skillverse 0.1.0

package/registry/src/routes/auth.ts

@@ -0,0 +1,152 @@
+import { Router, Request, Response, NextFunction } from 'express';
+import bcrypt from 'bcryptjs';
+import jwt from 'jsonwebtoken';
+import { prisma } from '../lib/db.js';
+import { AppError } from '../middleware/errorHandler.js';
+
+const router = Router();
+const JWT_SECRET = process.env.JWT_SECRET || 'fallback-secret-change-me';
+
+// POST /api/auth/register - Create new account
+router.post('/register', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const { username, email, password, displayName } = req.body;
+
+        if (!username || !email || !password) {
+            throw new AppError('VALIDATION_ERROR', 'Username, email, and password are required', 400);
+        }
+
+        // Check if user exists
+        const existingUser = await prisma.user.findFirst({
+            where: {
+                OR: [{ username }, { email }],
+            },
+        });
+
+        if (existingUser) {
+            throw new AppError('ALREADY_EXISTS', 'Username or email already exists', 409);
+        }
+
+        // Hash password
+        const passwordHash = await bcrypt.hash(password, 12);
+
+        // Create user
+        const user = await prisma.user.create({
+            data: {
+                username,
+                email,
+                passwordHash,
+                displayName: displayName || username,
+            },
+            select: {
+                id: true,
+                username: true,
+                email: true,
+                displayName: true,
+                createdAt: true,
+            },
+        });
+
+        // Generate token
+        const token = jwt.sign({ userId: user.id, username: user.username }, JWT_SECRET, {
+            expiresIn: '30d',
+        });
+
+        res.status(201).json({
+            success: true,
+            data: { user, token },
+            message: 'Account created successfully',
+        });
+    } catch (error) {
+        next(error);
+    }
+});
+
+// POST /api/auth/login - Login
+router.post('/login', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const { username, password } = req.body;
+
+        if (!username || !password) {
+            throw new AppError('VALIDATION_ERROR', 'Username and password are required', 400);
+        }
+
+        // Find user
+        const user = await prisma.user.findFirst({
+            where: {
+                OR: [{ username }, { email: username }],
+            },
+        });
+
+        if (!user) {
+            throw new AppError('AUTH_FAILED', 'Invalid credentials', 401);
+        }
+
+        // Verify password
+        const isValid = await bcrypt.compare(password, user.passwordHash);
+        if (!isValid) {
+            throw new AppError('AUTH_FAILED', 'Invalid credentials', 401);
+        }
+
+        // Generate token
+        const token = jwt.sign({ userId: user.id, username: user.username }, JWT_SECRET, {
+            expiresIn: '30d',
+        });
+
+        res.json({
+            success: true,
+            data: {
+                user: {
+                    id: user.id,
+                    username: user.username,
+                    email: user.email,
+                    displayName: user.displayName,
+                },
+                token,
+            },
+        });
+    } catch (error) {
+        next(error);
+    }
+});
+
+// GET /api/auth/me - Get current user
+router.get('/me', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const authHeader = req.headers.authorization;
+        if (!authHeader?.startsWith('Bearer ')) {
+            throw new AppError('AUTH_REQUIRED', 'Authentication required', 401);
+        }
+
+        const token = authHeader.substring(7);
+        const decoded = jwt.verify(token, JWT_SECRET) as { userId: string };
+
+        const user = await prisma.user.findUnique({
+            where: { id: decoded.userId },
+            select: {
+                id: true,
+                username: true,
+                email: true,
+                displayName: true,
+                avatarUrl: true,
+                createdAt: true,
+            },
+        });
+
+        if (!user) {
+            throw new AppError('NOT_FOUND', 'User not found', 404);
+        }
+
+        res.json({
+            success: true,
+            data: user,
+        });
+    } catch (error) {
+        if (error instanceof jwt.JsonWebTokenError) {
+            return next(new AppError('AUTH_INVALID', 'Invalid token', 401));
+        }
+        next(error);
+    }
+});
+
+export default router;

