recoder-code 2.5.0 → 2.5.2

package/dist/src/commands/agents/marketplace.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Agent marketplace - Share and discover custom agents
+ */
+export declare function browseMarketplace(): Promise<void>;
+export declare function shareAgent(): Promise<void>;

package/dist/src/commands/agents/marketplace.js

@@ -0,0 +1,151 @@
+/**
+ * Agent marketplace - Share and discover custom agents
+ */
+import inquirer from 'inquirer';
+import chalk from 'chalk';
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+const AGENTS_DIR_PROJECT = '.recoder/agents';
+const AGENTS_DIR_USER = path.join(os.homedir(), '.recoder-code', 'agents');
+const MARKETPLACE_URL = 'https://recoder.xyz/api/agents';
+export async function browseMarketplace() {
+    console.log(chalk.bold.cyan('\n🏪 Agent Marketplace\n'));
+    console.log(chalk.gray('Discover and install community agents\n'));
+    try {
+        // Fetch agents from marketplace
+        const response = await fetch(`${MARKETPLACE_URL}/list`);
+        if (!response.ok) {
+            throw new Error('Failed to fetch agents');
+        }
+        const agents = await response.json();
+        if (agents.length === 0) {
+            console.log(chalk.yellow('No agents available yet'));
+            console.log(chalk.gray('Be the first to share: recoder agents share'));
+            return;
+        }
+        const choices = agents.map(a => ({
+            name: `${a.name} - ${a.description} ${chalk.gray(`(by ${a.author})`)}`,
+            value: a.id,
+        }));
+        const { agentId } = await inquirer.prompt([
+            {
+                type: 'list',
+                name: 'agentId',
+                message: 'Select an agent to install:',
+                choices,
+                pageSize: 10,
+            },
+        ]);
+        const agent = agents.find(a => a.id === agentId);
+        if (!agent)
+            return;
+        const { location } = await inquirer.prompt([
+            {
+                type: 'list',
+                name: 'location',
+                message: 'Install location:',
+                choices: [
+                    { name: 'Project (.recoder/agents/)', value: 'project' },
+                    { name: 'User (~/.recoder-code/agents/)', value: 'user' },
+                ],
+            },
+        ]);
+        await installAgent(agent, location);
+        console.log(chalk.green(`\n✅ Installed: ${agent.name}`));
+        console.log(chalk.cyan('💡 Usage:'));
+        console.log(chalk.gray(`   In chat: "Let the ${agent.name} agent help"`));
+    }
+    catch (err) {
+        console.log(chalk.red(`\n❌ Error: ${err.message}`));
+        console.log(chalk.gray('Marketplace coming soon!'));
+    }
+}
+export async function shareAgent() {
+    console.log(chalk.bold.cyan('\n📤 Share Agent to Marketplace\n'));
+    // List local agents
+    const localAgents = [];
+    if (fs.existsSync(AGENTS_DIR_PROJECT)) {
+        fs.readdirSync(AGENTS_DIR_PROJECT)
+            .filter(f => f.endsWith('.md'))
+            .forEach(f => localAgents.push(`project:${f.replace('.md', '')}`));
+    }
+    if (fs.existsSync(AGENTS_DIR_USER)) {
+        fs.readdirSync(AGENTS_DIR_USER)
+            .filter(f => f.endsWith('.md'))
+            .forEach(f => localAgents.push(`user:${f.replace('.md', '')}`));
+    }
+    if (localAgents.length === 0) {
+        console.log(chalk.yellow('No custom agents found'));
+        console.log(chalk.gray('Create one first: recoder agents new'));
+        return;
+    }
+    const { agent } = await inquirer.prompt([
+        {
+            type: 'list',
+            name: 'agent',
+            message: 'Select agent to share:',
+            choices: localAgents,
+        },
+    ]);
+    const [location, name] = agent.split(':');
+    const dir = location === 'project' ? AGENTS_DIR_PROJECT : AGENTS_DIR_USER;
+    const filePath = path.join(dir, `${name}.md`);
+    const content = fs.readFileSync(filePath, 'utf-8');
+    // Parse frontmatter
+    const match = content.match(/^---\n([\s\S]*?)\n---\n([\s\S]*)$/);
+    if (!match) {
+        console.log(chalk.red('Invalid agent format'));
+        return;
+    }
+    const frontmatter = match[1];
+    const description = frontmatter.match(/description: (.+)/)?.[1] || 'No description';
+    const { author, confirm } = await inquirer.prompt([
+        {
+            type: 'input',
+            name: 'author',
+            message: 'Your name:',
+            validate: (input) => input.length > 0 || 'Name required',
+        },
+        {
+            type: 'confirm',
+            name: 'confirm',
+            message: `Share "${name}" to marketplace?`,
+            default: true,
+        },
+    ]);
+    if (!confirm) {
+        console.log(chalk.yellow('\n❌ Cancelled'));
+        return;
+    }
+    try {
+        const response = await fetch(`${MARKETPLACE_URL}/share`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                name,
+                description,
+                author,
+                content,
+                version: '1.0.0',
+            }),
+        });
+        if (!response.ok) {
+            throw new Error('Failed to share agent');
+        }
+        console.log(chalk.green(`\n✅ Agent shared successfully!`));
+        console.log(chalk.gray('   View at: https://recoder.xyz/agents'));
+    }
+    catch (err) {
+        console.log(chalk.red(`\n❌ Error: ${err.message}`));
+        console.log(chalk.gray('Marketplace coming soon!'));
+    }
+}
+async function installAgent(agent, location) {
+    const dir = location === 'project' ? AGENTS_DIR_PROJECT : AGENTS_DIR_USER;
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    const filePath = path.join(dir, `${agent.name}.md`);
+    fs.writeFileSync(filePath, agent.content, 'utf-8');
+}

