libretto 0.6.9 → 0.6.11

package/src/cli/commands/snapshot.ts

@@ -1,8 +1,6 @@
-import { mkdirSync } from "node:fs";
+import { readFileSync, writeFileSync } from "node:fs";
 import { z } from "zod";
 import type { LoggerApi } from "../../shared/logger/index.js";
-import { connect, disconnectBrowser } from "../core/browser.js";
-import { getSessionSnapshotRunDir } from "../core/context.js";
 import { condenseDom } from "../../shared/condense-dom/condense-dom.js";
 import { readSessionState } from "../core/session.js";
 import {
@@ -14,12 +12,9 @@ import { pageOption, sessionOption, withRequiredSession } from "./shared.js";
 import { runApiInterpret } from "../core/api-snapshot-analyzer.js";
 import { readSnapshotModel } from "../core/config.js";
 import { resolveSnapshotApiModelOrThrow } from "../core/ai-model.js";
+import { DaemonClient } from "../core/daemon/index.js";
 
-const FALLBACK_SNAPSHOT_VIEWPORT = { width: 1280, height: 800 } as const;
-
-function generateSnapshotRunId(): string {
-  return `snapshot-${Date.now()}`;
-}
+export const FALLBACK_SNAPSHOT_VIEWPORT = { width: 1280, height: 800 } as const;
 
 type SnapshotViewportMetrics = {
   configuredWidth: number | null;
@@ -28,11 +23,11 @@ type SnapshotViewportMetrics = {
   innerHeight: number | null;
 };
 
-function isZeroViewport(value: number | null): boolean {
+export function isZeroViewport(value: number | null): boolean {
   return typeof value === "number" && value <= 0;
 }
 
-function shouldForceSnapshotViewport(
+export function shouldForceSnapshotViewport(
   metrics: SnapshotViewportMetrics,
 ): boolean {
   return (
@@ -43,14 +38,14 @@ function shouldForceSnapshotViewport(
   );
 }
 
-function isZeroWidthScreenshotError(error: unknown): boolean {
+export function isZeroWidthScreenshotError(error: unknown): boolean {
   return (
     error instanceof Error &&
     error.message.includes("Cannot take screenshot with 0 width")
   );
 }
 
-async function readSnapshotViewportMetrics(page: {
+export async function readSnapshotViewportMetrics(page: {
   viewportSize(): { width: number; height: number } | null;
   evaluate<T>(pageFunction: () => T | Promise<T>): Promise<T>;
 }): Promise<SnapshotViewportMetrics> {
@@ -75,7 +70,7 @@ async function readSnapshotViewportMetrics(page: {
   };
 }
 
-function resolveSnapshotViewport(
+export function resolveSnapshotViewport(
   session: string,
   logger: LoggerApi,
 ): { width: number; height: number } {
@@ -95,7 +90,7 @@ function resolveSnapshotViewport(
   return FALLBACK_SNAPSHOT_VIEWPORT;
 }
 
-async function forceSnapshotViewport(
+export async function forceSnapshotViewport(
   page: {
     setViewportSize(size: { width: number; height: number }): Promise<void>;
   },
@@ -114,136 +109,39 @@ async function forceSnapshotViewport(
   });
 }
 
-async function captureScreenshot(
+async function captureSnapshot(
   session: string,
   logger: LoggerApi,
+  daemonSocketPath: string,
   pageId?: string,
 ): Promise<ScreenshotPair> {
-  logger.info("screenshot-start", { session, pageId });
-  const snapshotRunId = generateSnapshotRunId();
-  const snapshotRunDir = getSessionSnapshotRunDir(session, snapshotRunId);
-  mkdirSync(snapshotRunDir, { recursive: true });
-  const { browser, page } = await connect(session, logger, 10000, {
-    pageId,
-    requireSinglePage: true,
+  logger.info("snapshot-via-daemon", { session, pageId });
+  const client = new DaemonClient(daemonSocketPath);
+  const { pngPath, htmlPath, snapshotRunId, pageUrl, title } =
+    await client.snapshot({ pageId });
+
+  // condenseDom runs in the CLI process, not the daemon.
+  const htmlContent = readFileSync(htmlPath, "utf8");
+  const condenseResult = condenseDom(htmlContent);
+  const condensedHtmlPath = htmlPath.replace(/\.html$/, ".condensed.html");
+  writeFileSync(condensedHtmlPath, condenseResult.html);
+
+  logger.info("snapshot-daemon-success", {
+    session,
+    pageUrl,
+    title,
+    pngPath,
+    htmlPath,
+    condensedHtmlPath,
+    snapshotRunId,
+    domCondenseStats: {
+      originalLength: condenseResult.originalLength,
+      condensedLength: condenseResult.condensedLength,
+      reductions: condenseResult.reductions,
+    },
   });
 
