samarthya-bot 1.1.1 → 1.1.3

package/README.md

@@ -34,7 +34,7 @@ SamarthyaBot is built for developers. The best way to start is the **CLI Wizard*
 
 ### 📦 Install (Global)
 
-Runtime: **Node JS ≥ 20** and **MongoDB** (Local).
+Runtime: **Node 20 LTS** (Officially Supported/Recommended) and **MongoDB** (Local).
 
 ```bash
 npm install -g samarthya-bot
@@ -42,10 +42,13 @@ npm install -g samarthya-bot
 # Start the interactive setup
 samarthya onboard
 
-# Launch the engine and dashboard
+# Launch the engine and dashboard (Terminal 1)
 samarthya gateway
+
+# Expose to internet & setup Telegram Webhook (Terminal 2)
+samarthya tunnel
 ```
-*The wizard guides you through API keys (Gemini/Ollama) and system permissions.*
+*The wizard guides you through API keys (Gemini/Ollama, Telegram Bot Token) and system permissions.*
 
 ### 🛠️ From Source (Development)
 
@@ -87,7 +90,7 @@ npm run dev
 | `samarthya status` | Display the status of background jobs and the engine. |
 | `samarthya stop` | Gracefully shut down all background autonomous agents. |
 | `samarthya model` | Swap between LLM providers (e.g. `ollama`, `gemini`). |
-| `samarthya tunnel` | Expose gateway to internet & auto-setup Telegram webhooks. |
+| `samarthya tunnel` | Expose gateway to internet. **(Must run in a separate terminal)** |
 
 ---
 
@@ -113,11 +116,10 @@ ACTIVE_PROVIDER=gemini # or ollama
 ### 📱 Telegram Integration
 To connect SamarthyaBot to Telegram:
 1. Get a bot token from [@BotFather](https://t.me/BotFather).
-2. Add `TELEGRAM_BOT_TOKEN` to your `.env` file.
-3. Run `samarthya tunnel` in your terminal.
-4. Samarthya will automatically create a secure tunnel and link your bot!
-
-*Note: The `samarthya onboard` command handles these for you automatically!*
+2. The `samarthya onboard` wizard will automatically ask for this token.
+3. Run `samarthya gateway` in your **first terminal**.
+4. Run `samarthya tunnel` in a **new, separate terminal**.
+5. Samarthya will automatically create a secure tunnel and link your bot!
 
 ---
 

package/backend/bin/samarthya.js

@@ -12,8 +12,15 @@ const backendDir = path.join(__dirname, '..');
 // Helper to check if server is already running on port 5000
 const isServerRunning = () => {
     try {
-        execSync('fuser 5000/tcp 2>/dev/null');
-        return true;
+        if (process.platform === 'win32') {
+            const output = execSync('netstat -ano | findstr :5000', { encoding: 'utf-8' });
+            return output.includes('LISTENING');
+        } else {
+            // macOS and Linux
+            // Using lsof as it's more standard across unix than fuser
+            execSync('lsof -i:5000 -t 2>/dev/null');
+            return true;
+        }
     } catch {
         return false;
     }
@@ -79,6 +86,7 @@ switch (command) {
             const anthropicKey = await question('🔑 Enter Anthropic (Claude) API Key (or press Enter to skip): ');
             const groqKey = await question('🔑 Enter Groq API Key (or press Enter to skip): ');
             const openAiKey = await question('🔑 Enter OpenAI API Key (or press Enter to skip): ');
+            const telegramToken = await question('🤖 Enter Telegram Bot Token (or press Enter to skip): ');
 
             const envPath = path.join(backendDir, '.env');
             let envVars = {};
@@ -113,6 +121,7 @@ switch (command) {
             if (anthropicKey.trim()) envVars['ANTHROPIC_API_KEY'] = anthropicKey.trim();
             if (groqKey.trim()) envVars['GROQ_API_KEY'] = groqKey.trim();
             if (openAiKey.trim()) envVars['OPENAI_API_KEY'] = openAiKey.trim();
+            if (telegramToken.trim()) envVars['TELEGRAM_BOT_TOKEN'] = telegramToken.trim();
 
             if (!envVars['GEMINI_API_KEY']) envVars['GEMINI_API_KEY'] = 'dummy';
 
