ampcode-connector 0.1.9 → 0.1.11

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ampcode-connector",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "description": "Proxy AmpCode through local OAuth subscriptions (Claude Code, Codex, Gemini CLI, Antigravity)",
   "license": "MIT",
   "repository": {
@@ -34,7 +34,7 @@
     "dev": "bun run --watch src/index.ts",
     "setup": "bun run src/index.ts setup",
     "login": "bun run src/index.ts login",
-    "test": "bun test tests/router.test.ts tests/middleware.test.ts tests/rewriter.test.ts",
+    "test": "bun test tests/router.test.ts tests/middleware.test.ts tests/rewriter.test.ts tests/forward.test.ts",
     "test:e2e": "bun test tests/code-assist.test.ts",
     "check": "biome check src/ tests/ && tsc --noEmit && bun run test",
     "format": "biome check --write src/ tests/"
@@ -42,14 +42,15 @@
   "devDependencies": {
     "@biomejs/biome": "^2.4.2",
     "@google/genai": "^1.42.0",
-    "@types/bun": "^1.3.9"
+    "@types/bun": "^1.3.9",
+    "@types/turndown": "^5.0.6"
   },
   "peerDependencies": {
     "typescript": "^5.9.3"
   },
   "dependencies": {
-    "@kreuzberg/html-to-markdown": "^2.25.1",
-    "ampcode-connector": "^0.1.8",
-    "exa-js": "^2.4.0"
+    "exa-js": "^2.4.0",
+    "turndown": "^7.2.2",
+    "turndown-plugin-gfm": "^1.0.2"
   }
 }

package/src/auth/callback-server.ts

@@ -2,7 +2,7 @@
 
 import { logger } from "../utils/logger.ts";
 
-export interface CallbackResult {
+interface CallbackResult {
   code: string;
   state: string;
 }

package/src/auth/oauth.ts

@@ -60,7 +60,9 @@ export async function tokenFromAny(config: OAuthConfig): Promise<{ accessToken:
     try {
       const refreshed = await refresh(config, c.refreshToken, account);
       return { accessToken: refreshed.accessToken, account };
-    } catch {}
+    } catch (err) {
+      logger.debug(`${config.providerName}:${account} refresh failed in tokenFromAny`, { error: String(err) });
+    }
   }
 
   return null;
@@ -178,10 +180,16 @@ async function exchange(config: OAuthConfig, params: Record<string, string>): Pr
 }
 
 function parseTokenFields(raw: Record<string, unknown>, config: OAuthConfig): Credentials {
+  if (typeof raw.access_token !== "string" || !raw.access_token) {
+    throw new Error(`${config.providerName} token response missing access_token`);
+  }
+  if (typeof raw.expires_in !== "number" || Number.isNaN(raw.expires_in)) {
+    throw new Error(`${config.providerName} token response missing or invalid expires_in`);
+  }
   const buffer = config.expiryBuffer !== false ? TOKEN_EXPIRY_BUFFER_MS : 0;
   return {
-    accessToken: raw.access_token as string,
+    accessToken: raw.access_token,
     refreshToken: (raw.refresh_token as string) ?? "",
-    expiresAt: Date.now() + (raw.expires_in as number) * 1000 - buffer,
+    expiresAt: Date.now() + raw.expires_in * 1000 - buffer,
   };
 }

package/src/auth/store.ts

@@ -6,6 +6,7 @@ import { Database, type Statement } from "bun:sqlite";
 import { mkdirSync } from "node:fs";
 import { homedir } from "node:os";
 import { join } from "node:path";
+import { logger } from "../utils/logger.ts";
 
 export interface Credentials {
   accessToken: string;
@@ -47,13 +48,7 @@ interface Statements {
 
 let _db: Database | null = null;
 let _stmts: Statements | null = null;
-let _dbPath = DEFAULT_DB_PATH;
-
-/** Override the database path (must be called before any store operation). */
-export function setDbPath(path: string): void {
-  _dbPath = path;
-}
-
+const _dbPath = DEFAULT_DB_PATH;
 function init() {
   if (_stmts) return _stmts;
 