-  try {
-    let title: string | null = null;
-    try {
-      title = await page.title();
-    } catch (error) {
-      logger.warn("screenshot-title-read-failed", {
-        session,
-        pageId,
-        error,
-      });
-    }
-
-    let pageUrl: string | null = null;
-    try {
-      pageUrl = page.url();
-    } catch (error) {
-      logger.warn("screenshot-url-read-failed", {
-        session,
-        pageId,
-        error,
-      });
-    }
-
-    const pngPath = `${snapshotRunDir}/page.png`;
-    const htmlPath = `${snapshotRunDir}/page.html`;
-    const condensedHtmlPath = `${snapshotRunDir}/page.condensed.html`;
-
-    const RENDER_SETTLE_TIMEOUT_MS = 10_000;
-    await Promise.race([
-      page.waitForLoadState("networkidle").catch(() => {}),
-      new Promise((resolve) => setTimeout(resolve, RENDER_SETTLE_TIMEOUT_MS)),
-    ]);
-
-    const restoreViewport = resolveSnapshotViewport(session, logger);
-    const viewportMetrics = await readSnapshotViewportMetrics(page);
-    logger.info("screenshot-viewport-metrics", {
-      session,
-      pageId,
-      restoreViewport,
-      ...viewportMetrics,
-    });
-    await forceSnapshotViewport(
-      page,
-      restoreViewport,
-      logger,
-      session,
-      pageId,
-      shouldForceSnapshotViewport(viewportMetrics)
-        ? "preflight-invalid-viewport"
-        : "preflight-normalize-viewport",
-    );
-
-    try {
-      await page.screenshot({ path: pngPath });
-    } catch (error) {
-      if (!isZeroWidthScreenshotError(error)) {
-        throw error;
-      }
-      await forceSnapshotViewport(
-        page,
-        restoreViewport,
-        logger,
-        session,
-        pageId,
-        "retry-after-zero-width-screenshot-error",
-      );
-      await page.screenshot({ path: pngPath });
-    }
-
-    const htmlContent = await page.content();
-    const fs = await import("node:fs/promises");
-    await fs.writeFile(htmlPath, htmlContent);
-
-    // Write condensed DOM
-    const condenseResult = condenseDom(htmlContent);
-    await fs.writeFile(condensedHtmlPath, condenseResult.html);
-
-    logger.info("screenshot-success", {
-      session,
-      pageUrl,
-      title,
-      pngPath,
-      htmlPath,
-      condensedHtmlPath,
-      snapshotRunId,
-      domCondenseStats: {
-        originalLength: condenseResult.originalLength,
-        condensedLength: condenseResult.condensedLength,
-        reductions: condenseResult.reductions,
-      },
-    });
-    return { pngPath, htmlPath, condensedHtmlPath, baseName: snapshotRunId };
-  } catch (err) {
-    let pageAlive = false;
-    let browserConnected = false;
-    try {
-      browserConnected = browser.isConnected();
-      pageAlive = !page.isClosed();
-    } catch {}
-    logger.error("screenshot-error", {
-      error: err,
-      session,
-      pageAlive,
-      browserConnected,
-      pageUrl: (() => {
-        try {
-          return page.url();
-        } catch {
-          return null;
-        }
-      })(),
-    });
-    throw err;
-  } finally {
-    disconnectBrowser(browser, logger, session);
-  }
+  return { pngPath, htmlPath, condensedHtmlPath, baseName: snapshotRunId };
 }
 
 async function runSnapshot(
@@ -259,11 +157,16 @@ async function runSnapshot(
   const snapshotModel = readSnapshotModel();
   resolveSnapshotApiModelOrThrow(snapshotModel);
 
