amalgm 0.1.37 → 0.1.38

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "amalgm",
-  "version": "0.1.37",
+  "version": "0.1.38",
   "description": "Amalgm local computer runtime: login, MCP, chat, events, previews, and tunnels.",
   "license": "UNLICENSED",
   "private": false,
@@ -17,7 +17,7 @@
     "sync-runtime": "node ../../scripts/sync-npm-package-runtime.mjs",
     "prepack": "node ../../scripts/sync-npm-package-runtime.mjs",
     "pack:dry": "npm pack --dry-run",
-    "check": "node --check bin/amalgm.js && node --check lib/auth-store.js && node --check lib/cli.js && node --check lib/paths.js && node --check lib/supervisor.js && node --check lib/tunnel-chat.js && node --check lib/tunnel-events.js && node --check runtime/scripts/runtime-auth.js && node --check runtime/scripts/proxy-token-store.js && node --check runtime/scripts/local-gateway.js && node --check runtime/scripts/port-monitor.js && node --check runtime/scripts/fs-watcher.js && node --check runtime/scripts/chat-server.js && node --check runtime/scripts/chat-server/index.js && node --check runtime/scripts/chat-server/config.js && node --check runtime/scripts/chat-core/tooling/native-binaries.js && node --check runtime/scripts/amalgm-mcp/index.js && node --check runtime/scripts/amalgm-mcp/config.js"
+    "check": "node --check bin/amalgm.js && node --check lib/auth-store.js && node --check lib/cli.js && node --check lib/paths.js && node --check lib/supervisor.js && node --check lib/tunnel-chat.js && node --check lib/tunnel-events.js && node --check runtime/scripts/runtime-auth.js && node --check runtime/scripts/proxy-token-store.js && node --check runtime/scripts/local-gateway.js && node --check runtime/scripts/port-monitor.js && node --check runtime/scripts/fs-watcher.js && node --check runtime/scripts/chat-server.js && node --check runtime/scripts/chat-server/index.js && node --check runtime/scripts/chat-server/config.js && node --check runtime/scripts/chat-core/tooling/native-binaries.js && node --check runtime/scripts/chat-core/tooling/package-import.js && node --check runtime/scripts/amalgm-mcp/index.js && node --check runtime/scripts/amalgm-mcp/config.js"
   },
   "engines": {
     "node": ">=20"

package/runtime/scripts/chat-core/adapters/claude.js

@@ -8,6 +8,7 @@ const { normalizeClaudeMessage, usageRecordsFromClaudeResult, usageFromClaude }
 const { recordNativeEvent } = require('../recorder');
 const { toClaudeMcpServers } = require('../tooling/mcp-bundle');
 const { bundledClaudeBinary } = require('../tooling/native-binaries');
+const { importPackage } = require('../tooling/package-import');
 const { composeSystemPrompt } = require('../tooling/system-prompt');
 
 function redactSecrets(text) {
@@ -90,7 +91,7 @@ class ClaudeAdapter {
       }
     };
     try {
-      const sdk = await import('@anthropic-ai/claude-agent-sdk');
+      const sdk = await importPackage('@anthropic-ai/claude-agent-sdk');
       const query = sdk.query({
         prompt: promptText(input, contract),
         options: {

package/runtime/scripts/chat-core/adapters/opencode.js

@@ -12,6 +12,7 @@ const { normalizeOpenCodeEvent, normalizeOpenCodePromptResult } = require('../no
 const { recordNativeEvent } = require('../recorder');
 const { toOpenCodeMcpConfig } = require('../tooling/mcp-bundle');
 const { bundledOpenCodeBinary, executableExists } = require('../tooling/native-binaries');
+const { importPackage } = require('../tooling/package-import');
 const { composeSystemPrompt } = require('../tooling/system-prompt');
 
 function splitModel(model, auth) {
@@ -204,7 +205,7 @@ function isCompactCommand(text) {
 
 class OpenCodeAdapter {
   async startInstance(contract) {
-    const sdk = await import('@opencode-ai/sdk');
+    const sdk = await importPackage('@opencode-ai/sdk');
     const server = await startOpenCodeServer(contract);
     const client = sdk.createOpencodeClient({ baseUrl: server.url });
     return { client, server, closed: false };

