npm - bgit-cli - Versions diffs - 2.0.0 - Mend

bgit-cli 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/.claude/settings.local.json +19 -0
package/.env.local +2 -0
package/CLAUDE_PLAN.md +621 -0
package/IMPLEMENTATION_REPORT.md +1690 -0
package/README.md +277 -0
package/UNIVERSAL_PLAN.md +31 -0
package/handcash.js +36 -0
package/index.js +158 -0
package/index.js.backup +69 -0
package/lib/auth.js +273 -0
package/lib/banner.js +17 -0
package/lib/command-router.js +191 -0
package/lib/commands.js +157 -0
package/lib/config.js +438 -0
package/lib/constants.js +57 -0
package/lib/crypto.js +164 -0
package/lib/oauth-server.js +300 -0
package/lib/payment.js +287 -0
package/lib/token-manager.js +179 -0
package/package.json +45 -0

package/lib/auth.js ADDED Viewed

@@ -0,0 +1,273 @@
+/**
+ * bgit Authentication Manager
+ *
+ * Orchestrates HandCash OAuth authentication flow.
+ * Manages token lifecycle and user authentication state.
+ *
+ * Flow:
+ * 1. Check for existing token
+ * 2. If no token or invalid → trigger OAuth
+ * 3. Start local OAuth server
+ * 4. Open browser to HandCash
+ * 5. Capture callback with token
+ * 6. Encrypt and save token
+ * 7. Validate token
+ */
+const { HandCashConnect } = require('@handcash/handcash-connect');
+const open = require('open');
+const chalk = require('chalk');
+const { loadToken, saveToken, deleteToken, hasToken } = require('./config');
+const { isTokenValid, getProfile, getBalance, clearValidationCache } = require('./token-manager');
+const { startOAuthServer, stopOAuthServer } = require('./oauth-server');
+const { HANDCASH_APP_ID, HANDCASH_APP_SECRET } = require('./constants');
+/**
+ * Ensure user is authenticated
+ * Checks for existing valid token or triggers OAuth flow
+ *
+ * @param {boolean} silent - If true, don't show welcome messages
+ * @returns {Promise<string>} Valid auth token
+ * @throws {Error} If authentication fails
+ */
+async function ensureAuthenticated(silent = false) {
+  try {
+    // Check if token exists
+    if (hasToken()) {
+      const authToken = loadToken();
+      if (authToken) {
+        // Validate token
+        const valid = await isTokenValid(authToken);
+        if (valid) {
+          return authToken; // Token is valid, proceed
+        } else {
+          console.log(chalk.yellow('⚠️  Your authentication has expired.'));
+          console.log(chalk.yellow('Re-authenticating...\n'));
+        }
+      }
+    }
+    // No token or invalid → trigger OAuth
+    if (!silent) {
+      console.log(chalk.blue('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━'));
+      console.log(chalk.blue.bold('🚀 Welcome to bgit!'));
+      console.log();
+      console.log('bgit timestamps your commits on BitcoinSV using HandCash.');
+      console.log('Let\'s set up your authentication...');
+      console.log(chalk.blue('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n'));
+    }
+    const authToken = await initiateOAuthFlow();
+    return authToken;
+  } catch (error) {
+    throw new Error(`Authentication failed: ${error.message}`);
+  }
+}
+/**
+ * Initiate full OAuth authentication flow
+ *
+ * @returns {Promise<string>} Valid auth token
