npm - oversky - Versions diffs - 0.1.0 - Mend

oversky 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

package/dist/auth.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+export declare function getToken(): string | null;
+export declare function saveToken(token: string, expiresAt?: number): void;
+export declare function removeToken(): void;
+/**
+ * Start a local HTTP server to receive the OAuth callback token.
+ * Opens the browser to the server's daemon auth page, which redirects
+ * back to localhost with the JWT.
+ */
+export declare function loginFlow(serverUrl: string): Promise<string>;
+/**
+ * Prompt the user for a token directly in the terminal (fallback).
+ */
+export declare function loginPrompt(): Promise<string>;
+/**
+ * Device authorization flow — like `gh auth login`.
+ * 1. Request a one-time device code from the server
+ * 2. Print a URL for the user to open in their browser
+ * 3. Poll until the user approves the code in the browser
+ * 4. Receive and save the daemon JWT
+ */
+export declare function loginWithUrl(serverUrl: string): Promise<string>;
+/**
+ * Login via email/password against the API's /api/auth/login endpoint.
+ * Works with local dev servers without needing the /auth/daemon OAuth route.
+ */
+export declare function loginWithCredentials(serverUrl: string): Promise<string>;

package/dist/auth.js ADDED Viewed

@@ -0,0 +1,221 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import http from 'node:http';
+import { exec } from 'node:child_process';
+import { createInterface } from 'node:readline';
+import { getConfigDir } from './config.js';
+const AUTH_PATH = path.join(getConfigDir(), 'auth.json');
+export function getToken() {
+    try {
+        if (fs.existsSync(AUTH_PATH)) {
+            const raw = fs.readFileSync(AUTH_PATH, 'utf-8');
+            const data = JSON.parse(raw);
+            if (data.expiresAt && Date.now() > data.expiresAt) {
+                return null;
+            }
+            return data.token || null;
+        }
+    }
+    catch {
+        // Fall through
+    }
+    return null;
+}
+export function saveToken(token, expiresAt) {
+    const dir = getConfigDir();
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    const data = { token };
+    if (expiresAt) {
+        data.expiresAt = expiresAt;
+    }
+    fs.writeFileSync(AUTH_PATH, JSON.stringify(data, null, 2) + '\n', 'utf-8');
+    fs.chmodSync(AUTH_PATH, 0o600);
+}
+export function removeToken() {
+    try {
+        if (fs.existsSync(AUTH_PATH)) {
+            fs.unlinkSync(AUTH_PATH);
+        }
+    }
+    catch {
+        // Ignore
+    }
+}
+/**
+ * Start a local HTTP server to receive the OAuth callback token.
+ * Opens the browser to the server's daemon auth page, which redirects
+ * back to localhost with the JWT.
+ */
+export async function loginFlow(serverUrl) {
+    return new Promise((resolve, reject) => {
+        const server = http.createServer((req, res) => {
+            const url = new URL(req.url || '/', `http://localhost`);
+            const token = url.searchParams.get('token');
+            const expiresAt = url.searchParams.get('expiresAt');
+            if (token) {
+                saveToken(token, expiresAt ? parseInt(expiresAt, 10) : undefined);
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h2>Login successful! You can close this tab.</h2></body></html>');
+                server.close();
+                resolve(token);
+            }
+            else {
+                res.writeHead(400, { 'Content-Type': 'text/plain' });
+                res.end('Missing token');
+            }
+        });
+        server.listen(0, '127.0.0.1', () => {
+            const addr = server.address();
+            if (!addr || typeof addr === 'string') {
+                server.close();
+                reject(new Error('Failed to start callback server'));
+                return;
+            }
+            const callbackUrl = `http://127.0.0.1:${addr.port}/callback`;
+            const loginUrl = `${serverUrl}/auth/daemon?callback=${encodeURIComponent(callbackUrl)}`;
+            console.log(`\nOpen this URL in your browser to log in:\n  ${loginUrl}\n`);
+            // Try to open browser
+            const openCmd = process.platform === 'darwin'
+                ? 'open'
+                : process.platform === 'win32'
+                    ? 'start'
+                    : 'xdg-open';
+            exec(`${openCmd} "${loginUrl}"`, () => {
+                // Ignore errors - user can open manually
+            });
+        });
+        // Timeout after 5 minutes
+        setTimeout(() => {
+            server.close();
+            reject(new Error('Login timed out after 5 minutes'));
+        }, 300_000);
+    });
+}
+/**
+ * Prompt the user for a token directly in the terminal (fallback).
