perplexity-user-mcp 0.8.36

package/dist/checks/probe.d.ts

@@ -0,0 +1,93 @@
+const CATEGORY = "probe";
+
+async function defaultSearch({ timeoutMs }) {
+  const { PerplexityClient } = await import('../client.d.ts');
+  const client = new PerplexityClient();
+  // Force the headless-only path so the probe never opens a visible browser
+  // window. The headed Cloudflare bootstrap was leaving Chrome windows
+  // dangling on every Deep check / probe re-run when init() or close() failed
+  // mid-flight; the probe is a smoke test for the headless search path that
+  // tools actually use, so skipping the headed phase is the right scope. The
+  // env var is restored in a finally so concurrent tool-call clients aren't
+  // affected.
+  const HEADLESS_KEY = "PERPLEXITY_HEADLESS_ONLY";
+  const prevHeadlessOnly = process.env[HEADLESS_KEY];
+  process.env[HEADLESS_KEY] = "1";
+  const t0 = Date.now();
+  try {
+    // init() is INSIDE the try so the finally always runs shutdown(), even
+    // when init throws (browser launch failure, CF timeout, etc.). Previously
+    // a failed init left both the persistent context AND the freshly-spawned
+    // chrome.exe dangling, which is how visible browser windows were piling
+    // up across repeated Deep check clicks.
+    await client.init();
+    const authenticated = client.authenticated;
+    const result = await client.search({
+      query: "What is the capital of France? Cite at least one web source.",
+      modelPreference: "turbo",
+      mode: "concise",
+      sources: ["web"],
+      language: "en-US",
+    });
+    const elapsedMs = Date.now() - t0;
+    return {
+      answer: result.answer ?? "",
+      sources: result.sources ?? [],
+      elapsedMs,
+      authenticated,
+      threadUrl: result.threadUrl ?? null,
+    };
+  } finally {
+    await client.shutdown().catch(() => {});
+    if (prevHeadlessOnly === undefined) delete process.env[HEADLESS_KEY];
+    else process.env[HEADLESS_KEY] = prevHeadlessOnly;
+  }
+}
+
+async function run(opts = {}) {
+  if (!opts.probe) {
+    return [{ category: CATEGORY, name: "probe-search", status: "skip", message: "skipped (pass --probe to enable)" }];
+  }
+  const timeoutMs = opts.timeoutMs ?? 10_000;
+  const search = opts.searchOverride ?? defaultSearch;
+  try {
+    const result = await search({ timeoutMs });
+    if (!result.sources || result.sources.length === 0) {
+      if (result.authenticated && (result.answer?.trim() || result.threadUrl)) {
+        return [{
+          category: CATEGORY,
+          name: "probe-search",
+          status: "warn",
+          message: `probe search completed without citations (latency ${result.elapsedMs}ms)`,
+          hint: "Session appears authenticated, but Perplexity returned no sources for the probe query. Retry once before treating this as an auth failure.",
+        }];
+      }
+      return [{
+        category: CATEGORY,
+        name: "probe-search",
+        status: "fail",
+        message: `probe returned no sources (latency ${result.elapsedMs}ms)`,
+        hint: result.authenticated
+          ? "Perplexity returned no citations for the probe query. Retry once; if it persists, inspect the extension logs."
+          : "Session may be anonymous — run login, then --probe again.",
+      }];
+    }
+    return [{
+      category: CATEGORY,
+      name: "probe-search",
+      status: "pass",
+      message: `live search returned ${result.sources.length} source(s) in ${result.elapsedMs}ms`,
+      detail: { latencyMs: result.elapsedMs, sourceCount: result.sources.length },
+    }];
+  } catch (err) {
+    return [{
+      category: CATEGORY,
+      name: "probe-search",
+      status: "fail",
+      message: `probe failed: ${err.message}`,
+      hint: "Check network / auth — run `doctor` without --probe to see which category regressed.",
+    }];
+  }
+}
+
+export { run };

