log-llm-config 1.3.30 → 1.3.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/log_config_files/runtime/remediation_sync.js +2 -2
  2. package/dist/log_uuid/startup_sender.js +2 -0
  3. package/dist/log_uuid/user_profile.js +176 -0
  4. package/package.json +3 -3
package/dist/log_config_files/runtime/remediation_sync.js CHANGED
@@ -365,7 +365,7 @@ function assertSafeSqliteIdentifiersForItemTable(table, keyColumn, valueColumn)
365
365
  const TRUSTED_CURSOR_SQLITE_DEFERRED_RESTART_COMMAND = 'REPO_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || pwd) && export REPO_ROOT && ' +
366
366
  'CURSOR_PROJECT="${CURSOR_PROJECT_DIR:-$REPO_ROOT}" && export CURSOR_PROJECT && ' +
367
367
  'OPTIMUS_DEFERRED_LOG="${HOME}/opt-ai-sec/management/deferred_vscdb_restart.log" && mkdir -p "$(dirname "$OPTIMUS_DEFERRED_LOG")" && export OPTIMUS_DEFERRED_LOG && ' +
368
- "nohup bash -c 'exec >>\"\$OPTIMUS_DEFERRED_LOG\" 2>&1; echo deferred_restart:begin ts=\$(date -u +%Y-%m-%dT%H:%M:%SZ) REPO_ROOT=\"\$REPO_ROOT\" CURSOR_PROJECT=\"\$CURSOR_PROJECT\"; sleep 2; if [ -f \"\$REPO_ROOT/npx_packages/log-llm-config/dist/apply_deferred_vscdb.js\" ]; then echo deferred_restart:apply_via_monorepo_node; node \"\$REPO_ROOT/npx_packages/log-llm-config/dist/apply_deferred_vscdb.js\"; APPLY_EC=\$?; else echo deferred_restart:apply_via_npx; cd \"\$REPO_ROOT\" && npx --yes log-llm-config@latest apply-deferred-vscdb; APPLY_EC=\$?; fi; echo deferred_restart:apply_exit=\$APPLY_EC; if [ \$APPLY_EC -ne 0 ]; then echo deferred_restart:APPLY_FAILED_see_messages_above; fi; echo deferred_restart:open_cursor; open -a Cursor \"\$CURSOR_PROJECT\"; echo deferred_restart:open_exit=\$?; echo deferred_restart:end ts=\$(date -u +%Y-%m-%dT%H:%M:%SZ)' >/dev/null 2>&1 & killall -9 Cursor";
368
+ "nohup bash -c 'exec >>\"\$OPTIMUS_DEFERRED_LOG\" 2>&1; echo deferred_restart:begin ts=\$(date -u +%Y-%m-%dT%H:%M:%SZ) REPO_ROOT=\"\$REPO_ROOT\" CURSOR_PROJECT=\"\$CURSOR_PROJECT\"; sleep 2; if [ -f \"\$REPO_ROOT/dev_npx_packages/log-llm-config/dist/apply_deferred_vscdb.js\" ]; then echo deferred_restart:apply_via_monorepo_node; node \"\$REPO_ROOT/dev_npx_packages/log-llm-config/dist/apply_deferred_vscdb.js\"; APPLY_EC=\$?; else echo deferred_restart:apply_via_npx; cd \"\$REPO_ROOT\" && npx --yes log-llm-config@latest apply-deferred-vscdb; APPLY_EC=\$?; fi; echo deferred_restart:apply_exit=\$APPLY_EC; if [ \$APPLY_EC -ne 0 ]; then echo deferred_restart:APPLY_FAILED_see_messages_above; fi; echo deferred_restart:open_cursor; open -a Cursor \"\$CURSOR_PROJECT\"; echo deferred_restart:open_exit=\$?; echo deferred_restart:end ts=\$(date -u +%Y-%m-%dT%H:%M:%SZ)' >/dev/null 2>&1 & killall -9 Cursor";
369
369
  const TRUSTED_CURSOR_JSON_SETTINGS_RESTART_COMMAND = 'CURSOR_PROJECT=$(git rev-parse --show-toplevel 2>/dev/null || pwd) && export CURSOR_PROJECT && nohup bash -c \'sleep 2 && open -a Cursor "$CURSOR_PROJECT"\' >/dev/null 2>&1 & killall -9 Cursor';
370
370
  const TRUSTED_CLAUDE_RESTART_COMMAND = "nohup bash -c 'sleep 2 && open -a Claude' >/dev/null 2>&1 & pkill -x 'Claude'";
371
371
  /**
@@ -809,7 +809,7 @@ export async function applyDeferredVscdbFromDisk() {
809
809
  */
810
810
  export function buildDeferredCursorRestartCommand() {
811
811
  // Prefer monorepo path when hooks run from optimus-secure-fdn; otherwise `npx --yes log-llm-config@latest apply-deferred-vscdb`
812
- // (package bin) so published installs work without a local npx_packages copy.