@@ -297,7 +306,11 @@ switch (command) {
 
         try { require('dotenv').config({ path: path.join(backendDir, '.env') }); } catch (e) { }
 
-        const tunnelProcess = spawn('npx', ['localtunnel', '--port', '5000'], { stdio: 'pipe' });
+        const isWindows = process.platform === 'win32';
+        const tunnelProcess = spawn('npm', ['exec', 'localtunnel', '--', '--port', '5000'], {
+            stdio: 'pipe',
+            shell: isWindows
+        });
 
         tunnelProcess.stdout.on('data', async (data) => {
             const output = data.toString();
@@ -346,7 +359,23 @@ switch (command) {
         if (isServerRunning()) {
             console.log('🛑 Stopping SamarthyaBot Gateway...');
             try {
-                execSync('fuser -k 5000/tcp 2>/dev/null');
+                if (process.platform === 'win32') {
+                    // Find PID of process listening on port 5000 and kill it
+                    const netstatOut = execSync('netstat -ano | findstr :5000', { encoding: 'utf-8' });
+                    const lines = netstatOut.split('\\n');
+                    for (const line of lines) {
+                        if (line.includes('LISTENING')) {
+                            const parts = line.trim().split(/\\s+/);
+                            const pid = parts[parts.length - 1];
+                            if (pid && pid !== '0') {
+                                execSync(`taskkill /PID ${pid} /F`, { stdio: 'ignore' });
+                            }
+                        }
+                    }
+                } else {
+                    // macOS and Linux
+                    execSync('lsof -t -i:5000 | xargs kill -9 2>/dev/null || fuser -k 5000/tcp 2>/dev/null');
+                }
                 console.log('✅ Gateway stopped successfully.');
             } catch (e) {
                 console.log('❌ Failed to stop gateway gracefully. Process might already be dead.');
@@ -360,7 +389,21 @@ switch (command) {
         console.log('🔄 Restarting SamarthyaBot Gateway...');
         if (isServerRunning()) {
             try {
-                execSync('fuser -k 5000/tcp 2>/dev/null');
+                if (process.platform === 'win32') {
+                    const netstatOut = execSync('netstat -ano | findstr :5000', { encoding: 'utf-8' });
+                    const lines = netstatOut.split('\\n');
+                    for (const line of lines) {
+                        if (line.includes('LISTENING')) {
+                            const parts = line.trim().split(/\\s+/);
+                            const pid = parts[parts.length - 1];
+                            if (pid && pid !== '0') {
+                                execSync(`taskkill /PID ${pid} /F`, { stdio: 'ignore' });
+                            }
+                        }
+                    }
+                } else {
+                    execSync('lsof -t -i:5000 | xargs kill -9 2>/dev/null || fuser -k 5000/tcp 2>/dev/null');
+                }
             } catch (e) { /* ignore */ }
         }
         // Give it a moment to free the port

package/backend/services/tools/toolRegistry.js

@@ -4,11 +4,19 @@ const path = require('path');
 const os = require('os');
 const { exec } = require('child_process');
 const nodemailer = require('nodemailer');
+const { Client } = require('ssh2');
+const workerClient = require('../worker/workerClient');
 
 // ────────────────────────────────────────────────────────────
 // REAL Tool Definitions — No more simulations!
 // ────────────────────────────────────────────────────────────
 
