npm - @thevinci/web - Versions diffs - 1.0.0 - Mend

@thevinci/web 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (337) hide show

package/README.md +197 -0
package/bin/cli-entry.js +55 -0
package/bin/cli-output.js +145 -0
package/bin/cli.js +4887 -0
package/bin/cli.test.js +64 -0
package/dist/apple-touch-icon-120x120.png +0 -0
package/dist/apple-touch-icon-152x152.png +0 -0
package/dist/apple-touch-icon-167x167.png +0 -0
package/dist/apple-touch-icon-180x180.png +0 -0
package/dist/apple-touch-icon.png +0 -0
package/dist/apple-touch-icon.svg +528 -0
package/dist/assets/JsonTreeView-CSm9OzXG.js +1 -0
package/dist/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2 +0 -0
package/dist/assets/KaTeX_AMS-Regular-DMm9YOAa.woff +0 -0
package/dist/assets/KaTeX_AMS-Regular-DRggAlZN.ttf +0 -0
package/dist/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf +0 -0
package/dist/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff +0 -0
package/dist/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2 +0 -0
package/dist/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff +0 -0
package/dist/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2 +0 -0
package/dist/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf +0 -0
package/dist/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf +0 -0
package/dist/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff +0 -0
package/dist/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2 +0 -0
package/dist/assets/KaTeX_Fraktur-Regular-CB_wures.ttf +0 -0
package/dist/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2 +0 -0
package/dist/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff +0 -0
package/dist/assets/KaTeX_Main-Bold-Cx986IdX.woff2 +0 -0
package/dist/assets/KaTeX_Main-Bold-Jm3AIy58.woff +0 -0
package/dist/assets/KaTeX_Main-Bold-waoOVXN0.ttf +0 -0
package/dist/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2 +0 -0
package/dist/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf +0 -0
package/dist/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff +0 -0
package/dist/assets/KaTeX_Main-Italic-3WenGoN9.ttf +0 -0
package/dist/assets/KaTeX_Main-Italic-BMLOBm91.woff +0 -0
package/dist/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2 +0 -0
package/dist/assets/KaTeX_Main-Regular-B22Nviop.woff2 +0 -0
package/dist/assets/KaTeX_Main-Regular-Dr94JaBh.woff +0 -0
package/dist/assets/KaTeX_Main-Regular-ypZvNtVU.ttf +0 -0
package/dist/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf +0 -0
package/dist/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2 +0 -0
package/dist/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff +0 -0
package/dist/assets/KaTeX_Math-Italic-DA0__PXp.woff +0 -0
package/dist/assets/KaTeX_Math-Italic-flOr_0UB.ttf +0 -0
package/dist/assets/KaTeX_Math-Italic-t53AETM-.woff2 +0 -0
package/dist/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf +0 -0
package/dist/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2 +0 -0
package/dist/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff +0 -0
package/dist/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2 +0 -0
package/dist/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff +0 -0
package/dist/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf +0 -0
package/dist/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf +0 -0
package/dist/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff +0 -0
package/dist/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2 +0 -0
package/dist/assets/KaTeX_Script-Regular-C5JkGWo-.ttf +0 -0
package/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 +0 -0
package/dist/assets/KaTeX_Script-Regular-D5yQViql.woff +0 -0
package/dist/assets/KaTeX_Size1-Regular-C195tn64.woff +0 -0
package/dist/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf +0 -0
package/dist/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2 +0 -0
package/dist/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf +0 -0
package/dist/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2 +0 -0
package/dist/assets/KaTeX_Size2-Regular-oD1tc_U0.woff +0 -0
package/dist/assets/KaTeX_Size3-Regular-CTq5MqoE.woff +0 -0
package/dist/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf +0 -0
package/dist/assets/KaTeX_Size4-Regular-BF-4gkZK.woff +0 -0
package/dist/assets/KaTeX_Size4-Regular-DWFBv043.ttf +0 -0
package/dist/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2 +0 -0
package/dist/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff +0 -0
package/dist/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2 +0 -0
package/dist/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf +0 -0
package/dist/assets/MarkdownRendererImpl-DensKOLc.js +6 -0
package/dist/assets/MultiRunWindow-Bo7THayo.js +1 -0
package/dist/assets/OnboardingScreen-BDqmzTVR.js +2 -0
package/dist/assets/SettingsWindow-coz__Ykw.js +1 -0
package/dist/assets/TerminalView-DrZ-i3Dr.js +1 -0
package/dist/assets/ToolOutputDialog-Eglzslt3.js +16 -0
package/dist/assets/es-4o9ciP61.js +15 -0
package/dist/assets/ibm-plex-mono-latin-400-normal-CvHOgSBP.woff +0 -0
package/dist/assets/ibm-plex-mono-latin-400-normal-DMJ8VG8y.woff2 +0 -0
package/dist/assets/ibm-plex-mono-latin-500-normal-CB9ihrfo.woff +0 -0
