@pugi/cli 0.1.0-alpha.10

package/dist/runtime/commands/config.js

@@ -0,0 +1,231 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, resolve } from 'node:path';
+import { z } from 'zod';
+import { loadMcpRegistry } from '../../core/mcp/registry.js';
+import { listMcpTrust, setMcpTrust, } from '../../core/mcp/trust.js';
+import { trustWorkspace } from '../../core/trust.js';
+/**
+ * `pugi config` — operator-level configuration surface.
+ *
+ * Subcommands:
+ *   - `pugi config get <key>`              read a value from `~/.pugi/config.json`
+ *   - `pugi config set <key> <value>`      write a value
+ *   - `pugi config list`                   dump all values
+ *   - `pugi config trust .`                trust the current workspace (delegates to core/trust.ts)
+ *   - `pugi config mcp trust <name>`       flip MCP server to trusted
+ *   - `pugi config mcp deny <name>`        flip MCP server to denied
+ *   - `pugi config mcp list`               show declared servers + their trust state
+ *
+ * Schema (pugi-config-v1):
+ *   {
+ *     "permissionMode": "ask" | "acceptEdits" | "auto" | "plan" | "dontAsk" | "bypassPermissions",
+ *     "privacy":        "local-only" | "metadata" | "full",
+ *     "model":          "<id>" | null,
+ *     "preferredEndpoint": "https://api.pugi.io"
+ *   }
+ *
+ * The config file lives at `~/.pugi/config.json` (PUGI_HOME-aware) and uses
+ * mode 0o600. Unknown keys are rejected by `set` so a typo never silently
+ * persists.
+ */
+const configSchema = z
+    .object({
+    permissionMode: z
+        .enum(['plan', 'ask', 'acceptEdits', 'auto', 'dontAsk', 'bypassPermissions'])
+        .optional(),
+    privacy: z.enum(['local-only', 'metadata', 'full']).optional(),
+    model: z.string().nullable().optional(),
+    preferredEndpoint: z.string().url().optional(),
+})
+    .strict();
+const CONFIG_KEYS = ['permissionMode', 'privacy', 'model', 'preferredEndpoint'];
+export async function runConfigCommand(args, ctx) {
+    const sub = args[0];
+    if (!sub || sub === '--help' || sub === '-h') {
+        ctx.writeOutput({
+            command: 'config',
+            usage: [
+                'pugi config get <key>',
+                'pugi config set <key> <value>',
+                'pugi config list',
+                'pugi config trust .',
+                'pugi config mcp trust <name>',
+                'pugi config mcp deny <name>',
+                'pugi config mcp list',
+            ],
+        }, [
+            'Usage:',
+            '  pugi config get <key>            Read a config value.',
+            '  pugi config set <key> <value>    Write a config value.',
+            '  pugi config list                 Show all config values.',
+            '  pugi config trust .              Trust the current workspace for hooks + MCP.',
+            '  pugi config mcp trust <name>     Mark an MCP server as trusted.',
+            '  pugi config mcp deny <name>      Block an MCP server.',
+            '  pugi config mcp list             Show declared MCP servers + trust state.',
+        ].join('\n'));
+        return;
+    }
+    switch (sub) {
+        case 'get':
+            return runConfigGet(args.slice(1), ctx);
+        case 'set':
+            return runConfigSet(args.slice(1), ctx);
+        case 'list':
+            return runConfigList(ctx);
+        case 'trust':
+            return runConfigTrust(args.slice(1), ctx);
+        case 'mcp':
+            return runConfigMcp(args.slice(1), ctx);
+        default:
+            throw new Error(`Unknown sub-command "pugi config ${sub}". Expected get, set, list, trust, or mcp.`);
+    }
+}
+function configPath() {
+    const home = process.env.PUGI_HOME ?? resolve(homedir(), '.pugi');
+    return resolve(home, 'config.json');
+}
+export function readConfig() {
+    const path = configPath();
+    if (!existsSync(path))
+        return {};
+    const raw = readFileSync(path, 'utf8');
+    if (raw.trim() === '')
+        return {};
+    const parsed = JSON.parse(raw);
+    return configSchema.parse(parsed);
+}
+function writeConfig(config) {
+    const path = configPath();
+    mkdirSync(dirname(path), { recursive: true });
+    // 0o600 — `preferredEndpoint` could be a private self-hosted URL; the
+    // config does not contain secrets, but file mode parity with the trust
+    // ledger keeps the audit surface uniform.
