xtrm-tools 0.5.0

package/config/pi/extensions/custom-footer/index.ts

@@ -0,0 +1,160 @@
+/**
+ * XTRM Custom Footer Extension
+ *
+ * Displays: XTRM brand, Model, Context%, CWD, Git branch, Beads chip
+ */
+
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+import { truncateToWidth } from "@mariozechner/pi-tui";
+
+import { SubprocessRunner, EventAdapter } from "../core/lib";
+
+export default function (pi: ExtensionAPI) {
+	interface BeadState {
+		claimId: string | null;
+		shortId: string | null;
+		status: string | null;
+		openCount: number;
+		lastFetch: number;
+	}
+
+	const STATUS_ICONS: Record<string, string> = {
+		open: "○",
+		in_progress: "◐",
+		blocked: "●",
+		closed: "✓",
+	};
+	// Chip background colours (raw ANSI — theme has no bg() API)
+	const CHIP_BG_NEUTRAL  = "\x1b[48;5;238m"; // dark gray
+	const CHIP_BG_ACTIVE   = "\x1b[48;5;39m";  // blue
+	const CHIP_BG_BLOCKED  = "\x1b[48;5;88m";  // red
+	const CHIP_FG          = "\x1b[38;5;15m";  // white
+	const CHIP_RESET       = "\x1b[0m";
+	const chip = (text: string, bg = CHIP_BG_NEUTRAL): string =>
+		`${bg}${CHIP_FG} ${text} ${CHIP_RESET}`;
+
+	const STATUS_BG: Record<string, string> = {
+		open: CHIP_BG_NEUTRAL,
+		in_progress: CHIP_BG_ACTIVE,
+		blocked: CHIP_BG_BLOCKED,
+	};
+
+	let capturedCtx: any = null;
+	let sessionId: string = "";
+	let beadState: BeadState = { claimId: null, shortId: null, status: null, openCount: 0, lastFetch: 0 };
+	let refreshing = false;
+	let requestRender: (() => void) | null = null;
+	const CACHE_TTL = 5000;
+
+	const getCwd = () => capturedCtx?.cwd || process.cwd();
+	const getShortId = (id: string) => id.split("-").pop() ?? id;
+
+	const refreshBeadState = async () => {
+		if (refreshing || Date.now() - beadState.lastFetch < CACHE_TTL) return;
+		const cwd = getCwd();
+		if (!EventAdapter.isBeadsProject(cwd)) return;
+		if (!sessionId) return;
+		refreshing = true;
+		try {
+			const claimResult = await SubprocessRunner.run("bd", ["kv", "get", `claimed:${sessionId}`], { cwd });
+			const claimId = claimResult.code === 0 ? claimResult.stdout.trim() || null : null;
+
+			let status: string | null = null;
+			if (claimId) {
+				const showResult = await SubprocessRunner.run("bd", ["show", claimId, "--json"], { cwd });
+				if (showResult.code === 0) {
+					try { status = JSON.parse(showResult.stdout)[0]?.status ?? null; } catch {}
+				}
+				if (status === "closed") {
+					await SubprocessRunner.run("bd", ["kv", "clear", `claimed:${sessionId}`], { cwd });
+					beadState = { claimId: null, shortId: null, status: null, openCount: beadState.openCount, lastFetch: Date.now() };
+					requestRender?.();
+					return;
+				}
+			}
+
+			let openCount = 0;
+			const listResult = await SubprocessRunner.run("bd", ["list"], { cwd });
+			if (listResult.code === 0) {
+				const m = listResult.stdout.match(/\((\d+)\s+open/);
+				if (m) openCount = parseInt(m[1], 10);
+			}
+
+			beadState = { claimId, shortId: claimId ? getShortId(claimId) : null, status, openCount, lastFetch: Date.now() };
+			requestRender?.();
+		} catch {}
+		finally { refreshing = false; }
+	};
+
+	const buildBeadChip = (): string => {
+		const { claimId, shortId, status, openCount } = beadState;
+		if (claimId && shortId && status) {
+			const icon = STATUS_ICONS[status] ?? "?";
+			const bg = STATUS_BG[status] ?? CHIP_BG_NEUTRAL;
+			return chip(`bd:${shortId}${icon}`, bg);
+		}
+		if (openCount > 0) {
+			return chip(`bd:${openCount}${STATUS_ICONS.open}`);
+		}
+		return "";
+	};
+
+	pi.on("session_start", async (_event, ctx) => {
+		capturedCtx = ctx;
+		// Get session ID from sessionManager/context (prefer UUID, consistent with hooks)
+		sessionId = ctx.sessionManager?.getSessionId?.() ?? ctx.sessionId ?? ctx.session_id ?? process.pid.toString();
+
+		ctx.ui.setFooter((tui, theme, footerData) => {
+			requestRender = () => tui.requestRender();
+			const unsub = footerData.onBranchChange(() => tui.requestRender());
+
+			return {
+				dispose() { unsub(); requestRender = null; },
+				invalidate() {},
+				render(width: number): string[] {
+					refreshBeadState().catch(() => {});
+
+					const BOLD = "\x1b[1m", BOLD_OFF = "\x1b[22m";
+					const brand = `${BOLD}${theme.fg("accent", "XTRM")}${BOLD_OFF}`;
+
+					const usage = ctx.getContextUsage();
+					const pct = usage?.percent ?? 0;
+					const pctColor = pct > 75 ? "error" : pct > 50 ? "warning" : "success";
+					const usageStr = theme.fg(pctColor, `${pct.toFixed(0)}%`);
+
+					const parts = process.cwd().split("/");
+					const short = parts.length > 2 ? parts.slice(-2).join("/") : process.cwd();
+					const cwdStr = theme.fg("muted", `⌂ ${short}`);
+
+					const branch = footerData.getGitBranch();
+					const branchStr = branch ? theme.fg("accent", `⎇ ${branch}`) : "";
+
+					const modelId = ctx.model?.id || "no-model";
+					const modelChip = chip(modelId);
+
+					const sep = " ";
+
+					const brandModel = `${brand} ${modelChip}`;
+					const beadChip = buildBeadChip();
+					const leftParts = [brandModel, usageStr];
+					if (beadChip) leftParts.push(beadChip);
+					leftParts.push(cwdStr);
+					if (branchStr) leftParts.push(branchStr);
+
+					const left = leftParts.join(sep);
+					return [truncateToWidth(left, width)];
+				},
+			};
+		});
+	});
+
+	// Bust the bead cache immediately after any bd write
+	pi.on("tool_result", async (event: any) => {
+		const cmd = event?.input?.command;
+		if (cmd && /\bbd\s+(close|update|create|claim)\b/.test(cmd)) {
+			beadState.lastFetch = 0;
+			setTimeout(() => refreshBeadState().catch(() => {}), 200);
+		}
+		return undefined;
+	});
+}