+ */
+export async function loginPrompt() {
+    const rl = createInterface({ input: process.stdin, output: process.stdout });
+    return new Promise((resolve) => {
+        rl.question('Paste your JWT token: ', (token) => {
+            rl.close();
+            if (token.trim()) {
+                saveToken(token.trim());
+                resolve(token.trim());
+            }
+            else {
+                resolve('');
+            }
+        });
+    });
+}
+/**
+ * Device authorization flow — like `gh auth login`.
+ * 1. Request a one-time device code from the server
+ * 2. Print a URL for the user to open in their browser
+ * 3. Poll until the user approves the code in the browser
+ * 4. Receive and save the daemon JWT
+ */
+export async function loginWithUrl(serverUrl) {
+    // Step 1: Get a device code
+    const codeRes = await fetch(`${serverUrl}/api/daemons/device-code`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+    });
+    if (!codeRes.ok) {
+        const body = await codeRes.text();
+        throw new Error(`Failed to get device code (${codeRes.status}): ${body}`);
+    }
+    const { code, verificationUrl, expiresIn } = await codeRes.json();
+    // Step 2: Show the URL to the user
+    console.log('');
+    console.log(`  Open this URL in your browser to log in:\n`);
+    console.log(`    ${verificationUrl}\n`);
+    console.log(`  Or go to ${serverUrl}/login/device and enter code: ${code}\n`);
+    console.log(`  Waiting for approval...`);
+    // Try to open browser automatically
+    const openCmd = process.platform === 'darwin'
+        ? 'open'
+        : process.platform === 'win32'
+            ? 'start'
+            : 'xdg-open';
+    exec(`${openCmd} "${verificationUrl}"`, () => { });
+    // Step 3: Poll for approval
+    const pollInterval = 2000; // 2s
+    const deadline = Date.now() + expiresIn * 1000;
+    while (Date.now() < deadline) {
+        await new Promise((r) => setTimeout(r, pollInterval));
+        try {
+            const statusRes = await fetch(`${serverUrl}/api/daemons/device-code/${encodeURIComponent(code)}/status`);
+            if (!statusRes.ok) {
+                if (statusRes.status === 404) {
+                    throw new Error('Device code expired. Please try again.');
+                }
+                continue; // Transient error, keep polling
+            }
+            const data = await statusRes.json();
+            if (data.status === 'approved' && data.token) {
+                const expiresAt = data.expiresAt ? new Date(data.expiresAt).getTime() : undefined;
+                saveToken(data.token, expiresAt);
+                return data.token;
+            }
+        }
+        catch (err) {
+            if (err instanceof Error && err.message.includes('expired')) {
+                throw err;
+            }
+            // Transient network error, keep polling
+        }
+    }
+    throw new Error('Login timed out. Please try again.');
+}
+/**
+ * Login via email/password against the API's /api/auth/login endpoint.
+ * Works with local dev servers without needing the /auth/daemon OAuth route.