package/dist/assets/ibm-plex-mono-latin-500-normal-DSY6xOcd.woff2 +0 -0
package/dist/assets/ibm-plex-mono-latin-600-normal-BgSNZQsw.woff2 +0 -0
package/dist/assets/ibm-plex-mono-latin-600-normal-DWFSQ4vo.woff +0 -0
package/dist/assets/ibm-plex-sans-latin-400-normal-CDDApCn2.woff2 +0 -0
package/dist/assets/ibm-plex-sans-latin-400-normal-CYLoc0-x.woff +0 -0
package/dist/assets/ibm-plex-sans-latin-500-normal-6ng42L7E.woff2 +0 -0
package/dist/assets/ibm-plex-sans-latin-500-normal-BgVn5rGT.woff +0 -0
package/dist/assets/ibm-plex-sans-latin-600-normal-Cu4Hd6ag.woff +0 -0
package/dist/assets/ibm-plex-sans-latin-600-normal-CuJfVYMP.woff2 +0 -0
package/dist/assets/index-DLTDToSP.css +1 -0
package/dist/assets/index-DgiFEKGN.js +1 -0
package/dist/assets/ko-B20imCHE.js +15 -0
package/dist/assets/main-BV3KOtdA.css +1 -0
package/dist/assets/main-CDKJj0sH.js +226 -0
package/dist/assets/main-LC-PSNVM.js +2 -0
package/dist/assets/miniChat-CQUiG_cr.js +2 -0
package/dist/assets/modelPrefsAutoSave-Dm799vzR.js +6986 -0
package/dist/assets/pl-DQJ7LSzj.js +15 -0
package/dist/assets/pt-BR-OmjHUz9y.js +15 -0
package/dist/assets/renderElectronMiniChatApp-CARbeW0G.js +2 -0
package/dist/assets/uk-BNFxOlO4.js +15 -0
package/dist/assets/vendor--DBfsbEis.css +1 -0
package/dist/assets/vendor-.bun-B9l0ZNi2.js +4094 -0
package/dist/assets/wasm-CG6Dc4jp.js +1 -0
package/dist/assets/wasmSttWorker-Dtlxac_K.js +1 -0
package/dist/assets/wasmSttWorker-oo7Dm_jy.js +1806 -0
package/dist/assets/worker-CbT6TVo7.js +155 -0
package/dist/assets/zh-CN-C6T-Ac7F.js +15 -0
package/dist/favicon-16.png +0 -0
package/dist/favicon-32.png +0 -0
package/dist/favicon.png +0 -0
package/dist/favicon.svg +528 -0
package/dist/index.html +607 -0
package/dist/logo-dark-192x192.png +0 -0
package/dist/logo-dark-512x512.png +0 -0
package/dist/logo-dark-512x512.svg +528 -0
package/dist/logo-light-192x192.png +0 -0
package/dist/logo-light-512x512.png +0 -0
package/dist/logo-light-512x512.svg +528 -0
package/dist/mini-chat.html +16 -0
package/dist/pwa-192.png +0 -0
package/dist/pwa-512.png +0 -0
package/dist/pwa-maskable-192.png +0 -0
package/dist/pwa-maskable-512.png +0 -0
package/dist/site.webmanifest +21 -0
package/dist/sw.js +1 -0
package/package.json +118 -0
package/public/apple-touch-icon-120x120.png +0 -0
package/public/apple-touch-icon-152x152.png +0 -0
package/public/apple-touch-icon-167x167.png +0 -0
package/public/apple-touch-icon-180x180.png +0 -0
package/public/apple-touch-icon.png +0 -0
package/public/apple-touch-icon.svg +528 -0
package/public/favicon-16.png +0 -0
package/public/favicon-32.png +0 -0
package/public/favicon.png +0 -0
package/public/favicon.svg +528 -0
package/public/logo-dark-192x192.png +0 -0
package/public/logo-dark-512x512.png +0 -0
package/public/logo-dark-512x512.svg +528 -0
package/public/logo-light-192x192.png +0 -0
package/public/logo-light-512x512.png +0 -0
package/public/logo-light-512x512.svg +528 -0
package/public/pwa-192.png +0 -0
package/public/pwa-512.png +0 -0
package/public/pwa-maskable-192.png +0 -0
package/public/pwa-maskable-512.png +0 -0
package/public/site.webmanifest +21 -0
package/server/TERMINAL_WS_PROTOCOL.md +48 -0
package/server/index.d.ts +39 -0
package/server/index.js +1311 -0
package/server/lib/cloudflare-tunnel.js +650 -0
package/server/lib/event-stream/DOCUMENTATION.md +61 -0
package/server/lib/event-stream/directory-ws-bridge.js +185 -0
package/server/lib/event-stream/global-hub.js +158 -0
package/server/lib/event-stream/global-hub.test.js +140 -0
package/server/lib/event-stream/global-ws-bridge.js +206 -0
package/server/lib/event-stream/index.js +25 -0
package/server/lib/event-stream/protocol.js +131 -0
package/server/lib/event-stream/protocol.test.js +182 -0
package/server/lib/event-stream/runtime.js +180 -0
package/server/lib/event-stream/runtime.test.js +512 -0
package/server/lib/event-stream/upstream-reader.js +226 -0
package/server/lib/event-stream/upstream-reader.test.js +276 -0
package/server/lib/fs/DOCUMENTATION.md +36 -0
package/server/lib/fs/routes.js +1040 -0
package/server/lib/fs/search.js +238 -0
package/server/lib/git/DOCUMENTATION.md +152 -0
package/server/lib/git/credentials.js +74 -0
package/server/lib/git/identity-storage.js +112 -0
package/server/lib/git/index.js +6 -0
package/server/lib/git/routes.js +972 -0
package/server/lib/git/service.js +3432 -0
package/server/lib/git/service.test.js +39 -0
package/server/lib/github/DOCUMENTATION.md +171 -0
package/server/lib/github/auth.js +307 -0
package/server/lib/github/device-flow.js +50 -0
package/server/lib/github/index.js +24 -0
package/server/lib/github/octokit.js +10 -0
package/server/lib/github/pr-status.js +519 -0
package/server/lib/github/repo/fork-detection.js +102 -0
package/server/lib/github/repo/index.js +55 -0
package/server/lib/github/routes.js +1560 -0
package/server/lib/magic-prompts/routes.js +63 -0
package/server/lib/magic-prompts/runtime.js +119 -0
package/server/lib/notifications/DOCUMENTATION.md +122 -0
package/server/lib/notifications/emitter-runtime.js +102 -0
package/server/lib/notifications/index.js +4 -0
package/server/lib/notifications/message.js +52 -0
package/server/lib/notifications/message.test.js +34 -0
package/server/lib/notifications/push-runtime.js +304 -0
package/server/lib/notifications/routes.js +315 -0
