llm-cli-gateway 1.1.0 → 1.5.4

package/dist/async-job-manager.js

@@ -3,9 +3,27 @@ import { randomUUID } from "crypto";
 import { getExtendedPath, killProcessGroup, registerProcessGroup, unregisterProcessGroup, } from "./executor.js";
 import { noopLogger } from "./logger.js";
 import { ProcessMonitor } from "./process-monitor.js";
+import { computeRequestKey } from "./job-store.js";
 const MAX_OUTPUT_SIZE = 50 * 1024 * 1024;
-const JOB_TTL_MS = 60 * 60 * 1000; // 1 hour
+const JOB_TTL_MS = 60 * 60 * 1000; // 1 hour in-memory retention; durable store has its own (longer) retention
 const EVICTION_INTERVAL_MS = 5 * 60 * 1000; // Check every 5 minutes
+const OUTPUT_FLUSH_INTERVAL_MS = 1000; // Throttle DB writes for streaming stdout/stderr
+/**
+ * U22 fix: deterministic canonicalisation of an env-var map for the dedup key.
+ * Returns "" when env is undefined or empty (preserves dedup key continuity for
+ * pre-U22 callers that pass no env).
+ */
+function canonicaliseEnvForKey(env) {
+    if (!env)
+        return "";
+    const entries = Object.entries(env)
+        .filter(([, v]) => v !== undefined && v !== null)
+        .map(([k, v]) => [k, String(v)]);
+    if (entries.length === 0)
+        return "";
+    entries.sort((a, b) => (a[0] < b[0] ? -1 : a[0] > b[0] ? 1 : 0));
+    return JSON.stringify(entries);
+}
 function truncateText(value, maxChars) {
     if (value.length <= maxChars) {
         return { text: value, truncated: false };
@@ -21,10 +39,23 @@ export class AsyncJobManager {
     jobs = new Map();
     evictionTimer = null;
     processMonitor;
-    constructor(logger = noopLogger, onJobComplete) {
+    store;
+    constructor(logger = noopLogger, onJobComplete, store = null) {
         this.logger = logger;
         this.onJobComplete = onJobComplete;
         this.processMonitor = new ProcessMonitor(logger);
+        this.store = store;
+        if (this.store) {
+            try {
+                const orphaned = this.store.markOrphanedOnStartup();
+                if (orphaned > 0) {
+                    this.logger.info(`Marked ${orphaned} in-flight job(s) as orphaned after gateway restart`);
+                }
+            }
+            catch (err) {
+                this.logger.error("markOrphanedOnStartup failed", err);
+            }
+        }
         this.evictionTimer = setInterval(() => this.evictCompletedJobs(), EVICTION_INTERVAL_MS);
         // Allow the process to exit even if the timer is active
         if (this.evictionTimer.unref) {
@@ -52,7 +83,7 @@ export class AsyncJobManager {
         let evicted = 0;
         // Dead process auto-recovery: check for running jobs whose process no longer exists
         for (const [id, job] of this.jobs) {
-            if (job.status === "running" && job.process.pid) {
+            if (job.status === "running" && job.process && job.process.pid) {
                 try {
                     process.kill(job.process.pid, 0);
                 }
@@ -66,6 +97,8 @@ export class AsyncJobManager {
                         unregisterProcessGroup(job.process.pid);
                         this.logger.error(`Job ${id} process ${job.process.pid} no longer exists, marking as failed`);
                         this.emitMetrics(job);
+                        this.persistComplete(job);
+                        this.fireOnComplete(job);
                     }
                     // EPERM: process exists but we can't signal it — ignore
                 }
@@ -75,10 +108,12 @@ export class AsyncJobManager {
                 job.status = "failed";
                 job.error = "Process exited without proper status transition";
                 job.finishedAt = job.finishedAt || new Date().toISOString();
-                if (job.process.pid)
+                if (job.process && job.process.pid)
                     unregisterProcessGroup(job.process.pid);
                 this.logger.error(`Job ${id} has exited flag but was still in running state, marking as failed`);
                 this.emitMetrics(job);
+                this.persistComplete(job);
+                this.fireOnComplete(job);
             }
         }
         for (const [id, job] of this.jobs) {
@@ -91,17 +126,220 @@ export class AsyncJobManager {
             }
         }
         if (evicted > 0) {
-            this.logger.debug(`Evicted ${evicted} completed jobs`);
+            this.logger.debug(`Evicted ${evicted} completed jobs from memory (durable store retains them)`);
+        }
+        // Sweep the durable store, too. Errors are non-fatal — the job rows just stay until next sweep.
