npm - run402 - Versions diffs - 1.33.1 → 1.34.0 - Mend

run402 1.33.1 → 1.34.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/cli.mjs CHANGED Viewed

@@ -42,6 +42,7 @@ Commands:
   billing     Email billing accounts, Stripe tier checkout, email packs
   contracts   KMS contract wallets ($0.04/day rental + $0.000005/sign)
   agent       Manage agent identity (contact info)
+  service     Run402 service health and availability (status, health)
 Run 'run402 <command> --help' for detailed usage of each command.
@@ -183,6 +184,11 @@ switch (cmd) {
     await run(sub, rest);
     break;
   }
+  case "service": {
+    const { run } = await import("./lib/service.mjs");
+    await run(sub, rest);
+    break;
+  }
   default:
     console.error(`Unknown command: ${cmd}\n`);
     console.log(HELP);

package/core-dist/wallet-auth.js ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * Wallet auth helper — generates EIP-191 signature headers for Run402 API.
+ * Uses @noble/curves (lighter than viem) for signing.
+ */
+import { secp256k1 } from "@noble/curves/secp256k1.js";
+import { keccak_256 } from "@noble/hashes/sha3.js";
+import { bytesToHex } from "@noble/hashes/utils.js";
+import { readWallet } from "./wallet.js";
+/**
+ * EIP-191 personal_sign: sign a message with the wallet's private key.
+ */
+function personalSign(privateKeyHex, address, message) {
+    const msgBytes = new TextEncoder().encode(message);
+    const prefix = new TextEncoder().encode(`\x19Ethereum Signed Message:\n${msgBytes.length}`);
+    const prefixed = new Uint8Array(prefix.length + msgBytes.length);
+    prefixed.set(prefix);
+    prefixed.set(msgBytes, prefix.length);
+    const hash = keccak_256(prefixed);
+    const pkHex = privateKeyHex.startsWith("0x")
+        ? privateKeyHex.slice(2)
+        : privateKeyHex;
+    const pkBytes = Uint8Array.from(Buffer.from(pkHex, "hex"));
+    const rawSig = secp256k1.sign(hash, pkBytes);
+    const sig = secp256k1.Signature.fromBytes(rawSig);
+    // Determine recovery bit by trying both and matching the address
+    let recovery = 0;
+    for (const v of [0, 1]) {
+        try {
+            const recovered = sig.addRecoveryBit(v).recoverPublicKey(hash);
+            const pubBytes = recovered.toBytes(false).slice(1); // uncompressed, drop 04 prefix
+            const addrBytes = keccak_256(pubBytes).slice(-20);
+            if ("0x" + bytesToHex(addrBytes) === address.toLowerCase()) {
+                recovery = v;
+                break;
+            }
+        }
+        catch {
+            continue;
+        }
+    }
+    const r = sig.r.toString(16).padStart(64, "0");
+    const s = sig.s.toString(16).padStart(64, "0");
+    const vHex = (recovery + 27).toString(16).padStart(2, "0");
+    return "0x" + r + s + vHex;
+}
+/**
+ * Get wallet auth headers for the Run402 API.
+ * Returns null if no wallet is configured.
+ */
+export function getWalletAuthHeaders(walletPath) {
+    const wallet = readWallet(walletPath);
+    if (!wallet || !wallet.address || !wallet.privateKey)
+        return null;
+    const timestamp = Math.floor(Date.now() / 1000).toString();
+    const signature = personalSign(wallet.privateKey, wallet.address, `run402:${timestamp}`);
+    return {
+        "X-Run402-Wallet": wallet.address,
+        "X-Run402-Signature": signature,
+        "X-Run402-Timestamp": timestamp,
+    };
+}
+//# sourceMappingURL=wallet-auth.js.map