-  const { pngPath, htmlPath, condensedHtmlPath } = await captureScreenshot(
-    session,
-    logger,
-    pageId,
-  );
+  const state = readSessionState(session, logger);
+  if (!state?.daemonSocketPath) {
+    throw new Error(
+      `Session "${session}" has no daemon socket. The browser daemon may have crashed. ` +
+        `Close and reopen the session: libretto close --session ${session}`,
+    );
+  }
+
+  const { pngPath, htmlPath, condensedHtmlPath } =
+    await captureSnapshot(session, logger, state.daemonSocketPath, pageId);
 
   console.log("Screenshot saved:");
   console.log(`  PNG:             ${pngPath}`);

package/src/cli/core/ai-model.ts

@@ -5,7 +5,6 @@ import {
   parseModel,
   type Provider,
 } from "./resolve-model.js";
-import { loadEnv } from "../../shared/env/load-env.js";
 
 // Re-export so existing consumers (e.g. tests) don't break.
 export { parseDotEnvAssignment } from "../../shared/env/load-env.js";
@@ -148,6 +147,10 @@ function inferAutoSnapshotModel(): SnapshotApiModelSelection | null {
 /**
  * Resolve which API model to use for snapshot analysis.
  *
+ * Environment variables are loaded by the CLI entrypoint (`runLibrettoCLI` in
+ * `cli.ts`) before this resolver runs. Keep dotenv loading centralized there so
+ * model resolution and browser provider resolution share the same env setup.
+ *
  * Priority:
  * 1. snapshotModel from .libretto/config.json (set via `ai configure`)
  * 2. Auto-detect from available API credentials in env
@@ -155,8 +158,6 @@ function inferAutoSnapshotModel(): SnapshotApiModelSelection | null {
 export function resolveSnapshotApiModel(
   snapshotModel: string | null = readSnapshotModel(),
 ): SnapshotApiModelSelection | null {
-  loadEnv();
-
   if (snapshotModel) {
     const { provider } = parseModel(snapshotModel);
     return {
@@ -246,8 +247,6 @@ function readSnapshotModelSafely(
 export function resolveAiSetupStatus(
   configPath: string = LIBRETTO_CONFIG_PATH,
 ): AiSetupStatus {
-  loadEnv();
-
   const result = readSnapshotModelSafely(configPath);
 
