@wolpertingerlabs/drawlatch 1.0.0-alpha.5.2 → 1.0.0-alpha.7.0

package/dist/mcp/server.js

@@ -13,6 +13,8 @@ import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { z } from 'zod';
 import crypto from 'node:crypto';
+import fs from 'node:fs/promises';
+import path from 'node:path';
 import { loadProxyConfig } from '../shared/config.js';
 import { loadKeyBundle, loadPublicKeys, EncryptedChannel } from '../shared/crypto/index.js';
 import { HandshakeInitiator, } from '../shared/protocol/index.js';
@@ -129,14 +131,58 @@ server.tool('secure_request', "Make an authenticated HTTP request through the en
         .optional()
         .describe('Request headers, may contain ${VAR} placeholders'),
     body: z.any().optional().describe('Request body (object for JSON, string for raw)'),
-}, async ({ method, url, headers, body }) => {
+    files: z
+        .array(z.object({
+        field: z
+            .string()
+            .describe('Form field name (e.g., "files[0]", "file", "attachment")'),
+        path: z.string().describe('Absolute path to the file on the local filesystem'),
+        filename: z.string().describe('Filename to use in the upload'),
+        contentType: z
+            .string()
+            .describe('MIME type (e.g., "image/png", "application/pdf")'),
+    }))
+        .optional()
+        .describe('File attachments for multipart/form-data uploads. When present, the request is sent as multipart with the JSON body as "payload_json". Use bodyFieldName to change the JSON part name.'),
+    bodyFieldName: z
+        .string()
+        .optional()
+        .describe('Form field name for the JSON body part in multipart requests (default: "payload_json"). Only used when files are present.'),
+}, async ({ method, url, headers, body, files, bodyFieldName }) => {
     try {
-        const result = await sendEncryptedRequest('http_request', {
+        const toolInput = {
             method,
             url,
             headers: headers ?? {},
             body,
-        });
+        };
+        // Read and base64-encode files from the local filesystem before sending
+        // through the encrypted channel (remote server can't access local files)
+        if (files?.length) {
+            const MAX_FILE_SIZE = 25 * 1024 * 1024; // 25 MB per file
+            const encodedFiles = await Promise.all(files.map(async ({ field, path: filePath, filename, contentType }) => {
+                if (!path.isAbsolute(filePath)) {
+                    throw new Error(`File path must be absolute: ${filePath}`);
+                }
+                let stat;
+                try {
+                    stat = await fs.stat(filePath);
+                }
+                catch {
+                    throw new Error(`File not found: ${filePath}`);
+                }
+                if (stat.size > MAX_FILE_SIZE) {
+                    throw new Error(`File too large (${(stat.size / 1024 / 1024).toFixed(1)} MB): ${filePath} — max ${MAX_FILE_SIZE / 1024 / 1024} MB`);
+                }
+                const buffer = await fs.readFile(filePath);
+                return { field, data: buffer.toString('base64'), filename, contentType };
+            }));
+            toolInput.files = encodedFiles;
+            if (bodyFieldName) {
+                toolInput.bodyFieldName = bodyFieldName;
+            }
+        }
+        const result = await sendEncryptedRequest('http_request', toolInput);
         return {
             content: [
                 {

package/dist/remote/ingestors/base-ingestor.d.ts

@@ -27,6 +27,9 @@ export declare abstract class BaseIngestor extends EventEmitter {
     protected counter: number;
     protected lastEventAt: string | null;
     protected errorMessage?: string;
+    /** Per-instance epoch for event ID generation.
+     *  Each instance claims a unique epoch so IDs never collide across restarts. */
+    private readonly bootEpoch;
     /** Recently seen idempotency keys for deduplication. */
     private readonly seenKeys;
     constructor(

