openmates 0.11.1 → 0.12.0-alpha.1

package/README.md

@@ -1,46 +1,52 @@
 # openmates
 
-OpenMates npm CLI + SDK (pair-auth login only).
+Terminal CLI and Node.js SDK for OpenMates. Use it to pair-login, create or continue encrypted chats, run app skills, manage safe account settings, browse docs, and administer self-hosted installs.
 
 ## Install
 
 ```bash
 npm install -g openmates
+openmates chats list
+openmates login
 ```
 
-## Environment
-
-The CLI auto-derives the web app URL from the API URL so the pair token always lands on the right backend.
+Without a session, `openmates chats list`, `show`, and `open` display clearly labeled public example chats from the web app. Login uses pair-auth: the CLI shows a QR code or PIN, and you approve it in the web app. To create a new account from the terminal, run `openmates signup`; passwords and recovery secrets are collected through hidden prompts, never command-line flags.
 
-| Target               | Command prefix                                                                    |
-| -------------------- | --------------------------------------------------------------------------------- |
-| Production (default) | _(none)_                                                                          |
-| Dev server           | `OPENMATES_API_URL=https://api.dev.openmates.org`                                 |
-| Self-hosted          | `OPENMATES_API_URL=https://api.example.com OPENMATES_APP_URL=https://example.com` |
-
-## CLI Commands
+## First Commands
 
 ```bash
-openmates login
 openmates whoami --json
 openmates chats list
-openmates chats new "Hello"
+openmates chats show example-gigantic-airplanes
+openmates chats new "Help me plan my day"
 openmates chats send --chat <chat-id> "continue"
-openmates apps list --api-key <key>
-openmates apps ai ask "What is Docker?" --api-key <key>
-openmates settings get /v1/settings/export-account-data --json
+openmates apps list
+openmates apps ai ask "What is Docker?"
+openmates apps code run --language python --code 'print("Hello")'
+openmates settings account export data --json
 openmates settings memories list --json
+openmates docs list
+openmates server install
 ```
 
-## Safety Limits
+Run `openmates --help` or `openmates <command> --help` for the full command surface.
 
-The CLI intentionally blocks endpoint writes for:
+## Environments
 
-- API key creation
-- Password setup/update
-- 2FA setup/provider changes
+The CLI derives the web app URL from the API URL so pair-auth lands on the matching backend.
 
-See `src/client.ts` (`BLOCKED_SETTINGS_POST_PATHS`).
+| Target | Command prefix |
+| --- | --- |
+| Production | _(none)_ |
+| Dev server | `OPENMATES_API_URL=https://api.dev.openmates.org` |
+| Installed self-hosted server | _(none after `openmates server install`)_ |
+| Remote self-hosted server | `OPENMATES_API_URL=https://api.example.com` |
+
+After `openmates server install`, fresh CLI commands default to that self-hosted server (`http://localhost:8000`) unless you already have a saved login session, set `OPENMATES_API_URL`, or pass `--api-url <url>`. App-skill execution can use your logged-in session, `--api-key <key>`, or `OPENMATES_API_KEY`.
+
+## Safety Limits
+
+Predefined settings commands are supported; raw `settings get/post/patch/delete` passthrough is intentionally unavailable. High-risk or browser-only flows such as passkey management, password changes, API key creation, device approvals, and card checkout stay in the web app. The code-level guard is `BLOCKED_SETTINGS_MUTATE_PATHS` in `src/client.ts`.
 
 ## SDK
 
@@ -48,4 +54,7 @@ See `src/client.ts` (`BLOCKED_SETTINGS_POST_PATHS`).
 import { OpenMatesClient } from "openmates";
 