package/dist/src/commands/agents.js

@@ -4,10 +4,21 @@
 import chalk from 'chalk';
 import { listAgents, createAgentFromTemplate } from './agents/list.js';
 import { createAgent } from './agents/create.js';
+import { browseMarketplace, shareAgent } from './agents/marketplace.js';
+import { RecoderAuthService } from '../services/RecoderAuthService.js';
+async function requireAuth() {
+    const authService = new RecoderAuthService();
+    const session = await authService.getSession();
+    if (!session) {
+        console.error('❌ Please login first: recoder auth login');
+        process.exit(1);
+    }
+}
 const listCommand = {
     command: 'list',
     describe: 'List all available agents',
     handler: async () => {
+        await requireAuth();
         await listAgents();
         process.exit(0);
     },
@@ -16,10 +27,29 @@ const createInteractiveCommand = {
     command: 'new',
     describe: 'Create a custom agent interactively',
     handler: async () => {
+        await requireAuth();
         await createAgent();
         process.exit(0);
     },
 };
+const marketplaceCommand = {
+    command: 'browse',
+    describe: 'Browse agent marketplace',
+    handler: async () => {
+        await requireAuth();
+        await browseMarketplace();
+        process.exit(0);
+    },
+};
+const shareCommand = {
+    command: 'share',
+    describe: 'Share your agent to marketplace',
+    handler: async () => {
+        await requireAuth();
+        await shareAgent();
+        process.exit(0);
+    },
+};
 const createCommand = {
     command: 'create <name>',
     describe: 'Create a new agent from template',
@@ -38,6 +68,7 @@ const createCommand = {
         default: 'project',
     }),
     handler: async (argv) => {
+        await requireAuth();
         const location = argv.location === 'user' ? 'user' : 'project';
         const filePath = createAgentFromTemplate(argv.template || 'coder', argv.name, location);
         if (filePath) {
@@ -59,10 +90,13 @@ export const agentsCommand = {
     builder: (yargs) => yargs
         .command(listCommand)
         .command(createInteractiveCommand)
+        .command(marketplaceCommand)
+        .command(shareCommand)
         .command(createCommand)
         .demandCommand(0)
         .version(false),
     handler: async () => {
+        await requireAuth();
         await listAgents();
         process.exit(0);
     },

