chainlesschain 0.37.8 → 0.37.10

package/src/lib/did-manager.js

@@ -0,0 +1,270 @@
+/**
+ * DID Manager — Decentralized Identity management for CLI.
+ * Ed25519 key generation, DID document creation, signing, and verification.
+ * Uses Node.js built-in crypto module (no external dependencies).
+ */
+
+import crypto from "crypto";
+
+/**
+ * Ensure DID tables exist.
+ */
+export function ensureDIDTables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS did_identities (
+      did TEXT PRIMARY KEY,
+      display_name TEXT,
+      public_key TEXT NOT NULL,
+      secret_key TEXT NOT NULL,
+      did_document TEXT,
+      is_default INTEGER DEFAULT 0,
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+}
+
+/**
+ * Generate an Ed25519 keypair.
+ * Returns { publicKey, secretKey } as hex strings.
+ */
+export function generateKeyPair() {
+  const { publicKey, privateKey } = crypto.generateKeyPairSync("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "der" },
+    privateKeyEncoding: { type: "pkcs8", format: "der" },
+  });
+  return {
+    publicKey: publicKey.toString("hex"),
+    secretKey: privateKey.toString("hex"),
+  };
+}
+
+/**
+ * Generate a DID from a public key.
+ * Format: did:chainless:<base64url-of-sha256-of-pubkey>
+ */
+export function generateDID(publicKeyHex) {
+  const hash = crypto
+    .createHash("sha256")
+    .update(Buffer.from(publicKeyHex, "hex"))
+    .digest();
+  const id = hash.toString("base64url").slice(0, 32);
+  return `did:chainless:${id}`;
+}
+
+/**
+ * Create a DID Document (W3C DID Core spec subset).
+ */
+export function createDIDDocument(did, publicKeyHex, displayName) {
+  return {
+    "@context": ["https://www.w3.org/ns/did/v1"],
+    id: did,
+    controller: did,
+    verificationMethod: [
+      {
+        id: `${did}#key-1`,
+        type: "Ed25519VerificationKey2020",
+        controller: did,
+        publicKeyHex: publicKeyHex,
+      },
+    ],
+    authentication: [`${did}#key-1`],
+    assertionMethod: [`${did}#key-1`],
+    service: displayName
+      ? [
+          {
+            id: `${did}#profile`,
+            type: "ProfileService",
+            serviceEndpoint: { name: displayName },
+          },
+        ]
+      : [],
+    created: new Date().toISOString(),
+  };
+}
+
+/**
+ * Create a new DID identity and store in DB.
+ */
+export function createIdentity(db, displayName) {
+  ensureDIDTables(db);
+
+  const keys = generateKeyPair();
+  const did = generateDID(keys.publicKey);
+  const doc = createDIDDocument(did, keys.publicKey, displayName);
+
+  // If no identities exist, this becomes the default
+  const count = db.prepare("SELECT COUNT(*) as c FROM did_identities").get().c;
+  const isDefault = count === 0 ? 1 : 0;
+
+  db.prepare(
+    `INSERT INTO did_identities (did, display_name, public_key, secret_key, did_document, is_default)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(
+    did,
+    displayName || null,
+    keys.publicKey,
+    keys.secretKey,
+    JSON.stringify(doc),
+    isDefault,
+  );
+
+  return {
+    did,
+    displayName,
+    publicKey: keys.publicKey,
+    document: doc,
+    isDefault: isDefault === 1,
+  };
+}
+
+/**
+ * Get identity by DID or prefix.
+ */
+export function getIdentity(db, didOrPrefix) {
+  ensureDIDTables(db);
+  return db
+    .prepare("SELECT * FROM did_identities WHERE did LIKE ?")
+    .get(`${didOrPrefix}%`);
+}
+
+/**
+ * Get all identities.
+ */
+export function getAllIdentities(db) {
+  ensureDIDTables(db);
+  return db
+    .prepare(
+      "SELECT * FROM did_identities ORDER BY is_default DESC, created_at DESC",
+    )
+    .all();
+}
+
+/**
+ * Get the default identity.
