npm - hostfn - Versions diffs - 0.1.0 → 0.1.2 - Mend

hostfn 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (179) hide show

package/dist/__tests__/core/backup.test.d.ts +2 -0
package/dist/__tests__/core/backup.test.d.ts.map +1 -0
package/dist/__tests__/core/backup.test.js +108 -0
package/dist/__tests__/core/backup.test.js.map +1 -0
package/dist/__tests__/core/health.test.d.ts +2 -0
package/dist/__tests__/core/health.test.d.ts.map +1 -0
package/dist/__tests__/core/health.test.js +97 -0
package/dist/__tests__/core/health.test.js.map +1 -0
package/dist/__tests__/core/lock.test.d.ts +2 -0
package/dist/__tests__/core/lock.test.d.ts.map +1 -0
package/dist/__tests__/core/lock.test.js +136 -0
package/dist/__tests__/core/lock.test.js.map +1 -0
package/dist/__tests__/core/nginx-multi-domain.test.d.ts +2 -0
package/dist/__tests__/core/nginx-multi-domain.test.d.ts.map +1 -0
package/dist/__tests__/core/nginx-multi-domain.test.js +158 -0
package/dist/__tests__/core/nginx-multi-domain.test.js.map +1 -0
package/dist/__tests__/runtimes/pm2.test.d.ts +2 -0
package/dist/__tests__/runtimes/pm2.test.d.ts.map +1 -0
package/dist/__tests__/runtimes/pm2.test.js +111 -0
package/dist/__tests__/runtimes/pm2.test.js.map +1 -0
package/dist/__tests__/utils/validation.test.d.ts +2 -0
package/dist/__tests__/utils/validation.test.d.ts.map +1 -0
package/dist/__tests__/utils/validation.test.js +136 -0
package/dist/__tests__/utils/validation.test.js.map +1 -0
package/dist/commands/deploy.d.ts +11 -0
package/dist/commands/deploy.d.ts.map +1 -0
package/dist/commands/deploy.js +636 -0
package/dist/commands/deploy.js.map +1 -0
package/dist/commands/env.d.ts +21 -0
package/dist/commands/env.d.ts.map +1 -0
package/dist/commands/env.js +317 -0
package/dist/commands/env.js.map +1 -0
package/dist/commands/expose.d.ts +6 -0
package/dist/commands/expose.d.ts.map +1 -0
package/dist/commands/expose.js +379 -0
package/dist/commands/expose.js.map +1 -0
package/dist/commands/init.d.ts +2 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +175 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/logs.d.ts +10 -0
package/dist/commands/logs.d.ts.map +1 -0
package/dist/commands/logs.js +75 -0
package/dist/commands/logs.js.map +1 -0
package/dist/commands/rollback.d.ts +6 -0
package/dist/commands/rollback.d.ts.map +1 -0
package/dist/commands/rollback.js +113 -0
package/dist/commands/rollback.js.map +1 -0
package/dist/commands/server/info.d.ts +2 -0
package/dist/commands/server/info.d.ts.map +1 -0
package/dist/commands/server/info.js +104 -0
package/dist/commands/server/info.js.map +1 -0
package/dist/commands/server/setup.d.ts +11 -0
package/dist/commands/server/setup.d.ts.map +1 -0
package/dist/commands/server/setup.js +161 -0
package/dist/commands/server/setup.js.map +1 -0