package/dist/src/commands/configure.js

@@ -4,10 +4,18 @@
 import * as readline from 'readline';
 import { getProviderRegistry } from '../providers/registry.js';
 import { BUILTIN_PROVIDERS } from '../providers/types.js';
+import { RecoderAuthService } from '../services/RecoderAuthService.js';
 export const configureCommand = {
     command: 'configure',
     describe: 'Interactive configuration wizard',
     handler: async () => {
+        // Require authentication
+        const authService = new RecoderAuthService();
+        const session = await authService.getSession();
+        if (!session) {
+            console.error('❌ Please login first: recoder auth login');
+            process.exit(1);
+        }
         const rl = readline.createInterface({
             input: process.stdin,
             output: process.stdout,

package/dist/src/commands/connect-cmd.js

@@ -2,10 +2,18 @@
  * Connect command module - Add custom providers interactively
  */
 import { connectProvider } from './connect.js';
+import { RecoderAuthService } from '../services/RecoderAuthService.js';
 export const connectCommand = {
     command: 'connect',
     describe: 'Add a custom AI provider (LM Studio, vLLM, etc.)',
     handler: async () => {
+        // Require authentication
+        const authService = new RecoderAuthService();
+        const session = await authService.getSession();
+        if (!session) {
+            console.error('❌ Please login first: recoder auth login');
+            process.exit(1);
+        }
         await connectProvider();
         process.exit(0);
     },

package/dist/src/commands/hints.js

@@ -3,10 +3,20 @@
  */
 import chalk from 'chalk';
 import { loadHints, createHintsFile, hasHints } from '../utils/hints.js';
+import { RecoderAuthService } from '../services/RecoderAuthService.js';
+async function requireAuth() {
+    const authService = new RecoderAuthService();
+    const session = await authService.getSession();
+    if (!session) {
+        console.error('❌ Please login first: recoder auth login');
+        process.exit(1);
+    }
+}
 const showCommand = {
     command: 'show',
     describe: 'Show current project hints',
     handler: async () => {
+        await requireAuth();
         const hints = loadHints();
         if (hints) {
             console.log(chalk.cyan(`\n📋 Hints from ${hints.filePath}\n`));
@@ -24,6 +34,7 @@ const initCommand = {
     command: 'init',
     describe: 'Create a .recoderhints file',
     handler: async () => {
+        await requireAuth();
         if (hasHints()) {
             console.log(chalk.yellow('\n⚠️  Hints file already exists'));
             const hints = loadHints();
@@ -44,6 +55,7 @@ export const hintsCommand = {
     describe: 'Manage project hints (.recoderhints)',
     builder: (yargs) => yargs.command(showCommand).command(initCommand).demandCommand(0).version(false),
     handler: async () => {
+        await requireAuth();
         const hints = loadHints();
         if (hints) {
             console.log(chalk.cyan(`\n📋 Project hints: ${hints.filePath}`));