@@ -92,16 +87,26 @@ function init() {
 export function get(provider: ProviderName, account = 0): Credentials | undefined {
   const row = init().get.get(provider, account);
   if (!row) return undefined;
-  return JSON.parse(row.data) as Credentials;
+  try {
+    return JSON.parse(row.data) as Credentials;
+  } catch (err) {
+    logger.warn(`Corrupt credentials for ${provider}:${account}, removing`, { error: String(err) });
+    init().delOne.run(provider, account);
+    return undefined;
+  }
 }
 
 export function getAll(provider: ProviderName): { account: number; credentials: Credentials }[] {
-  return init()
-    .getAll.all(provider)
-    .map((row) => ({
-      account: row.account,
-      credentials: JSON.parse(row.data) as Credentials,
-    }));
+  const results: { account: number; credentials: Credentials }[] = [];
+  for (const row of init().getAll.all(provider)) {
+    try {
+      results.push({ account: row.account, credentials: JSON.parse(row.data) as Credentials });
+    } catch (err) {
+      logger.warn(`Corrupt credentials for ${provider}:${row.account}, removing`, { error: String(err) });
+      init().delOne.run(provider, row.account);
+    }
+  }
+  return results;
 }
 
 export function save(provider: ProviderName, credentials: Credentials, account = 0): void {

package/src/cli/ansi.ts

@@ -13,7 +13,7 @@ export const screen = {
 };
 
 /** Erase from cursor to end of line. */
-export const eol = `${ESC}K`;
+const eol = `${ESC}K`;
 
 export const s = {
   reset: `${ESC}0m`,

package/src/config/config.ts

@@ -38,8 +38,13 @@ export async function loadConfig(): Promise<ProxyConfig> {
   const apiKey = await resolveApiKey(file);
   const providers = asRecord(file?.providers);
 
+  const port = asNumber(file?.port) ?? DEFAULTS.port;
+  if (port < 1 || port > 65535) {
+    throw new Error(`Invalid port ${port}: must be between 1 and 65535`);
+  }
+
   return {
-    port: asNumber(file?.port) ?? DEFAULTS.port,
+    port,
     ampUpstreamUrl: asString(file?.ampUpstreamUrl) ?? DEFAULTS.ampUpstreamUrl,
     ampApiKey: apiKey,
     exaApiKey: asString(file?.exaApiKey) ?? process.env.EXA_API_KEY,

package/src/constants.ts

@@ -38,7 +38,6 @@ export const OPENAI_TOKEN_URL = "https://auth.openai.com/oauth/token";
 export const GOOGLE_TOKEN_URL = "https://oauth2.googleapis.com/token";
 
 export const TOKEN_EXPIRY_BUFFER_MS = 5 * 60 * 1000;
-export const OAUTH_CALLBACK_TIMEOUT_MS = 120_000;
 export const CLAUDE_CODE_VERSION = "2.1.39";
 
 export const stainlessHeaders: Readonly<Record<string, string>> = {
@@ -48,8 +47,8 @@ export const stainlessHeaders: Readonly<Record<string, string>> = {
   "X-Stainless-Package-Version": "0.73.0",
   "X-Stainless-Runtime": "node",
   "X-Stainless-Lang": "js",
-  "X-Stainless-Arch": "arm64",
-  "X-Stainless-Os": "MacOS",
+  "X-Stainless-Arch": process.arch,
+  "X-Stainless-Os": process.platform === "darwin" ? "MacOS" : process.platform === "win32" ? "Windows" : "Linux",
   "X-Stainless-Timeout": "600",
 };
 

package/src/providers/anthropic.ts

@@ -11,7 +11,7 @@ import {
   stainlessHeaders,
 } from "../constants.ts";
 import type { Provider } from "./base.ts";
-import { denied, forward } from "./base.ts";
+import { denied, forward } from "./forward.ts";
 
 export const provider: Provider = {
   name: "Anthropic",

package/src/providers/antigravity.ts

@@ -10,7 +10,7 @@ import { buildUrl, maybeWrap, withUnwrap } from "../utils/code-assist.ts";
 import { logger } from "../utils/logger.ts";
 import * as path from "../utils/path.ts";
 import type { Provider } from "./base.ts";
-import { denied, forward } from "./base.ts";
+import { denied, forward } from "./forward.ts";
 
 const endpoints = [ANTIGRAVITY_DAILY_ENDPOINT, AUTOPUSH_ENDPOINT, CODE_ASSIST_ENDPOINT];
 
@@ -33,7 +33,7 @@ export const provider: Provider = {
 
   accountCount: () => oauth.accountCount(config),
 
-  async forward(sub, body, originalHeaders, rewrite, account = 0) {
+  async forward(sub, body, _originalHeaders, rewrite, account = 0) {
     const accessToken = await oauth.token(config, account);
     if (!accessToken) return denied("Antigravity");
 
