omnikey-cli 1.5.2 → 1.5.4

package/telegram-client-dist/agentClient.js

@@ -0,0 +1,384 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AgentAbortError = void 0;
+exports.listRecentSessions = listRecentSessions;
+exports.listTaskTemplates = listTaskTemplates;
+exports.setDefaultTaskTemplate = setDefaultTaskTemplate;
+exports.listProjectGroups = listProjectGroups;
+exports.runAgentTurn = runAgentTurn;
+exports.extractFinalAnswerFromHistory = extractFinalAnswerFromHistory;
+const axios_1 = __importDefault(require("axios"));
+const ws_1 = __importDefault(require("ws"));
+const child_process_1 = require("child_process");
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const crypto_1 = require("crypto");
+const config_1 = require("./config");
+const omnikeyAuth_1 = require("./omnikeyAuth");
+async function listRecentSessions(logger, limit = 5) {
+    const token = await (0, omnikeyAuth_1.fetchJwtToken)(logger);
+    const url = `${(0, config_1.omnikeyBaseUrl)()}/api/agent/sessions`;
+    const resp = await axios_1.default.get(url, {
+        timeout: 10000,
+        headers: { Authorization: `Bearer ${token}` },
+    });
+    return (resp.data ?? []).slice(0, limit);
+}
+async function listTaskTemplates(logger) {
+    const token = await (0, omnikeyAuth_1.fetchJwtToken)(logger);
+    const url = `${(0, config_1.omnikeyBaseUrl)()}/api/instructions/templates`;
+    const resp = await axios_1.default.get(url, {
+        timeout: 10000,
+        headers: { Authorization: `Bearer ${token}` },
+    });
+    return resp.data?.templates ?? [];
+}
+/**
+ * Mark a task template as the active default on the backend. Subsequent
+ * agent runs automatically pick it up via stored_instructions — no need
+ * to prepend it to the user prompt.
+ */
+async function setDefaultTaskTemplate(logger, templateId) {
+    const token = await (0, omnikeyAuth_1.fetchJwtToken)(logger);
+    const url = `${(0, config_1.omnikeyBaseUrl)()}/api/instructions/templates/${encodeURIComponent(templateId)}/set-default`;
+    await axios_1.default.post(url, undefined, {
+        timeout: 10000,
+        headers: { Authorization: `Bearer ${token}` },
+    });
+    logger.info("Set default task template", { templateId });
+}
+async function listProjectGroups(logger) {
+    const token = await (0, omnikeyAuth_1.fetchJwtToken)(logger);
+    const url = `${(0, config_1.omnikeyBaseUrl)()}/api/agent/groups`;
+    const resp = await axios_1.default.get(url, {
+        timeout: 10000,
+        headers: { Authorization: `Bearer ${token}` },
+    });
+    return resp.data?.groups ?? [];
+}
+class AgentAbortError extends Error {
+    constructor(message = "Agent run aborted") {
+        super(message);
+        this.name = "AgentAbortError";
+    }
+}
+exports.AgentAbortError = AgentAbortError;
+function extractTagged(content, tag) {
+    const re = new RegExp(`<${tag}[^>]*>([\\s\\S]*?)<\\/${tag}>`, "i");
+    const m = content.match(re);
+    return m?.[1]?.trim() || null;
+}
+function stripTagged(content, tag) {
+    return content.replace(new RegExp(`<${tag}[^>]*>[\\s\\S]*?<\\/${tag}>`, "gi"), "");
+}
+function cleanReasoning(content) {
+    return content
+        .replace(/<\/?shell_function_calls>/gi, "")
+        .replace(/<final_answer>([\s\S]*?)<\/final_answer>/gi, "$1")
+        .trim();
+}
+const SHELL_TIMEOUT_MS = 5 * 60 * 1000;
+const SHELL_OUTPUT_MAX = 64 * 1024;
+// Mirrors WINDOWS_SHELL_CANDIDATES in src/agent/mcpRuntime.ts
+const WINDOWS_SHELL_CANDIDATES = [
+    "C:\\Program Files\\PowerShell\\7\\pwsh.exe",
+    "C:\\Program Files\\PowerShell\\6\\pwsh.exe",
+    "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe",
+    "C:\\Windows\\System32\\cmd.exe",
+    "C:\\Windows\\cmd.exe",
+];
+// Resolve the Windows shell: COMSPEC → SystemRoot\System32\cmd.exe → candidate list.