package/runtime/scripts/chat-core/tooling/package-import.js

@@ -0,0 +1,108 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const { pathToFileURL } = require('url');
+
+function packageParts(specifier) {
+  const parts = String(specifier || '').split('/').filter(Boolean);
+  if (parts.length === 0) throw new Error('Package specifier is required');
+  if (parts[0].startsWith('@')) {
+    if (parts.length < 2) throw new Error(`Invalid scoped package specifier: ${specifier}`);
+    return {
+      packageName: `${parts[0]}/${parts[1]}`,
+      subpath: parts.slice(2).join('/'),
+    };
+  }
+  return {
+    packageName: parts[0],
+    subpath: parts.slice(1).join('/'),
+  };
+}
+
+function nodePathEntries() {
+  return String(process.env.NODE_PATH || '')
+    .split(path.delimiter)
+    .map((entry) => entry.trim())
+    .filter(Boolean);
+}
+
+function ancestorNodeModules() {
+  const entries = [];
+  let current = __dirname;
+  for (;;) {
+    entries.push(path.join(current, 'node_modules'));
+    const next = path.dirname(current);
+    if (next === current) break;
+    current = next;
+  }
+  return entries;
+}
+
+function candidateNodeModules() {
+  const resourcesPath = process.resourcesPath || '';
+  const entries = [
+    ...nodePathEntries(),
+    ...ancestorNodeModules(),
+    resourcesPath ? path.join(resourcesPath, 'app.asar', 'node_modules') : '',
+    resourcesPath ? path.join(resourcesPath, 'app.asar.unpacked', 'node_modules') : '',
+    resourcesPath ? path.join(resourcesPath, 'cli', 'node_modules') : '',
+    resourcesPath ? path.join(resourcesPath, 'runtime', 'node_modules') : '',
+  ].filter(Boolean);
+  return Array.from(new Set(entries));
+}
+
+function readPackageJson(packageRoot) {
+  try {
+    return JSON.parse(fs.readFileSync(path.join(packageRoot, 'package.json'), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function exportedPath(exportsField, subpath) {
+  if (!exportsField) return '';
+  const key = subpath ? `./${subpath}` : '.';
+  const value = typeof exportsField === 'object' && !Array.isArray(exportsField)
+    ? exportsField[key]
+    : (key === '.' ? exportsField : null);
+  if (!value) return '';
+  if (typeof value === 'string') return value;
+  if (typeof value !== 'object' || Array.isArray(value)) return '';
+  for (const condition of ['import', 'module', 'default', 'node', 'require']) {
+    if (typeof value[condition] === 'string') return value[condition];
+  }
+  return '';
+}
+
+function resolvePackageEntry(specifier) {
+  const { packageName, subpath } = packageParts(specifier);
+  for (const nodeModules of candidateNodeModules()) {
+    const packageRoot = path.join(nodeModules, packageName);
+    const pkg = readPackageJson(packageRoot);
+    if (!pkg) continue;
+
+    const target = (
+      exportedPath(pkg.exports, subpath)
+      || (subpath ? subpath : '')
+      || pkg.module
+      || pkg.main
+      || 'index.js'
+    );
+    const resolved = path.join(packageRoot, target);
+    if (fs.existsSync(resolved)) return resolved;
+  }
+  return '';
+}
+
+async function importPackage(specifier) {
+  try {
+    return await import(specifier);
+  } catch (originalError) {
+    const resolved = resolvePackageEntry(specifier);
+    if (!resolved) throw originalError;
+    return import(pathToFileURL(resolved).href);
+  }
+}
+
+module.exports = { importPackage, resolvePackageEntry };

package/runtime/scripts/chat-server/db.js

@@ -17,6 +17,7 @@ const {
   OPENAI_PROXY_URL,
   AI_GATEWAY_PROXY_URL,
 } = require('./config');
+const { importPackage } = require('../chat-core/tooling/package-import');
 
 // ── Supabase primitives ─────────────────────────────────────────────────────
 
@@ -153,8 +154,19 @@ function gatewaySdkBaseUrl(baseUrl) {
   return clean.endsWith('/v1/ai') ? clean : `${clean}/v1/ai`;
 }
 