+/**
+ * Security: Command Blacklist Map
+ * Prevent the AI (or user injection) from autonomously executing critically destructive host/remote commands.
+ */
+const BLOCKED_COMMANDS = /^(rm\s+-rf|rmdir|mkfs|dd|fdisk|shutdown|reboot|poweroff|halt|init|killall\s+-9|wget.*\.sh|curl.*\.sh|chmod\s+-R\s+777|chown\s+-R.*:.*\/)/im;
+
 /**
  * Safe directory — tools can only operate within this sandbox
  * Change this to allow broader access (at your own risk)
@@ -491,10 +499,56 @@ const toolDefinitions = {
         }
     },
 
-    // ─────────── RUN COMMAND (Real — FULL ROOT/OS EXECUTION) ───────────
+    // ─────────── DEVOPS / STREAMING EXECUTION (Go Worker Integration) ───────────
+    devops_execute_stream: {
+        name: 'devops_execute_stream',
+        description: 'Run long or complex shell commands (like npm install, git push, vercel deploy) and stream the output back. Required for any heavy DevOps/Auto-Coder tasks. Uses the ultra-fast Go micro-worker.',
+        descriptionHi: 'लाइव शेल कमांड चलाएं',
+        riskLevel: 'critical',
+        category: 'system',
+        parameters: {
+            command: { type: 'string', required: true, description: 'Command to execute safely via Go' },
+            dir: { type: 'string', required: false, description: 'Working directory for the command' }
+        },
+        execute: async (args, userContext) => {
+            if (BLOCKED_COMMANDS.test(args.command)) {
+                return { success: false, result: `❌ Security Block: The command '${args.command}' contains patterns that are restricted (e.g., recursive deletes, system reboots, disk formats).` };
+            }
+
+            return new Promise((resolve) => {
+                let liveLog = '';
+
+                // Let the Go worker handle the heavy lifting!
+                workerClient.executeCommand(args.command, args.dir || '', (data, type) => {
+                    // Collect live output
+                    liveLog += data + '\\n';
+                    // Optional: If we had a websocket to the frontend dashboard, we'd emit it here!
+                }).then(({ success, exitCode, output, elapsed }) => {
+                    // Combine whatever was streamed
+                    const finalOutput = output || liveLog;
+
+                    if (!success) {
+                        resolve({
+                            success: false,
+                            result: `❌ Execution Failed (Code ${exitCode}):\n\`\`\`\n${finalOutput.substring(finalOutput.length > 3000 ? finalOutput.length - 3000 : 0)}\n\`\`\``
+                        });
+                        return;
+                    }
+                    resolve({
+                        success: true,
+                        result: `✅ **Success:** \`${args.command}\`\n⏱️ Elapsed: ${elapsed}ms\n\n\`\`\`\n${finalOutput.substring(0, 3000)}\n\`\`\``
+                    });
+                }).catch(err => {
+                    resolve({ success: false, result: `❌ Worker Error: ${err.message}` });
+                });
+            });
+        }
+    },
+
+    // ─────────── LEGACY RUN COMMAND (Kept for instant small commands) ───────────
     run_command: {
         name: 'run_command',
-        description: 'Run ANY shell command on the host OS. Warning: Full access provided. Use carefully.',
+        description: 'Run basic, instant shell commands natively. For long-running deploying/building, use devops_execute_stream instead.',
         descriptionHi: 'शेल कमांड चलाएं',
         riskLevel: 'critical',
         category: 'system',
@@ -502,6 +556,10 @@ const toolDefinitions = {
             command: { type: 'string', required: true, description: 'Shell command to execute' }
         },
         execute: async (args, userContext) => {
+            if (BLOCKED_COMMANDS.test(args.command)) {
+                return { success: false, result: `❌ Security Block: The command '${args.command}' contains patterns that are restricted (e.g., recursive deletes, system reboots, disk formats).` };
+            }
+
             return new Promise((resolve) => {
                 exec(args.command, { timeout: 15000, maxBuffer: 1024 * 1024 }, (error, stdout, stderr) => {
                     if (error) {
@@ -520,6 +578,85 @@ const toolDefinitions = {
         }
     },
 
