mod8-cli 0.2.0

package/dist/providers/registry.js

@@ -0,0 +1,196 @@
+/**
+ * Provider registry — built-in catalog of known providers.
+ *
+ * mod8 supports any provider that speaks one of three API styles:
+ *   - "anthropic"     — native Anthropic Messages API
+ *   - "gemini"        — native Google generative-ai SDK
+ *   - "openai-compat" — OpenAI Chat Completions schema (covers OpenAI itself,
+ *                       DeepSeek, Mistral, Groq, OpenRouter, xAI, Together, …)
+ *
+ * Each entry is a *template*. A provider only becomes "configured" once the
+ * user supplies a key (via `mod8 add-provider` or `mod8 keys set <id>`).
+ *
+ * Unknown key prefixes fall through to a manual prompt in `add-provider`.
+ */
+/**
+ * Known providers. Order matters for ambiguity resolution: when two prefixes
+ * could match (e.g. "sk-" matches both OpenAI and Mistral), the first match
+ * wins, so list more-specific prefixes before more-generic ones.
+ */
+export const KNOWN_PROVIDERS = [
+    {
+        id: 'anthropic',
+        name: 'Anthropic (Claude)',
+        apiType: 'anthropic',
+        defaultModel: 'claude-sonnet-4-6',
+        color: '#A78BFA', // purple (matches chat work-mode brand)
+        keyPrefix: 'sk-ant-',
+    },
+    {
+        id: 'openrouter',
+        name: 'OpenRouter',
+        apiType: 'openai-compat',
+        baseUrl: 'https://openrouter.ai/api/v1',
+        defaultModel: 'openai/gpt-4o-mini',
+        color: '#EC4899', // pink
+        keyPrefix: 'sk-or-',
+    },
+    {
+        id: 'openai',
+        name: 'OpenAI (GPT)',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.openai.com/v1',
+        defaultModel: 'gpt-4o',
+        color: '#10B981', // emerald
+        keyPrefix: 'sk-proj-', // newer OpenAI keys; legacy "sk-" also matched via fallback
+    },
+    {
+        id: 'deepseek',
+        name: 'DeepSeek',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.deepseek.com',
+        defaultModel: 'deepseek-chat',
+        color: '#3B82F6', // blue
+        keyPrefix: 'sk-', // generic — only used as last resort below
+    },
+    {
+        id: 'groq',
+        name: 'Groq',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.groq.com/openai/v1',
+        defaultModel: 'llama-3.3-70b-versatile',
+        color: '#F59E0B', // amber-500
+        keyPrefix: 'gsk_',
+    },
+    {
+        id: 'xai',
+        name: 'xAI (Grok)',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.x.ai/v1',
+        defaultModel: 'grok-2-latest',
+        color: '#6B7280', // gray
+        keyPrefix: 'xai-',
+    },
+    {
+        id: 'mistral',
+        name: 'Mistral',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.mistral.ai/v1',
+        defaultModel: 'mistral-large-latest',
+        color: '#EF4444', // red
+        // No public stable prefix; fall back to manual confirmation.
+    },
+    {
+        id: 'together',
+        name: 'Together AI',
+        apiType: 'openai-compat',
+        baseUrl: 'https://api.together.xyz/v1',
+        defaultModel: 'meta-llama/Llama-3.3-70B-Instruct-Turbo',
+        color: '#8B5CF6', // violet
+        // No stable prefix.
+    },
+    {
+        id: 'google',
+        name: 'Google (Gemini)',
+        apiType: 'gemini',
+        // gemini-2.5-flash is the current free-tier flagship as of 2026.
+        // gemini-2.0-flash is being deprecated for new users — Google returns
+        // "no longer available to new users" on a fresh key.