package/registry/src/routes/skills.ts

@@ -0,0 +1,295 @@
+import { Router, Request, Response, NextFunction } from 'express';
+import multer from 'multer';
+import jwt from 'jsonwebtoken';
+import { existsSync } from 'fs';
+import { mkdir, readFile, writeFile, rm } from 'fs/promises';
+import { join } from 'path';
+import { prisma } from '../lib/db.js';
+import { AppError } from '../middleware/errorHandler.js';
+
+const router = Router();
+const JWT_SECRET = process.env.JWT_SECRET || 'fallback-secret-change-me';
+const STORAGE_PATH = process.env.STORAGE_PATH || './uploads';
+
+// Configure multer for file uploads
+const storage = multer.diskStorage({
+    destination: async (req, file, cb) => {
+        const uploadDir = join(STORAGE_PATH, 'bundles');
+        if (!existsSync(uploadDir)) {
+            await mkdir(uploadDir, { recursive: true });
+        }
+        cb(null, uploadDir);
+    },
+    filename: (req, file, cb) => {
+        const uniqueName = `${Date.now()}-${file.originalname}`;
+        cb(null, uniqueName);
+    },
+});
+
+const upload = multer({
+    storage,
+    limits: { fileSize: 50 * 1024 * 1024 }, // 50MB limit
+    fileFilter: (req, file, cb) => {
+        if (file.mimetype === 'application/gzip' || file.originalname.endsWith('.tar.gz')) {
+            cb(null, true);
+        } else {
+            cb(new Error('Only .tar.gz files are allowed'));
+        }
+    },
+});
+
+// Auth middleware
+async function requireAuth(req: Request, res: Response, next: NextFunction) {
+    try {
+        const authHeader = req.headers.authorization;
+        if (!authHeader?.startsWith('Bearer ')) {
+            throw new AppError('AUTH_REQUIRED', 'Authentication required', 401);
+        }
+
+        const token = authHeader.substring(7);
+        const decoded = jwt.verify(token, JWT_SECRET) as { userId: string };
+        (req as any).userId = decoded.userId;
+        next();
+    } catch (error) {
+        if (error instanceof jwt.JsonWebTokenError) {
+            return next(new AppError('AUTH_INVALID', 'Invalid token', 401));
+        }
+        next(error);
+    }
+}
+
+// GET /api/skills - Search/list skills
+router.get('/', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const { search, page = '1', pageSize = '20' } = req.query;
+
+        const where: any = {};
+        if (search) {
+            where.OR = [
+                { name: { contains: search as string, mode: 'insensitive' } },
+                { description: { contains: search as string, mode: 'insensitive' } },
+            ];
+        }
+
+        const [items, total] = await Promise.all([
+            prisma.registrySkill.findMany({
+                where,
+                include: {
+                    publisher: {
+                        select: {
+                            id: true,
+                            username: true,
+                            displayName: true,
+                        },
+                    },
+                },
+                orderBy: { downloads: 'desc' },
+                skip: (parseInt(page as string) - 1) * parseInt(pageSize as string),
+                take: parseInt(pageSize as string),
+            }),
+            prisma.registrySkill.count({ where }),
+        ]);
+
+        res.json({
+            success: true,
+            data: {
+                items,
+                total,
+                page: parseInt(page as string),
+                pageSize: parseInt(pageSize as string),
+            },
+        });
+    } catch (error) {
+        next(error);
+    }
+});
+
+// GET /api/skills/:name - Get skill details
+router.get('/:name', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const skill = await prisma.registrySkill.findUnique({
+            where: { name: req.params.name },
+            include: {
+                publisher: {
+                    select: {
+                        id: true,
+                        username: true,
+                        displayName: true,
+                    },
+                },
+            },
+        });
+
+        if (!skill) {
+            throw new AppError('NOT_FOUND', 'Skill not found', 404);
+        }
+
+        res.json({
+            success: true,
+            data: skill,
+        });
+    } catch (error) {
+        next(error);
+    }
+});
+
+// GET /api/skills/:name/download - Download skill bundle
+router.get('/:name/download', async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const skill = await prisma.registrySkill.findUnique({
+            where: { name: req.params.name },
+        });
+
+        if (!skill) {
+            throw new AppError('NOT_FOUND', 'Skill not found', 404);
+        }
+
+        if (!existsSync(skill.bundlePath)) {
+            throw new AppError('NOT_FOUND', 'Bundle file not found', 404);
+        }
+
+        // Increment download count
