opensteer 0.6.2 → 0.6.4

package/dist/chunk-K5CL76MG.js

@@ -0,0 +1,81 @@
+// src/browser/chrome.ts
+import { homedir, platform } from "os";
+import { join } from "path";
+import { existsSync, readFileSync } from "fs";
+function detectChromePaths() {
+  const os = platform();
+  if (os === "darwin") {
+    const executable2 = "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome";
+    return {
+      executable: existsSync(executable2) ? executable2 : null,
+      defaultUserDataDir: join(
+        homedir(),
+        "Library",
+        "Application Support",
+        "Google",
+        "Chrome"
+      )
+    };
+  }
+  if (os === "win32") {
+    const executable2 = join(
+      process.env.PROGRAMFILES || "C:\\Program Files",
+      "Google",
+      "Chrome",
+      "Application",
+      "chrome.exe"
+    );
+    return {
+      executable: existsSync(executable2) ? executable2 : null,
+      defaultUserDataDir: join(
+        process.env.LOCALAPPDATA || join(homedir(), "AppData", "Local"),
+        "Google",
+        "Chrome",
+        "User Data"
+      )
+    };
+  }
+  const executable = "/usr/bin/google-chrome";
+  return {
+    executable: existsSync(executable) ? executable : null,
+    defaultUserDataDir: join(homedir(), ".config", "google-chrome")
+  };
+}
+function expandHome(p) {
+  if (p.startsWith("~/") || p === "~") {
+    return join(homedir(), p.slice(1));
+  }
+  return p;
+}
+function listLocalChromeProfiles(userDataDir = detectChromePaths().defaultUserDataDir) {
+  const resolvedUserDataDir = expandHome(userDataDir);
+  const localStatePath = join(resolvedUserDataDir, "Local State");
+  if (!existsSync(localStatePath)) {
+    return [];
+  }
+  try {
+    const raw = JSON.parse(readFileSync(localStatePath, "utf-8"));
+    const infoCache = raw && typeof raw === "object" && !Array.isArray(raw) && raw.profile && typeof raw.profile === "object" && !Array.isArray(raw.profile) ? raw.profile.info_cache : void 0;
+    if (!infoCache || typeof infoCache !== "object") {
+      return [];
+    }
+    return Object.entries(infoCache).map(([directory, info]) => {
+      const record = info && typeof info === "object" && !Array.isArray(info) ? info : {};
+      const name = typeof record.name === "string" && record.name.trim() ? record.name.trim() : directory;
+      return {
+        directory,
+        name
+      };
+    }).filter((profile) => profile.directory.trim().length > 0).sort(
+      (left, right) => left.directory.localeCompare(right.directory)
+    );
+  } catch {
+    return [];
+  }
+}
+
+export {
+  detectChromePaths,
+  expandHome,
+  listLocalChromeProfiles
+};

package/dist/{chunk-WDRMHPWL.js → chunk-KPPOTU3D.js}

@@ -261,14 +261,76 @@ import fs from "fs";
 import path2 from "path";
 import { fileURLToPath } from "url";
 import { parse as parseDotenv } from "dotenv";
+
+// src/cloud/credential-selection.ts
+function selectCloudCredential(options) {
+  const apiKey = normalizeNonEmptyString(options.apiKey);
+  const accessToken = normalizeNonEmptyString(options.accessToken);
+  if (apiKey) {
+    if (options.authScheme === "bearer") {
+      return {
+        apiKey,
+        authScheme: "bearer",
+        kind: "access-token",
+        token: apiKey,
+        compatibilityBearerApiKey: true
+      };
+    }
+    return {
+      apiKey,
+      authScheme: "api-key",
+      kind: "api-key",
+      token: apiKey
+    };
+  }
+  if (accessToken) {
+    return {
+      accessToken,
+      authScheme: "bearer",
+      kind: "access-token",
+      token: accessToken
+    };
+  }
+  return null;
+}
+function selectCloudCredentialByPrecedence(layers, authScheme) {