package/core-dist/wallet.js ADDED Viewed

@@ -0,0 +1,25 @@
+import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, renameSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { randomBytes } from "node:crypto";
+import { getWalletPath } from "./config.js";
+export function readWallet(path) {
+    const p = path ?? getWalletPath();
+    if (!existsSync(p))
+        return null;
+    try {
+        return JSON.parse(readFileSync(p, "utf-8"));
+    }
+    catch {
+        return null;
+    }
+}
+export function saveWallet(data, path) {
+    const p = path ?? getWalletPath();
+    const dir = dirname(p);
+    mkdirSync(dir, { recursive: true });
+    const tmp = join(dir, `.wallet.${randomBytes(4).toString("hex")}.tmp`);
+    writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 0o600 });
+    renameSync(tmp, p);
+    chmodSync(p, 0o600);
+}
+//# sourceMappingURL=wallet.js.map

package/lib/deploy.mjs CHANGED Viewed

@@ -114,7 +114,35 @@ export async function run(args) {
   const authHeaders = allowanceAuthHeaders("/deploy/v1");
   const res = await fetch(`${API}/deploy/v1`, { method: "POST", headers: { "Content-Type": "application/json", ...authHeaders }, body: JSON.stringify(manifest) });
-  const result = await res.json();
-  if (!res.ok) { console.error(JSON.stringify({ status: "error", http: res.status, ...result })); process.exit(1); }
+  // Content-type aware parsing: gateways (ALB, CloudFront, etc.) return HTML on
+  // 504/413/etc., which would otherwise crash res.json() with SyntaxError.
+  const contentType = res.headers.get("content-type") || "";
+  let result = null;
+  let parseError = null;
+  let bodyText = null;
+  if (contentType.includes("application/json")) {
+    try {
+      result = await res.json();
+    } catch (e) {
+      parseError = e;
+      try { bodyText = await res.text(); } catch { bodyText = ""; }
+    }
+  } else {
+    try { bodyText = await res.text(); } catch { bodyText = ""; }
+  }
+  if (!res.ok || parseError || result === null) {
+    const err = { status: "error", http: res.status, content_type: contentType || null };
+    if (result && typeof result === "object") {
+      Object.assign(err, result);
+    } else {
+      const preview = typeof bodyText === "string" ? bodyText.slice(0, 500) : "";
+      err.body_preview = preview;
+      if (parseError) err.parse_error = "response body was not valid JSON";
+    }
+    console.error(JSON.stringify(err));
+    process.exit(1);
+  }
   console.log(JSON.stringify(result, null, 2));
 }

package/lib/service.mjs ADDED Viewed

@@ -0,0 +1,47 @@
+import { API } from "./config.mjs";
+const HELP = `run402 service — Run402 service health and availability
+Usage:
+  run402 service status    Public availability report (uptime, capabilities, operator, deployment)
+  run402 service health    Liveness check (per-dependency status + version)
+Notes:
+  - Both endpoints are unauthenticated and free. No allowance required.
+  - This is the Run402 SERVICE status. For your ACCOUNT status (allowance,
+    balance, tier, projects), use 'run402 status'.
+`;
+async function fetchAndEmit(path) {
+  let res;
+  try {
+    res = await fetch(`${API}${path}`);
+  } catch (err) {
+    console.log(JSON.stringify({ error: "fetch_failed", message: err?.message || String(err) }));
+    return;
+  }
+  const text = await res.text();
+  let body;
+  try { body = JSON.parse(text); } catch { body = text; }
+  if (!res.ok) {
+    console.log(JSON.stringify({ error: "non_2xx", status: res.status, body }, null, 2));
+    return;
+  }
+  console.log(JSON.stringify(body, null, 2));
+}
+export async function run(sub, args) {
+  if (!sub || sub === "--help" || sub === "-h") { console.log(HELP); process.exit(0); }
+  switch (sub) {
+    case "status":
+      await fetchAndEmit("/status");
+      return;
+    case "health":
+      await fetchAndEmit("/health");
+      return;
+    default:
+      console.error(`Unknown subcommand: ${sub}\n`);
+      console.log(HELP);
+      process.exit(1);
+  }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "run402",
-  "version": "1.33.1",
+  "version": "1.34.0",
   "description": "CLI for Run402 — provision Postgres databases, deploy static sites, generate images, and manage wallets via x402 and MPP micropayments.",
   "type": "module",
   "bin": {