kojee-mcp 0.2.2 → 0.5.0

package/dist/{chunk-QKAUM3TR.js → chunk-LCFCCWMM.js}

@@ -1,6 +1,22 @@
+import {
+  MCP_SESSION_ID,
+  createDPoPProof,
+  startEventStream
+} from "./chunk-QB22PD6T.js";
+import {
+  buildCatchUpNote,
+  buildMonitorSpawn,
+  buildReplyRecipe
+} from "./chunk-E26AHU6J.js";
+import {
+  deriveDiscoveryKey,
+  findClaudeAncestorPid
+} from "./chunk-BJMASMKX.js";
+
 // src/index.ts
-import fs2 from "fs";
-import path2 from "path";
+import fs3 from "fs";
+import os2 from "os";
+import path3 from "path";
 
 // src/auth/auth-module.ts
 import { calculateJwkThumbprint } from "jose";
@@ -9,12 +25,9 @@ import crypto from "crypto";
 // src/auth/keystore.ts
 import { importJWK, exportJWK, generateKeyPair } from "jose";
 import fs from "fs";
+import os from "os";
 import path from "path";
-var DEFAULT_PATH = path.join(
-  process.env["HOME"] ?? "~",
-  ".kojee",
-  "keypair.json"
-);
+var DEFAULT_PATH = path.join(os.homedir(), ".kojee", "keypair.json");
 async function loadKeystore(keystorePath = DEFAULT_PATH, expectedBrokerUrl) {
   if (!fs.existsSync(keystorePath)) {
     return null;
@@ -187,34 +200,7 @@ var AuthModule = class {
 };
 
 // src/gateway-client.ts
-import crypto3 from "crypto";
-
-// src/auth/dpop.ts
-import { SignJWT, base64url } from "jose";
 import crypto2 from "crypto";
-async function createDPoPProof(privateKey, kid, method, url, nonce, accessToken) {
-  const payload = {
-    htm: method,
-    htu: url,
-    jti: crypto2.randomUUID()
-  };
-  if (nonce) {
-    payload.nonce = nonce;
-  }
-  if (accessToken) {
-    payload.ath = computeAth(accessToken);
-  }
-  const header = {
-    typ: "dpop+jwt",
-    alg: "ES256",
-    jwk: { kid }
-  };
-  return new SignJWT(payload).setProtectedHeader(header).setIssuedAt().sign(privateKey);
-}
-function computeAth(accessToken) {
-  const hash = crypto2.createHash("sha256").update(accessToken).digest();
-  return base64url.encode(hash);
-}
 
 // src/error-translator.ts
 function translateGovernanceResult(result) {
@@ -278,9 +264,41 @@ function translateHttpError(status, errorCode, _trigger) {
   }
   return null;
 }
+var TANDEM_ERROR_MESSAGES = {
+  [-32003]: () => "This Tandem is hardened to owner-only membership; you can't join.",
+  [-32004]: () => "You aren't a member of that Tandem. Use tandem_join(join_link) first.",
+  [-32006]: (data) => {
+    const retry = data?.["retry_after_seconds"] ?? "a moment";
+    return `Rate limit hit on this Tandem. Retry after ${retry} seconds.`;
+  },
+  [-32007]: (data) => {
+    const rule = data?.["rule"] ?? "policy";
+    return `Message rejected by Tandem policy (${rule}).`;
+  },
+  [-32011]: (data) => {
+    const id = data?.["tandem_id"] ?? "unknown";
+    return `Tandem ${id} doesn't exist or isn't visible to you.`;
+  },
+  [-32015]: (data) => {
+    const candidates = data?.["candidates"] ?? [];
+    return `An @-mention matched multiple members and is ambiguous. Retry with explicit mentions[]. Candidates: ${candidates.join(", ")}.`;
+  }
+};
 function translateJsonRpcError(error) {
   const msg = error.message ?? "";
   const msgLower = msg.toLowerCase();
+  const tandemMessage = TANDEM_ERROR_MESSAGES[error.code];
+  if (tandemMessage) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: tandemMessage(error.data)
+        }
+      ],
+      isError: true
+    };
+  }
   switch (error.code) {
     case -32601:
       return makeError(
@@ -365,31 +383,53 @@ var GatewayClient = class {
   currentNonce;
   requestCounter = 0;
   endpoint;
+  /**
+   * Expose the DPoP signing key so peer modules sharing auth state
+   * (e.g. tandem/event-stream.ts) can sign their own requests.
