npm - hyperclaw - Versions diffs - 4.0.0 → 4.0.2 - Mend

hyperclaw 4.0.0 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/README.md +53 -18
package/dist/a2ui-protocol-CT_jDEU9.js +75 -0
package/dist/agents-routing-683Q2JGp.js +129 -0
package/dist/agents-routing-BpZBswBH.js +4 -0
package/dist/api-keys-guide-Bzig1R5W.js +149 -0
package/dist/api-keys-guide-Dq5Obbp4.js +149 -0
package/dist/audit-BYxPlnTQ.js +248 -0
package/dist/bounty-tools-C6LyzxM-.js +211 -0
package/dist/browser-tools-CQBSbIuO.js +5 -0
package/dist/browser-tools-YQmwRLLM.js +179 -0
package/dist/claw-tasks-BRLUvFRD.js +80 -0
package/dist/connector-3HnyH8fn.js +167 -0
package/dist/connector-6PMZo5Ky.js +189 -0
package/dist/connector-B6eoF3DD.js +181 -0
package/dist/connector-B9tLG8UZ.js +196 -0
package/dist/connector-BOlqjXWP.js +182 -0
package/dist/connector-BP8zsbP8.js +189 -0
package/dist/connector-BPoSevxp.js +286 -0
package/dist/connector-BRHj773i.js +163 -0
package/dist/connector-BToxU-jV.js +267 -0
package/dist/connector-BliDVsJQ.js +239 -0
package/dist/connector-Bv6s9oP7.js +88 -0
package/dist/connector-By5wWGTR.js +343 -0
package/dist/connector-C1BaFFgN.js +213 -0
package/dist/connector-CRRWY5Wv.js +167 -0
package/dist/connector-CXPQVGyI.js +85 -0
package/dist/connector-Cdk1CXKi.js +194 -0
package/dist/connector-CwlgFgjx.js +181 -0
package/dist/connector-DFchk6l7.js +178 -0
package/dist/connector-DKw7tRAy.js +192 -0
package/dist/connector-DRv1ahC_.js +343 -0
package/dist/connector-DU63KW94.js +165 -0
package/dist/connector-Dbvb1Cj9.js +280 -0
package/dist/connector-DcZdQcgR.js +173 -0
package/dist/connector-DxKL8VvZ.js +182 -0
package/dist/connector-T_YdZtzv.js +162 -0
package/dist/connector-i4gOS9xL.js +154 -0
package/dist/connector-rHXE1ZD2.js +167 -0
package/dist/connector-wdUXChwa.js +172 -0
package/dist/cost-tracker-pVE15Yq4.js +103 -0
package/dist/credentials-store-BvnMPJwi.js +4 -0
package/dist/credentials-store-sb-TRLwR.js +77 -0
package/dist/cron-tasks-BvDFNyiE.js +82 -0
package/dist/delivery-B-SJqXLn.js +95 -0
package/dist/delivery-D5Z98EVq.js +95 -0
package/dist/delivery-DCOXhXEO.js +5 -0
package/dist/delivery-VgFeuu2J.js +5 -0
package/dist/destructive-gate-m-dWqUFg.js +101 -0
package/dist/developer-keys-JaJK3T27.js +127 -0
package/dist/developer-keys-kyqmtWK3.js +8 -0
package/dist/doctor-3oi89QIc.js +175 -0
package/dist/doctor-Cf1XSfp9.js +4 -0
package/dist/engine-B4eMiTgl.js +7 -0
package/dist/engine-B8M7dYul.js +7 -0
package/dist/engine-BhT-1M9W.js +256 -0
package/dist/engine-D49jnSd_.js +256 -0
package/dist/env-resolve-DWOQ45jG.js +9 -0
package/dist/env-resolve-szSWl0UF.js +94 -0
package/dist/extraction-tools-D3qDFBJ1.js +91 -0
package/dist/extraction-tools-DLr_AEwq.js +5 -0
package/dist/form_data-B_hIUrxU.js +8657 -0
package/dist/gmail-watch-setup-Czt8rXaX.js +40 -0
package/dist/heartbeat-engine-CRqfPcFM.js +83 -0
package/dist/hub-DTsqe5Bt.js +6 -0
package/dist/hub-FrPTA33j.js +515 -0
package/dist/hyperclawbot-D9KCtc4P.js +480 -0
package/dist/hyperclawbot-DfMGowZC.js +480 -0
package/dist/hyperclawbot-Dw27pJo4.js +480 -0
package/dist/inference-CTWJeX9Q.js +922 -0
package/dist/inference-ix607p7k.js +6 -0
package/dist/knowledge-graph-DqA-Fztl.js +131 -0
package/dist/loader-CISCqBto.js +400 -0
package/dist/loader-CYMQ8VOS.js +4 -0
package/dist/logger-8tEtAd3y.js +83 -0
package/dist/manager-CPjeRe-6.js +4 -0
package/dist/manager-Cwzj7w5R.js +105 -0
package/dist/manager-DLmZI-9R.js +6 -0
package/dist/manager-DSGhn5i3.js +117 -0
package/dist/manager-DgyF52mg.js +218 -0
package/dist/manager-Dm8nrMFx.js +40 -0