812
+ // (package bin) so published installs work without a local dev_npx_packages copy.
813
813
  return TRUSTED_CURSOR_SQLITE_DEFERRED_RESTART_COMMAND;
814
814
  }
815
815
  function sqliteRowGroupKey(dbPath, op) {
package/dist/log_uuid/startup_sender.js CHANGED
@@ -2,6 +2,7 @@ import crypto from 'node:crypto';
2
2
  import { classifyEndpointResponse, postStartupPayload } from '../endpoint_client/index.js';
3
3
  import { resolveHardwareUuid } from './hardware_uuid.js';
4
4
  import { writeAuthKey, readStoredAuthKey, loadEndpointBase, buildStartupEndpointUrl } from './auth_key_store.js';
5
+ import { resolveUserProfile } from './user_profile.js';
5
6
  const canonicalizeValue = (value) => {
6
7
  if (Array.isArray(value))
7
8
  return value.map(canonicalizeValue);
@@ -25,6 +26,7 @@ const getMetadata = () => ({
25
26
  branch: process.env.GITHUB_REF_NAME || process.env.BRANCH_NAME || '',
26
27
  commit_sha: process.env.GITHUB_SHA || '',
27
28
  agent_name: process.env.OPTIMUS_AGENT || '',
29
+ user_profile: { ...resolveUserProfile() },
28
30
  });
29
31
  function buildRequestBody(hardwareUuid, timestamp) {
30
32
  const payloadSummary = { timestamp, directory: process.cwd(), hardware_uuid: hardwareUuid };
package/dist/log_uuid/user_profile.js ADDED
@@ -0,0 +1,176 @@
1
+ import { execFileSync } from 'node:child_process';
2
+ import crypto from 'node:crypto';
3
+ import fs from 'node:fs';
4
+ import os from 'node:os';
5
+ import path from 'node:path';
6
+ import { readCommandOutput, resolveHardwareUuid } from './hardware_uuid.js';
7
+ const safeJsonParse = (raw) => {
8
+ try {
9
+ return JSON.parse(raw);
10
+ }
11
+ catch {
12
+ return null;
13
+ }
14
+ };
15
+ const readCursorCachedEmailFromVscdb = () => {
16
+ const dbPath = path.join(os.homedir(), 'Library/Application Support/Cursor/User/globalStorage/state.vscdb');
17
+ if (!fs.existsSync(dbPath))
18
+ return '';
19
+ try {
20
+ const out = execFileSync('sqlite3', [dbPath, "select value from ItemTable where key='cursorAuth/cachedEmail';"], { encoding: 'utf8', stdio: ['ignore', 'pipe', 'ignore'] }).trim();
21
+ return out;
22
+ }
23
+ catch {
24
+ return '';
25
+ }
26
+ };
27
+ /** Fallback: `storage.json` key path `cursor.auth.email` (design_notes). */
28
+ const readCursorCachedEmailFromStorageJson = () => {
29
+ const fp = path.join(os.homedir(), 'Library/Application Support/Cursor/User/globalStorage/storage.json');
30
+ if (!fs.existsSync(fp))
31
+ return '';
32
+ try {
33