-function titleEndpoints() {
+async function currentProxyToken({ forceRefresh = false } = {}) {
+  if (!AI_GATEWAY_PROXY_URL && !OPENAI_PROXY_URL) return '';
+  try {
+    return await ensureFreshProxyToken?.({ force: forceRefresh, logger: console }) || readProxyToken?.() || PROXY_TOKEN || '';
+  } catch (err) {
+    console.warn('[DB] Proxy token refresh failed for title generation:', err.message);
+    return readProxyToken?.() || PROXY_TOKEN || '';
+  }
+}
+
+async function titleEndpoints({ forceRefresh = false } = {}) {
   const endpoints = [];
+  const proxyToken = await currentProxyToken({ forceRefresh });
   if (AI_GATEWAY_API_KEY_TITLE) {
     endpoints.push({
       name: 'vercel_ai_sdk_gateway',
@@ -164,22 +176,24 @@ function titleEndpoints() {
       model: gatewayTitleModel(TITLE_MODEL),
     });
   }
-  if (AI_GATEWAY_PROXY_URL && PROXY_TOKEN) {
+  if (AI_GATEWAY_PROXY_URL && proxyToken) {
     endpoints.push({
       name: 'ai_gateway_proxy',
       kind: 'openai_compat',
       url: `${AI_GATEWAY_PROXY_URL}/chat/completions`,
-      token: PROXY_TOKEN,
+      token: proxyToken,
       model: gatewayTitleModel(TITLE_MODEL),
+      usesProxyToken: true,
     });
   }
-  if (OPENAI_PROXY_URL && PROXY_TOKEN) {
+  if (OPENAI_PROXY_URL && proxyToken) {
     endpoints.push({
       name: 'openai_proxy',
       kind: 'openai_compat',
       url: `${OPENAI_PROXY_URL}/v1/chat/completions`,
-      token: PROXY_TOKEN,
+      token: proxyToken,
       model: openAiTitleModel(TITLE_MODEL),
+      usesProxyToken: true,
     });
   }
   if (OPENAI_API_KEY_TITLE) {
@@ -196,8 +210,8 @@ function titleEndpoints() {
 
 async function requestTitleWithAiSdkGateway(endpoint, prompt, signal) {
   const [{ generateText }, { createGatewayProvider }] = await Promise.all([
-    import('ai'),
-    import('@ai-sdk/gateway'),
+    importPackage('ai'),
+    importPackage('@ai-sdk/gateway'),
   ]);
   const gateway = createGatewayProvider({
     apiKey: endpoint.token,
@@ -240,11 +254,26 @@ async function requestTitle(endpoint, prompt, signal) {
   return cleanGeneratedTitle(extractResponseText(await res.json()));
 }
 
+function isProxyAuthFailure(error) {
+  return /\b(401|403)\b|invalid or expired token|unauthorized/i.test(String(error?.message || error || ''));
+}
+
+async function requestTitleWithProxyRetry(endpoint, prompt, signal) {
+  try {
+    return await requestTitle(endpoint, prompt, signal);
+  } catch (err) {
+    if (!endpoint.usesProxyToken || !isProxyAuthFailure(err)) throw err;
+    const refreshedToken = await currentProxyToken({ forceRefresh: true });
+    if (!refreshedToken || refreshedToken === endpoint.token) throw err;
+    return requestTitle({ ...endpoint, token: refreshedToken }, prompt, signal);
+  }
+}
+
 async function generateTitle(prompt) {
   const text = String(prompt || '').trim();
   if (!text) return '';
 
-  const endpoints = titleEndpoints();
+  const endpoints = await titleEndpoints();
   if (endpoints.length === 0) {
     console.warn('[DB] Title generation skipped: no gateway/proxy credentials');
     return '';
@@ -254,7 +283,7 @@ async function generateTitle(prompt) {
     const controller = new AbortController();
     const timeout = setTimeout(() => controller.abort(), TITLE_TIMEOUT_MS);
     try {
-      const title = await requestTitle(endpoint, text, controller.signal);
+      const title = await requestTitleWithProxyRetry(endpoint, text, controller.signal);
       if (title) return title;
     } catch (err) {
       console.warn('[DB] Title generation endpoint failed:', err.message);