+ */
+export async function loginWithCredentials(serverUrl) {
+    const rl = createInterface({ input: process.stdin, output: process.stdout });
+    const ask = (question) => new Promise((resolve) => rl.question(question, resolve));
+    try {
+        const email = await ask('  Email: ');
+        const password = await ask('  Password: ');
+        rl.close();
+        console.log('  Authenticating...');
+        const res = await fetch(`${serverUrl}/api/auth/login`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ email: email.trim(), password: password.trim() }),
+        });
+        if (!res.ok) {
+            const body = await res.text();
+            throw new Error(`Login failed (${res.status}): ${body}`);
+        }
+        const data = await res.json();
+        if (!data.token) {
+            throw new Error('No token in login response');
+        }
+        // Now use the session token to get a long-lived daemon token
+        const daemonRes = await fetch(`${serverUrl}/api/daemons/token`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${data.token}`,
+            },
+        });
+        if (daemonRes.ok) {
+            const daemonData = await daemonRes.json();
+            saveToken(daemonData.token, new Date(daemonData.expiresAt).getTime());
+            return daemonData.token;
+        }
+        // Fallback: use the session token directly if daemon token endpoint fails
+        saveToken(data.token);
+        return data.token;
+    }
+    catch (err) {
+        rl.close();
+        throw err;
+    }
+}
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,WAAW,CAAC,CAAC;AAOzD,MAAM,UAAU,QAAQ;IACtB,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,IAAI,GAAa,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBAClD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC;QAC5B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAa,EAAE,SAAkB;IACzD,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,MAAM,IAAI,GAAa,EAAE,KAAK,EAAE,CAAC;IACjC,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IAC3E,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,SAAS;IACX,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,SAAiB;IAC/C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC5C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;YACxD,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAEpD,IAAI,KAAK,EAAE,CAAC;gBACV,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;gBAClE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;gBACxF,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;gBACrD,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;YACjC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;gBACrD,OAAO;YACT,CAAC;YACD,MAAM,WAAW,GAAG,oBAAoB,IAAI,CAAC,IAAI,WAAW,CAAC;YAC7D,MAAM,QAAQ,GAAG,GAAG,SAAS,yBAAyB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;YAExF,OAAO,CAAC,GAAG,CAAC,iDAAiD,QAAQ,IAAI,CAAC,CAAC;YAE3E,sBAAsB;YACtB,MAAM,OAAO,GACX,OAAO,CAAC,QAAQ,KAAK,QAAQ;gBAC3B,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,OAAO;oBAC5B,CAAC,CAAC,OAAO;oBACT,CAAC,CAAC,UAAU,CAAC;YACnB,IAAI,CAAC,GAAG,OAAO,KAAK,QAAQ,GAAG,EAAE,GAAG,EAAE;gBACpC,yCAAyC;YAC3C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,0BAA0B;QAC1B,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACvD,CAAC,EAAE,OAAO,CAAC,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,wBAAwB,EAAE,CAAC,KAAK,EAAE,EAAE;YAC9C,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBACjB,SAAS,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxB,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACxB,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,EAAE,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,SAAiB;IAClD,4BAA4B;IAC5B,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,0BAA0B,EAAE;QAClE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CAAC,CAAC;IAEH,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QAChB,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,OAAO,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC,IAAI,EAI9D,CAAC;IAEF,mCAAmC;IACnC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,OAAO,eAAe,IAAI,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,cAAc,SAAS,iCAAiC,IAAI,IAAI,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAEzC,oCAAoC;IACpC,MAAM,OAAO,GACX,OAAO,CAAC,QAAQ,KAAK,QAAQ;QAC3B,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,OAAO;YAC5B,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,UAAU,CAAC;IACnB,IAAI,CAAC,GAAG,OAAO,KAAK,eAAe,GAAG,EAAE,GAAG,EAAE,GAAuB,CAAC,CAAC,CAAC;IAEvE,4BAA4B;IAC5B,MAAM,YAAY,GAAG,IAAI,CAAC,CAAC,KAAK;IAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,IAAI,CAAC;IAE/C,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC;QAEtD,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,KAAK,CAC3B,GAAG,SAAS,4BAA4B,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAC1E,CAAC;YAEF,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;gBAClB,IAAI,SAAS,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBAC5D,CAAC;gBACD,SAAS,CAAC,gCAAgC;YAC5C,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,IAAI,EAIhC,CAAC;YAEF,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAClF,SAAS,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;gBACjC,OAAO,IAAI,CAAC,KAAK,CAAC;YACpB,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5D,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,wCAAwC;QAC1C,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;AACxD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,SAAiB;IAC1D,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAE7E,MAAM,GAAG,GAAG,CAAC,QAAgB,EAAmB,EAAE,CAChD,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAE3D,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,CAAC;QAC3C,EAAE,CAAC,KAAK,EAAE,CAAC;QAEX,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAEnC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,iBAAiB,EAAE;YACrD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC;SACzE,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,iBAAiB,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAwB,CAAC;QACpD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,6DAA6D;QAC7D,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,oBAAoB,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,KAAK,EAAE;aACtC;SACF,CAAC,CAAC;QAEH,IAAI,SAAS,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,IAAI,EAA0C,CAAC;YAClF,SAAS,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YACtE,OAAO,UAAU,CAAC,KAAK,CAAC;QAC1B,CAAC;QAED,0EAA0E;QAC1E,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,EAAE,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC"}

package/dist/config.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+export interface PermissionsConfig {
+    autoApproveReads: boolean;
+    autoApproveWrites: boolean;
+    autoApproveBash: boolean;
+    blockedPaths: string[];
+    allowedWritePaths: string[];
+}
+export interface LimitsConfig {
+    maxFileReadSize: number;
+    bashTimeout: number;
+    maxConcurrentTools: number;
+}
+export interface DaemonConfig {
+    serverUrl: string;
+    permissions: PermissionsConfig;
+    limits: LimitsConfig;
+}
+export declare function loadConfig(): DaemonConfig;
+export declare function saveConfig(config: DaemonConfig): void;
+export declare function getConfigDir(): string;

package/dist/config.js ADDED Viewed

@@ -0,0 +1,52 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+const CONFIG_DIR = path.join(os.homedir(), '.oversky');
+const CONFIG_PATH = path.join(CONFIG_DIR, 'daemon.json');
+const DEFAULT_CONFIG = {
+    // TODO: Change to https://oversky.ai once custom domain is configured
+    serverUrl: 'https://desxylhmg82bz.cloudfront.net',
+    permissions: {
+        autoApproveReads: true,
+        autoApproveWrites: false,
+        autoApproveBash: false,
+        blockedPaths: ['.env', '.env.*', '*.pem', '*.key', '.ssh/'],
+        allowedWritePaths: ['src/**', 'tests/**'],
+    },
+    limits: {
+        maxFileReadSize: 524288, // 500KB
+        bashTimeout: 120000, // 120s
+        maxConcurrentTools: 5,
+    },
+};
+function ensureConfigDir() {
+    if (!fs.existsSync(CONFIG_DIR)) {
+        fs.mkdirSync(CONFIG_DIR, { recursive: true });
+    }
+}
+export function loadConfig() {
+    try {
+        if (fs.existsSync(CONFIG_PATH)) {
+            const raw = fs.readFileSync(CONFIG_PATH, 'utf-8');
+            const parsed = JSON.parse(raw);
+            return {
+                ...DEFAULT_CONFIG,
+                ...parsed,
+                permissions: { ...DEFAULT_CONFIG.permissions, ...parsed.permissions },
+                limits: { ...DEFAULT_CONFIG.limits, ...parsed.limits },
+            };
+        }
+    }
+    catch {
+        // Fall through to default
+    }
+    return { ...DEFAULT_CONFIG };
+}
+export function saveConfig(config) {
+    ensureConfigDir();
+    fs.writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+}
+export function getConfigDir() {
+    return CONFIG_DIR;
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAsBzB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;AACvD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AAEzD,MAAM,cAAc,GAAiB;IACnC,sEAAsE;IACtE,SAAS,EAAE,sCAAsC;IACjD,WAAW,EAAE;QACX,gBAAgB,EAAE,IAAI;QACtB,iBAAiB,EAAE,KAAK;QACxB,eAAe,EAAE,KAAK;QACtB,YAAY,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;QAC3D,iBAAiB,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;KAC1C;IACD,MAAM,EAAE;QACN,eAAe,EAAE,MAAM,EAAE,QAAQ;QACjC,WAAW,EAAE,MAAM,EAAE,OAAO;QAC5B,kBAAkB,EAAE,CAAC;KACtB;CACF,CAAC;AAEF,SAAS,eAAe;IACtB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,OAAO;gBACL,GAAG,cAAc;gBACjB,GAAG,MAAM;gBACT,WAAW,EAAE,EAAE,GAAG,cAAc,CAAC,WAAW,EAAE,GAAG,MAAM,CAAC,WAAW,EAAE;gBACrE,MAAM,EAAE,EAAE,GAAG,cAAc,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE;aACvD,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,0BAA0B;IAC5B,CAAC;IACD,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAoB;IAC7C,eAAe,EAAE,CAAC;IAClB,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AACjF,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,OAAO,UAAU,CAAC;AACpB,CAAC"}

package/dist/connection.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { type Socket } from 'socket.io-client';
+import { type DaemonConfig } from './config.js';
+export interface DaemonConnection {
+    socket: Socket;
+    daemonId: string;
+    disconnect: () => void;
+}
+/**
+ * Connect to the OverSky server and register as a daemon.
