@tenux/cli 0.0.1

package/dist/chunk-P2FMWWKI.js

@@ -0,0 +1,625 @@
+// src/lib/config.ts
+import { existsSync, mkdirSync, readFileSync, writeFileSync, chmodSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+var CONFIG_DIR = join(homedir(), ".tenux");
+var CONFIG_FILE = join(CONFIG_DIR, "config.json");
+function getConfigPath() {
+  return CONFIG_FILE;
+}
+function configExists() {
+  return existsSync(CONFIG_FILE);
+}
+function loadConfig() {
+  if (!existsSync(CONFIG_FILE)) {
+    throw new Error(
+      "Not logged in. Run `tenux login` first."
+    );
+  }
+  const raw = readFileSync(CONFIG_FILE, "utf-8");
+  return JSON.parse(raw);
+}
+function saveConfig(config) {
+  if (!existsSync(CONFIG_DIR)) {
+    mkdirSync(CONFIG_DIR, { recursive: true, mode: 448 });
+  }
+  writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), {
+    encoding: "utf-8",
+    mode: 384
+    // owner read/write only — contains auth tokens
+  });
+  try {
+    chmodSync(CONFIG_FILE, 384);
+  } catch {
+  }
+}
+function updateConfig(partial) {
+  const config = loadConfig();
+  const updated = { ...config, ...partial };
+  saveConfig(updated);
+  return updated;
+}
+
+// src/lib/supabase.ts
+import { createClient } from "@supabase/supabase-js";
+var client = null;
+function getSupabase() {
+  if (client) return client;
+  const config = loadConfig();
+  client = createClient(config.supabaseUrl, config.supabaseAnonKey, {
+    auth: {
+      persistSession: false,
+      autoRefreshToken: true
+    }
+  });
+  if (config.accessToken && config.refreshToken) {
+    client.auth.setSession({
+      access_token: config.accessToken,
+      refresh_token: config.refreshToken
+    });
+  }
+  return client;
+}
+function resetSupabase() {
+  client = null;
+}
+
+// src/lib/relay.ts
+import chalk from "chalk";
+var Relay = class {
+  supabase;
+  channel = null;
+  handlers = /* @__PURE__ */ new Map();
+  deviceId;
+  constructor(supabase) {
+    this.supabase = supabase;
+    this.deviceId = loadConfig().deviceId;
+  }
+  /**
+   * Register a handler for a command type (e.g., "git.clone", "claude.query").
+   */
+  on(type, handler) {
+    this.handlers.set(type, handler);
+    return this;
+  }
+  /**
+   * Start listening for commands.
+   */
+  async start() {
+    await this.processPending();
+    this.channel = this.supabase.channel(`commands:${this.deviceId}`).on(
+      "postgres_changes",
+      {
+        event: "INSERT",
+        schema: "public",
+        table: "commands",
+        filter: `device_id=eq.${this.deviceId}`
+      },
+      (payload) => {
+        const command = payload.new;
+        this.dispatch(command);
+      }
+    ).subscribe((status) => {
+      if (status === "SUBSCRIBED") {
+        console.log(chalk.green("\u2713"), "Listening for commands");
+      }
+    });
+  }
+  /**
+   * Stop listening.
+   */
+  async stop() {
+    if (this.channel) {
+      await this.supabase.removeChannel(this.channel);
+      this.channel = null;
+    }
+  }
+  /**
+   * Process any commands that arrived while the agent was offline.
+   */
+  async processPending() {
+    const { data: pending } = await this.supabase.from("commands").select("*").eq("device_id", this.deviceId).eq("status", "pending").order("created_at", { ascending: true });
+    if (pending && pending.length > 0) {
+      console.log(
+        chalk.yellow("\u26A1"),
+        `Processing ${pending.length} pending command(s)`
+      );
+      for (const cmd of pending) {
+        await this.dispatch(cmd);
+      }
+    }
+  }
+  /**
+   * Dispatch a command to the appropriate handler.