package/dist/commands/status.d.ts +6 -0
package/dist/commands/status.d.ts.map +1 -0
package/dist/commands/status.js +120 -0
package/dist/commands/status.js.map +1 -0
package/dist/config/loader.d.ts +21 -0
package/dist/config/loader.d.ts.map +1 -0
package/dist/config/loader.js +54 -0
package/dist/config/loader.js.map +1 -0
package/dist/config/schema.d.ts +323 -0
package/dist/config/schema.d.ts.map +1 -0
package/dist/config/schema.js +108 -0
package/dist/config/schema.js.map +1 -0
package/dist/core/backup.d.ts +34 -0
package/dist/core/backup.d.ts.map +1 -0
package/dist/core/backup.js +95 -0
package/dist/core/backup.js.map +1 -0
package/dist/core/health.d.ts +31 -0
package/dist/core/health.d.ts.map +1 -0
package/dist/core/health.js +78 -0
package/dist/core/health.js.map +1 -0
package/dist/core/local.d.ts +19 -0
package/dist/core/local.d.ts.map +1 -0
package/dist/core/local.js +50 -0
package/dist/core/local.js.map +1 -0
package/dist/core/lock.d.ts +28 -0
package/dist/core/lock.d.ts.map +1 -0
package/dist/core/lock.js +89 -0
package/dist/core/lock.js.map +1 -0
package/dist/core/nginx.d.ts +43 -0
package/dist/core/nginx.d.ts.map +1 -0
package/dist/core/nginx.js +131 -0
package/dist/core/nginx.js.map +1 -0
package/dist/core/ssh.d.ts +79 -0
package/dist/core/ssh.d.ts.map +1 -0
package/dist/core/ssh.js +264 -0
package/dist/core/ssh.js.map +1 -0
package/dist/core/sync.d.ts +25 -0
package/dist/core/sync.d.ts.map +1 -0
package/dist/core/sync.js +117 -0
package/dist/core/sync.js.map +1 -0
package/dist/core/workspace.d.ts +13 -0
package/dist/core/workspace.d.ts.map +1 -0
package/dist/core/workspace.js +141 -0
package/dist/core/workspace.js.map +1 -0
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +232 -0
package/dist/index.js.map +1 -0
package/dist/runtimes/base.d.ts +115 -0
package/dist/runtimes/base.d.ts.map +1 -0
package/dist/runtimes/base.js +16 -0
package/dist/runtimes/base.js.map +1 -0
package/dist/runtimes/nodejs/detector.d.ts +47 -0
package/dist/runtimes/nodejs/detector.d.ts.map +1 -0
package/dist/runtimes/nodejs/detector.js +143 -0
package/dist/runtimes/nodejs/detector.js.map +1 -0
package/dist/runtimes/nodejs/index.d.ts +14 -0
package/dist/runtimes/nodejs/index.d.ts.map +1 -0
package/dist/runtimes/nodejs/index.js +213 -0
package/dist/runtimes/nodejs/index.js.map +1 -0
package/dist/runtimes/nodejs/pm2.d.ts +17 -0
package/dist/runtimes/nodejs/pm2.d.ts.map +1 -0
package/dist/runtimes/nodejs/pm2.js +60 -0
package/dist/runtimes/nodejs/pm2.js.map +1 -0
package/dist/runtimes/registry.d.ts +34 -0
package/dist/runtimes/registry.d.ts.map +1 -0
package/dist/runtimes/registry.js +58 -0
package/dist/runtimes/registry.js.map +1 -0
package/dist/utils/logger.d.ts +47 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +76 -0
package/dist/utils/logger.js.map +1 -0