package/dist/checks/probe.mjs

@@ -0,0 +1,82 @@
+import "../chunk-4UEJOM6W.mjs";
+
+// src/checks/probe.js
+var CATEGORY = "probe";
+async function defaultSearch({ timeoutMs }) {
+  const { PerplexityClient } = await import("../client.mjs");
+  const client = new PerplexityClient();
+  const HEADLESS_KEY = "PERPLEXITY_HEADLESS_ONLY";
+  const prevHeadlessOnly = process.env[HEADLESS_KEY];
+  process.env[HEADLESS_KEY] = "1";
+  const t0 = Date.now();
+  try {
+    await client.init();
+    const authenticated = client.authenticated;
+    const result = await client.search({
+      query: "What is the capital of France? Cite at least one web source.",
+      modelPreference: "turbo",
+      mode: "concise",
+      sources: ["web"],
+      language: "en-US"
+    });
+    const elapsedMs = Date.now() - t0;
+    return {
+      answer: result.answer ?? "",
+      sources: result.sources ?? [],
+      elapsedMs,
+      authenticated,
+      threadUrl: result.threadUrl ?? null
+    };
+  } finally {
+    await client.shutdown().catch(() => {
+    });
+    if (prevHeadlessOnly === void 0) delete process.env[HEADLESS_KEY];
+    else process.env[HEADLESS_KEY] = prevHeadlessOnly;
+  }
+}
+async function run(opts = {}) {
+  if (!opts.probe) {
+    return [{ category: CATEGORY, name: "probe-search", status: "skip", message: "skipped (pass --probe to enable)" }];
+  }
+  const timeoutMs = opts.timeoutMs ?? 1e4;
+  const search = opts.searchOverride ?? defaultSearch;
+  try {
+    const result = await search({ timeoutMs });
+    if (!result.sources || result.sources.length === 0) {
+      if (result.authenticated && (result.answer?.trim() || result.threadUrl)) {
+        return [{
+          category: CATEGORY,
+          name: "probe-search",
+          status: "warn",
+          message: `probe search completed without citations (latency ${result.elapsedMs}ms)`,
+          hint: "Session appears authenticated, but Perplexity returned no sources for the probe query. Retry once before treating this as an auth failure."
+        }];
+      }
+      return [{
+        category: CATEGORY,
+        name: "probe-search",
+        status: "fail",
+        message: `probe returned no sources (latency ${result.elapsedMs}ms)`,
+        hint: result.authenticated ? "Perplexity returned no citations for the probe query. Retry once; if it persists, inspect the extension logs." : "Session may be anonymous \u2014 run login, then --probe again."
+      }];
+    }
+    return [{
+      category: CATEGORY,
+      name: "probe-search",
+      status: "pass",
+      message: `live search returned ${result.sources.length} source(s) in ${result.elapsedMs}ms`,
+      detail: { latencyMs: result.elapsedMs, sourceCount: result.sources.length }
+    }];
+  } catch (err) {
+    return [{
+      category: CATEGORY,
+      name: "probe-search",
+      status: "fail",
+      message: `probe failed: ${err.message}`,
+      hint: "Check network / auth \u2014 run `doctor` without --probe to see which category regressed."
+    }];
+  }
+}
+export {
+  run
+};