+   */
+  getPrivateKey() {
+    return this.privateKey;
+  }
+  /**
+   * Expose the bot_key_id (kid) for DPoP proof headers. Paired with
+   * getPrivateKey() so peer modules can construct proofs without
+   * threading the key material through their own constructors.
+   */
+  getKid() {
+    return this.kid;
+  }
   /**
    * Derive a deterministic session ID from the gateway token.
    * session_id = sha256(token + "proxy").slice(0, 16)
    */
   static deriveSessionId(token) {
-    const hash = crypto3.createHash("sha256").update(token + "proxy").digest("hex");
+    const hash = crypto2.createHash("sha256").update(token + "proxy").digest("hex");
     return hash.slice(0, 16);
   }
   /**
    * Send a JSON-RPC 2.0 request to the gateway, handling DPoP auth,
    * nonce retry, and step-up retry transparently.
+   *
+   * `signal` (ROUND-3 MAJOR A) is a REAL AbortSignal threaded into the
+   * underlying `fetch` option — NOT placed inside `params`/`arguments`. A
+   * caller with a per-call timeout budget (e.g. resubscribeMemberships) passes
+   * its controller's signal here so a hung backend aborts at the budget instead
+   * of hanging forever. Putting the signal in `arguments` (the round-2 bug) both
+   * left fetch un-aborted AND serialized a junk `{}` onto the wire body.
    */
-  async sendRpc(method, params = {}) {
+  async sendRpc(method, params = {}, signal) {
     const rpcRequest = {
       jsonrpc: "2.0",
       id: ++this.requestCounter,
       method,
       params
     };
-    return this.executeWithRetries(rpcRequest);
+    return this.executeWithRetries(rpcRequest, signal);
   }
-  async executeWithRetries(rpcRequest) {
+  async executeWithRetries(rpcRequest, signal) {
     let response;
     try {
-      response = await this.sendHttpRequest(rpcRequest);
+      response = await this.sendHttpRequest(rpcRequest, signal);
     } catch (err) {
       return translateNetworkError(err);
     }
@@ -399,7 +439,7 @@ var GatewayClient = class {
       if (body?.error === "use_dpop_nonce") {
         console.error("[gateway] Nonce expired, retrying with fresh nonce...");
         try {
-          response = await this.sendHttpRequest(rpcRequest);
+          response = await this.sendHttpRequest(rpcRequest, signal);
         } catch (err) {
           return translateNetworkError(err);
         }
@@ -412,7 +452,7 @@ var GatewayClient = class {
     if (response.status === 403) {
       const body = await this.tryParseErrorBody(response);
       if (body?.error === "step_up_required") {
-        return this.handleStepUp(rpcRequest, body.trigger);
+        return this.handleStepUp(rpcRequest, body.trigger, signal);
       }
       const translated = translateHttpError(403, body?.error, body?.trigger);
       if (translated) return translated;
@@ -433,7 +473,7 @@ var GatewayClient = class {
     const result = rpcResponse.result;
     return result ?? { content: [{ type: "text", text: "No result" }] };
   }
-  async sendHttpRequest(rpcRequest) {
+  async sendHttpRequest(rpcRequest, signal) {
     const proof = await createDPoPProof(
       this.privateKey,
       this.kid,
@@ -447,16 +487,21 @@ var GatewayClient = class {
       headers: {
         "Content-Type": "application/json",
         Authorization: `DPoP ${this.token}`,
-        DPoP: proof
+        DPoP: proof,
+        "Mcp-Session-Id": MCP_SESSION_ID
       },
-      body: JSON.stringify(rpcRequest)
+      body: JSON.stringify(rpcRequest),
+      // ROUND-3 MAJOR A: the caller's AbortSignal rides HERE (a real fetch
+      // option), never inside the JSON-RPC body. `undefined` is a valid value
+      // for the fetch `signal` option (no abort wired).
+      ...signal ? { signal } : {}
     });
   }
   /**
    * Handle step-up retry: poll with backoff until user approves
    * or timeout is reached.