package/dist/src/commands/models-cmd.js

@@ -8,6 +8,15 @@ import * as os from 'os';
 import { getOllamaProvider, getOpenRouterProvider, getAnthropicProvider, getOpenAIProvider, getGroqProvider, parseModelId, } from '../providers/index.js';
 import { selectModel } from './models/select.js';
 import { compareModels } from './models/compare.js';
+import { RecoderAuthService } from '../services/RecoderAuthService.js';
+async function requireAuth() {
+    const authService = new RecoderAuthService();
+    const session = await authService.getSession();
+    if (!session) {
+        console.error('❌ Please login first: recoder auth login');
+        process.exit(1);
+    }
+}
 const CONFIG_DIR = path.join(os.homedir(), '.recoder-code');
 const CUSTOM_MODELS_FILE = path.join(CONFIG_DIR, 'custom-models.json');
 const DEFAULT_MODEL_FILE = path.join(CONFIG_DIR, 'default-model.json');
@@ -47,6 +56,7 @@ const listCommand = {
         type: 'string',
     }),
     handler: async (argv) => {
+        await requireAuth();
         console.log(chalk.bold.cyan('\n🤖 Available Models\n'));
         const defaultModel = getDefaultModel();
         if (defaultModel) {
@@ -122,6 +132,7 @@ const addCommand = {
         .option('name', { describe: 'Display name', type: 'string' })
         .option('provider', { describe: 'Provider', type: 'string' }),
     handler: async (argv) => {
+        await requireAuth();
         const parsed = parseModelId(argv.model);
         const models = loadCustomModels();
         if (models.some((m) => m.id === argv.model)) {
@@ -143,6 +154,7 @@ const removeCommand = {
     describe: 'Remove a custom model',
     builder: (yargs) => yargs.positional('model', { describe: 'Model ID', type: 'string', demandOption: true }),
     handler: async (argv) => {
+        await requireAuth();
         const models = loadCustomModels();
         const filtered = models.filter((m) => m.id !== argv.model);
         if (filtered.length === models.length) {
@@ -159,6 +171,7 @@ const setDefaultCommand = {
     describe: 'Set default model',
     builder: (yargs) => yargs.positional('model', { describe: 'Model ID', type: 'string', demandOption: true }),
     handler: async (argv) => {
+        await requireAuth();
         setDefaultModel(argv.model);
         console.log(chalk.green(`\n✓ Default model set to ${argv.model}\n`));
         process.exit(0);
@@ -168,6 +181,7 @@ const selectCommand = {
     command: 'select',
     describe: 'Interactive model selection with fuzzy search',
     handler: async () => {
+        await requireAuth();
         await selectModel();
         process.exit(0);
     },
@@ -176,6 +190,7 @@ const compareCommand = {
     command: 'compare',
     describe: 'Compare multiple models side-by-side',
     handler: async () => {
+        await requireAuth();
         await compareModels();
         process.exit(0);
     },

package/dist/src/commands/providers/config.d.ts

@@ -1,4 +1,4 @@
 /**
- * Providers config command - Configure API keys
+ * Providers config command - Configure API keys with secure storage
  */
 export declare function configureProvider(provider?: string): Promise<void>;

package/dist/src/commands/providers/config.js

@@ -1,11 +1,12 @@
 /**
- * Providers config command - Configure API keys
+ * Providers config command - Configure API keys with secure storage
  */
 import chalk from 'chalk';