package/server/lib/notifications/runtime.js +566 -0
package/server/lib/notifications/template-runtime.js +349 -0
package/server/lib/notifications/template-runtime.test.js +26 -0
package/server/lib/opencode/DOCUMENTATION.md +362 -0
package/server/lib/opencode/agents.js +634 -0
package/server/lib/opencode/auth-state-runtime.js +88 -0
package/server/lib/opencode/auth.js +83 -0
package/server/lib/opencode/bootstrap-runtime.js +131 -0
package/server/lib/opencode/cli-entry-runtime.js +43 -0
package/server/lib/opencode/cli-options.js +128 -0
package/server/lib/opencode/commands.js +339 -0
package/server/lib/opencode/config-entity-routes.js +370 -0
package/server/lib/opencode/core-routes.js +500 -0
package/server/lib/opencode/core-routes.test.js +26 -0
package/server/lib/opencode/env-config.js +74 -0
package/server/lib/opencode/env-keys.js +68 -0
package/server/lib/opencode/env-runtime.js +1162 -0
package/server/lib/opencode/env-runtime.test.js +116 -0
package/server/lib/opencode/feature-routes-runtime.js +244 -0
package/server/lib/opencode/hmr-state-runtime.js +85 -0
package/server/lib/opencode/index.js +66 -0
package/server/lib/opencode/lifecycle.js +1019 -0
package/server/lib/opencode/lifecycle.test.js +240 -0
package/server/lib/opencode/mcp.js +278 -0
package/server/lib/opencode/network-runtime.js +104 -0
package/server/lib/opencode/network-runtime.test.js +37 -0
package/server/lib/opencode/opencode-resolution-runtime.js +71 -0
package/server/lib/opencode/path-utils.js +100 -0
package/server/lib/opencode/path-utils.test.js +71 -0
package/server/lib/opencode/project-directory-runtime.js +124 -0
package/server/lib/opencode/project-icon-routes.js +399 -0
package/server/lib/opencode/project-icon-routes.test.js +107 -0
package/server/lib/opencode/providers.js +96 -0
package/server/lib/opencode/proxy.js +445 -0
package/server/lib/opencode/pwa-manifest-routes.js +257 -0
package/server/lib/opencode/pwa-manifest-routes.test.js +133 -0
package/server/lib/opencode/routes.js +541 -0
package/server/lib/opencode/server-startup-runtime.js +156 -0
package/server/lib/opencode/server-utils-runtime.js +168 -0
package/server/lib/opencode/server-utils-runtime.test.js +135 -0
package/server/lib/opencode/session-runtime.js +356 -0
package/server/lib/opencode/session-runtime.test.js +151 -0
package/server/lib/opencode/settings-helpers.js +770 -0
package/server/lib/opencode/settings-helpers.test.js +109 -0
package/server/lib/opencode/settings-normalization-runtime.js +428 -0
package/server/lib/opencode/settings-runtime.js +826 -0
package/server/lib/opencode/settings-runtime.test.js +85 -0
package/server/lib/opencode/shared.js +615 -0
package/server/lib/opencode/shutdown-runtime.js +139 -0
package/server/lib/opencode/shutdown-runtime.test.js +58 -0
package/server/lib/opencode/skill-routes.js +701 -0
package/server/lib/opencode/skills.js +548 -0
package/server/lib/opencode/startup-pipeline-runtime.js +130 -0
package/server/lib/opencode/static-routes-runtime.js +65 -0
package/server/lib/opencode/theme-runtime.js +167 -0
package/server/lib/opencode/tunnel-auth.js +591 -0
package/server/lib/opencode/tunnel-wiring-runtime.js +94 -0
package/server/lib/opencode/vinci-routes.js +76 -0
package/server/lib/opencode/watcher.js +115 -0
package/server/lib/opencode/watcher.test.js +239 -0
package/server/lib/preview/proxy-runtime.js +1333 -0
package/server/lib/preview/proxy-runtime.test.js +144 -0
package/server/lib/projects/project-config.js +567 -0
package/server/lib/projects/project-config.test.js +175 -0
package/server/lib/projects/project-id.js +13 -0
package/server/lib/quota/DOCUMENTATION.md +58 -0
package/server/lib/quota/index.js +25 -0
package/server/lib/quota/providers/claude.js +107 -0
package/server/lib/quota/providers/codex.js +113 -0
package/server/lib/quota/providers/copilot.js +165 -0
package/server/lib/quota/providers/google/api.js +92 -0
package/server/lib/quota/providers/google/auth.js +108 -0
package/server/lib/quota/providers/google/index.js +124 -0
package/server/lib/quota/providers/google/transforms.js +109 -0
package/server/lib/quota/providers/index.js +168 -0
package/server/lib/quota/providers/interface.js +55 -0
package/server/lib/quota/providers/kimi.js +108 -0
package/server/lib/quota/providers/minimax-cn-coding-plan.js +140 -0
package/server/lib/quota/providers/minimax-coding-plan.js +139 -0
package/server/lib/quota/providers/nanogpt.js +124 -0
package/server/lib/quota/providers/ollama-cloud.js +112 -0
package/server/lib/quota/providers/openai.js +91 -0
package/server/lib/quota/providers/openrouter.js +92 -0
package/server/lib/quota/providers/zai.js +91 -0
package/server/lib/quota/providers/zhipuai-coding-plan.js +133 -0
package/server/lib/quota/providers/zhipuai.js +114 -0
package/server/lib/quota/routes.js +27 -0
package/server/lib/quota/utils/auth.js +50 -0
package/server/lib/quota/utils/formatters.js +85 -0
package/server/lib/quota/utils/formatters.test.js +54 -0
package/server/lib/quota/utils/index.js +10 -0
package/server/lib/quota/utils/transformers.js +55 -0
package/server/lib/scheduled-tasks/DOCUMENTATION.md +44 -0
package/server/lib/scheduled-tasks/routes.js +235 -0
package/server/lib/scheduled-tasks/runtime.js +773 -0
package/server/lib/scheduled-tasks/runtime.test.js +100 -0
