@schuttdev/gigai 0.2.5 → 0.2.7

package/dist/{dist-G2KJBUZX.js → dist-MGLETZTT.js}

@@ -1,12 +1,4 @@
 #!/usr/bin/env node
-import {
-  ErrorCode,
-  GigaiConfigSchema,
-  GigaiError,
-  decrypt,
-  encrypt,
-  generateEncryptionKey
-} from "./chunk-7C3UYEKE.js";
 
 // ../server/dist/index.mjs
 import { parseArgs } from "util";
@@ -14,9 +6,270 @@ import Fastify from "fastify";
 import cors from "@fastify/cors";
 import rateLimit from "@fastify/rate-limit";
 import multipart from "@fastify/multipart";
+
+// ../shared/dist/index.mjs
+import { randomBytes, createCipheriv, createDecipheriv } from "crypto";
+import { z } from "zod";
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 12;
+var TAG_LENGTH = 16;
+function encrypt(payload, key) {
+  const keyBuffer = Buffer.from(key, "hex");
+  if (keyBuffer.length !== 32) {
+    throw new Error("Encryption key must be 32 bytes (64 hex chars)");
+  }
+  const iv = randomBytes(IV_LENGTH);
+  const cipher = createCipheriv(ALGORITHM, keyBuffer, iv, {
+    authTagLength: TAG_LENGTH
+  });
+  const plaintext = JSON.stringify(payload);
+  const encrypted = Buffer.concat([
+    cipher.update(plaintext, "utf8"),
+    cipher.final()
+  ]);
+  const tag = cipher.getAuthTag();
+  return {
+    iv: iv.toString("base64"),
+    ciphertext: encrypted.toString("base64"),
+    tag: tag.toString("base64")
+  };
+}
+function decrypt(encrypted, key) {
+  const keyBuffer = Buffer.from(key, "hex");
+  if (keyBuffer.length !== 32) {
+    throw new Error("Encryption key must be 32 bytes (64 hex chars)");
+  }
+  const iv = Buffer.from(encrypted.iv, "base64");
+  const ciphertext = Buffer.from(encrypted.ciphertext, "base64");
+  const tag = Buffer.from(encrypted.tag, "base64");
+  const decipher = createDecipheriv(ALGORITHM, keyBuffer, iv, {
+    authTagLength: TAG_LENGTH
+  });
+  decipher.setAuthTag(tag);
+  const decrypted = Buffer.concat([
+    decipher.update(ciphertext),
+    decipher.final()
+  ]);
+  return JSON.parse(decrypted.toString("utf8"));
+}
+function generateEncryptionKey() {
+  return randomBytes(32).toString("hex");
+}
+var ErrorCode = /* @__PURE__ */ ((ErrorCode2) => {
+  ErrorCode2["PAIRING_EXPIRED"] = "PAIRING_EXPIRED";
+  ErrorCode2["PAIRING_INVALID"] = "PAIRING_INVALID";
+  ErrorCode2["PAIRING_USED"] = "PAIRING_USED";
+  ErrorCode2["TOKEN_INVALID"] = "TOKEN_INVALID";
+  ErrorCode2["TOKEN_DECRYPT_FAILED"] = "TOKEN_DECRYPT_FAILED";
+  ErrorCode2["ORG_MISMATCH"] = "ORG_MISMATCH";
+  ErrorCode2["SESSION_EXPIRED"] = "SESSION_EXPIRED";
+  ErrorCode2["SESSION_INVALID"] = "SESSION_INVALID";
+  ErrorCode2["AUTH_REQUIRED"] = "AUTH_REQUIRED";
+  ErrorCode2["TOOL_NOT_FOUND"] = "TOOL_NOT_FOUND";
+  ErrorCode2["EXEC_TIMEOUT"] = "EXEC_TIMEOUT";
+  ErrorCode2["EXEC_FAILED"] = "EXEC_FAILED";
+  ErrorCode2["HTTPS_REQUIRED"] = "HTTPS_REQUIRED";
+  ErrorCode2["RATE_LIMITED"] = "RATE_LIMITED";
+  ErrorCode2["VALIDATION_ERROR"] = "VALIDATION_ERROR";
+  ErrorCode2["INTERNAL_ERROR"] = "INTERNAL_ERROR";
+  ErrorCode2["MCP_ERROR"] = "MCP_ERROR";
+  ErrorCode2["MCP_NOT_CONNECTED"] = "MCP_NOT_CONNECTED";
+  ErrorCode2["TRANSFER_NOT_FOUND"] = "TRANSFER_NOT_FOUND";
+  ErrorCode2["TRANSFER_EXPIRED"] = "TRANSFER_EXPIRED";