+    writeFileSync(path, `${JSON.stringify(config, null, 2)}\n`, {
+        encoding: 'utf8',
+        mode: 0o600,
+    });
+}
+function isConfigKey(value) {
+    return CONFIG_KEYS.includes(value);
+}
+function runConfigGet(args, ctx) {
+    const key = args[0];
+    if (!key)
+        throw new Error('pugi config get requires a key.');
+    if (!isConfigKey(key)) {
+        throw new Error(`Unknown config key "${key}". Allowed: ${CONFIG_KEYS.join(', ')}.`);
+    }
+    const config = readConfig();
+    const value = config[key] ?? null;
+    ctx.writeOutput({ command: 'config.get', key, value }, value === null || value === undefined ? `${key} = (unset)` : `${key} = ${String(value)}`);
+}
+function runConfigSet(args, ctx) {
+    const key = args[0];
+    const value = args.slice(1).join(' ');
+    if (!key)
+        throw new Error('pugi config set requires a key.');
+    if (value.length === 0)
+        throw new Error('pugi config set requires a value.');
+    if (!isConfigKey(key)) {
+        throw new Error(`Unknown config key "${key}". Allowed: ${CONFIG_KEYS.join(', ')}.`);
+    }
+    const current = readConfig();
+    // Build the candidate and validate via the schema so an invalid value
+    // (e.g. `permissionMode = nonsense`) is rejected before persistence.
+    const candidate = { ...current };
+    candidate[key] = coerceValue(key, value);
+    const validated = configSchema.parse(candidate);
+    writeConfig(validated);
+    ctx.writeOutput({
+        command: 'config.set',
+        key,
+        value: validated[key] ?? null,
+    }, `${key} = ${String(validated[key] ?? '')}`);
+}
+function coerceValue(key, raw) {
+    if (key === 'model') {
+        return raw === 'null' || raw === '' ? null : raw;
+    }
+    return raw;
+}
+function runConfigList(ctx) {
+    const config = readConfig();
+    const entries = CONFIG_KEYS.map((key) => ({
+        key,
+        value: config[key] ?? null,
+    }));
+    ctx.writeOutput({ command: 'config.list', config, entries }, entries
+        .map((entry) => entry.value === null || entry.value === undefined
+        ? `${entry.key} = (unset)`
+        : `${entry.key} = ${String(entry.value)}`)
+        .join('\n'));
+}
+async function runConfigTrust(args, ctx) {
+    const target = args[0];
+    if (!target)
+        throw new Error('pugi config trust requires a path (use "." for cwd).');
+    const root = target === '.' ? ctx.workspaceRoot : resolve(ctx.workspaceRoot, target);
+    // Identity for the audit entry: prefer the explicit env override
+    // (`PUGI_TRUSTED_BY`), then `USER` from the shell, then literal
+    // 'cli'. The trust ledger requires a non-empty string and we want
+    // it to mean something for a future audit replay.
+    const by = process.env.PUGI_TRUSTED_BY?.trim() ||
+        process.env.USER?.trim() ||
+        process.env.USERNAME?.trim() ||
+        'cli';
+    await trustWorkspace(root, by);
+    ctx.writeOutput({ command: 'config.trust', workspaceRoot: root, trustedBy: by }, `Trusted workspace: ${root}`);
+}
+async function runConfigMcp(args, ctx) {
+    const sub = args[0];
+    if (!sub) {
+        throw new Error('pugi config mcp requires a sub-command: trust, deny, or list.');
+    }
+    switch (sub) {
+        case 'list':
+            return runConfigMcpList(ctx);
+        case 'trust':
+            return runConfigMcpFlip(args.slice(1), ctx, 'trusted');
+        case 'deny':
+            return runConfigMcpFlip(args.slice(1), ctx, 'denied');
+        default:
+            throw new Error(`Unknown sub-command "pugi config mcp ${sub}". Expected trust, deny, or list.`);
+    }
+}
+async function runConfigMcpList(ctx) {
+    const registry = await loadMcpRegistry(ctx.workspaceRoot, { connect: false });
+    const declared = Array.from(registry.servers.values()).map((state) => ({
+        name: state.name,
+        command: state.config.command,
+        args: state.config.args,
+        trust: state.trust,
+        surfacedTools: state.surfacedTools.length,
+        lastError: state.lastError ?? null,
+    }));
+    const ledger = await listMcpTrust();
+    await registry.shutdown();
+    if (declared.length === 0) {
+        ctx.writeOutput({ command: 'config.mcp.list', servers: [], ledger }, 'No MCP servers declared. Add one to .pugi/mcp.json or ~/.pugi/mcp.json.');
+        return;
+    }
+    ctx.writeOutput({ command: 'config.mcp.list', servers: declared, ledger }, [
+        'MCP servers:',
+        ...declared.map((server) => `  ${server.name.padEnd(20)} ${server.trust.padEnd(8)} ${server.command} ${server.args.join(' ')}`),
+    ].join('\n'));
+}
+async function runConfigMcpFlip(args, ctx, state) {
+    const name = args[0];
+    if (!name) {
+        throw new Error(`pugi config mcp ${state === 'trusted' ? 'trust' : 'deny'} requires a server name.`);
+    }
+    const by = process.env.PUGI_TRUSTED_BY?.trim() ||
+        process.env.USER?.trim() ||
+        process.env.USERNAME?.trim() ||
+        'cli';
+    await setMcpTrust(name, state, by);
+    ctx.writeOutput({ command: `config.mcp.${state === 'trusted' ? 'trust' : 'deny'}`, name, state, decidedBy: by }, state === 'trusted'
+        ? `MCP server "${name}" is now trusted.`
+        : `MCP server "${name}" is now denied.`);
+}
+//# sourceMappingURL=config.js.map

package/dist/runtime/commands/privacy.js

@@ -0,0 +1,107 @@
+import { z } from 'zod';
+import { readConfig } from './config.js';
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, resolve } from 'node:path';
+/**
+ * `pugi privacy` — read or update the operator's privacy mode.
