npm - amai - Versions diffs - 0.0.17 → 0.0.18 - Mend

amai 0.0.17 → 0.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cli.cjs +531 -94
package/dist/cli.js +529 -92
package/dist/lib/daemon-entry.cjs +477 -70
package/dist/lib/daemon-entry.js +475 -68
package/dist/server.cjs +414 -7
package/dist/server.js +415 -8
package/package.json +1 -1

package/dist/cli.cjs CHANGED Viewed

@@ -5,7 +5,7 @@ var pc5 = require('picocolors');
 var WebSocket = require('ws');
 var zod = require('zod');
 var path10 = require('path');
-var fs9 = require('fs');
+var fs10 = require('fs');
 var os3 = require('os');
 var fs8 = require('fs/promises');
 var hono = require('hono');
@@ -22,7 +22,7 @@ function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
 var pc5__default = /*#__PURE__*/_interopDefault(pc5);
 var WebSocket__default = /*#__PURE__*/_interopDefault(WebSocket);
 var path10__default = /*#__PURE__*/_interopDefault(path10);
-var fs9__default = /*#__PURE__*/_interopDefault(fs9);
+var fs10__default = /*#__PURE__*/_interopDefault(fs10);
 var os3__default = /*#__PURE__*/_interopDefault(os3);
 var fs8__default = /*#__PURE__*/_interopDefault(fs8);
 var readline__default = /*#__PURE__*/_interopDefault(readline);
@@ -52,11 +52,11 @@ function isPathWithinProject(filePath, projectCwd) {
 }
 function safeRealpath(p) {
   try {
-    return fs9__default.default.realpathSync(p);
+    return fs10__default.default.realpathSync(p);
   } catch {
     const parent = path10__default.default.dirname(p);
     try {
-      const realParent = fs9__default.default.realpathSync(parent);
+      const realParent = fs10__default.default.realpathSync(parent);
       return path10__default.default.join(realParent, path10__default.default.basename(p));
     } catch {
       return path10__default.default.resolve(p);
@@ -353,16 +353,16 @@ var Diff = class {
       }
     }
   }
-  addToPath(path16, added, removed, oldPosInc, options) {
-    const last = path16.lastComponent;
+  addToPath(path17, added, removed, oldPosInc, options) {
+    const last = path17.lastComponent;
     if (last && !options.oneChangePerToken && last.added === added && last.removed === removed) {
       return {
-        oldPos: path16.oldPos + oldPosInc,
+        oldPos: path17.oldPos + oldPosInc,
         lastComponent: { count: last.count + 1, added, removed, previousComponent: last.previousComponent }
       };
     } else {
       return {
-        oldPos: path16.oldPos + oldPosInc,
+        oldPos: path17.oldPos + oldPosInc,
         lastComponent: { count: 1, added, removed, previousComponent: last }
       };
     }
@@ -518,7 +518,7 @@ function calculateDiffStats(oldContent, newContent) {
   return { linesAdded, linesRemoved };
 }
-// src/tools/apply-patch.ts
+// src/tools/stringReplace.ts
 zod.z.object({
   file_path: zod.z.string().describe("The path to the file you want to search and replace in. You can use either a relative path in the workspace or an absolute path. If an absolute path is provided, it will be preserved as is"),
   new_string: zod.z.string().describe("The edited text to replace the old_string (must be different from the old_string)"),
@@ -628,8 +628,8 @@ var apply_patch = async function(input, projectCwd) {
     };
   }
 };
-var DEFAULT_SERVER_URL = "wss://bridge.ama.shujan.xyz";
-var CLIENT_ID = "client_01K4Y8A67H544Z6J8A47E5GJ9A";
+var DEFAULT_SERVER_URL = "ws://localhost:3000";
+var CLIENT_ID = "client_01K4Y8A5Q3FYGXD362BJQ6AGYD";
 var AMA_DIR = path10__default.default.join(os3__default.default.homedir(), ".amai");
 var CODE_DIR = path10__default.default.join(AMA_DIR, "code");
 var STORAGE_DIR = path10__default.default.join(AMA_DIR, "storage");
@@ -804,7 +804,7 @@ async function getRipgrepPath() {
     "/usr/bin/rg"
   ];
   for (const rgPath of paths) {
-    if (fs9__default.default.existsSync(rgPath)) {
+    if (fs10__default.default.existsSync(rgPath)) {
       _cachedRgPath = rgPath;
       return rgPath;
     }
@@ -824,7 +824,7 @@ async function getMtimesBatched(files) {
         return { path: filePath, mtime };
       })
     );
-    results.forEach(({ path: path16, mtime }) => mtimeMap.set(path16, mtime));
+    results.forEach(({ path: path17, mtime }) => mtimeMap.set(path17, mtime));
   }
   return mtimeMap;
 }
@@ -853,7 +853,7 @@ var grepTool = async function(input, projectCwd) {
         }
       }
     }
-    if (!fs9__default.default.existsSync(searchDir)) {
+    if (!fs10__default.default.existsSync(searchDir)) {
       return {
         success: false,
         message: `Directory not found: ${searchDir}`,
@@ -1036,7 +1036,7 @@ var globTool = async function(input, projectCwd) {
   try {
     const basePath = projectCwd || process.cwd();
     const searchPath = inputPath ? resolveProjectPath(inputPath, basePath) : basePath;
-    if (!fs9__default.default.existsSync(searchPath)) {
+    if (!fs10__default.default.existsSync(searchPath)) {
       return {
         success: false,
         message: `Directory not found: ${searchPath}`,
@@ -1240,14 +1240,14 @@ var list = async function(input, projectCwd) {
         };
       }
     }
-    if (!fs9__default.default.existsSync(absolutePath)) {