    */
-  async handleStepUp(rpcRequest, trigger) {
+  async handleStepUp(rpcRequest, trigger, signal) {
     console.error(
       `[gateway] Device re-authorization required (${trigger ?? "unknown"}). Waiting for user approval...`
     );
@@ -465,7 +510,7 @@ var GatewayClient = class {
       await sleep(STEP_UP_POLL_INTERVAL_MS);
       let response;
       try {
-        response = await this.sendHttpRequest(rpcRequest);
+        response = await this.sendHttpRequest(rpcRequest, signal);
       } catch {
         continue;
       }
@@ -591,16 +636,53 @@ import {
   ListToolsRequestSchema,
   CallToolRequestSchema
 } from "@modelcontextprotocol/sdk/types.js";
-function createMcpServer(registry) {
+
+// src/version.ts
+import fs2 from "fs";
+import path2 from "path";
+import { fileURLToPath } from "url";
+var FALLBACK_VERSION = "0.0.0-unknown";
+function resolveVersion() {
+  try {
+    const here = path2.dirname(fileURLToPath(import.meta.url));
+    const parsed = JSON.parse(
+      fs2.readFileSync(path2.join(here, "..", "package.json"), "utf8")
+    );
+    return typeof parsed?.version === "string" && parsed.version ? parsed.version : FALLBACK_VERSION;
+  } catch (err) {
+    process.stderr.write(
+      `kojee-mcp: could not resolve version from package.json, falling back to ${FALLBACK_VERSION}: ${String(err)}
+`
+    );
+    return FALLBACK_VERSION;
+  }
+}
+var VERSION = resolveVersion();
+
+// src/server.ts
+function buildChannelInstructions(_tandemMembershipCount, eventLogPath) {
+  const intro = `Tandem events are delivered to you in three ways depending on which is active in your Claude Code session:
+
+(1) If channel notifications are available, you'll see them as \`<channel source="kojee-mcp" ...>\` tags in your context. Each tag carries tandem_id, message_id, from_principal, kind, severity. To respond: ${buildReplyRecipe()}.
+
+`;
+  const monitorSection = `(2) For sustained wake-from-idle WITHOUT channel notifications, the proxy writes one event line per Tandem message to ${eventLogPath}. At the start of every session, spawn ONE Monitor task: ${buildMonitorSpawn(eventLogPath)}. Each appended line will arrive as a separate wake notification, and carries msg=<id> and cursor=<n>. To respond: ${buildReplyRecipe()}. ${buildCatchUpNote()} (\`kojee-mcp tail\` is a portable line-streamer shipped with this proxy \u2014 works on macOS, Linux, and Windows. It follows BOTH the messages log above and a status sibling; status/heartbeat telemetry never wakes you \u2014 only real messages do.)
+
+`;
+  const listenSection = "(3) If you want to BLOCK until any single reply lands (rather than receive a stream of events), call tandem_listen(tandem_id, since=cursor, timeout_ms=N) instead.";
+  const advice = "\n\nPrefer (2) at session start \u2014 it's the default no-allowlist wake mechanism. (1) supplements it when channels are enabled; (3) is for one-shot blocking waits.";
+  return intro + monitorSection + listenSection + advice;
+}
+function createMcpServer(registry, adapter, tandemMembershipCount = -1, eventLogPath) {
+  const capabilities = { tools: {} };
+  if (adapter.supportsChannels) {
+    capabilities.experimental = { "claude/channel": {} };
+  }
   const server = new Server(
+    { name: "kojee-mcp", version: VERSION },
     {
-      name: "kojee-mcp",
-      version: "0.2.0"
-    },
-    {
-      capabilities: {
-        tools: {}
-      }
+      capabilities,
+      ...adapter.supportsChannels ? { instructions: buildChannelInstructions(tandemMembershipCount, eventLogPath ?? "") } : {}
     }
   );
   server.setRequestHandler(ListToolsRequestSchema, async () => {
@@ -615,10 +697,7 @@ function createMcpServer(registry) {
     const { name, arguments: args } = request.params;
     const rawResult = await registry.callTool(name, args ?? {});
     const result = translateToolCallResult(rawResult);
-    return {
-      content: result.content,
-      isError: result.isError
-    };
+    return { content: result.content, isError: result.isError };
   });
   return server;
 }
@@ -628,30 +707,236 @@ async function startMcpServer(server) {
