npm - mstro-app - Versions diffs - 0.1.47 - Mend

mstro-app 0.1.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (213) hide show

package/LICENSE +21 -0
package/README.md +177 -0
package/bin/commands/config.js +145 -0
package/bin/commands/login.js +313 -0
package/bin/commands/logout.js +75 -0
package/bin/commands/status.js +197 -0
package/bin/commands/whoami.js +161 -0
package/bin/configure-claude.js +298 -0
package/bin/mstro.js +581 -0
package/bin/postinstall.js +45 -0
package/bin/release.sh +110 -0
package/dist/server/cli/headless/claude-invoker.d.ts +17 -0
package/dist/server/cli/headless/claude-invoker.d.ts.map +1 -0
package/dist/server/cli/headless/claude-invoker.js +311 -0
package/dist/server/cli/headless/claude-invoker.js.map +1 -0
package/dist/server/cli/headless/index.d.ts +13 -0
package/dist/server/cli/headless/index.d.ts.map +1 -0
package/dist/server/cli/headless/index.js +10 -0
package/dist/server/cli/headless/index.js.map +1 -0
package/dist/server/cli/headless/mcp-config.d.ts +11 -0
package/dist/server/cli/headless/mcp-config.d.ts.map +1 -0
package/dist/server/cli/headless/mcp-config.js +76 -0
package/dist/server/cli/headless/mcp-config.js.map +1 -0
package/dist/server/cli/headless/output-utils.d.ts +33 -0
package/dist/server/cli/headless/output-utils.d.ts.map +1 -0
package/dist/server/cli/headless/output-utils.js +101 -0
package/dist/server/cli/headless/output-utils.js.map +1 -0
package/dist/server/cli/headless/prompt-utils.d.ts +21 -0
package/dist/server/cli/headless/prompt-utils.d.ts.map +1 -0
package/dist/server/cli/headless/prompt-utils.js +84 -0
package/dist/server/cli/headless/prompt-utils.js.map +1 -0
package/dist/server/cli/headless/runner.d.ts +24 -0
package/dist/server/cli/headless/runner.d.ts.map +1 -0
package/dist/server/cli/headless/runner.js +99 -0
package/dist/server/cli/headless/runner.js.map +1 -0
package/dist/server/cli/headless/types.d.ts +106 -0
package/dist/server/cli/headless/types.d.ts.map +1 -0
package/dist/server/cli/headless/types.js +4 -0
package/dist/server/cli/headless/types.js.map +1 -0
package/dist/server/cli/improvisation-session-manager.d.ts +155 -0
package/dist/server/cli/improvisation-session-manager.d.ts.map +1 -0
package/dist/server/cli/improvisation-session-manager.js +415 -0
package/dist/server/cli/improvisation-session-manager.js.map +1 -0
package/dist/server/index.d.ts +2 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +386 -0
package/dist/server/index.js.map +1 -0
package/dist/server/mcp/bouncer-cli.d.ts +3 -0
package/dist/server/mcp/bouncer-cli.d.ts.map +1 -0
package/dist/server/mcp/bouncer-cli.js +99 -0
package/dist/server/mcp/bouncer-cli.js.map +1 -0
package/dist/server/mcp/bouncer-integration.d.ts +36 -0
package/dist/server/mcp/bouncer-integration.d.ts.map +1 -0
package/dist/server/mcp/bouncer-integration.js +301 -0
package/dist/server/mcp/bouncer-integration.js.map +1 -0
package/dist/server/mcp/security-audit.d.ts +52 -0
package/dist/server/mcp/security-audit.d.ts.map +1 -0
package/dist/server/mcp/security-audit.js +118 -0
package/dist/server/mcp/security-audit.js.map +1 -0
package/dist/server/mcp/security-patterns.d.ts +73 -0
package/dist/server/mcp/security-patterns.d.ts.map +1 -0
package/dist/server/mcp/security-patterns.js +247 -0
package/dist/server/mcp/security-patterns.js.map +1 -0
package/dist/server/mcp/server.d.ts +3 -0
package/dist/server/mcp/server.d.ts.map +1 -0
package/dist/server/mcp/server.js +146 -0
package/dist/server/mcp/server.js.map +1 -0
package/dist/server/routes/files.d.ts +9 -0
package/dist/server/routes/files.d.ts.map +1 -0
package/dist/server/routes/files.js +24 -0
package/dist/server/routes/files.js.map +1 -0
package/dist/server/routes/improvise.d.ts +3 -0
