ocx 0.1.1

package/src/registry/fetcher.ts

@@ -0,0 +1,168 @@
+/**
+ * Registry Fetcher with in-memory caching
+ * Based on: https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/src/registry/fetcher.ts
+ */
+
+import type { ComponentManifest, RegistryIndex, McpServer, Packument } from "../schemas/registry.js"
+import {
+	componentManifestSchema,
+	registryIndexSchema,
+	packumentSchema,
+} from "../schemas/registry.js"
+import { NotFoundError, NetworkError, ValidationError } from "../utils/errors.js"
+
+// In-memory cache for deduplication
+const cache = new Map<string, Promise<unknown>>()
+
+/**
+ * Fetch with caching - deduplicates concurrent requests
+ */
+async function fetchWithCache<T>(url: string, parse: (data: unknown) => T): Promise<T> {
+	const cached = cache.get(url)
+	if (cached) {
+		return cached as Promise<T>
+	}
+
+	const promise = (async () => {
+		const response = await fetch(url)
+
+		if (!response.ok) {
+			if (response.status === 404) {
+				throw new NotFoundError(`Not found: ${url}`)
+			}
+			throw new NetworkError(`Failed to fetch ${url}: ${response.status} ${response.statusText}`)
+		}
+
+		const data = await response.json()
+		return parse(data)
+	})()
+
+	cache.set(url, promise)
+
+	// Clean up cache on error
+	promise.catch(() => cache.delete(url))
+
+	return promise
+}
+
+/**
+ * Clear the fetch cache
+ */
+export function clearCache(): void {
+	cache.clear()
+}
+
+/**
+ * Fetch registry index
+ */
+export async function fetchRegistryIndex(baseUrl: string): Promise<RegistryIndex> {
+	const url = `${baseUrl.replace(/\/$/, "")}/index.json`
+
+	return fetchWithCache(url, (data) => {
+		const result = registryIndexSchema.safeParse(data)
+		if (!result.success) {
+			throw new ValidationError(`Invalid registry format at ${url}: ${result.error.message}`)
+		}
+		return result.data
+	})
+}
+
+/**
+ * Fetch a component from registry and return the latest manifest
+ */
+export async function fetchComponent(baseUrl: string, name: string): Promise<ComponentManifest> {
+	const url = `${baseUrl.replace(/\/$/, "")}/components/${name}.json`
+
+	return fetchWithCache(url, (data) => {
+		// 1. Parse as packument
+		const packumentResult = packumentSchema.safeParse(data)
+		if (!packumentResult.success) {
+			throw new ValidationError(
+				`Invalid packument format for "${name}": ${packumentResult.error.message}`,
+			)
+		}
+
+		const packument = packumentResult.data
+		const latestVersion = packument["dist-tags"].latest
+		const manifest = packument.versions[latestVersion]
+
+		if (!manifest) {
+			throw new ValidationError(
+				`Component "${name}" has no manifest for latest version ${latestVersion}`,
+			)
+		}
+
+		// 2. Validate manifest
+		const manifestResult = componentManifestSchema.safeParse(manifest)
+		if (!manifestResult.success) {
+			throw new ValidationError(
+				`Invalid component manifest for "${name}@${latestVersion}": ${manifestResult.error.message}`,
+			)
+		}
+
+		return manifestResult.data
+	})
+}
+
+/**
+ * Fetch multiple components in parallel
+ */
+export async function fetchComponents(
+	baseUrl: string,
+	names: string[],
+): Promise<ComponentManifest[]> {
+	const results = await Promise.allSettled(names.map((name) => fetchComponent(baseUrl, name)))
+
+	const components: ComponentManifest[] = []
+	const errors: string[] = []
+
+	for (let i = 0; i < results.length; i++) {
+		const result = results[i]
+		if (result.status === "fulfilled") {
+			components.push(result.value)
+		} else {
+			errors.push(`${names[i]}: ${result.reason.message}`)
+		}
+	}
+
+	if (errors.length > 0) {
+		throw new NetworkError(`Failed to fetch components:\n${errors.join("\n")}`)
+	}
+
+	return components
+}
+
+/**
+ * Check if a component exists in registry
+ */
+export async function componentExists(baseUrl: string, name: string): Promise<boolean> {
+	try {
+		await fetchComponent(baseUrl, name)
+		return true
+	} catch {
+		return false
+	}
+}
+
+/**
+ * Fetch actual file content from registry
+ */
+export async function fetchFileContent(
+	baseUrl: string,
+	componentName: string,
+	filePath: string,
+): Promise<string> {
+	const url = `${baseUrl.replace(/\/$/, "")}/components/${componentName}/${filePath}`
+
+	const response = await fetch(url)
+	if (!response.ok) {
+		throw new NetworkError(
+			`Failed to fetch file ${filePath} for ${componentName}: ${response.status} ${response.statusText}`,
+		)
+	}
+
+	return response.text()
+}
+
+// Re-export types for convenience
+export type { ComponentManifest, RegistryIndex, McpServer }

