copillm 0.1.0

package/dist/codex/init.js

@@ -0,0 +1,93 @@
+import fs from "node:fs";
+import path from "node:path";
+import { CopilotTokenManager } from "../auth/copilotToken.js";
+import { loadStoredCredential } from "../auth/credentials.js";
+import { loadConfig } from "../config/config.js";
+import { listModelsUnion } from "../models/discovery.js";
+import { ensureSecureDirectory, writeFileSecureAtomic } from "../config/fsSecurity.js";
+import { buildCodexCatalog } from "../server/codexSchema.js";
+import { inspectLock } from "../server/lock.js";
+export async function generateCodexHome(options) {
+    const config = loadConfig();
+    const creds = await loadStoredCredential();
+    if (!creds) {
+        throw new Error("Not authenticated. Run `copillm login` first.");
+    }
+    const tokenManager = new CopilotTokenManager(creds.token);
+    await tokenManager.ensureToken(false);
+    const discovery = await listModelsUnion(config.accountType, creds.token, 3);
+    const catalog = buildCodexCatalog(discovery.models);
+    if (catalog.models.length === 0) {
+        throw new Error("No Codex-eligible models found in the live catalog.");
+    }
+    const port = options.port;
+    const proxyUrl = `http://127.0.0.1:${port}/codex/v1`;
+    const baseUrl = proxyUrl;
+    const defaultModel = options.model ?? pickDefaultModel(catalog.models.map((model) => model.slug));
+    if (!catalog.models.some((model) => model.slug === defaultModel)) {
+        throw new Error(`Requested model "${defaultModel}" is not in the eligible catalog. Available: ${catalog.models.map((model) => model.slug).join(", ")}`);
+    }
+    const absOutDir = path.resolve(options.outDir);
+    ensureSecureDirectory(absOutDir);
+    const configPath = path.join(absOutDir, "config.toml");
+    const reasoningEffort = options.reasoningEffort ?? "medium";
+    const tomlBody = renderConfigToml({
+        model: defaultModel,
+        reasoningEffort,
+        providerId: options.providerId,
+        baseUrl
+    });
+    writeFileSecureAtomic(configPath, tomlBody, 0o600);
+    return {
+        outDir: absOutDir,
+        configPath,
+        modelCount: catalog.models.length,
+        defaultModel,
+        proxyUrl,
+        exportCommand: `CODEX_HOME=${absOutDir} codex`
+    };
+}
+function pickDefaultModel(slugs) {
+    const preferred = ["gpt-5.3-codex", "gpt-5.2-codex", "gpt-5.4", "gpt-5.2", "claude-opus-4.5", "claude-sonnet-4.6"];
+    for (const candidate of preferred) {
+        if (slugs.includes(candidate)) {
+            return candidate;
+        }
+    }
+    return slugs[0];
+}
+function renderConfigToml(input) {
+    return [
+        `# Generated by \`copillm start\` on ${new Date().toISOString()}`,
+        `# Use with: CODEX_HOME=<this directory> codex`,
+        ``,
+        `model = "${input.model}"`,
+        `model_provider = "${input.providerId}"`,
+        `model_reasoning_effort = "${input.reasoningEffort}"`,
+        `approvals_reviewer = "user"`,
+        ``,
+        `[model_providers.${input.providerId}]`,
+        `name = "copillm"`,
+        `base_url = "${input.baseUrl}"`,
+        `wire_api = "responses"`,
+        `requires_openai_auth = false`,
+        ``
+    ].join("\n");
+}
+export function defaultOutputDir(home) {
+    return path.join(home, "codex");
+}
+export function listExistingCodexHomes(home) {
+    const dir = path.join(home, "codex");
+    if (!fs.existsSync(dir)) {
+        return [];
+    }
+    return [dir];
+}
+export function proxyPortFromLock() {
+    const inspection = inspectLock();
+    if (inspection.state === "running") {
+        return inspection.lock.port;
+    }
+    return null;
+}