package/server/lib/security/request-security.js +115 -0
package/server/lib/session-folders/routes.js +63 -0
package/server/lib/session-folders/routes.test.js +102 -0
package/server/lib/skills-catalog/DOCUMENTATION.md +178 -0
package/server/lib/skills-catalog/cache.js +29 -0
package/server/lib/skills-catalog/clawdhub/api.js +158 -0
package/server/lib/skills-catalog/clawdhub/index.js +30 -0
package/server/lib/skills-catalog/clawdhub/install.js +238 -0
package/server/lib/skills-catalog/clawdhub/scan.js +113 -0
package/server/lib/skills-catalog/curated-sources.js +21 -0
package/server/lib/skills-catalog/git.js +77 -0
package/server/lib/skills-catalog/index.js +42 -0
package/server/lib/skills-catalog/install.js +294 -0
package/server/lib/skills-catalog/scan.js +221 -0
package/server/lib/skills-catalog/source.js +87 -0
package/server/lib/terminal/DOCUMENTATION.md +76 -0
package/server/lib/terminal/index.js +31 -0
package/server/lib/terminal/output-replay-buffer.js +78 -0
package/server/lib/terminal/output-replay-buffer.test.js +75 -0
package/server/lib/terminal/runtime.js +850 -0
package/server/lib/terminal/runtime.test.js +96 -0
package/server/lib/terminal/terminal-ws-protocol.js +68 -0
package/server/lib/terminal/terminal-ws-protocol.test.js +145 -0
package/server/lib/text/DOCUMENTATION.md +35 -0
package/server/lib/text/summarization.js +138 -0
package/server/lib/text/summarization.test.js +34 -0
package/server/lib/tts/DOCUMENTATION.md +146 -0
package/server/lib/tts/base-url.js +62 -0
package/server/lib/tts/capability-runtime.js +31 -0
package/server/lib/tts/index.js +19 -0
package/server/lib/tts/routes.js +261 -0
package/server/lib/tts/routes.test.js +53 -0
package/server/lib/tts/service.js +178 -0
package/server/lib/tts/stt.js +75 -0
package/server/lib/tunnels/DOCUMENTATION.md +18 -0
package/server/lib/tunnels/index.js +166 -0
package/server/lib/tunnels/managed-config.js +201 -0
package/server/lib/tunnels/providers/cloudflare.js +260 -0
package/server/lib/tunnels/registry.js +51 -0
package/server/lib/tunnels/routes.js +605 -0
package/server/lib/tunnels/types.js +219 -0
package/server/lib/ui-auth/DOCUMENTATION.md +38 -0
package/server/lib/ui-auth/ui-auth.js +673 -0
package/server/lib/ui-auth/ui-passkeys.js +545 -0
package/server/opencode-proxy.test.js +151 -0
package/server/proxy-headers.js +61 -0
package/server/proxy-headers.test.js +58 -0
package/server/sse-routes.test.js +152 -0

package/server/lib/tunnels/DOCUMENTATION.md ADDED Viewed

@@ -0,0 +1,18 @@
+# Tunnels Module Documentation
+## Purpose
+This module contains tunnel provider orchestration for Vinci, including provider registry/service wiring, managed remote token config lifecycle, and tunnel HTTP route registration.
+## Entrypoints and structure
+- `packages/web/server/lib/tunnels/index.js`: tunnel service orchestration.
+- `packages/web/server/lib/tunnels/registry.js`: provider registry.
+- `packages/web/server/lib/tunnels/managed-config.js`: managed remote tunnel token/preset persistence runtime.
+- `packages/web/server/lib/tunnels/routes.js`: tunnel API route registration and request orchestration runtime.
+- `packages/web/server/lib/tunnels/types.js`: tunnel constants, normalization, and shared type helpers.
+- `packages/web/server/lib/tunnels/providers/cloudflare.js`: Cloudflare tunnel provider implementation.
+## Public exports (routes.js)
+- `createTunnelRoutesRuntime(dependencies)`: creates tunnel routes runtime and helpers.
+- Returned API:
+  - `registerRoutes(app)`
+  - `startTunnelWithNormalizedRequest(request)`

package/server/lib/tunnels/index.js ADDED Viewed

@@ -0,0 +1,166 @@
+import {
+  TUNNEL_MODE_QUICK,
+  TUNNEL_PROVIDER_CLOUDFLARE,
+  TunnelServiceError,
+  normalizeTunnelStartRequest,
+  validateTunnelStartRequest,
+} from './types.js';
+export function createTunnelService({
+  registry,
+  getController,
+  setController,
+  getActivePort,
+  onQuickTunnelWarning,
+}) {
+  if (!registry) {
+    throw new Error('Tunnel service requires a provider registry');
+  }
+  const resolveActiveMode = () => {
+    const controller = getController();
+    if (!controller || typeof controller.mode !== 'string') {
+      return null;
+    }
+    return controller.mode;
+  };
+  const resolveActiveProvider = () => {
+    const controller = getController();
+    if (!controller || typeof controller.provider !== 'string') {
+      return null;
+    }
+    return controller.provider;
+  };
+  const stop = () => {
+    const controller = getController();
+    if (!controller) {
+      return false;
+    }
+    const providerId = typeof controller.provider === 'string' ? controller.provider : '';
+    const provider = providerId ? registry.get(providerId) : null;
+    if (provider?.stop) {
+      provider.stop(controller);
+    } else {
+      controller.stop?.();
+    }
+    setController(null);
+    return true;
+  };
+  const checkAvailability = async (providerId) => {
+    const provider = registry.get(providerId);
+    if (!provider) {
+      throw new TunnelServiceError('provider_unsupported', `Unsupported tunnel provider: ${providerId}`);
+    }
+    const result = await provider.checkAvailability();
+    return result;
+  };
+  // Mutex to prevent concurrent tunnel starts from orphaning child processes.
