singularity-forge/src/wizard.ts

import type { AuthStorage } from '@gsd/pi-coding-agent'

// ─── Env hydration ────────────────────────────────────────────────────────────

/**
 * Hydrate process.env from stored auth.json credentials for optional tool keys.
 * Runs on every launch so extensions see Brave/Context7/Jina keys stored via the
 * wizard on prior launches.
 */
export function loadStoredEnvKeys(authStorage: AuthStorage): void {
  const providers: Array<[string, string]> = [
    ['brave',         'BRAVE_API_KEY'],
    ['brave_answers', 'BRAVE_ANSWERS_KEY'],
    ['context7',      'CONTEXT7_API_KEY'],
    ['jina',          'JINA_API_KEY'],
    ['tavily',        'TAVILY_API_KEY'],
    ['slack_bot',     'SLACK_BOT_TOKEN'],
    ['discord_bot',   'DISCORD_BOT_TOKEN'],
    ['telegram_bot',  'TELEGRAM_BOT_TOKEN'],
    ['groq',          'GROQ_API_KEY'],
    ['ollama-cloud',  'OLLAMA_API_KEY'],
    ['custom-openai', 'CUSTOM_OPENAI_API_KEY'],
  ]
  for (const [provider, envVar] of providers) {
    if (!process.env[envVar]) {
      // Use getCredentialsForProvider to skip empty-key entries at index 0
      // (left by legacy removeProviderToken which used set() with empty key)
      const creds = authStorage.getCredentialsForProvider(provider)
      const cred = creds.find((c: any) => c.type === 'api_key' && c.key)
      if (cred?.type === 'api_key' && (cred as any).key) {
        process.env[envVar] = (cred as any).key as string
      }
    }
  }
}
feat: vendor Pi source into workspace monorepo Vendor all 4 Pi packages (tui, ai, agent-core, coding-agent) from pi-mono v0.57.1 as @gsd/* workspace packages under packages/. This replaces the compiled npm dependency (@mariozechner/pi-coding-agent) and patch-package workflow, giving direct source access for modifications. - Copy Pi source from pi-mono v0.57.1 into packages/ - Create workspace package.json + tsconfig.json for each package - Rename ~240 imports from @mariozechner/pi-* to @gsd/pi-* - Apply existing patches as source edits (setModel persist, VT input) - Remove @mariozechner/pi-coding-agent dep and patch-package - Update build pipeline to build packages in dependency order - Add pi-upstream git remote for future selective syncing Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-12 21:55:17 -06:00			`import type { AuthStorage } from '@gsd/pi-coding-agent'`
Initial commit 2026-03-10 22:28:37 -06:00
feat(wizard): branded setup UI with visual hierarchy, descriptions, and status feedback 2026-03-11 01:22:38 -06:00			`// ─── Env hydration ────────────────────────────────────────────────────────────`