+// Mirrors resolveLoginShell() in src/agent/mcpRuntime.ts, with SystemRoot used to
+// locate cmd.exe from the Win32 system root rather than a hardcoded drive letter.
+function resolveWindowsShell() {
+    const comspec = process.env.COMSPEC ?? "";
+    if (comspec && (0, fs_1.existsSync)(comspec))
+        return comspec;
+    const systemRoot = process.env.SystemRoot ?? "C:\\Windows";
+    const cmdFromRoot = path_1.default.join(systemRoot, "System32", "cmd.exe");
+    if ((0, fs_1.existsSync)(cmdFromRoot))
+        return cmdFromRoot;
+    for (const candidate of WINDOWS_SHELL_CANDIDATES) {
+        if ((0, fs_1.existsSync)(candidate))
+            return candidate;
+    }
+    return "cmd.exe";
+}
+// Build shell args for the resolved shell — mirrors wrapWithLoginShell() in
+// src/agent/mcpRuntime.ts.  PowerShell/pwsh use -NoProfile -Command; cmd uses /c.
+function buildWindowsShellArgs(shell, script) {
+    const name = path_1.default.basename(shell).toLowerCase();
+    if (name === "pwsh.exe" || name === "powershell.exe") {
+        return ["-NoProfile", "-Command", script];
+    }
+    return ["/c", script];
+}
+const PLATFORM = process.platform === "win32"
+    ? "windows"
+    : process.platform === "darwin"
+        ? "macos"
+        : "linux";
+/**
+ * Execute a shell script locally and capture combined stdout+stderr.
+ * On macOS/Linux: invoke the login shell with `-l -c <script>` (mirrors the
+ * macOS AgentRunner.runShellCommandWithStatus path).
+ * On Windows: resolve the shell via COMSPEC / SystemRoot / candidate list and
+ * pass the script with the appropriate flags (-NoProfile -Command or /c),
+ * mirroring how the Windows app executes scripts in the terminal.
+ * Output is capped so a runaway script can't blow up the WebSocket payload.
+ */
+function runShellScript(script, logger) {
+    return new Promise((resolve) => {
+        let shell;
+        let shellArgs;
+        if (process.platform !== "darwin" && process.platform === "win32") {
+            shell = resolveWindowsShell();
+            shellArgs = buildWindowsShellArgs(shell, script);
+        }
+        else {
+            shell = process.env.SHELL || "/bin/zsh";
+            shellArgs = ["-l", "-c", script];
+        }
+        logger.info("Executing shell script from agent", {
+            shell,
+            platform: PLATFORM,
+            length: script.length,
+        });
+        const child = (0, child_process_1.spawn)(shell, shellArgs, {
+            cwd: process.env.HOME ?? process.env.USERPROFILE ?? process.cwd(),
+            env: process.env,
+        });
+        let buf = "";
+        let truncated = false;
+        const append = (chunk) => {
+            if (truncated)
+                return;
+            const room = SHELL_OUTPUT_MAX - buf.length;
+            if (room <= 0) {
+                truncated = true;
+                return;
+            }
+            const text = chunk.toString("utf8");
+            if (text.length <= room) {
+                buf += text;
+            }
+            else {
+                buf += text.slice(0, room);
+                truncated = true;
+            }
+        };
+        child.stdout.on("data", append);
+        child.stderr.on("data", append);
+        const timeout = setTimeout(() => {
+            logger.warn("Shell script timed out; sending SIGTERM", {
+                timeoutMs: SHELL_TIMEOUT_MS,
+            });
+            try {
+                child.kill("SIGTERM");
+            }
+            catch {
+                /* noop */
+            }
+        }, SHELL_TIMEOUT_MS);
+        child.on("error", (err) => {
+            clearTimeout(timeout);
+            resolve({
+                output: `${buf}\n[shell spawn error: ${err.message}]`,
+                status: -1,
+            });
+        });
+        child.on("close", (code, signal) => {
+            clearTimeout(timeout);
+            const status = typeof code === "number" ? code : signal ? 1 : 0;
+            const finalOutput = truncated
+                ? `${buf}\n... [truncated to ${SHELL_OUTPUT_MAX} bytes]`
+                : buf;
+            logger.info("Shell script finished", {
+                status,
+                signal,
+                outputLength: finalOutput.length,
+            });
+            resolve({ output: finalOutput, status });
+        });
+    });
+}
+/**
+ * Drive a single agent turn over the /ws/omni-agent WebSocket. Streams
+ * intermediate blocks via `onBlock` and resolves with the final answer.