+    if (!fs10__default.default.existsSync(absolutePath)) {
       return {
         success: false,
         message: `Directory not found: ${absolutePath}`,
         error: "DIR_NOT_FOUND"
       };
     }
-    const stats = fs9__default.default.statSync(absolutePath);
+    const stats = fs10__default.default.statSync(absolutePath);
     if (!stats.isDirectory()) {
       return {
         success: false,
@@ -1264,7 +1264,7 @@ var list = async function(input, projectCwd) {
       }
       let entries;
       try {
-        entries = fs9__default.default.readdirSync(currentDir, { withFileTypes: true });
+        entries = fs10__default.default.readdirSync(currentDir, { withFileTypes: true });
       } catch {
         return;
       }
@@ -1379,10 +1379,10 @@ var CREDENTIALS_DIR = path10__default.default.join(os3__default.default.homedir(
 var CREDENTIALS_PATH = path10__default.default.join(CREDENTIALS_DIR, "credentials.json");
 function isAuthenticated() {
   try {
-    if (!fs9__default.default.existsSync(CREDENTIALS_PATH)) {
+    if (!fs10__default.default.existsSync(CREDENTIALS_PATH)) {
       return false;
     }
-    const raw = fs9__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
+    const raw = fs10__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
     const data = JSON.parse(raw);
     return Boolean(data && data.access_token);
   } catch {
@@ -1391,10 +1391,10 @@ function isAuthenticated() {
 }
 function saveTokens(tokens) {
   try {
-    if (!fs9__default.default.existsSync(CREDENTIALS_DIR)) {
-      fs9__default.default.mkdirSync(CREDENTIALS_DIR, { recursive: true });
+    if (!fs10__default.default.existsSync(CREDENTIALS_DIR)) {
+      fs10__default.default.mkdirSync(CREDENTIALS_DIR, { recursive: true });
     }
-    fs9__default.default.writeFileSync(
+    fs10__default.default.writeFileSync(
       CREDENTIALS_PATH,
       JSON.stringify(tokens, null, 2),
       "utf8"
@@ -1405,18 +1405,18 @@ function saveTokens(tokens) {
 }
 function logout() {
   try {
-    if (fs9__default.default.existsSync(CREDENTIALS_PATH)) {
-      fs9__default.default.unlinkSync(CREDENTIALS_PATH);
+    if (fs10__default.default.existsSync(CREDENTIALS_PATH)) {
+      fs10__default.default.unlinkSync(CREDENTIALS_PATH);
     }
   } catch (error) {
     console.error(pc5__default.default.red("Failed to logout"), error);
   }
 }
 function getTokens() {
-  if (!fs9__default.default.existsSync(CREDENTIALS_PATH)) {
+  if (!fs10__default.default.existsSync(CREDENTIALS_PATH)) {
     return null;
   }
-  const raw = fs9__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
+  const raw = fs10__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
   const data = JSON.parse(raw);
   return data;
 }
@@ -1515,10 +1515,10 @@ async function login() {
 }
 var getUserId = () => {
   try {
-    if (!fs9__default.default.existsSync(CREDENTIALS_PATH)) {
+    if (!fs10__default.default.existsSync(CREDENTIALS_PATH)) {
       return;
     }
-    const raw = fs9__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
+    const raw = fs10__default.default.readFileSync(CREDENTIALS_PATH, "utf8");
     const data = JSON.parse(raw);
     const fromUserObject = data.user?.id;
     const fromTopLevel = data.sub ?? data.user_id;
@@ -1706,14 +1706,14 @@ var ProjectRegistry = class {
   }
   load() {
     try {
-      if (fs9__default.default.existsSync(REGISTRY_FILE)) {
-        const data = fs9__default.default.readFileSync(REGISTRY_FILE, "utf8");
+      if (fs10__default.default.existsSync(REGISTRY_FILE)) {
+        const data = fs10__default.default.readFileSync(REGISTRY_FILE, "utf8");
         const parsed = JSON.parse(data);
         if (!Array.isArray(parsed)) {
           console.error("Invalid project registry format: expected array, got", typeof parsed);
           const backupFile = REGISTRY_FILE + ".backup." + Date.now();
-          fs9__default.default.copyFileSync(REGISTRY_FILE, backupFile);
-          fs9__default.default.unlinkSync(REGISTRY_FILE);
+          fs10__default.default.copyFileSync(REGISTRY_FILE, backupFile);
+          fs10__default.default.unlinkSync(REGISTRY_FILE);
           return;
         }
         const projects = parsed;
@@ -1726,11 +1726,11 @@ var ProjectRegistry = class {
       }
     } catch (error) {
       console.error("Failed to load project registry:", error);
-      if (fs9__default.default.existsSync(REGISTRY_FILE)) {
+      if (fs10__default.default.existsSync(REGISTRY_FILE)) {
         try {
           const backupFile = REGISTRY_FILE + ".backup." + Date.now();
-          fs9__default.default.copyFileSync(REGISTRY_FILE, backupFile);
-          fs9__default.default.unlinkSync(REGISTRY_FILE);
+          fs10__default.default.copyFileSync(REGISTRY_FILE, backupFile);
+          fs10__default.default.unlinkSync(REGISTRY_FILE);
           console.log("Corrupted registry file backed up and removed. Starting fresh.");
         } catch (backupError) {
         }
@@ -1739,11 +1739,11 @@ var ProjectRegistry = class {
   }
   save() {
     try {
-      if (!fs9__default.default.existsSync(AMA_DIR)) {
-        fs9__default.default.mkdirSync(AMA_DIR, { recursive: true });
