ssh-mcp-pro 1.0.0

package/dist/connector-credentials.js

@@ -0,0 +1,132 @@
+import { spawn } from "node:child_process";
+import { z } from "zod";
+import { resolveSSHHost } from "./ssh-config.js";
+const CommandCredentialResponseSchema = z
+    .object({
+    host: z.string().min(1).optional(),
+    username: z.string().min(1).optional(),
+    port: z.number().int().min(1).max(65535).optional(),
+    auth: z.enum(["agent", "key"]).optional().default("agent"),
+    privateKeyPath: z.string().min(1).optional(),
+    knownHostsPath: z.string().min(1).optional(),
+    expectedHostKeySha256: z.string().min(1).optional(),
+    hostKeyPolicy: z.enum(["strict", "accept-new"]).optional().default("strict"),
+    readyTimeoutMs: z.number().int().min(1000).max(60000).optional(),
+    ttlMs: z.number().int().min(10000).max(900000).optional(),
+})
+    .strict();
+export async function resolveConnectorCredentials(request, config) {
+    switch (config.connector.credentialProvider) {
+        case "agent":
+            return resolveAgentCredentials(request, config);
+        case "command":
+            return resolveCommandCredentials(request, config);
+        case "none":
+        default:
+            throw new Error("Remote connector credential provider is not configured. Set SSH_MCP_CONNECTOR_CREDENTIAL_PROVIDER=agent or command.");
+    }
+}
+async function resolveAgentCredentials(request, config) {
+    const resolved = await resolveSSHHost(request.hostAlias);
+    const username = resolved.username ?? config.connector.defaultUsername;
+    if (!username) {
+        throw new Error("Remote connector agent provider requires User in SSH config or SSH_MCP_CONNECTOR_DEFAULT_USERNAME.");
+    }
+    return {
+        host: resolved.host,
+        policyHost: request.hostAlias,
+        username,
+        ...(resolved.port !== undefined ? { port: resolved.port } : {}),
+        auth: "agent",
+        useAgent: true,
+        hostKeyPolicy: "strict",
+        policyMode: "enforce",
+    };
+}
+async function resolveCommandCredentials(request, config) {
+    if (!config.connector.credentialCommand) {
+        throw new Error("Remote connector command provider requires SSH_MCP_CONNECTOR_CREDENTIAL_COMMAND.");
+    }
+    const resolved = await resolveSSHHost(request.hostAlias);
+    const commandResult = await runCredentialCommand(request, config.connector);
+    const username = commandResult.username ?? resolved.username ?? config.connector.defaultUsername;
+    if (!username) {
+        throw new Error("Credential command did not return a username and no default is configured.");
+    }
+    if (commandResult.auth === "key" && !commandResult.privateKeyPath) {
+        throw new Error("Credential command auth=key requires privateKeyPath.");
+    }
+    return {
+        host: commandResult.host ?? resolved.host,
+        policyHost: request.hostAlias,
+        username,
+        ...((commandResult.port ?? resolved.port) ? { port: commandResult.port ?? resolved.port } : {}),
+        auth: commandResult.auth,
+        useAgent: commandResult.auth === "agent",
+        hostKeyPolicy: commandResult.hostKeyPolicy,
+        policyMode: "enforce",
+        readyTimeoutMs: commandResult.readyTimeoutMs ?? 20000,
+        ttlMs: commandResult.ttlMs ?? 120000,
+        ...(commandResult.privateKeyPath ? { privateKeyPath: commandResult.privateKeyPath } : {}),
+        ...(commandResult.knownHostsPath ? { knownHostsPath: commandResult.knownHostsPath } : {}),
+        ...(commandResult.expectedHostKeySha256
+            ? { expectedHostKeySha256: commandResult.expectedHostKeySha256 }
+            : {}),
+    };
+}
+async function runCredentialCommand(request, config) {
+    const command = config.credentialCommand;
+    if (!command) {
+        throw new Error("Credential command is not configured.");
+    }
+    const input = JSON.stringify(request);
+    const timeoutMs = config.credentialCommandTimeoutMs;
+    return new Promise((resolve, reject) => {
+        const child = spawn(command, config.credentialCommandArgs, {
+            stdio: ["pipe", "pipe", "pipe"],
+            windowsHide: true,
+            env: {
+                ...process.env,
+                SSH_MCP_CONNECTOR_HOST_ALIAS: request.hostAlias,
+                SSH_MCP_CONNECTOR_PURPOSE: request.purpose,
+            },
+        });
+        const timeout = setTimeout(() => {
+            child.kill();
+            reject(new Error("Credential command timed out."));
+        }, timeoutMs);
+        let stdout = "";
+        let stdoutBytes = 0;
+        child.stdout.setEncoding("utf8");
+        child.stdout.on("data", (chunk) => {
+            stdoutBytes += Buffer.byteLength(chunk);
+            if (stdoutBytes > 32 * 1024) {
+                child.kill();
+                reject(new Error("Credential command output exceeded 32 KiB."));
+                return;
+            }
+            stdout += chunk;
+        });
+        child.stderr.resume();
+        child.on("error", (error) => {
+            clearTimeout(timeout);
+            reject(error);
+        });
+        child.on("close", (code) => {
+            clearTimeout(timeout);
+            if (code !== 0) {
+                reject(new Error("Credential command failed."));
+                return;
+            }
+            try {
+                const parsed = JSON.parse(stdout);
+                resolve(CommandCredentialResponseSchema.parse(parsed));
+            }
+            catch (error) {
+                reject(error);
+            }
+        });
+        child.stdin.end(input);
+    });
+}
+//# sourceMappingURL=connector-credentials.js.map

