npm - berget - Versions diffs - 2.2.5 → 2.2.7 - Mend

berget 2.2.5 → 2.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (148) hide show

package/.github/workflows/publish.yml +8 -8
package/.github/workflows/test.yml +12 -6
package/.husky/pre-commit +1 -0
package/.prettierignore +15 -0
package/.prettierrc +5 -3
package/CONTRIBUTING.md +38 -0
package/README.md +2 -148
package/dist/index.js +21 -21
package/dist/package.json +30 -2
package/dist/src/agents/app.js +28 -0
package/dist/src/agents/backend.js +25 -0
package/dist/src/agents/devops.js +34 -0
package/dist/src/agents/frontend.js +25 -0
package/dist/src/agents/fullstack.js +25 -0
package/dist/src/agents/index.js +61 -0
package/dist/src/agents/quality.js +70 -0
package/dist/src/agents/security.js +26 -0
package/dist/src/agents/types.js +2 -0
package/dist/src/client.js +54 -62
package/dist/src/commands/api-keys.js +132 -140
package/dist/src/commands/auth.js +9 -9
package/dist/src/commands/autocomplete.js +9 -9
package/dist/src/commands/billing.js +7 -9
package/dist/src/commands/chat.js +90 -92
package/dist/src/commands/clusters.js +12 -12
package/dist/src/commands/code/__tests__/auth-sync.test.js +348 -0
package/dist/src/commands/code/__tests__/fake-api-key-service.js +23 -0
package/dist/src/commands/code/__tests__/fake-auth-service.js +55 -0
package/dist/src/commands/code/__tests__/fake-command-runner.js +50 -0
package/dist/src/commands/code/__tests__/fake-file-store.js +55 -0
package/dist/src/commands/code/__tests__/fake-prompter.js +133 -0
package/dist/src/commands/code/__tests__/setup-flow.test.js +505 -0
package/dist/src/commands/code/adapters/clack-prompter.js +81 -0
package/dist/src/commands/code/adapters/fs-file-store.js +80 -0
package/dist/src/commands/code/adapters/spawn-command-runner.js +53 -0
package/dist/src/commands/code/auth-sync.js +283 -0
package/dist/src/commands/code/errors.js +27 -0
package/dist/src/commands/code/ports/auth-services.js +2 -0
package/dist/src/commands/code/ports/command-runner.js +2 -0
package/dist/src/commands/code/ports/file-store.js +2 -0
package/dist/src/commands/code/ports/prompter.js +2 -0
package/dist/src/commands/code/setup.js +533 -0
package/dist/src/commands/code.js +223 -779
package/dist/src/commands/models.js +13 -15
package/dist/src/commands/users.js +6 -8
package/dist/src/constants/command-structure.js +116 -114
package/dist/src/services/api-key-service.js +43 -48
package/dist/src/services/auth-service.js +60 -299
package/dist/src/services/browser-auth.js +278 -0
package/dist/src/services/chat-service.js +78 -91
package/dist/src/services/cluster-service.js +6 -6
package/dist/src/services/collaborator-service.js +5 -8
package/dist/src/services/flux-service.js +5 -8
package/dist/src/services/helm-service.js +5 -8
package/dist/src/services/kubectl-service.js +7 -10
package/dist/src/utils/config-checker.js +5 -5
package/dist/src/utils/config-loader.js +25 -25
package/dist/src/utils/default-api-key.js +23 -23
package/dist/src/utils/env-manager.js +7 -7
package/dist/src/utils/error-handler.js +60 -61
package/dist/src/utils/logger.js +7 -7
package/dist/src/utils/markdown-renderer.js +2 -2
package/dist/src/utils/opencode-validator.js +17 -20
package/dist/src/utils/token-manager.js +38 -11
package/dist/tests/commands/chat.test.js +24 -24
package/dist/tests/commands/code.test.js +169 -138
package/dist/tests/utils/config-loader.test.js +114 -114
package/dist/tests/utils/env-manager.test.js +57 -57
package/dist/tests/utils/opencode-validator.test.js +44 -43
package/dist/vitest.config.js +1 -1
package/eslint.config.mjs +47 -0
package/index.ts +42 -48
package/package.json +30 -2
package/src/agents/app.ts +27 -0
package/src/agents/backend.ts +24 -0
package/src/agents/devops.ts +33 -0
package/src/agents/frontend.ts +24 -0
package/src/agents/fullstack.ts +24 -0
package/src/agents/index.ts +71 -0
package/src/agents/quality.ts +69 -0
package/src/agents/security.ts +26 -0
package/src/agents/types.ts +17 -0
package/src/client.ts +125 -167
package/src/commands/api-keys.ts +261 -358
package/src/commands/auth.ts +24 -30
package/src/commands/autocomplete.ts +12 -12
package/src/commands/billing.ts +22 -27
package/src/commands/chat.ts +230 -323
package/src/commands/clusters.ts +33 -33
