spck 0.3.1

package/dist/rpc/router.js

@@ -0,0 +1,132 @@
+/**
+ * JSON-RPC 2.0 request router
+ */
+import { ErrorCode, createRPCError } from '../types.js';
+import { FilesystemService } from '../services/FilesystemService.js';
+import { GitService } from '../services/GitService.js';
+import { TerminalService } from '../services/TerminalService.js';
+import { SearchService } from '../services/SearchService.js';
+import { BrowserProxyService } from '../services/BrowserProxyService.js';
+export class RPCRouter {
+    /**
+     * Initialize services
+     */
+    static initialize(rootPath, config, tools) {
+        this.rootPath = rootPath;
+        this.tools = tools;
+        this.terminalEnabled = config.terminal?.enabled ?? true;
+        this.browserProxyEnabled = config.browserProxy?.enabled ?? true;
+        this.filesystemService = new FilesystemService(rootPath, config.filesystem);
+        this.gitService = new GitService(rootPath);
+        this.browserProxyService = new BrowserProxyService();
+        // Parse maxFileSize from config
+        const maxFileSizeBytes = this.parseFileSize(config.filesystem.maxFileSize);
+        this.searchService = new SearchService(rootPath, maxFileSizeBytes, 64 * 1024, tools.ripgrep);
+    }
+    /**
+     * Parse file size string to bytes
+     */
+    static parseFileSize(sizeStr) {
+        const match = sizeStr.match(/^(\d+(?:\.\d+)?)\s*(B|KB|MB|GB)?$/i);
+        if (!match) {
+            return 10 * 1024 * 1024; // Default 10MB
+        }
+        const value = parseFloat(match[1]);
+        const unit = (match[2] || 'B').toUpperCase();
+        const multipliers = {
+            B: 1,
+            KB: 1024,
+            MB: 1024 * 1024,
+            GB: 1024 * 1024 * 1024,
+        };
+        return value * multipliers[unit];
+    }
+    /**
+     * Get or create terminal service for socket
+     */
+    static getTerminalService(socket) {
+        const deviceId = socket.data.deviceId;
+        // Update current socket for this deviceId (handles reconnections)
+        this.currentSockets.set(deviceId, socket);
+        if (!this.terminalServices.has(deviceId)) {
+            // Create new service with getter function that returns current socket
+            const getSocket = () => {
+                const currentSocket = this.currentSockets.get(deviceId);
+                if (!currentSocket) {
+                    throw new Error(`No active socket for device: ${deviceId}`);
+                }
+                return currentSocket;
+            };
+            this.terminalServices.set(deviceId, new TerminalService(getSocket, 10, 10000, this.rootPath));
+        }
+        return this.terminalServices.get(deviceId);
+    }
+    /**
+     * Route JSON-RPC request to appropriate service
+     */
+    static async route(message, socket) {
+        const { method, params } = message;
+        // Parse method prefix (split on first dot only so sub-namespaces like browser.proxy.request are preserved)
+        const dotIndex = method.indexOf('.');
+        const service = dotIndex !== -1 ? method.slice(0, dotIndex) : method;
+        const methodName = dotIndex !== -1 ? method.slice(dotIndex + 1) : '';
+        if (!service || !methodName) {
+            throw createRPCError(ErrorCode.INVALID_REQUEST, `Invalid method format: ${method}`);
+        }
+        try {
+            switch (service) {
+                case 'fs':
+                    return await this.filesystemService.handle(methodName, params, socket);
+                case 'git':
+                    if (!this.tools.git) {
+                        throw createRPCError(ErrorCode.FEATURE_DISABLED, 'Git is not available. Install Git 2.20.0+ to use version control features.');
+                    }
+                    return await this.gitService.handle(methodName, params, socket);
+                case 'search':
+                    // Search is always available, but fast search (ripgrep) may be disabled
+                    return await this.searchService.handle(methodName, params, socket);
+                case 'terminal':
+                    if (!this.terminalEnabled) {
+                        throw createRPCError(ErrorCode.FEATURE_DISABLED, 'Terminal is disabled in configuration.');
+                    }
+                    const terminalService = this.getTerminalService(socket);
+                    return await terminalService.handle(methodName, params);
+                case 'browser': {
+                    if (!this.browserProxyEnabled) {
+                        throw createRPCError(ErrorCode.FEATURE_DISABLED, 'Browser proxy is disabled in configuration.');
+                    }
+                    // methodName is 'proxy.request' — strip the 'proxy.' sub-namespace
+                    const dotIdx = methodName.indexOf('.');
+                    const browserMethod = dotIdx !== -1 ? methodName.slice(dotIdx + 1) : methodName;
+                    return await this.browserProxyService.handle(browserMethod, params, socket);
+                }
+                default:
+                    throw createRPCError(ErrorCode.METHOD_NOT_FOUND, `Unknown service: ${service}`);
+            }
+        }
+        catch (error) {
+            // Re-throw if already an RPC error
+            if (error.code && error.message) {
+                throw error;
+            }
+            // Wrap other errors
+            console.error(`Error in ${method}:`, error);
+            throw createRPCError(ErrorCode.INTERNAL_ERROR, `Internal error: ${error.message || 'Unknown error'}`, { method, originalError: error.toString() });
+        }
+    }
+    /**
+     * Cleanup terminal service for socket
+     */
+    static cleanupTerminalService(socket) {
+        const deviceId = socket.data.deviceId;
+        const service = this.terminalServices.get(deviceId);
+        if (service) {
+            service.cleanup();
+            this.terminalServices.delete(deviceId);
+            this.currentSockets.delete(deviceId);
+        }
+    }
+}
+RPCRouter.terminalServices = new Map();
+RPCRouter.currentSockets = new Map();
+//# sourceMappingURL=router.js.map

