@tokagent/tokagentos 2.0.33 → 2.0.35

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tokagent/tokagentos",
-  "version": "2.0.33",
+  "version": "2.0.35",
   "description": "tokagentOS CLI - Create and upgrade tokagentOS project templates",
   "type": "module",
   "bin": {

package/templates/fullstack-app/scripts/clear-db-llm-secrets.mjs

@@ -0,0 +1,84 @@
+#!/usr/bin/env node
+/**
+ * Remove LLM provider API keys (OPENROUTER, ANTHROPIC, OPENAI, GOOGLE, GROQ)
+ * from the agents DB table. mergeDbSettings() in @elizaos/core loads
+ * agents.secrets and agents.settings.secrets into character.settings.secrets
+ * on every boot, and runtime.getSetting() checks character.settings.secrets
+ * BEFORE process.env — so a stale DB-stored key shadows the .env value
+ * forever. After running this, .env becomes the source of truth.
+ *
+ * Run with the agent STOPPED (`Ctrl-C` your `bun run dev`):
+ *   bun run scripts/clear-db-llm-secrets.mjs
+ */
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { existsSync } from "node:fs";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const PROJECT_ROOT = path.resolve(__dirname, "..");
+const DB_DIR = path.join(PROJECT_ROOT, ".eliza", ".elizadb");
+
+if (!existsSync(DB_DIR)) {
+  console.error(`PGLite directory not found at ${DB_DIR}`);
+  process.exit(1);
+}
+
+const LLM_KEYS = [
+  "OPENROUTER_API_KEY",
+  "ANTHROPIC_API_KEY",
+  "OPENAI_API_KEY",
+  "GOOGLE_GENERATIVE_AI_API_KEY",
+  "GOOGLE_API_KEY",
+  "GROQ_API_KEY",
+];
+
+const { PGlite } = await import("@electric-sql/pglite");
+const db = new PGlite(DB_DIR);
+await db.waitReady;
+
+const before = await db.query(
+  "SELECT id, name, secrets, settings FROM agents",
+);
+console.log(`Agents in DB: ${before.rows.length}`);
+for (const row of before.rows) {
+  const id = row.id;
+  const name = row.name;
+  const topSecrets = row.secrets && typeof row.secrets === "object" ? row.secrets : {};
+  const settingsSecrets =
+    row.settings &&
+    typeof row.settings === "object" &&
+    row.settings.secrets &&
+    typeof row.settings.secrets === "object"
+      ? row.settings.secrets
+      : {};
+  const allKeys = new Set([
+    ...Object.keys(topSecrets),
+    ...Object.keys(settingsSecrets),
+  ]);
+  const llmKeysPresent = [...allKeys].filter((k) => LLM_KEYS.includes(k));
+  if (llmKeysPresent.length === 0) {
+    console.log(`  ${name} (${id}): no LLM keys stored ✓`);
+    continue;
+  }
+  console.log(`  ${name} (${id}): clearing ${llmKeysPresent.join(", ")}`);
+  const newTopSecrets = { ...topSecrets };
+  const newSettings =
+    row.settings && typeof row.settings === "object" ? { ...row.settings } : {};
+  const newSettingsSecrets = { ...settingsSecrets };
+  for (const k of llmKeysPresent) {
+    delete newTopSecrets[k];
+    delete newSettingsSecrets[k];
+  }
+  newSettings.secrets = newSettingsSecrets;
+  await db.query(
+    "UPDATE agents SET secrets = $1, settings = $2 WHERE id = $3",
+    [
+      JSON.stringify(newTopSecrets),
+      JSON.stringify(newSettings),
+      id,
+    ],
+  );
+}
+
+console.log("\nDone. Restart `bun run dev` — .env is now the source of truth.");
+await db.close();