package/dist/mcp-B_9Ber63.js +139 -0
package/dist/mcp-loader-DSM5UiFG.js +94 -0
package/dist/mcp-loader-j5ZLLw5O.js +94 -0
package/dist/memory-BI1kPkAN.js +4 -0
package/dist/memory-BVFGkxxK.js +270 -0
package/dist/memory-auto-Bc7euou4.js +306 -0
package/dist/memory-auto-DPfbkMVt.js +5 -0
package/dist/memory-integration-DZExqWr4.js +91 -0
package/dist/moltbook-B6ZeGN5_.js +81 -0
package/dist/node-pwL6O_KX.js +222 -0
package/dist/nodes-registry-CsPm_-CJ.js +52 -0
package/dist/oauth-flow-CpWlgvNB.js +150 -0
package/dist/oauth-provider-BZb6qOw5.js +110 -0
package/dist/observability-B43YvNQV.js +89 -0
package/dist/onboard-3q20ZyHj.js +9 -0
package/dist/onboard-Bd_wsYdi.js +4086 -0
package/dist/onboard-CAN7x3me.js +3026 -0
package/dist/onboard-DnegOHMh.js +3026 -0
package/dist/onboard-RYtDlYBw.js +9 -0
package/dist/onboard-aTwlQs-4.js +9 -0
package/dist/orchestrator-BSp2M5EU.js +189 -0
package/dist/orchestrator-C7ko5tWa.js +6 -0
package/dist/orchestrator-DfPkIx2Z.js +6 -0
package/dist/orchestrator-NJQsmiBE.js +189 -0
package/dist/pairing-DU0_J28n.js +87 -0
package/dist/pairing-DWllbSbO.js +4 -0
package/dist/pc-access-Ly-uA8mn.js +8 -0
package/dist/pc-access-NxBvTrRj.js +819 -0
package/dist/pending-approval-DIHvwwWS.js +22 -0
package/dist/puppeteer-2o3QOwAy.js +2 -2
package/dist/puppeteer-BYTMp3BI.js +2 -2
package/dist/puppeteer-DQ45qwWk.js +2 -2
package/dist/reminders-store-D79qdfN0.js +58 -0
package/dist/renderer-pqlDRKbH.js +225 -0
package/dist/rules-BooT_qFP.js +103 -0
package/dist/run-main.js +366 -1109
package/dist/runner-Bu--_RXw.js +810 -0
package/dist/runner-D1rjuMTJ.js +810 -0
package/dist/sdk/index.js +2 -2
package/dist/sdk/index.mjs +2 -2
package/dist/security-C-5URby1.js +73 -0
package/dist/security-_xve79aq.js +4 -0
package/dist/server-0kgyELx4.js +1047 -0
package/dist/server-BIuTobTC.js +4 -0
package/dist/server-BRlCEjyT.js +1047 -0
package/dist/server-CCI1hv45.js +1047 -0
package/dist/server-DU9POoWc.js +4 -0
package/dist/server-RBqwE_GN.js +4 -0
package/dist/session-store-CujxByI6.js +113 -0
package/dist/session-store-qpJUg2M1.js +5 -0
package/dist/sessions-tools-CB2qbwIk.js +5 -0
package/dist/sessions-tools-DHMaTZIs.js +95 -0
package/dist/skill-loader-BkceKkIg.js +7 -0
package/dist/skill-loader-DhgIwK4J.js +159 -0
package/dist/skill-runtime--LqxWrp5.js +102 -0
package/dist/skill-runtime-C5l0Tgt-.js +5 -0
package/dist/skill-runtime-DsXK_HYG.js +102 -0
package/dist/skill-runtime-IVTiqrMR.js +5 -0
package/dist/src-BEVLgaF1.js +63 -0
package/dist/src-Bgu_OxTQ.js +458 -0
package/dist/src-Bq-oKt7Z.js +458 -0
package/dist/src-DWCUhnD4.js +20 -0
package/dist/src-cfRTjFef.js +63 -0
package/dist/sub-agent-tools-BD9DF8_g.js +39 -0
package/dist/sub-agent-tools-V7b3T9_s.js +39 -0
package/dist/tool-policy-DNvNRnve.js +189 -0
package/dist/tts-elevenlabs-BUOGKL-k.js +61 -0
package/dist/update-check-BD4qH7Am.js +81 -0
package/dist/vision-DRq-f-Dj.js +121 -0
package/dist/vision-tools-CFZEpQKm.js +5 -0
package/dist/vision-tools-CQnBI9aa.js +51 -0
package/dist/voice-transcription-CbQBToY0.js +138 -0
package/dist/voice-transcription-CgWq54hn.js +138 -0
package/dist/website-watch-tools-Bk_TnwuE.js +5 -0
package/dist/website-watch-tools-DraMPxdl.js +139 -0
package/package.json +1 -1

package/dist/node-pwL6O_KX.js ADDED Viewed

@@ -0,0 +1,222 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const inquirer = require_chunk.__toESM(require("inquirer"));
+const ora = require_chunk.__toESM(require("ora"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+//#region src/commands/node.ts