+ * Handles reconnection with exponential backoff, heartbeat, and tool dispatch.
+ *
+ * Exported for library use (e.g., embedding in a desktop app).
+ */
+export declare function connectDaemon(serverUrl: string, token: string, cwd: string, config: DaemonConfig): DaemonConnection;

package/dist/connection.js ADDED Viewed

@@ -0,0 +1,93 @@
+import { io } from 'socket.io-client';
+import os from 'node:os';
+import { generateDaemonId, getDeviceName } from './registry.js';
+import { startHeartbeat, stopHeartbeat } from './heartbeat.js';
+import { executeToolRequest } from './executor.js';
+import { showConnecting, showConnected, showDisconnected, showReconnecting, showError, showInfo, } from './ui.js';
+const SUPPORTED_TOOLS = ['bash', 'read', 'write', 'edit', 'glob', 'grep'];
+const VERSION = '0.1.0';
+/**
+ * Connect to the OverSky server and register as a daemon.
+ * Handles reconnection with exponential backoff, heartbeat, and tool dispatch.
+ *
+ * Exported for library use (e.g., embedding in a desktop app).
+ */
+export function connectDaemon(serverUrl, token, cwd, config) {
+    const daemonId = generateDaemonId(cwd);
+    const deviceName = getDeviceName();
+    showConnecting(serverUrl);
+    const socket = io(serverUrl, {
+        path: '/ws/agentic',
+        auth: { token },
+        transports: ['websocket', 'polling'],
+        reconnection: true,
+        reconnectionDelay: 1000,
+        reconnectionDelayMax: 5000,
+        reconnectionAttempts: 50,
+    });
+    // --- Connection lifecycle ---
+    socket.on('connect', () => {
+        showConnected();
+        // Register with the server
+        socket.emit('daemon:register', {
+            daemonId,
+            deviceName,
+            capabilities: SUPPORTED_TOOLS,
+            cwd,
+            platform: os.platform(),
+            arch: os.arch(),
+            version: VERSION,
+            nodeVersion: process.version,
+        });
+    });
+    socket.on('daemon:registered', (data) => {
+        showInfo(`Registered as ${data.daemonId}`);
+        startHeartbeat(socket, daemonId);
+    });
+    socket.on('disconnect', (reason) => {
+        stopHeartbeat();
+        showDisconnected(reason);
+    });
+    socket.io.on('reconnect_attempt', (attempt) => {
+        showReconnecting(attempt);
+    });
+    socket.io.on('reconnect', () => {
+        showConnected();
+        // Re-register after reconnection
+        socket.emit('daemon:register', {
+            daemonId,
+            deviceName,
+            capabilities: SUPPORTED_TOOLS,
+            cwd,
+            platform: os.platform(),
+            arch: os.arch(),
+            version: VERSION,
+            nodeVersion: process.version,
+        });
+    });
+    socket.io.on('reconnect_failed', () => {
+        showError('Reconnection failed after maximum attempts');
+    });
+    socket.on('connect_error', (err) => {
+        showError(`Connection error: ${err.message}`);
+    });
+    // --- Tool execution ---
+    socket.on('daemon:tool:request', async (data) => {
+        const response = await executeToolRequest(data, config, cwd);
+        socket.emit('daemon:tool:response', response);
+    });
+    // --- Error handling ---
+    socket.on('error:unauthorized', (data) => {
+        showError(`Unauthorized: ${data.event}${data.sessionId ? ` (session: ${data.sessionId})` : ''}`);
+    });
+    socket.on('error:validation', (data) => {
+        showError(`Validation error: ${data.event} - ${data.message}`);
+    });
+    // --- Cleanup ---
+    const disconnect = () => {
+        stopHeartbeat();
+        socket.disconnect();
+    };