+      if (!fs10__default.default.existsSync(AMA_DIR)) {
+        fs10__default.default.mkdirSync(AMA_DIR, { recursive: true });
       }
       const projects = Array.from(this.projects.values());
-      fs9__default.default.writeFileSync(REGISTRY_FILE, JSON.stringify(projects, null, 2), "utf8");
+      fs10__default.default.writeFileSync(REGISTRY_FILE, JSON.stringify(projects, null, 2), "utf8");
     } catch (error) {
       console.error("Failed to save project registry:", error);
     }
@@ -1783,7 +1783,7 @@ var ProjectRegistry = class {
 var projectRegistry = new ProjectRegistry();
 var ignoreFiles = ["node_modules", ".git", ".next", ".env", ".env.local", ".env.development.local", ".env.test.local", ".env.production.local", ".output", ".turbo", ".vercel", ".next", ".tanstack", ".nitro", ".wrangler", ".alchemy", ".coverage", ".nyc_output", ".cache", "tmp", "temp", ".idea", ".vscode", ".zig-cache", "zig-out", ".coverage", "coverage", "logs", ".venv", "venv", "env", ".next", ".turbo", ".vercel", ".output", ".tanstack", ".nitro", ".wrangler", ".alchemy", ".coverage", ".nyc_output", ".cache", "tmp", "temp", ".idea", ".vscode", ".zig-cache", "zig-out", ".coverage", "coverage", "logs", ".venv", "venv", "env"];
 var getContext = (dir, base = dir, allFiles = []) => {
-  const filePath = fs9.readdirSync(dir, { withFileTypes: true });
+  const filePath = fs10.readdirSync(dir, { withFileTypes: true });
   for (const file of filePath) {
     if (ignoreFiles.includes(file.name)) continue;
     const fullPath = path10__default.default.join(dir, file.name);
@@ -1812,7 +1812,7 @@ function getWorkspaceStoragePath(ide) {
   } else {
     const capitalizedPath = path10__default.default.join(HOME, ".config", appName, "User", "workspaceStorage");
     const lowercasePath = path10__default.default.join(HOME, ".config", appNameLower, "User", "workspaceStorage");
-    if (fs9__default.default.existsSync(capitalizedPath)) {
+    if (fs10__default.default.existsSync(capitalizedPath)) {
       return capitalizedPath;
     }
     return lowercasePath;
@@ -1821,16 +1821,16 @@ function getWorkspaceStoragePath(ide) {
 function scanWorkspaceStorage(ide) {
   const projects = [];
   const storagePath = getWorkspaceStoragePath(ide);
-  if (!fs9__default.default.existsSync(storagePath)) {
+  if (!fs10__default.default.existsSync(storagePath)) {
     return projects;
   }
   try {
-    const workspaces = fs9__default.default.readdirSync(storagePath);
+    const workspaces = fs10__default.default.readdirSync(storagePath);
     for (const workspace of workspaces) {
       const workspaceJsonPath = path10__default.default.join(storagePath, workspace, "workspace.json");
-      if (fs9__default.default.existsSync(workspaceJsonPath)) {
+      if (fs10__default.default.existsSync(workspaceJsonPath)) {
         try {
-          const content = fs9__default.default.readFileSync(workspaceJsonPath, "utf-8");
+          const content = fs10__default.default.readFileSync(workspaceJsonPath, "utf-8");
           const data = JSON.parse(content);
           if (data.folder && typeof data.folder === "string") {
             let projectPath = data.folder;
@@ -1838,7 +1838,7 @@ function scanWorkspaceStorage(ide) {
               projectPath = projectPath.replace("file://", "");
               projectPath = decodeURIComponent(projectPath);
             }
-            if (fs9__default.default.existsSync(projectPath) && fs9__default.default.statSync(projectPath).isDirectory()) {
+            if (fs10__default.default.existsSync(projectPath) && fs10__default.default.statSync(projectPath).isDirectory()) {
               projects.push({
                 name: path10__default.default.basename(projectPath),
                 path: projectPath,
@@ -1862,11 +1862,11 @@ var scanIdeProjects = async () => {
     const seenPaths = /* @__PURE__ */ new Set();
     const addProject = (projectPath, ide) => {
       try {
-        const resolvedPath = fs9__default.default.realpathSync(projectPath);
-        if (fs9__default.default.existsSync(resolvedPath) && fs9__default.default.statSync(resolvedPath).isDirectory() && !seenPaths.has(resolvedPath)) {
+        const resolvedPath = fs10__default.default.realpathSync(projectPath);
+        if (fs10__default.default.existsSync(resolvedPath) && fs10__default.default.statSync(resolvedPath).isDirectory() && !seenPaths.has(resolvedPath)) {
           const isIdeProjectsDir = Object.values(IDE_PROJECTS_PATHS).some((ideDir) => {
             try {
-              return fs9__default.default.realpathSync(ideDir) === resolvedPath;
+              return fs10__default.default.realpathSync(ideDir) === resolvedPath;
             } catch {
               return false;
             }
@@ -1893,30 +1893,30 @@ var scanIdeProjects = async () => {
     }
     for (const [ide, dirPath] of Object.entries(IDE_PROJECTS_PATHS)) {
       if (ide === "cursor" || ide === "vscode") continue;
-      if (fs9__default.default.existsSync(dirPath)) {
-        const projects = fs9__default.default.readdirSync(dirPath);
+      if (fs10__default.default.existsSync(dirPath)) {
+        const projects = fs10__default.default.readdirSync(dirPath);