+const NODES_FILE = path.default.join(os.default.homedir(), ".hyperclaw", "nodes.json");
+async function loadNodes() {
+	try {
+		return await fs_extra.default.readJson(NODES_FILE);
+	} catch {
+		return [];
+	}
+}
+async function saveNodes(nodes) {
+	await fs_extra.default.ensureDir(path.default.dirname(NODES_FILE));
+	await fs_extra.default.writeJson(NODES_FILE, nodes, { spaces: 2 });
+}
+const TYPE_EMOJI = {
+	local: "💻",
+	remote: "🖥️",
+	android: "📱",
+	raspberrypi: "🍓",
+	docker: "🐳",
+	vm: "☁️"
+};
+const STATUS_COLOR = {
+	online: chalk.default.green,
+	offline: chalk.default.red,
+	unknown: chalk.default.gray,
+	degraded: chalk.default.yellow
+};
+async function nodeList() {
+	const nodes = await loadNodes();
+	console.log(chalk.default.bold.cyan("\n  🖧  HYPERCLAW NODES\n"));
+	console.log(`  ${chalk.default.green("●")} ${chalk.default.white("Local (this machine)".padEnd(22))} ${chalk.default.cyan("[local]")}  ${chalk.default.green("online")}`);
+	console.log(`    ${chalk.default.gray(`Node.js ${process.version}  ${os.default.platform()} ${os.default.arch()}  port 18789`)}`);
+	console.log();
+	if (nodes.length === 0) {
+		console.log(chalk.default.gray("  No additional nodes registered."));
+		console.log(chalk.default.gray("  Add a remote node: hyperclaw node add\n"));
+		return;
+	}
+	for (const node of nodes) {
+		const dot = STATUS_COLOR[node.status]("●");
+		const emoji = TYPE_EMOJI[node.type];
+		const status = STATUS_COLOR[node.status](node.status);
+		console.log(`  ${dot} ${chalk.default.white(node.name.padEnd(22))} ${chalk.default.cyan(`[${node.type}]`)}  ${status}`);
+		if (node.host) console.log(`    ${chalk.default.gray(`${node.host}:${node.port || 18789}`)}`);
+		if (node.androidDeviceId) console.log(`    ${chalk.default.gray(`adb: ${node.androidDeviceId}`)}`);
+		if (node.capabilities.length > 0) console.log(`    ${chalk.default.gray("caps:")} ${node.capabilities.join(", ")}`);
+		if (node.lastSeenAt) {
+			const ago = Math.round((Date.now() - new Date(node.lastSeenAt).getTime()) / 1e3 / 60);
+			console.log(`    ${chalk.default.gray(`last seen: ${ago}m ago`)}`);
+		}
+		console.log();
+	}
+}
+async function nodeAdd() {
+	console.log(chalk.default.bold.cyan("\n  ➕ ADD NODE\n"));
+	const { type } = await inquirer.default.prompt([{
+		type: "list",
+		name: "type",
+		message: "Node type:",
+		choices: [
+			{
+				name: "🖥️  Remote server (SSH)",
+				value: "remote"
+			},
+			{
+				name: "📱  Android device (ADB)",
+				value: "android"
+			},
+			{
+				name: "🍓  Raspberry Pi",
+				value: "raspberrypi"
+			},
+			{
+				name: "🐳  Docker container",
+				value: "docker"
+			},
+			{
+				name: "☁️  VM / cloud instance",
+				value: "vm"
+			}
+		]
+	}]);
+	const { name } = await inquirer.default.prompt([{
+		type: "input",
+		name: "name",
+		message: "Node name:",
+		validate: (v) => !!v.trim() || "Required"
+	}]);
+	let extras = {};
+	if (type === "android") {
+		const { deviceId } = await inquirer.default.prompt([{
+			type: "input",
+			name: "deviceId",
+			message: "ADB device ID (run: adb devices):",
+			validate: (v) => !!v.trim() || "Required"
+		}]);
+		extras.androidDeviceId = deviceId;
+		extras.capabilities = ["channel:host", "always-on"];
+	} else {
+		const { host, port } = await inquirer.default.prompt([{
+			type: "input",
+			name: "host",
+			message: "Hostname or IP:",
+			validate: (v) => !!v.trim() || "Required"
+		}, {
+			type: "number",
+			name: "port",
+			message: "Gateway port:",
+			default: 18789
+		}]);
