svamp-cli 0.2.48 → 0.2.50

package/dist/{serveManager-RvRL-weX.mjs → serveManager-rHhOPkW4.mjs}

@@ -3,236 +3,23 @@ import * as fs from 'fs';
 import * as http from 'http';
 import * as net from 'net';
 import * as path from 'path';
-
-const AUTH0_NAMESPACES = ["https://api.imjoy.io/", "https://amun.ai/"];
-const COOKIE_NAME = "svamp_serve_token";
-const DEFAULT_CACHE_TTL_MS = 5 * 60 * 1e3;
-const DEFAULT_CACHE_MAX_SIZE = 1e3;
-class TokenCache {
-  cache = /* @__PURE__ */ new Map();
-  ttlMs;
-  maxSize;
-  constructor(ttlMs = DEFAULT_CACHE_TTL_MS, maxSize = DEFAULT_CACHE_MAX_SIZE) {
-    this.ttlMs = ttlMs;
-    this.maxSize = maxSize;
-  }
-  get(token) {
-    const info = this.cache.get(token);
-    if (!info) return null;
-    if (Date.now() > info.expiresAt) {
-      this.cache.delete(token);
-      return null;
-    }
-    return info;
-  }
-  set(token, email) {
-    if (this.cache.size >= this.maxSize) {
-      const oldest = this.cache.keys().next().value;
-      if (oldest) this.cache.delete(oldest);
-    }
-    this.cache.set(token, {
-      email,
-      expiresAt: Date.now() + this.ttlMs
-    });
-  }
-  clear() {
-    this.cache.clear();
-  }
-}
-function hasCookieToken(req) {
-  return !!parseCookies(req.headers.cookie || "")[COOKIE_NAME];
-}
-function extractToken(req) {
-  const cookies = parseCookies(req.headers.cookie || "");
-  if (cookies[COOKIE_NAME]) return cookies[COOKIE_NAME];
-  const auth = req.headers.authorization;
-  if (auth?.startsWith("Bearer ") || auth?.startsWith("bearer ")) {
-    return auth.slice(7).trim();
-  }
-  const url = new URL(req.url || "/", "http://localhost");
-  const qToken = url.searchParams.get("token");
-  if (qToken) return qToken;
-  return null;
-}
-function parseCookies(header) {
-  const cookies = {};
-  for (const pair of header.split(";")) {
-    const eq = pair.indexOf("=");
-    if (eq > 0) {
-      const key = pair.slice(0, eq).trim();
-      const value = pair.slice(eq + 1).trim();
-      cookies[key] = value;
-    }
-  }
-  return cookies;
-}
-function parseJwtEmail(token) {
-  try {
-    const parts = token.split(".");
-    if (parts.length !== 3) return null;
-    const payload = JSON.parse(
-      Buffer.from(parts[1], "base64url").toString("utf-8")
-    );
-    if (payload.exp && payload.exp * 1e3 < Date.now()) return null;
-    for (const ns of AUTH0_NAMESPACES) {
-      const email = payload[ns + "email"];
-      if (typeof email === "string" && email) return email.toLowerCase();
-    }
-    if (typeof payload.email === "string" && payload.email) return payload.email.toLowerCase();
-    return null;
-  } catch {
-    return null;
-  }
-}
-async function verifyTokenViaHypha(token, hyphaServerUrl) {
-  try {
-    const baseUrl = hyphaServerUrl.replace(/\/$/, "");
-    const url = `${baseUrl}/public/services/ws/get_user_info`;
-    const resp = await fetch(url, {
-      method: "GET",
-      headers: {
-        Authorization: `Bearer ${token}`
-      },
-      signal: AbortSignal.timeout(1e4)
-    });
-    if (!resp.ok) return null;
-    const data = await resp.json();
-    const email = data?.email;
-    if (typeof email === "string" && email) return email.toLowerCase();
-    return null;
-  } catch {
-    return null;
-  }
-}
-class ServeAuth {
-  cache;
-  hyphaServerUrl;
-  constructor(options) {
-    this.hyphaServerUrl = options.hyphaServerUrl.replace(/\/$/, "");
-    this.cache = new TokenCache(
-      options.cacheTtlMs || DEFAULT_CACHE_TTL_MS,
-      options.cacheMaxSize || DEFAULT_CACHE_MAX_SIZE
-    );
-  }
-  /**
-   * Authenticate a request and return the user's email, or null if not authenticated.
-   */
-  async authenticate(req) {
-    const token = extractToken(req);
-    if (!token) return null;
-    const cached = this.cache.get(token);
-    if (cached) return cached.email;
-    const localEmail = parseJwtEmail(token);
-    if (localEmail) {
-      this.cache.set(token, localEmail);
-      return localEmail;
-    }
-    const serverEmail = await verifyTokenViaHypha(token, this.hyphaServerUrl);
-    if (serverEmail) {
-      this.cache.set(token, serverEmail);
-      return serverEmail;
-    }
-    return null;
-  }
-  /**
-   * Check if a user email is authorized for a mount's access level.
-   */
-  isAuthorized(email, access, ownerEmail) {
-    if (access === "public") return true;
-    if (!email) return false;
-    if (access === "owner") {