package/dist/server/routes/improvise.d.ts.map +1 -0
package/dist/server/routes/improvise.js +72 -0
package/dist/server/routes/improvise.js.map +1 -0
package/dist/server/routes/index.d.ts +10 -0
package/dist/server/routes/index.d.ts.map +1 -0
package/dist/server/routes/index.js +12 -0
package/dist/server/routes/index.js.map +1 -0
package/dist/server/routes/instances.d.ts +10 -0
package/dist/server/routes/instances.d.ts.map +1 -0
package/dist/server/routes/instances.js +47 -0
package/dist/server/routes/instances.js.map +1 -0
package/dist/server/routes/notifications.d.ts +3 -0
package/dist/server/routes/notifications.d.ts.map +1 -0
package/dist/server/routes/notifications.js +136 -0
package/dist/server/routes/notifications.js.map +1 -0
package/dist/server/services/analytics.d.ts +56 -0
package/dist/server/services/analytics.d.ts.map +1 -0
package/dist/server/services/analytics.js +240 -0
package/dist/server/services/analytics.js.map +1 -0
package/dist/server/services/auth.d.ts +26 -0
package/dist/server/services/auth.d.ts.map +1 -0
package/dist/server/services/auth.js +71 -0
package/dist/server/services/auth.js.map +1 -0
package/dist/server/services/client-id.d.ts +10 -0
package/dist/server/services/client-id.d.ts.map +1 -0
package/dist/server/services/client-id.js +61 -0
package/dist/server/services/client-id.js.map +1 -0
package/dist/server/services/credentials.d.ts +39 -0
package/dist/server/services/credentials.d.ts.map +1 -0
package/dist/server/services/credentials.js +110 -0
package/dist/server/services/credentials.js.map +1 -0
package/dist/server/services/files.d.ts +119 -0
package/dist/server/services/files.d.ts.map +1 -0
package/dist/server/services/files.js +560 -0
package/dist/server/services/files.js.map +1 -0
package/dist/server/services/instances.d.ts +52 -0
package/dist/server/services/instances.d.ts.map +1 -0
package/dist/server/services/instances.js +241 -0
package/dist/server/services/instances.js.map +1 -0
package/dist/server/services/pathUtils.d.ts +47 -0
package/dist/server/services/pathUtils.d.ts.map +1 -0
package/dist/server/services/pathUtils.js +124 -0
package/dist/server/services/pathUtils.js.map +1 -0
package/dist/server/services/platform.d.ts +72 -0
package/dist/server/services/platform.d.ts.map +1 -0
package/dist/server/services/platform.js +368 -0
package/dist/server/services/platform.js.map +1 -0
package/dist/server/services/sentry.d.ts +5 -0
package/dist/server/services/sentry.d.ts.map +1 -0
package/dist/server/services/sentry.js +71 -0
package/dist/server/services/sentry.js.map +1 -0
package/dist/server/services/terminal/pty-manager.d.ts +149 -0
package/dist/server/services/terminal/pty-manager.d.ts.map +1 -0
package/dist/server/services/terminal/pty-manager.js +377 -0
package/dist/server/services/terminal/pty-manager.js.map +1 -0
package/dist/server/services/terminal/tmux-manager.d.ts +82 -0
package/dist/server/services/terminal/tmux-manager.d.ts.map +1 -0
package/dist/server/services/terminal/tmux-manager.js +352 -0
package/dist/server/services/terminal/tmux-manager.js.map +1 -0
package/dist/server/services/websocket/autocomplete.d.ts +50 -0
package/dist/server/services/websocket/autocomplete.d.ts.map +1 -0
package/dist/server/services/websocket/autocomplete.js +361 -0
package/dist/server/services/websocket/autocomplete.js.map +1 -0
package/dist/server/services/websocket/file-utils.d.ts +44 -0
package/dist/server/services/websocket/file-utils.d.ts.map +1 -0
package/dist/server/services/websocket/file-utils.js +272 -0
package/dist/server/services/websocket/file-utils.js.map +1 -0
package/dist/server/services/websocket/handler.d.ts +246 -0
package/dist/server/services/websocket/handler.d.ts.map +1 -0
