@schuttdev/gigai 0.2.8 → 0.3.0

package/dist/chunk-FW3JH5IG.js

@@ -0,0 +1,330 @@
+#!/usr/bin/env node
+import {
+  ErrorCode,
+  GigaiError
+} from "./chunk-P53UVHTF.js";
+
+// ../server/dist/chunk-PO3MFBDO.mjs
+import {
+  readFile as fsReadFile,
+  writeFile as fsWriteFile,
+  readdir
+} from "fs/promises";
+import { resolve, relative, join } from "path";
+import { realpath } from "fs/promises";
+import { spawn } from "child_process";
+var MAX_OUTPUT_SIZE = 10 * 1024 * 1024;
+var MAX_READ_SIZE = 2 * 1024 * 1024;
+async function validatePath(targetPath, allowedPaths) {
+  const resolved = resolve(targetPath);
+  let real;
+  try {
+    real = await realpath(resolved);
+  } catch {
+    real = resolved;
+  }
+  const isAllowed = allowedPaths.some((allowed) => {
+    const resolvedAllowed = resolve(allowed);
+    const allowedPrefix = resolvedAllowed.endsWith("/") ? resolvedAllowed : resolvedAllowed + "/";
+    return real === resolvedAllowed || real.startsWith(allowedPrefix) || resolved === resolvedAllowed || resolved.startsWith(allowedPrefix);
+  });
+  if (!isAllowed) {
+    throw new GigaiError(
+      ErrorCode.PATH_NOT_ALLOWED,
+      `Path not within allowed directories: ${targetPath}`
+    );
+  }
+  return resolved;
+}
+async function readFileSafe(path, allowedPaths) {
+  const safePath = await validatePath(path, allowedPaths);
+  return fsReadFile(safePath, "utf8");
+}
+async function listDirSafe(path, allowedPaths) {
+  const safePath = await validatePath(path, allowedPaths);
+  const entries = await readdir(safePath, { withFileTypes: true });
+  return entries.map((e) => ({
+    name: e.name,
+    type: e.isDirectory() ? "directory" : "file"
+  }));
+}
+async function searchFilesSafe(path, pattern, allowedPaths) {
+  const safePath = await validatePath(path, allowedPaths);
+  const results = [];
+  let regex;
+  try {
+    regex = new RegExp(pattern, "i");
+  } catch {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, `Invalid search pattern: ${pattern}`);
+  }
+  async function walk(dir) {
+    const entries = await readdir(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = join(dir, entry.name);
+      if (regex.test(entry.name)) {
+        results.push(relative(safePath, fullPath));
+      }
+      if (entry.isDirectory()) {
+        await walk(fullPath);
+      }
+    }
+  }
+  await walk(safePath);
+  return results;
+}
+async function readBuiltin(args, allowedPaths) {
+  const filePath = args[0];
+  if (!filePath) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Usage: read <file> [offset] [limit]");
+  }
+  const safePath = await validatePath(filePath, allowedPaths);
+  const content = await fsReadFile(safePath, "utf8");
+  if (content.length > MAX_READ_SIZE) {
+    throw new GigaiError(
+      ErrorCode.VALIDATION_ERROR,
+      `File too large (${(content.length / 1024 / 1024).toFixed(1)}MB). Max: ${MAX_READ_SIZE / 1024 / 1024}MB. Use offset/limit.`
+    );
+  }
+  const offset = args[1] ? parseInt(args[1], 10) : 0;
+  const limit = args[2] ? parseInt(args[2], 10) : 0;
+  if (offset || limit) {
+    const lines = content.split("\n");
+    const start = Math.max(0, offset);
+    const end = limit ? start + limit : lines.length;
+    const sliced = lines.slice(start, end);
+    return { stdout: sliced.join("\n"), stderr: "", exitCode: 0 };
+  }
+  return { stdout: content, stderr: "", exitCode: 0 };
+}
+async function writeBuiltin(args, allowedPaths) {
+  const filePath = args[0];
+  const content = args[1];
+  if (!filePath || content === void 0) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Usage: write <file> <content>");
+  }
+  const safePath = await validatePath(filePath, allowedPaths);
+  const { mkdir } = await import("fs/promises");
+  const { dirname } = await import("path");
+  await mkdir(dirname(safePath), { recursive: true });
+  await fsWriteFile(safePath, content, "utf8");
+  return { stdout: `Written: ${safePath}`, stderr: "", exitCode: 0 };
+}
+async function editBuiltin(args, allowedPaths) {
+  const filePath = args[0];
+  const oldStr = args[1];
+  const newStr = args[2];
+  const replaceAll = args.includes("--all");
+  if (!filePath || oldStr === void 0 || newStr === void 0) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Usage: edit <file> <old_string> <new_string> [--all]");
+  }
+  const safePath = await validatePath(filePath, allowedPaths);
+  const content = await fsReadFile(safePath, "utf8");
+  if (!content.includes(oldStr)) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "old_string not found in file");
+  }
+  if (!replaceAll) {
+    const firstIdx = content.indexOf(oldStr);
+    const secondIdx = content.indexOf(oldStr, firstIdx + 1);
+    if (secondIdx !== -1) {
+      throw new GigaiError(
+        ErrorCode.VALIDATION_ERROR,
+        "old_string matches multiple locations. Use --all to replace all, or provide more context to make it unique."