+        if (this.store) {
+            try {
+                const removed = this.store.evictExpired();
+                if (removed > 0) {
+                    this.logger.debug(`Evicted ${removed} expired jobs from durable store`);
+                }
+            }
+            catch (err) {
+                this.logger.error("durable store eviction failed", err);
+            }
+        }
+    }
+    /**
+     * Compute the dedup key for a job. Stable across re-issues of the same request,
+     * which is exactly what allows agents to safely retry without restarting the run.
+     *
+     * U22 fix: env vars participate in the key via a deterministic canonicalisation
+     * (sorted keys → JSON-stringified). This prevents two Mistral requests with the
+     * same argv but different `VIBE_ACTIVE_MODEL` from deduping onto each other.
+     */
+    buildRequestKey(cli, args, env) {
+        return computeRequestKey(cli, args, canonicaliseEnvForKey(env));
+    }
+    fireOnComplete(job) {
+        if (job.onCompleteFired)
+            return;
+        if (!job.onComplete)
+            return;
+        job.onCompleteFired = true;
+        try {
+            job.onComplete();
+        }
+        catch (err) {
+            this.logger.error(`Job ${job.id} onComplete hook threw`, err);
+        }
+    }
+    safeStoreCall(label, fn) {
+        if (!this.store)
+            return;
+        try {
+            fn();
+        }
+        catch (err) {
+            this.logger.error(`JobStore.${label} failed`, err);
+        }
+    }
+    /**
+     * Flush in-memory stdout/stderr to the durable store if anything changed
+     * since the last flush. Throttled by OUTPUT_FLUSH_INTERVAL_MS to avoid
+     * pounding sqlite on every chunk of streaming output.
+     */
+    maybeFlushOutput(job, force = false) {
+        if (!this.store)
+            return;
+        if (!job.outputDirty)
+            return;
+        const now = Date.now();
+        if (!force && now - job.lastOutputFlushAt < OUTPUT_FLUSH_INTERVAL_MS)
+            return;
+        job.outputDirty = false;
+        job.lastOutputFlushAt = now;
+        this.safeStoreCall("recordOutput", () => this.store.recordOutput(job.id, job.stdout, job.stderr, job.outputTruncated));
+    }
+    persistComplete(job) {
+        if (!this.store)
+            return;
+        if (job.status === "running")
+            return;
+        if (!job.finishedAt)
+            return;
+        // Make sure the latest output is captured in the same row update.
+        job.outputDirty = false;
+        this.safeStoreCall("recordComplete", () => this.store.recordComplete({
+            id: job.id,
+            status: job.status === "running" ? "failed" : job.status,
+            exitCode: job.exitCode,
+            stdout: job.stdout,
+            stderr: job.stderr,
+            outputTruncated: job.outputTruncated,
+            error: job.error,
+            finishedAt: job.finishedAt,
+        }));
+    }
+    /**
+     * Reconstitute an in-memory AsyncJobRecord from a durable row, so subsequent
+     * getJobSnapshot/getJobResult calls hit the in-memory cache.
+     * The reconstituted record has process=null — it represents historical data only.
