pockcode 0.0.1 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/client/assets/{index-DQn6eSCt.js → index-NZZ2Aqx9.js} +10 -10
- package/build/client/index.html +1 -1
- package/dist/assets/{api.server-D6ONM6ZJ.js → api.server-Dcqq4Zzw.js} +3 -3
- package/dist/assets/auth.server-ByhZCVHW.js +162 -0
- package/dist/assets/{chat-status-monitor.server-D2VG_D8P.js → chat-status-monitor.server-GIsx-97a.js} +1 -1
- package/dist/assets/{chats.service-H6m23Fna.js → chats.service-vjB782qi.js} +1 -1
- package/dist/assets/{manager.server-Cru4ZxHo.js → manager.server-C_G8l7U-.js} +1 -1
- package/dist/assets/{message-schedule-monitor.server-C4NZg62k.js → message-schedule-monitor.server-CAxiClld.js} +1 -1
- package/dist/assets/{message-schedules.service-Be9t4LDg.js → message-schedules.service-C5TTaPXz.js} +1 -1
- package/dist/pockcode.js +345 -39
- package/package.json +2 -2
- package/dist/assets/auth.server-B_P8Jm6O.js +0 -87
package/build/client/index.html
CHANGED
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
document.documentElement.style.colorScheme = resolvedTheme
|
|
19
19
|
})()
|
|
20
20
|
</script>
|
|
21
|
-
<script type="module" crossorigin src="/assets/index-
|
|
21
|
+
<script type="module" crossorigin src="/assets/index-NZZ2Aqx9.js"></script>
|
|
22
22
|
<link rel="stylesheet" crossorigin href="/assets/index-D7-eRInW.css">
|
|
23
23
|
</head>
|
|
24
24
|
<body>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { c as readWorkspaceTree, d as readRecordField, f as readStringField, l as HttpError, o as listWorkspaceDirectory, s as readWorkspaceResource, u as readBooleanField } from "./socket.server-7dC-9Fnw.js";
|
|
2
|
-
import { A as listProviderAdapters, B as readNumber, C as createAccount, D as readConnectedAccountLimits, E as listAccounts, F as resolveCodexAccountHome, H as ensureDatabase, I as startCodexMcpOauthLogin, L as updateCodexInstructions, N as readCodexInstructions, P as reloadCodexMcpServerConfig, R as asJsonObject, S as authenticateAccount, T as listAccountModels, U as prisma, V as readString, a as executeMessage, b as updateChat, c as interruptChatRun, f as refreshChat, g as reviewChat, h as respondToServerRequest, i as deleteQueuedChatRun, j as listCodexMcpServerStatuses, k as updateAccount, l as listChats, m as reorderQueuedChatRuns, n as compactChat, o as forkChat, r as createChat, t as archiveChat, u as listMessages, v as steerQueuedChatRun, w as deleteAccount, x as updateQueuedChatRun, z as readBoolean } from "./chats.service-
|
|
3
|
-
import { a as listMessageSchedules, c as updateMessageSchedule, i as listMessageScheduleRuns, n as createMessageSchedule, r as getMessageSchedule, t as archiveMessageSchedule } from "./message-schedules.service-
|
|
4
|
-
import { a as readPluginSetting, c as listPluginRegistrations, d as deleteWorkspaceHistory, f as listWorkspaceHistory, i as restartPlugin, l as readPluginRegistration, n as getPluginStatus, o as readPluginState, p as saveWorkspaceHistory, s as writePluginSetting, t as createPluginContext, u as verifyTelegramBotToken } from "./manager.server-
|
|
2
|
+