package/dist/checks/profiles.d.ts

@@ -0,0 +1,99 @@
+import { existsSync, readdirSync, readFileSync, statSync } from 'node:fs';
+import { join } from 'node:path';
+
+const CATEGORY = "profiles";
+const STALE_CACHE_DAYS = 7;
+
+async function run(opts = {}) {
+  const dir = opts.configDir;
+  const results = [];
+  const profilesDir = join(dir, "profiles");
+
+  if (!existsSync(profilesDir)) {
+    results.push({ category: CATEGORY, name: "profile-count", status: "warn", message: "No profiles dir." });
+    return results;
+  }
+
+  const listing = readdirSync(profilesDir, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name);
+  const names = opts.allProfiles
+    ? listing
+    : opts.profile
+      ? [opts.profile]
+      : listing;
+
+  if (names.length === 0) {
+    results.push({
+      category: CATEGORY,
+      name: "profile-count",
+      status: "warn",
+      message: "No profiles found. Run `login` to create one.",
+    });
+    return results;
+  }
+  results.push({
+    category: CATEGORY,
+    name: "profile-count",
+    status: "pass",
+    message: `${names.length} profile(s): ${names.join(", ")}`,
+  });
+
+  for (const name of names) {
+    const pdir = join(profilesDir, name);
+    const meta = join(pdir, "meta.json");
+    try {
+      JSON.parse(readFileSync(meta, "utf8"));
+      results.push({ category: CATEGORY, name: `${name}/meta`, status: "pass", message: "valid" });
+    } catch {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/meta`,
+        status: "fail",
+        message: `${name}/meta.json missing or corrupt`,
+        hint: `Delete and re-run login for profile '${name}'.`,
+      });
+    }
+
+    const enc = join(pdir, "vault.enc");
+    const plain = join(pdir, "vault.json");
+    if (existsSync(enc)) {
+      results.push({ category: CATEGORY, name: `${name}/vault`, status: "pass", message: "encrypted" });
+    } else if (existsSync(plain)) {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/vault`,
+        status: "warn",
+        message: "plaintext opt-out (security.encryptCookies=false)",
+        hint: "Consider re-running login without --plain-cookies for encrypted storage.",
+      });
+    } else {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/vault`,
+        status: "warn",
+        message: "no vault file — profile never logged in",
+      });
+    }
+
+    const cache = join(pdir, "models-cache.json");
+    if (!existsSync(cache)) {
+      results.push({ category: CATEGORY, name: `${name}/models-cache`, status: "skip", message: "no cache yet" });
+    } else {
+      const ageDays = (Date.now() - statSync(cache).mtime.getTime()) / (24 * 3600 * 1000);
+      if (ageDays > STALE_CACHE_DAYS) {
+        results.push({
+          category: CATEGORY,
+          name: `${name}/models-cache`,
+          status: "warn",
+          message: `models cache is ${Math.round(ageDays)} days old`,
+          hint: "Open the dashboard and click 'Fetch live' to refresh.",
+        });
+      } else {
+        results.push({ category: CATEGORY, name: `${name}/models-cache`, status: "pass", message: `${Math.round(ageDays)}d old` });
+      }
+    }
+  }
+
+  return results;
+}
+
+export { run };

package/dist/checks/profiles.mjs

@@ -0,0 +1,90 @@
+import "../chunk-4UEJOM6W.mjs";
+
+// src/checks/profiles.js
+import { existsSync, readdirSync, readFileSync, statSync } from "fs";
+import { join } from "path";
+var CATEGORY = "profiles";
+var STALE_CACHE_DAYS = 7;
+async function run(opts = {}) {
+  const dir = opts.configDir;
+  const results = [];
+  const profilesDir = join(dir, "profiles");
+  if (!existsSync(profilesDir)) {
+    results.push({ category: CATEGORY, name: "profile-count", status: "warn", message: "No profiles dir." });
+    return results;
+  }
+  const listing = readdirSync(profilesDir, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name);
+  const names = opts.allProfiles ? listing : opts.profile ? [opts.profile] : listing;
+  if (names.length === 0) {
+    results.push({
+      category: CATEGORY,
+      name: "profile-count",
+      status: "warn",
+      message: "No profiles found. Run `login` to create one."
+    });
+    return results;
+  }
+  results.push({
+    category: CATEGORY,
+    name: "profile-count",
+    status: "pass",
+    message: `${names.length} profile(s): ${names.join(", ")}`
+  });
+  for (const name of names) {
+    const pdir = join(profilesDir, name);
+    const meta = join(pdir, "meta.json");
+    try {
+      JSON.parse(readFileSync(meta, "utf8"));
+      results.push({ category: CATEGORY, name: `${name}/meta`, status: "pass", message: "valid" });
+    } catch {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/meta`,
+        status: "fail",
+        message: `${name}/meta.json missing or corrupt`,
+        hint: `Delete and re-run login for profile '${name}'.`
+      });
+    }
+    const enc = join(pdir, "vault.enc");
+    const plain = join(pdir, "vault.json");
+    if (existsSync(enc)) {
+      results.push({ category: CATEGORY, name: `${name}/vault`, status: "pass", message: "encrypted" });
+    } else if (existsSync(plain)) {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/vault`,
+        status: "warn",
+        message: "plaintext opt-out (security.encryptCookies=false)",
+        hint: "Consider re-running login without --plain-cookies for encrypted storage."
+      });
+    } else {
+      results.push({
+        category: CATEGORY,
+        name: `${name}/vault`,
+        status: "warn",
+        message: "no vault file \u2014 profile never logged in"
+      });
+    }
+    const cache = join(pdir, "models-cache.json");
+    if (!existsSync(cache)) {
+      results.push({ category: CATEGORY, name: `${name}/models-cache`, status: "skip", message: "no cache yet" });
+    } else {
+      const ageDays = (Date.now() - statSync(cache).mtime.getTime()) / (24 * 3600 * 1e3);
+      if (ageDays > STALE_CACHE_DAYS) {
+        results.push({
+          category: CATEGORY,
+          name: `${name}/models-cache`,
+          status: "warn",
+          message: `models cache is ${Math.round(ageDays)} days old`,
+          hint: "Open the dashboard and click 'Fetch live' to refresh."
+        });
+      } else {
+        results.push({ category: CATEGORY, name: `${name}/models-cache`, status: "pass", message: `${Math.round(ageDays)}d old` });
+      }
+    }
+  }
+  return results;
+}
+export {
+  run
+};