package/dist/utils/validation.d.ts +32 -0
package/dist/utils/validation.d.ts.map +1 -0
package/dist/utils/validation.js +125 -0
package/dist/utils/validation.js.map +1 -0
package/package.json +34 -20
package/{packages/cli/src → src}/__tests__/runtimes/pm2.test.ts +2 -2
package/{packages/cli/src → src}/commands/deploy.ts +39 -23
package/{packages/cli/src → src}/commands/env.ts +19 -6
package/{packages/cli/src → src}/commands/expose.ts +20 -6
package/{packages/cli/src → src}/commands/logs.ts +8 -4
package/{packages/cli/src → src}/commands/rollback.ts +8 -6
package/{packages/cli/src → src}/commands/status.ts +7 -3
package/LICENSE +0 -21
package/README.md +0 -1136
package/_conduct/specs/1.v0.spec.md +0 -1041
package/examples/express-api/package.json +0 -22
package/examples/express-api/src/index.ts +0 -16
package/examples/express-api/tsconfig.json +0 -11
package/examples/github-actions-deploy.yml +0 -40
package/examples/monorepo-config.json +0 -76
package/examples/monorepo-multi-server-config.json +0 -74
package/packages/cli/package.json +0 -40
package/turbo.json +0 -24
/package/{packages/cli/src → src}/__tests__/core/backup.test.ts +0 -0
/package/{packages/cli/src → src}/__tests__/core/health.test.ts +0 -0
/package/{packages/cli/src → src}/__tests__/core/lock.test.ts +0 -0
/package/{packages/cli/src → src}/__tests__/core/nginx-multi-domain.test.ts +0 -0
/package/{packages/cli/src → src}/__tests__/utils/validation.test.ts +0 -0
/package/{packages/cli/src → src}/commands/init.ts +0 -0
/package/{packages/cli/src → src}/commands/server/info.ts +0 -0
/package/{packages/cli/src → src}/commands/server/setup.ts +0 -0
/package/{packages/cli/src → src}/config/loader.ts +0 -0
/package/{packages/cli/src → src}/config/schema.ts +0 -0
/package/{packages/cli/src → src}/core/backup.ts +0 -0
/package/{packages/cli/src → src}/core/health.ts +0 -0
/package/{packages/cli/src → src}/core/local.ts +0 -0
/package/{packages/cli/src → src}/core/lock.ts +0 -0
/package/{packages/cli/src → src}/core/nginx.ts +0 -0
/package/{packages/cli/src → src}/core/ssh.ts +0 -0
/package/{packages/cli/src → src}/core/sync.ts +0 -0
/package/{packages/cli/src → src}/core/workspace.ts +0 -0
/package/{packages/cli/src → src}/index.ts +0 -0
/package/{packages/cli/src → src}/runtimes/base.ts +0 -0
/package/{packages/cli/src → src}/runtimes/nodejs/detector.ts +0 -0
/package/{packages/cli/src → src}/runtimes/nodejs/index.ts +0 -0
/package/{packages/cli/src → src}/runtimes/nodejs/pm2.ts +0 -0
/package/{packages/cli/src → src}/runtimes/registry.ts +0 -0
/package/{packages/cli/src → src}/utils/logger.ts +0 -0
/package/{packages/cli/src → src}/utils/validation.ts +0 -0
/package/{packages/cli/tsconfig.json → tsconfig.json} +0 -0
/package/{packages/cli/vitest.config.ts → vitest.config.ts} +0 -0