import { A as listProviderAdapters, B as readNumber, C as createAccount, D as readConnectedAccountLimits, E as listAccounts, F as resolveCodexAccountHome, H as ensureDatabase, I as startCodexMcpOauthLogin, L as updateCodexInstructions, N as readCodexInstructions, P as reloadCodexMcpServerConfig, R as asJsonObject, S as authenticateAccount, T as listAccountModels, U as prisma, V as readString, a as executeMessage, b as updateChat, c as interruptChatRun, f as refreshChat, g as reviewChat, h as respondToServerRequest, i as deleteQueuedChatRun, j as listCodexMcpServerStatuses, k as updateAccount, l as listChats, m as reorderQueuedChatRuns, n as compactChat, o as forkChat, r as createChat, t as archiveChat, u as listMessages, v as steerQueuedChatRun, w as deleteAccount, x as updateQueuedChatRun, z as readBoolean } from "./chats.service-vjB782qi.js";
|
|
3
|
+
import { a as listMessageSchedules, c as updateMessageSchedule, i as listMessageScheduleRuns, n as createMessageSchedule, r as getMessageSchedule, t as archiveMessageSchedule } from "./message-schedules.service-C5TTaPXz.js";
|
|
4
|
+
import { a as readPluginSetting, c as listPluginRegistrations, d as deleteWorkspaceHistory, f as listWorkspaceHistory, i as restartPlugin, l as readPluginRegistration, n as getPluginStatus, o as readPluginState, p as saveWorkspaceHistory, s as writePluginSetting, t as createPluginContext, u as verifyTelegramBotToken } from "./manager.server-C_G8l7U-.js";
|
|
5
5
|
import { realpathSync } from "node:fs";
|
|
6
6
|
import { mkdir, readFile, realpath, stat, writeFile } from "node:fs/promises";
|
|
7
7
|
import path, { join } from "node:path";
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
import { r as resolvePockcodeAuthPath, t as ensureParentDirectory } from "./runtime-paths.server-D6rRjGVb.js";
|
|
2
|
+
import { readFile, rename, writeFile } from "node:fs/promises";
|
|
3
|
+
import { createHmac, randomBytes, scrypt, timingSafeEqual } from "node:crypto";
|
|
4
|
+
import { promisify } from "node:util";
|
|
5
|
+
//#region app/server/auth.server.ts
|
|
6
|
+
var scrypt$1 = promisify(scrypt);
|
|
7
|
+
var passwordKeyLength = 64;
|
|
8
|
+
var passwordMinLength = 8;
|
|
9
|
+
var sessionCookieName = "pockcode_session";
|
|
10
|
+
var sessionMaxAgeSeconds = 3600 * 24 * 14;
|
|
11
|
+
var scryptOptions = {
|
|
12
|
+
N: 16384,
|
|
13
|
+
maxmem: 64 * 1024 * 1024,
|
|
14
|
+
p: 1,
|
|
15
|
+
r: 8
|
|
16
|
+
};
|
|
17
|
+
var authConfigCache;
|
|
18
|
+
async function hasConfiguredPassword() {
|
|
19
|
+
return Boolean(await readAuthConfig());
|
|
20
|
+
}
|
|
21
|
+
async function setupPassword(password) {
|
|
22
|
+
const normalized = password.trim();
|
|
23
|
+
if (normalized.length < passwordMinLength) throw new Error(`Password must be at least ${passwordMinLength} characters.`);
|
|
24
|
+
if (await readAuthConfig()) throw new Error("Pockcode password is already configured.");
|
|
25
|
+
const salt = randomBytes(16);
|
|
26
|
+
const key = await scrypt$1(normalized, salt, passwordKeyLength, scryptOptions);
|
|
27
|
+
const config = {
|
|
28
|
+
version: 1,
|
|
29
|
+
password: {
|
|
30
|
+
algorithm: "scrypt",
|
|
31
|
+
createdAt: (/* @__PURE__ */ new Date()).toISOString(),
|
|
32
|
+
key: key.toString("base64"),
|
|
33
|
+
keyLength: passwordKeyLength,
|
|
34
|
+
salt: salt.toString("base64"),
|
|
35
|
+
scrypt: scryptOptions
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
const authPath = resolvePockcodeAuthPath();
|
|
39
|
+
ensureParentDirectory(authPath);
|
|
40
|
+
const tmpPath = `${authPath}.${process.pid}.${Date.now()}.tmp`;