package/dist/remote/ingestors/base-ingestor.js

@@ -18,15 +18,19 @@ const log = createLogger('ingestor');
  *  When exceeded, the oldest half is pruned. */
 const MAX_SEEN_KEYS = 2000;
 /**
- * Epoch-based event IDs that are monotonically increasing across server reboots.
+ * Epoch-based event IDs that are monotonically increasing across restarts.
  * Format: `bootEpochSeconds * 1_000_000 + counter`.
  *
  * Uses seconds (not milliseconds) so the product stays within Number.MAX_SAFE_INTEGER.
  * This prevents clients with a stale `after_id` cursor from missing events
  * after a reboot — new IDs will always be higher than pre-reboot IDs
- * (assuming <1M events per boot and >1s between boots).
+ * (assuming <1M events per instance and >1s between restarts).
+ *
+ * Uses a monotonically increasing module-level epoch so that in-process restarts
+ * (e.g., LocalProxy.reinitialize()) also produce strictly increasing IDs.
+ * Each new BaseIngestor instance claims the next available epoch.
  */
-const BOOT_EPOCH = Math.floor(Date.now() / 1000);
+let nextEpoch = Math.floor(Date.now() / 1000);
 const ID_MULTIPLIER = 1_000_000;
 export class BaseIngestor extends EventEmitter {
     connectionAlias;
@@ -38,6 +42,9 @@ export class BaseIngestor extends EventEmitter {
     counter = 0;
     lastEventAt = null;
     errorMessage;
+    /** Per-instance epoch for event ID generation.
+     *  Each instance claims a unique epoch so IDs never collide across restarts. */
+    bootEpoch;
     /** Recently seen idempotency keys for deduplication. */
     seenKeys = new Set();
     constructor(
@@ -59,6 +66,9 @@ export class BaseIngestor extends EventEmitter {
         this.secrets = secrets;
         this.instanceId = instanceId;
         this.buffer = new RingBuffer(bufferSize);
+        // Claim a unique epoch for this instance — ensures event IDs are strictly
+        // increasing even when ingestors are restarted in-process.
+        this.bootEpoch = nextEpoch++;
     }
     /**
      * Push a new event into the ring buffer.
@@ -77,7 +87,7 @@ export class BaseIngestor extends EventEmitter {
             return;
         }
         const now = new Date();
-        const id = BOOT_EPOCH * ID_MULTIPLIER + this.counter++;
+        const id = this.bootEpoch * ID_MULTIPLIER + this.counter++;
         const key = idempotencyKey ?? `${this.connectionAlias}:${crypto.randomUUID()}`;
         const event = {
             id,

package/dist/remote/ingestors/discord/discord-gateway.js

@@ -60,8 +60,31 @@ export class DiscordGatewayIngestor extends BaseIngestor {
         this.state = 'stopped';
         this.clearAllTimers();
         if (this.ws) {
-            this.ws.close(1000, 'Shutting down');
+            const ws = this.ws;
             this.ws = null;
+            // Wait for the WebSocket to fully close before resolving.
+            // This prevents a race where the old connection is still alive when a new
+            // ingestor starts. For Discord, this avoids the old gateway session
+            // lingering while a new IDENTIFY is sent (which Discord may reject
+            // if it sees two sessions for the same bot token).
+            return new Promise((resolve) => {
+                const onClose = () => {
+                    ws.removeEventListener('close', onClose);
+                    resolve();
+                };
+                if (ws.readyState === WebSocket.CLOSED) {
+                    resolve();
+                }
+                else {
+                    ws.addEventListener('close', onClose);
+                    ws.close(1000, 'Shutting down');
+                    // Safety timeout — don't block forever if close event never fires
+                    setTimeout(() => {
+                        ws.removeEventListener('close', onClose);
+                        resolve();
+                    }, 5000);
+                }
+            });
         }
         return Promise.resolve();
     }

package/dist/remote/ingestors/slack/socket-mode.js

@@ -47,8 +47,30 @@ export class SlackSocketModeIngestor extends BaseIngestor {
         this.state = 'stopped';
         this.clearReconnectTimer();
         if (this.ws) {
-            this.ws.close(1000, 'Shutting down');
+            const ws = this.ws;
             this.ws = null;
+            // Wait for the WebSocket to fully close before resolving.
+            // This prevents a race where the old connection is still alive when a new
+            // ingestor starts, causing Slack to distribute events to the dying
+            // connection (where nobody processes them).
+            return new Promise((resolve) => {
+                const onClose = () => {
+                    ws.removeEventListener('close', onClose);
+                    resolve();
+                };
+                if (ws.readyState === WebSocket.CLOSED) {
+                    resolve();
+                }
+                else {
+                    ws.addEventListener('close', onClose);
+                    ws.close(1000, 'Shutting down');
+                    // Safety timeout — don't block forever if close event never fires
+                    setTimeout(() => {
+                        ws.removeEventListener('close', onClose);
+                        resolve();
+                    }, 5000);
+                }
+            });
         }
         return Promise.resolve();
     }

package/dist/remote/server.d.ts

@@ -57,11 +57,26 @@ export declare function cleanupSessions(sessionsMap: Map<string, Pick<Session, '
     expiredSessions: string[];
     expiredHandshakes: string[];
 };
+/** A file attachment transmitted as base64 data through the encrypted channel. */
+export interface FileAttachment {
+    /** Form field name (e.g., "files[0]", "file", "attachment") */
+    field: string;
+    /** Base64-encoded file content */
+    data: string;
+    /** Filename for the upload */
+    filename: string;
+    /** MIME type (e.g., "image/png", "application/pdf") */
+    contentType: string;
+}
 export interface ProxyRequestInput {
     method: string;
     url: string;
     headers?: Record<string, string>;
     body?: unknown;
+    /** File attachments — triggers multipart/form-data encoding */
+    files?: FileAttachment[];
+    /** Form field name for the JSON body part (default: "payload_json") */
+    bodyFieldName?: string;
 }
 export interface ProxyRequestResult {
     status: number;

