@quantiya/codevibe-claude-plugin 1.0.11 → 1.0.12

package/dist/config.js

@@ -1,106 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.config = void 0;
-exports.validateConfig = validateConfig;
-const dotenv = __importStar(require("dotenv"));
-const path = __importStar(require("path"));
-// Determine environment
-// - If ENVIRONMENT is explicitly set, use that
-// - Otherwise default to 'production' for marketplace users (no .env files)
-const environment = process.env.ENVIRONMENT || 'production';
-// Only load .env files if ENVIRONMENT is explicitly set (for development)
-// This ensures marketplace users get production defaults without needing .env files
-if (process.env.ENVIRONMENT) {
-    const envFile = `.env.${environment}`;
-    const envPath = path.resolve(__dirname, '..', envFile);
-    dotenv.config({ path: envPath, debug: false });
-    // Fallback to default .env if environment-specific file didn't load required vars
-    if (!process.env.APPSYNC_URL) {
-        dotenv.config({ debug: false });
-    }
-}
-function getOptionalEnv(key, defaultValue) {
-    return process.env[key] || defaultValue;
-}
-// Production defaults - these are public values (not secrets)
-// Users can override via .env files for development
-const PRODUCTION_DEFAULTS = {
-    APPSYNC_URL: 'https://jwhyxq4sgrgcdosewp5k4ns5ca.appsync-api.us-east-1.amazonaws.com/graphql',
-    COGNITO_USER_POOL_ID: 'us-east-1_mNRO0j5og',
-    COGNITO_CLIENT_ID: '5p04dbc9ojptc5r8n7605fg78f',
-    COGNITO_DOMAIN: 'codevibe-production.auth.us-east-1.amazoncognito.com',
-};
-// Configuration object
-exports.config = {
-    server: {
-        port: parseInt(getOptionalEnv('PORT', '3456'), 10),
-        host: getOptionalEnv('HOST', 'localhost'),
-        dynamicPort: getOptionalEnv('DYNAMIC_PORT', 'true').toLowerCase() === 'true', // Default to dynamic port
-    },
-    aws: {
-        region: getOptionalEnv('AWS_REGION', 'us-east-1'),
-        appsyncUrl: getOptionalEnv('APPSYNC_URL', PRODUCTION_DEFAULTS.APPSYNC_URL),
-        cognitoUserPoolId: getOptionalEnv('COGNITO_USER_POOL_ID', PRODUCTION_DEFAULTS.COGNITO_USER_POOL_ID),
-        cognitoClientId: getOptionalEnv('COGNITO_CLIENT_ID', PRODUCTION_DEFAULTS.COGNITO_CLIENT_ID),
-        cognitoDomain: getOptionalEnv('COGNITO_DOMAIN', PRODUCTION_DEFAULTS.COGNITO_DOMAIN),
-    },
-    claude: {
-        command: getOptionalEnv('CLAUDE_COMMAND', 'claude'),
-        defaultTimeout: parseInt(getOptionalEnv('CLAUDE_TIMEOUT', '60000'), 10),
-    },
-    logging: {
-        logFile: getOptionalEnv('LOG_FILE', '/tmp/codevibe-claude-mcp.log'),
-        level: getOptionalEnv('LOG_LEVEL', 'info'),
-    },
-};
-// Validate configuration
-function validateConfig() {
-    const errors = [];
-    // Only validate port if not using dynamic allocation
-    if (!exports.config.server.dynamicPort && (exports.config.server.port < 1024 || exports.config.server.port > 65535)) {
-        errors.push('PORT must be between 1024 and 65535');
-    }
-    if (!exports.config.aws.appsyncUrl.startsWith('https://')) {
-        errors.push('APPSYNC_URL must start with https://');
-    }
-    if (exports.config.claude.defaultTimeout < 1000) {
-        errors.push('CLAUDE_TIMEOUT must be at least 1000ms');
-    }
-    if (errors.length > 0) {
-        throw new Error(`Configuration validation failed:\n${errors.join('\n')}`);
-    }
-}
-//# sourceMappingURL=config.js.map

package/dist/crypto-service.js

@@ -1,278 +0,0 @@
-"use strict";
-//
-// crypto-service.ts
-// CodeVibe Claude Plugin
-//
-// End-to-end encryption service using ECDH P-256 and AES-256-GCM
-//
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.cryptoService = exports.CryptoService = exports.ENCRYPTION_VERSION = exports.CryptoError = void 0;
-const crypto = __importStar(require("crypto"));
-// Errors that can occur during cryptographic operations
-class CryptoError extends Error {
-    constructor(message) {
-        super(message);
-        this.name = 'CryptoError';
-    }
-}
-exports.CryptoError = CryptoError;
-// Current encryption version for future algorithm upgrades
-exports.ENCRYPTION_VERSION = 1;
-// HKDF info string for key derivation
-const HKDF_INFO = 'CodeVibe E2E v1';
-/**
- * Service for end-to-end encryption operations
- */
-class CryptoService {
-    constructor() { }
-    static getInstance() {
-        if (!CryptoService.instance) {
-            CryptoService.instance = new CryptoService();
-        }