+    // ─────────── REMOTE VPS DEPLOYMENT (SSH Stream) ───────────
+    ssh_deploy: {
+        name: 'ssh_deploy',
+        description: 'Login to a remote VPS server via SSH and execute commands autonomously (e.g., git pull, npm run build, pm2 restart).',
+        descriptionHi: 'रिमोट सर्वर पर कमांड चलाएं',
+        riskLevel: 'critical',
+        category: 'system',
+        parameters: {
+            host: { type: 'string', required: true, description: 'Server IP or Hostname' },
+            username: { type: 'string', required: true, description: 'SSH Username (e.g., root)' },
+            password: { type: 'string', required: false, description: 'SSH Password (if key is not used)' },
+            privateKeyPath: { type: 'string', required: false, description: 'Absolute path to local SSH private key file (if password is not used)' },
+            command: { type: 'string', required: true, description: 'Command string to run on the remote VPS (e.g., "cd /var/www && git pull")' }
+        },
+        execute: async (args, userContext) => {
+            if (BLOCKED_COMMANDS.test(args.command)) {
+                return { success: false, result: `❌ Security Block: The command '${args.command}' contains patterns that are restricted on remote SSH systems.` };
+            }
+
+            return new Promise(async (resolve) => {
+                const conn = new Client();
+                let outputLog = '';
+
+                // Build SSH config
+                const config = {
+                    host: args.host,
+                    port: 22,
+                    username: args.username,
+                    readyTimeout: 10000 // 10s connection timeout
+                };
+
+                // Auth strategy
+                if (args.password) {
+                    config.password = args.password;
+                } else if (args.privateKeyPath) {
+                    try {
+                        config.privateKey = await fs.readFile(args.privateKeyPath, 'utf8');
+                    } catch (e) {
+                        return resolve({ success: false, result: `❌ Failed to read private key at ${args.privateKeyPath}: ${e.message}` });
+                    }
+                } else {
+                    return resolve({ success: false, result: `❌ Missing Authentication. Provide either 'password' or 'privateKeyPath'.` });
+                }
+
+                conn.on('ready', () => {
+                    outputLog += `[SSH] Connected to ${args.username}@${args.host} successfully.\n`;
+                    outputLog += `[SSH] Executing: ${args.command}\n\n`;
+
+                    conn.exec(args.command, (err, stream) => {
+                        if (err) {
+                            conn.end();
+                            return resolve({ success: false, result: `❌ Command Execution Error:\n\`\`\`\n${err.message}\n\`\`\`` });
+                        }
+
+                        stream.on('close', (code, signal) => {
+                            conn.end();
+                            const success = code === 0;
+                            const statusIcon = success ? '✅' : '❌';
+
+                            resolve({
+                                success: success,
+                                result: `${statusIcon} **SSH Execution Complete** (Exit Code: ${code})\n\n\`\`\`\n${outputLog.substring(outputLog.length > 3000 ? outputLog.length - 3000 : 0)}\n\`\`\``
+                            });
+                        }).on('data', (data) => {
+                            outputLog += data.toString();
+                        }).stderr.on('data', (data) => {
+                            outputLog += data.toString();
+                        });
+                    });
+                }).on('error', (err) => {
+                    resolve({ success: false, result: `❌ SSH Connection Error to ${args.host}: ${err.message}` });
+                });
+
+                // Start connection
+                conn.connect(config);
+            });
+        }
+    },
+
     // ─────────── GST REMINDER (Real — saves reminder files) ───────────
     gst_reminder: {
         name: 'gst_reminder',
@@ -685,32 +822,84 @@ const toolDefinitions = {
         }
     },
 
