mtrx-cli 0.1.11 → 0.1.14

package/src/matrx/cli/cursor_config.py

@@ -1,14 +1,20 @@
 """
-Read / write Cursor IDE settings stored in the SQLite ``state.vscdb`` database.
+Read / write Cursor IDE settings.
 
-Cursor stores its model-related settings (custom API keys, base URL overrides)
-in ``~/Library/Application Support/Cursor/User/globalStorage/state.vscdb``
-(macOS) inside an ``ItemTable`` key-value store.
+Two configuration surfaces:
+
+1. **settings.json** -- Cursor's user preferences file (VS-Code–compatible).
+   The MITM proxy approach writes ``http.proxy`` and ``http.proxyStrictSSL``
+   here so that Cursor routes *all* traffic through the local proxy.
+
+2. **state.vscdb** -- Cursor's internal SQLite key-value store.  The legacy
+   "Override OpenAI Base URL" approach writes API-key / base-URL overrides
+   here.  These helpers are retained for ``mtrx use cursor direct`` restore.
 
 This module provides helpers to:
-  - locate the database on each platform
-  - discover which keys Cursor uses for the OpenAI API key / base URL override
-  - read, write, backup, and restore those settings
+  - locate the database / settings file on each platform
+  - read, write, backup, and restore settings
+  - configure ``http.proxy`` for the MITM proxy
   - print manual setup instructions as a fallback
 """
 
@@ -36,6 +42,14 @@ _OPENAI_BASE_URL_FIELD = "openaiBaseUrl"
 _OVERRIDE_OPENAI_BASE_URL_FIELD = "enableOpenaiBaseUrlOverride"
 _ANTHROPIC_KEY_FIELD = "anthropicApiKey"
 
+# Cursor v2.5+ moved BYOK settings to the reactive persistent storage blob.
+_REACTIVE_STORAGE_KEY = (
+    "src.vs.platform.reactivestorage.browser."
+    "reactiveStorageServiceImpl.persistentStorage.applicationUser"
+)
+_RS_USE_OPENAI_KEY = "useOpenAIKey"
+_RS_BASE_URL = "openAIBaseUrl"
+
 
 def cursor_state_db_path() -> Path:
     """Return the platform-specific path to Cursor's ``state.vscdb``."""
@@ -206,6 +220,34 @@ def write_cursor_settings(
         conn.close()
 
 
+def _read_reactive_storage(conn: sqlite3.Connection) -> dict | None:
+    cursor = conn.cursor()
+    cursor.execute(
+        "SELECT value FROM ItemTable WHERE key = ?", (_REACTIVE_STORAGE_KEY,)
+    )
+    row = cursor.fetchone()
+    if row is None:
+        return None
+    try:
+        return json.loads(row[0]) if isinstance(row[0], str) else None
+    except (json.JSONDecodeError, TypeError):
+        return None
+
+
+def _write_reactive_storage(conn: sqlite3.Connection, data: dict) -> bool:
+    try:
+        cursor = conn.cursor()
+        cursor.execute(
+            "INSERT OR REPLACE INTO ItemTable (key, value) VALUES (?, ?)",
+            (_REACTIVE_STORAGE_KEY, json.dumps(data)),
+        )
+        conn.commit()
+        return True
+    except sqlite3.Error as exc:
+        logger.debug("cursor_config: reactive storage write error: %s", exc)
+        return False
+
+
 def configure_cursor_for_proxy(
     proxy_url: str,
     proxy_api_key: str = "mtrx-cursor-proxy",
@@ -213,56 +255,78 @@ def configure_cursor_for_proxy(
     db_path: Path | None = None,
 ) -> dict | None:
     """
-    Configure Cursor to route through the local MTRX proxy.
+    Configure Cursor to route all model traffic through MTRX.
 