package/src/commands/code/__tests__/auth-sync.test.ts +481 -0
package/src/commands/code/__tests__/fake-api-key-service.ts +13 -0
package/src/commands/code/__tests__/fake-auth-service.ts +50 -0
package/src/commands/code/__tests__/fake-command-runner.ts +44 -0
package/src/commands/code/__tests__/fake-file-store.ts +44 -0
package/src/commands/code/__tests__/fake-prompter.ts +121 -0
package/src/commands/code/__tests__/setup-flow.test.ts +628 -0
package/src/commands/code/adapters/clack-prompter.ts +55 -0
package/src/commands/code/adapters/fs-file-store.ts +37 -0
package/src/commands/code/adapters/spawn-command-runner.ts +40 -0
package/src/commands/code/auth-sync.ts +329 -0
package/src/commands/code/errors.ts +23 -0
package/src/commands/code/ports/auth-services.ts +14 -0
package/src/commands/code/ports/command-runner.ts +10 -0
package/src/commands/code/ports/file-store.ts +7 -0
package/src/commands/code/ports/prompter.ts +29 -0
package/src/commands/code/setup.ts +630 -0
package/src/commands/code.ts +335 -1074
package/src/commands/index.ts +19 -19
package/src/commands/models.ts +32 -37
package/src/commands/users.ts +15 -22
package/src/constants/command-structure.ts +120 -140
package/src/services/api-key-service.ts +96 -113
package/src/services/auth-service.ts +92 -339
package/src/services/browser-auth.ts +296 -0
package/src/services/chat-service.ts +246 -279
package/src/services/cluster-service.ts +29 -32
package/src/services/collaborator-service.ts +13 -18
package/src/services/flux-service.ts +16 -18
package/src/services/helm-service.ts +16 -18
package/src/services/kubectl-service.ts +12 -14
package/src/types/api.d.ts +924 -926
package/src/types/json.d.ts +3 -3
package/src/utils/config-checker.ts +10 -10
package/src/utils/config-loader.ts +110 -127
package/src/utils/default-api-key.ts +81 -93
package/src/utils/env-manager.ts +36 -40
package/src/utils/error-handler.ts +83 -78
package/src/utils/logger.ts +41 -41
package/src/utils/markdown-renderer.ts +11 -11
package/src/utils/opencode-validator.ts +51 -56
package/src/utils/token-manager.ts +84 -64
package/templates/agents/app.md +23 -0
package/templates/agents/backend.md +23 -0
package/templates/agents/devops.md +30 -0
package/templates/agents/frontend.md +25 -0
package/templates/agents/fullstack.md +23 -0
package/templates/agents/quality.md +69 -0
package/templates/agents/security.md +21 -0
package/tests/commands/chat.test.ts +60 -70
package/tests/commands/code.test.ts +346 -345
package/tests/utils/config-loader.test.ts +260 -260
package/tests/utils/env-manager.test.ts +127 -134
package/tests/utils/opencode-validator.test.ts +65 -69
package/tsconfig.json +2 -2
package/vitest.config.ts +3 -3
package/AGENTS.md +0 -374
package/TODO.md +0 -19
package/opencode.json +0 -146

package/src/services/browser-auth.ts ADDED Viewed

@@ -0,0 +1,296 @@
+import * as http from "http";
+import * as net from "net";
+import * as crypto from "crypto";
+export interface BrowserAuthResult {
+  success: boolean;
+  accessToken?: string;
+  refreshToken?: string;
+  expiresIn?: number;
+  error?: string;
+}
+export interface BrowserAuthOptions {
+  keycloakUrl: string;
+  realm: string;
+  clientId: string;
+  callbackPort: number;
+  debug?: boolean;
+}
+export class BrowserAuth {
+  constructor(private readonly options: BrowserAuthOptions) {}
+  async start(): Promise<BrowserAuthResult> {
+    const { keycloakUrl, realm, clientId, callbackPort, debug } = this.options;
+    // Generate PKCE code verifier and challenge
+    const codeVerifier = this.generateCodeVerifier();
+    const codeChallenge = this.generateCodeChallenge(codeVerifier);
+    const state = crypto.randomBytes(16).toString("hex");
+    const redirectUri = `http://localhost:${callbackPort}/callback`;
+    // Build authorization URL
+    const authUrl = new URL(`${keycloakUrl}/realms/${realm}/protocol/openid-connect/auth`);
+    authUrl.searchParams.set("client_id", clientId);
+    authUrl.searchParams.set("response_type", "code");
+    authUrl.searchParams.set("redirect_uri", redirectUri);
+    authUrl.searchParams.set("scope", "openid email profile");
+    authUrl.searchParams.set("state", state);
+    authUrl.searchParams.set("code_challenge", codeChallenge);
+    authUrl.searchParams.set("code_challenge_method", "S256");