+		const { caps } = await inquirer.default.prompt([{
+			type: "checkbox",
+			name: "caps",
+			message: "Capabilities:",
+			choices: [
+				{
+					name: "Run agent inference",
+					value: "agent:run",
+					checked: true
+				},
+				{
+					name: "Host channel connections",
+					value: "channel:host"
+				},
+				{
+					name: "Execute code",
+					value: "code:execute"
+				},
+				{
+					name: "GPU acceleration",
+					value: "gpu"
+				},
+				{
+					name: "Always-on (24/7)",
+					value: "always-on"
+				}
+			]
+		}]);
+		extras = {
+			host,
+			port,
+			capabilities: caps
+		};
+	}
+	const node = {
+		id: name.toLowerCase().replace(/\s+/g, "-"),
+		name,
+		type,
+		status: "unknown",
+		addedAt: (/* @__PURE__ */ new Date()).toISOString(),
+		capabilities: extras.capabilities || [],
+		...extras
+	};
+	const nodes = await loadNodes();
+	nodes.push(node);
+	await saveNodes(nodes);
+	console.log(chalk.default.green(`\n  ✔  Node added: ${name}`));
+	console.log(chalk.default.gray("  Run: hyperclaw node probe   to test the connection\n"));
+}
+async function nodeProbe(id) {
+	const nodes = await loadNodes();
+	const targets = id ? nodes.filter((n) => n.id === id) : nodes;
+	console.log(chalk.default.bold.cyan("\n  🔍 PROBING NODES\n"));
+	console.log(`  ${chalk.default.cyan("○")} Local...`);
+	await new Promise((r) => setTimeout(r, 300));
+	console.log(`  ${chalk.default.green("✔")} Local — online (${os.default.platform()} ${os.default.arch()})\n`);
+	for (const node of targets) {
+		const spinner = (0, ora.default)(`  Probing ${node.name} (${node.host || node.androidDeviceId || node.type})...`).start();
+		await new Promise((r) => setTimeout(r, 1e3));
+		try {
+			if (node.host) {
+				const axios = (await import("axios")).default;
+				const res = await axios.get(`http://${node.host}:${node.port || 18789}/api/status`, { timeout: 3e3 });
+				node.status = "online";
+				node.version = res.data?.version;
+				node.lastSeenAt = (/* @__PURE__ */ new Date()).toISOString();
+				spinner.succeed(`${node.name} — online${node.version ? ` (v${node.version})` : ""}`);
+			} else if (node.type === "android") {
+				const { exec } = await import("child_process");
+				const { promisify } = await import("util");
+				const execAsync = promisify(exec);
+				await execAsync(`adb -s ${node.androidDeviceId} shell echo ok`);
+				node.status = "online";
+				node.lastSeenAt = (/* @__PURE__ */ new Date()).toISOString();
+				spinner.succeed(`${node.name} — online (ADB connected)`);
+			} else {
+				node.status = "unknown";
+				spinner.warn(`${node.name} — probe not supported for ${node.type}`);
+			}
+		} catch {
+			node.status = "offline";
+			spinner.fail(`${node.name} — offline / unreachable`);
+		}
+		console.log();
+	}
+	await saveNodes(nodes);
+}
+async function nodeRemove(id) {
+	const nodes = await loadNodes();
+	const idx = nodes.findIndex((n) => n.id === id);
+	if (idx === -1) {
+		console.log(chalk.default.red(`\n  ✖  Node not found: ${id}\n`));
+		return;
+	}
+	nodes.splice(idx, 1);
+	await saveNodes(nodes);
+	console.log(chalk.default.green(`\n  ✔  Node removed: ${id}\n`));
+}
+//#endregion
+exports.nodeAdd = nodeAdd;
+exports.nodeList = nodeList;
+exports.nodeProbe = nodeProbe;
+exports.nodeRemove = nodeRemove;

package/dist/nodes-registry-CsPm_-CJ.js ADDED Viewed

@@ -0,0 +1,52 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const events = require_chunk.__toESM(require("events"));
+//#region src/services/nodes-registry.ts
+var NodeRegistryImpl, NodeRegistry;