package/dist/config/config.js

@@ -0,0 +1,51 @@
+import fs from "node:fs";
+import { readFileSync } from "node:fs";
+import YAML from "yaml";
+import { z } from "zod";
+import { configPath, configReadPath, getCopillmHome } from "./home.js";
+import { ensureSecureDirectory, writeFileSecureAtomic } from "./fsSecurity.js";
+const ConfigSchema = z.object({
+    preferredPort: z.number().int().min(1).max(65535).default(4141),
+    requireCallerSecret: z.boolean().default(false),
+    selectedModels: z.array(z.string()).default([]),
+    accountType: z.enum(["individual", "business", "enterprise"]).default("individual")
+});
+const DEFAULT_CONFIG = {
+    preferredPort: 4141,
+    requireCallerSecret: false,
+    selectedModels: [],
+    accountType: "individual"
+};
+export function ensureAppHome() {
+    ensureSecureDirectory(getCopillmHome());
+}
+export function loadConfig() {
+    const file = configReadPath();
+    if (!fs.existsSync(file)) {
+        saveConfig(DEFAULT_CONFIG);
+        return DEFAULT_CONFIG;
+    }
+    const raw = readFileSync(file, "utf8");
+    let parsed;
+    try {
+        parsed = YAML.parse(raw);
+    }
+    catch (error) {
+        throw new Error(`Invalid YAML in config file: ${file}`, { cause: error });
+    }
+    return parseConfigValue(parsed, file);
+}
+export function saveConfig(config) {
+    ensureAppHome();
+    const normalized = parseConfigValue(config, "runtime");
+    writeFileSecureAtomic(configPath(), YAML.stringify(normalized), 0o600);
+}
+function parseConfigValue(value, source) {
+    const candidate = value ?? {};
+    const result = ConfigSchema.safeParse(candidate);
+    if (result.success) {
+        return result.data;
+    }
+    const issues = result.error.issues.map((issue) => `${issue.path.join(".") || "<root>"}: ${issue.message}`).join("; ");
+    throw new Error(`Invalid config schema in ${source}: ${issues}`);
+}

package/dist/config/fsSecurity.js

@@ -0,0 +1,39 @@
+import fs from "node:fs";
+import path from "node:path";
+export function ensureSecureDirectory(dirPath) {
+    if (!fs.existsSync(dirPath)) {
+        fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    }
+    applyModeIfSupported(dirPath, 0o700);
+}
+export function writeFileSecureAtomic(filePath, content, mode) {
+    ensureSecureDirectory(path.dirname(filePath));
+    const tempPath = `${filePath}.tmp-${process.pid}-${Date.now()}`;
+    fs.writeFileSync(tempPath, content, { mode });
+    applyModeIfSupported(tempPath, mode);
+    replaceFile(tempPath, filePath);
+    applyModeIfSupported(filePath, mode);
+}
+export function applyModeIfSupported(targetPath, mode) {
+    if (process.platform === "win32") {
+        return;
+    }
+    try {
+        fs.chmodSync(targetPath, mode);
+    }
+    catch (error) {
+        if (!(error instanceof Error) || !("code" in error) || error.code !== "ENOENT") {
+            throw error;
+        }
+    }
+}
+function replaceFile(sourcePath, destinationPath) {
+    if (process.platform !== "win32") {
+        fs.renameSync(sourcePath, destinationPath);
+        return;
+    }
+    if (fs.existsSync(destinationPath)) {
+        fs.unlinkSync(destinationPath);
+    }
+    fs.renameSync(sourcePath, destinationPath);
+}

