@undefineds.co/linx 0.2.16 → 0.2.17

package/vendor/client/dist/client/index.js

@@ -0,0 +1,260 @@
+export const LINX_HOME_DIRNAME = '.linx';
+export const LINX_CONFIG_FILE_NAME = 'config.json';
+export const LINX_SECRETS_FILE_NAME = 'secrets.json';
+export const LINX_ACCOUNT_SESSION_FILE_NAME = 'account.json';
+export const LINX_CLOUD_IDENTITY_ORIGIN = 'https://id.undefineds.co';
+export const LINX_CLOUD_API_ORIGIN = 'https://api.undefineds.co';
+export const LINX_CLOUD_ACCOUNT_API_BASE_URL = `${LINX_CLOUD_IDENTITY_ORIGIN}/`;
+export const LINX_CLOUD_RUNTIME_API_BASE_URL = `${LINX_CLOUD_API_ORIGIN}/v1`;
+export const LINX_CLOUD_API_BASE_URL = LINX_CLOUD_ACCOUNT_API_BASE_URL;
+export const LINX_CLOUD_IDENTITY_HOSTS = ['id.undefineds.co'];
+function isRecord(value) {
+    return typeof value === 'object' && value !== null && !Array.isArray(value);
+}
+function optionalString(value) {
+    return typeof value === 'string' ? value : undefined;
+}
+function parseStringRecord(value) {
+    if (!isRecord(value)) {
+        return {};
+    }
+    const entries = Object.entries(value)
+        .filter((entry) => typeof entry[1] === 'string');
+    return Object.fromEntries(entries);
+}
+function normalizeAuthType(value) {
+    return value === 'oidc_oauth' ? 'oidc_oauth' : 'client_credentials';
+}
+function trimTrailingSlash(url) {
+    return url.replace(/\/+$/, '');
+}
+function resolveHostname(url) {
+    try {
+        return new URL(url).hostname;
+    }
+    catch {
+        return '';
+    }
+}
+export function resolveLinxBaseUrl(url, fallbackBaseUrl = 'http://localhost:3000') {
+    const raw = typeof url === 'string' && url.trim() ? url.trim() : fallbackBaseUrl;
+    return raw.endsWith('/') ? raw : `${raw}/`;
+}
+export function resolveLinxRuntimeApiBaseUrl(url, fallbackBaseUrl = LINX_CLOUD_ACCOUNT_API_BASE_URL) {
+    const normalized = trimTrailingSlash(resolveLinxBaseUrl(url, fallbackBaseUrl));
+    return normalized.endsWith('/v1') ? normalized : `${normalized}/v1`;
+}
+export function resolveLinxCloudAccountBaseUrl(url) {
+    return resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL);
+}
+export function resolveLinxCloudRuntimeApiBaseUrl(url) {
+    return resolveLinxRuntimeApiBaseUrl(url, LINX_CLOUD_RUNTIME_API_BASE_URL);
+}
+export function resolveLinxCloudApiBaseUrl(url) {
+    return resolveLinxCloudAccountBaseUrl(url);
+}
+export function isLinxCloudIdentityBaseUrl(url) {
+    const normalized = resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL);
+    const hostname = resolveHostname(normalized);
+    return LINX_CLOUD_IDENTITY_HOSTS.includes(hostname);
+}
+export function resolveLinxRuntimeOriginForIssuerUrl(url) {
+    const normalized = trimTrailingSlash(resolveLinxBaseUrl(url, LINX_CLOUD_ACCOUNT_API_BASE_URL));
+    if (isLinxCloudIdentityBaseUrl(normalized)) {
+        return LINX_CLOUD_API_ORIGIN;
+    }
+    return normalized;
+}
+export function resolveLinxRuntimeApiBaseUrlForIssuerUrl(url) {
+    const runtimeOrigin = resolveLinxRuntimeOriginForIssuerUrl(url);
+    return resolveLinxRuntimeApiBaseUrl(runtimeOrigin, LINX_CLOUD_RUNTIME_API_BASE_URL);
+}
+export function resolveLinxPodUrl(webId) {
+    try {
+        const target = new URL(webId);
+        const pathParts = target.pathname.split('/').filter(Boolean);
+        return `${target.origin}/${pathParts[0] ?? ''}/`.replace(/\/+$/, '/');
+    }
+    catch {
+        return '';
+    }
+}
+export function resolveLinxPodBaseUrl(webId) {
+    return trimTrailingSlash(resolveLinxPodUrl(webId));
+}
+export function parseLinxClientConfig(raw) {
+    if (!isRecord(raw) || typeof raw.url !== 'string' || typeof raw.webId !== 'string') {
+        return null;
+    }
+    return {
+        url: raw.url,
+        webId: raw.webId,
+        authType: normalizeAuthType(raw.authType),
+    };
+}
+export function isLinxClientCredentialsSecrets(secrets) {
+    return 'clientId' in secrets && 'clientSecret' in secrets;
+}
+export function isLinxOidcOAuthSecrets(secrets) {