package/dist/utils/validation.js ADDED Viewed

@@ -0,0 +1,125 @@
+import { Logger } from './logger.js';
+/**
+ * Validation utilities
+ */
+/**
+ * Validate SSH connection string format
+ */
+export function validateSSHConnection(connectionString) {
+    const regex = /^([^@]+)@([^:]+)(?::(\d+))?$/;
+    if (!regex.test(connectionString)) {
+        Logger.error(`Invalid SSH connection string: ${connectionString}`);
+        Logger.info('Expected format: user@host or user@host:port');
+        Logger.info('Examples:');
+        Logger.log('  ubuntu@123.45.67.89');
+        Logger.log('  ubuntu@myserver.com:2222');
+        return false;
+    }
+    return true;
+}
+/**
+ * Validate HTTP URL format
+ */
+export function validateHttpUrl(url) {
+    try {
+        const parsed = new URL(url);
+        if (!['http:', 'https:'].includes(parsed.protocol)) {
+            Logger.error(`Invalid URL protocol: ${parsed.protocol}`);
+            Logger.info('Expected: http:// or https://');
+            return false;
+        }
+        return true;
+    }
+    catch (error) {
+        Logger.error(`Invalid URL format: ${url}`);
+        Logger.info('Expected format: http://host:port/path');
+        return false;
+    }
+}
+/**
+ * Validate environment name
+ */
+export function validateEnvironmentName(name) {
+    const regex = /^[a-zA-Z0-9_-]+$/;
+    if (!regex.test(name)) {
+        Logger.error(`Invalid environment name: ${name}`);
+        Logger.info('Environment names can only contain: a-z, A-Z, 0-9, _, -');
+        Logger.info('Examples: production, staging, dev, prod-eu');
+        return false;
+    }
+    return true;
+}
+/**
+ * Validate port number
+ */
+export function validatePort(port) {
+    if (port < 1 || port > 65535) {
+        Logger.error(`Invalid port number: ${port}`);
+        Logger.info('Port must be between 1 and 65535');
+        return false;
+    }
+    if (port < 1024) {
+        Logger.warn(`Port ${port} is privileged (< 1024) - may require sudo`);
+    }
+    return true;
+}
+/**
+ * Validate Node.js version format
+ */
+export function validateNodeVersion(version) {
+    const regex = /^\d+(\.\d+)?(\.\d+)?$/;
+    if (!regex.test(version)) {
+        Logger.error(`Invalid Node.js version: ${version}`);
+        Logger.info('Expected format: 18 or 18.19 or 18.19.0');
+        return false;
+    }
+    const major = parseInt(version.split('.')[0]);
+    if (major < 14) {
+        Logger.warn(`Node.js ${version} is very old - consider using 18 or 20`);
+    }
+    return true;
+}
+/**
+ * Validate application name
+ */
+export function validateAppName(name) {
+    const regex = /^[a-zA-Z0-9_-]+$/;
+    if (!regex.test(name)) {
+        Logger.error(`Invalid application name: ${name}`);
+        Logger.info('Names can only contain: a-z, A-Z, 0-9, _, -');
+        Logger.info('Examples: my-app, api_server, webapp-v2');
+        return false;
+    }
+    if (name.length < 2) {
+        Logger.error('Application name must be at least 2 characters');
+        return false;
+    }
+    if (name.length > 50) {
+        Logger.error('Application name must be less than 50 characters');
+        return false;
+    }
+    return true;
+}
+/**
+ * Validate remote directory path
+ */
+export function validateRemotePath(path) {
+    if (!path.startsWith('/')) {
+        Logger.error(`Remote path must be absolute: ${path}`);
+        Logger.info('Example: /var/www/my-app');
+        return false;
+    }
+    if (path.includes('..')) {
+        Logger.error('Remote path cannot contain ..');
+        return false;
+    }
+    // Warn about dangerous paths
+    const dangerousPaths = ['/', '/etc', '/bin', '/usr', '/var/log', '/root', '/home'];
+    if (dangerousPaths.includes(path)) {
+        Logger.error(`Refusing to deploy to system directory: ${path}`);
+        Logger.info('Use a subdirectory like /var/www/my-app');
+        return false;
+    }
+    return true;
+}
+//# sourceMappingURL=validation.js.map

package/dist/utils/validation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validation.js","sourceRoot":"","sources":["../../src/utils/validation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC;;GAEG;AAEH;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,gBAAwB;IAC5D,MAAM,KAAK,GAAG,8BAA8B,CAAC;IAE7C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,kCAAkC,gBAAgB,EAAE,CAAC,CAAC;QACnE,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACzB,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACpC,MAAM,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,CAAC,KAAK,CAAC,yBAAyB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzD,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC7C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,uBAAuB,GAAG,EAAE,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAY;IAClD,MAAM,KAAK,GAAG,kBAAkB,CAAC;IAEjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACtB,MAAM,CAAC,KAAK,CAAC,6BAA6B,IAAI,EAAE,CAAC,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QACvE,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC;QAC7C,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,IAAI,GAAG,IAAI,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,4CAA4C,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,MAAM,KAAK,GAAG,uBAAuB,CAAC;IAEtC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzB,MAAM,CAAC,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9C,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,WAAW,OAAO,wCAAwC,CAAC,CAAC;IAC1E,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,IAAY;IAC1C,MAAM,KAAK,GAAG,kBAAkB,CAAC;IAEjC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACtB,MAAM,CAAC,KAAK,CAAC,6BAA6B,IAAI,EAAE,CAAC,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC3D,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACrB,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC7C,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,CAAC,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACxC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,6BAA6B;IAC7B,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACnF,IAAI,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,2CAA2C,IAAI,EAAE,CAAC,CAAC;QAChE,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}