+  for (const layer of layers) {
+    const hasApiKey = layer.hasApiKey ?? Object.prototype.hasOwnProperty.call(layer, "apiKey");
+    const hasAccessToken = layer.hasAccessToken ?? Object.prototype.hasOwnProperty.call(layer, "accessToken");
+    if (!hasApiKey && !hasAccessToken) {
+      continue;
+    }
+    return {
+      source: layer.source,
+      apiKey: layer.apiKey,
+      accessToken: layer.accessToken,
+      hasApiKey,
+      hasAccessToken,
+      credential: selectCloudCredential({
+        apiKey: layer.apiKey,
+        accessToken: layer.accessToken,
+        authScheme: layer.authScheme ?? authScheme
+      })
+    };
+  }
+  return null;
+}
+function normalizeNonEmptyString(value) {
+  if (typeof value !== "string") return void 0;
+  const normalized = value.trim();
+  return normalized.length ? normalized : void 0;
+}
+
+// src/config.ts
 var DEFAULT_CONFIG = {
   browser: {
     headless: false,
     executablePath: void 0,
     slowMo: 0,
-    connectUrl: void 0,
-    channel: void 0,
-    profileDir: void 0
+    mode: void 0,
+    cdpUrl: void 0,
+    userDataDir: void 0,
+    profileDirectory: void 0
   },
   storage: {
     rootDir: process.cwd()
@@ -552,11 +614,6 @@ function normalizeCloudOptions(value) {
   }
   return value;
 }
-function normalizeNonEmptyString(value) {
-  if (typeof value !== "string") return void 0;
-  const normalized = value.trim();
-  return normalized.length ? normalized : void 0;
-}
 function parseCloudEnabled(value, source) {
   if (value == null) return void 0;
   if (typeof value === "boolean") return value;
@@ -565,6 +622,18 @@ function parseCloudEnabled(value, source) {
     `Invalid ${source} value "${String(value)}". Use true, false, or a cloud options object.`
   );
 }
+function resolveCloudCredentialFields(selectedLayer) {
+  const credential = selectedLayer?.credential;
+  if (!credential) return {};
+  if (credential.kind === "api-key" || credential.compatibilityBearerApiKey === true && selectedLayer?.source !== "env") {
+    return {
+      apiKey: credential.token
+    };
+  }
+  return {
+    accessToken: credential.token
+  };
+}
 function resolveCloudSelection(config, env = process.env) {
   const configCloud = parseCloudEnabled(config.cloud, "cloud");
   if (configCloud !== void 0) {
@@ -601,7 +670,12 @@ function resolveConfigWithEnv(input = {}, options = {}) {
   });
   assertNoLegacyAiConfig(".opensteer/config.json", fileConfig);
   assertNoLegacyRuntimeConfig(".opensteer/config.json", fileConfig);
+  const fileCloudOptions = normalizeCloudOptions(fileConfig.cloud);
+  const fileHasCloudApiKey = hasOwn(fileCloudOptions, "apiKey");
+  const fileHasCloudAccessToken = hasOwn(fileCloudOptions, "accessToken");
   const fileRootDir = typeof fileConfig.storage?.rootDir === "string" ? fileConfig.storage.rootDir : void 0;
+  assertNoRemovedBrowserConfig(input.browser, "Opensteer constructor config");
+  assertNoRemovedBrowserConfig(fileConfig.browser, ".opensteer/config.json");
   const envRootDir = input.storage?.rootDir ?? fileRootDir ?? initialRootDir;
   const env = resolveEnv(envRootDir, {
     debug: debugHint,
@@ -617,14 +691,30 @@ function resolveConfigWithEnv(input = {}, options = {}) {
       "OPENSTEER_RUNTIME is no longer supported. Use OPENSTEER_MODE instead."
     );
   }
+  if (env.OPENSTEER_CONNECT_URL != null) {
+    throw new Error(
+      "OPENSTEER_CONNECT_URL is no longer supported. Use OPENSTEER_CDP_URL instead."
+    );
+  }
+  if (env.OPENSTEER_CHANNEL != null) {
+    throw new Error(
+      "OPENSTEER_CHANNEL is no longer supported. Use OPENSTEER_BROWSER plus OPENSTEER_BROWSER_PATH when needed."
