poe-code 3.0.207 → 3.0.209

package/dist/index.js

@@ -35457,6 +35457,212 @@ var init_check_auth = __esm({
   }
 });
 
+// packages/poe-oauth/src/authorization-state.ts
+import crypto5 from "node:crypto";
+function parseAuthorizationState2(value) {
+  if (value === null || value.length === 0) {
+    return null;
+  }
+  try {
+    const decoded = Buffer.from(value, "base64url").toString("utf8");
+    const parsed = JSON.parse(decoded);
+    if (parsed.v !== 1 || typeof parsed.n !== "string" || parsed.n.length === 0 || typeof parsed.i !== "string" || parsed.i.length === 0 || typeof parsed.r !== "boolean") {
+      return null;
+    }
+    return {
+      issuer: parsed.i,
+      requireIssuer: parsed.r
+    };
+  } catch {
+    return null;
+  }
+}
+var init_authorization_state2 = __esm({
+  "packages/poe-oauth/src/authorization-state.ts"() {
+    "use strict";
+  }
+});
+
+// packages/poe-oauth/src/loopback-authorization.ts
+import http2 from "node:http";
+async function createLoopbackAuthorizationSession2(options = {}) {
+  const callbackPath = options.callbackPath ?? "/callback";
+  const server = options.createServer ? options.createServer() : http2.createServer();
+  const port = await startServer2(server);
+  const redirectUri = `http://127.0.0.1:${port}${callbackPath}`;
+  return {
+    redirectUri,
+    async waitForCode(authorizationUrl) {
+      return waitForAuthorizationCode2(server, authorizationUrl, options, callbackPath);
+    },
+    close() {
+      server.closeAllConnections?.();
+      server.close();
+    }
+  };
+}
+async function startServer2(server) {
+  return new Promise((resolve2) => {
+    server.listen(0, "127.0.0.1", () => {
+      const address = server.address();
+      resolve2(address.port);
+    });
+  });
+}
+function waitForAuthorizationCode2(server, authorizationUrl, options, callbackPath) {
+  const expectedAuthorization = readExpectedAuthorizationCallback2(authorizationUrl);
+  return new Promise((resolve2, reject) => {
+    let settled = false;
+    const settle = (fn) => {
+      if (!settled) {
+        settled = true;
+        fn();
+      }
+    };
+    server.on("request", (req, res) => {
+      const url = new URL(req.url ?? "/", "http://127.0.0.1");
+      if (url.pathname !== callbackPath) {
+        res.writeHead(404);
+        res.end("Not found");
+        return;
+      }
+      const error2 = url.searchParams.get("error");
+      if (error2 !== null) {
+        const description = url.searchParams.get("error_description") ?? error2;
+        res.writeHead(400);
+        res.end(`Authorization failed: ${description}`);
+        settle(() => reject(new Error(`OAuth authorization failed: ${error2} \u2014 ${description}`)));
+        return;
+      }
+      try {
+        const code = validateAuthorizationCallbackParameters2({
+          code: url.searchParams.get("code"),
+          state: url.searchParams.get("state"),
+          iss: url.searchParams.get("iss")
+        }, expectedAuthorization);
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(buildSuccessPage2(options.landingPage));
+        settle(() => resolve2(code));
+      } catch (error3) {
+        res.writeHead(400);
+        res.end(error3 instanceof Error ? error3.message : "Invalid OAuth callback");
+        settle(() => reject(error3 instanceof Error ? error3 : new Error(String(error3))));
+      }
+    });
+    if (options.readLine !== void 0) {
+      options.readLine().then((input) => {
+        const callbackParameters = extractCallbackParametersFromInput2(input);
+        if (callbackParameters === null) {
+          settle(() => reject(new Error("OAuth callback missing authorization code")));
+          return;
+        }
+        try {
+          const code = validateAuthorizationCallbackParameters2(
+            callbackParameters,
+            expectedAuthorization
+          );
+          settle(() => resolve2(code));
+        } catch (error2) {
+          settle(() => reject(error2 instanceof Error ? error2 : new Error(String(error2))));
+        }
+      }).catch(() => void 0);
+    }
+    if (options.openBrowser !== void 0) {
+      options.openBrowser(authorizationUrl).catch((error2) => {
+        settle(() => reject(error2));
+      });
+    }
+  });
+}
+function extractCallbackParametersFromInput2(input) {
+  const trimmed = input.replaceAll("\r", "").replaceAll("\n", "").trim();
+  if (trimmed.length === 0) {
+    return null;
+  }
+  try {
