failproofai 0.0.6-beta.2 → 0.0.6-beta.3

package/.next/standalone/src/relay/daemon.ts

@@ -0,0 +1,362 @@
+import { spawn } from "node:child_process";
+import { existsSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+import { randomUUID } from "node:crypto";
+import { readTokens, writeTokens, isLoggedIn } from "../auth/token-store";
+import { readPid, writePid, clearPid, isProcessAlive } from "./pid";
+import {
+  claimPendingBatch,
+  readProcessingFile,
+  deleteProcessingFile,
+  findOrphanProcessingFiles,
+  type QueueEntry,
+} from "./queue";
+
+const QUEUE_DIR = join(homedir(), ".failproofai", "cache", "server-queue");
+const BATCH_SIZE = 100;
+const FLUSH_INTERVAL_MS = 2000;
+const RECONNECT_BASE_MS = 1000;
+const RECONNECT_MAX_MS = 60_000;
+const HTTP_TIMEOUT_MS = 10_000;
+const WS_CONNECT_TIMEOUT_MS = 15_000;
+const ACK_TIMEOUT_MS = 30_000;
+
+/**
+ * Lazy-start check: call on every hook invocation. Near-zero cost when daemon
+ * is already running (~1ms PID check); spawns daemon once after reboots.
+ */
+export function ensureRelayRunning(): void {
+  if (!isLoggedIn()) return;
+
+  const pid = readPid();
+  if (pid !== null && isProcessAlive(pid)) return;
+
+  if (pid !== null) clearPid();
+  spawnDaemon();
+}
+
+function spawnDaemon(): void {
+  const entrypoint = process.env.FAILPROOFAI_RELAY_ENTRYPOINT ?? process.argv[1];
+  if (!entrypoint) return;
+
+  const child = spawn(process.execPath, [entrypoint, "--relay-daemon"], {
+    detached: true,
+    stdio: "ignore",
+    env: { ...process.env, FAILPROOFAI_DAEMON: "1" },
+  });
+  child.unref();
+
+  if (typeof child.pid === "number") {
+    writePid(child.pid);
+  }
+}
+
+/**
+ * Block until the spawned daemon has been observed running, or until the
+ * timeout elapses. Used by `relay start` so we don't falsely report
+ * "Failed to start daemon" in the split-second window before the child
+ * has finished exec-ing.
+ */
+export async function waitForRelayAlive(timeoutMs = 2_000): Promise<boolean> {
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
+    const pid = readPid();
+    if (pid !== null && isProcessAlive(pid)) return true;
+    await new Promise((r) => setTimeout(r, 50));
+  }
+  return false;
+}
+
+async function refreshTokenIfNeeded(): Promise<string | null> {
+  const tokens = readTokens();
+  if (!tokens) return null;
+
+  const nowSec = Math.floor(Date.now() / 1000);
+  if (tokens.expires_at - nowSec > 300) {
+    return tokens.access_token;
+  }
+
+  try {
+    const resp = await fetch(`${tokens.server_url}/api/v1/auth/refresh`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refresh_token: tokens.refresh_token }),
+      signal: AbortSignal.timeout(HTTP_TIMEOUT_MS),
+    });
+    if (!resp.ok) return tokens.access_token;
+    const refreshed = (await resp.json()) as {
+      access_token: string;
+      refresh_token: string;
+      expires_in: number;
+    };
+    writeTokens({
+      ...tokens,
+      access_token: refreshed.access_token,
+      refresh_token: refreshed.refresh_token,
+      expires_at: nowSec + refreshed.expires_in,
+    });
+    return refreshed.access_token;
+  } catch {
+    return tokens.access_token;
+  }
+}
+
+type WebSocketLike = {
+  send(data: string): void;
+  close(): void;
+  readyState: number;
+  onopen: (() => void) | null;
+  onmessage: ((ev: { data: string }) => void) | null;
+  onerror: ((ev: unknown) => void) | null;
+  onclose: (() => void) | null;
+};
+
+class Relay {
+  private readonly ws: WebSocketLike;
+  private readonly pendingAcks = new Map<string, (ok: boolean) => void>();
+  private closed = false;
+
+  constructor(ws: WebSocketLike) {
+    this.ws = ws;
+    ws.onmessage = (ev) => this.handleMessage(ev.data);
+    ws.onclose = () => this.handleClose();
+    ws.onerror = () => this.handleClose();
+  }
+
+  private handleMessage(data: string): void {
+    try {
+      const msg = JSON.parse(data) as { ack?: string; error?: string };
+      if (msg.ack && this.pendingAcks.has(msg.ack)) {
+        const resolve = this.pendingAcks.get(msg.ack)!;
+        this.pendingAcks.delete(msg.ack);
+        resolve(true);
+      }
+    } catch {
+      // Ignore unparseable server messages
+    }
+  }
+
+  private handleClose(): void {
+    this.closed = true;
+    // Reject all outstanding acks so callers can retry
+    for (const [, resolve] of this.pendingAcks) {
+      resolve(false);
+    }
+    this.pendingAcks.clear();
+  }
+
+  isClosed(): boolean {
+    return this.closed;
+  }
+
+  close(): void {
+    try {
+      this.ws.close();
+    } catch {
+      // ignore
+    }
+  }
+
+  /**
+   * Send a batch and wait for the server's ack (keyed on batch_id).