+var init_nodes_registry = require_chunk.__esm({ "src/services/nodes-registry.ts"() {
+	NodeRegistryImpl = class extends events.EventEmitter {
+		nodes = /* @__PURE__ */ new Map();
+		pendingCommands = /* @__PURE__ */ new Map();
+		register(node) {
+			this.nodes.set(node.nodeId, node);
+			this.emit("node:registered", node);
+		}
+		unregister(nodeId) {
+			this.nodes.delete(nodeId);
+			this.emit("node:unregistered", nodeId);
+		}
+		getNodes() {
+			return Array.from(this.nodes.values());
+		}
+		getNode(nodeId) {
+			return this.nodes.get(nodeId);
+		}
+		/** Send a command to a node. Returns result or error. */
+		async sendCommand(nodeId, cmd) {
+			const node = this.nodes.get(nodeId);
+			if (!node) return {
+				ok: false,
+				error: `Node ${nodeId} not connected`
+			};
+			return node.send(cmd);
+		}
+		/** Handle response from a node (called when node replies to a command). */
+		handleCommandResponse(cmdId, result) {
+			const pending = this.pendingCommands.get(cmdId);
+			if (pending) {
+				clearTimeout(pending.timeout);
+				this.pendingCommands.delete(cmdId);
+				pending.resolve(result);
+			}
+		}
+		updateLastSeen(nodeId) {
+			const node = this.nodes.get(nodeId);
+			if (node) node.lastSeenAt = (/* @__PURE__ */ new Date()).toISOString();
+		}
+	};
+	NodeRegistry = new NodeRegistryImpl();
+} });
+//#endregion
+init_nodes_registry();
+exports.NodeRegistry = NodeRegistry;

package/dist/oauth-flow-CpWlgvNB.js ADDED Viewed

@@ -0,0 +1,150 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const crypto = require_chunk.__toESM(require("crypto"));
+const http = require_chunk.__toESM(require("http"));
+//#region src/services/oauth-flow.ts
+const HC_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+const REDIRECT_PORT = 38789;
+const REDIRECT_PATH = "/oauth/callback";
+const PROVIDERS = {
+	google: {
+		authorize_url: "https://accounts.google.com/o/oauth2/v2/auth",
+		token_url: "https://oauth2.googleapis.com/token",
+		scopes: [
+			"openid",
+			"email",
+			"profile",
+			"https://www.googleapis.com/auth/aiplatform"
+		],
+		client_id: process.env.GOOGLE_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.GOOGLE_OAUTH_CLIENT_SECRET
+	},
+	"google-gmail": {
+		authorize_url: "https://accounts.google.com/o/oauth2/v2/auth",
+		token_url: "https://oauth2.googleapis.com/token",
+		scopes: [
+			"openid",
+			"email",
+			"profile",
+			"https://www.googleapis.com/auth/gmail.modify",
+			"https://mail.google.com/"
+		],
+		client_id: process.env.GOOGLE_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.GOOGLE_OAUTH_CLIENT_SECRET
+	},
+	microsoft: {
+		authorize_url: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
+		token_url: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+		scopes: [
+			"openid",
+			"profile",
+			"offline_access",
+			"https://cognitiveservices.azure.com/.default"
+		],
+		client_id: process.env.AZURE_OAUTH_CLIENT_ID || process.env.MICROSOFT_OAUTH_CLIENT_ID || "",
+		client_secret: process.env.AZURE_OAUTH_CLIENT_SECRET || process.env.MICROSOFT_OAUTH_CLIENT_SECRET
+	}
+};
+async function runOAuthFlow(providerId, opts) {
+	const cfg = PROVIDERS[providerId];
+	if (!cfg) throw new Error(`OAuth provider "${providerId}" not configured. Supported: google, google-gmail (Gmail Pub/Sub), microsoft. Anthropic/OpenAI: use "hyperclaw auth add" (API keys) or "hyperclaw auth setup-token anthropic" for Claude Pro/Max.`);
+	const clientId = opts?.clientId || cfg.client_id || process.env.OAUTH_CLIENT_ID;
+	const clientSecret = opts?.clientSecret || cfg.client_secret || process.env.OAUTH_CLIENT_SECRET;