+  let startLock = Promise.resolve();
+  const start = async (rawRequest, options = {}) => {
+    let releaseLock;
+    const lockPromise = new Promise((resolve) => { releaseLock = resolve; });
+    const previousLock = startLock;
+    startLock = lockPromise;
+    await previousLock;
+    try {
+      const request = normalizeTunnelStartRequest(rawRequest);
+      const provider = registry.get(request.provider);
+      if (!provider) {
+        throw new TunnelServiceError('provider_unsupported', `Unsupported tunnel provider: ${request.provider}`);
+      }
+      validateTunnelStartRequest(request, provider.capabilities);
+      let publicUrl = provider.resolvePublicUrl(getController());
+      const activeMode = resolveActiveMode();
+      if (publicUrl && activeMode !== request.mode) {
+        stop();
+        publicUrl = null;
+      }
+      if (!publicUrl) {
+        const availability = await provider.checkAvailability();
+        if (!availability?.available) {
+          const missingDependencyMessage = typeof availability?.message === 'string' && availability.message.trim().length > 0
+            ? availability.message
+            : (request.provider === TUNNEL_PROVIDER_CLOUDFLARE
+              ? 'cloudflared is not installed. Install it with: brew install cloudflared'
+              : `Required dependency for provider '${request.provider}' is missing`);
+          throw new TunnelServiceError('missing_dependency', missingDependencyMessage);
+        }
+        const activePort = Number.isFinite(getActivePort?.()) ? getActivePort() : null;
+        const originUrl = activePort !== null ? `http://127.0.0.1:${activePort}` : undefined;
+        const controller = await provider.start(request, {
+          activePort,
+          originUrl,
+          ...options,
+        });
+        controller.provider = request.provider;
+        setController(controller);
+        publicUrl = provider.resolvePublicUrl(controller);
+        if (!publicUrl) {
+          stop();
+          throw new TunnelServiceError('startup_failed', 'Tunnel started but no public URL was assigned');
+        }
+        if (request.mode === TUNNEL_MODE_QUICK) {
+          onQuickTunnelWarning?.();
+        }
+      }
+      return {
+        publicUrl,
+        request,
+        activeMode: request.mode,
+        provider: request.provider,
+        providerMetadata: provider.getMetadata?.(getController()) ?? null,
+      };
+    } finally {
+      releaseLock();
+    }
+  };
+  const getPublicUrl = () => {
+    const controller = getController();
+    if (!controller) {
+      return null;
+    }
+    const provider = registry.get(controller.provider);
+    if (!provider) {
+      return controller.getPublicUrl?.() ?? null;
+    }
+    return provider.resolvePublicUrl(controller);
+  };
+  const getProviderMetadata = () => {
+    const controller = getController();
+    if (!controller) {
+      return null;
+    }
+    const provider = registry.get(controller.provider);
+    return provider?.getMetadata?.(controller) ?? null;
+  };
+  return {
+    start,
+    stop,
+    checkAvailability,
+    getPublicUrl,
+    getProviderMetadata,
+    resolveActiveMode,
+    resolveActiveProvider,
+  };
+}

package/server/lib/tunnels/managed-config.js ADDED Viewed

@@ -0,0 +1,201 @@
+export const createManagedTunnelConfigRuntime = (deps) => {
+  const {
+    fsPromises,
+    path,
+    normalizeManagedRemoteTunnelHostname,
+    normalizeManagedRemoteTunnelPresets,
+    constants,
+  } = deps;
+  const {
+    CLOUDFLARE_MANAGED_REMOTE_TUNNELS_FILE_PATH,
+    CLOUDFLARE_LEGACY_NAMED_TUNNELS_FILE_PATH,
+    CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+  } = constants;
+  let persistManagedRemoteTunnelConfigLock = Promise.resolve();
+  const sanitizeManagedRemoteTunnelConfigEntries = (value) => {
+    if (!Array.isArray(value)) {
+      return [];
+    }
+    const result = [];
+    const seenIds = new Set();
+    const seenHostnames = new Set();
+    for (const entry of value) {
+      if (!entry || typeof entry !== 'object') {
+        continue;
+      }
+      const id = typeof entry.id === 'string' ? entry.id.trim() : '';
+      const name = typeof entry.name === 'string' ? entry.name.trim() : '';
+      const hostname = normalizeManagedRemoteTunnelHostname(entry.hostname);
+      const token = typeof entry.token === 'string' ? entry.token.trim() : '';
+      const updatedAt = Number.isFinite(entry.updatedAt) ? entry.updatedAt : Date.now();
+      if (!id || !name || !hostname || !token) {
+        continue;
+      }
+      if (seenIds.has(id) || seenHostnames.has(hostname)) {
+        continue;
+      }
+      seenIds.add(id);
+      seenHostnames.add(hostname);
+      result.push({ id, name, hostname, token, updatedAt });
+    }
+    return result;
+  };
+  const writeManagedRemoteTunnelConfigToDisk = async (data) => {
+    await fsPromises.mkdir(path.dirname(CLOUDFLARE_MANAGED_REMOTE_TUNNELS_FILE_PATH), { recursive: true });
+    await fsPromises.writeFile(CLOUDFLARE_MANAGED_REMOTE_TUNNELS_FILE_PATH, JSON.stringify(data, null, 2), { encoding: 'utf8', mode: 0o600 });