package/package.json CHANGED Viewed

@@ -1,26 +1,40 @@
 {
   "name": "hostfn",
-  "version": "0.1.0",
-  "description": "Universal application deployment CLI",
+  "version": "0.1.2",
   "license": "Apache-2.0",
-  "workspaces": [
-    "packages/*"
-  ],
+  "description": "Universal application deployment CLI",
+  "type": "module",
+  "bin": {
+    "hostfn": "./dist/index.js"
+  },
   "scripts": {
-    "build": "turbo run build",
-    "dev": "turbo run dev",
-    "lint": "turbo run lint",
-    "test": "turbo run test",
-    "clean": "turbo run clean && rm -rf node_modules"
+    "dev": "tsx watch src/index.ts",
+    "build": "tsc",
+    "clean": "rm -rf dist",
+    "lint": "tsc --noEmit",
+    "test": "vitest",
+    "test:watch": "vitest --watch",
+    "test:coverage": "vitest --coverage"
+  },
+  "dependencies": {
+    "commander": "^11.1.0",
+    "chalk": "^5.3.0",
+    "ora": "^7.0.1",
+    "inquirer": "^9.2.12",
+    "zod": "^3.22.4",
+    "ssh2": "^1.15.0",
+    "dotenv": "^16.3.1",
+    "execa": "^8.0.1"
   },
   "devDependencies": {
-    "turbo": "^1.11.0",
-    "typescript": "^5.3.0"
+    "@types/node": "^20.10.0",
+    "@types/ssh2": "^1.15.0",
+    "@types/inquirer": "^9.0.7",
+    "@vitest/coverage-v8": "^1.0.0",
+    "typescript": "^5.3.0",
+    "tsx": "^4.7.0",
+    "vitest": "^1.0.0"
   },
-  "keywords": [
-    "deployment",
-    "vps"
-  ],
   "author": "21n",
   "repository": {
     "type": "git",
@@ -29,11 +43,11 @@
   "bugs": {
     "url": "https://github.com/21nCo/hostfn/issues"
   },
+  "keywords": [
+    "deployment",
+    "vps"
+  ],
   "engines": {
     "node": ">=18.0.0"
-  },
-  "packageManager": "npm@10.2.0",
-  "dependencies": {
-    "fast-glob": "^3.3.3"
   }
 }

package/{packages/cli/src → src}/__tests__/runtimes/pm2.test.ts RENAMED Viewed

@@ -22,8 +22,8 @@ describe('PM2Manager', () => {
       expect(result).toContain("name: 'test-app-production'");
       expect(result).toContain("script: 'dist/index.js'");
-      expect(result).toContain("env_file: '.env'");
-      expect(result).toContain("NODE_ENV: 'production'");
+      // Implementation uses inline env with double quotes (JSON.stringify)
+      expect(result).toContain('NODE_ENV: "production"');
       expect(result).toContain('PORT: 3000');
       expect(result).toContain("instances: 'max'");
       expect(result).toContain("exec_mode: 'cluster'");