+      );
+    }
+  }
+  const updated = replaceAll ? content.split(oldStr).join(newStr) : content.replace(oldStr, newStr);
+  await fsWriteFile(safePath, updated, "utf8");
+  const count = replaceAll ? content.split(oldStr).length - 1 : 1;
+  return { stdout: `Replaced ${count} occurrence(s) in ${safePath}`, stderr: "", exitCode: 0 };
+}
+async function globBuiltin(args, allowedPaths) {
+  const pattern = args[0];
+  if (!pattern) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Usage: glob <pattern> [path]");
+  }
+  const searchPath = args[1] ?? ".";
+  const safePath = await validatePath(searchPath, allowedPaths);
+  const results = [];
+  const globRegex = globToRegex(pattern);
+  async function walk(dir) {
+    let entries;
+    try {
+      entries = await readdir(dir, { withFileTypes: true });
+    } catch {
+      return;
+    }
+    for (const entry of entries) {
+      const fullPath = join(dir, entry.name);
+      const relPath = relative(safePath, fullPath);
+      if (globRegex.test(relPath) || globRegex.test(entry.name)) {
+        results.push(relPath);
+      }
+      if (entry.isDirectory() && !entry.name.startsWith(".") && entry.name !== "node_modules") {
+        await walk(fullPath);
+      }
+      if (results.length >= 1e3) return;
+    }
+  }
+  await walk(safePath);
+  return { stdout: results.join("\n"), stderr: "", exitCode: 0 };
+}
+async function grepBuiltin(args, allowedPaths) {
+  if (args.length === 0) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Usage: grep <pattern> [path] [--glob <filter>] [-i] [-n] [-C <num>]");
+  }
+  const positional = [];
+  const flags = [];
+  let i = 0;
+  while (i < args.length) {
+    const arg = args[i];
+    if (arg === "--glob" && args[i + 1]) {
+      flags.push("--glob", args[i + 1]);
+      i += 2;
+    } else if (arg === "--type" && args[i + 1]) {
+      flags.push("--type", args[i + 1]);
+      i += 2;
+    } else if (arg === "-C" && args[i + 1]) {
+      flags.push("-C", args[i + 1]);
+      i += 2;
+    } else if (arg === "-i" || arg === "-n" || arg === "-l") {
+      flags.push(arg);
+      i++;
+    } else {
+      positional.push(arg);
+      i++;
+    }
+  }
+  const pattern = positional[0];
+  if (!pattern) {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, "No search pattern provided");
+  }
+  const searchPath = positional[1] ?? ".";
+  const safePath = await validatePath(searchPath, allowedPaths);
+  try {
+    return await spawnGrep("rg", [pattern, safePath, "-n", ...flags]);
+  } catch {
+    try {
+      return await spawnGrep("grep", ["-rn", ...flags, pattern, safePath]);
+    } catch {
+      return jsGrep(pattern, safePath);
+    }
+  }
+}
+function spawnGrep(cmd, args) {
+  return new Promise((resolve2, reject) => {
+    const child = spawn(cmd, args, { shell: false, stdio: ["ignore", "pipe", "pipe"] });
+    const stdoutChunks = [];
+    const stderrChunks = [];
+    let totalSize = 0;
+    child.stdout.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize <= MAX_OUTPUT_SIZE) stdoutChunks.push(chunk);
