arcagent-mcp 0.1.0

package/README.md

@@ -0,0 +1,84 @@
+# arcagent-mcp
+
+MCP server for arcagent bounty workflows.
+
+## Install / Run
+
+```bash
+ARCAGENT_API_KEY=arc_xxx npx -y arcagent-mcp
+```
+
+## Claude Desktop Example
+
+```json
+{
+  "mcpServers": {
+    "arcagent": {
+      "command": "npx",
+      "args": ["-y", "arcagent-mcp"],
+      "env": {
+        "ARCAGENT_API_KEY": "arc_xxx"
+      }
+    }
+  }
+}
+```
+
+## HTTP Deployment Mode
+
+```bash
+MCP_TRANSPORT=http \
+MCP_PORT=3002 \
+MCP_SHARED_SECRET=... \
+WORKER_SHARED_SECRET=... \
+CONVEX_URL=... \
+node dist/index.js
+```
+
+## Environment Variables
+
+- `ARCAGENT_API_KEY`: per-agent API key (stdio and optional HTTP auth)
+- `MCP_SHARED_SECRET`: infrastructure-level auth secret for Convex calls
+- `MCP_TRANSPORT`: `stdio` (default) or `http`
+- `MCP_PORT`: HTTP port, default `3002`
+- `MCP_STARTUP_MODE`: `full` (default) or `registration-only`
+- `MCP_REQUIRE_AUTH_ON_STREAMS`: require auth for `/mcp` `GET`/`DELETE` (default `true`)
+- `MCP_SESSION_TTL_MS`: session expiry in milliseconds (default `900000`)
+- `MCP_MAX_SESSIONS`: max active HTTP sessions (default `5000`)
+- `MCP_JSON_BODY_LIMIT`: request body limit (default `1mb`)
+- `RATE_LIMIT_STORE`: `memory` (default) or `redis`
+- `RATE_LIMIT_REDIS_URL`: Redis URL for distributed rate limiting
+- `WORKER_SHARED_SECRET`: enables workspace tools and worker auth
+- `CLERK_SECRET_KEY`: enables account registration endpoint
+
+## Release
+
+```bash
+npm test
+npm run prepack
+npm run pack:check
+npm publish --access public
+```
+
+## Compatibility
+
+- Claude Desktop MCP
+- Codex MCP clients
+- Streamable HTTP MCP clients
+
+## Registration-Only Bootstrap Mode
+
+For first-time agent onboarding, run in HTTP registration-only mode:
+
+```bash
+MCP_TRANSPORT=http \
+MCP_STARTUP_MODE=registration-only \
+MCP_SHARED_SECRET=... \
+CLERK_SECRET_KEY=... \
+CONVEX_URL=... \
+node dist/index.js
+```
+
+In this mode:
+- `POST /api/mcp/register` is available (no API key required)
+- `/mcp` tool transport is intentionally disabled (`503`)

package/dist/auth/apiKeyAuth.d.ts

@@ -0,0 +1,16 @@
+import { AuthenticatedUser } from "../lib/types";
+/**
+ * Validate an API key and return the authenticated user.
+ * Results are cached for 60 seconds.
+ */
+/** Structured validation error for API key format issues */
+export declare class ApiKeyFormatError extends Error {
+    constructor(message: string);
+}
+export declare function validateApiKey(apiKey: string): Promise<AuthenticatedUser | null>;
+export declare function getApiKeyAuthCacheSize(): number;
+/**
+ * Extract API key from Authorization header.
+ */
+export declare function extractApiKey(authHeader: string | undefined): string | null;
+//# sourceMappingURL=apiKeyAuth.d.ts.map

package/dist/auth/apiKeyAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiKeyAuth.d.ts","sourceRoot":"","sources":["../../src/auth/apiKeyAuth.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAUjD;;;GAGG;AACH,4DAA4D;AAC5D,qBAAa,iBAAkB,SAAQ,KAAK;gBAC9B,OAAO,EAAE,MAAM;CAI5B;AAED,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CA0CnC;AAED,wBAAgB,sBAAsB,IAAI,MAAM,CAE/C;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAK3E"}

