@polylogicai/polycode 1.1.3 → 1.1.5

package/lib/key-store.mjs

@@ -0,0 +1,232 @@
+// lib/key-store.mjs
+// Credential management for polycode. Reads a masked API key from the user's
+// terminal, auto-detects the provider from the key prefix, and persists to
+// ~/.polycode/secrets.env with chmod 600. Keys NEVER travel through the chat
+// channel: the secret scrubber blocks any user message that matches a key
+// pattern, and the /key slash command plus `polycode login` subcommand are
+// the only supported paths for giving polycode your keys.
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync, chmodSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+
+const CONFIG_DIR = join(homedir(), '.polycode');
+const SECRETS_FILE = join(CONFIG_DIR, 'secrets.env');
+
+// Provider registry. Each entry describes one LLM provider polycode can
+// consume. Adding a new provider is one row: the env var name, a display
+// name, a key-prefix regex, a minimum length, and the signup URL.
+export const PROVIDERS = [
+  {
+    id: 'groq',
+    name: 'Groq',
+    envVar: 'GROQ_API_KEY',
+    prefix: /^gsk_[A-Za-z0-9]+$/,
+    minLength: 40,
+    signupUrl: 'console.groq.com',
+  },
+  {
+    id: 'anthropic',
+    name: 'Anthropic',
+    envVar: 'ANTHROPIC_API_KEY',
+    prefix: /^sk-ant-api\d{2}-[A-Za-z0-9_\-]+$/,
+    minLength: 50,
+    signupUrl: 'console.anthropic.com',
+  },
+  {
+    id: 'openai',
+    name: 'OpenAI',
+    envVar: 'OPENAI_API_KEY',
+    prefix: /^sk-(proj-)?[A-Za-z0-9_\-]{20,}$/,
+    minLength: 40,
+    signupUrl: 'platform.openai.com',
+  },
+];
+
+// Auto-detect the provider from a bare key string. Returns the matching
+// provider row or null if the key does not match any known shape.
+export function detectProvider(key) {
+  const trimmed = String(key || '').trim();
+  if (trimmed.length === 0) return null;
+  for (const p of PROVIDERS) {
+    if (trimmed.length >= p.minLength && p.prefix.test(trimmed)) return p;
+  }
+  return null;
+}
+
+export function getProviderById(id) {
+  return PROVIDERS.find((p) => p.id === id) || null;
+}
+
+// Read ~/.polycode/secrets.env into a plain object. Parses a dotenv subset:
+// KEY=value lines, hash comments, quoted values. Missing file returns {}.
+export function readSecretsFile() {
+  if (!existsSync(SECRETS_FILE)) return {};
+  try {
+    const content = readFileSync(SECRETS_FILE, 'utf8');
+    const out = {};
+    for (const rawLine of content.split('\n')) {
+      const line = rawLine.trim();
+      if (!line || line.startsWith('#')) continue;
+      const match = line.match(/^([A-Z_][A-Z0-9_]*)=(.*)$/);
+      if (!match) continue;
+      const k = match[1];
+      let v = match[2];
+      if ((v.startsWith('"') && v.endsWith('"')) || (v.startsWith("'") && v.endsWith("'"))) {
+        v = v.slice(1, -1);
+      }
+      out[k] = v;
+    }
+    return out;
+  } catch {
+    return {};
+  }
+}
+
+// Write a single provider's key back to secrets.env. Preserves any other
+// keys already in the file. Ensures the file is created with 0600 mode so
+// other users on the same machine cannot read it.
+export function saveProviderKey(providerId, rawKey) {
+  const provider = getProviderById(providerId);
+  if (!provider) throw new Error(`unknown provider: ${providerId}`);
+  const key = String(rawKey || '').trim();
+  if (!key) throw new Error('empty key');
+  if (!provider.prefix.test(key) || key.length < provider.minLength) {
+    throw new Error(`that does not look like a ${provider.name} key. Expected prefix and length do not match.`);
+  }
+  if (!existsSync(CONFIG_DIR)) mkdirSync(CONFIG_DIR, { recursive: true });
+  const existing = readSecretsFile();
+  existing[provider.envVar] = key;
+  const lines = [
+    '# polycode secrets. chmod 600. Never commit this file.',
+    ...Object.entries(existing).map(([k, v]) => `${k}=${v}`),
+  ];
+  writeFileSync(SECRETS_FILE, lines.join('\n') + '\n');
+  try { chmodSync(SECRETS_FILE, 0o600); } catch { /* best effort */ }
+  // Hot-load into process.env so the current run picks it up.
+  process.env[provider.envVar] = key;
+  return { provider, path: SECRETS_FILE };
+}
+
+// Prompt the user for a key with the terminal input masked (dots instead of
