codex-webapp 0.1.7 → 0.1.8

package/scripts/verify-clean-release.mjs

@@ -0,0 +1,492 @@
+#!/usr/bin/env node
+import { spawnSync } from "node:child_process";
+import { Dirent } from "node:fs";
+import { readFile, readdir } from "node:fs/promises";
+import { fileURLToPath } from "node:url";
+import path from "node:path";
+
+import {
+  checkPackEntries,
+  findDependencyBoundaryViolations,
+} from "./check-public-package-boundary.mjs";
+
+const MIN_NODE_VERSION = [20, 11, 0];
+const DEPENDENCY_FIELDS = [
+  "dependencies",
+  "devDependencies",
+  "optionalDependencies",
+  "peerDependencies",
+  "bundleDependencies",
+  "bundledDependencies",
+];
+const SOURCE_SCAN_SKIP_DIRS = new Set([
+  ".git",
+  ".hg",
+  ".svn",
+  "coverage",
+  "dist",
+  "node_modules",
+  ".next",
+  ".turbo",
+  ".vite",
+]);
+const CONTENT_SCAN_EXTENSIONS = new Set([
+  ".cjs",
+  ".js",
+  ".json",
+  ".mjs",
+  ".ts",
+  ".tsx",
+  ".yml",
+  ".yaml",
+]);
+const CONTENT_SCAN_ALLOWLIST = [
+  /^docs\//,
+  /^test\//,
+  /^README(?:\.[^.]+)?\.md$/i,
+  /^ACKNOWLEDGEMENTS\.md$/i,
+  /^CONTRIBUTING\.md$/i,
+  /^LICENSE\.md$/i,
+  /^SECURITY\.md$/i,
+  /^SUPPORT\.md$/i,
+  /^scripts\/check-public-package-boundary\.mjs$/,
+  /^scripts\/verify-clean-release\.mjs$/,
+];
+
+const PRIVATE_ENGINE_NAME_PATTERNS = [
+  /(?:^|[/@._-])penso[._-]?render[._-]?envelope(?:$|[/@._-])/i,
+  /(?:^|[/@])@penso-os[/@]render[._-]?envelope(?:$|[/@._-])/i,
+];
+
+const FORBIDDEN_ARTIFACT_PATH_PATTERNS = [
+  {
+    label: "Codex App archive",
+    pattern: /(?:^|[/\\])app\.asar$/i,
+  },
+  {
+    label: "pre-extracted renderer payload",
+    pattern: /(?:^|[/\\])webview(?:[/\\]|$)/i,
+  },
+  {
+    label: "Codex/OpenAI binary-looking artifact",
+    pattern: /(?:^|[/\\])(?:codex|openai)(?:[-_.]?(?:app|cli|binary|runtime))?\.(?:app|asar|dmg|pkg|exe|bin|zip|tar|tgz|gz)$/i,
+  },
+  {
+    label: "secret environment file",
+    pattern: /(?:^|[/\\])\.env(?:\.|$)/i,
+  },
+  {
+    label: "npm credential file",
+    pattern: /(?:^|[/\\])\.npmrc$/i,
+  },
+  {
+    label: "token-looking path",
+    pattern: /(?:^|[/\\])(?:tokens?|api[-_]?keys?|auth[-_]?store)(?:[/\\.]|$)/i,
+  },
+  {
+    label: "cookie-looking path",
+    pattern: /(?:^|[/\\])cookies?(?:[/\\.]|$)/i,
+  },
+  {
+    label: "signed URL-looking path",
+    pattern: /(?:^|[/\\])signed[-_]?urls?(?:[/\\.]|$)/i,
+  },
+  {
+    label: "session database-looking path",
+    pattern: /(?:^|[/\\])(?:session|sessions|session[-_]?db|state)\.(?:db|sqlite|sqlite3)$/i,
+  },
+  {
+    label: "customer data-looking path",
+    pattern: /(?:^|[/\\])customer[-_]?data(?:[/\\.]|$)/i,
+  },
+  {
+    label: "private key-looking path",
+    pattern: /(?:^|[/\\])(?:id_rsa|id_ed25519|private[-_]?key|.*\.pem)$/i,
+  },
+];
+const FORBIDDEN_CONTENT_PATTERNS = [
+  {
+    label: "private engine package name",
+    pattern: /(?:^|[^a-z0-9])(?:@penso-os\/render[._-]?envelope|penso[._-]?render[._-]?envelope)(?:$|[^a-z0-9])/i,
+  },
+  {
+    label: "private GitHub package registry URL",
+    pattern: /npm\.pkg\.github\.com/i,
+  },
+  {
+    label: "private repo dependency spec",
+    pattern: /(?:github:|git\+https:\/\/github\.com\/|git\+ssh:\/\/git@github\.com:|file:\.\.\/)penso-os\/(?:penso[._-]?render[._-]?envelope|render[._-]?envelope)/i,
+  },
+  {
+    label: "OpenAI API key-looking value",
+    pattern: /\bsk-[A-Za-z0-9_-]{20,}\b/,
+  },
+  {
+    label: "GitHub token-looking value",
+    pattern: /\b(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{20,}\b/,
+  },
+  {
+    label: "private key block",
+    pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----/,
+  },
+  {