@@ -44,12 +44,8 @@ export const provider: Provider = {
       ...antigravityHeaders,
       Authorization: `Bearer ${accessToken}`,
       "Content-Type": "application/json",
-      Accept: "text/event-stream",
+      Accept: body.stream ? "text/event-stream" : "application/json",
     };
-
-    const anthropicBeta = originalHeaders.get("anthropic-beta");
-    if (anthropicBeta) headers["anthropic-beta"] = anthropicBeta;
-
     const gemini = path.gemini(sub);
     const action = gemini?.action ?? "generateContent";
     const model = gemini?.model === "gemini-3-flash-preview" ? "gemini-3-flash" : (gemini?.model ?? "");

package/src/providers/base.ts

@@ -1,9 +1,7 @@
-/** Provider interface and shared request forwarding. */
+/** Provider interface — the contract every provider must implement. */
 
 import type { ParsedBody } from "../server/body.ts";
 import type { RouteDecision } from "../utils/logger.ts";
-import { logger } from "../utils/logger.ts";
-import * as sse from "../utils/streaming.ts";
 
 export interface Provider {
   readonly name: string;
@@ -18,73 +16,3 @@ export interface Provider {
     account?: number,
   ): Promise<Response>;
 }
-
-interface ForwardOptions {
-  url: string;
-  body: string;
-  streaming: boolean;
-  headers: Record<string, string>;
-  providerName: string;
-  rewrite?: (data: string) => string;
-  email?: string;
-}
-
-const RETRYABLE_STATUS = new Set([408, 500, 502, 503, 504]);
-const MAX_RETRIES = 3;
-const RETRY_DELAY_MS = 500;
-
-export async function forward(opts: ForwardOptions): Promise<Response> {
-  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
-    let response: Response;
-    try {
-      response = await fetch(opts.url, {
-        method: "POST",
-        headers: opts.headers,
-        body: opts.body,
-      });
-    } catch (err) {
-      if (attempt < MAX_RETRIES) {
-        logger.debug(`${opts.providerName} fetch error, retry ${attempt + 1}/${MAX_RETRIES}`, {
-          error: String(err),
-        });
-        await Bun.sleep(RETRY_DELAY_MS * (attempt + 1));
-        continue;
-      }
-      throw err;
-    }
-
-    // Retry on server errors (429 handled at routing layer)
-    if (RETRYABLE_STATUS.has(response.status) && attempt < MAX_RETRIES) {
-      await response.text(); // consume body
-      logger.debug(`${opts.providerName} returned ${response.status}, retry ${attempt + 1}/${MAX_RETRIES}`);
-      await Bun.sleep(RETRY_DELAY_MS * (attempt + 1));
-      continue;
-    }
-
-    const contentType = response.headers.get("Content-Type") ?? "application/json";
-
-    if (!response.ok) {
-      const text = await response.text();
-      const ctx = opts.email ? ` account=${opts.email}` : "";
-      logger.error(`${opts.providerName} API error (${response.status})${ctx}`, { error: text.slice(0, 200) });
-      return new Response(text, { status: response.status, headers: { "Content-Type": contentType } });
-    }
-
-    const isSSE = contentType.includes("text/event-stream") || opts.streaming;
-    if (isSSE) return sse.proxy(response, opts.rewrite);
-
-    if (opts.rewrite) {
-      const text = await response.text();
-      return new Response(opts.rewrite(text), { status: response.status, headers: { "Content-Type": contentType } });
-    }
-
-    return new Response(response.body, { status: response.status, headers: { "Content-Type": contentType } });
-  }
-
-  // Unreachable, but TypeScript needs it
-  throw new Error(`${opts.providerName}: all retries exhausted`);
-}
-
-export function denied(providerName: string): Response {
-  return Response.json({ error: `No ${providerName} OAuth token available. Run login first.` }, { status: 401 });
-}

package/src/providers/codex-sse.ts

@@ -50,7 +50,7 @@ interface TransformState {
 }
 
 /** Create a stateful SSE transformer: Responses API → Chat Completions. */
-export function createResponseTransformer(ampModel: string): (data: string) => string {
+function createResponseTransformer(ampModel: string): (data: string) => string {
   const state: TransformState = {
     responseId: "",
     model: ampModel,