package/dist/connector-credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connector-credentials.js","sourceRoot":"","sources":["../src/connector-credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAGjD,MAAM,+BAA+B,GAAG,CAAC;KACtC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAClC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACtC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE;IACnD,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;IAC1D,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC5C,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC5C,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACnD,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC5E,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE;IAChE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;CAC1D,CAAC;KACD,MAAM,EAAE,CAAC;AAOZ,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,OAAmC,EACnC,MAAoB;IAEpB,QAAQ,MAAM,CAAC,SAAS,CAAC,kBAAkB,EAAE,CAAC;QAC5C,KAAK,OAAO;YACV,OAAO,uBAAuB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAClD,KAAK,SAAS;YACZ,OAAO,yBAAyB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACpD,KAAK,MAAM,CAAC;QACZ;YACE,MAAM,IAAI,KAAK,CACb,qHAAqH,CACtH,CAAC;IACN,CAAC;AACH,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,OAAmC,EACnC,MAAoB;IAEpB,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,eAAe,CAAC;IACvE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CACb,oGAAoG,CACrG,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,UAAU,EAAE,OAAO,CAAC,SAAS;QAC7B,QAAQ;QACR,GAAG,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,IAAI;QACd,aAAa,EAAE,QAAQ;QACvB,UAAU,EAAE,SAAS;KACtB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,yBAAyB,CACtC,OAAmC,EACnC,MAAoB;IAEpB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACzD,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5E,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,IAAI,QAAQ,CAAC,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,eAAe,CAAC;IACjG,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,4EAA4E,CAAC,CAAC;IAChG,CAAC;IAED,IAAI,aAAa,CAAC,IAAI,KAAK,KAAK,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IAED,OAAO;QACL,IAAI,EAAE,aAAa,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI;QACzC,UAAU,EAAE,OAAO,CAAC,SAAS;QAC7B,QAAQ;QACR,GAAG,CAAC,CAAC,aAAa,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,aAAa,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/F,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,QAAQ,EAAE,aAAa,CAAC,IAAI,KAAK,OAAO;QACxC,aAAa,EAAE,aAAa,CAAC,aAAa;QAC1C,UAAU,EAAE,SAAS;QACrB,cAAc,EAAE,aAAa,CAAC,cAAc,IAAI,KAAK;QACrD,KAAK,EAAE,aAAa,CAAC,KAAK,IAAI,MAAM;QACpC,GAAG,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,aAAa,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzF,GAAG,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,aAAa,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzF,GAAG,CAAC,aAAa,CAAC,qBAAqB;YACrC,CAAC,CAAC,EAAE,qBAAqB,EAAE,aAAa,CAAC,qBAAqB,EAAE;YAChE,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,OAAmC,EACnC,MAAiC;IAEjC,MAAM,OAAO,GAAG,MAAM,CAAC,iBAAiB,CAAC;IACzC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,MAAM,CAAC,0BAA0B,CAAC;IAEpD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,qBAAqB,EAAE;YACzD,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,WAAW,EAAE,IAAI;YACjB,GAAG,EAAE;gBACH,GAAG,OAAO,CAAC,GAAG;gBACd,4BAA4B,EAAE,OAAO,CAAC,SAAS;gBAC/C,yBAAyB,EAAE,OAAO,CAAC,OAAO;aAC3C;SACF,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;YAC9B,KAAK,CAAC,IAAI,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC;QACrD,CAAC,EAAE,SAAS,CAAC,CAAC;QAEd,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACjC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACxC,WAAW,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YACxC,IAAI,WAAW,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;gBAC5B,KAAK,CAAC,IAAI,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC,CAAC;gBAChE,OAAO;YACT,CAAC;YACD,MAAM,IAAI,KAAK,CAAC;QAClB,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAEtB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YAC1B,YAAY,CAAC,OAAO,CAAC,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACzB,YAAY,CAAC,OAAO,CAAC,CAAC;YACtB,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACf,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;gBAChD,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAAC;gBAC7C,OAAO,CAAC,+BAA+B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YACzD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/connector-profile.d.ts