package/dist/checks/runtime.d.ts

@@ -0,0 +1,89 @@
+import { readFileSync, existsSync } from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { spawn } from 'node:child_process';
+import { join } from 'node:path';
+
+const CATEGORY = "runtime";
+
+function parseMajor(v) {
+  const m = /^v?(\d+)\./.exec(v);
+  return m ? Number(m[1]) : NaN;
+}
+
+function defaultGitShaResolver(cwd) {
+  return new Promise((resolve) => {
+    const child = spawn("git", ["rev-parse", "--short", "HEAD"], { cwd, timeout: 2000 });
+    let out = "";
+    child.stdout?.on("data", (d) => { out += d.toString(); });
+    child.on("close", (code) => resolve(code === 0 ? out.trim() : null));
+    child.on("error", () => resolve(null));
+  });
+}
+
+function getPackageJsonCandidates(baseDir) {
+  const candidates = [];
+  if (baseDir) {
+    candidates.push(join(baseDir, "mcp", "package.json"));
+    candidates.push(join(baseDir, "package.json"));
+  }
+  const metaUrl = import.meta.url ?? null;
+  if (metaUrl) {
+    try {
+      candidates.push(fileURLToPath(new URL("../../package.json", metaUrl)));
+    } catch {}
+    try {
+      candidates.push(fileURLToPath(new URL("../package.json", metaUrl)));
+    } catch {}
+  }
+  return candidates;
+}
+
+async function run(opts = {}) {
+  const results = [];
+  const nodeVersion = opts.nodeVersionOverride ?? process.version;
+  const major = parseMajor(nodeVersion);
+  results.push({
+    category: CATEGORY,
+    name: "node-version",
+    status: major >= 20 ? "pass" : "fail",
+    message: `Node.js ${nodeVersion}`,
+    hint: major >= 20 ? undefined : "Upgrade to Node 20 or later (https://nodejs.org).",
+  });
+  results.push({ category: CATEGORY, name: "platform", status: "pass", message: `${process.platform} ${process.arch}` });
+  results.push({ category: CATEGORY, name: "arch", status: "pass", message: process.arch });
+
+  let version = "0.0.0";
+  for (const pkgPath of getPackageJsonCandidates(opts.baseDir)) {
+    try {
+      const pkg = JSON.parse(readFileSync(pkgPath, "utf8"));
+      if (pkg.name === "perplexity-user-mcp" && pkg.version) {
+        version = pkg.version;
+        break;
+      }
+    } catch {}
+  }
+  results.push({
+    category: CATEGORY,
+    name: "package-version",
+    status: "pass",
+    message: `perplexity-user-mcp ${version}`,
+    detail: { version },
+  });
+
+  const gitDir = opts.gitDirOverride ?? join(process.cwd(), ".git");
+  const resolver = opts.gitShaResolverOverride ?? defaultGitShaResolver;
+  if (!existsSync(gitDir)) {
+    results.push({ category: CATEGORY, name: "git-sha", status: "skip", message: "not a git checkout" });
+  } else {
+    const sha = await resolver(process.cwd());
+    if (sha) {
+      results.push({ category: CATEGORY, name: "git-sha", status: "pass", message: sha });
+    } else {
+      results.push({ category: CATEGORY, name: "git-sha", status: "skip", message: "git not on PATH" });
+    }
+  }
+
+  return results;
+}
+
+export { run };