   console.error("[mcp] Server started on stdio transport");
 }
 
+// src/runtime/detect.ts
+import psList from "ps-list";
+async function detectRuntime(env = process.env) {
+  if (env["KOJEE_RUNTIME"] === "claude-code") return "claude-code";
+  if (env["CLAUDE_CODE_SESSION_ID"]) return "claude-code";
+  if (await parentProcessLooksLikeClaude()) return "claude-code";
+  return "unknown";
+}
+async function parentProcessLooksLikeClaude() {
+  try {
+    const processes = await psList();
+    const byPid = new Map(processes.map((p) => [p.pid, p]));
+    let pid = process.ppid;
+    for (let depth = 0; depth < 5 && pid && pid > 1; depth++) {
+      const row = byPid.get(pid);
+      if (!row) return false;
+      const haystack = `${row.name} ${row.cmd ?? ""}`;
+      if (/(^|\/|\\)claude(\.app|\.exe)?(\/|$|\s|\\)/i.test(haystack) || /Claude Helper/i.test(haystack)) {
+        return true;
+      }
+      pid = row.ppid;
+    }
+  } catch {
+  }
+  return false;
+}
+
+// src/adapters/claude-code.ts
+function computeSeverity(event) {
+  if (event.type === "state_change") return "high";
+  if (event.mentions && event.mentions.length > 0) {
+    return "high";
+  }
+  return "normal";
+}
+function formatBody(event) {
+  if (event.type === "state_change") {
+    return `[Tandem: ${event.tandem_id}] ${event.from.displayname}: ${event.content.body}`;
+  }
+  return [
+    `[Tandem: ${event.tandem_id}] ${event.from.displayname} (${event.from.principal}) \u2014 ${event.kind}:`,
+    event.content.body,
+    "",
+    `> ${buildReplyRecipe({ tandem_id: event.tandem_id, message_id: event.id })}`
+  ].join("\n");
+}
+var claudeCodeAdapter = {
+  runtime: "claude-code",
+  supportsChannels: true,
+  formatTandemEvent(event) {
+    const meta = {
+      tandem_id: event.tandem_id,
+      message_id: event.id,
+      cursor: String(event.cursor),
+      kind: event.kind,
+      from_principal: event.from.principal,
+      from_display: event.from.displayname,
+      severity: computeSeverity(event)
+    };
+    return { content: formatBody(event), meta };
+  }
+};
+
+// src/adapters/unknown.ts
+var unknownAdapter = {
+  runtime: "unknown",
+  supportsChannels: false,
+  formatTandemEvent() {
+    throw new Error(
+      "unknownAdapter.formatTandemEvent() is unreachable \u2014 caller should gate on supportsChannels"
+    );
+  }
+};
+
 // src/index.ts
-var DEFAULT_KEYSTORE_PATH = path2.join(
-  process.env["HOME"] ?? "~",
-  ".kojee",
-  "keypair.json"
-);
+var DEFAULT_KEYSTORE_PATH = path3.join(os2.homedir(), ".kojee", "keypair.json");
 function isDPoPEnrollmentError(err) {
   const msg = String(err?.message ?? err ?? "").toLowerCase();
   if (msg.includes("invalid or expired") && msg.includes("token")) return false;
   if (msg.includes("generate a new")) return false;
   return msg.includes("401") || msg.includes("authentication failed") || msg.includes("dpop") || msg.includes("key enrollment") || msg.includes("kid");
 }
+async function selectAdapter() {
+  const runtime = await detectRuntime();
+  if (runtime === "claude-code") return claudeCodeAdapter;
+  return unknownAdapter;
+}
+async function listTandemIds(gateway) {
+  const result = await gateway.sendRpc("tools/call", { name: "tandem_list", arguments: {} });
+  const maybeErr = result;
+  if (maybeErr.isError) return null;
+  const text = maybeErr.content?.[0]?.text;
+  try {
+    const parsed = text ? JSON.parse(text) : {};
+    const list = Array.isArray(parsed.tandems) ? parsed.tandems : Array.isArray(parsed) ? parsed : null;
+    if (!Array.isArray(list)) return [];
+    return list.map((t) => {
+      if (typeof t === "string") return t;
+      const obj = t;
+      return obj?.tandem_id ?? obj?.id;
+    }).filter((id) => typeof id === "string" && id.length > 0);
+  } catch {
+    return null;
+  }
+}
 async function startProxy(config) {
   const keystorePath = config.keystorePath || DEFAULT_KEYSTORE_PATH;
-  console.error(`[kojee-mcp] Starting proxy for ${config.url}`);
-  const registry = await enrollAndDiscover(config, keystorePath);
+  const adapter = await selectAdapter();
+  console.error(`[kojee-mcp] Starting proxy for ${config.url} (runtime=${adapter.runtime})`);