+    // Create a promise that resolves when we receive the callback
+    const authResult = await new Promise<{
+      success: boolean;
+      code?: string;
+      error?: string;
+    }>(resolve => {
+      let resolved = false;
+      const sockets = new Set<net.Socket>();
+      const safeResolve = (result: { success: boolean; code?: string; error?: string }) => {
+        if (resolved) return;
+        resolved = true;
+        clearTimeout(timeoutHandle);
+        server.close();
+        // Force-close all active sockets so the server stops immediately
+        for (const socket of sockets) {
+          socket.destroy();
+        }
+        sockets.clear();
+        resolve(result);
+      };
+      const server = http.createServer((req, res) => {
+        const requestUrl = new URL(req.url || "", `http://localhost:${callbackPort}`);
+        if (requestUrl.pathname === "/callback") {
+          const receivedState = requestUrl.searchParams.get("state") || "";
+          const code = requestUrl.searchParams.get("code") || "";
+          const error = requestUrl.searchParams.get("error") || "";
+          const errorPage = (title: string, message: string) => `
+            <!DOCTYPE html>
+            <html lang="en">
+              <head>
+                <meta charset="UTF-8">
+                <meta name="viewport" content="width=device-width, initial-scale=1.0">
+                <title>Berget - Authentication Failed</title>
+                <style>
+                  * { margin: 0; padding: 0; box-sizing: border-box; }
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+                    display: flex;
+                    justify-content: center;
+                    align-items: center;
+                    min-height: 100vh;
+                    background: linear-gradient(135deg, #0f0f1a 0%, #1a1a2e 50%, #16213e 100%);
+                    color: #fff;
+                  }
+                  .container {
+                    text-align: center;
+                    padding: 3rem;
+                    max-width: 400px;
+                  }
+                  .icon {
+                    width: 80px;
+                    height: 80px;
+                    background: linear-gradient(135deg, #f87171 0%, #ef4444 100%);
+                    border-radius: 50%;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    margin: 0 auto 1.5rem;
+                    box-shadow: 0 4px 20px rgba(248, 113, 113, 0.3);
+                  }
+                  .icon svg { width: 40px; height: 40px; stroke: #fff; stroke-width: 3; }
+                  h1 { font-size: 1.5rem; font-weight: 600; margin-bottom: 0.75rem; color: #fff; }
+                  p { color: #94a3b8; font-size: 0.95rem; line-height: 1.5; }
+                  .brand { margin-top: 2rem; opacity: 0.5; font-size: 0.8rem; letter-spacing: 0.05em; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <div class="icon">
+                    <svg viewBox="0 0 24 24" fill="none" stroke="currentColor">
+                      <line x1="18" y1="6" x2="6" y2="18"></line>
+                      <line x1="6" y1="6" x2="18" y2="18"></line>
+                    </svg>
+                  </div>
+                  <h1>${title}</h1>
+                  <p>${message}</p>
+                  <div class="brand">BERGET</div>
+                </div>
+              </body>
+            </html>
+          `;
+          // Set Connection: close so the browser doesn't keep the socket alive
+          // after we respond, and force-end the connection
+          if (error) {
+            res.writeHead(200, { "Content-Type": "text/html; charset=utf-8", Connection: "close" });
+            res.end(
+              errorPage(
+                "Authentication Failed",
+                requestUrl.searchParams.get("error_description") || error
+              )
+            );
+            safeResolve({ success: false, error });
+            return;
+          }
+          if (receivedState !== state) {
+            res.writeHead(200, { "Content-Type": "text/html; charset=utf-8", Connection: "close" });
+            res.end(
+              errorPage("Authentication Failed", "Invalid state parameter. Please try again.")