+ */
+export function getDefaultIdentity(db) {
+  ensureDIDTables(db);
+  return db.prepare("SELECT * FROM did_identities WHERE is_default = 1").get();
+}
+
+/**
+ * Set an identity as the default.
+ */
+export function setDefaultIdentity(db, did) {
+  ensureDIDTables(db);
+  const identity = getIdentity(db, did);
+  if (!identity) return false;
+
+  db.prepare("UPDATE did_identities SET is_default = ? WHERE did LIKE ?").run(
+    0,
+    "%",
+  );
+  db.prepare("UPDATE did_identities SET is_default = ? WHERE did = ?").run(
+    1,
+    identity.did,
+  );
+  return true;
+}
+
+/**
+ * Delete an identity by DID.
+ */
+export function deleteIdentity(db, did) {
+  ensureDIDTables(db);
+  const identity = getIdentity(db, did);
+  if (!identity) return false;
+
+  const result = db
+    .prepare("DELETE FROM did_identities WHERE did = ?")
+    .run(identity.did);
+  if (result.changes > 0 && identity.is_default) {
+    // Promote next identity to default
+    const next = db
+      .prepare("SELECT did FROM did_identities ORDER BY created_at ASC LIMIT 1")
+      .get();
+    if (next) {
+      db.prepare("UPDATE did_identities SET is_default = 1 WHERE did = ?").run(
+        next.did,
+      );
+    }
+  }
+  return result.changes > 0;
+}
+
+/**
+ * Sign a message using an identity's secret key.
+ * Returns the signature as hex string.
+ */
+export function signMessage(db, did, message) {
+  ensureDIDTables(db);
+  const identity = getIdentity(db, did);
+  if (!identity) throw new Error(`Identity not found: ${did}`);
+
+  const privateKey = crypto.createPrivateKey({
+    key: Buffer.from(identity.secret_key, "hex"),
+    format: "der",
+    type: "pkcs8",
+  });
+
+  const signature = crypto.sign(null, Buffer.from(message, "utf8"), privateKey);
+  return signature.toString("hex");
+}
+
+/**
+ * Verify a signature against a message and public key.
+ */
+export function verifySignature(publicKeyHex, message, signatureHex) {
+  try {
+    const publicKey = crypto.createPublicKey({
+      key: Buffer.from(publicKeyHex, "hex"),
+      format: "der",
+      type: "spki",
+    });
+
+    return crypto.verify(
+      null,
+      Buffer.from(message, "utf8"),
+      publicKey,
+      Buffer.from(signatureHex, "hex"),
+    );
+  } catch (_err) {
+    // Invalid key or signature format
+    return false;
+  }
+}
+
+/**
+ * Verify a signature using a DID from the database.
+ */
+export function verifyWithDID(db, did, message, signatureHex) {
+  const identity = getIdentity(db, did);
+  if (!identity) throw new Error(`Identity not found: ${did}`);
+  return verifySignature(identity.public_key, message, signatureHex);
+}
+
+/**
+ * Export identity (public data only, no secret key).
+ */
+export function exportIdentity(db, did) {
+  const identity = getIdentity(db, did);
+  if (!identity) return null;
+
+  return {
+    did: identity.did,
+    displayName: identity.display_name,
+    publicKey: identity.public_key,
+    document: JSON.parse(identity.did_document || "{}"),
+    createdAt: identity.created_at,
+  };
+}
+
+/**
+ * Resolve a DID — returns the DID document.
+ * Currently local-only resolution.
+ */
+export function resolveDID(db, did) {
+  const identity = getIdentity(db, did);
+  if (!identity) return null;
+  return JSON.parse(identity.did_document || "{}");
+}

package/src/lib/ensure-utf8.js

@@ -0,0 +1,59 @@
+/**
+ * Ensure UTF-8 encoding on Windows to prevent Chinese character garbling (乱码).