+  const { registry, gateway } = await enrollAndDiscover(config, keystorePath);
   console.error(
     `[kojee-mcp] Ready \u2014 ${registry.toolCount} tools available from ${config.url}`
   );
-  const server = createMcpServer(registry);
-  process.stdin.on("end", () => {
-    console.error("[kojee-mcp] stdin closed, exiting");
-    process.exit(0);
-  });
+  let tandemMembershipCount = -1;
+  try {
+    const bootIds = await listTandemIds(gateway);
+    tandemMembershipCount = bootIds === null ? -1 : bootIds.length;
+  } catch (err) {
+    console.error("[kojee-mcp] tandem_list probe failed:", err.message);
+  }
+  console.error(`[kojee-mcp] Tandem memberships: ${tandemMembershipCount === -1 ? "unknown" : tandemMembershipCount}`);
+  let server;
+  if (adapter.supportsChannels) {
+    const { EventQueue } = await import("./event-queue-5YVJFR3E.js");
+    const { startHookServer } = await import("./hook-server-QF5JVUHV.js");
+    const {
+      writeDiscoveryByKey,
+      cleanupDiscoveryByKey,
+      sweepStaleDiscovery
+    } = await import("./session-discovery-QE5TTAPS.js");
+    const { startEventLog, sweepStaleEventLogs } = await import("./event-log-R6VW6GAF.js");
+    const { resubscribeMemberships } = await import("./resubscribe-SLZNA76S.js");
+    sweepStaleDiscovery();
+    sweepStaleEventLogs();
+    const ccPid = await findClaudeAncestorPid();
+    const projectDir = process.env["CLAUDE_PROJECT_DIR"];
+    const discoveryKey = deriveDiscoveryKey(projectDir, ccPid);
+    const eventLog = startEventLog({ key: discoveryKey });
+    server = createMcpServer(registry, adapter, tandemMembershipCount, eventLog.path);
+    const queue = new EventQueue();
+    let streamHandle = null;
+    const hookServer = await startHookServer({
+      port: 0,
+      queue,
+      adapter,
+      getStreamState: () => streamHandle ? streamHandle.getState() : {
+        connected: false,
+        connectedSince: null,
+        lastEventAt: null,
+        lastHeartbeatAt: null,
+        cursors: {},
+        reconnectCount: 0,
+        // Adaptive: unknown until the watchdog observes ≥2 heartbeats.
+        staleAfterMs: null
+      }
+    });
+    writeDiscoveryByKey(discoveryKey, {
+      schema: 2,
+      discoveryKey,
+      ccPid,
+      projectDir: projectDir ?? null,
+      proxyPid: process.pid,
+      // Legacy `pid` mirrors `proxyPid` so the existing event-log sweep
+      // (which reads `data.pid`) still considers this entry live.
+      pid: process.pid,
+      port: hookServer.port,
+      startedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      brokerUrl: config.url,
+      eventLogPath: eventLog.path
+    });
+    const cleanupDiscoveryFile = () => cleanupDiscoveryByKey(discoveryKey);
+    process.on("exit", () => cleanupDiscoveryFile());
+    process.on("SIGINT", () => {
+      cleanupDiscoveryFile();
+      process.exit(0);
+    });
+    process.on("SIGTERM", () => {
+      cleanupDiscoveryFile();
+      process.exit(0);
+    });
+    process.on("exit", () => eventLog.cleanup());
+    streamHandle = await startEventStream({
+      brokerUrl: config.url,
+      token: config.token,
+      gateway,
+      adapter,
+      server,
+      queue,
+      eventLog,
+      // Resubscribe-on-start (P0 #2): touch all memberships + write a
+      // `status=subscribed n=<count>` line on every (re)connect, so a backend
+      // restart / scope reset self-heals and the log is never ambiguously
+      // empty. See resubscribe.ts for the unverified-touch caveat.
+      //
+      // MINOR 6: `listTandems` re-fetches the membership list per reconnect (a
+      // mid-session join is touched next reconnect, not boot-frozen), each
+      // touch is timeout-bounded + run with bounded concurrency, and the whole
+      // routine runs concurrently with consumeSse (never blocks first-event
+      // delivery). `listTandemIds` may return null (unknown) → treat as empty.
+      // MINOR E: a shared debounce cursor damps a connect/drop flap storm — a
+      // resubscribe within 30s of the last successful one is skipped.