+   */
+  async dispatch(command) {
+    const handler = this.handlers.get(command.type);
+    if (!handler) {
+      console.log(
+        chalk.red("\u2717"),
+        `Unknown command type: ${command.type}`
+      );
+      await this.supabase.from("commands").update({
+        status: "error",
+        result: { error: `Unknown command type: ${command.type}` },
+        completed_at: (/* @__PURE__ */ new Date()).toISOString()
+      }).eq("id", command.id);
+      return;
+    }
+    console.log(
+      chalk.blue("\u2192"),
+      `${command.type}`,
+      chalk.dim(command.id.slice(0, 8))
+    );
+    await this.supabase.from("commands").update({ status: "running" }).eq("id", command.id);
+    try {
+      await handler(command, this.supabase);
+      const { data: current } = await this.supabase.from("commands").select("status").eq("id", command.id).single();
+      if (current?.status === "running") {
+        await this.supabase.from("commands").update({
+          status: "done",
+          completed_at: (/* @__PURE__ */ new Date()).toISOString()
+        }).eq("id", command.id);
+      }
+      console.log(
+        chalk.green("\u2713"),
+        `${command.type}`,
+        chalk.dim(command.id.slice(0, 8))
+      );
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      console.log(
+        chalk.red("\u2717"),
+        `${command.type}: ${message}`
+      );
+      await this.supabase.from("commands").update({
+        status: "error",
+        result: { error: message },
+        completed_at: (/* @__PURE__ */ new Date()).toISOString()
+      }).eq("id", command.id);
+    }
+  }
+};
+
+// src/handlers/git.ts
+import { spawn } from "child_process";
+import { existsSync as existsSync2, mkdirSync as mkdirSync2 } from "fs";
+import { join as join2 } from "path";
+function runGit(args, cwd) {
+  return new Promise((resolve5, reject) => {
+    const child = spawn("git", args, {
+      cwd,
+      shell: false,
+      stdio: ["ignore", "pipe", "pipe"]
+    });
+    let stdout = "";
+    let stderr = "";
+    child.stdout.on("data", (d) => stdout += d.toString());
+    child.stderr.on("data", (d) => stderr += d.toString());
+    child.on("close", (code) => {
+      if (code === 0) resolve5({ stdout, stderr });
+      else reject(new Error(`git ${args[0]} failed (exit ${code}): ${stderr || stdout}`));
+    });
+    child.on("error", reject);
+  });
+}
+async function handleGitClone(command, supabase) {
+  const { url, name, project_id } = command.payload;
+  if (!url) throw new Error("url is required");
+  const config = loadConfig();
+  const projectsDir = config.projectsDir;
+  if (!existsSync2(projectsDir)) {
+    mkdirSync2(projectsDir, { recursive: true });
+  }
+  const repoName = name ?? url.replace(/\.git$/, "").split("/").pop() ?? "project";
+  const targetDir = join2(projectsDir, repoName);
+  if (existsSync2(targetDir)) {
+    throw new Error(`Directory already exists: ${targetDir}`);
+  }
+  if (project_id) {
+    await supabase.from("projects").update({ status: "cloning" }).eq("id", project_id);
+  }
+  await runGit(["clone", url, targetDir]);
+  const pm = detectPackageManager(targetDir);
+  if (pm && project_id) {
+    await supabase.from("projects").update({ status: "installing", package_manager: pm }).eq("id", project_id);
+    await installDeps(pm, targetDir);
+  }
+  if (project_id) {
+    await supabase.from("projects").update({
+      status: "ready",
+      local_path: targetDir,
+      package_manager: pm,
+      error_message: null
+    }).eq("id", project_id);
+  }
+  await supabase.from("commands").update({
+    status: "done",
+    result: { path: targetDir, package_manager: pm },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+async function handleGitStatus(command, supabase) {
+  const { path } = command.payload;
+  if (!path) throw new Error("path is required");
+  const { stdout } = await runGit(["status", "--porcelain"], path);
+  const { stdout: branch } = await runGit(
+    ["rev-parse", "--abbrev-ref", "HEAD"],
+    path
+  );
+  await supabase.from("commands").update({
+    status: "done",
+    result: {
+      branch: branch.trim(),
+      changes: stdout.trim().split("\n").filter(Boolean),
+      clean: stdout.trim() === ""
+    },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+async function handleGitPull(command, supabase) {
+  const { path } = command.payload;
+  if (!path) throw new Error("path is required");
+  const { stdout } = await runGit(["pull"], path);
+  await supabase.from("commands").update({
+    status: "done",
+    result: { output: stdout.trim() },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+var LOCKFILE_MAP = {
+  "package-lock.json": "npm",
+  "yarn.lock": "yarn",
+  "pnpm-lock.yaml": "pnpm",
+  "bun.lockb": "bun",
+  "requirements.txt": "pip",
+  "go.mod": "go",
+  "Cargo.toml": "cargo"
+};
+function detectPackageManager(projectPath) {