+ *
+ * Windows console defaults to the system codepage (e.g. CP936/GBK for Chinese),
+ * which causes UTF-8 output from Node.js to display as garbled text.
+ * This module sets the console codepage to 65001 (UTF-8) and configures
+ * Node.js streams to use UTF-8 encoding.
+ */
+
+import { execSync } from "child_process";
+
+/**
+ * Call this as early as possible in the process entry point.
+ */
+export function ensureUtf8() {
+  if (process.platform !== "win32") return;
+
+  // Set Windows console codepage to UTF-8
+  try {
+    execSync("chcp 65001", { stdio: "ignore" });
+  } catch (_err) {
+    // Ignore - may fail in non-interactive environments
+  }
+
+  // Ensure stdout/stderr use UTF-8 encoding
+  if (process.stdout.setDefaultEncoding) {
+    process.stdout.setDefaultEncoding("utf8");
+  }
+  if (process.stderr.setDefaultEncoding) {
+    process.stderr.setDefaultEncoding("utf8");
+  }
+
+  // Set environment variable so child processes inherit UTF-8
+  process.env.PYTHONIOENCODING = "utf-8";
+  process.env.LANG = "en_US.UTF-8";
+}
+
+/**
+ * Get spawn options that ensure UTF-8 output from child processes on Windows.
+ * Use this when spawning cmd.exe or other system processes.
+ *
+ * @param {object} [opts] - Additional spawn options to merge
+ * @returns {object} Spawn options with encoding set to utf-8
+ */
+export function getUtf8SpawnOptions(opts = {}) {
+  if (process.platform !== "win32") return { encoding: "utf-8", ...opts };
+
+  return {
+    encoding: "utf-8",
+    env: {
+      ...process.env,
+      PYTHONIOENCODING: "utf-8",
+      // Force cmd.exe to use UTF-8 codepage
+      CHCP: "65001",
+      ...opts.env,
+    },
+    ...opts,
+  };
+}

package/src/lib/git-integration.js

@@ -0,0 +1,220 @@
+/**
+ * Git integration — wraps system git commands for knowledge base versioning.
+ */
+
+import { execSync } from "child_process";
+import { existsSync } from "fs";
+import { join } from "path";
+
+/**
+ * Check if a directory is a git repository.
+ */
+export function isGitRepo(dir) {
+  return existsSync(join(dir, ".git"));
+}
+
+/**
+ * Run a git command and return stdout.
+ */
+export function gitExec(args, cwd) {
+  try {
+    return execSync(`git ${args}`, {
+      cwd,
+      encoding: "utf-8",
+      stdio: ["pipe", "pipe", "pipe"],
+    }).trim();
+  } catch (err) {
+    const stderr = err.stderr ? err.stderr.toString().trim() : "";
+    throw new Error(stderr || err.message);
+  }
+}
+
+/**
+ * Initialize a git repo in the given directory.
+ */
+export function gitInit(dir) {
+  if (isGitRepo(dir)) {
+    return { initialized: false, message: "Already a git repository" };
+  }
+  gitExec("init", dir);
+  return { initialized: true, message: "Initialized git repository" };
+}
+
+/**
+ * Get git status as structured data.
+ */
+export function gitStatus(dir) {
+  if (!isGitRepo(dir)) {
+    return { isRepo: false, files: [] };
+  }
+
+  // Use execSync directly to preserve leading whitespace in porcelain format
+  const output = execSync("git status --porcelain", {
+    cwd: dir,
+    encoding: "utf-8",
+    stdio: ["pipe", "pipe", "pipe"],
+  });
+  const files = output
+    .split("\n")
+    .filter(Boolean)
+    .map((line) => ({
+      status: line.substring(0, 2).trim(),
+      file: line.substring(3),
+    }));
+
+  const branch = getCurrentBranch(dir);
+
+  return {
+    isRepo: true,
+    branch,
+    files,
+    clean: files.length === 0,
+  };
+}
+
+/**
+ * Get current branch name.
