npm - chainlesschain - Versions diffs - 0.162.12 → 0.162.14 - Mend

chainlesschain 0.162.12 → 0.162.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/src/commands/sync-providers.js ADDED Viewed

@@ -0,0 +1,436 @@
+/**
+ * cc sync webdav / cc sync oss subcommand groups — Phase 3c follow-up.
+ *
+ * v0.1 (Phase 1)：configure / status / clear — 凭据落 ~/.chainlesschain/
+ * sync-credentials.enc (AES-256-GCM)，与 desktop secure-config 同 shape。
+ *
+ * v0.2 (Phase 2)：test (real connectivity probe) + run (本机 vault 同步)
+ * — 需 @aws-sdk/client-s3 + webdav npm dep + better-sqlite3 vault wiring，
+ * 工程更大；本 commit 不含。
+ *
+ * 命令树：
+ *   cc sync webdav configure --url ... --username ... --password ... [--remote-path]
+ *   cc sync webdav status                   显示 mask 后凭据 + configured 标记
+ *   cc sync webdav clear                    擦除凭据 + 在 vault 内移除该 provider
+ *   cc sync oss configure --endpoint --region --bucket --access-key-id
+ *                         --secret-access-key [--remote-path] [--force-path-style]
+ *   cc sync oss status
+ *   cc sync oss clear
+ *
+ * password / secretAccessKey 走 stdin 提示也支持（避免 shell history 留痕）—
+ * 留 v0.2 加 prompts；v0.1 仅 flag。
+ */
+"use strict";
+import chalk from "chalk";
+import {
+  ALLOWED_PROVIDER_IDS,
+  getCredentials,
+  getCredentialsSanitized,
+  hasCredentials,
+  setCredentials,
+  clearCredentials,
+} from "../lib/sync-credentials.js";
+import { WebDAVClient } from "../lib/sync-webdav-client.js";
+import { OSSClient } from "../lib/sync-oss-client.js";
+import { runSync } from "../lib/sync-engine-cli.js";
+import { openCliVault } from "../lib/sync-cli-db.js";
+function _ensureValidProvider(name) {
+  if (!ALLOWED_PROVIDER_IDS.includes(name)) {
+    throw new Error(
+      `Unknown sync provider '${name}' (allowed: ${ALLOWED_PROVIDER_IDS.join(", ")})`,
+    );
+  }
+}
+function _printStatus(providerId) {
+  _ensureValidProvider(providerId);
+  const masked = getCredentialsSanitized(providerId);
+  const configured = hasCredentials(providerId);
+  console.log(
+    JSON.stringify(
+      {
+        provider: providerId,
+        configured,
+        credentials: masked,
+        notes: configured
+          ? [
+              "secrets are masked; raw values stored encrypted at ~/.chainlesschain/sync-credentials.enc",
+            ]
+          : ["not configured; run `cc sync <provider> configure --<flags>`"],
+      },
+      null,
+      2,
+    ),
+  );
+}
+function _configureWebDAV(opts) {
+  const url = (opts.url || "").trim();
+  if (!url) throw new Error("--url required");
+  const username = (opts.username || "").trim();
+  const password = opts.password;
+  if (!password)
+    throw new Error("--password required (use stdin or env in v0.2)");
+  const remotePath = (opts.remotePath || "/").trim();
+  setCredentials("webdav", { url, username, password, remotePath });
+  console.log(chalk.green("✓ WebDAV credentials saved"));
+  console.log(chalk.dim(`  url:        ${url}`));
+  console.log(chalk.dim(`  username:   ${username}`));
+  console.log(chalk.dim(`  password:   ********`));
+  console.log(chalk.dim(`  remotePath: ${remotePath}`));
+}
+function _configureOSS(opts) {
+  const endpoint = (opts.endpoint || "").trim();
+  if (!endpoint) throw new Error("--endpoint required");
+  const bucket = (opts.bucket || "").trim();
+  if (!bucket) throw new Error("--bucket required");
+  const accessKeyId = (opts.accessKeyId || "").trim();
+  if (!accessKeyId) throw new Error("--access-key-id required");
+  const secretAccessKey = opts.secretAccessKey;
+  if (!secretAccessKey) {
+    throw new Error("--secret-access-key required (use stdin or env in v0.2)");
+  }
+  const region = (opts.region || "auto").trim();
+  const remotePath = (opts.remotePath || "").trim();