+    return { socket, daemonId, disconnect };
+}
+//# sourceMappingURL=connection.js.map

package/dist/connection.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"connection.js","sourceRoot":"","sources":["../src/connection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAe,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,kBAAkB,EAAuC,MAAM,eAAe,CAAC;AACxF,OAAO,EACL,cAAc,EACd,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,SAAS,EACT,QAAQ,GACT,MAAM,SAAS,CAAC;AAEjB,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1E,MAAM,OAAO,GAAG,OAAO,CAAC;AAQxB;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAC3B,SAAiB,EACjB,KAAa,EACb,GAAW,EACX,MAAoB;IAEpB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IAEnC,cAAc,CAAC,SAAS,CAAC,CAAC;IAE1B,MAAM,MAAM,GAAG,EAAE,CAAC,SAAS,EAAE;QAC3B,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,EAAE,KAAK,EAAE;QACf,UAAU,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;QACpC,YAAY,EAAE,IAAI;QAClB,iBAAiB,EAAE,IAAI;QACvB,oBAAoB,EAAE,IAAI;QAC1B,oBAAoB,EAAE,EAAE;KACzB,CAAC,CAAC;IAEH,+BAA+B;IAE/B,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;QACxB,aAAa,EAAE,CAAC;QAEhB,2BAA2B;QAC3B,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE;YAC7B,QAAQ;YACR,UAAU;YACV,YAAY,EAAE,eAAe;YAC7B,GAAG;YACH,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE;YACvB,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE;YACf,OAAO,EAAE,OAAO;YAChB,WAAW,EAAE,OAAO,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,mBAAmB,EAAE,CAAC,IAA0B,EAAE,EAAE;QAC5D,QAAQ,CAAC,iBAAiB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3C,cAAc,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,YAAY,EAAE,CAAC,MAAc,EAAE,EAAE;QACzC,aAAa,EAAE,CAAC;QAChB,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,mBAAmB,EAAE,CAAC,OAAe,EAAE,EAAE;QACpD,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE;QAC7B,aAAa,EAAE,CAAC;QAChB,iCAAiC;QACjC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE;YAC7B,QAAQ;YACR,UAAU;YACV,YAAY,EAAE,eAAe;YAC7B,GAAG;YACH,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE;YACvB,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE;YACf,OAAO,EAAE,OAAO;YAChB,WAAW,EAAE,OAAO,CAAC,OAAO;SAC7B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,kBAAkB,EAAE,GAAG,EAAE;QACpC,SAAS,CAAC,4CAA4C,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,GAAU,EAAE,EAAE;QACxC,SAAS,CAAC,qBAAqB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,yBAAyB;IAEzB,MAAM,CAAC,EAAE,CAAC,qBAAqB,EAAE,KAAK,EAAE,IAAiB,EAAE,EAAE;QAC3D,MAAM,QAAQ,GAAiB,MAAM,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QAC3E,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,yBAAyB;IAEzB,MAAM,CAAC,EAAE,CAAC,oBAAoB,EAAE,CAAC,IAA2C,EAAE,EAAE;QAC9E,SAAS,CAAC,iBAAiB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnG,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,kBAAkB,EAAE,CAAC,IAAwC,EAAE,EAAE;QACzE,SAAS,CAAC,qBAAqB,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,kBAAkB;IAElB,MAAM,UAAU,GAAG,GAAG,EAAE;QACtB,aAAa,EAAE,CAAC;QAChB,MAAM,CAAC,UAAU,EAAE,CAAC;IACtB,CAAC,CAAC;IAEF,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAC1C,CAAC"}

package/dist/executor.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import { type DaemonConfig } from './config.js';
+export interface ToolRequest {
+    toolName: string;
+    toolInput: Record<string, unknown>;
+    toolUseId: string;
+    sessionId: string;
+    timeout?: number;
+}
+export interface ToolResponse {
+    toolUseId: string;
+    sessionId: string;
+    result: unknown;
+    error: string | null;
+    duration: number;
+}
+/**
+ * Dispatch a tool request to the appropriate executor.