+ */
+export function getCurrentBranch(dir) {
+  try {
+    return gitExec("rev-parse --abbrev-ref HEAD", dir);
+  } catch {
+    return "unknown";
+  }
+}
+
+/**
+ * Auto-commit all changes with a generated message.
+ */
+export function gitAutoCommit(dir, message) {
+  if (!isGitRepo(dir)) {
+    throw new Error("Not a git repository");
+  }
+
+  const status = gitStatus(dir);
+  if (status.clean) {
+    return { committed: false, message: "No changes to commit" };
+  }
+
+  // Stage all changes
+  gitExec("add -A", dir);
+
+  // Generate commit message if not provided
+  const commitMsg =
+    message ||
+    `auto: ${status.files.length} file(s) changed — ${new Date().toISOString().slice(0, 16)}`;
+
+  gitExec(`commit -m "${commitMsg.replace(/"/g, '\\"')}"`, dir);
+
+  const hash = gitExec("rev-parse --short HEAD", dir);
+
+  return {
+    committed: true,
+    hash,
+    message: commitMsg,
+    filesChanged: status.files.length,
+  };
+}
+
+/**
+ * Get recent commit log.
+ */
+export function gitLog(dir, limit = 10) {
+  if (!isGitRepo(dir)) {
+    return [];
+  }
+
+  try {
+    const output = gitExec(
+      `log --oneline --no-decorate -${limit} --format="%H|%h|%s|%ai|%an"`,
+      dir,
+    );
+    return output
+      .split("\n")
+      .filter(Boolean)
+      .map((line) => {
+        const [hash, shortHash, subject, date, author] = line.split("|");
+        return { hash, shortHash, subject, date, author };
+      });
+  } catch {
+    return [];
+  }
+}
+
+/**
+ * Analyze repository history statistics.
+ */
+export function gitHistoryAnalyze(dir) {
+  if (!isGitRepo(dir)) {
+    throw new Error("Not a git repository");
+  }
+
+  const totalCommits = parseInt(gitExec("rev-list --count HEAD", dir)) || 0;
+  const firstCommit =
+    totalCommits > 0
+      ? gitExec("log --reverse --format=%ai --max-count=1", dir)
+      : null;
+  const lastCommit =
+    totalCommits > 0 ? gitExec("log --format=%ai --max-count=1", dir) : null;
+
+  // Contributors
+  let contributors = [];
+  try {
+    const authorOutput = gitExec("shortlog -sn --no-merges HEAD", dir);
+    contributors = authorOutput
+      .split("\n")
+      .filter(Boolean)
+      .map((line) => {
+        const match = line.trim().match(/(\d+)\s+(.+)/);
+        return match ? { commits: parseInt(match[1]), author: match[2] } : null;
+      })
+      .filter(Boolean);
+  } catch {
+    // Empty repo or no commits
+  }
+
+  // File statistics
+  let fileCount = 0;
+  try {
+    const files = gitExec("ls-files", dir);
+    fileCount = files.split("\n").filter(Boolean).length;
+  } catch {
+    // Ignore
+  }
+
+  return {
+    totalCommits,
+    firstCommit,
+    lastCommit,
+    contributors,
+    trackedFiles: fileCount,
+  };
+}
+
+/**
+ * Install git hooks for auto-commit on note changes.
+ * Creates a post-commit hook that logs the commit.
+ */
+export function installHooks(dir) {
+  if (!isGitRepo(dir)) {
+    throw new Error("Not a git repository");
+  }
+
+  const hooksDir = join(dir, ".git", "hooks");
+  const hookPath = join(hooksDir, "pre-commit");
+
+  const hookContent = `#!/bin/sh
+# ChainlessChain auto-format hook
+echo "ChainlessChain: pre-commit hook running"
+`;
+
+  const { writeFileSync, chmodSync } = require("fs");
+  writeFileSync(hookPath, hookContent, "utf-8");
+  try {
+    chmodSync(hookPath, 0o755);
+  } catch {
+    // Windows may not support chmod
+  }
+
+  return { installed: true, hook: "pre-commit", path: hookPath };
+}