npm - @pleri/olam-cli - Versions diffs - 0.1.7 - Mend

@pleri/olam-cli 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (196) hide show

package/dist/__tests__/auth-status.test.d.ts +2 -0
package/dist/__tests__/auth-status.test.d.ts.map +1 -0
package/dist/__tests__/auth-status.test.js +290 -0
package/dist/__tests__/auth-status.test.js.map +1 -0
package/dist/__tests__/auth-upgrade.test.d.ts +9 -0
package/dist/__tests__/auth-upgrade.test.d.ts.map +1 -0
package/dist/__tests__/auth-upgrade.test.js +161 -0
package/dist/__tests__/auth-upgrade.test.js.map +1 -0
package/dist/__tests__/create-app-urls.test.d.ts +2 -0
package/dist/__tests__/create-app-urls.test.d.ts.map +1 -0
package/dist/__tests__/create-app-urls.test.js +102 -0
package/dist/__tests__/create-app-urls.test.js.map +1 -0
package/dist/__tests__/enter.test.d.ts +2 -0
package/dist/__tests__/enter.test.d.ts.map +1 -0
package/dist/__tests__/enter.test.js +90 -0
package/dist/__tests__/enter.test.js.map +1 -0
package/dist/__tests__/host-cp-gh-token.test.d.ts +9 -0
package/dist/__tests__/host-cp-gh-token.test.d.ts.map +1 -0
package/dist/__tests__/host-cp-gh-token.test.js +119 -0
package/dist/__tests__/host-cp-gh-token.test.js.map +1 -0
package/dist/__tests__/host-cp.test.d.ts +9 -0
package/dist/__tests__/host-cp.test.d.ts.map +1 -0
package/dist/__tests__/host-cp.test.js +254 -0
package/dist/__tests__/host-cp.test.js.map +1 -0
package/dist/__tests__/keys.test.d.ts +9 -0
package/dist/__tests__/keys.test.d.ts.map +1 -0
package/dist/__tests__/keys.test.js +145 -0
package/dist/__tests__/keys.test.js.map +1 -0
package/dist/__tests__/logs.test.d.ts +9 -0
package/dist/__tests__/logs.test.d.ts.map +1 -0
package/dist/__tests__/logs.test.js +124 -0
package/dist/__tests__/logs.test.js.map +1 -0
package/dist/__tests__/ps.test.d.ts +2 -0
package/dist/__tests__/ps.test.d.ts.map +1 -0
package/dist/__tests__/ps.test.js +172 -0
package/dist/__tests__/ps.test.js.map +1 -0
package/dist/__tests__/status-app-urls.test.d.ts +2 -0
package/dist/__tests__/status-app-urls.test.d.ts.map +1 -0
package/dist/__tests__/status-app-urls.test.js +125 -0
package/dist/__tests__/status-app-urls.test.js.map +1 -0
package/dist/__tests__/upgrade.test.d.ts +9 -0
package/dist/__tests__/upgrade.test.d.ts.map +1 -0
package/dist/__tests__/upgrade.test.js +262 -0
package/dist/__tests__/upgrade.test.js.map +1 -0
package/dist/commands/__tests__/carry-uncommitted.test.d.ts +14 -0
package/dist/commands/__tests__/carry-uncommitted.test.d.ts.map +1 -0
package/dist/commands/__tests__/carry-uncommitted.test.js +83 -0
package/dist/commands/__tests__/carry-uncommitted.test.js.map +1 -0
package/dist/commands/__tests__/openHostCpUrl.test.d.ts +2 -0
package/dist/commands/__tests__/openHostCpUrl.test.d.ts.map +1 -0
package/dist/commands/__tests__/openHostCpUrl.test.js +63 -0
package/dist/commands/__tests__/openHostCpUrl.test.js.map +1 -0
package/dist/commands/__tests__/refresh.test.d.ts +13 -0
package/dist/commands/__tests__/refresh.test.d.ts.map +1 -0
package/dist/commands/__tests__/refresh.test.js +170 -0
package/dist/commands/__tests__/refresh.test.js.map +1 -0
package/dist/commands/auth-status.d.ts +43 -0
package/dist/commands/auth-status.d.ts.map +1 -0
package/dist/commands/auth-status.js +208 -0
package/dist/commands/auth-status.js.map +1 -0
package/dist/commands/auth-upgrade.d.ts +47 -0
package/dist/commands/auth-upgrade.d.ts.map +1 -0
package/dist/commands/auth-upgrade.js +277 -0
package/dist/commands/auth-upgrade.js.map +1 -0
package/dist/commands/auth.d.ts +16 -0
package/dist/commands/auth.d.ts.map +1 -0
package/dist/commands/auth.js +283 -0
package/dist/commands/auth.js.map +1 -0
package/dist/commands/create.d.ts +8 -0
package/dist/commands/create.d.ts.map +1 -0
package/dist/commands/create.js +512 -0
package/dist/commands/create.js.map +1 -0
package/dist/commands/crystallize.d.ts +8 -0
package/dist/commands/crystallize.d.ts.map +1 -0
package/dist/commands/crystallize.js +101 -0
package/dist/commands/crystallize.js.map +1 -0
package/dist/commands/destroy.d.ts +6 -0
package/dist/commands/destroy.d.ts.map +1 -0