+    );
+  }
+  if (env.OPENSTEER_PROFILE_DIR != null) {
+    throw new Error(
+      "OPENSTEER_PROFILE_DIR is no longer supported. Use OPENSTEER_USER_DATA_DIR and OPENSTEER_PROFILE_DIRECTORY instead."
+    );
+  }
   const envConfig = {
     browser: {
       headless: parseBool(env.OPENSTEER_HEADLESS),
       executablePath: env.OPENSTEER_BROWSER_PATH || void 0,
       slowMo: parseNumber(env.OPENSTEER_SLOW_MO),
-      connectUrl: env.OPENSTEER_CONNECT_URL || void 0,
-      channel: env.OPENSTEER_CHANNEL || void 0,
-      profileDir: env.OPENSTEER_PROFILE_DIR || void 0
+      mode: env.OPENSTEER_BROWSER === "real" || env.OPENSTEER_BROWSER === "chromium" ? env.OPENSTEER_BROWSER : void 0,
+      cdpUrl: env.OPENSTEER_CDP_URL || void 0,
+      userDataDir: env.OPENSTEER_USER_DATA_DIR || void 0,
+      profileDirectory: env.OPENSTEER_PROFILE_DIRECTORY || void 0
     },
     cursor: {
       enabled: parseBool(env.OPENSTEER_CURSOR)
@@ -635,17 +725,38 @@ function resolveConfigWithEnv(input = {}, options = {}) {
   const mergedWithFile = mergeDeep(runtimeDefaults, fileConfig);
   const mergedWithEnv = mergeDeep(mergedWithFile, envConfig);
   const resolved = mergeDeep(mergedWithEnv, input);
+  const browserHeadlessExplicit = input.browser?.headless !== void 0 || fileConfig.browser?.headless !== void 0 || envConfig.browser?.headless !== void 0;
+  if (!browserHeadlessExplicit && resolved.browser?.mode === "real") {
+    resolved.browser = {
+      ...resolved.browser,
+      headless: true
+    };
+  }
+  function assertNoRemovedBrowserConfig(value, source) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+      return;
+    }
+    const record = value;
+    if (record.connectUrl !== void 0) {
+      throw new Error(
+        `${source}.browser.connectUrl is no longer supported. Use browser.cdpUrl instead.`
+      );
+    }
+    if (record.channel !== void 0) {
+      throw new Error(
+        `${source}.browser.channel is no longer supported. Use browser.mode plus browser.executablePath instead.`
+      );
+    }
+    if (record.profileDir !== void 0) {
+      throw new Error(
+        `${source}.browser.profileDir is no longer supported. Use browser.userDataDir and browser.profileDirectory instead.`
+      );
+    }
+  }
   const envApiKey = resolveOpensteerApiKey(env);
   const envAccessTokenRaw = resolveOpensteerAccessToken(env);
   const envBaseUrl = resolveOpensteerBaseUrl(env);
   const envAuthScheme = resolveOpensteerAuthScheme(env);
-  if (envApiKey && envAccessTokenRaw) {
-    throw new Error(
-      "OPENSTEER_API_KEY and OPENSTEER_ACCESS_TOKEN are mutually exclusive. Set only one."
-    );
-  }
-  const envAccessToken = envAccessTokenRaw || (envAuthScheme === "bearer" ? envApiKey : void 0);
-  const envApiCredential = envAuthScheme === "bearer" && !envAccessTokenRaw ? void 0 : envApiKey;
   const envCloudProfileId = resolveOpensteerCloudProfileId(env);
   const envCloudProfileReuseIfActive = resolveOpensteerCloudProfileReuseIfActive(env);
   const envCloudAnnounce = parseCloudAnnounce(
@@ -674,11 +785,6 @@ function resolveConfigWithEnv(input = {}, options = {}) {
   const inputHasCloudBaseUrl = Boolean(
     inputCloudOptions && Object.prototype.hasOwnProperty.call(inputCloudOptions, "baseUrl")
   );
-  if (normalizeNonEmptyString(inputCloudOptions?.apiKey) && normalizeNonEmptyString(inputCloudOptions?.accessToken)) {
-    throw new Error(
-      "cloud.apiKey and cloud.accessToken are mutually exclusive. Set only one."