@@ -0,0 +1,17 @@
+import type { MCPPromptDefinition } from "./prompts.js";
+import type { MCPResource } from "./resources.js";
+import type { Tool } from "@modelcontextprotocol/sdk/types.js";
+export declare const TOOL_PROFILES: readonly ["full", "remote-safe", "chatgpt", "claude", "remote-readonly", "remote-broker"];
+export type ToolProfile = (typeof TOOL_PROFILES)[number];
+export declare const CHATGPT_EXTRA_TOOLS: Set<string>;
+export declare const CLAUDE_EXTRA_TOOLS: Set<string>;
+export declare const PROFILE_TOOL_SETS: Record<ToolProfile, Set<string>>;
+export declare function parseToolProfile(value: string | undefined, fallback: ToolProfile): ToolProfile;
+export declare function isRemoteSafeToolProfile(profile: ToolProfile): boolean;
+export declare function isToolAllowedForProfile(toolName: string, profile: ToolProfile): boolean;
+export declare function filterToolsForProfile(tools: Tool[], profile: ToolProfile): Tool[];
+export declare function filterResourcesForProfile(resources: MCPResource[], profile: ToolProfile): MCPResource[];
+export declare function isResourceAllowedForProfile(uri: string, profile: ToolProfile): boolean;
+export declare function filterPromptsForProfile(prompts: MCPPromptDefinition[], profile: ToolProfile): MCPPromptDefinition[];
+export declare function isPromptAllowedForProfile(name: string, profile: ToolProfile): boolean;
+//# sourceMappingURL=connector-profile.d.ts.map

package/dist/connector-profile.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connector-profile.d.ts","sourceRoot":"","sources":["../src/connector-profile.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAE/D,eAAO,MAAM,aAAa,2FAOhB,CAAC;AAEX,MAAM,MAAM,WAAW,GAAG,CAAC,OAAO,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC;AAczD,eAAO,MAAM,mBAAmB,aAAoB,CAAC;AACrD,eAAO,MAAM,kBAAkB,aAAoB,CAAC;AAEpD,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,CAO9D,CAAC;AAoBF,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,QAAQ,EAAE,WAAW,GAAG,WAAW,CAQ9F;AAED,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAErE;AAED,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAEvF;AAED,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,WAAW,GAAG,IAAI,EAAE,CAMjF;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,WAAW,iBAKvF;AAED,wBAAgB,2BAA2B,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAEtF;AAED,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,mBAAmB,EAAE,EAAE,OAAO,EAAE,WAAW,yBAK3F;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAErF"}

package/dist/connector-profile.js

@@ -0,0 +1,81 @@
+export const TOOL_PROFILES = [
+    "full",
+    "remote-safe",
+    "chatgpt",
+    "claude",
+    "remote-readonly",
+    "remote-broker",
+];
+const REMOTE_CONNECTOR_TOOL_NAMES = [
+    "connector_status",
+    "ssh_hosts_list",
+    "ssh_policy_explain",
+    "ssh_host_inspect",
+    "ssh_mutation_plan",
+];
+function createRemoteConnectorToolSet() {
+    return new Set(REMOTE_CONNECTOR_TOOL_NAMES);
+}
+export const CHATGPT_EXTRA_TOOLS = new Set();
+export const CLAUDE_EXTRA_TOOLS = new Set();
+export const PROFILE_TOOL_SETS = {
+    full: new Set(),
+    "remote-safe": createRemoteConnectorToolSet(),
+    chatgpt: createRemoteConnectorToolSet(),
+    claude: createRemoteConnectorToolSet(),
+    "remote-readonly": createRemoteConnectorToolSet(),
+    "remote-broker": createRemoteConnectorToolSet(),
+};
+const REMOTE_CONNECTOR_RESOURCES = new Set(["ssh-mcp-pro://capabilities/support-matrix"]);
+const REMOTE_CONNECTOR_PROMPTS = new Set(["inspect-host-capabilities", "plan-mutation"]);
+function getProfileToolSet(profile) {
+    const profileTools = PROFILE_TOOL_SETS[profile];
+    if (profile === "chatgpt" && CHATGPT_EXTRA_TOOLS.size > 0) {
+        return new Set([...profileTools, ...CHATGPT_EXTRA_TOOLS]);
+    }
+    if (profile === "claude" && CLAUDE_EXTRA_TOOLS.size > 0) {
+        return new Set([...profileTools, ...CLAUDE_EXTRA_TOOLS]);
+    }
+    return profileTools;
+}
+export function parseToolProfile(value, fallback) {
+    if (value === undefined || value === "") {
+        return fallback;
+    }
+    if (TOOL_PROFILES.includes(value)) {
+        return value;
+    }
+    return fallback;
+}
+export function isRemoteSafeToolProfile(profile) {
+    return profile !== "full";
+}
+export function isToolAllowedForProfile(toolName, profile) {
+    return profile === "full" || getProfileToolSet(profile).has(toolName);
+}
+export function filterToolsForProfile(tools, profile) {
+    if (profile === "full") {
+        return tools;
+    }
+    const profileTools = getProfileToolSet(profile);
+    return tools.filter((tool) => profileTools.has(tool.name));
+}
+export function filterResourcesForProfile(resources, profile) {
+    if (profile === "full") {
+        return resources;
+    }
+    return resources.filter((resource) => REMOTE_CONNECTOR_RESOURCES.has(resource.uri));
+}
+export function isResourceAllowedForProfile(uri, profile) {
+    return profile === "full" || REMOTE_CONNECTOR_RESOURCES.has(uri);
+}
+export function filterPromptsForProfile(prompts, profile) {
+    if (profile === "full") {
+        return prompts;
+    }
+    return prompts.filter((prompt) => REMOTE_CONNECTOR_PROMPTS.has(prompt.name));
+}
+export function isPromptAllowedForProfile(name, profile) {
+    return profile === "full" || REMOTE_CONNECTOR_PROMPTS.has(name);
+}
+//# sourceMappingURL=connector-profile.js.map

