heyio 0.42.0 → 1.0.0

package/dist/api/mcp.test.js

@@ -1,285 +0,0 @@
-/**
- * Integration tests for MCP API endpoints (#279).
- *
- * Strategy: spin up a minimal Express server that mounts the same MCP route
- * handlers as src/api/server.ts, but pointed at a temp config file via
- * setMcpConfigPathForTests(). Tests make real HTTP requests using node:http.
- * The /mcp/reload endpoint uses an injectable reload fn to avoid pulling in
- * the full orchestrator (which needs DB + Copilot client).
- */
-import { describe, it, before, after, beforeEach } from "node:test";
-import assert from "node:assert/strict";
-import { mkdtempSync, rmSync } from "node:fs";
-import { tmpdir } from "node:os";
-import { join } from "node:path";
-import http from "node:http";
-import express from "express";
-import { setMcpConfigPathForTests, resetMcpConfigPath, loadMcpConfig, saveMcpConfig } from "../mcp/config.js";
-// ── Helpers ───────────────────────────────────────────────────────────────────
-function req(method, port, path, body) {
-    return new Promise((resolve, reject) => {
-        const payload = body !== undefined ? JSON.stringify(body) : undefined;
-        const options = {
-            hostname: "127.0.0.1",
-            port,
-            path,
-            method,
-            headers: {
-                ...(payload ? { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(payload) } : {}),
-            },
-        };
-        const r = http.request(options, (res) => {
-            let data = "";
-            res.on("data", (chunk) => { data += chunk; });
-            res.on("end", () => {
-                try {
-                    resolve({ status: res.statusCode ?? 0, body: JSON.parse(data) });
-                }
-                catch {
-                    resolve({ status: res.statusCode ?? 0, body: data });
-                }
-            });
-        });
-        r.on("error", reject);
-        if (payload)
-            r.write(payload);
-        r.end();
-    });
-}
-// ── Test server setup ─────────────────────────────────────────────────────────
-let server;
-let port;
-let tmpDir;
-let configPath;
-function buildMcpApp(reloadFn = async () => { }) {
-    const app = express();
-    app.use(express.json());
-    app.get("/api/mcp/servers", (_req, res) => {
-        try {
-            const config = loadMcpConfig();
-            res.json({ servers: config.servers });
-        }
-        catch (e) {
-            res.status(500).json({ error: e instanceof Error ? e.message : String(e) });
-        }
-    });
-    app.post("/api/mcp/servers", (req, res) => {
-        const { name, command, args, url, env } = req.body;
-        if (!name) {
-            res.status(400).json({ error: "name is required" });
-            return;
-        }
-        if (!command && !url) {
-            res.status(400).json({ error: "command or url is required" });
-            return;
-        }
-        try {
-            const config = loadMcpConfig();
-            if (config.servers.find(s => s.name === name)) {
-                res.status(409).json({ error: "server already exists" });
-                return;
-            }
-            config.servers.push({ name, command, args, url, env, enabled: true });
-            saveMcpConfig(config);
-            res.status(201).json({ ok: true });
-        }
-        catch (e) {
-            res.status(500).json({ error: e instanceof Error ? e.message : String(e) });
-        }
-    });
-    app.delete("/api/mcp/servers/:name", (req, res) => {
-        try {
-            const config = loadMcpConfig();
-            const idx = config.servers.findIndex(s => s.name === req.params.name);
-            if (idx === -1) {
-                res.status(404).json({ error: "server not found" });
-                return;
-            }
-            config.servers.splice(idx, 1);
-            saveMcpConfig(config);
-            res.json({ ok: true });
-        }
-        catch (e) {