+   * Returns true only when the server confirms the insert.
+   */
+  async sendBatchAndWaitAck(events: QueueEntry[]): Promise<boolean> {
+    if (this.closed) return false;
+    const batchId = randomUUID();
+
+    const ackPromise = new Promise<boolean>((resolve) => {
+      this.pendingAcks.set(batchId, resolve);
+      setTimeout(() => {
+        if (this.pendingAcks.delete(batchId)) resolve(false);
+      }, ACK_TIMEOUT_MS);
+    });
+
+    try {
+      this.ws.send(JSON.stringify({ batch_id: batchId, events }));
+    } catch {
+      this.pendingAcks.delete(batchId);
+      return false;
+    }
+
+    return ackPromise;
+  }
+}
+
+async function connect(wsUrl: string, token: string): Promise<WebSocketLike> {
+  const WSCtor: any = (globalThis as any).WebSocket;
+  if (!WSCtor) {
+    throw new Error("WebSocket not available in this Node version. Requires Node 22+.");
+  }
+  const ws: WebSocketLike = new WSCtor(wsUrl);
+
+  await new Promise<void>((resolve, reject) => {
+    let settled = false;
+    const timeout = setTimeout(() => {
+      if (settled) return;
+      settled = true;
+      try {
+        ws.close();
+      } catch {
+        // ignore
+      }
+      reject(new Error("WebSocket connect timeout"));
+    }, WS_CONNECT_TIMEOUT_MS);
+
+    ws.onopen = () => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timeout);
+      try {
+        ws.send(token);
+        resolve();
+      } catch (e) {
+        reject(e);
+      }
+    };
+    ws.onerror = (e) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timeout);
+      reject(e);
+    };
+    ws.onclose = () => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timeout);
+      reject(new Error("WebSocket closed before opening"));
+    };
+  });
+
+  return ws;
+}
+
+/**
+ * Send all events from a processing file and wait for server acks on every
+ * batch. Returns true only when every batch was acknowledged — in that
+ * case the caller may delete the processing file.
+ */
+async function sendProcessingFile(relay: Relay, path: string): Promise<boolean> {
+  const events = readProcessingFile(path);
+  if (events.length === 0) return true;
+
+  for (let i = 0; i < events.length; i += BATCH_SIZE) {
+    const batch = events.slice(i, i + BATCH_SIZE);
+    const ok = await relay.sendBatchAndWaitAck(batch);
+    if (!ok) return false;
+  }
+  return true;
+}
+
+export async function runDaemon(): Promise<void> {
+  let reconnectDelay = RECONNECT_BASE_MS;
+
+  while (true) {
+    const token = await refreshTokenIfNeeded();
+    const tokens = readTokens();
+    if (!token || !tokens) {
+      await new Promise((r) => setTimeout(r, 30_000));
+      continue;
+    }
+
+    const wsUrl = `${tokens.server_url.replace(/^http/, "ws")}/ws/events/ingest`;
+
+    try {
+      const ws = await connect(wsUrl, token);
+      const relay = new Relay(ws);
+      reconnectDelay = RECONNECT_BASE_MS;
+
+      // Drain any orphaned processing files from a prior crash first
+      for (const orphan of findOrphanProcessingFiles()) {
+        if (relay.isClosed()) break;
+        const ok = await sendProcessingFile(relay, orphan);
+        if (ok) deleteProcessingFile(orphan);
+      }
+
+      while (!relay.isClosed()) {
+        let processingFile: string | null = null;
+        try {
+          processingFile = claimPendingBatch();
+        } catch {
+          // Transient FS error — retry on next tick
+        }
+
+        if (processingFile) {
+          const ok = await sendProcessingFile(relay, processingFile);
+          if (ok) {
+            deleteProcessingFile(processingFile);
+          } else {
+            // Ack failed or connection dropped — leave file for retry
+            break;
+          }
+        }
+        await new Promise((r) => setTimeout(r, FLUSH_INTERVAL_MS));
+      }
+
+      relay.close();
+    } catch {
+      // Connection failed — wait and retry with backoff
+    }
+
+    if (existsSync(QUEUE_DIR)) {
+      // noop; QUEUE_DIR referenced to preserve import when tree-shaking
+    }
+
+    await new Promise((r) => setTimeout(r, reconnectDelay));
+    reconnectDelay = Math.min(reconnectDelay * 2, RECONNECT_MAX_MS);
+  }
+}
+
+/**
+ * One-shot: POST all pending events to the server via REST batch endpoint.