+        await prisma.registrySkill.update({
+            where: { id: skill.id },
+            data: { downloads: { increment: 1 } },
+        });
+
+        res.setHeader('Content-Type', 'application/gzip');
+        res.setHeader('Content-Disposition', `attachment; filename="${skill.name}.tar.gz"`);
+        res.sendFile(skill.bundlePath, { root: process.cwd() });
+    } catch (error) {
+        next(error);
+    }
+});
+
+// POST /api/skills/publish - Upload new skill
+router.post(
+    '/publish',
+    requireAuth,
+    upload.single('bundle'),
+    async (req: Request, res: Response, next: NextFunction) => {
+        try {
+            const { name, description, version, keywords, sourceType, sourceUrl, readme } = req.body;
+            const userId = (req as any).userId;
+            const file = req.file;
+
+            if (!name) {
+                throw new AppError('VALIDATION_ERROR', 'Skill name is required', 400);
+            }
+
+            if (!file) {
+                throw new AppError('VALIDATION_ERROR', 'Bundle file is required', 400);
+            }
+
+            // Check if skill already exists
+            const existingSkill = await prisma.registrySkill.findUnique({
+                where: { name },
+            });
+
+            if (existingSkill) {
+                // Only owner can update
+                if (existingSkill.publisherId !== userId) {
+                    throw new AppError('FORBIDDEN', 'You can only update your own skills', 403);
+                }
+
+                // Delete old bundle
+                if (existsSync(existingSkill.bundlePath)) {
+                    await rm(existingSkill.bundlePath);
+                }
+
+                // Update existing skill
+                const updatedSkill = await prisma.registrySkill.update({
+                    where: { id: existingSkill.id },
+                    data: {
+                        version: version || existingSkill.version,
+                        description: description || existingSkill.description,
+                        readme: readme || existingSkill.readme,
+                        keywords: keywords ? JSON.parse(keywords) : existingSkill.keywords,
+                        bundlePath: file.path,
+                        bundleSize: file.size,
+                        sourceType,
+                        sourceUrl,
+                    },
+                    include: {
+                        publisher: {
+                            select: { id: true, username: true, displayName: true },
+                        },
+                    },
+                });
+
+                return res.json({
+                    success: true,
+                    data: updatedSkill,
+                    message: 'Skill updated successfully',
+                });
+            }
+
+            // Create new skill
+            const skill = await prisma.registrySkill.create({
+                data: {
+                    name,
+                    version: version || '1.0.0',
+                    description: description || '',
+                    readme: readme || '',
+                    keywords: keywords ? JSON.parse(keywords) : [],
+                    publisherId: userId,
+                    bundlePath: file.path,
+                    bundleSize: file.size,
+                    sourceType,
+                    sourceUrl,
+                },
+                include: {
+                    publisher: {
+                        select: { id: true, username: true, displayName: true },
+                    },
+                },
+            });
+
+            res.status(201).json({
+                success: true,
+                data: skill,
+                message: 'Skill published successfully',
+            });
+        } catch (error) {
+            next(error);
+        }
+    }
+);
+
+// DELETE /api/skills/:name - Unpublish skill
+router.delete('/:name', requireAuth, async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const userId = (req as any).userId;
+
+        const skill = await prisma.registrySkill.findUnique({
+            where: { name: req.params.name },
+        });
+
+        if (!skill) {
+            throw new AppError('NOT_FOUND', 'Skill not found', 404);
+        }
+
+        if (skill.publisherId !== userId) {
+            throw new AppError('FORBIDDEN', 'You can only delete your own skills', 403);
+        }
+
+        // Delete bundle file
+        if (existsSync(skill.bundlePath)) {
+            await rm(skill.bundlePath);
+        }
+
+        // Delete from database
+        await prisma.registrySkill.delete({
+            where: { id: skill.id },
+        });
+
+        res.json({
+            success: true,
+            message: 'Skill deleted successfully',
+        });
+    } catch (error) {
+        next(error);
+    }
+});
+
+export default router;