-            res.status(500).json({ error: e instanceof Error ? e.message : String(e) });
-        }
-    });
-    app.patch("/api/mcp/servers/:name/toggle", (req, res) => {
-        try {
-            const config = loadMcpConfig();
-            const srv = config.servers.find(s => s.name === req.params.name);
-            if (!srv) {
-                res.status(404).json({ error: "server not found" });
-                return;
-            }
-            srv.enabled = srv.enabled === false ? true : false;
-            saveMcpConfig(config);
-            res.json({ ok: true, enabled: srv.enabled });
-        }
-        catch (e) {
-            res.status(500).json({ error: e instanceof Error ? e.message : String(e) });
-        }
-    });
-    app.post("/api/mcp/reload", async (_req, res) => {
-        try {
-            await reloadFn();
-            res.json({ ok: true });
-        }
-        catch (err) {
-            res.status(500).json({ error: err instanceof Error ? err.message : "reload failed" });
-        }
-    });
-    return app;
-}
-before(async () => {
-    tmpDir = mkdtempSync(join(tmpdir(), "io-mcp-api-test-"));
-    configPath = join(tmpDir, "mcp.json");
-    setMcpConfigPathForTests(configPath);
-    await new Promise((resolve) => {
-        server = buildMcpApp().listen(0, "127.0.0.1", () => {
-            port = server.address().port;
-            resolve();
-        });
-    });
-});
-after(async () => {
-    await new Promise((resolve, reject) => server.close((e) => e ? reject(e) : resolve()));
-    resetMcpConfigPath();
-    rmSync(tmpDir, { recursive: true, force: true });
-});
-beforeEach(() => {
-    // Reset config file between tests
-    saveMcpConfig({ servers: [] });
-});
-// ── Tests ─────────────────────────────────────────────────────────────────────
-describe("GET /api/mcp/servers", () => {
-    it("returns empty array when no servers configured", async () => {
-        const res = await req("GET", port, "/api/mcp/servers");
-        assert.equal(res.status, 200);
-        assert.deepEqual(res.body.servers, []);
-    });
-    it("returns configured servers", async () => {
-        saveMcpConfig({ servers: [{ name: "figma", command: "npx", enabled: true }] });
-        const res = await req("GET", port, "/api/mcp/servers");
-        assert.equal(res.status, 200);
-        const { servers } = res.body;
-        assert.equal(servers.length, 1);
-        assert.equal(servers[0].name, "figma");
-    });
-});
-describe("POST /api/mcp/servers", () => {
-    it("creates a stdio server successfully", async () => {
-        const res = await req("POST", port, "/api/mcp/servers", {
-            name: "github",
-            command: "npx",
-            args: ["-y", "@modelcontextprotocol/server-github"],
-        });
-        assert.equal(res.status, 201);
-        assert.equal(res.body.ok, true);
-        const config = loadMcpConfig();
-        assert.equal(config.servers.length, 1);
-        assert.equal(config.servers[0].name, "github");
-        assert.equal(config.servers[0].command, "npx");
-        assert.deepEqual(config.servers[0].args, ["-y", "@modelcontextprotocol/server-github"]);
-        assert.equal(config.servers[0].enabled, true);
-    });
-    it("creates an SSE server successfully", async () => {
-        const res = await req("POST", port, "/api/mcp/servers", {
-            name: "postgres",
-            url: "http://localhost:3001/sse",
-        });
-        assert.equal(res.status, 201);
-        const config = loadMcpConfig();
-        assert.equal(config.servers[0].url, "http://localhost:3001/sse");
-    });
-    it("returns 400 when name is missing", async () => {
-        const res = await req("POST", port, "/api/mcp/servers", { command: "npx" });
-        assert.equal(res.status, 400);
-        assert.ok(res.body.error.includes("name"));
-    });
-    it("returns 400 when both command and url are missing", async () => {
-        const res = await req("POST", port, "/api/mcp/servers", { name: "bad-server" });