+     */
+    hydrateFromStore(jobId) {
+        if (!this.store)
+            return null;
+        let row;
+        try {
+            row = this.store.getById(jobId);
+        }
+        catch (err) {
+            this.logger.error("JobStore.getById failed", err);
+            return null;
         }
+        if (!row)
+            return null;
+        const args = (() => {
+            try {
+                const parsed = JSON.parse(row.argsJson);
+                return Array.isArray(parsed) ? parsed.map(String) : [];
+            }
+            catch {
+                return [];
+            }
+        })();
+        const reconstituted = {
+            id: row.id,
+            cli: row.cli,
+            args,
+            requestKey: row.requestKey,
+            correlationId: row.correlationId,
+            status: row.status,
+            startedAt: row.startedAt,
+            finishedAt: row.finishedAt,
+            exitCode: row.exitCode,
+            stdout: row.stdout,
+            stderr: row.stderr,
+            outputTruncated: row.outputTruncated,
+            canceled: row.status === "canceled",
+            error: row.error,
+            process: null,
+            exited: row.status !== "running",
+            metricsRecorded: true,
+            outputFormat: row.outputFormat ?? undefined,
+            outputDirty: false,
+            lastOutputFlushAt: Date.now(),
+        };
+        this.jobs.set(jobId, reconstituted);
+        return reconstituted;
     }
-    startJob(cli, args, correlationId, cwd, idleTimeoutMs, outputFormat) {
+    /**
+     * Backwards-compatible entry point. Equivalent to startJobWithDedup({...}).snapshot.
+     * Existing callers keep working unchanged; forceRefresh is exposed as a trailing
+     * optional param for the dedup-aware path.
+     */
+    startJob(cli, args, correlationId, cwd, idleTimeoutMs, outputFormat, forceRefresh, env, onComplete) {
+        return this.startJobWithDedup(cli, args, correlationId, {
+            cwd,
+            idleTimeoutMs,
+            outputFormat,
+            forceRefresh,
+            env,
+            onComplete,
+        }).snapshot;
+    }
+    /**
+     * Start a job, with optional dedup against recent identical requests.
+     * Returns `{ snapshot, deduped }` so callers can log/report the short-circuit.
+     *
+     * Dedup is keyed on (cli, args). If a job with the same key was started within
+     * the dedup window (default 1h) and is still running or completed, its snapshot
+     * is returned without spawning a new process. forceRefresh skips dedup entirely.
+     */
+    startJobWithDedup(cli, args, correlationId, opts = {}) {
+        const { cwd, idleTimeoutMs, outputFormat, forceRefresh, env: extraEnv, onComplete } = opts;
+        const requestKey = this.buildRequestKey(cli, args, extraEnv);
+        if (!forceRefresh && this.store) {
+            try {
+                const existing = this.store.findByRequestKey(requestKey);
+                if (existing) {
+                    // Prefer the in-memory record if we still have it (live process, idle timers, etc).
+                    let record = this.jobs.get(existing.id);
+                    if (!record) {
+                        record = this.hydrateFromStore(existing.id) ?? undefined;
+                    }
+                    if (record) {
+                        this.logger.info(`Job ${existing.id} reused via dedup for ${cli}`, {
+                            correlationId,
+                            originalCorrelationId: record.correlationId,
+                            status: record.status,
+                        });
+                        // U26 fix: the caller's per-request resources (e.g. outputSchema temp
+                        // file) are NOT consumed by the deduped job, which reuses its own
+                        // original resources. Release the new request's cleanup immediately
+                        // to avoid an orphaned temp file. The original job's onComplete (if
+                        // any) remains attached to that original job record.
+                        if (onComplete) {
+                            try {
+                                onComplete();
+                            }
+                            catch (err) {
+                                this.logger.error("dedup onComplete cleanup threw", err);
+                            }
+                        }
+                        return {
+                            snapshot: this.snapshot(record),
+                            deduped: true,
+                            originalCorrelationId: record.correlationId,
+                        };
+                    }
+                }
+            }
+            catch (err) {
+                this.logger.error("dedup lookup failed; proceeding with fresh run", err);
+            }
+        }
         const id = randomUUID();
         const startedAt = new Date().toISOString();
-        const child = spawn(cli, args, {
+        // Mistral Vibe ships as the `vibe` binary; the gateway uses `mistral` as the
+        // provider key but spawns `vibe` on the shell.