   if (!result.ok) {

package/src/cli/core/auth-fetch.ts

@@ -0,0 +1,283 @@
+/**
+ * HTTP helpers used by the auth CLI commands.
+ *
+ * - `authFetch` picks the best available credential (env api-key > stored
+ *   api-key > stored cookie) and attaches it to the outgoing request.
+ * - `orpcCall` wraps the JSON shape used by the api's RPCHandler at /v1/*
+ *   (input is `{ json: ... }`, output unwraps `body.json`).
+ *
+ * The helpers don't know about specific endpoints — callers pass paths.
+ */
+
+import { readAuthState, writeAuthState, type AuthState } from "./auth-storage.js";
+
+export const HOSTED_API_URL = "https://api.libretto.sh";
+
+/**
+ * Shared "you have no usable credential" message. Pointed at the two
+ * recovery paths so users don't have to remember which mechanism does what.
+ */
+export const NOT_AUTHENTICATED_MESSAGE = [
+  "Not authenticated.",
+  "  • Cookie expired or never set: run `libretto experimental auth login` to refresh it.",
+  "  • Or set LIBRETTO_API_KEY in your .env (issue one with `libretto experimental auth api-key issue --label <label>` after logging in).",
+].join("\n");
+
+export type CredentialSource = "env-api-key" | "cookie" | "none";
+
+export type CredentialChoice = {
+  source: CredentialSource;
+  apiKey?: string;
+  cookie?: string;
+};
+
+export function pickCredential(state: AuthState | null): CredentialChoice {
+  const envKey = process.env.LIBRETTO_API_KEY?.trim();
+  if (envKey) return { source: "env-api-key", apiKey: envKey };
+  if (state?.session?.cookie) {
+    return { source: "cookie", cookie: state.session.cookie };
+  }
+  return { source: "none" };
+}
+
+export function resolveApiUrl(_state: AuthState | null): string {
+  return HOSTED_API_URL;
+}
+
+type FetchOptions = {
+  apiUrl: string;
+  method?: "GET" | "POST" | "PUT" | "DELETE";
+  path: string;
+  body?: unknown;
+  /** Override the credential picked from auth state. */
+  credential?: CredentialChoice;
+  /** Skip credential injection entirely (used for sign-up / login). */
+  unauthenticated?: boolean;
+};
+
+export async function authFetch(options: FetchOptions): Promise<Response> {
+  const headers: Record<string, string> = {
+    "Content-Type": "application/json",
+    // Better Auth's CSRF middleware rejects state-changing requests
+    // ("/api/auth/*" POSTs like api-key/create, organization/invite-member,
+    // sign-in/email, etc.) when there's no Origin header. Browsers send
+    // this automatically; node:fetch does not. Sending the apiUrl as the
+    // Origin matches Better Auth's trustedOrigins default (which includes
+    // baseURL), so the check passes for our own service.
+    Origin: options.apiUrl,
+  };
+
+  if (!options.unauthenticated) {
+    const credential = options.credential ?? pickCredential(await readAuthState());
+    if (credential.source === "env-api-key") {
+      headers["x-api-key"] = credential.apiKey!;
+    } else if (credential.source === "cookie") {
+      headers["cookie"] = credential.cookie!;
+    } else {
+      throw new Error(NOT_AUTHENTICATED_MESSAGE);
+    }
+  }
+
+  const response = await fetch(`${options.apiUrl}${options.path}`, {
+    method: options.method ?? "POST",
+    headers,
+    body: options.body !== undefined ? JSON.stringify(options.body) : undefined,
+  });
+
+  return response;
+}
+
+/**
+ * Error thrown by `orpcCall` / `betterAuthCall` for non-2xx responses.
+ *
+ * Carries the HTTP status, the ORPC-serialized error code (e.g. "CONFLICT",
+ * "BAD_REQUEST"), and the optional `data` payload that the server attaches
+ * (e.g. `{ reason: "slug_taken" }`). Callers can branch on these without
+ * relying on message-text matching.
+ */
+export class ApiCallError extends Error {
+  readonly status: number;
+  readonly code: string | null;
+  readonly data: unknown;
+  readonly path: string;
+  constructor(opts: {
+    message: string;
+    status: number;
+    code: string | null;
+    data: unknown;
+    path: string;
+  }) {
+    super(opts.message);
+    this.name = "ApiCallError";
+    this.status = opts.status;
+    this.code = opts.code;
+    this.data = opts.data;
+    this.path = opts.path;
+  }
+}
+
+export async function orpcCall<TResult>(opts: {
+  apiUrl: string;
+  path: string;
+  input?: Record<string, unknown>;
+  unauthenticated?: boolean;
+  credential?: CredentialChoice;
+}): Promise<TResult> {
+  const response = await authFetch({
+    apiUrl: opts.apiUrl,
+    method: "POST",
+    path: opts.path,
+    body: { json: opts.input ?? {} },
+    unauthenticated: opts.unauthenticated,
+    credential: opts.credential,
+  });
+
+  const text = await response.text();
+  let parsed: unknown;
+  try {