package/registry/tsconfig.json

@@ -0,0 +1,23 @@
+{
+    "extends": "../tsconfig.json",
+    "compilerOptions": {
+        "outDir": "./dist",
+        "rootDir": "./src",
+        "module": "ESNext",
+        "moduleResolution": "bundler",
+        "target": "ES2022",
+        "lib": [
+            "ES2022"
+        ],
+        "types": [
+            "node"
+        ]
+    },
+    "include": [
+        "src/**/*"
+    ],
+    "exclude": [
+        "node_modules",
+        "dist"
+    ]
+}

package/server/.env.example

@@ -0,0 +1,11 @@
+# Database
+DATABASE_URL="file:./dev.db"
+
+# Server
+PORT=3001
+NODE_ENV=development
+
+# SkillVerse Storage
+SKILLVERSE_HOME="${HOME}/.skillverse"
+SKILLS_DIR="${SKILLVERSE_HOME}/skills"
+MARKETPLACE_DIR="${SKILLVERSE_HOME}/marketplace"

package/server/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "skillverse-cli",
+  "version": "0.1.0",
+  "description": "SkillVerse - A local-first skill management platform for AI coding assistants",
+  "author": "SkillVerse Team",
+  "license": "MIT",
+  "type": "module",
+  "scripts": {
+    "dev": "tsx watch src/index.ts",
+    "build": "tsup",
+    "prepublishOnly": "npm run build:client && npm run build",
+    "build:client": "cd .. && npm run build --workspace=client",
+    "start": "node dist/index.js",
+    "postinstall": "prisma generate",
+    "typecheck": "tsc --noEmit",
+    "db:generate": "prisma generate",
+    "db:push": "prisma db push",
+    "db:migrate": "prisma migrate dev",
+    "db:studio": "prisma studio",
+    "start:cli": "tsx src/bin.ts"
+  },
+  "files": [
+    "dist",
+    "public",
+    "prisma",
+    "README.md"
+  ],
+  "bin": {
+    "skillverse": "./dist/bin.js"
+  },
+  "dependencies": {
+    "@prisma/client": "^5.8.1",
+    "@skillverse/shared": "*",
+    "@types/archiver": "^7.0.0",
+    "@types/tar": "^6.1.13",
+    "adm-zip": "^0.5.10",
+    "archiver": "^7.0.1",
+    "commander": "^14.0.3",
+    "cors": "^2.8.5",
+    "dotenv": "^16.3.1",
+    "express": "^4.18.2",
+    "form-data": "^4.0.5",
+    "gray-matter": "^4.0.3",
+    "multer": "^1.4.5-lts.1",
+    "open": "^11.0.0",
+    "simple-git": "^3.22.0",
+    "tar": "^7.5.7",
+    "zod": "^3.22.4"
+  },
+  "devDependencies": {
+    "@types/adm-zip": "^0.5.5",
+    "@types/cors": "^2.8.17",
+    "@types/express": "^4.17.21",
+    "@types/multer": "^1.4.11",
+    "prisma": "^5.8.1",
+    "tsup": "^8.5.1",
+    "tsx": "^4.7.0",
+    "typescript": "^5.3.3"
+  }
+}

package/server/prisma/schema.prisma

@@ -0,0 +1,73 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "sqlite"
+  url      = env("DATABASE_URL")
+}
+
+model Skill {
+  id                String             @id @default(uuid())
+  name              String             @unique
+  source            String             // 'git' or 'local'
+  sourceUrl         String?
+  description       String?
+  commitHash        String?            // Git commit hash
+  repoUrl           String?            // Root repository URL (if different from sourceUrl)
+  updateAvailable   Boolean            @default(false)
+  lastUpdateCheck   DateTime?
+  installDate       DateTime           @default(now())
+  metadata          String?            // JSON string
+  storagePath       String             // Path to skill files in central storage
+  
+  linkedWorkspaces  SkillWorkspace[]
+  marketplaceEntry  MarketplaceSkill?
+  
+  createdAt         DateTime           @default(now())
+  updatedAt         DateTime           @updatedAt
+}
+
+model Workspace {
+  id          String           @id @default(uuid())
+  name        String
+  path        String           @unique
+  type        String           // 'vscode', 'cursor', 'claude-desktop', 'codex', 'antigravity', 'custom'
+  scope       String           @default("project") // 'project' or 'global'
+  
+  linkedSkills SkillWorkspace[]
+  
+  createdAt   DateTime         @default(now())
+  updatedAt   DateTime         @updatedAt
+}
+
+model SkillWorkspace {
+  id          String    @id @default(uuid())
+  skillId     String
+  workspaceId String
+  linkedAt    DateTime  @default(now())
+  
+  skill       Skill     @relation(fields: [skillId], references: [id], onDelete: Cascade)
+  workspace   Workspace @relation(fields: [workspaceId], references: [id], onDelete: Cascade)
+  
+  @@unique([skillId, workspaceId])
+}
+
+model MarketplaceSkill {
+  id            String   @id @default(uuid())
+  skillId       String   @unique
+  publisherId   String?
+  publisherName String?
+  publishDate   DateTime @default(now())
+  downloads     Int      @default(0)
+  bundlePath    String?  // Path to the skill bundle file
+  bundleSize    Int?     // Size of the bundle in bytes
+  
+  skill         Skill    @relation(fields: [skillId], references: [id], onDelete: Cascade)
+  
+  createdAt     DateTime @default(now())
+  updatedAt     DateTime @updatedAt
+}