+ * Used by `failproofai sync` — same rotate-then-delete pattern, but with
+ * HTTP response status as the ack mechanism.
+ */
+export async function runOneShotSync(): Promise<number> {
+  const token = await refreshTokenIfNeeded();
+  const tokens = readTokens();
+  if (!token || !tokens) {
+    throw new Error("Not logged in. Run `failproofai login` first.");
+  }
+
+  let total = 0;
+
+  async function postBatch(events: QueueEntry[]): Promise<void> {
+    const resp = await fetch(`${tokens!.server_url}/api/v1/events/batch`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${token}`,
+      },
+      body: JSON.stringify({ events }),
+      signal: AbortSignal.timeout(HTTP_TIMEOUT_MS),
+    });
+    if (!resp.ok) {
+      throw new Error(`Sync failed: ${resp.status} ${resp.statusText}`);
+    }
+  }
+
+  // Drain orphans first
+  for (const orphan of findOrphanProcessingFiles()) {
+    const events = readProcessingFile(orphan);
+    if (events.length > 0) {
+      await postBatch(events);
+      total += events.length;
+    }
+    deleteProcessingFile(orphan);
+  }
+
+  // Drain fresh pending batch
+  const processingFile = claimPendingBatch();
+  if (processingFile) {
+    const events = readProcessingFile(processingFile);
+    if (events.length > 0) {
+      await postBatch(events);
+      total += events.length;
+    }
+    deleteProcessingFile(processingFile);
+  }
+
+  return total;
+}

package/.next/standalone/src/relay/pid.ts

@@ -0,0 +1,76 @@
+import { readFileSync, writeFileSync, existsSync, unlinkSync, mkdirSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+
+const PID_FILE = join(homedir(), ".failproofai", "relay.pid");
+
+export function readPid(): number | null {
+  if (!existsSync(PID_FILE)) return null;
+  try {
+    const raw = readFileSync(PID_FILE, "utf8").trim();
+    const pid = parseInt(raw, 10);
+    if (Number.isNaN(pid) || pid <= 0) return null;
+    return pid;
+  } catch {
+    return null;
+  }
+}
+
+export function writePid(pid: number): void {
+  const dir = dirname(PID_FILE);
+  if (!existsSync(dir)) mkdirSync(dir, { recursive: true, mode: 0o700 });
+  writeFileSync(PID_FILE, String(pid));
+}
+
+export function clearPid(): void {
+  if (existsSync(PID_FILE)) unlinkSync(PID_FILE);
+}
+
+interface ErrnoError extends Error {
+  code?: string;
+}
+
+/**
+ * `process.kill(pid, 0)` sends signal 0 as an existence probe.
+ *
+ *   no throw  → PID exists and we can signal it
+ *   ESRCH     → PID doesn't exist (process is gone)
+ *   EPERM     → PID exists but belongs to a different user — still ALIVE,
+ *               just unsignalable by us. Treating this as "dead" would cause
+ *               us to clear the PID file and spawn a second daemon while
+ *               the first keeps running.