+ *
+ * When the agent emits a `<shell_script>` block we execute it locally with
+ * the user's login shell (mirroring the macOS app's AgentRunner) and send
+ * the combined stdout+stderr back as the next user turn so the agent can
+ * continue reasoning over the result.
+ */
+async function runAgentTurn(logger, opts) {
+    const token = await (0, omnikeyAuth_1.fetchJwtToken)(logger);
+    const sessionId = opts.sessionId || (0, crypto_1.randomUUID)();
+    const url = (0, config_1.omnikeyWsUrl)("/ws/omni-agent");
+    return new Promise((resolve, reject) => {
+        if (opts.signal?.aborted) {
+            reject(new AgentAbortError());
+            return;
+        }
+        const ws = new ws_1.default(url, {
+            headers: { Authorization: `Bearer ${token}` },
+        });
+        let settled = false;
+        const finish = (err, result) => {
+            if (settled)
+                return;
+            settled = true;
+            if (opts.signal && onAbort) {
+                opts.signal.removeEventListener("abort", onAbort);
+            }
+            try {
+                ws.close();
+            }
+            catch {
+                /* noop */
+            }
+            if (err)
+                reject(err);
+            else if (result)
+                resolve(result);
+        };
+        const onAbort = opts.signal
+            ? () => {
+                logger.info("Agent run aborted by caller", { sessionId });
+                finish(new AgentAbortError());
+            }
+            : null;
+        if (opts.signal && onAbort) {
+            opts.signal.addEventListener("abort", onAbort, { once: true });
+        }
+        const send = (msg) => {
+            ws.send(JSON.stringify(msg), (err) => {
+                if (err)
+                    finish(err);
+            });
+        };
+        ws.on("open", () => {
+            logger.info("Agent WebSocket open", { sessionId });
+            send({
+                session_id: sessionId,
+                sender: "client",
+                content: opts.prompt,
+                is_terminal_output: false,
+                is_error: false,
+                platform: PLATFORM,
+                group_name: opts.groupName,
+            });
+        });
+        ws.on("message", async (data) => {
+            let msg;
+            try {
+                msg = JSON.parse(data.toString());
+            }
+            catch (e) {
+                logger.warn("Failed to parse agent ws message", {
+                    error: e.message,
+                });
+                return;
+            }
+            const content = msg.content || "";
+            if (msg.is_error) {
+                finish(new Error(content || "Agent reported an error"));
+                return;
+            }
+            if (msg.is_web_call) {
+                await opts.onBlock({ kind: "webCall", text: content });
+                return;
+            }
+            if (msg.is_image_rendering) {
+                await opts.onBlock({ kind: "imageRendering", text: content });
+                return;
+            }
+            if (msg.is_mcp_call) {
+                await opts.onBlock({ kind: "mcpCall", text: content });
+                return;
+            }
+            const finalAnswer = extractTagged(content, "final_answer");
+            if (finalAnswer) {
+                await opts.onBlock({ kind: "finalAnswer", text: finalAnswer });
+                finish(null, { sessionId, finalAnswer });
+                return;
+            }
+            const shellScript = extractTagged(content, "shell_script");
+            if (shellScript) {
+                const reasoning = cleanReasoning(stripTagged(content, "shell_script"));
+                if (reasoning)
+                    await opts.onBlock({ kind: "reasoning", text: reasoning });
+                await opts.onBlock({ kind: "shellCommand", text: shellScript });
+                try {
+                    const { output, status } = await runShellScript(shellScript, logger);
+                    const statusLabel = status === 0 ? "success" : `error (exit code: ${status})`;