|
|
41
|
+
await writeFile(tmpPath, `${JSON.stringify(config, null, 2)}\n`, { mode: 384 });
|
|
42
|
+
await rename(tmpPath, authPath);
|
|
43
|
+
authConfigCache = config;
|
|
44
|
+
}
|
|
45
|
+
async function verifyBasicAuthorization(header) {
|
|
46
|
+
const value = Array.isArray(header) ? header[0] : header;
|
|
47
|
+
if (!value?.startsWith("Basic ")) return false;
|
|
48
|
+
let decoded = "";
|
|
49
|
+
try {
|
|
50
|
+
decoded = Buffer.from(value.slice(6), "base64").toString("utf8");
|
|
51
|
+
} catch {
|
|
52
|
+
return false;
|
|
53
|
+
}
|
|
54
|
+
const separatorIndex = decoded.indexOf(":");
|
|
55
|
+
if (separatorIndex < 0) return false;
|
|
56
|
+
return verifyPassword(decoded.slice(separatorIndex + 1));
|
|
57
|
+
}
|
|
58
|
+
async function isRequestAuthorized(req) {
|
|
59
|
+
return await verifySessionCookie(req.headers.cookie) || await verifyBasicAuthorization(req.headers.authorization);
|
|
60
|
+
}
|
|
61
|
+
async function verifyPassword(password) {
|
|
62
|
+
const config = await readAuthConfig();
|
|
63
|
+
if (!config) return false;
|
|
64
|
+
const expectedKey = Buffer.from(config.password.key, "base64");
|
|
65
|
+
const key = await scrypt$1(password, Buffer.from(config.password.salt, "base64"), config.password.keyLength, config.password.scrypt);
|
|
66
|
+
return key.length === expectedKey.length && timingSafeEqual(key, expectedKey);
|
|
67
|
+
}
|
|
68
|
+
async function createSessionCookie(req) {
|
|
69
|
+
const config = await readAuthConfig();
|
|
70
|
+
if (!config) throw new Error("Pockcode password is not configured.");
|
|
71
|
+
const payload = {
|
|
72
|
+
version: 1,
|
|
73
|
+
nonce: randomBytes(16).toString("base64url"),
|
|
74
|
+
expiresAt: Date.now() + sessionMaxAgeSeconds * 1e3
|
|
75
|
+
};
|
|
76
|
+
const encodedPayload = Buffer.from(JSON.stringify(payload), "utf8").toString("base64url");
|
|
77
|
+
return serializeCookie(sessionCookieName, `${encodedPayload}.${signSessionPayload(encodedPayload, config)}`, {
|
|
78
|
+
httpOnly: true,
|
|
79
|
+
maxAge: sessionMaxAgeSeconds,
|
|
80
|
+
path: "/",
|
|
81
|
+
sameSite: "Lax",
|
|
82
|
+
secure: isHttpsRequest(req)
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
function clearSessionCookie() {
|
|
86
|
+
return serializeCookie(sessionCookieName, "", {
|
|
87
|
+
httpOnly: true,
|
|
88
|
+
maxAge: 0,
|
|
89
|
+
path: "/",
|
|
90
|
+
sameSite: "Lax"
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
async function verifySessionCookie(header) {
|
|
94
|
+
const token = readCookie(header, sessionCookieName);
|
|
95
|
+
if (!token) return false;
|
|
96
|
+
const [encodedPayload, signature, extra] = token.split(".");
|
|
97
|
+
if (!encodedPayload || !signature || extra !== void 0) return false;
|
|
98
|
+
const config = await readAuthConfig();
|
|
99
|
+
if (!config) return false;
|
|
100
|
+
const expectedSignature = signSessionPayload(encodedPayload, config);
|
|
101
|
+
const signatureBuffer = Buffer.from(signature);
|
|
102
|
+
const expectedBuffer = Buffer.from(expectedSignature);
|
|
103
|
+
if (signatureBuffer.length !== expectedBuffer.length || !timingSafeEqual(signatureBuffer, expectedBuffer)) return false;
|
|
104
|
+
try {
|
|
105
|
+
const payload = JSON.parse(Buffer.from(encodedPayload, "base64url").toString("utf8"));
|