+        defaultModel: 'gemini-2.5-flash',
+        color: '#06B6D4', // cyan
+        // Google API keys start with AIza but format is shared with all Google APIs.
+        keyPrefix: 'AIza',
+    },
+];
+/**
+ * Common nicknames → built-in provider id.  When the user says "let me talk
+ * to gpt" or "use claude", we want to land on the actual configured provider
+ * (which might be stored under "openai" with a custom display name like
+ * "codex"), not bail with "unknown provider 'gpt'."
+ *
+ * The resolver in storage/providers.ts uses this AFTER trying an exact id
+ * match and an exact display-name match — synonyms are the last fallback.
+ */
+export const PROVIDER_SYNONYMS = {
+    // Anthropic family
+    claude: 'anthropic',
+    sonnet: 'anthropic',
+    opus: 'anthropic',
+    haiku: 'anthropic',
+    // OpenAI family
+    gpt: 'openai',
+    chatgpt: 'openai',
+    'gpt-4': 'openai',
+    'gpt-4o': 'openai',
+    // Google family
+    gemini: 'google',
+    bard: 'google',
+    // xAI
+    grok: 'xai',
+    // Meta / Groq (shorthand most users type)
+    llama: 'groq',
+};
+/**
+ * High-confidence brand aliases — unambiguous brand names that don't collide
+ * with common English words.  Allowed in STRICT resolution (bare-name and
+ * first-word matching) so that `claude`, `gpt`, `grok`, etc. typed alone or
+ * with a short instruction route directly without going through the LLM.
+ *
+ * Excluded on purpose: `sonnet`, `opus`, `haiku`, `bard` — those are poetry/
+ * literature words common enough in chat to false-positive.  Also excluded:
+ * `llama` (animal/Linux distro) for the same reason.  Those still resolve
+ * via the verb-based path (`use sonnet`, `talk to llama`) which is explicit.
+ */
+export const HIGH_CONFIDENCE_BRAND_ALIASES = {
+    claude: 'anthropic',
+    gpt: 'openai',
+    chatgpt: 'openai',
+    gemini: 'google',
+    grok: 'xai',
+};
+/**
+ * Auto-assignable color palette for user-provided custom providers.
+ * Keep distinct from the known-provider colors above.
+ */
+export const COLOR_PALETTE = [
+    '#6EE7B7', // mint
+    '#A78BFA', // purple
+    '#FBBF24', // yellow
+    '#F472B6', // pink
+    '#60A5FA', // sky
+    '#FB923C', // orange
+    '#34D399', // green
+    '#E879F9', // fuchsia
+];
+export function templateById(id) {
+    return KNOWN_PROVIDERS.find((p) => p.id === id);
+}
+/**
+ * Detect a provider template from a key prefix. Returns the most specific
+ * match, falling back to OpenAI for legacy "sk-" if no other match.
+ */
+export function detectFromKey(key) {
+    const trimmed = key.trim();
+    // First pass: any provider with an exact prefix match. KNOWN_PROVIDERS is
+    // ordered most-specific-first, so the first hit wins.
+    for (const p of KNOWN_PROVIDERS) {
+        if (p.keyPrefix && trimmed.startsWith(p.keyPrefix))
+            return p;
+    }
+    // Legacy fallback: bare "sk-" (no -ant-, -or-, -proj-) → OpenAI.
+    if (trimmed.startsWith('sk-'))
+        return templateById('openai');
+    return undefined;
+}
+/** Pick a color for a custom provider given how many already exist. */
+export function pickPaletteColor(usedColors) {
+    for (const c of COLOR_PALETTE) {
+        if (!usedColors.includes(c))
+            return c;
+    }
+    // Wrap around if user has > palette length custom providers.
+    return COLOR_PALETTE[usedColors.length % COLOR_PALETTE.length];
+}
+export function isValidProviderId(id) {
+    return /^[a-z][a-z0-9_-]{0,30}$/.test(id);
+}

