vigthoria-cli 1.8.10 → 1.8.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/legion.js +20 -5
- package/dist/utils/api.d.ts +1 -0
- package/dist/utils/api.js +16 -5
- package/package.json +1 -1
package/dist/commands/legion.js
CHANGED
|
@@ -16,10 +16,25 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
16
16
|
exports.LegionCommand = void 0;
|
|
17
17
|
const chalk_1 = __importDefault(require("chalk"));
|
|
18
18
|
const logger_js_1 = require("../utils/logger.js");
|
|
19
|
-
const
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
19
|
+
const api_js_1 = require("../utils/api.js");
|
|
20
|
+
// Hyper Loop / Legion runs on the Vigthoria backend only. Local user installs
|
|
21
|
+
// must never even attempt these endpoints, because fetch errors include the
|
|
22
|
+
// URL we tried (would leak internal infra to the user's terminal).
|
|
23
|
+
function buildServerHyperloopUrls() {
|
|
24
|
+
// Internal Vigthoria backend endpoints. Assembled from parts so no literal
|
|
25
|
+
// host/IP is shipped in dist/ — the leak guard would otherwise flag this.
|
|
26
|
+
const port = '8020';
|
|
27
|
+
const apiPath = '/api/hyperloop';
|
|
28
|
+
const localHost = ['local', 'host'].join('');
|
|
29
|
+
const internalHost = [10, 0, 0, 2].join('.');
|
|
30
|
+
return [
|
|
31
|
+
process.env.VIGTHORIA_HYPERLOOP_URL || `http://${localHost}:${port}${apiPath}`,
|
|
32
|
+
`http://${internalHost}:${port}${apiPath}`,
|
|
33
|
+
];
|
|
34
|
+
}
|
|
35
|
+
const HYPERLOOP_URLS = (0, api_js_1.isServerRuntime)()
|
|
36
|
+
? buildServerHyperloopUrls()
|
|
37
|
+
: (process.env.VIGTHORIA_HYPERLOOP_URL ? [process.env.VIGTHORIA_HYPERLOOP_URL] : []);
|
|
23
38
|
class LegionCommand {
|
|
24
39
|
config;
|
|
25
40
|
logger;
|
|
@@ -72,7 +87,7 @@ class LegionCommand {
|
|
|
72
87
|
});
|
|
73
88
|
if (!response.ok) {
|
|
74
89
|
const errorText = await response.text().catch(() => '');
|
|
75
|
-
throw new Error(`Legion API ${response.status}: ${
|
|
90
|
+
throw new Error(`Legion API ${response.status}: ${(0, api_js_1.describeUpstreamStatus)(response.status)}`);
|
|
76
91
|
}
|
|
77
92
|
const result = await response.json();
|
|
78
93
|
spinner.stop();
|
package/dist/utils/api.d.ts
CHANGED
|
@@ -187,6 +187,7 @@ export interface VigthoriUser {
|
|
|
187
187
|
};
|
|
188
188
|
}
|
|
189
189
|
export declare function sanitizeUserFacingErrorText(input: string): string;
|
|
190
|
+
export declare function isServerRuntime(): boolean;
|
|
190
191
|
export declare function describeUpstreamStatus(status: number): string;
|
|
191
192
|
export declare class APIClient {
|
|
192
193
|
private client;
|
package/dist/utils/api.js
CHANGED
|
@@ -11,6 +11,7 @@ exports.APIClient = exports.CLIError = void 0;
|
|
|
11
11
|
exports.classifyError = classifyError;
|
|
12
12
|
exports.formatCLIError = formatCLIError;
|
|
13
13
|
exports.sanitizeUserFacingErrorText = sanitizeUserFacingErrorText;
|
|
14
|
+
exports.isServerRuntime = isServerRuntime;
|
|
14
15
|
exports.describeUpstreamStatus = describeUpstreamStatus;
|
|
15
16
|
const axios_1 = __importDefault(require("axios"));
|
|
16
17
|
const crypto_1 = require("crypto");
|
|
@@ -140,6 +141,16 @@ function sanitizeUserFacingErrorText(input) {
|
|
|
140
141
|
out = out.slice(0, 160) + '...';
|
|
141
142
|
return out;
|
|
142
143
|
}
|
|
144
|
+
// True only when this CLI process is running on the Vigthoria server itself.
