@sanctuary-framework/mcp-server 0.10.3 → 0.10.5

package/dist/cli.cjs

@@ -7119,11 +7119,20 @@ function generateDashboardHTML(options) {
 
     // SSE Setup
     function setupSSE() {
-      const eventSource = new EventSource(API_BASE + '/api/events', {
-        headers: {
-          'Authorization': 'Bearer ' + AUTH_TOKEN,
-        },
-      });
+      // v0.10.5: the standard browser EventSource API does not support a
+      // headers option \u2014 it is silently dropped. Auth must travel as a
+      // cookie (set by /auth/session and sent automatically by the
+      // browser) or as a ?session= query parameter, both of which Stack
+      // A's checkAuth honours. Loopback callers also bypass auth via the
+      // v0.10.2 _autoAuthLocalhost path, which is the path moltbook
+      // hits when the dashboard is auto-opened on 127.0.0.1.
+      //
+      // The endpoint itself is /events \u2014 Stack A's route table mounts it
+      // there, and the previous /api/events URL was a 404 in every real
+      // boot from v0.10.0 through v0.10.4. The retry loop that result
+      // produced is exactly the "status bar flashing blue continuously"
+      // moltbook reported on v0.10.4.
+      const eventSource = new EventSource(API_BASE + '/events');
 
       eventSource.addEventListener('init', (e) => {
         console.log('Connected to SSE');
@@ -27423,10 +27432,64 @@ var init_multi_server = __esm({
 // src/dashboard-standalone.ts
 var dashboard_standalone_exports = {};
 __export(dashboard_standalone_exports, {
+  discoverableSubTenants: () => discoverableSubTenants,
+  renderTenantDiscoveryHint: () => renderTenantDiscoveryHint,
   startStandaloneDashboard: () => startStandaloneDashboard
 });
+async function discoverableSubTenants(currentStoragePath) {
+  let all;
+  try {
+    all = await discoverTenants();
+  } catch {
+    return [];
+  }
+  return all.filter((t) => t.storage_path !== currentStoragePath && t.initialized);
+}
+function renderTenantDiscoveryHint(tenants) {
+  if (tenants.length === 0) {
+    return `No wrapped tenants discovered on this host.
+Run \`sanctuary wrap\` to create one, or set SANCTUARY_STORAGE_PATH
+if your tenant lives outside ~/.sanctuary/.`;
+  }
+  const lines = tenants.map((t) => {
+    const runtime = t.runtime ? ` (running on :${t.runtime.dashboard_port})` : "";
+    return `  \u2022 ${t.name}${runtime}
+      storage: ${t.storage_path}
+      keychain: ${t.keychain_service}`;
+  });
+  if (tenants.length === 1) {
+    return `Detected 1 wrapped tenant on this host:
+` + lines.join("\n") + `
+
+Boot the dashboard against it with:
+  sanctuary dashboard --tenant ${tenants[0].name}
+`;
+  }
+  return `Detected ${tenants.length} wrapped tenants on this host:
+` + lines.join("\n") + `
+
+Pick one explicitly:
+  sanctuary dashboard --tenant <name>
+
+Or browse all of them in the multi-tenant overview (no decryption):
+  sanctuary dashboard --multi
+`;
+}
 async function startStandaloneDashboard(options = {}) {
   process.env.SANCTUARY_DASHBOARD_ENABLED = "true";
+  if (options.tenant !== void 0) {
+    const match = await findTenant(options.tenant);
+    if (!match) {
+      const available = await discoverTenants();
+      const names = available.map((t) => t.name).join(", ") || "(none \u2014 run `sanctuary wrap`)";
+      throw new Error(
+        `Sanctuary Dashboard: --tenant "${options.tenant}" did not match any wrapped tenant.
+Available tenants: ${names}
+List details with \`sanctuary agents\`.`
+      );
+    }
+    process.env.SANCTUARY_STORAGE_PATH = match.storage_path;
+  }
   const config = await loadConfig(options.configPath);
   await promises.mkdir(config.storage_path, { recursive: true, mode: 448 });
   const storage = new FilesystemStorage(`${config.storage_path}/state`);
@@ -27476,12 +27539,16 @@ async function startStandaloneDashboard(options = {}) {
   } else {
     const { hashToString: hashToString2 } = await Promise.resolve().then(() => (init_hashing(), hashing_exports));
     const { stringToBytes: stringToBytes2, bytesToString: bytesToString2, fromBase64url: fromBase64url2, constantTimeEqual: constantTimeEqual2 } = await Promise.resolve().then(() => (init_encoding(), encoding_exports));
+    const otherTenants = await discoverableSubTenants(config.storage_path);
     const existingHash = await storage.read("_meta", "recovery-key-hash");
     if (existingHash) {
       const envRecoveryKey = process.env.SANCTUARY_RECOVERY_KEY;
       if (!envRecoveryKey) {
         throw new Error(
-          "Sanctuary Dashboard: Existing encrypted data found but no credentials provided.\nProvide SANCTUARY_PASSPHRASE or SANCTUARY_RECOVERY_KEY to start the dashboard.\nThe dashboard needs the same credentials as the MCP server to read encrypted data."
+          `Sanctuary Dashboard: Existing encrypted data found at ${config.storage_path} but no credentials provided.
+Provide SANCTUARY_PASSPHRASE or SANCTUARY_RECOVERY_KEY to start the dashboard against this storage path.
+
+` + (otherTenants.length > 0 ? renderTenantDiscoveryHint(otherTenants) + "\n" : "") + `See server/docs/keychain-schema.md for the keychain layout.`
         );
       }
       let recoveryKeyBytes;
@@ -27512,7 +27579,19 @@ async function startStandaloneDashboard(options = {}) {
       const hasKeyParams = existingNamespaces.some((e) => e.key === "key-params");
       if (hasKeyParams) {
         throw new Error(
-          "Sanctuary Dashboard: Existing encrypted data found (passphrase-protected).\nProvide SANCTUARY_PASSPHRASE to start the dashboard.\nThe dashboard needs the same credentials as the MCP server to read encrypted data."
+          `Sanctuary Dashboard: Existing encrypted data found at ${config.storage_path} (passphrase-protected).
+No passphrase was supplied via --passphrase, SANCTUARY_PASSPHRASE,
+or the per-tenant Keychain item ${keychainServiceFor(config.storage_path, os.homedir())}.
+
+` + (otherTenants.length > 0 ? renderTenantDiscoveryHint(otherTenants) + "\n" : "") + `See server/docs/keychain-schema.md for the keychain layout and recovery options.`
+        );
+      }
+      if (otherTenants.length > 0) {
+        throw new Error(
+          `Sanctuary Dashboard: ${config.storage_path} has no Sanctuary state, but other wrapped tenants exist on this host.
+Refusing to generate a new recovery key over the default root \u2014 that would obscure the existing tenants.
+
+` + renderTenantDiscoveryHint(otherTenants)
         );
       }
       console.error(
@@ -27602,27 +27681,26 @@ async function startStandaloneDashboard(options = {}) {
   if (loadResult.total > 0 && loadResult.loaded === 0) {
     const service = keychainServiceFor(config.storage_path, os.homedir());
     const sourceLabel = passphraseSource === "option" ? "--passphrase option" : passphraseSource === "env" ? "SANCTUARY_PASSPHRASE env var" : passphraseSource === "keychain" ? `macOS Keychain (service ${service})` : passphraseSource === "fallback-file" ? "encrypted fallback file" : "recovery key";
+    const otherTenants = await discoverableSubTenants(config.storage_path);
+    const hint = otherTenants.length > 0 ? `
+     ${renderTenantDiscoveryHint(otherTenants).split("\n").join("\n     ")}
+` : "";
     console.error(
       `
   \u26A0  WARNING: Encrypted identities found but NONE loaded
      ${loadResult.total} encrypted identity file(s) in ${config.storage_path}/state/_identities/
      0 could be decrypted with the master key derived from the ${sourceLabel}.
 