+    parsed = text.length === 0 ? {} : JSON.parse(text);
+  } catch {
+    throw new ApiCallError({
+      message: `Unexpected non-JSON response from ${opts.path} (${response.status}): ${text.slice(0, 200)}`,
+      status: response.status,
+      code: null,
+      data: null,
+      path: opts.path,
+    });
+  }
+
+  if (!response.ok) {
+    const message = extractErrorMessage(parsed) ?? `${opts.path} failed (${response.status})`;
+    throw new ApiCallError({
+      message,
+      status: response.status,
+      code: extractErrorCode(parsed),
+      data: extractErrorData(parsed),
+      path: opts.path,
+    });
+  }
+
+  const json = (parsed as { json?: unknown }).json;
+  if (json === undefined) {
+    return parsed as TResult;
+  }
+  return json as TResult;
+}
+
+/**
+ * Better Auth endpoints at /api/auth/* return plain JSON (not ORPC-wrapped).
+ * They also set `Set-Cookie` on sign-in. This helper exposes both.
+ */
+export async function betterAuthCall<TResult>(opts: {
+  apiUrl: string;
+  path: string;
+  method?: "GET" | "POST";
+  input?: unknown;
+  unauthenticated?: boolean;
+  credential?: CredentialChoice;
+}): Promise<{ data: TResult; setCookie: string[] }> {
+  const response = await authFetch({
+    apiUrl: opts.apiUrl,
+    method: opts.method ?? "POST",
+    path: opts.path,
+    body: opts.input,
+    unauthenticated: opts.unauthenticated,
+    credential: opts.credential,
+  });
+
+  const text = await response.text();
+  let parsed: unknown;
+  try {
+    parsed = text.length === 0 ? {} : JSON.parse(text);
+  } catch {
+    throw new Error(
+      `Unexpected non-JSON response from ${opts.path} (${response.status}): ${text.slice(0, 200)}`,
+    );
+  }
+
+  if (!response.ok) {
+    const message = extractErrorMessage(parsed) ?? `${opts.path} failed (${response.status})`;
+    throw new ApiCallError({
+      message,
+      status: response.status,
+      code: extractErrorCode(parsed),
+      data: extractErrorData(parsed),
+      path: opts.path,
+    });
+  }
+
+  const setCookie = readSetCookies(response);
+  return { data: parsed as TResult, setCookie };
+}
+
+function readSetCookies(response: Response): string[] {
+  const headers = response.headers as Headers & {
+    getSetCookie?: () => string[];
+  };
+  if (typeof headers.getSetCookie === "function") {
+    return headers.getSetCookie();
+  }
+  const single = response.headers.get("set-cookie");
+  return single ? [single] : [];
+}
+
+function extractErrorMessage(body: unknown): string | null {
+  if (!body || typeof body !== "object") return null;
+  const record = body as Record<string, unknown>;
+  if (typeof record.message === "string") return record.message;
+  if (
+    record.json &&
+    typeof record.json === "object" &&
+    typeof (record.json as Record<string, unknown>).message === "string"
+  ) {
+    return (record.json as Record<string, string>).message;
+  }
+  if (record.error && typeof record.error === "object") {
+    const errMsg = (record.error as Record<string, unknown>).message;
+    if (typeof errMsg === "string") return errMsg;
+  }
+  return null;
+}
+
+function extractErrorCode(body: unknown): string | null {
+  if (!body || typeof body !== "object") return null;
+  const record = body as Record<string, unknown>;
+  if (typeof record.code === "string") return record.code;
+  if (
+    record.json &&
+    typeof record.json === "object" &&
+    typeof (record.json as Record<string, unknown>).code === "string"
+  ) {
+    return (record.json as Record<string, string>).code;
+  }
+  if (record.error && typeof record.error === "object") {
+    const code = (record.error as Record<string, unknown>).code;
+    if (typeof code === "string") return code;
+  }
+  return null;
+}
+
+function extractErrorData(body: unknown): unknown {
+  if (!body || typeof body !== "object") return null;
+  const record = body as Record<string, unknown>;
+  if (record.data !== undefined) return record.data;
+  if (record.json && typeof record.json === "object") {
+    const inner = (record.json as Record<string, unknown>).data;
+    if (inner !== undefined) return inner;
+  }
+  if (record.error && typeof record.error === "object") {
+    const inner = (record.error as Record<string, unknown>).data;
+    if (inner !== undefined) return inner;
+  }
+  return null;
+}
+
+export async function ensureAuthState(apiUrl: string): Promise<AuthState> {
+  const existing = await readAuthState();
+  if (existing && existing.apiUrl === apiUrl) return existing;
+  const next: AuthState = existing
+    ? { ...existing, apiUrl }
+    : { apiUrl, session: null };
+  await writeAuthState(next);
+  return next;
+}