+ *
+ * Subcommands:
+ *   - `pugi privacy show`           — print current mode + source
+ *   - `pugi privacy set <mode>`     — write `local-only | metadata | full`
+ *
+ * Persistence:
+ *   - Stored in `~/.pugi/privacy.json` (PUGI_HOME-aware).
+ *   - The `privacy` key in `~/.pugi/config.json` is also consulted at
+ *     read time (config takes precedence when both exist) so a user who
+ *     already set `pugi config set privacy ...` sees the same value
+ *     here.
+ *
+ * Modes:
+ *   - `local-only` — nothing leaves the workstation. Engine commands
+ *     refuse to ship transcripts; sync is a no-op.
+ *   - `metadata`   — only artifact metadata + session timeline ships
+ *     (no raw file contents).
+ *   - `full`       — full sync allowed (operator-acknowledged).
+ */
+export const privacyModeSchema = z.enum(['local-only', 'metadata', 'full']);
+const privacyFileSchema = z.object({
+    schema: z.number().int().positive().default(1),
+    mode: privacyModeSchema,
+});
+function privacyPath() {
+    const home = process.env.PUGI_HOME ?? resolve(homedir(), '.pugi');
+    return resolve(home, 'privacy.json');
+}
+export function readPrivacyFile() {
+    const path = privacyPath();
+    if (!existsSync(path))
+        return null;
+    const raw = readFileSync(path, 'utf8');
+    if (raw.trim() === '')
+        return null;
+    const parsed = JSON.parse(raw);
+    const result = privacyFileSchema.safeParse(parsed);
+    if (!result.success)
+        return null;
+    return result.data.mode;
+}
+function writePrivacyFile(mode) {
+    const path = privacyPath();
+    mkdirSync(dirname(path), { recursive: true });
+    writeFileSync(path, `${JSON.stringify({ schema: 1, mode }, null, 2)}\n`, { encoding: 'utf8', mode: 0o600 });
+}
+/**
+ * Effective privacy mode resolution order:
+ *   1. `~/.pugi/config.json` privacy key (when set via `pugi config set`)
+ *   2. `~/.pugi/privacy.json` (when set via `pugi privacy set`)
+ *   3. `metadata` (default — matches the M1 default-ship posture)
+ */
+export function resolvePrivacyMode() {
+    const config = readConfig();
+    if (config.privacy)
+        return { mode: config.privacy, source: 'config' };
+    const fromFile = readPrivacyFile();
+    if (fromFile)
+        return { mode: fromFile, source: 'privacy' };
+    return { mode: 'metadata', source: 'default' };
+}
+export async function runPrivacyCommand(args, ctx) {
+    const sub = args[0];
+    if (!sub || sub === '--help' || sub === '-h') {
+        ctx.writeOutput({
+            command: 'privacy',
+            usage: ['pugi privacy show', 'pugi privacy set <mode>'],
+            modes: ['local-only', 'metadata', 'full'],
+        }, [
+            'Usage:',
+            '  pugi privacy show           Show current privacy mode.',
+            '  pugi privacy set <mode>     Set mode to local-only, metadata, or full.',
+        ].join('\n'));
+        return;
+    }
+    switch (sub) {
+        case 'show':
+            return runPrivacyShow(ctx);
+        case 'set':
+            return runPrivacySet(args.slice(1), ctx);
+        default:
+            throw new Error(`Unknown sub-command "pugi privacy ${sub}". Expected show or set.`);
+    }
+}
+function runPrivacyShow(ctx) {
+    const resolved = resolvePrivacyMode();
+    ctx.writeOutput({ command: 'privacy.show', ...resolved }, `Privacy mode: ${resolved.mode} (source: ${resolved.source})`);
+}
+function runPrivacySet(args, ctx) {
+    const raw = args[0];
+    if (!raw)
+        throw new Error('pugi privacy set requires a mode: local-only, metadata, or full.');
+    const result = privacyModeSchema.safeParse(raw);
+    if (!result.success) {
+        throw new Error(`Invalid privacy mode "${raw}". Allowed: local-only, metadata, full.`);
+    }
+    writePrivacyFile(result.data);
+    ctx.writeOutput({ command: 'privacy.set', mode: result.data }, `Privacy mode set to ${result.data}.`);
+}
+//# sourceMappingURL=privacy.js.map