+    label: "signed URL-looking value",
+    pattern: /https?:\/\/[^\s"'`]+[?&](?:X-Amz-Signature|Signature|sig)=/i,
+  },
+];
+
+const PACK_METADATA_FIELDS = [
+  "name",
+  "version",
+  "filename",
+  "id",
+  "shasum",
+  "integrity",
+  "unpackedSize",
+];
+
+export function parseArgs(argv) {
+  const args = [...argv];
+  let privateEngineDir = process.env.PENSO_RENDER_ENVELOPE_DIR || "";
+  for (let index = 0; index < args.length; index += 1) {
+    const arg = args[index];
+    if (arg === "--private-engine-dir") {
+      const value = args[index + 1];
+      if (!value || value.startsWith("--")) {
+        throw new Error("--private-engine-dir requires a path value");
+      }
+      privateEngineDir = value;
+      index += 1;
+      continue;
+    }
+    if (arg.startsWith("--private-engine-dir=")) {
+      privateEngineDir = arg.slice("--private-engine-dir=".length);
+      continue;
+    }
+    throw new Error(`Unknown argument: ${arg}`);
+  }
+  return { privateEngineDir: privateEngineDir || null };
+}
+
+export function checkNodeVersion(version = process.versions.node) {
+  const actual = version.split(".").map((part) => Number(part));
+  for (let index = 0; index < MIN_NODE_VERSION.length; index += 1) {
+    const current = actual[index] || 0;
+    const required = MIN_NODE_VERSION[index];
+    if (current > required) return [];
+    if (current < required) {
+      return [`Node.js ${version} is below the clean release gate minimum ${MIN_NODE_VERSION.join(".")}`];
+    }
+  }
+  return [];
+}
+
+export function inspectManifestAndLock({ manifest, lockfile }) {
+  const violations = findDependencyBoundaryViolations({ manifest, lockfile });
+  for (const { source, name, spec } of dependencySpecEntries({ manifest, lockfile })) {
+    if (looksLikeBundledCodexRuntime(name, spec)) {
+      violations.push(`${source} appears to depend on a Codex/OpenAI runtime package: ${name}`);
+    }
+  }
+  return violations;
+}
+
+export function inspectPackJson(packJson) {
+  const entries = Array.isArray(packJson) ? packJson : [packJson];
+  const violations = [];
+  for (const entry of entries) {
+    for (const field of PACK_METADATA_FIELDS) {
+      if (entry?.[field] && hasPrivateEngineName(String(entry[field]))) {
+        violations.push(`npm pack metadata ${field} references a private engine package name`);
+      }
+    }
+    violations.push(...checkPackEntries(entry?.files || []));
+    violations.push(...inspectRelativePaths((entry?.files || []).map((file) => `package/${file.path || file}`)));
+  }
+  return uniqueViolations(violations);
+}
+
+export function inspectRelativePaths(relativePaths) {
+  const violations = [];
+  for (const originalPath of relativePaths) {
+    const normalized = normalizeForScan(originalPath);
+    if (!normalized) continue;
+    if (hasPrivateEngineName(normalized)) {
+      violations.push(`path appears to include a private engine package name: ${originalPath}`);
+    }
+    for (const { label, pattern } of FORBIDDEN_ARTIFACT_PATH_PATTERNS) {
+      if (pattern.test(normalized)) {
+        violations.push(`path appears to include ${label}: ${originalPath}`);
+      }
+    }
+  }
+  return uniqueViolations(violations);
+}
+
+export async function collectSourcePaths(rootDir) {
+  const paths = [];
+  await walk(rootDir, "", paths, null);
+  return paths;
+}
+
+export async function inspectSourceTree(rootDir) {
+  const entries = [];
+  await walk(rootDir, "", null, entries);
+  const sourcePaths = entries.map((entry) => entry.relativePath);
+  return uniqueViolations([
+    ...inspectRelativePaths(sourcePaths),
+    ...await inspectTextFileContents(rootDir, entries),