package/dist/connector-profile.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connector-profile.js","sourceRoot":"","sources":["../src/connector-profile.ts"],"names":[],"mappings":"AAIA,MAAM,CAAC,MAAM,aAAa,GAAG;IAC3B,MAAM;IACN,aAAa;IACb,SAAS;IACT,QAAQ;IACR,iBAAiB;IACjB,eAAe;CACP,CAAC;AAIX,MAAM,2BAA2B,GAAG;IAClC,kBAAkB;IAClB,gBAAgB;IAChB,oBAAoB;IACpB,kBAAkB;IAClB,mBAAmB;CACX,CAAC;AAEX,SAAS,4BAA4B;IACnC,OAAO,IAAI,GAAG,CAAS,2BAA2B,CAAC,CAAC;AACtD,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU,CAAC;AACrD,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;AAEpD,MAAM,CAAC,MAAM,iBAAiB,GAAqC;IACjE,IAAI,EAAE,IAAI,GAAG,EAAU;IACvB,aAAa,EAAE,4BAA4B,EAAE;IAC7C,OAAO,EAAE,4BAA4B,EAAE;IACvC,MAAM,EAAE,4BAA4B,EAAE;IACtC,iBAAiB,EAAE,4BAA4B,EAAE;IACjD,eAAe,EAAE,4BAA4B,EAAE;CAChD,CAAC;AAEF,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAC,CAAC,2CAA2C,CAAC,CAAC,CAAC;AAE1F,MAAM,wBAAwB,GAAG,IAAI,GAAG,CAAC,CAAC,2BAA2B,EAAE,eAAe,CAAC,CAAC,CAAC;AAEzF,SAAS,iBAAiB,CAAC,OAAoB;IAC7C,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEhD,IAAI,OAAO,KAAK,SAAS,IAAI,mBAAmB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC1D,OAAO,IAAI,GAAG,CAAS,CAAC,GAAG,YAAY,EAAE,GAAG,mBAAmB,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,IAAI,OAAO,KAAK,QAAQ,IAAI,kBAAkB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACxD,OAAO,IAAI,GAAG,CAAS,CAAC,GAAG,YAAY,EAAE,GAAG,kBAAkB,CAAC,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,KAAyB,EAAE,QAAqB;IAC/E,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;QACxC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,aAAa,CAAC,QAAQ,CAAC,KAAoB,CAAC,EAAE,CAAC;QACjD,OAAO,KAAoB,CAAC;IAC9B,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,OAAoB;IAC1D,OAAO,OAAO,KAAK,MAAM,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,QAAgB,EAAE,OAAoB;IAC5E,OAAO,OAAO,KAAK,MAAM,IAAI,iBAAiB,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,KAAa,EAAE,OAAoB;IACvE,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAChD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,SAAwB,EAAE,OAAoB;IACtF,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,0BAA0B,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AACtF,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,GAAW,EAAE,OAAoB;IAC3E,OAAO,OAAO,KAAK,MAAM,IAAI,0BAA0B,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,OAA8B,EAAE,OAAoB;IAC1F,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,wBAAwB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAAY,EAAE,OAAoB;IAC1E,OAAO,OAAO,KAAK,MAAM,IAAI,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAClE,CAAC"}

package/dist/container.d.ts

@@ -0,0 +1,18 @@
+import { ConfigManager, type ServerConfig } from "./config.js";
+import { AuditLog } from "./audit.js";
+import { MetricsCollector } from "./metrics.js";
+import { PolicyEngine } from "./policy.js";
+import { RateLimiter } from "./rate-limiter.js";
+import { SessionManager } from "./session.js";
+import { type TunnelService } from "./tunnel.js";
+export interface AppContainer {
+    config: ConfigManager;
+    rateLimiter: RateLimiter;
+    metrics: MetricsCollector;
+    auditLog: AuditLog;
+    policy: PolicyEngine;
+    sessionManager: SessionManager;
+    tunnelService: TunnelService;
+}
+export declare function createContainer(configOverrides?: Partial<ServerConfig>): AppContainer;
+//# sourceMappingURL=container.d.ts.map

package/dist/container.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"container.d.ts","sourceRoot":"","sources":["../src/container.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAuB,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAkBtE,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,aAAa,CAAC;IACtB,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,gBAAgB,CAAC;IAC1B,QAAQ,EAAE,QAAQ,CAAC;IACnB,MAAM,EAAE,YAAY,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED,wBAAgB,eAAe,CAAC,eAAe,GAAE,OAAO,CAAC,YAAY,CAAM,GAAG,YAAY,CA6CzF"}