+                    await opts.onBlock({
+                        kind: "terminalOutput",
+                        text: `[terminal ${statusLabel}]\n${output}`,
+                    });
+                    send({
+                        session_id: sessionId,
+                        sender: "client",
+                        content: output,
+                        is_terminal_output: true,
+                        is_error: status !== 0,
+                        platform: PLATFORM,
+                    });
+                }
+                catch (err) {
+                    const message = err.message;
+                    logger.error("Shell execution failed", { error: message });
+                    await opts.onBlock({
+                        kind: "terminalOutput",
+                        text: `[terminal error]\n${message}`,
+                    });
+                    send({
+                        session_id: sessionId,
+                        sender: "client",
+                        content: `Failed to execute shell script: ${message}`,
+                        is_terminal_output: true,
+                        is_error: true,
+                        platform: PLATFORM,
+                    });
+                }
+                return;
+            }
+            const reasoning = cleanReasoning(content);
+            if (reasoning) {
+                await opts.onBlock({ kind: "reasoning", text: reasoning });
+            }
+        });
+        ws.on("error", (err) => {
+            logger.error("Agent WebSocket error", { error: err.message });
+            finish(err);
+        });
+        ws.on("close", () => {
+            if (!settled)
+                finish(new Error("Agent WebSocket closed before final answer"));
+        });
+    });
+}
+/**
+ * Find the most recent `<final_answer>` text in a stored session's history JSON.
+ */
+function extractFinalAnswerFromHistory(historyJson) {
+    try {
+        const history = JSON.parse(historyJson);
+        for (let i = history.length - 1; i >= 0; i--) {
+            const entry = history[i];
+            if (entry.role !== "assistant")
+                continue;
+            const content = typeof entry.content === "string" ? entry.content : "";
+            const fa = extractTagged(content, "final_answer");
+            if (fa)
+                return fa;
+        }
+    }
+    catch {
+        /* ignore */
+    }
+    return null;
+}

package/telegram-client-dist/config.js

@@ -0,0 +1,67 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadOmnikeyConfig = loadOmnikeyConfig;
+exports.omnikeyBaseUrl = omnikeyBaseUrl;
+exports.omnikeyWsUrl = omnikeyWsUrl;
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const os_1 = __importDefault(require("os"));
+const DEFAULT_HOST = "127.0.0.1";
+const DEFAULT_PORT = 7071;
+const DEFAULT_SQLITE = path_1.default.join(os_1.default.homedir(), ".omnikey", "omnikey-selfhosted.sqlite");
+const CONFIG_PATH = path_1.default.join(os_1.default.homedir(), ".omnikey", "config.json");
+let cached = null;
+function resolveSqlitePath(raw) {
+    if (typeof raw === "string" && raw.trim()) {
+        return path_1.default.isAbsolute(raw)
+            ? raw
+            : path_1.default.join(os_1.default.homedir(), ".omnikey", raw);
+    }
+    return DEFAULT_SQLITE;
+}
+function resolvePort(raw) {
+    if (typeof raw === "number" && Number.isFinite(raw))
+        return raw;
+    if (typeof raw === "string" && raw.trim()) {
+        const n = Number(raw);
+        if (Number.isFinite(n))
+            return n;
+    }
+    return DEFAULT_PORT;
+}
+function loadOmnikeyConfig() {
+    if (cached)
+        return cached;
+    let parsed = {};
+    try {
+        if (fs_1.default.existsSync(CONFIG_PATH)) {
+            const raw = fs_1.default.readFileSync(CONFIG_PATH, "utf-8");
+            parsed = JSON.parse(raw);
+        }
+    }
+    catch {
+        // Fall through with defaults; downstream code will surface a clearer error
+        // when it actually tries to open the SQLite file or reach the API.