+      onConnected: /* @__PURE__ */ (() => {
+        const debounceState = { lastRunAt: 0 };
+        return async () => {
+          await resubscribeMemberships({
+            gateway,
+            eventLog,
+            listTandems: async () => await listTandemIds(gateway) ?? [],
+            debounceState
+          });
+        };
+      })()
+    });
+    const cancelStream = streamHandle;
+    process.stdin.on("end", () => {
+      cancelStream();
+      cleanupDiscoveryFile();
+      eventLog.cleanup();
+      hookServer.stop().finally(() => {
+        console.error("[kojee-mcp] stdin closed, exiting");
+        process.exit(0);
+      });
+    });
+  } else {
+    server = createMcpServer(registry, adapter, tandemMembershipCount);
+    process.stdin.on("end", () => {
+      console.error("[kojee-mcp] stdin closed, exiting");
+      process.exit(0);
+    });
+  }
   await startMcpServer(server);
 }
 async function enrollAndDiscover(config, keystorePath, isRetry = false) {
@@ -669,7 +954,7 @@ async function enrollAndDiscover(config, keystorePath, isRetry = false) {
   const registry = new ToolRegistry(gateway);
   try {
     await registry.discoverTools();
-    return registry;
+    return { registry, gateway };
   } catch (err) {
     if (isRetry || !isDPoPEnrollmentError(err)) {
       throw err;
@@ -678,9 +963,7 @@ async function enrollAndDiscover(config, keystorePath, isRetry = false) {
       "[kojee-mcp] Auth failed, attempting recovery with fresh enrollment..."
     );
     try {
-      if (fs2.existsSync(keystorePath)) {
-        fs2.unlinkSync(keystorePath);
-      }
+      if (fs3.existsSync(keystorePath)) fs3.unlinkSync(keystorePath);
     } catch (unlinkErr) {
       console.error("[kojee-mcp] Could not remove stale keystore:", unlinkErr);
     }
@@ -689,5 +972,7 @@ async function enrollAndDiscover(config, keystorePath, isRetry = false) {
 }
 
 export {
+  AuthModule,
+  VERSION,
   startProxy
 };

package/dist/chunk-LSUB6QMP.js

@@ -0,0 +1,75 @@
+// src/hooks/hook-input.ts
+var MAX_STDIN_BYTES = 1024 * 1024;
+var IDLE_TIMEOUT_MS = 50;
+var NULL_RESULT = {
+  sessionId: null,
+  transcriptPath: null,
+  hookEventName: null,
+  stopHookActive: false,
+  raw: ""
+};
+async function readHookStdin() {
+  const raw = await drainStdinBuffered();
+  if (raw === null) {
+    return { ...NULL_RESULT };
+  }
+  if (raw === "") {
+    return { ...NULL_RESULT };
+  }
+  try {
+    const parsed = JSON.parse(raw);
+    return {
+      sessionId: stringOrNull(parsed["session_id"]),
+      transcriptPath: stringOrNull(parsed["transcript_path"]),
+      hookEventName: stringOrNull(parsed["hook_event_name"]),
+      stopHookActive: parsed["stop_hook_active"] === true,
+      raw
+    };
+  } catch {
+    return {
+      sessionId: null,
+      transcriptPath: null,
+      hookEventName: null,
+      stopHookActive: false,
+      raw
+    };
+  }
+}
+function stringOrNull(value) {
+  return typeof value === "string" ? value : null;
+}
+function drainStdinBuffered() {
+  return new Promise((resolve) => {
+    const chunks = [];
+    let total = 0;
+    let overflowed = false;
+    let settled = false;
+    const finish = (value) => {
+      if (settled) return;
+      settled = true;
+      resolve(value);
+    };
+    const onData = (chunk) => {
+      if (overflowed) return;
+      total += chunk.length;
+      if (total > MAX_STDIN_BYTES) {
+        overflowed = true;
+        chunks.length = 0;
+        finish(null);
+        return;
+      }
+      chunks.push(chunk);
+    };
+    process.stdin.on("data", onData);
+    process.stdin.on("end", () => finish(Buffer.concat(chunks).toString("utf8")));
+    process.stdin.on("error", () => finish(Buffer.concat(chunks).toString("utf8")));
+    setTimeout(
+      () => finish(Buffer.concat(chunks).toString("utf8")),
+      IDLE_TIMEOUT_MS
+    );
+  });
+}
+
+export {
+  readHookStdin
+};