package/dist/config/home.js

@@ -0,0 +1,62 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+export function getCopillmHome() {
+    const overridden = process.env.COPILLM_HOME;
+    if (overridden && overridden.trim().length > 0) {
+        return path.resolve(overridden.trim());
+    }
+    return path.join(os.homedir(), ".copillm");
+}
+export function configPath() {
+    return path.join(getCopillmHome(), "config.yaml");
+}
+export function configReadPath() {
+    return resolveReadablePath("config.yaml");
+}
+export function credentialsPath() {
+    return path.join(getCopillmHome(), "credentials.json");
+}
+export function credentialsReadPath() {
+    return resolveReadablePath("credentials.json");
+}
+export function lockPath() {
+    return path.join(getCopillmHome(), "copillm.pid");
+}
+export function lockReadPath() {
+    return resolveReadablePath("copillm.pid");
+}
+export function modelsCachePath() {
+    return path.join(getCopillmHome(), "models.cache.json");
+}
+export function modelsCacheReadPath() {
+    return resolveReadablePath("models.cache.json");
+}
+function resolveReadablePath(fileName) {
+    const canonical = path.join(getCopillmHome(), fileName);
+    if (fs.existsSync(canonical)) {
+        return canonical;
+    }
+    if (!process.env.COPILLM_HOME) {
+        const legacy = legacyHome();
+        if (legacy) {
+            const fallback = path.join(legacy, fileName);
+            if (fs.existsSync(fallback)) {
+                return fallback;
+            }
+        }
+    }
+    return canonical;
+}
+function legacyHome() {
+    if (process.platform === "darwin") {
+        return path.join(os.homedir(), "Library", "Application Support", "copillm");
+    }
+    if (process.platform === "win32") {
+        const appData = process.env.APPDATA;
+        if (appData && appData.trim().length > 0) {
+            return path.join(appData, "copillm");
+        }
+    }
+    return null;
+}

package/dist/config/logging.js

@@ -0,0 +1,33 @@
+import pino from "pino";
+export function createLogger() {
+    return pino({
+        level: process.env.COPILLM_LOG_LEVEL ?? "info",
+        redact: {
+            paths: [
+                "req.headers.authorization",
+                "req.headers.cookie",
+                "headers.cookie",
+                "headers.authorization",
+                "*.headers.authorization",
+                "*.headers.cookie",
+                "authorization",
+                "access_token",
+                "refresh_token",
+                "bearer",
+                "token",
+                "githubToken",
+                "github_token",
+                "responseBodySnippet",
+                "body",
+                "req.body",
+                "response.body",
+                "body.messages",
+                "body.input"
+            ],
+            remove: true
+        },
+        transport: process.env.COPILLM_LOG_PRETTY === "1"
+            ? { target: "pino-pretty", options: { colorize: true } }
+            : undefined
+    });
+}

package/dist/config/upstream.js

@@ -0,0 +1,38 @@
+const PROD_COPILOT_BASE_URLS = {
+    individual: "https://api.githubcopilot.com",
+    business: "https://api.business.githubcopilot.com",
+    enterprise: "https://api.enterprise.githubcopilot.com"
+};
+const PROD_TOKEN_EXCHANGE_URL = "https://api.github.com/copilot_internal/v2/token";
+const PROD_GITHUB_USER_URL = "https://api.github.com/user";
+export function copilotBaseUrl(accountType) {
+    const override = readEnv("COPILLM_UPSTREAM_BASE_URL");
+    if (override) {
+        return stripTrailingSlash(override);
+    }
+    return PROD_COPILOT_BASE_URLS[accountType];
+}
+export function tokenExchangeUrl() {
+    const override = readEnv("COPILLM_TOKEN_EXCHANGE_URL");
+    if (override) {
+        return override;
+    }
+    return PROD_TOKEN_EXCHANGE_URL;
+}
+export function githubUserUrl() {
+    const override = readEnv("COPILLM_GITHUB_USER_URL");
+    if (override) {
+        return override;
+    }
+    return PROD_GITHUB_USER_URL;
+}
+function readEnv(name) {
+    const value = process.env[name];
+    if (typeof value !== "string" || value.trim().length === 0) {
+        return null;
+    }
+    return value.trim();
+}
+function stripTrailingSlash(value) {
+    return value.endsWith("/") ? value.slice(0, -1) : value;
+}