+  ]);
+}
+
+export async function verifyCleanRelease({
+  rootDir = process.cwd(),
+  privateEngineDir = null,
+  log = console.log,
+  errorLog = console.error,
+} = {}) {
+  const failures = [];
+  const results = [];
+
+  failures.push(...checkNodeVersion());
+
+  const manifest = JSON.parse(await readFile(path.join(rootDir, "package.json"), "utf8"));
+  const lockfile = JSON.parse(await readFile(path.join(rootDir, "package-lock.json"), "utf8"));
+  failures.push(...inspectManifestAndLock({ manifest, lockfile }));
+  failures.push(...await inspectSourceTree(rootDir));
+
+  results.push(runRequiredCommand({ label: "npm test", command: "npm", args: ["test"], cwd: rootDir, log }));
+  results.push(runRequiredCommand({
+    label: "npm run check:public-boundary",
+    command: "npm",
+    args: ["run", "check:public-boundary"],
+    cwd: rootDir,
+    log,
+  }));
+
+  const packResult = runPackDryRun(rootDir, log);
+  results.push(packResult);
+  if (packResult.ok && packResult.packJson) {
+    failures.push(...inspectPackJson(packResult.packJson));
+  }
+
+  if (manifest.scripts?.["start:dry-run"]) {
+    results.push(runRequiredCommand({
+      label: "npm run start:dry-run",
+      command: "npm",
+      args: ["run", "start:dry-run"],
+      cwd: rootDir,
+      log,
+    }));
+  } else {
+    results.push({ label: "npm run start:dry-run", ok: true, skipped: true, reason: "script is absent" });
+  }
+
+  if (privateEngineDir) {
+    const resolvedPrivateEngineDir = path.resolve(privateEngineDir);
+    results.push(runRequiredCommand({
+      label: `private engine npm test (${resolvedPrivateEngineDir})`,
+      command: "npm",
+      args: ["test"],
+      cwd: resolvedPrivateEngineDir,
+      log,
+    }));
+    results.push(runRequiredCommand({
+      label: `private engine npm pack --dry-run (${resolvedPrivateEngineDir})`,
+      command: "npm",
+      args: ["pack", "--dry-run"],
+      cwd: resolvedPrivateEngineDir,
+      log,
+    }));
+  } else {
+    results.push({
+      label: "private engine checks",
+      ok: true,
+      skipped: true,
+      reason: "set PENSO_RENDER_ENVELOPE_DIR or pass --private-engine-dir to include the private repo",
+    });
+  }
+
+  for (const result of results) {
+    if (!result.ok) {
+      failures.push(`${result.label} failed with exit code ${result.status}`);
+    }
+  }
+
+  const uniqueFailures = uniqueViolations(failures);
+  printSummary({ results, failures: uniqueFailures, log, errorLog });
+  return { ok: uniqueFailures.length === 0, results, failures: uniqueFailures };
+}
+
+function runPackDryRun(rootDir, log) {
+  log("==> npm pack --dry-run");
+  const result = spawnSync("npm", ["pack", "--dry-run", "--json", "--ignore-scripts"], {
+    cwd: rootDir,
+    encoding: "utf8",
+    stdio: ["ignore", "pipe", "inherit"],
+  });
+  if (result.status !== 0) {
+    return { label: "npm pack --dry-run", ok: false, status: result.status };
+  }
+  try {
+    const packJson = JSON.parse(result.stdout);
+    const entries = Array.isArray(packJson) ? packJson : [packJson];
+    for (const entry of entries) {
+      log(`packed ${entry.filename || entry.name || "package"} (${entry.files?.length || 0} files)`);
+    }
+    return { label: "npm pack --dry-run", ok: true, status: 0, packJson };
+  } catch (error) {
+    return {
+      label: `npm pack --dry-run JSON parse (${error.message})`,
+      ok: false,
+      status: 1,
+    };
+  }
+}
+
+export function runRequiredCommand({ label, command, args, cwd, log }) {
+  log(`==> ${label}`);
+  try {
+    const result = spawnSync(command, args, {
+      cwd,
+      stdio: "inherit",