+// echoed characters). Uses raw mode on process.stdin so the OS does not
+// echo the key. Falls back to plain readline if raw mode is unavailable
+// (non-TTY, piped input, etc.).
+export async function readMaskedInput(prompt) {
+  const { stdin, stdout } = process;
+  stdout.write(prompt);
+
+  // Non-interactive fallback: read a single line from stdin without masking.
+  if (!stdin.isTTY || typeof stdin.setRawMode !== 'function') {
+    return new Promise((resolve) => {
+      let buf = '';
+      const onData = (chunk) => {
+        buf += chunk.toString();
+        const nl = buf.indexOf('\n');
+        if (nl !== -1) {
+          stdin.removeListener('data', onData);
+          resolve(buf.slice(0, nl).replace(/\r$/, ''));
+        }
+      };
+      stdin.on('data', onData);
+    });
+  }
+
+  return new Promise((resolve) => {
+    let buf = '';
+    const wasRaw = stdin.isRaw;
+    stdin.setRawMode(true);
+    stdin.resume();
+    stdin.setEncoding('utf8');
+
+    const cleanup = () => {
+      stdin.removeListener('data', onData);
+      try { stdin.setRawMode(wasRaw); } catch { /* ignore */ }
+      stdin.pause();
+    };
+
+    const onData = (ch) => {
+      // Handle paste: terminals send pasted content as one chunk.
+      if (ch.length > 1 && !ch.includes('\r') && !ch.includes('\n') && !ch.includes('\u0003')) {
+        buf += ch;
+        for (let i = 0; i < ch.length; i++) stdout.write('•');
+        return;
+      }
+      for (const c of ch) {
+        if (c === '\r' || c === '\n') {
+          stdout.write('\n');
+          cleanup();
+          resolve(buf);
+          return;
+        }
+        if (c === '\u0003') {
+          // Ctrl-C
+          stdout.write('\n');
+          cleanup();
+          resolve('');
+          return;
+        }
+        if (c === '\u007f' || c === '\b') {
+          if (buf.length > 0) {
+            buf = buf.slice(0, -1);
+            stdout.write('\b \b');
+          }
+          continue;
+        }
+        if (c < ' ') continue; // ignore other control chars
+        buf += c;
+        stdout.write('•');
+      }
+    };
+
+    stdin.on('data', onData);
+  });
+}
+
+// Top-level interactive flow: read a key, detect the provider, save, report.
+// Returns { ok: true, provider, path } on success, { ok: false, reason } on
+// failure. The caller renders the result to the user.
+//
+// If `rl` is passed (a readline.Interface from readline/promises), we use
+// rl.question for the prompt instead of attaching a raw stdin listener. That
+// path matters for the slash-command case inside the REPL where readline
+// already owns stdin; using rl.question avoids a race where readline eats
+// the key line before our masked reader can see it.
+export async function runInteractiveKeyFlow({ providerHint, stdout, rl } = {}) {
+  const out = stdout || process.stdout;
+  let rawKey;
+  if (rl && typeof rl.question === 'function') {
+    // Inside the REPL: read through the active readline instance.
+    // Note: this path does not mask echo in the terminal. That is a
+    // deliberate trade-off for reliable input under the REPL. For a
+    // fully-masked prompt, use `polycode login` from the shell instead.
+    rawKey = (await rl.question('Paste your API key (or press Enter to cancel): ')).trim();
+  } else {
+    rawKey = (await readMaskedInput('Paste your API key (or press Enter to cancel): ')).trim();
+  }
+  if (!rawKey) {
+    return { ok: false, reason: 'cancelled' };
+  }
+
+  let provider = null;
+  if (providerHint) {
+    provider = getProviderById(providerHint);
+    if (provider && !provider.prefix.test(rawKey)) {
+      return { ok: false, reason: `that does not look like a ${provider.name} key` };
+    }
+  }
+  if (!provider) provider = detectProvider(rawKey);
+  if (!provider) {
+    return {
+      ok: false,
+      reason: `could not detect provider from key prefix. Expected one of: ${PROVIDERS.map((p) => `${p.name} (${p.envVar})`).join(', ')}`,
+    };
+  }
+
+  try {
+    const result = saveProviderKey(provider.id, rawKey);
+    return { ok: true, provider: result.provider, path: result.path };
+  } catch (err) {
+    return { ok: false, reason: err instanceof Error ? err.message : String(err) };
+  }
+}