+        const command = cli === "mistral" ? "vibe" : cli;
+        const child = spawn(command, args, {
             cwd,
             detached: true,
             stdio: ["ignore", "pipe", "pipe"],
-            env: { ...process.env, PATH: getExtendedPath() },
+            env: { ...process.env, PATH: getExtendedPath(), ...(extraEnv ?? {}) },
         });
         if (child.pid)
             registerProcessGroup(child.pid);
@@ -119,6 +357,7 @@ export class AsyncJobManager {
             id,
             cli,
             args: [...args],
+            requestKey,
             correlationId,
             status: "running",
             startedAt,
@@ -134,8 +373,22 @@ export class AsyncJobManager {
             metricsRecorded: false,
             outputFormat,
             cleanupGroup,
+            onComplete,
+            onCompleteFired: false,
+            outputDirty: false,
+            lastOutputFlushAt: Date.now(),
         };
         this.jobs.set(id, job);
+        this.safeStoreCall("recordStart", () => this.store.recordStart({
+            id,
+            correlationId,
+            requestKey,
+            cli,
+            args: [...args],
+            outputFormat,
+            startedAt,
+            pid: child.pid ?? null,
+        }));
         this.logger.info(`Job ${id} started for ${cli}`, { correlationId });
         // Idle timeout: kill process if no output activity for idleTimeoutMs
         let idleTimerId;
@@ -151,13 +404,16 @@ export class AsyncJobManager {
                 job.exitCode = 125;
                 job.error = `Process killed after ${idleTimeoutMs}ms of inactivity`;
                 job.finishedAt = new Date().toISOString();
-                killProcessGroup(job.process, "SIGTERM");
+                if (job.process)
+                    killProcessGroup(job.process, "SIGTERM");
                 this.logger.info(`Job ${id} killed due to inactivity (${idleTimeoutMs}ms)`, {
                     correlationId,
                 });
                 this.emitMetrics(job);
+                this.persistComplete(job);
+                this.fireOnComplete(job);
                 setTimeout(() => {
-                    if (!job.exited)
+                    if (!job.exited && job.process)
                         killProcessGroup(job.process, "SIGKILL");
                     job.cleanupGroup?.();
                 }, 5000);
@@ -185,6 +441,8 @@ export class AsyncJobManager {
                 job.finishedAt = new Date().toISOString();
                 this.logger.error(`Job ${id} error: ${error.message}`, { correlationId });
                 this.emitMetrics(job);
+                this.persistComplete(job);
+                this.fireOnComplete(job);
             }
         });
         child.on("close", (code) => {
@@ -199,6 +457,9 @@ export class AsyncJobManager {
                 if (!job.finishedAt) {
                     job.finishedAt = new Date().toISOString();
                 }
+                // Ensure terminal state reaches the durable store (idle-timeout/output-overflow already persisted).