package/config/pi/extensions/custom-footer/package.json

@@ -0,0 +1,16 @@
+{
+  "name": "@xtrm/pi-custom-footer",
+  "version": "1.0.0",
+  "description": "xtrm Pi extension: custom-footer",
+  "type": "module",
+  "exports": {
+    ".": "./index.ts"
+  },
+  "keywords": [
+    "pi",
+    "extension",
+    "xtrm"
+  ],
+  "author": "xtrm",
+  "license": "MIT"
+}

package/config/pi/extensions/custom-provider-qwen-cli/index.ts

@@ -0,0 +1,363 @@
+/**
+ * Qwen CLI Provider Extension
+ *
+ * Provides access to Qwen models via OAuth authentication with chat.qwen.ai.
+ * Uses device code flow with PKCE for secure browser-based authentication.
+ *
+ * Usage:
+ * pi -e ./packages/coding-agent/examples/extensions/custom-provider-qwen-cli
+ * # Then /login qwen-cli, or set QWEN_CLI_API_KEY=...
+ */
+
+import type { OAuthCredentials, OAuthLoginCallbacks } from "@mariozechner/pi-ai";
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+
+// =============================================================================
+// Constants
+// =============================================================================
+
+const QWEN_DEVICE_CODE_ENDPOINT = "https://chat.qwen.ai/api/v1/oauth2/device/code";
+const QWEN_TOKEN_ENDPOINT = "https://chat.qwen.ai/api/v1/oauth2/token";
+const QWEN_CLIENT_ID = "f0304373b74a44d2b584a3fb70ca9e56";
+const QWEN_SCOPE = "openid profile email model.completion";
+const QWEN_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code";
+const QWEN_DEFAULT_BASE_URL = "https://dashscope.aliyuncs.com/compatible-mode/v1";
+const QWEN_POLL_INTERVAL_MS = 2000;
+
+// =============================================================================
+// PKCE Helpers
+// =============================================================================
+
+async function generatePKCE(): Promise<{ verifier: string; challenge: string }> {
+  const array = new Uint8Array(32);
+  crypto.getRandomValues(array);
+  const verifier = btoa(String.fromCharCode(...array))
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+    .replace(/=+$/, "");
+
+  const encoder = new TextEncoder();
+  const data = encoder.encode(verifier);
+  const hash = await crypto.subtle.digest("SHA-256", data);
+  const challenge = btoa(String.fromCharCode(...new Uint8Array(hash)))
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+    .replace(/=+$/, "");
+
+  return { verifier, challenge };
+}
+
+// =============================================================================
+// OAuth Implementation
+// =============================================================================
+
+interface DeviceCodeResponse {
+  device_code: string;
+  user_code: string;
+  verification_uri: string;
+  verification_uri_complete?: string;
+  expires_in: number;
+  interval?: number;
+}
+
+interface TokenResponse {
+  access_token: string;
+  refresh_token?: string;
+  token_type: string;
+  expires_in: number;
+  resource_url?: string;
+}
+
+function abortableSleep(ms: number, signal?: AbortSignal): Promise<void> {
+  return new Promise((resolve, reject) => {
+    if (signal?.aborted) {
+      reject(new Error("Login cancelled"));
+      return;
+    }
+    const timeout = setTimeout(resolve, ms);
+    signal?.addEventListener(
+      "abort",
+      () => {
+        clearTimeout(timeout);
+        reject(new Error("Login cancelled"));
+      },
+      { once: true },
+    );
+  });
+}
+
+async function startDeviceFlow(): Promise<{ deviceCode: DeviceCodeResponse; verifier: string }> {
+  const { verifier, challenge } = await generatePKCE();
+
+  const body = new URLSearchParams({
+    client_id: QWEN_CLIENT_ID,
+    scope: QWEN_SCOPE,
+    code_challenge: challenge,
+    code_challenge_method: "S256",
+  });
+
+  const headers: Record<string, string> = {