package/lib/paste-aware-prompt.mjs

@@ -0,0 +1,208 @@
+// lib/paste-aware-prompt.mjs
+// A custom line reader that implements bracketed paste mode for the polycode
+// REPL. Standard readline cannot tell a one-character typed key from a
+// multi-line paste, so pasting a 500-line file floods the terminal and
+// floods the display with echoed content. Modern terminals support
+// bracketed paste mode: when enabled, the terminal wraps pasted content in
+// ESC[200~ ... ESC[201~ so the host program can detect the paste as a
+// single event.
+//
+// This reader enables bracketed paste on startup, reads stdin in raw mode,
+// collapses each paste to a placeholder like [Pasted #1 (20 lines)] in the
+// display, and returns both the displayed line and the full content with
+// placeholders expanded for the agent to read.
+
+import { stdin, stdout } from 'node:process';
+
+const ESC = '\u001b';
+const PASTE_START = `${ESC}[200~`;
+const PASTE_END = `${ESC}[201~`;
+
+const BRACKETED_PASTE_ON = `${ESC}[?2004h`;
+const BRACKETED_PASTE_OFF = `${ESC}[?2004l`;
+
+// Ordinal counter for paste placeholders within the lifetime of the process.
+// Each successful paste increments it so the user can reference pastes by
+// number ("expand pasted #3") in future features.
+let pasteOrdinal = 0;
+
+export function enableBracketedPaste() {
+  if (stdout.isTTY) stdout.write(BRACKETED_PASTE_ON);
+}
+
+export function disableBracketedPaste() {
+  if (stdout.isTTY) stdout.write(BRACKETED_PASTE_OFF);
+}
+
+// Read one line from stdin with paste awareness. Returns a promise that
+// resolves to { displayed, content, pastes }:
+//   - displayed: the string the user sees in the terminal (with placeholders)
+//   - content:   the string to send to the agent (with full paste text)
+//   - pastes:    an array of { ordinal, lines, bytes, text } for logging/telemetry
+//
+// On non-TTY stdin (piped input, tests), this reader falls back to a plain
+// line read with no paste handling, since bracketed paste requires a real
+// terminal.
+export function readPasteAwareLine(prompt) {
+  return new Promise((resolve, reject) => {
+    stdout.write(prompt);
+
+    if (!stdin.isTTY || typeof stdin.setRawMode !== 'function') {
+      let buf = '';
+      const onData = (chunk) => {
+        buf += chunk.toString('utf8');
+        const nlIdx = buf.indexOf('\n');
+        if (nlIdx !== -1) {
+          stdin.removeListener('data', onData);
+          const line = buf.slice(0, nlIdx).replace(/\r$/, '');
+          resolve({ displayed: line, content: line, pastes: [] });
+        }
+      };
+      stdin.on('data', onData);
+      return;
+    }
+
+    const wasRaw = stdin.isRaw;
+    stdin.setRawMode(true);
+    stdin.resume();
+    stdin.setEncoding('utf8');
+
+    let stream = '';
+    const pastes = [];
+    const segments = [];
+    let currentText = '';
+    let visibleLength = 0;
+
+    const cleanup = () => {
+      stdin.removeListener('data', onData);
+      try { stdin.setRawMode(wasRaw); } catch { /* ignore */ }
+      stdin.pause();
+    };
+
+    const flushCurrent = () => {
+      if (currentText.length > 0) {
+        segments.push({ kind: 'text', text: currentText });
+        currentText = '';
+      }
+    };
+
+    const finish = () => {
+      flushCurrent();
+      cleanup();
+      stdout.write('\n');
+
+      const displayed = segments
+        .map((s) =>
+          s.kind === 'text'
+            ? s.text
+            : `[Pasted #${s.ordinal} (${s.lines} lines)]`
+        )
+        .join('');
+      const content = segments.map((s) => (s.kind === 'text' ? s.text : s.text)).join('');
+      resolve({ displayed, content, pastes });
+    };
+
+    const onData = (chunk) => {
+      try {
+        stream += chunk;
+        // Drain the stream one token at a time.
+        while (stream.length > 0) {