+      else child.kill("SIGTERM");
+    });
+    child.stderr.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize <= MAX_OUTPUT_SIZE) stderrChunks.push(chunk);
+    });
+    child.on("error", () => reject(new Error(`${cmd} not available`)));
+    child.on("close", (exitCode) => {
+      resolve2({
+        stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+        stderr: Buffer.concat(stderrChunks).toString("utf8"),
+        exitCode: exitCode ?? 1
+      });
+    });
+  });
+}
+async function jsGrep(pattern, searchPath) {
+  let regex;
+  try {
+    regex = new RegExp(pattern);
+  } catch {
+    throw new GigaiError(ErrorCode.VALIDATION_ERROR, `Invalid pattern: ${pattern}`);
+  }
+  const results = [];
+  async function walk(dir) {
+    let entries;
+    try {
+      entries = await readdir(dir, { withFileTypes: true });
+    } catch {
+      return;
+    }
+    for (const entry of entries) {
+      if (results.length >= 500) return;
+      const fullPath = join(dir, entry.name);
+      if (entry.isDirectory()) {
+        if (!entry.name.startsWith(".") && entry.name !== "node_modules") {
+          await walk(fullPath);
+        }
+      } else {
+        try {
+          const content = await fsReadFile(fullPath, "utf8");
+          const lines = content.split("\n");
+          for (let i = 0; i < lines.length; i++) {
+            if (regex.test(lines[i])) {
+              results.push(`${relative(searchPath, fullPath)}:${i + 1}:${lines[i]}`);
+              if (results.length >= 500) return;
+            }
+          }
+        } catch {
+        }
+      }
+    }
+  }
+  await walk(searchPath);
+  return {
+    stdout: results.join("\n"),
+    stderr: results.length >= 500 ? "Results truncated at 500 matches" : "",
+    exitCode: results.length > 0 ? 0 : 1
+  };
+}
+function globToRegex(pattern) {
+  let regex = "";
+  let i = 0;
+  while (i < pattern.length) {
+    const c = pattern[i];
+    if (c === "*") {
+      if (pattern[i + 1] === "*") {
+        regex += ".*";
+        i += 2;
+        if (pattern[i] === "/") i++;
+      } else {
+        regex += "[^/]*";
+        i++;
+      }
+    } else if (c === "?") {
+      regex += "[^/]";
+      i++;
+    } else if (c === "{") {
+      const end = pattern.indexOf("}", i);
+      if (end !== -1) {
+        const options = pattern.slice(i + 1, end).split(",");
+        regex += `(?:${options.map(escapeRegex).join("|")})`;
+        i = end + 1;
+      } else {
+        regex += escapeRegex(c);
+        i++;
+      }
+    } else {
+      regex += escapeRegex(c);
+      i++;
+    }
+  }
+  return new RegExp(regex);
+}
+function escapeRegex(s) {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+
+export {
+  validatePath,
+  readFileSafe,
+  listDirSafe,
+  searchFilesSafe,
+  readBuiltin,
+  writeBuiltin,
+  editBuiltin,
+  globBuiltin,
+  grepBuiltin
+};

package/dist/chunk-O45SW2HC.js

@@ -0,0 +1,79 @@
+#!/usr/bin/env node
+import {
+  ErrorCode,
+  GigaiError
+} from "./chunk-P53UVHTF.js";
+
+// ../server/dist/chunk-C43LTZCK.mjs
