@vendian/cli 0.0.1 → 0.0.3

package/src/process.js

@@ -1,50 +0,0 @@
-import { spawn, spawnSync } from 'node:child_process';
-
-export function commandExists(command) {
-  const result = spawnSync(command, ['--version'], { stdio: 'ignore', shell: false });
-  return result.status === 0;
-}
-
-export function runCapture(command, args, options = {}) {
-  const result = spawnSync(command, args, {
-    encoding: 'utf8',
-    shell: false,
-    ...options
-  });
-  return {
-    ok: result.status === 0,
-    status: result.status ?? 1,
-    stdout: result.stdout || '',
-    stderr: result.stderr || ''
-  };
-}
-
-export function runInherit(command, args, options = {}) {
-  const result = spawnSync(command, args, {
-    stdio: 'inherit',
-    shell: false,
-    ...options
-  });
-  if (result.error) {
-    throw result.error;
-  }
-  return result.status ?? 1;
-}
-
-export function spawnForward(command, args, options = {}) {
-  return new Promise((resolve, reject) => {
-    const child = spawn(command, args, {
-      stdio: 'inherit',
-      shell: false,
-      ...options
-    });
-    child.on('error', reject);
-    child.on('exit', (code, signal) => {
-      if (signal) {
-        reject(new Error(`command terminated by ${signal}`));
-        return;
-      }
-      resolve(code ?? 1);
-    });
-  });
-}

package/src/prompt.js

@@ -1,38 +0,0 @@
-import readline from 'node:readline';
-
-export function prompt(question, { defaultValue, secret = false } = {}) {
-  const suffix = defaultValue ? ` [${defaultValue}]` : '';
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout,
-    terminal: true
-  });
-
-  if (!secret) {
-    return new Promise((resolve) => {
-      rl.question(`${question}${suffix}: `, (answer) => {
-        rl.close();
-        resolve(answer.trim() || defaultValue || '');
-      });
-    });
-  }
-
-  const originalWrite = rl._writeToOutput;
-  rl._writeToOutput = function writeHidden(stringToWrite) {
-    if (rl.stdoutMuted) {
-      rl.output.write(stringToWrite.replace(/[^\r\n]/g, '*'));
-    } else {
-      originalWrite.call(rl, stringToWrite);
-    }
-  };
-
-  return new Promise((resolve) => {
-    rl.stdoutMuted = true;
-    rl.question(`${question}${suffix}: `, (answer) => {
-      rl.stdoutMuted = false;
-      rl.output.write('\n');
-      rl.close();
-      resolve(answer.trim() || defaultValue || '');
-    });
-  });
-}

package/src/python.js

@@ -1,77 +0,0 @@
-import fs from 'node:fs';
-import { commandExists, runCapture, runInherit } from './process.js';
-import { venvPython } from './paths.js';
-
-export function findPython(platform = process.platform) {
-  const candidates = platform === 'win32'
-    ? [
-        { command: 'py', args: ['-3.11'] },
-        { command: 'python', args: [] },
-        { command: 'python3', args: [] }
-      ]
-    : [
-        { command: 'python3.12', args: [] },
-        { command: 'python3.11', args: [] },
-        { command: 'python3', args: [] },
-        { command: 'python', args: [] }
-      ];
-
-  for (const candidate of candidates) {
-    const version = runCapture(candidate.command, [
-      ...candidate.args,
-      '-c',
-      'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}")'
-    ]);
-    if (!version.ok) {
-      continue;
-    }
-    const match = version.stdout.trim().match(/^(\d+)\.(\d+)\./);
-    if (!match) {
-      continue;
-    }
-    const major = Number(match[1]);
-    const minor = Number(match[2]);
-    if (major > 3 || (major === 3 && minor >= 11)) {
-      return candidate;
-    }
-  }
-  return null;
-}
-
-export function ensureVenv(venvPath, pythonCandidate, platform = process.platform) {
-  const pythonPath = venvPython(venvPath, platform);
-  if (fs.existsSync(pythonPath)) {
-    return pythonPath;
-  }
-  fs.mkdirSync(venvPath, { recursive: true });
-  const status = runInherit(pythonCandidate.command, [
-    ...pythonCandidate.args,
-    '-m',
-    'venv',
-    venvPath
-  ]);
-  if (status !== 0) {
-    throw new Error('Could not create the managed Vendian Python environment.');
-  }
-  return pythonPath;
-}
-
-export function hasUv() {
-  return commandExists('uv');
-}
-
-export function pythonVersion(pythonPath) {
-  const result = runCapture(pythonPath, [
-    '-c',
-    'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}")'
-  ]);
-  return result.ok ? result.stdout.trim() : null;
-}
-
-export function verifyVendianImports(pythonPath) {
-  const result = runCapture(pythonPath, [
-    '-c',
-    'import vendian_agents, vendian_agents_runtime; print("ok")'
-  ]);
-  return result.ok;
-}