-    );
-  }
   const cloudSelection = resolveCloudSelection({
     cloud: resolved.cloud
   }, env);
@@ -689,11 +795,6 @@ function resolveConfigWithEnv(input = {}, options = {}) {
       accessToken: resolvedCloudAccessTokenRaw,
       ...resolvedCloudRest
     } = resolvedCloud;
-    if (normalizeNonEmptyString(resolvedCloudApiKeyRaw) && normalizeNonEmptyString(resolvedCloudAccessTokenRaw)) {
-      throw new Error(
-        "Cloud config cannot include both apiKey and accessToken at the same time."
-      );
-    }
     const resolvedCloudBrowserProfile = normalizeCloudBrowserProfileOptions(
       resolvedCloud.browserProfile,
       "resolved.cloud.browserProfile"
@@ -705,25 +806,40 @@ function resolveConfigWithEnv(input = {}, options = {}) {
     const browserProfile = inputCloudBrowserProfile ?? envCloudBrowserProfile ?? resolvedCloudBrowserProfile;
     let authScheme = inputAuthScheme ?? envAuthScheme ?? parseAuthScheme(resolvedCloud.authScheme, "cloud.authScheme") ?? "api-key";
     const announce = inputCloudAnnounce ?? envCloudAnnounce ?? parseCloudAnnounce(resolvedCloud.announce, "cloud.announce") ?? "always";
-    const credentialOverriddenByInput = inputHasCloudApiKey || inputHasCloudAccessToken;
-    let apiKey = normalizeNonEmptyString(resolvedCloudApiKeyRaw);
-    let accessToken = normalizeNonEmptyString(resolvedCloudAccessTokenRaw);
-    if (!credentialOverriddenByInput) {
-      if (envAccessToken) {
-        accessToken = envAccessToken;
-        apiKey = void 0;
-      } else if (envApiCredential) {
-        apiKey = envApiCredential;
-        accessToken = void 0;
-      }
-    }
+    const selectedCredentialLayer = selectCloudCredentialByPrecedence(
+      [
+        {
+          source: "input",
+          apiKey: inputCloudOptions?.apiKey,
+          accessToken: inputCloudOptions?.accessToken,
+          hasApiKey: inputHasCloudApiKey,
+          hasAccessToken: inputHasCloudAccessToken
+        },
+        {
+          source: "env",
+          apiKey: envApiKey,
+          accessToken: envAccessTokenRaw,
+          hasApiKey: envApiKey !== void 0,
+          hasAccessToken: envAccessTokenRaw !== void 0
+        },
+        {
+          source: "file",
+          apiKey: fileCloudOptions?.apiKey,
+          accessToken: fileCloudOptions?.accessToken,
+          hasApiKey: fileHasCloudApiKey,
+          hasAccessToken: fileHasCloudAccessToken
+        }
+      ],
+      authScheme
+    );
+    const { apiKey, accessToken } = resolveCloudCredentialFields(selectedCredentialLayer);
     if (accessToken) {
       authScheme = "bearer";
     }
     resolved.cloud = {
       ...resolvedCloudRest,
-      ...inputHasCloudApiKey ? { apiKey: resolvedCloudApiKeyRaw } : apiKey ? { apiKey } : {},
-      ...inputHasCloudAccessToken ? { accessToken: resolvedCloudAccessTokenRaw } : accessToken ? { accessToken } : {},
+      ...apiKey ? { apiKey } : selectedCredentialLayer?.hasApiKey && !accessToken ? { apiKey: selectedCredentialLayer.apiKey } : {},
+      ...accessToken ? { accessToken } : selectedCredentialLayer?.hasAccessToken && !apiKey ? { accessToken: selectedCredentialLayer.accessToken } : {},
       authScheme,
       announce,
       ...browserProfile ? { browserProfile } : {}
@@ -1159,147 +1275,10 @@ function readCloudActionDescription(payload) {
   return normalized.length ? normalized : void 0;
 }
 
-// src/auth/keychain-store.ts
-import { spawnSync } from "child_process";
-function commandExists(command) {
-  const result = spawnSync(command, ["--help"], {
-    encoding: "utf8",
-    stdio: "ignore"
-  });
-  return result.error == null;
-}
-function commandFailed(result) {