-    // ─────────── OPEN URL (Real browser open) ───────────
-    open_url: {
-        name: 'open_url',
-        description: 'Open a URL in the default browser',
-        descriptionHi: 'ब्राउज़र में URL खोलें',
-        riskLevel: 'medium',
+    // ─────────── ADVANCED BROWSER AUTOMATION (Puppeteer) ───────────
+    browser_action: {
+        name: 'browser_action',
+        description: 'Auto-control a chromium browser. It can navigate, click, type, and read the screen autonomously. Use this to create Github repos, write docs, or scrape web UI.',
+        descriptionHi: 'ब्राउज़र पे ऑटोमैटिक काम करें',
+        riskLevel: 'high',
         category: 'browser',
         parameters: {
-            url: { type: 'string', required: true, description: 'URL to open' }
+            url: { type: 'string', required: true, description: 'URL to navigate to or interact with.' },
+            actions: {
+                type: 'string',
+                required: false,
+                description: 'JSON array of actions. Format: [{"type":"click","selector":"#submit"},{"type":"type","selector":"#email","text":"my@email.com"},{"type":"wait","ms":2000},{"type":"extract","selector":"body"}]'
+            }
         },
         execute: async (args, userContext) => {
-            return new Promise((resolve) => {
-                const cmd = `xdg-open "${args.url}" 2>/dev/null || open "${args.url}" 2>/dev/null`;
-                exec(cmd, { timeout: 5000 }, (error) => {
-                    if (error) {
-                        resolve({
-                            success: false,
-                            result: `❌ Could not open browser: ${error.message}\n\n🔗 URL: ${args.url}`
-                        });
+            return new Promise(async (resolve) => {
+                const puppeteer = require('puppeteer-core');
+                let browser;
+                let log = `🌐 **Browser Automation Started:** ${args.url}\n`;
+
+                try {
+                    // Try to connect to existing local Chrome, fallback to a downloaded edge/chrome if needed.
+                    // For local system testing, we simulate launching a default visible chrome.
+                    let execPaths = [];
+                    if (os.platform() === 'win32') {
+                        execPaths = [
+                            'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe',
+                            'C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe'
+                        ];
+                    } else if (os.platform() === 'darwin') {
+                        execPaths = ['/Applications/Google Chrome.app/Contents/MacOS/Google Chrome'];
                     } else {
-                        resolve({
-                            success: true,
-                            result: `🌐 **Opened in browser:** ${args.url}`
-                        });
+                        execPaths = ['/usr/bin/google-chrome', '/usr/bin/chromium-browser'];
                     }
-                });
+
+                    let validPath = execPaths.find(p => require('fs').existsSync(p));
+                    if (!validPath) {
+                        return resolve({ success: false, result: `❌ Chrome/Edge executable not found for Puppeteer.` });
+                    }
+
+                    browser = await puppeteer.launch({
+                        executablePath: validPath,
+                        headless: false, // Make it visible to the user!
+                        defaultViewport: null,
+                    });
+
+                    const page = await browser.newPage();
+                    await page.goto(args.url, { waitUntil: 'networkidle2' });
+                    log += `✅ Loaded: ${args.url}\n`;
+
+                    if (args.actions) {
+                        const actionsList = JSON.parse(args.actions);
+                        for (let act of actionsList) {
+                            if (act.type === 'click') {
+                                await page.click(act.selector);
+                                log += `🖱️ Clicked: ${act.selector}\n`;
+                            } else if (act.type === 'type') {
+                                await page.type(act.selector, act.text);
+                                log += `⌨️ Typed "${act.text}" into ${act.selector}\n`;
+                            } else if (act.type === 'wait') {
+                                await new Promise(r => setTimeout(r, act.ms));
+                                log += `⏳ Waited ${act.ms}ms\n`;
+                            } else if (act.type === 'extract') {
+                                const text = await page.$eval(act.selector, el => el.innerText);
+                                log += `📄 Extracted text from ${act.selector}:\n\`\`\`\n${text.substring(0, 500)}...\n\`\`\`\n`;
+                            }
+                        }
+                    }
+
+                    // Leave browser open for the user if it's a visual task
+                    setTimeout(() => browser.close(), 60000);
+
+                    resolve({ success: true, result: log + '\n✨ Browser task completed successfully.' });
+                } catch (err) {
+                    if (browser) await browser.close();
+                    resolve({ success: false, result: `❌ Browser Action Failed:\n${err.message}\n\nLogs:\n${log}` });
+                }
             });
         }
     },
@@ -728,13 +917,10 @@ const toolDefinitions = {
                 const screenshot = require('screenshot-desktop');
                 screenshot({ format: 'png' })
                     .then((imgRaw) => {
-                        // Return the base64 to the LLM
                         const base64 = imgRaw.toString('base64');
                         resolve({
                             success: true,
                             result: `📸 **Screenshot Captured successfully!**\nUse the analyze_screen tool or your vision capabilities to see what is on screen.\n[IMAGE_DATA_BASE64_READY_INTERNAL_USE]`
-                            // Note: We don't feed the raw 5MB string back into the prompt buffer directly here, 
-                            // but the agent now knows it took a shot. In a full system, you'd integrate this with llmService vision api directly.
                         });
                     })
                     .catch((err) => {