-    Sets the OpenAI API key and Override Base URL in state.vscdb.
+    Writes to both the legacy ``storage.ServiceStorage`` blob and the
+    current reactive persistent storage used by Cursor v2.5+.
     Returns the previous settings dict (for later restoration), or None on failure.
     """
     db_path = db_path or cursor_state_db_path()
-    current = read_cursor_settings(db_path)
+    conn = _open_db(db_path)
+    if conn is None:
+        return None
 
-    if current is None:
-        # Settings key not found — may need user to set a dummy key via UI first.
-        # Try to insert a fresh settings blob under the first candidate key.
-        conn = _open_db(db_path)
-        if conn is None:
-            return None
-        try:
+    try:
+        # --- Reactive storage (Cursor v2.5+) ---
+        rs_data = _read_reactive_storage(conn)
+        rs_previous = {}
+        if rs_data is not None:
+            rs_previous = {
+                _RS_USE_OPENAI_KEY: rs_data.get(_RS_USE_OPENAI_KEY),
+                _RS_BASE_URL: rs_data.get(_RS_BASE_URL),
+            }
+            rs_data[_RS_USE_OPENAI_KEY] = True
+            rs_data[_RS_BASE_URL] = proxy_url
+            _write_reactive_storage(conn, rs_data)
+
+        # --- Legacy storage (still written for older Cursor versions) ---
+        legacy_previous = {}
+        settings_key = _find_settings_key(conn) or _scan_for_settings_key(conn)
+        if settings_key:
+            cur = conn.cursor()
+            cur.execute("SELECT value FROM ItemTable WHERE key = ?", (settings_key,))
+            row = cur.fetchone()
+            if row:
+                current = json.loads(row[0]) if isinstance(row[0], str) else {}
+                legacy_previous = {
+                    _OPENAI_KEY_FIELD: current.get(_OPENAI_KEY_FIELD),
+                    _OPENAI_BASE_URL_FIELD: current.get(_OPENAI_BASE_URL_FIELD),
+                    _OVERRIDE_OPENAI_BASE_URL_FIELD: current.get(_OVERRIDE_OPENAI_BASE_URL_FIELD),
+                    _ANTHROPIC_KEY_FIELD: current.get(_ANTHROPIC_KEY_FIELD),
+                    "_mtrx_settings_key": settings_key,
+                }
+                current[_OPENAI_KEY_FIELD] = proxy_api_key
+                current[_OPENAI_BASE_URL_FIELD] = proxy_url
+                current[_OVERRIDE_OPENAI_BASE_URL_FIELD] = True
+                cur.execute(
+                    "INSERT OR REPLACE INTO ItemTable (key, value) VALUES (?, ?)",
+                    (settings_key, json.dumps(current)),
+                )
+                conn.commit()
+        if not legacy_previous:
             settings_key = _CANDIDATE_SETTINGS_KEYS[0]
             fresh: dict = {
                 _OPENAI_KEY_FIELD: proxy_api_key,
                 _OPENAI_BASE_URL_FIELD: proxy_url,
                 _OVERRIDE_OPENAI_BASE_URL_FIELD: True,
             }
-            cursor = conn.cursor()
-            cursor.execute(
+            cur = conn.cursor()
+            cur.execute(
                 "INSERT OR REPLACE INTO ItemTable (key, value) VALUES (?, ?)",
                 (settings_key, json.dumps(fresh)),
             )
             conn.commit()
-            return {"_mtrx_settings_key": settings_key, "_mtrx_was_absent": True}
-        except sqlite3.Error as exc:
-            logger.debug("cursor_config: fresh insert error: %s", exc)
-            return None
-        finally:
-            conn.close()
+            legacy_previous = {"_mtrx_settings_key": settings_key, "_mtrx_was_absent": True}
 
-    settings_key = current.pop("_mtrx_settings_key", _CANDIDATE_SETTINGS_KEYS[0])
-    previous = {
-        _OPENAI_KEY_FIELD: current.get(_OPENAI_KEY_FIELD),
-        _OPENAI_BASE_URL_FIELD: current.get(_OPENAI_BASE_URL_FIELD),
-        _OVERRIDE_OPENAI_BASE_URL_FIELD: current.get(_OVERRIDE_OPENAI_BASE_URL_FIELD),
-        _ANTHROPIC_KEY_FIELD: current.get(_ANTHROPIC_KEY_FIELD),
-        "_mtrx_settings_key": settings_key,
-    }
-
-    current[_OPENAI_KEY_FIELD] = proxy_api_key
-    current[_OPENAI_BASE_URL_FIELD] = proxy_url
-    current[_OVERRIDE_OPENAI_BASE_URL_FIELD] = True
-
-    if write_cursor_settings(db_path, settings_key, current):
-        return previous
-    return None
+        return {
+            **legacy_previous,
+            "_mtrx_rs_previous": rs_previous,
+        }
+    except sqlite3.Error as exc:
+        logger.debug("cursor_config: configure error: %s", exc)
+        return None
+    finally:
+        conn.close()
 
 
 def restore_cursor_settings(
@@ -272,46 +336,56 @@ def restore_cursor_settings(
 ) -> bool:
     """Restore Cursor settings to their pre-proxy state."""
     db_path = db_path or cursor_state_db_path()
-    settings_key = previous.get("_mtrx_settings_key", "")
+    conn = _open_db(db_path)
+    if conn is None:
+        return False
 