package/src/secret-store.js

@@ -1,94 +0,0 @@
-import { spawnSync } from 'node:child_process';
-
-const SERVICE = 'Vendian CLI';
-const PACKAGE_TOKEN_ACCOUNT = 'gitlab-package-token';
-
-function run(command, args, options = {}) {
-  return spawnSync(command, args, {
-    encoding: 'utf8',
-    shell: false,
-    ...options
-  });
-}
-
-export function packageTokenSecretName() {
-  return PACKAGE_TOKEN_ACCOUNT;
-}
-
-export function savePackageTokenSecret(token, config = {}, platform = process.platform) {
-  if (!token) {
-    return { ok: false };
-  }
-  if (platform === 'darwin') {
-    const result = run('security', [
-      'add-generic-password',
-      '-a',
-      PACKAGE_TOKEN_ACCOUNT,
-      '-s',
-      SERVICE,
-      '-w',
-      token,
-      '-U'
-    ]);
-    return { ok: result.status === 0, provider: 'macos-keychain' };
-  }
-  if (platform === 'win32') {
-    const encrypted = run(
-      'powershell.exe',
-      [
-        '-NoProfile',
-        '-NonInteractive',
-        '-Command',
-        '$secure = ConvertTo-SecureString -String $env:VENDIAN_SECRET_VALUE -AsPlainText -Force; $secure | ConvertFrom-SecureString'
-      ],
-      { env: { ...process.env, VENDIAN_SECRET_VALUE: token } }
-    );
-    if (encrypted.status !== 0 || !encrypted.stdout.trim()) {
-      return { ok: false, provider: 'windows-dpapi' };
-    }
-    const nextConfig = {
-      ...config,
-      secretStore: {
-        ...(config.secretStore || {}),
-        [PACKAGE_TOKEN_ACCOUNT]: {
-          provider: 'windows-dpapi',
-          value: encrypted.stdout.trim()
-        }
-      }
-    };
-    return { ok: true, provider: 'windows-dpapi', config: nextConfig };
-  }
-  return { ok: false };
-}
-
-export function loadPackageTokenSecret(config = {}, platform = process.platform) {
-  if (platform === 'darwin') {
-    const result = run('security', [
-      'find-generic-password',
-      '-a',
-      PACKAGE_TOKEN_ACCOUNT,
-      '-s',
-      SERVICE,
-      '-w'
-    ]);
-    return result.status === 0 ? result.stdout.trim() : '';
-  }
-  if (platform === 'win32') {
-    const entry = config.secretStore?.[PACKAGE_TOKEN_ACCOUNT];
-    if (!entry || entry.provider !== 'windows-dpapi' || !entry.value) {
-      return '';
-    }
-    const result = run(
-      'powershell.exe',
-      [
-        '-NoProfile',
-        '-NonInteractive',
-        '-Command',
-        '$secure = ConvertTo-SecureString -String $env:VENDIAN_SECRET_BLOB; $bstr = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($secure); try { [Runtime.InteropServices.Marshal]::PtrToStringBSTR($bstr) } finally { [Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr) }'
-      ],
-      { env: { ...process.env, VENDIAN_SECRET_BLOB: entry.value } }
-    );
-    return result.status === 0 ? result.stdout.trim() : '';
-  }
-  return '';
-}