         projects.forEach((project) => {
           const projectPath = path10__default.default.join(dirPath, project);
           try {
-            const stats = fs9__default.default.lstatSync(projectPath);
+            const stats = fs10__default.default.lstatSync(projectPath);
             let actualPath = null;
             if (stats.isSymbolicLink()) {
-              actualPath = fs9__default.default.realpathSync(projectPath);
+              actualPath = fs10__default.default.realpathSync(projectPath);
             } else if (stats.isFile()) {
               try {
-                let content = fs9__default.default.readFileSync(projectPath, "utf-8").trim();
+                let content = fs10__default.default.readFileSync(projectPath, "utf-8").trim();
                 if (content.startsWith("~/") || content === "~") {
                   content = content.replace(/^~/, HOME);
                 }
                 const resolvedContent = path10__default.default.isAbsolute(content) ? content : path10__default.default.resolve(path10__default.default.dirname(projectPath), content);
-                if (fs9__default.default.existsSync(resolvedContent) && fs9__default.default.statSync(resolvedContent).isDirectory()) {
-                  actualPath = fs9__default.default.realpathSync(resolvedContent);
+                if (fs10__default.default.existsSync(resolvedContent) && fs10__default.default.statSync(resolvedContent).isDirectory()) {
+                  actualPath = fs10__default.default.realpathSync(resolvedContent);
                 }
               } catch {
                 return;
               }
             } else if (stats.isDirectory()) {
-              actualPath = fs9__default.default.realpathSync(projectPath);
+              actualPath = fs10__default.default.realpathSync(projectPath);
             }
             if (actualPath) {
               addProject(actualPath, ide);
@@ -2181,6 +2181,396 @@ var Snapshot;
     return path10__default.default.join(Global.Path.data, "snapshot", projectId);
   }
 })(Snapshot || (Snapshot = {}));
+var CLIENT_ID2 = "app_EMoamEEZ73f0CkXaXp7hrann";
+var ISSUER = "https://auth.openai.com";
+var OAUTH_PORT = 1455;
+var CREDENTIALS_PATH2 = path10__default.default.join(AMA_DIR, "codex-credentials.json");
+var CALLBACK_PATH = "/auth/callback";
+var OAUTH_TIMEOUT_MS = 5 * 60 * 1e3;
+var REFRESH_BUFFER_MS = 60 * 1e3;
+var oauthServer;
+var pendingOAuth;
+var HTML_SUCCESS = `<!doctype html>
+<html>
+  <head>
+    <title>amai - Codex Authorization Successful</title>
+    <style>
+      body {
+        font-family:
+          system-ui,
+          -apple-system,
+          sans-serif;
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        height: 100vh;
+        margin: 0;
+        background: #131010;
+        color: #f1ecec;
+      }
+      .container {
+        text-align: center;
+        padding: 2rem;
+      }
+      h1 {
+        color: #f1ecec;
+        margin-bottom: 1rem;
+      }
+      p {
+        color: #b7b1b1;
+      }
+    </style>
+  </head>
+  <body>
+    <div class="container">
+      <h1>Authorization Successful</h1>
+      <p>You can close this window and return to ama.</p>
+    </div>
+    <script>
+      setTimeout(() => window.close(), 2000)
+    </script>
+  </body>
+</html>`;
+var HTML_ERROR = (error) => `<!doctype html>
+<html>
+  <head>
+    <title>amai - Codex Authorization Failed</title>
+    <style>
+      body {
+        font-family:
+          system-ui,
+          -apple-system,
+          sans-serif;
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        height: 100vh;
+        margin: 0;
+        background: #131010;
+        color: #f1ecec;
+      }
+      .container {
+        text-align: center;
+        padding: 2rem;
+      }
+      h1 {
+        color: #fc533a;
+        margin-bottom: 1rem;
+      }
+      p {
+        color: #b7b1b1;
+      }
+      .error {
+        color: #ff917b;
+        font-family: monospace;
+        margin-top: 1rem;
+        padding: 1rem;
+        background: #3c140d;
+        border-radius: 0.5rem;
+      }
+    </style>
+  </head>
+  <body>
+    <div class="container">
+      <h1>Authorization Failed</h1>
+      <p>An error occurred during authorization.</p>
+      <div class="error">${error}</div>
+    </div>
+  </body>
+</html>`;
+function ensureCredentialsDir() {
+  if (!fs10__default.default.existsSync(AMA_DIR)) {
+    fs10__default.default.mkdirSync(AMA_DIR, { recursive: true });
+  }
+}
+function saveCredentials(credentials) {
+  ensureCredentialsDir();
+  fs10__default.default.writeFileSync(CREDENTIALS_PATH2, JSON.stringify(credentials, null, 2), "utf8");
+}
+function readCredentials() {
+  if (!fs10__default.default.existsSync(CREDENTIALS_PATH2)) {
+    return null;
+  }
+  const raw = fs10__default.default.readFileSync(CREDENTIALS_PATH2, "utf8");
+  const parsed = JSON.parse(raw);
+  if (typeof parsed.accessToken !== "string" || typeof parsed.refreshToken !== "string" || typeof parsed.accountId !== "string" || typeof parsed.expiresAt !== "number") {
+    return null;
+  }
+  return parsed;
+}
+function generateRandomString(length) {