+    "Content-Type": "application/x-www-form-urlencoded",
+    Accept: "application/json",
+  };
+
+  const requestId = globalThis.crypto?.randomUUID?.();
+  if (requestId) headers["x-request-id"] = requestId;
+
+  const response = await fetch(QWEN_DEVICE_CODE_ENDPOINT, {
+    method: "POST",
+    headers,
+    body: body.toString(),
+  });
+
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Device code request failed: ${response.status} ${text}`);
+  }
+
+  const data = (await response.json()) as DeviceCodeResponse;
+  if (!data.device_code || !data.user_code || !data.verification_uri) {
+    throw new Error("Invalid device code response: missing required fields");
+  }
+
+  return { deviceCode: data, verifier };
+}
+
+async function pollForToken(
+  deviceCode: string,
+  verifier: string,
+  intervalSeconds: number | undefined,
+  expiresIn: number,
+  signal?: AbortSignal,
+): Promise<TokenResponse> {
+  const deadline = Date.now() + expiresIn * 1000;
+  const resolvedIntervalSeconds =
+    typeof intervalSeconds === "number" &&
+    Number.isFinite(intervalSeconds) &&
+    intervalSeconds > 0
+      ? intervalSeconds
+      : QWEN_POLL_INTERVAL_MS / 1000;
+  let intervalMs = Math.max(1000, Math.floor(resolvedIntervalSeconds * 1000));
+
+  const handleTokenError = async (
+    error: string,
+    description?: string,
+  ): Promise<boolean> => {
+    switch (error) {
+      case "authorization_pending":
+        await abortableSleep(intervalMs, signal);
+        return true;
+      case "slow_down":
+        intervalMs = Math.min(intervalMs + 5000, 10000);
+        await abortableSleep(intervalMs, signal);
+        return true;
+      case "expired_token":
+        throw new Error("Device code expired. Please restart authentication.");
+      case "access_denied":
+        throw new Error("Authorization denied by user.");
+      default:
+        throw new Error(`Token request failed: ${error} - ${description || ""}`);
+    }
+  };
+
+  while (Date.now() < deadline) {
+    if (signal?.aborted) {
+      throw new Error("Login cancelled");
+    }
+
+    const body = new URLSearchParams({
+      grant_type: QWEN_GRANT_TYPE,
+      client_id: QWEN_CLIENT_ID,
+      device_code: deviceCode,
+      code_verifier: verifier,
+    });
+
+    const response = await fetch(QWEN_TOKEN_ENDPOINT, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json",
+      },
+      body: body.toString(),
+    });
+
+    const responseText = await response.text();
+    let data:
+      | (TokenResponse & { error?: string; error_description?: string })
+      | null = null;
+
+    if (responseText) {
+      try {
+        data = JSON.parse(responseText) as TokenResponse & {
+          error?: string;
+          error_description?: string;
+        };
+      } catch {
+        data = null;
+      }
+    }
+
+    const error = data?.error;
+    const errorDescription = data?.error_description;
+
+    if (!response.ok) {
+      if (error && (await handleTokenError(error, errorDescription))) {
+        continue;
+      }
+      throw new Error(
+        `Token request failed: ${response.status} ${response.statusText}. Response: ${responseText}`,
+      );
+    }
+
+    if (data?.access_token) {
+      return data;
+    }
+
+    if (error && (await handleTokenError(error, errorDescription))) {
+      continue;
+    }
+
+    throw new Error("Token request failed: missing access token in response");
+  }
+
+  throw new Error("Authentication timed out. Please try again.");
+}
+
+async function loginQwen(callbacks: OAuthLoginCallbacks): Promise<OAuthCredentials> {
+  const { deviceCode, verifier } = await startDeviceFlow();
+
+  // Show verification URL and user code to user
+  const authUrl =