package/backend/services/worker/workerClient.js

@@ -0,0 +1,143 @@
+const { spawn } = require('child_process');
+const path = require('path');
+const os = require('os');
+const { v4: uuidv4 } = require('uuid');
+
+class WorkerClient {
+    constructor() {
+        this.workerProcess = null;
+        this.pendingRequests = new Map();
+
+        // Find the worker binary.
+        // In dev, it's inside `worker/samarthya-worker`
+        // In prod (npm module), it might be inside the module root.
+
+        // Let's resolve it more robustly:
+        const projectRoot = path.resolve(__dirname, '../../../'); // Gives /home/bishnups/Documents/PROJECT_DEB
+        this.workerPath = path.join(projectRoot, 'worker', 'samarthya-worker' + (os.platform() === 'win32' ? '.exe' : ''));
+    }
+
+    start() {
+        if (this.workerProcess) return;
+
+        console.log(`[Worker] Starting Go Micro-Worker from: ${this.workerPath}`);
+
+        this.workerProcess = spawn(this.workerPath, [], {
+            stdio: ['pipe', 'pipe', 'inherit'] // We write to stdin, read from stdout
+        });
+
+        this.workerProcess.on('error', (err) => {
+            console.error('[Worker] Failed to start Go worker:', err.message);
+            console.error('[Worker] Make sure you have run `cd worker && go build -o samarthya-worker`');
+        });
+
+        this.workerProcess.on('exit', (code) => {
+            console.log(`[Worker] Go worker exited with code ${code}. Restarting in 5s...`);
+            this.workerProcess = null;
+            setTimeout(() => this.start(), 5000);
+        });
+
+        // Listen to JSON stream line by line
+        let buffer = '';
+        this.workerProcess.stdout.on('data', (chunk) => {
+            buffer += chunk.toString();
+            let newlineIdx;
+            while ((newlineIdx = buffer.indexOf('\n')) >= 0) {
+                const line = buffer.slice(0, newlineIdx).trim();
+                buffer = buffer.slice(newlineIdx + 1);
+
+                if (line) {
+                    try {
+                        const parsed = JSON.parse(line);
+                        this._handleResponse(parsed);
+                    } catch (e) {
+                        console.error('[Worker] JSON Parse Error from Go line:', line);
+                    }
+                }
+            }
+        });
+    }
+
+    _handleResponse(res) {
+        if (!res.id || !this.pendingRequests.has(res.id)) {
+            // Unbound message or logging
+            if (res.type === 'error') {
+                console.error(`[Worker Msg] ${res.data}`);
+            }
+            return;
+        }
+
+        const handlers = this.pendingRequests.get(res.id);
+
+        if (res.type === 'stdout' || res.type === 'stderr') {
+            if (handlers.onStream) {
+                handlers.onStream(res.data, res.type);
+            } else {
+                // If the user didn't provide a stream handler, buffer it internally
+                if (!handlers.buffer) handlers.buffer = '';
+                handlers.buffer += res.data + '\n';
+            }
+        }
+        else if (res.type === 'end') {
+            const finalData = handlers.buffer || res.data;
+            handlers.resolve({
+                success: res.exitCode === 0,
+                exitCode: res.exitCode,
+                output: finalData,
+                elapsed: res.elapsedTimeMs
+            });
+            this.pendingRequests.delete(res.id);
+        }
+        else if (res.type === 'error') {
+            handlers.resolve({
+                success: false,
+                exitCode: -1,
+                output: res.data,
+                elapsed: 0
+            });
+            this.pendingRequests.delete(res.id);
+        }
+    }
+
+    executeCommand(command, dir = '', streamCallback = null) {
+        if (!this.workerProcess) {
+            this.start();
+            if (!this.workerProcess) {
+                return Promise.resolve({ success: false, output: 'Worker process unavailable. Is the Go binary built?' });
+            }
+        }
+
+        return new Promise((resolve) => {
+            const reqId = uuidv4();
+
+            // Register handlers
+            this.pendingRequests.set(reqId, {
+                resolve,
+                onStream: streamCallback,
+                buffer: ''
+            });
+
+            const req = {
+                id: reqId,
+                command: command,
+                dir: dir,
+                stream: true,
+                timeoutMs: 0
+            };
+
+            // Send to Go via stdin
+            this.workerProcess.stdin.write(JSON.stringify(req) + '\n');
+        });
+    }
+
+    stop() {
+        if (this.workerProcess) {
+            this.workerProcess.kill();
+            this.workerProcess = null;
+        }
+    }
+}
+
+// Export singleton instance
+const workerClient = new WorkerClient();
+module.exports = workerClient;