package/{packages/cli/src → src}/commands/deploy.ts RENAMED Viewed

@@ -181,24 +181,32 @@ async function deployMultiService(
       const servicePath = serviceConfig.path;
       const originalCwd = process.cwd();
-      // Change to service directory
-      process.chdir(servicePath);
-      // Deploy single service
-      await deploySingleService(
-        serviceSpecificConfig,
-        serviceEnvConfig,
-        environment,
-        options,
-        servicePath
-      );
-      // Restore original directory
-      process.chdir(originalCwd);
-      results.push({ service: serviceName, success: true });
-      Logger.success(`Service '${serviceName}' deployed successfully`);
-      Logger.br();
+      try {
+        // Change to service directory
+        process.chdir(servicePath);
+        // Deploy single service
+        await deploySingleService(
+          serviceSpecificConfig,
+          serviceEnvConfig,
+          environment,
+          options,
+          servicePath
+        );
+        results.push({ service: serviceName, success: true });
+        Logger.success(`Service '${serviceName}' deployed successfully`);
+        Logger.br();
+      } catch (error) {
+        // Restore original directory in case of error
+        process.chdir(originalCwd);
+        throw error;
+      } finally {
+        // Restore original directory
+        if (process.cwd() !== originalCwd) {
+          process.chdir(originalCwd);
+        }
+      }
     } catch (error) {
       const errorMsg = error instanceof Error ? error.message : String(error);
       results.push({ service: serviceName, success: false, error: errorMsg });
@@ -546,11 +554,19 @@ async function deploySingleService(
     const backupManager = new BackupManager(ssh as any, remoteDir);
     const backupSpinner = ora('Creating backup of current deployment...').start();
-    try {
-      backupPath = await backupManager.create();
-      backupSpinner.succeed(`Backup created: ${backupPath.split('/').pop()}`);
-    } catch (error) {
-      backupSpinner.warn('No existing deployment to backup');
+    // Check if there's anything to backup
+    const hasExistingDeployment = await ssh.exists(`${remoteDir}/dist`);
+    if (!hasExistingDeployment) {
+      backupSpinner.info('No existing deployment to backup');
+    } else {
+      try {
+        backupPath = await backupManager.create();
+        backupSpinner.succeed(`Backup created: ${backupPath.split('/').pop()}`);
+      } catch (error) {
+        backupSpinner.fail('Failed to create backup');
+        throw error;
+      }
     }
     Logger.br();

package/{packages/cli/src → src}/commands/env.ts RENAMED Viewed

@@ -116,6 +116,11 @@ export async function envSetCommand(
       process.exit(1);
     }
+    // Validate key format
+    if (!/^[A-Z_][A-Z0-9_]*$/.test(key)) {
+      throw new Error('Invalid key format. Must be uppercase, alphanumeric, and underscores only.');
+    }
     // Check if key already exists
     const checkResult = await ssh.exec(
       `grep -q "^${key}=" ${envFile} 2>/dev/null && echo "exists" || echo "new"`
@@ -127,15 +132,23 @@ export async function envSetCommand(
       isNew ? 'Adding variable...' : 'Updating variable...'
     ).start();
+    // Use a temporary file strategy to avoid shell injection issues with value
+    const tempFile = `/tmp/env_var_${Date.now()}`;
+    await ssh.exec(`echo "${value.replace(/"/g, '\\"')}" > ${tempFile}`);
     if (isNew) {
-      // Append new variable
-      await ssh.exec(`echo "${key}=${value}" >> ${envFile}`);
+      // Append new variable safely
+      await ssh.exec(`echo "${key}=\\"$(cat ${tempFile})\\"" >> ${envFile}`);
     } else {
-      // Update existing variable (use sed for safety)
-      await ssh.exec(
-        `sed -i.bak "s|^${key}=.*|${key}=${value}|" ${envFile}`
-      );
+      // Update existing variable safely using temp file content
+      // We use a more complex sed or awk command, or just overwrite the line
+      // Constructing safe sed is hard, so let's use grep -v to remove old and append new
+      await ssh.exec(`grep -v "^${key}=" ${envFile} > ${envFile}.tmp && mv ${envFile}.tmp ${envFile}`);
+      await ssh.exec(`echo "${key}=\\"$(cat ${tempFile})\\"" >> ${envFile}`);
     }
+    // Cleanup temp file
+    await ssh.exec(`rm ${tempFile}`);
     updateSpinner.succeed(isNew ? 'Variable added' : 'Variable updated');