+import { spawn } from "child_process";
+var SHELL_INTERPRETERS = /* @__PURE__ */ new Set([
+  "sh",
+  "bash",
+  "zsh",
+  "fish",
+  "csh",
+  "tcsh",
+  "dash",
+  "ksh",
+  "env",
+  "xargs",
+  "nohup",
+  "strace",
+  "ltrace"
+]);
+var MAX_OUTPUT_SIZE = 10 * 1024 * 1024;
+async function execCommandSafe(command, args, config) {
+  if (!config.allowlist.includes(command)) {
+    throw new GigaiError(
+      ErrorCode.COMMAND_NOT_ALLOWED,
+      `Command not in allowlist: ${command}. Allowed: ${config.allowlist.join(", ")}`
+    );
+  }
+  if (command === "sudo" && !config.allowSudo) {
+    throw new GigaiError(ErrorCode.COMMAND_NOT_ALLOWED, "sudo is not allowed");
+  }
+  if (SHELL_INTERPRETERS.has(command)) {
+    throw new GigaiError(
+      ErrorCode.COMMAND_NOT_ALLOWED,
+      `Shell interpreter not allowed: ${command}`
+    );
+  }
+  for (const arg of args) {
+    if (arg.includes("\0")) {
+      throw new GigaiError(ErrorCode.VALIDATION_ERROR, "Null byte in argument");
+    }
+  }
+  return new Promise((resolve, reject) => {
+    const child = spawn(command, args, {
+      shell: false,
+      stdio: ["ignore", "pipe", "pipe"]
+    });
+    const stdoutChunks = [];
+    const stderrChunks = [];
+    let totalSize = 0;
+    child.stdout.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize <= MAX_OUTPUT_SIZE) stdoutChunks.push(chunk);
+      else child.kill("SIGTERM");
+    });
+    child.stderr.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize <= MAX_OUTPUT_SIZE) stderrChunks.push(chunk);
+      else child.kill("SIGTERM");
+    });
+    child.on("error", (err) => {
+      reject(new GigaiError(ErrorCode.EXEC_FAILED, `Failed to spawn ${command}: ${err.message}`));
+    });
+    child.on("close", (exitCode) => {
+      resolve({
+        stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+        stderr: Buffer.concat(stderrChunks).toString("utf8"),
+        exitCode: exitCode ?? 1
+      });
+    });
+  });
+}
+
+export {
+  execCommandSafe
+};

package/dist/chunk-P53UVHTF.js

@@ -0,0 +1,269 @@
+#!/usr/bin/env node
+
+// ../shared/dist/index.mjs
+import { randomBytes, createCipheriv, createDecipheriv } from "crypto";
+import { z } from "zod";
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 12;
+var TAG_LENGTH = 16;
+function encrypt(payload, key) {
+  const keyBuffer = Buffer.from(key, "hex");
+  if (keyBuffer.length !== 32) {
+    throw new Error("Encryption key must be 32 bytes (64 hex chars)");
+  }
+  const iv = randomBytes(IV_LENGTH);
+  const cipher = createCipheriv(ALGORITHM, keyBuffer, iv, {
+    authTagLength: TAG_LENGTH
+  });
+  const plaintext = JSON.stringify(payload);
+  const encrypted = Buffer.concat([
+    cipher.update(plaintext, "utf8"),
+    cipher.final()
+  ]);
+  const tag = cipher.getAuthTag();
+  return {
+    iv: iv.toString("base64"),
+    ciphertext: encrypted.toString("base64"),
+    tag: tag.toString("base64")
+  };
+}
+function decrypt(encrypted, key) {
+  const keyBuffer = Buffer.from(key, "hex");
+  if (keyBuffer.length !== 32) {
