crosscheck-mcp 0.1.15 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1096,6 +1096,59 @@ function roundTo(x, n) {
1096
1096
  return Number(x.toFixed(n));
1097
1097
  }
1098
1098
 
1099
+ // src/core/license.ts
1100
+ init_esm_shims();
1101
+ import crypto from "crypto";
1102
+ var EMBEDDED_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
1103
+ MCowBQYDK2VwAyEA4zpZT92Hj6POb3orlxJVzsPJVp9+zIajq2Mcvex3fbk=
1104
+ -----END PUBLIC KEY-----`;
1105
+ function fromB64url(s) {
1106
+ const pad = s.length % 4 === 0 ? "" : "=".repeat(4 - s.length % 4);
1107
+ return Buffer.from(s.replace(/-/g, "+").replace(/_/g, "/") + pad, "base64");
1108
+ }
1109
+ function licenseEnforced() {
1110
+ return String(true) === "true";
1111
+ }
1112
+ function verifyLicense(jwt) {
1113
+ if (!jwt) return { ok: false, reason: "missing" };
1114
+ const [body, sig] = jwt.split(".");
1115
+ if (!body || !sig) return { ok: false, reason: "malformed" };
1116
+ try {
1117
+ const pub = crypto.createPublicKey(EMBEDDED_PUBLIC_KEY_PEM);
1118
+ if (!crypto.verify(null, Buffer.from(body), pub, fromB64url(sig))) {
1119
+ return { ok: false, reason: "bad_signature" };
1120
+ }
1121
+ } catch {
1122
+ return { ok: false, reason: "verify_error" };
1123
+ }
1124
+ try {
1125
+ const parsed = JSON.parse(fromB64url(body).toString("utf8"));
1126
+ if (typeof parsed.exp !== "number" || Date.now() > parsed.exp) {
1127
+ return { ok: false, reason: "expired" };
1128
+ }
1129
+ } catch {
1130
+ return { ok: false, reason: "bad_json" };
1131
+ }
1132
+ return { ok: true };
1133
+ }
1134
+ function enforceLicenseOrExit() {
1135
+ if (!licenseEnforced()) return;
1136
+ const result = verifyLicense(process.env["CROSSCHECK_LICENSE_JWT"]);
1137
+ if (!result.ok) {
1138
+ process.stderr.write(
1139
+ `crosscheck: no valid activation (license ${result.reason}).
1140
+ This engine is licensed and must be run through the crosscheck CLI on an
1141
+ active subscription. Install it with:
1142
+
1143
+ npx -y crosscheck-cli@latest install
1144
+
1145
+ Details + pricing: https://www.crosscheckagent.com
1146
+ `
1147
+ );
1148
+ process.exit(1);
1149
+ }
1150
+ }
1151
+
1099
1152
  // src/providers/registry.ts
1100
1153
  init_esm_shims();
1101
1154
 
@@ -2071,7 +2124,7 @@ Reasoning upgrade (Fable 5):
2071
2124
  Spend visibility:
2072
2125
  - Every reasoning-tool result carries a "run_summary" whose pre-rendered "text" block already includes a "spend by model (this call)" breakdown. Show that block \u2014 do not bury the cost.
2073
2126
  - "run_summary" also carries "session_by_model" + "session_cost_usd" (per-model spend for the whole session). At the END of a multi-turn task, present the session spend per model plus the aggregate total, so the user knows what the task cost without scrolling back.
2074
- - Fable 5's price is a provisional placeholder; rows from it are flagged "(est)"/estimated \u2014 say so when reporting those dollar figures.`;
2127
+ - Fable 5 is priced at $10 per million input tokens and $50 per million output tokens; the per-call and session spend already reflect this.`;
2075
2128
  }
2076
2129
 
2077
2130
  // src/tools/index.ts
@@ -12167,7 +12220,7 @@ var CHECK_INTERVAL_SECONDS = 3 * 24 * 60 * 60;
12167
12220
  var DEFAULT_PACKAGE = "crosscheck-cli";
12168
12221
  var FETCH_TIMEOUT_MS = 3e3;
12169
12222
  function engineVersion() {
12170
- return true ? "0.1.15" : "0.0.0-dev";
12223
+ return true ? "0.2.0" : "0.0.0-dev";
12171
12224
  }
12172
12225
  function defaultUpdateCachePath() {
12173
12226
  const base = process.env["CROSSCHECK_DATA_DIR"] || path10.join(os.homedir() || os.tmpdir(), ".crosscheck");
@@ -13529,7 +13582,7 @@ function attachUpdateNotice(result, toolName, opts) {
13529
13582
 
13530
13583
  // src/core/telemetry.ts
13531
13584
  init_esm_shims();
13532
- import crypto from "crypto";
13585
+ import crypto2 from "crypto";
13533
13586
  var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
13534
13587
  var BATCH_MAX = 100;
13535
13588
  var FLUSH_BATCH_AT = 25;
@@ -13577,7 +13630,7 @@ function canonicalEventBody(e) {
13577
13630
  ].join("|");
13578
13631
  }
13579
13632
  function signEvent(seatSigningKey, e) {
13580
- return crypto.createHmac("sha256", seatSigningKey).update(canonicalEventBody(e)).digest("hex");
13633
+ return crypto2.createHmac("sha256", seatSigningKey).update(canonicalEventBody(e)).digest("hex");
13581
13634
  }
13582
13635
  var configResolved = false;
13583
13636
  var config = null;
@@ -13642,7 +13695,7 @@ function scheduleFlush() {
13642
13695
  }
13643
13696
  function enqueue(cfg, input) {
13644
13697
  const base = {
13645
- eventId: crypto.randomUUID(),
13698
+ eventId: crypto2.randomUUID(),
13646
13699
  seatId: cfg.seatId,
13647
13700
  orgId: cfg.orgId,
13648
13701
  ts: (/* @__PURE__ */ new Date()).toISOString(),
@@ -13714,7 +13767,7 @@ async function flush() {
13714
13767
 
13715
13768
  // src/server.ts
13716
13769
  var SERVER_NAME = "crosscheck-agent";
13717
- var SERVER_VERSION = true ? "0.1.15" : "0.0.0-dev";
13770
+ var SERVER_VERSION = true ? "0.2.0" : "0.0.0-dev";
13718
13771
  function extractRunSummaryText(out) {
13719
13772
  if (out === null || typeof out !== "object" || Array.isArray(out)) return void 0;
13720
13773
  const rs = out["run_summary"];
@@ -14055,6 +14108,7 @@ function loadConfigFile(opts) {
14055
14108
  // src/entrypoints/node-stdio.ts
14056
14109
  var SHUTDOWN_TIMEOUT_MS = 2e3;
14057
14110
  async function main() {
14111
+ enforceLicenseOrExit();
14058
14112
  const cfgDataDir = process.env["CROSSCHECK_DATA_DIR"] || path14.join(process.env["HOME"] ?? process.env["USERPROFILE"] ?? "", ".crosscheck");
14059
14113
  const configFile = loadConfigFile({
14060
14114
  startDir: process.cwd(),