+      env: process.env,
+    });
+    if (result.error) {
+      log(`Command could not start: ${result.error.message}`);
+      return { label, ok: false, status: "spawn-error" };
+    }
+    return { label, ok: result.status === 0, status: result.status };
+  } catch (error) {
+    log(`Command could not start: ${error.message}`);
+    return { label, ok: false, status: "spawn-error" };
+  }
+}
+
+function printSummary({ results, failures, log, errorLog }) {
+  log("\nClean release verification summary:");
+  for (const result of results) {
+    if (result.skipped) {
+      log(`- SKIP ${result.label}: ${result.reason}`);
+      continue;
+    }
+    log(`- ${result.ok ? "PASS" : "FAIL"} ${result.label}`);
+  }
+
+  if (failures.length > 0) {
+    errorLog("\nClean release verification found bounded release-readiness issues:");
+    for (const failure of failures) {
+      errorLog(`- ${failure}`);
+    }
+    return;
+  }
+  log("\nClean release verification passed. This is a bounded gate, not a guarantee of release safety.");
+}
+
+function looksLikeBundledCodexRuntime(name, spec) {
+  if (/^@openai\/codex$/i.test(name)) return true;
+  if (/^codex(?:-cli)?$/i.test(name) && /openai|codex/i.test(spec)) return true;
+  return false;
+}
+
+function dependencySpecEntries({ manifest, lockfile }) {
+  const entries = [];
+  collectDependencySpecs(entries, "package.json", manifest);
+  collectDependencySpecs(entries, "package-lock.json root", lockfile?.packages?.[""]);
+  for (const [packagePath, packageMeta] of Object.entries(lockfile?.packages || {})) {
+    collectDependencySpecs(entries, `package-lock.json ${packagePath || "<root>"}`, packageMeta);
+  }
+  for (const [name, meta] of Object.entries(lockfile?.dependencies || {})) {
+    entries.push({ source: `package-lock.json dependencies ${name}`, name, spec: String(meta?.version || "") });
+  }
+  return entries;
+}
+
+function collectDependencySpecs(entries, source, value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return;
+  for (const field of DEPENDENCY_FIELDS) {
+    for (const [name, spec] of Object.entries(value[field] || {})) {
+      entries.push({ source: `${source} ${field}`, name, spec: String(spec) });
+    }
+  }
+}
+
+function hasPrivateEngineName(value) {
+  return PRIVATE_ENGINE_NAME_PATTERNS.some((pattern) => pattern.test(normalizeForScan(value)));
+}
+
+function normalizeForScan(value) {
+  return String(value || "").replaceAll("\\", "/").replace(/^\/+/, "");
+}
+
+async function walk(rootDir, relativeDir, paths, entriesOut) {
+  const dir = path.join(rootDir, relativeDir);
+  let entries;
+  try {
+    entries = await readdir(dir, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const entry of entries) {
+    if (!(entry instanceof Dirent)) continue;
+    if (entry.name === "." || entry.name === "..") continue;
+    const relativePath = path.join(relativeDir, entry.name);
+    const normalized = normalizeForScan(relativePath);
+    if (entry.isDirectory()) {
+      if (SOURCE_SCAN_SKIP_DIRS.has(entry.name)) continue;
+      paths?.push(`${normalized}/`);
+      entriesOut?.push({ relativePath: `${normalized}/`, isFile: false });
+      await walk(rootDir, relativePath, paths, entriesOut);
+      continue;
+    }
+    paths?.push(normalized);
+    entriesOut?.push({ relativePath: normalized, isFile: true });
+  }
+}
+
+async function inspectTextFileContents(rootDir, entries) {
+  const violations = [];
+  for (const entry of entries) {
+    if (!entry.isFile || !shouldScanFileContent(entry.relativePath)) continue;
+    let text;
+    try {
+      text = await readFile(path.join(rootDir, entry.relativePath), "utf8");