+          // Paste start?
+          if (stream.startsWith(PASTE_START)) {
+            const endIdx = stream.indexOf(PASTE_END, PASTE_START.length);
+            if (endIdx === -1) {
+              // Waiting for the rest of the paste; don't consume anything.
+              return;
+            }
+            const pasted = stream.slice(PASTE_START.length, endIdx);
+            stream = stream.slice(endIdx + PASTE_END.length);
+            flushCurrent();
+            pasteOrdinal += 1;
+            const ordinal = pasteOrdinal;
+            const lines = pasted.split('\n').length;
+            const bytes = Buffer.byteLength(pasted, 'utf8');
+            const entry = { ordinal, lines, bytes, text: pasted };
+            pastes.push(entry);
+            segments.push({ kind: 'paste', ordinal, lines, bytes, text: pasted });
+            const placeholder = `[Pasted #${ordinal} (${lines} lines)]`;
+            stdout.write(`\u001b[2m${placeholder}\u001b[0m`);
+            visibleLength += placeholder.length;
+            continue;
+          }
+          // Single char path
+          const ch = stream[0];
+          stream = stream.slice(1);
+
+          if (ch === '\r' || ch === '\n') {
+            finish();
+            return;
+          }
+          if (ch === '\u0003') {
+            // Ctrl-C
+            cleanup();
+            stdout.write('\n');
+            reject(new Error('cancelled'));
+            return;
+          }
+          if (ch === '\u0004') {
+            // Ctrl-D on empty line = exit; on non-empty = ignored
+            if (currentText.length === 0 && segments.length === 0) {
+              finish();
+              return;
+            }
+            continue;
+          }
+          if (ch === '\u007f' || ch === '\b') {
+            // Backspace. If the last segment is a paste, remove the whole
+            // paste (one deletion = one paste). Otherwise remove one char.
+            if (currentText.length > 0) {
+              currentText = currentText.slice(0, -1);
+              stdout.write('\b \b');
+              visibleLength = Math.max(0, visibleLength - 1);
+            } else if (segments.length > 0) {
+              const last = segments.pop();
+              if (last.kind === 'paste') {
+                const width = `[Pasted #${last.ordinal} (${last.lines} lines)]`.length;
+                for (let i = 0; i < width; i++) stdout.write('\b \b');
+                visibleLength = Math.max(0, visibleLength - width);
+                // Also remove from the pastes[] index so logs match.
+                const pi = pastes.findIndex((p) => p.ordinal === last.ordinal);
+                if (pi !== -1) pastes.splice(pi, 1);
+              } else {
+                // Put it back and delete one char.
+                segments.push(last);
+                if (last.text.length > 0) {
+                  last.text = last.text.slice(0, -1);
+                  stdout.write('\b \b');
+                  visibleLength = Math.max(0, visibleLength - 1);
+                }
+              }
+            }
+            continue;
+          }
+          if (ch === ESC) {
+            // Unrecognized escape sequence. Consume the minimum so we don't
+            // block; terminal-specific sequences (arrow keys, etc.) aren't
+            // supported in this reader, they get swallowed silently.
+            if (stream.length >= 2 && stream[0] === '[') {
+              stream = stream.slice(2);
+            }
+            continue;
+          }
+          if (ch < ' ' && ch !== '\t') {
+            // Other control char: ignore.
+            continue;
+          }
+          currentText += ch;
+          stdout.write(ch);
+          visibleLength += 1;
+        }
+      } catch (err) {
+        cleanup();
+        reject(err);
+      }
+    };
+
+    stdin.on('data', onData);
+  });
+}