+  ErrorCode2["PATH_NOT_ALLOWED"] = "PATH_NOT_ALLOWED";
+  ErrorCode2["COMMAND_NOT_ALLOWED"] = "COMMAND_NOT_ALLOWED";
+  return ErrorCode2;
+})(ErrorCode || {});
+var STATUS_CODES = {
+  [
+    "PAIRING_EXPIRED"
+    /* PAIRING_EXPIRED */
+  ]: 410,
+  [
+    "PAIRING_INVALID"
+    /* PAIRING_INVALID */
+  ]: 400,
+  [
+    "PAIRING_USED"
+    /* PAIRING_USED */
+  ]: 409,
+  [
+    "TOKEN_INVALID"
+    /* TOKEN_INVALID */
+  ]: 401,
+  [
+    "TOKEN_DECRYPT_FAILED"
+    /* TOKEN_DECRYPT_FAILED */
+  ]: 401,
+  [
+    "ORG_MISMATCH"
+    /* ORG_MISMATCH */
+  ]: 403,
+  [
+    "SESSION_EXPIRED"
+    /* SESSION_EXPIRED */
+  ]: 401,
+  [
+    "SESSION_INVALID"
+    /* SESSION_INVALID */
+  ]: 401,
+  [
+    "AUTH_REQUIRED"
+    /* AUTH_REQUIRED */
+  ]: 401,
+  [
+    "TOOL_NOT_FOUND"
+    /* TOOL_NOT_FOUND */
+  ]: 404,
+  [
+    "EXEC_TIMEOUT"
+    /* EXEC_TIMEOUT */
+  ]: 408,
+  [
+    "EXEC_FAILED"
+    /* EXEC_FAILED */
+  ]: 500,
+  [
+    "HTTPS_REQUIRED"
+    /* HTTPS_REQUIRED */
+  ]: 403,
+  [
+    "RATE_LIMITED"
+    /* RATE_LIMITED */
+  ]: 429,
+  [
+    "VALIDATION_ERROR"
+    /* VALIDATION_ERROR */
+  ]: 400,
+  [
+    "INTERNAL_ERROR"
+    /* INTERNAL_ERROR */
+  ]: 500,
+  [
+    "MCP_ERROR"
+    /* MCP_ERROR */
+  ]: 502,
+  [
+    "MCP_NOT_CONNECTED"
+    /* MCP_NOT_CONNECTED */
+  ]: 503,
+  [
+    "TRANSFER_NOT_FOUND"
+    /* TRANSFER_NOT_FOUND */
+  ]: 404,
+  [
+    "TRANSFER_EXPIRED"
+    /* TRANSFER_EXPIRED */
+  ]: 410,
+  [
+    "PATH_NOT_ALLOWED"
+    /* PATH_NOT_ALLOWED */
+  ]: 403,
+  [
+    "COMMAND_NOT_ALLOWED"
+    /* COMMAND_NOT_ALLOWED */
+  ]: 403
+};
+var GigaiError = class extends Error {
+  code;
+  statusCode;
+  details;
+  constructor(code, message, details) {
+    super(message);
+    this.name = "GigaiError";
+    this.code = code;
+    this.statusCode = STATUS_CODES[code];
+    this.details = details;
+  }
+  toJSON() {
+    return {
+      error: {
+        code: this.code,
+        message: this.message,
+        ...this.details !== void 0 && { details: this.details }
+      }
+    };
+  }
+};
+var TailscaleHttpsConfigSchema = z.object({
+  provider: z.literal("tailscale"),
+  funnelPort: z.number().optional()
+});
+var CloudflareHttpsConfigSchema = z.object({
+  provider: z.literal("cloudflare"),
+  tunnelName: z.string(),
+  domain: z.string().optional()
+});
+var ManualHttpsConfigSchema = z.object({
+  provider: z.literal("manual"),
+  certPath: z.string(),
+  keyPath: z.string()
+});
+var HttpsConfigSchema = z.discriminatedUnion("provider", [
+  TailscaleHttpsConfigSchema,
+  CloudflareHttpsConfigSchema,
+  ManualHttpsConfigSchema
+]);
+var CliToolConfigSchema = z.object({
+  type: z.literal("cli"),
+  name: z.string(),
+  command: z.string(),
+  args: z.array(z.string()).optional(),
+  description: z.string(),
+  timeout: z.number().optional(),
+  cwd: z.string().optional(),
+  env: z.record(z.string()).optional()
+});
+var McpToolConfigSchema = z.object({
+  type: z.literal("mcp"),
+  name: z.string(),
+  command: z.string(),
+  args: z.array(z.string()).optional(),
+  description: z.string(),
+  env: z.record(z.string()).optional()
+});
+var ScriptToolConfigSchema = z.object({
+  type: z.literal("script"),