+	const scopes = opts?.scopes || cfg.scopes;
+	if (!clientId) {
+		const hint = providerId === "google" ? "Set GOOGLE_OAUTH_CLIENT_ID or OAUTH_CLIENT_ID. Create at: https://console.cloud.google.com/apis/credentials" : providerId === "microsoft" ? "Set AZURE_OAUTH_CLIENT_ID. Create at: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade" : "Set OAUTH_CLIENT_ID or pass --client-id";
+		throw new Error(`OAuth client_id required. ${hint}`);
+	}
+	const codeVerifier = crypto.default.randomBytes(32).toString("base64url");
+	const codeChallenge = crypto.default.createHash("sha256").update(codeVerifier).digest("base64url");
+	const authParams = new URLSearchParams({
+		client_id: clientId,
+		redirect_uri: `http://127.0.0.1:${REDIRECT_PORT}${REDIRECT_PATH}`,
+		response_type: "code",
+		scope: scopes.join(" "),
+		code_challenge: codeChallenge,
+		code_challenge_method: "S256",
+		access_type: "offline",
+		prompt: "consent"
+	});
+	const authUrl = `${cfg.authorize_url}?${authParams}`;
+	return new Promise((resolve, reject) => {
+		const server = http.default.createServer(async (req, res) => {
+			const url = new URL(req.url || "/", `http://127.0.0.1`);
+			if (url.pathname !== REDIRECT_PATH) {
+				res.writeHead(404);
+				res.end("Not found");
+				return;
+			}
+			const code = url.searchParams.get("code");
+			const error = url.searchParams.get("error");
+			res.setHeader("Content-Type", "text/html; charset=utf-8");
+			if (error) {
+				res.writeHead(400);
+				res.end(`<h1>OAuth error</h1><p>${error}</p><p>You can close this tab.</p>`);
+				server.close();
+				reject(new Error(`OAuth error: ${error}`));
+				return;
+			}
+			if (!code) {
+				res.writeHead(400);
+				res.end("<h1>No code received</h1><p>You can close this tab.</p>");
+				server.close();
+				reject(new Error("No authorization code received"));
+				return;
+			}
+			const body = new URLSearchParams({
+				grant_type: "authorization_code",
+				code,
+				redirect_uri: `http://127.0.0.1:${REDIRECT_PORT}${REDIRECT_PATH}`,
+				code_verifier: codeVerifier
+			});
+			if (clientSecret) body.set("client_secret", clientSecret);
+			body.set("client_id", clientId);
+			try {
+				const tokenRes = await fetch(cfg.token_url, {
+					method: "POST",
+					headers: { "Content-Type": "application/x-www-form-urlencoded" },
+					body: body.toString()
+				});
+				const tokenData = await tokenRes.json();
+				if (tokenData.error) {
+					res.writeHead(400);
+					res.end(`<h1>Token error</h1><p>${tokenData.error}</p><p>You can close this tab.</p>`);
+					server.close();
+					reject(new Error(tokenData.error_description || tokenData.error));
+					return;
+				}
+				res.writeHead(200);
+				res.end("<h1>Success!</h1><p>HyperClaw has received your tokens. You can close this tab and return to the terminal.</p>");
+				server.close();
+				resolve({
+					access_token: tokenData.access_token,
+					refresh_token: tokenData.refresh_token,
+					expires_in: tokenData.expires_in
+				});
+			} catch (e) {
+				res.writeHead(500);
+				res.end(`<h1>Error</h1><p>${e.message}</p><p>You can close this tab.</p>`);
+				server.close();
+				reject(e);
+			}
+		});
+		server.listen(REDIRECT_PORT, "127.0.0.1", () => {
+			try {
+				const { exec } = require("child_process");
+				const opener = process.platform === "win32" ? `start "" "${authUrl}"` : (process.platform === "darwin" ? "open" : "xdg-open") + ` "${authUrl}"`;
+				exec(opener);
+			} catch {}
+		});
+		server.on("error", (err) => {