package/dist/server/services/websocket/handler.js +1771 -0
package/dist/server/services/websocket/handler.js.map +1 -0
package/dist/server/services/websocket/index.d.ts +11 -0
package/dist/server/services/websocket/index.d.ts.map +1 -0
package/dist/server/services/websocket/index.js +14 -0
package/dist/server/services/websocket/index.js.map +1 -0
package/dist/server/services/websocket/types.d.ts +214 -0
package/dist/server/services/websocket/types.d.ts.map +1 -0
package/dist/server/services/websocket/types.js +4 -0
package/dist/server/services/websocket/types.js.map +1 -0
package/dist/server/utils/agent-manager.d.ts +69 -0
package/dist/server/utils/agent-manager.d.ts.map +1 -0
package/dist/server/utils/agent-manager.js +269 -0
package/dist/server/utils/agent-manager.js.map +1 -0
package/dist/server/utils/paths.d.ts +25 -0
package/dist/server/utils/paths.d.ts.map +1 -0
package/dist/server/utils/paths.js +38 -0
package/dist/server/utils/paths.js.map +1 -0
package/dist/server/utils/port-manager.d.ts +10 -0
package/dist/server/utils/port-manager.d.ts.map +1 -0
package/dist/server/utils/port-manager.js +60 -0
package/dist/server/utils/port-manager.js.map +1 -0
package/dist/server/utils/port.d.ts +26 -0
package/dist/server/utils/port.d.ts.map +1 -0
package/dist/server/utils/port.js +83 -0
package/dist/server/utils/port.js.map +1 -0
package/hooks/bouncer.sh +138 -0
package/package.json +74 -0
package/server/README.md +191 -0
package/server/cli/headless/claude-invoker.ts +415 -0
package/server/cli/headless/index.ts +39 -0
package/server/cli/headless/mcp-config.ts +87 -0
package/server/cli/headless/output-utils.ts +109 -0
package/server/cli/headless/prompt-utils.ts +108 -0
package/server/cli/headless/runner.ts +133 -0
package/server/cli/headless/types.ts +118 -0
package/server/cli/improvisation-session-manager.ts +531 -0
package/server/index.ts +456 -0
package/server/mcp/README.md +122 -0
package/server/mcp/bouncer-cli.ts +127 -0
package/server/mcp/bouncer-integration.ts +430 -0
package/server/mcp/security-audit.ts +180 -0
package/server/mcp/security-patterns.ts +290 -0
package/server/mcp/server.ts +174 -0
package/server/routes/files.ts +29 -0
package/server/routes/improvise.ts +82 -0
package/server/routes/index.ts +13 -0
package/server/routes/instances.ts +54 -0
package/server/routes/notifications.ts +158 -0
package/server/services/analytics.ts +277 -0
package/server/services/auth.ts +80 -0
package/server/services/client-id.ts +68 -0
package/server/services/credentials.ts +134 -0
package/server/services/files.ts +710 -0
package/server/services/instances.ts +275 -0
package/server/services/pathUtils.ts +158 -0
package/server/services/platform.test.ts +1314 -0
package/server/services/platform.ts +435 -0
package/server/services/sentry.ts +81 -0
package/server/services/terminal/pty-manager.ts +464 -0
package/server/services/terminal/tmux-manager.ts +426 -0
package/server/services/websocket/autocomplete.ts +438 -0
package/server/services/websocket/file-utils.ts +305 -0
package/server/services/websocket/handler.test.ts +20 -0
package/server/services/websocket/handler.ts +2047 -0
package/server/services/websocket/index.ts +40 -0
package/server/services/websocket/types.ts +339 -0
package/server/tsconfig.json +19 -0
package/server/utils/agent-manager.ts +323 -0
package/server/utils/paths.ts +45 -0
package/server/utils/port-manager.ts +70 -0
package/server/utils/port.ts +102 -0

package/bin/configure-claude.js ADDED Viewed

@@ -0,0 +1,298 @@
+#!/usr/bin/env node
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+/**
+ * Mstro Claude Configuration Tool
+ *
+ * Automatically configures ~/.claude/settings.json and installs
+ * the bouncer hook for Claude Code integration.