package/dist/checks/runtime.mjs

@@ -0,0 +1,90 @@
+import "../chunk-4UEJOM6W.mjs";
+
+// src/checks/runtime.js
+import { readFileSync, existsSync } from "fs";
+import { fileURLToPath } from "url";
+import { spawn } from "child_process";
+import { join } from "path";
+var CATEGORY = "runtime";
+function parseMajor(v) {
+  const m = /^v?(\d+)\./.exec(v);
+  return m ? Number(m[1]) : NaN;
+}
+function defaultGitShaResolver(cwd) {
+  return new Promise((resolve) => {
+    const child = spawn("git", ["rev-parse", "--short", "HEAD"], { cwd, timeout: 2e3 });
+    let out = "";
+    child.stdout?.on("data", (d) => {
+      out += d.toString();
+    });
+    child.on("close", (code) => resolve(code === 0 ? out.trim() : null));
+    child.on("error", () => resolve(null));
+  });
+}
+function getPackageJsonCandidates(baseDir) {
+  const candidates = [];
+  if (baseDir) {
+    candidates.push(join(baseDir, "mcp", "package.json"));
+    candidates.push(join(baseDir, "package.json"));
+  }
+  const metaUrl = import.meta.url ?? null;
+  if (metaUrl) {
+    try {
+      candidates.push(fileURLToPath(new URL("../../package.json", metaUrl)));
+    } catch {
+    }
+    try {
+      candidates.push(fileURLToPath(new URL("../package.json", metaUrl)));
+    } catch {
+    }
+  }
+  return candidates;
+}
+async function run(opts = {}) {
+  const results = [];
+  const nodeVersion = opts.nodeVersionOverride ?? process.version;
+  const major = parseMajor(nodeVersion);
+  results.push({
+    category: CATEGORY,
+    name: "node-version",
+    status: major >= 20 ? "pass" : "fail",
+    message: `Node.js ${nodeVersion}`,
+    hint: major >= 20 ? void 0 : "Upgrade to Node 20 or later (https://nodejs.org)."
+  });
+  results.push({ category: CATEGORY, name: "platform", status: "pass", message: `${process.platform} ${process.arch}` });
+  results.push({ category: CATEGORY, name: "arch", status: "pass", message: process.arch });
+  let version = "0.0.0";
+  for (const pkgPath of getPackageJsonCandidates(opts.baseDir)) {
+    try {
+      const pkg = JSON.parse(readFileSync(pkgPath, "utf8"));
+      if (pkg.name === "perplexity-user-mcp" && pkg.version) {
+        version = pkg.version;
+        break;
+      }
+    } catch {
+    }
+  }
+  results.push({
+    category: CATEGORY,
+    name: "package-version",
+    status: "pass",
+    message: `perplexity-user-mcp ${version}`,
+    detail: { version }
+  });
+  const gitDir = opts.gitDirOverride ?? join(process.cwd(), ".git");
+  const resolver = opts.gitShaResolverOverride ?? defaultGitShaResolver;
+  if (!existsSync(gitDir)) {
+    results.push({ category: CATEGORY, name: "git-sha", status: "skip", message: "not a git checkout" });
+  } else {
+    const sha = await resolver(process.cwd());
+    if (sha) {
+      results.push({ category: CATEGORY, name: "git-sha", status: "pass", message: sha });
+    } else {
+      results.push({ category: CATEGORY, name: "git-sha", status: "skip", message: "git not on PATH" });
+    }
+  }
+  return results;
+}
+export {
+  run
+};