+  const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
+  const bytes = crypto.getRandomValues(new Uint8Array(length));
+  return Array.from(bytes).map((b) => chars[b % chars.length]).join("");
+}
+function base64UrlEncode(buffer) {
+  const bytes = new Uint8Array(buffer);
+  const binary = String.fromCharCode(...bytes);
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function generatePKCE() {
+  const verifier = generateRandomString(43);
+  const encoder = new TextEncoder();
+  const data = encoder.encode(verifier);
+  const hash = await crypto.subtle.digest("SHA-256", data);
+  const challenge = base64UrlEncode(hash);
+  return { verifier, challenge };
+}
+function generateState() {
+  return base64UrlEncode(crypto.getRandomValues(new Uint8Array(32)).buffer);
+}
+function parseJwtClaims(token) {
+  const parts = token.split(".");
+  if (parts.length !== 3) {
+    return void 0;
+  }
+  try {
+    return JSON.parse(Buffer.from(parts[1], "base64url").toString("utf8"));
+  } catch {
+    return void 0;
+  }
+}
+function extractAccountIdFromClaims(claims) {
+  return claims.chatgpt_account_id || claims["https://api.openai.com/auth"]?.chatgpt_account_id || claims.organizations?.[0]?.id;
+}
+function extractAccountId(tokens) {
+  if (tokens.id_token) {
+    const claims = parseJwtClaims(tokens.id_token);
+    const accountId = claims && extractAccountIdFromClaims(claims);
+    if (accountId) {
+      return accountId;
+    }
+  }
+  const accessClaims = parseJwtClaims(tokens.access_token);
+  return accessClaims ? extractAccountIdFromClaims(accessClaims) : void 0;
+}
+function buildAuthorizeUrl(redirectUri, pkce, state) {
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: CLIENT_ID2,
+    redirect_uri: redirectUri,
+    scope: "openid profile email offline_access",
+    code_challenge: pkce.challenge,
+    code_challenge_method: "S256",
+    id_token_add_organizations: "true",
+    codex_cli_simplified_flow: "true",
+    state,
+    originator: "ama"
+  });
+  return `${ISSUER}/oauth/authorize?${params.toString()}`;
+}
+async function exchangeCodeForTokens(code, redirectUri, pkce) {
+  const response = await fetch(`${ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body: new URLSearchParams({
+      grant_type: "authorization_code",
+      code,
+      redirect_uri: redirectUri,
+      client_id: CLIENT_ID2,
+      code_verifier: pkce.verifier
+    }).toString()
+  });
+  if (!response.ok) {
+    throw new Error(`Token exchange failed: ${response.status}`);
+  }
+  return response.json();
+}
+async function refreshAccessToken(refreshToken) {
+  const response = await fetch(`${ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body: new URLSearchParams({
+      grant_type: "refresh_token",
+      refresh_token: refreshToken,
+      client_id: CLIENT_ID2
+    }).toString()
+  });
+  if (!response.ok) {
+    throw new Error(`Token refresh failed: ${response.status}`);
+  }
+  return response.json();
+}
+async function startOAuthServer() {
+  if (oauthServer) {
+    return { redirectUri: `http://localhost:${OAUTH_PORT}${CALLBACK_PATH}` };
+  }
+  oauthServer = Bun.serve({
+    port: OAUTH_PORT,
+    fetch(request) {
+      const url = new URL(request.url);
+      if (url.pathname !== CALLBACK_PATH) {
+        return new Response("Not found", { status: 404 });
+      }
+      const code = url.searchParams.get("code");
+      const state = url.searchParams.get("state");
+      const error = url.searchParams.get("error");
+      const errorDescription = url.searchParams.get("error_description");
+      if (error) {
+        const message = errorDescription || error;
+        pendingOAuth?.reject(new Error(message));
+        pendingOAuth = void 0;
+        return new Response(HTML_ERROR(message), {
+          headers: { "Content-Type": "text/html" }
+        });
+      }
+      if (!code) {
+        const message = "Missing authorization code";
+        pendingOAuth?.reject(new Error(message));
+        pendingOAuth = void 0;
+        return new Response(HTML_ERROR(message), {
+          status: 400,
+          headers: { "Content-Type": "text/html" }
+        });
+      }
+      if (!pendingOAuth || state !== pendingOAuth.state) {
+        const message = "Invalid state - potential CSRF attack";
+        pendingOAuth?.reject(new Error(message));
+        pendingOAuth = void 0;
+        return new Response(HTML_ERROR(message), {
+          status: 400,
+          headers: { "Content-Type": "text/html" }
+        });
+      }
+      const current = pendingOAuth;
+      pendingOAuth = void 0;
+      exchangeCodeForTokens(code, `http://localhost:${OAUTH_PORT}${CALLBACK_PATH}`, current.pkce).then((tokens) => current.resolve(tokens)).catch((err) => current.reject(err));
+      return new Response(HTML_SUCCESS, {
+        headers: { "Content-Type": "text/html" }
+      });
+    }
+  });
+  return { redirectUri: `http://localhost:${OAUTH_PORT}${CALLBACK_PATH}` };
+}
+function stopOAuthServer() {
+  if (oauthServer) {
+    oauthServer.stop();
+    oauthServer = void 0;
+  }
+}
+function waitForOAuthCallback(pkce, state) {
+  if (pendingOAuth) {
+    throw new Error("Codex authorization is already in progress");