+ *
+ * Usage:
+ *   npx mstro configure-hooks
+ *   node bin/configure-claude.js
+ */
+import { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, join, resolve } from 'node:path';
+import { createInterface } from 'node:readline';
+import { fileURLToPath } from 'node:url';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const MSTRO_ROOT = resolve(__dirname, '..');
+const CLAUDE_DIR = join(homedir(), '.claude');
+const CLAUDE_HOOKS_DIR = join(CLAUDE_DIR, 'hooks');
+const CLAUDE_SETTINGS_FILE = join(CLAUDE_DIR, 'settings.json');
+const _BOUNCER_HOOK_SOURCE = join(MSTRO_ROOT, 'hooks', 'bouncer.sh');
+const BOUNCER_CLI_PATH = join(MSTRO_ROOT, 'server', 'mcp', 'bouncer-cli.ts');
+const TSX_PATH = join(MSTRO_ROOT, 'node_modules', '.bin', 'tsx');
+// ANSI colors
+const colors = {
+  reset: '\x1b[0m',
+  bold: '\x1b[1m',
+  green: '\x1b[32m',
+  yellow: '\x1b[33m',
+  blue: '\x1b[34m',
+  red: '\x1b[31m',
+  dim: '\x1b[2m',
+};
+function log(msg, color = '') {
+  console.log(`${color}${msg}${colors.reset}`);
+}
+function prompt(question) {
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve(answer.trim().toLowerCase());
+    });
+  });
+}
+/**
+ * Generate the bouncer hook script with embedded paths
+ * This ensures the hook knows where to find the bouncer CLI regardless of
+ * how/where mstro was installed (npm global, npx, etc.)
+ */
+function generateBouncerHook(tsxPath, bouncerCliPath) {
+  return `#!/usr/bin/env bash
+#
+# Mstro Bouncer Gate - Claude Code Hook
+#
+# This hook intercepts Claude Code tool calls and routes them through
+# the Mstro bouncer for security analysis before execution.
+#
+# Generated by: npx mstro configure-hooks
+# Dependencies: Node.js (no jq or bun required)
+#
+set -euo pipefail
+# Paths configured at install time
+TSX_PATH="${tsxPath}"
+BOUNCER_CLI="${bouncerCliPath}"
+# User-configurable settings
+BOUNCER_TIMEOUT="\${BOUNCER_TIMEOUT:-10}"
+BOUNCER_LOG="\${BOUNCER_LOG:-$HOME/.claude/logs/bouncer.log}"
+# Ensure log directory exists
+mkdir -p "$(dirname "$BOUNCER_LOG")"
+# Read hook input from stdin
+INPUT=$(cat)
+# Run the bouncer via tsx (handles TypeScript execution)
+if [ -x "$TSX_PATH" ] && [ -f "$BOUNCER_CLI" ]; then
+  RESULT=$(echo "$INPUT" | timeout "$BOUNCER_TIMEOUT" "$TSX_PATH" "$BOUNCER_CLI" 2>> "$BOUNCER_LOG" || echo '{"decision": "allow", "reason": "Bouncer timeout or error"}')
+  echo "$RESULT"
+else
+  # Fallback: use inline Node.js for basic pattern matching
+  node --input-type=module -e "
+const input = JSON.parse(process.argv[1]);
+const toolName = input.tool_name || input.toolName || 'unknown';
+const toolInput = input.input || input.toolInput || {};
+// Quick allow for read-only operations
+const readOnly = ['Read', 'Glob', 'Grep', 'Search', 'List', 'WebFetch', 'WebSearch'];
+if (readOnly.includes(toolName)) {
+  console.log(JSON.stringify({ decision: 'allow', reason: 'Read-only operation' }));
+  process.exit(0);
+}
+// Build operation string
+let op = toolName + ': ';
+if (toolName === 'Bash') op += toolInput.command || '';
+else if (['Write', 'Edit'].includes(toolName)) op += toolInput.file_path || toolInput.filePath || '';
+else op += JSON.stringify(toolInput);
+// Critical threat patterns
+const threats = [