package/src/providers/codex.ts

@@ -10,8 +10,8 @@ import * as store from "../auth/store.ts";
 import { CODEX_BASE_URL, codexHeaders, codexHeaderValues, codexPathMap } from "../constants.ts";
 import { fromBase64url } from "../utils/encoding.ts";
 import type { Provider } from "./base.ts";
-import { denied, forward } from "./base.ts";
 import { transformCodexResponse } from "./codex-sse.ts";
+import { denied, forward } from "./forward.ts";
 
 const DEFAULT_INSTRUCTIONS = "You are an expert coding assistant.";
 

package/src/providers/forward.ts

@@ -0,0 +1,74 @@
+/** HTTP forwarding with transport-level retry, SSE proxying, and response rewriting. */
+
+import { logger } from "../utils/logger.ts";
+import * as sse from "../utils/streaming.ts";
+
+export interface ForwardOptions {
+  url: string;
+  body: string;
+  streaming: boolean;
+  headers: Record<string, string>;
+  providerName: string;
+  rewrite?: (data: string) => string;
+  email?: string;
+}
+
+const RETRYABLE_STATUS = new Set([408, 500, 502, 503, 504]);
+const MAX_RETRIES = 3;
+const RETRY_DELAY_MS = 500;
+
+export async function forward(opts: ForwardOptions): Promise<Response> {
+  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+    let response: Response;
+    try {
+      response = await fetch(opts.url, {
+        method: "POST",
+        headers: opts.headers,
+        body: opts.body,
+      });
+    } catch (err) {
+      if (attempt < MAX_RETRIES) {
+        logger.debug(`${opts.providerName} fetch error, retry ${attempt + 1}/${MAX_RETRIES}`, {
+          error: String(err),
+        });
+        await Bun.sleep(RETRY_DELAY_MS * (attempt + 1));
+        continue;
+      }
+      throw err;
+    }
+
+    // Retry on server errors (429 handled at routing layer)
+    if (RETRYABLE_STATUS.has(response.status) && attempt < MAX_RETRIES) {
+      await response.text(); // consume body
+      logger.debug(`${opts.providerName} returned ${response.status}, retry ${attempt + 1}/${MAX_RETRIES}`);
+      await Bun.sleep(RETRY_DELAY_MS * (attempt + 1));
+      continue;
+    }
+
+    const contentType = response.headers.get("Content-Type") ?? "application/json";
+
+    if (!response.ok) {
+      const text = await response.text();
+      const ctx = opts.email ? ` account=${opts.email}` : "";
+      logger.error(`${opts.providerName} API error (${response.status})${ctx}`, { error: text.slice(0, 200) });
+      return new Response(text, { status: response.status, headers: { "Content-Type": contentType } });
+    }
+
+    const isSSE = contentType.includes("text/event-stream") || opts.streaming;
+    if (isSSE) return sse.proxy(response, opts.rewrite);
+
+    if (opts.rewrite) {
+      const text = await response.text();
+      return new Response(opts.rewrite(text), { status: response.status, headers: { "Content-Type": contentType } });
+    }
+
+    return new Response(response.body, { status: response.status, headers: { "Content-Type": contentType } });
+  }
+
+  // Unreachable, but TypeScript needs it
+  throw new Error(`${opts.providerName}: all retries exhausted`);
+}
+
+export function denied(providerName: string): Response {
+  return Response.json({ error: `No ${providerName} OAuth token available. Run login first.` }, { status: 401 });
+}

package/src/providers/gemini.ts

@@ -12,7 +12,7 @@ import { buildUrl, maybeWrap, withUnwrap } from "../utils/code-assist.ts";
 import { logger } from "../utils/logger.ts";
 import * as path from "../utils/path.ts";
 import type { Provider } from "./base.ts";
-import { denied, forward } from "./base.ts";
+import { denied, forward } from "./forward.ts";
 
 const geminiHeaders: Readonly<Record<string, string>> = {
   "User-Agent": "google-cloud-sdk vscode_cloudshelleditor/0.1",
@@ -44,7 +44,7 @@ export const provider: Provider = {
       ...geminiHeaders,
       Authorization: `Bearer ${accessToken}`,
       "Content-Type": "application/json",
-      Accept: "text/event-stream",
+      Accept: body.stream ? "text/event-stream" : "application/json",
     };
 
     const gemini = path.gemini(sub);

package/src/routing/affinity.ts

@@ -5,7 +5,7 @@
 
 import type { QuotaPool } from "./cooldown.ts";
 