+  }
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => {
+      if (pendingOAuth) {
+        pendingOAuth = void 0;
+        reject(new Error("OAuth callback timeout - authorization took too long"));
+      }
+    }, OAUTH_TIMEOUT_MS);
+    pendingOAuth = {
+      pkce,
+      state,
+      resolve: (tokens) => {
+        clearTimeout(timeout);
+        resolve(tokens);
+      },
+      reject: (error) => {
+        clearTimeout(timeout);
+        reject(error);
+      }
+    };
+  });
+}
+function maybeOpenBrowser(url) {
+  try {
+    if (process.platform === "darwin") {
+      const child2 = child_process.spawn("open", [url], { detached: true, stdio: "ignore" });
+      child2.unref();
+      return;
+    }
+    if (process.platform === "win32") {
+      const child2 = child_process.spawn("cmd", ["/c", "start", "", url], {
+        detached: true,
+        stdio: "ignore"
+      });
+      child2.unref();
+      return;
+    }
+    const child = child_process.spawn("xdg-open", [url], { detached: true, stdio: "ignore" });
+    child.unref();
+  } catch {
+  }
+}
+async function startCodexOAuth() {
+  if (pendingOAuth) {
+    throw new Error("Codex authorization is already in progress");
+  }
+  const { redirectUri } = await startOAuthServer();
+  const pkce = await generatePKCE();
+  const state = generateState();
+  const authUrl = buildAuthorizeUrl(redirectUri, pkce, state);
+  maybeOpenBrowser(authUrl);
+  return {
+    authUrl,
+    waitForCallback: async () => {
+      try {
+        const tokens = await waitForOAuthCallback(pkce, state);
+        const accountId = extractAccountId(tokens);
+        if (!accountId) {
+          throw new Error("Could not determine ChatGPT account ID from OAuth token");
+        }
+        const credentials = {
+          accessToken: tokens.access_token,
+          refreshToken: tokens.refresh_token,
+          accountId,
+          expiresAt: Date.now() + (tokens.expires_in ?? 3600) * 1e3
+        };
+        saveCredentials(credentials);
+        return credentials;
+      } finally {
+        stopOAuthServer();
+      }
+    }
+  };
+}
+async function getCodexTokens() {
+  const credentials = readCredentials();
+  if (!credentials) {
+    throw new Error("Codex is not authenticated");
+  }
+  const needsRefresh = credentials.expiresAt <= Date.now() + REFRESH_BUFFER_MS;
+  if (!needsRefresh) {
+    return { accessToken: credentials.accessToken, accountId: credentials.accountId };
+  }
+  const refreshed = await refreshAccessToken(credentials.refreshToken);
+  const nextAccountId = extractAccountId(refreshed) || credentials.accountId;
+  const nextCredentials = {
+    accessToken: refreshed.access_token,
+    refreshToken: refreshed.refresh_token || credentials.refreshToken,
+    accountId: nextAccountId,
+    expiresAt: Date.now() + (refreshed.expires_in ?? 3600) * 1e3
+  };
+  saveCredentials(nextCredentials);
+  return { accessToken: nextCredentials.accessToken, accountId: nextCredentials.accountId };
+}
+async function getCodexStatus() {
+  const credentials = readCredentials();
+  if (!credentials) {
+    return { authenticated: false };
+  }
+  if (credentials.expiresAt > Date.now() + REFRESH_BUFFER_MS) {
+    return { authenticated: true };
+  }
+  try {
+    await getCodexTokens();
+    return { authenticated: true };
+  } catch {
+    return { authenticated: false };
+  }
+}
+async function codexLogout() {
+  pendingOAuth = void 0;
+  stopOAuthServer();
+  if (fs10__default.default.existsSync(CREDENTIALS_PATH2)) {
+    fs10__default.default.unlinkSync(CREDENTIALS_PATH2);
+  }
+}
 // src/lib/rpc-handlers.ts
 var rpcHandlers = {
@@ -2329,6 +2719,23 @@ var rpcHandlers = {
     }
     const diff = await Snapshot.diff(projectId, hash);
     return { success: true, diff };
+  },
+  "daemon:codex_start_auth": async () => {
+    const { authUrl, waitForCallback } = await startCodexOAuth();
+    void waitForCallback().catch((error) => {
+      console.error("[codex] OAuth callback failed:", error);
+    });
+    return { authUrl };
+  },
+  "daemon:codex_get_tokens": async () => {
+    return getCodexTokens();
+  },
+  "daemon:codex_status": async () => {
+    return getCodexStatus();
+  },
+  "daemon:codex_logout": async () => {
+    await codexLogout();
+    return { success: true };
   }
 };
 var INITIAL_RECONNECT_DELAY = 1e3;
@@ -2825,20 +3232,20 @@ function getCodeServerBin() {
 }
 function isCodeServerInstalled() {
   const binPath = getCodeServerBin();
-  return fs9__default.default.existsSync(binPath);
+  return fs10__default.default.existsSync(binPath);
 }
 async function installCodeServer() {
   const { ext } = getPlatformInfo();
   const downloadUrl = getDownloadUrl();
   const tarballPath = path10__default.default.join(AMA_DIR, `code-server.${ext}`);
-  if (!fs9__default.default.existsSync(AMA_DIR)) {
-    fs9__default.default.mkdirSync(AMA_DIR, { recursive: true });
+  if (!fs10__default.default.existsSync(AMA_DIR)) {
+    fs10__default.default.mkdirSync(AMA_DIR, { recursive: true });
   }
-  if (!fs9__default.default.existsSync(CODE_DIR)) {
-    fs9__default.default.mkdirSync(CODE_DIR, { recursive: true });