+            );
+            safeResolve({ success: false, error: "Invalid state parameter" });
+            return;
+          }
+          res.writeHead(200, { "Content-Type": "text/html; charset=utf-8", Connection: "close" });
+          res.end(`
+            <!DOCTYPE html>
+            <html lang="en">
+              <head>
+                <meta charset="UTF-8">
+                <meta name="viewport" content="width=device-width, initial-scale=1.0">
+                <title>Berget - Authentication Successful</title>
+                <style>
+                  * { margin: 0; padding: 0; box-sizing: border-box; }
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+                    display: flex;
+                    justify-content: center;
+                    align-items: center;
+                    min-height: 100vh;
+                    background: linear-gradient(135deg, #0f0f1a 0%, #1a1a2e 50%, #16213e 100%);
+                    color: #fff;
+                  }
+                  .container {
+                    text-align: center;
+                    padding: 3rem;
+                    max-width: 400px;
+                  }
+                  .icon {
+                    width: 80px;
+                    height: 80px;
+                    background: linear-gradient(135deg, #4ade80 0%, #22c55e 100%);
+                    border-radius: 50%;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    margin: 0 auto 1.5rem;
+                    box-shadow: 0 4px 20px rgba(74, 222, 128, 0.3);
+                  }
+                  .icon svg { width: 40px; height: 40px; stroke: #fff; stroke-width: 3; }
+                  h1 { font-size: 1.5rem; font-weight: 600; margin-bottom: 0.75rem; color: #fff; }
+                  p { color: #94a3b8; font-size: 0.95rem; line-height: 1.5; }
+                  .brand { margin-top: 2rem; opacity: 0.5; font-size: 0.8rem; letter-spacing: 0.05em; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <div class="icon">
+                    <svg viewBox="0 0 24 24" fill="none" stroke="currentColor">
+                      <polyline points="20 6 9 17 4 12"></polyline>
+                    </svg>
+                  </div>
+                  <h1>Authentication Successful</h1>
+                  <p>You can close this window and return to your terminal.</p>
+                  <div class="brand">BERGET</div>
+                </div>
+              </body>
+            </html>
+          `);
+          safeResolve({ success: true, code });
+        }
+      });
+      // Track sockets so we can destroy them on shutdown
+      server.on("connection", (socket: net.Socket) => {
+        sockets.add(socket);
+        socket.on("close", () => sockets.delete(socket));
+      });
+      server.listen(callbackPort, () => {
+        if (debug) {
+          console.log(`Callback server listening on port ${callbackPort}`);
+        }
+      });
+      // Set timeout for the server
+      const timeoutHandle = setTimeout(
+        () => {
+          safeResolve({ success: false, error: "Authentication timed out" });
+        },
+        5 * 60 * 1000
+      ); // 5 minute timeout
+      // Open browser
+      (async () => {
+        try {
+          const open = await import("open").then(m => m.default);
+          await open(authUrl.toString());
+        } catch {
+          // Browser failed to open - user must open URL manually
+        }
+      })();
+    });
+    if (!authResult.success || !authResult.code) {
+      return {
+        success: false,
+        error: authResult.error || "Unknown error",
+      };
+    }
+    // Exchange authorization code for tokens
+    const tokenUrl = `${keycloakUrl}/realms/${realm}/protocol/openid-connect/token`;
+    const tokenResponse = await fetch(tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+      },
+      body: new URLSearchParams({
+        grant_type: "authorization_code",
+        client_id: clientId,
+        code: authResult.code,
+        redirect_uri: redirectUri,
+        code_verifier: codeVerifier,
+      }).toString(),
+    });
+    if (!tokenResponse.ok) {
+      const errorText = await tokenResponse.text();
+      return {
+        success: false,
+        error: `Failed to exchange code for tokens: ${errorText}`,
+      };
+    }
+    const tokenData = (await tokenResponse.json()) as {
+      access_token: string;
+      refresh_token: string;
+      expires_in: number;
+      refresh_expires_in?: number;
+    };
+    return {
+      success: true,
+      accessToken: tokenData.access_token,
+      refreshToken: tokenData.refresh_token,
+      expiresIn: tokenData.expires_in,
+    };
+  }
+  private generateCodeVerifier(): string {
+    return crypto.randomBytes(32).toString("base64url");
+  }
+  private generateCodeChallenge(verifier: string): string {
+    return crypto.createHash("sha256").update(verifier).digest("base64url");
+  }
+}