package/dist/models/anthropicDefaults.js

@@ -0,0 +1,138 @@
+import fs from "node:fs";
+import { z } from "zod";
+import { modelsCacheReadPath } from "../config/home.js";
+export const ANTHROPIC_FAMILIES = ["opus", "sonnet", "haiku"];
+const SUFFIX_BLOCKLIST = [
+    "-high",
+    "-xhigh",
+    "-low",
+    "-min",
+    "-1m",
+    "-internal",
+    "-preview",
+    "-beta",
+    "-experimental",
+    "-canary"
+];
+const CachedSchema = z.object({
+    models: z.array(z.object({ id: z.string() }).passthrough())
+});
+export function computeAnthropicDefaults(modelIds) {
+    const byFamily = { opus: [], sonnet: [], haiku: [] };
+    for (const id of modelIds) {
+        const family = detectFamily(id);
+        if (family) {
+            byFamily[family].push(id);
+        }
+    }
+    return {
+        opus: pickPlainLatest(byFamily.opus),
+        sonnet: pickPlainLatest(byFamily.sonnet),
+        haiku: pickPlainLatest(byFamily.haiku)
+    };
+}
+export function readModelIdsFromCache() {
+    const file = modelsCacheReadPath();
+    if (!fs.existsSync(file)) {
+        return [];
+    }
+    try {
+        const raw = JSON.parse(fs.readFileSync(file, "utf8"));
+        const parsed = CachedSchema.safeParse(raw);
+        if (!parsed.success) {
+            return [];
+        }
+        return parsed.data.models.map((model) => model.id);
+    }
+    catch {
+        return [];
+    }
+}
+export function buildClaudeExportCommand(input) {
+    const token = input.callerSecret ?? "copillm-local";
+    const parts = [
+        `ANTHROPIC_BASE_URL=http://127.0.0.1:${input.port}/anthropic`,
+        `ANTHROPIC_AUTH_TOKEN=${token}`
+    ];
+    if (input.defaults.opus) {
+        parts.push(`ANTHROPIC_DEFAULT_OPUS_MODEL=${input.defaults.opus}`);
+    }
+    if (input.defaults.sonnet) {
+        parts.push(`ANTHROPIC_DEFAULT_SONNET_MODEL=${input.defaults.sonnet}`);
+    }
+    if (input.defaults.haiku) {
+        parts.push(`ANTHROPIC_DEFAULT_HAIKU_MODEL=${input.defaults.haiku}`);
+    }
+    if (input.enableGatewayDiscovery) {
+        parts.push(`CLAUDE_CODE_ENABLE_GATEWAY_MODEL_DISCOVERY=1`);
+    }
+    parts.push(`claude`);
+    return parts.join(" ");
+}
+function detectFamily(modelId) {
+    if (typeof modelId !== "string" || modelId.length === 0) {
+        return null;
+    }
+    const lower = modelId.toLowerCase();
+    if (!lower.startsWith("claude")) {
+        return null;
+    }
+    if (lower.includes("opus")) {
+        return "opus";
+    }
+    if (lower.includes("sonnet")) {
+        return "sonnet";
+    }
+    if (lower.includes("haiku")) {
+        return "haiku";
+    }
+    return null;
+}
+function pickPlainLatest(ids) {
+    if (ids.length === 0) {
+        return null;
+    }
+    const plain = ids.filter((id) => !hasBlockedSuffix(id));
+    const candidates = plain.length > 0 ? plain.slice() : ids.slice();
+    candidates.sort((a, b) => compareVersionDescending(a, b));
+    return candidates[0];
+}
+function hasBlockedSuffix(modelId) {
+    const lower = modelId.toLowerCase();
+    return SUFFIX_BLOCKLIST.some((suffix) => lower.includes(suffix));
+}
+function compareVersionDescending(a, b) {
+    const va = parseVersionInfo(a);
+    const vb = parseVersionInfo(b);
+    const length = Math.max(va.version.length, vb.version.length);
+    for (let i = 0; i < length; i += 1) {
+        const left = va.version[i] ?? 0;
+        const right = vb.version[i] ?? 0;
+        if (left !== right) {
+            return right - left;
+        }
+    }
+    if (va.date !== vb.date) {
+        return vb.date - va.date;
+    }
+    return b.localeCompare(a);
+}
+function parseVersionInfo(modelId) {
+    let stripped = modelId;
+    let date = 0;
+    const dateMatch = modelId.match(/-(\d{4})-?(\d{2})-?(\d{2})$/);
+    if (dateMatch && typeof dateMatch.index === "number") {
+        date = Number.parseInt(`${dateMatch[1]}${dateMatch[2]}${dateMatch[3]}`, 10);
+        stripped = modelId.slice(0, dateMatch.index);
+    }
+    const versionMatches = stripped.match(/(\d+(?:[.\-_]\d+)*)/g);
+    if (!versionMatches || versionMatches.length === 0) {
+        return { version: [], date };
+    }
+    const last = versionMatches[versionMatches.length - 1];
+    const version = last.split(/[.\-_]/).map((part) => {
+        const parsed = Number.parseInt(part, 10);
+        return Number.isNaN(parsed) ? 0 : parsed;
+    });
+    return { version, date };
+}