package/src/setup.js

@@ -1,121 +0,0 @@
-import fs from 'node:fs';
-import { loginWithVendianOAuth, saveCloudToken } from './auth.js';
-import { DEFAULT_GITLAB_HOST, DEFAULT_SDK_PUBLIC_PROJECT_ID, DEFAULT_SDK_RUNTIME_PROJECT_ID } from './constants.js';
-import { loadConfig, saveConfig, redact } from './config.js';
-import { installVendianPackages, registryConfig } from './install.js';
-import { managedVenvPath, venvVendian } from './paths.js';
-import { findPython, ensureVenv, pythonVersion, verifyVendianImports } from './python.js';
-import { savePackageTokenSecret } from './secret-store.js';
-
-export async function setup({
-  nonInteractive = false,
-  backend = undefined,
-  apiUrl = undefined,
-  noBrowser = false,
-  env = process.env,
-  platform = process.platform
-} = {}) {
-  const existing = loadConfig(env, platform);
-  const registry = registryConfig(existing, env, platform);
-  const next = {
-    ...existing,
-    gitlabHost: registry.gitlabHost || DEFAULT_GITLAB_HOST,
-    gitlabUsername: registry.username || '__token__',
-    sdkPublicProjectId: registry.sdkProjectId || DEFAULT_SDK_PUBLIC_PROJECT_ID,
-    sdkRuntimeProjectId: registry.runtimeProjectId || DEFAULT_SDK_RUNTIME_PROJECT_ID
-  };
-  let cloudAuthApiUrl;
-
-  console.log('Vendian setup');
-  console.log('This installs the private Vendian Python CLI/runtime into a managed local environment.');
-  console.log('Agent requirements.txt files stay reserved for agent-owned dependencies.');
-  console.log('');
-
-  if (!registry.token && !nonInteractive) {
-    console.log('Opening Vendian sign-in to get package access...');
-    const login = await loginWithVendianOAuth({ backend, apiUrl, noBrowser, env });
-    saveCloudToken(login, { env, platform });
-    cloudAuthApiUrl = login.apiUrl;
-    const packageCredentials = login.packageCredentials;
-    if (!packageCredentials?.token) {
-      throw new Error('Vendian login succeeded, but the backend did not return package credentials. Configure CLI_PACKAGE_REGISTRY_TOKEN on the backend.');
-    }
-    next.gitlabHost = packageCredentials.gitlabHost || next.gitlabHost;
-    next.gitlabUsername = packageCredentials.username || next.gitlabUsername;
-    next.sdkPublicProjectId = packageCredentials.sdkProjectId || next.sdkPublicProjectId;
-    next.sdkRuntimeProjectId = packageCredentials.runtimeProjectId || next.sdkRuntimeProjectId;
-    next.vendianAgentsVersion = packageCredentials.vendianAgentsVersion || next.vendianAgentsVersion;
-    next.vendianAgentsRuntimeVersion = packageCredentials.vendianAgentsRuntimeVersion || next.vendianAgentsRuntimeVersion;
-
-    const secret = savePackageTokenSecret(packageCredentials.token, next, platform);
-    if (secret.ok) {
-      Object.assign(next, secret.config || {});
-      delete next.gitlabToken;
-      console.log(`Package token saved with ${secret.provider}.`);
-    } else {
-      next.gitlabToken = packageCredentials.token;
-      console.log('Package token saved in the local Vendian CLI config file.');
-    }
-  } else if (registry.token) {
-    if (registry.tokenSource !== 'secret-store') {
-      next.gitlabToken = registry.token;
-    }
-    console.log(`Using GitLab package token ${redact(registry.token)}.`);
-  }
-
-  const installRegistry = registryConfig(next, env, platform);
-  if (!installRegistry.token) {
-    throw new Error('Setup needs package access. Run interactive `vendian login` to sign in, or set GITLAB_TOKEN for local development.');
-  }
-
-  const python = findPython(platform);
-  if (!python) {
-    throw new Error('Python 3.11+ was not found. Install Python 3.11 or newer, then rerun `vendian login`.');
-  }
-
-  const venvPath = managedVenvPath(env, platform);
-  console.log(`Managed environment: ${venvPath}`);
-  const pythonPath = ensureVenv(venvPath, python, platform);
-  console.log(`Python: ${pythonVersion(pythonPath) || pythonPath}`);
-
-  saveConfig(next, env, platform);
-  installVendianPackages({ pythonPath, venvPath, config: next, env, platform });
-  saveConfig({ ...next, lastManagedUpdateAt: new Date().toISOString() }, env, platform);
-
-  if (!verifyVendianImports(pythonPath)) {
-    throw new Error('Vendian packages installed, but import verification failed.');
-  }
-
-  const vendianPath = venvVendian(venvPath, platform);
-  if (!fs.existsSync(vendianPath)) {
-    throw new Error('Vendian executable was not found after install.');
-  }
-
-  console.log('');
-  for (const line of setupCompletionLines({ cloudAuthApiUrl, backend, apiUrl })) {
-    console.log(line);
-  }
-}
-
-export function setupCompletionLines({ cloudAuthApiUrl, backend, apiUrl } = {}) {
-  const lines = ['Vendian setup complete.'];
-  if (cloudAuthApiUrl) {
-    lines.push(`Cloud authentication saved for ${cloudAuthApiUrl}.`);
-    lines.push('Next: vendian cloud local serve --agents-dir ./agents');
-    return lines;
-  }
-
-  lines.push(`Next: ${cloudAuthLoginCommand({ backend, apiUrl })}`);
-  lines.push('Then: vendian cloud local serve --agents-dir ./agents');
-  return lines;
-}
-
-function cloudAuthLoginCommand({ backend, apiUrl } = {}) {
-  if (apiUrl) {
-    return `vendian cloud auth login --api-url ${apiUrl}`;
-  }
-  if (backend) {
-    return `vendian cloud auth login --backend ${backend}`;
-  }
-  return 'vendian cloud auth login';
-}