+  for (const [file, pm] of Object.entries(LOCKFILE_MAP)) {
+    if (existsSync2(join2(projectPath, file))) return pm;
+  }
+  if (existsSync2(join2(projectPath, "package.json"))) return "npm";
+  return null;
+}
+var INSTALL_COMMANDS = {
+  npm: ["npm", ["install"]],
+  yarn: ["yarn", ["install"]],
+  pnpm: ["pnpm", ["install"]],
+  bun: ["bun", ["install"]],
+  pip: ["pip", ["install", "-r", "requirements.txt"]],
+  go: ["go", ["mod", "download"]],
+  cargo: ["cargo", ["fetch"]]
+};
+function installDeps(pm, cwd) {
+  const [cmd, args] = INSTALL_COMMANDS[pm] ?? [pm, ["install"]];
+  return new Promise((resolve5, reject) => {
+    const child = spawn(cmd, args, { cwd, shell: true, stdio: "ignore" });
+    const timeout = setTimeout(() => {
+      child.kill("SIGTERM");
+      reject(new Error(`Install timed out after 10 minutes`));
+    }, 10 * 60 * 1e3);
+    child.on("close", (code) => {
+      clearTimeout(timeout);
+      if (code === 0) resolve5();
+      else reject(new Error(`${pm} install failed (exit ${code})`));
+    });
+    child.on("error", (err) => {
+      clearTimeout(timeout);
+      reject(err);
+    });
+  });
+}
+
+// src/handlers/fs.ts
+import { existsSync as existsSync3, mkdirSync as mkdirSync3, readFileSync as readFileSync2, writeFileSync as writeFileSync2, readdirSync, statSync, realpathSync } from "fs";
+import { rm } from "fs/promises";
+import { join as join3, resolve as resolve2, extname } from "path";
+function validatePath(filePath) {
+  const config = loadConfig();
+  const resolved = resolve2(filePath);
+  const projectsDir = resolve2(config.projectsDir);
+  if (!resolved.startsWith(projectsDir)) {
+    throw new Error(`Access denied: path is outside projects directory`);
+  }
+  if (existsSync3(resolved)) {
+    const realPath = realpathSync(resolved);
+    const realProjectsDir = realpathSync(projectsDir);
+    if (!realPath.startsWith(realProjectsDir)) {
+      throw new Error(`Access denied: symlink points outside projects directory`);
+    }
+  }
+  return resolved;
+}
+async function handleFsRead(command, supabase) {
+  const { path, encoding = "utf-8" } = command.payload;
+  const resolved = validatePath(path);
+  if (!existsSync3(resolved)) {
+    throw new Error(`File not found: ${path}`);
+  }
+  const content = readFileSync2(resolved, encoding);
+  await supabase.from("commands").update({
+    status: "done",
+    result: { content, size: Buffer.byteLength(content) },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+async function handleFsWrite(command, supabase) {
+  const { path, content } = command.payload;
+  const resolved = validatePath(path);
+  const dir = resolve2(resolved, "..");
+  if (!existsSync3(dir)) {
+    mkdirSync3(dir, { recursive: true });
+  }
+  writeFileSync2(resolved, content, "utf-8");
+  await supabase.from("commands").update({
+    status: "done",
+    result: { path: resolved, size: Buffer.byteLength(content) },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+async function handleFsList(command, supabase) {
+  const { path, recursive = false } = command.payload;
+  const resolved = validatePath(path);
+  if (!existsSync3(resolved)) {
+    throw new Error(`Directory not found: ${path}`);
+  }
+  const entries = listDir(resolved, recursive);
+  await supabase.from("commands").update({
+    status: "done",
+    result: { entries, count: entries.length },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+async function handleFsDelete(command, supabase) {
+  const { path } = command.payload;
+  const resolved = validatePath(path);
+  if (!existsSync3(resolved)) {
+    throw new Error(`Path not found: ${path}`);
+  }
+  await rm(resolved, { recursive: true, force: true });
+  await supabase.from("commands").update({
+    status: "done",
+    result: { deleted: resolved },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+function listDir(dirPath, recursive, maxDepth = 3, depth = 0) {
+  const entries = [];
+  try {
+    const items = readdirSync(dirPath);
+    for (const item of items) {
+      if (item === "node_modules" || item === ".git" || item === ".next") continue;
+      const fullPath = join3(dirPath, item);
+      try {
+        const stat = statSync(fullPath);
+        const entry = {
+          name: item,
+          path: fullPath,
+          type: stat.isDirectory() ? "directory" : "file",
+          size: stat.size,
+          ext: stat.isFile() ? extname(item) : ""
+        };
+        entries.push(entry);
+        if (recursive && stat.isDirectory() && depth < maxDepth) {
+          entries.push(...listDir(fullPath, true, maxDepth, depth + 1));
+        }
+      } catch {
+      }
+    }
+  } catch {
+  }
+  return entries;
+}
+
+// src/handlers/terminal.ts
+import { spawn as spawn2 } from "child_process";
+import { resolve as resolve3 } from "path";
+var activeProcesses = /* @__PURE__ */ new Map();
+async function handleTerminalExec(command, supabase) {