 import * as fs from 'fs';
 import * as path from 'path';
 import * as os from 'os';
 import * as readline from 'readline';
+import { SecureKeyStorage } from '../../utils/secure-storage.js';
 const CONFIG_DIR = path.join(os.homedir(), '.recoder-code');
 const ENV_FILE = path.join(CONFIG_DIR, '.env');
 export async function configureProvider(provider) {
@@ -19,6 +20,13 @@ export async function configureProvider(provider) {
         console.log();
         console.log(chalk.cyan('Usage: recoder providers config <provider>'));
         console.log();
+        // Show stored keys
+        const stored = await SecureKeyStorage.list();
+        if (stored.length > 0) {
+            console.log(chalk.green('Configured providers:'));
+            stored.forEach(p => console.log(chalk.gray(`  ✓ ${p}`)));
+            console.log();
+        }
         return;
     }
     const envVars = {
@@ -36,30 +44,40 @@ export async function configureProvider(provider) {
     const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
     const question = (q) => new Promise((resolve) => rl.question(q, resolve));
     console.log(chalk.bold.cyan(`\n⚙️  Configure ${provider}\n`));
+    console.log(chalk.gray('API key will be stored securely in keychain\n'));
     const apiKey = await question(chalk.white(`Enter ${envVar}: `));
     rl.close();
     if (!apiKey.trim()) {
         console.log(chalk.yellow('\nNo key provided, skipping.\n'));
         return;
     }
-    // Save to env file
-    if (!fs.existsSync(CONFIG_DIR)) {
-        fs.mkdirSync(CONFIG_DIR, { recursive: true });
-    }
-    let envContent = '';
-    if (fs.existsSync(ENV_FILE)) {
-        envContent = fs.readFileSync(ENV_FILE, 'utf-8');
-    }
-    // Update or add the key
-    const regex = new RegExp(`^${envVar}=.*$`, 'm');
-    if (regex.test(envContent)) {
-        envContent = envContent.replace(regex, `${envVar}=${apiKey.trim()}`);
+    try {
+        // Store in secure keychain
+        await SecureKeyStorage.set(provider.toLowerCase(), apiKey.trim());
+        // Also save to env file for backward compatibility
+        if (!fs.existsSync(CONFIG_DIR)) {
+            fs.mkdirSync(CONFIG_DIR, { recursive: true });
+        }
+        let envContent = '';
+        if (fs.existsSync(ENV_FILE)) {
+            envContent = fs.readFileSync(ENV_FILE, 'utf-8');
+        }
+        // Update or add the key
+        const regex = new RegExp(`^${envVar}=.*$`, 'm');
+        if (regex.test(envContent)) {
+            envContent = envContent.replace(regex, `${envVar}=${apiKey.trim()}`);
+        }
+        else {
+            envContent += `\n${envVar}=${apiKey.trim()}`;
+        }
+        fs.writeFileSync(ENV_FILE, envContent.trim() + '\n');
+        console.log(chalk.green(`\n✓ API key stored securely`));
+        console.log(chalk.gray(`  Keychain: ${process.platform === 'darwin' ? 'macOS Keychain' : 'Encrypted file'}`));
+        console.log(chalk.gray(`  Fallback: ${ENV_FILE}`));
+        console.log();
     }
-    else {
-        envContent += `\n${envVar}=${apiKey.trim()}`;
+    catch (err) {
+        console.log(chalk.red(`\n❌ Error: ${err.message}`));
+        console.log();
     }
-    fs.writeFileSync(ENV_FILE, envContent.trim() + '\n');
-    console.log(chalk.green(`\n✓ Saved to ${ENV_FILE}`));
-    console.log(chalk.gray(`  Add to shell: export ${envVar}="${apiKey.trim()}"`));
-    console.log();
 }

