specli 0.0.18 → 0.0.19

package/dist/cli/compile.js

@@ -1,11 +1,11 @@
+import fs from "node:fs";
+import os from "node:os";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
 import { deriveBinaryName } from "./derive-name.js";
-// Resolve the path to compiled.ts relative to this file's location
-// At runtime this file is at dist/cli/compile.js, so we go up two levels to package root
-// then into src/compiled.ts (which must be included in the published package)
+// Resolve the package root directory (at runtime this file is at dist/cli/compile.js)
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
-const compiledEntrypoint = path.resolve(__dirname, "../../src/compiled.ts");
+const packageRoot = path.resolve(__dirname, "../..");
 function parseKeyValue(input) {
     const idx = input.indexOf("=");
     if (idx === -1)
@@ -16,6 +16,72 @@ function parseKeyValue(input) {
         throw new Error(`Invalid --define '${input}', missing key`);
     return { key, value };
 }
+/**
+ * Loads the OpenAPI spec from a URL or file path.
+ */
+async function loadSpec(spec) {
+    if (!spec)
+        throw new Error("Missing spec path/URL");
+    if (/^https?:\/\//i.test(spec)) {
+        const res = await fetch(spec);
+        if (!res.ok) {
+            throw new Error(`Failed to fetch spec: ${res.status} ${res.statusText}`);
+        }
+        return await res.text();
+    }
+    return await fs.promises.readFile(spec, "utf-8");
+}
+/**
+ * Reads the package version from package.json.
+ */
+function getPackageVersion() {
+    const packageJsonPath = path.join(packageRoot, "package.json");
+    const content = fs.readFileSync(packageJsonPath, "utf-8");
+    const packageJson = JSON.parse(content);
+    return packageJson.version;
+}
+/**
+ * Generates a temporary entrypoint file with all values hardcoded.
+ * This avoids the Bun macro security restriction in node_modules.
+ */
+function generateEntrypoint(options) {
+    const mainImportPath = path.join(packageRoot, "dist/cli/main.js");
+    // Escape the spec text for embedding as a string literal
+    const escapedSpec = JSON.stringify(options.specText);
+    const escapedName = options.cliName
+        ? JSON.stringify(options.cliName)
+        : "undefined";
+    const escapedServer = options.server
+        ? JSON.stringify(options.server)
+        : "undefined";
+    const escapedServerVars = options.serverVars
+        ? JSON.stringify(options.serverVars)
+        : "undefined";
+    const escapedAuth = options.auth ? JSON.stringify(options.auth) : "undefined";
+    const escapedVersion = JSON.stringify(options.version);
+    return `#!/usr/bin/env bun
+// Auto-generated entrypoint for specli compile
+// This file embeds all configuration at build time
+
+import { main } from ${JSON.stringify(mainImportPath)};
+
+const embeddedSpecText = ${escapedSpec};
+const cliName = ${escapedName};
+const server = ${escapedServer};
+const serverVars = ${escapedServerVars};
+const auth = ${escapedAuth};
+const embeddedVersion = ${escapedVersion};
+
+await main(process.argv, {
+	embeddedSpecText,
+	cliName,
+	server,
+	serverVars: serverVars ? serverVars.split(",") : undefined,
+	auth,
+	version: embeddedVersion,
+});
+`;
+}
 export async function compileCommand(spec, options) {
     // Derive name from spec if not provided
     const name = options.name ?? (await deriveBinaryName(spec));
@@ -23,64 +89,74 @@ export async function compileCommand(spec, options) {
     const target = options.target
         ? options.target
         : `bun-${process.platform}-${process.arch}`;
-    // Parse --define pairs
-    const define = {};
-    if (options.define) {
-        for (const pair of options.define) {
-            const { key, value } = parseKeyValue(pair);
-            define[key] = JSON.stringify(value);
+    // Load the spec content
+    process.stdout.write(`Loading spec: ${spec}\n`);
+    const specText = await loadSpec(spec);
+    // Get package version
+    const version = getPackageVersion();
+    // Generate temporary entrypoint file