-  return typeof result.status === "number" && result.status !== 0;
-}
-function sanitizeCommandArgs(command, args) {
-  if (command !== "security") {
-    return args;
-  }
-  const sanitized = [];
-  for (let index = 0; index < args.length; index += 1) {
-    const value = args[index];
-    sanitized.push(value);
-    if (value === "-w" && index + 1 < args.length) {
-      sanitized.push("[REDACTED]");
-      index += 1;
-    }
-  }
-  return sanitized;
-}
-function buildCommandError(command, args, result) {
-  const stderr = typeof result.stderr === "string" && result.stderr.trim() ? result.stderr.trim() : `Command "${command}" failed with status ${String(result.status)}.`;
-  const sanitizedArgs = sanitizeCommandArgs(command, args);
-  return new Error(
-    [
-      `Unable to persist credential via ${command}.`,
-      `${command} ${sanitizedArgs.join(" ")}`,
-      stderr
-    ].join(" ")
-  );
-}
-function createMacosSecurityStore() {
-  return {
-    backend: "macos-security",
-    get(service, account) {
-      const result = spawnSync(
-        "security",
-        ["find-generic-password", "-s", service, "-a", account, "-w"],
-        { encoding: "utf8" }
-      );
-      if (commandFailed(result)) {
-        return null;
-      }
-      const secret = result.stdout.trim();
-      return secret.length ? secret : null;
-    },
-    set(service, account, secret) {
-      const args = [
-        "add-generic-password",
-        "-U",
-        "-s",
-        service,
-        "-a",
-        account,
-        "-w",
-        secret
-      ];
-      const result = spawnSync("security", args, { encoding: "utf8" });
-      if (commandFailed(result)) {
-        throw buildCommandError("security", args, result);
-      }
-    },
-    delete(service, account) {
-      const args = ["delete-generic-password", "-s", service, "-a", account];
-      const result = spawnSync("security", args, { encoding: "utf8" });
-      if (commandFailed(result)) {
-        return;
-      }
-    }
-  };
-}
-function createLinuxSecretToolStore() {
-  return {
-    backend: "linux-secret-tool",
-    get(service, account) {
-      const result = spawnSync(
-        "secret-tool",
-        ["lookup", "service", service, "account", account],
-        {
-          encoding: "utf8"
-        }
-      );
-      if (commandFailed(result)) {
-        return null;
-      }
-      const secret = result.stdout.trim();
-      return secret.length ? secret : null;
-    },
-    set(service, account, secret) {
-      const args = [
-        "store",
-        "--label",
-        "Opensteer CLI",
-        "service",
-        service,
-        "account",
-        account
-      ];
-      const result = spawnSync("secret-tool", args, {
-        encoding: "utf8",
-        input: secret
-      });
-      if (commandFailed(result)) {
-        throw buildCommandError("secret-tool", args, result);
-      }
-    },
-    delete(service, account) {
-      const args = ["clear", "service", service, "account", account];
-      spawnSync("secret-tool", args, {
-        encoding: "utf8"
-      });
-    }
-  };
-}
-function createKeychainStore() {
-  if (process.platform === "darwin") {
-    if (!commandExists("security")) {
-      return null;
-    }
-    return createMacosSecurityStore();
-  }
-  if (process.platform === "linux") {
-    if (!commandExists("secret-tool")) {
-      return null;
-    }
-    return createLinuxSecretToolStore();
-  }
-  return null;
-}
-
 export {
-  createKeychainStore,
   extractErrorMessage,
   normalizeError,
+  selectCloudCredential,
   normalizeNamespace,
   resolveNamespaceDir,
   resolveCloudSelection,