+  const forcePathStyle = opts.forcePathStyle === true;
+  setCredentials("oss", {
+    endpoint,
+    region,
+    bucket,
+    accessKeyId,
+    secretAccessKey,
+    remotePath,
+    forcePathStyle,
+  });
+  console.log(chalk.green("✓ OSS / S3 credentials saved"));
+  console.log(chalk.dim(`  endpoint:        ${endpoint}`));
+  console.log(chalk.dim(`  region:          ${region}`));
+  console.log(chalk.dim(`  bucket:          ${bucket}`));
+  console.log(chalk.dim(`  accessKeyId:     ${accessKeyId}`));
+  console.log(chalk.dim(`  secretAccessKey: ********`));
+  console.log(chalk.dim(`  remotePath:      ${remotePath}`));
+  console.log(chalk.dim(`  forcePathStyle:  ${forcePathStyle}`));
+}
+function _clearProvider(providerId) {
+  _ensureValidProvider(providerId);
+  if (!hasCredentials(providerId)) {
+    console.log(chalk.dim(`(${providerId} was already empty)`));
+    return;
+  }
+  clearCredentials(providerId);
+  console.log(chalk.green(`✓ ${providerId} credentials cleared`));
+}
+function _loadWebDAVCreds() {
+  const c = getCredentials("webdav");
+  if (!c.url || !c.password) return null;
+  return {
+    url: c.url,
+    username: c.username || "",
+    password: c.password,
+    remotePath: c.remotePath || "/",
+  };
+}
+function _loadOSSCreds() {
+  const c = getCredentials("oss");
+  if (!c.endpoint || !c.bucket || !c.accessKeyId || !c.secretAccessKey)
+    return null;
+  return {
+    endpoint: c.endpoint,
+    region: c.region || "auto",
+    bucket: c.bucket,
+    accessKeyId: c.accessKeyId,
+    secretAccessKey: c.secretAccessKey,
+    remotePath: c.remotePath || "",
+    forcePathStyle: c.forcePathStyle === true,
+  };
+}
+async function _testProvider(providerId) {
+  _ensureValidProvider(providerId);
+  const creds = providerId === "webdav" ? _loadWebDAVCreds() : _loadOSSCreds();
+  if (!creds) {
+    throw new Error(
+      `${providerId} 凭据未配置，先跑 \`cc sync ${providerId} configure --...\``,
+    );
+  }
+  const client =
+    providerId === "webdav" ? new WebDAVClient(creds) : new OSSClient(creds);
+  const res = await client.testConnection();
+  if (res.ok) {
+    console.log(chalk.green(`✓ ${providerId} 连接 OK`));
+    return;
+  }
+  console.error(
+    chalk.red(
+      `✗ ${providerId} 连接失败 (${res.status || "n/a"}): ${res.error}`,
+    ),
+  );
+  process.exitCode = 2;
+}
+async function _runProvider(providerId, opts = {}) {
+  _ensureValidProvider(providerId);
+  const creds = providerId === "webdav" ? _loadWebDAVCreds() : _loadOSSCreds();
+  if (!creds) {
+    throw new Error(
+      `${providerId} 凭据未配置，先跑 \`cc sync ${providerId} configure --...\``,
+    );
+  }
+  let vault;
+  try {
+    vault = await openCliVault();
+  } catch (err) {
+    if (err.code === "BETTER_SQLITE3_MISSING") {
+      console.error(chalk.red(`✗ ${err.message}`));
+      process.exitCode = 2;
+      return;
+    }
+    throw err;
+  }
+  const { dbManager, vaultPath } = vault;
+  if (opts.verbose) console.log(chalk.dim(`vault: ${vaultPath}`));
+  const client =
+    providerId === "webdav" ? new WebDAVClient(creds) : new OSSClient(creds);
+  let lastPrint = 0;
+  const onProgress = (e) => {
+    // Throttle stdout to avoid TTY thrash (engine already 5/500ms)
+    const now = Date.now();
+    if (
+      e.phase === "start" ||
+      ["success", "conflict", "failed"].includes(e.phase) ||
+      now - lastPrint >= 1000
+    ) {
+      lastPrint = now;
+      const parts = [`[${e.phase}]`];
+      if (e.totalPending != null) parts.push(`total=${e.totalPending}`);
+      parts.push(
+        `pushed=${e.pushed}`,
+        `skipped=${e.skipped}`,
+        `deleted=${e.deleted}`,
+      );
+      console.log(chalk.dim(parts.join(" ")));
+    }
+  };
+  try {