+  [/rm\\s+-rf\\s+(\\/|~)(\\$|\\s)/, 'recursive delete of root/home'],
+  [/:\\(\\)\\{.*\\}/, 'fork bomb'],
+  [/dd\\s+if=\\/dev\\/zero\\s+of=\\/dev\\/sd/, 'disk overwrite'],
+  [/mkfs\\s+\\/dev\\/sd/, 'filesystem format'],
+];
+for (const [pattern, reason] of threats) {
+  if (pattern.test(op)) {
+    console.log(JSON.stringify({ decision: 'deny', reason: 'Critical threat: ' + reason }));
+    process.exit(0);
+  }
+}
+console.log(JSON.stringify({ decision: 'allow', reason: 'Fallback: basic check passed' }));
+" "$INPUT"
+fi
+`;
+}
+function ensureDirectories() {
+  log('Step 1: Checking ~/.claude directory structure...', colors.bold);
+  for (const dir of [CLAUDE_DIR, CLAUDE_HOOKS_DIR, join(CLAUDE_DIR, 'logs')]) {
+    if (!existsSync(dir)) {
+      log(`  Creating ${dir}`, colors.dim);
+      mkdirSync(dir, { recursive: true });
+    } else {
+      log(`  ${dir} exists`, colors.green);
+    }
+  }
+  log('  Done!\n', colors.green);
+}
+async function installBouncerHook(forceYes, isInteractive) {
+  log('Step 2: Installing bouncer hook...', colors.bold);
+  const hookDest = join(CLAUDE_HOOKS_DIR, 'bouncer.sh');
+  const hookContent = generateBouncerHook(TSX_PATH, BOUNCER_CLI_PATH);
+  const hookExists = existsSync(hookDest);
+  if (hookExists) {
+    log(`  Hook already exists at ${hookDest}`, colors.yellow);
+    let overwrite = forceYes;
+    if (!forceYes && isInteractive) {
+      const answer = await prompt('  Overwrite existing hook? [y/N]: ');
+      overwrite = answer === 'y' || answer === 'yes';
+    }
+    if (!overwrite) {
+      log('  Skipping hook installation', colors.dim);
+      log('  Done!\n', colors.green);
+      return hookDest;
+    }
+  }
+  writeFileSync(hookDest, hookContent);
+  chmodSync(hookDest, 0o755);
+  log(`  ${hookExists ? 'Overwrote' : 'Installed'} ${hookDest}`, colors.green);
+  log('  Done!\n', colors.green);
+  return hookDest;
+}
+function loadSettings() {
+  if (!existsSync(CLAUDE_SETTINGS_FILE)) {
+    return {};
+  }
+  try {
+    const content = readFileSync(CLAUDE_SETTINGS_FILE, 'utf-8');
+    const settings = JSON.parse(content);
+    log(`  Loaded existing settings from ${CLAUDE_SETTINGS_FILE}`, colors.dim);
+    return settings;
+  } catch (err) {
+    log(`  Warning: Could not parse existing settings.json: ${err.message}`, colors.yellow);
+    log('  Will create new settings file', colors.dim);
+    return {};
+  }
+}
+async function configureSettings(hookDest, forceYes, isInteractive) {
+  log('Step 3: Configuring settings.json...', colors.bold);
+  const settings = loadSettings();
+  if (!settings.hooks) {
+    settings.hooks = {};
+  }
+  const bouncerHook = { type: 'command', command: hookDest, timeout: 10000 };
+  const bouncerHookConfig = [
+    { matcher: 'Bash', hooks: [bouncerHook] },
+    { matcher: 'Write', hooks: [bouncerHook] },
+    { matcher: 'Edit', hooks: [bouncerHook] }
+  ];
+  const existingPreToolUse = settings.hooks.PreToolUse;
+  if (existingPreToolUse) {
+    log('  Existing PreToolUse hook configuration found:', colors.yellow);
+    log(`    ${JSON.stringify(existingPreToolUse, null, 2).split('\n').join('\n    ')}`, colors.dim);
+    let update = forceYes;
+    if (!forceYes && isInteractive) {