package/src/registry/index.ts

@@ -0,0 +1,2 @@
+export * from "./fetcher.js"
+export * from "./resolver.js"

package/src/registry/opencode-config.ts

@@ -0,0 +1,182 @@
+/**
+ * OpenCode.json Modifier
+ * Handles reading, merging, and writing opencode.json configuration
+ *
+ * Key responsibilities:
+ * - Add MCP server definitions
+ * - Deep merge without clobbering user config
+ */
+
+import type { McpServer } from "../schemas/registry.js"
+
+export interface OpencodeConfig {
+	$schema?: string
+	mcp?: Record<string, McpServerConfig>
+	tools?: Record<string, boolean>
+	agent?: Record<string, AgentConfig>
+	default_agent?: string
+	[key: string]: unknown
+}
+
+export interface McpServerConfig {
+	type: "remote" | "local"
+	url?: string
+	command?: string[]
+	headers?: Record<string, string>
+	enabled?: boolean
+}
+
+export interface AgentConfig {
+	disable?: boolean
+	tools?: Record<string, boolean>
+	[key: string]: unknown
+}
+
+/**
+ * Read opencode.json or opencode.jsonc from a directory
+ */
+export async function readOpencodeConfig(cwd: string): Promise<{
+	config: OpencodeConfig
+	path: string
+} | null> {
+	const jsonPath = `${cwd}/opencode.json`
+	const jsoncPath = `${cwd}/opencode.jsonc`
+
+	// Try opencode.jsonc first, then opencode.json
+	for (const configPath of [jsoncPath, jsonPath]) {
+		const file = Bun.file(configPath)
+		if (await file.exists()) {
+			const content = await file.text()
+			// Strip comments for JSONC
+			const stripped = configPath.endsWith(".jsonc") ? stripJsonComments(content) : content
+			return {
+				config: JSON.parse(stripped) as OpencodeConfig,
+				path: configPath,
+			}
+		}
+	}
+
+	return null
+}
+
+/**
+ * Write opencode.json config
+ */
+export async function writeOpencodeConfig(path: string, config: OpencodeConfig): Promise<void> {
+	const content = JSON.stringify(config, null, 2)
+	await Bun.write(path, content)
+}
+
+/**
+ * Apply MCP servers to opencode config
+ * Non-destructive: only adds new servers, doesn't overwrite existing
+ */
+export function applyMcpServers(
+	config: OpencodeConfig,
+	mcpServers: Record<string, McpServer>,
+): { config: OpencodeConfig; added: string[]; skipped: string[] } {
+	const added: string[] = []
+	const skipped: string[] = []
+
+	if (!config.mcp) {
+		config.mcp = {}
+	}
+
+	for (const [name, server] of Object.entries(mcpServers)) {
+		if (config.mcp[name]) {
+			// Already exists, skip
+			skipped.push(name)
+		} else {
+			// Add new server
+			const serverConfig: McpServerConfig = {
+				type: server.type,
+				enabled: server.enabled,
+			}
+
+			if (server.type === "remote" && server.url) {
+				serverConfig.url = server.url
+			}
+			if (server.type === "local" && server.command) {
+				serverConfig.command = server.command
+			}
+			if (server.headers) {
+				serverConfig.headers = server.headers
+			}
+
+			config.mcp[name] = serverConfig
+			added.push(name)
+		}
+	}
+
+	return { config, added, skipped }
+}
+
+/**
+ * Strip JSON comments (simple implementation)
+ */
+function stripJsonComments(content: string): string {
+	// Remove single-line comments
+	let result = content.replace(/\/\/.*$/gm, "")
+	// Remove multi-line comments
+	result = result.replace(/\/\*[\s\S]*?\*\//g, "")
+	return result
+}
+
+/**
+ * Create or update opencode.json with required configuration
+ */
+export async function updateOpencodeConfig(
+	cwd: string,
+	options: {
+		mcpServers?: Record<string, McpServer>
+		defaultAgent?: string
+	},
+): Promise<{
+	path: string
+	created: boolean
+	mcpAdded: string[]
+	mcpSkipped: string[]
+}> {
+	let existing = await readOpencodeConfig(cwd)
+	let config: OpencodeConfig
+	let configPath: string
+	let created = false
+
+	if (existing) {
+		config = existing.config
+		configPath = existing.path
+	} else {
+		// Create new config
+		config = {
+			$schema: "https://opencode.ai/config.json",
+		}
+		configPath = `${cwd}/opencode.json`
+		created = true
+	}
+
+	let mcpAdded: string[] = []
+	let mcpSkipped: string[] = []
+
+	// Apply MCP servers
+	if (options.mcpServers && Object.keys(options.mcpServers).length > 0) {
+		const result = applyMcpServers(config, options.mcpServers)
+		config = result.config
+		mcpAdded = result.added
+		mcpSkipped = result.skipped
+	}
+
+	// Set default agent if provided and not already set
+	if (options.defaultAgent && !config.default_agent) {
+		config.default_agent = options.defaultAgent
+	}
+
+	// Write config
+	await writeOpencodeConfig(configPath, config)
+
+	return {
+		path: configPath,
+		created,
+		mcpAdded,
+		mcpSkipped,
+	}
+}