+    const result = await runSync({
+      dbManager,
+      client,
+      providerId,
+      accountKey: "",
+      onProgress,
+    });
+    if (result.success) {
+      console.log(
+        chalk.green(`✓ ${providerId} sync done (${result.status})`) +
+          ` — pushed=${result.pushed} skipped=${result.skipped} deleted=${result.deleted} duration=${result.durationMs}ms`,
+      );
+    } else {
+      console.error(
+        chalk.red(`✗ ${providerId} sync failed`) +
+          ` — pushed=${result.pushed} skipped=${result.skipped} deleted=${result.deleted}`,
+      );
+      if (result.error) console.error(chalk.red(`  error: ${result.error}`));
+      process.exitCode = 2;
+    }
+  } finally {
+    try {
+      dbManager.close();
+    } catch (_e) {
+      /* cleanup */
+    }
+  }
+}
+/**
+ * Attach `cc sync webdav *` and `cc sync oss *` subcommands to the existing
+ * `cc sync` parent command. Caller passes the program; we find the sync
+ * parent and add children.
+ */
+export function registerSyncProviderCommands(program) {
+  const parent = program.commands.find((c) => c.name() === "sync");
+  if (!parent) {
+    throw new Error(
+      "registerSyncProviderCommands: parent `sync` command not registered yet — call after registerSyncCommand",
+    );
+  }
+  // ── webdav subgroup ────────────────────────────────────────────
+  const webdav = parent
+    .command("webdav")
+    .description(
+      "WebDAV (Nextcloud / 坚果云 / 群晖) sync provider — credential management",
+    );
+  webdav
+    .command("configure")
+    .description(
+      "Save WebDAV credentials to ~/.chainlesschain/sync-credentials.enc",
+    )
+    .requiredOption("--url <url>", "WebDAV endpoint URL")
+    .option("--username <name>", "WebDAV username", "")
+    .requiredOption(
+      "--password <pw>",
+      "WebDAV password (use stdin in v0.2 — for now this WILL hit shell history)",
+    )
+    .option("--remote-path <p>", "remote directory path", "/")
+    .action(async (opts) => {
+      try {
+        _configureWebDAV(opts);
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  webdav
+    .command("status")
+    .description("Show sanitized WebDAV credentials + configured flag")
+    .action(() => {
+      try {
+        _printStatus("webdav");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  webdav
+    .command("clear")
+    .description("Remove WebDAV credentials from vault")
+    .action(() => {
+      try {
+        _clearProvider("webdav");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  webdav
+    .command("test")
+    .description("Probe WebDAV connectivity (PROPFIND on remotePath)")
+    .action(async () => {
+      try {
+        await _testProvider("webdav");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  webdav
+    .command("run")
+    .description(
+      "Run one full WebDAV sync against ~/.chainlesschain/cli-vault.db",
+    )
+    .option("-v, --verbose", "show vault path + verbose progress", false)
+    .action(async (opts) => {
+      try {
+        await _runProvider("webdav", opts);
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  // ── oss subgroup ───────────────────────────────────────────────
+  const oss = parent
+    .command("oss")
+    .description(
+      "S3 / OSS (AWS / 阿里云 / R2 / B2) sync provider — credential management",
+    );
+  oss
+    .command("configure")
+    .description(
+      "Save OSS credentials to ~/.chainlesschain/sync-credentials.enc",
+    )
+    .requiredOption(
+      "--endpoint <url>",
+      "S3-compat endpoint URL (e.g. https://oss-cn-hangzhou.aliyuncs.com)",
+    )
+    .option(
+      "--region <r>",
+      "region (default: auto for R2 / explicit for AWS+aliyun)",
+      "auto",
+    )
+    .requiredOption("--bucket <name>", "target bucket name")