-      return !!ownerEmail && email.toLowerCase() === ownerEmail.toLowerCase();
-    }
-    return access.some((e) => e.toLowerCase() === email.toLowerCase());
-  }
-  /**
-   * Generate the login page HTML. Loads the `hypha-rpc` JS SDK from CDN and
-   * calls `hyphaWebsocketClient.login({ server_url, login_callback })`, which
-   * handles opening the login URL, polling, and token retrieval internally.
-   * Matches the pattern used by bioimage.io — proven to work.
-   */
-  getLoginPageHtml(redirectUrl) {
-    return `<!DOCTYPE html>
-<html><head>
-<meta charset="utf-8">
-<meta name="viewport" content="width=device-width,initial-scale=1">
-<title>Sign in \u2014 Svamp File Server</title>
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;display:flex;align-items:center;justify-content:center;min-height:100vh;background:#f6f8fa;color:#24292f;padding:16px}
-.card{background:#fff;border:1px solid #d0d7de;border-radius:12px;padding:32px;max-width:420px;width:100%;text-align:center;box-shadow:0 4px 12px rgba(31,35,40,0.06)}
-h1{font-size:1.25rem;margin-bottom:8px}
-.subtitle{color:#656d76;font-size:0.9rem;margin-bottom:24px}
-button{background:#0969da;color:#fff;border:none;border-radius:8px;padding:12px 24px;font-size:1rem;cursor:pointer;font-weight:500;width:100%}
-button:hover{background:#0860c4}
-button:disabled{background:#94d3a2;cursor:wait}
-.status{margin-top:16px;color:#656d76;font-size:0.85rem;min-height:20px;word-break:break-word}
-.error{color:#cf222e}
-.ok{color:#1a7f37}
-a{color:#0969da;text-decoration:none}
-a:hover{text-decoration:underline}
-</style>
-<script src="https://cdn.jsdelivr.net/npm/hypha-rpc@0.21.28/dist/hypha-rpc-websocket.min.js"><\/script>
-</head><body>
-<div class="card">
-  <h1>Sign in required</h1>
-  <p class="subtitle">This resource is private. Sign in with your Hypha account to continue.</p>
-  <button id="login-btn">Sign in with Hypha</button>
-  <div class="status" id="status"></div>
-</div>
-<script>
-const hyphaServer = ${JSON.stringify(this.hyphaServerUrl)};
-const redirectUrl = ${JSON.stringify(redirectUrl)};
-const cookieName = ${JSON.stringify(COOKIE_NAME)};
-
-const btn = document.getElementById('login-btn');
-const statusEl = document.getElementById('status');
-
-function setError(msg) {
-    statusEl.innerHTML = '<span class="error">' + msg + '</span>';
-    btn.disabled = false;
-}
-
-btn.addEventListener('click', async () => {
-    if (typeof hyphaWebsocketClient === 'undefined' || !hyphaWebsocketClient.login) {
-        setError('Hypha SDK failed to load. Check your network connection and retry.');
-        return;
-    }
-
-    btn.disabled = true;
-    statusEl.textContent = 'Opening Hypha sign-in\u2026';
-
-    try {
-        const token = await hyphaWebsocketClient.login({
-            server_url: hyphaServer,
-            login_callback: (context) => {
-                statusEl.textContent = 'Waiting for you to sign in\u2026';
-                // Open the login URL in a new tab. Called synchronously from
-                // inside the SDK's login() after the user's button click, so
-                // popup blockers generally allow it.
-                window.open(context.login_url, '_blank');
-            },
-        });
-
-        if (!token) throw new Error('No token returned from login');
-
-        // Set the cookie so subsequent requests to this origin are authenticated.
-        const secure = location.protocol === 'https:' ? '; Secure' : '';
-        document.cookie = cookieName + '=' + token + '; path=/; SameSite=Lax' + secure;
-
-        statusEl.innerHTML = '<span class="ok">Signed in. Redirecting\u2026</span>';
-        setTimeout(() => { window.location.replace(redirectUrl); }, 300);
-    } catch (err) {
-        setError('Login failed: ' + (err && err.message ? err.message : err));
-    }
-});
-<\/script>
-</body></html>`;
-  }
-  destroy() {
-    this.cache.clear();
-  }
-}
+import { S as ServeAuth, h as hasCookieToken } from './run-CIPCavEp.mjs';
+import 'os';
+import 'fs/promises';
+import 'url';
+import 'crypto';
+import 'node:fs';
+import 'node:crypto';
+import 'node:path';
+import 'node:child_process';
+import '@agentclientprotocol/sdk';
+import 'node:os';
+import '@modelcontextprotocol/sdk/client/index.js';
+import '@modelcontextprotocol/sdk/client/stdio.js';
+import '@modelcontextprotocol/sdk/types.js';
+import 'zod';
+import 'node:fs/promises';
+import 'node:util';
 