+ * Handles permission checking, execution, timing, and error wrapping.
+ */
+export declare function executeToolRequest(request: ToolRequest, config: DaemonConfig, cwd: string): Promise<ToolResponse>;

package/dist/executor.js ADDED Viewed

@@ -0,0 +1,187 @@
+import { checkPermission } from './permissions.js';
+import { showToolExecution, showToolResult, showPermissionDenied } from './ui.js';
+import { executeBash } from './tools/bash.js';
+import { executeRead } from './tools/read.js';
+import { executeWrite } from './tools/write.js';
+import { executeEdit } from './tools/edit.js';
+import { executeGlob } from './tools/glob.js';
+import { executeGrep } from './tools/grep.js';
+/** Active executions for concurrency limiting */
+let activeCount = 0;
+/** Wrap a promise with a timeout. Rejects if the promise doesn't settle in time. */
+function withTimeout(promise, ms, message) {
+    return new Promise((resolve, reject) => {
+        const timer = setTimeout(() => reject(new Error(message)), ms);
+        promise.then((val) => { clearTimeout(timer); resolve(val); }, (err) => { clearTimeout(timer); reject(err); });
+    });
+}
+/**
+ * Dispatch a tool request to the appropriate executor.
+ * Handles permission checking, execution, timing, and error wrapping.
+ */
+export async function executeToolRequest(request, config, cwd) {
+    const start = Date.now();
+    const { toolName, toolInput, toolUseId, sessionId } = request;
+    // Concurrency check
+    if (activeCount >= config.limits.maxConcurrentTools) {
+        return {
+            toolUseId,
+            sessionId,
+            result: null,
+            error: `Too many concurrent tool executions (max ${config.limits.maxConcurrentTools})`,
+            duration: Date.now() - start,
+        };
+    }
+    // Permission check
+    const decision = await checkPermission({ toolName, toolInput }, config, cwd);
+    if (decision === 'deny') {
+        showPermissionDenied(toolName);
+        return {
+            toolUseId,
+            sessionId,
+            result: null,
+            error: 'Permission denied by user',
+            duration: Date.now() - start,
+        };
+    }
+    activeCount++;
+    showToolExecution(toolName, describeTool(toolName, toolInput));
+    try {
+        // Apply timeout to all tools (Bash uses its own timeout internally,
+        // but non-Bash tools need an outer timeout to prevent indefinite hangs)
+        const timeout = request.timeout || (toolName.toLowerCase() === 'bash' ? config.limits.bashTimeout : 30_000);
+        const rawResult = await withTimeout(dispatch(toolName, toolInput, config, cwd, request.timeout), timeout, `${toolName} timed out after ${timeout}ms`);
+        const result = normalizeResult(toolName, rawResult);
+        const duration = Date.now() - start;
+        showToolResult(toolName, duration, true);
+        return { toolUseId, sessionId, result, error: null, duration };
+    }
+    catch (err) {
+        const duration = Date.now() - start;
+        const errorMsg = err instanceof Error ? err.message : String(err);
+        showToolResult(toolName, duration, false);
+        return { toolUseId, sessionId, result: null, error: errorMsg, duration };
+    }
+    finally {
+        activeCount--;
+    }
+}
+/**
+ * Route to the correct tool executor.