+                this.persistComplete(job);
+                this.fireOnComplete(job);
                 return;
             }
             job.exitCode = code ?? 0;
@@ -213,20 +474,29 @@ export class AsyncJobManager {
                 job.status = "failed";
             }
             this.emitMetrics(job);
+            this.persistComplete(job);
+            this.fireOnComplete(job);
         });
-        return this.snapshot(job);
+        return { snapshot: this.snapshot(job), deduped: false };
     }
     getJobSnapshot(jobId) {
-        const job = this.jobs.get(jobId);
+        let job = this.jobs.get(jobId);
         if (!job) {
-            return null;
+            job = this.hydrateFromStore(jobId) ?? undefined;
+            if (!job)
+                return null;
         }
         return this.snapshot(job);
     }
+    getJobSnapshots(jobIds) {
+        return Object.fromEntries(jobIds.map(jobId => [jobId, this.getJobSnapshot(jobId)]));
+    }
     getJobResult(jobId, maxChars = 200000) {
-        const job = this.jobs.get(jobId);
+        let job = this.jobs.get(jobId);
         if (!job) {
-            return null;
+            job = this.hydrateFromStore(jobId) ?? undefined;
+            if (!job)
+                return null;
         }
         const stdout = truncateText(job.stdout, maxChars);
         const stderr = truncateText(job.stderr, maxChars);
@@ -246,14 +516,23 @@ export class AsyncJobManager {
         if (job.status !== "running") {
             return { canceled: false, reason: `Job is already ${job.status}` };
         }
+        // Reconstituted (orphaned) jobs have no live process to signal — refuse cancel.
+        if (!job.process) {
+            return {
+                canceled: false,
+                reason: "Job has no live process (orphaned from prior gateway run)",
+            };
+        }
         job.canceled = true;
         job.status = "canceled";
         job.finishedAt = new Date().toISOString();
         job.clearIdleTimer?.();
         killProcessGroup(job.process, "SIGTERM");
         this.logger.info(`Job ${jobId} canceled`, { correlationId: job.correlationId });
+        this.persistComplete(job);
+        this.fireOnComplete(job);
         setTimeout(() => {
-            if (!job.exited)
+            if (!job.exited && job.process)
                 killProcessGroup(job.process, "SIGKILL");
             job.cleanupGroup?.();
         }, 5000);
@@ -267,7 +546,7 @@ export class AsyncJobManager {
                     jobId: id,
                     cli: job.cli,
                     status: job.status,
-                    pid: job.process.pid ?? null,
+                    pid: job.process?.pid ?? null,
                     startedAt: job.startedAt,
                 });
             }
@@ -316,13 +595,16 @@ export class AsyncJobManager {
                 job.error = "Output exceeded maximum size (50MB)";
                 job.finishedAt = new Date().toISOString();
                 job.clearIdleTimer?.();
-                killProcessGroup(job.process, "SIGTERM");
+                if (job.process)
+                    killProcessGroup(job.process, "SIGTERM");
                 this.logger.info(`Job ${job.id} killed due to output overflow`, {
                     correlationId: job.correlationId,
                 });
                 this.emitMetrics(job);
+                this.persistComplete(job);
+                this.fireOnComplete(job);
                 setTimeout(() => {
-                    if (!job.exited)
+                    if (!job.exited && job.process)
                         killProcessGroup(job.process, "SIGKILL");
                     job.cleanupGroup?.();
                 }, 5000);
@@ -337,5 +619,7 @@ export class AsyncJobManager {
         else {
             job.stderr += text;
         }
+        job.outputDirty = true;
+        this.maybeFlushOutput(job);
     }
 }

package/dist/auth.d.ts

@@ -0,0 +1,15 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+export interface AuthConfig {
+    required: boolean;
+    tokenConfigured: boolean;
+    source: "env" | "disabled";
+}
+export interface AuthResult {
+    ok: boolean;
+    status?: number;