+ */
+export function isProcessAlive(pid: number): boolean {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (err) {
+    const e = err as ErrnoError;
+    // EPERM means the process exists but we can't signal it — still alive
+    if (e?.code === "EPERM") return true;
+    // ESRCH or anything else → treat as dead
+    return false;
+  }
+}
+
+export function stopRelay(): boolean {
+  const pid = readPid();
+  if (pid === null) return false;
+  if (!isProcessAlive(pid)) {
+    clearPid();
+    return false;
+  }
+  try {
+    process.kill(pid, "SIGTERM");
+    clearPid();
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+export function relayStatus(): { running: boolean; pid: number | null } {
+  const pid = readPid();
+  if (pid === null) return { running: false, pid: null };
+  return { running: isProcessAlive(pid), pid };
+}

package/.next/standalone/src/relay/queue.ts

@@ -0,0 +1,225 @@
+import {
+  appendFileSync,
+  mkdirSync,
+  existsSync,
+  readFileSync,
+  statSync,
+  renameSync,
+  unlinkSync,
+  readdirSync,
+  chmodSync,
+} from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+import { createHash, randomUUID } from "node:crypto";
+import { isLoggedIn } from "../auth/token-store";
+
+const QUEUE_DIR = join(homedir(), ".failproofai", "cache", "server-queue");
+const PENDING_FILE = join(QUEUE_DIR, "pending.jsonl");
+const PROCESSING_PREFIX = "processing-";
+
+// Cap — if the queue file exceeds this, `appendToServerQueue` is a no-op.
+// Prevents unbounded growth when the daemon is down for a long time or the
+// user installed the CLI but never logged in.
+const MAX_QUEUE_BYTES = 50 * 1024 * 1024; // 50 MB
+
+export interface RawEntry {
+  timestamp: number;
+  eventType: string;
+  toolName?: string | null;
+  policyName?: string | null;
+  policyNames?: string[];
+  decision: string;
+  reason?: string | null;
+  durationMs: number;
+  sessionId?: string | null;
+  transcriptPath?: string | null;
+  cwd?: string | null;
+  permissionMode?: string | null;
+  hookEventName?: string | null;
+  toolInput?: Record<string, unknown>;
+}
+
+/**
+ * What actually gets persisted and sent to the server. Intentionally a
+ * narrower shape than RawEntry — we drop / hash anything that could leak
+ * secrets or paths:
+ *   - toolInput: dropped entirely (can contain credentials, file contents, commands)
+ *   - cwd: replaced with cwd_hash (SHA-256) so the server can group by project
+ *   - transcriptPath: dropped (local-only filesystem path)
+ *   - reason: passed through a redactor for common credential patterns
+ */
+export interface QueueEntry {
+  client_event_id: string;
+  timestamp: number;
+  event_type: string;
+  tool_name: string | null;
+  policy_name: string | null;
+  policy_names: string[];
+  decision: string;
+  reason: string | null;
+  duration_ms: number;
+  session_id: string | null;
+  cwd_hash: string | null;
+  permission_mode: string | null;
+  hook_event_name: string | null;
+}
+
+function hashCwd(cwd: string | null | undefined): string | null {
+  if (!cwd) return null;
+  return createHash("sha256").update(cwd).digest("hex");
+}
+
+function redactReason(reason: string | null | undefined): string | null {
+  if (!reason) return reason ?? null;
+  return reason
+    .replace(/AKIA[0-9A-Z]{16}/g, "[REDACTED-AWS-KEY]")
+    .replace(/eyJ[A-Za-z0-9_=-]+\.[A-Za-z0-9_=-]+\.[A-Za-z0-9_=-]+/g, "[REDACTED-JWT]")
+    .replace(/ghp_[A-Za-z0-9]{36,}/g, "[REDACTED-GH-TOKEN]")
+    .replace(/sk-[A-Za-z0-9]{20,}/g, "[REDACTED-API-KEY]")
+    .replace(/Bearer\s+[A-Za-z0-9_.=+-]+/gi, "Bearer [REDACTED]");
+}
+
+function sanitize(entry: RawEntry): QueueEntry {
+  return {
+    client_event_id: randomUUID(),
+    timestamp: entry.timestamp,
+    event_type: entry.eventType,
+    tool_name: entry.toolName ?? null,
+    policy_name: entry.policyName ?? null,
+    policy_names: entry.policyNames ?? [],
+    decision: entry.decision,
+    reason: redactReason(entry.reason),
+    duration_ms: entry.durationMs,
+    session_id: entry.sessionId ?? null,
+    cwd_hash: hashCwd(entry.cwd),
+    permission_mode: entry.permissionMode ?? null,
+    hook_event_name: entry.hookEventName ?? null,
+  };
+}
+
+function ensureDir(): void {
+  if (!existsSync(QUEUE_DIR)) {
+    mkdirSync(QUEUE_DIR, { recursive: true, mode: 0o700 });
+  }
+}
+
+/**
+ * Hook-side API — append one event to the pending queue.