package/dist/models/discovery.js

@@ -0,0 +1,208 @@
+import fs from "node:fs";
+import { z } from "zod";
+import { modelsCachePath, modelsCacheReadPath } from "../config/home.js";
+import { writeFileSecureAtomic } from "../config/fsSecurity.js";
+import { copilotBaseUrl } from "../config/upstream.js";
+const ModelSchema = z
+    .object({
+    id: z.string().min(1)
+})
+    .passthrough();
+const ModelsCacheSchema = z.object({
+    version: z.literal(1),
+    accountType: z.enum(["individual", "business", "enterprise"]),
+    savedAtIso: z.string(),
+    models: z.array(ModelSchema)
+});
+const MODEL_RESOLUTION_RULES = [
+    { id: "exact", normalize: (value) => value },
+    { id: "case-insensitive", normalize: (value) => value.toLowerCase() },
+    { id: "separator-normalized", normalize: (value) => normalizeModelId(value) },
+    { id: "snapshot-trimmed", normalize: (value) => trimDateSnapshot(normalizeModelId(value)) }
+];
+export function accountBaseUrl(accountType) {
+    return copilotBaseUrl(accountType);
+}
+export async function listModels(accountType, bearerToken) {
+    try {
+        const response = await fetch(`${accountBaseUrl(accountType)}/models`, {
+            method: "GET",
+            headers: {
+                Authorization: `Bearer ${bearerToken}`,
+                "Content-Type": "application/json",
+                "User-Agent": "copillm/0.1.0"
+            }
+        });
+        if (!response.ok) {
+            throw new ModelDiscoveryHttpError(response.status);
+        }
+        const payload = (await response.json());
+        const candidateModels = extractModelArray(payload);
+        const parsed = z.array(ModelSchema).safeParse(candidateModels);
+        if (!parsed.success) {
+            throw new Error("Model discovery response is invalid.");
+        }
+        saveModelCache(accountType, parsed.data);
+        return {
+            models: parsed.data,
+            source: "live",
+            stale: false,
+            cacheAgeSeconds: 0,
+            warning: null
+        };
+    }
+    catch (error) {
+        if (!canUseCacheFallback(error)) {
+            throw error;
+        }
+        const cached = readModelCache(accountType);
+        if (!cached) {
+            const detail = error instanceof Error ? error.message : "unknown error";
+            throw new Error(`Model discovery failed and no cache snapshot is available: ${detail}`);
+        }
+        return {
+            models: cached.models,
+            source: "cache",
+            stale: true,
+            cacheAgeSeconds: Math.max(0, Math.floor((Date.now() - Date.parse(cached.savedAtIso)) / 1_000)),
+            warning: "Using stale model snapshot because upstream discovery is unreachable."
+        };
+    }
+}
+export async function listModelsUnion(accountType, bearerToken, attempts = 3) {
+    const seen = new Map();
+    let lastResult = null;
+    let lastError;
+    for (let i = 0; i < attempts; i += 1) {
+        try {
+            const result = await listModels(accountType, bearerToken);
+            lastResult = result;
+            for (const model of result.models) {
+                if (typeof model.id === "string" && !seen.has(model.id)) {
+                    seen.set(model.id, model);
+                }
+            }
+        }
+        catch (error) {
+            lastError = error;
+        }
+    }
+    if (lastResult === null) {
+        throw lastError ?? new Error("Model discovery failed across all attempts.");
+    }
+    return {
+        ...lastResult,
+        models: Array.from(seen.values())