+ */
+async function dispatch(toolName, toolInput, config, cwd, timeout) {
+    // SDK sends PascalCase tool names (Bash, Read, Write, etc.)
+    // Normalize to lowercase for matching
+    switch (toolName.toLowerCase()) {
+        case 'bash':
+            return executeBash({
+                command: toolInput.command,
+                cwd: toolInput.cwd,
+                timeout: timeout || config.limits.bashTimeout,
+            }, cwd, config.limits.bashTimeout);
+        case 'read':
+            return executeRead({
+                file_path: toolInput.file_path,
+                offset: toolInput.offset,
+                limit: toolInput.limit,
+            }, cwd, config.limits.maxFileReadSize);
+        case 'write':
+            return executeWrite({
+                file_path: toolInput.file_path,
+                content: toolInput.content,
+            }, cwd);
+        case 'edit':
+            return executeEdit({
+                file_path: toolInput.file_path,
+                old_string: toolInput.old_string,
+                new_string: toolInput.new_string,
+                replace_all: toolInput.replace_all,
+            }, cwd);
+        case 'glob':
+            return executeGlob({
+                pattern: toolInput.pattern,
+                path: toolInput.path,
+            }, cwd);
+        case 'grep':
+            return executeGrep({
+                pattern: toolInput.pattern,
+                path: toolInput.path,
+                glob: toolInput.glob,
+                output_mode: toolInput.output_mode,
+                '-i': toolInput['-i'],
+                '-n': toolInput['-n'],
+                '-C': toolInput['-C'],
+                '-A': toolInput['-A'],
+                '-B': toolInput['-B'],
+                head_limit: toolInput.head_limit,
+            }, cwd);
+        default:
+            throw new Error(`Unknown tool: ${toolName}`);
+    }
+}
+/**
+ * Normalize tool results to a string so the server can interpolate them
+ * directly into `_denyTool()` output without getting "[object Object]".
+ */
+function normalizeResult(toolName, result) {
+    if (typeof result === 'string') {
+        return result;
+    }
+    if (result == null) {
+        return '';
+    }
+    const r = result;
+    switch (toolName.toLowerCase()) {
+        case 'bash': {
+            // BashOutput: { output, exitCode, timedOut? }
+            let text = r.output || '';
+            if (r.timedOut) {
+                text += '\n[Command timed out]';
+            }
+            if (r.exitCode !== 0 && r.exitCode != null) {
+                text += `\n[Exit code: ${r.exitCode}]`;
+            }
+            return text;
+        }
+        case 'read':
+            // ReadOutput: { content, totalLines, truncated? }
+            return r.content || '';
+        case 'write':
+            // WriteOutput: { file_path, bytes, created }
+            return `${r.created ? 'Created' : 'Updated'} ${r.file_path} (${r.bytes} bytes)`;
+        case 'edit':
+            // EditOutput: { file_path, replacements, lineRange }
+            return `Edited ${r.file_path}: ${r.replacements} replacement(s) at lines ${r.lineRange?.start}-${r.lineRange?.end}`;
+        case 'glob': {
+            // GlobOutput: { files, count }
+            const files = r.files;
+            return files?.length ? files.join('\n') : 'No files found';
+        }
+        case 'grep':
+            // GrepOutput: { output, matchCount, tool }
+            return r.output || 'No matches found';
+        default:
+            return JSON.stringify(result, null, 2);
+    }
+}
+function describeTool(toolName, toolInput) {
+    switch (toolName.toLowerCase()) {
+        case 'bash': {
+            const cmd = (toolInput.command || '');
+            return cmd.length > 60 ? cmd.slice(0, 60) + '...' : cmd;
+        }
+        case 'read':
+            return toolInput.file_path;
+        case 'write':
+            return toolInput.file_path;
+        case 'edit':
+            return toolInput.file_path;
+        case 'glob':
+            return toolInput.pattern;
+        case 'grep':
+            return `/${toolInput.pattern}/`;
+        default:
+            return toolName;
+    }
+}
+//# sourceMappingURL=executor.js.map