+        parsed = {};
+    }
+    cached = {
+        sqlitePath: resolveSqlitePath(parsed.SQLITE_PATH),
+        omnikeyPort: resolvePort(parsed.OMNIKEY_PORT),
+        omnikeyHost: typeof parsed.OMNIKEY_HOST === "string" && parsed.OMNIKEY_HOST.trim()
+            ? parsed.OMNIKEY_HOST
+            : DEFAULT_HOST,
+    };
+    return cached;
+}
+function omnikeyBaseUrl() {
+    const { omnikeyHost, omnikeyPort } = loadOmnikeyConfig();
+    return `http://${omnikeyHost}:${omnikeyPort}`;
+}
+function omnikeyWsUrl(path) {
+    const { omnikeyHost, omnikeyPort } = loadOmnikeyConfig();
+    const suffix = path.startsWith("/") ? path : `/${path}`;
+    return `ws://${omnikeyHost}:${omnikeyPort}${suffix}`;
+}

package/telegram-client-dist/db.js

@@ -0,0 +1,78 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initDb = initDb;
+exports.closeDb = closeDb;
+exports.getRecentSessions = getRecentSessions;
+exports.getSessionById = getSessionById;
+exports.getMostRecentSession = getMostRecentSession;
+const better_sqlite3_1 = __importDefault(require("better-sqlite3"));
+const config_1 = require("./config");
+let dbInstance = null;
+function initDb(logger) {
+    if (dbInstance)
+        return dbInstance;
+    const { sqlitePath } = (0, config_1.loadOmnikeyConfig)();
+    dbInstance = new better_sqlite3_1.default(sqlitePath, {
+        readonly: true,
+        fileMustExist: true,
+    });
+    // WAL is set by the writer; we only read. Set busy timeout so concurrent
+    // writes from omnikey-ai never throw SQLITE_BUSY at us.
+    dbInstance.pragma("busy_timeout = 5000");
+    logger.info("Opened SQLite database (read-only)", { path: sqlitePath });
+    return dbInstance;
+}
+function closeDb(logger) {
+    if (!dbInstance)
+        return;
+    try {
+        dbInstance.close();
+        logger?.info("Closed SQLite database");
+    }
+    catch (err) {
+        logger?.warn("Error closing SQLite database", {
+            error: err.message,
+        });
+    }
+    finally {
+        dbInstance = null;
+    }
+}
+function getRecentSessions(limit) {
+    const db = dbInstance;
+    if (!db)
+        throw new Error("Database not initialised. Call initDb() first.");
+    const rows = db
+        .prepare(`SELECT id, title, turns, last_active_at AS lastActiveAt, group_name AS groupName
+       FROM agent_sessions
+       ORDER BY last_active_at DESC
+       LIMIT ?`)
+        .all(limit);
+    return rows;
+}
+function getSessionById(sessionId) {
+    const db = dbInstance;
+    if (!db)
+        throw new Error("Database not initialised. Call initDb() first.");
+    const row = db
+        .prepare(`SELECT id, title, turns, last_active_at AS lastActiveAt, group_name AS groupName, history_json AS historyJson
+       FROM agent_sessions
+       WHERE id = ?`)
+        .get(sessionId);
+    return row ?? null;
+}
+function getMostRecentSession() {
+    const db = dbInstance;
+    if (!db)
+        throw new Error("Database not initialised. Call initDb() first.");
+    const row = db
+        .prepare(`SELECT id, title, turns, last_active_at AS lastActiveAt, group_name AS groupName, history_json AS historyJson
+       FROM agent_sessions
+       ORDER BY last_active_at DESC
+       LIMIT 1`)
+        .get();
+    return row ?? null;
+}

package/telegram-client-dist/index.js

@@ -0,0 +1,97 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logger = void 0;
+const dotenv_1 = __importDefault(require("dotenv"));