-        assert.equal(res.status, 400);
-        assert.ok(res.body.error.includes("command"));
-    });
-    it("returns 409 for duplicate server name", async () => {
-        saveMcpConfig({ servers: [{ name: "figma", command: "npx" }] });
-        const res = await req("POST", port, "/api/mcp/servers", { name: "figma", command: "npx" });
-        assert.equal(res.status, 409);
-        assert.ok(res.body.error.includes("already exists"));
-    });
-});
-describe("DELETE /api/mcp/servers/:name", () => {
-    it("removes an existing server", async () => {
-        saveMcpConfig({ servers: [{ name: "figma", command: "npx" }, { name: "postgres", url: "http://localhost/sse" }] });
-        const res = await req("DELETE", port, "/api/mcp/servers/figma");
-        assert.equal(res.status, 200);
-        assert.equal(res.body.ok, true);
-        const config = loadMcpConfig();
-        assert.equal(config.servers.length, 1);
-        assert.equal(config.servers[0].name, "postgres");
-    });
-    it("returns 404 for unknown server", async () => {
-        const res = await req("DELETE", port, "/api/mcp/servers/nonexistent");
-        assert.equal(res.status, 404);
-        assert.ok(res.body.error.includes("not found"));
-    });
-});
-describe("PATCH /api/mcp/servers/:name/toggle", () => {
-    it("disables an enabled server", async () => {
-        saveMcpConfig({ servers: [{ name: "figma", command: "npx", enabled: true }] });
-        const res = await req("PATCH", port, "/api/mcp/servers/figma/toggle");
-        assert.equal(res.status, 200);
-        assert.equal(res.body.enabled, false);
-        assert.equal(loadMcpConfig().servers[0].enabled, false);
-    });
-    it("enables a disabled server", async () => {
-        saveMcpConfig({ servers: [{ name: "figma", command: "npx", enabled: false }] });
-        const res = await req("PATCH", port, "/api/mcp/servers/figma/toggle");
-        assert.equal(res.status, 200);
-        assert.equal(res.body.enabled, true);
-    });
-    it("returns 404 for unknown server", async () => {
-        const res = await req("PATCH", port, "/api/mcp/servers/nonexistent/toggle");
-        assert.equal(res.status, 404);
-        assert.ok(res.body.error.includes("not found"));
-    });
-});
-describe("POST /api/mcp/reload", () => {
-    it("calls reload function and returns ok", async () => {
-        let reloadCalled = false;
-        const app = buildMcpApp(async () => { reloadCalled = true; });
-        await new Promise((resolve, reject) => {
-            const s = app.listen(0, "127.0.0.1", async () => {
-                const p = s.address().port;
-                try {
-                    const res = await req("POST", p, "/api/mcp/reload");
-                    assert.equal(res.status, 200);
-                    assert.equal(res.body.ok, true);
-                    assert.ok(reloadCalled, "reload function should have been called");
-                }
-                finally {
-                    s.close(() => resolve());
-                }
-            });
-            s.on("error", reject);
-        });
-    });
-    it("returns 500 when reload throws", async () => {
-        const app = buildMcpApp(async () => { throw new Error("init failed"); });
-        await new Promise((resolve, reject) => {
-            const s = app.listen(0, "127.0.0.1", async () => {
-                const p = s.address().port;
-                try {
-                    const res = await req("POST", p, "/api/mcp/reload");
-                    assert.equal(res.status, 500);
-                    assert.ok(res.body.error.includes("init failed"));
-                }
-                finally {
-                    s.close(() => resolve());
-                }
-            });
-            s.on("error", reject);
-        });
-    });
-});
-//# sourceMappingURL=mcp.test.js.map

package/dist/api/wiki.test.js

@@ -1,283 +0,0 @@
-/**
- * Integration tests for Wiki API endpoints (#312).
- * Tests POST, PUT, DELETE endpoints for wiki pages.