package/dist/checks/vault.d.ts

@@ -0,0 +1,101 @@
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+
+const CATEGORY = "vault";
+
+async function tryKeychain() {
+  try {
+    const mod = await import('keytar');
+    const keytar = mod.default ?? mod;
+    const hex = await keytar.getPassword("perplexity-user-mcp", "vault-master-key");
+    return { available: true, hasKey: !!hex };
+  } catch {
+    return { available: false, hasKey: false };
+  }
+}
+
+function keychainExpected() {
+  return process.platform === "win32" || process.platform === "darwin" ||
+    (process.platform === "linux" && !process.env.CI);
+}
+
+async function run(opts = {}) {
+  const results = [];
+  const dir = opts.configDir;
+  const profile = opts.profile ?? "default";
+  const enc = join(dir, "profiles", profile, "vault.enc");
+  const plain = join(dir, "profiles", profile, "vault.json");
+  const envPass = process.env.PERPLEXITY_VAULT_PASSPHRASE;
+  const kc = await tryKeychain();
+
+  // Encryption mode (separate from unseal path so plaintext opt-out is always a warn, not a skip).
+  if (existsSync(plain)) {
+    results.push({
+      category: CATEGORY,
+      name: "encryption",
+      status: "warn",
+      message: "plaintext vault.json (security.encryptCookies=false)",
+      hint: "Re-run login without --plain-cookies to enable AES-256-GCM at rest.",
+    });
+  } else if (existsSync(enc)) {
+    results.push({ category: CATEGORY, name: "encryption", status: "pass", message: "AES-256-GCM (vault.enc)" });
+  } else {
+    results.push({ category: CATEGORY, name: "encryption", status: "skip", message: "no vault yet" });
+  }
+
+  // Unseal path resolution, matching vault.js getMasterKey() priority.
+  if (kc.hasKey) {
+    results.push({ category: CATEGORY, name: "unseal-path", status: "pass", message: "OS keychain holds master key" });
+    if (envPass) {
+      results.push({
+        category: CATEGORY,
+        name: "keychain-preferred",
+        status: "warn",
+        message: "PERPLEXITY_VAULT_PASSPHRASE is also set — keychain wins, but consider removing the env var",
+      });
+    }
+  } else if (envPass) {
+    const hasKc = kc.available;
+    results.push({
+      category: CATEGORY,
+      name: "unseal-path",
+      status: "pass",
+      message: `env var ${hasKc ? "(keychain available but empty)" : "(keychain unavailable — expected on headless Linux)"}`,
+    });
+    if (hasKc) {
+      results.push({
+        category: CATEGORY,
+        name: "keychain-preferred",
+        status: "warn",
+        message: "keychain is available — moving the master key there would remove the passphrase from IDE config files",
+        hint: "Run `npx perplexity-user-mcp login` once with the env var unset; the key will be written to keychain.",
+      });
+    } else {
+      results.push({ category: CATEGORY, name: "keychain-preferred", status: "skip", message: "keychain not applicable" });
+    }
+  } else {
+    // No keychain, no env var.
+    if (!existsSync(enc) && !existsSync(plain)) {
+      results.push({ category: CATEGORY, name: "unseal-path", status: "skip", message: "no vault to unseal yet" });
+    } else if (existsSync(plain)) {
+      results.push({ category: CATEGORY, name: "unseal-path", status: "pass", message: "plaintext — no key required" });
+    } else {
+      const ttyLikely = process.stdin?.isTTY === true;
+      results.push({
+        category: CATEGORY,
+        name: "unseal-path",
+        status: ttyLikely ? "warn" : "fail",
+        message: ttyLikely
+          ? "no keychain, no env var — TTY prompt will be required on next use"
+          : "vault locked: no keychain, no env var, no TTY",
+        hint: keychainExpected()
+          ? "Install libsecret+gnome-keyring (Linux), or set PERPLEXITY_VAULT_PASSPHRASE."
+          : "Set PERPLEXITY_VAULT_PASSPHRASE in your MCP config env.",
+      });
+    }
+  }
+
+  return results;
+}
+
+export { run };