package/dist/container.js

@@ -0,0 +1,52 @@
+import { ConfigManager } from "./config.js";
+import { AuditLog } from "./audit.js";
+import { MetricsCollector } from "./metrics.js";
+import { PolicyEngine } from "./policy.js";
+import { RateLimiter } from "./rate-limiter.js";
+import { SessionManager } from "./session.js";
+import { createTunnelService } from "./tunnel.js";
+function auditDetails(action, values) {
+    return {
+        action,
+        ...(values.host ? { host: values.host } : {}),
+        ...(values.username ? { username: values.username } : {}),
+        ...(values.target ? { target: values.target } : {}),
+    };
+}
+export function createContainer(configOverrides = {}) {
+    const config = new ConfigManager(configOverrides);
+    const rateLimiter = new RateLimiter({
+        maxRequests: config.get("rateLimit").maxRequests,
+        windowMs: config.get("rateLimit").windowMs,
+        blockOnLimit: true,
+    });
+    const metrics = new MetricsCollector();
+    const auditLog = new AuditLog();
+    const policy = new PolicyEngine(config.get("policy"), (decision, context) => {
+        metrics.recordPolicyDecision(decision.allowed, decision.mode);
+        auditLog.recordPolicyDecision(decision, auditDetails(context.action, {
+            host: context.host,
+            username: context.username,
+            target: context.path ?? context.command,
+        }));
+    });
+    const sessionManager = new SessionManager(config.get("maxSessions"), config.get("sessionTtlMs"), config.get("cleanupIntervalMs"), config.get("security"), policy);
+    const tunnelService = createTunnelService({
+        sessionManager,
+        metrics,
+        policy,
+    });
+    sessionManager.onSessionClose(async (sessionId) => {
+        await tunnelService.closeSessionTunnels(sessionId);
+    });
+    return {
+        config,
+        rateLimiter,
+        metrics,
+        auditLog,
+        policy,
+        sessionManager,
+        tunnelService,
+    };
+}
+//# sourceMappingURL=container.js.map

package/dist/container.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"container.js","sourceRoot":"","sources":["../src/container.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAqB,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAsB,MAAM,aAAa,CAAC;AAEtE,SAAS,YAAY,CACnB,MAAc,EACd,MAIC;IAED,OAAO;QACL,MAAM;QACN,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACpD,CAAC;AACJ,CAAC;AAYD,MAAM,UAAU,eAAe,CAAC,kBAAyC,EAAE;IACzE,MAAM,MAAM,GAAG,IAAI,aAAa,CAAC,eAAe,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC;QAClC,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,WAAW;QAChD,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,QAAQ;QAC1C,YAAY,EAAE,IAAI;KACnB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,IAAI,gBAAgB,EAAE,CAAC;IACvC,MAAM,QAAQ,GAAG,IAAI,QAAQ,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE;QAC1E,OAAO,CAAC,oBAAoB,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC9D,QAAQ,CAAC,oBAAoB,CAC3B,QAAQ,EACR,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE;YAC3B,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,MAAM,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,OAAO;SACxC,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,MAAM,cAAc,GAAG,IAAI,cAAc,CACvC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,EACzB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAC1B,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAC/B,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,EACtB,MAAM,CACP,CAAC;IACF,MAAM,aAAa,GAAG,mBAAmB,CAAC;QACxC,cAAc;QACd,OAAO;QACP,MAAM;KACP,CAAC,CAAC;IACH,cAAc,CAAC,cAAc,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;QAChD,MAAM,aAAa,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,WAAW;QACX,OAAO;QACP,QAAQ;QACR,MAAM;QACN,cAAc;QACd,aAAa;KACd,CAAC;AACJ,CAAC"}

package/dist/detect.d.ts

@@ -0,0 +1,7 @@
+import { NodeSSH } from "node-ssh";
+import { OSInfo } from "./types.js";
+/**
+ * Detects OS information on the remote system
+ */
+export declare function detectOS(ssh: NodeSSH): Promise<OSInfo>;
+//# sourceMappingURL=detect.d.ts.map

package/dist/detect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AACnC,OAAO,EAAc,MAAM,EAAuC,MAAM,YAAY,CAAC;AAyCrF;;GAEG;AACH,wBAAsB,QAAQ,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAmQ5D"}