package/dist/commands/destroy.js +54 -0
package/dist/commands/destroy.js.map +1 -0
package/dist/commands/dispatch.d.ts +9 -0
package/dist/commands/dispatch.d.ts.map +1 -0
package/dist/commands/dispatch.js +94 -0
package/dist/commands/dispatch.js.map +1 -0
package/dist/commands/enter.d.ts +63 -0
package/dist/commands/enter.d.ts.map +1 -0
package/dist/commands/enter.js +206 -0
package/dist/commands/enter.js.map +1 -0
package/dist/commands/host-cp.d.ts +191 -0
package/dist/commands/host-cp.d.ts.map +1 -0
package/dist/commands/host-cp.js +797 -0
package/dist/commands/host-cp.js.map +1 -0
package/dist/commands/init.d.ts +9 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +143 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/install.d.ts +22 -0
package/dist/commands/install.d.ts.map +1 -0
package/dist/commands/install.js +203 -0
package/dist/commands/install.js.map +1 -0
package/dist/commands/keys.d.ts +26 -0
package/dist/commands/keys.d.ts.map +1 -0
package/dist/commands/keys.js +151 -0
package/dist/commands/keys.js.map +1 -0
package/dist/commands/lanes.d.ts +18 -0
package/dist/commands/lanes.d.ts.map +1 -0
package/dist/commands/lanes.js +122 -0
package/dist/commands/lanes.js.map +1 -0
package/dist/commands/list.d.ts +6 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +39 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/logs.d.ts +38 -0
package/dist/commands/logs.d.ts.map +1 -0
package/dist/commands/logs.js +177 -0
package/dist/commands/logs.js.map +1 -0
package/dist/commands/observe.d.ts +9 -0
package/dist/commands/observe.d.ts.map +1 -0
package/dist/commands/observe.js +34 -0
package/dist/commands/observe.js.map +1 -0
package/dist/commands/policy-check.d.ts +14 -0
package/dist/commands/policy-check.d.ts.map +1 -0
package/dist/commands/policy-check.js +76 -0
package/dist/commands/policy-check.js.map +1 -0
package/dist/commands/pr.d.ts +17 -0
package/dist/commands/pr.d.ts.map +1 -0
package/dist/commands/pr.js +148 -0
package/dist/commands/pr.js.map +1 -0
package/dist/commands/ps.d.ts +25 -0
package/dist/commands/ps.d.ts.map +1 -0
package/dist/commands/ps.js +164 -0
package/dist/commands/ps.js.map +1 -0
package/dist/commands/refresh-helpers.d.ts +25 -0
package/dist/commands/refresh-helpers.d.ts.map +1 -0
package/dist/commands/refresh-helpers.js +56 -0
package/dist/commands/refresh-helpers.js.map +1 -0
package/dist/commands/refresh.d.ts +23 -0
package/dist/commands/refresh.d.ts.map +1 -0
package/dist/commands/refresh.js +237 -0
package/dist/commands/refresh.js.map +1 -0
package/dist/commands/status.d.ts +6 -0
package/dist/commands/status.d.ts.map +1 -0
package/dist/commands/status.js +51 -0
package/dist/commands/status.js.map +1 -0
package/dist/commands/upgrade.d.ts +67 -0
package/dist/commands/upgrade.d.ts.map +1 -0
package/dist/commands/upgrade.js +358 -0
package/dist/commands/upgrade.js.map +1 -0
package/dist/commands/workspace.d.ts +23 -0
package/dist/commands/workspace.d.ts.map +1 -0
package/dist/commands/workspace.js +198 -0
package/dist/commands/workspace.js.map +1 -0
package/dist/commands/world-snapshot.d.ts +18 -0
package/dist/commands/world-snapshot.d.ts.map +1 -0
package/dist/commands/world-snapshot.js +327 -0
package/dist/commands/world-snapshot.js.map +1 -0
package/dist/context.d.ts +26 -0
package/dist/context.d.ts.map +1 -0
package/dist/context.js +51 -0
package/dist/context.js.map +1 -0
package/dist/index.d.ts +9 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +18007 -0
package/dist/index.js.map +1 -0
package/dist/mcp-server.js +32236 -0
package/dist/output.d.ts +10 -0
package/dist/output.d.ts.map +1 -0
package/dist/output.js +31 -0
package/dist/output.js.map +1 -0
package/host-cp/compose.yaml +126 -0
package/host-cp/src/auth-secret-hint.mjs +45 -0
package/host-cp/src/auth.mjs +155 -0
package/host-cp/src/compose-worlds-sources.mjs +170 -0
package/host-cp/src/container-secret-fetcher.mjs +163 -0
package/host-cp/src/docker-events.mjs +184 -0
package/host-cp/src/local-worlds-source.mjs +83 -0
package/host-cp/src/plan-orchestrator.mjs +829 -0
package/host-cp/src/plan-progress.mjs +282 -0