package/src/registry/resolver.ts

@@ -0,0 +1,127 @@
+/**
+ * Dependency Resolver with topological sort
+ * Based on: https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/src/registry/resolver.ts
+ */
+
+import type { ComponentManifest, McpServer } from "../schemas/registry.js"
+import { fetchComponent } from "./fetcher.js"
+import { ValidationError, OCXError } from "../utils/errors.js"
+import type { RegistryConfig } from "../schemas/config.js"
+
+export interface ResolvedComponent extends ComponentManifest {
+	registryName: string
+	baseUrl: string
+}
+
+export interface ResolvedDependencies {
+	/** All components in dependency order (dependencies first) */
+	components: ResolvedComponent[]
+	/** Install order (component names) */
+	installOrder: string[]
+	/** Aggregated MCP servers from all components */
+	mcpServers: Record<string, McpServer>
+}
+
+/**
+ * Resolve all dependencies for a set of components across multiple registries
+ * Returns components in topological order (dependencies first)
+ */
+export async function resolveDependencies(
+	registries: Record<string, RegistryConfig>,
+	componentNames: string[],
+): Promise<ResolvedDependencies> {
+	const resolved = new Map<string, ResolvedComponent>()
+	const visiting = new Set<string>()
+	const mcpServers: Record<string, McpServer> = {}
+
+	async function resolve(name: string, path: string[] = []): Promise<void> {
+		// Already resolved
+		if (resolved.has(name)) {
+			return
+		}
+
+		// Cycle detection
+		if (visiting.has(name)) {
+			const cycle = [...path, name].join(" → ")
+			throw new ValidationError(`Circular dependency detected: ${cycle}`)
+		}
+
+		visiting.add(name)
+
+		// Find component in any registry
+		let component: ComponentManifest | null = null
+		let foundRegistry: { name: string; url: string } | null = null
+
+		const registryEntries = Object.entries(registries)
+		
+		for (const [regName, regConfig] of registryEntries) {
+			try {
+				const manifest = await fetchComponent(regConfig.url, name)
+				component = manifest
+				foundRegistry = { name: regName, url: regConfig.url }
+				break
+			} catch (_err) {
+				// Component not in this registry, try next
+				continue
+			}
+		}
+
+		if (!component || !foundRegistry) {
+			throw new OCXError(
+				`Component '${name}' not found in any configured registry.`,
+				"NOT_FOUND",
+			)
+		}
+
+		// Resolve dependencies first (depth-first)
+		for (const dep of component.dependencies) {
+			await resolve(dep, [...path, name])
+		}
+
+		// Add to resolved (dependencies are already added)
+		resolved.set(name, {
+			...component,
+			registryName: foundRegistry.name,
+			baseUrl: foundRegistry.url,
+		})
+		visiting.delete(name)
+
+		// Collect MCP servers
+		if (component.mcpServers) {
+			for (const [serverName, config] of Object.entries(component.mcpServers)) {
+				mcpServers[serverName] = config as McpServer
+			}
+		}
+	}
+
+	// Resolve all requested components
+	for (const name of componentNames) {
+		await resolve(name)
+	}
+
+	// Convert to array (already in topological order due to depth-first)
+	const components = Array.from(resolved.values())
+	const installOrder = Array.from(resolved.keys())
+
+	return {
+		components,
+		installOrder,
+		mcpServers,
+	}
+}
+
+/**
+ * Check if installing components would create conflicts
+ */
+export function checkConflicts(existing: string[], toInstall: string[]): string[] {
+	const conflicts: string[] = []
+	const existingSet = new Set(existing)
+
+	for (const name of toInstall) {
+		if (existingSet.has(name)) {
+			conflicts.push(name)
+		}
+	}
+
+	return conflicts
+}