package/templates/fullstack-app/scripts/verify-llm-plugins.mjs

@@ -229,6 +229,148 @@ if (env.OPENROUTER_API_KEY) {
   }
 }
 
+/**
+ * DB-shadow check.
+ *
+ * Failure mode observed in the field: an LLM key set during first-boot
+ * onboarding is persisted into the `agents` table (`secrets` and
+ * `settings.secrets` columns). On every restart, mergeDbSettings() in
+ * @elizaos/core copies it into character.settings.secrets, and
+ * runtime.getSetting() reads that BEFORE process.env. So rotating .env
+ * does nothing — the DB value wins forever, even after .env is changed.
+ *
+ * We open PGLite read-only, scan agents.secrets and agents.settings.secrets,
+ * and warn loudly if any LLM key differs from .env. We don't auto-mutate
+ * the DB — clearing secrets is a destructive operation that should be
+ * explicit (use scripts/clear-db-llm-secrets.mjs).
+ *
+ * Best-effort only: skipped if PGLite isn't installed, the DB dir doesn't
+ * exist (fresh project), or the `agents` table isn't there yet (pre-boot).
+ */
+async function checkDbShadow() {
+  const dbDir = path.join(PROJECT_ROOT, ".eliza", ".elizadb");
+  if (!existsSync(dbDir)) return;
+  let PGlite;
+  try {
+    ({ PGlite } = await import("@electric-sql/pglite"));
+  } catch {
+    return;
+  }
+  let db;
+  try {
+    db = new PGlite(dbDir);
+    await db.waitReady;
+  } catch {
+    return;
+  }
+  try {
+    const result = await db.query(
+      "SELECT id, name, secrets, settings FROM agents",
+    );
+    for (const row of result.rows) {
+      const topSecrets =
+        row.secrets && typeof row.secrets === "object" ? row.secrets : {};
+      const settingsSecrets =
+        row.settings &&
+        typeof row.settings === "object" &&
+        row.settings.secrets &&
+        typeof row.settings.secrets === "object"
+          ? row.settings.secrets
+          : {};
+      for (const key of SHADOWED_KEYS) {
+        const dbValue = topSecrets[key] ?? settingsSecrets[key];
+        const dotenvValue = env[key];
+        if (!dbValue) continue;
+        if (!dotenvValue) {
+          // DB has it, .env doesn't. Probably set via onboarding UI and not
+          // mirrored. Not necessarily a bug — but flag it so the user knows.
+          continue;
+        }
+        if (dbValue !== dotenvValue) {
+          fail(
+            `${key} in PGLite database (agent "${row.name}") differs from .env.\n` +
+              `  db    : ${String(dbValue).slice(0, 12)}…${String(dbValue).slice(-4)} (this is what the agent reads)\n` +
+              `  .env  : ${String(dotenvValue).slice(0, 12)}…${String(dotenvValue).slice(-4)} (this is what you probably edited)\n` +
+              `  mergeDbSettings() in @elizaos/core loads the DB value into character.settings.secrets, and\n` +
+              `  runtime.getSetting() reads that BEFORE process.env. Editing .env doesn't help.\n` +
+              `  Fix: stop \`bun run dev\` and run \`bun run scripts/clear-db-llm-secrets.mjs\`,\n` +
+              `       then start again. .env will then be the source of truth.`,
+          );
+        }
+      }
+    }
+  } catch {
+    // agents table doesn't exist yet (fresh boot) — nothing to check.
+  } finally {
+    try {
+      await db.close();