package/dist/detect.js

@@ -0,0 +1,271 @@
+import { logger } from "./logging.js";
+import { createFilesystemError } from "./errors.js";
+async function safeExec(ssh, command) {
+    try {
+        const result = await ssh.execCommand(command);
+        return {
+            code: result.code ?? 0,
+            stdout: result.stdout ?? "",
+            stderr: result.stderr ?? "",
+        };
+    }
+    catch (error) {
+        logger.debug("OS detection command failed", { command, error });
+        return { code: 1, stdout: "", stderr: String(error) };
+    }
+}
+function normalizeWindowsPath(path) {
+    if (!path)
+        return undefined;
+    return path.replace(/\\\\/g, "/").replace(/\\/g, "/");
+}
+function parseKeyValueLine(line) {
+    const separatorIndex = line.indexOf("=");
+    if (separatorIndex === -1) {
+        return undefined;
+    }
+    return {
+        key: line.slice(0, separatorIndex),
+        value: line
+            .slice(separatorIndex + 1)
+            .replace(/\"/g, "")
+            .trim(),
+    };
+}
+/**
+ * Detects OS information on the remote system
+ */
+export async function detectOS(ssh) {
+    logger.debug("Starting OS detection");
+    try {
+        // Detect architecture
+        const archResult = await safeExec(ssh, "uname -m");
+        let arch = archResult.stdout.trim();
+        if (!arch) {
+            const winArch = await safeExec(ssh, 'powershell -NoLogo -NoProfile -Command "$env:PROCESSOR_ARCHITECTURE"');
+            arch = winArch.stdout.trim();
+        }
+        if (!arch) {
+            arch = "unknown";
+        }
+        // Detect platform/kernel
+        let platform = "unknown";
+        let distro = "unknown";
+        let version = "unknown";
+        let defaultShell = "unknown";
+        let tempDir;
+        const unameResult = await safeExec(ssh, "uname -s");
+        const uname = unameResult.stdout.trim().toLowerCase();
+        if (uname.includes("linux")) {
+            platform = "linux";
+        }
+        else if (uname.includes("darwin")) {
+            platform = "darwin";
+        }
+        else if (uname.includes("windows")) {
+            platform = "windows";
+        }
+        // Windows fallback detection (when uname is not available)
+        if (platform === "unknown") {
+            const winCheck = await safeExec(ssh, "cmd /c ver");
+            if (winCheck.code === 0 && winCheck.stdout) {
+                platform = "windows";
+                version = winCheck.stdout.trim();
+            }
+        }
+        // macOS detection fallback
+        if (platform === "unknown") {
+            const macCheck = await safeExec(ssh, "sw_vers -productName");
+            if (macCheck.code === 0 && macCheck.stdout.toLowerCase().includes("mac")) {
+                platform = "darwin";
+            }
+        }
+        // Detect shell
+        if (platform === "windows") {
+            defaultShell = "powershell";
+            const psShell = await safeExec(ssh, "echo $env:SHELL");
+            const shell = psShell.stdout.trim();
+            tempDir =
+                normalizeWindowsPath((await safeExec(ssh, 'powershell -NoLogo -NoProfile -Command "$env:TEMP"')).stdout.trim()) ?? "C:/Windows/Temp";
+            let packageManager = "unknown";
+            const wingetCheck = await safeExec(ssh, 'powershell -NoLogo -NoProfile -Command "Get-Command winget -ErrorAction SilentlyContinue"');
+            if (wingetCheck.code === 0 && wingetCheck.stdout.toLowerCase().includes("winget")) {
+                packageManager = "winget";
+            }
+            else {
+                const chocoCheck = await safeExec(ssh, "choco -v");
+                if (chocoCheck.code === 0) {
+                    packageManager = "choco";
+                }
+            }
+            const osInfo = {
+                platform,
+                distro: "windows",
+                version,
+                arch,
+                shell: shell !== "" ? shell : "powershell",
+                packageManager,
+                init: "windows-service",
+                defaultShell,
+                tempDir,
+            };
+            logger.debug("OS detection completed", osInfo);
+            return osInfo;
+        }
+        const shellResult = await safeExec(ssh, "echo $SHELL");
+        const shell = shellResult.stdout.trim().split("/").pop() ?? "unknown";
+        // Linux distro detection
+        if (platform === "linux") {
+            const detectionCommands = [
+                "cat /etc/os-release",
+                "cat /etc/lsb-release",
+                "cat /etc/redhat-release",
+                "cat /etc/debian_version",
+            ];
+            for (const cmd of detectionCommands) {
+                const result = await safeExec(ssh, cmd);
+                if (result.code !== 0 || !result.stdout.trim()) {
+                    continue;
+                }
+                const output = result.stdout.toLowerCase();
+                if (cmd === "cat /etc/os-release") {
+                    const lines = result.stdout.split("\n");
+                    for (const line of lines) {
+                        const parsedLine = parseKeyValueLine(line);
+                        if (!parsedLine) {
+                            continue;
+                        }
+                        if (parsedLine.key === "ID") {