+    .requiredOption("--access-key-id <id>", "access key id")
+    .requiredOption(
+      "--secret-access-key <secret>",
+      "secret access key (use stdin in v0.2 — hits shell history now)",
+    )
+    .option("--remote-path <p>", "object key prefix", "")
+    .option(
+      "--force-path-style",
+      "use path-style URLs (R2 / MinIO need true)",
+      false,
+    )
+    .action(async (opts) => {
+      try {
+        _configureOSS(opts);
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  oss
+    .command("status")
+    .description("Show sanitized OSS credentials + configured flag")
+    .action(() => {
+      try {
+        _printStatus("oss");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  oss
+    .command("clear")
+    .description("Remove OSS credentials from vault")
+    .action(() => {
+      try {
+        _clearProvider("oss");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  oss
+    .command("test")
+    .description("Probe S3 / OSS connectivity (HeadBucket)")
+    .action(async () => {
+      try {
+        await _testProvider("oss");
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+  oss
+    .command("run")
+    .description("Run one full OSS sync against ~/.chainlesschain/cli-vault.db")
+    .option("-v, --verbose", "show vault path + verbose progress", false)
+    .action(async (opts) => {
+      try {
+        await _runProvider("oss", opts);
+      } catch (err) {
+        console.error(chalk.red(`✗ ${err?.message || err}`));
+        process.exitCode = 2;
+      }
+    });
+}

package/src/gateways/ws/personal-data-hub-protocol.js CHANGED Viewed

@@ -21,8 +21,12 @@ import {
   getHub,
   close as closeHub,
 } from "../../lib/personal-data-hub-wiring.js";
+import { getAIChatWizard } from "../../lib/personal-data-hub-aichat-wizard.js";
 import { existsSync, unlinkSync, readdirSync } from "node:fs";
 import { join } from "node:path";
+import pdhPkg from "@chainlesschain/personal-data-hub";
+const { ingestSystemDataAndroidSnapshot } = pdhPkg;
 async function withHub(fn) {
   try {
@@ -41,6 +45,22 @@ export const PERSONAL_DATA_HUB_HANDLERS = {
       return await hub.engine.ask(msg.question, msg.options || {});
     }),
+  // Path Y: prompt context only, no LLM call. Lets web-shell / mobile host
+  // its own inference (Volcengine Doubao, OpenRouter, etc.) while keeping
+  // vault retrieval centralized.
+  "personal-data-hub.retrieve-context": async (msg) =>
+    withHub(async (hub) => {
+      if (!hub.engine) throw new Error("Analysis engine unavailable");
+      return await hub.engine.retrieveContext(msg.question, msg.options || {});
+    }),
+  // Path C: phone-collected ContentResolver + PackageManager snapshot →
+  // staging file → syncAdapter(system-data-android). Returns SyncReport.
+  "personal-data-hub.ingest-system-data-android": async (msg) =>
+    withHub(
+      async (hub) => await ingestSystemDataAndroidSnapshot(hub, msg.snapshot),
+    ),
   "personal-data-hub.stats": async () =>
     withHub((hub) => ({
       vault: hub.vault.stats(),
@@ -212,6 +232,29 @@ export const PERSONAL_DATA_HUB_HANDLERS = {
         }),
     ),
+  // ─── Phase 12.6.8 — WeChat env-probe + register / unregister / list ──
+  "personal-data-hub.wechat-env-probe": async () =>
+    withHub(async (hub) => await hub.probeWechatEnv()),
+  "personal-data-hub.register-wechat": async (msg) =>
+    withHub(
+      async (hub) =>
+        await hub.registerWechatAdapter({
+          account: msg.account,
+          dbPath: msg.dbPath,
+          wechatDataPath: msg.wechatDataPath,
+          fridaOpts: msg.fridaOpts,
+          keyProviderOverride: msg.keyProviderOverride,
+        }),
+    ),
+  "personal-data-hub.unregister-wechat": async (msg) =>