+ * @throws {Error} If OAuth flow fails
+ */
+async function initiateOAuthFlow() {
+  let server = null;
+  try {
+    console.log(chalk.cyan('Opening browser for HandCash authorization...'));
+    // 1. Start OAuth callback server
+    const serverPromise = startOAuthServer();
+    // 2. Get HandCash redirect URL
+    const handCashConnect = new HandCashConnect({
+      appId: HANDCASH_APP_ID,
+      appSecret: HANDCASH_APP_SECRET
+    });
+    const redirectUrl = handCashConnect.getRedirectionUrl();
+    // 3. Open browser
+    try {
+      await open(redirectUrl);
+      console.log(chalk.green('✓ Browser opened'));
+    } catch (error) {
+      console.log(chalk.yellow('\n⚠️  Unable to open browser automatically'));
+      console.log(chalk.yellow('Please visit this URL to authorize:\n'));
+      console.log(chalk.cyan(redirectUrl));
+      console.log();
+    }
+    console.log(chalk.cyan('Waiting for authorization... ⏳\n'));
+    // 4. Wait for callback
+    const result = await serverPromise;
+    const { authToken, server: srv } = result;
+    server = srv;
+    // 5. Validate token
+    console.log(chalk.cyan('Validating token...'));
+    const valid = await isTokenValid(authToken);
+    if (!valid) {
+      throw new Error('Received invalid token from HandCash');
+    }
+    // 6. Save encrypted token
+    saveToken(authToken);
+    clearValidationCache(); // Clear cache to force fresh validation next time
+    // 7. Stop server
+    await stopOAuthServer(server);
+    console.log(chalk.green('✓ Authentication successful!'));
+    console.log(chalk.green('✓ Credentials saved securely\n'));
+    return authToken;
+  } catch (error) {
+    // Clean up server on error
+    if (server) {
+      try {
+        await stopOAuthServer(server);
+      } catch (stopError) {
+        // Ignore cleanup errors
+      }
+    }
+    throw error;
+  }
+}
+/**
+ * Handle `bgit auth login` command
+ * Force re-authentication even if token exists
+ *
+ * @returns {Promise<void>}
+ */
+async function loginCommand() {
+  try {
+    console.log(chalk.blue.bold('\n🔐 bgit Authentication\n'));
+    // Delete existing token
+    if (hasToken()) {
+      deleteToken();
+      clearValidationCache();
+      console.log(chalk.yellow('Cleared existing credentials'));
+    }
+    // Trigger OAuth
+    await initiateOAuthFlow();
+    console.log(chalk.green.bold('✓ Login successful!\n'));
+  } catch (error) {
+    console.error(chalk.red(`\n❌ Login failed: ${error.message}\n`));
+    process.exit(1);
+  }
+}
+/**
+ * Handle `bgit auth logout` command
+ * Delete saved token
+ *
+ * @returns {Promise<void>}
+ */
+async function logoutCommand() {
+  try {
+    console.log(chalk.blue.bold('\n🔓 bgit Logout\n'));
+    if (!hasToken()) {
+      console.log(chalk.yellow('You are not currently logged in'));
+      console.log(chalk.gray('Run: bgit auth login\n'));
+      return;
+    }
+    deleteToken();
+    clearValidationCache();
+    console.log(chalk.green('✓ Logged out successfully'));
+    console.log(chalk.gray('Your commits are safe, but timestamping is now disabled'));
+    console.log(chalk.gray('Run: bgit auth login\n'));