package/dist/providers/types.js

@@ -0,0 +1 @@
+export {};

package/dist/providers/workSystem.js

@@ -0,0 +1,33 @@
+/**
+ * Work-mode system prompt builder.
+ *
+ * Whoever is in work mode (claude by default, but could be any configured
+ * provider — codex, grok, deepseek, etc.) gets THIS prompt.  The job is to
+ * keep the worker model in character: do the work, don't impersonate mod8
+ * host, and bounce meta questions about the CLI back to the host.
+ */
+export function buildWorkSystem(workerName) {
+    return `You are ${workerName}, an LLM helping the user complete a task. The user is reaching you through mod8 — a CLI that routes messages between providers — but you are NOT mod8 itself. mod8 is a separate model (the "host" / planning side) that handed off to you.
+
+# Stay in your lane
+
+- You are the WORKER. Just do the work the user asked for — code, write, generate, analyze, explain. Direct and thorough.
+- You are NOT mod8. You do not know mod8's configuration, command surface, or which other providers are connected. Don't pretend to.
+- If the user asks a META question about mod8 itself — "what providers are configured?", "what's mod8?", "how do I switch?", "how do I add a new provider?", "what commands are there?" — DO NOT answer it from your own assumptions. Hand back to the host with <SWITCH_TO_HOST> and a brief note: "that's a mod8 question — handing back to host."
+- DO NOT give advice about provider configuration, naming, the right CLI flag, etc. That's the host's job. If the user is confused about mod8's plumbing, get them back to the host.
+- DO NOT claim to be mod8. If asked who you are, you are ${workerName}.
+
+# How to hand off back to host
+
+Respond normally, then end your message with the literal token <SWITCH_TO_HOST>. Don't explain the token. Just append it on a new line. The CLI strips it and switches modes for the next turn.
+
+When to hand off:
+- Explicit: "@mod8", "/mod8", "back to mod8", "talk to mod8".
+- Pausing or reconsidering: "stop", "wait", "let me think", "this isn't right", "actually no".
+- Meta questions about mod8 itself (you should NOT answer these yourself — defer).
+- Stepping back to planning: "go back to planning", "let's rethink".
+
+If the user wants more work done — fixes, follow-ups, related tasks — DO NOT emit the token. Keep working.
+
+Never refuse a hand-off.`;
+}

package/dist/storage/auth.js

@@ -0,0 +1,65 @@
+/**
+ * mod8 auth.json — credentials for the mod8-hosted proxy.
+ *
+ *   ~/.config/mod8/auth.json:
+ *     {
+ *       "mod8Key":  "sk-mod8-...",     // bearer token for proxy
+ *       "proxyUrl": "https://...",     // base URL (override w/ MOD8_PROXY_URL)
+ *       "email":    "you@example.com"  // shown in startup banner
+ *     }
+ *
+ * When this file exists, the CLI routes every request through the proxy
+ * instead of the user's local providers.json.  When it's absent, the CLI
+ * uses the BYOK local providers (current behavior).
+ *
+ * File mode 0600 — same as providers.json + config.json.
+ */
+import { promises as fs } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+export const DEFAULT_PROXY_URL = 'https://mod8-proxy-6jnzdar4rq-uc.a.run.app';
+const CONFIG_DIR = process.env.MOD8_CONFIG_DIR ?? join(homedir(), '.config', 'mod8');
+const AUTH_FILE = join(CONFIG_DIR, 'auth.json');
+export async function readAuth() {
+    try {
+        const raw = await fs.readFile(AUTH_FILE, 'utf8');
+        const parsed = JSON.parse(raw);
+        if (!parsed || typeof parsed.mod8Key !== 'string')
+            return null;
+        return {
+            mod8Key: parsed.mod8Key,
+            proxyUrl: typeof parsed.proxyUrl === 'string' && parsed.proxyUrl
+                ? parsed.proxyUrl
+                : DEFAULT_PROXY_URL,
+            ...(typeof parsed.email === 'string' ? { email: parsed.email } : {}),
+        };
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return null;
+        throw err;
+    }
+}
+export async function writeAuth(data) {
+    await fs.mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    await fs.writeFile(AUTH_FILE, JSON.stringify(data, null, 2) + '\n', { mode: 0o600 });
+    await fs.chmod(AUTH_FILE, 0o600);
+}
+export async function deleteAuth() {
+    try {
+        await fs.unlink(AUTH_FILE);
+        return true;
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return false;
+        throw err;
+    }
+}
+/** Resolve the proxy URL: env override > auth.json > default. */
+export function effectiveProxyUrl(auth) {
+    if (process.env.MOD8_PROXY_URL)
+        return process.env.MOD8_PROXY_URL;
+    return auth?.proxyUrl ?? DEFAULT_PROXY_URL;
+}
+export const AUTH_FILE_PATH = AUTH_FILE;