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "samarthya-bot",
-    "version": "1.1.1",
+    "version": "1.1.3",
     "description": "Privacy-First Local Agentic OS & Command Center",
     "main": "backend/server.js",
     "bin": {
@@ -27,6 +27,7 @@
         "puppeteer-core": "^24.37.5",
         "screenshot-desktop": "^1.15.3",
         "socket.io": "^4.8.3",
+        "ssh2": "^1.17.0",
         "uuid": "^13.0.0"
     },
     "keywords": [
@@ -37,7 +38,7 @@
         "samarthya-bot",
         "ollama"
     ],
-    "author": "Bishnu Sahu",
+    "author": "Bishnu Prasad Sahu",
     "license": "MIT",
     "engines": {
         "node": ">=20.0.0"

package/worker/go.mod

@@ -0,0 +1,3 @@
+module samarthya-worker
+
+go 1.22.2

package/worker/main.go

@@ -0,0 +1,156 @@
+package main
+
+import (
+	"bufio"
+	"encoding/json"
+	"fmt"
+	"io"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+)
+
+// Request defines the incoming JSON command from Node.js
+type Request struct {
+	ID        string `json:"id"`
+	Command   string `json:"command"`
+	Dir       string `json:"dir"`
+	Stream    bool   `json:"stream"`    // If true, stream output live
+	TimeoutMs int    `json:"timeoutMs"` // 0 for infinite
+}
+
+// Response defines the payload sent back to Node.js
+type Response struct {
+	ID          string `json:"id"`
+	Type        string `json:"type"` // "start", "stdout", "stderr", "end", "error"
+	Data        string `json:"data"`
+	ExitCode    int    `json:"exitCode"`
+	ElapsedTime int64  `json:"elapsedTimeMs"`
+}
+
+func main() {
+	// The Node.js parent process communicates via process.stdin and process.stdout.
+	reader := bufio.NewReader(os.Stdin)
+
+	for {
+		line, err := reader.ReadString('\n')
+		if err != nil {
+			if err == io.EOF {
+				break
+			}
+			continue
+		}
+
+		line = strings.TrimSpace(line)
+		if line == "" {
+			continue
+		}
+
+		var req Request
+		if err := json.Unmarshal([]byte(line), &req); err != nil {
+			sendError("", fmt.Sprintf("Failed to parse request: %v", err))
+			continue
+		}
+
+		// Execute command in a goroutine so the worker can process multiple requests
+		go handleCommand(req)
+	}
+}
+
+func handleCommand(req Request) {
+	startTime := time.Now()
+
+	// Notify Node.js that the command has started
+	sendResponse(req.ID, "start", fmt.Sprintf("Executing: %s", req.Command), 0, 0)
+
+	// Since we want to pass a raw command string like `npm run dev` or `vercel --prod`,