+    const url = new URL(trimmed);
+    return {
+      code: url.searchParams.get("code"),
+      state: url.searchParams.get("state"),
+      iss: url.searchParams.get("iss")
+    };
+  } catch {
+    return {
+      code: trimmed,
+      state: null,
+      iss: null
+    };
+  }
+}
+function readExpectedAuthorizationCallback2(authorizationUrl) {
+  const url = new URL(authorizationUrl);
+  const state = url.searchParams.get("state");
+  const parsedState = parseAuthorizationState2(state);
+  return {
+    state,
+    issuer: parsedState?.issuer ?? null,
+    requireIssuer: parsedState?.requireIssuer ?? false
+  };
+}
+function validateAuthorizationCallbackParameters2(callback, expected) {
+  if (callback.code === null || callback.code.length === 0) {
+    throw new Error("OAuth callback missing authorization code");
+  }
+  if (expected.state !== null) {
+    if (callback.state === null || callback.state.length === 0) {
+      throw new Error("OAuth callback missing state");
+    }
+    if (callback.state !== expected.state) {
+      throw new Error("OAuth callback state mismatch");
+    }
+  }
+  if (expected.requireIssuer) {
+    if (callback.iss === null || callback.iss.length === 0) {
+      throw new Error("OAuth callback missing issuer");
+    }
+  }
+  if (callback.iss !== null && callback.iss.length > 0 && expected.issuer !== null && callback.iss !== expected.issuer) {
+    throw new Error("OAuth callback issuer mismatch");
+  }
+  return callback.code;
+}
+function escapeHtml2(text5) {
+  return text5.replaceAll("&", "&amp;").replaceAll("<", "&lt;").replaceAll(">", "&gt;").replaceAll('"', "&quot;");
+}
+function buildSuccessPage2(landingPage) {
+  const title = landingPage?.title ?? "Connected";
+  const body = landingPage?.body ?? "You can close this tab and return to your terminal.";
+  return [
+    "<!DOCTYPE html>",
+    `<html><head><meta charset=utf-8><title>${escapeHtml2(title)}</title></head>`,
+    '<body style="font-family:system-ui,sans-serif;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0">',
+    '<div style="text-align:center">',
+    `<h1>${escapeHtml2(title)}</h1>`,
+    `<p style="color:#666">${escapeHtml2(body)}</p>`,
+    "</div></body></html>"
+  ].join("");
+}
+var init_loopback_authorization2 = __esm({
+  "packages/poe-oauth/src/loopback-authorization.ts"() {
+    "use strict";
+    init_authorization_state2();
+  }
+});
+
+// packages/poe-oauth/src/pkce.ts
+import crypto6 from "node:crypto";
+function generateCodeVerifier2() {
+  return crypto6.randomBytes(32).toString("base64url");
+}
+function generateCodeChallenge2(verifier) {
+  return crypto6.createHash("sha256").update(verifier).digest("base64url");
+}
+var init_pkce2 = __esm({
+  "packages/poe-oauth/src/pkce.ts"() {
+    "use strict";
+  }
+});
+
 // packages/poe-oauth/src/oauth-client.ts
 function createOAuthClient(config) {
   const fetchFn = config.fetch ?? globalThis.fetch;
@@ -35464,15 +35670,15 @@ function createOAuthClient(config) {
     authorize: () => startAuthorization(config, fetchFn)
   };
 }
-function generateCodeVerifier2() {
-  return generateCodeVerifier();
+function generateCodeVerifier3() {
+  return generateCodeVerifier2();
 }
 async function startAuthorization(config, fetchFn) {
   const authorizationEndpoint = config.authorizationEndpoint ?? DEFAULT_AUTHORIZATION_ENDPOINT;
   const tokenEndpoint = config.tokenEndpoint ?? DEFAULT_TOKEN_ENDPOINT;
-  const codeVerifier = generateCodeVerifier2();
-  const codeChallenge = generateCodeChallenge(codeVerifier);
-  const loopbackSession = await createLoopbackAuthorizationSession({
+  const codeVerifier = generateCodeVerifier3();
+  const codeChallenge = generateCodeChallenge2(codeVerifier);
+  const loopbackSession = await createLoopbackAuthorizationSession2({
     openBrowser: config.openBrowser,
     readLine: config.readLine,
     createServer: config.createServer,
@@ -35559,7 +35765,8 @@ var DEFAULT_AUTHORIZATION_ENDPOINT, DEFAULT_TOKEN_ENDPOINT;
 var init_oauth_client = __esm({
   "packages/poe-oauth/src/oauth-client.ts"() {
     "use strict";
-    init_dist();
+    init_loopback_authorization2();
+    init_pkce2();
     DEFAULT_AUTHORIZATION_ENDPOINT = "https://poe.com/oauth/authorize";
     DEFAULT_TOKEN_ENDPOINT = "https://api.poe.com/token";
   }
@@ -36894,6 +37101,7 @@ function spawn8(service, promptOrOptions, maybeOptions) {
   })();
   const result = (async () => {
     let workspace;
+    let integrations = null;