+  const { cmd, args = [], cwd, timeout = 3e5 } = command.payload;
+  if (!cmd) throw new Error("cmd is required");
+  const config = loadConfig();
+  const workDir = cwd ? resolve3(config.projectsDir, cwd) : config.projectsDir;
+  let seq = 0;
+  const batchInterval = 100;
+  let batch = [];
+  const flushBatch = async () => {
+    if (batch.length === 0) return;
+    const toInsert = [...batch];
+    batch = [];
+    await supabase.from("command_stream").insert(toInsert);
+  };
+  const batchTimer = setInterval(flushBatch, batchInterval);
+  return new Promise((resolvePromise, reject) => {
+    const child = spawn2(cmd, args, {
+      cwd: workDir,
+      shell: true,
+      stdio: ["ignore", "pipe", "pipe"]
+    });
+    activeProcesses.set(command.id, child);
+    const timer = setTimeout(() => {
+      child.kill("SIGTERM");
+      reject(new Error(`Command timed out after ${timeout}ms`));
+    }, timeout);
+    child.stdout?.on("data", (data) => {
+      batch.push({
+        command_id: command.id,
+        seq: seq++,
+        type: "stdout",
+        data: { text: data.toString() }
+      });
+    });
+    child.stderr?.on("data", (data) => {
+      batch.push({
+        command_id: command.id,
+        seq: seq++,
+        type: "stderr",
+        data: { text: data.toString() }
+      });
+    });
+    child.on("close", async (code) => {
+      clearTimeout(timer);
+      clearInterval(batchTimer);
+      activeProcesses.delete(command.id);
+      batch.push({
+        command_id: command.id,
+        seq: seq++,
+        type: "done",
+        data: { exit_code: code }
+      });
+      await flushBatch();
+      await supabase.from("commands").update({
+        status: code === 0 ? "done" : "error",
+        result: { exit_code: code },
+        completed_at: (/* @__PURE__ */ new Date()).toISOString()
+      }).eq("id", command.id);
+      resolvePromise();
+    });
+    child.on("error", async (err) => {
+      clearTimeout(timer);
+      clearInterval(batchTimer);
+      activeProcesses.delete(command.id);
+      reject(err);
+    });
+  });
+}
+async function handleTerminalKill(command, supabase) {
+  const { command_id } = command.payload;
+  const process2 = activeProcesses.get(command_id);
+  if (process2) {
+    process2.kill("SIGTERM");
+    activeProcesses.delete(command_id);
+  }
+  await supabase.from("commands").update({
+    status: "done",
+    result: { killed: !!process2 },
+    completed_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", command.id);
+}
+
+// src/handlers/claude.ts
+import { spawn as spawn3 } from "child_process";
+import { resolve as resolve4 } from "path";
+async function handleClaudeQuery(command, supabase) {
+  const {
+    prompt,
+    project_path,
+    model
+  } = command.payload;
+  if (!prompt) throw new Error("prompt is required");
+  const config = loadConfig();
+  const cwd = project_path ? resolve4(config.projectsDir, project_path) : config.projectsDir;
+  const args = [
+    "--print",
+    // non-interactive
+    "--output-format",
+    "stream-json"
+    // structured streaming output
+  ];
+  if (model) args.push("--model", model);
+  args.push("-p", prompt);
+  const proc = spawn3("claude", args, {
+    cwd,
+    shell: true,
+    env: { ...process.env },
+    // inherits Claude auth from ~/.claude
+    stdio: ["pipe", "pipe", "pipe"]
+  });
+  let seq = 0;
+  let batch = [];
+  const batchInterval = 100;
+  const flushBatch = async () => {
+    if (batch.length === 0) return;
+    const toInsert = [...batch];
+    batch = [];
+    await supabase.from("command_stream").insert(toInsert);
+  };
+  const batchTimer = setInterval(flushBatch, batchInterval);
+  let buffer = "";
+  proc.stdout.on("data", (chunk) => {
+    buffer += chunk.toString();
+    const lines = buffer.split("\n");
+    buffer = lines.pop() || "";
+    for (const line of lines) {
+      if (!line.trim()) continue;
+      try {
+        const event = JSON.parse(line);
+        batch.push({
+          command_id: command.id,
+          seq: seq++,
+          type: event.type || "assistant",
+          data: event
+        });
+      } catch {
+        batch.push({
+          command_id: command.id,
+          seq: seq++,
+          type: "stdout",
+          data: { text: line }
+        });
+      }
+    }
+  });
+  proc.stderr.on("data", (chunk) => {
+    batch.push({
+      command_id: command.id,
+      seq: seq++,
+      type: "stderr",
+      data: { text: chunk.toString() }
+    });
+  });
+  return new Promise((promiseResolve, reject) => {
+    proc.on("close", async (exitCode) => {
+      if (buffer.trim()) {
+        batch.push({
+          command_id: command.id,
+          seq: seq++,
+          type: "stdout",
+          data: { text: buffer }
+        });
+      }
+      batch.push({
+        command_id: command.id,
+        seq: seq++,
+        type: "done",
+        data: { exit_code: exitCode }
+      });