package/lib/polycode-hosted-client.mjs

@@ -0,0 +1,100 @@
+// lib/polycode-hosted-client.mjs
+// Hosted inference client for users who have not provided a GROQ_API_KEY.
+// Posts chat-completions requests to the Polylogic proxy at
+// polylogicai.com/api/polycode/inference, which forwards them to Groq using
+// a server-side key. Rate limited to 60 turns per install per hour. Power
+// users can skip the proxy by setting GROQ_API_KEY, in which case the agent
+// talks to Groq directly.
+//
+// The returned object mimics the subset of the groq-sdk surface that the
+// agentic loop uses (chat.completions.create), so the call sites do not need
+// to know which backend is in play.
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+import { randomUUID } from 'node:crypto';
+
+const DEFAULT_PROXY_URL = 'https://polylogicai.com/api/polycode/inference';
+const CONFIG_DIR = join(homedir(), '.polycode');
+const INSTALL_ID_PATH = join(CONFIG_DIR, 'install_id');
+
+// Produce a stable per-install identifier. Created on first run, persisted
+// to ~/.polycode/install_id so subsequent runs reuse the same ID for rate
+// limiting. The file contains a bare UUID with no PII.
+export function getOrCreateInstallId() {
+  try {
+    if (existsSync(INSTALL_ID_PATH)) {
+      const existing = readFileSync(INSTALL_ID_PATH, 'utf8').trim();
+      if (/^[A-Za-z0-9_-]{8,64}$/.test(existing)) return existing;
+    }
+  } catch {
+    // fall through and regenerate
+  }
+  if (!existsSync(CONFIG_DIR)) {
+    mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+  const fresh = randomUUID();
+  try {
+    writeFileSync(INSTALL_ID_PATH, fresh + '\n', { mode: 0o600 });
+  } catch {
+    // non-fatal; rate limiting will fall back to per-IP
+  }
+  return fresh;
+}
+
+// Minimal Groq-SDK-shaped client that posts every request to the Polylogic
+// proxy. The shape matches what lib/agentic.mjs calls: an object with a
+// `chat.completions.create(payload)` method returning an OpenAI-compatible
+// chat completion object.
+export function createHostedClient({ version, proxyUrl } = {}) {
+  const url = proxyUrl || process.env.POLYCODE_PROXY_URL || DEFAULT_PROXY_URL;
+  const installId = getOrCreateInstallId();
+  const headers = {
+    'Content-Type': 'application/json',
+    'X-Polycode-Install-ID': installId,
+    'X-Polycode-Version': version || 'unknown',
+  };
+
+  async function createCompletion(payload) {
+    let res;
+    try {
+      res = await fetch(url, {
+        method: 'POST',
+        headers,
+        body: JSON.stringify(payload),
+      });
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      const wrapped = new Error(
+        `polycode hosted inference unreachable at ${url}: ${msg}. Set GROQ_API_KEY to a free key from console.groq.com to bypass the proxy.`
+      );
+      wrapped.cause = err;
+      throw wrapped;
+    }
+
+    const text = await res.text();
+    if (!res.ok) {
+      let parsed;
+      try { parsed = JSON.parse(text); } catch { parsed = null; }
+      const serverMsg = parsed?.error || text || `HTTP ${res.status}`;
+      throw new Error(`polycode hosted inference error (${res.status}): ${serverMsg}`);
+    }
+
+    try {
+      return JSON.parse(text);
+    } catch (err) {
+      throw new Error(`polycode hosted inference returned non-JSON body: ${text.slice(0, 200)}`);
+    }
+  }
+
+  return {
+    chat: {
+      completions: {
+        create: createCompletion,
+      },
+    },
+    _proxyUrl: url,
+    _installId: installId,
+  };
+}