- */
-import { describe, it, before, after, afterEach } from "node:test";
-import assert from "node:assert/strict";
-import http from "node:http";
-import express from "express";
-import { listPages, readPage, writePage, deletePage, assertPagePath, ensureWikiStructure, } from "../wiki/fs.js";
-// ── Helpers ───────────────────────────────────────────────────────────────────
-function req(method, port, path, body) {
-    return new Promise((resolve, reject) => {
-        const payload = body !== undefined ? JSON.stringify(body) : undefined;
-        const options = {
-            hostname: "127.0.0.1",
-            port,
-            path,
-            method,
-            headers: {
-                ...(payload ? { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(payload) } : {}),
-            },
-        };
-        const r = http.request(options, (res) => {
-            let data = "";
-            res.on("data", (chunk) => { data += chunk; });
-            res.on("end", () => {
-                try {
-                    resolve({ status: res.statusCode ?? 0, body: data ? JSON.parse(data) : {} });
-                }
-                catch {
-                    resolve({ status: res.statusCode ?? 0, body: data });
-                }
-            });
-        });
-        r.on("error", reject);
-        if (payload)
-            r.write(payload);
-        r.end();
-    });
-}
-// ── Server Setup ──────────────────────────────────────────────────────────────
-function createTestServer() {
-    const app = express();
-    app.use(express.json());
-    // Wiki list
-    app.get("/api/wiki", (_req, res) => {
-        try {
-            const pages = listPages();
-            const result = pages.map((pagePath) => {
-                const pageContent = readPage(pagePath);
-                const title = pageContent?.match(/^#\s+(.+)/m)?.[1]?.trim() ?? pagePath;
-                return { path: pagePath, title };
-            });
-            res.json({ pages: result });
-        }
-        catch (e) {
-            res.status(500).json({ error: "Failed to list wiki pages" });
-        }
-    });
-    // Wiki read
-    app.get("/api/wiki/*path", (req, res) => {
-        const pagePath = Array.isArray(req.params.path) ? req.params.path.join("/") : req.params.path;
-        if (!pagePath) {
-            res.status(400).json({ error: "Missing page path" });
-            return;
-        }
-        const pageContent = readPage(pagePath);
-        if (pageContent === undefined) {
-            res.status(404).json({ error: "Page not found" });
-            return;
-        }
-        res.json({ path: pagePath, content: pageContent });
-    });
-    // Wiki create
-    app.post("/api/wiki", (req, res) => {
-        const { path: pagePath, content } = req.body;
-        if (!pagePath || typeof pagePath !== "string") {
-            res.status(400).json({ error: "Missing page path" });
-            return;
-        }
-        if (content === undefined || typeof content !== "string") {
-            res.status(400).json({ error: "Missing page content" });
-            return;
-        }
-        try {
-            assertPagePath(pagePath);
-        }
-        catch (e) {
-            res.status(400).json({ error: e.message });
-            return;
-        }
-        if (readPage(pagePath) !== undefined) {
-            res.status(409).json({ error: "Page already exists" });
-            return;
-        }
-        writePage(pagePath, content);
-        res.status(201).json({ path: pagePath, content });
-    });
-    // Wiki update
-    app.put("/api/wiki/*path", (req, res) => {
-        const pagePath = Array.isArray(req.params.path) ? req.params.path.join("/") : req.params.path;
-        if (!pagePath) {
-            res.status(400).json({ error: "Missing page path" });
-            return;
-        }
-        const { content } = req.body;
-        if (content === undefined || typeof content !== "string") {
-            res.status(400).json({ error: "Missing page content" });
-            return;
-        }
-        try {
-            assertPagePath(pagePath);
-        }
-        catch (e) {
-            res.status(400).json({ error: e.message });
-            return;
-        }
-        if (readPage(pagePath) === undefined) {
-            res.status(404).json({ error: "Page not found" });
-            return;
-        }
-        writePage(pagePath, content);
-        res.json({ path: pagePath, content });
-    });
-    // Wiki delete
-    app.delete("/api/wiki/*path", (req, res) => {
-        const pagePath = Array.isArray(req.params.path) ? req.params.path.join("/") : req.params.path;
-        if (!pagePath) {
-            res.status(400).json({ error: "Missing page path" });
-            return;
-        }
-        try {
-            assertPagePath(pagePath);
-        }
-        catch (e) {
-            res.status(400).json({ error: e.message });
-            return;
-        }
-        const deleted = deletePage(pagePath);
-        if (!deleted) {
-            res.status(404).json({ error: "Page not found" });
-            return;
-        }
-        res.status(204).send();
-    });
-    // Wiki categories
-    app.get("/api/wiki-categories", (_req, res) => {
-        res.json({ categories: ["preferences", "projects", "people", "general", "squads"] });
-    });
-    return app;
-}
-// ── Tests ─────────────────────────────────────────────────────────────────────
-describe("Wiki API Endpoints", () => {