+                            distro = parsedLine.value;
+                        }
+                        if (parsedLine.key === "VERSION_ID") {
+                            version = parsedLine.value;
+                        }
+                    }
+                    break;
+                }
+                else if (cmd === "cat /etc/lsb-release") {
+                    const lines = result.stdout.split("\n");
+                    for (const line of lines) {
+                        const parsedLine = parseKeyValueLine(line);
+                        if (!parsedLine) {
+                            continue;
+                        }
+                        if (parsedLine.key === "DISTRIB_ID") {
+                            distro = parsedLine.value.toLowerCase();
+                        }
+                        if (parsedLine.key === "DISTRIB_RELEASE") {
+                            version = parsedLine.value;
+                        }
+                    }
+                    break;
+                }
+                else if (output.includes("red hat") ||
+                    output.includes("rhel") ||
+                    output.includes("centos")) {
+                    distro = "rhel";
+                    const versionMatch = result.stdout.match(/(\d+\.\d+)/);
+                    if (versionMatch?.[1]) {
+                        version = versionMatch[1];
+                    }
+                    break;
+                }
+                else if (output.includes("debian")) {
+                    distro = "debian";
+                    version = result.stdout.trim();
+                    break;
+                }
+            }
+        }
+        // macOS distro detection
+        if (platform === "darwin") {
+            const productName = await safeExec(ssh, "sw_vers -productName");
+            const productVersion = await safeExec(ssh, "sw_vers -productVersion");
+            const productNameValue = productName.stdout.trim();
+            const productVersionValue = productVersion.stdout.trim();
+            distro = productNameValue !== "" ? productNameValue : "macos";
+            version = productVersionValue !== "" ? productVersionValue : "unknown";
+            defaultShell = shell.includes("zsh") ? "sh" : "bash";
+        }
+        // Package manager detection
+        let packageManager = "unknown";
+        if (platform === "linux") {
+            const packageManagers = [
+                {
+                    command: "command -v apt-get || which apt-get",
+                    manager: "apt",
+                },
+                {
+                    command: "command -v dnf || which dnf",
+                    manager: "dnf",
+                },
+                {
+                    command: "command -v yum || which yum",
+                    manager: "yum",
+                },
+                {
+                    command: "command -v pacman || which pacman",
+                    manager: "pacman",
+                },
+                {
+                    command: "command -v apk || which apk",
+                    manager: "apk",
+                },
+                {
+                    command: "command -v zypper || which zypper",
+                    manager: "zypper",
+                },
+            ];
+            for (const { command, manager } of packageManagers) {
+                const result = await safeExec(ssh, command);
+                if (result.code === 0) {
+                    packageManager = manager;
+                    break;
+                }
+            }
+        }
+        else if (platform === "darwin") {
+            const brewResult = await safeExec(ssh, "command -v brew || which brew");
+            if (brewResult.code === 0) {
+                packageManager = "brew";
+            }
+            defaultShell = shell.includes("zsh") ? "sh" : "bash";
+        }
+        // Init system detection
+        let init = "unknown";
+        if (platform === "linux") {
+            const systemctlResult = await safeExec(ssh, "command -v systemctl || which systemctl");
+            const serviceResult = await safeExec(ssh, "command -v service || which service");
+            if (systemctlResult.code === 0) {
+                init = "systemd";
+            }
+            else if (serviceResult.code === 0) {
+                init = "service";
+            }
+        }
+        else if (platform === "darwin") {
+            init = "launchd";
+        }
+        tempDir = platform === "darwin" || platform === "linux" ? "/tmp" : tempDir;
+        defaultShell =
+            defaultShell === "unknown" ? (shell.includes("bash") ? "bash" : "sh") : defaultShell;
+        const osInfo = {
+            platform,
+            distro,
+            version,
+            arch,
+            shell,
+            packageManager,
+            init,
+            defaultShell,
+            ...(tempDir ? { tempDir } : {}),
+        };
+        logger.debug("OS detection completed", osInfo);
+        return osInfo;
+    }
+    catch (error) {
+        logger.error("Failed to detect OS information", { error });
+        throw createFilesystemError("Failed to detect OS information", "Ensure the SSH connection is working and the remote system responds to basic commands");
+    }
+}
+//# sourceMappingURL=detect.js.map