+      clearInterval(batchTimer);
+      await flushBatch();
+      await supabase.from("commands").update({
+        status: exitCode === 0 ? "done" : "error",
+        result: { exit_code: exitCode },
+        completed_at: (/* @__PURE__ */ new Date()).toISOString()
+      }).eq("id", command.id);
+      promiseResolve();
+    });
+    proc.on("error", async (err) => {
+      clearInterval(batchTimer);
+      await flushBatch();
+      reject(err);
+    });
+  });
+}
+
+export {
+  getConfigPath,
+  configExists,
+  loadConfig,
+  saveConfig,
+  updateConfig,
+  getSupabase,
+  resetSupabase,
+  Relay,
+  handleGitClone,
+  handleGitStatus,
+  handleGitPull,
+  handleFsRead,
+  handleFsWrite,
+  handleFsList,
+  handleFsDelete,
+  handleTerminalExec,
+  handleTerminalKill,
+  handleClaudeQuery
+};

package/dist/cli.d.ts

@@ -0,0 +1 @@
+#!/usr/bin/env node

package/dist/cli.js

@@ -0,0 +1,339 @@
+#!/usr/bin/env node
+import {
+  Relay,
+  configExists,
+  getConfigPath,
+  getSupabase,
+  handleClaudeQuery,
+  handleFsDelete,
+  handleFsList,
+  handleFsRead,
+  handleFsWrite,
+  handleGitClone,
+  handleGitPull,
+  handleGitStatus,
+  handleTerminalExec,
+  handleTerminalKill,
+  loadConfig,
+  saveConfig,
+  updateConfig
+} from "./chunk-P2FMWWKI.js";
+
+// src/cli.ts
+import { Command } from "commander";
+import chalk from "chalk";
+import { hostname } from "os";
+import { homedir } from "os";
+import { join } from "path";
+import { existsSync } from "fs";
+import { execSync } from "child_process";
+import { createClient } from "@supabase/supabase-js";
+var program = new Command();
+program.name("tenux").description("Tenux desktop agent \u2014 bridges your machine to the Tenux mobile IDE").version("0.0.1");
+function detectClaudeCode() {
+  let installed = false;
+  try {
+    if (process.platform === "win32") {
+      execSync("where claude", { stdio: "ignore" });
+    } else {
+      execSync("which claude", { stdio: "ignore" });
+    }
+    installed = true;
+  } catch {
+    installed = false;
+  }
+  const authenticated = existsSync(join(homedir(), ".claude"));
+  return { installed, authenticated };
+}
+async function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+program.command("login").description("Authenticate with Tenux via browser-based device auth").option("--url <url>", "Tenux app URL").action(async (opts) => {
+  console.log(chalk.bold("\n  tenux"), chalk.dim("desktop agent\n"));
+  const appUrl = (opts.url ?? process.env.TENUX_APP_URL ?? "http://localhost:3000").replace(/\/+$/, "");
+  console.log(chalk.dim("  App:"), appUrl);
+  const deviceName = hostname();
+  const platform = process.platform;
+  console.log(chalk.dim("  Device:"), deviceName);
+  console.log(chalk.dim("  Platform:"), platform);
+  console.log();
+  console.log(chalk.dim("  Requesting device code..."));
+  let code;
+  let expiresAt;
+  let supabaseUrl;
+  let supabaseAnonKey;
+  try {
+    const res = await fetch(`${appUrl}/api/auth/device/create`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        device_name: deviceName,
+        platform,
+        hostname: hostname()
+      })
+    });
+    if (!res.ok) {
+      const text = await res.text();
+      console.log(chalk.red("  \u2717"), `Failed to get device code: ${res.status} ${text}`);
+      process.exit(1);
+    }
+    const data = await res.json();
+    code = data.code;
+    expiresAt = data.expires_at;
+    supabaseUrl = data.supabase_url;
+    supabaseAnonKey = data.supabase_anon_key;
+  } catch (err) {
+    console.log(
+      chalk.red("  \u2717"),
+      `Could not reach ${appUrl}: ${err instanceof Error ? err.message : String(err)}`
+    );
+    process.exit(1);
+  }
+  console.log();
+  console.log(chalk.bold.cyan(`  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510`));
+  console.log(chalk.bold.cyan(`  \u2502                         \u2502`));
+  console.log(chalk.bold.cyan(`  \u2502   Code: ${chalk.white.bold(code)}   \u2502`));
+  console.log(chalk.bold.cyan(`  \u2502                         \u2502`));
+  console.log(chalk.bold.cyan(`  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518`));
+  console.log();
+  const linkUrl = `${appUrl}/link?code=${code}`;
+  console.log(chalk.dim("  Opening browser to:"), chalk.underline(linkUrl));
+  try {
+    const open = (await import("open")).default;
+    await open(linkUrl);
+  } catch {
+    console.log(chalk.yellow("  !"), "Could not open browser automatically.");
+    console.log(chalk.dim("    Open this URL manually:"), chalk.underline(linkUrl));
+  }
+  console.log();
+  const dots = ["\u280B", "\u2819", "\u2839", "\u2838", "\u283C", "\u2834", "\u2826", "\u2827", "\u2807", "\u280F"];
+  let dotIndex = 0;
+  let approved = false;
+  let hashedToken = "";
+  let deviceId = "";
+  let userId = "";
+  const expiresTime = new Date(expiresAt).getTime();
+  while (!approved) {
+    if (Date.now() > expiresTime) {