-     The dashboard will show empty panels. Since v0.10.0 each wrapped
-     tenant has its OWN passphrase, stored under a per-tenant Keychain
-     service name. A single SANCTUARY_PASSPHRASE unlocks at most one
-     tenant \u2014 it is not a global master credential.
-
-     To diagnose:
-       \u2022 List tenants on this host:       sanctuary agents
-       \u2022 Multi-tenant overview (no decrypt): sanctuary dashboard --multi
-       \u2022 Point at a specific tenant:      SANCTUARY_STORAGE_PATH=<path> sanctuary dashboard
-       \u2022 Inspect this tenant's Keychain:  security find-generic-password -s '${service}' -w
-
-     If this tenant's passphrase lives only in a different Keychain item
-     or on another machine, restore it before this dashboard can read
-     any state. Sanctuary will never auto-regenerate \u2014 that would
-     permanently destroy the data encrypted under the prior key.
+     The dashboard will show empty panels. Each wrapped tenant has its
+     own passphrase under its own per-tenant Keychain service
+     (this tenant's service: ${service}) \u2014 there is no global master
+     credential. Setting SANCTUARY_PASSPHRASE here will not help unless
+     that value is the passphrase that originally encrypted the
+     identity files at this storage path.
+` + hint + `
+     Diagnostic recipes: server/docs/keychain-schema.md
+     Sanctuary will never auto-regenerate \u2014 that would permanently
+     destroy the data encrypted under the prior key.
 `
     );
   } else if (loadResult.failed > 0) {
@@ -27653,6 +27731,7 @@ var init_dashboard_standalone = __esm({
     init_sovereignty_profile();
     init_runtime();
     init_passphrase();
+    init_discovery();
   }
 });
 
@@ -27821,6 +27900,7 @@ async function runStandaloneDashboard(args) {
   let port;
   let host;
   let multi = false;
+  let tenant;
   for (let i = 0; i < args.length; i++) {
     if (args[i] === "--passphrase" && args[i + 1]) {
       console.error(
@@ -27833,6 +27913,8 @@ async function runStandaloneDashboard(args) {
       host = args[++i];
     } else if (args[i] === "--multi") {
       multi = true;
+    } else if (args[i] === "--tenant" && args[i + 1]) {
+      tenant = args[++i];
     } else if (args[i] === "--help" || args[i] === "-h") {
       printDashboardHelp();
       process.exit(0);
@@ -27862,7 +27944,8 @@ async function runStandaloneDashboard(args) {
   await startStandaloneDashboard2({
     passphrase,
     port,
-    host
+    host,
+    ...tenant !== void 0 ? { tenant } : {}
   });
   console.error(`
 Sanctuary Dashboard running (standalone mode). Press Ctrl+C to stop.
@@ -27996,6 +28079,10 @@ Usage:
 Options:
   --port <port>        Dashboard port (default: from config or 3501; 3500 for --multi)
   --host <host>        Bind address (default: 127.0.0.1)
+  --tenant <name>      Boot against a specific wrapped tenant by the name printed
+                       by \`sanctuary agents\`. Resolves the per-tenant storage
+                       path and Keychain entry automatically. Use this on multi-
+                       tenant hosts instead of guessing SANCTUARY_PASSPHRASE.
   --multi              Start the multi-agent overview instead of a single-tenant
                        dashboard. Does not decrypt any tenant state \u2014 scans every
                        tenant on the host and deep-links into per-tenant dashboards.