|
| 1 | +// Lazily install npm dependencies on first run, then dispatch to the |
| 2 | +// real hook-router or MCP server. This makes the plugin work after |
| 3 | +// `codex plugin install` or repo-local hook setup even when the plugin |
| 4 | +// directory has no node_modules. |
| 5 | +import { existsSync, writeFileSync, readFileSync } from "node:fs"; |
| 6 | +import { spawnSync } from "node:child_process"; |
| 7 | +import path from "node:path"; |
| 8 | +import { fileURLToPath } from "node:url"; |
| 9 | + |
| 10 | +const __dirname = path.dirname(fileURLToPath(import.meta.url)); |
| 11 | +const pluginRoot = path.dirname(__dirname); |
| 12 | +const installedMarker = path.join(pluginRoot, "node_modules", ".armorcodex-installed"); |
| 13 | +const packageFiles = [ |
| 14 | + path.join(pluginRoot, "node_modules", "@armoriq", "sdk", "package.json"), |
| 15 | + path.join(pluginRoot, "node_modules", "zod", "package.json"), |
| 16 | + path.join(pluginRoot, "node_modules", "@modelcontextprotocol", "sdk", "package.json"), |
| 17 | +]; |
| 18 | + |
| 19 | +// The marker is only trusted when all expected packages are also present. |
| 20 | +// Partial installs (e.g. zod present, sdk missing) would previously pass |
| 21 | +// the per-file check and the dispatch would crash on a missing import. |
| 22 | +function installedOk() { |
| 23 | + if (!existsSync(installedMarker)) return false; |
| 24 | + if (!packageFiles.every(existsSync)) return false; |
| 25 | + try { |
| 26 | + const markerVersion = readFileSync(installedMarker, "utf8").trim(); |
| 27 | + const pkg = JSON.parse( |
| 28 | + readFileSync(path.join(pluginRoot, "package.json"), "utf8") |
| 29 | + ); |
| 30 | + return markerVersion === pkg.version; |
| 31 | + } catch { |
| 32 | + return false; |
| 33 | + } |
| 34 | +} |
| 35 | + |
| 36 | +if (!installedOk()) { |
| 37 | + process.stderr.write("[armorcodex] installing dependencies (one-time)...\n"); |
| 38 | + const result = spawnSync("npm", ["install", "--omit=dev", "--silent", "--no-audit", "--no-fund"], { |
| 39 | + cwd: pluginRoot, |
| 40 | + stdio: ["ignore", "ignore", "inherit"] |
| 41 | + }); |
| 42 | + if (result.status !== 0) { |
| 43 | + process.stderr.write("[armorcodex] npm install failed (exit " + result.status + ")\n"); |
| 44 | + process.exit(1); |
| 45 | + } |
| 46 | + try { |
| 47 | + const pkg = JSON.parse( |
| 48 | + readFileSync(path.join(pluginRoot, "package.json"), "utf8") |
| 49 | + ); |
| 50 | + writeFileSync(installedMarker, pkg.version || "ok", "utf8"); |
| 51 | + } catch { |
| 52 | + // best-effort — if we can't write the marker the next run will reinstall |
| 53 | + } |
| 54 | +} |
| 55 | + |
| 56 | +// MCP servers and hook routers communicate with Codex via JSON-RPC / JSON |
| 57 | +// over stdio. Any non-JSON write to stdout corrupts the protocol and Codex |
| 58 | +// closes the transport. Redirect console.* to stderr so dependencies (the |
| 59 | +// ArmorIQ SDK in particular) can't accidentally pollute the channel. |
| 60 | +const _consoleRedirect = (...a) => { |
| 61 | + const line = a |
| 62 | + .map((x) => (typeof x === "string" ? x : JSON.stringify(x, null, 0))) |
| 63 | + .join(" "); |
| 64 | + process.stderr.write(line + "\n"); |
| 65 | +}; |
| 66 | +for (const m of ["log", "info", "warn", "error", "debug", "trace"]) { |
| 67 | + console[m] = _consoleRedirect; |
| 68 | +} |
| 69 | + |
| 70 | +const target = process.argv[2]; |
| 71 | +if (target === "router") { |
| 72 | + await import("./hook-router.mjs"); |
| 73 | +} else if (target === "mcp") { |
| 74 | + await import("./policy-mcp.mjs"); |
| 75 | +} else { |
| 76 | + process.stderr.write("[armorcodex] bootstrap: unknown target '" + target + "'\n"); |
| 77 | + process.exit(2); |
| 78 | +} |
0 commit comments