-    if previous.get("_mtrx_was_absent"):
-        conn = _open_db(db_path)
-        if conn is None:
-            return False
-        try:
+    ok = True
+    try:
+        # --- Reactive storage ---
+        rs_prev = previous.get("_mtrx_rs_previous", {})
+        if rs_prev:
+            rs_data = _read_reactive_storage(conn)
+            if rs_data is not None:
+                for field in (_RS_USE_OPENAI_KEY, _RS_BASE_URL):
+                    old_value = rs_prev.get(field)
+                    if old_value is None:
+                        rs_data.pop(field, None)
+                    else:
+                        rs_data[field] = old_value
+                _write_reactive_storage(conn, rs_data)
+
+        # --- Legacy storage ---
+        settings_key = previous.get("_mtrx_settings_key", "")
+        if previous.get("_mtrx_was_absent") and settings_key:
             cursor = conn.cursor()
             cursor.execute(
                 "DELETE FROM ItemTable WHERE key = ?", (settings_key,)
             )
             conn.commit()
-            return True
-        except sqlite3.Error:
-            return False
-        finally:
-            conn.close()
-
-    if not settings_key:
-        return False
-
-    current = read_cursor_settings(db_path)
-    if current is None:
-        return False
-
-    current.pop("_mtrx_settings_key", None)
-
-    for field in (
-        _OPENAI_KEY_FIELD,
-        _OPENAI_BASE_URL_FIELD,
-        _OVERRIDE_OPENAI_BASE_URL_FIELD,
-        _ANTHROPIC_KEY_FIELD,
-    ):
-        old_value = previous.get(field)
-        if old_value is None:
-            current.pop(field, None)
-        else:
-            current[field] = old_value
+        elif settings_key:
+            current = read_cursor_settings(db_path)
+            if current is not None:
+                current.pop("_mtrx_settings_key", None)
+                for field in (
+                    _OPENAI_KEY_FIELD,
+                    _OPENAI_BASE_URL_FIELD,
+                    _OVERRIDE_OPENAI_BASE_URL_FIELD,
+                    _ANTHROPIC_KEY_FIELD,
+                ):
+                    old_value = previous.get(field)
+                    if old_value is None:
+                        current.pop(field, None)
+                    else:
+                        current[field] = old_value
+                ok = write_cursor_settings(db_path, settings_key, current)
+    except sqlite3.Error as exc:
+        logger.debug("cursor_config: restore error: %s", exc)
+        ok = False
+    finally:
+        conn.close()
 