+dotenv_1.default.config();
+const express_1 = __importDefault(require("express"));
+const crypto_1 = require("crypto");
+const winston_1 = __importDefault(require("winston"));
+const zod_1 = require("zod");
+const notifyTelegram_1 = require("./notifyTelegram");
+const db_1 = require("./db");
+exports.logger = winston_1.default.createLogger({
+    level: process.env.LOG_LEVEL || "info",
+    defaultMeta: { conId: (0, crypto_1.randomUUID)() },
+    format: winston_1.default.format.combine(winston_1.default.format.colorize(), winston_1.default.format.timestamp(), winston_1.default.format.printf(({ timestamp, level, message, ...meta }) => {
+        const metaString = Object.keys(meta).length ? JSON.stringify(meta) : "";
+        const date = new Date(timestamp).toLocaleString();
+        return `[${date}] ${level}: ${message} ${metaString}`;
+    })),
+    transports: [new winston_1.default.transports.Console()],
+});
+const app = (0, express_1.default)();
+const port = process.env.PORT ? parseInt(process.env.PORT, 10) : 6666;
+try {
+    (0, db_1.initDb)(exports.logger);
+}
+catch (e) {
+    exports.logger.error("Failed to open omnikey SQLite database:", e);
+}
+const botToken = process.env.TELEGRAM_BOT_TOKEN ?? "";
+if (botToken) {
+    try {
+        const bot = (0, notifyTelegram_1.initTelegram)(botToken);
+        exports.logger.info("Telegram bot initialized", {
+            botTokenSet: !!botToken,
+            bot: !!bot,
+        });
+        (0, notifyTelegram_1.setupMessageListener)(exports.logger, bot);
+    }
+    catch (e) {
+        exports.logger.error("Failed to init telegram:", e);
+    }
+}
+app.use(express_1.default.json());
+const sendBodySchema = zod_1.z.object({
+    message: zod_1.z.string().min(1, "message must not be empty"),
+    parseMode: zod_1.z.enum(["Markdown", "MarkdownV2", "HTML"]).optional(),
+});
+app.get("/", (req, res) => {
+    res.send("Telegram bot service (TypeScript)");
+});
+app.post("/telegram/send", async (req, res) => {
+    exports.logger.defaultMeta = { conId: "sending notification" };
+    const parsed = sendBodySchema.safeParse(req.body);
+    if (!parsed.success) {
+        exports.logger.warn("Invalid /telegram/send body", {
+            issues: parsed.error.issues,
+        });
+        return res.status(400).json({
+            message: "Invalid request body",
+            issues: parsed.error.issues,
+        });
+    }
+    const { message, parseMode } = parsed.data;
+    try {
+        await (0, notifyTelegram_1.notify)(exports.logger, message, { parseMode });
+        return res.json({
+            message: "Message sent",
+            parseMode: parseMode ?? "Markdown",
+        });
+    }
+    catch (e) {
+        exports.logger.error("Failed to send message:", e);
+        const description = e?.response?.body
+            ?.description ?? e.message;
+        return res.status(502).json({
+            message: "Failed to deliver message to Telegram",
+            error: description,
+        });
+    }
+});
+app.listen(port, () => {
+    exports.logger.info(`Server listening on http://localhost:${port}`);
+});
+process.on("SIGINT", () => {
+    exports.logger.info("Received SIGINT. Exiting...");
+    (0, db_1.closeDb)(exports.logger);
+    process.exit(0);
+});
+process.on("SIGTERM", () => {
+    exports.logger.info("Received SIGTERM. Exiting...");
+    (0, db_1.closeDb)(exports.logger);
+    process.exit(0);
+});