Initial commit 2026-03-10 22:28:37 -06:00			`/**`
			`* Hydrate process.env from stored auth.json credentials for optional tool keys.`
			`* Runs on every launch so extensions see Brave/Context7/Jina keys stored via the`
			`* wizard on prior launches.`
			`*/`
			`export function loadStoredEnvKeys(authStorage: AuthStorage): void {`
			`const providers: Array<[string, string]> = [`
feat(wizard): branded setup UI with visual hierarchy, descriptions, and status feedback 2026-03-11 01:22:38 -06:00			`['brave', 'BRAVE_API_KEY'],`
feat(wizard): add BRAVE_ANSWERS_KEY support Brave now uses separate API keys per plan: - BRAVE_API_KEY (Search plan) → web search, LLM context, news, etc. - BRAVE_ANSWERS_KEY (Answers plan) → chat/completions Updated: - wizard: prompts for and stores both keys - loadStoredEnvKeys: hydrates BRAVE_ANSWERS_KEY from auth.json - smoke tests: covers BRAVE_ANSWERS_KEY hydration - verify-s03.sh: includes BRAVE_ANSWERS_KEY in env and structural checks 2026-03-10 22:44:28 -06:00			`['brave_answers', 'BRAVE_ANSWERS_KEY'],`
feat(wizard): branded setup UI with visual hierarchy, descriptions, and status feedback 2026-03-11 01:22:38 -06:00			`['context7', 'CONTEXT7_API_KEY'],`
			`['jina', 'JINA_API_KEY'],`
feat: add Tavily as alternative search provider (#102) Add Tavily Search API as an alternative backend for search-the-web and search_and_read tools. Tavily is selected automatically when TAVILY_API_KEY is set (preferred over Brave when both keys present). Existing Brave Search paths are completely unchanged. Motivation: Brave Search API signup requires Stripe payment which may not be available in all regions. Tavily offers a free tier and also provides a Deep Research API for future expansion. Changes: - Auth: Tavily API key in wizard, auth.json storage, env hydration - search-the-web: Tavily POST backend with response normalization - search_and_read: Tavily advanced search with client-side token budgeting - /search-provider: slash command for explicit provider switching - 61 new tests covering all Tavily integration paths - Zero changes to existing Brave code paths 2026-03-12 14:12:19 +01:00			`['tavily', 'TAVILY_API_KEY'],`
feat: remote user questions via Slack/Discord for headless auto-mode When ask_user_questions is called in non-interactive mode (ctx.hasUI = false), transparently route questions to a configured Slack or Discord channel and poll for the user's response. Same tool interface, automatic routing. - Add adapter pattern for Slack (Bot Token API) and Discord (HTTP API) - Add /gsd remote command for interactive setup wizard - Add SLACK_BOT_TOKEN / DISCORD_BOT_TOKEN to wizard and env hydration - Add remote_questions config to GSD preferences with merge support - Fix parseScalar to preserve large numeric IDs (Discord channel IDs) - Show remote channel status on session_start Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 11:28:23 -03:00			`['slack_bot', 'SLACK_BOT_TOKEN'],`
			`['discord_bot', 'DISCORD_BOT_TOKEN'],`
fix: Phase 1 quick wins — bug fixes, security hardening, and performance - Fix loadStoredEnvKeys divergent provider lists: add telegram_bot and custom-openai to wizard.ts (the canonical copy used by CLI), remove dead duplicate from onboarding.ts - Security: add SAFE_COMMAND_PREFIXES allowlist to resolveConfigValue to prevent arbitrary RCE via settings.json shell commands - Security: add TOFU (Trust On First Use) model for project-local extensions — skip untrusted .pi/extensions/ with stderr warning - Performance: debounce sql.js MemoryStorage persistence (500ms window) so rapid mutations coalesce into a single db.export()+writeFileSync - Fix double lstatSync call in tool-bootstrap.ts isRegularFile - Add 26 new tests covering all changes 2026-03-16 13:18:02 -05:00			`['telegram_bot', 'TELEGRAM_BOT_TOKEN'],`
feat(voice): Groq Whisper API backend for Linux voice mode (#366) 2026-03-14 15:08:36 +00:00			`['groq', 'GROQ_API_KEY'],`
feat: add Ollama Cloud as model and web tool provider (#430) (#434) Add Ollama Cloud (ollama.com) as a built-in provider with both model hosting and web search/fetch capabilities. Model provider: - 13 curated models via OpenAI-compatible API (Llama 3.1, Qwen 3, DeepSeek R1, Gemma 3, Mistral, Phi-4, GPT-OSS) - Auth via OLLAMA_API_KEY environment variable - Registered in onboarding, env hydration, and model resolver Web tool provider: - Search via POST ollama.com/api/web_search - Page fetch via POST ollama.com/api/web_fetch (fallback after Jina) - Added as third search provider option alongside Tavily and Brave - /search-provider command updated with ollama option Closes #430 2026-03-14 22:03:31 -05:00			`['ollama-cloud', 'OLLAMA_API_KEY'],`
fix: Phase 1 quick wins — bug fixes, security hardening, and performance - Fix loadStoredEnvKeys divergent provider lists: add telegram_bot and custom-openai to wizard.ts (the canonical copy used by CLI), remove dead duplicate from onboarding.ts - Security: add SAFE_COMMAND_PREFIXES allowlist to resolveConfigValue to prevent arbitrary RCE via settings.json shell commands - Security: add TOFU (Trust On First Use) model for project-local extensions — skip untrusted .pi/extensions/ with stderr warning - Performance: debounce sql.js MemoryStorage persistence (500ms window) so rapid mutations coalesce into a single db.export()+writeFileSync - Fix double lstatSync call in tool-bootstrap.ts isRegularFile - Add 26 new tests covering all changes 2026-03-16 13:18:02 -05:00			`['custom-openai', 'CUSTOM_OPENAI_API_KEY'],`
Initial commit 2026-03-10 22:28:37 -06:00			`]`
			`for (const [provider, envVar] of providers) {`
			`if (!process.env[envVar]) {`
fix(remote-questions): empty-key entry in auth.json shadows valid Discord bot token (#2737) * fix(remote-questions): empty-key entry in auth.json shadows valid Discord bot token removeProviderToken() called auth.set(provider, { key: '' }) instead of auth.remove(provider). Since AuthStorage.set() appends for api_key type (deduplicating by exact key match), this inserted an empty-key entry at index 0. Every credential lookup (.get(), .find()) matched the empty entry first, shadowing valid tokens at later indices. Fixes: - remote-command.ts: use auth.remove() instead of auth.set() with empty key - config.ts: hydrateRemoteTokensFromAuth .find() now requires non-empty key - wizard.ts: loadStoredEnvKeys uses getCredentialsForProvider + .find() instead of .get() which returns creds[0] - onboarding.ts: check existing tokens via .some() over full credentials array instead of .get() which only returns first entry - key-manager.ts: filter empty-key entries in getAllKeyStatuses, add/remove/ rotate provider pickers, and doctor env-conflict check Tests: 3186 pass, 0 fail across full GSD test suite * fix(config): ignore empty shadowing tool keys 2026-03-26 17:16:42 -05:00			`// Use getCredentialsForProvider to skip empty-key entries at index 0`
			`// (left by legacy removeProviderToken which used set() with empty key)`
			`const creds = authStorage.getCredentialsForProvider(provider)`
			`const cred = creds.find((c: any) => c.type === 'api_key' && c.key)`
			`if (cred?.type === 'api_key' && (cred as any).key) {`
			`process.env[envVar] = (cred as any).key as string`
Initial commit 2026-03-10 22:28:37 -06:00			`}`
			`}`
			`}`
			`}`