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "specli-"));
+    const tempEntrypoint = path.join(tempDir, "entrypoint.ts");
+    const entrypointCode = generateEntrypoint({
+        specText,
+        cliName: name,
+        server: options.server,
+        serverVars: options.serverVar?.join(","),
+        auth: options.auth,
+        version,
+    });
+    fs.writeFileSync(tempEntrypoint, entrypointCode);
+    try {
+        // Parse --define pairs
+        const define = {};
+        if (options.define) {
+            for (const pair of options.define) {
+                const { key, value } = parseKeyValue(pair);
+                define[key] = JSON.stringify(value);
+            }
         }
+        // Build command args
+        const buildArgs = [
+            "build",
+            "--compile",
+            `--outfile=${outfile}`,
+            `--target=${target}`,
+        ];
+        if (options.minify)
+            buildArgs.push("--minify");
+        if (options.bytecode)
+            buildArgs.push("--bytecode");
+        for (const [k, v] of Object.entries(define)) {
+            buildArgs.push("--define", `${k}=${v}`);
+        }
+        if (options.dotenv === false)
+            buildArgs.push("--no-compile-autoload-dotenv");
+        if (options.bunfig === false)
+            buildArgs.push("--no-compile-autoload-bunfig");
+        buildArgs.push(tempEntrypoint);
+        const proc = Bun.spawn({
+            cmd: ["bun", ...buildArgs],
+            stdout: "pipe",
+            stderr: "pipe",
+            env: process.env,
+        });
+        const output = await new Response(proc.stdout).text();
+        const error = await new Response(proc.stderr).text();
+        const code = await proc.exited;
+        if (output)
+            process.stdout.write(output);
+        if (error)
+            process.stderr.write(error);
+        if (code !== 0) {
+            process.exitCode = code;
+            return;
+        }
+        process.stdout.write(`ok: built ${outfile}\n`);
+        process.stdout.write(`target: ${target}\n`);
+        process.stdout.write(`name: ${name}\n`);
     }
-    // Build command args
-    const buildArgs = [
-        "build",
-        "--compile",
-        `--outfile=${outfile}`,
-        `--target=${target}`,
-    ];
-    if (options.minify)
-        buildArgs.push("--minify");
-    if (options.bytecode)
-        buildArgs.push("--bytecode");
-    for (const [k, v] of Object.entries(define)) {
-        buildArgs.push("--define", `${k}=${v}`);
-    }
-    if (options.dotenv === false)
-        buildArgs.push("--no-compile-autoload-dotenv");
-    if (options.bunfig === false)
-        buildArgs.push("--no-compile-autoload-bunfig");
-    buildArgs.push(compiledEntrypoint);
-    // Only set env vars that have actual values - avoid empty strings
-    // because the macros will embed them and they will override defaults.
-    const buildEnv = {
-        ...process.env,
-        SPECLI_SPEC: spec,
-        SPECLI_NAME: name,
-    };
-    if (options.server)
-        buildEnv.SPECLI_SERVER = options.server;
-    if (options.serverVar?.length)
-        buildEnv.SPECLI_SERVER_VARS = options.serverVar.join(",");
-    if (options.auth)
-        buildEnv.SPECLI_AUTH = options.auth;
-    const proc = Bun.spawn({
-        cmd: ["bun", ...buildArgs],
-        stdout: "pipe",
-        stderr: "pipe",
-        env: buildEnv,
-    });
-    const output = await new Response(proc.stdout).text();
-    const error = await new Response(proc.stderr).text();
-    const code = await proc.exited;
-    if (output)
-        process.stdout.write(output);
-    if (error)
-        process.stderr.write(error);
-    if (code !== 0) {
-        process.exitCode = code;
-        return;
+    finally {
+        // Clean up temporary files
+        fs.rmSync(tempDir, { recursive: true, force: true });
     }
-    process.stdout.write(`ok: built ${outfile}\n`);
-    process.stdout.write(`target: ${target}\n`);
-    process.stdout.write(`name: ${name}\n`);
 }