+      console.log(chalk.red("\n  \u2717"), "Device code expired. Please run `tenux login` again.");
+      process.exit(1);
+    }
+    process.stdout.write(
+      `\r  ${chalk.cyan(dots[dotIndex % dots.length])} Waiting for approval...`
+    );
+    dotIndex++;
+    await sleep(2e3);
+    try {
+      const res = await fetch(`${appUrl}/api/auth/device/poll`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ code })
+      });
+      if (!res.ok) continue;
+      const data = await res.json();
+      if (data.status === "approved" && data.token_hash) {
+        hashedToken = data.token_hash;
+        deviceId = data.device_id || "";
+        userId = data.user_id || "";
+        approved = true;
+      } else if (data.status === "expired") {
+        console.log(chalk.red("\n  \u2717"), "Device code expired. Please run `tenux login` again.");
+        process.exit(1);
+      }
+    } catch {
+    }
+  }
+  process.stdout.write("\r" + " ".repeat(60) + "\r");
+  console.log(chalk.green("  \u2713"), "Device approved!");
+  console.log();
+  console.log(chalk.dim("  Exchanging token for session..."));
+  let accessToken = "";
+  let refreshToken = "";
+  try {
+    const tempClient = createClient(supabaseUrl, supabaseAnonKey, {
+      auth: { persistSession: false, autoRefreshToken: false }
+    });
+    const { data: session, error } = await tempClient.auth.verifyOtp({
+      token_hash: hashedToken,
+      type: "magiclink"
+    });
+    if (error) {
+      console.log(chalk.red("  \u2717"), `Auth failed: ${error.message}`);
+      process.exit(1);
+    }
+    if (!session.session) {
+      console.log(chalk.red("  \u2717"), "No session returned from auth exchange.");
+      process.exit(1);
+    }
+    accessToken = session.session.access_token;
+    refreshToken = session.session.refresh_token;
+    userId = session.session.user?.id || userId;
+  } catch (err) {
+    console.log(
+      chalk.red("  \u2717"),
+      `Token exchange failed: ${err instanceof Error ? err.message : String(err)}`
+    );
+    process.exit(1);
+  }
+  console.log(chalk.green("  \u2713"), "Session established.");
+  const config = {
+    appUrl,
+    supabaseUrl,
+    supabaseAnonKey,
+    accessToken,
+    refreshToken,
+    deviceId,
+    deviceName,
+    userId,
+    projectsDir: join(homedir(), "tenux-projects")
+  };
+  saveConfig(config);
+  console.log(chalk.green("  \u2713"), "Config saved to", chalk.dim(getConfigPath()));
+  console.log();
+  const claude = detectClaudeCode();
+  if (claude.installed) {
+    console.log(chalk.green("  \u2713"), "Claude Code detected");
+    if (claude.authenticated) {
+      console.log(chalk.green("  \u2713"), "Claude Code authenticated (~/.claude exists)");
+    } else {
+      console.log(
+        chalk.yellow("  !"),
+        "Claude Code found but ~/.claude not detected.",
+        chalk.dim("Run `claude login` to authenticate.")
+      );
+    }
+  } else {
+    console.log(chalk.yellow("  !"), "Claude Code not found.");
+    console.log(
+      chalk.dim("    Install it:"),
+      chalk.underline("https://docs.anthropic.com/en/docs/claude-code")
+    );
+    console.log(
+      chalk.dim("    Then run:"),
+      chalk.cyan("claude login")
+    );
+  }
+  console.log();
+  console.log(chalk.dim("  Device:"), deviceName);
+  console.log(chalk.dim("  Device ID:"), deviceId);
+  console.log(chalk.dim("  User ID:"), userId);
+  console.log(chalk.dim("  Projects:"), config.projectsDir);
+  console.log();
+  console.log(
+    chalk.dim("  Next: start the agent:"),
+    chalk.cyan("tenux start")
+  );
+  console.log();
+});
+program.command("start").description("Start the agent and listen for commands").action(async () => {
+  if (!configExists()) {
+    console.log(chalk.red("\u2717"), "Not logged in. Run `tenux login` first.");
+    process.exit(1);
+  }
+  const config = loadConfig();
+  console.log(chalk.bold("\n  tenux"), chalk.dim("desktop agent\n"));
+  console.log(chalk.dim("  Device:"), config.deviceName);
+  console.log(chalk.dim("  Projects:"), config.projectsDir);
+  console.log();
+  const supabase = getSupabase();
+  await supabase.from("devices").update({
+    name: config.deviceName,
+    is_online: true,
+    last_seen_at: (/* @__PURE__ */ new Date()).toISOString()
+  }).eq("id", config.deviceId);
+  const heartbeat = setInterval(async () => {
+    await supabase.from("devices").update({ last_seen_at: (/* @__PURE__ */ new Date()).toISOString(), is_online: true }).eq("id", config.deviceId);
+  }, 3e4);
+  const relay = new Relay(supabase);
+  relay.on("git.clone", handleGitClone).on("git.status", handleGitStatus).on("git.pull", handleGitPull).on("fs.read", handleFsRead).on("fs.write", handleFsWrite).on("fs.list", handleFsList).on("fs.delete", handleFsDelete).on("terminal.exec", handleTerminalExec).on("terminal.kill", handleTerminalKill).on("claude.query", handleClaudeQuery);
+  await relay.start();