+  if (!fs10__default.default.existsSync(CODE_DIR)) {
+    fs10__default.default.mkdirSync(CODE_DIR, { recursive: true });
   }
-  if (!fs9__default.default.existsSync(STORAGE_DIR)) {
-    fs9__default.default.mkdirSync(STORAGE_DIR, { recursive: true });
+  if (!fs10__default.default.existsSync(STORAGE_DIR)) {
+    fs10__default.default.mkdirSync(STORAGE_DIR, { recursive: true });
   }
   console.log(pc5__default.default.cyan(`downloading code-server v${CODE_SERVER_VERSION}...`));
   console.log(pc5__default.default.gray(downloadUrl));
@@ -2847,13 +3254,13 @@ async function installCodeServer() {
     throw new Error(`Failed to download code-server: ${response.statusText}`);
   }
   const buffer = await response.arrayBuffer();
-  await fs9__default.default.promises.writeFile(tarballPath, Buffer.from(buffer));
+  await fs10__default.default.promises.writeFile(tarballPath, Buffer.from(buffer));
   console.log(pc5__default.default.cyan("Extracting code-server..."));
   await execAsync2(`tar -xzf ${tarballPath} -C ${CODE_DIR}`);
-  await fs9__default.default.promises.unlink(tarballPath);
+  await fs10__default.default.promises.unlink(tarballPath);
   const binPath = getCodeServerBin();
-  if (fs9__default.default.existsSync(binPath)) {
-    await fs9__default.default.promises.chmod(binPath, 493);
+  if (fs10__default.default.existsSync(binPath)) {
+    await fs10__default.default.promises.chmod(binPath, 493);
   }
   console.log(pc5__default.default.green("code-server installed successfully"));
 }
@@ -2878,8 +3285,8 @@ async function killExistingCodeServer() {
 async function setupDefaultSettings() {
   const userDir = path10__default.default.join(STORAGE_DIR, "User");
   const settingsPath = path10__default.default.join(userDir, "settings.json");
-  if (!fs9__default.default.existsSync(userDir)) {
-    fs9__default.default.mkdirSync(userDir, { recursive: true });
+  if (!fs10__default.default.existsSync(userDir)) {
+    fs10__default.default.mkdirSync(userDir, { recursive: true });
   }
   const defaultSettings = {
     // Disable signature verification for Open VSX extensions
@@ -2897,9 +3304,9 @@ async function setupDefaultSettings() {
     "workbench.activityBar.location": "top"
   };
   let existingSettings = {};
-  if (fs9__default.default.existsSync(settingsPath)) {
+  if (fs10__default.default.existsSync(settingsPath)) {
     try {
-      const content = await fs9__default.default.promises.readFile(settingsPath, "utf-8");
+      const content = await fs10__default.default.promises.readFile(settingsPath, "utf-8");
       existingSettings = JSON.parse(content);
     } catch {
     }
@@ -2907,7 +3314,7 @@ async function setupDefaultSettings() {
   const mergedSettings = { ...defaultSettings, ...existingSettings };
   mergedSettings["workbench.colorTheme"] = "Min Dark";
   mergedSettings["extensions.verifySignature"] = false;
-  await fs9__default.default.promises.writeFile(settingsPath, JSON.stringify(mergedSettings, null, 2));
+  await fs10__default.default.promises.writeFile(settingsPath, JSON.stringify(mergedSettings, null, 2));
   console.log(pc5__default.default.green("ama code-server settings configured"));
 }
 async function installExtensions() {
@@ -2928,7 +3335,7 @@ async function installExtensions() {
 async function startCodeServer(cwd) {
   const binPath = getCodeServerBin();
   const workDir = cwd || process.cwd();
-  if (!fs9__default.default.existsSync(binPath)) {
+  if (!fs10__default.default.existsSync(binPath)) {
     throw new Error("ama code-server is not installed. Run installCodeServer() first.");
   }
   await killExistingCodeServer();
@@ -2936,12 +3343,12 @@ async function startCodeServer(cwd) {
   await installExtensions();
   const workspaceStoragePath = path10__default.default.join(STORAGE_DIR, "User", "workspaceStorage");
   try {
-    if (fs9__default.default.existsSync(workspaceStoragePath)) {
-      await fs9__default.default.promises.rm(workspaceStoragePath, { recursive: true, force: true });
+    if (fs10__default.default.existsSync(workspaceStoragePath)) {
+      await fs10__default.default.promises.rm(workspaceStoragePath, { recursive: true, force: true });
     }
     const stateDbPath = path10__default.default.join(STORAGE_DIR, "User", "globalStorage", "state.vscdb");
-    if (fs9__default.default.existsSync(stateDbPath)) {
-      await fs9__default.default.promises.unlink(stateDbPath);
+    if (fs10__default.default.existsSync(stateDbPath)) {
+      await fs10__default.default.promises.unlink(stateDbPath);
     }
   } catch {
   }
@@ -2972,11 +3379,11 @@ var __dirname$1 = path10.dirname(__filename$1);
 var DAEMON_PID_FILE = path10__default.default.join(AMA_DIR, "daemon.pid");
 var DAEMON_LOG_FILE = path10__default.default.join(AMA_DIR, "daemon.log");
 function isDaemonRunning() {
-  if (!fs9__default.default.existsSync(DAEMON_PID_FILE)) {
+  if (!fs10__default.default.existsSync(DAEMON_PID_FILE)) {
     return false;
   }
   try {
-    const pid = Number(fs9__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
+    const pid = Number(fs10__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
     process.kill(pid, 0);
     return true;