package/dist/cli.d.ts

@@ -1,2 +1 @@
-#!/usr/bin/env node
 export {};

package/dist/cli.js

@@ -1,4 +1,3 @@
-#!/usr/bin/env node
 import { readFileSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "specli",
-	"version": "0.0.18",
+	"version": "0.0.19",
 	"type": "module",
 	"module": "./dist/index.js",
 	"types": "./dist/index.d.ts",
@@ -16,7 +16,6 @@
 	"files": [
 		"bin",
 		"dist",
-		"src",
 		"README.md",
 		"package.json"
 	],

package/src/ai/tools.test.ts

@@ -1,83 +0,0 @@
-import { describe, expect, test } from "bun:test";
-import { clearSpecliCache, specli } from "./tools.js";
-
-const mockOptions = {
-	toolCallId: "test-call-id",
-	abortSignal: new AbortController().signal,
-	messages: [],
-};
-
-describe("specli tool", () => {
-	test("creates a tool with correct structure", () => {
-		const tool = specli({
-			spec: "https://petstore3.swagger.io/api/v3/openapi.json",
-		});
-
-		expect(tool).toHaveProperty("description");
-		expect(tool).toHaveProperty("inputSchema");
-		expect(tool).toHaveProperty("execute");
-		expect(typeof tool.execute).toBe("function");
-	});
-
-	test("list command returns resources", async () => {
-		const tool = specli({
-			spec: "https://petstore3.swagger.io/api/v3/openapi.json",
-		});
-
-		const result = (await tool.execute?.({ command: "list" }, mockOptions)) as {
-			resources: unknown[];
-		};
-
-		expect(result).toHaveProperty("resources");
-		expect(Array.isArray(result.resources)).toBe(true);
-	});
-
-	test("help command returns action details", async () => {
-		const tool = specli({
-			spec: "https://petstore3.swagger.io/api/v3/openapi.json",
-		});
-
-		const result = (await tool.execute?.(
-			{ command: "help", resource: "pets", action: "get" },
-			mockOptions,
-		)) as { action: string };
-
-		expect(result).toHaveProperty("action");
-		expect(result.action).toBe("get");
-	});
-
-	test("help command with missing resource returns error", async () => {
-		const tool = specli({
-			spec: "https://petstore3.swagger.io/api/v3/openapi.json",
-		});
-
-		const result = (await tool.execute?.({ command: "help" }, mockOptions)) as {
-			error: string;
-		};
-
-		expect(result).toHaveProperty("error");
-	});
-
-	test("exec command with missing args returns error", async () => {
-		const tool = specli({
-			spec: "https://petstore3.swagger.io/api/v3/openapi.json",
-		});
-
-		const result = (await tool.execute?.(
-			{ command: "exec", resource: "pets", action: "get" },
-			mockOptions,
-		)) as { error: string };
-
-		expect(result).toHaveProperty("error");
-		expect(result.error).toContain("Missing args");
-	});
-
-	test("clearCache works", async () => {
-		const spec = "https://petstore3.swagger.io/api/v3/openapi.json";
-		const tool = specli({ spec });
-
-		await tool.execute?.({ command: "list" }, mockOptions);
-		clearSpecliCache(spec);
-		clearSpecliCache();
-	});
-});