package/dist/storage/config.js

@@ -0,0 +1,35 @@
+import { promises as fs } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+const CONFIG_DIR = process.env.MOD8_CONFIG_DIR ?? join(homedir(), '.config', 'mod8');
+const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
+async function readConfigFile() {
+    try {
+        const data = await fs.readFile(CONFIG_FILE, 'utf8');
+        const parsed = JSON.parse(data);
+        if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+            return parsed;
+        }
+        return {};
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return {};
+        throw err;
+    }
+}
+async function writeConfigFile(config) {
+    await fs.mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    await fs.writeFile(CONFIG_FILE, JSON.stringify(config, null, 2) + '\n', { mode: 0o600 });
+    await fs.chmod(CONFIG_FILE, 0o600);
+}
+export async function getConfig() {
+    return readConfigFile();
+}
+export async function updateConfig(patch) {
+    const current = await readConfigFile();
+    const next = { ...current, ...patch };
+    await writeConfigFile(next);
+    return next;
+}
+export const CONFIG_FILE_PATH = CONFIG_FILE;

package/dist/storage/keys.js

@@ -0,0 +1,59 @@
+import { promises as fs } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+import { PROVIDERS } from '../types.js';
+const CONFIG_DIR = process.env.MOD8_CONFIG_DIR ?? join(homedir(), '.config', 'mod8');
+const KEYS_FILE = join(CONFIG_DIR, 'keys.json');
+async function readKeysFile() {
+    try {
+        const data = await fs.readFile(KEYS_FILE, 'utf8');
+        const parsed = JSON.parse(data);
+        if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+            return parsed;
+        }
+        return {};
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return {};
+        throw err;
+    }
+}
+async function writeKeysFile(keys) {
+    await fs.mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    const data = JSON.stringify(keys, null, 2) + '\n';
+    await fs.writeFile(KEYS_FILE, data, { mode: 0o600 });
+    // chmod explicitly in case the file already existed with looser perms
+    await fs.chmod(KEYS_FILE, 0o600);
+}
+export async function setKey(provider, key) {
+    const keys = await readKeysFile();
+    keys[provider] = key;
+    await writeKeysFile(keys);
+}
+export async function getKey(provider) {
+    const keys = await readKeysFile();
+    return keys[provider];
+}
+export async function getAllKeys() {
+    const keys = await readKeysFile();
+    const out = {};
+    for (const p of PROVIDERS)
+        out[p] = keys[p];
+    return out;
+}
+export async function removeKey(provider) {
+    const keys = await readKeysFile();
+    if (!(provider in keys))
+        return false;
+    delete keys[provider];
+    await writeKeysFile(keys);
+    return true;
+}
+export function maskKey(key) {
+    if (key.length <= 8)
+        return '*'.repeat(Math.max(key.length, 4));
+    return `${key.slice(0, 4)}…${key.slice(-4)}`;
+}
+export const KEYS_FILE_PATH = KEYS_FILE;
+export const CONFIG_DIR_PATH = CONFIG_DIR;