package/dist/remote/server.js

@@ -145,7 +145,7 @@ setInterval(() => {
  * The only side effect is the outbound fetch().
  */
 export async function executeProxyRequest(input, routes) {
-    const { method, url, headers = {}, body } = input;
+    const { method, url, headers = {}, body, files, bodyFieldName } = input;
     // Step 1: Find matching route — try raw URL first
     let matched = matchRoute(url, routes);
     let resolvedUrl = url;
@@ -190,17 +190,45 @@ export async function executeProxyRequest(input, routes) {
     // Only when the route explicitly opts in via resolveSecretsInBody — prevents
     // exfiltration of secrets by writing placeholder strings into API resources
     // and reading them back.
-    let resolvedBody;
-    if (typeof body === 'string') {
-        resolvedBody = matched.resolveSecretsInBody ? resolvePlaceholders(body, matched.secrets) : body;
+    let fetchBody;
+    if (files?.length) {
+        // ── Multipart mode: build FormData with file attachments ──
+        const form = new FormData();
+        // Add the JSON body as a named part (default: "payload_json" for Discord-style APIs)
+        if (body !== null && body !== undefined) {
+            const serialized = typeof body === 'string' ? body : JSON.stringify(body);
+            const resolvedPayload = matched.resolveSecretsInBody
+                ? resolvePlaceholders(serialized, matched.secrets)
+                : serialized;
+            form.append(bodyFieldName ?? 'payload_json', resolvedPayload);
+        }
+        // Attach each file from base64 data
+        for (const file of files) {
+            const buffer = Buffer.from(file.data, 'base64');
+            const blob = new Blob([buffer], { type: file.contentType });
+            form.append(file.field, blob, file.filename);
+        }
+        fetchBody = form;
+        // Let fetch auto-set Content-Type with the correct multipart boundary —
+        // remove any Content-Type that may have been set by route headers
+        delete resolvedHeaders['Content-Type'];
+        delete resolvedHeaders['content-type'];
     }
-    else if (body !== null && body !== undefined) {
-        const serialized = JSON.stringify(body);
-        resolvedBody = matched.resolveSecretsInBody
-            ? resolvePlaceholders(serialized, matched.secrets)
-            : serialized;
-        if (!resolvedHeaders['content-type'] && !resolvedHeaders['Content-Type']) {
-            resolvedHeaders['Content-Type'] = 'application/json';
+    else {
+        // ── Standard JSON/string body ──
+        if (typeof body === 'string') {
+            fetchBody = matched.resolveSecretsInBody
+                ? resolvePlaceholders(body, matched.secrets)
+                : body;
+        }
+        else if (body !== null && body !== undefined) {
+            const serialized = JSON.stringify(body);
+            fetchBody = matched.resolveSecretsInBody
+                ? resolvePlaceholders(serialized, matched.secrets)
+                : serialized;
+            if (!resolvedHeaders['content-type'] && !resolvedHeaders['Content-Type']) {
+                resolvedHeaders['Content-Type'] = 'application/json';
+            }
         }
     }
     // Step 6: Final endpoint check on fully resolved URL
@@ -211,7 +239,7 @@ export async function executeProxyRequest(input, routes) {
     const resp = await fetch(resolvedUrl, {
         method,
         headers: resolvedHeaders,
-        body: resolvedBody,
+        body: fetchBody,
     });
     const contentType = resp.headers.get('content-type') ?? '';
     let responseBody;
@@ -833,8 +861,8 @@ export function createApp(options = {}) {
     const app = express();
     // Parse JSON for handshake endpoints
     app.use('/handshake', express.json());
-    // Raw buffer for encrypted request endpoint
-    app.use('/request', express.raw({ type: 'application/octet-stream', limit: '10mb' }));
+    // Raw buffer for encrypted request endpoint (50 MB to accommodate base64-encoded file uploads)
+    app.use('/request', express.raw({ type: 'application/octet-stream', limit: '50mb' }));
     // Raw buffer for webhook endpoints (needed for signature verification)
     app.use('/webhooks', express.raw({ type: 'application/json', limit: '1mb' }));
     const config = options.config ?? loadRemoteConfig();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wolpertingerlabs/drawlatch",
-  "version": "1.0.0-alpha.5.2",
+  "version": "1.0.0-alpha.7.0",
   "description": "Encrypted MCP proxy with mutual authentication. Local MCP server forwards requests through an encrypted channel to a remote secrets-holding server.",
   "type": "module",
   "main": "./dist/mcp/server.js",
@@ -55,8 +55,8 @@
   "scripts": {
     "build": "tsc && rm -rf dist/connections && cp -r src/connections dist/connections",
     "prepare": "npm run build",
-    "dev:remote": "tsx src/remote/server.ts",
-    "dev:mcp": "tsx src/mcp/server.ts",
+    "dev:remote": "MCP_CONFIG_DIR=~/.drawlatch-dev tsx src/remote/server.ts",
+    "dev:mcp": "MCP_CONFIG_DIR=~/.drawlatch-dev tsx src/mcp/server.ts",
     "generate-keys": "tsx src/cli/generate-keys.ts",
     "start:remote": "NODE_ENV=production node dist/remote/server.js",
     "start:mcp": "node dist/mcp/server.js",