+	// we use a shell to interpret it cleanly. Cross-platform awareness:
+	// For Windows, we might use "cmd" "/c". For Unix, "sh" "-c".
+	var cmd *exec.Cmd
+	if isWindows() {
+		cmd = exec.Command("cmd", "/C", req.Command)
+	} else {
+		cmd = exec.Command("sh", "-c", req.Command)
+	}
+
+	if req.Dir != "" {
+		cmd.Dir = req.Dir
+	}
+
+	// Capture stdout and stderr
+	stdoutPipe, err := cmd.StdoutPipe()
+	if err != nil {
+		sendError(req.ID, fmt.Sprintf("Failed to create stdout pipe: %v", err))
+		return
+	}
+	stderrPipe, err := cmd.StderrPipe()
+	if err != nil {
+		sendError(req.ID, fmt.Sprintf("Failed to create stderr pipe: %v", err))
+		return
+	}
+
+	if err := cmd.Start(); err != nil {
+		sendError(req.ID, fmt.Sprintf("Failed to start command: %v", err))
+		return
+	}
+
+	// Start streamers
+	go streamToNode(req.ID, "stdout", stdoutPipe, req.Stream)
+	go streamToNode(req.ID, "stderr", stderrPipe, req.Stream)
+
+	// In the future for a production app, we would add the timeout context here.
+	err = cmd.Wait()
+	elapsed := time.Since(startTime).Milliseconds()
+
+	exitCode := 0
+	if err != nil {
+		if exitError, ok := err.(*exec.ExitError); ok {
+			exitCode = exitError.ExitCode()
+		} else {
+			exitCode = 1
+		}
+	}
+
+	sendResponse(req.ID, "end", "Command completed.", exitCode, elapsed)
+}
+
+func streamToNode(reqID string, streamType string, pipe io.Reader, allowStream bool) {
+	scanner := bufio.NewScanner(pipe)
+
+	// Create a large buffer (bufio.MaxScanTokenSize is usually 64kb)
+	buf := make([]byte, 0, 64*1024)
+	scanner.Buffer(buf, 1024*1024) // Allow up to 1MB per line/token
+
+	for scanner.Scan() {
+		text := scanner.Text()
+		if allowStream {
+			sendResponse(reqID, streamType, text, -1, 0)
+		}
+	}
+}
+
+func sendResponse(reqID string, resType string, data string, exitCode int, elapsed int64) {
+	// Base64 encode or properly escape JSON if necessary in complex outputs,
+	// but Go's json.Marshal smoothly handles quotes inside strings.
+	res := Response{
+		ID:          reqID,
+		Type:        resType,
+		Data:        data,
+		ExitCode:    exitCode,
+		ElapsedTime: elapsed,
+	}
+	encoded, _ := json.Marshal(res)
+
+	// Write to os.Stdout (this is picked up by Node.js).
+	// Make sure we end with a newline so Node can parse it line-by-line.
+	fmt.Println(string(encoded))
+}
+
+func sendError(reqID string, msg string) {
+	sendResponse(reqID, "error", msg, -1, 0)
+}
+
+func isWindows() bool {
+	return os.PathSeparator == '\\'
+}