+  } catch (error) {
+    console.error(chalk.red(`\n❌ Logout failed: ${error.message}\n`));
+    process.exit(1);
+  }
+}
+/**
+ * Handle `bgit auth status` command
+ * Show authentication status and account info
+ *
+ * @returns {Promise<void>}
+ */
+async function statusCommand() {
+  try {
+    console.log(chalk.blue.bold('\n🔍 bgit Authentication Status\n'));
+    if (!hasToken()) {
+      console.log(chalk.yellow('Status: Not authenticated'));
+      console.log(chalk.gray('Run: bgit auth login\n'));
+      return;
+    }
+    const authToken = loadToken();
+    console.log(chalk.cyan('Validating token...'));
+    const valid = await isTokenValid(authToken);
+    if (!valid) {
+      console.log(chalk.red('Status: Invalid/expired token'));
+      console.log(chalk.gray('Run: bgit auth login\n'));
+      return;
+    }
+    console.log(chalk.green('✓ Status: Authenticated\n'));
+    // Get profile info
+    const profile = await getProfile(authToken);
+    if (profile) {
+      console.log(chalk.bold('Account Information:'));
+      console.log(`  Handle: ${chalk.cyan('@' + profile.handle)}`);
+      console.log(`  Name: ${profile.publicProfile?.displayName || 'N/A'}`);
+      if (profile.publicProfile?.avatarUrl) {
+        console.log(`  Avatar: ${profile.publicProfile.avatarUrl}`);
+      }
+      console.log();
+    }
+    // Get balance
+    const balance = await getBalance(authToken);
+    if (balance) {
+      console.log(chalk.bold('Wallet Balance:'));
+      // HandCash returns balance per currency
+      if (balance.bsv) {
+        console.log(`  BSV: ${chalk.green(balance.bsv.toFixed(6))} BSV`);
+      }
+      if (balance.usd) {
+        console.log(`  USD: ${chalk.green('$' + balance.usd.toFixed(2))}`);
+      }
+      console.log();
+    }
+    console.log(chalk.gray('Token is valid and ready for use\n'));
+  } catch (error) {
+    console.error(chalk.red(`\n❌ Status check failed: ${error.message}\n`));
+    process.exit(1);
+  }
+}
+module.exports = {
+  ensureAuthenticated,
+  initiateOAuthFlow,
+  loginCommand,
+  logoutCommand,
+  statusCommand
+};

package/lib/banner.js ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * bgit Banner
+ * Displays the CLI ASCII art
+ */
+module.exports = function showBanner() {
+    console.log(`
+\x1b[36m██████╗\x1b[0m       \x1b[33m██████╗\x1b[0m \x1b[36m██╗████████╗\x1b[0m
+\x1b[36m██╔══██╗\x1b[0m     \x1b[33m██╔════╝\x1b[0m \x1b[36m██║╚══██╔══╝\x1b[0m
+\x1b[36m██████╔╝\x1b[0m     \x1b[33m██║  ███╗\x1b[0m \x1b[36m██║   ██║\x1b[0m
+\x1b[36m██╔══██╗\x1b[0m     \x1b[33m██║   ██║\x1b[0m \x1b[36m██║   ██║\x1b[0m
+\x1b[36m██████╔╝\x1b[0m \x1b[35m██╗\x1b[0m \x1b[33m╚██████╔╝\x1b[0m \x1b[36m██║   ██║\x1b[0m
+\x1b[36m╚═════╝\x1b[0m  \x1b[35m╚═╝\x1b[0m  \x1b[33m╚═════╝\x1b[0m  \x1b[36m╚═╝   ╚═╝\x1b[0m
+\x1b[90m> Bitcoin-Native Git Wrapper\x1b[0m
+\x1b[90m> Pay-to-Operate • Universal History\x1b[0m
+`);
+};

package/lib/command-router.js ADDED Viewed

@@ -0,0 +1,191 @@
+/**
+ * bgit Command Router
+ *
+ * Routes git commands to appropriate execution handlers:
+ * - Payment-gated commands: commit, push
+ * - Pass-through commands: all others (status, log, diff, etc.)