package/src/ai/tools.ts

@@ -1,211 +0,0 @@
-/**
- * AI SDK tools for specli
- *
- * Provides tools for AI agents to explore and execute OpenAPI specs.
- *
- * @example
- * ```ts
- * import { specli } from "specli/ai";
- * import { generateText } from "ai";
- *
- * const result = await generateText({
- *   model: yourModel,
- *   tools: {
- *     api: specli({ spec: "https://api.example.com/openapi.json" }),
- *   },
- *   prompt: "List all users",
- * });
- * ```
- */
-
-import { tool } from "ai";
-import { z } from "zod";
-
-import type { CommandAction } from "../cli/command-model.js";
-import { buildRuntimeContext } from "../cli/runtime/context.js";
-import { execute } from "../cli/runtime/execute.js";
-import type { RuntimeGlobals } from "../cli/runtime/request.js";
-
-export type SpecliToolOptions = {
-	/** The OpenAPI spec URL or file path */
-	spec: string;
-	/** Override the server/base URL */
-	server?: string;
-	/** Server URL template variables */
-	serverVars?: Record<string, string>;
-	/** Bearer token for authentication */
-	bearerToken?: string;
-	/** API key for authentication */
-	apiKey?: string;
-	/** Basic auth credentials */
-	basicAuth?: { username: string; password: string };
-	/** Auth scheme to use (if multiple are available) */
-	authScheme?: string;
-};
-
-// Cache contexts to avoid reloading spec on every call
-const contextCache = new Map<
-	string,
-	Awaited<ReturnType<typeof buildRuntimeContext>>
->();
-
-async function getContext(spec: string) {
-	let ctx = contextCache.get(spec);
-	if (!ctx) {
-		ctx = await buildRuntimeContext({ spec });
-		contextCache.set(spec, ctx);
-	}
-	return ctx;
-}
-
-function findAction(
-	ctx: Awaited<ReturnType<typeof buildRuntimeContext>>,
-	resource: string,
-	action: string,
-): CommandAction | undefined {
-	const r = ctx.commands.resources.find(
-		(r) => r.resource.toLowerCase() === resource.toLowerCase(),
-	);
-	return r?.actions.find(
-		(a) => a.action.toLowerCase() === action.toLowerCase(),
-	);
-}
-
-/**
- * Create an AI SDK tool for interacting with an OpenAPI spec.
- */
-export function specli(options: SpecliToolOptions) {
-	const {
-		spec,
-		server,
-		serverVars,
-		bearerToken,
-		apiKey,
-		basicAuth,
-		authScheme,
-	} = options;
-
-	return tool({
-		description: `Execute API operations. Commands: "list" (show resources/actions), "help" (action details), "exec" (call API).`,
-		inputSchema: z.object({
-			command: z.enum(["list", "help", "exec"]).describe("Command to run"),
-			resource: z.string().optional().describe("Resource name (e.g. users)"),
-			action: z
-				.string()
-				.optional()
-				.describe("Action name (e.g. list, get, create)"),
-			args: z.array(z.string()).optional().describe("Positional arguments"),
-			flags: z
-				.record(z.string(), z.unknown())
-				.optional()
-				.describe("Named flags"),
-		}),
-		execute: async ({ command, resource, action, args, flags }) => {
-			const ctx = await getContext(spec);
-
-			if (command === "list") {
-				return {
-					resources: ctx.commands.resources.map((r) => ({
-						name: r.resource,
-						actions: r.actions.map((a) => ({
-							name: a.action,
-							summary: a.summary,
-							method: a.method,
-							path: a.path,
-							args: a.positionals.map((p) => p.name),
-							requiredFlags: a.flags
-								.filter((f) => f.required)
-								.map((f) => f.flag),
-						})),
-					})),
-				};
-			}
-
-			if (command === "help") {
-				if (!resource) return { error: "Missing resource" };
-				const r = ctx.commands.resources.find(
-					(r) => r.resource.toLowerCase() === resource.toLowerCase(),
-				);
-				if (!r) return { error: `Unknown resource: ${resource}` };
-				if (!action) {
-					return {
-						resource: r.resource,
-						actions: r.actions.map((a) => a.action),
-					};
-				}
-				const a = r.actions.find(
-					(a) => a.action.toLowerCase() === action.toLowerCase(),
-				);
-				if (!a) return { error: `Unknown action: ${action}` };
-				return {
-					action: a.action,
-					method: a.method,
-					path: a.path,
-					summary: a.summary,
-					args: a.positionals.map((p) => ({
-						name: p.name,
-						description: p.description,
-					})),
-					flags: a.flags.map((f) => ({
-						name: f.flag,
-						type: f.type,
-						required: f.required,
-						description: f.description,
-					})),
-				};
-			}
-
-			if (command === "exec") {
-				if (!resource || !action)
-					return { error: "Missing resource or action" };
-				const actionDef = findAction(ctx, resource, action);
-				if (!actionDef) return { error: `Unknown: ${resource} ${action}` };
-
-				const positionalValues = args ?? [];
-				if (positionalValues.length < actionDef.positionals.length) {
-					return {
-						error: `Missing args: ${actionDef.positionals
-							.slice(positionalValues.length)
-							.map((p) => p.name)
-							.join(", ")}`,
-					};
-				}
-
-				const globals: RuntimeGlobals = {
-					server,
-					serverVar: serverVars
-						? Object.entries(serverVars).map(([k, v]) => `${k}=${v}`)
-						: undefined,
-					auth: authScheme,
-					bearerToken,
-					apiKey,
-					username: basicAuth?.username,
-					password: basicAuth?.password,
-				};
-
-				try {
-					const result = await execute({
-						specId: ctx.loaded.id,
-						action: actionDef,
-						positionalValues,
-						flagValues: flags ?? {},
-						globals,
-						servers: ctx.servers,
-						authSchemes: ctx.authSchemes,
-					});
-					return { status: result.status, ok: result.ok, body: result.body };
-				} catch (err) {
-					return { error: err instanceof Error ? err.message : String(err) };
-				}
-			}
-
-			return { error: `Unknown command: ${command}` };
-		},
-	});
-}
-
-/** Clear cached spec context */
-export function clearSpecliCache(spec?: string): void {
-	if (spec) contextCache.delete(spec);
-	else contextCache.clear();
-}