+    deviceCode.verification_uri_complete || deviceCode.verification_uri;
+  const instructions = deviceCode.verification_uri_complete
+    ? undefined // Code is already embedded in the URL
+    : `Enter code: ${deviceCode.user_code}`;
+
+  callbacks.onAuth({ url: authUrl, instructions });
+
+  // Poll for token
+  const tokenResponse = await pollForToken(
+    deviceCode.device_code,
+    verifier,
+    deviceCode.interval,
+    deviceCode.expires_in,
+    callbacks.signal,
+  );
+
+  // Calculate expiry with 5-minute buffer
+  const expiresAt = Date.now() + tokenResponse.expires_in * 1000 - 5 * 60 * 1000;
+
+  return {
+    refresh: tokenResponse.refresh_token || "",
+    access: tokenResponse.access_token,
+    expires: expiresAt,
+    // Store resource_url for API base URL if provided
+    enterpriseUrl: tokenResponse.resource_url,
+  };
+}
+
+async function refreshQwenToken(credentials: OAuthCredentials): Promise<OAuthCredentials> {
+  const body = new URLSearchParams({
+    grant_type: "refresh_token",
+    refresh_token: credentials.refresh,
+    client_id: QWEN_CLIENT_ID,
+  });
+
+  const response = await fetch(QWEN_TOKEN_ENDPOINT, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    body: body.toString(),
+  });
+
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Token refresh failed: ${response.status} ${text}`);
+  }
+
+  const data = (await response.json()) as TokenResponse;
+  if (!data.access_token) {
+    throw new Error("Token refresh failed: no access token in response");
+  }
+
+  const expiresAt = Date.now() + data.expires_in * 1000 - 5 * 60 * 1000;
+
+  return {
+    refresh: data.refresh_token || credentials.refresh,
+    access: data.access_token,
+    expires: expiresAt,
+    enterpriseUrl: data.resource_url ?? credentials.enterpriseUrl,
+  };
+}
+
+function getQwenBaseUrl(resourceUrl?: string): string {
+  if (!resourceUrl) {
+    return QWEN_DEFAULT_BASE_URL;
+  }
+
+  let url = resourceUrl.startsWith("http") ? resourceUrl : `https://${resourceUrl}`;
+  if (!url.endsWith("/v1")) {
+    url = `${url}/v1`;
+  }
+
+  return url;
+}
+
+// =============================================================================
+// Extension Entry Point
+// =============================================================================
+
+export default function (pi: ExtensionAPI) {
+  pi.registerProvider("qwen-cli", {
+    baseUrl: QWEN_DEFAULT_BASE_URL,
+    apiKey: "QWEN_CLI_API_KEY",
+    api: "openai-completions",
+    models: [
+      {
+        id: "qwen3-coder-plus",
+        name: "Qwen3 Coder Plus",
+        reasoning: false,
+        input: ["text"],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+        contextWindow: 1000000,
+        maxTokens: 65536,
+      },
+      {
+        id: "qwen3-coder-flash",
+        name: "Qwen3 Coder Flash",
+        reasoning: false,
+        input: ["text"],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+        contextWindow: 1000000,
+        maxTokens: 65536,
+      },
+      {
+        id: "vision-model",
+        name: "Qwen3 VL Plus",
+        reasoning: true,
+        input: ["text", "image"],
+        cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+        contextWindow: 262144,
+        maxTokens: 32768,
+        compat: {
+          supportsDeveloperRole: false,
+          thinkingFormat: "qwen",
+        },
+      },
+    ],
+    oauth: {
+      name: "Qwen CLI",
+      login: loginQwen,
+      refreshToken: refreshQwenToken,
+      getApiKey: (cred) => cred.access,
+      modifyModels: (models, cred) => {
+        const baseUrl = getQwenBaseUrl(cred.enterpriseUrl as string | undefined);
+        return models.map((m) =>
+          m.provider === "qwen-cli" ? { ...m, baseUrl } : m,
+        );
+      },
+    },
+  });
+}