+  };
+  const migrateManagedRemoteTunnelConfigFromLegacyFile = async () => {
+    try {
+      const legacyRaw = await fsPromises.readFile(CLOUDFLARE_LEGACY_NAMED_TUNNELS_FILE_PATH, 'utf8');
+      const parsed = JSON.parse(legacyRaw);
+      const tunnels = sanitizeManagedRemoteTunnelConfigEntries(parsed?.tunnels);
+      const migrated = {
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels,
+      };
+      await writeManagedRemoteTunnelConfigToDisk(migrated);
+      return migrated;
+    } catch (error) {
+      if (error && typeof error === 'object' && error.code === 'ENOENT') {
+        return { version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION, tunnels: [] };
+      }
+      console.warn('Failed to migrate legacy named tunnel config file:', error);
+      return { version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION, tunnels: [] };
+    }
+  };
+  const readManagedRemoteTunnelConfigFromDisk = async () => {
+    try {
+      const raw = await fsPromises.readFile(CLOUDFLARE_MANAGED_REMOTE_TUNNELS_FILE_PATH, 'utf8');
+      const parsed = JSON.parse(raw);
+      if (!parsed || typeof parsed !== 'object') {
+        return { version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION, tunnels: [] };
+      }
+      return {
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels: sanitizeManagedRemoteTunnelConfigEntries(parsed.tunnels),
+      };
+    } catch (error) {
+      if (error && typeof error === 'object' && error.code === 'ENOENT') {
+        return migrateManagedRemoteTunnelConfigFromLegacyFile();
+      }
+      console.warn('Failed to read managed remote tunnel config file:', error);
+      return { version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION, tunnels: [] };
+    }
+  };
+  const updateManagedRemoteTunnelConfig = async (mutate) => {
+    persistManagedRemoteTunnelConfigLock = persistManagedRemoteTunnelConfigLock.then(async () => {
+      const current = await readManagedRemoteTunnelConfigFromDisk();
+      const next = mutate({
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels: sanitizeManagedRemoteTunnelConfigEntries(current.tunnels),
+      });
+      await writeManagedRemoteTunnelConfigToDisk({
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels: sanitizeManagedRemoteTunnelConfigEntries(next?.tunnels),
+      });
+    });
+    return persistManagedRemoteTunnelConfigLock;
+  };
+  const syncManagedRemoteTunnelConfigWithPresets = async (presets) => {
+    const sanitizedPresets = normalizeManagedRemoteTunnelPresets(presets) || [];
+    await updateManagedRemoteTunnelConfig((current) => {
+      const byId = new Map(current.tunnels.map((entry) => [entry.id, entry]));
+      const byHostname = new Map(current.tunnels.map((entry) => [entry.hostname, entry]));
+      const nextTunnels = [];
+      for (const preset of sanitizedPresets) {
+        const existing = byId.get(preset.id) || byHostname.get(preset.hostname) || null;
+        if (!existing) {
+          continue;
+        }
+        nextTunnels.push({
+          ...existing,
+          id: preset.id,
+          name: preset.name,
+          hostname: preset.hostname,
+        });
+      }
+      return {
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels: nextTunnels,
+      };
+    });
+  };
+  const upsertManagedRemoteTunnelToken = async ({ id, name, hostname, token }) => {
+    if (typeof id !== 'string' || typeof name !== 'string' || typeof hostname !== 'string' || typeof token !== 'string') {
+      return;
+    }
+    const normalizedId = id.trim();
+    const normalizedName = name.trim();
+    const normalizedHostname = normalizeManagedRemoteTunnelHostname(hostname);
+    const normalizedToken = token.trim();
+    if (!normalizedId || !normalizedName || !normalizedHostname || !normalizedToken) {
+      return;
+    }
+    await updateManagedRemoteTunnelConfig((current) => {
+      const withoutConflicts = current.tunnels.filter((entry) => entry.id !== normalizedId && entry.hostname !== normalizedHostname);
+      withoutConflicts.push({
+        id: normalizedId,
+        name: normalizedName,
+        hostname: normalizedHostname,
+        token: normalizedToken,
+        updatedAt: Date.now(),
+      });
+      return {
+        version: CLOUDFLARE_MANAGED_REMOTE_TUNNELS_VERSION,
+        tunnels: withoutConflicts,
+      };
+    });
+  };
+  const resolveManagedRemoteTunnelToken = async ({ presetId, hostname }) => {
+    const normalizedPresetId = typeof presetId === 'string' ? presetId.trim() : '';
+    const normalizedHostname = normalizeManagedRemoteTunnelHostname(hostname);
+    const config = await readManagedRemoteTunnelConfigFromDisk();
+    if (normalizedPresetId) {
+      const byId = config.tunnels.find((entry) => entry.id === normalizedPresetId);
+      if (byId?.token) {
+        return byId.token;
+      }
+    }
+    if (normalizedHostname) {
+      const byHostname = config.tunnels.find((entry) => entry.hostname === normalizedHostname);
+      if (byHostname?.token) {