package/src/cli/auth-requirements.test.ts

@@ -1,27 +0,0 @@
-import { describe, expect, test } from "bun:test";
-
-import { summarizeAuth } from "./auth-requirements.js";
-import type { AuthScheme } from "./auth-schemes.js";
-
-describe("summarizeAuth", () => {
-	test("uses operation-level security when present", () => {
-		const schemes: AuthScheme[] = [{ key: "oauth", kind: "oauth2" }];
-
-		const summary = summarizeAuth(
-			[{ oauth: ["read:ping"] }],
-			[{ oauth: ["read:other"] }],
-			schemes,
-		);
-
-		expect(summary.alternatives).toEqual([
-			[{ key: "oauth", scopes: ["read:ping"] }],
-		]);
-	});
-
-	test("empty operation security disables auth", () => {
-		const schemes: AuthScheme[] = [{ key: "oauth", kind: "oauth2" }];
-
-		const summary = summarizeAuth([], [{ oauth: ["read:other"] }], schemes);
-		expect(summary.alternatives).toEqual([]);
-	});
-});

package/src/cli/auth-requirements.ts

@@ -1,91 +0,0 @@
-import type { AuthScheme } from "./auth-schemes.js";
-import type { SecurityRequirement } from "./types.js";
-
-export type AuthRequirement = {
-	key: string;
-	scopes: string[];
-};
-
-export type AuthSummary = {
-	// Alternatives: any one of these sets is sufficient.
-	alternatives: AuthRequirement[][];
-};
-
-function isSecurityRequirement(value: unknown): value is SecurityRequirement {
-	if (!value || typeof value !== "object") return false;
-	if (Array.isArray(value)) return false;
-
-	for (const [k, v] of Object.entries(value)) {
-		if (typeof k !== "string") return false;
-		if (!Array.isArray(v)) return false;
-		if (!v.every((s) => typeof s === "string")) return false;
-	}
-
-	return true;
-}
-
-function normalizeSecurity(value: unknown): {
-	requirements: SecurityRequirement[];
-	source: "none" | "empty" | "non-empty";
-} {
-	if (value == null) return { requirements: [], source: "none" };
-	if (!Array.isArray(value)) return { requirements: [], source: "none" };
-
-	const reqs = value.filter(isSecurityRequirement);
-	if (reqs.length === 0) return { requirements: [], source: "empty" };
-	return { requirements: reqs, source: "non-empty" };
-}
-
-export function summarizeAuth(
-	operationSecurity: unknown,
-	globalSecurity: unknown,
-	knownSchemes: AuthScheme[],
-): AuthSummary {
-	// Per spec:
-	// - operation security overrides root
-	// - empty array [] means "no auth"
-	const op = normalizeSecurity(operationSecurity);
-	if (op.source === "non-empty") {
-		return { alternatives: toAlternatives(op.requirements, knownSchemes) };
-	}
-	if (op.source === "empty") {
-		return { alternatives: [] };
-	}
-
-	const global = normalizeSecurity(globalSecurity);
-	if (global.source === "non-empty") {
-		return { alternatives: toAlternatives(global.requirements, knownSchemes) };
-	}
-
-	return { alternatives: [] };
-}
-
-function toAlternatives(
-	requirements: SecurityRequirement[],
-	knownSchemes: AuthScheme[],
-): AuthRequirement[][] {
-	const known = new Set(knownSchemes.map((s) => s.key));
-
-	return requirements.map((req) => {
-		const out: AuthRequirement[] = [];
-		for (const [key, scopes] of Object.entries(req)) {
-			out.push({
-				key,
-				scopes: Array.isArray(scopes) ? scopes : [],
-			});
-		}
-
-		// Stable order.
-		out.sort((a, b) => a.key.localeCompare(b.key));
-
-		// Prefer known schemes first.
-		out.sort((a, b) => {
-			const ak = known.has(a.key) ? 0 : 1;
-			const bk = known.has(b.key) ? 0 : 1;
-			if (ak !== bk) return ak - bk;
-			return a.key.localeCompare(b.key);
-		});
-
-		return out;
-	});
-}