package/{packages/cli/src → src}/commands/expose.ts RENAMED Viewed

@@ -94,7 +94,8 @@ export async function exposeCommand(environment: string, options: {
     if (shouldSetupSsl && domains.length > 0) {
       // Check if certificate exists for the primary domain (first in the list)
       const primaryDomain = domains[0];
-      const certCheck = await ssh.exec(`sudo test -d /etc/letsencrypt/live/${primaryDomain} && echo "exists"`);
+      const safePrimaryDomain = `'${primaryDomain.replace(/'/g, "'\\''")}'`;
+      const certCheck = await ssh.exec(`sudo test -d /etc/letsencrypt/live/${safePrimaryDomain} && echo "exists"`);
       certsExist = certCheck.stdout.trim() === 'exists';
     }
@@ -114,10 +115,16 @@ export async function exposeCommand(environment: string, options: {
         // Only include services on this server
         if (serviceEnvConfig.server === host) {
+          const port = serviceConfig.port;
+          // Validate port
+          if (!port || isNaN(Number(port)) || Number(port) < 1 || Number(port) > 65535) {
+            throw new Error(`Invalid port for service '${serviceName}': ${port}. Must be between 1 and 65535.`);
+          }
           const isDefault = !serviceConfig.exposePath;
           services.push({
             name: `${config.name}-${serviceName}`,
-            port: serviceConfig.port,
+            port: Number(port),
             exposePath: serviceConfig.exposePath,
             isDefault,
           });
@@ -136,9 +143,15 @@ export async function exposeCommand(environment: string, options: {
       Logger.section('Configuring Single Service');
       Logger.br();
+      const port = envConfig.port;
+      // Validate port
+      if (!port || isNaN(Number(port)) || Number(port) < 1 || Number(port) > 65535) {
+        throw new Error(`Invalid port for environment '${environment}': ${port}. Must be between 1 and 65535.`);
+      }
       services.push({
         name: `${config.name}-${environment}`,
-        port: envConfig.port,
+        port: Number(port),
         isDefault: true,
       });
@@ -247,7 +260,7 @@ EOF`);
     // Setup SSL if domains are configured
     if (shouldSetupSsl && domains.length > 0 && sslEmail) {
-      await setupSSL(ssh, domains, sslEmail, environment);
+      await setupSSL(ssh, host, domains, sslEmail, environment);
     }
     // Success summary
@@ -293,6 +306,7 @@ EOF`);
  */
 async function setupSSL(
   ssh: SSHConnection,
+  host: string,
   domains: string[],
   email: string,
   environment: string
@@ -371,7 +385,7 @@ async function setupSSL(
         Logger.warn('SSL expansion failed');
         Logger.info('You can manually run certbot with --expand:');
         const manualDomainFlags = domains.map(d => `-d ${d}`).join(' ');
-        Logger.command(`ssh ${ssh} "sudo certbot --nginx ${manualDomainFlags} --expand"`);
+        Logger.command(`ssh ${host} "sudo certbot --nginx ${manualDomainFlags} --expand"`);
         return;
       }
     } else {
@@ -416,7 +430,7 @@ async function setupSSL(
       Logger.warn('SSL setup failed, but nginx is still configured for HTTP');
       Logger.info('You can manually run certbot later:');
       const manualDomainFlags = domains.map(d => `-d ${d}`).join(' ');
-      Logger.command(`ssh ${ssh} "sudo certbot --nginx ${manualDomainFlags}"`);
+      Logger.command(`ssh ${host} "sudo certbot --nginx ${manualDomainFlags}"`);
       return;
     }
   }