+    throw new Error("Encryption key must be 32 bytes (64 hex chars)");
+  }
+  const iv = Buffer.from(encrypted.iv, "base64");
+  const ciphertext = Buffer.from(encrypted.ciphertext, "base64");
+  const tag = Buffer.from(encrypted.tag, "base64");
+  const decipher = createDecipheriv(ALGORITHM, keyBuffer, iv, {
+    authTagLength: TAG_LENGTH
+  });
+  decipher.setAuthTag(tag);
+  const decrypted = Buffer.concat([
+    decipher.update(ciphertext),
+    decipher.final()
+  ]);
+  return JSON.parse(decrypted.toString("utf8"));
+}
+function generateEncryptionKey() {
+  return randomBytes(32).toString("hex");
+}
+var ErrorCode = /* @__PURE__ */ ((ErrorCode2) => {
+  ErrorCode2["PAIRING_EXPIRED"] = "PAIRING_EXPIRED";
+  ErrorCode2["PAIRING_INVALID"] = "PAIRING_INVALID";
+  ErrorCode2["PAIRING_USED"] = "PAIRING_USED";
+  ErrorCode2["TOKEN_INVALID"] = "TOKEN_INVALID";
+  ErrorCode2["TOKEN_DECRYPT_FAILED"] = "TOKEN_DECRYPT_FAILED";
+  ErrorCode2["ORG_MISMATCH"] = "ORG_MISMATCH";
+  ErrorCode2["SESSION_EXPIRED"] = "SESSION_EXPIRED";
+  ErrorCode2["SESSION_INVALID"] = "SESSION_INVALID";
+  ErrorCode2["AUTH_REQUIRED"] = "AUTH_REQUIRED";
+  ErrorCode2["TOOL_NOT_FOUND"] = "TOOL_NOT_FOUND";
+  ErrorCode2["EXEC_TIMEOUT"] = "EXEC_TIMEOUT";
+  ErrorCode2["EXEC_FAILED"] = "EXEC_FAILED";
+  ErrorCode2["HTTPS_REQUIRED"] = "HTTPS_REQUIRED";
+  ErrorCode2["RATE_LIMITED"] = "RATE_LIMITED";
+  ErrorCode2["VALIDATION_ERROR"] = "VALIDATION_ERROR";
+  ErrorCode2["INTERNAL_ERROR"] = "INTERNAL_ERROR";
+  ErrorCode2["MCP_ERROR"] = "MCP_ERROR";
+  ErrorCode2["MCP_NOT_CONNECTED"] = "MCP_NOT_CONNECTED";
+  ErrorCode2["TRANSFER_NOT_FOUND"] = "TRANSFER_NOT_FOUND";
+  ErrorCode2["TRANSFER_EXPIRED"] = "TRANSFER_EXPIRED";
+  ErrorCode2["PATH_NOT_ALLOWED"] = "PATH_NOT_ALLOWED";
+  ErrorCode2["COMMAND_NOT_ALLOWED"] = "COMMAND_NOT_ALLOWED";
+  return ErrorCode2;
+})(ErrorCode || {});
+var STATUS_CODES = {
+  [
+    "PAIRING_EXPIRED"
+    /* PAIRING_EXPIRED */
+  ]: 410,
+  [
+    "PAIRING_INVALID"
+    /* PAIRING_INVALID */
+  ]: 400,
+  [
+    "PAIRING_USED"
+    /* PAIRING_USED */
+  ]: 409,
+  [
+    "TOKEN_INVALID"
+    /* TOKEN_INVALID */
+  ]: 401,
+  [
+    "TOKEN_DECRYPT_FAILED"
+    /* TOKEN_DECRYPT_FAILED */
+  ]: 401,
+  [
+    "ORG_MISMATCH"
+    /* ORG_MISMATCH */
+  ]: 403,
+  [
+    "SESSION_EXPIRED"
+    /* SESSION_EXPIRED */
+  ]: 401,
+  [
+    "SESSION_INVALID"
+    /* SESSION_INVALID */
+  ]: 401,
+  [
+    "AUTH_REQUIRED"
+    /* AUTH_REQUIRED */
+  ]: 401,
+  [
+    "TOOL_NOT_FOUND"
+    /* TOOL_NOT_FOUND */
+  ]: 404,
+  [
+    "EXEC_TIMEOUT"
+    /* EXEC_TIMEOUT */
+  ]: 408,
+  [
+    "EXEC_FAILED"
+    /* EXEC_FAILED */
+  ]: 500,
+  [
+    "HTTPS_REQUIRED"
+    /* HTTPS_REQUIRED */
+  ]: 403,
+  [
+    "RATE_LIMITED"
+    /* RATE_LIMITED */
+  ]: 429,
+  [
+    "VALIDATION_ERROR"
+    /* VALIDATION_ERROR */
+  ]: 400,
+  [
+    "INTERNAL_ERROR"
+    /* INTERNAL_ERROR */
+  ]: 500,
+  [
+    "MCP_ERROR"
+    /* MCP_ERROR */
+  ]: 502,
+  [
+    "MCP_NOT_CONNECTED"
+    /* MCP_NOT_CONNECTED */
+  ]: 503,
+  [
+    "TRANSFER_NOT_FOUND"