+    return 'oidcRefreshToken' in secrets && 'oidcAccessToken' in secrets && 'oidcExpiresAt' in secrets;
+}
+export function parseLinxClientSecrets(raw) {
+    if (!isRecord(raw)) {
+        return null;
+    }
+    if (typeof raw.clientId === 'string' && typeof raw.clientSecret === 'string') {
+        return {
+            clientId: raw.clientId,
+            clientSecret: raw.clientSecret,
+        };
+    }
+    if (typeof raw.oidcRefreshToken === 'string'
+        && typeof raw.oidcAccessToken === 'string'
+        && typeof raw.oidcExpiresAt === 'string') {
+        return {
+            oidcRefreshToken: raw.oidcRefreshToken,
+            oidcAccessToken: raw.oidcAccessToken,
+            oidcExpiresAt: raw.oidcExpiresAt,
+        };
+    }
+    return null;
+}
+export function parseLinxAccountData(raw) {
+    if (!isRecord(raw)) {
+        return null;
+    }
+    const controls = isRecord(raw.controls) ? raw.controls : {};
+    const accountControls = isRecord(controls.account) ? controls.account : controls;
+    return {
+        controls: {
+            pod: optionalString(accountControls.pod),
+            clientCredentials: optionalString(accountControls.clientCredentials),
+        },
+        pods: parseStringRecord(raw.pods),
+        webIds: parseStringRecord(raw.webIds),
+        clientCredentials: parseStringRecord(raw.clientCredentials),
+    };
+}
+export function parseLinxClientCredential(raw) {
+    if (!isRecord(raw) || typeof raw.id !== 'string') {
+        return null;
+    }
+    return {
+        id: raw.id,
+        label: optionalString(raw.label),
+        secret: optionalString(raw.secret),
+        webId: optionalString(raw.webId),
+    };
+}
+export function parseAccountSession(raw) {
+    if (!isRecord(raw)
+        || typeof raw.url !== 'string'
+        || typeof raw.email !== 'string'
+        || typeof raw.token !== 'string'
+        || typeof raw.createdAt !== 'string') {
+        return null;
+    }
+    return {
+        url: raw.url,
+        email: raw.email,
+        token: raw.token,
+        webId: optionalString(raw.webId),
+        podUrl: optionalString(raw.podUrl),
+        createdAt: raw.createdAt,
+    };
+}
+export function selectLinxAccountWebId(account, preferredWebId) {
+    if (typeof preferredWebId === 'string' && preferredWebId.trim()) {
+        return preferredWebId.trim();
+    }
+    if (!account) {
+        return null;
+    }
+    return Object.keys(account.webIds)[0] ?? null;
+}
+export function hasMatchingLinxStoredCredentials(credentials, baseUrl, webId) {
+    return credentials?.url === baseUrl && credentials?.webId === webId;
+}
+export function resolveLinxCredentialBootstrapStatus(input) {
+    if (input.reusedExistingCredentials) {
+        return 'reused';
+    }
+    return input.hadMatchingStoredCredentials ? 'recreated' : 'created';
+}
+export function listLinxWhoAmIFields(session, options = {}) {
+    const fields = [
+        { key: 'email', value: session.email },
+        { key: 'server', value: session.url },
+    ];
+    if (session.webId) {
+        fields.push({ key: 'webId', value: session.webId });
+    }
+    if (options.verbose && session.podUrl) {
+        fields.push({ key: 'pod', value: session.podUrl });
+    }
+    fields.push({ key: 'session-created-at', value: session.createdAt });
+    return fields;
+}
+export async function performLinxPasswordLogin(input, deps) {
+    const baseUrl = resolveLinxBaseUrl(input.baseUrl, input.fallbackBaseUrl);
+    if (!(await deps.checkServer(baseUrl))) {
+        throw new Error(`Cannot reach server at ${baseUrl}`);
+    }
+    const token = await deps.login(input.email, input.password, baseUrl);
+    if (!token) {
+        throw new Error('Login failed.');
+    }
+    const account = await deps.getAccountData(token, baseUrl);
+    if (!account) {
+        throw new Error('Failed to load account data after login.');
+    }
+    const webId = selectLinxAccountWebId(account, input.requestedWebId);