     try {
       workspace = await resolveSpawnWorkspace(options.cwd, {
         baseDir: process.cwd(),
@@ -36911,12 +37119,16 @@ function spawn8(service, promptOrOptions, maybeOptions) {
       if (!process.env.POE_API_KEY || process.env.POE_API_KEY.trim().length === 0) {
         process.env.POE_API_KEY = resolvedApiKey;
       }
-      let container;
-      const getContainer = () => {
-        container ??= createSdkContainer({ cwd });
-        return container;
-      };
-      const resolveModel3 = async () => options.model ?? await resolveConfiguredModel(getContainer(), service);
+      const container = createSdkContainer({ cwd });
+      integrations = await loadIntegrations(await resolveMergedDocument(container));
+      const middlewares = [
+        sessionCapture,
+        usageCapture,
+        spawnLog,
+        ...integrations?.spawnMiddleware ? [integrations.spawnMiddleware] : [],
+        ...options.middlewares ?? []
+      ];
+      const resolveModel3 = async () => options.model ?? await resolveConfiguredModel(container, service);
       const runtimeOverrides = pickRuntimeOverrides(options);
       const hasRuntimeOverrides = Object.keys(runtimeOverrides).length > 0;
       if (options.interactive) {
@@ -36970,10 +37182,7 @@ function spawn8(service, promptOrOptions, maybeOptions) {
           cwd: options.cwd,
           startedAt: /* @__PURE__ */ new Date()
         };
-        await applyMiddlewares(
-          [sessionCapture, usageCapture, spawnLog, ...options.middlewares ?? []],
-          middlewareContext
-        );
+        await applyMiddlewares(middlewares, middlewareContext);
         resolveEventsOnce(middlewareContext.eventStream ?? emptyEvents);
         const final = await done;
         const threadId = middlewareContext.threadId ?? final.threadId;
@@ -37023,10 +37232,7 @@ function spawn8(service, promptOrOptions, maybeOptions) {
           cwd,
           startedAt: /* @__PURE__ */ new Date()
         };
-        await applyMiddlewares(
-          [sessionCapture, usageCapture, spawnLog, ...options.middlewares ?? []],
-          middlewareContext
-        );
+        await applyMiddlewares(middlewares, middlewareContext);
         resolveEventsOnce(middlewareContext.eventStream ?? emptyEvents);
         const final = await done;
         const threadId = middlewareContext.threadId ?? final.threadId;
@@ -37063,7 +37269,7 @@ function spawn8(service, promptOrOptions, maybeOptions) {
       }
       resolveEventsOnce(emptyEvents);
       const model = await resolveModel3();
-      return spawnCore(getContainer(), service, {
+      return spawnCore(container, service, {
         prompt: options.prompt,
         cwd,
         model,
@@ -37077,6 +37283,7 @@ function spawn8(service, promptOrOptions, maybeOptions) {
       resolveEventsOnce(emptyEvents);
       throw error2;
     } finally {
+      await integrations?.shutdown();
       await workspace?.cleanup?.();
     }
   })();
@@ -37112,6 +37319,8 @@ var init_spawn4 = __esm({
     await init_container();
     init_autonomous2();
     init_src12();
+    init_src18();
+    init_shared();
     init_resolve_spawn_workspace();
     spawn8.pretty = async function pretty(service, promptOrOptions, maybeOptions) {
       const { events, result } = spawn8(service, promptOrOptions, maybeOptions);
@@ -51836,6 +52045,7 @@ function collectFields(schema2, casing, globalLongOptionFlags, path108 = [], inh
       hasDefault: childSchema.default !== void 0,
       defaultValue: childSchema.default,
       requiredWhenActive,
+      global: childSchema.global === true ? true : void 0,
       variantId: variantContext?.id,
       variantBranchId: variantContext?.branchId
     });
@@ -52387,7 +52597,7 @@ function formatCommandDynamicParameterTokens(field, casing) {
 function formatCommandParameterTokens(command, casing, globalLongOptionFlags) {
   const collected = collectFields(command.params, casing, globalLongOptionFlags);
   const fields = assignPositionals(collected.fields, command.positional);
-  return fields.map(
+  return fields.filter((field) => field.global !== true).map(
     (field) => wrapOptionalCommandParameterToken(
       formatHelpFieldFlags(field, globalLongOptionFlags),
       field.positionalIndex === void 0 && (field.optional || field.hasDefault)
@@ -52424,6 +52634,10 @@ function formatGlobalOptionRows(ctx) {
     {
       flags: "--output <format>",
       description: "Output format: rich, md, json."