+        return byHostname.token;
+      }
+    }
+    return '';
+  };
+  return {
+    readManagedRemoteTunnelConfigFromDisk,
+    syncManagedRemoteTunnelConfigWithPresets,
+    upsertManagedRemoteTunnelToken,
+    resolveManagedRemoteTunnelToken,
+  };
+};

package/server/lib/tunnels/providers/cloudflare.js ADDED Viewed

@@ -0,0 +1,260 @@
+import {
+  checkCloudflareApiReachability,
+  checkCloudflaredAvailable,
+  inspectManagedLocalCloudflareConfig,
+  normalizeCloudflareTunnelHostname,
+  startCloudflareManagedLocalTunnel,
+  startCloudflareManagedRemoteTunnel,
+  startCloudflareQuickTunnel,
+} from '../../cloudflare-tunnel.js';
+import {
+  TUNNEL_INTENT_EPHEMERAL_PUBLIC,
+  TUNNEL_INTENT_PERSISTENT_PUBLIC,
+  TUNNEL_MODE_MANAGED_LOCAL,
+  TUNNEL_MODE_MANAGED_REMOTE,
+  TUNNEL_MODE_QUICK,
+  TUNNEL_PROVIDER_CLOUDFLARE,
+  TunnelServiceError,
+} from '../types.js';
+export const cloudflareTunnelProviderCapabilities = {
+  provider: TUNNEL_PROVIDER_CLOUDFLARE,
+  defaults: {
+    mode: TUNNEL_MODE_QUICK,
+    optionDefaults: {},
+  },
+  modes: [
+    {
+      key: TUNNEL_MODE_QUICK,
+      label: 'Quick Tunnel',
+      intent: TUNNEL_INTENT_EPHEMERAL_PUBLIC,
+      requires: [],
+      supports: ['sessionTTL'],
+      stability: 'ga',
+    },
+    {
+      key: TUNNEL_MODE_MANAGED_REMOTE,
+      label: 'Managed Remote Tunnel',
+      intent: TUNNEL_INTENT_PERSISTENT_PUBLIC,
+      requires: ['token', 'hostname'],
+      supports: ['customDomain', 'sessionTTL'],
+      stability: 'ga',
+    },
+    {
+      key: TUNNEL_MODE_MANAGED_LOCAL,
+      label: 'Managed Local Tunnel',
+      intent: TUNNEL_INTENT_PERSISTENT_PUBLIC,
+      requires: [],
+      supports: ['configFile', 'customDomain', 'sessionTTL'],
+      stability: 'ga',
+    },
+  ],
+};
+export function createCloudflareTunnelProvider() {
+  const validateTokenShape = (value) => {
+    if (typeof value !== 'string') {
+      return { ok: false, detail: 'Managed remote token is missing.' };
+    }
+    const trimmed = value.trim();
+    if (!trimmed) {
+      return { ok: false, detail: 'Managed remote token is missing.' };
+    }
+    if (/\s/.test(trimmed)) {
+      return { ok: false, detail: 'Managed remote token has whitespace; provide the raw token value.' };
+    }
+    return { ok: true, detail: 'Managed remote token looks valid.' };
+  };
+  const createModeSummary = (checks) => {
+    const failures = checks.filter((entry) => entry.status === 'fail').length;
+    const warnings = checks.filter((entry) => entry.status === 'warn').length;
+    return {
+      ready: failures === 0,
+      failures,
+      warnings,
+    };
+  };
+  const describeMode = ({ mode, checks }) => {
+    const summary = createModeSummary(checks);
+    const blockers = checks
+      .filter((entry) => entry.status === 'fail' && entry.id !== 'startup_readiness')
+      .map((entry) => entry.detail || entry.label || entry.id);
+    return {
+      mode,
+      checks,
+      summary,
+      ready: summary.ready,
+      blockers,
+    };
+  };
+  return {
+    id: TUNNEL_PROVIDER_CLOUDFLARE,
+    capabilities: cloudflareTunnelProviderCapabilities,
+    checkAvailability: async () => {
+      const result = await checkCloudflaredAvailable();
+      if (result.available) {
+        return result;
+      }
+      return {
+        ...result,
+        message: 'cloudflared is not installed. Install it with: brew install cloudflared',
+      };
+    },
+    diagnose: async (request = {}) => {
+      const dependency = await checkCloudflaredAvailable();
+      const network = await checkCloudflareApiReachability();
+      const providerChecks = [
+        {
+          id: 'dependency',
+          label: 'cloudflared installed',
+          status: dependency.available ? 'pass' : 'fail',
+          detail: dependency.available
+            ? (dependency.version || dependency.path || 'cloudflared available')
+            : 'cloudflared is not installed. Install it with: brew install cloudflared',
+        },
+        {
+          id: 'network',
+          label: 'Cloudflare API reachable',
+          status: network.reachable ? 'pass' : 'fail',
+          detail: network.reachable
+            ? (network.status ? `HTTP ${network.status}` : 'Reachable')
+            : (network.error || 'Could not reach api.trycloudflare.com'),
+        },
+      ];
+      const startupReady = dependency.available && network.reachable;
+      const startupDetail = startupReady
+        ? 'Provider dependency and network checks passed.'
+        : 'Resolve provider checks before starting tunnels.';
+      const quickChecks = [
+        {
+          id: 'startup_readiness',
+          label: 'Provider startup readiness',
+          status: startupReady ? 'pass' : 'fail',
+          detail: startupDetail,
+        },
+        {
+          id: 'quick_mode_prerequisites',
+          label: 'Quick tunnel prerequisites',
+          status: network.reachable ? 'pass' : 'fail',
+          detail: network.reachable
+            ? 'Cloudflare edge is reachable for quick tunnels.'