package/dist/auth/apiKeyAuth.js

@@ -0,0 +1,65 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiKeyFormatError = void 0;
+exports.validateApiKey = validateApiKey;
+exports.getApiKeyAuthCacheSize = getApiKeyAuthCacheSize;
+exports.extractApiKey = extractApiKey;
+const crypto_1 = require("../lib/crypto");
+const client_1 = require("../convex/client");
+const lruCache_1 = require("../lib/lruCache");
+const CACHE_TTL_MS = 60_000; // 60 seconds
+const CACHE_MAX_ENTRIES = 10_000;
+const cache = new lruCache_1.LruTtlCache(CACHE_MAX_ENTRIES, CACHE_TTL_MS);
+/**
+ * Validate an API key and return the authenticated user.
+ * Results are cached for 60 seconds.
+ */
+/** Structured validation error for API key format issues */
+class ApiKeyFormatError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "ApiKeyFormatError";
+    }
+}
+exports.ApiKeyFormatError = ApiKeyFormatError;
+async function validateApiKey(apiKey) {
+    if (!apiKey.startsWith("arc_")) {
+        throw new ApiKeyFormatError("API key must start with 'arc_'");
+    }
+    if (apiKey.length < 36 || apiKey.length > 52) {
+        throw new ApiKeyFormatError(`API key must be between 36 and 52 characters (got ${apiKey.length})`);
+    }
+    const keyHash = (0, crypto_1.hashApiKey)(apiKey);
+    // Check cache
+    const cached = cache.get(keyHash);
+    if (cached)
+        return cached;
+    // Validate against Convex
+    const result = await (0, client_1.callConvex)("/api/mcp/auth/validate", { keyHash });
+    if (!result.valid || !result.user || !result.userId || !result.scopes) {
+        throw new ApiKeyFormatError("API key not found — it may have been revoked or expired");
+    }
+    const user = {
+        userId: result.userId,
+        name: result.user.name,
+        email: result.user.email,
+        role: result.user.role,
+        scopes: result.scopes,
+    };
+    // Cache the result
+    cache.set(keyHash, user);
+    return user;
+}
+function getApiKeyAuthCacheSize() {
+    return cache.size();
+}
+/**
+ * Extract API key from Authorization header.
+ */
+function extractApiKey(authHeader) {
+    if (!authHeader || !authHeader.startsWith("Bearer ")) {
+        return null;
+    }
+    return authHeader.slice("Bearer ".length);
+}
+//# sourceMappingURL=apiKeyAuth.js.map