|
106
|
+
return payload.version === 1 && typeof payload.nonce === "string" && typeof payload.expiresAt === "number" && payload.expiresAt > Date.now();
|
|
107
|
+
} catch {
|
|
108
|
+
return false;
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
function signSessionPayload(encodedPayload, config) {
|
|
112
|
+
return createHmac("sha256", sessionSecret(config)).update(encodedPayload).digest("base64url");
|
|
113
|
+
}
|
|
114
|
+
function sessionSecret(config) {
|
|
115
|
+
return Buffer.concat([
|
|
116
|
+
Buffer.from(config.password.key, "base64"),
|
|
117
|
+
Buffer.from(config.password.salt, "base64"),
|
|
118
|
+
Buffer.from(config.password.createdAt, "utf8")
|
|
119
|
+
]);
|
|
120
|
+
}
|
|
121
|
+
function readCookie(header, name) {
|
|
122
|
+
const value = Array.isArray(header) ? header.join(";") : header;
|
|
123
|
+
if (!value) return null;
|
|
124
|
+
for (const part of value.split(";")) {
|
|
125
|
+
const separatorIndex = part.indexOf("=");
|
|
126
|
+
if (separatorIndex < 0) continue;
|
|
127
|
+
if (part.slice(0, separatorIndex).trim() !== name) continue;
|
|
128
|
+
return part.slice(separatorIndex + 1).trim() || null;
|
|
129
|
+
}
|
|
130
|
+
return null;
|
|
131
|
+
}
|
|
132
|
+
function serializeCookie(name, value, options) {
|
|
133
|
+
const parts = [`${name}=${value}`];
|
|
134
|
+
if (options.maxAge !== void 0) parts.push(`Max-Age=${Math.max(0, Math.floor(options.maxAge))}`);
|
|
135
|
+
if (options.path) parts.push(`Path=${options.path}`);
|
|
136
|
+
if (options.httpOnly) parts.push("HttpOnly");
|
|
137
|
+
if (options.sameSite) parts.push(`SameSite=${options.sameSite}`);
|
|
138
|
+
if (options.secure) parts.push("Secure");
|
|
139
|
+
return parts.join("; ");
|
|
140
|
+
}
|
|
141
|
+
function isHttpsRequest(req) {
|
|
142
|
+
return (Array.isArray(req.headers["x-forwarded-proto"]) ? req.headers["x-forwarded-proto"][0] : req.headers["x-forwarded-proto"])?.split(",")[0]?.trim() === "https" || req.socket.encrypted === true;
|
|
143
|
+
}
|
|
144
|
+
async function readAuthConfig() {
|
|
145
|
+
if (authConfigCache !== void 0) return authConfigCache;
|
|
146
|
+
const authPath = resolvePockcodeAuthPath();
|
|
147
|
+
try {
|
|
148
|
+
authConfigCache = readConfig(JSON.parse(await readFile(authPath, "utf8")));
|
|
149
|
+
} catch {
|
|
150
|
+
authConfigCache = null;
|
|
151
|
+
}
|
|
152
|
+
return authConfigCache;
|
|
153
|
+
}
|
|
154
|
+
function readConfig(value) {
|
|
155
|
+
if (!value || typeof value !== "object" || Array.isArray(value)) return null;
|
|
156
|
+
const record = value;
|
|
157
|
+
const password = record.password;
|
|
158
|
+
if (record.version !== 1 || !password || password.algorithm !== "scrypt" || typeof password.key !== "string" || typeof password.salt !== "string" || typeof password.keyLength !== "number" || !password.scrypt || typeof password.scrypt.N !== "number" || typeof password.scrypt.r !== "number" || typeof password.scrypt.p !== "number") return null;
|
|
159
|
+
return record;
|
|
160
|
+
}
|
|
161
|
+
//#endregion
|
|
162
|
+
export { clearSessionCookie, createSessionCookie, hasConfiguredPassword, isRequestAuthorized, setupPassword, verifyBasicAuthorization, verifyPassword };
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { i as publishProviderEvent, r as onWorkspaceWatchChange, t as listWatchedWorkspacePaths } from "./socket.server-7dC-9Fnw.js";