+  console.log(chalk.green("  \u2713"), "Agent running. Press Ctrl+C to stop.\n");
+  const shutdown = async () => {
+    console.log(chalk.dim("\n  Shutting down..."));
+    clearInterval(heartbeat);
+    await relay.stop();
+    await supabase.from("devices").update({ is_online: false }).eq("id", config.deviceId);
+    process.exit(0);
+  };
+  process.on("SIGINT", shutdown);
+  process.on("SIGTERM", shutdown);
+});
+program.command("status").description("Show agent configuration and status").action(() => {
+  if (!configExists()) {
+    console.log(chalk.red("\u2717"), "Not configured. Run `tenux login` first.");
+    process.exit(1);
+  }
+  const config = loadConfig();
+  const claude = detectClaudeCode();
+  console.log(chalk.bold("\n  tenux"), chalk.dim("agent status\n"));
+  console.log(chalk.dim("  Config:"), getConfigPath());
+  console.log(chalk.dim("  App URL:"), config.appUrl);
+  console.log(chalk.dim("  Device:"), config.deviceName);
+  console.log(chalk.dim("  Device ID:"), config.deviceId);
+  console.log(chalk.dim("  User ID:"), config.userId);
+  console.log(chalk.dim("  Supabase:"), config.supabaseUrl);
+  console.log(chalk.dim("  Projects:"), config.projectsDir);
+  console.log(
+    chalk.dim("  Auth:"),
+    config.accessToken ? chalk.green("authenticated") : chalk.yellow("not authenticated")
+  );
+  console.log(
+    chalk.dim("  Claude Code:"),
+    claude.installed ? chalk.green("installed") : chalk.yellow("not installed")
+  );
+  if (claude.installed) {
+    console.log(
+      chalk.dim("  Claude Auth:"),
+      claude.authenticated ? chalk.green("yes (~/.claude exists)") : chalk.yellow("not authenticated")
+    );
+  }
+  console.log();
+});
+var configCmd = program.command("config").description("Manage agent configuration");
+configCmd.command("set <key> <value>").description("Set a config value").action((key, value) => {
+  if (!configExists()) {
+    console.log(chalk.red("\u2717"), "Not configured. Run `tenux login` first.");
+    process.exit(1);
+  }
+  const keyMap = {
+    "projects-dir": "projectsDir",
+    "device-name": "deviceName",
+    "app-url": "appUrl"
+  };
+  const configKey = keyMap[key];
+  if (!configKey) {
+    console.log(
+      chalk.red("\u2717"),
+      `Unknown config key: ${key}. Valid keys: ${Object.keys(keyMap).join(", ")}`
+    );
+    process.exit(1);
+  }
+  updateConfig({ [configKey]: value });
+  console.log(chalk.green("\u2713"), `Set ${key}`);
+});
+configCmd.command("get <key>").description("Get a config value").action((key) => {
+  if (!configExists()) {
+    console.log(chalk.red("\u2717"), "Not configured. Run `tenux login` first.");
+    process.exit(1);
+  }
+  const config = loadConfig();
+  const keyMap = {
+    "projects-dir": "projectsDir",
+    "device-name": "deviceName",
+    "device-id": "deviceId",
+    "supabase-url": "supabaseUrl",
+    "app-url": "appUrl",
+    "user-id": "userId"
+  };
+  const configKey = keyMap[key];
+  if (!configKey) {
+    console.log(
+      chalk.red("\u2717"),
+      `Unknown key: ${key}. Valid keys: ${Object.keys(keyMap).join(", ")}`
+    );
+    process.exit(1);
+  }
+  const val = config[configKey];
+  console.log(val ?? chalk.dim("(not set)"));
+});
+program.parse();

package/dist/index.d.ts

@@ -0,0 +1,134 @@
+import { SupabaseClient } from '@supabase/supabase-js';
+
+/**
+ * Relay — Supabase Realtime subscription for incoming commands.
+ *
+ * Listens to INSERT events on the `commands` table filtered by device_id.
+ * Dispatches each command to the appropriate handler.
+ */
+
+interface Command {
+    id: string;
+    user_id: string;
+    device_id: string;
+    type: string;
+    payload: Record<string, unknown>;
+    status: string;
+    result: Record<string, unknown> | null;
+    created_at: string;
+    completed_at: string | null;
+}
+type CommandHandler = (command: Command, supabase: SupabaseClient) => Promise<void>;
+declare class Relay {
+    private supabase;
+    private channel;
+    private handlers;
+    private deviceId;
+    constructor(supabase: SupabaseClient);
+    /**
+     * Register a handler for a command type (e.g., "git.clone", "claude.query").
+     */
+    on(type: string, handler: CommandHandler): this;
+    /**
+     * Start listening for commands.
+     */
+    start(): Promise<void>;
+    /**
+     * Stop listening.
+     */
+    stop(): Promise<void>;
+    /**
+     * Process any commands that arrived while the agent was offline.
+     */
+    private processPending;
+    /**
+     * Dispatch a command to the appropriate handler.
+     */
+    private dispatch;
+}
+
+/**
+ * Supabase client for the agent — authenticated as the user.
+ */
+
+declare function getSupabase(): SupabaseClient;
+/**
+ * Reset the client (e.g., after token refresh).
+ */
+declare function resetSupabase(): void;
+
+/**
+ * Agent configuration — stored at ~/.tenux/config.json
+ *
+ * Created during `tenux login`, read on every `tenux start`.
