npm - @willjackson/claude-code-bridge - Versions diffs - 0.6.2 → 0.7.0 - Mend

@willjackson/claude-code-bridge 0.6.2 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/{chunk-XOAR3DQB.js → chunk-2O352EPO.js} +745 -154
package/dist/chunk-2O352EPO.js.map +1 -0
package/dist/cli.js +96 -8
package/dist/cli.js.map +1 -1
package/dist/index.d.ts +421 -112
package/dist/index.js +26 -2
package/dist/index.js.map +1 -1
package/package.json +1 -1
package/dist/chunk-XOAR3DQB.js.map +0 -1

package/dist/cli.js CHANGED Viewed

@@ -4,9 +4,13 @@ import {
   BridgeMcpServer,
   ConnectionState,
   WebSocketTransport,
+  createAuthConfigFromOptions,
   createLogger,
-  loadConfigSync
-} from "./chunk-XOAR3DQB.js";
+  isTLSEnabled,
+  loadConfigSync,
+  validateAuthConfig,
+  validateTLSConfig
+} from "./chunk-2O352EPO.js";
 // src/cli/index.ts
 import { Command as Command7 } from "commander";
@@ -443,9 +447,26 @@ function registerHandlers(bridge, config) {
   logger.info("Handlers registered for context requests, tasks, and context sync");
   console.log("  Handlers: enabled (file reading & task processing)");
 }
+function buildTLSConfig(options) {
+  if (!options.cert && !options.key && !options.ca) {
+    return void 0;
+  }
+  return {
+    cert: options.cert,
+    key: options.key,
+    ca: options.ca
+  };
+}
 function buildBridgeConfig(options, globalOptions) {
   const fileConfig = loadConfigSync(globalOptions.config);
   const cliConfig = {};
+  const cliTlsConfig = buildTLSConfig(options);
+  const cliAuthConfig = createAuthConfigFromOptions({
+    authToken: options.authToken,
+    authPassword: options.authPassword,
+    authIp: options.authIp,
+    authRequireAll: options.authRequireAll
+  });
   if (options.port) {
     cliConfig.listen = {
       ...cliConfig.listen,
@@ -466,12 +487,18 @@ function buildBridgeConfig(options, globalOptions) {
   }
   const hasConnect = cliConfig.connect || fileConfig.connect;
   const mode = hasConnect ? "client" : "host";
+  const listenTls = cliTlsConfig ?? fileConfig.listen?.tls;
+  const connectTls = cliTlsConfig ?? fileConfig.connect?.tls;
+  const listenAuth = cliAuthConfig.type !== "none" ? cliAuthConfig : fileConfig.listen?.auth;
+  const connectAuth = cliAuthConfig.type !== "none" ? cliAuthConfig : fileConfig.connect?.auth;
   const finalConfig = {
     mode: cliConfig.mode ?? fileConfig.mode ?? mode,
     instanceName: cliConfig.instanceName ?? fileConfig.instanceName ?? `bridge-${process.pid}`,
     listen: {
       port: cliConfig.listen?.port ?? fileConfig.listen.port,
-      host: cliConfig.listen?.host ?? fileConfig.listen.host
+      host: cliConfig.listen?.host ?? fileConfig.listen.host,
+      tls: listenTls,
+      auth: listenAuth
     },
     taskTimeout: fileConfig.interaction.taskTimeout,
     contextSharing: {
@@ -482,7 +509,9 @@ function buildBridgeConfig(options, globalOptions) {
   const connectUrl = cliConfig.connect?.url ?? fileConfig.connect?.url;
   if (connectUrl) {
     finalConfig.connect = {
-      url: connectUrl
+      url: connectUrl,
+      tls: connectTls,
+      auth: connectAuth
     };
   }
   return finalConfig;
@@ -509,11 +538,48 @@ async function startBridge(options, globalOptions) {
     }
   }
   const config = buildBridgeConfig(options, globalOptions);
+  if (config.listen?.tls && isTLSEnabled(config.listen.tls)) {
+    const tlsValidation = validateTLSConfig(config.listen.tls);
+    if (!tlsValidation.valid) {
+      console.error("TLS configuration errors:");
+      for (const error of tlsValidation.errors) {
+        console.error(`  - ${error}`);
+      }
+      process.exit(1);
+    }
+    for (const warning of tlsValidation.warnings) {
+      console.warn(`  Warning: ${warning}`);
+    }
+  }
+  if (config.listen?.auth && config.listen.auth.type !== "none") {
+    const authValidation = validateAuthConfig(config.listen.auth);
+    if (!authValidation.valid) {
+      console.error("Authentication configuration errors:");
+      for (const error of authValidation.errors) {
+        console.error(`  - ${error}`);
+      }
+      process.exit(1);
+    }
+    for (const warning of authValidation.warnings) {
+      console.warn(`  Warning: ${warning}`);
+    }
+  }
   console.log("Starting Claude Code Bridge...");
   console.log(`  Instance: ${config.instanceName}`);
   console.log(`  Mode: ${config.mode}`);
   if (config.listen) {
-    console.log(`  Listening: ${config.listen.host}:${config.listen.port}`);
+    const protocol = isTLSEnabled(config.listen.tls) ? "wss" : "ws";
+    console.log(`  Listening: ${protocol}://${config.listen.host}:${config.listen.port}`);
+    if (isTLSEnabled(config.listen.tls)) {