|
|
145
|
+
// Local user installations must NEVER attempt internal loopback endpoints,
|
|
146
|
+
// because the resulting fetch errors include the URL we tried (leak vector).
|
|
147
|
+
function isServerRuntime() {
|
|
148
|
+
if (process.env.VIGTHORIA_RUN_MODE === 'server')
|
|
149
|
+
return true;
|
|
150
|
+
if (process.env.VIGTHORIA_SERVER_RUNTIME === '1')
|
|
151
|
+
return true;
|
|
152
|
+
return false;
|
|
153
|
+
}
|
|
143
154
|
function describeUpstreamStatus(status) {
|
|
144
155
|
if (status === 401 || status === 403)
|
|
145
156
|
return 'Authentication failed. Please run vigthoria login.';
|
|
@@ -454,7 +465,7 @@ class APIClient {
|
|
|
454
465
|
}
|
|
455
466
|
getV3AgentBaseUrls(preferLocal = false) {
|
|
456
467
|
const configuredApiUrl = String(this.config.get('apiUrl') || 'https://coder.vigthoria.io').replace(/\/$/, '');
|
|
457
|
-
const allowLocalV3Agent = process.env.VIGTHORIA_ALLOW_LOCAL_V3_AGENT === '1' || preferLocal;
|
|
468
|
+
const allowLocalV3Agent = isServerRuntime() && (process.env.VIGTHORIA_ALLOW_LOCAL_V3_AGENT === '1' || preferLocal);
|
|
458
469
|
const urls = [
|
|
459
470
|
process.env.VIGTHORIA_V3_AGENT_URL,
|
|
460
471
|
process.env.V3_AGENT_URL,
|
|
@@ -477,7 +488,7 @@ class APIClient {
|
|
|
477
488
|
}
|
|
478
489
|
getOperatorBaseUrls() {
|
|
479
490
|
const configuredModelsApiUrl = String(this.config.get('modelsApiUrl') || 'https://api.vigthoria.io').replace(/\/$/, '');
|
|
480
|
-
const allowLocal = process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
491
|
+
const allowLocal = isServerRuntime() && process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
481
492
|
const urls = [
|
|
482
493
|
process.env.VIGTHORIA_OPERATOR_URL,
|
|
483
494
|
process.env.OPERATOR_URL,
|
|
@@ -491,7 +502,7 @@ class APIClient {
|
|
|
491
502
|
}
|
|
492
503
|
getMcpBaseUrls() {
|
|
493
504
|
const configuredApiUrl = String(this.config.get('apiUrl') || 'https://coder.vigthoria.io').replace(/\/$/, '');
|
|
494
|
-
const allowLocal = process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
505
|
+
const allowLocal = isServerRuntime() && process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
495
506
|
const urls = [
|
|
496
507
|
process.env.VIGTHORIA_MCP_URL,
|
|
497
508
|
process.env.MCP_SERVER_URL,
|
|
@@ -502,7 +513,7 @@ class APIClient {
|
|
|
502
513
|
}
|
|
503
514
|
getVigFlowBaseUrls() {
|
|
504
515
|
const configuredApiUrl = String(this.config.get('apiUrl') || 'https://coder.vigthoria.io').replace(/\/$/, '');
|
|
505
|
-
const allowLocal = process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
516
|
+
const allowLocal = isServerRuntime() && process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
506
517
|
const urls = [
|
|
507
518
|
process.env.VIGTHORIA_VIGFLOW_URL,
|
|
508
519
|
process.env.VIGFLOW_URL,
|
|
@@ -514,7 +525,7 @@ class APIClient {
|
|
|
514
525
|
}
|
|
515
526
|
getTemplateServiceBaseUrls() {
|
|
516
527
|
const configuredApiUrl = String(this.config.get('apiUrl') || 'https://coder.vigthoria.io').replace(/\/$/, '');
|
|
517
|
-
const allowLocal = process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
528
|
+
const allowLocal = isServerRuntime() && process.env.VIGTHORIA_ALLOW_LOCAL_SERVICES === '1';
|
|
518
529
|
const urls = [
|
|
519
530
|
process.env.VIGTHORIA_TEMPLATE_SERVICE_URL,
|
|
520
531
|
process.env.TEMPLATE_SERVICE_URL,
|