-    let server;
-    let port;
-    const testPagePath = `pages/general/test-wiki-api-${Date.now()}.md`;
-    before(() => {
-        ensureWikiStructure();
-        const app = createTestServer();
-        server = app.listen(0);
-        port = server.address().port;
-    });
-    after(() => {
-        server.close();
-        // Clean up test page if exists
-        try {
-            deletePage(testPagePath);
-        }
-        catch { /* ignore */ }
-    });
-    afterEach(() => {
-        // Clean up test page after each test
-        try {
-            deletePage(testPagePath);
-        }
-        catch { /* ignore */ }
-    });
-    describe("GET /api/wiki", () => {
-        it("returns list of wiki pages", async () => {
-            const { status, body } = await req("GET", port, "/api/wiki");
-            assert.equal(status, 200);
-            assert.ok(Array.isArray(body.pages));
-        });
-    });
-    describe("GET /api/wiki-categories", () => {
-        it("returns available categories", async () => {
-            const { status, body } = await req("GET", port, "/api/wiki-categories");
-            assert.equal(status, 200);
-            const categories = body.categories;
-            assert.ok(categories.includes("general"));
-            assert.ok(categories.includes("projects"));
-            assert.ok(categories.includes("preferences"));
-        });
-    });
-    describe("POST /api/wiki", () => {
-        it("creates a new wiki page", async () => {
-            const { status, body } = await req("POST", port, "/api/wiki", {
-                path: testPagePath,
-                content: "# Test Page\n\nThis is a test.",
-            });
-            assert.equal(status, 201);
-            assert.equal(body.path, testPagePath);
-            // Verify it was created
-            const page = readPage(testPagePath);
-            assert.ok(page?.includes("# Test Page"));
-        });
-        it("returns 409 if page already exists", async () => {
-            writePage(testPagePath, "# Existing");
-            const { status, body } = await req("POST", port, "/api/wiki", {
-                path: testPagePath,
-                content: "# New Content",
-            });
-            assert.equal(status, 409);
-            assert.equal(body.error, "Page already exists");
-        });
-        it("returns 400 for missing path", async () => {
-            const { status } = await req("POST", port, "/api/wiki", {
-                content: "# Test",
-            });
-            assert.equal(status, 400);
-        });
-        it("returns 400 for missing content", async () => {
-            const { status } = await req("POST", port, "/api/wiki", {
-                path: testPagePath,
-            });
-            assert.equal(status, 400);
-        });
-        it("returns 400 for invalid path (not under pages/)", async () => {
-            const { status, body } = await req("POST", port, "/api/wiki", {
-                path: "invalid/path.md",
-                content: "# Test",
-            });
-            assert.equal(status, 400);
-            assert.ok(body.error.includes("pages/"));
-        });
-    });
-    describe("PUT /api/wiki/*path", () => {
-        it("updates an existing wiki page", async () => {
-            writePage(testPagePath, "# Original Content");
-            const { status, body } = await req("PUT", port, `/api/wiki/${testPagePath}`, {
-                content: "# Updated Content\n\nNew text here.",
-            });
-            assert.equal(status, 200);
-            assert.equal(body.path, testPagePath);
-            // Verify it was updated
-            const page = readPage(testPagePath);
-            assert.ok(page?.includes("Updated Content"));
-        });
-        it("returns 404 if page does not exist", async () => {
-            const { status, body } = await req("PUT", port, `/api/wiki/${testPagePath}`, {
-                content: "# New Content",
-            });
-            assert.equal(status, 404);
-            assert.equal(body.error, "Page not found");
-        });
-        it("returns 400 for missing content", async () => {
-            writePage(testPagePath, "# Original");
-            const { status } = await req("PUT", port, `/api/wiki/${testPagePath}`, {});
-            assert.equal(status, 400);
-        });
-    });
-    describe("DELETE /api/wiki/*path", () => {
-        it("deletes an existing wiki page", async () => {
-            writePage(testPagePath, "# To Delete");
-            const { status } = await req("DELETE", port, `/api/wiki/${testPagePath}`);
-            assert.equal(status, 204);
-            // Verify it was deleted
-            const page = readPage(testPagePath);
-            assert.equal(page, undefined);
-        });
-        it("returns 404 if page does not exist", async () => {
-            const { status, body } = await req("DELETE", port, `/api/wiki/${testPagePath}`);
-            assert.equal(status, 404);
-            assert.equal(body.error, "Page not found");
-        });
-        it("returns 400 for invalid path", async () => {
-            const { status, body } = await req("DELETE", port, "/api/wiki/invalid-path.md");
-            assert.equal(status, 400);
-            assert.ok(body.error.includes("pages/"));
-        });
-    });
-});
-//# sourceMappingURL=wiki.test.js.map

package/dist/auth/session-logic.js

@@ -1,79 +0,0 @@
-/**
- * Pure session-handling logic extracted from web/src/stores/auth.ts.