+    };
+}
+function extractModelArray(payload) {
+    if (Array.isArray(payload)) {
+        return payload;
+    }
+    if (!payload || typeof payload !== "object") {
+        return payload;
+    }
+    const candidate = payload;
+    if (Array.isArray(candidate.data)) {
+        return candidate.data;
+    }
+    if (Array.isArray(candidate.models)) {
+        return candidate.models;
+    }
+    if (Array.isArray(candidate.value)) {
+        return candidate.value;
+    }
+    if (Array.isArray(candidate.available_models)) {
+        return candidate.available_models;
+    }
+    if (candidate.data && typeof candidate.data === "object") {
+        const nested = candidate.data;
+        if (Array.isArray(nested.models)) {
+            return nested.models;
+        }
+        if (Array.isArray(nested.value)) {
+            return nested.value;
+        }
+    }
+    return payload;
+}
+export function resolveModelId(inputModelId, availableModelIds) {
+    const direct = availableModelIds.find((id) => id === inputModelId);
+    if (direct) {
+        return { id: direct, rule: "exact" };
+    }
+    for (const rule of MODEL_RESOLUTION_RULES.slice(1)) {
+        const normalizedInput = rule.normalize(inputModelId);
+        const matches = availableModelIds.filter((candidate) => rule.normalize(candidate) === normalizedInput);
+        if (matches.length === 1) {
+            return { id: matches[0], rule: rule.id };
+        }
+        if (matches.length > 1) {
+            throw new Error(`Model "${inputModelId}" is ambiguous under "${rule.id}" rule: ${matches.join(", ")}. Select an exact model id.`);
+        }
+    }
+    return null;
+}
+export function resolveModelSelections(requestedModelIds, models) {
+    const availableModelIds = models.map((model) => model.id);
+    const resolved = [];
+    const unresolved = [];
+    for (const input of requestedModelIds) {
+        const match = resolveModelId(input, availableModelIds);
+        if (!match) {
+            unresolved.push(input);
+            continue;
+        }
+        resolved.push({ input, resolvedId: match.id, rule: match.rule });
+    }
+    return { resolved, unresolved };
+}
+class ModelDiscoveryHttpError extends Error {
+    status;
+    constructor(status) {
+        super(`Model discovery failed (${status}).`);
+        this.status = status;
+    }
+}
+function canUseCacheFallback(error) {
+    if (error instanceof ModelDiscoveryHttpError) {
+        return error.status === 429 || error.status >= 500;
+    }
+    return true;
+}
+function saveModelCache(accountType, models) {
+    const payload = {
+        version: 1,
+        accountType,
+        savedAtIso: new Date().toISOString(),
+        models
+    };
+    writeFileSecureAtomic(modelsCachePath(), JSON.stringify(payload, null, 2), 0o600);
+}
+function readModelCache(accountType) {
+    const filePath = modelsCacheReadPath();
+    if (!fs.existsSync(filePath)) {
+        return null;
+    }
+    let raw;
+    try {
+        raw = JSON.parse(fs.readFileSync(filePath, "utf8"));
+    }
+    catch {
+        return null;
+    }
+    const parsed = ModelsCacheSchema.safeParse(raw);
+    if (!parsed.success || parsed.data.accountType !== accountType) {
+        return null;
+    }
+    return {
+        savedAtIso: parsed.data.savedAtIso,
+        models: parsed.data.models
+    };
+}
+function normalizeModelId(value) {
+    return value.trim().toLowerCase().replace(/[\s._]+/g, "-");
+}
+function trimDateSnapshot(value) {
+    return value.replace(/-\d{4}-\d{2}-\d{2}$/, "");
+}