+    withHub(async (hub) => await hub.unregisterWechatAdapter(msg.uin)),
+  "personal-data-hub.list-wechat-accounts": async () =>
+    withHub((hub) => hub.listWechatAccounts()),
   // ─── Phase 8 — EntityResolver review / merge / unmerge ───────────────
   "personal-data-hub.review-queue-list": async (msg) =>
@@ -264,6 +307,51 @@ export const PERSONAL_DATA_HUB_HANDLERS = {
   "personal-data-hub.run-skill": async (msg) =>
     withHub(async (hub) => await hub.runSkill(msg.name, msg.options || {})),
+  // ─── Phase 10.3 — AIChat WebView 鉴权向导 (paste-mode on cc ui) ────────
+  "personal-data-hub.aichat-open-login": async (msg) =>
+    withHub(async (hub) => {
+      const wiz = getAIChatWizard({ hubDir: hub.hubDir });
+      return await wiz.openVendorLogin({
+        vendor: msg.vendor,
+        opts: msg.opts || {},
+      });
+    }),
+  "personal-data-hub.aichat-probe-cookies": async (msg) =>
+    withHub(async (hub) => {
+      const wiz = getAIChatWizard({ hubDir: hub.hubDir });
+      return await wiz.probeCookies({
+        vendor: msg.vendor,
+        cookieHeader: msg.cookieHeader,
+      });
+    }),
+  "personal-data-hub.aichat-register-vendor": async (msg) =>
+    withHub(async (hub) => {
+      const wiz = getAIChatWizard({ hubDir: hub.hubDir });
+      return await wiz.registerVendor({
+        vendor: msg.vendor,
+        cookies: msg.cookies,
+        opts: msg.opts || {},
+      });
+    }),
+  "personal-data-hub.aichat-rotate-login": async (msg) =>
+    withHub(async (hub) => {
+      const wiz = getAIChatWizard({ hubDir: hub.hubDir });
+      return await wiz.rotateLoginPartition({ vendor: msg.vendor });
+    }),
+  "personal-data-hub.list-aichat-accounts": async () =>
+    withHub(async (hub) => await hub.listAIChatAccounts()),
+  "personal-data-hub.unregister-aichat": async (msg) =>
+    withHub(async (hub) => await hub.unregisterAIChatVendor(msg.vendor)),
+  "personal-data-hub.aichat-health-check-once": async () =>
+    withHub(async (hub) => await hub.runAIChatHealthCheckOnce()),
 };
 /**

package/src/index.js CHANGED Viewed

@@ -16,6 +16,7 @@ import { registerChatCommand } from "./commands/chat.js";
 import { registerAskCommand } from "./commands/ask.js";
 import { registerLlmCommand } from "./commands/llm.js";
 import { registerHubCommand } from "./commands/hub.js";
+import { registerAndroidCommand } from "./commands/android.js";
 import {
   registerAgentCommand,
   registerSubAgentV2Command,
@@ -68,6 +69,7 @@ import { registerAuthCommand } from "./commands/auth.js";
 import { registerAuditCommand } from "./commands/audit.js";
 import { registerP2pCommand } from "./commands/p2p.js";
 import { registerSyncCommand } from "./commands/sync.js";
+import { registerSyncProviderCommands } from "./commands/sync-providers.js";
 import { registerWalletCommand } from "./commands/wallet.js";
 import { registerOrgCommand } from "./commands/org.js";
 import { registerPluginCommand } from "./commands/plugin.js";
@@ -406,6 +408,7 @@ export function createProgram(opts = {}) {
   registerAskCommand(program);
   registerLlmCommand(program);
   registerHubCommand(program);
+  registerAndroidCommand(program);
   registerAgentCommand(program);
   registerSubAgentV2Command(program);
   registerExecBackendV2Command(program);
@@ -466,6 +469,9 @@ export function createProgram(opts = {}) {
   // Phase 5: P2P, blockchain & enterprise
   registerP2pCommand(program);
   registerSyncCommand(program);
+  // Phase 3c follow-up — cc sync webdav / cc sync oss subgroups (credential mgmt).
+  // Must come AFTER registerSyncCommand so the `sync` parent exists.
+  registerSyncProviderCommands(program);
   registerWalletCommand(program);
   registerOrgCommand(program);
   registerPluginCommand(program);