+    if (!webId) {
+        throw new Error('No WebID found. Pass --web-id explicitly.');
+    }
+    const hadMatchingStoredCredentials = hasMatchingLinxStoredCredentials(input.existingCredentials, baseUrl, webId);
+    const existingCredentialsValid = hadMatchingStoredCredentials && input.existingCredentials?.authType === 'client_credentials'
+        ? await deps.validateClientCredentials?.(input.existingCredentials)
+        : false;
+    const reusedExistingCredentials = hadMatchingStoredCredentials
+        && input.existingCredentials?.authType === 'client_credentials'
+        && existingCredentialsValid === true;
+    const credentialStatus = resolveLinxCredentialBootstrapStatus({
+        reusedExistingCredentials,
+        hadMatchingStoredCredentials,
+    });
+    let credentialsToSave;
+    if (!reusedExistingCredentials) {
+        if (!account.controls.clientCredentials) {
+            throw new Error('Cannot find client credentials endpoint.');
+        }
+        const credential = await deps.createClientCredentials(token, account.controls.clientCredentials, webId, input.credentialName ?? undefined);
+        if (!credential?.id || !credential.secret) {
+            throw new Error('Failed to create local client credentials.');
+        }
+        credentialsToSave = {
+            url: baseUrl,
+            webId,
+            authType: 'client_credentials',
+            secrets: {
+                clientId: credential.id,
+                clientSecret: credential.secret,
+            },
+        };
+    }
+    return {
+        baseUrl,
+        webId,
+        account,
+        credentialStatus,
+        ...(credentialsToSave ? { credentialsToSave } : {}),
+        session: {
+            url: baseUrl,
+            email: input.email,
+            token,
+            webId,
+            podUrl: resolveLinxPodUrl(webId),
+            createdAt: (input.now ?? new Date()).toISOString(),
+        },
+    };
+}

package/vendor/client/dist/index.d.ts

@@ -0,0 +1 @@
+export * from './client/index.js';

package/vendor/client/dist/index.js

@@ -0,0 +1 @@
+export * from './client/index.js';

package/vendor/client/dist/watch/index.d.ts

@@ -0,0 +1,226 @@
+export type WatchBackend = 'codex' | 'claude' | 'codebuddy';
+export type WatchMode = 'manual' | 'smart' | 'auto';
+export type WatchSessionStatus = 'running' | 'completed' | 'failed';
+export type WatchOutputStream = 'stdout' | 'stderr' | 'system';
+export type WatchCredentialSource = 'auto' | 'local' | 'cloud';
+export type WatchResolvedCredentialSource = 'local' | 'cloud';
+export type WatchApprovalSource = 'local' | 'remote' | 'hybrid';
+export type WatchRuntime = 'local';
+export type WatchTransport = 'native' | 'acp';
+export type WatchAuthState = 'authenticated' | 'unauthenticated' | 'unknown';
+export interface WatchAuthStatus {
+    state: WatchAuthState;
+    message?: string;
+}
+export interface WatchAuthFailure {
+    message: string;
+}
+export type WatchCloudCredentialProbeStatus = 'available' | 'unavailable' | 'error';
+export interface WatchCloudCredentialProbe {
+    status: WatchCloudCredentialProbeStatus;
+    message?: string;
+}
+export interface WatchCredentialSourceResolution {
+    requestedSource: WatchCredentialSource;
+    resolvedSource?: WatchResolvedCredentialSource;
+    authStatus: WatchAuthStatus;
+    error?: string;
+}
+export interface WatchSessionRecord {
+    id: string;
+    backend: WatchBackend;
+    runtime: WatchRuntime;
+    transport?: WatchTransport;
+    mode: WatchMode;
+    cwd: string;
+    model?: string;
+    prompt?: string;
+    passthroughArgs: string[];
+    credentialSource: WatchCredentialSource;
+    resolvedCredentialSource?: WatchResolvedCredentialSource;
+    approvalSource?: WatchApprovalSource;
+    command: string;
+    args: string[];
+    status: WatchSessionStatus;
+    startedAt: string;
+    endedAt?: string;
+    exitCode?: number | null;
+    signal?: string | null;
+    error?: string;