+  name: z.string(),
+  path: z.string(),
+  description: z.string(),
+  timeout: z.number().optional(),
+  interpreter: z.string().optional()
+});
+var BuiltinToolConfigSchema = z.object({
+  type: z.literal("builtin"),
+  name: z.string(),
+  builtin: z.enum(["filesystem", "shell"]),
+  description: z.string(),
+  config: z.record(z.unknown()).optional()
+});
+var ToolConfigSchema = z.discriminatedUnion("type", [
+  CliToolConfigSchema,
+  McpToolConfigSchema,
+  ScriptToolConfigSchema,
+  BuiltinToolConfigSchema
+]);
+var AuthConfigSchema = z.object({
+  encryptionKey: z.string().length(64),
+  pairingTtlSeconds: z.number().default(300),
+  sessionTtlSeconds: z.number().default(14400)
+});
+var ServerConfigSchema = z.object({
+  port: z.number().default(7443),
+  host: z.string().default("0.0.0.0"),
+  https: HttpsConfigSchema.optional()
+});
+var GigaiConfigSchema = z.object({
+  serverName: z.string().optional(),
+  server: ServerConfigSchema,
+  auth: AuthConfigSchema,
+  tools: z.array(ToolConfigSchema).default([])
+});
+
+// ../server/dist/index.mjs
 import fp from "fastify-plugin";
 import { nanoid } from "nanoid";
-import { randomBytes } from "crypto";
+import { randomBytes as randomBytes2 } from "crypto";
 import { hostname } from "os";
 import { nanoid as nanoid2 } from "nanoid";
 import fp2 from "fastify-plugin";
@@ -25,19 +278,19 @@ import { spawn } from "child_process";
 import fp4 from "fastify-plugin";
 import { Client } from "@modelcontextprotocol/sdk/client/index.js";
 import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
-import { readFile } from "fs/promises";
+import { readFileSync } from "fs";
 import { resolve } from "path";
 import { readFile as fsReadFile, readdir } from "fs/promises";
 import { resolve as resolve2, relative, join } from "path";
 import { realpath } from "fs/promises";
 import { spawn as spawn2 } from "child_process";
-import { writeFile, readFile as readFile2, unlink, mkdir } from "fs/promises";
+import { writeFile, readFile, unlink, mkdir } from "fs/promises";
 import { join as join2 } from "path";
 import { tmpdir } from "os";
 import { nanoid as nanoid3 } from "nanoid";
 import { execFile, spawn as spawn3 } from "child_process";
 import { promisify } from "util";
-import { readFile as readFile3 } from "fs/promises";
+import { readFile as readFile2 } from "fs/promises";
 import { resolve as resolve3 } from "path";
 import { spawn as spawn4 } from "child_process";
 import { spawn as spawn5 } from "child_process";
@@ -47,7 +300,7 @@ import { resolve as resolve4 } from "path";
 import { execFile as execFile2, spawn as spawn6 } from "child_process";
 import { promisify as promisify2 } from "util";
 import { input as input2 } from "@inquirer/prompts";
-import { readFile as readFile4, writeFile as writeFile3 } from "fs/promises";
+import { readFile as readFile3, writeFile as writeFile3 } from "fs/promises";
 import { resolve as resolve5 } from "path";
 import { writeFile as writeFile4 } from "fs/promises";
 import { resolve as resolve6, join as join3 } from "path";
@@ -187,7 +440,7 @@ function validateAndPair(store, code, orgUuid, encryptionKey, serverFingerprint)
   );
 }
 function registerAuthRoutes(server, store, config) {