package/dist/detect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect.js","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEpD,KAAK,UAAU,QAAQ,CACrB,GAAY,EACZ,OAAe;IAEf,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO;YACL,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC;YACtB,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;YAC3B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;SAC5B,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QAChE,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAwB;IACpD,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY;IACrC,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,cAAc,KAAK,CAAC,CAAC,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO;QACL,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC;QAClC,KAAK,EAAE,IAAI;aACR,KAAK,CAAC,cAAc,GAAG,CAAC,CAAC;aACzB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;aAClB,IAAI,EAAE;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,GAAY;IACzC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAEtC,IAAI,CAAC;QACH,sBAAsB;QACtB,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QACnD,IAAI,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,OAAO,GAAG,MAAM,QAAQ,CAC5B,GAAG,EACH,sEAAsE,CACvE,CAAC;YACF,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,SAAS,CAAC;QACnB,CAAC;QAED,yBAAyB;QACzB,IAAI,QAAQ,GAAa,SAAS,CAAC;QACnC,IAAI,MAAM,GAAG,SAAS,CAAC;QACvB,IAAI,OAAO,GAAG,SAAS,CAAC;QACxB,IAAI,YAAY,GAAc,SAAS,CAAC;QACxC,IAAI,OAA2B,CAAC;QAEhC,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QACpD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAEtD,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,QAAQ,GAAG,OAAO,CAAC;QACrB,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpC,QAAQ,GAAG,QAAQ,CAAC;QACtB,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACrC,QAAQ,GAAG,SAAS,CAAC;QACvB,CAAC;QAED,2DAA2D;QAC3D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;YACnD,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC3C,QAAQ,GAAG,SAAS,CAAC;gBACrB,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACnC,CAAC;QACH,CAAC;QAED,2BAA2B;QAC3B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzE,QAAQ,GAAG,QAAQ,CAAC;YACtB,CAAC;QACH,CAAC;QAED,eAAe;QACf,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,YAAY,GAAG,YAAY,CAAC;YAC5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;YACvD,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACpC,OAAO;gBACL,oBAAoB,CAClB,CAAC,MAAM,QAAQ,CAAC,GAAG,EAAE,oDAAoD,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAC1F,IAAI,iBAAiB,CAAC;YAEzB,IAAI,cAAc,GAAmB,SAAS,CAAC;YAC/C,MAAM,WAAW,GAAG,MAAM,QAAQ,CAChC,GAAG,EACH,2FAA2F,CAC5F,CAAC;YACF,IAAI,WAAW,CAAC,IAAI,KAAK,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAClF,cAAc,GAAG,QAAQ,CAAC;YAC5B,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;gBACnD,IAAI,UAAU,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;oBAC1B,cAAc,GAAG,OAAO,CAAC;gBAC3B,CAAC;YACH,CAAC;YAED,MAAM,MAAM,GAAW;gBACrB,QAAQ;gBACR,MAAM,EAAE,SAAS;gBACjB,OAAO;gBACP,IAAI;gBACJ,KAAK,EAAE,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY;gBAC1C,cAAc;gBACd,IAAI,EAAE,iBAAiB;gBACvB,YAAY;gBACZ,OAAO;aACR,CAAC;YAEF,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;YAC/C,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,SAAS,CAAC;QAEtE,yBAAyB;QACzB,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,MAAM,iBAAiB,GAAG;gBACxB,qBAAqB;gBACrB,sBAAsB;gBACtB,yBAAyB;gBACzB,yBAAyB;aAC1B,CAAC;YAEF,KAAK,MAAM,GAAG,IAAI,iBAAiB,EAAE,CAAC;gBACpC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;gBACxC,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;oBAC/C,SAAS;gBACX,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAE3C,IAAI,GAAG,KAAK,qBAAqB,EAAE,CAAC;oBAClC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACxC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;wBACzB,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;wBAC3C,IAAI,CAAC,UAAU,EAAE,CAAC;4BAChB,SAAS;wBACX,CAAC;wBAED,IAAI,UAAU,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;4BAC5B,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC;wBAC5B,CAAC;wBACD,IAAI,UAAU,CAAC,GAAG,KAAK,YAAY,EAAE,CAAC;4BACpC,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC;wBAC7B,CAAC;oBACH,CAAC;oBACD,MAAM;gBACR,CAAC;qBAAM,IAAI,GAAG,KAAK,sBAAsB,EAAE,CAAC;oBAC1C,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACxC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;wBACzB,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;wBAC3C,IAAI,CAAC,UAAU,EAAE,CAAC;4BAChB,SAAS;wBACX,CAAC;wBAED,IAAI,UAAU,CAAC,GAAG,KAAK,YAAY,EAAE,CAAC;4BACpC,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;wBAC1C,CAAC;wBACD,IAAI,UAAU,CAAC,GAAG,KAAK,iBAAiB,EAAE,CAAC;4BACzC,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC;wBAC7B,CAAC;oBACH,CAAC;oBACD,MAAM;gBACR,CAAC;qBAAM,IACL,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;oBAC1B,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACvB,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EACzB,CAAC;oBACD,MAAM,GAAG,MAAM,CAAC;oBAChB,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;oBACvD,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACtB,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;oBAC5B,CAAC;oBACD,MAAM;gBACR,CAAC;qBAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACrC,MAAM,GAAG,QAAQ,CAAC;oBAClB,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;oBAC/B,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC1B,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC;YAChE,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YACtE,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACnD,MAAM,mBAAmB,GAAG,cAAc,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACzD,MAAM,GAAG,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC;YAC9D,OAAO,GAAG,mBAAmB,KAAK,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACvE,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC;QACvD,CAAC;QAED,4BAA4B;QAC5B,IAAI,cAAc,GAAmB,SAAS,CAAC;QAC/C,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,MAAM,eAAe,GAAG;gBACtB;oBACE,OAAO,EAAE,qCAAqC;oBAC9C,OAAO,EAAE,KAAuB;iBACjC;gBACD;oBACE,OAAO,EAAE,6BAA6B;oBACtC,OAAO,EAAE,KAAuB;iBACjC;gBACD;oBACE,OAAO,EAAE,6BAA6B;oBACtC,OAAO,EAAE,KAAuB;iBACjC;gBACD;oBACE,OAAO,EAAE,mCAAmC;oBAC5C,OAAO,EAAE,QAA0B;iBACpC;gBACD;oBACE,OAAO,EAAE,6BAA6B;oBACtC,OAAO,EAAE,KAAuB;iBACjC;gBACD;oBACE,OAAO,EAAE,mCAAmC;oBAC5C,OAAO,EAAE,QAA0B;iBACpC;aACF,CAAC;YAEF,KAAK,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,eAAe,EAAE,CAAC;gBACnD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;gBAC5C,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;oBACtB,cAAc,GAAG,OAAO,CAAC;oBACzB,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,+BAA+B,CAAC,CAAC;YACxE,IAAI,UAAU,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBAC1B,cAAc,GAAG,MAAM,CAAC;YAC1B,CAAC;YACD,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC;QACvD,CAAC;QAED,wBAAwB;QACxB,IAAI,IAAI,GAAe,SAAS,CAAC;QACjC,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,MAAM,eAAe,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,yCAAyC,CAAC,CAAC;YACvF,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,qCAAqC,CAAC,CAAC;YACjF,IAAI,eAAe,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBAC/B,IAAI,GAAG,SAAS,CAAC;YACnB,CAAC;iBAAM,IAAI,aAAa,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACpC,IAAI,GAAG,SAAS,CAAC;YACnB,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,IAAI,GAAG,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,GAAG,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,YAAY;YACV,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;QAEvF,MAAM,MAAM,GAAW;YACrB,QAAQ;YACR,MAAM;YACN,OAAO;YACP,IAAI;YACJ,KAAK;YACL,cAAc;YACd,IAAI;YACJ,YAAY;YACZ,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAChC,CAAC;QAEF,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3D,MAAM,qBAAqB,CACzB,iCAAiC,EACjC,uFAAuF,CACxF,CAAC;IACJ,CAAC;AACH,CAAC"}