+			server.close();
+			reject(err);
+		});
+	});
+}
+//#endregion
+exports.runOAuthFlow = runOAuthFlow;

package/dist/oauth-provider-BZb6qOw5.js ADDED Viewed

@@ -0,0 +1,110 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const https = require_chunk.__toESM(require("https"));
+//#region src/services/oauth-provider.ts
+function defaultTokenPath(providerId) {
+	return path.default.join(HC_DIR, `oauth-${providerId}.json`);
+}
+async function getProviderCredentialAsync(cfg) {
+	if (!cfg?.provider) return "";
+	const authType = cfg.provider.authType ?? "api_key";
+	if (authType === "api_key") {
+		const key = cfg.provider.apiKey;
+		if (key) return key;
+		const pid = cfg.provider.providerId || "openrouter";
+		switch (pid) {
+			case "openrouter": return process.env.OPENROUTER_API_KEY || "";
+			case "anthropic": return process.env.ANTHROPIC_API_KEY || "";
+			case "openai": return process.env.OPENAI_API_KEY || "";
+			case "xai": return process.env.XAI_API_KEY || "";
+			case "google": return process.env.GOOGLE_AI_API_KEY || "";
+			default: return process.env.OPENROUTER_API_KEY || process.env.ANTHROPIC_API_KEY || "";
+		}
+	}
+	const tokenPath = cfg.provider.oauthTokenPath || defaultTokenPath(cfg.provider.providerId || "default");
+	if (!await fs_extra.default.pathExists(tokenPath)) return "";
+	let data;
+	try {
+		data = await fs_extra.default.readJson(tokenPath);
+	} catch {
+		return "";
+	}
+	if (!data.access_token) return "";
+	const now = Math.floor(Date.now() / 1e3);
+	const expiresAt = data.expires_at ?? 0;
+	if (expiresAt > 0 && now < expiresAt - 60) return data.access_token;
+	if (!data.refresh_token) return data.access_token;
+	const tokenUrl = data.token_url || DEFAULT_REFRESH_URLS[cfg.provider.providerId || ""] || "";
+	if (!tokenUrl) return data.access_token;
+	const refreshed = await refreshAccessToken({
+		token_url: tokenUrl,
+		refresh_token: data.refresh_token,
+		client_id: data.client_id || process.env.OAUTH_CLIENT_ID,
+		client_secret: data.client_secret || process.env.OAUTH_CLIENT_SECRET
+	});
+	if (refreshed.access_token) {
+		data.access_token = refreshed.access_token;
+		if (refreshed.expires_in) data.expires_at = now + refreshed.expires_in;
+		await fs_extra.default.writeJson(tokenPath, data, { spaces: 2 });
+		return data.access_token;
+	}
+	return data.access_token;
+}
+async function refreshAccessToken(opts) {
+	const body = new URLSearchParams({
+		grant_type: "refresh_token",
+		refresh_token: opts.refresh_token
+	});
+	if (opts.client_id) body.set("client_id", opts.client_id);
+	if (opts.client_secret) body.set("client_secret", opts.client_secret);
+	const u = new URL(opts.token_url);
+	return new Promise((resolve) => {
+		const req = https.default.request({
+			hostname: u.hostname,
+			port: 443,
+			path: u.pathname + u.search,
+			method: "POST",
+			headers: { "Content-Type": "application/x-www-form-urlencoded" }
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					const j = JSON.parse(data);
+					resolve({
+						access_token: j.access_token,
+						expires_in: j.expires_in
+					});
+				} catch {
+					resolve({});
+				}
+			});
+		});
+		req.on("error", () => resolve({}));
+		req.write(body.toString());
+		req.end();
+	});
+}
+/** Write token file (e.g. after OAuth callback or manual paste). */
+async function writeOAuthToken(providerId, token, customPath) {
+	const p = customPath || defaultTokenPath(providerId);
+	await fs_extra.default.ensureDir(path.default.dirname(p));
+	await fs_extra.default.writeJson(p, token, { spaces: 2 });