+ *
+ * Payment Logic:
+ * - commit: Git commit FIRST, then timestamp hash on-chain
+ * - push: Payment FIRST (gatekeeper), then git push
+ */
+const { spawn, execSync } = require('child_process');
+const chalk = require('chalk');
+const { executePayment, formatCommitNote, formatPushNote, softFailPayment } = require('./payment');
+const { PAYMENT_AMOUNTS } = require('./constants');
+const { getPaymentGatedCommands } = require('./config');
+/**
+ * Check if command requires payment
+ * Uses configurable payment mode from config
+ *
+ * @param {string} command - Git command (e.g., "commit", "push", "status")
+ * @returns {boolean} true if command requires payment
+ */
+function isPaymentGated(command) {
+  const gatedCommands = getPaymentGatedCommands();
+  return gatedCommands.includes(command);
+}
+/**
+ * Execute git command directly (pass-through)
+ *
+ * @param {string[]} args - Git command arguments (excluding 'git')
+ * @returns {Promise<number>} Exit code
+ */
+function executeGitCommand(args) {
+  return new Promise((resolve) => {
+    const gitProcess = spawn('git', args, { stdio: 'inherit' });
+    gitProcess.on('close', (code) => {
+      resolve(code);
+    });
+    gitProcess.on('error', (error) => {
+      console.error(chalk.red(`Failed to execute git: ${error.message}`));
+      resolve(1);
+    });
+  });
+}
+/**
+ * Execute git commit with on-chain timestamp
+ * Flow: git commit → get hash → pay for timestamp
+ *
+ * @param {string[]} args - Git command arguments
+ * @param {string} authToken - HandCash auth token
+ * @returns {Promise<number>} Exit code
+ */
+async function executeCommit(args, authToken) {
+  // 1. Execute git commit first
+  const exitCode = await executeGitCommand(args);
+  if (exitCode !== 0) {
+    // Commit failed, don't try to pay
+    return exitCode;
+  }
+  // 2. Get the new commit hash
+  let commitHash;
+  try {
+    commitHash = execSync('git rev-parse HEAD').toString().trim();
+  } catch (error) {
+    console.error(chalk.red(`Failed to get commit hash: ${error.message}`));
+    return 0; // Commit succeeded, hash retrieval failed
+  }
+  console.log(chalk.blue(`\n🔗 Capturing commit hash: ${chalk.bold(commitHash)}`));
+  console.log(chalk.blue('💰 Timestamping this commit on-chain...\n'));
+  // 3. Pay for timestamp (soft fail - don't block if payment fails)
+  await softFailPayment(
+    async () => {
+      await executePayment(
+        PAYMENT_AMOUNTS.commit,
+        formatCommitNote(commitHash),
+        authToken
+      );
+      console.log(chalk.green.bold('✓ Commit timestamped on BitcoinSV!'));
+    },
+    'Commit'
+  );
+  return 0; // Commit succeeded
+}
+/**
+ * Execute git push with payment gatekeeper
+ * Flow: pay first → then git push
+ *
+ * @param {string[]} args - Git command arguments
+ * @param {string} authToken - HandCash auth token
+ * @returns {Promise<number>} Exit code
+ */
+async function executePush(args, authToken) {
+  // Extract remote and branch from args if available
+  let remote = 'origin';
+  let branch = 'main';
+  // args might be ['push', 'origin', 'main'] or just ['push']
+  if (args.length > 1) {
+    remote = args[1];
+  }
+  if (args.length > 2) {
+    branch = args[2];
+  }
+  console.log(chalk.blue(`\n💰 Payment required to push to ${remote}/${branch}...`));
+  // 1. Pay first (gatekeeper)
+  try {
+    await executePayment(
+      PAYMENT_AMOUNTS.push,
+      formatPushNote(remote, branch),
+      authToken
+    );
+    console.log(chalk.green('✓ Payment successful! Executing push...\n'));
+  } catch (error) {
+    // Payment failed - block the push
+    console.error(chalk.red(`\n❌ Payment failed: ${error.message}`));
+    console.error(chalk.red('Push cancelled. Please resolve the issue and try again.\n'));
+    return 1;
+  }
+  // 2. Execute git push
+  const exitCode = await executeGitCommand(args);
+  if (exitCode === 0) {
+    console.log(chalk.green.bold('\n✓ Push completed and payment recorded on BitcoinSV!'));
+  } else {