package/dist/auth/apiKeyAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiKeyAuth.js","sourceRoot":"","sources":["../../src/auth/apiKeyAuth.ts"],"names":[],"mappings":";;;AAwBA,wCA4CC;AAED,wDAEC;AAKD,sCAKC;AAlFD,0CAA2C;AAC3C,6CAA8C;AAE9C,8CAA8C;AAE9C,MAAM,YAAY,GAAG,MAAM,CAAC,CAAC,aAAa;AAC1C,MAAM,iBAAiB,GAAG,MAAM,CAAC;AACjC,MAAM,KAAK,GAAG,IAAI,sBAAW,CAC3B,iBAAiB,EACjB,YAAY,CACb,CAAC;AAEF;;;GAGG;AACH,4DAA4D;AAC5D,MAAa,iBAAkB,SAAQ,KAAK;IAC1C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AALD,8CAKC;AAEM,KAAK,UAAU,cAAc,CAClC,MAAc;IAEd,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,iBAAiB,CAAC,gCAAgC,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC7C,MAAM,IAAI,iBAAiB,CACzB,qDAAqD,MAAM,CAAC,MAAM,GAAG,CACtE,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,mBAAU,EAAC,MAAM,CAAC,CAAC;IAEnC,cAAc;IACd,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,0BAA0B;IAC1B,MAAM,MAAM,GAAG,MAAM,IAAA,mBAAU,EAK5B,wBAAwB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IAE1C,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACtE,MAAM,IAAI,iBAAiB,CACzB,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAsB;QAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI;QACtB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI;QACtB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC;IAEF,mBAAmB;IACnB,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAEzB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,sBAAsB;IACpC,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,UAA8B;IAC1D,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAC5C,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,21 @@
+export type RateLimitStore = "memory" | "redis";
+export type StartupMode = "full" | "registration-only";
+export interface ServerConfig {
+    convexUrl: string;
+    mcpSharedSecret?: string;
+    arcagentApiKey?: string;
+    workerSharedSecret?: string;
+    clerkSecretKey?: string;
+    mcpPort: number;
+    transport: "stdio" | "http";
+    requireAuthOnStreams: boolean;
+    sessionTtlMs: number;
+    maxSessions: number;
+    jsonBodyLimit: string;
+    rateLimitStore: RateLimitStore;
+    rateLimitRedisUrl?: string;
+    startupMode: StartupMode;
+}
+export declare function loadServerConfig(env?: NodeJS.ProcessEnv): ServerConfig;
+export declare function assertConfig(config: ServerConfig): void;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,OAAO,CAAC;AAChD,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,mBAAmB,CAAC;AAEvD,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,OAAO,GAAG,MAAM,CAAC;IAC5B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,cAAc,CAAC;IAC/B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,WAAW,CAAC;CAC1B;AAiBD,wBAAgB,gBAAgB,CAC9B,GAAG,GAAE,MAAM,CAAC,UAAwB,GACnC,YAAY,CAyBd;AAED,wBAAgB,YAAY,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI,CAmBvD"}