   } catch {
@@ -2984,30 +3391,30 @@ function isDaemonRunning() {
   }
 }
 function stopDaemon() {
-  if (!fs9__default.default.existsSync(DAEMON_PID_FILE)) {
+  if (!fs10__default.default.existsSync(DAEMON_PID_FILE)) {
     return false;
   }
   try {
-    const pid = Number(fs9__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
+    const pid = Number(fs10__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
     process.kill(pid, "SIGTERM");
-    fs9__default.default.unlinkSync(DAEMON_PID_FILE);
+    fs10__default.default.unlinkSync(DAEMON_PID_FILE);
     return true;
   } catch (error) {
     return false;
   }
 }
 function startDaemon() {
-  if (!fs9__default.default.existsSync(AMA_DIR)) {
-    fs9__default.default.mkdirSync(AMA_DIR, { recursive: true });
+  if (!fs10__default.default.existsSync(AMA_DIR)) {
+    fs10__default.default.mkdirSync(AMA_DIR, { recursive: true });
   }
   if (isDaemonRunning()) {
     stopDaemon();
   }
   const daemonScript = path10__default.default.join(__dirname$1, "lib", "daemon-entry.js");
-  if (!fs9__default.default.existsSync(daemonScript)) {
+  if (!fs10__default.default.existsSync(daemonScript)) {
     throw new Error(`Daemon entry script not found at: ${daemonScript}. Please rebuild the project.`);
   }
-  const logFd = fs9__default.default.openSync(DAEMON_LOG_FILE, "a");
+  const logFd = fs10__default.default.openSync(DAEMON_LOG_FILE, "a");
   const daemon = child_process.spawn(process.execPath, [daemonScript], {
     detached: true,
     stdio: ["ignore", logFd, logFd],
@@ -3015,20 +3422,20 @@ function startDaemon() {
     cwd: process.cwd()
   });
   daemon.unref();
-  fs9__default.default.writeFileSync(DAEMON_PID_FILE, String(daemon.pid));
-  fs9__default.default.closeSync(logFd);
+  fs10__default.default.writeFileSync(DAEMON_PID_FILE, String(daemon.pid));
+  fs10__default.default.closeSync(logFd);
 }
 function getDaemonPid() {
-  if (!fs9__default.default.existsSync(DAEMON_PID_FILE)) {
+  if (!fs10__default.default.existsSync(DAEMON_PID_FILE)) {
     return null;
   }
   try {
-    return Number(fs9__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
+    return Number(fs10__default.default.readFileSync(DAEMON_PID_FILE, "utf8"));
   } catch {
     return null;
   }
 }
-var VERSION = "0.0.17";
+var VERSION = "0.0.18";
 var PROJECT_DIR = process.cwd();
 var LOGO = `
    __ _ _ __ ___   __ _
@@ -3108,6 +3515,9 @@ if (args[0] === "--help" || args[0] === "-h") {
   console.log("");
   console.log(pc5__default.default.cyan("  commands"));
   console.log(pc5__default.default.gray("    login           authenticate with amai"));
+  console.log(pc5__default.default.gray("    codex           connect ChatGPT subscription for Codex"));
+  console.log(pc5__default.default.gray("    codex status    check Codex auth status"));
+  console.log(pc5__default.default.gray("    codex logout    remove Codex credentials"));
   console.log(pc5__default.default.gray("    logout          remove credentials"));
   console.log(pc5__default.default.gray("    start           start background daemon"));
   console.log(pc5__default.default.gray("    stop            stop background daemon"));
@@ -3144,6 +3554,33 @@ if (args[0] === "update") {
     }
     process.exit(0);
   })();
+} else if (args[0] === "codex") {
+  (async () => {
+    try {
+      const subCommand = args[1];
+      if (subCommand === "status") {
+        const status = await getCodexStatus();
+        console.log(pc5__default.default.gray(`codex auth: ${status.authenticated ? "connected" : "not connected"}`));
+        process.exit(0);
+      }
+      if (subCommand === "logout") {
+        await codexLogout();
+        console.log(pc5__default.default.cyan("codex credentials removed"));
+        process.exit(0);
+      }
+      console.log(pc5__default.default.gray("starting codex auth..."));
+      const { authUrl, waitForCallback } = await startCodexOAuth();
+      console.log("");
+      console.log(pc5__default.default.cyan(`open: ${authUrl}`));
+      console.log(pc5__default.default.gray("complete authorization in your browser..."));
+      const result = await waitForCallback();
+      console.log(pc5__default.default.cyan(`codex connected (account: ${result.accountId})`));
+      process.exit(0);
+    } catch (error) {
+      console.error(pc5__default.default.red(error.message || "codex auth failed"));
+      process.exit(1);
+    }
+  })();
 } else if (args[0] === "start") {
   (async () => {
     if (isDaemonRunning()) {
@@ -3195,11 +3632,11 @@ if (args[0] === "update") {
       process.exit(1);
     }
     const resolvedPath = path10__default.default.resolve(projectPath);
-    if (!fs9__default.default.existsSync(resolvedPath)) {
+    if (!fs10__default.default.existsSync(resolvedPath)) {
       console.error(pc5__default.default.red(`path does not exist: ${resolvedPath}`));
       process.exit(1);
     }
-    if (!fs9__default.default.statSync(resolvedPath).isDirectory()) {
+    if (!fs10__default.default.statSync(resolvedPath).isDirectory()) {
       console.error(pc5__default.default.red(`path is not a directory: ${resolvedPath}`));
       process.exit(1);
     }