+    },
+    {
+      flags: "--debug",
+      description: "Print stack traces for unexpected errors."
     }
   );
   if (ctx.showVersion) {
@@ -52434,6 +52648,33 @@ function formatGlobalOptionRows(ctx) {
   }
   return rows;
 }
+function collectSchemaGlobalFieldRows(group, scope, casing, globalLongOptionFlags) {
+  const seen = /* @__PURE__ */ new Map();
+  const visit = (node) => {
+    if (node.kind === "command") {
+      const collected = collectFields(node.params, casing, globalLongOptionFlags);
+      for (const field of collected.fields) {
+        if (field.global !== true) {
+          continue;
+        }
+        const dedupeKey = `${field.optionFlag}|${field.shortFlag ?? ""}`;
+        if (seen.has(dedupeKey)) {
+          continue;
+        }
+        seen.set(dedupeKey, {
+          flags: formatHelpFieldFlags(field, globalLongOptionFlags),
+          description: formatHelpFieldDescription(field)
+        });
+      }
+      return;
+    }
+    for (const child of getVisibleChildren(node, scope)) {
+      visit(child);
+    }
+  };
+  visit(group);
+  return [...seen.values()];
+}
 function renderHelpSections(sections) {
   return sections.filter((section) => section.length > 0).join("\n\n");
 }
@@ -52450,7 +52691,7 @@ function buildUsageLine(breadcrumb, rootUsageName, suffix) {
   const tokens = [rootUsageName, subPath, suffix].filter((segment) => segment.length > 0);
   return tokens.join(" ");
 }
-function renderGroupHelp(group, breadcrumb, scope, casing, globalOptions, rootUsageName) {
+function renderGroupHelp(group, breadcrumb, scope, casing, globalOptions, rootUsageName, isRoot) {
   const sections = [];
   const globalLongOptionFlags = getGlobalLongOptionFlags(globalOptions.presetsEnabled);
   const commandRows = formatCommandRows(group, scope, casing, globalLongOptionFlags);
@@ -52458,14 +52699,20 @@ function renderGroupHelp(group, breadcrumb, scope, casing, globalOptions, rootUs
     sections.push(`${text.sectionHeader("Commands")}
 ${formatHelpCommandList(commandRows)}`);
   }
-  sections.push(
-    `${text.sectionHeader("Options")}
-${formatHelpOptionList(formatGlobalOptionRows(globalOptions))}`
-  );
+  if (isRoot) {
+    const globalRows = [
+      ...formatGlobalOptionRows(globalOptions),
+      ...collectSchemaGlobalFieldRows(group, scope, casing, globalLongOptionFlags)
+    ];
+    sections.push(
+      `${text.sectionHeader("Global options")}
+${formatHelpOptionList(globalRows)}`
+    );
+  }
   return renderHelpDocument({
     breadcrumb,
     rootUsageName,
-    usageLine: buildUsageLine(breadcrumb, rootUsageName, "[command] [options]"),
+    usageLine: buildUsageLine(breadcrumb, rootUsageName, "[command] [OPTIONS]"),
     description: group.description,
     requiresAuth: group.requires?.auth === true,
     sections
@@ -52476,7 +52723,7 @@ function renderLeafHelp(command, breadcrumb, casing, globalOptions, rootUsageNam
   const globalLongOptionFlags = getGlobalLongOptionFlags(globalOptions.presetsEnabled);
   const collected = collectFields(command.params, casing, globalLongOptionFlags);
   const fields = assignPositionals(collected.fields, command.positional);
-  const optionRows = fields.map((field) => ({
+  const optionRows = fields.filter((field) => field.global !== true).map((field) => ({
     flags: formatHelpFieldFlags(field, globalLongOptionFlags),
     description: formatHelpFieldDescription(field)
   })).concat(collected.dynamicFields.flatMap((field) => formatDynamicHelpFields(field, casing)));
@@ -52484,10 +52731,6 @@ function renderLeafHelp(command, breadcrumb, casing, globalOptions, rootUsageNam