 function findFreePort() {
   return new Promise((resolve, reject) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svamp-cli",
-  "version": "0.2.48",
+  "version": "0.2.50",
   "description": "Svamp CLI — AI workspace daemon on Hypha Cloud",
   "author": "Amun AI AB",
   "license": "SEE LICENSE IN LICENSE",
@@ -20,7 +20,7 @@
   "scripts": {
     "build": "rm -rf dist && tsc --noEmit && pkgroll",
     "typecheck": "tsc --noEmit",
-    "test": "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
+    "test": "npx tsx test/test-authorize.mjs && npx tsx test/test-normalize-allowed-user.mjs && npx tsx test/test-share-url.mjs && npx tsx test/test-update-sharing-normalization.mjs && npx tsx test/test-staged-homes-sweep.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
     "test:hypha": "node --no-warnings test/test-hypha-service.mjs",
     "dev": "tsx src/cli.ts",
     "dev:daemon": "tsx src/cli.ts daemon start-sync",

package/dist/package-DVfaovNL.mjs

@@ -1,63 +0,0 @@
-var name = "svamp-cli";
-var version = "0.2.48";
-var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
-var author = "Amun AI AB";
-var license = "SEE LICENSE IN LICENSE";
-var type = "module";
-var bin = {
-	svamp: "./bin/svamp.mjs"
-};
-var files = [
-	"dist",
-	"bin"
-];
-var main = "./dist/index.mjs";
-var exports$1 = {
-	".": "./dist/index.mjs",
-	"./cli": "./dist/cli.mjs"
-};
-var scripts = {
-	build: "rm -rf dist && tsc --noEmit && pkgroll",
-	typecheck: "tsc --noEmit",
-	test: "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
-	"test:hypha": "node --no-warnings test/test-hypha-service.mjs",
-	dev: "tsx src/cli.ts",
-	"dev:daemon": "tsx src/cli.ts daemon start-sync",
-	"test:e2e": "node --no-warnings test/e2e-session-tests.mjs",
-	"test:frpc": "npx tsx test/test-frpc-e2e.mjs"
-};
-var dependencies = {
-	"@agentclientprotocol/sdk": "^0.14.1",
-	"@modelcontextprotocol/sdk": "^1.25.3",
-	"hypha-rpc": "0.21.40",
-	"node-pty": "1.2.0-beta.11",
-	ws: "^8.18.0",
-	yaml: "^2.8.2",
-	zod: "^3.24.4"
-};
-var devDependencies = {
-	"@types/node": ">=20",
-	"@types/ws": "^8.5.14",
-	pkgroll: "^2.14.2",
-	tsx: "^4.20.6",
-	typescript: "5.9.3"
-};
-var packageManager = "yarn@1.22.22";
-var _package = {
-	name: name,
-	version: version,
-	description: description,
-	author: author,
-	license: license,
-	type: type,
-	bin: bin,
-	files: files,
-	main: main,
-	exports: exports$1,
-	scripts: scripts,
-	dependencies: dependencies,
-	devDependencies: devDependencies,
-	packageManager: packageManager
-};
-
-export { author, bin, _package as default, dependencies, description, devDependencies, exports$1 as exports, files, license, main, name, packageManager, scripts, type, version };