+ const parsed = safeJsonParse(fs.readFileSync(fp, { encoding: 'utf8' }));
34
+ if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed))
35
+ return '';
36
+ const root = parsed;
37
+ const cursor = root.cursor;
38
+ if (!cursor || typeof cursor !== 'object' || Array.isArray(cursor))
39
+ return '';
40
+ const auth = cursor.auth;
41
+ if (!auth || typeof auth !== 'object' || Array.isArray(auth))
42
+ return '';
43
+ const email = auth.email;
44
+ return typeof email === 'string' ? email.trim() : '';
45
+ }
46
+ catch {
47
+ return '';
48
+ }
49
+ };
50
+ const readCursorCachedEmail = () => readCursorCachedEmailFromVscdb() || readCursorCachedEmailFromStorageJson();
51
+ const readClaudeAuthEmailFromCli = () => {
52
+ try {
53
+ const out = execFileSync('claude', ['auth', 'status'], {
54
+ encoding: 'utf8',
55
+ stdio: ['ignore', 'pipe', 'ignore'],
56
+ }).trim();
57
+ if (!out)
58
+ return '';
59
+ const parsed = safeJsonParse(out);
60
+ if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
61
+ const email = parsed.email;
62
+ return typeof email === 'string' ? email.trim() : '';
63
+ }
64
+ }
65
+ catch {
66
+ return '';
67
+ }
68
+ return '';
69
+ };
70
+ /** Fallback: optional Claude config files under ~/.claude/ (design_notes). */
71
+ const readClaudeEmailFromHomeFiles = () => {
72
+ const candidates = [
73
+ path.join(os.homedir(), '.claude/.credentials.json'),
74
+ path.join(os.homedir(), '.claude/.claude.json'),
75
+ ];
76
+ for (const fp of candidates) {
77
+ if (!fs.existsSync(fp))
78
+ continue;
79
+ try {
80
+ const parsed = safeJsonParse(fs.readFileSync(fp, { encoding: 'utf8' }));
81
+ if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed))
82
+ continue;
83
+ const email = parsed.email;
84
+ if (typeof email === 'string' && email.includes('@'))
85
+ return email.trim();
86
+ }
87
+ catch {
88
+ /* try next */
89
+ }
90
+ }
91
+ return '';
92
+ };
93
+ const readClaudeAuthEmail = () => readClaudeAuthEmailFromCli().trim() || readClaudeEmailFromHomeFiles();
94
+ const readMacUsername = () => {
95
+ const fromEnv = process.env.OPTIMUS_MAC_USERNAME?.trim() ||
96
+ process.env.USER?.trim() ||
97
+ process.env.LOGNAME?.trim() ||
98
+ '';
99
+ if (fromEnv)
100
+ return fromEnv;
101
+ return readCommandOutput('id -un');
102
+ };
103
+ /**
104
+ * Matches design_notes order: `gh api user` (login), then CI-style env, then `git config user.name`.
105
+ * `metadata.github_username` in startup_sender still uses env only; this field is the richer probe.