package/dist/config.js

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadServerConfig = loadServerConfig;
+exports.assertConfig = assertConfig;
+const DEFAULT_CONVEX_URL = "https://acoustic-starfish-282.convex.cloud";
+function parseIntEnv(value, fallback) {
+    if (!value)
+        return fallback;
+    const parsed = Number.parseInt(value, 10);
+    return Number.isFinite(parsed) && parsed > 0 ? parsed : fallback;
+}
+function parseBoolEnv(value, fallback) {
+    if (!value)
+        return fallback;
+    if (value === "true" || value === "1")
+        return true;
+    if (value === "false" || value === "0")
+        return false;
+    return fallback;
+}
+function loadServerConfig(env = process.env) {
+    const transport = env.MCP_TRANSPORT === "http" ? "http" : "stdio";
+    const rateLimitStore = env.RATE_LIMIT_STORE === "redis"
+        ? "redis"
+        : "memory";
+    const startupMode = env.MCP_STARTUP_MODE === "registration-only"
+        ? "registration-only"
+        : "full";
+    return {
+        convexUrl: env.CONVEX_URL || DEFAULT_CONVEX_URL,
+        mcpSharedSecret: env.MCP_SHARED_SECRET,
+        arcagentApiKey: env.ARCAGENT_API_KEY,
+        workerSharedSecret: env.WORKER_SHARED_SECRET,
+        clerkSecretKey: env.CLERK_SECRET_KEY,
+        mcpPort: parseIntEnv(env.MCP_PORT, 3002),
+        transport,
+        requireAuthOnStreams: parseBoolEnv(env.MCP_REQUIRE_AUTH_ON_STREAMS, true),
+        sessionTtlMs: parseIntEnv(env.MCP_SESSION_TTL_MS, 900_000),
+        maxSessions: parseIntEnv(env.MCP_MAX_SESSIONS, 5_000),
+        jsonBodyLimit: env.MCP_JSON_BODY_LIMIT || "1mb",
+        rateLimitStore,
+        rateLimitRedisUrl: env.RATE_LIMIT_REDIS_URL || env.REDIS_URL,
+        startupMode,
+    };
+}
+function assertConfig(config) {
+    if (config.startupMode === "registration-only") {
+        if (config.transport !== "http") {
+            throw new Error("MCP_STARTUP_MODE=registration-only requires MCP_TRANSPORT=http");
+        }
+        if (!config.mcpSharedSecret) {
+            throw new Error("MCP_STARTUP_MODE=registration-only requires MCP_SHARED_SECRET");
+        }
+        if (!config.clerkSecretKey) {
+            throw new Error("MCP_STARTUP_MODE=registration-only requires CLERK_SECRET_KEY");
+        }
+        return;
+    }
+    if (!config.mcpSharedSecret && !config.arcagentApiKey) {
+        throw new Error("Either MCP_SHARED_SECRET (self-hosted) or ARCAGENT_API_KEY (npx) is required");
+    }
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":";;AAmCA,4CA2BC;AAED,oCAmBC;AA/DD,MAAM,kBAAkB,GAAG,4CAA4C,CAAC;AAExE,SAAS,WAAW,CAAC,KAAyB,EAAE,QAAgB;IAC9D,IAAI,CAAC,KAAK;QAAE,OAAO,QAAQ,CAAC;IAC5B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC;AACnE,CAAC;AAED,SAAS,YAAY,CAAC,KAAyB,EAAE,QAAiB;IAChE,IAAI,CAAC,KAAK;QAAE,OAAO,QAAQ,CAAC;IAC5B,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACnD,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,KAAK,CAAC;IACrD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAgB,gBAAgB,CAC9B,MAAyB,OAAO,CAAC,GAAG;IAEpC,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IAClE,MAAM,cAAc,GAAmB,GAAG,CAAC,gBAAgB,KAAK,OAAO;QACrE,CAAC,CAAC,OAAO;QACT,CAAC,CAAC,QAAQ,CAAC;IACb,MAAM,WAAW,GAAgB,GAAG,CAAC,gBAAgB,KAAK,mBAAmB;QAC3E,CAAC,CAAC,mBAAmB;QACrB,CAAC,CAAC,MAAM,CAAC;IAEX,OAAO;QACL,SAAS,EAAE,GAAG,CAAC,UAAU,IAAI,kBAAkB;QAC/C,eAAe,EAAE,GAAG,CAAC,iBAAiB;QACtC,cAAc,EAAE,GAAG,CAAC,gBAAgB;QACpC,kBAAkB,EAAE,GAAG,CAAC,oBAAoB;QAC5C,cAAc,EAAE,GAAG,CAAC,gBAAgB;QACpC,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC;QACxC,SAAS;QACT,oBAAoB,EAAE,YAAY,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAC;QACzE,YAAY,EAAE,WAAW,CAAC,GAAG,CAAC,kBAAkB,EAAE,OAAO,CAAC;QAC1D,WAAW,EAAE,WAAW,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC;QACrD,aAAa,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK;QAC/C,cAAc;QACd,iBAAiB,EAAE,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,SAAS;QAC5D,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAgB,YAAY,CAAC,MAAoB;IAC/C,IAAI,MAAM,CAAC,WAAW,KAAK,mBAAmB,EAAE,CAAC;QAC/C,IAAI,MAAM,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;QACpF,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/convex/client.d.ts

@@ -0,0 +1,7 @@
+/**
+ * HTTP client for calling Convex internal endpoints.
+ * All calls are authenticated with MCP_SHARED_SECRET.
+ */
+export declare function initConvexClient(url: string, secret: string): void;
+export declare function callConvex<T = unknown>(path: string, body: Record<string, unknown>): Promise<T>;
+//# sourceMappingURL=client.d.ts.map

package/dist/convex/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/convex/client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAGlE;AAED,wBAAsB,UAAU,CAAC,CAAC,GAAG,OAAO,EAC1C,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,OAAO,CAAC,CAAC,CAAC,CA6CZ"}