+ *
+ * Uses `appendFileSync` (O_APPEND) which is atomic for small writes, so
+ * concurrent hook processes interleave lines correctly without clobbering
+ * each other. Sanitizes sensitive fields before persisting.
+ *
+ * No-op cases (keeps hook path fast and safe):
+ *   - User not logged in (no auth.json exists)
+ *   - Queue file already exceeds MAX_QUEUE_BYTES (prevents unbounded growth)
+ */
+export function appendToServerQueue(entry: RawEntry): void {
+  if (!isLoggedIn()) return;
+  ensureDir();
+
+  try {
+    if (existsSync(PENDING_FILE) && statSync(PENDING_FILE).size > MAX_QUEUE_BYTES) {
+      return;
+    }
+  } catch {
+    // existsSync/statSync races are fine; proceed
+  }
+
+  const sanitized = sanitize(entry);
+  appendFileSync(PENDING_FILE, JSON.stringify(sanitized) + "\n", { mode: 0o600 });
+
+  // Tighten perms on first create in case the umask allowed wider access
+  try {
+    chmodSync(PENDING_FILE, 0o600);
+  } catch {
+    // Windows or non-critical; skip
+  }
+}
+
+export function queueSizeBytes(): number {
+  try {
+    return statSync(PENDING_FILE).size;
+  } catch {
+    return 0;
+  }
+}
+
+interface ClaimError extends Error {
+  code?: string;
+}
+
+/**
+ * Daemon-side API — atomically claim all pending events into a new
+ * processing file. Returns the processing file path, or null ONLY when
+ * there's nothing to claim (ENOENT). Other errors throw so we don't
+ * silently strand events.
+ */
+export function claimPendingBatch(): string | null {
+  if (!existsSync(PENDING_FILE)) return null;
+  try {
+    const size = statSync(PENDING_FILE).size;
+    if (size === 0) return null;
+  } catch {
+    return null;
+  }
+
+  const seq = `${Date.now()}-${process.pid}`;
+  const processingFile = join(QUEUE_DIR, `${PROCESSING_PREFIX}${seq}.jsonl`);
+  try {
+    renameSync(PENDING_FILE, processingFile);
+    try {
+      chmodSync(processingFile, 0o600);
+    } catch {
+      // non-critical
+    }
+    return processingFile;
+  } catch (err) {
+    const e = err as ClaimError;
+    if (e?.code === "ENOENT") return null;
+    // Real failure (EACCES, EIO, etc.) — surface to caller; don't lose events
+    throw err;
+  }
+}
+
+export function findOrphanProcessingFiles(): string[] {
+  ensureDir();
+  try {
+    return readdirSync(QUEUE_DIR)
+      .filter((n) => n.startsWith(PROCESSING_PREFIX) && n.endsWith(".jsonl"))
+      .map((n) => join(QUEUE_DIR, n))
+      .sort();
+  } catch {
+    return [];
+  }
+}
+
+/**
+ * Parse a processing file into structured events, skipping (and logging
+ * via stderr) any malformed JSON lines so one bad entry doesn't wedge
+ * the entire file forever.
+ */
+export function readProcessingFile(path: string): QueueEntry[] {
+  if (!existsSync(path)) return [];
+  const content = readFileSync(path, "utf8");
+  const out: QueueEntry[] = [];
+  for (const line of content.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed) continue;
+    try {
+      out.push(JSON.parse(trimmed) as QueueEntry);
+    } catch {
+      // Skip malformed line — we can't recover it
+    }
+  }
+  return out;
+}
+
+export function deleteProcessingFile(path: string): void {
+  try {
+    unlinkSync(path);
+  } catch {
+    // best-effort; stale processing files are cleaned up on next run
+  }
+}