-    return write_cursor_settings(db_path, settings_key, current)
+    return ok
 
 
 def print_manual_setup_instructions(proxy_url: str) -> None:
@@ -329,3 +403,117 @@ def print_manual_setup_instructions(proxy_url: str) -> None:
     print()
     print("  All models (Claude, GPT, Gemini, etc.) will route through MTRX.")
     print()
+
+
+# =========================================================================
+# settings.json helpers (MITM proxy approach)
+# =========================================================================
+
+def cursor_settings_json_path() -> Path:
+    """Return the path to Cursor's ``settings.json``."""
+    system = platform.system()
+    if system == "Darwin":
+        return (
+            Path.home()
+            / "Library"
+            / "Application Support"
+            / "Cursor"
+            / "User"
+            / "settings.json"
+        )
+    if system == "Linux":
+        return Path.home() / ".config" / "Cursor" / "User" / "settings.json"
+    # Windows
+    appdata = os.environ.get("APPDATA", "")
+    if appdata:
+        return Path(appdata) / "Cursor" / "User" / "settings.json"
+    return Path.home() / "AppData" / "Roaming" / "Cursor" / "User" / "settings.json"
+
+
+def _read_settings_json(path: Path | None = None) -> dict:
+    path = path or cursor_settings_json_path()
+    if not path.exists():
+        return {}
+    try:
+        return json.loads(path.read_text(encoding="utf-8"))
+    except (json.JSONDecodeError, OSError):
+        return {}
+
+
+def _write_settings_json(data: dict, path: Path | None = None) -> bool:
+    path = path or cursor_settings_json_path()
+    try:
+        path.parent.mkdir(parents=True, exist_ok=True)
+        path.write_text(json.dumps(data, indent=4) + "\n", encoding="utf-8")
+        return True
+    except OSError as exc:
+        logger.debug("cursor_config: settings.json write error: %s", exc)
+        return False
+
+
+def configure_cursor_proxy_settings(
+    proxy_url: str,
+    ca_cert_path: str,
+) -> dict:
+    """Set ``http.proxy`` and ``NODE_EXTRA_CA_CERTS`` in Cursor's settings.
+
+    Returns the previous values of the modified keys (for restoration).
+    """
+    settings = _read_settings_json()
+
+    previous = {
+        "http.proxy": settings.get("http.proxy"),
+        "http.proxyStrictSSL": settings.get("http.proxyStrictSSL"),
+        "terminal.integrated.env.osx": settings.get("terminal.integrated.env.osx"),
+        "terminal.integrated.env.linux": settings.get("terminal.integrated.env.linux"),
+        "terminal.integrated.env.windows": settings.get("terminal.integrated.env.windows"),
+    }
+
+    settings["http.proxy"] = proxy_url
+    settings["http.proxyStrictSSL"] = False
+
+    # Inject NODE_EXTRA_CA_CERTS into integrated terminal env so Cursor's
+    # Node.js runtime trusts our CA.  Cursor itself reads this from the
+    # process environment, but setting it here covers more cases.
+    for env_key in (
+        "terminal.integrated.env.osx",
+        "terminal.integrated.env.linux",
+        "terminal.integrated.env.windows",
+    ):
+        env_block = settings.get(env_key)
+        if not isinstance(env_block, dict):
+            env_block = {}
+        env_block["NODE_EXTRA_CA_CERTS"] = ca_cert_path
+        settings[env_key] = env_block
+
+    _write_settings_json(settings)
+    return previous
+
+
+def restore_cursor_proxy_settings(previous: dict) -> bool:
+    """Restore Cursor's settings.json to pre-proxy values."""
+    settings = _read_settings_json()
+
+    for key in ("http.proxy", "http.proxyStrictSSL"):
+        old = previous.get(key)
+        if old is None:
+            settings.pop(key, None)
+        else:
+            settings[key] = old
+
+    for env_key in (
+        "terminal.integrated.env.osx",
+        "terminal.integrated.env.linux",
+        "terminal.integrated.env.windows",
+    ):
+        old = previous.get(env_key)
+        if old is None:
+            env_block = settings.get(env_key)
+            if isinstance(env_block, dict):
+                env_block.pop("NODE_EXTRA_CA_CERTS", None)
+                if not env_block:
+                    settings.pop(env_key, None)
+        else:
+            settings[env_key] = old
+
+    return _write_settings_json(settings)

package/src/matrx/cli/cursor_daemon.py

@@ -0,0 +1,64 @@
+"""
+Daemon entry-point for the MTRX Cursor MITM proxy.
+
+Launched by the platform service manager (Launch Agent, systemd, or
+detached subprocess).  Reads proxy configuration from a JSON file and
+starts the MITM proxy loop.
+
+Usage::
+
+    python -m matrx.cli.cursor_daemon --config ~/.config/mtrx/cursor-proxy.json \
+                                      --pid-file ~/.config/mtrx/cursor-proxy.pid
+"""
+
+from __future__ import annotations
+
+import argparse
+import json
+import logging
+import sys
+from pathlib import Path
+
+logging.basicConfig(
+    level=logging.INFO,
+    format="%(asctime)s [%(levelname)s] %(name)s: %(message)s",
+)
+
+
+def main() -> int:
+    parser = argparse.ArgumentParser(description="MTRX Cursor MITM proxy daemon")
+    parser.add_argument("--config", required=True, help="Path to proxy config JSON")
+    parser.add_argument("--pid-file", default=None, help="Path to write PID file")
+    args = parser.parse_args()
+
+    config_path = Path(args.config)
+    if not config_path.exists():
+        print(f"Config file not found: {config_path}", file=sys.stderr)
+        return 1
+
+    config = json.loads(config_path.read_text(encoding="utf-8"))
+    matrx_key = config.get("matrx_key", "")
+    matrx_base_url = config.get("matrx_base_url", "")
+    host = config.get("host", "127.0.0.1")
+    port = config.get("port", 8842)
+
+    if not matrx_key or not matrx_base_url:
+        print("Invalid proxy config: matrx_key and matrx_base_url required", file=sys.stderr)
+        return 1
+
+    pid_file = Path(args.pid_file) if args.pid_file else None
+
+    from matrx.cli.cursor_proxy import run_proxy
+
+    run_proxy(
+        matrx_key=matrx_key,
+        matrx_base_url=matrx_base_url,
+        host=host,
+        port=port,
+        pid_file=pid_file,
+    )
+    return 0
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