+    } catch {
+      continue;
+    }
+    for (const { label, pattern } of FORBIDDEN_CONTENT_PATTERNS) {
+      if (pattern.test(text)) {
+        violations.push(`file content appears to include ${label}: ${entry.relativePath}`);
+      }
+    }
+  }
+  return violations;
+}
+
+function shouldScanFileContent(relativePath) {
+  const normalized = normalizeForScan(relativePath);
+  if (CONTENT_SCAN_ALLOWLIST.some((pattern) => pattern.test(normalized))) {
+    return false;
+  }
+  return CONTENT_SCAN_EXTENSIONS.has(path.extname(normalized));
+}
+
+function uniqueViolations(violations) {
+  return [...new Set(violations.filter(Boolean))];
+}
+
+const isDirectRun = process.argv[1]
+  && fileURLToPath(import.meta.url) === path.resolve(process.argv[1]);
+
+if (isDirectRun) {
+  try {
+    const { privateEngineDir } = parseArgs(process.argv.slice(2));
+    const result = await verifyCleanRelease({ privateEngineDir });
+    if (!result.ok) {
+      process.exit(1);
+    }
+  } catch (error) {
+    console.error(`Clean release verification failed to start: ${error.message}`);
+    process.exit(1);
+  }
+}

package/src/appServerBridge.js

@@ -0,0 +1,150 @@
+import { spawn } from "node:child_process";
+
+import { parseAppServerMessage, serializeAppServerMessage } from "./appServerMessageCodec.js";
+
+const REQUEST_TIMEOUT_MS = 30_000;
+const CLIENT_INFO = {
+  name: "codex-webapp",
+  title: "Codex WebApp",
+  version: "0.1.8",
+};
+
+export class CodexAppServerBridge {
+  constructor({
+    codexPath = "codex",
+    cwd = process.cwd(),
+    env = process.env,
+    timeoutMs = REQUEST_TIMEOUT_MS,
+    onNotification = null,
+  } = {}) {
+    this.codexPath = codexPath || "codex";
+    this.cwd = cwd || process.cwd();
+    this.env = env;
+    this.timeoutMs = timeoutMs;
+    this.onNotification = onNotification;
+    this.process = null;
+    this.buffer = "";
+    this.nextId = 1;
+    this.pending = new Map();
+    this.startPromise = null;
+    this.closed = false;
+  }
+
+  async request(method, params = {}) {
+    await this.ensureStarted();
+    return await this.sendRequest(method, params);
+  }
+
+  async ensureStarted() {
+    if (this.startPromise) return await this.startPromise;
+    this.startPromise = this.start();
+    return await this.startPromise;
+  }
+
+  async start() {
+    if (this.closed) throw new Error("Codex app-server bridge is closed");
+    this.process = spawn(this.codexPath, ["app-server", "--listen", "stdio://"], {
+      cwd: this.cwd,
+      env: this.env,
+      stdio: ["pipe", "pipe", "pipe"],
+    });
+    this.process.stdout.setEncoding("utf8");
+    this.process.stderr.setEncoding("utf8");
+    this.process.stdout.on("data", (chunk) => this.receiveStdout(chunk));
+    this.process.once("exit", (code, signal) => {
+      const exitStatus = signal || (code ?? "unknown");
+      const error = new Error(`codex app-server exited (${exitStatus})`);
+      for (const pending of this.pending.values()) pending.reject(error);
+      this.pending.clear();
+      this.process = null;
+      this.startPromise = null;
+    });
+
+    const stderr = [];
+    this.process.stderr.on("data", (chunk) => {
+      stderr.push(String(chunk));
+      if (stderr.join("").length > 16_384) stderr.shift();
+    });
+
+    try {
+      await this.sendRequest("initialize", {
+        clientInfo: CLIENT_INFO,
+        capabilities: { experimentalApi: true },
+      });
+      this.sendNotification("initialized", {});
+    } catch (error) {
+      throw new Error(`failed to initialize codex app-server: ${error.message}; ${stderr.join("").trim()}`);
+    }
+  }
+
+  sendRequest(method, params = {}) {