+            : 'Cloudflare edge is not reachable for quick tunnels.',
+        },
+      ];
+      const managedLocalInspection = inspectManagedLocalCloudflareConfig({
+        configPath: request.configPath,
+        hostname: request.hostname,
+      });
+      const managedLocalChecks = [
+        {
+          id: 'startup_readiness',
+          label: 'Provider startup readiness',
+          status: startupReady ? 'pass' : 'fail',
+          detail: startupDetail,
+        },
+        {
+          id: 'managed_local_config',
+          label: 'Managed local config',
+          status: managedLocalInspection.ok ? 'pass' : 'fail',
+          detail: managedLocalInspection.ok
+            ? `${managedLocalInspection.effectiveConfigPath}${managedLocalInspection.resolvedHostname ? ` (${managedLocalInspection.resolvedHostname})` : ''}`
+            : managedLocalInspection.error,
+        },
+      ];
+      const normalizedHost = normalizeCloudflareTunnelHostname(request.hostname);
+      const hostnameMissing = !normalizedHost;
+      const remoteTokenValidation = validateTokenShape(request.token);
+      const tokenMissing = typeof request.token !== 'string' || request.token.trim().length === 0;
+      const hasSavedManagedRemoteProfile = request.hasSavedManagedRemoteProfile === true;
+      const tokenProvided = request.tokenProvided === true;
+      const hostnameProvided = request.hostnameProvided === true;
+      const hasExplicitManagedRemoteInput = tokenProvided || hostnameProvided;
+      const canUseSavedProfileForHostname = !hasExplicitManagedRemoteInput && hostnameMissing && hasSavedManagedRemoteProfile;
+      const canUseSavedProfileForToken = !hasExplicitManagedRemoteInput && tokenMissing && hasSavedManagedRemoteProfile;
+      const savedProfileReadyDetail = 'at least one saved profile present';
+      const managedRemoteChecks = [
+        {
+          id: 'startup_readiness',
+          label: 'Provider startup readiness',
+          status: startupReady ? 'pass' : 'fail',
+          detail: startupDetail,
+        },
+        {
+          id: 'managed_remote_hostname',
+          label: 'Managed remote hostname',
+          status: normalizedHost || canUseSavedProfileForHostname ? 'pass' : 'fail',
+          detail: normalizedHost
+            ? normalizedHost
+            : canUseSavedProfileForHostname
+              ? savedProfileReadyDetail
+              : 'Managed remote hostname is required (use --hostname).',
+        },
+        {
+          id: 'managed_remote_token',
+          label: 'Managed remote token',
+          status: remoteTokenValidation.ok || canUseSavedProfileForToken ? 'pass' : 'fail',
+          detail: canUseSavedProfileForToken
+            ? savedProfileReadyDetail
+            : remoteTokenValidation.detail,
+        },
+      ];
+      const allModes = [
+        describeMode({ mode: TUNNEL_MODE_QUICK, checks: quickChecks }),
+        describeMode({ mode: TUNNEL_MODE_MANAGED_REMOTE, checks: managedRemoteChecks }),
+        describeMode({ mode: TUNNEL_MODE_MANAGED_LOCAL, checks: managedLocalChecks }),
+      ];
+      const modeFilter = typeof request.mode === 'string' && request.mode.trim().length > 0
+        ? request.mode.trim().toLowerCase()
+        : null;
+      const modes = modeFilter ? allModes.filter((entry) => entry.mode === modeFilter) : allModes;
+      return {
+        providerChecks,
+        modes,
+      };
+    },
+    start: async (request, context = {}) => {
+      if (request.mode === TUNNEL_MODE_MANAGED_REMOTE) {
+        return startCloudflareManagedRemoteTunnel({
+          token: request.token,
+          hostname: request.hostname,
+        });
+      }
+      if (request.mode === TUNNEL_MODE_MANAGED_LOCAL) {
+        return startCloudflareManagedLocalTunnel({
+          configPath: request.configPath,
+          hostname: request.hostname,
+        });
+      }
+      if (!context.originUrl) {
+        throw new TunnelServiceError('validation_error', 'originUrl is required for quick tunnel mode');
+      }
+      return startCloudflareQuickTunnel({
+        originUrl: context.originUrl,
+        port: context.activePort,
+      });
+    },
+    stop: (controller) => {
+      controller?.stop?.();
+    },
+    resolvePublicUrl: (controller) => controller?.getPublicUrl?.() ?? null,
+    getMetadata: (controller) => ({
+      configPath: controller?.getEffectiveConfigPath?.() ?? null,
+      resolvedHostname: controller?.getResolvedHostname?.() ?? null,
+    }),
+  };
+}

package/server/lib/tunnels/registry.js ADDED Viewed

@@ -0,0 +1,51 @@
+const REQUIRED_PROVIDER_METHODS = ['start', 'stop', 'checkAvailability', 'resolvePublicUrl'];
+export function createTunnelProviderRegistry(initialProviders = []) {
+  const providers = new Map();
+  let sealed = false;
+  const register = (provider) => {
+    if (sealed) {
+      throw new Error('Tunnel provider registry is sealed; no further registrations allowed');
+    }
+    if (!provider || typeof provider.id !== 'string' || provider.id.trim().length === 0) {
+      throw new Error('Tunnel provider must define a non-empty id');
+    }
+    for (const method of REQUIRED_PROVIDER_METHODS) {
+      if (typeof provider[method] !== 'function') {
+        throw new Error(`Tunnel provider '${provider.id}' must implement ${method}()`);
+      }
+    }
+    const key = provider.id.trim().toLowerCase();
+    if (providers.has(key)) {
+      throw new Error(`Tunnel provider '${key}' is already registered`);
+    }
+    providers.set(key, provider);
+    return provider;
+  };
+  const get = (providerId) => {
+    if (typeof providerId !== 'string' || providerId.trim().length === 0) {
+      return null;
+    }
+    return providers.get(providerId.trim().toLowerCase()) ?? null;
+  };
+  const list = () => Array.from(providers.values());
+  const listCapabilities = () => list().map((provider) => ({ ...provider.capabilities }));
+  for (const provider of initialProviders) {
+    register(provider);
+  }
+  const seal = () => { sealed = true; };
+  return {
+    register,
+    get,
+    list,
+    listCapabilities,
+    seal,
+  };
+}