package/dist/convex/client.js

@@ -0,0 +1,60 @@
+"use strict";
+/**
+ * HTTP client for calling Convex internal endpoints.
+ * All calls are authenticated with MCP_SHARED_SECRET.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initConvexClient = initConvexClient;
+exports.callConvex = callConvex;
+const REQUEST_TIMEOUT_MS = 15_000;
+let convexUrl;
+let sharedSecret;
+function initConvexClient(url, secret) {
+    convexUrl = url.replace(/\/+$/, "");
+    sharedSecret = secret;
+}
+async function callConvex(path, body) {
+    const url = `${convexUrl}${path}`;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+    try {
+        const response = await fetch(url, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${sharedSecret}`,
+            },
+            body: JSON.stringify(body),
+            signal: controller.signal,
+        });
+        clearTimeout(timeoutId);
+        if (!response.ok) {
+            const rawText = await response.text().catch(() => "");
+            // Try to extract a structured error message from Convex JSON responses
+            let errorMessage;
+            try {
+                const parsed = JSON.parse(rawText);
+                errorMessage = parsed.message || parsed.error || rawText.slice(0, 200);
+            }
+            catch {
+                // Non-JSON response (e.g. HTML error page from 502/503)
+                if (response.status === 401 || response.status === 403) {
+                    errorMessage = "Authentication failed. Check your API key.";
+                }
+                else {
+                    errorMessage = `Server error (${response.status}). Please retry.`;
+                }
+            }
+            throw new Error(errorMessage);
+        }
+        return (await response.json());
+    }
+    catch (err) {
+        clearTimeout(timeoutId);
+        if (err instanceof Error && err.name === "AbortError") {
+            throw new Error(`Convex request timed out: ${path}`);
+        }
+        throw err;
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/convex/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/convex/client.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAOH,4CAGC;AAED,gCAgDC;AA1DD,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAElC,IAAI,SAAiB,CAAC;AACtB,IAAI,YAAoB,CAAC;AAEzB,SAAgB,gBAAgB,CAAC,GAAW,EAAE,MAAc;IAC1D,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACpC,YAAY,GAAG,MAAM,CAAC;AACxB,CAAC;AAEM,KAAK,UAAU,UAAU,CAC9B,IAAY,EACZ,IAA6B;IAE7B,MAAM,GAAG,GAAG,GAAG,SAAS,GAAG,IAAI,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,kBAAkB,CAAC,CAAC;IAE3E,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,YAAY,EAAE;aACxC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;YAC1B,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,YAAY,CAAC,SAAS,CAAC,CAAC;QAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACtD,uEAAuE;YACvE,IAAI,YAAoB,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACnC,YAAY,GAAG,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACP,wDAAwD;gBACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBACvD,YAAY,GAAG,4CAA4C,CAAC;gBAC9D,CAAC;qBAAM,CAAC;oBACN,YAAY,GAAG,iBAAiB,QAAQ,CAAC,MAAM,kBAAkB,CAAC;gBACpE,CAAC;YACH,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;IACtC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,EAAE,CAAC,CAAC;QACvD,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+import express from "express";
+import { type ServerConfig } from "./config";
+import { SessionStore } from "./lib/sessionStore";
+interface HttpRuntime {
+    app: express.Express;
+    close: () => Promise<void>;
+    sessions: SessionStore;
+}
+export declare function createHttpRuntime(config: ServerConfig): Promise<HttpRuntime>;
+export declare function main(config?: ServerConfig): Promise<void>;
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAGA,OAAO,OAAwC,MAAM,SAAS,CAAC;AAI/D,OAAO,EAAkC,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AAK7E,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAMlD,UAAU,WAAW;IACnB,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC;IACrB,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,QAAQ,EAAE,YAAY,CAAC;CACxB;AA2CD,wBAAsB,iBAAiB,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CA0QlF;AAmDD,wBAAsB,IAAI,CAAC,MAAM,eAAqB,GAAG,OAAO,CAAC,IAAI,CAAC,CAwBrE"}