 const client = OpenMatesClient.load();
+const chats = await client.listChats();
 ```
+
+Source docs: `docs/user-guide/cli/` in the OpenMates repository.

package/dist/chunk-AXNRPVLE.js

@@ -0,0 +1,242 @@
+// src/uploadService.ts
+import { readFileSync } from "fs";
+import { basename, extname } from "path";
+var UPLOAD_MAX_ATTEMPTS = 3;
+var UPLOAD_RETRY_DELAY_MS = 2e3;
+var PROFILE_IMAGE_MAX_SIZE_BYTES = 300 * 1024;
+function getUploadUrl(apiUrl) {
+  try {
+    const url = new URL(apiUrl);
+    if (url.hostname === "localhost") return "http://localhost:8001";
+  } catch {
+  }
+  return "https://upload.openmates.org";
+}
+function getUploadOrigin(apiUrl) {
+  try {
+    const url = new URL(apiUrl);
+    if (url.hostname === "localhost") return "http://localhost:5173";
+    if (url.hostname.startsWith("api.")) {
+      return `${url.protocol}//app.${url.hostname.slice(4)}`;
+    }
+  } catch {
+  }
+  return "https://app.openmates.org";
+}
+function getUploadMimeType(filename) {
+  const ext = extname(filename).toLowerCase();
+  switch (ext) {
+    case ".jpg":
+    case ".jpeg":
+      return "image/jpeg";
+    case ".png":
+      return "image/png";
+    case ".webp":
+      return "image/webp";
+    case ".gif":
+      return "image/gif";
+    case ".heic":
+      return "image/heic";
+    case ".heif":
+      return "image/heif";
+    case ".bmp":
+      return "image/bmp";
+    case ".tif":
+    case ".tiff":
+      return "image/tiff";
+    case ".svg":
+      return "image/svg+xml";
+    case ".pdf":
+      return "application/pdf";
+    case ".mp3":
+      return "audio/mpeg";
+    case ".m4a":
+    case ".mp4":
+      return "audio/mp4";
+    case ".wav":
+      return "audio/wav";
+    case ".webm":
+      return "audio/webm";
+    case ".ogg":
+    case ".oga":
+      return "audio/ogg";
+    case ".aac":
+      return "audio/aac";
+    default:
+      return "application/octet-stream";
+  }
+}
+async function uploadFile(filePath, session) {
+  const filename = basename(filePath);
+  const fileBytes = readFileSync(filePath);
+  const uploadUrl = `${getUploadUrl(session.apiUrl)}/v1/upload/file`;
+  const origin = getUploadOrigin(session.apiUrl);
+  const cookies = [];
+  if (session.cookies?.auth_refresh_token) {
+    cookies.push(`auth_refresh_token=${session.cookies.auth_refresh_token}`);
+  }
+  let response;
+  let lastError;
+  for (let attempt = 1; attempt <= UPLOAD_MAX_ATTEMPTS; attempt++) {
+    try {
+      const blob = new Blob([fileBytes], { type: getUploadMimeType(filename) });
+      const formData = new FormData();
+      formData.append("file", blob, filename);
+      response = await fetch(uploadUrl, {
+        method: "POST",
+        body: formData,
+        headers: {
+          Origin: origin,
+          ...cookies.length > 0 ? { Cookie: cookies.join("; ") } : {}
+        },
+        signal: AbortSignal.timeout(10 * 60 * 1e3)
+        // 10-minute timeout
+      });
+      break;
+    } catch (error) {
+      lastError = error;
+      if (attempt === UPLOAD_MAX_ATTEMPTS) break;
+      await new Promise((resolve) => setTimeout(resolve, UPLOAD_RETRY_DELAY_MS));
+    }
+  }
+  if (!response) {
+    const message = lastError instanceof Error ? lastError.message : String(lastError);
+    throw new Error(message || "Upload request failed.");
+  }
+  if (!response.ok) {
+    const status = response.status;
+    let errorMessage;
+    switch (status) {
+      case 401:
+        errorMessage = "Authentication failed. Run `openmates login` to re-authenticate.";
+        break;
+      case 413:
+        errorMessage = "File too large (maximum 100 MB).";
+        break;
+      case 415:
+        errorMessage = "Unsupported file type.";
+        break;
+      case 422: {
+        const body = await response.text().catch(() => "");
+        errorMessage = body.includes("malware") ? "File rejected: malware detected." : body.includes("content_safety") ? "File rejected: content safety violation." : `Upload validation failed: ${body}`;
+        break;
+      }
+      case 429:
+        errorMessage = "Upload rate limit exceeded. Try again in a minute.";
+        break;
+      default:
+        errorMessage = `Upload failed (HTTP ${status}).`;
+    }
+    throw new Error(errorMessage);
+  }
+  const data = await response.json();
+  return data;
+}
+async function transcribeUploadedAudio(uploadResult, filename, session, options = {}) {
+  const s3Key = uploadResult.files?.original?.s3_key ?? Object.values(uploadResult.files ?? {})[0]?.s3_key;
+  if (!s3Key) {
+    throw new Error("Upload succeeded but no audio file key was returned.");
+  }
+  const cookies = [];
+  if (session.cookies?.auth_refresh_token) {
+    cookies.push(`auth_refresh_token=${session.cookies.auth_refresh_token}`);
+  }
+  const requestItem = {
+    id: options.requestId ?? uploadResult.embed_id,
+    embed_id: uploadResult.embed_id,
+    s3_key: s3Key,
+    s3_base_url: uploadResult.s3_base_url,
+    aes_key: uploadResult.aes_key,
+    aes_nonce: uploadResult.aes_nonce,
+    vault_wrapped_aes_key: uploadResult.vault_wrapped_aes_key,
+    filename,
+    mime_type: uploadResult.content_type
+  };
+  if (options.chatId) {
+    requestItem.chat_id = options.chatId;
+  }
+  const response = await fetch(
+    `${session.apiUrl.replace(/\/$/, "")}/v1/apps/audio/skills/transcribe`,
+    {
+      method: "POST",
+      headers: {
+        Accept: "application/json",
+        "Content-Type": "application/json",
+        ...cookies.length > 0 ? { Cookie: cookies.join("; ") } : {}
+      },
+      body: JSON.stringify({ requests: [requestItem] }),
+      signal: AbortSignal.timeout(10 * 60 * 1e3)
+    }
+  );
+  if (!response.ok) {
+    let detail = `Transcription failed (HTTP ${response.status}).`;
+    try {
+      const data2 = await response.json();
+      detail = data2.detail ?? data2.error ?? detail;
+    } catch {
+    }
+    throw new Error(detail);
+  }
+  const data = await response.json();
+  if (data.success === false) {
+    throw new Error(data.error ?? "Transcription failed.");
+  }
+  const requestId = options.requestId ?? uploadResult.embed_id;
+  const group = data.data?.results?.find((item) => item.id === requestId) ?? data.data?.results?.[0];
+  const result = group?.results?.[0];
+  if (!result) {
+    throw new Error(group?.error ?? "Transcription response did not include a result.");
+  }
+  if (result.error) {
+    throw new Error(result.error);
+  }
+  return {
+    transcript: result.transcript ?? null,
+    transcript_original: result.transcript_original ?? null,
+    transcript_corrected: result.transcript_corrected ?? null,
+    use_corrected: result.use_corrected ?? null,
+    correction_model: result.correction_model ?? null,
+    model: result.model ?? null
+  };
+}
+function getProfileImageMime(filename) {
+  const ext = extname(filename).toLowerCase();
+  if (ext === ".jpg" || ext === ".jpeg") return "image/jpeg";
+  if (ext === ".png") return "image/png";
+  throw new Error("Profile images must be JPEG or PNG files.");
+}
+async function uploadProfileImage(filePath, session) {
+  const filename = basename(filePath);
+  const fileBytes = readFileSync(filePath);
+  const contentType = getProfileImageMime(filename);
+  if (fileBytes.byteLength > PROFILE_IMAGE_MAX_SIZE_BYTES) {
+    throw new Error("Profile image must be 300 KB or smaller. Resize/compress the image and try again.");
+  }
+  const uploadUrl = `${getUploadUrl(session.apiUrl)}/v1/upload/profile-image`;
+  const origin = getUploadOrigin(session.apiUrl);
+  const cookies = [];
+  if (session.cookies?.auth_refresh_token) {
+    cookies.push(`auth_refresh_token=${session.cookies.auth_refresh_token}`);
+  }
+  const formData = new FormData();
+  formData.append("file", new Blob([fileBytes], { type: contentType }), filename);
+  const response = await fetch(uploadUrl, {
+    method: "POST",
+    body: formData,
+    headers: {
+      Origin: origin,
+      ...cookies.length > 0 ? { Cookie: cookies.join("; ") } : {}
+    }
+  });
+  const data = await response.json().catch(() => ({}));
+  if (!response.ok && !data.status) {
+    throw new Error(data.detail ?? `Profile image upload failed (HTTP ${response.status}).`);
+  }
+  return data;
+}
+
+export {
+  uploadFile,
+  transcribeUploadedAudio,
+  uploadProfileImage
+};