package/dist/services/BrowserProxyService.d.ts

@@ -0,0 +1,13 @@
+/**
+ * BrowserProxyService - Handles browser.proxy.request RPC calls
+ *
+ * Fetches from localhost:PORT/path and returns the HTTP response
+ * back to the editor client, which forwards it to the browser.spck.io SW.
+ */
+import { AuthenticatedSocket } from '../types.js';
+export declare class BrowserProxyService {
+    handle(method: string, params: any, socket: AuthenticatedSocket): Promise<any>;
+    private proxyRequest;
+    private fetch;
+}
+//# sourceMappingURL=BrowserProxyService.d.ts.map

package/dist/services/BrowserProxyService.js

@@ -0,0 +1,139 @@
+/**
+ * BrowserProxyService - Handles browser.proxy.request RPC calls
+ *
+ * Fetches from localhost:PORT/path and returns the HTTP response
+ * back to the editor client, which forwards it to the browser.spck.io SW.
+ */
+import http from 'http';
+import https from 'https';
+import { ErrorCode, createRPCError } from '../types.js';
+import { logBrowserProxy } from '../utils/logger.js';
+const REQUEST_TIMEOUT_MS = 30000;
+const ALLOWED_HOSTS = new Set(['localhost', '127.0.0.1']);
+const ALLOWED_METHODS = new Set(['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS']);
+const MAX_RESPONSE_BODY_BYTES = 10 * 1024 * 1024; // 10 MB
+export class BrowserProxyService {
+    async handle(method, params, socket) {
+        switch (method) {
+            case 'request':
+                return await this.proxyRequest(params, socket.data.deviceId);
+            default:
+                throw createRPCError(ErrorCode.METHOD_NOT_FOUND, `Method not found: browser.proxy.${method}`);
+        }
+    }
+    async proxyRequest(params, uid) {
+        const { requestId, url, method, headers, body } = params;
+        // Validate method
+        const upperMethod = (method || 'GET').toUpperCase();
+        if (!ALLOWED_METHODS.has(upperMethod)) {
+            throw createRPCError(ErrorCode.INVALID_PARAMS, `Disallowed HTTP method: ${method}`);
+        }
+        // Validate URL — must be localhost only
+        let parsed;
+        try {
+            parsed = new URL(url);
+        }
+        catch {
+            throw createRPCError(ErrorCode.INVALID_PARAMS, `Invalid URL: ${url}`);
+        }
+        if (!ALLOWED_HOSTS.has(parsed.hostname)) {
+            throw createRPCError(ErrorCode.PERMISSION_DENIED, `Only localhost requests are allowed`);
+        }
+        const port = parseInt(parsed.port || '80', 10);
+        if (isNaN(port) || port < 1 || port > 65535) {
+            throw createRPCError(ErrorCode.INVALID_PARAMS, `Invalid port: ${parsed.port}`);
+        }
+        // Convert body array back to Buffer
+        const bodyBuffer = body && body.length > 0 ? Buffer.from(body) : undefined;
+        // Strip hop-by-hop headers that should not be forwarded
+        const forwardHeaders = {};
+        const hopByHop = new Set([
+            'connection', 'keep-alive', 'transfer-encoding', 'te',
+            'trailer', 'upgrade', 'proxy-authorization', 'proxy-authenticate'
+        ]);
+        for (const [key, value] of Object.entries(headers || {})) {
+            if (!hopByHop.has(key.toLowerCase())) {
+                forwardHeaders[key] = value;
+            }
+        }
+        if (bodyBuffer) {
+            forwardHeaders['content-length'] = String(bodyBuffer.length);
+        }
+        try {
+            const response = await this.fetch(parsed, upperMethod, forwardHeaders, bodyBuffer);
+            logBrowserProxy(params, uid, true, undefined, {
+                status: response.status,
+                size: Buffer.byteLength(response.body, 'base64') * 3 / 4 | 0,
+            });
+            return { requestId, ...response };
+        }
+        catch (error) {
+            logBrowserProxy(params, uid, false, error);
+            throw error;
+        }
+    }
+    fetch(url, method, headers, body) {
+        return new Promise((resolve, reject) => {
+            const isHttps = url.protocol === 'https:';
+            const lib = isHttps ? https : http;
+            const options = {
+                hostname: url.hostname,
+                port: url.port || (isHttps ? 443 : 80),
+                path: url.pathname + url.search,
+                method,
+                headers,
+                timeout: REQUEST_TIMEOUT_MS,
+            };
+            const req = lib.request(options, (res) => {
+                const chunks = [];
+                let totalLength = 0;
+                res.on('data', (chunk) => {
+                    totalLength += chunk.length;
+                    if (totalLength > MAX_RESPONSE_BODY_BYTES) {
+                        req.destroy();
+                        reject(createRPCError(ErrorCode.INTERNAL_ERROR, 'Response body too large'));
+                        return;
+                    }
+                    chunks.push(chunk);
+                });
+                res.on('end', () => {
+                    const bodyBuffer = Buffer.concat(chunks);
+                    // Collect response headers (flatten multi-value headers)
+                    const responseHeaders = {};
+                    for (const [key, value] of Object.entries(res.headers)) {
+                        if (value !== undefined) {
+                            responseHeaders[key] = Array.isArray(value) ? value.join(', ') : value;
+                        }
+                    }
+                    resolve({
+                        status: res.statusCode || 200,
+                        statusText: res.statusMessage || '',
+                        headers: responseHeaders,
+                        body: bodyBuffer.toString('base64'),
+                        bodyEncoding: 'base64',
+                    });
+                });
+                res.on('error', (err) => {
+                    reject(createRPCError(ErrorCode.INTERNAL_ERROR, `Response error: ${err.message}`));
+                });
+            });
+            req.on('timeout', () => {
+                req.destroy();
+                reject(createRPCError(ErrorCode.OPERATION_TIMEOUT, 'Request to localhost timed out'));
+            });
+            req.on('error', (err) => {
+                if (err.code === 'ECONNREFUSED') {
+                    reject(createRPCError(ErrorCode.INTERNAL_ERROR, `Connection refused on port ${err.port || ''} — is the dev server running?`));
+                }
+                else {
+                    reject(createRPCError(ErrorCode.INTERNAL_ERROR, `Request failed: ${err.message}`));
+                }
+            });
+            if (body) {
+                req.write(body);
+            }
+            req.end();
+        });
+    }
+}
+//# sourceMappingURL=BrowserProxyService.js.map