106
+ */
107
+ const readGithubUsername = () => {
108
+ try {
109
+ const out = execFileSync('gh', ['api', 'user', '--jq', '.login'], {
110
+ encoding: 'utf8',
111
+ stdio: ['ignore', 'pipe', 'ignore'],
112
+ maxBuffer: 1024 * 1024,
113
+ }).trim();
114
+ if (out)
115
+ return out;
116
+ }
117
+ catch {
118
+ /* gh missing or not authenticated */
119
+ }
120
+ return (process.env.GITHUB_USER?.trim() ||
121
+ process.env.GH_USER?.trim() ||
122
+ readCommandOutput('git config user.name'));
123
+ };
124
+ const readUserProfileFromEnvOrFile = () => {
125
+ const inline = process.env.OPTIMUS_USER_PROFILE_JSON?.trim();
126
+ if (inline) {
127
+ const parsed = safeJsonParse(inline);
128
+ if (parsed && typeof parsed === 'object' && !Array.isArray(parsed))
129
+ return parsed;
130
+ }
131
+ const filePath = process.env.OPTIMUS_USER_PROFILE_FILE?.trim();
132
+ if (filePath && fs.existsSync(filePath)) {
133
+ const parsed = safeJsonParse(fs.readFileSync(filePath, { encoding: 'utf8' }));
134
+ if (parsed && typeof parsed === 'object' && !Array.isArray(parsed))
135
+ return parsed;
136
+ }
137
+ return null;
138
+ };
139
+ const isPlausibleUuid = (s) => /^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}$/i.test(s.trim());
140
+ /**
141
+ * macOS Open Directory **GeneratedUID** for the console user (same concept as Directory Utility).
142
+ * See `dscl . -read /Users/<shortname> GeneratedUID`. Not the hardware UUID (that is `machineuuid`).
143
+ *
144
+ * `OPTIMUS_MAC_GENERATED_UID` overrides for tests or locked-down environments where `dscl` is unavailable.
145
+ */
146
+ const readMacAccountGeneratedUid = () => {
147
+ const env = process.env.OPTIMUS_MAC_GENERATED_UID?.trim();
148
+ if (env && isPlausibleUuid(env))
149
+ return env.trim().toLowerCase();
150
+ if (process.platform !== 'darwin')
151
+ return '';
152
+ const user = readMacUsername();
153
+ if (!user || !/^[a-zA-Z0-9._-]+$/.test(user))
154
+ return '';
155
+ try {
156
+ const out = execFileSync('dscl', ['.', '-read', `/Users/${user}`, 'GeneratedUID'], { encoding: 'utf8', stdio: ['ignore', 'pipe', 'ignore'] });
157
+ const m = out.match(/GeneratedUID:\s*([0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12})/);
158
+ if (m?.[1] && isPlausibleUuid(m[1]))
159
+ return m[1].toLowerCase();
160
+ }
161
+ catch {
162
+ return '';
163
+ }
164
+ return '';
165
+ };
166
+ const buildDefaultUserProfile = () => ({
167
+ generateduuid: readMacAccountGeneratedUid() || crypto.randomUUID(),
168
+ machineuuid: resolveHardwareUuid(),
169
+ mac_username: readMacUsername(),
170
+ github_username: readGithubUsername(),
171
+ claude_email: readClaudeAuthEmail(),
172
+ cursor_email: readCursorCachedEmail(),
173
+ });
174
+ /** Best-effort local user profile object for startup metadata. */
175
+ const resolveUserProfile = () => readUserProfileFromEnvOrFile() ?? buildDefaultUserProfile();
176
+ export { resolveUserProfile };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "log-llm-config",
3
- "version": "1.3.30",
3
+ "version": "1.3.34",
4
4
  "description": "CLI helpers for logging hardware UUIDs and posting startup payloads to Optimus Security.",
5
5
  "type": "module",
6
6
  "bin": {
@@ -33,12 +33,12 @@
33
33
  "repository": {
34
34
  "type": "git",
35
35
  "url": "git+https://github.com/optimuslabs-io/optimus-secure-fdn.git",
36
- "directory": "npx_packages/log-llm-config"
36
+ "directory": "dev_npx_packages/log-llm-config"
37
37
  },
38
38
  "bugs": {
39
39
  "url": "https://github.com/optimuslabs-io/optimus-secure-fdn/issues"
40
40
  },
41
- "homepage": "https://github.com/optimuslabs-io/optimus-secure-fdn/tree/main/npx_packages/log-llm-config#readme",
41
+ "homepage": "https://github.com/optimuslabs-io/optimus-secure-fdn/tree/main/dev_npx_packages/log-llm-config#readme",
42
42
  "files": [
43
43
  "dist/**/*",
44
44
  "README.md"