package/lib/repl-ui.mjs

@@ -139,7 +139,9 @@ export function createRenderer(stdout, opts = {}) {
       const out = compactToolResultLine(ev.name, ev.result);
       if (out) line(out);
     } else if (ev.phase === 'scrub_blocked') {
-      line(`${C.red}refusing to send tool output to the model: contains a recognized secret pattern${C.reset}`);
+      // Suppressed: a follow-up `act/message` event renders the friendlier
+      // guidance that tells the user to type /key instead. We hide the raw
+      // scrub event to avoid a scary red line before the guidance.
     } else if (ev.phase === 'error') {
       line(`${C.red}error: ${ev.message}${C.reset}`);
     }

package/lib/slash-commands.mjs

@@ -5,10 +5,12 @@
 
 import { C } from './repl-ui.mjs';
 import { rotateIntent } from './intent.mjs';
+import { runInteractiveKeyFlow, PROVIDERS, getProviderById } from './key-store.mjs';
 
 export const SLASH_HELP = `
 ${C.bold}polycode commands${C.reset}
   /help                       Show this help
+  /key [provider]             Save an API key (Groq, Anthropic, OpenAI). Input is masked.
   /log                        Show session log path, row count, and last hash
   /replay <n>                 Print the last N session log rows
   /verify                     Verify session log SHA-256 chain integrity
@@ -18,15 +20,44 @@ ${C.bold}polycode commands${C.reset}
   /exit, /quit                Leave polycode
 `;
 
-export async function dispatchSlash(line, { canon, state, stdout }) {
+export async function dispatchSlash(line, { canon, state, stdout, loop, rl }) {
   const [cmd, ...rest] = line.slice(1).split(/\s+/);
-  const args = rest.join(' ');
+  const args = rest.join(' ').trim();
 
   switch (cmd) {
     case 'help':
       stdout.write(SLASH_HELP + '\n');
       return { continue: true };
 
+    case 'key':
+    case 'login': {
+      const providerHint = args || null;
+      if (providerHint && !getProviderById(providerHint)) {
+        stdout.write(`${C.red}unknown provider${C.reset}: ${providerHint}. Known: ${PROVIDERS.map((p) => p.id).join(', ')}\n`);
+        return { continue: true };
+      }
+      stdout.write(`${C.dim}Your key will be saved locally to ~/.polycode/secrets.env (chmod 600) and never sent to the model.${C.reset}\n`);
+      const result = await runInteractiveKeyFlow({ providerHint, stdout, rl });
+      if (!result.ok) {
+        if (result.reason === 'cancelled') {
+          stdout.write(`${C.dim}cancelled${C.reset}\n`);
+        } else {
+          stdout.write(`${C.red}error${C.reset}: ${result.reason}\n`);
+        }
+        return { continue: true };
+      }
+      stdout.write(`${C.amber}saved${C.reset}: ${result.provider.name} key (${result.provider.envVar})\n`);
+      // Hot-swap the live loop: if the saved key is for the current provider
+      // (Groq), flip out of hosted mode so the next turn goes direct to the
+      // provider. Other providers just land in env for next compile.
+      if (loop && result.provider.id === 'groq') {
+        loop.apiKey = process.env[result.provider.envVar];
+        loop.hostedMode = false;
+        stdout.write(`${C.dim}switched this session from hosted tier to direct Groq. Unlimited use.${C.reset}\n`);
+      }
+      return { continue: true };
+    }
+
     case 'log':
     case 'history':
     case 'canon': {