderAccountHome({
180
+ username: "alice",
181
+ assignedVaults: ["alice"],
182
+ passwordChanged: true,
183
+ hubOrigin: HUB_ORIGIN,
184
+ isFirstAdmin: false,
185
+ csrfToken: CSRF,
186
+ twoFactorEnabled: false,
187
+ });
188
+ // The card renders with both onboarding-prompt links (mirrors the
189
+ // operator setup-wizard's starter-prompts section).
190
+ expect(html).toContain('data-testid="get-started-card"');
191
+ expect(html).toContain("Get started with your AI");
192
+ expect(html).toContain("https://parachute.computer/onboarding/vault-setup/");
193
+ expect(html).toContain("https://parachute.computer/onboarding/surface-build/");
194
+ expect(html).toContain('data-testid="starter-vault-setup"');
195
+ expect(html).toContain('data-testid="starter-surface-build"');
196
+ // External links open safely.
197
+ expect(html).toContain('rel="noopener"');
198
+ // Placed prominently — before the vault card in document order.
199
+ expect(html.indexOf('data-testid="get-started-card"')).toBeLessThan(
200
+ html.indexOf('data-testid="vault-card"'),
201
+ );
202
+ });
203
+
204
+ test("get-started card — present on the admin branch, hidden on the no-vault branch", () => {
205
+ // The on-ramp belongs on branches that have a vault to act against (admin +
206
+ // assigned-vault). It's suppressed on the no-vault branch, where the page
207
+ // says "You don't have a vault yet" — a do-the-thing card there would
208
+ // contradict the you-lack-the-prerequisite message.
209
+ const admin = renderAccountHome({
210
+ username: "admin",
211
+ assignedVaults: [],
212
+ passwordChanged: true,
213
+ hubOrigin: HUB_ORIGIN,
214
+ isFirstAdmin: true,
215
+ csrfToken: CSRF,
216
+ twoFactorEnabled: false,
217
+ });
218
+ expect(admin).toContain('data-testid="get-started-card"');
219
+
220
+ const noVault = renderAccountHome({
221
+ username: "ghost",
222
+ assignedVaults: [],
223
+ passwordChanged: true,
224
+ hubOrigin: HUB_ORIGIN,
225
+ isFirstAdmin: false,
226
+ csrfToken: CSRF,
227
+ twoFactorEnabled: false,
228
+ });
229
+ // No-vault branch: card suppressed, and the no-vault message stands alone.
230
+ expect(noVault).not.toContain('data-testid="get-started-card"');
231
+ expect(noVault).toContain('data-testid="no-vault-card"');
232
+ });
233
+
234
+ test("connect-any-client hint bridges MCP ↔ ChatGPT 'connector' terminology", () => {
235
+ const html = renderAccountHome({
236
+ username: "alice",
237
+ assignedVaults: ["alice"],
238
+ passwordChanged: true,
239
+ hubOrigin: HUB_ORIGIN,
240
+ isFirstAdmin: false,
241
+ csrfToken: CSRF,
242
+ twoFactorEnabled: false,
243
+ });
244
+ // The "any other client" hint now names the ChatGPT "connector" term so
245
+ // a friend who only knows that word can find the right place to paste.
246
+ // Assert the NEW hint string specifically — a bare toContain("connector")
247
+ // was already satisfied pre-PR by the Claude.ai "Connectors" block, so it
248
+ // wouldn't catch a regression that drops this bridging copy.
249
+ expect(html).toContain('data-testid="connect-any-client-hint"');
250
+ expect(html).toContain('call these "connectors."');
251
+ });
252
+
253
+ test("account card — security actions collapse into a secondary <details>", () => {
254
+ const html = renderAccountHome({
255
+ username: "alice",
256
+ assignedVaults: ["alice"],
257
+ passwordChanged: true,
258
+ hubOrigin: HUB_ORIGIN,
259
+ isFirstAdmin: false,
260
+ csrfToken: CSRF,
261
+ twoFactorEnabled: false,
262
+ });
263
+ // Username + sign-out stay prominent; change-password + 2FA tuck into a
264
+ // collapsed "Security & password" details so the card reads calmer.
265
+ expect(html).toContain('data-testid="account-security"');
266
+ expect(html).toContain("Security &amp; password");
267
+ // The security actions live inside the details block (after its summary).
268
+ const securityIdx = html.indexOf('data-testid="account-security"');
269
+ expect(securityIdx).toBeGreaterThan(-1);
270
+ expect(html.indexOf('data-testid="change-password-link"')).toBeGreaterThan(securityIdx);
271
+ // Sign-out form comes BEFORE the security details — it stays prominent.
272
+ expect(html.indexOf('data-testid="signout-form"')).toBeLessThan(securityIdx);
273
+ });
274
+
178
275
  test("account card — change-password link and sign-out form are present", () => {
179
276
  const html = renderAccountHome({
180
277
  username: "alice",