package/src/schemas/config.ts

@@ -0,0 +1,207 @@
+/**
+ * Config & Lockfile Schemas
+ * 
+ * Schemas for ocx.jsonc (user config) and ocx.lock (auto-generated lockfile).
+ */
+
+import { z } from "zod"
+import { mcpServerSchema } from "./registry.js"
+
+// =============================================================================
+// OCX CONFIG SCHEMA (ocx.jsonc)
+// =============================================================================
+
+/**
+ * Registry configuration in ocx.jsonc
+ */
+export const registryConfigSchema = z.object({
+	/** Registry URL */
+	url: z.string().url("Registry URL must be a valid URL"),
+	
+	/** Optional version pin */
+	version: z.string().optional(),
+	
+	/** Optional auth headers (supports ${ENV_VAR} expansion) */
+	headers: z.record(z.string()).optional(),
+})
+
+export type RegistryConfig = z.infer<typeof registryConfigSchema>
+
+/**
+ * Main OCX config schema (ocx.jsonc)
+ */
+export const ocxConfigSchema = z.object({
+	/** Schema URL for IDE support */
+	$schema: z.string().optional(),
+	
+	/** Configured registries */
+	registries: z.record(registryConfigSchema).default({}),
+	
+	/** Lock registries - prevent adding/removing (enterprise feature) */
+	lockRegistries: z.boolean().default(false),
+})
+
+export type OcxConfig = z.infer<typeof ocxConfigSchema>
+
+// =============================================================================
+// OCX LOCKFILE SCHEMA (ocx.lock)
+// =============================================================================
+
+/**
+ * Installed component entry in lockfile
+ */
+export const installedComponentSchema = z.object({
+	/** Registry this was installed from */
+	registry: z.string(),
+	
+	/** Version at time of install */
+	version: z.string(),
+	
+	/** SHA-256 hash of installed files for integrity */
+	hash: z.string(),
+	
+	/** Target path where installed */
+	target: z.string(),
+	
+	/** ISO timestamp of installation */
+	installedAt: z.string(),
+})
+
+export type InstalledComponent = z.infer<typeof installedComponentSchema>
+
+/**
+ * OCX lockfile schema (ocx.lock)
+ */
+export const ocxLockSchema = z.object({
+	/** Lockfile format version */
+	lockVersion: z.literal(1),
+	
+	/** Installed components */
+	installed: z.record(installedComponentSchema).default({}),
+})
+
+export type OcxLock = z.infer<typeof ocxLockSchema>
+
+// =============================================================================
+// OPENCODE.JSON MODIFICATION SCHEMAS
+// =============================================================================
+
+/**
+ * MCP server config for opencode.json
+ */
+export const opencodeMcpSchema = z.record(mcpServerSchema)
+
+/**
+ * Agent config for opencode.json
+ */
+export const opencodeAgentSchema = z.object({
+	disable: z.boolean().optional(),
+	tools: z.record(z.boolean()).optional(),
+})
+
+/**
+ * Partial opencode.json schema (what OCX modifies)
+ */
+export const opencodeConfigPatchSchema = z.object({
+	/** Default agent */
+	default_agent: z.string().optional(),
+	
+	/** MCP servers */