|
|
2
|
-
import { H as ensureDatabase, M as readCodexHistoryWatchPaths, U as prisma, d as publishMessageDeltas, l as listChats, p as refreshChatStatusesForWorkspaces, y as syncProviderChatsOnce } from "./chats.service-
|
|
2
|
+
import { H as ensureDatabase, M as readCodexHistoryWatchPaths, U as prisma, d as publishMessageDeltas, l as listChats, p as refreshChatStatusesForWorkspaces, y as syncProviderChatsOnce } from "./chats.service-vjB782qi.js";
|
|
3
3
|
import { watch } from "node:fs";
|
|
4
4
|
import { stat } from "node:fs/promises";
|
|
5
5
|
//#region app/server/chat-status-monitor.server.ts
|
|
@@ -2402,7 +2402,7 @@ function readCodexMessageText(value) {
|
|
|
2402
2402
|
}
|
|
2403
2403
|
function isCodexInjectedContextMessage(content) {
|
|
2404
2404
|
const trimmed = content.trimStart();
|
|
2405
|
-
return content.includes("<environment_context>") || content.includes("# AGENTS.md instructions") || trimmed.startsWith("<user_action>");
|
|
2405
|
+
return content.includes("<environment_context>") || content.includes("# AGENTS.md instructions") || trimmed.startsWith("<turn_aborted>") || trimmed.startsWith("<user_action>");
|
|
2406
2406
|
}
|
|
2407
2407
|
function codexMessageRole(value) {
|
|
2408
2408
|
if (value === "user") return "USER";
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { c as readWorkspaceTree, n as onProviderEvent, p as __exportAll } from "./socket.server-7dC-9Fnw.js";
|
|
2
|
-
import { E as listAccounts, H as ensureDatabase, T as listAccountModels, U as prisma, _ as serializeChat, a as executeMessage, b as updateChat, h as respondToServerRequest, l as listChats, s as getChat, u as listMessages } from "./chats.service-
|
|
2
|
+
import { E as listAccounts, H as ensureDatabase, T as listAccountModels, U as prisma, _ as serializeChat, a as executeMessage, b as updateChat, h as respondToServerRequest, l as listChats, s as getChat, u as listMessages } from "./chats.service-vjB782qi.js";
|
|
3
3
|
import { randomBytes, randomUUID } from "node:crypto";
|
|
4
4
|
import { Bot, InlineKeyboard } from "grammy";
|
|
5
5
|
//#region app/server/workspace-history.service.ts
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { o as processDueMessageSchedules, s as syncMessageScheduleRunStatuses } from "./message-schedules.service-
|
|
1
|
+
import { o as processDueMessageSchedules, s as syncMessageScheduleRunStatuses } from "./message-schedules.service-C5TTaPXz.js";
|
|
2
2
|
//#region app/server/message-schedule-monitor.server.ts
|
|
3
3
|
var pollMs = 3e4;
|
|
4
4
|
var started = false;
|
package/dist/assets/{message-schedules.service-Be9t4LDg.js → message-schedules.service-C5TTaPXz.js}
RENAMED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { i as publishProviderEvent, l as HttpError } from "./socket.server-7dC-9Fnw.js";
|
|
2
|
-
import { H as ensureDatabase, O as requireConnectedAccount, U as prisma, a as executeMessage, r as createChat } from "./chats.service-
|
|
2
|
+
import { H as ensureDatabase, O as requireConnectedAccount, U as prisma, a as executeMessage, r as createChat } from "./chats.service-vjB782qi.js";
|
|
3
3
|
import { randomUUID } from "node:crypto";
|
|
4
4
|
//#region app/server/message-schedules.service.ts
|
|
5
5
|
var terminalRunStatuses = new Set([
|