package/src/cli/core/auth-storage.ts

@@ -0,0 +1,102 @@
+/**
+ * Read/write the libretto CLI auth state at ~/.libretto/auth.json.
+ *
+ * Stores only the interactive CLI session — the cookie returned by sign-up
+ * or login. API keys are never persisted here; users put `LIBRETTO_API_KEY`
+ * in their `.env` (matching the existing convention used for
+ * BROWSERBASE_API_KEY / KERNEL_API_KEY).
+ *
+ * Notably, the active org id is NOT cached here. The server is the source
+ * of truth (api-key metadata.tenantId is server-overridden, and CLI
+ * commands that need the org id resolve it via /organization/list).
+ *
+ * Lookup order for credentials when making API requests:
+ *   1. process.env.LIBRETTO_API_KEY  (explicit override; CI-friendly)
+ *   2. authState.session.cookie      (from sign-up or login response)
+ *
+ * File is mode 0600 — only the current user can read it.
+ */
+
+import { promises as fs } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+export type StoredSession = {
+  /**
+   * The full Cookie request-header value to replay on subsequent
+   * /api/auth/* calls. Built from the Set-Cookie values returned by sign-up /
+   * login by stripping attributes (Path, HttpOnly, etc) and joining the
+   * `name=value` pairs with "; ".
+   */
+  cookie: string;
+  userId: string;
+  email: string;
+  /** ISO-8601 expiry of the underlying session row, if known. */
+  expiresAt: string | null;
+};
+
+export type AuthState = {
+  /** The hosted-platform base URL the credentials are valid for. */
+  apiUrl: string;
+  session: StoredSession | null;
+};
+
+const FILE_NAME = "auth.json";
+
+function authDir(): string {
+  return join(homedir(), ".libretto");
+}
+
+function authPath(): string {
+  return join(authDir(), FILE_NAME);
+}
+
+export async function readAuthState(): Promise<AuthState | null> {
+  try {
+    const raw = await fs.readFile(authPath(), "utf8");
+    const parsed = JSON.parse(raw) as Partial<AuthState>;
+    if (!parsed.apiUrl || typeof parsed.apiUrl !== "string") return null;
+    return {
+      apiUrl: parsed.apiUrl,
+      session: parsed.session ?? null,
+    };
+  } catch (error) {
+    if ((error as NodeJS.ErrnoException).code === "ENOENT") return null;
+    throw error;
+  }
+}
+
+export async function writeAuthState(state: AuthState): Promise<void> {
+  await fs.mkdir(authDir(), { recursive: true, mode: 0o700 });
+  const payload = JSON.stringify(state, null, 2);
+  // Write through a temp file + rename so a partial write can never corrupt
+  // the credentials file.
+  const target = authPath();
+  const tmp = `${target}.tmp`;
+  await fs.writeFile(tmp, payload, { mode: 0o600 });
+  await fs.rename(tmp, target);
+}
+
+export async function clearAuthState(): Promise<void> {
+  try {
+    await fs.unlink(authPath());
+  } catch (error) {
+    if ((error as NodeJS.ErrnoException).code !== "ENOENT") throw error;
+  }
+}
+
+/**
+ * Convert the array of Set-Cookie headers returned by Better Auth into a
+ * single `Cookie:` request-header value. Drops attributes like Path,
+ * HttpOnly, Max-Age — only the `name=value` pair survives.
+ */
+export function setCookieToCookieHeader(setCookie: readonly string[]): string {
+  return setCookie
+    .map((entry) => entry.split(";")[0]?.trim())
+    .filter((pair): pair is string => Boolean(pair && pair.includes("=")))
+    .join("; ");
+}
+
+export function authStatePath(): string {
+  return authPath();
+}