+ */
+interface AgentConfig {
+    /** Tenux web app URL (e.g. "https://tenux.dev" or "http://localhost:3000") */
+    appUrl: string;
+    /** Supabase project URL */
+    supabaseUrl: string;
+    /** Supabase anon key (publishable) */
+    supabaseAnonKey: string;
+    /** User's JWT from device auth */
+    accessToken: string;
+    /** Refresh token */
+    refreshToken: string;
+    /** This device's UUID */
+    deviceId: string;
+    /** Device display name */
+    deviceName: string;
+    /** User ID */
+    userId: string;
+    /** Base directory for cloned projects */
+    projectsDir: string;
+}
+declare function configExists(): boolean;
+declare function loadConfig(): AgentConfig;
+declare function saveConfig(config: AgentConfig): void;
+declare function updateConfig(partial: Partial<AgentConfig>): AgentConfig;
+
+/**
+ * Git command handlers — clone, status, pull, push, branch operations.
+ */
+
+/** git.clone — Clone a repository into the projects directory */
+declare function handleGitClone(command: Command, supabase: SupabaseClient): Promise<void>;
+/** git.status — Get status of a project repo */
+declare function handleGitStatus(command: Command, supabase: SupabaseClient): Promise<void>;
+/** git.pull — Pull latest changes */
+declare function handleGitPull(command: Command, supabase: SupabaseClient): Promise<void>;
+
+/**
+ * Filesystem command handlers — read, write, list, mkdir.
+ */
+
+/** fs.read — Read a file's contents */
+declare function handleFsRead(command: Command, supabase: SupabaseClient): Promise<void>;
+/** fs.write — Write content to a file */
+declare function handleFsWrite(command: Command, supabase: SupabaseClient): Promise<void>;
+/** fs.list — List directory contents */
+declare function handleFsList(command: Command, supabase: SupabaseClient): Promise<void>;
+/** fs.delete — Delete a file or directory */
+declare function handleFsDelete(command: Command, supabase: SupabaseClient): Promise<void>;
+
+/**
+ * Terminal command handler — execute commands and stream output
+ * back through Supabase Realtime via command_stream table.
+ */
+
+/** terminal.exec — Run a command and stream stdout/stderr */
+declare function handleTerminalExec(command: Command, supabase: SupabaseClient): Promise<void>;
+/** terminal.kill — Kill a running process */
+declare function handleTerminalKill(command: Command, supabase: SupabaseClient): Promise<void>;
+
+/**
+ * Claude command handler — spawns Claude Code CLI as a child process
+ * and streams responses back through command_stream.
+ *
+ * Claude Code handles its own auth via ~/.claude — no API key needed here.
+ */
+
+/** claude.query — Run a prompt through Claude Code CLI */
+declare function handleClaudeQuery(command: Command, supabase: SupabaseClient): Promise<void>;
+
+export { type AgentConfig, Relay, configExists, getSupabase, handleClaudeQuery, handleFsDelete, handleFsList, handleFsRead, handleFsWrite, handleGitClone, handleGitPull, handleGitStatus, handleTerminalExec, handleTerminalKill, loadConfig, resetSupabase, saveConfig, updateConfig };

package/dist/index.js

@@ -0,0 +1,38 @@
+import {
+  Relay,
+  configExists,
+  getSupabase,
+  handleClaudeQuery,
+  handleFsDelete,
+  handleFsList,
+  handleFsRead,
+  handleFsWrite,
+  handleGitClone,
+  handleGitPull,
+  handleGitStatus,
+  handleTerminalExec,
+  handleTerminalKill,
+  loadConfig,
+  resetSupabase,
+  saveConfig,
+  updateConfig
+} from "./chunk-P2FMWWKI.js";
+export {
+  Relay,
+  configExists,
+  getSupabase,
+  handleClaudeQuery,
+  handleFsDelete,
+  handleFsList,
+  handleFsRead,
+  handleFsWrite,
+  handleGitClone,
+  handleGitPull,
+  handleGitStatus,
+  handleTerminalExec,
+  handleTerminalKill,
+  loadConfig,
+  resetSupabase,
+  saveConfig,
+  updateConfig
+};

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@tenux/cli",
+  "version": "0.0.1",
+  "description": "Tenux — mobile-first IDE for 10x engineering",
+  "author": "Antelogic LLC",
+  "license": "MIT",
+  "type": "module",
+  "bin": {
+    "tenux": "./dist/cli.js"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup src/cli.ts src/index.ts --format esm --dts --clean",
+    "dev": "tsup src/cli.ts src/index.ts --format esm --dts --watch",
+    "start": "node dist/cli.js start",
+    "lint": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@supabase/supabase-js": "^2.49.4",
+    "chalk": "^5.4.1",
+    "commander": "^13.1.0",
+    "open": "^10.1.0",
+    "ws": "^8.18.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.15.3",
+    "@types/ws": "^8.18.1",
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.3"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "keywords": [
+    "tenux",
+    "mobile-ide",
+    "vibe-coding",
+    "claude",
+    "ai",
+    "agent",
+    "remote-development",
+    "10x-engineering"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/antelogic/tenux"
+  },
+  "homepage": "https://tenux.dev"
+}