+    console.warn(chalk.yellow('\n⚠️  Push failed, but payment was already processed.'));
+  }
+  return exitCode;
+}
+/**
+ * Route command to appropriate handler
+ *
+ * @param {string[]} args - Git command arguments (e.g., ['commit', '-m', 'message'])
+ * @param {string} authToken - HandCash auth token (required for payment-gated commands)
+ * @returns {Promise<number>} Exit code
+ */
+async function routeCommand(args, authToken) {
+  if (!args || args.length === 0) {
+    console.error(chalk.red('No git command specified'));
+    return 1;
+  }
+  const command = args[0];
+  // Route to appropriate handler
+  if (command === 'commit') {
+    return await executeCommit(args, authToken);
+  } else if (command === 'push') {
+    return await executePush(args, authToken);
+  } else {
+    // Pass through to git
+    return await executeGitCommand(args);
+  }
+}
+/**
+ * Check if command needs authentication
+ * Only payment-gated commands need auth
+ *
+ * @param {string} command - Git command
+ * @returns {boolean} true if auth is required
+ */
+function needsAuthentication(command) {
+  return isPaymentGated(command);
+}
+module.exports = {
+  isPaymentGated,
+  needsAuthentication,
+  routeCommand,
+  executeGitCommand,
+  executeCommit,
+  executePush
+};

package/lib/commands.js ADDED Viewed

@@ -0,0 +1,157 @@
+module.exports = [
+    "add",
+    "am",
+    "annotate",
+    "apply",
+    "archimport",
+    "archive",
+    "backfill",
+    "bisect",
+    "blame",
+    "branch",
+    "bugreport",
+    "bundle",
+    "cat-file",
+    "check-attr",
+    "check-ignore",
+    "check-mailmap",
+    "check-ref-format",
+    "checkout",
+    "checkout-index",
+    "cherry",
+    "cherry-pick",
+    "citool",
+    "clean",
+    "clone",
+    "column",
+    "commit",
+    "commit-graph",
+    "commit-tree",
+    "config",
+    "count-objects",
+    "credential",
+    "credential-cache",
+    "credential-store",
+    "cvsexportcommit",
+    "cvsimport",
+    "cvsserver",
+    "daemon",
+    "describe",
+    "diagnose",
+    "diff",
+    "diff-files",
+    "diff-index",
+    "diff-pairs",
+    "diff-tree",
+    "difftool",
+    "fast-export",
+    "fast-import",
+    "fetch",
+    "fetch-pack",
+    "filter-branch",
+    "fmt-merge-msg",
+    "for-each-ref",
+    "for-each-repo",
+    "format-patch",
+    "fsck",
+    "gc",
+    "get-tar-commit-id",
+    "grep",
+    "gui",
+    "hash-object",
+    "help",
+    "hook",
+    "http-backend",
+    "http-fetch",
+    "http-push",
+    "imap-send",
+    "index-pack",
+    "init",
+    "instaweb",
+    "interpret-trailers",
+    "last-modified",
+    "log",
+    "ls-files",
+    "ls-remote",
+    "ls-tree",
+    "mailinfo",
+    "mailsplit",
+    "maintenance",
+    "merge",
+    "merge-base",
+    "merge-file",
+    "merge-index",
+    "merge-one-file",
+    "merge-tree",
+    "mergetool",
+    "mktag",
+    "mktree",
+    "multi-pack-index",
+    "mv",
+    "name-rev",
+    "notes",
+    "p4",
+    "pack-objects",
+    "pack-redundant",
+    "pack-refs",
+    "patch-id",
+    "prune",
+    "prune-packed",
+    "pull",
+    "push",
+    "quiltimport",
+    "range-diff",
+    "read-tree",
+    "rebase",
+    "receive-pack",
+    "reflog",
+    "refs",
+    "remote",
+    "repack",
+    "replace",
+    "replay",
+    "repo",
+    "request-pull",
+    "rerere",
+    "reset",
+    "restore",
+    "rev-list",
+    "rev-parse",
+    "revert",
+    "rm",
+    "send-email",
+    "send-pack",
+    "sh-i18n",
+    "sh-setup",
+    "shell",
+    "shortlog",
+    "show",
+    "show-branch",
+    "show-index",
+    "show-ref",
+    "sparse-checkout",
+    "stage",
+    "stash",
+    "status",
+    "stripspace",
+    "submodule",
+    "svn",
+    "switch",
+    "symbolic-ref",
+    "tag",
+    "unpack-file",
+    "unpack-objects",
+    "update-index",
+    "update-ref",
+    "update-server-info",
+    "upload-archive",
+    "upload-pack",
+    "var",
+    "verify-commit",
+    "verify-pack",
+    "verify-tag",
+    "version",
+    "whatchanged",
+    "worktree",
+    "write-tree"
+];