+    /* TRANSFER_NOT_FOUND */
+  ]: 404,
+  [
+    "TRANSFER_EXPIRED"
+    /* TRANSFER_EXPIRED */
+  ]: 410,
+  [
+    "PATH_NOT_ALLOWED"
+    /* PATH_NOT_ALLOWED */
+  ]: 403,
+  [
+    "COMMAND_NOT_ALLOWED"
+    /* COMMAND_NOT_ALLOWED */
+  ]: 403
+};
+var GigaiError = class extends Error {
+  code;
+  statusCode;
+  details;
+  constructor(code, message, details) {
+    super(message);
+    this.name = "GigaiError";
+    this.code = code;
+    this.statusCode = STATUS_CODES[code];
+    this.details = details;
+  }
+  toJSON() {
+    return {
+      error: {
+        code: this.code,
+        message: this.message,
+        ...this.details !== void 0 && { details: this.details }
+      }
+    };
+  }
+};
+var TailscaleHttpsConfigSchema = z.object({
+  provider: z.literal("tailscale"),
+  funnelPort: z.number().optional()
+});
+var CloudflareHttpsConfigSchema = z.object({
+  provider: z.literal("cloudflare"),
+  tunnelName: z.string(),
+  domain: z.string().optional()
+});
+var ManualHttpsConfigSchema = z.object({
+  provider: z.literal("manual"),
+  certPath: z.string(),
+  keyPath: z.string()
+});
+var HttpsConfigSchema = z.discriminatedUnion("provider", [
+  TailscaleHttpsConfigSchema,
+  CloudflareHttpsConfigSchema,
+  ManualHttpsConfigSchema
+]);
+var CliToolConfigSchema = z.object({
+  type: z.literal("cli"),
+  name: z.string(),
+  command: z.string(),
+  args: z.array(z.string()).optional(),
+  description: z.string(),
+  timeout: z.number().optional(),
+  cwd: z.string().optional(),
+  env: z.record(z.string()).optional()
+});
+var McpToolConfigSchema = z.object({
+  type: z.literal("mcp"),
+  name: z.string(),
+  command: z.string(),
+  args: z.array(z.string()).optional(),
+  description: z.string(),
+  env: z.record(z.string()).optional()
+});
+var ScriptToolConfigSchema = z.object({
+  type: z.literal("script"),
+  name: z.string(),
+  path: z.string(),
+  description: z.string(),
+  timeout: z.number().optional(),
+  interpreter: z.string().optional()
+});
+var BuiltinToolConfigSchema = z.object({
+  type: z.literal("builtin"),
+  name: z.string(),
+  builtin: z.enum(["filesystem", "shell", "read", "write", "edit", "glob", "grep", "bash"]),
+  description: z.string(),
+  config: z.record(z.unknown()).optional()
+});
+var ToolConfigSchema = z.discriminatedUnion("type", [
+  CliToolConfigSchema,
+  McpToolConfigSchema,
+  ScriptToolConfigSchema,
+  BuiltinToolConfigSchema
+]);
+var AuthConfigSchema = z.object({
+  encryptionKey: z.string().length(64),
+  pairingTtlSeconds: z.number().default(300),
+  sessionTtlSeconds: z.number().default(14400)
+});
+var ServerConfigSchema = z.object({
+  port: z.number().default(7443),
+  host: z.string().default("0.0.0.0"),
+  https: HttpsConfigSchema.optional()
+});
+var GigaiConfigSchema = z.object({
+  serverName: z.string().optional(),
+  server: ServerConfigSchema,
+  auth: AuthConfigSchema,
+  tools: z.array(ToolConfigSchema).default([])
+});
+
+export {
+  encrypt,
+  decrypt,
+  generateEncryptionKey,
+  ErrorCode,
+  GigaiError,
+  GigaiConfigSchema
+};