- *
- * These functions contain the core behavioral decisions made across four
- * consecutive auth patches (#189→#192→#194→#196) that fixed undocumented
- * Supabase JS v2 side-effects. They are expressed as framework-agnostic
- * functions so they can be unit-tested with the Node test runner without
- * requiring Vue or Pinia.
- *
- * The authoritative implementation lives in web/src/stores/auth.ts.
- * Any change to the auth store's session logic MUST be reflected here and
- * all tests in session-logic.test.ts must continue to pass.
- */
-/**
- * Mirrors the onAuthStateChange handler in web/src/stores/auth.ts.
- *
- * Decision: only SIGNED_OUT clears the cached session. All other events that
- * fire with a null session (TOKEN_REFRESHED failure, lock timeout, internal
- * reconciliation) are intentionally ignored to prevent cache poisoning.
- *
- * See squad decision 2026-05-16 03:17:52 and issue #193.
- */
-export function handleAuthStateChange(cachedSession, event, newSession) {
-    if (newSession) {
-        // Accept any valid session regardless of event type
-        return newSession;
-    }
-    if (event === "SIGNED_OUT") {
-        // Only explicit sign-out clears the cache
-        return null;
-    }
-    // All other null-session events: leave the existing cache untouched
-    return cachedSession;
-}
-/**
- * Mirrors getAccessToken() in web/src/stores/auth.ts.
- *
- * Decisions:
- * - Reads from cached session — NEVER calls getSession() (Supabase JS v2
- *   side-effect: can fire onAuthStateChange(null) during reconciliation).
- * - Proactively refreshes when within 30 seconds of expiry.
- * - Falls back to refreshSession() if cache is null and auth is enabled.
- * - Returns null when auth is disabled.
- *
- * See squad decisions 2026-05-16 02:23:38, 2026-05-16 03:16:46 and issues
- * #191, #193.
- */
-export async function getAccessToken(cachedSession, authEnabled, refresh, now = Date.now) {
-    if (cachedSession?.access_token) {
-        // Proactively refresh when within 30 seconds of expiry
-        if (cachedSession.expires_at !== undefined &&
-            cachedSession.expires_at * 1000 - now() < 30_000) {
-            try {
-                const fresh = await refresh();
-                if (fresh)
-                    return fresh.access_token;
-            }
-            catch {
-                // fall through to cached token
-            }
-        }
-        return cachedSession.access_token;
-    }
-    // No cached session — attempt recovery if auth is enabled.
-    // Handles the edge case where the cache was spuriously cleared but a
-    // valid refresh token still exists in storage.
-    if (authEnabled) {
-        try {
-            const fresh = await refresh();
-            if (fresh)
-                return fresh.access_token;
-        }
-        catch {
-            // fall through to null
-        }
-    }
-    return null;
-}
-//# sourceMappingURL=session-logic.js.map