npm - limbo-ai - Versions diffs - 1.24.6 → 1.24.8 - Mend

limbo-ai 1.24.6 → 1.24.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md +14 -0
package/package.json +1 -1
package/setup-server/server.js +11 -26
package/test/setup-server.test.js +0 -19

package/README.md CHANGED Viewed

@@ -10,6 +10,20 @@ Limbo is a second brain with a conversational interface. It stores atomic notes
 ---
+## Hardware Requirements
+Limbo runs as a single Docker container (~35 MB RAM at idle). The main resource cost is Docker and the host OS, not Limbo itself.
+| Tier | RAM | vCPU | Disk | Notes |
+|------|-----|------|------|-------|
+| Minimum | 512 MB | 1 | 1 GB | Needs swap configured |
+| Recommended | 1 GB | 1 | 5 GB | Comfortable for Limbo alone |
+| With other services | 2 GB | 1 | 10 GB | Room for reverse proxy, monitoring, etc. |
+> Limbo's container uses ~35 MB at rest and peaks around ~70 MB during cold starts. CPU usage is negligible — short bursts of 5-7% when processing messages.
+---
 ## Quick Start
 Requires [Docker Desktop](https://docs.docker.com/get-docker/) and Node.js 18+.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "limbo-ai",
-  "version": "1.24.6",
+  "version": "1.24.8",
   "description": "Your personal AI memory agent — install and manage Limbo via npx",
   "type": "commonjs",
   "bin": {

package/setup-server/server.js CHANGED Viewed

@@ -229,9 +229,11 @@ function decodeJwtPayload(token) {
   return JSON.parse(Buffer.from(parts[1], 'base64url').toString());
 }
-// ZeroClaw auth-profiles.json — must match the structure used by the CLI
-// (cli.js buildAnthropicAuthProfile / buildCodexAuthProfile).
-// Path: ~/.zeroclaw/agents/main/agent/auth-profiles.json
+// ─── OpenAI Codex auth profiles ──────────────────────────────────────────────
+// OpenAI OAuth tokens expire and need refresh. ZeroClaw reads auth-profiles.json
+// for the refresh token and handles renewal automatically. This is ONLY needed
+// for OpenAI Codex — Anthropic tokens are static and stored as secrets instead.
+const AUTH_PROFILES_FILE = path.join(ZEROCLAW_STATE, 'auth-profiles.json');
 function buildCodexAuthProfile(profile) {
   const profileId = profile.email ? `openai-codex:${profile.email}` : 'openai-codex:default';
@@ -253,26 +255,6 @@ function buildCodexAuthProfile(profile) {
   };
 }
-function buildAnthropicAuthProfile(token) {
-  return {
-    version: 1,
-    profiles: {
-      'anthropic:token': {
-        type: 'token',
-        provider: 'anthropic',
-        token,
-      },
-    },
-    order: { anthropic: ['anthropic:token'] },
-    lastGood: {},
-    usageStats: {},
-  };
-}
-// ZeroClaw resolves auth profiles from the state dir root: ~/.zeroclaw/auth-profiles.json
-// See: ZeroClaw src/auth/profiles.rs — state_dir.join("auth-profiles.json")
-const AUTH_PROFILES_FILE = path.join(ZEROCLAW_STATE, 'auth-profiles.json');
 function writeAuthProfiles(store) {
   fs.mkdirSync(ZEROCLAW_STATE, { recursive: true, mode: 0o700 });
   fs.writeFileSync(AUTH_PROFILES_FILE, JSON.stringify(store, null, 2), { mode: 0o600 });
@@ -557,6 +539,7 @@ async function exchangeOAuthCode(code, verifier, redirectUri) {
 function processOAuthTokens(tokenRes) {
   const jwt = decodeJwtPayload(tokenRes.access_token);
   const authClaim = jwt['https://api.openai.com/auth'] || {};
+  // Write auth profile for ZeroClaw's OAuth refresh flow
   const store = buildCodexAuthProfile({
     access: tokenRes.access_token,
     refresh: tokenRes.refresh_token,
@@ -565,6 +548,8 @@ function processOAuthTokens(tokenRes) {
     email: jwt.email || '',
   });
   writeAuthProfiles(store);
+  // Also write access token as secret for entrypoint to export
+  writeSecretFile('llm_api_key', tokenRes.access_token);
   return { email: jwt.email || '' };
 }
@@ -676,8 +661,9 @@ async function handleAnthropicToken(req, res) {
     return;
   }
-  const store = buildAnthropicAuthProfile(token);
-  writeAuthProfiles(store);
+  // Anthropic tokens are static (no refresh needed) — store as secret
+  writeSecretFile('llm_api_key', token);
+  log('Anthropic token written to secrets/llm_api_key');
   sendJSON(res, 200, { success: true });
 }
@@ -861,7 +847,6 @@ module.exports = {
   buildOAuthUrl,
   decodeJwtPayload,
   buildCodexAuthProfile,
-  buildAnthropicAuthProfile,
   handleRequest,
   _internals: {
     OPENAI_OAUTH,

package/test/setup-server.test.js CHANGED Viewed

@@ -15,7 +15,6 @@ const {
   buildOAuthUrl,
   decodeJwtPayload,
   buildCodexAuthProfile,
-  buildAnthropicAuthProfile,
   handleRequest,
   _internals: { OPENAI_OAUTH },
 } = require('../setup-server/server.js');
@@ -197,24 +196,6 @@ describe('buildCodexAuthProfile', () => {
   });
 });
-describe('buildAnthropicAuthProfile', () => {
-  it('builds correct structure', () => {
-    const result = buildAnthropicAuthProfile('sk-ant-test123');
-    assert.strictEqual(result.version, 1);
-    const pid = 'anthropic:token';
-    assert.ok(result.profiles[pid], 'profile entry exists');
-    assert.strictEqual(result.profiles[pid].provider, 'anthropic');
-    assert.strictEqual(result.profiles[pid].type, 'token');
-    assert.strictEqual(result.profiles[pid].token, 'sk-ant-test123');
-  });
-  it('order includes anthropic key', () => {
-    const result = buildAnthropicAuthProfile('sk-ant-xyz');
-    assert.ok(result.order.anthropic, 'order has anthropic key');
-    assert.deepStrictEqual(result.order.anthropic, ['anthropic:token']);
-  });
-});
 // ─── B. HTTP handler tests ──────────────────────────────────────────────────
 describe('HTTP handler', () => {