package/{packages/cli/src → src}/commands/logs.ts RENAMED Viewed

@@ -66,9 +66,10 @@ async function fetchLogs(
   const pm2 = adapter.getProcessManager();
   const spinner = ora('Connecting to server...').start();
+  let ssh: { disconnect: () => void } | null = null;
   try {
-    const ssh = await createSSHConnection(server);
+    ssh = await createSSHConnection(server);
     spinner.succeed('Connected');
     Logger.br();
@@ -82,10 +83,10 @@ async function fetchLogs(
     }
     // Execute logs command
-    const result = await ssh.exec(logsCmd, { streaming: !options.output });
+    const result = await (ssh as any).exec(logsCmd, { streaming: !options.output });
     if (result.exitCode !== 0) {
-      Logger.error('Failed to fetch logs');
+      throw new Error(result.stderr || 'Failed to fetch logs');
     }
     // Save to file if requested
@@ -97,10 +98,13 @@ async function fetchLogs(
       Logger.kv('Size', `${(result.stdout.length / 1024).toFixed(2)} KB`);
     }
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Failed to get logs');
     Logger.error(error instanceof Error ? error.message : String(error));
     process.exit(1);
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }

package/{packages/cli/src → src}/commands/rollback.ts RENAMED Viewed

@@ -28,14 +28,15 @@ export async function rollbackCommand(
   const serviceName = `${config.name}-${environment}`;
   const spinner = ora('Connecting to server...').start();
+  let ssh: { disconnect: () => void } | null = null;
   try {
-    const ssh = await createSSHConnection(envConfig.server);
+    ssh = await createSSHConnection(envConfig.server);
     spinner.succeed('Connected');
     Logger.br();
-    const backupManager = new BackupManager(ssh, remoteDir);
+    const backupManager = new BackupManager(ssh as any, remoteDir);
     // List available backups
     const listSpinner = ora('Fetching available backups...').start();
@@ -44,7 +45,6 @@ export async function rollbackCommand(
     if (backups.length === 0) {
       Logger.warn('No backups available');
-      ssh.disconnect();
       return;
     }
@@ -96,7 +96,6 @@ export async function rollbackCommand(
     if (!confirm) {
       Logger.info('Rollback cancelled');
-      ssh.disconnect();
       return;
     }
@@ -112,7 +111,7 @@ export async function rollbackCommand(
     const pm2 = adapter.getProcessManager();
     const reloadSpinner = ora('Reloading service...').start();
-    const reloadResult = await ssh.exec(
+    const reloadResult = await (ssh as any).exec(
       pm2.generateReloadCommand(serviceName),
       { cwd: remoteDir }
     );
@@ -133,10 +132,13 @@ export async function rollbackCommand(
     Logger.command(`hostfn status ${environment}`);
     Logger.br();
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Rollback failed');
     Logger.error(error instanceof Error ? error.message : String(error));
     process.exit(1);
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }

package/{packages/cli/src → src}/commands/status.ts RENAMED Viewed

@@ -75,15 +75,16 @@ async function showServiceStatus(
   displayName?: string
 ): Promise<void> {
   const spinner = ora(`Fetching status for ${displayName || serviceName}...`).start();
+  let ssh: { disconnect: () => void } | null = null;
   try {
-    const ssh = await createSSHConnection(server);
+    ssh = await createSSHConnection(server);
     spinner.succeed('Connected');
     Logger.br();
     // Get PM2 service details
-    const result = await ssh.exec(`pm2 jlist | jq '.[] | select(.name=="${serviceName}")'`);
+    const result = await (ssh as any).exec(`pm2 jlist | jq '.[] | select(.name=="${serviceName}")'`);
     if (result.stdout.trim()) {
       const service = JSON.parse(result.stdout);
@@ -129,10 +130,13 @@ async function showServiceStatus(
       Logger.info('Has the service been deployed?');
     }
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Failed to get status');
     throw error;
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }

package/LICENSE DELETED Viewed

@@ -1,21 +0,0 @@
-MIT License
-Copyright (c) 2025 21n
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.