+    backendSessionId?: string;
+    archiveDir: string;
+    eventsFile: string;
+}
+export type WatchApprovalRequestKind = 'command-approval' | 'file-change-approval' | 'permissions-approval' | 'codex-approval';
+export type WatchInteractionRequestKind = WatchApprovalRequestKind | 'user-input';
+export type WatchApprovalDecision = 'accept' | 'accept_for_session' | 'decline' | 'cancel';
+interface WatchInteractionRequestBase {
+    kind: WatchInteractionRequestKind;
+    message: string;
+    raw?: unknown;
+}
+export interface WatchCommandApprovalRequest extends WatchInteractionRequestBase {
+    kind: 'command-approval';
+    command?: string;
+    cwd?: string;
+}
+export interface WatchFileChangeApprovalRequest extends WatchInteractionRequestBase {
+    kind: 'file-change-approval';
+    reason?: string;
+}
+export interface WatchPermissionsApprovalRequest extends WatchInteractionRequestBase {
+    kind: 'permissions-approval';
+    permissions: Record<string, unknown>;
+}
+export interface WatchCodexApprovalRequest extends WatchInteractionRequestBase {
+    kind: 'codex-approval';
+}
+export interface WatchUserInputOption {
+    label: string;
+    description?: string;
+}
+export interface WatchUserInputQuestion {
+    id: string;
+    header: string;
+    question: string;
+    options: WatchUserInputOption[];
+}
+export interface WatchUserInputRequest extends WatchInteractionRequestBase {
+    kind: 'user-input';
+    questions: WatchUserInputQuestion[];
+}
+export type WatchApprovalRequest = WatchCommandApprovalRequest | WatchFileChangeApprovalRequest | WatchPermissionsApprovalRequest | WatchCodexApprovalRequest;
+export type WatchInteractionRequest = WatchApprovalRequest | WatchUserInputRequest;
+export interface WatchUserInputAnswerRecord {
+    answers: string[];
+}
+export type WatchUserInputAnswers = Record<string, WatchUserInputAnswerRecord>;
+export interface WatchToolCallEvent {
+    type: 'tool.call';
+    name: string;
+    arguments?: Record<string, unknown>;
+    raw?: unknown;
+}
+export interface WatchApprovalRequiredEvent {
+    type: 'approval.required';
+    message: string;
+    request?: WatchApprovalRequest;
+    raw?: unknown;
+}
+export interface WatchInputRequiredEvent {
+    type: 'input.required';
+    message: string;
+    request: WatchUserInputRequest;
+    raw?: unknown;
+}
+export interface WatchAssistantDeltaEvent {
+    type: 'assistant.delta';
+    text: string;
+    raw?: unknown;
+}
+export interface WatchAssistantDoneEvent {
+    type: 'assistant.done';
+    text?: string;
+    raw?: unknown;
+}
+export interface WatchNoteEvent {
+    type: 'session.note';
+    message: string;
+    raw?: unknown;
+}
+export type WatchNormalizedEvent = WatchToolCallEvent | WatchApprovalRequiredEvent | WatchInputRequiredEvent | WatchAssistantDeltaEvent | WatchAssistantDoneEvent | WatchNoteEvent;
+export interface WatchEventLogEntry {
+    timestamp: string;
+    stream: WatchOutputStream;
+    line: string;
+    events: WatchNormalizedEvent[];
+}
+export interface WatchThreadMetadata extends Record<string, unknown> {
+    kind: 'watch';
+    delegatedTo: 'secretary';
+    sessionId: string;
+    backend: WatchBackend;
+    runtime: WatchRuntime;
+    transport?: WatchTransport;
+    mode: WatchMode;
+    cwd: string;
+    model?: string;
+    credentialSource: WatchCredentialSource;
+    resolvedCredentialSource?: WatchResolvedCredentialSource;
+    approvalSource?: WatchApprovalSource;
+    status: WatchSessionStatus;
+    backendSessionId?: string;
+}
+export type WatchTranscriptMessageRole = 'user' | 'assistant' | 'system';
+export interface WatchTranscriptMessage {
+    role: WatchTranscriptMessageRole;
+    content: string;
+    createdAt: string;
+}
+export interface CreateWatchSessionIdOptions {
+    now?: Date;
+    randomId?: string;
+}
+export interface WatchArchiveRelativePaths {
+    sessionDir: string;
+    sessionFile: string;
+    eventsFile: string;
+}
+export declare const WATCH_HOME_DIRNAME = "watch";