-        return CryptoService.instance;
-    }
-    // MARK: - Key Generation
-    /**
-     * Generate a new ECDH P-256 key pair
-     * @returns Object with privateKey (PEM), publicKey (base64 raw)
-     */
-    generateKeyPair() {
-        const ecdh = crypto.createECDH('prime256v1');
-        ecdh.generateKeys();
-        // Get raw public key (uncompressed format without 0x04 prefix for compatibility)
-        const publicKeyRaw = ecdh.getPublicKey();
-        const publicKeyBase64 = publicKeyRaw.subarray(1).toString('base64'); // Skip 0x04 prefix
-        // Get private key as raw bytes
-        const privateKeyRaw = ecdh.getPrivateKey();
-        const privateKeyBase64 = privateKeyRaw.toString('base64');
-        return {
-            privateKey: privateKeyBase64,
-            publicKey: publicKeyBase64,
-        };
-    }
-    /**
-     * Generate a random 256-bit session key
-     * @returns Base64-encoded session key
-     */
-    generateSessionKey() {
-        const keyData = crypto.randomBytes(32); // 256 bits
-        return keyData.toString('base64');
-    }
-    // MARK: - Key Derivation
-    /**
-     * Derive a shared secret using ECDH and HKDF
-     * @param privateKeyBase64 Our private key (base64)
-     * @param publicKeyBase64 Other party's public key (base64)
-     * @returns 256-bit derived key as Buffer
-     */
-    deriveSharedKey(privateKeyBase64, publicKeyBase64) {
-        try {
-            const ecdh = crypto.createECDH('prime256v1');
-            const privateKeyRaw = Buffer.from(privateKeyBase64, 'base64');
-            ecdh.setPrivateKey(privateKeyRaw);
-            // Add 0x04 prefix for uncompressed public key format
-            const publicKeyRaw = Buffer.concat([
-                Buffer.from([0x04]),
-                Buffer.from(publicKeyBase64, 'base64'),
-            ]);
-            const sharedSecret = ecdh.computeSecret(publicKeyRaw);
-            // Derive key using HKDF-SHA256
-            const derivedKey = crypto.hkdfSync('sha256', sharedSecret, Buffer.alloc(0), // Empty salt
-            Buffer.from(HKDF_INFO, 'utf8'), 32 // 256 bits
-            );
-            return Buffer.from(derivedKey);
-        }
-        catch (error) {
-            throw new CryptoError(`Failed to derive shared key: ${error}`);
-        }
-    }
-    // MARK: - Session Key Encryption
-    /**
-     * Encrypt a session key for a target device using ECDH
-     * @param sessionKeyBase64 The session key to encrypt (base64)
-     * @param targetPublicKeyBase64 Target device's public key (base64)
-     * @returns EncryptedSessionKey containing encrypted key and ephemeral public key
-     */
-    encryptSessionKey(sessionKeyBase64, targetPublicKeyBase64) {
-        // Generate ephemeral key pair for this encryption
-        const ephemeralKeyPair = this.generateKeyPair();
-        // Derive shared key using ephemeral private + target public
-        const sharedKey = this.deriveSharedKey(ephemeralKeyPair.privateKey, targetPublicKeyBase64);
-        // Encrypt session key with derived key
-        const sessionKeyData = Buffer.from(sessionKeyBase64, 'base64');
-        const encryptedData = this.encrypt(sessionKeyData, sharedKey);
-        return {
-            encryptedKey: encryptedData.toString('base64'),
-            ephemeralPublicKey: ephemeralKeyPair.publicKey,
-        };
-    }
-    /**
-     * Decrypt a session key using our private key
-     * @param encryptedSessionKey The encrypted session key data
-     * @param privateKeyBase64 Our device's private key (base64)
-     * @returns Decrypted session key (base64)
-     */
-    decryptSessionKey(encryptedSessionKey, privateKeyBase64) {
-        // Derive shared key using our private + ephemeral public
-        const sharedKey = this.deriveSharedKey(privateKeyBase64, encryptedSessionKey.ephemeralPublicKey);
-        // Decrypt session key
-        const encryptedData = Buffer.from(encryptedSessionKey.encryptedKey, 'base64');
-        const decryptedData = this.decrypt(encryptedData, sharedKey);
-        return decryptedData.toString('base64');
-    }
-    // MARK: - Content Encryption/Decryption
-    /**
-     * Encrypt content using AES-256-GCM
-     * @param content String content to encrypt
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Base64-encoded ciphertext (nonce + ciphertext + tag)
-     */
-    encryptContent(content, sessionKeyBase64) {
-        const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