package/config/pi/extensions/custom-provider-qwen-cli/package.json

@@ -0,0 +1 @@
+{ "name": "pi-extension-custom-provider-qwen-cli", "private": true, "version": "1.7.1", "type": "module", "scripts": { "clean": "echo 'nothing to clean'", "build": "echo 'nothing to build'", "check": "echo 'nothing to check'" }, "pi": { "extensions": [ "./index.ts" ] } }

package/config/pi/extensions/git-checkpoint/index.ts

@@ -0,0 +1,53 @@
+/**
+ * Git Checkpoint Extension
+ *
+ * Creates git stash checkpoints at each turn so /fork can restore code state.
+ * When forking, offers to restore code to that point in history.
+ */
+
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+
+export default function (pi: ExtensionAPI) {
+	const checkpoints = new Map<string, string>();
+	let currentEntryId: string | undefined;
+
+	// Track the current entry ID when user messages are saved
+	pi.on("tool_result", async (_event, ctx) => {
+		const leaf = ctx.sessionManager.getLeafEntry();
+		if (leaf) currentEntryId = leaf.id;
+	});
+
+	pi.on("turn_start", async () => {
+		// Create a git stash entry before LLM makes changes
+		const { stdout } = await pi.exec("git", ["stash", "create"]);
+		const ref = stdout.trim();
+		if (ref && currentEntryId) {
+			checkpoints.set(currentEntryId, ref);
+		}
+	});
+
+	pi.on("session_before_fork", async (event, ctx) => {
+		const ref = checkpoints.get(event.entryId);
+		if (!ref) return;
+
+		if (!ctx.hasUI) {
+			// In non-interactive mode, don't restore automatically
+			return;
+		}
+
+		const choice = await ctx.ui.select("Restore code state?", [
+			"Yes, restore code to that point",
+			"No, keep current code",
+		]);
+
+		if (choice?.startsWith("Yes")) {
+			await pi.exec("git", ["stash", "apply", ref]);
+			ctx.ui.notify("Code restored to checkpoint", "info");
+		}
+	});
+
+	pi.on("agent_end", async () => {
+		// Clear checkpoints after agent completes
+		checkpoints.clear();
+	});
+}

package/config/pi/extensions/git-checkpoint/package.json

@@ -0,0 +1,16 @@
+{
+  "name": "@xtrm/pi-git-checkpoint",
+  "version": "1.0.0",
+  "description": "xtrm Pi extension: git-checkpoint",
+  "type": "module",
+  "exports": {
+    ".": "./index.ts"
+  },
+  "keywords": [
+    "pi",
+    "extension",
+    "xtrm"
+  ],
+  "author": "xtrm",
+  "license": "MIT"
+}