+      console.log("  TLS: enabled");
+    }
+    if (config.listen.auth && config.listen.auth.type !== "none") {
+      const authMethods = [];
+      if (config.listen.auth.token) authMethods.push("token");
+      if (config.listen.auth.password) authMethods.push("password");
+      if (config.listen.auth.allowedIps?.length) authMethods.push("ip");
+      console.log(`  Auth: ${authMethods.join(", ")}${config.listen.auth.requireAll ? " (require all)" : ""}`);
+    }
   }
   if (config.connect) {
     console.log(`  Connecting to: ${config.connect.url}`);
@@ -597,9 +663,12 @@ To connect from another bridge:`);
     process.exit(1);
   }
 }
+function collect(value, previous) {
+  return previous.concat([value]);
+}
 function createStartCommand() {
   const command = new Command("start");
-  command.description("Start the bridge server").option("-p, --port <port>", "Port to listen on (default: 8765)").option("-h, --host <host>", "Host to bind to (default: 0.0.0.0)").option("-c, --connect <url>", "URL to connect to on startup (e.g., ws://localhost:8765)").option("-d, --daemon", "Run in background").option("--with-handlers", "Enable file reading and task handling capabilities").option("--launch-claude", "Start bridge daemon and launch Claude Code").argument("[claude-args...]", "Arguments to pass to Claude Code (use after --)").action(async (claudeArgs, options) => {
+  command.description("Start the bridge server").option("-p, --port <port>", "Port to listen on (default: 8765)").option("-h, --host <host>", "Host to bind to (default: 0.0.0.0)").option("-c, --connect <url>", "URL to connect to on startup (e.g., ws://localhost:8765 or wss://...)").option("-d, --daemon", "Run in background").option("--with-handlers", "Enable file reading and task handling capabilities").option("--launch-claude", "Start bridge daemon and launch Claude Code").option("--cert <path>", "Path to TLS certificate file").option("--key <path>", "Path to TLS private key file").option("--ca <path>", "Path to CA certificate file").option("--auth-token <token>", "Require token authentication").option("--auth-password <password>", "Require password authentication").option("--auth-ip <cidr>", "Allow connections from IP/CIDR (repeatable)", collect, []).option("--auth-require-all", "Require ALL auth methods to pass (default: any)").argument("[claude-args...]", "Arguments to pass to Claude Code (use after --)").action(async (claudeArgs, options) => {
     options.claudeArgs = claudeArgs;
     if (options.launchClaude) {
       options.daemon = true;
@@ -1153,12 +1222,31 @@ async function startMcpServer(options, _globalOptions) {
       console.error(`[MCP] Warning: Could not ensure daemon is running: ${error.message}`);
     }
   }
+  let tlsConfig;
+  if (options.ca || options.noVerifyTls) {
+    tlsConfig = {
+      ca: options.ca,
+      rejectUnauthorized: options.noVerifyTls ? false : true
+    };
+  }
+  let authConfig;
+  if (options.authToken || options.authPassword) {
+    const hasToken = !!options.authToken;
+    const hasPassword = !!options.authPassword;
+    authConfig = {
+      type: hasToken && hasPassword ? "combined" : hasToken ? "token" : "password",
+      token: options.authToken,
+      password: options.authPassword
+    };
+  }
   const config = {
     bridgeUrl,
     name: options.name ?? "claude-bridge",
     version: "0.4.0",
     instanceName: `mcp-server-${process.pid}`,
-    taskTimeout: 6e4
+    taskTimeout: 6e4,
+    tls: tlsConfig,
+    auth: authConfig
   };
   const server = new BridgeMcpServer(config);
   setupGracefulShutdown({
@@ -1185,7 +1273,7 @@ async function startMcpServer(options, _globalOptions) {
 }
 function createMcpServerCommand() {
   const command = new Command6("mcp-server");
-  command.description("Start the MCP server for Claude Code integration").option("-c, --connect <url>", `Bridge WebSocket URL (default: ws://localhost:${DEFAULT_DAEMON_PORT})`).option("--name <name>", "MCP server name (default: claude-bridge)").action(async (options) => {
+  command.description("Start the MCP server for Claude Code integration").option("-c, --connect <url>", `Bridge WebSocket URL (default: ws://localhost:${DEFAULT_DAEMON_PORT})`).option("--name <name>", "MCP server name (default: claude-bridge)").option("--ca <path>", "CA certificate for verifying self-signed certs").option("--no-verify-tls", "Skip TLS certificate verification (insecure)").option("--auth-token <token>", "Token for authentication").option("--auth-password <password>", "Password for authentication").action(async (options) => {
     const globalOptions = command.parent?.opts();
     await startMcpServer(options, globalOptions);
   });