package/dist/src/ui/commands/docsCommand.js

@@ -12,7 +12,7 @@ export const docsCommand = {
     description: 'open full Recoder Code documentation in your browser',
     kind: CommandKind.BUILT_IN,
     action: async (context) => {
-        const docsUrl = 'https://github.com/caelum0x/recoder-code#readme';
+        const docsUrl = 'https://github.com/recoderxyz/recoder-code#readme';
         if (process.env['SANDBOX'] && process.env['SANDBOX'] !== 'sandbox-exec') {
             context.ui.addItem({
                 type: MessageType.INFO,

package/dist/src/utils/secure-storage.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Secure keychain storage for API keys
+ * Uses macOS Keychain on macOS, encrypted file on other platforms
+ */
+export declare class SecureKeyStorage {
+    /**
+     * Store API key securely
+     */
+    static set(provider: string, apiKey: string): Promise<void>;
+    /**
+     * Retrieve API key
+     */
+    static get(provider: string): Promise<string | null>;
+    /**
+     * Delete API key
+     */
+    static delete(provider: string): Promise<void>;
+    /**
+     * List all stored providers
+     */
+    static list(): Promise<string[]>;
+    private static loadEncryptedFile;
+    private static saveEncryptedFile;
+}

package/dist/src/utils/secure-storage.js

@@ -0,0 +1,150 @@
+/**
+ * Secure keychain storage for API keys
+ * Uses macOS Keychain on macOS, encrypted file on other platforms
+ */
+import { execSync } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+import crypto from 'crypto';
+const KEYCHAIN_SERVICE = 'xyz.recoder.cli';
+const ENCRYPTED_FILE = path.join(os.homedir(), '.recoder-code', '.keys.enc');
+const ALGORITHM = 'aes-256-gcm';
+function isMacOS() {
+    return process.platform === 'darwin';
+}
+function getMachineId() {
+    try {
+        if (isMacOS()) {
+            return execSync('ioreg -rd1 -c IOPlatformExpertDevice | grep IOPlatformUUID', { encoding: 'utf-8' })
+                .split('=')[1]
+                .trim()
+                .replace(/"/g, '');
+        }
+        return os.hostname() + os.userInfo().username;
+    }
+    catch {
+        return os.hostname();
+    }
+}
+function getEncryptionKey() {
+    const machineId = getMachineId();
+    return crypto.scryptSync(machineId, 'recoder-salt', 32);
+}
+export class SecureKeyStorage {
+    /**
+     * Store API key securely
+     */
+    static async set(provider, apiKey) {
+        if (isMacOS()) {
+            try {
+                // Try to delete existing first
+                try {
+                    execSync(`security delete-generic-password -s "${KEYCHAIN_SERVICE}" -a "${provider}" 2>/dev/null`);
+                }
+                catch {
+                    // Ignore if doesn't exist
+                }
+                // Add new key
+                execSync(`security add-generic-password -s "${KEYCHAIN_SERVICE}" -a "${provider}" -w "${apiKey}"`);
+            }
+            catch (err) {
+                throw new Error(`Failed to store key in keychain: ${err}`);
+            }
+        }
+        else {
+            // Encrypted file storage for non-macOS
+            const keys = this.loadEncryptedFile();
+            keys[provider] = apiKey;
+            this.saveEncryptedFile(keys);
+        }
+    }
+    /**
+     * Retrieve API key
+     */
+    static async get(provider) {
+        if (isMacOS()) {
+            try {
+                const result = execSync(`security find-generic-password -s "${KEYCHAIN_SERVICE}" -a "${provider}" -w`, { encoding: 'utf-8' });
+                return result.trim();
+            }
+            catch {
+                return null;
+            }
+        }
+        else {
+            const keys = this.loadEncryptedFile();
+            return keys[provider] || null;
+        }
+    }
+    /**
+     * Delete API key
+     */
+    static async delete(provider) {
+        if (isMacOS()) {
+            try {
+                execSync(`security delete-generic-password -s "${KEYCHAIN_SERVICE}" -a "${provider}"`);
+            }
+            catch {
+                // Ignore if doesn't exist
+            }
+        }
+        else {
+            const keys = this.loadEncryptedFile();
+            delete keys[provider];
+            this.saveEncryptedFile(keys);
+        }
+    }
+    /**
+     * List all stored providers
+     */
+    static async list() {
+        if (isMacOS()) {
+            try {
+                const result = execSync(`security dump-keychain | grep -A 1 "${KEYCHAIN_SERVICE}" | grep "acct" | cut -d'"' -f4`, { encoding: 'utf-8' });
+                return result.trim().split('\n').filter(Boolean);
+            }
+            catch {
+                return [];
+            }
+        }
+        else {
+            const keys = this.loadEncryptedFile();
+            return Object.keys(keys);
+        }
+    }
+    static loadEncryptedFile() {
+        try {
+            if (!fs.existsSync(ENCRYPTED_FILE))
+                return {};
+            const encrypted = fs.readFileSync(ENCRYPTED_FILE, 'utf-8');
+            const [ivHex, authTagHex, encryptedData] = encrypted.split(':');
+            const key = getEncryptionKey();
+            const iv = Buffer.from(ivHex, 'hex');
+            const authTag = Buffer.from(authTagHex, 'hex');
+            const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+            decipher.setAuthTag(authTag);
+            let decrypted = decipher.update(encryptedData, 'hex', 'utf-8');
+            decrypted += decipher.final('utf-8');
+            return JSON.parse(decrypted);
+        }
+        catch {
+            return {};
+        }
+    }
+    static saveEncryptedFile(keys) {
+        const dir = path.dirname(ENCRYPTED_FILE);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        const key = getEncryptionKey();
+        const iv = crypto.randomBytes(16);
+        const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+        let encrypted = cipher.update(JSON.stringify(keys), 'utf-8', 'hex');
+        encrypted += cipher.final('hex');
+        const authTag = cipher.getAuthTag();
+        const output = `${iv.toString('hex')}:${authTag.toString('hex')}:${encrypted}`;
+        fs.writeFileSync(ENCRYPTED_FILE, output, 'utf-8');
+        fs.chmodSync(ENCRYPTED_FILE, 0o600); // Owner read/write only
+    }
+}