-  const serverFingerprint = randomBytes(16).toString("hex");
+  const serverFingerprint = randomBytes2(16).toString("hex");
   const serverName = config.serverName ?? hostname();
   server.post("/auth/pair", {
     config: {
@@ -565,21 +818,21 @@ var mcpPlugin = fp4(async (server, opts) => {
   });
 }, { name: "mcp" });
 var startTime = Date.now();
+var startupVersion = "0.0.0";
+try {
+  const pkg = JSON.parse(
+    readFileSync(resolve(import.meta.dirname ?? ".", "../package.json"), "utf8")
+  );
+  startupVersion = pkg.version;
+} catch {
+}
 async function healthRoutes(server) {
   server.get("/health", {
     config: { skipAuth: true }
   }, async () => {
-    let version = "0.1.0";
-    try {
-      const pkg = JSON.parse(
-        await readFile(resolve(import.meta.dirname ?? ".", "../package.json"), "utf8")
-      );
-      version = pkg.version;
-    } catch {
-    }
     return {
       status: "ok",
-      version,
+      version: startupVersion,
       uptime: Date.now() - startTime
     };
   });
@@ -872,7 +1125,7 @@ async function transferRoutes(server) {
       transfers.delete(id);
       throw new GigaiError(ErrorCode.TRANSFER_EXPIRED, "Transfer expired");
     }
-    const content = await readFile2(entry.path);
+    const content = await readFile(entry.path);
     reply.type(entry.mimeType).send(content);
   });
 }
@@ -969,7 +1222,7 @@ async function createServer(opts) {
 var DEFAULT_CONFIG_PATH = "gigai.config.json";
 async function loadConfig(path) {
   const configPath = resolve3(path ?? DEFAULT_CONFIG_PATH);
-  const raw = await readFile3(configPath, "utf8");
+  const raw = await readFile2(configPath, "utf8");
   const json = JSON.parse(raw);
   return GigaiConfigSchema.parse(json);
 }
@@ -1272,11 +1525,11 @@ async function runInit() {
   Paste this into Claude to pair:
 `);
   console.log(`  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500`);
-  console.log(`  Install the gigai CLI and pair with my server:
+  console.log(`  Install kon and pair with my server:
 `);
   console.log(`  \`\`\`bash`);
-  console.log(`  npm install -g @schuttdev/gigai`);
-  console.log(`  gigai pair ${code} ${serverUrl}`);
+  console.log(`  npm install -g @schuttdev/kon`);
+  console.log(`  kon pair ${code} ${serverUrl}`);
   console.log(`  \`\`\`
 `);
   console.log(`  Then show me the skill file output so I can save it.`);
@@ -1288,7 +1541,7 @@ async function runInit() {
 }
 async function loadConfigFile(path) {
   const configPath = resolve5(path ?? "gigai.config.json");
-  const raw = await readFile4(configPath, "utf8");
+  const raw = await readFile3(configPath, "utf8");
   const config = GigaiConfigSchema.parse(JSON.parse(raw));
   return { config, path: configPath };
 }
@@ -1363,7 +1616,7 @@ async function wrapScript() {
 }
 async function wrapImport(configFilePath) {
   const { config, path } = await loadConfigFile();
-  const raw = await readFile4(resolve5(configFilePath), "utf8");
+  const raw = await readFile3(resolve5(configFilePath), "utf8");
   const desktopConfig = JSON.parse(raw);
   const mcpServers = desktopConfig.mcpServers ?? {};
   for (const [serverName, serverConfig] of Object.entries(mcpServers)) {