+export declare const WATCH_SESSIONS_DIRNAME = "sessions";
+export declare const WATCH_SESSION_FILE_NAME = "session.json";
+export declare const WATCH_EVENTS_FILE_NAME = "events.jsonl";
+export declare function normalizeWatchUserInputQuestion(value: unknown, fallbackId?: string): WatchUserInputQuestion | null;
+export declare function resolveWatchQuestionAnswer(question: WatchUserInputQuestion, answer: string): string[];
+export declare function createWatchSessionId(options?: CreateWatchSessionIdOptions): string;
+export declare function normalizeWatchCredentialSource(source?: WatchCredentialSource | null): WatchCredentialSource;
+export declare function shouldAttemptCloudCredentialProbe(requestedSource: WatchCredentialSource, localAuthStatus: WatchAuthStatus): boolean;
+export declare function formatWatchAutoFallbackMessage(localMessage: string, detail: string): string;
+export declare function resolveWatchCredentialSourceResolution(input: {
+    requestedSource?: WatchCredentialSource | null;
+    localAuthStatus: WatchAuthStatus;
+    cloudCredentialProbe?: WatchCloudCredentialProbe;
+    defaultLocalMessage?: string;
+}): WatchCredentialSourceResolution;
+export declare function resolveWatchAutoApprovalDecision(input: {
+    mode: WatchMode;
+    request: WatchApprovalRequest;
+}): WatchApprovalDecision | null;
+export declare function getWatchAuthLoginCommand(backend: WatchBackend): string | null;
+export declare function formatWatchBackendAuthMessage(backend: WatchBackend, detail?: string): string;
+export declare function looksLikeWatchAuthFailureText(text: string): boolean;
+export declare function parseWatchClaudeAuthStatus(stdout: string): WatchAuthStatus;
+export declare function detectWatchAuthFailure(backend: WatchBackend, line: string): WatchAuthFailure | null;
+export declare function parseWatchJsonLine(line: string): Record<string, unknown> | null;
+export declare function extractWatchSessionIdFromJsonLine(line: string): string | undefined;
+export declare function isTrustedWatchCommand(command: string | null | undefined): boolean;
+export declare function normalizeCodexAppServerInteractionRequest(message: Record<string, unknown>): WatchInteractionRequest | null;
+export declare function resolveWatchInteractionAutoResponse(input: {
+    mode: WatchMode;
+    request: WatchInteractionRequest;
+}): unknown | null;
+export declare function buildCodexApprovalResponse(request: WatchApprovalRequest, decision: WatchApprovalDecision): unknown;
+export declare function buildCodexUserInputResponse(answers: WatchUserInputAnswers): {
+    answers: WatchUserInputAnswers;
+};
+export declare function buildWatchUserInputResponse(answers: WatchUserInputAnswers): {
+    answers: WatchUserInputAnswers;
+};
+export declare function normalizeAcpInteractionRequest(message: Record<string, unknown>): WatchInteractionRequest | null;
+export declare function normalizeAcpRequest(message: Record<string, unknown>): WatchNormalizedEvent[];
+export declare function normalizeAcpSessionNotification(message: Record<string, unknown>): WatchNormalizedEvent[];
+export declare function buildAcpPermissionResponse(request: WatchApprovalRequest, decision: WatchApprovalDecision): {
+    outcome: {
+        outcome: 'selected';
+        optionId: string;
+    } | {
+        outcome: 'cancelled';
+    };
+};
+export declare function parseWatchJsonProtocolLine(line: string): WatchNormalizedEvent[];
+export declare function normalizeCodexAppServerNotification(message: Record<string, unknown>): WatchNormalizedEvent[];
+export declare function normalizeCodexAppServerRequest(message: Record<string, unknown>): WatchNormalizedEvent[];
+export declare function getWatchArchiveRelativePaths(sessionId: string): WatchArchiveRelativePaths;
+export declare function buildWatchThreadMetadata(record: WatchSessionRecord): WatchThreadMetadata;
+export declare function buildWatchTranscriptMessages(entries: WatchEventLogEntry[]): WatchTranscriptMessage[];
+export {};