     sections.push(`${text.sectionHeader("Options")}
 ${formatHelpOptionList(optionRows)}`);
   }
-  sections.push(
-    `${text.sectionHeader("Options")}
-${formatHelpOptionList(formatGlobalOptionRows(globalOptions))}`
-  );
   const secretRows = formatSecretRows(command.secrets);
   if (secretRows.length > 0) {
     sections.push(
@@ -52496,7 +52739,7 @@ ${formatHelpOptionList(secretRows)}`
     );
   }
   const positionalFields = fields.filter((f) => f.positionalIndex !== void 0);
-  const usageSuffix = positionalFields.length > 0 ? `[options] ${positionalFields.map(formatPositionalToken).join(" ")}` : "[options]";
+  const usageSuffix = positionalFields.length > 0 ? `[OPTIONS] ${positionalFields.map(formatPositionalToken).join(" ")}` : "[OPTIONS]";
   return renderHelpDocument({
     breadcrumb,
     rootUsageName,
@@ -52543,7 +52786,8 @@ async function renderGeneratedHelp(root, argv, options) {
         showVersion: options.version !== void 0,
         presetsEnabled: options.presets === true
       },
-      rootUsageName
+      rootUsageName,
+      target.node === root
     ) : renderLeafHelp(
       target.node,
       target.breadcrumb,
@@ -52643,7 +52887,7 @@ function addGlobalOptions(command, presetsEnabled) {
     throw new InvalidArgumentError(
       'Invalid value for "--output". Expected one of: rich, md, markdown, json.'
     );
-  }).option("--verbose", "Print stack traces for unexpected errors.");
+  }).option("--debug", "Print stack traces for unexpected errors.");
 }
 function setNestedValue(target, path108, value) {
   let cursor = target;
@@ -53754,7 +53998,7 @@ async function executeCommand(state, services, requirementOptions, runtimeOption
     }
   });
 }
-function handleRunError(error2, verbose) {
+function handleRunError(error2, debug) {
   const logger2 = createLogger();
   if (error2 instanceof UserError) {
     logger2.error(error2.message);
@@ -53769,8 +54013,8 @@ function handleRunError(error2, verbose) {
     return;
   }
   const message2 = error2 instanceof Error ? error2.message : String(error2);
-  logger2.error(verbose ? message2 : `${message2} Use --verbose for a stack trace.`);
-  if (verbose && error2 instanceof Error && error2.stack) {
+  logger2.error(debug ? message2 : `${message2} Use --debug for a stack trace.`);
+  if (debug && error2 instanceof Error && error2.stack) {
     process.stderr.write(`${error2.stack}
 `);
   }
@@ -53835,7 +54079,7 @@ async function runCLI(roots, options = {}) {
     }
     handleRunError(
       error2,
-      lastActionCommand ? Boolean(getResolvedFlags(lastActionCommand).verbose) : process.argv.includes("--verbose")
+      lastActionCommand ? Boolean(getResolvedFlags(lastActionCommand).debug) : process.argv.includes("--debug")
     );
   }
 }
@@ -53854,7 +54098,7 @@ var init_cli = __esm({
     RESERVED_SERVICE_NAMES2 = /* @__PURE__ */ new Set(["params", "secrets", "fetch", "fs", "env", "progress"]);
     NULL_OPTION_VALUE = /* @__PURE__ */ Symbol("toolcraft.cli.null");
     HELP_FLAGS = /* @__PURE__ */ new Set(["--help", "-h"]);
-    ALWAYS_GLOBAL_LONG_OPTION_FLAGS = ["--yes", "--output", "--verbose"];
+    ALWAYS_GLOBAL_LONG_OPTION_FLAGS = ["--yes", "--output", "--debug"];
     DESIGN_SYSTEM_OUTPUT_BY_MODE = {
       rich: "terminal",
       md: "markdown",
@@ -81032,7 +81276,7 @@ var init_package2 = __esm({
   "package.json"() {
     package_default2 = {
       name: "poe-code",
-      version: "3.0.207",
+      version: "3.0.209",
       description: "CLI tool to configure Poe API for developer workflows.",
       type: "module",
       main: "./dist/index.js",