-        const contentData = Buffer.from(content, 'utf8');
-        const encryptedData = this.encrypt(contentData, sessionKey);
-        return encryptedData.toString('base64');
-    }
-    /**
-     * Decrypt content using AES-256-GCM
-     * @param encryptedContent Base64-encoded ciphertext
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Decrypted string content
-     */
-    decryptContent(encryptedContent, sessionKeyBase64) {
-        const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
-        const encryptedData = Buffer.from(encryptedContent, 'base64');
-        const decryptedData = this.decrypt(encryptedData, sessionKey);
-        return decryptedData.toString('utf8');
-    }
-    /**
-     * Encrypt JSON-serializable metadata
-     * @param metadata Object to encrypt
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Base64-encoded encrypted JSON
-     */
-    encryptMetadata(metadata, sessionKeyBase64) {
-        const jsonString = JSON.stringify(metadata);
-        return this.encryptContent(jsonString, sessionKeyBase64);
-    }
-    /**
-     * Decrypt encrypted metadata
-     * @param encryptedMetadata Base64-encoded encrypted JSON
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Decrypted object
-     */
-    decryptMetadata(encryptedMetadata, sessionKeyBase64) {
-        const jsonString = this.decryptContent(encryptedMetadata, sessionKeyBase64);
-        return JSON.parse(jsonString);
-    }
-    // MARK: - Binary Data Encryption (for attachments)
-    /**
-     * Encrypt binary data using AES-256-GCM
-     * @param data Binary data to encrypt (Buffer)
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Encrypted data (Buffer containing nonce + ciphertext + tag)
-     */
-    encryptData(data, sessionKeyBase64) {
-        const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
-        return this.encrypt(data, sessionKey);
-    }
-    /**
-     * Decrypt binary data using AES-256-GCM
-     * @param encryptedData Encrypted data (Buffer containing nonce + ciphertext + tag)
-     * @param sessionKeyBase64 Session key (base64)
-     * @returns Decrypted binary data (Buffer)
-     */
-    decryptData(encryptedData, sessionKeyBase64) {
-        const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
-        return this.decrypt(encryptedData, sessionKey);
-    }
-    // MARK: - Low-level Encryption
-    /**
-     * Encrypt data using AES-256-GCM
-     * @param data Data to encrypt
-     * @param key Symmetric key (32 bytes)
-     * @returns Combined nonce + ciphertext + tag
-     */
-    encrypt(data, key) {
-        // Generate random 12-byte nonce (IV)
-        const nonce = crypto.randomBytes(12);
-        const cipher = crypto.createCipheriv('aes-256-gcm', key, nonce);
-        const ciphertext = Buffer.concat([cipher.update(data), cipher.final()]);
-        const tag = cipher.getAuthTag();
-        // Combine: nonce (12 bytes) + ciphertext + tag (16 bytes)
-        return Buffer.concat([nonce, ciphertext, tag]);
-    }
-    /**
-     * Decrypt data using AES-256-GCM
-     * @param data Combined nonce + ciphertext + tag
-     * @param key Symmetric key (32 bytes)
-     * @returns Decrypted data
-     */
-    decrypt(data, key) {
-        // Extract: nonce (12 bytes) + ciphertext + tag (16 bytes)
-        const nonce = data.subarray(0, 12);
-        const tag = data.subarray(data.length - 16);
-        const ciphertext = data.subarray(12, data.length - 16);
-        const decipher = crypto.createDecipheriv('aes-256-gcm', key, nonce);
-        decipher.setAuthTag(tag);
-        try {
-            const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
-            return decrypted;
-        }
-        catch (error) {
-            throw new CryptoError('Decryption failed: Invalid ciphertext or authentication tag');
-        }
-    }
-    // MARK: - Key Serialization
-    /**
-     * Serialize a private key for storage
-     * Note: Private key is already base64 from generateKeyPair
-     */
-    serializePrivateKey(privateKeyBase64) {
-        return privateKeyBase64;
-    }
-    /**
-     * Deserialize a private key from storage
-     * Note: Private key is already base64
-     */
-    deserializePrivateKey(base64) {
-        return base64;
-    }
-}
-exports.CryptoService = CryptoService;
-// Export singleton instance
-exports.cryptoService = CryptoService.getInstance();
-//# sourceMappingURL=crypto-service.js.map