+      const answer = await prompt('  Update PreToolUse hook to use Mstro bouncer? [y/N]: ');
+      update = answer === 'y' || answer === 'yes';
+    }
+    if (!update) {
+      log('  Keeping existing PreToolUse configuration', colors.dim);
+    } else {
+      settings.hooks.PreToolUse = bouncerHookConfig;
+      log('  Updated PreToolUse hook configuration', colors.green);
+    }
+  } else {
+    settings.hooks.PreToolUse = bouncerHookConfig;
+    log('  Added PreToolUse hook configuration', colors.green);
+  }
+  const settingsContent = JSON.stringify(settings, null, 2);
+  const settingsExists = existsSync(CLAUDE_SETTINGS_FILE);
+  if (settingsExists) {
+    const currentContent = readFileSync(CLAUDE_SETTINGS_FILE, 'utf-8');
+    if (currentContent === settingsContent) {
+      log('  No changes needed to settings.json', colors.dim);
+    } else {
+      const backupPath = `${CLAUDE_SETTINGS_FILE}.backup.${Date.now()}`;
+      writeFileSync(backupPath, currentContent);
+      log(`  Backed up existing settings to ${backupPath}`, colors.dim);
+      writeFileSync(CLAUDE_SETTINGS_FILE, settingsContent);
+      log(`  Updated ${CLAUDE_SETTINGS_FILE}`, colors.green);
+    }
+  } else {
+    writeFileSync(CLAUDE_SETTINGS_FILE, settingsContent);
+    log(`  Created ${CLAUDE_SETTINGS_FILE}`, colors.green);
+  }
+  log('  Done!\n', colors.green);
+  return settingsContent;
+}
+function printSummary(hookDest, settingsContent) {
+  log('=== Configuration Complete ===\n', colors.bold + colors.green);
+  log('The following files have been configured:', colors.bold);
+  log(`  ${CLAUDE_SETTINGS_FILE}`, colors.dim);
+  log(`  ${hookDest}`, colors.dim);
+  log('');
+  log('Your settings.json now contains:', colors.bold);
+  log(`${settingsContent.split('\n').map(l => `  ${l}`).join('\n')}`, colors.dim);
+  log('');
+  log('How the bouncer works:', colors.bold);
+  log('');
+  log('  Mstro sessions (headless): Full 2-layer security', colors.green);
+  log('    Layer 1: Pattern matching (<5ms) - instant allow/deny for known operations', colors.dim);
+  log('    Layer 2: AI analysis (~200-500ms) - context-aware review of ambiguous operations', colors.dim);
+  log('');
+  log('  Claude Code terminal REPL (claude): 1-layer security', colors.yellow);
+  log('    Layer 1: Pattern matching only - blocks critical threats (fork bombs,', colors.dim);
+  log('    destructive commands), allows everything else', colors.dim);
+  log('    The AI analysis layer requires a running mstro server.', colors.dim);
+  log('');
+  log('To disable the bouncer hook, remove the PreToolUse entry from', colors.dim);
+  log(`${CLAUDE_SETTINGS_FILE}`, colors.dim);
+  log('');
+}
+async function main() {
+  log('\n=== Mstro Claude Configuration ===\n', colors.bold + colors.blue);
+  const isInteractive = process.stdin.isTTY;
+  const forceYes = process.argv.includes('--yes') || process.argv.includes('-y');
+  ensureDirectories();
+  const hookDest = await installBouncerHook(forceYes, isInteractive);
+  const settingsContent = await configureSettings(hookDest, forceYes, isInteractive);
+  printSummary(hookDest, settingsContent);
+}
+main().catch((err) => {
+  log(`\nError: ${err.message}`, colors.red);
+  process.exit(1);
+});