+}
+var HC_DIR, DEFAULT_REFRESH_URLS;
+var init_oauth_provider = require_chunk.__esm({ "src/services/oauth-provider.ts"() {
+	HC_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+	DEFAULT_REFRESH_URLS = {
+		google: "https://oauth2.googleapis.com/token",
+		openai: "https://api.openai.com/v1/auth/refresh",
+		anthropic: ""
+	};
+} });
+//#endregion
+init_oauth_provider();
+exports.getProviderCredentialAsync = getProviderCredentialAsync;
+exports.writeOAuthToken = writeOAuthToken;

package/dist/observability-B43YvNQV.js ADDED Viewed

@@ -0,0 +1,89 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+//#region src/infra/observability.ts
+/** Rough cost per 1M tokens (Claude Sonnet ballpark). */
+const COST_PER_1M_INPUT = 3;
+const COST_PER_1M_OUTPUT = 15;
+function estimateCost(usage) {
+	if (!usage) return 0;
+	const inp = (usage.input || 0) + (usage.cacheRead || 0);
+	return inp / 1e6 * COST_PER_1M_INPUT + (usage.output || 0) / 1e6 * COST_PER_1M_OUTPUT;
+}
+function createRunTracer(sessionId, source) {
+	const startTime = (/* @__PURE__ */ new Date()).toISOString();
+	const toolCalls = [];
+	const pending = [];
+	const trace = {
+		sessionId,
+		source,
+		startTime,
+		toolCalls
+	};
+	return {
+		trace,
+		onToolCall(name, input) {
+			pending.push({
+				name,
+				input
+			});
+		},
+		onToolResult(name, result) {
+			const head = pending.shift();
+			toolCalls.push({
+				name: name || head?.name || "unknown",
+				input: head?.input ?? {},
+				result: result.slice(0, 500),
+				at: (/* @__PURE__ */ new Date()).toISOString()
+			});
+		},
+		onRunEnd(usage, error) {
+			trace.endTime = (/* @__PURE__ */ new Date()).toISOString();
+			trace.usage = usage;
+			trace.costUsd = estimateCost(usage);
+			trace.error = error;
+		}
+	};
+}
+/** List trace files (for querying). */
+async function listTraces(baseDir, limit = 50) {
+	try {
+		const fs = await import("fs-extra");
+		const path = await import("path");
+		const dir = path.join(baseDir, "traces");
+		if (!await fs.pathExists(dir)) return [];
+		const files = (await fs.readdir(dir)).filter((f) => f.endsWith(".json")).map((f) => path.join(dir, f));
+		const stats = await Promise.all(files.map(async (fp) => ({
+			fp,
+			mtime: (await fs.stat(fp)).mtime.getTime()
+		})));
+		stats.sort((a, b) => b.mtime - a.mtime);
+		const out = [];
+		for (const { fp } of stats.slice(0, limit)) try {
+			out.push(await fs.readJson(fp));
+		} catch {}
+		return out;
+	} catch {
+		return [];
+	}
+}
+/** Write trace to file (e.g. ~/.hyperclaw/traces/). */
+async function writeTraceToFile(baseDir, trace) {
+	try {
+		const fs = await import("fs-extra");
+		const path = await import("path");
+		const dir = path.join(baseDir, "traces");
+		await fs.ensureDir(dir);
+		const name = `run-${trace.startTime.replace(/[:.]/g, "-")}.json`;
+		const fp = path.join(dir, name);
+		await fs.writeJson(fp, trace, { spaces: 0 });
+		return fp;
+	} catch {
+		return null;
+	}
+}
+//#endregion
+exports.createRunTracer = createRunTracer;
+exports.estimateCost = estimateCost;
+exports.listTraces = listTraces;
+exports.writeTraceToFile = writeTraceToFile;

package/dist/onboard-3q20ZyHj.js ADDED Viewed

@@ -0,0 +1,9 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+require('./paths-AIyBxIzm.js');
+require('./paths-DPovhojT.js');
+require('./env-resolve-BzDlV2CS.js');
+const require_onboard = require('./onboard-DnegOHMh.js');
+require('./server-CCI1hv45.js');
+require('./theme-LUTKWUWd.js');
+exports.HyperClawWizard = require_onboard.HyperClawWizard;