+    const id = this.nextId++;
+    this.write({ id, method, params });
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this.pending.delete(id);
+        reject(new Error(`timed out waiting for codex app-server response: ${method}`));
+      }, this.timeoutMs);
+      this.pending.set(id, { method, resolve, reject, timer });
+    });
+  }
+
+  sendNotification(method, params = {}) {
+    this.write({ method, params });
+  }
+
+  write(message) {
+    if (!this.process?.stdin?.writable) {
+      throw new Error("codex app-server stdin is not writable");
+    }
+    this.process.stdin.write(serializeAppServerMessage(message));
+  }
+
+  receiveStdout(chunk) {
+    this.buffer += chunk;
+    let newlineIndex;
+    while ((newlineIndex = this.buffer.indexOf("\n")) !== -1) {
+      const line = this.buffer.slice(0, newlineIndex);
+      this.buffer = this.buffer.slice(newlineIndex + 1);
+      if (!line.trim()) continue;
+      this.receiveLine(line);
+    }
+  }
+
+  receiveLine(line) {
+    const message = parseAppServerMessage(line);
+    if (!message) return;
+    if (message.id && this.pending.has(message.id)) {
+      const pending = this.pending.get(message.id);
+      this.pending.delete(message.id);
+      clearTimeout(pending.timer);
+      if (message.error) {
+        pending.reject(new Error(errorMessage(message.error)));
+        return;
+      }
+      pending.resolve(message.result ?? {});
+      return;
+    }
+    if (message.method && this.onNotification) {
+      this.onNotification(message);
+    }
+  }
+
+  close() {
+    this.closed = true;
+    for (const pending of this.pending.values()) {
+      clearTimeout(pending.timer);
+      pending.reject(new Error("Codex app-server bridge closed"));
+    }
+    this.pending.clear();
+    if (this.process && this.process.exitCode === null) {
+      this.process.kill();
+    }
+    this.process = null;
+  }
+}
+
+function errorMessage(error) {
+  if (!error || typeof error !== "object") return String(error);
+  return error.message || JSON.stringify(error);
+}

package/src/appServerMessageCodec.js

@@ -0,0 +1,12 @@
+export function parseAppServerMessage(line) {
+  try {
+    const message = JSON.parse(line);
+    return message && typeof message === "object" ? message : null;
+  } catch {
+    return null;
+  }
+}
+
+export function serializeAppServerMessage(message) {
+  return `${JSON.stringify(message)}\n`;
+}

package/src/auditEvidenceHook.js

@@ -0,0 +1,18 @@
+export function createAuditEvidenceHook(handler = null) {
+  return typeof handler === "function" ? handler : null;
+}
+
+export function emitAuditEvidence(hook, event) {
+  if (!hook) return;
+  const emit = () => {
+    try {
+      hook(event);
+    } catch {
+    }
+  };
+  if (typeof queueMicrotask === "function") {
+    queueMicrotask(emit);
+  } else {
+    setImmediate(emit);
+  }
+}

package/src/bridgeEventEnvelope.js

@@ -0,0 +1,29 @@
+export function parseBridgeFrame(data) {
+  try {
+    const frame = JSON.parse(Buffer.isBuffer(data) ? data.toString("utf8") : String(data));
+    if (!frame || typeof frame !== "object") return null;
+    return {
+      id: frame.id,
+      kind: frame.kind,
+      payload: frame.payload,
+    };
+  } catch {
+    return null;
+  }
+}
+
+export function bridgeEvent(payload) {
+  return { type: "event", payload };
+}
+
+export function bridgeResponse(id, result) {
+  return { id, ok: true, result };
+}
+
+export function bridgeErrorResponse(id, error) {
+  return { id, ok: false, error: String(error?.message ?? error) };
+}
+
+export function serializeBridgeMessage(message) {
+  return JSON.stringify(message);
+}