+    } catch {}
+  }
+}
+
+await checkDbShadow();
+
+/**
+ * No-provider-configured check.
+ *
+ * Failure mode observed in the field: the user clears all direct provider
+ * keys (ANTHROPIC_API_KEY, OPENROUTER_API_KEY, etc.) intending to run in
+ * x402-only mode, but doesn't set BILLING_CHAT_KEY. The runtime then has
+ * NO TEXT_SMALL/TEXT_LARGE provider registered — every chat request fails
+ * with `[router] No provider registered for TEXT_SMALL`, which is opaque
+ * about the actual fix (mint a sk-ai-* key and set BILLING_CHAT_KEY).
+ *
+ * Wire (see core-plugins.ts:configureBillingChatMirror): when both
+ * BILLING_CHAT_KEY and TOKAGENT_GATEWAY_URL are set, OPENAI_API_KEY +
+ * OPENAI_BASE_URL are mirrored onto the gateway and plugin-openai loads
+ * as the gateway provider. Either one alone is a no-op.
+ */
+const DIRECT_LLM_KEYS = [
+  "ANTHROPIC_API_KEY",
+  "OPENAI_API_KEY",
+  "OPENROUTER_API_KEY",
+  "GOOGLE_GENERATIVE_AI_API_KEY",
+  "GOOGLE_API_KEY",
+  "GEMINI_API_KEY",
+  "GROQ_API_KEY",
+  "XAI_API_KEY",
+  "DEEPSEEK_API_KEY",
+  "MISTRAL_API_KEY",
+  "TOGETHER_API_KEY",
+  "OLLAMA_BASE_URL",
+];
+const hasDirectKey = DIRECT_LLM_KEYS.some((k) => env[k]?.trim());
+const hasBillingChatKey = !!env.BILLING_CHAT_KEY?.trim();
+const hasGatewayUrl = !!env.TOKAGENT_GATEWAY_URL?.trim();
+const hasLiteLLM =
+  !!env.LITELLM_BASE_URL?.trim() && !!env.LITELLM_API_KEY?.trim();
+if (!hasDirectKey && !hasBillingChatKey && !hasLiteLLM) {
+  fail(
+    `No LLM provider configured. The agent has nothing to call for chat.\n` +
+      `  Pick one of these three paths:\n` +
+      `\n` +
+      `  [A] Direct provider: set one of ${DIRECT_LLM_KEYS.slice(0, 4).join(", ")},\n` +
+      `      etc. in .env. Plugin auto-loads, chat hits the provider directly.\n` +
+      `\n` +
+      `  [B] x402 billing (Tokamak rail): mint a sk-ai-* key from the billing\n` +
+      `      dashboard, then set BILLING_CHAT_KEY=sk-ai-... in .env.\n` +
+      `      Open http://localhost:3000/tokagent-billing/v1/billing/dashboard/\n` +
+      `      → connect wallet → top up PTON → mint key. Without this, the\n` +
+      `      runtime router has zero TEXT_SMALL/TEXT_LARGE providers.\n` +
+      `\n` +
+      `  [C] LiteLLM proxy: set LITELLM_BASE_URL + LITELLM_API_KEY in .env\n` +
+      `      (plus LITELLM_SMALL_MODEL / LITELLM_LARGE_MODEL).`,
+  );
+} else if (hasBillingChatKey && !hasGatewayUrl) {
+  fail(
+    `BILLING_CHAT_KEY is set but TOKAGENT_GATEWAY_URL is not. The billing\n` +
+      `  mirror in core-plugins.ts requires BOTH to wire the gateway as an\n` +
+      `  OpenAI-compatible provider — set TOKAGENT_GATEWAY_URL to the URL of\n` +
+      `  the tokagent-billing-server you're a client of (the hosted default is\n` +
+      `  https://billing-service-production-a8e7.up.railway.app).`,
+  );
+}
+
 if (hadFailure) {
   console.error(
     "\n\x1b[31m[verify-llm-plugins]\x1b[0m One or more LLM-provider checks failed. Chat will not work until this is resolved.\n",

package/templates-manifest.json

@@ -1,6 +1,6 @@
 {
   "version": "1.0.0",
-  "generatedAt": "2026-05-27T09:03:47.237Z",
+  "generatedAt": "2026-05-27T09:29:35.264Z",
   "repoUrl": "https://github.com/elizaos/eliza",
   "templates": [
     {