+	mcp: opencodeMcpSchema.optional(),
+	
+	/** Tool configuration */
+	tools: z.record(z.boolean()).optional(),
+	
+	/** Agent configuration */
+	agent: z.record(opencodeAgentSchema).optional(),
+})
+
+export type OpencodeConfigPatch = z.infer<typeof opencodeConfigPatchSchema>
+
+// =============================================================================
+// SCHEMA INDEX
+// =============================================================================
+
+export const schemas = {
+	config: ocxConfigSchema,
+	lock: ocxLockSchema,
+	registryConfig: registryConfigSchema,
+	installedComponent: installedComponentSchema,
+	opencodeConfigPatch: opencodeConfigPatchSchema,
+} as const
+
+// =============================================================================
+// CONFIG FILE HELPERS
+// =============================================================================
+
+const CONFIG_FILE = "ocx.jsonc"
+const LOCK_FILE = "ocx.lock"
+
+/**
+ * Strip JSONC comments for parsing.
+ * Robust version that respects strings (avoids breaking URLs).
+ */
+export function stripJsonComments(content: string): string {
+  // Regex that matches either a string, a block comment, or a line comment
+  // We use this to correctly skip slashes inside strings
+  return content.replace(/("(?:[^"\\]|\\.)*")|(\/\*[\s\S]*?\*\/)|(\/\/.*)$/gm, (match, string, block, line) => {
+    if (string) return string; // Return string as is
+    return ""; // Remove comment
+  });
+}
+
+/**
+ * Read ocx.jsonc config file
+ */
+export async function readOcxConfig(cwd: string): Promise<OcxConfig | null> {
+	const configPath = `${cwd}/${CONFIG_FILE}`
+	const file = Bun.file(configPath)
+	
+	if (!(await file.exists())) {
+		return null
+	}
+	
+	const content = await file.text()
+	try {
+	  const json = JSON.parse(stripJsonComments(content))
+	  return ocxConfigSchema.parse(json)
+	} catch (error) {
+	  // If parsing fails, we want to know why
+	  console.error(`Error parsing ${configPath}:`, error)
+	  throw error
+	}
+}
+
+/**
+ * Write ocx.jsonc config file
+ */
+export async function writeOcxConfig(cwd: string, config: OcxConfig): Promise<void> {
+	const configPath = `${cwd}/${CONFIG_FILE}`
+	const content = JSON.stringify(config, null, 2)
+	await Bun.write(configPath, content)
+}
+
+/**
+ * Read ocx.lock lockfile
+ */
+export async function readOcxLock(cwd: string): Promise<OcxLock | null> {
+	const lockPath = `${cwd}/${LOCK_FILE}`
+	const file = Bun.file(lockPath)
+	
+	if (!(await file.exists())) {
+		return null
+	}
+	
+	const content = await file.text()
+	const json = JSON.parse(stripJsonComments(content))
+	return ocxLockSchema.parse(json)
+}
+
+/**
+ * Write ocx.lock lockfile
+ */
+export async function writeOcxLock(cwd: string, lock: OcxLock): Promise<void> {
+	const lockPath = `${cwd}/${LOCK_FILE}`
+	const content = JSON.stringify(lock, null, 2)
+	await Bun.write(lockPath, content)
+}

package/src/schemas/index.ts

@@ -0,0 +1,6 @@
+/**
+ * Schema exports
+ */
+
+export * from "./registry.js"
+export * from "./config.js"