package/dist/services/FilesystemService.d.ts

@@ -0,0 +1,99 @@
+/**
+ * Filesystem service - handles file operations with fossil-delta compression
+ */
+import { AuthenticatedSocket } from '../types.js';
+export declare class FilesystemService {
+    private rootPath;
+    private config;
+    private resolvedRootPath;
+    private realRootPath;
+    constructor(rootPath: string, config: any);
+    /**
+     * Get the real root path (following symlinks), cached after first call
+     */
+    private getRealRootPath;
+    /**
+     * Handle filesystem RPC methods
+     */
+    handle(method: string, params: any, socket: AuthenticatedSocket): Promise<any>;
+    /**
+     * Validate and sandbox path with symlink resolution
+     * Prevents directory traversal and symlink escape attacks
+     */
+    private validatePath;
+    /**
+     * Check if file/directory exists
+     */
+    private exists;
+    /**
+     * Check existence of multiple paths in parallel
+     */
+    private bulkExists;
+    /**
+     * Read file contents
+     */
+    private readFile;
+    /**
+     * Write file contents
+     */
+    private write;
+    /**
+     * Apply fossil-delta patch to file
+     */
+    private patchFile;
+    /**
+     * Get file hash
+     */
+    private getFileHash;
+    /**
+     * Get file hash value (internal)
+     */
+    private getFileHashValue;
+    /**
+     * Remove file or directory
+     * Returns success even if file doesn't exist (idempotent operation)
+     */
+    private remove;
+    /**
+     * Create directory
+     */
+    private mkdir;
+    /**
+     * Read directory contents
+     */
+    private readdir;
+    /**
+     * Read directory recursively using breadth-first (level-order) traversal
+     * Performance optimizations:
+     * - matchPattern: Regex to filter paths (applied to full relative path)
+     * - limit: Maximum number of results (files + folders combined)
+     *
+     * Breadth-first ensures top-level items are returned first, which is important
+     * when using the limit parameter to get a representative sample of the directory.
+     */
+    private readdirDeep;
+    /**
+     * Get file metadata
+     */
+    private lstat;
+    /**
+     * Move/rename file or directory
+     * Returns the type of the moved item ('file' or 'folder')
+     */
+    private mv;
+    /**
+     * Copy file or directory
+     * Returns the type of the copied item ('file' or 'folder')
+     */
+    private copy;
+    /**
+     * Copy directory recursively (helper method)
+     */
+    private copyDirectory;
+    /**
+     * Remove directory
+     * Returns success even if directory doesn't exist (idempotent operation)
+     */
+    private rmdir;
+}
+//# sourceMappingURL=FilesystemService.d.ts.map