package/host-cp/src/pr-cache.mjs +201 -0
package/host-cp/src/pr-merge-poller.mjs +154 -0
package/host-cp/src/process-poller.mjs +250 -0
package/host-cp/src/proxy.mjs +245 -0
package/host-cp/src/pylon-worlds-source.mjs +68 -0
package/host-cp/src/redact.mjs +67 -0
package/host-cp/src/secret-cache.mjs +104 -0
package/host-cp/src/server.mjs +2215 -0
package/host-cp/src/sse-gate.mjs +117 -0
package/host-cp/src/version-status.mjs +209 -0
package/host-cp/src/workspace-catalog.mjs +149 -0
package/host-cp/src/world-names-store.mjs +176 -0
package/host-cp/src/world-pr-state.mjs +97 -0
package/host-cp/src/world-progress.mjs +322 -0
package/host-cp/src/world-tunnel-manager.mjs +288 -0
package/host-cp/src/worlds-db-source.mjs +191 -0
package/host-cp/src/worlds-source.mjs +59 -0
package/package.json +38 -0

package/host-cp/src/secret-cache.mjs ADDED Viewed

@@ -0,0 +1,104 @@
+// Phase F-2-B (B3): per-world secret cache.
+//
+// Pattern lifted from `packages/cloudflare-worker/src/index.ts:428-446`
+// (`getContainerSecret`). CF Worker uses Durable Object storage with a
+// 1h TTL; host CP uses an in-memory Map with a 5min TTL (D2 — demoted
+// from 1h after the security review pass).
+//
+// The cache invalidates on two paths:
+//   1. TTL expiry (lazy: checked on each `get(worldId)` call)
+//   2. Docker events stream (eager: docker-events.mjs subscribes to
+//      `restart` / `stop` events and calls `invalidate(worldId)` —
+//      M2 ship gate is "docker restart <world>; within 10s, proxy
+//      call returns 200 not 401").
+/**
+ * @typedef {object} CacheEntry
+ * @property {string} secret
+ * @property {number} expiresAt   epoch ms
+ */
+export class SecretCache {
+  /**
+   * @param {object} opts
+   * @param {number} [opts.ttlSec]              cache TTL in seconds (default 300 = 5min)
+   * @param {() => number} [opts.now]           clock injectable for tests
+   * @param {(message: string) => void} [opts.log]   logger injectable for tests
+   */
+  constructor({ ttlSec = 300, now = Date.now, log = console.log } = {}) {
+    this.ttlMs = ttlSec * 1000;
+    /** @type {Map<string, CacheEntry>} */
+    this.entries = new Map();
+    this.now = now;
+    this.log = log;
+  }
+  /**
+   * Look up a cached secret. Returns null if absent OR expired (TTL check
+   * is lazy — caller must re-fetch and call set()). The expiry path emits
+   * a debug log so cache-miss observability is wired in from day one.
+   *
+   * @param {string} worldId
+   * @returns {string | null}
+   */
+  get(worldId) {
+    const entry = this.entries.get(worldId);
+    if (!entry) return null;
+    if (entry.expiresAt <= this.now()) {
+      // Lazy expiry — clean up to keep the map tidy. Don't log per-call;
+      // would be noisy under load.
+      this.entries.delete(worldId);
+      return null;
+    }
+    return entry.secret;
+  }
+  /**
+   * Cache a freshly-fetched secret. Overrides any prior entry. The
+   * `set` path is the only place TTL is reset — ensures a cache hit
+   * never extends beyond ttlMs from the most recent fetch.
+   *
+   * @param {string} worldId
+   * @param {string} secret
+   */
+  set(worldId, secret) {
+    this.entries.set(worldId, {
+      secret,
+      expiresAt: this.now() + this.ttlMs,
+    });
+  }
+  /**
+   * Eager invalidation. Called by docker-events.mjs on `restart` / `stop`
+   * events. Returns true if an entry was present (test-observable).
+   *
+   * @param {string} worldId
+   * @returns {boolean}
+   */
+  invalidate(worldId) {
+    const had = this.entries.has(worldId);
+    if (had) {
+      this.entries.delete(worldId);
+      this.log(`secret-cache: invalidated ${worldId}`);
+    }
+    return had;
+  }
+  /**
+   * Drop everything. Used at shutdown for clean teardown; also useful
+   * in tests.
+   */
+  clear() {
+    this.entries.clear();
+  }
+  /**
+   * Snapshot of cached worldIds (for /health diagnostics + tests).
+   * Returns just the keys — never the secrets themselves.
+   *
+   * @returns {string[]}
+   */
+  worldIds() {
+    return [...this.entries.keys()];
+  }
+}