+    message?: string;
+}
+export declare function loadAuthConfig(env?: NodeJS.ProcessEnv): AuthConfig;
+export declare function getRequiredBearerToken(env?: NodeJS.ProcessEnv): string | null;
+export declare function authorizeBearerRequest(req: IncomingMessage, token?: string | null): AuthResult;
+export declare function writeAuthFailure(res: ServerResponse, result: AuthResult): void;

package/dist/auth.js

@@ -0,0 +1,46 @@
+const AUTH_SCHEME = "Bearer ";
+export function loadAuthConfig(env = process.env) {
+    const token = env.LLM_GATEWAY_AUTH_TOKEN;
+    const disabled = env.LLM_GATEWAY_AUTH_DISABLED === "1";
+    return {
+        required: !disabled,
+        tokenConfigured: Boolean(token),
+        source: disabled ? "disabled" : "env",
+    };
+}
+export function getRequiredBearerToken(env = process.env) {
+    const config = loadAuthConfig(env);
+    if (!config.required)
+        return null;
+    return env.LLM_GATEWAY_AUTH_TOKEN || null;
+}
+export function authorizeBearerRequest(req, token = getRequiredBearerToken()) {
+    if (!loadAuthConfig().required) {
+        return { ok: true };
+    }
+    if (!token) {
+        return {
+            ok: false,
+            status: 503,
+            message: "HTTP transport requires LLM_GATEWAY_AUTH_TOKEN",
+        };
+    }
+    const header = req.headers.authorization;
+    const value = Array.isArray(header) ? header[0] : header;
+    if (!value || !value.startsWith(AUTH_SCHEME)) {
+        return { ok: false, status: 401, message: "Unauthorized" };
+    }
+    const supplied = value.slice(AUTH_SCHEME.length);
+    if (supplied !== token) {
+        return { ok: false, status: 401, message: "Unauthorized" };
+    }
+    return { ok: true };
+}
+export function writeAuthFailure(res, result) {
+    const status = result.status ?? 401;
+    res.writeHead(status, {
+        "content-type": "application/json",
+        "www-authenticate": 'Bearer realm="llm-cli-gateway"',
+    });
+    res.end(JSON.stringify({ error: result.message || "Unauthorized" }));
+}

package/dist/cli-updater.d.ts

@@ -0,0 +1,55 @@
+import type { Logger } from "./logger.js";
+import type { CliType } from "./session-manager.js";
+import { type ProviderLoginStatus } from "./provider-status.js";
+import type { ProviderLoginGuidance } from "./provider-login-guidance.js";
+export interface CliVersionInfo {
+    cli: CliType;
+    command: string;
+    args: string[];
+    installed: boolean;
+    version?: string;
+    loginStatus?: ProviderLoginStatus;
+    loginGuidance?: ProviderLoginGuidance["login"];
+    stdout: string;
+    stderr: string;
+    error?: string;
+}
+export interface CliUpgradePlan {
+    cli: CliType;
+    target: string;
+    command: string;
+    args: string[];
+    strategy: "self-update" | "npm-global-install" | "pip-install" | "uv-tool-upgrade" | "brew-upgrade";
+    requiresNetwork: boolean;
+    note?: string;
+}
+export type MistralInstallMethod = "pip" | "uv" | "brew" | "unknown";
+/**
+ * Detect how Vibe was installed on this machine. Vibe does not self-update, so
+ * cli_upgrade has to dispatch to the package manager that owns the binary.
+ *
+ * Probe order: pip → uv → brew. The first one that returns a positive signal
+ * wins; if none do, callers should surface an actionable error rather than
+ * blindly running `vibe update` (a command that does not exist).
+ */
+export declare function detectMistralInstallMethod(exec?: (cmd: string, args: string[]) => {
+    exitCode: number | null;
+    stdout: string;
+}): MistralInstallMethod;
+export interface CliUpgradeResult {
+    dryRun: boolean;
+    plan: CliUpgradePlan;
+    stdout?: string;
+    stderr?: string;
+    exitCode?: number;
+}
+export declare function buildCliUpgradePlan(cli: CliType, target?: string, detectMistral?: () => MistralInstallMethod): CliUpgradePlan;
+export declare function getCliVersion(cli: CliType): Promise<CliVersionInfo>;
+export declare function getCliVersions(cli?: CliType): Promise<CliVersionInfo[]>;
+export declare function runCliUpgrade(params: {
+    cli: CliType;
+    target?: string;
+    dryRun: boolean;
+    timeoutMs?: number;
+    logger?: Logger;
+}): Promise<CliUpgradeResult>;