-export interface AffinityEntry {
+interface AffinityEntry {
   pool: QuotaPool;
   account: number;
   assignedAt: number;
@@ -16,7 +16,7 @@ const TTL_MS = 2 * 3600_000;
 /** Cleanup stale entries every 10 minutes. */
 const CLEANUP_INTERVAL_MS = 10 * 60_000;
 
-export class AffinityStore {
+class AffinityStore {
   private map = new Map<string, AffinityEntry>();
   private counts = new Map<string, number>();
   private cleanupTimer: Timer | null = null;

package/src/routing/cooldown.ts

@@ -22,7 +22,7 @@ const EXHAUSTED_CONSECUTIVE = 3;
 /** Default burst cooldown when no Retry-After header. */
 const DEFAULT_BURST_S = 30;
 
-export class CooldownTracker {
+class CooldownTracker {
   private entries = new Map<string, CooldownEntry>();
 
   private key(pool: QuotaPool, account: number): string {

package/src/tools/web-read.ts

@@ -1,15 +1,16 @@
 /** Local handler for extractWebPageContent — fetches a URL, converts to Markdown, ranks by objective. */
 
-import { convert, JsPreprocessingPreset } from "@kreuzberg/html-to-markdown";
+import TurndownService from "turndown";
+import { gfm } from "turndown-plugin-gfm";
 import { logger } from "../utils/logger.ts";
 
-export interface WebReadParams {
+interface WebReadParams {
   url: string;
   objective?: string;
   forceRefetch?: boolean;
 }
 
-export type WebReadResult =
+type WebReadResult =
   | { ok: true; result: { excerpts: string[] } | { fullContent: string } }
   | { ok: false; error: { code: string; message: string } };
 
@@ -55,10 +56,9 @@ const CLIPPING = {
   EXCERPT_SEP_BYTES: 2, // "\n\n" separator
 } as const;
 
-const HTML_OPTIONS = {
-  skipImages: true,
-  preprocessing: { enabled: true, preset: JsPreprocessingPreset.Aggressive },
-};
+const turndown = new TurndownService({ headingStyle: "atx", codeBlockStyle: "fenced" });
+turndown.use(gfm);
+turndown.remove(["script", "style", "img"]);
 
 // biome-ignore format: compact
 const STOP_WORDS = new Set(
@@ -141,7 +141,7 @@ function fetchError(message: string): FetchErr {
 
 function convertToMarkdown(raw: string, contentType: string): string {
   if (contentType.includes("text/html") || contentType.includes("application/xhtml")) {
-    return convert(raw, HTML_OPTIONS);
+    return turndown.turndown(raw);
   }
 
   if (contentType.includes("application/json")) {

package/src/tools/web-search.ts

@@ -14,7 +14,7 @@ function getExa(apiKey: string): InstanceType<typeof Exa> {
   return _exa;
 }
 
-export interface SearchParams {
+interface SearchParams {
   objective: string;
   searchQueries?: string[];
   maxResults?: number;

package/src/types/turndown-plugin-gfm.d.ts

@@ -0,0 +1,8 @@
+declare module "turndown-plugin-gfm" {
+  import type TurndownService from "turndown";
+  export function gfm(service: TurndownService): void;
+  export function tables(service: TurndownService): void;
+  export function strikethrough(service: TurndownService): void;
+  export function taskListItems(service: TurndownService): void;
+  export function highlightedCodeBlock(service: TurndownService): void;
+}

package/src/utils/code-assist.ts

@@ -10,7 +10,7 @@ interface WrapOptions {
 }
 
 /** Wrap a raw request body in the Cloud Code Assist envelope. */
-export function wrapRequest(opts: WrapOptions): string {
+function wrapRequest(opts: WrapOptions): string {
   return JSON.stringify({
     project: opts.projectId,
     model: opts.model,

package/src/utils/streaming.ts

@@ -51,10 +51,7 @@ export function encode(chunk: Chunk): string {
 const decoder = new TextDecoder();
 const encoder = new TextEncoder();
 
-export function transform(
-  source: ReadableStream<Uint8Array>,
-  fn: (data: string) => string,
-): ReadableStream<Uint8Array> {
+function transform(source: ReadableStream<Uint8Array>, fn: (data: string) => string): ReadableStream<Uint8Array> {
   let buffer = "";
 
   const stream = new TransformStream<Uint8Array, Uint8Array>({