package/src/matrx/cli/cursor_launcher.py

@@ -0,0 +1,106 @@
+"""
+Cross-platform launcher for Cursor IDE with proxy environment variables.
+
+Cursor must be started with HTTP_PROXY, HTTPS_PROXY, and NODE_EXTRA_CA_CERTS
+for the MITM proxy to work. Launching from Dock/Spotlight does not pass
+these env vars; this module finds the Cursor executable and launches it
+with the correct environment on any platform.
+"""
+
+from __future__ import annotations
+
+import logging
+import os
+import platform
+import shutil
+import subprocess
+from pathlib import Path
+
+logger = logging.getLogger(__name__)
+
+
+def _cursor_executable_darwin() -> str | None:
+    """macOS: /Applications/Cursor.app/Contents/MacOS/Cursor."""
+    app = Path("/Applications/Cursor.app")
+    exe = app / "Contents" / "MacOS" / "Cursor"
+    if exe.exists():
+        return str(exe)
+    return None
+
+
+def _cursor_executable_linux() -> str | None:
+    """Linux: cursor in PATH or common install locations."""
+    cursor = shutil.which("cursor")
+    if cursor:
+        return cursor
+    for path in (
+        Path.home() / ".local" / "share" / "cursor" / "bin" / "cursor",
+        Path.home() / ".local" / "bin" / "cursor",
+    ):
+        if path.exists():
+            return str(path)
+    return None
+
+
+def _cursor_executable_windows() -> str | None:
+    """Windows: Cursor.exe in Local AppData."""
+    local = os.environ.get("LOCALAPPDATA", "")
+    if local:
+        for parts in (("Programs", "cursor", "Cursor.exe"), ("Cursor", "Cursor.exe")):
+            exe = Path(local) / Path(*parts)
+            if exe.exists():
+                return str(exe)
+        alt = Path(local) / "cursor" / "Cursor.exe"
+        if alt.exists():
+            return str(alt)
+    return None
+
+
+def find_cursor_executable() -> str | None:
+    """Return the path to the Cursor executable for the current platform."""
+    system = platform.system()
+    if system == "Darwin":
+        return _cursor_executable_darwin()
+    if system == "Linux":
+        return _cursor_executable_linux()
+    if system == "Windows":
+        return _cursor_executable_windows()
+    return None
+
+
+def launch_cursor_with_proxy(
+    proxy_url: str,
+    ca_cert_path: str,
+) -> bool:
+    """
+    Launch Cursor with HTTP_PROXY, HTTPS_PROXY, and NODE_EXTRA_CA_CERTS set.
+
+    Returns True if Cursor was launched, False if executable not found.
+    """
+    exe = find_cursor_executable()
+    if not exe:
+        return False
+
+    env = os.environ.copy()
+    env["HTTP_PROXY"] = proxy_url
+    env["HTTPS_PROXY"] = proxy_url
+    env["NODE_EXTRA_CA_CERTS"] = str(ca_cert_path)
+
+    kwargs: dict = {}
+    if platform.system() == "Windows":
+        kwargs["creationflags"] = subprocess.CREATE_NEW_PROCESS_GROUP | subprocess.DETACHED_PROCESS
+
+    try:
+        subprocess.Popen(
+            [exe],
+            env=env,
+            stdin=subprocess.DEVNULL,
+            stdout=subprocess.DEVNULL,
+            stderr=subprocess.DEVNULL,
+            start_new_session=(platform.system() != "Windows"),
+            **kwargs,
+        )
+        return True
+    except OSError as exc:
+        logger.warning("Failed to launch Cursor: %s", exc)
+        return False